Memory

From KVM
Revision as of 14:30, 29 January 2010 by Hansendc (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

There are two modes in which KVM can work.






It used to be that every time a KVM guest changed its page tables, the host had to be involved. The host would validate that the entries the guest put in its page tables were valid and that they did not access any memory which was not allowed. It did this with two mechanisms. One was that the actual set of page tables being used by the virtualization hardware are separate from the page tables that the guest *thought* were being used. This concept is called shadow page tables and it is a very common technique in virtualization. The second part (and the key to this technique) was that the VMX/AMD-V extensions allowed the host to trap whenever the guest tried to set the register pointing to the base page table (CR3).

This technique works fine. But, it has some serious performance implications. A single access to a guest page can take up to 25 memory accesses to complete, which gets very costly. See this paper: http://developer.amd.com/assets/NPT-WP-1%201-final-TM.pdf for more information.