XenRPC:Design and Implementation of Security VM Remote Procedure Call
-
Graphical Abstract
-
Abstract
In virtual machine environment, VMs often need to communicate with each other, but the fact is that the VMs are actually in the same physical machine. The existed remote procedure call mechanisms do not suit for virtual machine environment. In this paper, an Xen-specific remote procedure call mechanism named XenRPC is presented. XenRPC uses the interfaces provided by XenAccess and the event channel mechanism provided by Xen, to share memory between the two communicating processes. XenRPC removes the marshalling while data packets are sent, triggers an immediate context switching, and notifies events asynchronously through event channel to greatly enhance the communication performance. In addition, to avoid stack overflow attacks, XenRPC protects the memory shared and checks the return address of the shared stack. If the return address is modified by the malicious program, XenRPC will recover the return address to protect users from the stack overflow attacks. Performance evaluations show that the throughput, latency and CPU consumption of XenRPC are better than that of SunRPC and Ice, which are the two well-known remote procedure call mechanisms.
-
-