Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Share devices between guests #70

Open
daihuasheng opened this issue Jun 30, 2023 · 1 comment
Open

Share devices between guests #70

daihuasheng opened this issue Jun 30, 2023 · 1 comment
Labels
feature-request New feature or request

Comments

@daihuasheng
Copy link

I noticed that the same topic about shared devices was launched 2 years ago. I wonder if there is anything new about shared devices.
I know the concern about isolation, but in some cases the hardware unit does not own enough specific I/O devices (e.g. disk, net) to support multiple guests if no sharing support.
Besides, virtio support is mentioned in this topic before, and I wonder how the virtio is supported and used in different platforms now.
Thanks for considering. Wish your reply!
@josecm
Copy link
Member

josecm commented Jun 30, 2023
edited

Hey @daihuasheng! Thanks for bringing this up.

I know the concern about isolation, but in some cases the hardware unit does not own enough specific I/O devices (e.g. disk, net) to support multiple guests if no sharing support.

Completely agree with this. Despite the static and minimality philosophy of the system, sharing devices should be supported to be able to address some realistic use cases.

Besides, virtio support is mentioned in this topic before, and I wonder how the virtio is supported and used in different platforms now.

We do have plans to fully support virtio, and have already been experimenting with it internally by adding support for forwarding trapped accesses to virtio registers to a pre-defined guest running the back-end. Then using the already existing shared memory+doorbell support for communication in the bulk of the virtio protocol. However, there are still a lot of open questions, mainly:

  1. How should the backend be structured? A single guest for all devices (akin Xen's Dom0) would be more straightforward but go against the least privilege principle. One VM back-end per device would not scale in Bao due to the limited number of cores, so we'd need to add CPU-sharing support, possibly scheduling, etc.

  2. Also, what software stack to use for backends? Linux would be great from the point of view of the extensive device support it offers, but again, not ideal from a minimality/security/safety point of view.

  3. How to efficiently limit back-end access to the front-end address space? Currently, the virtio spec assumes back-ends have full access to front-end memory.

I guess these issues are common to other hypervisors, which already came up with solutions that we could follow.

We are hoping to get some resources on this again in the next few months. And will try to make any new developments public as soon as possible.

If you have any interest in contributing in this sense, please let us know.

I'm leaving this issue open and marking this as a feature-request.

@josecm josecm added the feature-request New feature or request label Jun 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@josecm @daihuasheng