research-article

SymCall: symbiotic virtualization through VMM-to-guest upcalls

Authors:

Peter DindaAuthors Info & Claims

ACM SIGPLAN Notices, Volume 46, Issue 7

Pages 193 - 204

https://doi.org/10.1145/2007477.1952707

Published: 09 March 2011 Publication History

Abstract

Symbiotic virtualization is a new approach to system virtualization in which a guest OS targets the native hardware interface as in full system virtualization, but also optionally exposes a software interface that can be used by a VMM, if present, to increase performance and functionality. Neither the VMM nor the OS needs to support the symbiotic virtualization interface to function together, but if both do, both benefit. We describe the design and implementation of the SymCall symbiotic virtualization interface in our publicly available Palacios VMM for modern x86 machines. SymCall makes it possible for Palacios to make clean synchronous upcalls into a symbiotic guest, much like system calls. One use of symcalls is to allow synchronous collection of semantically rich guest data during exit handling in order to enable new VMM features. We describe the implementation of SwapBypass, a VMM service based on SymCall that reconsiders swap decisions made by a symbiotic Linux guest. Finally, we present a detailed performance evaluation of both SwapBypass and SymCall.

References

[1]

KVM: Kernel-based virtualization driver. White Paper.

[2]

Baiardi, F., and Sgandurra, D. Building trustworthy intrusion detection through vm introspection. In IAS '07: Proceedings of the Third International Symposium on Information Assurance and Security (Washington, DC, USA, 2007), IEEE Computer Society, pp. 209--214.

Digital Library

[3]

Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. Xen and the art of virtualization. In 19th ACM Symposium on Operating Systems Principles (SOSP) (October 2003).

Digital Library

[4]

Chen, P. M., and Noble, B. D. When virtual is better than real. In The 8th Workshop on Hot Topics in Operating Systems (HotOS-VIII) (2001).

Digital Library

[5]

Chen, X., Garfinkel, T., Lewis, E. C., Subrahmanyam, P., Waldspurger, C. A., Boneh, D., Dwoskin, J., and Ports, D. R. K. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '08) (Seattle, WA, USA, Mar. 2008).

Digital Library

[6]

Clark, D. D. The structuring of systems using upcalls. In Proceedings of the tenth ACM symposium on Operating systems principles (SOSP) (1985).

Digital Library

[7]

Garfinkel, T., and Rosenblum, M. A virtual machine introspection based architecture for intrusion detection. In Proc. Network and Distributed Systems Security Symposium (2003), pp. 191--206.

[8]

Gupta, A. Black Box Methods for Inferring Parallel Applications Properties in Virtual Environments. PhD thesis, Northwestern University, Department of Electrical Engineering and Computer Science, March 2008.

Digital Library

[9]

Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Antfarm: tracking processes in a virtual machine environment. In ATEC '06: Proceedings of the annual conference on USENIX '06 Annual Technical Conference (Berkeley, CA, USA, 2006), USENIX Association, pp. 1--1.

Digital Library

[10]

Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Geiger: monitoring the buffer cache in a virtual machine environment. In ASPLOS-XII: Proceedings of the 12th international conference on Architectural support for programming languages and operating systems (2006), pp. 14--24.

Digital Library

[11]

Jones, S. T., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Vmm-based hidden process detection and identification using lycosid. In VEE '08: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments (2008), pp. 91--100.

Digital Library

[12]

Joshi, A., King, S. T., Dunlap, G. W., and Chen, P. M. Detecting past and present intrusions through vulnerability-specific predicates. In SOSP '05: Proceedings of the twentieth ACM symposium on Operating systems principles (New York, NY, USA, 2005), ACM, pp. 91--104.

Digital Library

[13]

Lange, J., Pedretti, K., Dinda, P., Bridges, P., Bae, C., Soltero, P., and Merritt, A. Minimal-overhead virtualization of a large scale supercomputer. In Proceedings of the 2011 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE 2011) (March 2011).

Digital Library

[14]

Lange, J., Pedretti, K., Hudson, T., Dinda, P., Cui, Z., Xia, L., Bridges, P., Gocke, A., Jaconette, S., Levenhagen, M., and Brightwell, R. Palacios and Kitten: New high performance operating systems for scalable virtualized and native supercomputing. In Proceedings of the 24th IEEE International Parallel and Distributed Processing Symposium (IPDPS 2010) (April 2010).

[15]

Lange, J. R., and Dinda, P. A. Transparent network services via a virtual traffic layer for virtual machines. In In Proceedings of the 16th International Symposium on High Performance Distributed Computing (HPDC) (2007).

Digital Library

[16]

Lange, J. R., Sundararaj, A. I., and Dinda, P. A. Automatic dynamic run-time optical network reservations. In In Proceedings of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (2005), pp. 255--264.

Digital Library

[17]

LeVasseur, J., Uhlig, V., Chapman, M., Chubb, P., Leslie, B., and Heiser, G. Pre-virtualization: soft layering for virtual machines. Technical Report 2006-15, Fakultät für Informatik, Universität Karlsruhe (TH), July 2006.

[18]

McCalpin, J. D. A survey of memory bandwidth and machine balance in current high performance computers. In Newsletter of the IEEE Technical Committee on Computer Architecture (TCCA) (December 1995).

[19]

Parallels Corporation. http://www.parallels.com.

[20]

Plimpton, S. J., Brightwell, R., Vaughan, C., Underwood, K., and Davis, M. A simple synchronous distributed-memory algorithm for the hpcc randomaccess benchmark. In Proceedngs of the IEEE International Conference on Cluster Computing (CLUSTER) (September 2006).

[21]

Qumranet Corporation. Kvm - kernel-based virtual machine. Tech. rep., 2006. KVM has been incorporated into the mainline Linux kernel codebase.

[22]

Quynh, N. A., and Takefuji, Y. Towards a tamper-resistant kernel rootkit detector. In SAC '07: Proceedings of the 2007 ACM symposium on Applied computing (New York, NY, USA, 2007), ACM, pp. 276--283.

Digital Library

[23]

Stricker, T., and Gross, T. Optimizing memory system performance for communication in parallel computers. In Proceedings of the 22nd annual international symposium on Computer architecture (ISCA) (1995).

Digital Library

[24]

Sundararaj, A. I., Gupta, A., and Dinda, P. A. Increasing application performance in virtual environments through run-time inference and adaptation. In In Proceedings of the 14th IEEE International Symposium on High Performance Distributed Computing (HPDC) (2005).

Digital Library

[25]

VirtualBox. http://www.virtualbox.org.

[26]

Waldsburger, C. Memory resource management in vmware esx server. In Proceedings of the 2002 Symposium on Operating Systems Design and Implementation (OSDI) (2002).

Digital Library

[27]

Whitaker, A., Shaw, M., and Gribble, S. D. Scale and performance in the denali isolation kernel. SIGOPS Oper. Syst. Rev. 36, SI (2002), 195--209.

Digital Library

[28]

Yu, Y., Guo, F., Nanda, S., Lam, L.-c., and Chiueh, T.-c. A feather-weight virtual machine for windows applications. In VEE '06: Proceedings of the 2nd international conference on Virtual execution environments (New York, NY, USA, 2006), ACM, pp. 24--34.

Digital Library

Cited By

Zhang QLiu LPu CCao WSahin S(2018)Efficient Shared Memory Orchestration towards Demand Driven Memory Slicing2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS.2018.00121(1212-1223)Online publication date: Jul-2018
https://doi.org/10.1109/ICDCS.2018.00121
Zhang QLiu LSu GIyengar A(2017)MemFlex: A Shared Memory Swapper for High Performance VM ExecutionIEEE Transactions on Computers10.1109/TC.2017.268685066:9(1645-1652)Online publication date: 1-Sep-2017
https://doi.org/10.1109/TC.2017.2686850
Zhang PLi XChu RWang H(2015)HybridSwap: A scalable and synthetic framework for guest swapping on virtualization platform2015 IEEE Conference on Computer Communications (INFOCOM)10.1109/INFOCOM.2015.7218457(864-872)Online publication date: Apr-2015
https://doi.org/10.1109/INFOCOM.2015.7218457
Show More Cited By

Index Terms

SymCall: symbiotic virtualization through VMM-to-guest upcalls
1. Software and its engineering
  1. Software creation and management
    1. Designing software
  2. Software organization and properties
    1. Contextual software domains
      1. Operating systems

Recommendations

SymCall: symbiotic virtualization through VMM-to-guest upcalls
VEE '11: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments

Symbiotic virtualization is a new approach to system virtualization in which a guest OS targets the native hardware interface as in full system virtualization, but also optionally exposes a software interface that can be used by a VMM, if present, to ...
Xen and the art of virtualization
SOSP '03

Numerous systems have been designed which use virtualization to subdivide the ample resources of a modern computer. Some require specialized hardware, or cannot support commodity operating systems. Some target 100% binary compatibility at the expense of ...
Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems
ASPLOS '08

Commodity operating systems entrusted with securing sensitive data are remarkably large and complex, and consequently, frequently prone to compromise. To address this limitation, we introduce a virtual-machine-based system called Overshadow that ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGPLAN Notices

ACM SIGPLAN Notices Volume 46, Issue 7

VEE '11

July 2011

231 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/2007477

Issue’s Table of Contents

VEE '11: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
March 2011
250 pages
ISBN:9781450306874
DOI:10.1145/1952682
General Chair:
Erez Petrank
The Technion, Israel
,
Program Chair:
Doug Lea
SUNY Oswego, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 March 2011

Published in SIGPLAN Volume 46, Issue 7

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
420
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)2

Reflects downloads up to 19 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang QLiu LPu CCao WSahin S(2018)Efficient Shared Memory Orchestration towards Demand Driven Memory Slicing2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS.2018.00121(1212-1223)Online publication date: Jul-2018
https://doi.org/10.1109/ICDCS.2018.00121
Zhang QLiu LSu GIyengar A(2017)MemFlex: A Shared Memory Swapper for High Performance VM ExecutionIEEE Transactions on Computers10.1109/TC.2017.268685066:9(1645-1652)Online publication date: 1-Sep-2017
https://doi.org/10.1109/TC.2017.2686850
Zhang PLi XChu RWang H(2015)HybridSwap: A scalable and synthetic framework for guest swapping on virtualization platform2015 IEEE Conference on Computer Communications (INFOCOM)10.1109/INFOCOM.2015.7218457(864-872)Online publication date: Apr-2015
https://doi.org/10.1109/INFOCOM.2015.7218457
Cheng YLi QYu MDing XShen Q(2015)SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External ServicesSecurity and Privacy in Communication Networks10.1007/978-3-319-28865-9_11(193-211)Online publication date: 2015
https://doi.org/10.1007/978-3-319-28865-9_11
Wang YTian XXu JChen SYang H(2012)Intel SYSRET Privilege Escalation Vulnerability AnalysisNetwork Computing and Information Security10.1007/978-3-642-35211-9_5(30-37)Online publication date: 2012
https://doi.org/10.1007/978-3-642-35211-9_5
Xuan PLuo FGe RSrimani P(2017)Dynamic Management of In-memory Storage for Efficiently Integrating Compute- and Data-intensive Computing on HPC SystemsProceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing10.1109/CCGRID.2017.66(549-558)Online publication date: 14-May-2017
https://dl.acm.org/doi/10.1109/CCGRID.2017.66
AKIYAMA SHIROFUCHI TTAKANO RHONIDEN S(2016)Fast Live Migration for IO-Intensive VMs with Parallel and Adaptive Transfer of Page Cache via SANIEICE Transactions on Information and Systems10.1587/transinf.2016PAP0021E99.D:12(3024-3034)Online publication date: 2016
https://doi.org/10.1587/transinf.2016PAP0021
Li XZhang PChu RWang H(2016)Optimizing guest swapping using elastic and transparent memory provisioning on virtualization platformFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-016-5217-z10:5(908-924)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1007/s11704-016-5217-z
Liu HJin HLiao XDeng WHe BXu C(2015)Hotplug or Ballooning: A Comparative Study on Dynamic Memory Management Techniques for Virtual MachinesIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2014.232091526:5(1350-1363)Online publication date: 1-May-2015
https://doi.org/10.1109/TPDS.2014.2320915
Gauhar Eram Shaikh Shrawankar U(2015)Dynamic memory allocation technique for virtual machines2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT)10.1109/ICECCT.2015.7226091(1-6)Online publication date: Mar-2015
https://doi.org/10.1109/ICECCT.2015.7226091
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents