Xen project Mailing List

Re: [Stratos-dev] Enabling hypervisor agnosticism for VirtIO backends

To: Trilok Soni <quic_tsoni@xxxxxxxxxxx>

From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>

Date: Tue, 14 Sep 2021 20:29:02 -0700

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 149.199.62.198) smtp.rcpttodomain=quicinc.com smtp.mailfrom=xilinx.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=xilinx.com; dkim=none (message not signed); arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=N7Tl2WRijlXWZr4aIJxLSFdeZd+kL7VyxyPMG7+Sp00=; b=S3CB7EocoRGnm/pCf04OWCLZrKGFVkgU8ZYOJ30H1tUpKC5pubNOk8/56rZvNi+s9iWIpQbsHjcwUUafM5Cg1xXL41zlsPPkck5EnVaabq89FVH+lL2FQH3hpjgDDr+Etn12nDB9YSKI+zFzheYxcgakICol3+YQntR10YVeW5peuJc0xY0c4rRpqcfLVddq4IF7hqRcjpxizu8h8nbLEdusstYAHoGfjqRslb0P4Z5VoMPeXIqXp0q75S59EgVP/MnoPYefdMrPhpl7de4mng4STNesI7GqTujogm6KlkvUmm46OYjtAXJrKXE9c68JeqdCEYelkNFXRQ+ki6lRpQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LeIu1K7IWEioBlGJ3Oyl2SMlQaPVNkEK6hsjR/vLYx/OaXHeG9l+eFIKguiuc9LKb7KtSWKawV9LocgqzVi/JnIziXH6xF4KMQP4127HrsuWFd94JnxInhLW+IVl7DbMGwq3rtvEbrAuwyR+GWN6hmxNly5lEyy/3074DFfNwv2/Ik+8CBOdiWFUF4jGMtWPyu/tIbRmMY0c1SOneICsjlKQZt9o4YlrjGsXEk6q00EqX52nOsvEkOLGFSMQD+ZkvPmPdffS4bOPNKSwvOk8duPPm4SKpXUdsArsOa/Y5PXKNBweHKmmJ5G1x9tD02sEmf0TC9PZ1SZdjXGn3tT4sQ==

Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, AKASHI Takahiro <takahiro.akashi@xxxxxxxxxx>, <paul@xxxxxxx>, Stratos Mailing List <stratos-dev@xxxxxxxxxxxxxxxxxxx>, <virtio-dev@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Jan Kiszka <jan.kiszka@xxxxxxxxxxx>, Arnd Bergmann <arnd.bergmann@xxxxxxxxxx>, <jgross@xxxxxxxx>, <julien@xxxxxxx>, Carl van Schaik <cvanscha@xxxxxxxxxxxxxxxx>, <Bertrand.Marquis@xxxxxxx>, Stefan Hajnoczi <stefanha@xxxxxxxxxx>, <Artem_Mygaiev@xxxxxxxx>, <xen-devel@xxxxxxxxxxxxx>, <olekstysh@xxxxxxxxx>, <Oleksandr_Tyshchenko@xxxxxxxx>, Elena Afanasova <eafanasova@xxxxxxxxx>

Delivery-date: Wed, 15 Sep 2021 03:29:21 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Tue, 14 Sep 2021, Trilok Soni wrote: > On 9/13/2021 4:51 PM, Stefano Stabellini via Stratos-dev wrote: > > On Mon, 6 Sep 2021, AKASHI Takahiro wrote: > > > > the second is how many context switches are involved in a transaction. > > > > Of course with all things there is a trade off. Things involving the > > > > very tightest latency would probably opt for a bare metal backend which > > > > I think would imply hypervisor knowledge in the backend binary. > > > > > > In configuration phase of virtio device, the latency won't be a big > > > matter. > > > In device operations (i.e. read/write to block devices), if we can > > > resolve 'mmap' issue, as Oleksandr is proposing right now, the only issue > > > is > > > how efficiently we can deliver notification to the opposite side. Right? > > > And this is a very common problem whatever approach we would take. > > > > > > Anyhow, if we do care the latency in my approach, most of virtio-proxy- > > > related code can be re-implemented just as a stub (or shim?) library > > > since the protocols are defined as RPCs. > > > In this case, however, we would lose the benefit of providing "single > > > binary" > > > BE. > > > (I know this is is an arguable requirement, though.) > > > > In my experience, latency, performance, and security are far more > > important than providing a single binary. > > > > In my opinion, we should optimize for the best performance and security, > > then be practical on the topic of hypervisor agnosticism. For instance, > > a shared source with a small hypervisor-specific component, with one > > implementation of the small component for each hypervisor, would provide > > a good enough hypervisor abstraction. It is good to be hypervisor > > agnostic, but I wouldn't go extra lengths to have a single binary. I > > cannot picture a case where a BE binary needs to be moved between > > different hypervisors and a recompilation is impossible (BE, not FE). > > Instead, I can definitely imagine detailed requirements on IRQ latency > > having to be lower than 10us or bandwidth higher than 500 MB/sec. > > > > Instead of virtio-proxy, my suggestion is to work together on a common > > project and common source with others interested in the same problem. > > > > I would pick something like kvmtool as a basis. It doesn't have to be > > kvmtools, and kvmtools specifically is GPL-licensed, which is > > unfortunate because it would help if the license was BSD-style for ease > > of integration with Zephyr and other RTOSes. > > > > As long as the project is open to working together on multiple > > hypervisors and deployment models then it is fine. For instance, the > > shared source could be based on OpenAMP kvmtool [1] (the original > > kvmtool likely prefers to stay small and narrow-focused on KVM). OpenAMP > > kvmtool was created to add support for hypervisor-less virtio but they > > are very open to hypervisors too. It could be a good place to add a Xen > > implementation, a KVM fatqueue implementation, a Jailhouse > > implementation, etc. -- work together toward the common goal of a single > > BE source (not binary) supporting multiple different deployment models. > > I have my reservations on using "kvmtool" to do any development here. > "kvmtool" can't be used on the products and it is just a tool for the > developers. > > The benefit of the solving problem w/ rust-vmm is that some of the crates from > this project can be utilized for the real product. Alex has mentioned that > "rust-vmm" today has some KVM specific bits but the rust-vmm community is > already discussing to remove or re-org them in such a way that other > Hypervisors can fit in. > > Microsoft has Hyper-V implementation w/ cloud-hypervisor which uses some of > the rust-vmm components as well and they had shown interest to add the Hyper-V > support in the "rust-vmm" project as well. I don't know the current progress > but they had proven it it "cloud-hypervisor" project. > > "rust-vmm" project's license will work as well for most of the project > developments and I see that "CrosVM" is shipping in the products as well. Most things in open source start as a developers tool before they become part of a product :) I am concerned about how "embeddable" rust-vmm is going to be. Do you think it would be possible to run it against an RTOS together with other apps written in C? Let me make a realistic example. You can imagine a Zephyr instance with simple toolstack functionalities written in C (starting/stopping VMs). One might want to add a virtio backend to it. I am not familiar enough with Rust and rust-vmm to know if it would be feasible and "easy" to run a rust-vmm backend as a Zephyr app. A C project of the size of kvmtool, but BSD-licensed, could run on Zephyr with only a little porting effort using the POSIX compatibility layer. I think that would be ideal. Anybody aware of a project fulfilling these requirements? If we have to give up the ability to integrate with an RTOS, then I think QEMU could be the leading choice because is still the main reference implementation for virtio.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.