NEVE: Nested Virtualization Extensions for ARM

Nested virtualization, the ability to run a virtual machine inside another virtual machine, is increasingly important because of the need to deploy virtual machines running software stacks on top of virtualized cloud infrastructure. As ARM servers make inroads in cloud infrastructure deployments, supporting nested virtualization on ARM is a key requirement, which has been met recently with the introduction of nested virtualization support to the ARM architecture. We build the first hypervisor to use ARM nested virtualization support and show that despite similarities between ARM and x86 nested virtualization support, performance on ARM is much worse than on x86. This is due to excessive traps to the hypervisor caused by differences in non-nested virtualization support. To address this problem, we introduce a novel paravirtualization technique to rapidly prototype architectural changes for virtualization and evaluate their performance impact using existing hardware. Using this technique, we propose Nested Virtualization Extensions for ARM (NEVE), a set of simple architectural changes to ARM that can be used by software to coalesce and defer traps by logging the results of hypervisor instructions until the results are actually needed by the hypervisor or virtual machines. We show that NEVE allows hypervisors running real application workloads to provide an order of magnitude better performance than current ARM nested virtualization support and up to three times less overhead than x86 nested virtualization. NEVE will be included in ARMv8.4, the next version of the ARM architecture.

[1]  Jeremy Andrus,et al.  Cells: a virtual mobile smartphone architecture , 2011, SOSP '11.

[2]  Gernot Heiser,et al.  Pre-virtualization: Slashing the cost of virtualization , 2005 .

[3]  Sang-Bum Suh,et al.  Xen on ARM: System Virtualization Using Xen Hypervisor for ARM-Based Secure Mobile Phones , 2008, 2008 5th IEEE Consumer Communications and Networking Conference.

[4]  Jason Nieh,et al.  Optimizing the Design and Implementation of the Linux ARM Hypervisor , 2017, USENIX Annual Technical Conference.

[5]  Radu Rugina,et al.  Software Techniques for Avoiding Hardware Virtualization Exits , 2012, USENIX Annual Technical Conference.

[6]  Gernot Heiser,et al.  Hardware-supported virtualization on ARM , 2011, APSys.

[7]  Irfan Ahmad,et al.  vIC: Interrupt Coalescing for Virtual Machine Storage Device IO , 2011, USENIX Annual Technical Conference.

[8]  Marianne Shaw,et al.  Scale and performance in the Denali isolation kernel , 2002, OSDI '02.

[9]  Haibo Chen,et al.  CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[10]  Jason Nieh,et al.  ARM Virtualization: Performance and Architectural Implications , 2016, 2016 ACM/IEEE 43rd Annual International Symposium on Computer Architecture (ISCA).

[11]  Rusty Russell,et al.  virtio: towards a de-facto standard for virtual I/O devices , 2008, OPSR.

[12]  Gerald J. Popek,et al.  Formal requirements for virtualizable third generation architectures , 1974, SOSP '73.

[13]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[14]  Yeh-Ching Chung,et al.  ARMvisor : System Virtualization for ARM , 2012 .

[15]  Jason Nieh,et al.  KVM/ARM: the design and implementation of the linux ARM hypervisor , 2014, ASPLOS.

[16]  Harvey Tuch,et al.  The VMware mobile virtualization platform: is that a hypervisor in your pocket? , 2010, OPSR.

[17]  Eric Eide,et al.  Introducing CloudLab: Scientific Infrastructure for Advancing Cloud Architectures and Applications , 2014, login Usenix Mag..

[18]  Alysson Neves Bessani,et al.  Recursive virtual machines for advanced security mechanisms , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[19]  No License,et al.  Intel ® 64 and IA-32 Architectures Software Developer ’ s Manual Volume 3 A : System Programming Guide , Part 1 , 2006 .

[20]  Yang Zhang,et al.  Optimizing Network I/O Virtualization with Efficient Interrupt Coalescing and Virtual Receive Side Scaling , 2011, 2011 IEEE International Conference on Cluster Computing.

[21]  Muli Ben-Yehuda,et al.  The Turtles Project: Design and Implementation of Nested Virtualization , 2010, OSDI.

[22]  David Keppel,et al.  Shade: a fast instruction-set simulator for execution profiling , 1994, SIGMETRICS.

[23]  Hakim Weatherspoon,et al.  The Xen-Blanket: virtualize once, run everywhere , 2012, EuroSys '12.

[24]  Jason Nieh,et al.  KVM for ARM , 2010 .