Abstract
User-level Dynamic Binary Translators (DBTs) linearly map the guest virtual memory to host virtual memory to achieve optimal performance. When the host page size exceeds the guest page size, multiple small guest pages are mapped to a single large host page, resulting in inappropriate permissions mapping. DBTs face security and correctness risks accessing the inappropriately mapped host page. Our survey reveals that most of the state-of-the-art user-level DBTs suffer from these risks. While system-level DBT can avoid these risks through a software Memory Management Unit (MMU). However, the software MMU fully emulates guest memory management, leading to slower performance than the linear mapping approach of user-level DBTs.
To address the balance of performance and risks, we propose a DBT memory management method named On-Demand Triggered MMU (ODT-MMU), that combines the strengths of both user-level and system-level DBTs. ODT-MMU utilizes linear mapping for non-risky page accesses and triggers a software MMU when accessing risky pages. We implement ODT-MMU in two ways to accommodate various application scenarios: a platform-independent implementation named ODT-InterpMMU, and a hardware-accelerated implementation named ODT-ManipTLB. ODT-ManipTLB is designed for host Instruction Set Architectures (ISAs) that support programmable TLB. Experimental results demonstrate that both implementations can effectively mitigate risks associated with page size. Furthermore, ODT-ManipTLB achieves over 2000x performance improvement compared with the ODT-InterpMMU, while maintaining comparable performance to the DBT without ODT-MMU. Additionally, our work is applied to two industrial DBTs, XQM and LATX.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
AMD: AMD64 Architecture Programmer’s Manual Volume 2: System Programming (2020)
Apple: About the Rosetta translation environment (2021). https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment. Accessed 10 June 2023
Apple: Running intel binaries in Linux VMS with Rosetta (2022). https://developer.apple.com/documentation/virtualization/running_intel_binaries_in_linux_vms_with_rosetta. Accessed 10 June 2023
Arm: Arm Architecture Reference Manual: Armv8, for Armv8-A architecture profile (2021)
Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, FREENIX Track (2005)
Chang, C.R., Wu, J.J., Hsu, W.C., Liu, P., Yew, P.: Efficient memory virtualization for Cross-ISA system mode emulation. In: International Conference on Virtual Execution Environments (2014)
Ganapathy, N., Schimmel, C.: General purpose operating system support for multiple page sizes. In: USENIX Annual Technical Conference (1998)
Hu, W., Wang, J., Gao, X., Chen, Y., Liu, Q., Li, G.: Godson-3: a scalable multicore RISC processor with x86 emulation. IEEE Micro 29, 17–29 (2009)
Huang, K., Zhang, F., Li, C., Niu, G., Wu, J., Liu, T.: BTMMU: an efficient and versatile cross-ISA memory virtualization. In: Proceedings of the 17th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (2021)
Huawei: Huawei kunpeng exagear (2022). https://mirrors.huaweicloud.com/kunpeng/archive/ExaGear/. Accessed 10 June 2023
Huawei: Technical constraints-introduction-user guide-binary translator (ExaGear)-Kunpeng DevKit-Kunpeng documentation: technical constraints (2023). https://www.hikunpeng.com/document/detail/en/kunpengdevps/ug-exagear/usermanual/kunpengexagear_06_0005.html. Accessed 10 June 2023
Loongson Technology Corporation Limited: LoongArch Reference Manual - Volume 1: Basic Architecture (2023)
Marcan: Asahi Linux progress report: September 2021 (2021). Accessed 10 June 2023
MIPS Technologies Inc.: MIPS Architecture for Programmers Volume III: The MIPS64 and microMIPS64 Privileged Resource Architecture (2014)
Navarro, J.E., Iyer, S., Druschel, P., Cox, A.L.: Practical, transparent operating system support for superpages. In: USENIX Symposium on Operating Systems Design and Implementation (2002)
Papadopoulou, M.M., Tong, X., Seznec, A., Moshovos, A.: Prediction-based superpage-friendly TLB designs. In: 2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA), pp. 210–222 (2015)
Probst, M.: Dynamic binary translation (2003)
QEMU: QEMU, a generic and open source machine & userspace emulator and virtualizer (2003). https://github.com/qemu/qemu. Accessed 10 June 2023
Seznec, A.: Concurrent support of multiple page sizes on a skewed associative TLB. IEEE Trans. Comput. 53, 924–927 (2004)
Spink, T., Wagstaff, H., Franke, B.: Hardware-accelerated cross-architecture full-system virtualization. ACM Trans. Archit. Code Optim. (TACO) 13, 1–25 (2016)
Talluri, M., Hill, M.D.: Surpassing the TLB performance of superpages with less operating system support. In: ASPLOS VI (1994)
Tong, X., Koju, T., Kawahito, M., Moshovos, A.: Optimizing memory translation emulation in full system emulators. ACM Trans. Archit. Code Optim. (TACO) 11, 1–24 (2015)
Wang, Z., et al.: HSPT: practical implementation and efficient management of embedded shadow page tables for cross-ISA system virtual machines. In: Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (2015)
Weiwu, H., et al.: Loongson instruction set architecture technology. J. Comput. Res. Dev. 60, 2–16 (2023)
WineHQ: Wine, a windows compatibility layer for POSIX-compliant operating systems (1993). https://www.winehq.org/. Accessed 10 June 2023
Winwood, S., Shuf, Y., Franke, H.: Multiple page size support in the Linux kernel (2002)
Zhang, X., Jiang, Y., Cong, M.: Performance improvement for multicore processors using variable page technologies. In: 2011 IEEE Sixth International Conference on Networking, Architecture, and Storage, pp. 230–235 (2011)
Zhenhua, W.: A dual-TLB method to accelerate the memory access of binary translation. Master’s thesis, University of Chinese Academy of Sciences, Beijing, China (2015)
Acknowledgment
This project is funded by the 2022 National Key Research and Development Program “Security Protection Technology for Distribution Network Key Information Infrastructure” Project 3 Distribution Network Computing Equipment Security Enhancement Technology Research and Localization Development (Project No. 2022YFB3105103).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xie, B. et al. (2024). On-Demand Triggered Memory Management Unit in Dynamic Binary Translator. In: Li, C., Li, Z., Shen, L., Wu, F., Gong, X. (eds) Advanced Parallel Processing Technologies. APPT 2023. Lecture Notes in Computer Science, vol 14103. Springer, Singapore. https://doi.org/10.1007/978-981-99-7872-4_17
Download citation
DOI: https://doi.org/10.1007/978-981-99-7872-4_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-7871-7
Online ISBN: 978-981-99-7872-4
eBook Packages: Computer ScienceComputer Science (R0)