SlideShare a Scribd company logo

ARM Architecture-based System Virtualization: Xen ARM open source software project

The Linux Foundation
The Linux Foundation
Technology
1 of 21
Download to read offline
ARM Architecture-based System Virtualization: Xen ARM open source software project Sang-bum Suh Vice President, Jae-min Ryu Research Staff {sbuk.suh, jm77.ryu}@samsung.com S/W Platform Team DMC Research Center SAMSUNG Electronics Co. 2011.08. Xen Summit North America 2011 © 2011 SAMSUNG Electronics Co.
Agenda Overview - History of Xen ARM - Use Cases Xen ARM: Core - Xen ARM Virtualization - Performance Comparison Xen ARM Application: Security - Mobile Malware - Access Control Xen ARM Application: Real-time - Xen ARM: Preemption - Real-time Performance © 2011 SAMSUNG Electronics Co.
Overview © 2011 SAMSUNG Electronics Co.
History of Xen ARM ‘04 ‘08 ‘09 ‘10 Xen ARM 1st Xen ARM 2nd Xen ARM 3rd Xen ARM 4th x86 Xen Hypervisor Release: Release: Release: Release: Release ARM9 Xen Paravirtualized ARM11MPCore Performance (Cambridge university) Hypervisor, Linux kernel Support Optimization Mini-OS (v2.6.24), Xen tool (Samsung) (Samsung) (Samsung) (Samsung) Xen-ARM Open Source Community  Samsung leads the Xen ARM project  http://wiki.xensource.com/xenwiki/XenARM Supported Hardware & Guest OS  ARM926EJ-S (i.MX21, OMAP5912)  Linux v2.6.11, v2.6.18, v2.6.21, v2.6.24, v2.6.27  Xscale 3rd Generation Architecture (multicore supported)  uC/OS-II (PXA310, Samsung SGH- i780)  ARM1136/ARM1176(Core Only)  Goldfish (QEMU Emulator)  Versatile Platform Board  ARM11MPCore (Realview PB11MP)  Cortex-A9 (Tegra250) © 2011 SAMSUNG Electronics Co. SW Platform Team. 3 / 22
Use Cases 1 – HW Consolidation: AP(Application Processor) and BP(Baseband Processor) can share multicore ARM CPU SoC in order to run both Linux and Real-time OS efficiently. 2 – OS Isolation: important call services can be effectively separated from downloaded third party applications by Xen ARM combined with access control. 3 – Rich User Experience: multiple OS domains can run concurrently on a single smartphone. 1 2 3 를 Android Nucleus Secure Kernel Linux GPOS RTOS Virtualization SW (Realtime Hypervisor) V -Core V -Core V -Core V -Core V -Core V-Core V-Core V -Core Core Core Core Core Linux 1 Linux 2 Memory Multi-Core Peri Important Hypervisor Hypervisor services H/W Hardware AP SoC +BP SoC -> Consolidated Multicore SoC Secure Smartphone Rich Applications from Multiple OS © 2011 SAMSUNG Electronics Co. SW Platform Team. 4 / 22
Xen ARM: Core © 2011 SAMSUNG Electronics Co.
Xen ARM Virtualization Goals  Light weight virtualization for secure 3G/4G mobile devices  High performance hypervisor based on ARM processor  Fine-grained access control fitted to mobile devices Architecture of Xen-ARM VM 0 VM 1 Application Application Application Application Guest Backend Drivers Frontend Drivers Domain Native Drivers VM Interface VM Interface Secure Domain Resource Access Xen-ARM Manager Allocator Control hypervisor Hardware Peripheral System Flash CPU Devices Memory Memory © 2011 SAMSUNG Electronics Co. SW Platform Team. 6 / 22
Xen ARM Virtualization Overview Logical mode split  CPU virtualization  Virtualization requires 3 privilege CPU level, but ARM supports 2 level Xen-ARM mode   Xen-ARM mode: supervisor mode ( most privileged level) virtual kernel mode  virtual user mode   Virtual kernel mode: User mode ( least privileged level)  Virtual user mode: User mode ( least privileged level) VM 0 VM 1 VM 2 VM 2 Xen-ARM  Memory virtualization Address Spaces Address Spaces Address Spaces VM 1 Kernel  VM’s own memory should be VM 0 User Process User Process User Process User Process Xen-ARM protected from others MMU  Xen-ARM switches VM’s virtual address space Xen-ARM Physical Virtual Address Space Address Space using MMU  VM is not allowed to manipulate MMU directly VM0 (Linux) VM1 (Linux ) Application Application Application Application Application Application  I/O virtualization Front-end  Split driver model of Xen-ARM Native driver Back-end driver driver  Client & Server architecture for shared I/O devices I/O event  Client: frontend driver Interrupt Xen-ARM  Server: native/backend driver Device © 2011 SAMSUNG Electronics Co. SW Platform Team. 7 / 22
Performance Comparison Micro-benchmark Results LMBENCH Micro Benchmark ( Bandwidth )  Evaluation Environments : Samsung Blackjack Phone  CPU : Xscale PXA310, 624MHz Higher is better  L1 Cache : 32KB + 32KB  L2 Cache : 256KB (Disabled)  Memory : 128MB  Guest OS: Linux-2.6.21 LMBENCH Micro Benchmark ( latency ) Lower is better © 2011 SAMSUNG Electronics Co. SW Platform Team. 8 / 22
Performance Comparison Micro-benchmark Results  Evaluation Environments : nVidia Tegra250  CPU : Cortex-A9 1GHz Dual Core  L1 Cache : 32KB + 32KB Lower is better  L2 Cache : 1MB 1600  Memory : 1GB 1400 Native Linux Para-virtualized Linux  Guest OS: Linux-2.6.29 1200 (Latency) usec 1000 800 600 400 200 0 LMBENCH Micro Benchmark ( latency ) © 2011 SAMSUNG Electronics Co. SW Platform Team. 9 / 22
Performance Comparison Benchmark Results LMBENCH Micro Benchmark ( latency ) 9  Evaluation Environments : Samsung Higher is better Xen/ARM L4 8 Relative Performance Blackjack Phone 7  CPU : Xscale PXA310, 624MHz  L1 Cache : 32KB + 32KB 6  L2 Cache : 256KB (Disabled) 5  Memory : 128MB 4  Guest OS: Linux-2.6.21 3 2 1 0 AIM7 Macro Benchmark S : size(byte) P : # of processes Normalized Performance 1 0.8 0.6 Native Linux Xen/ARM 0.4 L4 0.2 0 1 2 3 Number of Tasks © 2011 SAMSUNG Electronics Co. SW Platform Team. 10 / 22
Xen ARM Application For Security © 2011 SAMSUNG Electronics Co.
Mobile Malware [Source: F-Secure] Number of mobile malware 600 - More than 420 mobile phone 400 421 viruses (2008) 345 400 - Tens of thousands of infections worldwide 146 200 27 0 2004 2005 2006 2007 2008 [Source: McAfee] Concerns about mobile phone 100% 16.1 18.4 6.9 13.9 security – by market 80% 60% 93.1 86.1 83.9 81.6 40% Feel safe 20% Concerned 0% UK US Japan Total © 2011 SAMSUNG Electronics Co. SW Platform Team. 12 / 22
Access Control Definition: Access control is a system which enables an authority to control area and resources in a given physical facility or computer-based information system [source: Wikipedia] Technical Issues Problem with performance isolation  Availability threat: denial of service (DoS) attack from a compromised domain in a mobile device - CPU overuse: a greater share of CPU time than initial allocation - Performance degradation: The Performance of other domains that share the same I/O device with the compromised domain - Battery drain Isolated Driver Domain1 DomainN Domain (IDD) Malware Excessive I/O … Requests Back-end Front-end Front-end Device drivers Device drivers Device drivers Native Device drivers Secure Xen Devices Hardware © 2011 SAMSUNG Electronics Co. SW Platform Team. 13 / 22
Access Control Approach Technical Issues Fine-grained I/O access control module in the IDD and coarse-grained access control module in Xen Estimation of CPU consumption by each virtual I/O operation using regression analysis - Network and storage devices I/O access control enforcement based on the policy and regression equations Target HW spec: XScale 624MHz, 128MB DRAM Domain0 (IDD) Kernel Domain1 Kernel Regression Analysis: Network (4). Asking for decision Access Control fNET, Tx(x) = 370.18 + 0.01 * x Hook Backend Frontend Enforcer driver driver (I/O Scheduler) (3). Connecting to backend driver Regression Analysis: Storage (5). Virtual I/O CPU Usage fMTD,READ(x) = 250 + 0.24 * x (1). Loading policy I/O Resource fMTD,READOOB(x) = 533 + 0.06 * x Accounting fMTD,WRITE(x) = 160 + 0.24 * x fMTD,WRITEOOB(x) = 583 (2). Loading equations fMTD,ERASE(x) = 153.33 + 0.02 * x fMTD,ISBADBLOCK(x) = 58 Secure Xen on ARM fMTD,MARKBAD(x) = 60 Secure Storage x: bytes, f(x): usec © 2011 SAMSUNG Electronics Co. SW Platform Team. 14 / 22
Access Control Effectiveness Technical Issues CPU Utilization: Network Test Environment Domain0 (IDD) Domain1 iperf (client) Policy net_atk CPU 100 bonnie Manager mtd_atk Usage (%) iperf (server) Linux 80 Linux kernel v2.6.21 Kernel TcN0 minicom I/O ACM v2.6.21 Linux 60 kernel Secure Xen on ARM TcN1 40 TcN2 Serial Cable Measurement Cable 20 TcN3 WT3000 power meter SGH-i780 Power Meter 0 Linux PC SGH-i780 3 6 9 12 15 18 21 24 27 30 net_atk: UDP packet flooding (sending out UDP packets with the Time size of 44,160 bytes every 1msec) (Sec) mtd_atk: excessive NAND READ operations (scanning every directory in the filesystem and reading file contents) CPU Utilization: Storage CPU 100 Usage Test Cases (%) 80 Network I/O Test Storage I/O Test Cases Cases TcS0 60 No Attack TcN0 TcS0 TcS1 Under Attack 40 (No I/O ACM) TcN1 TcS1 TcS2 Under Attack 20 TcS3 TcN2 TcS2 (20% I/O ACM Policy) Under Attack TcN3 TcS3 0 (10% I/O ACM Policy) 3 6 9 12 15 18 21 24 27 30 Time (Sec) © 2011 SAMSUNG Electronics Co. SW Platform Team. 15 / 22
Access Control Effectiveness Throughput: Network No attack 800 700 Throughput (KB/Sec) 600  Throughput increase and power consumption 500 UDP decrease even under malware attack Under 400 attack TCP 300 200 100 0 TcN0 TcN1 TcN2 TcN3 Power Consumption Test Cases No attack Under attack Throughput: Storage 3 No attack 4500 2.5 Throughput (KB/Sec) 4000 2 3500 Under 3000 attack 1.5 Network 2500 Seq.out Storage 2000 Seq.in 1 1500 Rand.seek 1000 0.5 500 Test Cases 0 0 TcS0 TcS1 TcS2 TcS3 TcN0/TcS0 TcN1/TcS1 TcN2/TcS2 TcN3/TcS3 16 Test Cases Test Cases 2011 SAMSUNG Electronics Co. © SW Platform Team. 16 / 22
Xen ARM Application For Real-time © 2011 SAMSUNG Electronics Co.
Xen ARM: Pre-emption Status of real-time support Technical Issues  The jitter of timer interrupt latency by the hypervisor is bounded within 10% compared with native real-time OS. Technical Issue  DI and NP sections should be minimized. Latency caused by interrupt-disabled(DI) section Latency caused by non-preemptible(NP) section EN DI EN P NP P Time Time interrupt VM interrupt interrupt VM handler switch handler handler switch Delay Urgent Interrupt Delay Urgent Interrupt Wake up next VM  Hypervisor should support RT Domain via priority-based scheduling, VMM pre-emption and so on. Delay Non RT Non RT Non RT Voluntary Guest RT RT Non RT Domain Interrupt Domain Domain Domain Interrupt domain CPU domain Domain (Running) occurs (Running) (Running) occurs release time Xen-ARM Interrupt Timer Interrupt Send IRQ to Real-time Domain (As Non RT Domain has credits, Scheduling Scheduling Scheduling RT Domain is not scheduled. Furthermore Xen cannot tell difference between Non RT Domain and RT Domain.) Preemption © 2011 SAMSUNG Electronics Co. SW Platform Team. 18 / 22
Real-time Performance • Evaluation Environment  Cyclictest benchmark repeats Category Description 1. RT task sleeps for 10ms 2. Timer interrupt will occur after 10ms H/W CPU Cortex-A9 / 1GHz / Dual Core 3. Timer interrupt wakes up the RT (Tegra250) RAM 1GB domain(uC/OS-II) 4. uC/OS-II preempts Xen-ARM S/W Hypervisor Xen-ARM 5. RT task is scheduled 6. RT task logs timestamp Guest OS Linux-2.6.29 (DOM0) (Running Busy Loop Task) Guest OS uC/OS-II (DOM1) (Running RT Task : Cyclictest benchmark) Native(uC/OS-II) Min Avg Max 9995 9996.810169 10000 Xen-ARM(uC/OS-II) Min Avg Max Response Overhead(3us) 9996 9999.327119 10001 Unit : usec © 2011 SAMSUNG Electronics Co. SW Platform Team. 19 / 22
Q&A © 2011 SAMSUNG Electronics Co.

Recommended

Xen RAS Status and Progress
Xen RAS Status and ProgressXen RAS Status and Progress
Xen RAS Status and ProgressThe Linux Foundation
 
kexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorkexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorThe Linux Foundation
 
Bare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationBare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Stefano Stabellini
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 
Xen io
Xen ioXen io
Xen iowangyuanzhf
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationThe Linux Foundation
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorThe Linux Foundation
 

Recommended

Xen RAS Status and Progress
Xen RAS Status and ProgressXen RAS Status and Progress
Xen RAS Status and ProgressThe Linux Foundation
 
kexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorkexec / kdump implementation in Linux Kernel and Xen hypervisor
kexec / kdump implementation in Linux Kernel and Xen hypervisorThe Linux Foundation
 
Bare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationBare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Stefano Stabellini
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 
Xen io
Xen ioXen io
Xen iowangyuanzhf
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationThe Linux Foundation
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorThe Linux Foundation
 
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, IntelXPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, IntelThe Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsThe Linux Foundation
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondThe Linux Foundation
 
Realtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKTRealtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKTThe Linux Foundation
 
PVH : PV Guest in HVM container
PVH : PV Guest in HVM containerPVH : PV Guest in HVM container
PVH : PV Guest in HVM containerThe Linux Foundation
 
LFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen AutomotiveLFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen AutomotiveThe Linux Foundation
 
Ian Pratt Nsdi Keynote Apr2008
Ian Pratt Nsdi Keynote Apr2008Ian Pratt Nsdi Keynote Apr2008
Ian Pratt Nsdi Keynote Apr2008The Linux Foundation
 
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...The Linux Foundation
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudThe Linux Foundation
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...The Linux Foundation
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011The Linux Foundation
 
Hardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsHardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsThe Linux Foundation
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the LineThe Linux Foundation
 
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...The Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XS Boston 2008 Memory Overcommit
XS Boston 2008 Memory OvercommitXS Boston 2008 Memory Overcommit
XS Boston 2008 Memory OvercommitThe Linux Foundation
 
Xen & virtualization
Xen & virtualizationXen & virtualization
Xen & virtualizationSusheel Thakur
 
20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation Maven20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation MavenArnaud Héritier
 

More Related Content

What's hot

XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, IntelXPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, IntelThe Linux Foundation
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMThe Linux Foundation
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesThe Linux Foundation
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsThe Linux Foundation
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondThe Linux Foundation
 
Realtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKTRealtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKTThe Linux Foundation
 
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...The Linux Foundation
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudThe Linux Foundation
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...The Linux Foundation
 
Hardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsHardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsThe Linux Foundation
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...The Linux Foundation
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the LineThe Linux Foundation
 
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...The Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 

What's hot (20)

XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, IntelXPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
XPDS13: HVM Dom0 - Any unmodified OS as Dom0 - Will Auld, Intel
 
Linaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARMLinaro connect : Introduction to Xen on ARM
Linaro connect : Introduction to Xen on ARM
 
Mobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen TechnologiesMobile Virtualization using the Xen Technologies
Mobile Virtualization using the Xen Technologies
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and Beyond
 
Realtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKTRealtime scheduling for virtual machines in SKT
Realtime scheduling for virtual machines in SKT
 
PVH : PV Guest in HVM container
PVH : PV Guest in HVM containerPVH : PV Guest in HVM container
PVH : PV Guest in HVM container
 
LFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen AutomotiveLFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen Automotive
 
Ian Pratt Nsdi Keynote Apr2008
Ian Pratt Nsdi Keynote Apr2008Ian Pratt Nsdi Keynote Apr2008
Ian Pratt Nsdi Keynote Apr2008
 
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
LCEU14: Integrating Linux and the Real-Time ERIKA OS Through the Xen Hypervis...
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the Cloud
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
Hardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ ProcessorsHardware accelerated Virtualization in the ARM Cortex™ Processors
Hardware accelerated Virtualization in the ARM Cortex™ Processors
 
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bi...
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
 
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
XPDS14: Porting FreeRTOS to Xen on the ARM Cortex A15 - Jonathan Daugherty, G...
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XS Boston 2008 Memory Overcommit
XS Boston 2008 Memory OvercommitXS Boston 2008 Memory Overcommit
XS Boston 2008 Memory Overcommit
 

Viewers also liked

20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation Maven20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation MavenArnaud Héritier
 
4. Memory virtualization and management
4. Memory virtualization and management4. Memory virtualization and management
4. Memory virtualization and managementHwanju Kim
 
3. CPU virtualization and scheduling
3. CPU virtualization and scheduling3. CPU virtualization and scheduling
3. CPU virtualization and schedulingHwanju Kim
 

Viewers also liked (6)

Xen & virtualization
Xen & virtualizationXen & virtualization
Xen & virtualization
 
20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation Maven20081023 - Paris Vi Master STL TA - Initiation Maven
20081023 - Paris Vi Master STL TA - Initiation Maven
 
2. OS vs. VMM
2. OS vs. VMM2. OS vs. VMM
2. OS vs. VMM
 
Xen Memory Management
Xen Memory ManagementXen Memory Management
Xen Memory Management
 
4. Memory virtualization and management
4. Memory virtualization and management4. Memory virtualization and management
4. Memory virtualization and management
 
3. CPU virtualization and scheduling
3. CPU virtualization and scheduling3. CPU virtualization and scheduling
3. CPU virtualization and scheduling
 

Similar to ARM Architecture-based System Virtualization: Xen ARM open source software project

Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTThe Linux Foundation
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)The Linux Foundation
 
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixThe Linux Foundation
 
LinuxCon NA 2012: Virtualization in the cloud featuring xen
LinuxCon NA 2012: Virtualization in the cloud featuring xenLinuxCon NA 2012: Virtualization in the cloud featuring xen
LinuxCon NA 2012: Virtualization in the cloud featuring xenThe Linux Foundation
 
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
 
Xen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilXen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilThe Linux Foundation
 
virtualization tutorial at ACM bangalore Compute 2009
virtualization tutorial at ACM bangalore Compute 2009virtualization tutorial at ACM bangalore Compute 2009
virtualization tutorial at ACM bangalore Compute 2009ACMBangalore
 
Xen summit 2010 extending xen into embedded
Xen summit 2010 extending xen into embeddedXen summit 2010 extending xen into embedded
Xen summit 2010 extending xen into embeddedThe Linux Foundation
 
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...The Linux Foundation
 
Ok Labs Webinar Android Migration At The Speed Of Light
Ok Labs Webinar Android Migration At The Speed Of LightOk Labs Webinar Android Migration At The Speed Of Light
Ok Labs Webinar Android Migration At The Speed Of LightOpen Kernel Labs
 
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012The Linux Foundation
 
Google Android Naver 1212
Google Android Naver 1212Google Android Naver 1212
Google Android Naver 1212Yoojoo Jang
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresThe Linux Foundation
 
Porting linux on ARM
Porting linux on ARMPorting linux on ARM
Porting linux on ARMSatpal Parmar
 
Track A-Shmuel Panijel, Windriver
Track A-Shmuel Panijel, WindriverTrack A-Shmuel Panijel, Windriver
Track A-Shmuel Panijel, Windriverchiportal
 

Similar to ARM Architecture-based System Virtualization: Xen ARM open source software project (20)

Embedded Virtualization applied in Mobile Devices
Embedded Virtualization applied in Mobile DevicesEmbedded Virtualization applied in Mobile Devices
Embedded Virtualization applied in Mobile Devices
 
XS Boston 2008 ARM
XS Boston 2008 ARMXS Boston 2008 ARM
XS Boston 2008 ARM
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XT
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)
 
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
 
LinuxCon NA 2012: Virtualization in the cloud featuring xen
LinuxCon NA 2012: Virtualization in the cloud featuring xenLinuxCon NA 2012: Virtualization in the cloud featuring xen
LinuxCon NA 2012: Virtualization in the cloud featuring xen
 
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
 
Xen Project Update LinuxCon Brazil
Xen Project Update LinuxCon BrazilXen Project Update LinuxCon Brazil
Xen Project Update LinuxCon Brazil
 
virtualization tutorial at ACM bangalore Compute 2009
virtualization tutorial at ACM bangalore Compute 2009virtualization tutorial at ACM bangalore Compute 2009
virtualization tutorial at ACM bangalore Compute 2009
 
Xen summit 2010 extending xen into embedded
Xen summit 2010 extending xen into embeddedXen summit 2010 extending xen into embedded
Xen summit 2010 extending xen into embedded
 
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
Dealing with Hardware Heterogeneity Using EmbeddedXEN, a Virtualization Frame...
 
Ok Labs Webinar Android Migration At The Speed Of Light
Ok Labs Webinar Android Migration At The Speed Of LightOk Labs Webinar Android Migration At The Speed Of Light
Ok Labs Webinar Android Migration At The Speed Of Light
 
Virtualization in the cloud
Virtualization in the cloudVirtualization in the cloud
Virtualization in the cloud
 
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
Virtualization in the Cloud @ Build a Cloud Day SFO May 2012
 
Google Android Naver 1212
Google Android Naver 1212Google Android Naver 1212
Google Android Naver 1212
 
Nos Windows
Nos WindowsNos Windows
Nos Windows
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security features
 
Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008Ina Pratt Fosdem Feb2008
Ina Pratt Fosdem Feb2008
 
Porting linux on ARM
Porting linux on ARMPorting linux on ARM
Porting linux on ARM
 
Track A-Shmuel Panijel, Windriver
Track A-Shmuel Panijel, WindriverTrack A-Shmuel Panijel, Windriver
Track A-Shmuel Panijel, Windriver
 

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityThe Linux Foundation
 

More from The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 

ARM Architecture-based System Virtualization: Xen ARM open source software project

  • 1. ARM Architecture-based System Virtualization: Xen ARM open source software project Sang-bum Suh Vice President, Jae-min Ryu Research Staff {sbuk.suh, jm77.ryu}@samsung.com S/W Platform Team DMC Research Center SAMSUNG Electronics Co. 2011.08. Xen Summit North America 2011 © 2011 SAMSUNG Electronics Co.
  • 2. Agenda Overview - History of Xen ARM - Use Cases Xen ARM: Core - Xen ARM Virtualization - Performance Comparison Xen ARM Application: Security - Mobile Malware - Access Control Xen ARM Application: Real-time - Xen ARM: Preemption - Real-time Performance © 2011 SAMSUNG Electronics Co.
  • 3. Overview © 2011 SAMSUNG Electronics Co.
  • 4. History of Xen ARM ‘04 ‘08 ‘09 ‘10 Xen ARM 1st Xen ARM 2nd Xen ARM 3rd Xen ARM 4th x86 Xen Hypervisor Release: Release: Release: Release: Release ARM9 Xen Paravirtualized ARM11MPCore Performance (Cambridge university) Hypervisor, Linux kernel Support Optimization Mini-OS (v2.6.24), Xen tool (Samsung) (Samsung) (Samsung) (Samsung) Xen-ARM Open Source Community  Samsung leads the Xen ARM project  http://wiki.xensource.com/xenwiki/XenARM Supported Hardware & Guest OS  ARM926EJ-S (i.MX21, OMAP5912)  Linux v2.6.11, v2.6.18, v2.6.21, v2.6.24, v2.6.27  Xscale 3rd Generation Architecture (multicore supported)  uC/OS-II (PXA310, Samsung SGH- i780)  ARM1136/ARM1176(Core Only)  Goldfish (QEMU Emulator)  Versatile Platform Board  ARM11MPCore (Realview PB11MP)  Cortex-A9 (Tegra250) © 2011 SAMSUNG Electronics Co. SW Platform Team. 3 / 22
  • 5. Use Cases 1 – HW Consolidation: AP(Application Processor) and BP(Baseband Processor) can share multicore ARM CPU SoC in order to run both Linux and Real-time OS efficiently. 2 – OS Isolation: important call services can be effectively separated from downloaded third party applications by Xen ARM combined with access control. 3 – Rich User Experience: multiple OS domains can run concurrently on a single smartphone. 1 2 3 를 Android Nucleus Secure Kernel Linux GPOS RTOS Virtualization SW (Realtime Hypervisor) V -Core V -Core V -Core V -Core V -Core V-Core V-Core V -Core Core Core Core Core Linux 1 Linux 2 Memory Multi-Core Peri Important Hypervisor Hypervisor services H/W Hardware AP SoC +BP SoC -> Consolidated Multicore SoC Secure Smartphone Rich Applications from Multiple OS © 2011 SAMSUNG Electronics Co. SW Platform Team. 4 / 22
  • 6. Xen ARM: Core © 2011 SAMSUNG Electronics Co.
  • 7. Xen ARM Virtualization Goals  Light weight virtualization for secure 3G/4G mobile devices  High performance hypervisor based on ARM processor  Fine-grained access control fitted to mobile devices Architecture of Xen-ARM VM 0 VM 1 Application Application Application Application Guest Backend Drivers Frontend Drivers Domain Native Drivers VM Interface VM Interface Secure Domain Resource Access Xen-ARM Manager Allocator Control hypervisor Hardware Peripheral System Flash CPU Devices Memory Memory © 2011 SAMSUNG Electronics Co. SW Platform Team. 6 / 22
  • 8. Xen ARM Virtualization Overview Logical mode split  CPU virtualization  Virtualization requires 3 privilege CPU level, but ARM supports 2 level Xen-ARM mode   Xen-ARM mode: supervisor mode ( most privileged level) virtual kernel mode  virtual user mode   Virtual kernel mode: User mode ( least privileged level)  Virtual user mode: User mode ( least privileged level) VM 0 VM 1 VM 2 VM 2 Xen-ARM  Memory virtualization Address Spaces Address Spaces Address Spaces VM 1 Kernel  VM’s own memory should be VM 0 User Process User Process User Process User Process Xen-ARM protected from others MMU  Xen-ARM switches VM’s virtual address space Xen-ARM Physical Virtual Address Space Address Space using MMU  VM is not allowed to manipulate MMU directly VM0 (Linux) VM1 (Linux ) Application Application Application Application Application Application  I/O virtualization Front-end  Split driver model of Xen-ARM Native driver Back-end driver driver  Client & Server architecture for shared I/O devices I/O event  Client: frontend driver Interrupt Xen-ARM  Server: native/backend driver Device © 2011 SAMSUNG Electronics Co. SW Platform Team. 7 / 22
  • 9. Performance Comparison Micro-benchmark Results LMBENCH Micro Benchmark ( Bandwidth )  Evaluation Environments : Samsung Blackjack Phone  CPU : Xscale PXA310, 624MHz Higher is better  L1 Cache : 32KB + 32KB  L2 Cache : 256KB (Disabled)  Memory : 128MB  Guest OS: Linux-2.6.21 LMBENCH Micro Benchmark ( latency ) Lower is better © 2011 SAMSUNG Electronics Co. SW Platform Team. 8 / 22
  • 10. Performance Comparison Micro-benchmark Results  Evaluation Environments : nVidia Tegra250  CPU : Cortex-A9 1GHz Dual Core  L1 Cache : 32KB + 32KB Lower is better  L2 Cache : 1MB 1600  Memory : 1GB 1400 Native Linux Para-virtualized Linux  Guest OS: Linux-2.6.29 1200 (Latency) usec 1000 800 600 400 200 0 LMBENCH Micro Benchmark ( latency ) © 2011 SAMSUNG Electronics Co. SW Platform Team. 9 / 22
  • 11. Performance Comparison Benchmark Results LMBENCH Micro Benchmark ( latency ) 9  Evaluation Environments : Samsung Higher is better Xen/ARM L4 8 Relative Performance Blackjack Phone 7  CPU : Xscale PXA310, 624MHz  L1 Cache : 32KB + 32KB 6  L2 Cache : 256KB (Disabled) 5  Memory : 128MB 4  Guest OS: Linux-2.6.21 3 2 1 0 AIM7 Macro Benchmark S : size(byte) P : # of processes Normalized Performance 1 0.8 0.6 Native Linux Xen/ARM 0.4 L4 0.2 0 1 2 3 Number of Tasks © 2011 SAMSUNG Electronics Co. SW Platform Team. 10 / 22
  • 12. Xen ARM Application For Security © 2011 SAMSUNG Electronics Co.
  • 13. Mobile Malware [Source: F-Secure] Number of mobile malware 600 - More than 420 mobile phone 400 421 viruses (2008) 345 400 - Tens of thousands of infections worldwide 146 200 27 0 2004 2005 2006 2007 2008 [Source: McAfee] Concerns about mobile phone 100% 16.1 18.4 6.9 13.9 security – by market 80% 60% 93.1 86.1 83.9 81.6 40% Feel safe 20% Concerned 0% UK US Japan Total © 2011 SAMSUNG Electronics Co. SW Platform Team. 12 / 22
  • 14. Access Control Definition: Access control is a system which enables an authority to control area and resources in a given physical facility or computer-based information system [source: Wikipedia] Technical Issues Problem with performance isolation  Availability threat: denial of service (DoS) attack from a compromised domain in a mobile device - CPU overuse: a greater share of CPU time than initial allocation - Performance degradation: The Performance of other domains that share the same I/O device with the compromised domain - Battery drain Isolated Driver Domain1 DomainN Domain (IDD) Malware Excessive I/O … Requests Back-end Front-end Front-end Device drivers Device drivers Device drivers Native Device drivers Secure Xen Devices Hardware © 2011 SAMSUNG Electronics Co. SW Platform Team. 13 / 22
  • 15. Access Control Approach Technical Issues Fine-grained I/O access control module in the IDD and coarse-grained access control module in Xen Estimation of CPU consumption by each virtual I/O operation using regression analysis - Network and storage devices I/O access control enforcement based on the policy and regression equations Target HW spec: XScale 624MHz, 128MB DRAM Domain0 (IDD) Kernel Domain1 Kernel Regression Analysis: Network (4). Asking for decision Access Control fNET, Tx(x) = 370.18 + 0.01 * x Hook Backend Frontend Enforcer driver driver (I/O Scheduler) (3). Connecting to backend driver Regression Analysis: Storage (5). Virtual I/O CPU Usage fMTD,READ(x) = 250 + 0.24 * x (1). Loading policy I/O Resource fMTD,READOOB(x) = 533 + 0.06 * x Accounting fMTD,WRITE(x) = 160 + 0.24 * x fMTD,WRITEOOB(x) = 583 (2). Loading equations fMTD,ERASE(x) = 153.33 + 0.02 * x fMTD,ISBADBLOCK(x) = 58 Secure Xen on ARM fMTD,MARKBAD(x) = 60 Secure Storage x: bytes, f(x): usec © 2011 SAMSUNG Electronics Co. SW Platform Team. 14 / 22
  • 16. Access Control Effectiveness Technical Issues CPU Utilization: Network Test Environment Domain0 (IDD) Domain1 iperf (client) Policy net_atk CPU 100 bonnie Manager mtd_atk Usage (%) iperf (server) Linux 80 Linux kernel v2.6.21 Kernel TcN0 minicom I/O ACM v2.6.21 Linux 60 kernel Secure Xen on ARM TcN1 40 TcN2 Serial Cable Measurement Cable 20 TcN3 WT3000 power meter SGH-i780 Power Meter 0 Linux PC SGH-i780 3 6 9 12 15 18 21 24 27 30 net_atk: UDP packet flooding (sending out UDP packets with the Time size of 44,160 bytes every 1msec) (Sec) mtd_atk: excessive NAND READ operations (scanning every directory in the filesystem and reading file contents) CPU Utilization: Storage CPU 100 Usage Test Cases (%) 80 Network I/O Test Storage I/O Test Cases Cases TcS0 60 No Attack TcN0 TcS0 TcS1 Under Attack 40 (No I/O ACM) TcN1 TcS1 TcS2 Under Attack 20 TcS3 TcN2 TcS2 (20% I/O ACM Policy) Under Attack TcN3 TcS3 0 (10% I/O ACM Policy) 3 6 9 12 15 18 21 24 27 30 Time (Sec) © 2011 SAMSUNG Electronics Co. SW Platform Team. 15 / 22
  • 17. Access Control Effectiveness Throughput: Network No attack 800 700 Throughput (KB/Sec) 600  Throughput increase and power consumption 500 UDP decrease even under malware attack Under 400 attack TCP 300 200 100 0 TcN0 TcN1 TcN2 TcN3 Power Consumption Test Cases No attack Under attack Throughput: Storage 3 No attack 4500 2.5 Throughput (KB/Sec) 4000 2 3500 Under 3000 attack 1.5 Network 2500 Seq.out Storage 2000 Seq.in 1 1500 Rand.seek 1000 0.5 500 Test Cases 0 0 TcS0 TcS1 TcS2 TcS3 TcN0/TcS0 TcN1/TcS1 TcN2/TcS2 TcN3/TcS3 16 Test Cases Test Cases 2011 SAMSUNG Electronics Co. © SW Platform Team. 16 / 22
  • 18. Xen ARM Application For Real-time © 2011 SAMSUNG Electronics Co.
  • 19. Xen ARM: Pre-emption Status of real-time support Technical Issues  The jitter of timer interrupt latency by the hypervisor is bounded within 10% compared with native real-time OS. Technical Issue  DI and NP sections should be minimized. Latency caused by interrupt-disabled(DI) section Latency caused by non-preemptible(NP) section EN DI EN P NP P Time Time interrupt VM interrupt interrupt VM handler switch handler handler switch Delay Urgent Interrupt Delay Urgent Interrupt Wake up next VM  Hypervisor should support RT Domain via priority-based scheduling, VMM pre-emption and so on. Delay Non RT Non RT Non RT Voluntary Guest RT RT Non RT Domain Interrupt Domain Domain Domain Interrupt domain CPU domain Domain (Running) occurs (Running) (Running) occurs release time Xen-ARM Interrupt Timer Interrupt Send IRQ to Real-time Domain (As Non RT Domain has credits, Scheduling Scheduling Scheduling RT Domain is not scheduled. Furthermore Xen cannot tell difference between Non RT Domain and RT Domain.) Preemption © 2011 SAMSUNG Electronics Co. SW Platform Team. 18 / 22
  • 20. Real-time Performance • Evaluation Environment  Cyclictest benchmark repeats Category Description 1. RT task sleeps for 10ms 2. Timer interrupt will occur after 10ms H/W CPU Cortex-A9 / 1GHz / Dual Core 3. Timer interrupt wakes up the RT (Tegra250) RAM 1GB domain(uC/OS-II) 4. uC/OS-II preempts Xen-ARM S/W Hypervisor Xen-ARM 5. RT task is scheduled 6. RT task logs timestamp Guest OS Linux-2.6.29 (DOM0) (Running Busy Loop Task) Guest OS uC/OS-II (DOM1) (Running RT Task : Cyclictest benchmark) Native(uC/OS-II) Min Avg Max 9995 9996.810169 10000 Xen-ARM(uC/OS-II) Min Avg Max Response Overhead(3us) 9996 9999.327119 10001 Unit : usec © 2011 SAMSUNG Electronics Co. SW Platform Team. 19 / 22
  • 21. Q&A © 2011 SAMSUNG Electronics Co.