research-article

Using SMT to accelerate nested virtualization

Authors:

Lluís Vilanova,

Yoav EtsionAuthors Info & Claims

ISCA '19: Proceedings of the 46th International Symposium on Computer Architecture

Pages 750 - 761

https://doi.org/10.1145/3307650.3322261

Published: 22 June 2019 Publication History

Abstract

IaaS datacenters offer virtual machines (VMs) to their clients, who in turn sometimes deploy their own virtualized environments, thereby running a VM inside a VM. This is known as nested virtualization.

VMs are intrinsically slower than bare-metal execution, as they often trap into their hypervisor to perform tasks like operating virtual I/O devices. Each VM trap requires loading and storing dozens of registers to switch between the VM and hypervisor contexts, thereby incurring costly runtime overheads. Nested virtualization further magnifies these overheads, as every VM trap in a traditional virtualized environment triggers at least twice as many traps.

We propose to leverage the replicated thread execution resources in simultaneous multithreaded (SMT) cores to alleviate the overheads of VM traps in nested virtualization. Our proposed architecture introduces a simple mechanism to colocate different VMs and hypervisors on separate hardware threads of a core, and replaces the costly context switches of VM traps with simple thread stall and resume events. More concretely, as each thread in an SMT core has its own register set, trapping between VMs and hypervisors does not involve costly context switches, but simply requires the core to fetch instructions from a different hardware thread. Furthermore, our inter-thread communication mechanism allows a hypervisor to directly access and manipulate the registers of its subordinate VMs, given that they both share the same in-core physical register file.

A model of our architecture shows up to 2.3× and 2.6× better I/O latency and bandwidth, respectively. We also show a software-only prototype of the system using existing SMT architectures, with up to 1.3× and 1.5× better I/O latency and bandwidth, respectively, and 1.2--2.2× speedups on various real-world applications.

References

[1]

Jeongseob Ahn, Seongwook Jin, and Jaehyuk Huh. 2012. Revisiting hardware-assisted page walks for virtualized systems. In Intl. Symp. on Computer Architecture (ISCA).

Digital Library

[2]

AMD 2005. Secure virtual machine architecture reference manual. AMD.

[3]

Nadav Amit, Muli Ben-Yehuda, Dan Tsafrir, and Assaf Schuster. 2011. vIOMMU: efficient IOMMU emulation. In USENIX Annual Technical Conf.

Digital Library

[4]

ARM Ltd. 2013. ARM architecture reference manual ARMv8-A DDI 0487A.a. ARM Ltd.

[5]

Berk Atikoglu, Yuehai Xu, Eitan Frachtenberg, Song Jiang, and Mike Paleczny. 2012. Workload Analysis of a Large-Scale Key-Value Store. In ACM SIGMETRICS.

Digital Library

[6]

Adam Belay, George Prekas, Ana Klimovic, Samuel Grossman, Christos Kozyrakis, and Edouard Bugnion. 2014. IX: A Protected Dataplane Operating System for High Throughput and Low Latency. In Symp. on Operating Systems Design and Implementation (OSDI).

Digital Library

[7]

Gerald Belpaire and Nai-Ting Hsu. 1975. Hardware architecture for recursive Virtual Machines. In ACM'75: 1975 annual ACM conference.

Digital Library

[8]

Muli Ben-Yehuda, Michael D. Day, Zvi Dubitzky, Michael Factor, and Nadav Har'El. 2010. The Turtles Project: Design and Implementation of Nested Virtualization. In Intl. Symp. on Computer Architecture (ISCA).

[9]

Ravi Bhargava, Benjamin Serebrin, Francesco Spadini, and Srilatha Manne. 2008. Accelerating two-dimensional page walks for virtualized systems. In Intl. Conf. on Arch. Support for Programming Languages & Operating Systems (ASPLOS).

Digital Library

[10]

Google Cloud. 2017. Introducing nested virtualization for Google Compute Engine. https://cloud.google.com/blog/products/gcp/introducing-nested-virtualization-for.

[11]

Oracle Cloud. 2019. Ravello. https://cloud.oracle.com/en_US/ravello.

[12]

Stijn Eyerman and Lieven Eeckhout. 2014. The benefit of SMT in the multi-core era: Flexibility towards degrees of thread-level parallelism. ACM SIGARCH Computer Architecture News 42, 1 (2014), 591--606.

Digital Library

[13]

Joy Fan. 2017. Nested Virtualization in Azure. https://azure.microsoft.com/en-us/blog/nested-virtualization-in-azure/.

[14]

Jayneel Gandhi, Mark D Hill, and Michael M Swift. 2016. Agile paging: exceeding the best of nested and shadow paging. In Intl. Symp. on Computer Architecture (ISCA).

Digital Library

[15]

Ada Gavrilovska, Sanjay Kumar, Himanshu Raj, Karsten Schwan, Vishakha Gupta, Ripal Nathuji, Radhika Niranjan, Adit Ranadive, and Purav Saraiya. 2007. High-performance hypervisor architectures: Virtualization in HPC systems. In Workshop on System-level Virtualization for HPC (HPCVirt).

[16]

Thomas Gleixner. 2019. L1 Terminal Fault. Document provided in the Linux kernel sources (Documents/admin-guide/lltf.rst).

[17]

Robert P. Goldberg. 1973. Architecture of virtual machines. In Workshop on virtual computer systems.

Digital Library

[18]

Robert P. Goldberg. 1974. Survey of virtual machine research. IEEE Computer Magazine (June 1974).

Digital Library

[19]

Google Cloud 2018. Enabling Nested Virtualization for VM Instances. Google Cloud.

[20]

Abel Gordon, Nadav Amit, Nadav Har'El, Muli Ben-Yehuda, Alex Landau, Assaf Schuster, and Dan Tsafrir. 2012. ELI: bare-metal performance for I/O virtualization. Intl. Conf. on Arch. Support for Programming Languages & Operating Systems (ASPLOS) (2012).

Digital Library

[21]

Alexander Graf and Joerg Roedel. 2009. Nesting the Virtualized World. Linux Plumbers Conference.

[22]

Qing He. 2009. Nested Virtualization on Xen. In Xen Summit Asia.

[23]

Andrew Herdrich, Ramesh Illikkal, Ravi Iyer, Ronak Singhal, Matt Merten, and Martin Dixon. 2012. SMT QoS: Hardware Prototyping of Thread-level Performance Differentiation Mechanisms. In Workshop on Hot Topics in Parallelism (HotPar).

[24]

Ian Hubert. 2012. Tears of steel. https://mango.blender.org.

[25]

Intel 2016. Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 3C. Intel.

[26]

Intel. 2018. Introducing Intel Scalable I/O Virtualization. https://software.intel.com/en-us/blogs/2018/06/25/introducing-intel-scalable-io-virtualization.

[27]

Mark Kettenis. 2018. https://www.mail-archive.com/[email protected]/msg99141.html.

[28]

Avi Kivity, Yaniv Kamay, Dor Laor, Uri Lublin, and Anthony Liguori. 2007. KVM: the Linux Virtual Machine Monitor. In Ottawa Linux Symp. (OLS).

[29]

Sanjay Kumar, Himanshu Raj, Karsten Schwan, and Ivan Ganev. 2007. Rearchitecting VMMs for multicore systems: The sidecore approach. In Workshop on Interaction between Operating Systems & Computer Architecture (WIOSCA).

[30]

Alex Landau, Muli Ben-Yehuda, and Abel Gordon. 2011. SplitX: Split Guest/Hypervisor Execution on Multi-Core. In USENIX Workshop on I/O Virtualization (WIOV).

Digital Library

[31]

Jacob Leverich. 2014. Mutilate: High-Performance Memcached Load Generator. https://github.com/leverich/mutilate.

[32]

Jin Tack Lim, Christoffer Dall, Shih-Wei Li, Jason Nieh, and Marc Zyngier. 2017. NEVE: Nested Virtualization Extensions for ARM. In ACM Symp. on Operating Systems Principles (SOSP).

Digital Library

[33]

David Lo, Liqun Cheng, Rama Govindaraju, Parthasarathy Ranganathan, and Christos Kozyrakis. 2015. Heracles: Improving Resource Efficiency at Scale. In Intl. Symp. on Computer Architecture (ISCA).

Digital Library

[34]

Microsoft. {n. d.}. Windows XP Mode. https://www.microsoft.com/en-us/download/details.aspx?id=8002.

[35]

Microsoft 2017. Virtualization-based Security (VBS). Microsoft. https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs.

[36]

Microsoft. 2018. Hypervisor Specifications. https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs.

[37]

Microsoft 2018. Hypervisor Top Level Functional Specification. Microsoft.

[38]

Damian L. Osisek, Kathryn M. Jackson, and Peter H. Gum. 1991. ESA/390 Interpretive-Execution Architecture, Foundation for VM/ESA. IBM Systems Journal (1991).

Digital Library

[39]

PCI-SIG 2010. Single Root I/O virtualization and sharing specification (revision 1.1 ed.). PCI-SIG.

[40]

Gerald J. Popek and Robert P. Goldberg. 1974. Formal Requirements for Virtualizable Third Generation Architectures. Comm. ACM (July 1974).

Digital Library

[41]

Clear Linux Project. 2019. Clear Linux OS. Containers made simple. https://clearlinux.org/containers.

[42]

Shaolei Ren, Yuxiong He, Sameh Elnikety, and Kathryn S. McKinley. 2013. Exploiting Processor Heterogeneity for Interactive Services. In Intl. Conf. on Autonomic Computing (ICAC).

[43]

Mendel Rosenblum and Carl Waldspurger. 2011. I/O Virtualization. ACM queue (Nov. 2011).

Digital Library

[44]

Rusty Russell. 2008. virtio: towards a de-facto standard for virtual I/O devices. Operating Systems Review (2008).

Digital Library

[45]

Scale Computing. 2018. HC3 Cloud Unity. https://www.scalecomputing.com/products/hc3-cloud-unity-cloud-platform-with-google.

[46]

Cheng-Chun Tu, Michael Ferdman, Chao tung Lee, and Tzi cker Chiueh. 2015. A Comprehensive Implementation and Evaluation of Direct Interrupt Delivery. In Intl. Conf. on Virtual execution environment (VEE).

Digital Library

[47]

Rich Uhlig, Gil Neiger, Dion Rodgers, Amy L. Santoni, Fernando C.M. Martins, Andrew V. Anderson, Steven M. Bennett, Alain KÃďgi, Felix H. Leung, and Larry Smith. 2005. Intel Virtualization Technology. Computer (May 2005).

Digital Library

[48]

Arjan van de Ven. 2018. Linux kernel mailing list discussion. https://lwn.net/ml/linux-kernel/[email protected].

[49]

VMware. 2018. What's new in performance? VMware vSphere 6.7. https://cloud.google.com/blog/products/gcp/introducing-nested-virtualization-for.

[50]

Edwin Zhai, Gregory D. Cummings, and Yaozu Dong. 2008. Live migration with pass-through device for Linux VM. In Ottawa Linux Symp. (OLS).

Cited By

Huang HLai JRao JLu HHou WSu HXu QZhong JZeng JWang XHe ZHan WLiu JMa TWu SDruschel PKaufmann AMace JFlinn JSeltzer M(2023)PVM: Efficient Shadow Paging for Deploying Secure Containers in Cloud-native EnvironmentProceedings of the 29th Symposium on Operating Systems Principles10.1145/3600006.3613158(515-530)Online publication date: 23-Oct-2023
https://dl.acm.org/doi/10.1145/3600006.3613158
Bitchebe STchana AWolf FShende SCulhane CAlam SJagode H(2022)Out of hypervisor (OoH)Proceedings of the International Conference on High Performance Computing, Networking, Storage and Analysis10.5555/3571885.3572000(1-14)Online publication date: 13-Nov-2022
https://dl.acm.org/doi/10.5555/3571885.3572000
Bitchebe STchana A(2022)Out of Hypervisor (OoH): Efficient Dirty Page Tracking in Userspace Using Hardware Virtualization FeaturesSC22: International Conference for High Performance Computing, Networking, Storage and Analysis10.1109/SC41404.2022.00092(1-14)Online publication date: Nov-2022
https://doi.org/10.1109/SC41404.2022.00092
Show More Cited By

Index Terms

Using SMT to accelerate nested virtualization
1. Security and privacy
  1. Systems security
    1. Operating systems security
      1. Virtualization and security
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Software infrastructure
        Virtual machines

Recommendations

Optimizing Nested Virtualization Performance Using Direct Virtual Hardware
ASPLOS '20: Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems

Nested virtualization, running virtual machines and hypervisors on top of other virtual machines and hypervisors, is increasingly important because of the need to deploy virtual machines running software stacks on top of virtualized cloud ...
Nested Virtualization Without the Nest
ICPP '19: Proceedings of the 48th International Conference on Parallel Processing

With the increasing popularity of containers, managing them on top of virtual machines becomes a common practice, called nested virtualization. This paper presents BrFusion and Hostlo, two solutions that address each of two networking issues of nested ...
A Low Overhead and Reliable Nested Virtualization VMM for Cloud Computing
WISA '13: Proceedings of the 2013 10th Web Information System and Application Conference

Commodity operating systems have already gained functionality of virtual machine monitor. Nested virtualization is needed to run these commodity operating systems as virtual machines. Furthermore, with nested virtualization technology, users can run a ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ISCA '19: Proceedings of the 46th International Symposium on Computer Architecture

June 2019

849 pages

ISBN:9781450366694

DOI:10.1145/3307650

General Chair:
Srilatha (Bobbie) Manne
Microsoft
,
Program Chairs:
Hillery Hunter
IBM
,
Erik Altman
IBM Research

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGARCH: ACM Special Interest Group on Computer Architecture

In-Cooperation

IEEE-CS\DATC: IEEE Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 June 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

ISF

Conference

ISCA '19

Sponsor:

SIGARCH

ISCA '19: The 46th Annual International Symposium on Computer Architecture

June 22 - 26, 2019

Arizona, Phoenix

Acceptance Rates

ISCA '19 Paper Acceptance Rate 62 of 365 submissions, 17%;

Overall Acceptance Rate 543 of 3,203 submissions, 17%

Upcoming Conference

ISCA '25

Sponsor:
sigarch

The 52nd Annual International Symposium on Computer Architecture

June 21 - 25, 2025

Tokyo , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
775
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)2

Reflects downloads up to 02 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Huang HLai JRao JLu HHou WSu HXu QZhong JZeng JWang XHe ZHan WLiu JMa TWu SDruschel PKaufmann AMace JFlinn JSeltzer M(2023)PVM: Efficient Shadow Paging for Deploying Secure Containers in Cloud-native EnvironmentProceedings of the 29th Symposium on Operating Systems Principles10.1145/3600006.3613158(515-530)Online publication date: 23-Oct-2023
https://dl.acm.org/doi/10.1145/3600006.3613158
Bitchebe STchana AWolf FShende SCulhane CAlam SJagode H(2022)Out of hypervisor (OoH)Proceedings of the International Conference on High Performance Computing, Networking, Storage and Analysis10.5555/3571885.3572000(1-14)Online publication date: 13-Nov-2022
https://dl.acm.org/doi/10.5555/3571885.3572000
Bitchebe STchana A(2022)Out of Hypervisor (OoH): Efficient Dirty Page Tracking in Userspace Using Hardware Virtualization FeaturesSC22: International Conference for High Performance Computing, Networking, Storage and Analysis10.1109/SC41404.2022.00092(1-14)Online publication date: Nov-2022
https://doi.org/10.1109/SC41404.2022.00092
Connelly JRoberts TGao XXiao JWang HStavrou A(2021)CloudSkulk: A Nested Virtual Machine Based Rootkit and Its Detection2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN48987.2021.00047(350-362)Online publication date: Jun-2021
https://doi.org/10.1109/DSN48987.2021.00047
Jia WShan JLi TShang XCui HDing XGavrilovska AZadok E(2020)vSMT-IOProceedings of the 2020 USENIX Conference on Usenix Annual Technical Conference10.5555/3489146.3489176(449-463)Online publication date: 15-Jul-2020
https://dl.acm.org/doi/10.5555/3489146.3489176
Lim JNieh JLarus JCeze LStrauss K(2020)Optimizing Nested Virtualization Performance Using Direct Virtual HardwareProceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3373376.3378467(557-574)Online publication date: 9-Mar-2020
https://dl.acm.org/doi/10.1145/3373376.3378467
Townley DPonomarev D(2019)SMT-COP: Defeating Side-Channel Attacks on Execution Units in SMT Processors2019 28th International Conference on Parallel Architectures and Compilation Techniques (PACT)10.1109/PACT.2019.00012(43-54)Online publication date: Sep-2019
https://doi.org/10.1109/PACT.2019.00012

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents