From: Muli Ben-Yehuda <mulix@hypervisorconsulting.com>
To: Aaron Fabbri <ajfabbri@gmail.com>
Cc: "Lluís Vilanova" <vilanova@ac.upc.edu>,
"Jan Kiszka" <jan.kiszka@siemens.com>,
"QEMU ." <qemu-devel@nongnu.org>, kvm <kvm@vger.kernel.org>
Subject: Re: [Qemu-devel] Direct guest device access from nested guest
Date: Fri, 30 Aug 2013 08:27:58 +0300 [thread overview]
Message-ID: <20130830052758.GL17596@needle> (raw)
In-Reply-To: <CAF+KLxuZqJoSKEAz+Osbh8jxZVOi+U2rNbTmMH5V3TpXn-p3xA@mail.gmail.com>
On Thu, Aug 29, 2013 at 03:55:20PM -0700, Aaron Fabbri wrote:
> Has anyone considered a paravirt approach? That is:
>
> Guest kernel: Write a new IOMMU API back end which does KVM hypercalls.
> Exposes VFIO to guest user processes (nested VMs) as usual.
>
> Host kernel: KVM does things like collapse {guest_va -> guest_pa ->
> host_pa} mappings to {guest_va -> host_pa}, and call through to
> underlying IOMMU.
>
> Opinions?
The paravirt approach can certainly work but has a couple of
drawbacks. First, you need to modify the guest kernel
(obviously). Second, frequent map/unmap calls can be very expensive,
so you probably want to relax protection somewhat and cache DMA
mappings, preferably at the guest level or at the host level[1].
Personally, I think that emulating an IOMMU is the right way to go
with current generation hardware, and can provide very reasonable
performance if you are willing to relax protection[2].
[1] http://www.mulix.org/pubs/iommu/dmamapping.pdf
[2] http://www.mulix.org/pubs/iommu/viommu.pdf
Cheers,
Muli
WARNING: multiple messages have this Message-ID (diff)
From: Muli Ben-Yehuda <mulix@hypervisorconsulting.com>
To: Aaron Fabbri <ajfabbri@gmail.com>
Cc: "Jan Kiszka" <jan.kiszka@siemens.com>,
"Lluís Vilanova" <vilanova@ac.upc.edu>, kvm <kvm@vger.kernel.org>,
"QEMU ." <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] Direct guest device access from nested guest
Date: Fri, 30 Aug 2013 08:27:58 +0300 [thread overview]
Message-ID: <20130830052758.GL17596@needle> (raw)
In-Reply-To: <CAF+KLxuZqJoSKEAz+Osbh8jxZVOi+U2rNbTmMH5V3TpXn-p3xA@mail.gmail.com>
On Thu, Aug 29, 2013 at 03:55:20PM -0700, Aaron Fabbri wrote:
> Has anyone considered a paravirt approach? That is:
>
> Guest kernel: Write a new IOMMU API back end which does KVM hypercalls.
> Exposes VFIO to guest user processes (nested VMs) as usual.
>
> Host kernel: KVM does things like collapse {guest_va -> guest_pa ->
> host_pa} mappings to {guest_va -> host_pa}, and call through to
> underlying IOMMU.
>
> Opinions?
The paravirt approach can certainly work but has a couple of
drawbacks. First, you need to modify the guest kernel
(obviously). Second, frequent map/unmap calls can be very expensive,
so you probably want to relax protection somewhat and cache DMA
mappings, preferably at the guest level or at the host level[1].
Personally, I think that emulating an IOMMU is the right way to go
with current generation hardware, and can provide very reasonable
performance if you are willing to relax protection[2].
[1] http://www.mulix.org/pubs/iommu/dmamapping.pdf
[2] http://www.mulix.org/pubs/iommu/viommu.pdf
Cheers,
Muli
next prev parent reply other threads:[~2013-08-30 5:28 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-28 14:28 [Qemu-devel] Direct guest device access from nested guest Lluís Vilanova
2013-08-28 16:48 ` Jan Kiszka
2013-08-28 16:48 ` [Qemu-devel] " Jan Kiszka
2013-08-28 18:12 ` Lluís Vilanova
2013-08-28 18:12 ` [Qemu-devel] " Lluís Vilanova
2013-08-28 18:18 ` Jan Kiszka
2013-08-28 18:18 ` [Qemu-devel] " Jan Kiszka
2013-08-28 19:18 ` Lluís Vilanova
2013-08-29 22:55 ` Aaron Fabbri
2013-08-29 22:55 ` [Qemu-devel] " Aaron Fabbri
2013-08-29 22:58 ` Fwd: " Aaron Fabbri
2013-08-29 22:58 ` [Qemu-devel] Fwd: " Aaron Fabbri
2013-08-30 5:27 ` Muli Ben-Yehuda [this message]
2013-08-30 5:27 ` [Qemu-devel] " Muli Ben-Yehuda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130830052758.GL17596@needle \
--to=mulix@hypervisorconsulting.com \
--cc=ajfabbri@gmail.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
--cc=qemu-devel@nongnu.org \
--cc=vilanova@ac.upc.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.