Avi Kivity wrote: > Anthony Liguori wrote: >> Avi Kivity wrote: >> >> Each guest's host userspace mmaps the other guest's address space. >> The userspace then does a copy on both the tx and rx paths. >> > > Well, that's better security-wise (I'd still prefer to avoid it, so we > can run each guest under a separate uid), but then we lose performance > wise. What performance win? I'm not sure the copies can be eliminated in the case of interguest IO. Fast interguest IO means mmap()'ing the other guest's address space read-only. If you had a pv dma registration api you could conceivably only allow the active dma entries to be mapped but my fear would be that the zap'ing on unregister would hurt performance. >> Conceivably, this could be done as a read-only mapping so that each >> guest userspace copies only the rx packets. That's about as secure >> as you're going to get with this approach I think. >> > > Maybe we can terminate the virtio queue in the host kernel as a pipe, > and splice pipes together. > > That gives us guest-guest and guest-process communications, and if you > use aio the kernel can use a dma engine for the copy. Ah, so you're looking to use a DMA engine for accelerated copy. Perhaps the answer is to expose the DMA engine via a userspace API? Regards, Anthony Liguori _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/virtualization
