A direct memory access (DMA) operation generally allows certain hardware components within a computing system to access system memory for reading and/or writing independently of a central processing unit (CPU). Such hardware components may include disk drive controllers, graphics cards, network cards, sound cards, and other CPUs.
In the context of virtualization, a DMA operation allows one or more guests to directly access the memory of a host. Such guests may include hardware components as provided above and software components such as virtual machines (VMs). Such a host may be a CPU as provided above or a software component such as a hypervisor.
Typically, a guest may initiate a DMA operation by forwarding a request comprising a guest address referencing a location in a guest memory address space. A remote memory management unit (MMU) intercepts the request and translates the guest address to a host address referencing a memory frame in a host memory address space.
In one implementation, memory frames in the host memory address space are mapped in advance. Unfortunately, since the guest is permitted to access memory frames that are mapped, such an implementation can lead to a less secure host memory address space for the host device. Such an implementation can also be inefficient in terms of memory allocation because mapped memory frames are pinned, or made unavailable to other devices, to prevent data corruption.
In another implementation, memory frames in the host memory address space are mapped only during DMA operations. A memory frame is mapped in response to receiving a request for a DMA operation and unmapped in response to completing the DMA operation. Unfortunately, such an implementation is inefficient in terms of performance if consecutive DMA operations are performed on one or more same memory frames.
If a memory frame is mapped by more than one MMU, the memory frame cannot be freed, or unpinned, until the memory frame is unmapped by each MMU. Completely unmapping the memory frame requires locating and removing each mapping that references the memory frame. Unfortunately, existing implementations scan the entire guest memory address space for each guest device to complete the unmapping process. Such an implementation negatively impacts system performance.