[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Direct guest device access from nested guest
From: |
Muli Ben-Yehuda |
Subject: |
Re: [Qemu-devel] Direct guest device access from nested guest |
Date: |
Fri, 30 Aug 2013 08:27:58 +0300 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Thu, Aug 29, 2013 at 03:55:20PM -0700, Aaron Fabbri wrote:
> Has anyone considered a paravirt approach? That is:
>
> Guest kernel: Write a new IOMMU API back end which does KVM hypercalls.
> Exposes VFIO to guest user processes (nested VMs) as usual.
>
> Host kernel: KVM does things like collapse {guest_va -> guest_pa ->
> host_pa} mappings to {guest_va -> host_pa}, and call through to
> underlying IOMMU.
>
> Opinions?
The paravirt approach can certainly work but has a couple of
drawbacks. First, you need to modify the guest kernel
(obviously). Second, frequent map/unmap calls can be very expensive,
so you probably want to relax protection somewhat and cache DMA
mappings, preferably at the guest level or at the host level[1].
Personally, I think that emulating an IOMMU is the right way to go
with current generation hardware, and can provide very reasonable
performance if you are willing to relax protection[2].
[1] http://www.mulix.org/pubs/iommu/dmamapping.pdf
[2] http://www.mulix.org/pubs/iommu/viommu.pdf
Cheers,
Muli