[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Xen-devel] page table question!
> -----Original Message-----
> From: M.A. Williamson [mailto:maw48@xxxxxxxxxxxxxxxx] On
> Behalf Of Mark Williamson
> Sent: 13 June 2007 17:06
> To: xen-devel@xxxxxxxxxxxxxxxxxxx
> Cc: Petersson, Mats; MT Rezaie
> Subject: Re: [Xen-devel] page table question!
> > > I want to know any difference between writing, reading
> and shadow page
> > > table (for example performance).
> > Not sure exactly what you're asking for: are you asking
> about "writable"
> > and "non-writable" page-table vs. shadow-page-table?
> "Writable pagetables" is an interface introduced for Xen 3 PV
> guests to update
> their pagetables. Previous versions of Xen required guests
> to be modified to
> make every update to their pagetables explicitly call into Xen (and
> explicitly batch those operations). Writeable pagetables
> replace this by
> allowing updates to the pagetables to be implemented by the
> guest as attempts
> to write directly to them. This isn't a trusted operation,
> however, since
> Xen uses page protections to prevent unvalidated writes going
> Right now this is implemented by trapping each attempt to
> write to the lower
> levels of the pagetables and emulating it in Xen. Previous
> were a bit more complicated but found to be unnecessary.
Thanks for clarifying. I seem to remember reading about a mode where the
page-table isn't "read-only" - did I just imagine that, or what?
> This interface does require the guest to do physical->machine
> (which are verified by Xen before installing them), and the
> guest actually
> works with the real pagetables (subject to certain
> restrictions). As a
> result the guest can get data out of the real pagetables by
> doing a simple
> read - this operation should be as fast as native. Updating
> pagetables is
> obviously a bit slower than native because Xen has to emulate
> them; explicit
> calls to Xen's batched update interface are used to give
> decent performance
> when lots of PTEs are being modified.
> Does that answer your question, Mohammad?
> > As of currently, Shadow-mode is only used for HVM (fully
> > domains. In this case, the guest has a "dummy" page-table
> that is not
> > used by the processor for any memory accesses, instead a
> "shadow" (copy)
> > of the guest's page-table is used. The shadow page-table is
> used by the
> > processor. To make updates to the page-table appear in the
> > shadow-page-table, the hypervisor is making sure that the
> > guest-page-table is read-only, and when the guest writes to the
> > page-table, we reproduce the write [with modification to reflect the
> > difference between guest physical and machine physical address].
> What Mats said :-)
There is another mode that we haven't mentioned yet, which is the
HAP-mode (aka NPT (Nested Page-tables) from AMD, and Intel has something
similar which I believe is called EPT). HAP stands for Hardware Assisted
Paging. This mode is (obviously) only available in processors that have
support for this feature - there are none of these available on the
market just yet.
The idea in this mode is that the guest doesn't know about the
machine-physical address, but we also don't intercept page-table writes
(by making the guest page-table read-only). Instead, there is a second,
hypervisor-owned, page-table that translates the guest-physical address
to machine-physical address.
So instead of using a single page-table that is "modified" to match the
guest-virtual->machine-physical, we add another layer of page-table to
translate guest-physical->machine-physical address. This second
page-table is normally static, so it requires no changes under normal
There is a performance advantage here in that we don't have to intercept
the write to the page-table. This is normally fairly expensive, so for
systems where page-tables are written often, it's definitely worth
having. On systems with rare updates to the page-table, the performance
advantage is much smaller, if any at all.
> One thing I've never been clear on for shadow mode is how
> accessed / dirty
> bits get propagated to the guest pagetable from the shadow.
Good question. I have a feeling that the answer is "it doesn't". HAP
would probably solve this problem.
> At some point there was also support in Xen for fully
> translated shadowing of
> PV guests but I'm not sure this works now. PV guests do
> still get shadowed
> in a limited way during live migration, however.
> Dave: Just a question. What use is a unicyle with no seat?
> And no pedals!
> Mark: To answer a question with a question: What use is a skateboard?
> Dave: Skateboards have wheels.
> Mark: My wheel has a wheel!
Xen-devel mailing list