Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virtualizing I/O devices on VMware Workstation's hosted virtual machine monitor. In USENIX Annual Technical Conference, Boston, MA, June 2001.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....within a HIDS, but host based IDSs do not enjoy the compromise independence of storage IDSs. A host based IDS is vulnerable to being disabled or bypassed by intruders that compromise the OS kernel. Another interesting place for a storage IDS is the virtual disk module of a virtual machine monitor [39]; such deployment would enjoy compromise independence from the OSes running in its virtual machines [4] 2.3 Warning signs for storage IDSs Successful intruders often modify stored data. For instance, they may overwrite system utilities to hide their presence, install Trojan horse daemons to ....

J. Sugerman, G. Venkitachalam, and B.-H. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. USENIX Annual Technical Conference, pages 1--14. USENIX Association, 2001.

....(2) it will do so from behind a simple interface with few additional services, and (3) it will be isolated (i.e. compromise independent) from the host software. Examples of such NIs include NICs, leaf switches in a LAN, DSL or cable modems, and NI emulators within a virtual machine monitor [37]. The benefits of embedding detection and containment functionality in an NI applies to all of these. Self securing NIs enforce policies set by the network administrator, much like distributed firewalls [14, 19, 1] In fact, administrators would configure and manage self securing NIs over the ....

Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. USENIX Annual Technical Conference (Boston, MA, 25--30 June 2001.

....enables COTS systems to be extended for the specific needs of applications. In fact, our approach places no specific requirements on the underlying OS structure. As a consequence, it is possible for our technique to implement micro kernel services, interposition agents [23, 17] virtual machines [18, 33] and entire OSes in a sandboxed region above a kernel that is, say, monolithic. Our approach differs from other solutions in that it neither relies exclusively on hardware (e.g. Palladium [6] nor software (e.g. software fault isolation [30] or Java) support. Instead, we combine both hardware ....

J. Sugerman, G. Venkitachalam, and B.-H. Lim. Virtualizing I/O devices on VMWare workstation's hosted virtual machine monitor. In Proceedings of the USENIX Annual Technical Conference, Boston, MA, June 2001.

....instruction execution without requiring binary modifications or run time translations. An important class of virtual machines ( classic VMs) consists of ISA VMs that support same ISA execution of entire operating systems (e.g. the commercial products from the IBM S 390 series [18] and VMware [30], and the open source project plex86 [22] A classic virtual machine abstraction allows for great flexibility in supporting multiple operating systems and is the focus of this paper. Nonetheless, the arguments for grid computing on virtual machines and proposed middleware approaches can be ....

....be higher. However, previous experience with successful VMM architectures has shown that such overheads can be made smaller with implementation optimizations. For instance, the impact of network virtualization in transmit throughput can be reduced via optimizations techniques applied to the VMM [30]; IBM s line of virtual machines has evolved to implement performanceenhancing techniques such as VM assists and in memory Application Resource User time Sys time User sys Overhead SPECseis VM, local disk 16557s 60s 16617s 1.2 VM, PVFS 16601s 149s 16750s 2.0 Physical 9304s 3s 9307s N A ....

[Article contains additional citation context not shown here]

J. Sugerman, G. Venkitachalan, and B.-H. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the USENIX Annual Technical Conference, June 2001.

....instruction execution without requiring binary modifications or run time translations. An important class of virtual machines ( classic VMs) consists of ISA VMs that supports same ISA execution of entire operating systems (e.g. the commercial products from the IBM S 390 series [18] and VMware [29], and the open source project plex86 [21] It is classic virtual machines that we target. 2.2 Advantages Unlike conventional operating systems, classic VMs allow efficient dynamic multiplexing of users onto physical resources at the granularity of a single user per operating system session, ....

....from resource to resource. 2.3 Performance considerations The advantages of virtual machines are for naught if they can not deliver sufficient performance. Earlier work has shown that the impact of a particular virtual machine monitor, VMware, on CPU and network performance is relatively low [29]. In this section we report on measurements that show the overhead to be low for CPU intensive tasks (less than 10 , for micro and macro benchmarks) The experimental data also shows that the costs of instantiating a dynamic virtual machine instance can be quite low, on the order of seconds. ....

Jeremy Sugerman, Ganesh Venkitachalan, and Beng-Hong Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the USENIX Annual Technical Conference, June 2001.

....Device interfaces are streamlined to minimize the number of VMM VM crossings. For example, transmitting any number of ethernet frames requires a single virtual I O instruction. By contrast, existing physical NICs can require a dozen I O instructions to implement the same functionality [39]. Additionally, Denali s virtual devices do not require initialization during startup, simplifying guest OS device driver implementation and reducing OS boot time. 3.2 The Yakima VMM implementation Our prototype VMM implementation, called Yakima, runs in ring 0 on bare x86 hardware. Yakima is ....

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

....function, 2) it will do so from behind a simple interface with few additional services, and (3) it will be isolated (i.e. compromise independent) from the remainder of the host software. Examples of such NIs include NICs, DSL or cable modems, and NI emulators within a virtual machine monitor [39]. As well, leaf switches have these properties for the hosts directly connected to them. The concepts and challenges of embedding the new functionality in an NI applies equally to each of these. We define such an NI to be a self securing NI if it internally monitors and enforces policies on ....

Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. Annual USENIX Technical Conference (Boston, MA, 25--30 June 2001.

....paper, we present the design, implementation, and evaluation of the Denali isolation kernel, an x86 based operating system that isolates untrusted software services in separate protection domains. The architecture of Denali is similar to that of virtual machine monitors such as Disco [6] VMWare [31], and VM 370 [9] A virtual machine monitor carves a physical machine into multiple virtual machines; by virtualizing all hardware resources, a VMM can prevent one VM from even naming the resources of another VM, let al..one modifying them. To support unmodi ed legacy guest OSs and applications, ....

....default, there is no virtual MMU. In this con guration, a VM s OS shares its address space with applications, similar to a libOS in Exokernel [20] Exposing a single address space to each VM improves performance, by avoiding TLB ushes during context switches between applications in the same VM [31]. We have recently added support for an optional, virtual MMU to Denali; this virtual MMU looks nothing like the underlying x86 based physical MMU, but instead is modeled after a simple softwareloaded TLB, similar to those of modern RISC architectures. A software loaded TLB has the advantage that ....

[Article contains additional citation context not shown here]

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

....domains can be structured to run in multiple virtual machines. Moreover, omitting virtual memory from the architecture improves performance by reducing TLB misses during guest OS context switches; this overhead was found to be significant during a recent measurement of VMWare s workstation product [18]. Denali exposes virtual I O devices to virtual machines, but the interfaces to these devices have been drastically simplified relative to real hardware devices. For example, the virtual Ethernet device supports two operations: packet send and packet receive. The interface to real hardware ....

....been drastically simplified relative to real hardware devices. For example, the virtual Ethernet device supports two operations: packet send and packet receive. The interface to real hardware devices is often more complex than necessary, which can lead to reduced performance during virtualization [18]. The Denali architecture greatly simplifies virtual machine initialization. There is no BIOS exposed, and all Denali virtual devices power on in a well known boot state, eliminating the need for a guest OS to initialize devices. These changes dramatically reduce the complexity of both our ....

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

No context found.

Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virtualizing I/O devices on VMware Workstation's hosted virtual machine monitor. In USENIX Annual Technical Conference, Boston, MA, June 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B.-H. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B.-H. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. USENIX Annual Technical Conference (Boston, MA, 25--30 June 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proc. of the 2001.

No context found.

Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virtualizing I/O devices on VMware Workstation's hosted virtual machine monitor. In USENIX Annual Technical Conference, Boston, MA, June 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. In Proceedings of the USENIX 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

No context found.

Jeremy Sugerman, Ganesh Venkitachalam, , and BengHong Lim. Virtualizing I/O Devices on VMware Workstation 's Hosted Virtual Machine Monitor. In Proceedings of the Annual USENIX Technical Conference, pages 25--30, June 2001.

No context found.

J. Sugerman, G. Venkitachalam, B. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. Proceedings of the USENIX Annual Technical Conference, June 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the 2001.

No context found.

J. Sugerman, G. Venkitachalam, and B. Lim. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor. In Proceedings of the USENIX 2001.

No context found.

SUGERMAN, J., VENKITACHALAN, G., AND LIM, B.-H. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the USENIX Annual Technical Conference (June 2001).

No context found.

Jeremy Sugerman, Ganesh Venkitachalam, and BengHong Lim. Virtualizing I/O devices on VMware workstation 's hosted virtual machine monitor. In Proc. of the 2001.

No context found.

SUGERMAN, J., VENKITACHALAN, G., AND LIM, B.-H. Virtualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of the USENIX Annual Technical Conference (June 2001).

No context found.

Jeremy Sugerman, Ganesh Venkitachalam, and Beng-Hong Lim. Virualizing I/O devices on VMware workstation's hosted virtual machine monitor. In Proceedings of Usenix Annual Technical Conference, June 2001.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC