Towards Modular Security-Conscious Virtual Machines
Steffen Liebergeld, Michael Peter and Adam Lackorzynski, TUD - Operating Systems, Technische Universität Dresden, Germany
By their very nature, virtual machines are an unit of isolation which, together with their versatility, makes them interesting as a component in security-sensitive systems as well as in the combination with timing critical subsystems. While CPU virtualization has been simplified with the introduction of instruction set extensions, virtualizing the other parts of a system remains, due to its complexity, a challenge.
In this paper, we argue that the requirements are too diverse to be met by a single virtual machine monitor (VMM). We opted for a two-pronged, incremental approach. Our first stage is a small, simple, well performing VMM that achieves these traits by giving up on backward compatibility. With this first stage VMM at hand, we can run standard OSes like Linux with small modifications, which, in turn, can host more complex, fully backward compatible VMMs.
For systems with hardware virtualization support, our small VMM has the potential to supplant rehosted operating systems on top of microkernels as it takes less development effort, consumes less resources at run-time, and yields better performance.