[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120720105248.GA2692@arm.com>
Date: Fri, 20 Jul 2012 11:52:48 +0100
From: Catalin Marinas <catalin.marinas@....com>
To: Arnd Bergmann <arnd@...db.de>
Cc: Jon Masters <jonathan@...masters.org>,
Christopher Covington <cov@...eaurora.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Will Deacon <Will.Deacon@....com>
Subject: Re: [PATCH 08/36] AArch64: Kernel booting and initialisation
On Fri, Jul 20, 2012 at 09:28:12AM +0100, Arnd Bergmann wrote:
> On Friday 20 July 2012, Jon Masters wrote:
> > > I think it would be best to list the technical limitations, from the
> > > kernel's perspective, of the unsupported exception levels and the
> > > advantages of the supported exception levels here. If you want to guide
> > > system builders towards EL2, I think it'd be more convincing to document
> > > the relevant technical aspects (perhaps KVM needs facilities only
> > > available in EL2) than just providing an unexplained requirement.
> >
> > Unless you enter at EL2 you can never install a hypervisor. That's the
> > reason for the requirement for generally entering at EL2 when possible.
>
> How do nested hypervisors work in this scenario? Does the first-level
> hypervisor (counting from most priviledged) provide a guest that starts
> in an emulated EL2 state, or is this done differently?
Your favourite topic :). Self virtualisation is not easily possible, at
least not with how KVM on ARM is being implemented. The hardware does
not allow code running at EL1 to be told that it is at EL2 (or code
running at EL2 to be trapped at EL2). So for normal virtualisation,
guest OSes start at EL1 and they benefit of all the hardware
acceleration. If a guest OS wants to run KVM again, it won't have access
to the virtualisation extensions (EL2 system register access would cause
an undefined trap). The best it can do is run the nested guest OS in EL0
and trap accesses to system registers (no that different from Qemu).
If such feature is needed, the best approach is for all kernels, host or
guest, to always enter at (non-secure) EL1. The EL2 would have a clearly
defined HVC API for nested page tables, virtual interrupts, context
switching etc. This way, the host OS can inform the hypervisor that
guest OSes are allowed to use this API for their own nested guests. But
getting such hypervisor API right is a bit tricky and the feedback from
the KVM guys so far is that they need the flexibility of running their
own code at EL2. I guess another benefit is that both KVM and Xen could
use the same API.
But is this feature really needed?
--
Catalin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists