This paper addresses the problem of providing spatial and temporal isolation between execution domains in a hypervisor running on an ARM multicore platform. Isolation is achieved by carefully managing the two primary shared hardware resources of today's multicore platforms: the last-level cache (LLC) and the DRAM memory controller. The XVISOR open-source hypervisor and the ARM Cortex A7 platform have been used as reference systems for the purpose of this work. Spatial partitioning on the LLC has been implemented by means of cache coloring, which has been tightly integrated with the ARM virtualization extensions (ARM-VE) to deal with the memory virtualization capabilities offered by a two-stage memory management unit (MMU). Temporal isolation on the DRAM controller has been implemented by realizing a memory bandwidth reservation mechanism, which has been combined with the scheduling logic of the hypervisor. An extensive experimental evaluation has been performed on the popular Raspberry Pi 2 board, showing the effectiveness of the implemented solutions on a case-study composed of multiple Linux domains running state-of-the-art benchmarks.
Supporting temporal and spatial isolation in a hypervisor for ARM multicore platforms
MODICA, Paolo;Alessandro Biondi;Giorgio Buttazzo;
2018-01-01
Abstract
This paper addresses the problem of providing spatial and temporal isolation between execution domains in a hypervisor running on an ARM multicore platform. Isolation is achieved by carefully managing the two primary shared hardware resources of today's multicore platforms: the last-level cache (LLC) and the DRAM memory controller. The XVISOR open-source hypervisor and the ARM Cortex A7 platform have been used as reference systems for the purpose of this work. Spatial partitioning on the LLC has been implemented by means of cache coloring, which has been tightly integrated with the ARM virtualization extensions (ARM-VE) to deal with the memory virtualization capabilities offered by a two-stage memory management unit (MMU). Temporal isolation on the DRAM controller has been implemented by realizing a memory bandwidth reservation mechanism, which has been combined with the scheduling logic of the hypervisor. An extensive experimental evaluation has been performed on the popular Raspberry Pi 2 board, showing the effectiveness of the implemented solutions on a case-study composed of multiple Linux domains running state-of-the-art benchmarks.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
