KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

IOMMU Para-Virtualization for Efficient and Secure DMA in Virtual Machines

  • Tang, Hongwei (Shenzhen Institute of Advanced Technology, Chinese Academy of Sciences) ;
  • Li, Qiang (Institute of Computing Technology, Chinese Academy of Sciences) ;
  • Feng, Shengzhong (Shenzhen Institute of Advanced Technology, Chinese Academy of Sciences) ;
  • Zhao, Xiaofang (Institute of Computing Technology, Chinese Academy of Sciences) ;
  • Jin, Yan (Institute of Computing Technology, Chinese Academy of Sciences)
  • Received : 2016.08.14
  • Accepted : 2016.11.15
  • Published : 2016.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

IOMMU is a hardware unit that is indispensable for DMA. Besides address translation and remapping, it also provides I/O virtual address space isolation among devices and memory access control on DMA transactions. However, currently commodity virtualization platforms lack of IOMMU virtualization, so that the virtual machines are vulnerable to DMA security threats. Previous works focus only on DMA security problem of directly assigned devices. Moreover, these solutions either introduce significant overhead or require modifications on the guest OS to optimize performance, and none can achieve high I/O efficiency and good compatibility with the guest OS simultaneously, which are both necessary for production environments. However, for simulated virtual devices the DMA security problem also exists, and previous works cannot solve this problem. The reason behind that is IOMMU circuits on the host do not work for this kind of devices as DMA operations of which are simulated by memory copy of CPU. Motivated by the above observations, we propose an IOMMU para-virtualization solution called PVIOMMU, which provides general functionalities especially DMA security guarantees for both directly assigned devices and simulated devices. The prototype of PVIOMMU is implemented in Qemu/KVM based on the virtio framework and can be dynamically loaded into guest kernel as a module, As a result, modifying and rebuilding guest kernel are not required. In addition, the device model of Qemu is revised to implement DMA access control by separating the device simulator from the address space of the guest virtual machine. Experimental evaluations on three kinds of network devices including Intel I210 (1Gbps), simulated E1000 (1Gbps) and IB ConnectX-3 (40Gbps) show that, PVIOMMU introduces little overhead on DMA transactions, and in general the network I/O performance is close to that in the native KVM implementation without IOMMU virtualization.

Keywords

References

  1. Intel, "Intel Virtualization Technology for Directed I/O Architecture Specification."
  2. B. Liu, L. Yang and X. Qin, "Research on Hardware I/O Passthrough in Computer Virtualization," in Proc. of the International Symposium on Computer Science, 2010.
  3. M. Benyehuda, J. Mason, J. Xenidis, O. Krieger, L. van Doorn, J. Nakajima, A. Mallick and E. Wahlig, "Utilizing IOMMUs for virtualization in Linux and Xen," in Proc. of OLS '06: The 2006 Ottawa Linux Symposium, pp. 71-86, 2006.
  4. A. Kivity, Y. Kamay, D. Laor, U. Lublin and A. Liguori, "KVM: the linux virtual machine monitor," in Proc. of Ottawa Linux Symposium, pp. 225-230, 2007.
  5. M. Benyehuda, J. Xenidis, M. Ostrowski, K. Rister, A. Bruemmer and L. van Doorn, "The price of safety: Evaluating IOMMU performance," in Proc. of OLS '07: The 2007 Ottawa Linux Symposium, pp. 9-20, 2007.
  6. B. A. Yassour, M. Benyehuda and O. Wasserman, "Direct device assignment for untrusted fully-virtualized virtual machines," vol. 54, pp. 150-156, Yehuda, 2008.
  7. M. Becher,M. Dornseif and C. N. Klein, "FireWire: all your memory are belong to us," in Proc. of CanSecWest Applied Security Conference, 2005.
  8. R. Wojtczuk, "Subverting the Xen hypervisor," in Proc. of Black Hat, 2008.
  9. B. A. Yassour, M. Benyehuda and O. Wasserman, "On the DMA mapping problem in direct device assignment," in Proc. of SYSTOR 2010: the Haifa Experimental Systems Conference. pp. 1-12, Israel, 2010.
  10. N. Amit, M. Benyehuda, D. Tsafrir and A. Schuster, "vIOMMU: efficient IOMMU emulation," in Proc. of the 2011 USENIX conference on USENIX annual technical conference, Portland, 2011.
  11. M. Malka, N. Amit, M. Benyehuda and D. Tsafrir, "rIOMMU: Efficient IOMMU for I/O Devices that Employ Ring Buffers," in Proc. of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, Turkey, 2015.
  12. Linux Kernel. https://www.kernel.org/.
  13. O. Peleg, A.Morrison, B. Serebrin and D. Tsafrir, "Utilizing the IOMMU scalably," in Proc. of the 2015 USENIX Conference on Usenix Annual Technical Conference, pp. 549-562, CA, 2015.
  14. P. Willmann, S. Rixner, A. L. Cox, "Protection strategies for direct access to virtualized I/O devices," in Proc. of USENIX Ann. Technical Conf. (ATC), pp. 15-28, 2008.
  15. N. Amit, M. Benyehuda and B. A. Yassour, "IOMMU: Strategies for mitigating the IOTLB bottleneck," in Proc. of Workshop on Interaction between Opearting Syst. & Comput. Archit. (WIOSCA), 2010.
  16. Netperf. http://www.netperf.org
  17. Apache Bench. https://httpd.apache.org/docs/2.4/programs/ab.html
  18. IMB. https://software.intel.com/en-us/articles/intel-mpi-benchmarks
  19. R. Russell, "virtio: towards a de-facto standard for virtual I/O devices," ACM SIGOPS Operating Syst. Review (OSR), vol. 42, pp. 95-103, 2008.
  20. AMD, "AMD I/O Virtualization Technology (IOMMU) Specification (Revision 2.62)," February 2015.
  21. P. Stewin and I. Bystrov, "Understanding DMA Malware," in Proc. of the 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, July 2012.
  22. L. Duflot and Y. A. Perez, "Can You Still Trust Your Network Card?" in Proc. of the 13th CanSecWest Conference (CanSecWest'10), 2010.
  23. F. Sang, V. Nicomette, and Y. Deswarte, "I/O Attacks in Intel PC-based Architectures and Countermeasures," in Proc. of SysSec Workshop (SysSec'11), 2011.
  24. J. Jose, M. Li, X. Lu, K. C. Kandalla, M. D. Arnold, and D. K. Panda, "SR-IOV support for virtualization on infiniband clusters: Early experience," in Proc. of Cluster Computing and the Grid, IEEE International Symposium on. IEEE Computer Society, pp. 385-392, 2013.
  25. F. Bellard, "QEMU, a Fast and Portable Dynamic Translator," in Proc. of the USENIX Annual Technical Conference, pp. 41-46, 2005.
  26. C. Canali, and R. Lancellotti, "A class-based virtual machine placement technique for a greener cloud," in Proc. of 4th. Int. Conference on Green IT Solutions (ICGREEN 2015), 2015.
  27. C. Canali, and R. Lancellotti, "Automated clustering of VMs for scalable cloud monitoring and management," in Proc. of the 20th International Conference on Software, Telecommunications and Computer Networks, pp.1-5, 2012.
  28. M. Shojafar, N. Cordeschi, D. Amendola, and E. Baccarelli, "Energy-saving adaptive computing and traffic engineering for real-time-service data centers," in Proc. of the IEEE International Conference on Communication, pp. 1800-1806, 2015.
  29. M. Shojafar, C. Canali, R. Lancellotti, and E. Baccarelli, "Minimizing computing-plus-communication energy consumptions in virtualized networked data centers," in Proc. of 21th IEEE/ACM ISCC, pp. 1184-1191, 2016.
  30. Z. Pooranian, M. Shojafar, R. Tavoli, M. Singhal, and A. Abraham, "A hybrid metaheuristic algorithm for job scheduling on computational grids," Informatica, vol. 37(2), pp. 157-164, 2013.
  31. V. Leis, A. Kemper, and T. Neumann, "The adaptive radix tree: ARTful indexing for main-memory databases," in Proc. of ICDE, pp. 38-49, 2013.
  32. OFED. https://www.openfabrics.org/downloads/OFED/