Xen project Mailing List

Re: [RFC] Proposed x86 shadow paging changes

From: "Teddy Astie" <teddy.astie@xxxxxxxxxx>

Date: Thu, 12 Jun 2025 16:45:58 +0000

Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 12 Jun 2025 16:46:09 +0000

Feedback-id: 30504962:30504962.20250612:md

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Le 12/06/2025 à 14:12, Jan Beulich a écrit : > On 12.06.2025 13:45, Teddy Astie wrote: >> In Xen x86, there is the shadow paging that could be used in some cases >> (notably with HVM), and is used when HAP is not available. It may also >> be used in very specific cases for PV guests. >> >> With the vast majority of hardware supporting HAP (through EPT or NPT), >> it's rarely used in practice for HVM, with most downstream projects >> (XenServer, XCP-ng, QubesOS) are compiling-out its support by default. >> It also performs very significantly worse than HAP. > > Whenever this argument was made, iirc it was in particular George (who > was involved in the original work aiui) who kept pointing that such a > statement is not generally true, for numbers being workload dependent. > I am a bit curious on specific workloads where shadow paging performs better than hap. Especially considering that shadow paging doesn't support PCID and the existence of ASIDs. >> Therefore, it's not very used in production, and unsurprisingly isn't >> actively being worked on (most projects being around HAP). > > Is it not? Feel free to review this 2 year old series > (https://lists.xen.org/archives/html/xen-devel/2023-05/msg01140.html), > to allow it to finally go in. I'm simply reluctant to do any other work > in that area until such earlier work was properly settled. In fact I may > have added one or two patches on top in the meantime, but I saw no good > reason to even post them, given the state of the series. > >> One of the issues of Shadow Paging is that it relies on a heavy set of >> optimizations, with some of them being effectively obselete >> (optimisations based on heuristics designed for more than 20 years old >> kernels) or eventually problematic (e.g with modern CPU mitigations e.g >> L1TF mitigations). >> Most of these optimizations are hard to reason regarding reliability and >> security and difficult to debug. Some of these optimizations causes very >> subtle issues with TLB refactoring for ASID management rework [1]. >> Moreover, it's fair to say performance is no longer the priority for >> shadow paging. >> >> My proposal would be to : >> - significantly reduce the complexity of shadow paging by dropping most >> of the complex optimizations > > If such can be proven to have no dramatic effect on performance, maybe. > >> - consider Shadow Paging as Deprecated > > I consider this impossible as long as it's still used for PV migration > and PV L1TF fallback. In particular ... > What about deprecated only for HVM ? >> > Functional completeness: Yes >> > Functional stability: Quirky >> > Interface stability: No (as in, may disappear the next release) > > ... I don't see this as being possible to happen any time soon. > > Jan > >> > Security supported: Yes >> >> Teddy >> >> [1] >> https://lore.kernel.org/xen-devel/9cdb3e67abd01390bcc4cd103ca539d6bf7adbc0.1747312394.git.teddy.astie@xxxxxxxxxx/ >> >> >> | Vates >> >> XCP-ng & Xen Orchestra - Vates solutions >> >> web: https://vates.tech >> >> > Teddy Astie | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.