Making an Explicit Virtual-Memory Abstraction Device-Accessible through Fixed IOMMU Mappings

In modern systems, an input/output operation usually requires multiple steps: (1) the user requests the data with read(), (2) the kernel allocates memory for the result, (3) the memory address is given to the device (e.g. SSD), (4) the disk performs direct memory access and autonomously writes the result into the DRAM.

For this last step, devices require write access to main memory, which is, as soon as untrustworthy devices exist, a security issue. Therefore, step 4 today usually involves the usage of an IO-MMU, which maps a limited range of physical addresses to be accessible to the device. However, the IO-MMU may need to be reconfigured frequently for I/O requests, which is quite expensive and becomes troublesome for devices with high I/O rates (100 GiB ethernet, NVMe SSDs).

Therefore, we want to explore the usage of fix-mapped process-local IO buffers to use the IO-MMU more efficiently, integrated into a generalized in-kernel memory pool abstraction.

Further information: