Hi: Question might be simple but really confused me a long time. In my assumption, during VM running, the CPU sees the guest code instruction, so when it want to asscess memory, it sees the guest virtual adress(GVA), so it need to first translate to guest physical adress(GPA), and then host physical adress(HPA), and finally access the real memory address. Since GPA are always needs to translated to HPA, and p2m table only accessable in Xen for HVM guest, does this mean every memory access will need VMExit to Xen? many thanks. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
>From: MaoXiaoyun >Sent: Tuesday, May 31, 2011 12:16 AMcould you use plain text format when posting mail next time, which is easier for reply? :-)>Hi: > > Question might be simple but really confused me a long time. > > In my assumption, during VM running, the CPU sees the guest code instruction, >so when it want to asscess memory, it sees the guest virtual adress(GVA), so it need to >first translate to guest physical adress(GPA), and then host physical adress(HPA), and finally >access the real memory address. > >Since GPA are always needs to translated to HPA, and p2m table only accessable in Xen for >HVM guest, does this mean every memory access will need VMExit to Xen? >W/o EPT, CPU only has VA->PA knowledge, and thus here comes the concept of shadow page table. Xen marks guest page table as read-only, and then tracks every update to guest page table (which causes exits), and then construct shadow page table accordingly which setups GVA->HPA mapping. It''s the shadow page table which is actually walked by the CPU when the guest is running. W/ EPT, CPU has the concept of GVA->GPA->HPA. So literally the P2M table is maintained as EPT table, and then CPU will first walk guest page table to acquire GPA and then walk EPT table to get final HPA. Thanks Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Mon, 2011-05-30 at 17:15 +0100, MaoXiaoyun wrote:> Hi: > > Question might be simple but really confused me a long time. > > In my assumption, during VM running, the CPU sees the guest code > instruction, > so when it want to asscess memory, it sees the guest virtual > adress(GVA), so it need to > first translate to guest physical adress(GPA), and then host physical > adress(HPA), and finally > access the real memory address. > > Since GPA are always needs to translated to HPA, and p2m table only > accessable in Xen for > HVM guest, does this mean every memory access will need VMExit to Xen?No. If you are running on HAP then the P2M is programmed into the processor on guest entry and will be used by the page walking hardware directly without normally needing to vmexit, except where e.g. MMIO emulation requires it. If you are running on shadow page tables then the processor actually sees a pagetable which has had the P2M translation applied already, instead of the pagetables it thinks it is running on. The shadow code does demand filling of this shadow page tables from the one the guest page tables so you will take a vmexit only when there is a shadow page table miss, the frequency of this will depend heavily on your workload and configuration e.g. the shadow page table memory allocation for the guest. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
2011/5/30 MaoXiaoyun <tinnycloud@hotmail.com>:> Hi: > > Question might be simple but really confused me a long time. > > In my assumption, during VM running, the CPU sees the guest code > instruction, > so when it want to asscess memory, it sees the guest virtual adress(GVA), so > it need to > first translate to guest physical adress(GPA), and then host physical > adress(HPA), and finally > access the real memory address. > > Since GPA are always needs to translated to HPA, and p2m table only > accessable in Xen for > HVM guest, does this mean every memory access will need VMExit to Xen?No. How the translation happens depends on the mode you''re running in: shadow or HAP. As you know, in non-virtualization mode, the hardware will translate a virtual address to a physical address by walking the page tables, and placing the resulting translation in the TLB. For fully virtualized VMs, as you say, the guest page tables are using guest PFNs, which need to be translated into hardware pages (MFNs) before they can be used. In shadow mode, the hypervisor keeps a set of "shadow" pagetables, which are translated versions of the guest pagetables. The hardware walks these shadow page tables in exactly the same way as it does when not virtualized. This means that Xen has to be involved whenever the guest''s *page tables* are changed, but not on every access to guest memory. In HAP mode, the hypervisor tells the hardware where to find the p2m table, and the hardware does the translation itself -- walking Xen''s p2m table just as it walks the guest''s page tables. In neither case is Xen involved on every memory access. Does that make sense? -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Hi, At 00:15 +0800 on 31 May (1306800954), MaoXiaoyun wrote:> Hi: > > Question might be simple but really confused me a long time. > > In my assumption, during VM running, the CPU sees the guest code instruction, > so when it want to asscess memory, it sees the guest virtual adress(GVA), so it need to > first translate to guest physical adress(GPA), and then host physical adress(HPA), and finally > access the real memory address. > > Since GPA are always needs to translated to HPA, and p2m table only accessable in Xen for > HVM guest, does this mean every memory access will need VMExit to Xen?No, that would run awfully slowly! If the CPU has EPT/NPT support, the p2m table can be passed to the CPU along with the guest pagetables, and the CPU does both translations. (This is called "hap", for hardware-assisited paging, in the Xen code.) That needs no extra VMEXITs for memory accesses, but TLB fills get a lot more expensive. The other way to do it is for Xen to maintain "shadow pagetables", copies of the guest pagetables with the extra p->m translation already applied. That involves some extra VMEXITs, basically the first time a VA is used, and when an in-use pagetable is modified, and it needs a bunch of memory to keep the shadows in. The overheads of the two methods are roughly comparable; depending on the workload it can make a few % difference either way to use shadows or hap. Because the code for fast shadow pagetables is quite complicated, some of the more recent Xen features (page-sharing, paging, the new mem-event interface) are only supported on HAP. Cheers, Tim. -- Tim Deegan <Tim.Deegan@citrix.com> Principal Software Engineer, Xen Platform Team Citrix Systems UK Ltd. (Company #02937203, SL9 0BG) _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
> Date: Tue, 31 May 2011 10:29:11 +0100 > Subject: Re: [Xen-devel] Question on p2m table > From: George.Dunlap@eu.citrix.com > To: tinnycloud@hotmail.com > CC: xen-devel@lists.xensource.com > > 2011/5/30 MaoXiaoyun <tinnycloud@hotmail.com>: > > Hi: > > > > Question might be simple but really confused me a long time. > > > > In my assumption, during VM running, the CPU sees the guest code > > instruction, > > so when it want to asscess memory, it sees the guest virtual adress(GVA), so > > it need to > > first translate to guest physical adress(GPA), and then host physical > > adress(HPA), and finally > > access the real memory address. > > > > Since GPA are always needs to translated to HPA, and p2m table only > > accessable in Xen for > > HVM guest, does this mean every memory access will need VMExit to Xen? > > No. > > How the translation happens depends on the mode you''re running in: > shadow or HAP. > > As you know, in non-virtualization mode, the hardware will translate a > virtual address to a physical address by walking the page tables, and > placing the resulting translation in the TLB. > > For fully virtualized VMs, as you say, the guest page tables are using > guest PFNs, which need to be translated into hardware pages (MFNs) > before they can be used. > > In shadow mode, the hypervisor keeps a set of "shadow" pagetables, > which are translated versions of the guest pagetables. The hardware > walks these shadow page tables in exactly the same way as it does when > not virtualized. This means that Xen has to be involved whenever the > guest''s *page tables* are changed, but not on every access to guest > memory. > > In HAP mode, the hypervisor tells the hardware where to find the p2m > table, and the hardware does the translation itself -- walking Xen''s > p2m table just as it walks the guest''s page tables. > > In neither case is Xen involved on every memory access. > > Does that make sense?Actually I want to know how shadown page table and EPT works in detail. Before further help from you, I will dig deeper myself. Thanks for kindly help.> > -George--_eadbe8f6-738f-434d-93df-8b48d2318abf_ Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: 8bit <html> <head> <style><!-- .hmmessage P { margin:0px; padding:0px } body.hmmessage { font-size: 10pt; font-family:微软雅黑 } --></style> </head> <body class=''hmmessage''> <BR> <BR> > Date: Tue, 31 May 2011 10:29:11 +0100<BR>> Subject: Re: [Xen-devel] Question on p2m table<BR>> From: George.Dunlap@eu.citrix.com<BR>> To: tinnycloud@hotmail.com<BR>> CC: xen-devel@lists.xensource.com<BR>> <BR>> 2011/5/30 MaoXiaoyun <tinnycloud@hotmail.com>:<BR>> > Hi:<BR>> ><BR>> > Question might be simple but really confused me a long time.<BR>> ><BR>> > In my assumption, during VM running, the CPU sees the guest code<BR>> > instruction,<BR>> > so when it want to asscess memory, it sees the guest virtual adress(GVA), so<BR>> > it need to<BR>> > first translate to guest physical adress(GPA), and then host physical<BR>> > adress(HPA), and finally<BR>> > access the real memory address.<BR>> ><BR>> > Since GPA are always needs to translated to HPA, and p2m table only<BR>> > accessable in Xen for<BR>> > HVM guest, does this mean every memory access will need VMExit to Xen?<BR>> <BR>> No.<BR>> <BR>> How the translation happens depends on the mode you''re running in:<BR>> shadow or HAP.<BR>> <BR>> As you know, in non-virtualization mode, the hardware will translate a<BR>> virtual address to a physical address by walking the page tables, and<BR>> placing the resulting translation in the TLB.<BR>> <BR>> For fully virtualized VMs, as you say, the guest page tables are using<BR>> guest PFNs, which need to be translated into hardware pages (MFNs)<BR>> before they can be used.<BR>> <BR>> In shadow mode, the hypervisor keeps a set of "shadow" pagetables,<BR>> which are translated versions of the guest pagetables. The hardware<BR>> walks these shadow page tables in exactly the same way as it does when<BR>> not virtualized. This means that Xen has to be involved whenever the<BR>> guest''s *page tables* are changed, but not on every access to guest<BR>> memory.<BR>> <BR>> In HAP mode, the hypervisor tells the hardware where to find the p2m<BR>> table, and the hardware does the translation itself -- walking Xen''s<BR>> p2m table just as it walks the guest''s page tables.<BR>> <BR>> In neither case is Xen involved on every memory access.<BR>> <BR>> Does that make sense?<BR> <BR> Actually I want to know how shadown page table and EPT works in detail.<BR> Before further help from you, I will dig deeper myself.<BR> Thanks for kindly help.<BR> <BR>> <BR>> -George<BR><BR> </body> </html> --_eadbe8f6-738f-434d-93df-8b48d2318abf_-- --===============0120732652=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0120732652==--