1 / 25

CertiKOS Implementation Progress

CertiKOS Implementation Progress. Liang Gu Yale University. Content. Overview Virtual Disk Port to Intel platform Reduce virtual device code Virtual device at user mode Pass through device with IOMMU Demo. Progress after Boston PI meeting. Virtualization

khuong
Download Presentation

CertiKOS Implementation Progress

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CertiKOS Implementation Progress Liang Gu Yale University

  2. Content • Overview • Virtual Disk • Port to Intel platform • Reduce virtual device code • Virtual device at user mode • Pass through device with IOMMU • Demo

  3. Progressafter Boston PI meeting • Virtualization • Virtual devices: PCI, Virtual Disk ( virtio ,virtio block) • Support Multiple VM guests • Move virtual devices to execute in user mode • IOMMU based device pass-through to guest OS • Port CertiKOS to work on bare metal • PCI and AHCI • Port to Intel platform with VT-x Green- done Blue- almost done Red- ongoing

  4. CertiKOSArchitecture APP (certified) APP (uncertified) Mgmt OS (Linux) Commodity OS Mgmt Shell Application Master Master Syscall Slave Slave Syscall Process Management Virtual Machine Management V-Interrupt V-Devices Hypercall Memory Context IPC CertiKOS Virtual Memory Interrupt Handling SMP Management Virtualization Abstraction Vconsole Virtual Devices SVM Primitives Memory Management Hardware Abstraction Layer Hardware . . . CPU Cores Memory Hard Disk Network

  5. CertiKOSArchitecture APP (certified) APP (uncertified) Virtual Devices Mgmt OS (Linux) Commodity OS Mgmt Shell Application Master Master Syscall Slave Slave Syscall Process Management Virtual Machine Management V-Interrupt V-Devices Hypercall Memory Context IPC CertiKOS Virtual Memory Interrupt Handling SMP Management Virtualization Abstraction Vconsole SVM /VMX Primitives SVM Primitives Virtual Devices Memory Management Hardware Abstraction Layer Hardware . . . CPU Cores Memory Hard Disk Network

  6. CertiKOSArchitecture APP (certified) APP (uncertified) Virtual Devices Mgmt OS (Linux) Commodity OS Mgmt Shell Application Master Master Syscall Slave Slave Syscall Process Management Virtual Machine Management V-Interrupt V-Devices Hypercall Memory Context IPC CertiKOS Virtual Memory Interrupt Handling SMP Management Virtualization Abstraction Vconsole SVM /VMX Primitives SVM Primitives IOMMU Memory Management Hardware Abstraction Layer Hardware . . . CPU Cores Memory Hard Disk Network

  7. Content • Overview • Virtual Disk • Port to Intel platform • Reduce virtual device code • Virtual device at user mode • Pass through device with IOMMU • Demo

  8. Virtual Disk • Motivation • Enable CertiKOS to boot guest OS on bare metal • Separate the storage of guest OS from CertiKOS physically • Virtual PCI • Virtual disk based on virtio a. Mgmt shell Linux Legacy OS, e.g., Linux c. CertiKOS-based APP … d.Mgmt tool in Linux Virtual Disk CertiKOS disk0 disk1

  9. Virtio • Virtio • Rusty Russell, “virtio: Towards a De-Facto Standard For Virtual I/O Devices” • Available in both Linux and Windows • A simple and efficient framework to provide virtual devices to guest OS • Virtio is an abstraction for a set of common virtual devices Legacy OS, e.g., Linux Virtqueue Front-end driver Back-end driver … CertiKOS Disk driver disk1

  10. Boot CertiKOS on Bare Metal • Multiple settings for booting CertiKOS on bare metal • Boot CertiKOS and Guest on the same disk • Boot CertiKOS and Guest on different disks • Boot CertiKOS on USB and boot the guest on disk

  11. Content • Overview • Virtual Disk • Port to Intel platform • Reduce virtual device code • Virtual device at user mode • Pass through device with IOMMU • Demo

  12. Port to Intel platform • Motivation • Another widely supported Hardware-based Virtualization solution • Widely available VT-d support • Modularized implementation • Separate architecture dependent modules • Integrated by interfaces in the abstraction layer • LOCs • Sys/virt/svm 1775 • Sys/virt/vmx 2344 • VMX uses more sophisticated methods to control the virtualization • Access memory region for control data structures by special instructions, instead of direct memory read and write • More sophisticated setup Virtual Machine Management Virtualization Abstraction SVM Primitive Virtual Devices VMX Primitive

  13. Content • Overview • Virtual Disk • Port to Intel platform • Reduce virtual device code • Virtual device at user mode • Pass through device with IOMMU • Demo

  14. Virtual Device • LOCs in previous version at Boston PI meeting • Sys/virt/ 4441* • Sys/virt/dev/ 2384* • With Virtual PIC, KBD, PIT, text mode VGA • LOCs in current clean_code branch • Sys/virt/ 8237*# • Sys/virt/dev/ 3643* • Added virtual PCI, Virtio, Virtio-blk • Considering more devices, such as USB, Network, … • Moving virtual device to execute in user mode • Securely pass through device with IOMMU ( * counted by cloc 1.56) ( # with Intel vt-x )

  15. Virtual Device at User Mode • For untrusted guest domains, their virtual devices don’t have to be trusted • Process model extension • Multiple processes on a single core based on round-robin scheduling • Message passing via channels among processes a. Idle … d. Legacy Linux V-PIC V-KBD V-PIT … CertiKOS CPU0 CPU1

  16. Virtual Device at User Mode • Support multiple VM guests with VM session extension VM Session 2 VM Session 1 a. Idle … … d. Legacy Linux Guest Linux 2 … … … CertiKOS … CPU2 CPU0 CPU1

  17. Pass Through Device • Exclusively used devices can be directly exposed to guest VM, without introducing device virtualization code • However, malicious DMA operations are capable of attacking memory spaces • IOMMU / VT-d • allow a guest OS running under a VMM to have direct control of a device • Provide fine-grain control of device access to system memory

  18. IOMMU from AMD IOMMU specification Revision 2

  19. IOMMU Main memory Physical Address IOMMU MMU Device Address Virtual Address Device CPU from http://en.wikipedia.org/wiki/IOMMU

  20. IOMMU Page Table 1 Page Table 2 IOMMU MMU Device Table … Device Address Virtual Address … … … Device CPU … Interrupt Remapping Table Based on image from http://en.wikipedia.org/wiki/IOMMU

  21. Pass through device with IOMMU Legacy OS, e.g., Linux NPT Device Table CertiKOS … Interrupt Remapping Table device IOMMU

  22. Content • Overview • Virtual Disk • Port to Intel platform • Reduce virtual device code • Virtual device at user mode • Pass through device with IOMMU • Demo

  23. CertiKOSDemo Setting For Previous Version a. Mgmt shell Legacy OS, e.g., Linux c. CertiKOS-based APP … slave master slave CertiKOS … BSP AP AP Qemu KVM Linux AMD processor with SVM BSP- Boot Strap Processor AP-Application Processor

  24. CertiKOSDemo Setting a. Mgmt shell Legacy OS, e.g., Linux c. CertiKOS-based APP … slave master slave CertiKOS AMD processor with SVM/ Intel with VT-x BSP- Boot Strap Processor AP-Application Processor

  25. Thank you!

More Related