Xinghui Zhu,Guang Lu,Fei Yu,Shuqiang Yang,Miaoliang Zhu

DOI: https://doi.org/10.1109/IMSCCS.2006.108

2006-01-01

Abstract:In today's operating system, memory management policies based on the data-copying and hidden mechanisms blocks the system performance which is far from expectation. This paper introduces an innovative memory management system powered by vertical architecture PVM. The paper first describes the model and architecture of PVM, followed by an analysis of lazy management of virtual address space and the management of two-layer-cached physical memory.

Yajin Zhou,Xiaoguang Wang,Yue Chen,Zhi Wang

DOI: https://doi.org/10.1145/2660267.2660344

2014-01-01

Abstract:Software fault isolation (SFI) is an effective mechanism to confine untrusted modules inside isolated domains to protect their host applications. Since its debut, researchers have proposed different SFI systems for many purposes such as safe execution of untrusted native browser plugins. However, most of these systems focus on the x86 architecture. In recent years, ARM has become the dominant architecture for mobile devices and gains in popularity in data centers. Hence there is a compelling need for an efficient SFI system for the ARM architecture. Unfortunately, existing systems either have prohibitively high performance overhead or place various limitations on the memory layout and instructions of untrusted modules.In this paper, we propose ARMlock, a hardware-based fault isolation for ARM. It uniquely leverages the memory domain support in ARM processors to create multiple sandboxes. Memory accesses by the untrusted module (including read, write, and execution) are strictly confined by the hardware, and instructions running inside the sandbox execute at the same speed as those outside it. ARMlock imposes virtually no structural constraints on untrusted modules. For example, they can use self-modifying code, receive exceptions, and make system calls. Moreover, system calls can be interposed by ARMlock to enforce the policies set by the host. We have implemented a prototype of ARMlock for Linux that supports the popular ARMv6 and ARMv7 sub-architecture. Our security assessment and performance measurement show that ARMlock is practical, effective, and efficient.

Haeyoung Kim,Harashta Tatimma Larasati,Jonguk Park,Howon Kim,Donghyun Kwon

DOI: https://doi.org/10.3390/s23073568

2023-03-29

Abstract:Memory isolation is an essential technology for safeguarding the resources of lightweight embedded systems. This technique isolates system resources by constraining the scope of the processor's accessible memory into distinct units known as domains. Despite the security offered by this approach, the Memory Protection Unit (MPU), the most common memory isolation method provided in most lightweight systems, incurs overheads during domain switching due to the privilege level intervention. However, as IoT environments become increasingly interconnected and more resources become required for protection, the significant overhead associated with domain switching under this constraint is expected to be crucial, making it harder to operate with more granular domains. To mitigate these issues, we propose DEMIX, which supports efficient memory isolation for multiple domains. DEMIX comprises two mainelements-Domain-Enforced Memory Isolation and instruction-level domain isolation-with the primary idea of enabling granular access control for memory by validating the domain state of the processor and the executed instructions. By achieving fine-grained validation of memory regions, our technique safely extends the supported domain capabilities of existing technologies while eliminating the overhead associated with switching between domains. Our implementation of eight user domains shows that our approach yields a hardware overhead of a slight 8% in Ibex Core, a very lightweight RISC-V processor.

Sai Sha,Chuandong Li,Xiaolin Wang,Zhenlin Wang,Yingwei Luo

DOI: https://doi.org/10.1145/3639564

2024-02-15

ACM Transactions on Computer Systems

Abstract:The tiered-memory system can effectively expand the memory capacity for virtual machines (VMs). However, virtualization introduces new challenges specifically in enforcing performance isolation, minimizing context switching, and providing resource overcommit. None of the state-of-the-art designs consider virtualization and address these challenges; we observe that a VM with tiered memory incurs up to a 2× slowdown compared to a DRAM-only VM. We propose vTMM , a hardware-software collaborative tiered-memory management framework for virtualization. A key insight in vTMM is to leverage the unique system features in virtualization to meet the above challenges. vTMM automatically determines page hotness and migrates pages between fast and slow memory to achieve better performance. Specially, vTMM optimizes page tracking and migration based on page-modification logging (PML), a hardware-assisted virtualization mechanism, and adaptively distinguishes hot/cold pages through the page “temperature” sorting. vTMM also dynamically adjusts fast memory among multi-VMs on demand by using a memory pool. Further, vTMM tracks huge pages at regular-page granularity in hardware and splits/merges pages in software, realizing hybrid-grained page management and optimization. We implement and evaluate vTMM with single-grained page management on an Intel processor, and the hybrid-grained page management on a Sunway processor with hardware mode supporting hardware/software co-designs. Experiments show that vTMM outperforms existing tiered-memory management designs in virtualization.

computer science, theory & methods

Sai sha,Chuandong Li,Yingwei Luo,Xiaolin Wang,Zhenlin Wang

DOI: https://doi.org/10.48550/arXiv.2209.13111

2022-09-27

Abstract:The memory demand of virtual machines (VMs) is increasing, while DRAM has limited capacity and high power consumption. Non-volatile memory (NVM) is an alternative to DRAM, but it has high latency and low bandwidth. We observe that the VM with heterogeneous memory may incur up to a $1.5\times$ slowdown compared to a DRAM VM, if not managed well. However, none of the state-of-the-art heterogeneous memory management designs are customized for virtualization on a real system. In this paper, we propose HMM-V, a Heterogeneous Memory Management system for Virtualization. HMM-V automatically determines page hotness and migrates pages between DRAM and NVM to achieve performance close to the DRAM system. First, HMM-V tracks memory accesses through page table manipulation, but reduces the cost by leveraging Intel page-modification logging (PML) and a multi-level queue. Second, HMM-V quantifies the ``temperature'' of page and determines the hot set with bucket-sorting. HMM-V then efficiently migrates pages with minimal access pause and handles dirty pages with the assistance of PML. Finally, HMM-V provides pooling management to balance precious DRAM across multiple VMs to maximize utilization and overall performance. HMM-V is implemented on a real system with Intel Optane DC persistent memory. The four-VM co-running results show that HMM-V outperforms NUMA balancing and hardware management (Intel Optane memory mode) by $51\%$ and $31\%$, respectively.

Operating Systems

陈文智,姚远,杨建华,何钦铭

DOI: https://doi.org/10.3724/sp.j.1016.2009.01311

2009-01-01

Chinese Journal of Computers

Abstract:With the rapidly development of personal computer hardware,to construct multiple isolated computing domains through virtualization technology has already become a future direction of PC. To avoid the difficulties caused by implementing VMM on traditional IA-32 architecture through software virtualization technology,the authors designed and implemented a VMM based on Intel VT-x technology — Pcanel/V2. Pcanel/V2 utilizes the latest hardware virtualization technology to configure a controllable virtual execution environment and run multiple operating systems directly without any modification of source code. While the accesses to hardware resources by the guest operating system are monitored,various sensitive situations which occur in the guest operating system can also be handled correspondingly by Pcanel/V2. Concurrent execution of Linux and VxWorks on Pcanel/V2 has been realized and corresponding evaluation results show that Pcanel/V2 architecture simplifies the complexity of the design process while increasing the overall performance by approximately 10% compared to software virtual technology.

Xian Chen,Wenzhi Chen,Peng Long,Zhongyong Lu,Zonghui Wang

DOI: https://doi.org/10.1109/cbd.2013.32

2013-01-01

Abstract:For the ability to explore the memory's fullest potential, memory de-duplication has been widely experimented with in current main stream virtualization platforms. A lot of work has been done to improve the efficiency of memory de-duplication, while too little attention was paid to the introduced security issues which have been proved by prior work. To deal with this security risk and efficiently manage the memory we start our work in this paper. We first conduct extensive experiments on different OS platforms to study the realistic situation of page sharing. By analyzing the results we find: 1) Page sharing is contributed mostly by self-sharing (nearly 90%), and the self-sharing rate varies significantly between Linux and Windows OS platforms. Compared with self-sharing the inter-VM sharing rate is extremely low, under 1% in most cases. 2) Page size has a larger influence on Linux platform than Windows platform, so sub-page de-duplication proposed in prior work may achieve better performance on Linux platform. On the basis of above findings we propose a group-based secure page sharing model (or GSKSM), in which we consider both VM processes and normal processes. We have successfully implemented it in Linux kernel 3.6.6, and the experiment results show it works well with negligible overhead. Finally based on GSKSM we further present an efficient memory management approach (or SEMMA), which combines GSKSM and balloon technique to efficiently manage the memory, and the preliminary experiment result is satisfactory.

Anish Saxena,Walter Wang,Alexandros Daglis

2024-09-24

Abstract:Rowhammer is a hardware security vulnerability at the heart of every system with modern DRAM-based memory. Despite its discovery a decade ago, comprehensive defenses remain elusive, while the probability of successful attacks grows with DRAM density. Hardware-based defenses have been ineffective, due to considerable cost, delays in commercial adoption, and attackers' repeated ability to circumvent them. Meanwhile, more flexible software-based solutions either incur substantial performance and memory capacity overheads, or offer limited forms of protection. Citadel is a new memory allocator design that prevents Rowhammer-initiated security exploits by addressing the vulnerability's root cause: physical adjacency of DRAM rows. Citadel enables creation of flexible security domains and isolates different domains in physically disjoint memory regions, guaranteeing security by design. On a server system, Citadel supports thousands of security domains at a modest 7.4% average memory overhead and no performance loss. In contrast, recent domain isolation schemes fail to support many workload scenarios due to excessive overheads, and incur 4--6x higher overheads for supported scenarios. As a software solution, Citadel offers readily deployable Rowhammer-aware isolation on legacy, current, and future systems.

Cryptography and Security

Sai Sha,Chuandong Li,Yingwei Luo,Xiaolin Wang,Zhenlin Wang

DOI: https://doi.org/10.1145/3552326.3587449

2023-01-01

Abstract:The memory demand of virtual machines (VMs) is increasing, while the traditional DRAM-only memory system has limited capacity and high power consumption. The tiered memory system can effectively expand the memory capacity and increase the cost efficiency. Virtualization introduces new challenges for memory tiering, specifically enforcing performance isolation, minimizing context switching, and providing resource overcommit. However, none of the state-of-the-art designs consider virtualization and thus address these challenges; we observe that a VM with tiered memory incurs up to a 2x slowdown compared to a DRAM-only VM. This paper proposes vTMM, a tiered memory management system specifically designed for virtualization. vTMM automatically determines page hotness and migrates pages between fast and slow memory to achieve better performance. A key insight in vTMM is to leverage the unique system characteristics in virtualization to meet the above challenges. Specifically, vTMM tracks memory accesses with page-modification logging (PML) and a multi-level queue design. Next, vTMM quantifies the page "temperature" and makes a fine-grained page classification with bucket-sorting. vTMM performs page migration with PML while providing resource overcommit by transparently resizing VM memory through the two-dimensional page tables. In combination, the above techniques minimize overhead, ensure performance isolation and provide dynamic memory partitioning to improve the overall system performance. We evaluate vTMM on a real DRAM+NVM system and a simulated CXL-Memory system. The results show that vTMM outperforms NUMA balancing, Intel Optane memory mode and Nimble (an OS-level tiered memory management system) for VM tiered memory management. Multi-VM co-running results show that vTMM improves the performance of a DRAM+NVM system by 50%-140% and a CXL-Memory system by 16% - 40%, respectively.

Wei Chen,Hongyi Lu,Li Shen,Zhiying Wang,Nong Xiao

DOI: https://doi.org/10.1109/EUC.2008.95

2008-01-01

Abstract:Previous full virtualization techniques are implemented in software without any hardware assist. In this paper, for the first time, we propose an advanced hardware assisted full virtualization architecture-Dynamic Binary Translation in DIMM (DBTIM). We integrate a reconfigurable dynamic binary translation chip into a DIMM. DBTIM could be inserted to the mainboard as a normal DIMM, hence easily making the host CPU virtualizable. We also implement a DBTIM prototype on FPGA. Furthermore, we propose an EDBTIM technique-Enhanced Dynamic Binary Translator in Memory, which integrates dynamic binary translator and memory on one SDRAM chip. We analyze our new approaches and compare them with other modern virtualization techniques. We demonstrate that the new techniques in this paper could provide full virtualization to all kinds of CPU architectures, including x86, with better virtualization capability, better software and hardware compatibility, better performance and lower overheads.

Guoxi Li,Wenzhi Chen,Yang Xiang

DOI: https://doi.org/10.1109/tc.2020.3009124

2021-01-01

Abstract:Currently, with the booming growth of cloud computing, workloads from broad ranges of functions and demands are crammed into a single physical machine. They lay considerable stress on the need of evolution of the operating system underneath, especially the memory subsystem. Even enhancing large pages with main memory compression is not intuitively straightforward due to rigid rules imposed by the state-of-the-art manager Buddy System from the beginning of the design. To relieve the aforementioned problems and provide broader design space for system designers, we propose Zweilous, a clean slate physical memory management framework. It is self-contained, highly decoupled, and thus can co-exist with the vanilla memory manager. Separate self-contained metadata/functions guarantee a flexible extension with little modification to current frameworks. To show it is easy to add enhanced functions that accelerate the evolution of the memory management subsystem, we implement Hzmem, a new large page memory manager redesign enhanced with the function of main memory compression. Our method achieves competitive performance compared with native and virtualized large page support, effective memory size increased and fewer impacts on other parts of the operating system.

Xian Chen,Wenzhi Chen,Zhongyong Lu,Yu Zhang,Rui Chang,Mohammad Mehedi Hassan,Abdulhameed Alelaiwi,Yang Xiang

DOI: https://doi.org/10.1002/cpe.4028

2017-01-01

Abstract:SummaryWith the advantages of extremely high access speed, low energy consumption, nonvolatility, and byte addressability, nonvolatile memory (NVM) device has already been setting off a revolution in storage field. Conventional storage architecture needs to be optimized or even redesigned from scratch to fully explore the performance potential of NVM device. However, most previous NVM‐related works only explore its low access latency and low energy consumption. Few works have been done to explore the appropriate way to use NVM device for improving virtual machine's storage performance. In this paper, we comprehensively evaluate and analyze conventional virtual machine's storage architecture. We find that, even with cutting‐edge optimization technologies, virtual machine can only achieve 30% of NVM device's original performance. Based on this observation, we propose a memory bus–based storage architecture, which we named MBSA. Memory bus–based storage architecture can greatly shorten the length of virtual machine's storage input/output stack and improve NVM device's use flexibility. In addition, an efficient wear‐leveling algorithm is proposed to prolong NVM device's lifespan. To evaluate the new architecture, we implement it as well as the wear‐leveling algorithm on real hardware and software platform. Experimental results show that MBSA can provide a big performance improvement, about 2.55X, and the wear‐leveling algorithm can efficiently balance write operations on NVM device with a negligible performance overhead (no more than 3%).

HaoGang Chen,XiaoLin Wang,ZhenLin Wang,BinBin Zhang,YingWei Luo,XiaoMing Li

DOI: https://doi.org/10.1007/s11432-010-3113-y

2010-01-01

Science China Information Sciences

Abstract:Memory virtualization is an important part in the design of virtual machine monitors (VMM). In this paper, we proposed dynamic memory mapping (DMM)model, a mechanism that allows the VMM to change the mapping between a virtual machine’s physical memory and the underlying hardware resource while the virtual machine is running. By utilizing DMM, the VMM can implement many novel memory management policies, such as Demand Paging, Swapping, Ballooning, Memory Sharing and Copy-On-Write, while preserving compatibility with various architectures. The modular and hierarchical property of the DMM model efficiently incorporates the high-level policies and the low-level implementations, leading to a feature-adjustable VMM design. We presented the principle of the DMM model, and explained the procedures of various memory management policies under this model. Also, we implement the DMM model in KVM, an open source VMM. Our evaluation shows that the DMM model is efficient enough to provide the benefits of dynamic memory resource management with little performance impact.

Huailiang Tan,Lianjun Huang,Zaihong He,Youyou Lu,Xubin He

DOI: https://doi.org/10.1016/j.jnca.2013.05.010

IF: 7.574

2014-01-01

Journal of Network and Computer Applications

Abstract:In a consolidated server system that uses virtualization, accesses to physical network devices from guest virtual machines (DomUs) need to be coordinated. In this environment, virtualized network devices are required to service workloads executing concurrently from multiple DomUs, with potentially diverse network data delivery requirements. Although a number of methods have been developed for I/O performance virtualization among multiple DomUs, previously proposed researches focused either on improving network I/O performance and lowering overhead from hardware and software, or on achieving network I/O fairness by directly applying special physical network interface cards. We argue that it is important to allocate network I/O bandwidth fairly and stably among multiple DomUs based on pure software approaches and not to hinder live migration and portability of virtual machines. This paper proposes Dynamic Mapping of Virtual Link (DMVL) method, which prevents the interference between multiple DomUs by introducing separated Logical Data Path (LDP) and I/O request queue for each DomU. In DMVL, several techniques are employed. Firstly, we provide isolated I/O bandwidth guarantees to each DomU by mapping a separate LDP to I/O device for each DomU and using multi-queue. Then, the adjusted LDP bandwidth quantity is converted into adjusted credit count, and credit transferring and updating methods based on shared logs are introduced to adjust LDPs bandwidth dynamically. Finally, we improve lottery scheduling algorithm based on shared logs to implement adaptive bandwidth adjustment to meet proportional multi-queue scheduling at lower cost. The proposed techniques are implemented on the Xen virtual network, and evaluated with micro-benchmarks and simulated workloads on Linux guest operating systems. Experimental results show that DMVL improves fairness by at least 60% and stability by at least 29% in the cases of three or more virtual DomUs running on the same physical host.

Licheng Chen,Yongbing Huang,Yungang Bao,Onur Mutlu,Guangming Tan,Mingyu Chen

DOI: https://doi.org/10.1145/1995896.1995962

2011-01-01

Abstract:ABSTRACTIn modern multi-core chip architecture, the DRAM system is shared by more and more cores and high bandwidth I/O devices. This trend would make the problem of request contention and un-fairness more serious. Previous research focused on memory sche-duling mechanisms to efficiently and fairly serve memory requests generated by multiple cores. However, the performance is mod-erately improved due to the limited bank-level parallelism in preva-lent DRAM chips. Based on the observation that virtual channel memory (VCM) provides more opportunities for exploiting MLP because it has more channel buffers than banks in conventional DRAM chip, we evaluate VCM technology as an alternative to DRAM for addressing the issues of contention, unfairness and MLP. In this work we implement VCM and leverage the state of art scheduling mechanism on a multi-core architecture. The experi-mental results show that (i) VCM with 32 channels improves ho-mogeneous workloads' IPC by 2.08X on a 16-core system compared to the system with conventional DRAM chips, causing extra area cost by 0.5%, and dynamic and background power pe-nalties by only 5.8% and 0.03% respectively. (ii) For heterogene-ous workloads, VCM significantly reduces unfairness by 82.0% as well as improves the workloads' performance by 1.86X in term of system throughput.

Huailiang Tan,Yanjie Tan,Xiaofei He,Kenli Li,Keqin Li

DOI: https://doi.org/10.1109/tpds.2018.2865341

IF: 5.3

2018-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:In modern virtual computing environment, the 2D/3D rendering performance and parallel computing potential of GPU (graphics processing unit) must be fully exploited for multiple virtual machines (VMs). Existing GPU virtualization techniques are unable to take full advantage of a GPU's powerful 2D/3D hardware-accelerated graphics rendering performance or parallel computing potential, or it has not been considered that the internal resources of a GPU domain are fairly allocated between VMs with different performance requirements. Therefore, we propose a multi-channel GPU virtualization architecture (VMCG), model the corresponding credit allocating and transferring mechanisms, and redesign the virtual multi-channel GPU fair-scheduling algorithm. VMCG provides a separate V-Channel for each guest VM (DomU) that competes with other VMs for the same physical GPU resources, and each DomU submits command request blocks to its respective V-Channel according to the corresponding DomU ID. Through the virtual multi-channel GPU fair-scheduling algorithm, not only do multiple DomUs make full use of native GPU hardware acceleration, but the fairness of GPU resource allocation is significantly improved during GPU-intensive workloads from multiple DomUs running on the same host. Experimental results show that, for 2D/3D graphics applications, performance is close to 96 percent of that of the native GPU, performance is improved by approximately 500 percent for parallel computing applications, and GPU resource-allocation fairness is improved by approximately 60-80 percent.

XiaoLin Wang,YingWei Luo

DOI: https://doi.org/10.1007/s11434-010-9985-9

2010-01-01

Chinese Science Bulletin

Abstract:The Department of Computer Science and Technology, Peking University, Beijing, China, has shown that a novel Dynamic Memory Mapping (DMM) model brings about additional flexibility to virtual resource management, leading to the feature-adjustable design of a virtual machine monitor (VMM). The study is reported in Issue 53 (June, 2010) of SCIENCE CHINA Information Sciences because of its significant research value. Memory is one of the most frequently accessed components in virtual machine (VM) systems. Because a VM’s memory requirement varies according to the running applications, disregarding the dynamic changes can result in suboptimal use of memory resources, which negatively affects the VM’s performance. However, because the infrastructures of current technologies are usually independent of each other, they exhibit poor extensibility, integrity, and maintainability. To improve the flexibility and extensibility of the VMM, we need to implement a dynamic memory management mechanism in the VMM, while preserving the high efficiency of memory accesses from virtual machines. To resolve these problems, this work proposes a DMM model [1]. The DMM model is a low-level memory management mechanism, which allows dynamic change of the mapping between the pseudo-physical memory as seen from VMs and the machine memory, while the virtual machine is running. On one hand, DMM is independent of, yet compatible with, various virtualization architectures, while on the other, it presents a uniform upward interface for supporting high-level memory management policies. As a result, the DMM layer incorporates high-level policies and low-level implementations by making both of them adjustable. In this work, Prof. Wang, Prof. Luo and their group present the principle of the DMM model, and explain the procedures of various memory management policies under this model, such as demand paging, virtual memory and memory sharing. They also implement the DMM model in KVM, an open source VMM. They first designed a memory pool, a set of machine pages provided by the VMM to a particular virtual machine whose size could be expanded or shrunk while operating. To make the model work in a real system, they manipulated a page-level protection mechanism to propagate memory-mapping updates to the shadow page tables, which is the only way for a VM to access its virtualized memory. They also utilized reverse mapping, a data structure that maps a machine page back to all the shadow page table entries that have mapped it, to facilitate the mapping propagation. The DMM model has several advantages over the current memory management mechanism in VMMs. The first is platform independency—the model is defined abstractly, thus is independent of implementations and computer architectures. The second is flexibility—the DMM model provides a uniform interface for integrating advanced memory management policies. Through the general mechanism, they can work together without conflict. Last but not least, the modular and layered design of the DMM reduces the complexity of a VMM’s code base, and therefore improves the security and dependability of the system. A journal reviewer noted:“This paper addresses the inefficiency in the design of current virtual machine monitors. Their approach is novel and systematic, and incurs only minor overheads. The result is of academic significance and practical value”. Another reviewer said, “It enriches and expands the capacity and capability of virtualization. It offers us new methods to deploy and manage large numbers of virtual machines”. A series of papers about virtual machine system optimization written by Prof. Wang, Prof. Luo and their group have been published in SCIENCE CHINA Information Sciences [2], IEEE Cluster [3], ACM SIGOPS Operating System Review [4]. The authors are affiliated to the Institute of Network Computing and Information Systems (NCIS, http://ncis.pku.edu.cn) at Peking University. This institute, led by Prof. LI XiaoMing, conducts research mainly in the fields of high productivity computing, search engine and Web mining, distributed systems, internet and mobile computing, and database technology.

XiaoLin Wang

DOI: https://doi.org/10.1007/s11434-010-9995-7

2010-01-01

Abstract:Professors Wang and Luo and their group in the Department of Computer Science and Technology, Peking University (PKU), have recently introduced a new memory virtualization technique called Dynamic Memory Paravirtualization (DMP). With DMP, binary code in the guest operating system can be dynamically patched by the hypervisor for improved performance. Their study is published in Issue 53 (January 2010) of SCIENCE CHINA Information Sciences and is a significant contribution to system virtualization technology. Virtualization, as a key technical basis of cloud computing, is predicted to have the highest impact on the future trends of service center infrastructure and operations through to 2012. Both Intel and AMD have redesigned their processors to enable hardware virtualization support. Several kinds of virtual machine monitors, such as Xen, VMware and KVM, have been developed using paravirtualization or full virtualization technology. Paravirtualization can reduce the overhead of virtualization dramatically, but the source code of the guest operating system needs to be modified following the paravirtualization guide. Full virtualization does not require any change to the existing guest operation system, but usually needs virtualization assistance from hardware, and thus suffers a significant loss of performance. As shown in the Figure 1, dynamic paravirtualization, as the core idea of DMP, differing from both paravirtualization and full virtualization, introduces a novel approach to designing a virtual machine monitor. In dynamic paravirtualization, the virtual machine monitor dynamically monitors and replaces hot instructions, which cause the greatest overhead for virtualization, in the guest operating system. The replacement of hot instructions is completely transparent to the guest operating system. “We are able to gain the performance benefit of paravirtualization while keeping the applicability of full virtualization to legacy operation systems”, said Professors Wang and Luo.

XiaoLin Wang,YiFeng Sun,YingWei Luo,ZhenLin Wang,Yu Li,BinBin Zhang,HaoGang Chen,XiaoMing Li

DOI: https://doi.org/10.1007/s11432-010-0008-x

2010-01-01

Science in China Series F Information Sciences

Abstract:This paper introduces dynamic paravirtualization, which imitates paravirtualization and aims at reducing VM exits of full virtualization with hardware support. In dynamic paravirtualization, VMM (virtual machine monitor) dynamically monitors and replaces the hot instructions, which cause most VM exits. It is transparent to the guest OS such that the legacy OSes can benefit from this optimization. Our study focuses on reducing the overhead of memory virtualization—dynamic memory paravirtualization (DMP). We implant a new memory management mechanism in VMM such that all user-mode page faults can be handled by the guest OS directly without VM exits. We implement a prototype of dynamic memory paravirtulization based on a version of KVM using Intel VT. Our experimental results show that our technique essentially eliminates the overhead of VM exits caused by page faults. Dynamic memory paravirtualization can achieve the effectiveness of paravirtualization without changing the source code of guest OS.

Claudio Canella,Andreas Kogler,Lukas Giner,Daniel Gruss,Michael Schwarz

DOI: https://doi.org/10.48550/arXiv.2111.10876

2021-11-22

Abstract:Modern applications often consist of different security domains that require isolation from each other. While several solutions exist, most of them rely on specialized hardware, hardware extensions, or require less-efficient software instrumentation of the application. In this paper, we propose Domain Page-Table Isolation (DPTI), a novel mechanism for hardware-enforced security domains that can be readily used on commodity off-the-shelf CPUs. DPTI uses two novel techniques for dynamic, time-limited changes to the memory isolation at security-critical points, called memory freezing and stashing. We demonstrate the versatility and efficacy of DPTI in two scenarios: First, DPTI freezes or stashes memory to support faster and more fine-grained syscall filtering than state-of-the-art seccomp-bpf. With the provided memory safety guarantees, DPTI can even securely support deep argument filtering, such as string comparisons. Second, DPTI freezes or stashes memory to efficiently confine potentially untrusted SGX enclaves, outperforming existing solutions by 14.6%-22% while providing the same security guarantees. Our results show that DPTI is a viable mechanism to isolate domains within applications using only existing mechanisms available on modern CPUs, without relying on special hardware instructions or extensions

Cryptography and Security