Protection Strategies for Direct Access to Virtualized I/O D

WBOY
發布: 2016-06-07 15:31:15
原創
1171 人瀏覽過

Protection Strategies for Direct Access to Virtualized I/O Devices appeared in USENIX 2008. 该文比较了五种策略的保护程度和性能开销,遗憾的地方就是该文没有指出五种策略的使用场合,大部分不适用于全虚拟化,而适用于协同虚拟化。 The comparison o

Protection Strategies for Direct Access to Virtualized I/O Devices

appeared in USENIX 2008.

该文比较了五种策略的保护程度和性能开销,遗憾的地方就是该文没有指出五种策略的使用场合,大部分不适用于全虚拟化,而适用于协同虚拟化。

The comparison of these five strategies yields several insights. First, all five strategies provide equivalent inter-guest(客户机之间) protection among OS instances. However, the strategies support differing levels of protection within a particular guest (intra-guest客户机内部 protection). For example, the direct-map strategy incurs almost no performance overhead but supports no intra-guest protection. Conversely, the single-use strategy provides the maximum possible intra-guest protection, but it imposes the largest performance penaltyThe traditional single-use strategy provides inter-guest protection at the greatest cost, consuming from 6–26% of the CPU. Second, there is significant opportunity to reuse IOMMU mappings, which can reduce protection overheads. Multiple concurrent I/O operations are able to share the same mappings often enough that there is a noticeable decrease in the overhead of providing protection. Sharing mappings only among concurrent I/O operations provides the same level of intra-guest protection as the single-use strategy but with less overhead. Relaxing this intra-guest protection guarantee by allowing mappings to persist so that they can be reused in future I/O operations can significantly decrease this overhead, allowing the guest to achieve performance levels very close to that of the direct-map strategy while still maintaining some amount of intraguest protection. Finally, the software-based protection strategy performs competitively with several of the better-performing IOMMU-based strategies while maintaining strong inter-guest protection guarantees and enabling

intra-guest protection capabilities.

 

 

五种策略

Single-use Mappings:每一次使用之前才映射,使用完毕解除映射

Shared Mappingsthe shared-mapping strategy detects when a valid IOMMU mapping to a memory page already exists and reuses that mapping rather than generating a new one. In practical terms, this sharing can happen when an application repeats the same I/O message or when an application sends or receives small I/O messages that reside in the same memory page.

Persistent MappingsIOMMU mappings can further be reused by allowing them to persist even after all I/O transactions using the mapping have completed. 即一次使用后就一直保留,不解除映射。

Direct MappingsTo allow maximum reuse of IOMMU mappings and to further reduce runtime overhead, it is possible to permanently map the entire physical address space of the guest operating system.

软件方案(很明显不支持完全虚拟化,而且要求VMM知道硬件细节):见WILLMANN, P., SHAFER,  Concurrent direct network access for virtual machine monitors. In Proceedings of the 13th International Symposium on High Performance Computer Architecture (Feb. 2007).

 

三种I/O访问错误

Three potential memory access violations can occur on every I/O transfer initiated using this DMA architecture:

1. The device driver could create a DMA descriptor with an incorrect address (a “bad-address” fault).

2. The operating system could repurpose the memory referenced by a DMA descriptor, or the device driver could later reuse a valid DMA descriptor without permission (an “invalid-use” fault).

3. The device itself could initiate a DMA transfer to a memory address not referenced by the DMA descriptor (a “bad-device” fault). the last type of violation is only likely to occur as a result of a device failure.

 

Protection Strategies for Direct Access to Virtualized I/O D

关于Intraguest的解释:其他四种方式都要在使用之前先映射(OS会检查),所以能避免bad address。但是建立映射之后,Once the first request to create the IOMMU mapping has happened, however, none of the IOMMU-based strategies can prevent a driver from invalidly reusing that same mapping for a subsequent I/O transaction. In these strategies, the driver is responsible for informing the OS when it is done with an IOMMU mapping. Even if the OS was modified to automatically revoke an IOMMU mapping when it detected the completion of a corresponding I/O event, the driver could still invalidly reuse a mapping after the original I/O event finished, but before the OS could intervene to terminate the IOMMU mapping.

 

IOMMU的性能开销

Platform                 I/O PT Update  IOTLB Update  Update & Flush

IBM Calgary IOMMU          673         10207          10887

Intel VT-d IOMMU            991          1217           2213

AMD GART                  27          486             579

Table 2: Microbenchmarks examining costs associated with modern translation hardware, in processor cycles.

相關標籤:
for
來源:php.cn
本網站聲明
本文內容由網友自願投稿,版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容,請聯絡admin@php.cn
熱門教學
更多>
最新下載
更多>
網站特效
網站源碼
網站素材
前端模板
關於我們 免責聲明 Sitemap
PHP中文網:公益線上PHP培訓,幫助PHP學習者快速成長!