Para-virtualization support for ARM on Genode
Stefan Kalkowski
stefan.kalkowski at ...1...
Thu Sep 25 15:14:10 CEST 2014
Hi Praveen,
On 09/25/2014 12:12 PM, Praveen B wrote:
> Hi Stefan, (Sorry I was in a hurry and mentioned Norman in my previous mail)
>
> I can run L4Linux, on i.MX6 board with Genode on Fiasco.OC kernel.
>
> But there is one confusion.
> Is Genode running as an application in L4Re? How are L4re, Genode and
> L4Linux related in the port for Fiasco.OC kernel?
Genode isn't running as an application in L4Re. L4Linux in its
unmodified form uses L4Re bindings, as well as Fiasco.OC kernel
bindings. Our version of L4Linux in Genode replaces the L4Re library
with a Genode specific one that implements the same API. However,
Genode's L4Linux version is tied to the Fiasco.OC kernel bindings, like
the original one.
>
> Can you give an estimate of how much is the performance drawback of
> running Genode over Fiasco.OC kernel over base-hw?
> How do we go about measuring the performance difference?
Well, as always this is a matter of what kind of performance test you
do. I would be very cautious in judging performance in general.
I can provide exactly two kinds of measurements we're doing regularily.
The first is a network performance test (I/O burden), which measures
throughput of packets within a defined time range. The following numbers
are measured on a Cortex A9 Pandaboard:
|---------------------------------------|
| | Genode/Fiasco.OC | Genode/HW |
|---------------------------------------|
| RX | 70.2 Mbit/s | 88.8 Mbit/s |
|---------------------------------------|
| TX | 89.7 MBit/s | 93.7 MBit/s |
|---------------------------------------|
The second is compiling Genode's core process on top of Genode. The
following numbers are measured on a Cortex A15 Arndale board. With
Fiasco.OC the whole test takes 492 seconds, and on the HW-kernel it
takes 216 seconds. This test spawns a lot of child processes, and
destroys them again. Thereby everything is done sequentially.
Fiasco.OC's SMP implementation suffers from a performance weakness when
it comes to kernel object deletion. However, we use an already outdated
version of Fiasco.OC. It might be that the developers of Fiasco.OC
removed this performance weakness in the meantime.
However, when it comes to L4Linux, most performance critical
functionality (e.g. paging code) is done using kernel primitives only.
That said, the difference of the runtime performance of L4Linux on top
of L4Re or Genode should be less important in contrast to ordinary
Genode applications. But I haven't measured it in the past.
>
> We need only one virtual linux as Mr.Madhu mentioned. But trustzone is
> not yet working for i.MX6 board and another student, Chirag, is working
> on that. We will look into that solution once trustzone works.
>
> But Which one of the three solutions might be the better solution in
> terms of performance?
> I think it is Trustzone VM as the guest runs as there is no
> virtualization overhead of CPU and Memory. Please clarify.
I would assume the same, especially when the VM uses a lot of hardware
devices on its behalf. But when doing heavy I/O related stuff on
virtualized devices it might be different. As the world switch between
non-secure/secure world is more costly than a normal context switch, and
the memory transfer (using non-cached memory) is more costly too, a
para-virtualized guest in the secure world might be cheaper. Again it
depends on the use-case, and you'll have to measure it, if performance
is such an issue.
Regards
Stefan
>
> Thanks in advance
>
> Regards
> Praveen,
> IIT Madras
>
>
> On Mon, Sep 22, 2014 at 8:37 PM, Praveen B <srinivasprv at ...9...
> <mailto:srinivasprv at ...9...>> wrote:
>
> Norman,
> Thank you for the reply.
>
>
> On Mon, Sep 22, 2014 at 3:25 PM, Stefan Kalkowski
> <stefan.kalkowski at ...1...
> <mailto:stefan.kalkowski at ...1...>> wrote:
>
> Hi,
>
> On 09/22/2014 08:26 AM, Praveen B wrote:
> > Hi
> >
> > We are able to run Genode-14.08 on i.MX6 board.
> > Now I am planning to add support for virtualization for Genode on i.MX6.
> >
> > As the processor is Cortex-A9, it does not have virtualization
> > extensions. So I am planning to implement a hypervisor to run
> > para-virtualized linux, similar to the one proposed in the following paper,
> > http://systems.cs.columbia.edu/archive/pub/2014/03/kvm-arm-the-design-and-implementation-of-the-linux-arm-hypervisor/
>
> The paper you're refering to doesn't use a para-virtualization
> approach,
> but uses hardware assisted virtualization.
>
>
> I'm sorry. That was wrong link.
> The paper
> is, http://systems.cs.columbia.edu/archive/pub/2010/07/kvm-for-arm/
>
>
>
> >
> > I am not sure that would work for ARMv7 as they have only tested for
> > ARMv5. Can you suggest any other para-virtualization solutions preferred
> > for the implementation of Genode. I saw L4Linux but it is a port of
> > linux to L4Re and not to the kernel itself. On the other hand,
> > SierraVisor and Xen are bare metal hypervisors.
>
> You're right vanilla L4Linux is tied to L4Re, but we've a port of
> L4Linux that runs on Genode, but on Fiasco.OC only.
> Alternatively, if
> one instance of Linux is enough for your scenario, you might use the
> normal world of TrustZone to ease up para-virtualization, as you
> don't
> have to implement CPU virtualization on your own, but other devices
> only. The third alternative of course is to para-virtualize
> Linux from
> scratch.
>
>
> We will use the first option, that is, L4Linux with Genode on Fiasco.OC.
> Thank you
>
> Regards
> Praveen
>
>
> >
> > The road map for Genode 14.11 says virtualization support for Cortex-A7.
> > I assume you will be using virtualization extensions and not a
> > para-virtualization solution.
>
> Yes, we're planning to support hardware-assisted virtualization,
> although it should be called Cortex-A15 instead of Cortex-A7.
> Nevertheless, the difference should be negligible.
>
> >
> > Can you suggest which is the best place to start. Should I implement a
> > VMM similar to tz_vmm server or should it be implemented in base-hw as
> > VMM should be in supevisor mode and not user mode.
>
> If you're planning to build a para-virtualized solution on your
> own, I
> would strongly recommend to follow the spirit of Genode's
> microkernel
> based architecture. To minimize the trusted computing base (TCB)
> of all
> applications, the kernel shouldn't include code that is used
> just by a
> corner-case (para-virtualization) application. Instead use the
> scheme of
> having the virtual machine monitor within the user-mode.
> Thereby, the
> VMM might be linked together with the para-virtualized VM, like
> it is
> done in the L4Linux approach, or you change to a disjunct VMM task
> whenever the VM traps.
>
> Regards
> Stefan
>
> >
> > Regards
> > Praveen Srinivas
> > M.Tech 2nd Year,
> > CSE, IIT Madras
> >
> >
> >
> ------------------------------------------------------------------------------
> > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI
> DSS Reports
> > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White
> paper
> > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog
> Analyzer
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ · http://genode.org/
>
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS
> Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
>
>
>
>
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
More information about the users
mailing list