基於 SEV-SNP 和 pKVM 的機密虛擬機器的網路 I/O 的 測量和最佳化

魏晧融; Hao-Jung Wei

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/101192

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	黎士瑋	zh_TW
dc.contributor.advisor	Shih-Wei Li	en
dc.contributor.author	魏晧融	zh_TW
dc.contributor.author	Hao-Jung Wei	en
dc.date.accessioned	2025-12-31T16:16:15Z	-
dc.date.available	2026-01-01	-
dc.date.copyright	2025-12-31	-
dc.date.issued	2025	-
dc.date.submitted	2025-12-03	-
dc.identifier.citation	[1] AMD SEV-SNP: Strengthening VM Isolation with Integrity Protection and More, Jan 2020. https://www.amd.com/content/dam/amd/en/documents/epyc-business-docs/white-papers/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf. [2] Intel® Trust Domain Extensions, Feb 2022. https://cdrdv2.intel.com/v1/dl/getContent/690419. [3] Advanced Micro Devices, Inc. Amd sev-tio: Trusted i/ o for secure encrypted virtualization. Technical report, Advanced Micro Devices, Inc.(AMD),2023.https://www.amd.com/content/dam/amd/en/documents/developer/sev-tio-whitepaper.pdf. [4] Advanced Micro Devices, Inc. AMD64 Architecture Programmer＇s Manual Volume 3: General-Purpose and System Instructions, revision 3.37 edition, 2023. https://docs.amd.com/v/u/en-US/24594_3.37. [5] M. Alex, S. Vargaftik, G. Kupfer, B. Pismeny, N. Amit, A. Morrison, and D. Tsafrir. Characterizing, exploiting, and detecting dma code injection vulnerabilities in the presence of an iommu. In Proceedings of the Sixteenth European Conference on Computer Systems, EuroSys ’21, page 395 – 409, New York, NY, USA, 2021. Association for Computing Machinery. [6] Amazon Web Services. Aws lambda. https://aws.amazon.com/tw/lambda/. [7] AMD. AMD SEV-TIO: Trusted I/O for Secure Encrypted Virtualization. [8] AMDESE. AMD SEV-SNP Linux. https://github.com/AMDESE/linux. [9] AMDESE. OVMF. https://github.com/AMDESE/ovmf. [10] AMDESE. qemu. https://github.com/AMDESE/qemu. [11] N. Amit, M. Ben-Yehuda, I. Research, D. Tsafrir, and A. Schuster. vIOMMU: Efficient IOMMU emulation. In 2011 USENIX Annual Technical Conference (USENIX ATC 11), Portland, OR, June 2011. USENIX Association. [12] Arm. Device Assignment (DA) and Memory Encryption Contexts (MEC). https://developer.arm.com/documentation/den0125/0300/Device-Assignment--DA--and-Memory-Encryption-Contexts--MEC-?lang=en. [13] Arm. Learn the architecture - Introducing Arm Confidential Compute Architecture. https://developer.arm.com/documentation/den0125/0300?lang=en. [14] Arm. Learn the Architecture - SMMU Software Guide: VM device assignment with guest OS SMMU usage, 2025. https://developer.arm.com/documentation/109242/0100. [15] S. A. Atiiq and A. C. Risdianto. Demystifying amd sev performance penalty for nfv deployment. In Proceedings of the 2024 13th International Conference on Networks, Communication and Computing, ICNCC ’24, page 1 – 8, New York, NY, USA, 2025. Association for Computing Machinery. [16] J. Bonwick. The slab allocator: an object-caching kernel memory allocator. In Proceedings of the USENIX Summer 1994 Technical Conference on USENIX Summer 1994 Technical Conference - Volume 1, USTC’94, page 6, USA, 1994. USENIX Association. [17] J. Bonwick and J. Adams. Magazines and vmem: Extending the slab allocator to many CPUs and arbitrary resources. In 2001 USENIX Annual Technical Conference (USENIX ATC 01), Boston, MA, June 2001. USENIX Association. [18] C. Castes and A. Baumann. Sharing is leaking: blocking transient-execution attacks with core-gapped confidential vms. In Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 4, ASPLOS ’24, page 267– 281, New York, NY, USA, 2025. Association for Computing Machinery. [19] C. che Tsai, D. E. Porter, and M. Vij. Graphene-SGX: A practical library OS for unmodified applications on SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17), pages 645–658, Santa Clara, CA, July 2017. USENIX Association. [20] L.-C. Chiang and S.-W. Li. Reload+reload: Exploiting cache and memory contention side channel on amd sev. In Proceedings of the 30th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2, ASPLOS ’25, page 1014–1027, New York, NY, USA, 2025. Association for Computing Machinery. [21] A. Danial. cloc. https://github.com/AlDanial/cloc. [22] Y. Dong, X. Yang, X. Li, J. Li, K. Tian, and H. Guan. High performance network virtualization with sr-iov. In HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture, pages 1–10, 2010. [23] M. Dworkin. Recommendation for block cipher modes of operation: Galois/counter mode (gcm) and gmac. NIST Special Publication 800-38D, National Institute of Standards and Technology, Gaithersburg, MD, 2007. [24] H. Eiraku, Y. Shinjo, C. Pu, Y. Koh, and K. Kato. Fast networking with socket-outsourcing in hosted virtual machine environments. In Proceedings of the 2009 ACM Symposium on Applied Computing, SAC ’09, page 310 – 317, New York, NY, USA, 2009. Association for Computing Machinery. [25] F-Stack Development Team. F-stack: A high-performance userspace network framework. https://github.com/F-Stack/f-stack, 2025. [26] S. Garzarella, G. Lettieri, and L. Rizzo. Virtual device passthrough for highspeed vm networking. In Proceedings of the Eleventh ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS ’15, page 99–110, USA, 2015. IEEE Computer Society. [27] Google. pKVM Linux. https://android-kvm.googlesource.com/linux/. [28] Google. Protected KVM on arm64: A Technical Deep Dive. https://osseu2022.sched.com/event/15zBJ/protected-kvm-on-arm64-a-technical-deep-dive-quentin-perret-google. [29] Google. crosvm. https://github.com/google/crosvm, 2025. [30] gRPC Authors. grpc: A high performance, open source universal rpc framework.https://grpc.io/, 2025. [31] F. Hetzelt, M. Radev, R. Buhren, M. Morbitzer, and J.-P. Seifert. Via: Analyzing device interfaces of protected virtual machines. In Proceedings of the 37th Annual Computer Security Applications Conference, ACSAC ’21, page 273–284, New York, NY, USA, 2021. Association for Computing Machinery. [32] Intel. Intel® ethernet controller xl710-am2 - product specifications. https://www.intel.com.tw/content/www/tw/zh/products/sku/82946/intel-ethernet-controller-xl710am2/specifications.html. [33] E. Jeong, S. Wood, M. Jamshed, H. Jeong, S. Ihm, D. Han, and K. Park. mTCP: a highly scalable user-level TCP stack for multicore systems. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI 14), pages 489–502, Seattle, WA, Apr. 2014. USENIX Association. [34] M. Khalil-Hani, V. P. Nambiar, and M. N. Marsono. Hardware acceleration of openssl cryptographic functions for high-performance internet security. In 2010 International Conference on Intelligent Systems, Modelling and Simulation, pages 374–379, 2010. [35] H. T. Kung, T. Blackwell, and A. Chapman. Credit-based flow control for atm networks: credit update protocol, adaptive credit allocation and statistical multiplexing. In Proceedings of the Conference on Communications Architectures, Protocols and Applications, SIGCOMM ’94, page 101– 114, New York, NY, USA, 1994. Association for Computing Machinery. [36] H.-C. Kuo, J. Chen, S. Mohan, and T. Xu. Set the configuration for the heart of the os: On the practicality of operating system kernel debloating. Proc. ACM Meas. Anal. Comput. Syst., 4(1), May 2020. [37] D. Kuvaiskii, D. Stavrakakis, K. Qin, C. Xing, P. Bhatotia, and M. Vij. Gramine-tdx: A lightweight os kernel for confidential vms. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, CCS ’24, page 4598 – 4612, New York, NY, USA, 2024. Association for Computing Machinery. [38] H. Lefeuvre, V.-A. Bădoiu, Y. Chen, F. Huici, N. Dautenhahn, and P. Olivier. Assessing the impact of interface vulnerabilities in compartmentalized software. [39] H. Lefeuvre, D. Chisnall, M. Kogias, and P. Olivier. Towards (really) safe and fast confidential i/o. In Proceedings of the 19th Workshop on Hot Topics in Operating Systems, HotOS ’23, page 214–222, New York, NY, USA, 2023. Association for Computing Machinery. [40] D. Li, Z. Mi, C. Ji, Y. Tan, B. Zang, H. Guan, and H. Chen. Bifrost: Analysis and optimization of network I/O tax in confidential virtual machines. In 2023 USENIX Annual Technical Conference (USENIX ATC 23), pages 1–15, Boston, MA, July 2023. USENIX Association. [41] D. Li, Z. Mi, Y. Xia, B. Zang, H. Chen, and H. Guan. Twinvisor: Hardware-isolated confidential virtual machines for arm. In Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles, SOSP ’21, page 638 – 654, New York, NY, USA, 2021. Association for Computing Machinery. [42] M. Li, Y. Zhang, H. Wang, K. Li, and Y. Cheng. CIPHERLEAKS: Breaking constant-time cryptography on AMD SEV via the ciphertext side channel. In 30th USENIX Security Symposium (USENIX Security 21), pages 717–732. USENIX Association,Aug. 2021. [43] S.-W. Li, X. Li, R. Gu, J. Nieh, and J. Z. Hui. Formally verified memory protection for a commodity multiprocessor hypervisor. In 30th USENIX Security Symposium (USENIX Security 21), pages 3953–3970. USENIX Association, Aug. 2021. [44] X. Li, X. Li, C. Dall, R. Gu, J. Nieh, Y. Sait, and G. Stockwell. Design and verification of the arm confidential compute architecture. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22), pages 465–484, Carlsbad, CA, July 2022. USENIX Association. [45] C. Liang and T. Bie. vdpa: vhost-mdev as a new vhost protocol transport. In KVM Forum, 2018. [46] D. Libes. expect(1) - Linux man page. https://linux.die.net/man/1/expect. [47] libslirp Developers. libslirp: User-mode tcp/ip emulator library. https://gitlab.freedesktop.org/slirp/libslirp, 2025. [48] Linux Foundation. Data plane development kit (dpdk). http://www.dpdk.org, 2025. [49] linux kernel. io_uring. https://man7.org/linux/man-pages/man7/io_uring.7.html. [50] G. Liu, Y. Ren, M. Yurchenko, K. K. Ramakrishnan, and T. Wood. Microboxes: high performance nfv with customizable, asynchronous tcp stacks and dynamic subscriptions. In Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication, SIGCOMM ’18, page 504 – 517, New York, NY, USA, 2018. Association for Computing Machinery. [51] Y. Liu, J. Guo, B. Jiang, Y. Song, P. Zhang, R. Wen, B. Lyu, S. Zhu, and X. Wang. Fastiov: Fast startup of passthrough network i/o virtualization for secure containers. In Proceedings of the Twentieth European Conference on Computer Systems, EuroSys ’25, page 720–735, New York, NY, USA, 2025. Association for Computing Machinery. [52] A. Markuze, A. Morrison, and D. Tsafrir. True iommu protection from dma attacks: When copy is faster than zero copy. In Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS ’16, page 249 – 262, New York, NY, USA, 2016. Association for Computing Machinery. [53] A. Markuze, I. Smolyar, A. Morrison, and D. Tsafrir. Damn: Overhead-free iommu protection for networking. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS ’18, page 301 – 315, New York, NY, USA, 2018. Association for Computing Machinery. [54] M. Misono, D. Stavrakakis, N. Santos, and P. Bhatotia. Confidential vms explained: An empirical analysis of amd sev-snp and intel tdx. Proc. ACM Meas. Anal. Comput. Syst., 8(3), Dec. 2024. [55] S. C. Misra and V. C. Bhavsar. Relationships between selected software measures and latent bug-density: guidelines for improving quality. In Proceedings of the 2003 International Conference on Computational Science and Its Applications: PartI, ICCSA’03, page 724 – 732, Berlin, Heidelberg, 2003. Springer-Verlag. [56] M. Moon, M. Kim, J. Jung, and D. Song. Asgard: Protecting on-device deep neural networks with virtualization-based trusted execution environments. In Proceedings 2025 Network and Distributed System Security Symposium, 2025. [57] J. Nagle. Rfc 896 - congestion control in ip/ tcp internetworks. https://datatracker.ietf.org/doc/html/rfc896. [58] A. B. Narappa, F. Parola, S. Qi, and K. K. Ramakrishnan. Z-stack: A high-performance dpdk-based zero-copy tcp/ip protocol stack. In 2024 IEEE 30th International Symposium on Local and Metropolitan Area Networks (LANMAN),pages 100–105, 2024. [59] O. Peleg, A. Morrison, B. Serebrin, and D. Tsafrir. Utilizing the IOMMU scalably. In 2015 USENIX Annual Technical Conference (USENIX ATC 15), pages 549–562, Santa Clara, CA, July 2015. USENIX Association. [60] QEMU Project. QEMU. https://www.qemu.org/, 2025. [61] E. Rescorla. The transport layer security (tls) protocol version 1.3. Standards Track RFC 8446, Internet Engineering Task Force (IETF), Aug. 2018. [62] G. Rieger. socat: Multipurpose relay (socket cat). http://www.dest-unreach.org/socat/, 2001. [63] L. Rizzo. netmap: A novel framework for fast packet I/O. In 2012 USENIX Annual Technical Conference (USENIX ATC 12), pages 101–112, Boston, MA, June 2012. USENIX Association. [64] M. Roth. Add amd secure nested paging (sev-snp) hypervisor support. LWN.net,2023. [65] B. Schlüter, S. Sridhara, M. Kuhne, A. Bertschi, and S. Shinde. HECKLER: Breaking confidential VMs with malicious interrupts. In 33rd USENIX Security Symposium (USENIX Security 24), pages 3459–3476, Philadelphia, PA, Aug. 2024.USENIX Association. [66] S. Sridhara, A. Bertschi, B. Schlüter, M. Kuhne, F. Aliberti, and S. Shinde. ACAI: Protecting accelerator execution with arm confidential computing architecture. In 33rd USENIX Security Symposium (USENIX Security 24), pages 3423–3440,Philadelphia, PA, Aug. 2024. USENIX Association. [67] The Linux kenrel community. Pagemap. https://www.kernel.org/doc/Documentation/vm/pagemap.txt. [68] The Linux kernel community. BPF maps. https://docs.kernel.org/bpf/maps.html. [69] The Linux kernel community. Dynamic DMA mapping Guide. https://docs.kernel.org/core-api/dma-api-howto.html. [70] The Linux kernel community. MSG_ZEROCOPY. https://docs.kernel.org/networking/msg_zerocopy.html. [71] The Linux kernel community. perf(1) —Linux manual page. https://man7.org/linux/man-pages/man1/perf.1.html. [72] The Linux kernel community. splice(2) —Linux manual page. https://man7.org/linux/man-pages/man2/splice.2.html. [73] The Linux kernel community. tc(8) - Linux man page. https://man7.org/linux/man-pages/man8/tc.8.html. [74] The Linux kernel community. Vfio. https://docs.kernel.org/driver-api/vfio.html. [75] The Linux kernel community. vsock(7) —Linux manual page. https://man7.org/linux/man-pages/man7/vsock.7.html. [76] The Linux kernel community. Workqueue. https://docs.kernel.org/core-api/workqueue.html. [77] The Linux kernel community. Restricted dma. https://www.kernel.org/doc/Documentation/devicetree/bindings/reserved-memory/shared-dma-pool.yaml, 2021. [78] The Linux kernel community. AF_XDP, 2025. https://www.kernel.org/doc/html/next/networking/af_xdp.html. [79] The Linux kernel community. Segmentation offloads, 2025. https://docs.kernel.org/networking/segmentation-offloads.html. [80] M. S. Tsirkin and C. H. (eds.). virtio version 1.3. https://docs.oasis-open.org/virtio/virtio/v1.3/virtio-v1.3.html, 2023. [81] C. Wang, F. Zhang, Y. Deng, K. Leach, J. Cao, Z. Ning, S. Yan, and Z. He. Cage: Complementing arm cca with gpu extensions. In Network and Distributed System Security (NDSS) Symposium, volume 2024, 2024. [82] Z. Zhang, J. Chen, B. Ying, Y. Cao, L. Liu, J. Li, X. Zeng, J. Wang, W. Li, and H. Guan. Hd-iov: Sw-hw co-designed i/o virtualization with scalability and flexibility for hyper-density cloud. In Proceedings of the Nineteenth European Conference on Computer Systems, EuroSys ’24, page 834–850, New York, NY, USA, 2024. Association for Computing Machinery.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/101192	-
dc.description.abstract	機密虛擬機器是一個興盛的實現機密運算的方式。然而，過去的研究始終缺乏對網路功能的透徹的討論。在這篇論文中，我們討論了數個機密虛擬機器中值得注意的網路相關的問題。首先，我們檢視了現代網路虛擬化技術 ─ 如 vhost-user、DPDK virtio-net 驅動程式、基於 VFIO 的 device passthrough ─ 與 Arm pKVM 和 AMD SEV-SNP 機密虛擬機器的相容性，並且測量了他們的效能表現。在測量的過程中，我們發現了一個機會能夠最佳化使用 device passthrough 的機密虛擬機器的開機速度。透過只將 bounce buffer 映射到 IOMMU 上便足以支援 CVM 使用 device passthrough，並將開機速度加快 66%。最後，我們進行了首個對於機密虛擬機器系統中的數據分享機制使用情形的安全性分析。我們發現一個先前在 Bifrost 中提出的機制 ── Zero-Copy Encryption Deduplication (ZCED)，在使用上會產生一個行為：Prolonged Data Exposure，進而導致作業系統核心的網路協定疊在使用 ZCED 時被納入可信計算基中。由於作業系統核心的網路協定疊相當複雜，這會導致使用 ZCED 時有潛在風險。為了在不損及效能及相容性的前提下減輕此風險，我們提出了一個新的針對機密虛擬機器的網路架構 ── VSOCK-net。VSOCK-net 使用了 VSOCK 取代了作業系統核心中的網路協定疊，並以 sockmap 有效地處理了 TCP 和 VSOCK 間的封包重定向。量測檢果顯示 VSOCK-net 相比基準設定有著高至 97% 的進步。	zh_TW
dc.description.abstract	Confidential Virtual Machines (CVM) is a popular approach to enabling confidential computing. However, one essential functionality – networking – lacks thorough discussion in prior research. In this thesis, we address several topics regarding networking in CVM systems that deserve further study. We first examine the compatibility of the modern networking virtualization technologies – such as vhost-user, the DPDK virtio-net driver, and VFIO-based device passthrough – with the Arm pKVM and AMD SEV-SNP CVMs and evaluate their performance characteristics. During the evaluation, we identify an opportunity to improve the start-up time of device passthrough CVMs by mapping only the bounce buffer to IOMMU, which is sufficient to support device passthrough and yields up to a 66% improvement. Finally, we perform the first comprehensive security analysis on data sharing mechanisms in CVM systems. We discover that Zero-Copy Encryption Deduplication (ZCED), an optimized data sharing mechanism proposed in Bifrost, causes a behavior: prolonged data exposure, which extends the trusted computing base (TCB) to include the kernel TCP/IP network stack. The complexity of the kernel TCP/IP network stack incus potential security risk. To mitigate the risk without sacrificing the performance and the compatibility, we propose a new network architecture for CVM systems: VSOCK-net, which replaces the kernel network stack with VSOCK and leverages sockmap to efficiently handle packet redirection between VSOCK and TCP sockets. The evaluation shows that VSOCK-net delivers improvements of up to 97% compared to the baseline.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2025-12-31T16:16:15Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2025-12-31T16:16:15Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	致謝 iii 摘要 v Abstract vii Contents ix List of Figures xiii List of Tables xv Chapter 1 Introduction 1 Chapter 2 Background 13 2.1 Confidetial Virtual Machines (CVMs) . . . . . . . . . . . . . . . . . 13 2.1.1 Memory Translation and Protection . . . . . . . . . . . . . . . . . 16 2.2 CVM Networking Architecture . . . . . . . . . . . . . . . . . . . . 18 2.2.1 Network Virtualization Technologies . . . . . . . . . . . . . . . . . 20 2.2.1.1 Emulated I/O . . . . . . . . . . . . . . . . . . . . . . 21 2.2.1.2 Paravirtual I/O . . . . . . . . . . . . . . . . . . . . . . 21 2.2.1.3 Device Passthrough . . . . . . . . . . . . . . . . . . . 26 2.2.2 Data Sharing Mechanisms . . . . . . . . . . . . . . . . . . . . . . 27 2.3 VSOCK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Chapter 3 Security 35 3.1 Threat Model & Assumptions . . . . . . . . . . . . . . . . . . . . . 35 3.2 Potential Attacks & Vulnerabilities . . . . . . . . . . . . . . . . . . 36 3.2.1 Time of Check to Time of Use (TOCTTOU) Attack . . . . . . . . . 36 3.2.2 Sub-page Vulnerability . . . . . . . . . . . . . . . . . . . . . . . . 37 Chapter 4 Compatibility and Performance Evaluation of Modern Network 39 Virtualization Technologies 4.1 Compatibility Evaluation & Discussion . . . . . . . . . . . . . . . . 39 4.1.1 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 4.1.2 Evaluation Result . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 4.1.3 Discussion of the Result . . . . . . . . . . . . . . . . . . . . . . . . 41 4.2 Performance Evaluation . . . . . . . . . . . . . . . . . . . . . . . . 44 4.2.1 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 4.2.2 Evaluation Result & Discussion . . . . . . . . . . . . . . . . . . . 46 Chapter 5 Start-up Time Optimization for CVMs with Device Passthrough 51 5.1 Observations during Performance Evaluation . . . . . . . . . . . . . 51 5.1.1 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 5.2 Optimization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 5.2.1 Observation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 5.2.2 Proof-of-Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 5.2.3 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Chapter 6 Security Analysis of Data Sharing Mechanisms 57 6.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 6.1.1 Runtime Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 6.1.2 Bounce Buffering . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 6.1.3 ZCED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 6.2 New Security Risk Introduced by using ZCED . . . . . . . . . . . . 63 Chapter 7 VSOCK-net 65 7.1 Goals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 7.1.1 Goal (1): Achieve better performance than the baseline. . . . . . . . 65 7.1.2 Goal (2): Achieve stronger security than Bifrost. . . . . . . . . . . . 66 7.1.3 Goal (3): Preserve compatibility with legacy TCP/IP applications. . 66 7.2 Observations & Designs . . . . . . . . . . . . . . . . . . . . . . . . 66 7.2.1 Observation 1: Use ZCED securely in place of Bounce Buffering achieves Goal 1 and Goal 2. . . . . . . . . . . . . . . . . . . . . . 67 7.2.1.1 Observation 1-1: The security risk of using ZCED is mitigated by reducing the complexity of the guest kernel TCP/IP network stack. . . . . . . . . . . . . . . . . 68 7.2.1.2 Observation 1-2: Replacing the guest kernel TCP/IP network stack with a simpler component reduces the complexity of the network stack. . . . . . . . . . . . . 68 7.2.2 Design 1: Adopt VSOCK instead of TCP/IP and ZCED instead of Bounce Buffering. . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 7.2.3 Observation 2: Gramine-TDX addresses VSOCK’s compatibility issue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 7.2.4 Design 2: Adopt Gramine-TDX-like design to solve compatibility issue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 7.2.5 Design 3: Use sockmap for packet forwarding. . . . . . . . . . . . 72 7.3 VSOCK-net . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 7.3.1 Implementation of Design 1 . . . . . . . . . . . . . . . . . . . . . . 73 7.3.2 Implementation of Design 2 . . . . . . . . . . . . . . . . . . . . . . 76 7.3.3 Implementation of Design 3 . . . . . . . . . . . . . . . . . . . . . . 76 7.3.4 Optimizations for VSOCK and sockmap . . . . . . . . . . . . . . . 77 7.4 Performance Evaluation . . . . . . . . . . . . . . . . . . . . . . . . 79 7.4.1 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 7.4.2 Evaluation Result & Discussion . . . . . . . . . . . . . . . . . . . 83 7.4.3 Potential Improvement for VSOCK-net . . . . . . . . . . . . . . . 87 Chapter 8 Related Work 89 Chapter 9 Conclusion 95 References 97	-
dc.language.iso	en	-
dc.subject	AMD	-
dc.subject	SEV-SNP	-
dc.subject	pKVM	-
dc.subject	虛擬機器	-
dc.subject	網路	-
dc.subject	最佳化	-
dc.subject	VSOCK	-
dc.subject	AMD	-
dc.subject	SEV-SNP	-
dc.subject	pKVM	-
dc.subject	Virtual Machine	-
dc.subject	Networking	-
dc.subject	Optimization	-
dc.subject	VSOCK	-
dc.title	基於 SEV-SNP 和 pKVM 的機密虛擬機器的網路 I/O 的測量和最佳化	zh_TW
dc.title	Measuring and Optimizing Network I/O Performance of SEV-SNP and pKVM Based Confidential Virtual Machine	en
dc.type	Thesis	-
dc.date.schoolyear	114-1	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	林忠緯;王超;陳郁方	zh_TW
dc.contributor.oralexamcommittee	Chung-Wei Lin;Chao Wang;Yu-Fang Chen	en
dc.subject.keyword	AMD,SEV-SNPpKVM虛擬機器網路最佳化VSOCK	zh_TW
dc.subject.keyword	AMD,SEV-SNPpKVMVirtual MachineNetworkingOptimizationVSOCK	en
dc.relation.page	108	-
dc.identifier.doi	10.6342/NTU202504748	-
dc.rights.note	同意授權(全球公開)	-
dc.date.accepted	2025-12-03	-
dc.contributor.author-college	電機資訊學院	-
dc.contributor.author-dept	資訊工程學系	-
dc.date.embargo-lift	2026-01-01	-
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-114-1.pdf	2.03 MB	Adobe PDF	檢視/開啟

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。