From: Gleb Natapov <gleb@redhat.com>
To: Avi Kivity <avi@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>,
Zachary Amsden <zamsden@redhat.com>,
Joerg Roedel <joerg.roedel@amd.com>, kvm <kvm@vger.kernel.org>
Subject: Re: Nested SVM and migration
Date: Sun, 21 Feb 2010 09:46:33 +0200 [thread overview]
Message-ID: <20100221074633.GM14767@redhat.com> (raw)
In-Reply-To: <4B80DF7C.6000109@redhat.com>
On Sun, Feb 21, 2010 at 09:23:40AM +0200, Avi Kivity wrote:
> On 02/20/2010 10:18 PM, Joerg Roedel wrote:
> >
> >>Actually, looking deeper, there doesn't even appear to be any way to
> >>export the nested CPU data at all, meaning basic features like
> >>suspending and restoring the VM are not possible. Is there any plan to
> >>make it work in the near future? I'm not complaining; if my
> >>understanding is correct, this actually makes my current task easier.
> >I think we should introduce a flag to indicate userspace if a vcpu is in
> >a state that could be migrated in a save way together with a way for
> >userspace to request that the vcpu enters a migratable state. In the
> >kernel we could do something like that:
> >
> >nested_svm_vmrun(...)
> >{
> > /* ... */
> > kvm_migration_disable(vcpu);
> > /* ... */
> >}
> >
> >nested_svm_vmexit(...)
> >{
> > /* ... */
> > kvm_migration_enable(vcpu);
> > /* ... */
> >}
> >
> >and somewhere in the vcpu_run loop:
> >
> >if (vcpu->arch.migration_win_req)
> > nested_svm_vmexit(INTR);
> >
> >This might be helpful in other situations too. Thoughts?
>
> This doesn't work if the guest disables INTR intercepts, or if the
> guest checks that an interrupt was actually received. Of course no
> sane guest does this.
>
Malicious guest may do this on purpose just to prevent migration.
Relying on vcpu state controllable by a guest for migration is not a
good idea.
--
Gleb.
next prev parent reply other threads:[~2010-02-21 7:46 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-20 19:14 Nested SVM and migration Zachary Amsden
2010-02-20 20:18 ` Joerg Roedel
2010-02-20 23:26 ` Zachary Amsden
2010-02-21 12:10 ` Joerg Roedel
2010-02-21 12:24 ` Avi Kivity
2010-02-21 12:41 ` Joerg Roedel
2010-02-21 12:54 ` Avi Kivity
2010-02-21 13:09 ` Joerg Roedel
2010-02-21 13:14 ` Avi Kivity
[not found] ` <4B8137E7.4030001@redhat.com>
[not found] ` <20100221144352.GC26465@8bytes.org>
2010-02-22 16:54 ` Zachary Amsden
[not found] ` <4B814C41.7010105@redhat.com>
[not found] ` <20100221155624.GD26465@8bytes.org>
2010-02-22 16:56 ` Zachary Amsden
2010-02-22 16:59 ` Avi Kivity
2010-02-22 16:46 ` Zachary Amsden
2010-02-22 17:07 ` Joerg Roedel
2010-02-24 15:23 ` Joerg Roedel
2010-02-24 20:21 ` Zachary Amsden
2010-02-22 16:42 ` Zachary Amsden
2010-02-22 16:44 ` Avi Kivity
2010-02-22 17:00 ` Zachary Amsden
2010-02-22 17:02 ` Avi Kivity
2010-02-22 17:07 ` Zachary Amsden
2010-02-22 17:11 ` Avi Kivity
2010-02-22 17:24 ` Zachary Amsden
2010-02-22 16:39 ` Zachary Amsden
2010-02-21 7:23 ` Avi Kivity
2010-02-21 7:46 ` Gleb Natapov [this message]
2010-02-21 8:12 ` Avi Kivity
2010-02-21 12:18 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100221074633.GM14767@redhat.com \
--to=gleb@redhat.com \
--cc=avi@redhat.com \
--cc=joerg.roedel@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=zamsden@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.