The Design and Implementation of Hyperupcalls

Authors: 

Nadav Amit and Michael Wei, VMware Research
Awarded Best Paper!

Abstract: 

The virtual machine abstraction provides a wide variety of benefits which have undeniably enabled cloud computing. Virtual machines, however, are a double-edged sword as hypervisors they run on top of must treat them as a black box, limiting the information which the hypervisor and virtual machine may exchange, a problem known as the semantic gap. In this paper, we present the design and implementation of a new mechanism, hyperupcalls, which enables a hypervisor to safely execute verified code provided by a guest virtual machine in order to transfer information. Hyperupcalls are written in C and have complete access to guest data structures such as page tables. We provide a complete framework which makes it easy to access familiar kernel functions from within a hyperupcall. Compared to state-of-the-art paravirtualization techniques and virtual machine introspection, Hyperupcalls are much more flexible and less intrusive. We demonstrate that hyperupcalls can not only be used to improve guest performance for certain operations by up to 2×but hyperupcalls can also serve as a powerful debugging and security tool.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {215939,
author = {Nadav Amit and Michael Wei},
title = {The Design and Implementation of Hyperupcalls},
booktitle = {2018 USENIX Annual Technical Conference (USENIX ATC 18)},
year = {2018},
isbn = {978-1-931971-44-7},
address = {Boston, MA},
pages = {97--112},
url = {https://www.usenix.org/conference/atc18/presentation/amit},
publisher = {USENIX Association},
month = jul
}

Presentation Audio