From mboxrd@z Thu Jan 1 00:00:00 1970 From: Muli Ben-Yehuda Subject: Re: Nested VMX support - kernel v1 Date: Thu, 3 Sep 2009 09:01:01 +0300 Message-ID: <20090903060101.GF7107@il.ibm.com> References: <1251905916-2834-1-git-send-email-oritw@il.ibm.com> <57457A78-AAD8-4243-9778-F08B31F485E3@suse.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Orit Wasserman , "kvm@vger.kernel.org" , Ben-Ami Yassour1 , Abel Gordon , "aliguori@us.ibm.com" , "mmday@us.ibm.com" To: Alexander Graf Return-path: Received: from mtagate3.de.ibm.com ([195.212.17.163]:42491 "EHLO mtagate3.de.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752929AbZICGBM (ORCPT ); Thu, 3 Sep 2009 02:01:12 -0400 Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate3.de.ibm.com (8.13.1/8.13.1) with ESMTP id n8361DjO020314 for ; Thu, 3 Sep 2009 06:01:13 GMT Received: from d12av02.megacenter.de.ibm.com (d12av02.megacenter.de.ibm.com [9.149.165.228]) by d12nrmr1607.megacenter.de.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id n8361DcF2211910 for ; Thu, 3 Sep 2009 08:01:13 +0200 Received: from d12av02.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av02.megacenter.de.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id n8361AQp022995 for ; Thu, 3 Sep 2009 08:01:13 +0200 Content-Disposition: inline In-Reply-To: <57457A78-AAD8-4243-9778-F08B31F485E3@suse.de> Sender: kvm-owner@vger.kernel.org List-ID: On Wed, Sep 02, 2009 at 05:57:39PM +0200, Alexander Graf wrote: > > Am 02.09.2009 um 17:38 schrieb oritw@il.ibm.com: > >> The following patches implement nested VMX support. The patches >> enable a guest to use the VMX APIs in order to run its own nested >> guest (i.e., enable running other hypervisors which use VMX under >> KVM). > > Copl! Great job here. I was expecting vmcs load/stores to kill > performance, but apparently I was wrong. How did you get those fast? Are you asking about vmptrld (switching the VMCS's) or the costs of trapping vmread/vmwrites? >> The current patches support running Linux under a nested KVM using >> shadow page table (with bypass_guest_pf disabled). > > What is keeping you from running the other hypervisors, guests? A simple matter of programming (or more accurately, debugging). There are no fundamental limitations that preclude running other hypervisors or multiple guests, but we've been concentrating on getting a single hypervisor (both KVM and VMware) performing well first. >> SMP support was fixed. Reworking EPT support to mesh cleanly with >> the current shadow paging design per Avi's comments is a >> work-in-progress. >> >> The current patches only support a single nested hypervisor > > Why? See above---no fundamental limitation---but needs more work. Bug reports happily accepted, patches even more so :-) >> , which can only run a single guest (multiple guests are work in >> progress). Only 64-bit nested hypervisors are supported. >> >> Additional patches for running Windows under nested KVM, and Linux >> under nested VMware server(!), > > GSX or ESX? With ESX I was running into TSC timing issues because > ESX didn't like the fact it got preempted :-). GSX. I expect the issues you've run into are not SVM specific, so likely they'll need to be address for VMX as well. > How about Hyper-V and Xen? We haven't tried them. > Again, great job and congratulations on making this work! Thank you, your patches were very useful! Cheers, Muli -- Muli Ben-Yehuda | muli@il.ibm.com | +972-4-8281080 Manager, Virtualization and Systems Architecture Master Inventor, IBM Haifa Research Laboratory