Hi Paolo, First, thank you for the very detailed answer. Here are few comments: On 05/30/2017 03:16 PM, Paolo Bonzini wrote: > it would help if you provided the original quote about type-1 and > type-2, because I have never been able to find it. It is often cited > together with the above Popek-Goldberg paper but I cannot find it in there COMPUTER ARCHITECTURAL SYSTEMSPRINCIPLES FOR VIRTUAL Robert P. Goldberg -- pp20 & following http://www.dtic.mil/dtic/tr/fulltext/u2/772809.pdf > If you really want to cut hypervisors in two, you could distinguish > "type-1" hypervisors that run in supervisor mode (x86 says ring 0) from > "type-2" hypervisors that run in user mode (x86 says ring 3). I wonder if there is some tool allowing to measure the amount of time a process spend in each ring? > Another case where the distinction is substantially blurred by computers > and OSes newer than the 1970s is I/O devices. In this case, VFIO allows > I/O devices to be used directly by the virtual machine with no overhead > for I/O calls, and together with KVM no overhead for interrupts either. > > In other words, kernel modules like KVM or Apple's Hypervisor.framework > augment conventional OSes with the abilities of a VMM, but KVM and > Hypervisor.framework (and VirtualBox too) are definitely "bare metal". This is a little bit outside of the scope of my initial question, but isn't "augment[ing] conventional OSes with the abilities of a VMM" actually increasing the thread surface of the system? Let me make the devil's advocate here: let's imagine I run BSD & Linux guests on x86 host. With VMWare ESX, a bug in the Linux Kernel would thread *only* the Linux guests. But with KVM (and Xen, for what it worth), it would thread *all* guests. Or is there some way in KVM to protect the VMM sub-system from other parts of the kernel (esp. from modules/device drivers)? -- -- Sylvain Leroux -- sylvain@xxxxxxxxxxx -- http://www.chicoree.fr
Attachment:
signature.asc
Description: OpenPGP digital signature
