Virtual CPU validation

Amit, Nadav; Tsafrir, Dan; Schuster, Assaf; Ayoub, A.; Shlomo, E.

doi:10.1145/2815400.2815420

Cited by 28 publications

(25 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…VSwapper showed that uncooperative swapping of memory of virtual machines can be made efficient, despite the common belief that this is impossible [14]. Virtual CPU validation showed how to uncover a massive amount of (confirmed and now fixed) hypervisor bugs by applying Intel's physical CPU testing infrastructure to the KVM hypervisor [15]. EIOVAR and its successor projects allowed for substantially faster and safer IOMMU protection and found their way into the Linux kernel [126,127,142].…”

Section: Authors' Perspectivesmentioning

confidence: 99%

See 1 more Smart Citation

Hardware and Software Support for Virtualization

Bugnion

Nieh

Tsafrir

2017

Synthesis Lectures on Computer Architecture

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Authors' Perspectivesmentioning

confidence: 99%

“…It remains error-prone. A recent study by Amit et al [15] identified 117 emulation bugs in the KVM kernel module, of which 72 were in the emulator alone.…”

Section: The Kvm Kernel Modulementioning

confidence: 99%

Hardware and Software Support for Virtualization

Bugnion

Nieh

Tsafrir

2017

Synthesis Lectures on Computer Architecture

Self Cite

View full text Add to dashboard Cite

show abstract

“…The study in [43] has demonstrated how Xen's memory is hijacked from the Dom0 domain. A CPU testing method has uncovered 117 bugs on the Linux KVM hypervisor, which introduced security vulnerabilities to the VMs, and flaws in Intel virtualization technology that cause an differences in the observable behavior of code running on virtual and bare-metal servers [44]. In the following, we describe attacks targeting the hypervisor.…”

Section: Attacks On the Hypervisormentioning

confidence: 99%

Classifying malware attacks in IaaS cloud environments

et al. 2017

View full text Add to dashboard Cite

In the last few years, research has been motivated to provide a categorization and classification of security concerns accompanying the growing adaptation of Infrastructure as a Service (IaaS) clouds. Studies have been motivated by the risks, threats and vulnerabilities imposed by the components within the environment and have provided general classifications of related attacks, as well as the respective detection and mitigation mechanisms. Virtual Machine Introspection (VMI) has been proven to be an effective tool for malware detection and analysis in virtualized environments. In this paper, we classify attacks in IaaS cloud that can be investigated using VMI-based mechanisms. This infers a special focus on attacks that directly involve Virtual Machines (VMs) deployed in an IaaS cloud. Our classification methodology takes into consideration the source, target, and direction of the attacks. As each actor in a cloud environment can be both source and target of attacks, the classification provides any cloud actor the necessary knowledge of the different attacks by which it can threaten or be threatened, and consequently deploy adapted VMI-based monitoring architectures. To highlight the relevance of attacks, we provide a statistical analysis of the reported vulnerabilities exploited by the classified attacks and their financial impact on actual business processes.

show abstract

“…Naturally, a first use case being to validate critical components such as the hypervisor. For example, Leinenbach et al [16] verified a subset of the Microsoft Hyper-V hypervisor instructions while Amit et al [1] used the Intel Hardware validation tool, to perform a test-based validation of the virtual VCPU behaviour inside the KVM hypervisor. Amazon used TLA specifications coupled with the TLC model checker to exhibit new bugs inside Amazon S3 and DynamoDB [22].…”

Section: Related Workmentioning

confidence: 99%

“…This solution is illustrated on BtrPlace [13], an open-source VM scheduler that received contributions from developers with various expertise. BtrPlace is also used in production by Nutanix, a provider of entreprise clusters, to mitigate local load spikes in thousands of private entreprise clouds 1 .…”

Section: Introductionmentioning

confidence: 99%

Trustable virtual machine scheduling in a cloud

Hermenier

Henrio

2017

Proceedings of the 2017 Symposium on Cloud Computing

View full text Add to dashboard Cite

In an Infrastructure As A Service (IaaS) cloud, the scheduler deploys VMs to servers according to service level objectives (SLOs). Clients and service providers must both trust the infrastructure. In particular they must be sure that the VM scheduler takes decisions that are consistent with its advertised behaviour. The difficulties to master every theoretical and practical aspects of a VM scheduler implementation leads however to faulty behaviours that break SLOs and reduce the provider revenues.We present SafePlace, a specification and testing framework that exhibits inconsistencies in VM schedulers. SafePlace mixes a DSL to formalise scheduling decisions with fuzz testing to generate a large spectrum of test cases and automatically report implementation faults.We evaluate SafePlace on the VM scheduler BtrPlace. Without any code modification, SafePlace allows to write test campaigns that are 3.83 times smaller than BtrPlace unit tests. SafePlace performs 200 tests per second, exhibited new non-trivial bugs, and outperforms the BtrPlace runtime assertion system. CCS CONCEPTS• Software and its engineering → Cloud computing; Software testing and debugging; Scheduling; KEYWORDS VM scheduling, software testing, specification language ACM Reference Format:

show abstract

Virtual CPU validation

Cited by 28 publications

References 23 publications

Hardware and Software Support for Virtualization

Hardware and Software Support for Virtualization

Classifying malware attacks in IaaS cloud environments

Trustable virtual machine scheduling in a cloud

Contact Info

Product

Resources

About