High performance applications usually need to give many hints to the OS kernel regarding their needs. For example, CPU affin- ity is commonly used to pin processes to cores and avoid the cost of CPU migration, isolate performance critical tasks, bring related tasks together, and so on. However, when running inside a Virtual Machine, the (guest) OS kernel can only assign virtual resources, e.g., pinning a guest process to a virtual CPU thread (vCPU); the vCPU thread, how- ever, is still freely scheduled by the host hypervisor, which is unaware of the guest application requests. This semantic gap is usually overcome by statically allocating virtual resources to their hardware counterparts, which is costly and inflexible, or via paravirtualization, i.e., by modifying the guest kernel to pass the hints to the host, which is cumbersome and difficult to extend. We propose to use host-injected eBPF programs as a way for the host to obtain this kind of information from the guest in an extensible way, without modifying the guest (Linux) kernel, and with- out statically allocating resources. We apply this idea to the example of CPU affinity and run some experiments to show its effect on several microbenchmarks. Finally, we discuss the implications for confidential computing.

eBPF-based Extensible Paravirtualization

Giuseppe Lettieri
Secondo
Conceptualization
;
2022-01-01

Abstract

High performance applications usually need to give many hints to the OS kernel regarding their needs. For example, CPU affin- ity is commonly used to pin processes to cores and avoid the cost of CPU migration, isolate performance critical tasks, bring related tasks together, and so on. However, when running inside a Virtual Machine, the (guest) OS kernel can only assign virtual resources, e.g., pinning a guest process to a virtual CPU thread (vCPU); the vCPU thread, how- ever, is still freely scheduled by the host hypervisor, which is unaware of the guest application requests. This semantic gap is usually overcome by statically allocating virtual resources to their hardware counterparts, which is costly and inflexible, or via paravirtualization, i.e., by modifying the guest kernel to pass the hints to the host, which is cumbersome and difficult to extend. We propose to use host-injected eBPF programs as a way for the host to obtain this kind of information from the guest in an extensible way, without modifying the guest (Linux) kernel, and with- out statically allocating resources. We apply this idea to the example of CPU affinity and run some experiments to show its effect on several microbenchmarks. Finally, we discuss the implications for confidential computing.
2022
978-3-031-23219-0
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/1169168
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 1
social impact