摘要: 针对个人终端操作系统安全问题,提出一种基于系统虚拟化技术的操作系统安全增强模型,研究提高该模型下KVM虚拟机显示性能的显卡透传技术。实验结果表明,显卡透传技术能够克服虚拟机客户操作系统的显示性能缺陷,使得客户机操作系统能够像真实操作系统一样满足图形显示与处理的应用,适用于终端安全领域。
关键词:
系统虚拟化技术,
系统安全增强,
KVM虚拟机,
显卡透传,
直接地址映射,
PCI配置空间
Abstract: For security issue of personal terminal operating system, this paper proposes a security enhancement model based on the system virtualization technology on operating system, and in-depth study implementation of graphics card pass-through technology to improve virtual machine performance, based on Kernel-based Virtual Machine(KVM) virtual machine. Experimental results show that graphics card pass-through technology can breakthrough display performance bottlenecks of the virtual machine client operating system. This technology can make client operating system meet the graphics and processing applications as a real operating system, and can expand more space for development of terminal security field.
Key words:
system virtualization technology,
system security enhancement,
Kernel-based Virtual Machine(KVM) virtual machine,
graphics card pass-through,
direct address mapping,
PCI configuration space
中图分类号:
侯建宁, 董贵山, 银, 申娅. 基于虚拟化的系统安全增强及显卡透传研究[J]. 计算机工程, 2012, 38(08): 224-227.
HOU Jian-Ning, DONG Gui-Shan, YIN , SHEN Ya. Research on System Security Enhancement and Graphics Card Pass-through Based on Virtualization[J]. Computer Engineering, 2012, 38(08): 224-227.