Logical Partitions on Many-Core Platforms

Cloud platforms that use logical partitions to allocate dedicated resources to VMs can benefit from small and therefore secure hypervisors. Many-core platforms, with their abundant resources, are an attractive basis to create and deploy logical partitions on a large scale. However, many-core platforms are designed for efficient cross-core data sharing rather than isolation, which is a key requirement for logical partitions. Typically, logical partitions leverage hardware virtualization extensions that require complex CPU core enhancements. These extensions are not optimal for many-core platforms, where it is preferable to keep the cores as simple as possible. In this paper, we show that a simple address-space isolation mechanism, that can be implemented in the Network-on-Chip of the many-core processor, is sufficient to enable logical partitions. We implement the proposed change for the Intel Single-Chip Cloud Computer (SCC). We also design a cloud architecture that relies on a small and disengaged hypervisor for the security-enhanced Intel SCC. Our prototype hypervisor is 3.4K LOC which is comparable to the smallest hypervisors available today. Furthermore, virtual machines execute bare-metal avoiding runtime interaction with the hypervisor and virtualization overhead.

[1]  Saurabh Dighe,et al.  The 48-core SCC Processor: the Programmer's View , 2010, 2010 ACM/IEEE International Conference for High Performance Computing, Networking, Storage and Analysis.

[2]  Robert Tappan Morris,et al.  An Analysis of Linux Scalability to Many Cores , 2010, OSDI.

[3]  Yang Zhang,et al.  Corey: An Operating System for Many Cores , 2008, OSDI.

[4]  Xiaowei Yang,et al.  High performance network virtualization with SR-IOV , 2010, HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture.

[5]  Yong Qi,et al.  A lightweight VMM on many core for high performance computing , 2013, VEE '13.

[6]  Galen C. Hunt,et al.  Helios: heterogeneous multiprocessing with satellite kernels , 2009, SOSP '09.

[7]  Gorka Irazoqui Apecechea,et al.  Wait a Minute! A fast, Cross-VM Attack on AES , 2014, RAID.

[8]  Robert Taylor,et al.  Lpar configuration and management: working with ibm eserver , 2002 .

[9]  Milo M. K. Martin,et al.  Why on-chip cache coherence is here to stay , 2012, Commun. ACM.

[10]  Anant Agarwal,et al.  Factored operating systems (fos): the case for a scalable operating system for multicores , 2009, OPSR.

[11]  Udo Steinberg,et al.  NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.

[12]  Peng Li,et al.  Mitigating access-driven timing channels in clouds using StopWatch , 2013, 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[13]  Samuel Kounev,et al.  Experience Report: An Analysis of Hypercall Handler Vulnerabilities , 2014, 2014 IEEE 25th International Symposium on Software Reliability Engineering.

[14]  Ronald Minnich,et al.  NIX: A case for a manycore system for cloud computing , 2012, Bell Labs Technical Journal.

[15]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[16]  Chun-Kun,et al.  Lecture Note Sel4: Formal Verification of an Os Kernel , 2022 .

[17]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[18]  Reto Buerki,et al.  Muen - An x86/64 Separation Kernel for High Assurance , 2013 .

[19]  Alain Greiner,et al.  NoC-MPU: A secure architecture for flexible co-hosting on shared memory MPSoCs , 2011, 2011 Design, Automation & Test in Europe.

[20]  Dennis Brylow,et al.  BareMichael: A Minimalistic Bare-metal Framework for the Intel SCC , 2012, MARC Symposium.

[21]  Kun Bai HypeBIOS : Enforcing VM Isolation with Minimized and Decomposed Cloud TCB , 2013 .

[22]  Ruby B. Lee,et al.  Architectural support for hypervisor-secure virtualization , 2012, ASPLOS XVII.

[23]  Jennifer Rexford,et al.  Eliminating the hypervisor attack surface for a more secure cloud , 2011, CCS '11.

[24]  Yuval Yarom,et al.  FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[25]  Michael K. Reiter,et al.  Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud , 2013, CCS.

[26]  Gernot Heiser,et al.  vNUMA: A Virtual Shared-Memory Multiprocessor , 2009, USENIX Annual Technical Conference.

[27]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[28]  Xinwen Zhang,et al.  Architectural support of multiple hypervisors over single platform for enhancing cloud computing security , 2012, CF '12.

[29]  Haibo Chen,et al.  A case for scaling applications to many-core with OS clustering , 2011, EuroSys '11.

[30]  Gianluca Palermo,et al.  Secure Memory Accesses on Networks-on-Chip , 2008, IEEE Transactions on Computers.

[31]  Gil Neiger,et al.  Intel ® Virtualization Technology for Directed I/O , 2006 .

[32]  Leendert van Doorn,et al.  The IBM PCIXCC: A new cryptographic coprocessor for the IBM eServer , 2004, IBM J. Res. Dev..

[33]  Adrian Schüpbach,et al.  The multikernel: a new OS architecture for scalable multicore systems , 2009, SOSP '09.

[34]  Vishakha Gupta,et al.  High-Performance Hypervisor Architectures: Virtualization in HPC Systems , 2007 .