Proceedings of the The 1st International Workshop on Cloud Computing and Information Security

The Architectural Based Interception and Identification of System Call Instruction within VMM

Authors
Xiong Haiquan, Liu Zhiyong
Corresponding Author
Xiong Haiquan
Available Online November 2013.
DOI
10.2991/ccis-13.2013.18How to use a DOI?
Keywords
Guest OS;VMM;Virtualization; System Call
Abstract

To solve the problem that VMM cannot monitor and control Guest OS system call instructions due to their non-trapping property, this paper propose an idea that make these instructions trap into VMM through breaking their normal execution conditions so as to cause exception. As to the three different system call mechanisms in the x86 architecture, we make software interrupt and sysenter based system calls trap into VMM through causing GP exception trap, while syscall trap into VMM through causing UD exception trap, and then identify them with the vcpu context information corresponding to the exception trap. The Qemu&Kvm based prototype indicates that VMM can successfully intercept and identify all the three system call behaviors coming from Guest OS, and the performance overhead is within an accepted range for normal applications. For example, in unixbench shell test case, the performance overhead ratio ranges from 1.900 to 2.608.

Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the The 1st International Workshop on Cloud Computing and Information Security
Series
Advances in Intelligent Systems Research
Publication Date
November 2013
ISBN
10.2991/ccis-13.2013.18
ISSN
1951-6851
DOI
10.2991/ccis-13.2013.18How to use a DOI?
Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Xiong Haiquan
AU  - Liu Zhiyong
PY  - 2013/11
DA  - 2013/11
TI  - The Architectural Based Interception and Identification of System Call Instruction within VMM
BT  - Proceedings of the The 1st International Workshop on Cloud Computing and Information Security
PB  - Atlantis Press
SP  - 73
EP  - 76
SN  - 1951-6851
UR  - https://doi.org/10.2991/ccis-13.2013.18
DO  - 10.2991/ccis-13.2013.18
ID  - Haiquan2013/11
ER  -