Full Program »
Logical Partitions on Many-Core Platforms
Presentation 1.1MB |
Many-core platforms, with their abundant resources, are an attractive solution to create and deploy logical partitions on a large scale.
However, many-core platforms are designed for efficient cross-core data sharing rather than isolation, which is a key requirement for logical partitions. Typically, logical partitions leverage hardware virtualization extensions that require complex CPU enhancements.
These extensions are not optimal for many-core platforms, where it is preferable to keep the cores simple and energy-efficient.
In this paper, we show that a simple address-space isolation mechanism, that can be implemented in the Network-on-Chip of the many-core processor, is sufficient to enable logical partitions. We implement the proposed change for the Intel Single-Chip Cloud Computer (SCC).
We also design a cloud architecture that relies on a small and disengaged hypervisor for the security-enhanced Intel SCC.
Our prototype hypervisor is 3.4K LOC which is comparable to the smallest hypervisors available today.
Furthermore, virtual machines execute bare-metal avoiding runtime interaction with the hypervisor and virtualization overhead.
Author(s):
Ramya Jayaram Masti
Institute of Information Security, ETH Zurich
Switzerland
Claudio Marforio
Institute of Information Security, ETH Zurich
Switzerland
Kari Kostiainen
Institute of Information Security, ETH Zurich
Switzerland
Claudio Soriente
Institute of Information Security, ETH Zurich
Switzerland
Srdjan Capkun
Institute of Information Security, ETH Zurich
Switzerland