On 27/05/2017 19:06, Sylvain Leroux wrote:
> I certainly do not want to start a type 1 vs type 2 holly war. But I'm
> working on some introductory course on virtualization and I have hard
> time to conciliate the average user daily experience with the premise
> KVM *is* type 1.
Hi Sylvain,
it would help if you provided the original quote about type-1 and
type-2, because I have never been able to find it. It is often cited
together with the above Popek-Goldberg paper but I cannot find it in there
If you really want to cut hypervisors in two, you could distinguish
"type-1" hypervisors that run in supervisor mode (x86 says ring 0) from
"type-2" hypervisors that run in user mode (x86 says ring 3).
It is debatable that this classification makes sense because, on a
virtualizable machine with paging, a hypervisor running in ring 3 would
likely need some help from the kernel in order to build page tables;
Popek and Goldberg's paper ("Formal Requirements for Virtualizable Third
Generation Architectures" paper, CACM vol. 17 n. 7 pages 412-421) only
mentions a simple segmented architecture. But anyway, based on this
classification, type-2 hypervisors on x86 _must_ be doing dynamic
translation, because x86 with virtual machine extensions is not
virtualizable and virtual machine extensions are only accessible from
ring 0. Anything that uses virtual machine extensions would be type-1.
You arrive to the same conclusion if you say that type-1 runs in VMX
root mode and type-2 runs in VMX non-root mode.
Another case where the distinction is substantially blurred by computers
and OSes newer than the 1970s is I/O devices. In this case, VFIO allows
I/O devices to be used directly by the virtual machine with no overhead
for I/O calls, and together with KVM no overhead for interrupts either.
In other words, kernel modules like KVM or Apple's Hypervisor.framework
augment conventional OSes with the abilities of a VMM, but KVM and
Hypervisor.framework (and VirtualBox too) are definitely "bare metal".
I would just ignore it. To some extent, the modern usage of the type-1
and type-2 terms is really more about VMware and Xen trying to bash KVM,
than anything else.
Paolo
