Interrupt path optimization method of virtual cryptographic device with reducing context switching

doi:10.11772/j.issn.1001-9081.2017122890

Journal of Computer Applications ›› 2018, Vol. 38 ›› Issue (7): 1946-1950.DOI: 10.11772/j.issn.1001-9081.2017122890

Previous Articles Next Articles

Interrupt path optimization method of virtual cryptographic device with reducing context switching

LI Shuai, SUN Lei, GUO Songhui

Information Engineering University, Zhengzhou Henan 450001, China

Received:2017-12-11 Revised:2018-02-06 Online:2018-07-10 Published:2018-07-12
Supported by:
This work is partially supported by the National key Research Program of China (2016YFB0501900).

减少上下文切换的虚拟密码设备中断路径优化方法

李帅, 孙磊, 郭松辉

信息工程大学, 郑州 450001

通讯作者: 李帅
作者简介:李帅(1994-),男,河南驻马店人,硕士研究生,主要研究方向:云计算安全;孙磊(1973-),男,江苏靖江人,教授,博士,主要研究方向:云计算基础设施的可信增强和可信虚拟化;郭松辉(1979-),男,四川乐山人,副教授,博士,主要研究方向:云计算安全、虚拟化。
基金资助:
国家重点研发计划项目（2016YFB0501900）。

Abstract

Abstract: Aiming at the problem of cryptographic performance being affected by the excessive interrupt transmission cost of the cipher device in virtual environment, an interrupt path optimization method for virtual cryptographic device with Reducing Context Switching (RCS) was proposed. Firstly, a host to Virtual Cipher Machine (VCM) relationship mapping table was established in the kernel of the virtual machine. Then, the types of the interrupt requests that the host transmits to the VCM were judged by the relational mapping table, and the unassigned types in VCM were registered. Finally, the interrupts were handled by the VCM interrupt handler directly. In the process, the system context switching overhead was reduced due to the host intervening and the cryptographic performance was improved. The speed at which the VCM executes the encryption was selected as a performance reference in the experiment. The results show that the speed of VCM using Advanced Encryption Standard (AES) algorithm is increased by 16.35% and that using Secure Hash Algorithm (SHA256) is increased by 12.25%.

Key words: interrupt, Single-Root I/O Virtualization (SR-IOV), Virtual Cipher Machine (VCM), context switching, performance optimization

摘要： 针对虚拟化环境下密码设备中断传输开销过大影响密码运算性能的问题，提出了一种减少上下文切换（RCS）的虚拟密码设备中断路径优化方法。首先，该方法在虚拟密码机（VCM）内核建立了一个由主机到VCM的关系映射表；然后，对传输到VCM的中断请求，由关系映射表判断中断请求类型，并对VCM中不存在的中断类型进行注册；最后，直接交由VCM中断处理器处理。该过程减少了中断处理过程中由于主机介入导致的系统频繁上下文切换开销，提高了VCM的密码运算性能。实验选取VCM执行密码运算的速度作为性能参考指标，结果表明，该机制下VCM使用高级加密标准（AES）算法加密时速度提高了16.35%，使用安全散列算法（SHA256算法）加密时速度提高了12.25%。

关键词: 中断, 单根I/O虚拟化, 虚拟密码机, 上下文切换, 性能优化

CLC Number:

TP302.7

LI Shuai, SUN Lei, GUO Songhui. Interrupt path optimization method of virtual cryptographic device with reducing context switching[J]. Journal of Computer Applications, 2018, 38(7): 1946-1950.

李帅, 孙磊, 郭松辉. 减少上下文切换的虚拟密码设备中断路径优化方法[J]. 计算机应用, 2018, 38(7): 1946-1950.

References

[1] ALJAWARNEH S A, ALAWNEH A, JARADAT R. Cloud security engineering:early stages of SDLC[J]. Future Generation Computer Systems, 2017, 74:385-392.
[2] 王泽武,孙磊,郭松辉.基于滚动优化的密码云实时任务阈值调度方法[J].计算机应用,2017,37(10):2780-2786.(WANG Z W, SUN L, GUO S H. Real-time task threshold scheduling method for cryptography cloud based on rolling optimization[J]. Journal of Computer Applications, 2017, 37(10):2780-2786.)
[3] 张玉清,王晓菲,刘雪峰,等.云计算环境安全综述[J].软件学报,2016,27(6):1328-1348.(ZHANG Y Q, WANG X F, LIU X F, et al. Cloud computing environment safety review[J]. Journal of Software, 2016, 27(6):1328-1348.
[4] 林闯,苏文博,孟坤,等.云计算安全:架构、机制与模型评价[J].计算机学报,2013,36(9):1765-1784.(LIN C, SU W B, MENG K, et al. Cloud computing security:architecture, mechanism and model evaluation[J]. Chinese Journal of Computers, 2013, 36(9):1765-1784.
[5] MALEK M, PAI V, PAUL WALTERS J, et al. Bridging the virtualization performance gap for HPC using SR-IOV for InfiniBand[C]//Proceedings of the 2014 IEEE International Conference on Cloud Computing. Piscataway, NJ:IEEE, 2014:627-635.
[6] DONG Y Z, YANG X W, LI J H, et al. High performance network virtualization with SR-IOV[C]//Proceedings of the 2010 IEEE International Symposium on High Performance Computer Architecture. Piscataway, NJ:IEEE, 2010:1471-1480.
[7] LI J, XUE S, ZHANG W, et al. When I/O interrupt becomes system bottleneck:efficiency and scalability enhancement for SR-IOV network virtualization[J]. IEEE Transactions on Cloud Computing, 2017, PP(99):1-1.
[8] TU C-C, FERDMAN M, LEE C-T, et al. A comprehensive implementation and evaluation of direct interrupt delivery[J]. ACM SIGPLAN Notices, 2015, 50(7):1-15.
[9] GORDON A, AMIT N, HAR'EL N, et al. ELI:bare-metal performance for I/O virtualization[C]//Proceedings of the 2012 Seventeenth International Conference on Architectural Support for Programming Languages & Operating Systems. New York:ACM, 2012:411-422.
[10] HU X, ZHANG W, LI J. ES2:aiming at an optimal virtual I/O event path[C]//Proceedings of the 2017 International Conference on Parallel Processing. Washington, DC:IEEE Computer Society. 2017:141-150.
[11] RICHTER A, HERBER C, WALLENTOWITZ S, et al. A hardware/software approach for mitigating performance interference effects in virtualized environments using SR-IOV[C]//Proceedings of the 2015 IEEE International Conference on Cloud Computing. Washington, DC:IEEE Computer Society, 2015:950-957.
[12] YANG N X, CHEN Y F, QIN M. Study on trusted virtual machine platform based on cipher card[C]//Proceedings of the 2015 IEEE International Conference on Measuring Technology & Mechatronics Automation. Piscataway, NJ:IEEE, 2015:1101-1104.
[13] DONG Y Z, CHEN Y, PAN Z H, et al. ReNIC:architectural extension to SR-IOV I/O virtualization for efficient replication[J]. ACM Transactions on Architecture & Code Optimization, 2012, 8(4):1-22.
[14] KIM T, NO J, PIAO Z, et al. I/O access frequency-aware cache method on KVM/QEMU[J]. Cluster Computing, 2017, 20(3):2143-2155.
[15] HUANG Z Q, MA R H, LI J, et al. Adaptive and scalable optimizations for high performance SR-IOV[C]//Proceedings of the 2012 IEEE International Conference on Cluster Computing. Washington, DC:IEEE Computer Society, 2012:459-467.

Interrupt path optimization method of virtual cryptographic device with reducing context switching

减少上下文切换的虚拟密码设备中断路径优化方法

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

[1]	GOU Zi'an, ZHANG Xiao, WU Dongnan, WANG Yanqiu. Log analysis and workload characteristic extraction in distributed storage system [J]. Journal of Computer Applications, 2020, 40(9): 2586-2593.
[2]	DONG Cong, ZHANG Xiao, CHENG Wendi, SHI Jia. Performance optimization of distributed file system based on new type storage devices [J]. Journal of Computer Applications, 2020, 40(12): 3594-3603.
[3]	LIAO Bin, ZHANG Tao, GUO Binglei, YU Jiong, ZHANG Xuguang, LIU Yan. Performance optimization of ItemBased recommendation algorithm based on Spark [J]. Journal of Computer Applications, 2017, 37(7): 1900-1905.
[4]	XIAO Zida, ZHU Ligu, FENG Dongyu, ZHANG Di. Performance optimization of distributed database aggregation computing [J]. Journal of Computer Applications, 2017, 37(5): 1251-1256.
[5]	HAO Zhifeng, CHEN Wei, CAI Ruichu, HUANG Ruihui, WEN Wen, WANG Lijuan. Performance optimization of wireless network based on canonical causal inference algorithm [J]. Journal of Computer Applications, 2016, 36(8): 2114-2120.
[6]	HOU Jialin, WANG Jiajun, NIE Hongyu. MapReduce performance optimization based on anomaly detection model in heterogeneous cloud environment [J]. Journal of Computer Applications, 2015, 35(9): 2476-2481.
[7]	SHEN Hua FENG Jing YIN Min MA Weijun JIANG Lei. Optimization methods for application layer multicast [J]. Journal of Computer Applications, 2013, 33(12): 3389-3393.
[8]	ZHOU Shilong CHEN Xingshu LUO Yonggang. Nutch crawling optimization from view of Hadoop [J]. Journal of Computer Applications, 2013, 33(10): 2792-2795.
[9]	HUANG Conghui CHEN Jing ZHU Qingchao GUO Weiwu. Graphics performance optimization method for Wine based on client software rendering [J]. Journal of Computer Applications, 2013, 33(04): 1146-1148.
[10]	LI Qian XIAO Ping. Dalvik virtual machine performance improvement based on hybrid concurrent model [J]. Journal of Computer Applications, 2012, 32(06): 1727-1729.
[11]	ZHOU Xiang-bing YANG Xing-jiang MA Hong-jiang. Strategy of SaaS addressing and interrupt for software generation based on partitioning algorithm [J]. Journal of Computer Applications, 2012, 32(02): 561-565.
[12]	NIU Guo-chen XU Ping FENG Qi. Autonomous localization of mobile robot based on odometer and PTZ vision [J]. Journal of Computer Applications, 2011, 31(10): 2821-2824.
[13]	. customR2: A hybrid push/pull scheduling method with network coding in P2P live streaming systems [J]. Journal of Computer Applications, 2010, 30(2): 285-288.
[14]	. Soft interruption handling mechanism to optimize handling performance for Linux network [J]. Journal of Computer Applications, 2010, 30(1): 104-107.
[15]	Guang-jian ZHANG Zheng LIU. Method of calculating stack space of μC/OS-II task based on tree structure and its application [J]. Journal of Computer Applications, 2009, 29(4): 1165-1167.