SymCall: symbiotic virtualization through VMM-to-guest upcalls

Symbiotic virtualization is a new approach to system virtualization in which a guest OS targets the native hardware interface as in full system virtualization, but also optionally exposes a software interface that can be used by a VMM, if present, to increase performance and functionality. Neither the VMM nor the OS needs to support the symbiotic virtualization interface to function together, but if both do, both benefit. We describe the design and implementation of the SymCall symbiotic virtualization interface in our publicly available Palacios VMM for modern x86 machines. SymCall makes it possible for Palacios to make clean synchronous upcalls into a symbiotic guest, much like system calls. One use of symcalls is to allow synchronous collection of semantically rich guest data during exit handling in order to enable new VMM features. We describe the implementation of SwapBypass, a VMM service based on SymCall that reconsiders swap decisions made by a symbiotic Linux guest. Finally, we present a detailed performance evaluation of both SwapBypass and SymCall.

[1]  Peter A. Dinda,et al.  Automatic dynamic run-time optical network reservations , 2005, HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005..

[2]  Yoshiyasu Takefuji,et al.  Towards a tamper-resistant kernel rootkit detector , 2007, SAC '07.

[3]  Peter A. Dinda,et al.  Increasing application performance in virtual environments through run-time inference and adaptation , 2005, HPDC-14. Proceedings. 14th IEEE International Symposium on High Performance Distributed Computing, 2005..

[4]  Samuel T. King,et al.  Detecting past and present intrusions through vulnerability-specific predicates , 2005, SOSP '05.

[5]  Peter A. Dinda,et al.  Transparent network services via a virtual traffic layer for virtual machines , 2007, HPDC '07.

[6]  Peter A. Dinda,et al.  Minimal-overhead virtualization of a large scale supercomputer , 2011, VEE '11.

[7]  Courtenay T. Vaughan,et al.  A Simple Synchronous Distributed-Memory Algorithm for the HPCC RandomAccess Benchmark , 2006, 2006 IEEE International Conference on Cluster Computing.

[8]  Brian D. Noble,et al.  When Virtual Is Better Than Real , 2001 .

[9]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[10]  Xiaoxin Chen,et al.  Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.

[11]  Yang Yu,et al.  A feather-weight virtual machine for windows applications , 2006, VEE '06.

[12]  Carl A. Waldspurger,et al.  Memory resource management in VMware ESX server , 2002, OSDI '02.

[13]  David Clark The structuring of systems using upcalls , 1985, SOSP 1985.

[14]  David D. Clark,et al.  The structuring of systems using upcalls , 1985, SOSP '85.

[15]  Andrea C. Arpaci-Dusseau,et al.  Antfarm: Tracking Processes in a Virtual Machine Environment , 2006, USENIX Annual Technical Conference, General Track.

[16]  Peter A. Dinda,et al.  Black box methods for inferring parallel applications' properties in virtual environments , 2008 .

[17]  Daniele Sgandurra,et al.  Building Trustworthy Intrusion Detection through VM Introspection , 2007, Third International Symposium on Information Assurance and Security.

[18]  Thomas R. Gross,et al.  Optimizing memory system performance for communication in parallel computers , 1995, Proceedings 22nd Annual International Symposium on Computer Architecture.

[19]  ともやん KVM (Kernel-based Virtual Machine) - 仮想化 , 2009 .

[20]  Andrea C. Arpaci-Dusseau,et al.  Geiger: monitoring the buffer cache in a virtual machine environment , 2006, ASPLOS XII.

[21]  Peter A. Dinda,et al.  Palacios and Kitten: New high performance operating systems for scalable virtualized and native supercomputing , 2010, 2010 IEEE International Symposium on Parallel & Distributed Processing (IPDPS).

[22]  Gernot Heiser,et al.  Pre-virtualization: Soft layering for virtual machines , 2008, 2008 13th Asia-Pacific Computer Systems Architecture Conference.

[23]  Andrea C. Arpaci-Dusseau,et al.  VMM-based hidden process detection and identification using Lycosid , 2008, VEE '08.

[24]  Marianne Shaw,et al.  Scale and performance in the Denali isolation kernel , 2002, OSDI '02.