WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Device Drivers in xen, looking also for a white book a

To: "Venefax" <venefax@xxxxxxxxx>
Subject: Re: [Xen-users] Device Drivers in xen, looking also for a white book about how xen works exactly‏
From: Mark Williamson <mark.williamson@xxxxxxxxxxxx>
Date: Sun, 1 Mar 2009 17:54:44 +0000
Cc: 'Patrick Archibal' <bugpb60@xxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 01 Mar 2009 09:55:31 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <011501c99a91$03c494c0$0b4dbe40$@com>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <COL103-W558C9E449925AB4A16FCC2ABA80@xxxxxxx> <200903011639.11961.mark.williamson@xxxxxxxxxxxx> <011501c99a91$03c494c0$0b4dbe40$@com>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.11.0 (Linux/2.6.27-11-generic; KDE/4.2.0; i686; ; )
On Sunday 01 March 2009 17:13:16 Venefax wrote:
> Your explanation misses to describe the difference between
> fully-virtualized VM's and Paravirtualized ones, and why the performance of
> the later is much, much better.

This is true and the original question does touch on it since it asks about 
virtual devices.

> Please kindly continue. You are doing a great job summarizing the ongoing
> discussion in the science and art of virtualization.

OK, thanks ;-)

Well...

Paravirtualised VMs on Xen are traditionally VMs that run a fully Xen-aware 
OS.  The kernel (usually Linux but also NetBSD, sometimes Netware, sometimes 
others) has been modified deeply to understand that it is running on a 
hypervisor.  As a result it knows it shouldn't be looking for real physical 
devices like PCI network cards, graphics cards, etc.  Instead, when a 
paravirtualised OS boots, it establishes shared memory communications with an 
already-running VM which is able to provide it with block and network IO.  
Usually this involves connecting to virtual devices provided by dom0.

Dom0 runs a kernel module called a "backend driver".  There's one of these for 
block devices (i.e. virtual disks) and one for virtual network devices.  The 
backend driver receives requests from paravirtualised domUs and multiplexes 
them onto the real hardware.  The backend driver allows the domUs to *safely* 
share the real hardware in the machine so that they can correctly access 
storage and network when they need to.  To make sure that the guests don't try 
to do bad things with the system, the backend driver must check (and sometimes 
alter) their requests.  The backend driver is a kind of low level "proxy" for 
devices.

On the other hand, fully virtualised VMs are ones that believe they are 
running on a real PC.  The VMM stack (Xen+dom0 in this case) must somehow 
provide the illusion of this by emulating real-world devices for disk, network 
card, graphics card, etc.  Fully virtualised VMs don't know how to establish 
shared memory connections to dom0 because that does not exist in a real PC.  
Instead they issue MMIO accesses and port IO to try and discover what 
"hardware" they have available to them.  These accesses can be caught by Xen 
and are passed to a "device model".  The device model is a program running in 
another VM which can emulate the devices the guest OS is expecting.  It 
simulates these devices, then generates the responses the guest OS would 
expect from a real device.

Amongst the devices that are emulated by the Device Model are the disk and 
network devices that the guest will use to do IO.  When the Device Model gets 
requests to read or write these emulated devices, it issues requests "behind 
the scenes" to do *real* IO.  The guest itself does not know how this happens, 
as it believes it is talking directly to the hardware.

There are two ways that the Device Model usually runs.  Originally the Device 
Models were simply a userspace process running in domain 0.  This is separate 
from the "backend" drivers that paravirtualised guests talked to.  The device 
models did IO by accessing files and devices using normal system calls - the 
same as any other process would do.  Some special calls were made available to 
the device model so that it could communicate back to the fully virtualised 
guests.  More recently the "stub domain" or "stubdom" option has been created.  
This this model the device model is a effectively a separate virtual machine 
that is solely responsible for providing emulated devices to the fully 
virtualised VM it is paired with.  The stubdom services the IO by using normal 
paravirtualised shared memory to talk to dom0.  Think of the stubdom as a 
"proxy" that turns emulated device requests into paravirtual device requests.

In either case, the device model is based very heavily on the PC emulation 
code from the Qemu (http://www.qemu.org) project.

Things can be *slightly* more complicated than this, however, since it is 
possible to run paravirtualised drivers inside a full virtualised VM.  This 
blurs the lines between the two classes of VM and includes some of the 
strengths (and weaknesses) of both.  If paravirtualised drivers are made to 
run within a fully virtualised OS then you can get better IO performance since 
the overheads of emulating real devices are removed.  The OS itself does not 
need to be fully modified for Xen in order take to take advantage of this, so 
it is an ideal technique to apply to Windows guests.  The GPLPV Windows 
drivers do this, for instance.

I hope this helps to summarise the differences in IO between the different 
kinds 
of VMs Xen might run.  This description is mostly Xen-specific - there are some 
common concepts with other VMM stacks but they tend to vary greatly in exactly 
how they accomplish these goals.

Cheers,
Mark

> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Mark Williamson
> Sent: Sunday, March 01, 2009 11:39 AM
> To: xen-users@xxxxxxxxxxxxxxxxxxx
> Cc: Patrick Archibal
> Subject: Re: [Xen-users] Device Drivers in xen, looking also for a white
> book about how xen works exactly‏
>
> Hi there,
>
> > I want to know how it works on xen.
> > I think that :
> >
> >  All drivers are in the hypervisor, when a guest requires to use a
> > device,
> >
> > guest uses drivers which has been rewriten for xen in order to contact
> > the hypervisor. Then, the hypervisor which has all real drivers (not
> > modified) call the real device ?
>
> That's how Xen 1.x worked.  Porting drivers to Xen was ugly and time
> consuming, so we moved it to the other model you describe.  Let's call this
> approach #1.
>
> > or that :
> > The real device driver is contained in the dom0 system, the dom0 manage
> > driver for all domU.
>
> This is how Xen worked from Xen 2.x onwards.  Xen 3.x uses a very similar
> architecture but moves *even more* driver stuff into dom0.  Xen knows very
> little about devices.  Lets call this approach #2.
>
> > I have three questions :
> >
> > 1 -  Which is the good scenario ? (if one is good ) :o)
>
> As usual in Operating Systems (and everything else!) the answer is probably
> "It depends" ;-)
>
> If you were making an embedded device, where you have a small selection of
> hardware to expect then it might make sense to take approach #1 and put the
> drivers in the hypervisor.
>
> In Xen's case, the goal is to have a fairly small hypervisor but be able to
> run on a wide variety of PCs.  Running on a wide variety of PCs means that
> lots of drivers need to be available and the only sensible way to do this
> was
> to run the drivers in a Linux guest, instead of porting them all to Xen.
>
> Another potentially benefit of approach #2 is that your device drivers are
> contained in VMs.  If you go a step further than what you described and
> make
>
> it possible to run drivers in domains *other* than dom0 then if a driver
> crashes, it can be killed and restarted.  You can't do this when the
> drivers
>
> are in the hypervisor itself (or dom0).
>
> For Xen's purposes, approach #2 has been much better.  Microsoft's Hyper-V
> is
> taking this approach too, I believe.
>
> Note, however, that VMware ESX - a *very* strong and successful product -
> uses
> approach #1 with great success.  Arguably Linux-based approaches like KVM
> use
> approach #1 also but the difference there is that *Linux is the hypervisor*
> so
> drivers do not need to be ported to it.  For this reason, approach #1 is
> not a
> disadvantage to them (it's even a strength!).
>
> > 2 - If drivers for guests are rewritten to call hypervisor or dom0
> > instead of the device directly, who devellops driver ? (xen devellopers ?
> > or developper for kernel mainline)
>
> The Xen patches are designed so that the *real* device drivers work
> unmodified
> (they just need to be compiled for Xen).  To get device access to domUs, a
> set
> of "Virtual Device" drivers are written.  These are written by the Xen
> developers and are used to give network and block (and framebuffer) access
> to
> domUs.
>
> > 3- Which is the real utility of dom0 system ? (just I/O and
> > administration of virtual machines)
>
> You can run what you want in dom0 - some people run X.org and use it as
> their
> "desktop" OS.  For a secure deployment you want a minimal set of drivers
> and
>
> administration tools in it.
>
> > Last question, is someone have find a good white paper or doc which
> > explains how xen works ? (and where i can find probably answers for my
> > questions ??)
>
> Look at these:
> http://wiki.xensource.com/xenwiki/XenArchitecture?action=AttachFile&do=get&;
>t arget=Xen+Architecture_Q1+2008.pdf
> http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf
> http://www.cl.cam.ac.uk/netos/papers/2004-oasis-ngio.pdf
> http://www.cl.cam.ac.uk/research/srg/netos/xen/architecture.html
>
> "Xen and the art of virtualization" describes the Xen 1.x driver
> architecture
> but it is a useful guide to the rest of the system.  "Safe hardware
> access..."
> describes the newer architecture.
>
> > Thanks for all this details.
> > Best regards
> >
> > Patrick Archibal
>
> Hope this helps,
> Cheers!
> Mark
>
> > Inédit ! Des Emoticônes Déjantées! Installez les dans votre Messenger !
> > http://www.ilovemessenger.fr/Emoticones/EmoticonesDejantees.aspx
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users