From: Muli Ben-Yehuda <mulix@hypervisorconsulting.com>
To: Aaron Fabbri <ajfabbri@gmail.com>
Cc: "Jan Kiszka" <jan.kiszka@siemens.com>,
"Lluís Vilanova" <vilanova@ac.upc.edu>, kvm <kvm@vger.kernel.org>,
"QEMU ." <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] Direct guest device access from nested guest
Date: Fri, 30 Aug 2013 08:27:58 +0300 [thread overview]
Message-ID: <20130830052758.GL17596@needle> (raw)
In-Reply-To: <CAF+KLxuZqJoSKEAz+Osbh8jxZVOi+U2rNbTmMH5V3TpXn-p3xA@mail.gmail.com>
On Thu, Aug 29, 2013 at 03:55:20PM -0700, Aaron Fabbri wrote:
> Has anyone considered a paravirt approach? That is:
>
> Guest kernel: Write a new IOMMU API back end which does KVM hypercalls.
> Exposes VFIO to guest user processes (nested VMs) as usual.
>
> Host kernel: KVM does things like collapse {guest_va -> guest_pa ->
> host_pa} mappings to {guest_va -> host_pa}, and call through to
> underlying IOMMU.
>
> Opinions?
The paravirt approach can certainly work but has a couple of
drawbacks. First, you need to modify the guest kernel
(obviously). Second, frequent map/unmap calls can be very expensive,
so you probably want to relax protection somewhat and cache DMA
mappings, preferably at the guest level or at the host level[1].
Personally, I think that emulating an IOMMU is the right way to go
with current generation hardware, and can provide very reasonable
performance if you are willing to relax protection[2].
[1] http://www.mulix.org/pubs/iommu/dmamapping.pdf
[2] http://www.mulix.org/pubs/iommu/viommu.pdf
Cheers,
Muli
prev parent reply other threads:[~2013-08-30 5:28 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-28 14:28 [Qemu-devel] Direct guest device access from nested guest Lluís Vilanova
2013-08-28 16:48 ` Jan Kiszka
2013-08-28 18:12 ` Lluís Vilanova
2013-08-28 18:18 ` Jan Kiszka
2013-08-28 19:18 ` Lluís Vilanova
2013-08-29 22:55 ` Aaron Fabbri
2013-08-29 22:58 ` [Qemu-devel] Fwd: " Aaron Fabbri
2013-08-30 5:27 ` Muli Ben-Yehuda [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130830052758.GL17596@needle \
--to=mulix@hypervisorconsulting.com \
--cc=ajfabbri@gmail.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
--cc=qemu-devel@nongnu.org \
--cc=vilanova@ac.upc.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).