You can run multiple OSs on top of VirtualBox, as guest OSs under one host operating system. Each guest OS can be independently started, stopped, and paused. You can configure each VM independently depending on its role or purpose. For example, you can have a VM running on Linux installed with an Oracle database that will play a role in the database server, whereas another VM can run on Windows hosting an Apache Tomcat installation and running as an application server. You can run the guest VM either on software or hardware assisted virtualization depending on the host hardware supportability. But virtualizing an OS on an x86 processor without any hardware virtualization support is a very tough and complicated task.
Processors provide a mechanism that allows different programs to run at different privilege levels, which ensures that applications should not able to have privileged access to processors, hardware, and so on. This mechanism is known as rings or protection rings. The following diagram shows this architecture:
It starts with Ring 0, the lowest and the most privileged level. It interacts directly with the physical hardware, such as CPU and memory. Generally, kernel services are the most privileged services for all OSs; they run on Ring 0 and application/user programs run on Ring 3.
For each individual virtual guest OS, VirtualBox creates a separate process on top of the host OS. All of the guest user code runs natively on Ring 3. Guest kernels run on Ring 1, which helps in protecting the host against failures in the guest. The VMM scans the Ring 1 code to maintain proper execution and operation of the guest kernel. It does so by either replacing the faulty code path with direct hypervisor calls or executing them in a safe emulator with the help of a code scanner that is unique to each guest. VM emulators comes into the picture only when the VMM is not able to find what the Ring 1 guest code is doing. VirtualBox uses QEMU as an emulator.
Processor virtualization also has several methods, such as full virtualization and paravirtualization.