PCA: Page Correlation Aggregation for Memory Deduplication in Virtualized Environments

摘要

To intelligently share limited memory across VMs in IaaS cloud, content-based page sharing (CBPS), like KSM, is utilized to greatly reduce the memory footprint of VMs. CBPS merges same-content pages into a single copy. However, it introduces some serious cross-VM covert channel threats. Besides, it has heavy overhead due to vast otiose operations, such as page comparisons and checksum calculations, when detecting page sharing opportunities. In this paper, we propose a novel memory deduplication approach called page correlation aggregation (PCA), which can efficiently reduce otiose operations. Meanwhile defends covert channels. One key idea of PCA is to divide VMs' pages into several sets, since pages with similar attributes have the greatest possibility with the same content. In PCA, the pages of VMs are firstly divided into different groups according to VMs' attributes. In each group pages are further separated into different classifications based on their access permissions. Thus page comparisons are restricted to the same classification for sharing. The other is that PCA introduces a dedicated cache to mitigate the latency of COW (Copy- On-Write) used for conducting covert channels. We have conducted a prototype on KSM, one popular CBPS technique. Our experimental results show that PCA reduces otiose operations about 40%, and can effectively resist covert channels.