On 2012-06-10 10:41, Abel Gordon wrote: > Jan Kiszka <jan.kiszka@xxxxxx> wrote on 07/06/2012 18:05:55: > >> It remains a fragile approach: >> - host-side reverse translations may not return a stable result, thus >> may require to redo this step several times >> - the guest may decide to remove/disable the device you chose for >> appending the IDT >> - changing the real BAR size can confuse the guest, or it only maps >> what it requires of the real device >> That's why I consider it nasty. > > Yep, these are corner cases we should deal with but they are not part > of the common case/critical path. > >> I'm wondering if redirecting (to different cores) or masking (at >> device/IOAPIC/LAPIC level) of non-guest interrupts and only relying on >> preemption timer/NMI isn't simpler. Then you wouldn't have to shadow the >> IDT. > > Yep, as we suggested in the paper, that could be also an alternative. > Is it really simpler ? Again, depends who you ask and what you need to > change. > All the alternatives have a set of pros and cons. > For sure. But avoiding the shadow IDT would likely mean avoiding userspace changes for KVM. And that means simplification. And avoid PCI dependencies. Jan
Attachment:
signature.asc
Description: OpenPGP digital signature
