Virtual Machine Monitor Indigenous Memory Reclamation Technique
Автор: Muhammad Shams Ul Haq, Lejian Liao, Ma Lerong
Журнал: International Journal of Information Technology and Computer Science(IJITCS) @ijitcs
Статья в выпуске: 4 Vol. 8, 2016 года.
Бесплатный доступ
Sandboxing is a mechanism to monitor and control the execution of malicious or untrusted program. Memory overhead incurred by sandbox solutions is one of bottleneck for sandboxing most of applications in a system. Memory reclamation techniques proposed for traditional full virtualization do not suit sandbox environment due to lack of full scale guest operating system in sandbox. In this paper, we propose memory reclamation technique for sandboxed applications. The proposed technique indigenously works in virtual machine monitor layer without installing any driver in VMX non root mode and without new communication channel with host kernel. Proposed Page reclamation algorithm is a simple modified form of Least recently used page reclamation and Working set page reclamation algorithms. For efficiently collecting working set of application, we use a hardware virtualization extension, page Modification logging introduced by Intel. We implemented proposed technique with one of open source sandboxes to show effectiveness of proposed memory reclamation method. Experimental results show that proposed technique successfully reclaim up to 11% memory from sandboxed applications with negligible CPU overheads.
Sandbox, Library OS, Virtualization, Memory Management, Memory reclamation
Короткий адрес: https://sciup.org/15012471
IDR: 15012471
Список литературы Virtual Machine Monitor Indigenous Memory Reclamation Technique
- Chia-Che Tsai , Kumar Saurabh Arora , Nehal Bandi , Bhushan Jain , William Jannen , Jitin John , Harry A. Kalodner , Vrushali Kulkarni , Daniela Oliveira , Donald E. Porter, Cooperation and security isolation of library OSes for multi-process applications, Proceedings of the Ninth European Conference on Computer Systems, April 14-16, 2014, Amsterdam, The Netherlands
- Potter S, Nieh J. Apiary: easy-to-use desktop application fault containment on commodity operating systems. In: USENIX Annual Technical Conference. Boston, MA, USA: USENIX Association; 2010.
- Whitaker A, Shaw M, Gribble SD. Denali: lightweight virtual machines for distributed and networked applications. In: 5th USENIX Symposium on Operating Systems Design and Implementation. Boston, MA, USA: USENIX Association; 2002. p. 195-209
- Rutkowska J, Wojtczuk R. Invisible things lab, technical report: Version 0.3 Qubes OS architecture; 2010
- Parallels Inc. Virtuozzo containers. http://www.parallels.com/au/products/pvc46/
- Avi Kivity, Dor Laor, Glauber Costa, Pekka Enberg, Nadav Har’El, Don Marti, and Vlad Zolotarov, Sv—optimizing the operating system for virtual machines. In Proc. USENIX Annual Technical Conference (ATC) (Philadelphia, PA, June 2014), USENIX Association, pp. 61–72.
- A. Belay, A. Bittau, A. Mashtizadeh, D. Terei, D. Mazi`eres, and C. Kozyrakis. Dune: safe user-level access to privileged CPU features. In OSDI, pages 335–348, 2012
- Carl A. Waldspurger, Memory resource management in VMware ESX server, ACM SIGOPS Operating Systems Review, v.36 n.SI, Winter 2002 [doi>10.1145/844128.844146]
- D. Hansen, M. Kravetz, B. Christiansen, and M. Tolentino, “Hotplug Memory and the Linux VM,” in Proc. Linux Symp., July 2004, pp. 278–294.
- A. Arcangeli, I. Eidus, and C. Wright. Increasing memory density by using ksm. In Proc. of Linux Symposium, July 2009
- http://dune.scs.stanford.edu/ (time accessed: 13th Jan 2016).
- R. Uhlig, G. Neiger, D. Rodgers, A. Santoni, F. Martins, A. Anderson,S. Bennett, A. Kagi, F. Leung, and L. Smith. Intel Virtualization Technology. Computer, 38(5):48 – 56, May 2005.
- http://www.intel.co.uk/content/dam/www/public/us/en/documents/white-papers/page-modification-logging-vmm-white-paper.pdf. (Time accessed: 13th Jan., 2016)
- A. Kivity, Y. Kamay, D. Laor, U. Lublin, and A. Liguori. kvm: the Linux virtual machine monitor. In OLS '07: The 2007 Ottawa Linux Symposium, pages 225--230, July 2007.
- Paul Barham , Boris Dragovic , Keir Fraser , Steven Hand , Tim Harris , Alex Ho , Rolf Neugebauer, Ian Pratt , Andrew Warfield, Xen and the art of virtualization, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing,NY,USA [doi>10.1145/945445.945462]
- Magenheimer, “Memory overcommit. . . without the commitment,” in Proc. Xen Summit, Jun. 2008, pp. 1–3.
- A. Gordon, M. R Hines, D. D Silva, M. Ben-Yehuda, M. Silva, and G. Lizarraga, “Ginkgo: Automated, application-driven memory overcommitment for cloud computing,” in Proc. RESoLVE: Runtime Environm./Syst., Layering, Virtualized Environ. Workshop, 2011.
- J. Heo, X. Zhu, P. Padala, and Z. Wang, “Memory overbooking and dynamic control of Xen virtual machines in consolidated environments,” in Proc. IFIP/IEEE Symp. Integr. Manage, Jun. 2009, pp. 630–637.
- W. Zhao and Z. Wang, “Dynamic memory balancing for virtual machines,” in Proc. ACM Int. Conf. Virtual Execution Environ., Mar. 2009, pp. 21–30.
- J. R. Douceur, J. Elson, J. Howell, and J. R. Lorch. Leveraging legacy code to deploy desktop applications on the web. In OSDI, 2008.
- https://linuxcontainers.org/lxc/introduction/ (time accessed: 13th Jan., 2016)
- Memory hotplug for Xen, 2011, [Online]. Available: https://lkml.org/lkml/2011/3/28/108 (time accessed 13th jan., 2016)
- https://wiki.opnfv.org/nfv\_hypervisors-kvm (time accessed 13th jan., 2016)
- N. Khameesy and H. A. Mohamed “A Proposed Virtualization Technique to Enhance IT Services” in I.J. Information Technology and Computer Science. 2012,12,21-30
- M. Anjum, M.. A. Haque, N. Ahmad “Analysis and Ranking of Software Reliability Models Based on Weighted Criteria Value” in I.J. Information Technology and Computer Science,2013,02,1-14