KR20130042914A - Virtualization system of peripheral devices of computer system - Google Patents
Virtualization system of peripheral devices of computer system Download PDFInfo
- Publication number
- KR20130042914A KR20130042914A KR1020110107069A KR20110107069A KR20130042914A KR 20130042914 A KR20130042914 A KR 20130042914A KR 1020110107069 A KR1020110107069 A KR 1020110107069A KR 20110107069 A KR20110107069 A KR 20110107069A KR 20130042914 A KR20130042914 A KR 20130042914A
- Authority
- KR
- South Korea
- Prior art keywords
- processor
- mode
- virtualization
- peripheral
- monitor
- Prior art date
Links
- 230000002093 peripheral effect Effects 0.000 title claims abstract description 34
- 238000000034 method Methods 0.000 claims abstract description 25
- 230000008569 process Effects 0.000 claims abstract description 12
- 230000006870 function Effects 0.000 abstract description 12
- 238000005516 engineering process Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000013459 approach Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
- G06F1/26—Power supply means, e.g. regulation thereof
- G06F1/28—Supervision thereof, e.g. detecting power-supply failure by out of limits supervision
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Memory System Of A Hierarchy Structure (AREA)
- Storage Device Security (AREA)
Abstract
Description
The present invention relates to a computer system, and more particularly, to a virtualization system of a computer system for virtualizing a system peripheral device, for example, a timer, a power management module, and the like by using a security function provided by a processor in a virtualization technology. will be.
Virtualization technology is a technology that virtualizes input / output devices such as CPU (Central Processing Unit), memory, disk, network, and monitor, which are hardware resources used by operating system (OS).
A system with virtualization technology blocks the operating system from accessing the hardware directly and provides the operating system with a virtual hardware interface so that multiple operating systems can run on one hardware.
These virtualization technologies can be classified into virtualization for each device in detail, so that they can be divided into virtualization such as CPU virtualization, memory virtualization, and disk and network. In the case of CPU virtualization, the CPU architecture generally supports more than one mode.
Each mode has a different privilege level. The operating system runs in Privileged mode, and the general application runs in Unprivileged mode. In privileged mode, all the instructions provided by the CPU can be used. In non-privileged mode, only the remaining instructions can be executed in the CPU except those that can only be executed in privileged mode. Here, the operating system generally operates in a privileged mode, thereby obtaining a right to control an application program.
In contrast, in a virtualization system, operating systems cannot access hardware directly, so that many virtual machines can operate. To do this, privileged mode is assigned to the virtual machine monitor, and the operating system and applications are allowed to run in non-privileged mode to virtualize the CPU.
Among several processor architectures, ARM has recently added a function called trust zone to enhance the security of the processor.
The trust zone provides two processor regions, the secure state and the normal state. The two states have a user mode in which the application runs and a private mode in which the operating system runs.
Among the two areas, important tasks requiring security are performed in the secure state, and other tasks are performed in the normal state, thereby increasing the security of the system. The TrustZone feature provides a new mode called monitor mode to move between these secure and normal states. In this case, the monitor mode must be passed in order to transition from one state of the secure state and the normal state to the other state.
Trust zones provide some functionality internally. One of them provides a function of selectively setting a memory area mapped to an internal device as a security area and a non-security area.
A protection bit is provided for each system peripheral implemented in the Arm System-on-Chip (Ar SoC) so that only the secure state can access the memory mapped to the system peripheral. In addition to restrictive control, it also provides memory access restriction based on trust zone configuration.
Security features supported by CPU hardware, such as those described above, are very efficient because they can perform the same task with a smaller load than software alone.
Background art of the present invention is disclosed in Korean Patent Publication No. 10-2006-0079088 (2005.12.07).
An object of the present invention is to improve the performance of a virtualization system by using a memory area setting function supported by hardware to virtualize a system peripheral device that is responsible for system time, power control, interrupt controller, etc. in a computer system. The purpose is to provide a device virtualization method.
Peripheral virtualization system of a computer system according to an aspect of the present invention comprises a first processor operating in a privileged mode set to a secure state; A second processor set to a normal state and operated in a user mode and a privileged mode; And a monitor mode for controlling access of the second processor to a memory region designated by the first processor in the secure state.
The second processor of the present invention includes a user process operating in the user mode and a kernel operating in the privileged mode.
The first processor of the present invention stores a value of a processor status register (PSR) of the second processor and a value of a register of the second processor that are copied to a saved processor status register (SPSR) when a data abort occurs. And changing the normal state to the secure state through the monitor mode.
After changing the normal state to the secure state through the monitor mode, the first processor reads the address where the data abbot is generated and the status information when it occurs, and the status information when the data abort is generated. Analyze the virtualization through the handler of the data peripheral is generated system characterized in that the virtual handling.
The handler of the present invention is characterized in that the system peripheral device processes the read / write request for the mapped memory according to the analysis result by analyzing state information when the data abort occurs.
The first processor of the present invention is configured to restore the register when the virtualization handling is terminated.
The first processor of the present invention is characterized in that the virtual machine monitor.
The second processor of the present invention is characterized in that the guest virtual machine.
The present invention can support the system peripheral virtualization using a hardware support function, it is possible to efficiently perform virtualization for the system peripheral device, thereby improving the performance of the entire virtualization system.
1 is a block diagram of a TrustZone Protection Control (TZPC) applied to the present invention.
2 is a block diagram of a peripheral virtualization system of a computer system according to an embodiment of the present invention.
3 is a flowchart illustrating a memory access exception processing procedure according to an embodiment of the present invention.
Hereinafter, a peripheral virtualization method of a computer system according to an embodiment of the present invention will be described in detail with reference to the accompanying drawings. In this process, the thicknesses of the lines and the sizes of the components shown in the drawings may be exaggerated for clarity and convenience of explanation. In addition, terms to be described later are terms defined in consideration of functions in the present invention, which may vary according to the intention or convention of a user or an operator. Therefore, the definitions of these terms should be made based on the contents throughout the specification.
1 is a block diagram of a TrustZone Protection Control (TZPC) applied to the present invention, Figure 2 is a block diagram of a peripheral virtualization system of a computer system according to an embodiment of the present invention, Figure 3 is a block diagram of the present invention 1 is a flowchart illustrating a memory access exception processing procedure according to an exemplary embodiment.
The present invention relates to a method of virtualizing a system peripheral device such as a timer and a power management module by using a security function provided by a processor in a virtualization technology. The present invention can provide various security functions for each processor, and an embodiment of the present specification describes an example of using a trust zone provided by an ARM processor.
The present invention is a method for controlling the access of a system peripheral device mapped to a memory using a security-specific function provided by a process, and using the same, to support system peripheral virtualization.
The security-specific feature provided by the ARM processor is TrustZone, which uses TrustZone Protection Control (hereinafter simply referred to as TZPC).
The TZPC 10 includes system peripherals added to the ARM core, such as a system timer, a system control unit, a general purpose input / output pin (GPIO), Memory mapped to AUDIO, VIC (Vectored Interrupt Timer), etc. may be set as a secure area and a non-secure area.
Trust zone protection control applied to the embodiment of the present invention, as shown in Figure 1, the TZPC 10 is an APB (Advanced Peripheral Bus)
The
Therefore, in the present embodiment, a method of virtualizing a system peripheral device mapped to a memory using the memory area security setting function will be described using the TZPC 10 as an example.
System virtualization is divided into full-virtualization and para-virtualization according to the form of virtualization.
Full virtualization is a method that does not modify the guest operating system operating on the virtual machine, while para-virtualization is a method of modifying the guest operating system to match the interface provided by the lower
Full virtualization has the advantage of not modifying the guest operating system, but generally has the disadvantage of lower performance than paravirtualization.
Conversely, paravirtualization is superior to full virtualization, but has the disadvantage of modifying the guest operating system.
In this embodiment, it is possible to compensate for the disadvantages of performance while supporting full virtualization. This is because the performance provided by the hardware can be reduced by utilizing the functions provided by the hardware. The present invention can also be used for para-virtualization, which can depend entirely on the design of the
As shown in FIG. 2, the peripheral virtualization system of the computer system according to an exemplary embodiment of the present invention includes a
The first processor may be a virtual machine monitor (VMM), and the second processor may be a guest virtual machine (GuestVM).
The guest
The virtual machine monitor 30 manages the stability of the entire system, and operates in the privileged mode of the secure state.
As such, the virtual machine monitor 30 may be isolated from the guest
Computing systems using the von Neumann architecture are basically interrupt-based systems. In general, only one exception routine including interrupts can be registered throughout the system.
However, ARM architectures that support trust zones support the inclusion of an exception vector (not shown) in each of the normal state, monitor
In the trust zone, when a memory area designated as a secure zone is accessed from the normal state using the
This mechanism allows the virtual machine monitor 30 to control the virtual machine access to the system peripherals.
A process performed after the virtual machine monitor 30 intercepts a memory access mapped to a system peripheral device will be described with reference to FIG. 3.
When the guest
In response, the normal state is changed to the monitor mode through the data abort exception processing of the
When an exception occurs in the ARM architecture, the Current Processor Status Register (CPSR) value of the previous state is copied to the Saved Processor Status Register (SPSR), which is a banked register in Monitor Mode (40), and the Monitor Mode (40). The value in the SPSR of is copied to the CPSR.
The data abort handler first stores the PSR value of the guest
As described above, after the value of the register is stored, the normal state is changed to the secure state (S20).
The
As such, when the state changes from the normal state to the secure state, the virtual memory space is changed from the memory mapping of the guest
Next, the address where the data abort occurred and the status information at the time of occurrence are read (S30).
Here, the data fault address register (DFAR) has address information on which data abort has occurred, and the data fault status register (DFSR) has status information on which a batter abort has occurred.
The fault address is read and analyzed to determine which device is accessed (S40), and then the corresponding handler is executed. Such devices include vectored interrupt controllers (VICs) and system timers.
Each device's handler performs virtualization handling that matches the device's characteristics. The virtualization handling of the device handles the read / write request for the mapped memory of the device, and the request information can be checked through the DFSR.
Therefore, the handler determines whether to read / write through the DFSR and processes the information based on the information and policy maintained by the
When the virtual handling for each device is completed, the virtual machine monitor 30 restores the stored register (S60), and returns to the next command of the guest
The present invention provides a method for supporting virtualization of a system peripheral through such a series of processes.
The above description uses the ARM architecture as an example. Other processors can also use hardware support to support virtualization of system peripherals.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is clearly understood that the same is by way of illustration and example only and is not to be taken by way of limitation, I will understand. Accordingly, the true scope of the present invention should be determined by the following claims.
10: TZPC 11: APB Interface Module
12: register set 20: guest virtual machine
30: Virtual Machine Monitor 40: Monitor Mode
Claims (8)
A second processor set to a normal state and operated in a user mode and a privileged mode; And
And a monitor mode for controlling access of the second processor to a memory area designated by the first processor to the secure state.
Saves the value of the processor status register (PSR) of the second processor and the value of the register of the second processor copied to the saved processor status register (SPSR), and changes the normal state to the secure state through the monitor mode. Peripheral virtualization system of a computer system, characterized in that.
After changing the normal state to the secure state through the monitor mode, the address where the data abbot is generated and the status information when the data is generated are read, and the data information is generated by analyzing the status information when the data abort is generated. Peripheral virtualization system of a computer system, characterized in that to perform the virtualization handling through the handler of the system peripheral.
And when the virtualization handling ends, restoring the registers.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110107069A KR20130042914A (en) | 2011-10-19 | 2011-10-19 | Virtualization system of peripheral devices of computer system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110107069A KR20130042914A (en) | 2011-10-19 | 2011-10-19 | Virtualization system of peripheral devices of computer system |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20130042914A true KR20130042914A (en) | 2013-04-29 |
Family
ID=48441379
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020110107069A KR20130042914A (en) | 2011-10-19 | 2011-10-19 | Virtualization system of peripheral devices of computer system |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20130042914A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102405093B1 (en) * | 2021-12-09 | 2022-06-07 | 한화시스템(주) | System and method for verifying integrity of unmanned aerial vehicle |
-
2011
- 2011-10-19 KR KR1020110107069A patent/KR20130042914A/en not_active Application Discontinuation
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102405093B1 (en) * | 2021-12-09 | 2022-06-07 | 한화시스템(주) | System and method for verifying integrity of unmanned aerial vehicle |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7209994B1 (en) | Processor that maintains virtual interrupt state and injects virtual interrupts into virtual machine guests | |
JP5042848B2 (en) | System and method for depriving components of virtual machine monitor | |
US7707341B1 (en) | Virtualizing an interrupt controller | |
KR101019937B1 (en) | Secure operating system switching | |
EP1939754B1 (en) | Providing protected access to critical memory regions | |
US7506121B2 (en) | Method and apparatus for a guest to access a memory mapped device | |
RU2265880C2 (en) | New processor mode for limiting functioning of guest software, executed at virtual machine, supported by virtual machine monitor | |
JP5936640B2 (en) | Creating an isolated execution environment for co-designed processors | |
US8291410B2 (en) | Controlling virtual machines based on activity state | |
US7900204B2 (en) | Interrupt processing in a layered virtualization architecture | |
KR20130050156A (en) | Apparatus for translating virtual address space | |
JP6530723B2 (en) | System and method for facilitating joint operation of multiple hypervisors in a computer system | |
WO2013101191A1 (en) | Virtual machine control structure shadowing | |
US10963280B2 (en) | Hypervisor post-write notification of control and debug register updates | |
US9086906B2 (en) | Apparatus and method for guest and root register sharing in a virtual machine | |
JP4316882B2 (en) | System and method for logical replacement of processor control in an emulated computing environment | |
US10248451B2 (en) | Using hypervisor trapping for protection against interrupts in virtual machine functions | |
Baldin et al. | Proteus, a hybrid virtualization platform for embedded systems | |
KR20130042914A (en) | Virtualization system of peripheral devices of computer system | |
US10127064B2 (en) | Read-only VM function chaining for secure hypervisor access | |
US20230161650A1 (en) | Method and apparatus for inter-process communication, and computer storage medium | |
US11726811B2 (en) | Parallel context switching for interrupt handling | |
US20230066447A1 (en) | Execution of code in system memory | |
US20160378543A1 (en) | Implementing pseudo non-masking interrupts behavior using a priority interrupt controller |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WITN | Withdrawal due to no request for examination |