Description
Modern virtualization extensions leverage two levels of page tables to
translate virtual addresses into physical addresses in the RAM. However, each memory
address processed during the page table walk in the first level leads to a page table walk
in the second level, which induces significant performance penalty.
In this work, we continue exploring the prospect of removing the first level address
translation to increase performance in virtualized systems. Since memory management
and process isolation in the kernel rely heavily on first level page tables we require
alternative solutions to handle process memory using Second Level Address Translation
(SLAT). We introduce a hypervisor interface that guests can use via specific hypercalls to
create/destroy, switch, and modify per-process SLAT address spaces. The interface
further provides memory management facilities to make memory exclusively available
in certain SLAT page tables and allows fine grained access rights adjustments for the
memory mappings. The features are designed carefully to retain inter-guest isolation in
multi-guest environments. We implement the hypercalls in the open source hypervisor
Bao running on the RISC-V architecture and instrument the Linux kernel to use the new
hypervisor interface during process and memory management to test our design.
Our prototype evaluation shows that the user space process management via fork and
the mmap syscall experience a slowdown of 3x and 1.7x, respectively, while the kernel’s
page allocation and context switching incur 13.97x and 9.04x slowdown, respectively.
To further facilitate the goal of removing first level page tables from the kernel, we
discuss additional challenges and propose various soft- and hardware optimization
strategies for our design. The results of this work provide a secure fundament for a
promising optimization strategy.
|
