From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH 0/28] nVMX: Nested VMX, v7 Date: Thu, 09 Dec 2010 14:44:52 +0200 Message-ID: <4D00CF44.7010400@redhat.com> References: <1291827596-nyh@il.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org, gleb@redhat.com To: "Nadav Har'El" Return-path: Received: from mx1.redhat.com ([209.132.183.28]:63353 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755461Ab0LIMo5 (ORCPT ); Thu, 9 Dec 2010 07:44:57 -0500 In-Reply-To: <1291827596-nyh@il.ibm.com> Sender: kvm-owner@vger.kernel.org List-ID: On 12/08/2010 06:59 PM, Nadav Har'El wrote: > Hi, > > This is the seventh iteration of the nested VMX patch set. It fixes a bunch > of bugs in the previous iteration, and in particular it now works correctly > with EPT in the L0 hypervisor, so "ept=0" no longer needs to be specified. > > This new set of patches should apply to the current KVM trunk (I checked with > 66fc6be8d2b04153b753182610f919faf9c705bc). In particular it uses the recently > added is_guest_mode() function (common to both nested svm and vmx) instead of > inventing our own flag. > > About nested VMX: > ----------------- > > The following 28 patches implement nested VMX support. This feature enables a > guest to use the VMX APIs in order to run its own nested guests. In other > words, it allows running hypervisors (that use VMX) under KVM. > Multiple guest hypervisors can be run concurrently, and each of those can > in turn host multiple guests. > > The theory behind this work, our implementation, and its performance > characteristics were presented in OSDI 2010 (the USENIX Symposium on > Operating Systems Design and Implementation). Our paper was titled > "The Turtles Project: Design and Implementation of Nested Virtualization", > and was awarded "Jay Lepreau Best Paper". The paper is available online, at: > > http://www.usenix.org/events/osdi10/tech/full_papers/Ben-Yehuda.pdf > > This patch set does not include all the features described in the paper. > In particular, this patch set is missing nested EPT (shadow page tables are > used in L1, while L0 can use shadow page tables or EPT). It is also missing > some features required to run VMWare Server as a guest. These missing features > will be sent as follow-on patchs. > > Running nested VMX: > ------------------ > > The current patches have a number of requirements, which will be relaxed in > follow-on patches: > > 1. This version was only tested with KVM (64-bit) as a guest hypervisor, and > Linux as a nested guest. > > 2. SMP is supported in the code, but is unfortunately buggy in this version > and often leads to hangs. Use the "nosmp" option in the L0 (topmost) > kernel to avoid this bug (and to reduce your performance ;-)).. Any idea as to the cause? There should be little interaction between host or guest smp and nvmx. > 5. Nested VPID is not properly supported in this version. You must give the > "vpid=0" module options to kvm-intel to turn this feature off. Do you mean host vpid here? Likely you're not flushing the tlb when switching between guest and host. -- error compiling committee.c: too many arguments to function