skip to main content
research-article

SymCall: symbiotic virtualization through VMM-to-guest upcalls

Published:09 March 2011Publication History
Skip Abstract Section

Abstract

Symbiotic virtualization is a new approach to system virtualization in which a guest OS targets the native hardware interface as in full system virtualization, but also optionally exposes a software interface that can be used by a VMM, if present, to increase performance and functionality. Neither the VMM nor the OS needs to support the symbiotic virtualization interface to function together, but if both do, both benefit. We describe the design and implementation of the SymCall symbiotic virtualization interface in our publicly available Palacios VMM for modern x86 machines. SymCall makes it possible for Palacios to make clean synchronous upcalls into a symbiotic guest, much like system calls. One use of symcalls is to allow synchronous collection of semantically rich guest data during exit handling in order to enable new VMM features. We describe the implementation of SwapBypass, a VMM service based on SymCall that reconsiders swap decisions made by a symbiotic Linux guest. Finally, we present a detailed performance evaluation of both SwapBypass and SymCall.

References

  1. KVM: Kernel-based virtualization driver. White Paper.Google ScholarGoogle Scholar
  2. Baiardi, F., and Sgandurra, D. Building trustworthy intrusion detection through vm introspection. In IAS '07: Proceedings of the Third International Symposium on Information Assurance and Security (Washington, DC, USA, 2007), IEEE Computer Society, pp. 209--214. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. Xen and the art of virtualization. In 19th ACM Symposium on Operating Systems Principles (SOSP) (October 2003). Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Chen, P. M., and Noble, B. D. When virtual is better than real. In The 8th Workshop on Hot Topics in Operating Systems (HotOS-VIII) (2001). Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Chen, X., Garfinkel, T., Lewis, E. C., Subrahmanyam, P., Waldspurger, C. A., Boneh, D., Dwoskin, J., and Ports, D. R. K. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '08) (Seattle, WA, USA, Mar. 2008). Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Clark, D. D. The structuring of systems using upcalls. In Proceedings of the tenth ACM symposium on Operating systems principles (SOSP) (1985). Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Garfinkel, T., and Rosenblum, M. A virtual machine introspection based architecture for intrusion detection. In Proc. Network and Distributed Systems Security Symposium (2003), pp. 191--206.Google ScholarGoogle Scholar
  8. Gupta, A. Black Box Methods for Inferring Parallel Applications Properties in Virtual Environments. PhD thesis, Northwestern University, Department of Electrical Engineering and Computer Science, March 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Antfarm: tracking processes in a virtual machine environment. In ATEC '06: Proceedings of the annual conference on USENIX '06 Annual Technical Conference (Berkeley, CA, USA, 2006), USENIX Association, pp. 1--1. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Geiger: monitoring the buffer cache in a virtual machine environment. In ASPLOS-XII: Proceedings of the 12th international conference on Architectural support for programming languages and operating systems (2006), pp. 14--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Vmm-based hidden process detection and identification using lycosid. In VEE '08: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments (2008), pp. 91--100. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Joshi, A., King, S. T., Dunlap, G. W., and Chen, P. M. Detecting past and present intrusions through vulnerability-specific predicates. In SOSP '05: Proceedings of the twentieth ACM symposium on Operating systems principles (New York, NY, USA, 2005), ACM, pp. 91--104. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Lange, J., Pedretti, K., Dinda, P., Bridges, P., Bae, C., Soltero, P., and Merritt, A. Minimal-overhead virtualization of a large scale supercomputer. In Proceedings of the 2011 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE 2011) (March 2011). Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Lange, J., Pedretti, K., Hudson, T., Dinda, P., Cui, Z., Xia, L., Bridges, P., Gocke, A., Jaconette, S., Levenhagen, M., and Brightwell, R. Palacios and Kitten: New high performance operating systems for scalable virtualized and native supercomputing. In Proceedings of the 24th IEEE International Parallel and Distributed Processing Symposium (IPDPS 2010) (April 2010).Google ScholarGoogle ScholarCross RefCross Ref
  15. Lange, J. R., and Dinda, P. A. Transparent network services via a virtual traffic layer for virtual machines. In In Proceedings of the 16th International Symposium on High Performance Distributed Computing (HPDC) (2007). Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Lange, J. R., Sundararaj, A. I., and Dinda, P. A. Automatic dynamic run-time optical network reservations. In In Proceedings of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (2005), pp. 255--264. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. LeVasseur, J., Uhlig, V., Chapman, M., Chubb, P., Leslie, B., and Heiser, G. Pre-virtualization: soft layering for virtual machines. Technical Report 2006-15, Fakultät für Informatik, Universität Karlsruhe (TH), July 2006.Google ScholarGoogle Scholar
  18. McCalpin, J. D. A survey of memory bandwidth and machine balance in current high performance computers. In Newsletter of the IEEE Technical Committee on Computer Architecture (TCCA) (December 1995).Google ScholarGoogle Scholar
  19. Parallels Corporation. http://www.parallels.com.Google ScholarGoogle Scholar
  20. Plimpton, S. J., Brightwell, R., Vaughan, C., Underwood, K., and Davis, M. A simple synchronous distributed-memory algorithm for the hpcc randomaccess benchmark. In Proceedngs of the IEEE International Conference on Cluster Computing (CLUSTER) (September 2006).Google ScholarGoogle ScholarCross RefCross Ref
  21. Qumranet Corporation. Kvm - kernel-based virtual machine. Tech. rep., 2006. KVM has been incorporated into the mainline Linux kernel codebase.Google ScholarGoogle Scholar
  22. Quynh, N. A., and Takefuji, Y. Towards a tamper-resistant kernel rootkit detector. In SAC '07: Proceedings of the 2007 ACM symposium on Applied computing (New York, NY, USA, 2007), ACM, pp. 276--283. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Stricker, T., and Gross, T. Optimizing memory system performance for communication in parallel computers. In Proceedings of the 22nd annual international symposium on Computer architecture (ISCA) (1995). Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Sundararaj, A. I., Gupta, A., and Dinda, P. A. Increasing application performance in virtual environments through run-time inference and adaptation. In In Proceedings of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (2005). Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. VirtualBox. http://www.virtualbox.org.Google ScholarGoogle Scholar
  26. Waldsburger, C. Memory resource management in vmware esx server. In Proceedings of the 2002 Symposium on Operating Systems Design and Implementation (OSDI) (2002). Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Whitaker, A., Shaw, M., and Gribble, S. D. Scale and performance in the denali isolation kernel. SIGOPS Oper. Syst. Rev. 36, SI (2002), 195--209. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Yu, Y., Guo, F., Nanda, S., Lam, L.-c., and Chiueh, T.-c. A feather-weight virtual machine for windows applications. In VEE '06: Proceedings of the 2nd international conference on Virtual execution environments (New York, NY, USA, 2006), ACM, pp. 24--34. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. SymCall: symbiotic virtualization through VMM-to-guest upcalls

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 46, Issue 7
        VEE '11
        July 2011
        231 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2007477
        Issue’s Table of Contents
        • cover image ACM Conferences
          VEE '11: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
          March 2011
          250 pages
          ISBN:9781450306874
          DOI:10.1145/1952682

        Copyright © 2011 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 9 March 2011

        Check for updates

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!