Logical Partitions on Many-core Processors

Size: px

Start display at page:

Download "Logical Partitions on Many-core Processors"

Godfrey Reed
5 years ago
Views:

1 Logical Partitions on Many-core Processors Ramya Masti, Claudio Marforio, Kari Kostiainen, Claudio Soriente, Srdjan Capkun ETH Zurich ACSAC

2 Infrastructure as a Service (IaaS) App App App App OS OS OS OS Hardware Hardware Hardware Personal platforms Shared cloud platform (IaaS) - Economies of scale - Shared resources - Security problems 2

3 Resource Partitioning App OS App OS Hardware Cloud platform with dedicated resources - Guaranteed performance - Secure against shared memory/cpu attacks - Example: IBM cloud 3

C 3 Every logical partition needs dedicated resources Many

4 Resource Partitioning Memory Logical Partition Subset of a system s resources that can run an OS/ Processor C 0 C 1 C 2 C 3 Every logical partition needs dedicated resources Many logical partitions need platforms that have lots of resources! 4

5 Many-core Processors for Logical Partitioning Cores, caches Many-core processor? Many simple cores Many logical partitions Designed for workloads that share data (no isolation!) Can many-core architectures support scalable logical partitioning? 5

6 Hypervisor Design Alternatives Traditional Distributed Centralized Hypervisor (H) H H H H C 0 C 1.. C n C 0 C 1.. C n C 0 C 1.. C n H C Run-time -hypervisor interaction - Increases hypervisor s attack surface - Performance overhead 6

7 Centralized Hypervisors Today H C 0 C 1 C 2.. C n Every core supports virtualization - Hypervisor and modes - Privileged instructions and memory addressing - Enables memory confinement Higher privilege mode Lower privilege mode But every core runs only in one mode! Unused functionality in every core H Solutions without processor virtualization 7

8 Intel Single-chip Cloud Computer (SCC) Memory controller Network on chip (NoC) Tiles Core Cache Messaging Buffer Network Interface Sources: Howard et al. IJSSC 10; The Future of Many-core Computing, Tim Mattson, Intel Labs 8

9 Intel SCC Architecture TILE Core Core NETWORK INTERFACE Look Up Tables Network on Chip Core - Asymmetric processor - Each core can run an independent OS - Simple cores: no virtualization support Look Up Tables (LUTs) - Determines the resources available to a core - Resources: other tiles, RAM and I/O All system resources are memory mapped 9

10 Intel SCC Address Translation Virtual address 0x CORE Memory Management Unit Physical address 0x NETWORK INTERFACE Look Up Tables (LUTs) System-wide address On-tile Off-tile LUT Registers On-tile Memory I/O Memory at Another Tile DRAM 10

11 Problem: Lack of Isolation TILE Core Core NETWORK INTERFACE Look Up Tables Network on Chip Every core can change its memory access configuration! Off-tile memory (DRAM) 11

12 Solution Intuition TILE TILE Master Core Core Core Core Core NETWORK INTERFACE Look Up Tables X X NETWORK INTERFACE Look Up Tables X Master core configures memory confinement for all cores Off-tile memory (DRAM) Network on Chip 12

13 Contributions 1. Hardware change to Intel SCC that enables logical partitioning - isolation on Network on Chip - emulate in software 2. Custom hypervisor - small TCB and attack surface 3. Cloud architecture (IaaS) - implementation and evaluation 13

14 Cloud Architecture (IaaS) Computing Node H Intel SCC Crypto engine (HSM) HW-virtualized peripherals Management Service User Management Management Storage Service 14

15 Operation example: startup Encrypt and install Storage Service Helper Core Hypervisor Master Core Intel SCC Core Computing node Crypto Engine 1. Boot 3. Fetch 2. Start 4. Decrypt 5. Assign core and configure LUTs 6. Start 15

16 Recap of Main Properties No processor virtualization Beneficial for high number of cores Small TCB Hypervisor implementation size 3.4K LOC Tolerance to compromise of other cloud components Reduced interaction Small attack surface No virtualization overhead 16

17 Comparison No Processor Virtualization Small TCB Reduced Interaction Xen (>100K LOC) HypeBIOS (4K LOC) NoHype (>100K LOC) } Merge? Our solution (3.4K LOC) 17

18 Summary Many-core processor? H Yes! (with minor modifications) Intel SCC case study - Isolation on Network on Chip (NoC) 18

19 Thank you! Ramya Masti, Claudio Marforio, Kari Kostiainen, Claudio Soriente, Srdjan Capkun 19

CSC 5930/9010 Cloud S & P: Virtualization

CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network