skip to main content
10.1145/2664168.2664173acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Swap and Play: Live Updating Hypervisors and Its Application to Xen

Published: 07 November 2014 Publication History

Abstract

Hypervisors provide the means to run multiple isolated virtual machines on the same physical host. Typically, updating hypervisors requires a reboot of the host leading to disruption of services that is highly undesirable, particularly in cloud environments. Nevertheless, security updates have to be applied fast to reduce the risk of attacks, demanding a solution which eliminates the trade-off between availability and security risk.
Live updating, in general, is highly challenging and has been investigated for decades. However, all solutions proposed so far require changes to the control flow of the software and/or cause performance degradation. Moreover, currently there are no solutions for live updating of hypervisors and all major products (e.g., Hyper-V, Xen, ESXi) require a reboot for updating.
In this paper, we present Swap and Play, the first live update mechanism for hypervisors. Our solution is easy to use, scalable and, in particular, deployable in cloud environments. Our approach leverages the hypervisor's small memory footprint to swap the hypervisor on-the-fly without affecting the control flow of the (new) hypervisor, or disrupting the guests. In this context, we tackle several technically involved challenges, such as transferring the state of the running hypervisor, updating the configuration of one CPU while reinitializing the configuration of all other CPUs, and passing the control to the new hypervisor, all at run-time.
We implemented our approach on the popular Xen hypervisor to show its efficiency and effectiveness.

References

[1]
Amazon data center size. http://huanliu.wordpress.com/2012/03/13/amazon-data-center-size/.
[2]
Amazon ec2 service level agreement. http://aws.amazon.com/ec2-sla/.
[3]
Amazon's physical hardware and ec2 compute unit. http://huanliu.wordpress.com/2010/06/14/amazons-physical-hardware-and-ec2-compute-unit/.
[4]
Common vulnerabilities and exposures. xen: Security vulnerabilities. http://www.cvedetails.com/vulnerability-list.php?vendor_id=6276.
[5]
Cve-2012--3516: grant table entry swaps have inadequate bounds checking. http://lists.xen.org/archives/html/xen-announce/2012-09/msg00004.html.
[6]
Free vmware vsphere hypervisor, free virtualization (esxi). http://www.vmware.com/products/vsphere-hypervisor/.
[7]
Gnu grub. http://www.gnu.org/software/grub/.
[8]
Is the hypervisor market expanding or contracting? http://blogs.aberdeen.com/it-infrastructure/is-the-hypervisor-market-expanding-or-contracting/.
[9]
Microsoft hyper-v server. http://www.microsoft.com/en-us/server-cloud/hyper-v-server/default.aspx.
[10]
Migrate hyper-v to windows server 2012. http://technet.microsoft.com/library/jj574113.aspx.
[11]
nuttcp project. http://www.nuttcp.net/.
[12]
sysbench project. http://sysbench.sourceforge.net/.
[13]
vsphere upgrade. http://pubs.vmware.com/vsphere-50/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-50-upgrade-guide. pdf.
[14]
Xen project software overview. http://wiki.xen.org/wiki/Xen_Project_Software_Overview.
[15]
The xen project, the powerful open source industry standard for virtualization. http://www.xenproject.org/.
[16]
Xen version compatibility. http://wiki.xen.org/wiki/Xen_Version_Compatibility.
[17]
Xenserver documentation. http://docs.vmd.citrix.com/XenServer/5.0.0/1. 0/en_gb/installation.html#maintenance.
[18]
G. Altekar, I. Bagrak, P. Burstein, and A. Schultz. Opus: online patches and updates for security. In Proceedings of the 14th conference on USENIX Security Symposium - volume 14, SSYM'05.
[19]
J. Arnold and M. F. Kaashoek. Ksplice: automatic rebootless kernel updates. In Proceedings of the 4th ACM European conference on Computer systems, EuroSys '09.
[20]
P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the nineteenth ACM symposium on Operating systems principles, SOSP '03.
[21]
A. Baumann, J. Appavoo, R. W. Wisniewski, D. D. Silva, O. Krieger, and G. Heiser. Reboots are for hardware: challenges and solutions to updating an operating system on the fly. In 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference, ATC'07.
[22]
A. Baumann, G. Heiser, J. Appavoo, D. Da Silva, O. Krieger, R. W. Wisniewski, and J. Kerr. Providing dynamic update in an operating system. In Proceedings of the annual conference on USENIX Annual Technical Conference, ATEC '05.
[23]
L. Bilge and T. Dumitras. Before we knew it: an empirical study of zero-day attacks in the real world. In Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12.
[24]
H. Chen, R. Chen, F. Zhang, B. Zang, and P.-C. Yew. Live updating operating systems using virtualization. In Proceedings of the 2nd international conference on Virtual execution environments, VEE '06.
[25]
C. Clark, K. Fraser, S. Hand, J. G. Hansen, E. Jul, C. Limpach, I. Pratt, and A. Warfield. Live migration of virtual machines. In Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - volume 2, NSDI'05.
[26]
R. S. Fabry. How to design a system in which modules can be changed on the fly. In Proceedings of the 2nd international conference on Software engineering, ICSE '76.
[27]
O. Frieder and M. E. Segal. On dynamically updating a computer program: from concept to prototype. J. Syst. Softw.
[28]
C. Giuffrida, A. Kuijsten, and A. S. Tanenbaum. Safe and automatic live update for operating systems. In Proceedings of the Eighteenth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '13.
[29]
D. Gupta and P. Jalote. On line software version change using state transfer between processes. Softw. Pract. Exper.
[30]
D. Gupta, P. Jalote, and G. Barua. A formal framework for on-line software version change. IEEE Trans. Softw. Eng.
[31]
M. Hicks and S. Nettles. Dynamic software updating. ACM Trans. Program. Lang. Syst.
[32]
O. Krieger, M. Auslander, B. Rosenburg, R. W. Wisniewski, J. Xenidis, D. Da Silva, M. Ostrowski, J. Appavoo, M. Butrico, M. Mergen, A. Waterland, and V. Uhlig. K42: Building a complete operating system. In Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006, EuroSys '06.
[33]
K. Makris and R. A. Buzzi. Immediate multi-threaded dynamic software updates using stack reconstruction. In Proceedings of the 2009 USENIX Annual Technical Conference, USENIX '09.
[34]
J. Moore. Hot patching in the unix kernel.
[35]
I. Neamtiu, M. Hicks, J. S. Foster, and P. Pratikakis. Contextual effects for version-consistent dynamic software updating and safe concurrent programming. In Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, POPL '08.
[36]
A. Ramaswamy, S. Bratus, S. Smith, and M. Locasto. Katana: A hot patching framework for elf executables. In Availability, Reliability, and Security, 2010. ARES '10 International Conference on.
[37]
M. E. Segal and O. Frieder. Dynamic program updating: a software maintenance technique for minimizing software downtime. Journal of Software Maintenance.
[38]
M. E. Segal and O. Frieder. On-the-fly program modification: Systems for dynamic updating. IEEE Softw.
[39]
V. Soundararajan and J. M. Anderson. The impact of management operations on the virtualized datacenter. In Proceedings of the 37th annual international symposium on Computer architecture, ISCA 2010.

Cited By

View all
  • (2023)Rust-Shyper: A reliable embedded hypervisor supporting VM migration and hypervisor live-updateJournal of Systems Architecture10.1016/j.sysarc.2023.102948142(102948)Online publication date: Sep-2023
  • (2022)Hy-FiX: Fast In-Place Upgrades of KVM HypervisorsIEEE Transactions on Cloud Computing10.1109/TCC.2021.305659010:4(2679-2690)Online publication date: 1-Oct-2022
  • (2022)VM Migration and Live-Update for Reliable Embedded HypervisorDependable Software Engineering. Theories, Tools, and Applications10.1007/978-3-031-21213-0_4(53-69)Online publication date: 11-Dec-2022
  • Show More Cited By

Index Terms

  1. Swap and Play: Live Updating Hypervisors and Its Application to Xen

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCSW '14: Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security
    November 2014
    160 pages
    ISBN:9781450332392
    DOI:10.1145/2664168
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 07 November 2014

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. hypervisor
    2. live update
    3. xen

    Qualifiers

    • Research-article

    Conference

    CCS'14
    Sponsor:

    Acceptance Rates

    CCSW '14 Paper Acceptance Rate 12 of 36 submissions, 33%;
    Overall Acceptance Rate 37 of 108 submissions, 34%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)9
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 28 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Rust-Shyper: A reliable embedded hypervisor supporting VM migration and hypervisor live-updateJournal of Systems Architecture10.1016/j.sysarc.2023.102948142(102948)Online publication date: Sep-2023
    • (2022)Hy-FiX: Fast In-Place Upgrades of KVM HypervisorsIEEE Transactions on Cloud Computing10.1109/TCC.2021.305659010:4(2679-2690)Online publication date: 1-Oct-2022
    • (2022)VM Migration and Live-Update for Reliable Embedded HypervisorDependable Software Engineering. Theories, Tools, and Applications10.1007/978-3-031-21213-0_4(53-69)Online publication date: 11-Dec-2022
    • (2021)In-Place VM Migration for Fast Update of Hypervisor StackIntelligent Computing10.1007/978-3-030-80119-9_29(483-493)Online publication date: 13-Jul-2021
    • (2020)Energy Management Techniques for Cloud Based EnvironmentInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology10.32628/CSEIT206293(287-294)Online publication date: 2-Apr-2020
    • (2020)NELLY: Flow Detection Using Incremental Learning at the Server Side of SDN-Based Data CentersIEEE Transactions on Industrial Informatics10.1109/TII.2019.294729116:2(1362-1372)Online publication date: Feb-2020
    • (2019)Fast and live hypervisor replacementProceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments10.1145/3313808.3313821(45-58)Online publication date: 14-Apr-2019
    • (2017)HyperFreshProceedings of the 8th Asia-Pacific Workshop on Systems10.1145/3124680.3124734(1-8)Online publication date: 2-Sep-2017
    • (2016)Handling Boot Storms in Virtualized Data Centers—A SurveyACM Computing Surveys10.1145/293270949:1(1-36)Online publication date: 14-Jun-2016

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media