* KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
@ 2017-09-29 15:47 Lai Jiangshan
0 siblings, 0 replies; 10+ messages in thread
From: Lai Jiangshan @ 2017-09-29 15:47 UTC (permalink / raw)
To: LKML, kvm
Cc: Juergen Gross, rusty, lguest, x86, mingo, H. Peter Anvin,
xen-devel, Boris Ostrovsky, Thomas Gleixner
Hello, all
An interesting (at least to me) thinking came up to me when I found
that the lguest was removed. But I don't have enough knowledge
to find out the answer nor energy to implement it in some time.
Is it possible to implement kvm-pv which allows kvm to run on
the boxes without hardware virtualization support, so that
qemu/kvm can be used on clouds such as aws, azure?
Without hardware virtualization support, the host kvm-pv module and
the guest linux kernel need to cooperate in some ways. And some kvm
facilities can help. For instance, the existing shadow-paging, which
was not introduced when lguest had been added to kernel, could be
reused to help on mmu virtualization. For guest kernel/userspace
separation in x86_64, the intel cpu's segment registers can help too.
(or use a new set of page-table for the guest kernel on amd64).
The thought is quite shallow, but I hope this email brings some
inspirations rather than annoyance. And I'm sorry if the later things
would happen.
Thanks,
Lai.
On Thu, Aug 17, 2017 at 1:31 AM, Juergen Gross <jgross@suse.com> wrote:
> Lguest seems to be rather unused these days. It has seen only patches
> ensuring it still builds the last two years and its official state is
> "Odd Fixes".
>
> Nuke it in order to be able to clean up the paravirt code.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-30 3:39 ` Paolo Bonzini
@ 2017-10-02 10:36 ` George Dunlap
0 siblings, 0 replies; 10+ messages in thread
From: George Dunlap @ 2017-10-02 10:36 UTC (permalink / raw)
To: Paolo Bonzini
Cc: Juergen Gross, Rusty Russell, kvm, the arch/x86 maintainers,
LKML, lguest, Thomas Gleixner, H. Peter Anvin, Lai Jiangshan,
xen-devel, Boris Ostrovsky, Ingo Molnar
On Sat, Sep 30, 2017 at 4:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> ----- Lai Jiangshan <jiangshanlai+lkml@gmail.com> ha scritto:
>> On Sat, Sep 30, 2017 at 12:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
>> > On 29/09/2017 17:47, Lai Jiangshan wrote:
>> >> Hello, all
>> >>
>> >> An interesting (at least to me) thinking came up to me when I found
>> >> that the lguest was removed. But I don't have enough knowledge
>> >> to find out the answer nor energy to implement it in some time.
>> >>
>> >> Is it possible to implement kvm-pv which allows kvm to run on
>> >> the boxes without hardware virtualization support, so that
>> >> qemu/kvm can be used on clouds such as aws, azure?
>> >
>> > No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
>> > hardware with event channels, grant tables and the like, but still using
>> > hardware extensions for MMU).
>> >
>> > Rather, cloud providers should help getting nested virtualization ready
>> > for production use. At least for KVM it's not that far.
>> >
>>
>> Although I'm not business man, I don't think the top cloud provider[s]
>> would allow nested virtualization, however mature nested virtualization
>> is. Even xen-pv is unable to be nested in the aws and azure.
A lot of new Windows features, like Credential Guard and Device Guard
require hardware virtualization support, as do security products like
Bromium. So it's not surprising that cloud providers are becoming
more interested in nested hardware support.
> Check the contributors to KVM nested virtualization, you might be surprised.
>
> Nested Xen PV is not possible because the Xen hypervisor cannot run as a PV guest. It's a technical limitation.
Minor correction: Xen can't run on AWS as a PV guest, but it can run
as an L1 hypervisor inside any "fully virtualized" VM (as both AWS and
Azure provide), and provide PV L2 guests.
-George
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-29 16:39 ` Paolo Bonzini
2017-09-30 0:04 ` Lai Jiangshan
2017-09-30 0:04 ` Lai Jiangshan
@ 2017-10-02 10:18 ` George Dunlap
2 siblings, 0 replies; 10+ messages in thread
From: George Dunlap @ 2017-10-02 10:18 UTC (permalink / raw)
To: Paolo Bonzini
Cc: Juergen Gross, the arch/x86 maintainers, lguest, kvm, rusty,
LKML, Ingo Molnar, H. Peter Anvin, Lai Jiangshan, xen-devel,
Boris Ostrovsky, Thomas Gleixner
On Fri, Sep 29, 2017 at 5:39 PM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> On 29/09/2017 17:47, Lai Jiangshan wrote:
>> Hello, all
>>
>> An interesting (at least to me) thinking came up to me when I found
>> that the lguest was removed. But I don't have enough knowledge
>> to find out the answer nor energy to implement it in some time.
>>
>> Is it possible to implement kvm-pv which allows kvm to run on
>> the boxes without hardware virtualization support, so that
>> qemu/kvm can be used on clouds such as aws, azure?
>
> No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
> hardware with event channels, grant tables and the like, but still using
> hardware extensions for MMU).
That said, the main pain point for Xen's PV so far has been the fact
that we expose the real pagetables directly to the guest, in order to
avoid having to do use shadow pagetables. If you're willing to take
the performance hit and use an existing shadow pagetable
implementation from the start, it might not be so bad from a
development perspective.
Still, I'm betting it will be a lot more work than you expect. :-)
-George
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-30 0:04 ` Lai Jiangshan
2017-09-30 3:39 ` Paolo Bonzini
@ 2017-09-30 3:39 ` Paolo Bonzini
2017-10-02 10:36 ` George Dunlap
1 sibling, 1 reply; 10+ messages in thread
From: Paolo Bonzini @ 2017-09-30 3:39 UTC (permalink / raw)
To: Lai Jiangshan
Cc: LKML, kvm, xen-devel, x86, lguest, Boris Ostrovsky,
H. Peter Anvin, Thomas Gleixner, mingo, Rusty Russell,
Juergen Gross
----- Lai Jiangshan <jiangshanlai+lkml@gmail.com> ha scritto:
> On Sat, Sep 30, 2017 at 12:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> > On 29/09/2017 17:47, Lai Jiangshan wrote:
> >> Hello, all
> >>
> >> An interesting (at least to me) thinking came up to me when I found
> >> that the lguest was removed. But I don't have enough knowledge
> >> to find out the answer nor energy to implement it in some time.
> >>
> >> Is it possible to implement kvm-pv which allows kvm to run on
> >> the boxes without hardware virtualization support, so that
> >> qemu/kvm can be used on clouds such as aws, azure?
> >
> > No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
> > hardware with event channels, grant tables and the like, but still using
> > hardware extensions for MMU).
> >
> > Rather, cloud providers should help getting nested virtualization ready
> > for production use. At least for KVM it's not that far.
> >
>
> Although I'm not business man, I don't think the top cloud provider[s]
> would allow nested virtualization, however mature nested virtualization
> is. Even xen-pv is unable to be nested in the aws and azure.
Check the contributors to KVM nested virtualization, you might be surprised.
Nested Xen PV is not possible because the Xen hypervisor cannot run as a PV guest. It's a technical limitation.
Paolo
>
> Thanks,
> Lai
>
> >
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-30 0:04 ` Lai Jiangshan
@ 2017-09-30 3:39 ` Paolo Bonzini
2017-09-30 3:39 ` Paolo Bonzini
1 sibling, 0 replies; 10+ messages in thread
From: Paolo Bonzini @ 2017-09-30 3:39 UTC (permalink / raw)
To: Lai Jiangshan
Cc: Juergen Gross, Rusty Russell, lguest, kvm, x86, LKML, mingo,
H. Peter Anvin, xen-devel, Boris Ostrovsky, Thomas Gleixner
----- Lai Jiangshan <jiangshanlai+lkml@gmail.com> ha scritto:
> On Sat, Sep 30, 2017 at 12:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> > On 29/09/2017 17:47, Lai Jiangshan wrote:
> >> Hello, all
> >>
> >> An interesting (at least to me) thinking came up to me when I found
> >> that the lguest was removed. But I don't have enough knowledge
> >> to find out the answer nor energy to implement it in some time.
> >>
> >> Is it possible to implement kvm-pv which allows kvm to run on
> >> the boxes without hardware virtualization support, so that
> >> qemu/kvm can be used on clouds such as aws, azure?
> >
> > No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
> > hardware with event channels, grant tables and the like, but still using
> > hardware extensions for MMU).
> >
> > Rather, cloud providers should help getting nested virtualization ready
> > for production use. At least for KVM it's not that far.
> >
>
> Although I'm not business man, I don't think the top cloud provider[s]
> would allow nested virtualization, however mature nested virtualization
> is. Even xen-pv is unable to be nested in the aws and azure.
Check the contributors to KVM nested virtualization, you might be surprised.
Nested Xen PV is not possible because the Xen hypervisor cannot run as a PV guest. It's a technical limitation.
Paolo
>
> Thanks,
> Lai
>
> >
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-29 16:39 ` Paolo Bonzini
@ 2017-09-30 0:04 ` Lai Jiangshan
2017-09-30 3:39 ` Paolo Bonzini
2017-09-30 3:39 ` Paolo Bonzini
2017-09-30 0:04 ` Lai Jiangshan
2017-10-02 10:18 ` George Dunlap
2 siblings, 2 replies; 10+ messages in thread
From: Lai Jiangshan @ 2017-09-30 0:04 UTC (permalink / raw)
To: Paolo Bonzini
Cc: LKML, kvm, xen-devel, x86, lguest, Boris Ostrovsky,
H. Peter Anvin, Thomas Gleixner, mingo, Rusty Russell,
Juergen Gross
On Sat, Sep 30, 2017 at 12:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> On 29/09/2017 17:47, Lai Jiangshan wrote:
>> Hello, all
>>
>> An interesting (at least to me) thinking came up to me when I found
>> that the lguest was removed. But I don't have enough knowledge
>> to find out the answer nor energy to implement it in some time.
>>
>> Is it possible to implement kvm-pv which allows kvm to run on
>> the boxes without hardware virtualization support, so that
>> qemu/kvm can be used on clouds such as aws, azure?
>
> No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
> hardware with event channels, grant tables and the like, but still using
> hardware extensions for MMU).
>
> Rather, cloud providers should help getting nested virtualization ready
> for production use. At least for KVM it's not that far.
>
Although I'm not business man, I don't think the top cloud provider[s]
would allow nested virtualization, however mature nested virtualization
is. Even xen-pv is unable to be nested in the aws and azure.
Thanks,
Lai
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-29 16:39 ` Paolo Bonzini
2017-09-30 0:04 ` Lai Jiangshan
@ 2017-09-30 0:04 ` Lai Jiangshan
2017-10-02 10:18 ` George Dunlap
2 siblings, 0 replies; 10+ messages in thread
From: Lai Jiangshan @ 2017-09-30 0:04 UTC (permalink / raw)
To: Paolo Bonzini
Cc: Juergen Gross, Rusty Russell, lguest, kvm, x86, LKML, mingo,
H. Peter Anvin, xen-devel, Boris Ostrovsky, Thomas Gleixner
On Sat, Sep 30, 2017 at 12:39 AM, Paolo Bonzini <pbonzini@redhat.com> wrote:
> On 29/09/2017 17:47, Lai Jiangshan wrote:
>> Hello, all
>>
>> An interesting (at least to me) thinking came up to me when I found
>> that the lguest was removed. But I don't have enough knowledge
>> to find out the answer nor energy to implement it in some time.
>>
>> Is it possible to implement kvm-pv which allows kvm to run on
>> the boxes without hardware virtualization support, so that
>> qemu/kvm can be used on clouds such as aws, azure?
>
> No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
> hardware with event channels, grant tables and the like, but still using
> hardware extensions for MMU).
>
> Rather, cloud providers should help getting nested virtualization ready
> for production use. At least for KVM it's not that far.
>
Although I'm not business man, I don't think the top cloud provider[s]
would allow nested virtualization, however mature nested virtualization
is. Even xen-pv is unable to be nested in the aws and azure.
Thanks,
Lai
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-29 15:47 Lai Jiangshan
2017-09-29 16:39 ` Paolo Bonzini
@ 2017-09-29 16:39 ` Paolo Bonzini
2017-09-30 0:04 ` Lai Jiangshan
` (2 more replies)
1 sibling, 3 replies; 10+ messages in thread
From: Paolo Bonzini @ 2017-09-29 16:39 UTC (permalink / raw)
To: Lai Jiangshan, LKML, kvm
Cc: xen-devel, x86, lguest, Boris Ostrovsky, H. Peter Anvin,
Thomas Gleixner, mingo, rusty, Juergen Gross
On 29/09/2017 17:47, Lai Jiangshan wrote:
> Hello, all
>
> An interesting (at least to me) thinking came up to me when I found
> that the lguest was removed. But I don't have enough knowledge
> to find out the answer nor energy to implement it in some time.
>
> Is it possible to implement kvm-pv which allows kvm to run on
> the boxes without hardware virtualization support, so that
> qemu/kvm can be used on clouds such as aws, azure?
No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
hardware with event channels, grant tables and the like, but still using
hardware extensions for MMU).
Rather, cloud providers should help getting nested virtualization ready
for production use. At least for KVM it's not that far.
Paolo
> Without hardware virtualization support, the host kvm-pv module and
> the guest linux kernel need to cooperate in some ways. And some kvm
> facilities can help. For instance, the existing shadow-paging, which
> was not introduced when lguest had been added to kernel, could be
> reused to help on mmu virtualization. For guest kernel/userspace
> separation in x86_64, the intel cpu's segment registers can help too.
> (or use a new set of page-table for the guest kernel on amd64).
>
> The thought is quite shallow, but I hope this email brings some
> inspirations rather than annoyance. And I'm sorry if the later things
> would happen.
>
> Thanks,
> Lai.
>
> On Thu, Aug 17, 2017 at 1:31 AM, Juergen Gross <jgross@suse.com> wrote:
>> Lguest seems to be rather unused these days. It has seen only patches
>> ensuring it still builds the last two years and its official state is
>> "Odd Fixes".
>>
>> Nuke it in order to be able to clean up the paravirt code.
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
2017-09-29 15:47 Lai Jiangshan
@ 2017-09-29 16:39 ` Paolo Bonzini
2017-09-29 16:39 ` Paolo Bonzini
1 sibling, 0 replies; 10+ messages in thread
From: Paolo Bonzini @ 2017-09-29 16:39 UTC (permalink / raw)
To: Lai Jiangshan, LKML, kvm
Cc: Juergen Gross, rusty, lguest, x86, mingo, H. Peter Anvin,
xen-devel, Boris Ostrovsky, Thomas Gleixner
On 29/09/2017 17:47, Lai Jiangshan wrote:
> Hello, all
>
> An interesting (at least to me) thinking came up to me when I found
> that the lguest was removed. But I don't have enough knowledge
> to find out the answer nor energy to implement it in some time.
>
> Is it possible to implement kvm-pv which allows kvm to run on
> the boxes without hardware virtualization support, so that
> qemu/kvm can be used on clouds such as aws, azure?
No, please don't. :) Even Xen is moving from PV to PVH (paravirtualized
hardware with event channels, grant tables and the like, but still using
hardware extensions for MMU).
Rather, cloud providers should help getting nested virtualization ready
for production use. At least for KVM it's not that far.
Paolo
> Without hardware virtualization support, the host kvm-pv module and
> the guest linux kernel need to cooperate in some ways. And some kvm
> facilities can help. For instance, the existing shadow-paging, which
> was not introduced when lguest had been added to kernel, could be
> reused to help on mmu virtualization. For guest kernel/userspace
> separation in x86_64, the intel cpu's segment registers can help too.
> (or use a new set of page-table for the guest kernel on amd64).
>
> The thought is quite shallow, but I hope this email brings some
> inspirations rather than annoyance. And I'm sorry if the later things
> would happen.
>
> Thanks,
> Lai.
>
> On Thu, Aug 17, 2017 at 1:31 AM, Juergen Gross <jgross@suse.com> wrote:
>> Lguest seems to be rather unused these days. It has seen only patches
>> ensuring it still builds the last two years and its official state is
>> "Odd Fixes".
>>
>> Nuke it in order to be able to clean up the paravirt code.
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support)
@ 2017-09-29 15:47 Lai Jiangshan
2017-09-29 16:39 ` Paolo Bonzini
2017-09-29 16:39 ` Paolo Bonzini
0 siblings, 2 replies; 10+ messages in thread
From: Lai Jiangshan @ 2017-09-29 15:47 UTC (permalink / raw)
To: LKML, kvm
Cc: xen-devel, x86, lguest, Boris Ostrovsky, H. Peter Anvin,
Thomas Gleixner, mingo, rusty, Juergen Gross
Hello, all
An interesting (at least to me) thinking came up to me when I found
that the lguest was removed. But I don't have enough knowledge
to find out the answer nor energy to implement it in some time.
Is it possible to implement kvm-pv which allows kvm to run on
the boxes without hardware virtualization support, so that
qemu/kvm can be used on clouds such as aws, azure?
Without hardware virtualization support, the host kvm-pv module and
the guest linux kernel need to cooperate in some ways. And some kvm
facilities can help. For instance, the existing shadow-paging, which
was not introduced when lguest had been added to kernel, could be
reused to help on mmu virtualization. For guest kernel/userspace
separation in x86_64, the intel cpu's segment registers can help too.
(or use a new set of page-table for the guest kernel on amd64).
The thought is quite shallow, but I hope this email brings some
inspirations rather than annoyance. And I'm sorry if the later things
would happen.
Thanks,
Lai.
On Thu, Aug 17, 2017 at 1:31 AM, Juergen Gross <jgross@suse.com> wrote:
> Lguest seems to be rather unused these days. It has seen only patches
> ensuring it still builds the last two years and its official state is
> "Odd Fixes".
>
> Nuke it in order to be able to clean up the paravirt code.
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-10-02 10:36 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-29 15:47 KVM PV (was: Re: [PATCH v2 2/2] x86/lguest: remove lguest support) Lai Jiangshan
2017-09-29 15:47 Lai Jiangshan
2017-09-29 16:39 ` Paolo Bonzini
2017-09-29 16:39 ` Paolo Bonzini
2017-09-30 0:04 ` Lai Jiangshan
2017-09-30 3:39 ` Paolo Bonzini
2017-09-30 3:39 ` Paolo Bonzini
2017-10-02 10:36 ` George Dunlap
2017-09-30 0:04 ` Lai Jiangshan
2017-10-02 10:18 ` George Dunlap
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.