Abstract
Many projects of virtualized processes are emerging for less overhead than traditional virtual machines and more isolation than containers. A virtualized process uses hardware virtualization to provide a process abstraction. The virtualized processes are deemed as inefficient compared against native processes using system calls since hypercalls they use cause high-overhead context switches.
However, current performance of system calls is severely damaged by Kernel Page Table Isolation (KPTI) while hypercalls are unaffected. Unexpectedly, that gives hopes for virtualized processes to reach competitive performance against native processes.
In this paper, we propose and implement Exit-Less Hypercall, a new style of execution framework in virtualized processes by introducing asynchronity, new thread models and adaptive migration.
We evaluate the prototype and make a detailed analysis on the impacts of context switches from the native and virtualized processes with KPTI. Moreover, the experiments also show that Exit-Less Hypercall achieves a good performance improvement of up to 121% on virtualized processes using legacy hypercalls and even outperforms native processes using legacy system calls with KPTI by 81%.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Engler, D., et al.: Exokernel: an operating system architecture for application-level resource management. ACM SIGOPS Oper. Syst. Rev. 29(5), 251–266 (1995)
Cheriton, D.R., Duda, K.J.: A caching model of operating system kernel functionality. In: Proceedings of the 1st USENIX Conference on Operating Systems Design and Implementation, p. 14. USENIX Association (1994)
Leslie, I.M., et al.: The design and implementation of an operating system to support distributed multimedia applications. IEEE J. Sel. Areas Commun. 14(7), 1280–1297 (1996)
Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 973–990 (2018)
Kocher, P., et al.: Spectre attacks: exploiting speculative execution. arXiv preprint arXiv:1801.01203 (2018)
Dragoni, N., et al.: Microservices: yesterday, today, and tomorrow. In: Mazzara, M., Meyer, B. (eds.) Present and Ulterior Software Engineering, pp. 195–216. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67425-4_12
Belay, A., et al.: Dune: safe user-level access to privileged CPU features. In: Presented as Part of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2012), pp. 335–348 (2012)
Madhavapeddy, A., et al.: Unikernels: library operating systems for the cloud. In: Proceedings of the ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 461–472 (2013)
Kata Containers - The speed of containers, the security of VMs. https://katacontainers.io
gvisor - Container Runtime Sandbox. https://github.com/google/gvisor
Soares, L., Stumm, M.: FlexSC: flexible system call scheduling with exception-less system calls. In: OSDI, vol. 10, pp. 1–8 (2010)
Nikolaev, R., Back, G.: VirtuOS: an operating system with kernel virtualization. In: Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles, pp. 116–132. ACM (2013)
Drepper, U., Molnar, I.: The native POSIX thread library for Linux (2005). http://www.akkadia.org/drepper/nptl-design.pdf
glibc - The GNU C library. https://www.gnu.org/software/libc/
Al Viro: Al Viro’s new execve/kernel\(\_\)thread design. https://lwn.net/Articles/520227/
Madhavapeddy, A., et al.: Unikernels: the rise of the virtual library operating system. Commun. ACM 57(1), 61–69 (2014)
Williams, D., et al.: Unikernels as processes. In: Proceedings of the ACM Symposium on Cloud Computing, pp. 199–211. ACM (2018)
Fromm, R., Treuhaft, N.: Revisiting the cache interference costs of context switching. Computer Science Division, University of California-Berkeley (1996)
Acknowledgments
Many thanks to members of ARC Lab of Zhejiang University for their constructive comments and helps during the project. We would like to thank the anonymous reviewers for their feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, G., Lin, W., Chen, W. (2020). Exit-Less Hypercall: Asynchronous System Calls in Virtualized Processes. In: Wen, S., Zomaya, A., Yang, L. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2019. Lecture Notes in Computer Science(), vol 11944. Springer, Cham. https://doi.org/10.1007/978-3-030-38991-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-38991-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38990-1
Online ISBN: 978-3-030-38991-8
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)