VanguardLH wrote:
Quote:
> Dave Warren wrote:
> Quote:
>> In message <gv5748$usq$1@xxxxxx-september.org> VanguardLH
>> <V@xxxxxx> was claimed to have wrote:
>> Quote:
>>> kellyapproved@xxxxxx wrote:
>>>
>>>> When you setup a guest OS, you need to allocate RAM to it.
>>>>
>>>> Let's say you have a host with 3 GB of RAM with two guests, each of
>>>> which you allocate 1 GB of RAM.
>>>>
>>>> If both guests are in use, the host and two guests will get 1 GB of
>>>> RAM each.
>>>>
>>>> Is there a way to set it so that if only 1 guest is in use, it can
>>>> draw on the spare RAM that is allocated to the other guest that is not
>>>> used.
>>> If one VM could monitor the memory usage of another VM to see what
>>> blocks were unallocated, you just threw out the isolation that
>>> virtualization is supposed to afford for security.
>> With all due respect, that isn't true at all. VMWare allows RAM to be
>> over-allocated, which would be the first step to implementing this
>> request.
>>
>> To avoid the performance implications of over-utilizing RAM, a second
>> step would be to have the integration components/additions/tools report
>> back the amount of available RAM within each VM to the host, and the
>> host would reply back telling the additions to allocate or release RAM
>> within each guest, tricking the guest into not using certain amounts of
>> RAM to make that RAM available to the host (and therefore, for
>> allocation to other VMs)
>>
>> Guests already communicate with hosts in a number of ways, adding a
>> counters for available RAM, available clean pages, cache sizes and an
>> API to the guest components wouldn't cause any sort of security issue if
>> implemented properly. >
> http://www.vmware.com/pdf/esx3_memory.pdf
>
> It does talk about overcommitting the memory (i.e., having multiple
> guests with a reserve specified for each whose total exceeds the real
> memory for the host). It also mentions reallocation -- and that's where
> they also mention clearing the reallocated memory to provide the
> security of which I mention between those guests.
>
> Allocating memory doesn't wipe it. Deallocating memory doesn't wipe it.
> Whose going to do the wiping? In this case, the VMM has to do the
> wiping and that means overhead. Their ESX product does that. Does
> their free VMWare Server? I didn't see mention in VMWare Server's
> manual that its VMM will reallocate and wipe memory between guests
> (http://www.vmware.com/pdf/vmserver2.pdf). I'm still reading but
> reserve, overcommittment, and swapping are not reallocating wiped memory
> from a pool to share amongst guests. Technologies employed in a
> rebranded Connectrix variant that targets consumer-grade platforms
> hardly equates with VMware's enterprise solutions for server-quality
> hosts. Wiping memory before allocating it to another process (in a single OS)
or another virtual machine (in a VMM) is a standard and trivial security
requirement for physical memory management code. All the NT-derived
Windows versions (including consumer-grade XP Home) do it for processes.
There is also a really good chance that at least the Microsoft "cleaned
up" versions of the old Connectix VPC co debase do it already for the
initial RAM allocation made for a newly started VPC.
Quote:
>
> If anything like VMware's ESX memory sharing shows up in a Microsoft
> product, I'd expect it to show up in their Hyper-V product, not in
> something like VirtualPC. That's not to say Hyper-V has wiped memory
> reallocation for sharing a memory pool across guests. I'm saying it's
> no big surprise that VPC doesn't have it. Can reallocation between
> guests be done? Yes. WILL it be done in VirtualPC? No, not without
> such a massive overhaul that it isn't VirtualPC anymore, becomes an
> enterprise-level product, and probably won't be free so we wouldn't be
> discussing it here.
I think you are greatly confused here. Just because VMware Inc may be
offering this feature in their enterprise product does not make it an
enterprise feature. On the contrary, the ability to run virtual
machines whose total virtual RAM exceed you physical RAM is very much a
desktop feature too. A really common case would be running a virtual
Vista and a virtual XP on a Win7 laptop whose physical RAM size is just
big enough to run one of the 3, and cannot be easily/cheaply upgraded.
While the VMware ESX micro operating system (it runs on the bare metal
with no normal Host OS) may use impressive names such as
"overcommitting" memory; But when running on top of a full featured
Windows OS, this all translates into simply allowing the virtual RAM to
be allocated from virtual memory rather than physical memory, and then
*optionally* adding some extra code to reduce the amount of swapping by
forcing the Guest OS-es to leave spare memory unused rather than using
it to "cache" disk I/O.
--
Jakob Bøhm, M.Sc.Eng. * jb@xxxxxx * direct tel:+45-45-90-25-33
Netop Solutions A/S * Bregnerodvej 127 * DK-3460 Birkerod * DENMARK
http://www.netop.com * tel:+45-45-90-25-25 * fax:+45-45-90-25-26
Information in this mail is hasty, not binding and may not be right.
Information in this posting may not be the official position of Netop
Solutions A/S, only the personal opinions of the author.