“PV driver study”的版本间的差异
free6d1823(讨论 | 贡献) |
free6d1823(讨论 | 贡献) |
||
| 第39行: | 第39行: | ||
xl pci-attach <domain-id> <pci device> <guest virtual slot number> | xl pci-attach <domain-id> <pci device> <guest virtual slot number> | ||
xl pci-detach <domain-id> <pci device> <guest virtual slot number> | xl pci-detach <domain-id> <pci device> <guest virtual slot number> | ||
| + | |||
| + | *Paravirtualised Memory Management | ||
| + | Reference: https://wiki.xen.org/wiki/X86_Paravirtualised_Memory_Management | ||
2019年12月3日 (二) 12:11的版本
Reference:
https://wiki.xen.org/wiki/Paravirtualization_(PV)
https://wiki.xen.org/wiki/Xen_VGA_Passthrough
https://wiki.xen.org/wiki/Xen_PCI_Passthrough
PV support is provided by the paravirt operations extensions (PVOPS) and PV front and back-end drivers that are shipped with Linux.
Xen Project Guest (DomU) support for Linux was introduced into the Linux kernel with version 2.6.24
Xen Project Control Domain (Dom0) support was added from version 2.6.37. The key drivers have been added to Linux v 3.0 and since additional drivers and optimizations are added.
backend driver = driver required in the Xen dom0 kernel
frontend driver = driver required in the Xen domU guest kernel
pciback and pcifront = drivers required for PCI passthrough. These drivers are not related to using PCI devices in dom0!
usbback and usbfront = drivers required for USB passthrough. These drivers are not related to using physical usb devices in dom0!
scsiback and scsifront = drivers required for PVSCSI passthrough. These drivers are not related to using SCSI devices in dom0!
- Xen VGA graphics adapter passthrough
requires IOMMU (Intel VT-d) support from the motherboard chipset, from the motherboard BIOS and from Xen.
VGA 需要bios, 但DomU没有bios, 所以这个需要bios 有虚拟化支持 .
Note that some graphics cards might work in the PV domU just by using the normal Xen PCI passthru.
新的图形卡应该直接看PCI passthru.
- PCI 穿越
Dom0 发现pci device 把它连接给 pciback driver. DomU 由 QEMU 模拟的 PCI bus 上找到 device 把它跟 pcifront river连接.
安全问题: VM buggy驱动可能损害别的系统. 可由VM 攻击其他系统 .
解法:IOMMU - (1)允许Xen限制device 可access 的memory. (2) allows Xen to give the device the same virtualized memory layout that the guest sees.
Dom 0 Load 方法:
(1) Static assignment for built-in xen-pciback: dom0 kernel command line: xen-pciback.hide=(08:00.0)(08.00.1)(device to passthru)
(2) dynamic load: Dom0 console:
modprobe xen-pciback xl pci-assignable-add <domain>:<bus>:<slot>.<function>
Guest configuration: guest kernel command-line
iommu=soft #pvops kernel swiotlb=force #classic Xen kernel
vm create configue file
pci=['80:00.0',<domain>:<bus>:<slot>.<function>,...]
on Dom0 console command line
xl pci-attach <domain-id> <pci device> <guest virtual slot number> xl pci-detach <domain-id> <pci device> <guest virtual slot number>
- Paravirtualised Memory Management
Reference: https://wiki.xen.org/wiki/X86_Paravirtualised_Memory_Management
