[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Hypercalls in Intel-VT



The way that PV and HVM guests work is very different. Many of the tricks necessary for hosting PV guests, such as stealing address space for the hypervisor, are not necessary for HVM guests.

 -- Keir

On 29/10/07 07:59, "Ashish Bijlani" <ashish.bijlani@xxxxxxxxx> wrote:

if a VM's context is saved to and xen's context is loaded from VMCS upon every VMexit call in VT, the why is xen mapped in the first 64MB region of every guest VM? As far as I know, TLB will also be flushed when xen's context is loaded from VMCS host area.

On 10/26/07, Mark Williamson <mark.williamson@xxxxxxxxxxxx  <mailto:mark.williamson@xxxxxxxxxxxx> > wrote:
> thanks for your answers. really appreciate your help. however, i've some
> more doubts and would appreciate if you could answer the following:

We're now getting a bit outside my understanding of VMX, but the other guys
may know more.

> how
> does transition happen from root VMX mode to non-root VMX mode? I mean does
> it load Xen's CS, DS from the GDT or does it switch GDT to load Xen's GDT?
> Also, does it do TLB flush, provided Xen is mapped in the first 64MB of the
> guest  VM? thanks.

Well, the hardware probably does something equivalent to this.  But (as far as
I know) that's not how it looks to software: from the software's point of
view you are just doing a VMEXIT from non-root mode to root mode.  Root mode
effectively has a different set of control registers / datastructures to
non-root mode.  So software doesn't have to worry so much about the data
structures involved.  I don't *think* the software even has to save / restore
the guest registers (unless it wants to modify them).

Regarding the TLB flush, again, the hardware quite possibly does that.  But
I'm not aware of anything in the VMX spec that exposes this detail, so Intel
could easily tag the TLB entries as root / non-root to avoid flushing on a
VMEXIT / VMENTER.  For all I know, they may do this already!

Eddie, did I get that about right? :-)

Cheers,
Mark

>
> On 10/26/07, Mark Williamson < mark.williamson@xxxxxxxxxxxx <mailto:mark.williamson@xxxxxxxxxxxx> > wrote:
> > > that means dom0 doesn't make trap to ring 0 root VMX mode for
> > > privileged operations like updating cr3?
> >
> > Dom0 always runs paravirtualised, it can't be an HVM domain.  So it just
> > uses
> > the normal paravirtualised interface, regardless of whether VMX is
> > available
> > in the hardware.
> >
> > Cheers,
> > Mark
> >
> > > On 10/26/07, Dong, Eddie < eddie.dong@xxxxxxxxx> wrote:
> > > >  DOm0 works in ring 1 root VMX mode. Anyway can switch from ring 1 to
> > > > ring 0 can be used for accessing privileged resource such as INT xx,
> >
> > or
> >
> > > > thru exception like I/O.
> > > >
> > > > But HVM works in non root VMX mode though ring=0, so you need to
> >
> > switch
> >
> > > > from non root VMX mode to root VMX mode to access privileged
> > > > resource.
> >
> > VM
> >
> > > > Exit is the only way to do this.
> > > >
> > > >  ------------------------------
> > > > *From:* xen-devel-bounces@xxxxxxxxxxxxxxxxxxx [mailto:
> > > > xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] *On Behalf Of *Ashish Bijlani
> > > > *Sent:* 2007年10月26日 9:14
> > > > *To:* xen-devel@xxxxxxxxxxxxxxxxxxx
> > > > *Subject:* Re: [Xen-devel] Hypercalls in Intel-VT
> > > >
> > > > how does dom0 on intel-vt gets privileges to access the hardware
> >
> > devices?
> >
> > > > i mean does it get these privileges through superpages?
> > > >
> > > > On 10/25/07, Cui, Dexuan < dexuan.cui@xxxxxxxxx <mailto:dexuan.cui@xxxxxxxxx> > wrote:
> > > > > > From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
> > > > > > [mailto: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx <mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx> ]
> > > > >
> > > > > On Behalf Of Ashish Bijlani
> > > > >
> > > > > > Sent: 2007年10月26日 8:20
> > > > > > To: xen-devel@xxxxxxxxxxxxxxxxxxx
> > > > > > Subject: Re: [Xen-devel] Hypercalls in Intel-VT
> > > > > >
> > > > > >
> > > > > > could there be a way to make a transition into xen without a
> >
> > vmexit
> >
> > > > > upon executing an iret inside a guest os krnl?
> > > > > I think we are talking about VMX guest -- the answer it NO...  For
> >
> > an
> >
> > > > > VMX guest to return to Xen, a VMexit is a must. You can refert to
> >
> > Intel
> >
> > > > > Software Developer Manual 3B for details.
> > > > >
> > > > > -- Dexuan
> >
> > --
> > Dave: Just a question. What use is a unicyle with no seat?  And no
> > pedals! Mark: To answer a question with a question: What use is a
> > skateboard? Dave: Skateboards have wheels.
> > Mark: My wheel has a wheel!



--
Dave: Just a question. What use is a unicyle with no seat?  And no pedals!
Mark: To answer a question with a question: What use is a skateboard?
Dave: Skateboards have wheels.
Mark: My wheel has a wheel!



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.