From patchwork Mon Feb 3 16:12:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tamas K Lengyel X-Patchwork-Id: 11363079 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C0A8F138D for ; Mon, 3 Feb 2020 16:13:29 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A73CE2080D for ; Mon, 3 Feb 2020 16:13:29 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A73CE2080D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iyeKk-0007VW-3N; Mon, 03 Feb 2020 16:12:22 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iyeKi-0007VM-Rr for xen-devel@lists.xenproject.org; Mon, 03 Feb 2020 16:12:20 +0000 X-Inumbo-ID: f2f5c278-469f-11ea-b211-bc764e2007e4 Received: from mga02.intel.com (unknown [134.134.136.20]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id f2f5c278-469f-11ea-b211-bc764e2007e4; Mon, 03 Feb 2020 16:12:18 +0000 (UTC) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Feb 2020 08:12:17 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,398,1574150400"; d="scan'208";a="337726322" Received: from kchen27-mobl.amr.corp.intel.com (HELO localhost.localdomain) ([10.251.20.224]) by fmsmga001.fm.intel.com with ESMTP; 03 Feb 2020 08:12:16 -0800 From: Tamas K Lengyel To: xen-devel@lists.xenproject.org Date: Mon, 3 Feb 2020 08:12:02 -0800 Message-Id: X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v7 0/7] VM forking X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Tamas K Lengyel , Tamas K Lengyel , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Stefano Stabellini , Anthony PERARD , Julien Grall , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The following series implements VM forking for Intel HVM guests to allow for the fast creation of identical VMs without the assosciated high startup costs of booting or restoring the VM from a savefile. JIRA issue: https://xenproject.atlassian.net/browse/XEN-89 The fork operation is implemented as part of the "xl fork-vm" command: xl fork-vm -C -Q By default a fully functional fork is created. The user is in charge however to create the appropriate config file for the fork and to generate the QEMU save file before the fork-vm call is made. The config file needs to give the fork a new name at minimum but other settings may also require changes. The interface also allows to split the forking into two steps: xl fork-vm --launch-dm no \ -p xl fork-vm --launch-dm late \ -C \ -Q \ The split creation model is useful when the VM needs to be created as fast as possible. The forked VM can be unpaused without the device model being launched to be monitored and accessed via VMI. Note however that without its device model running (depending on what is executing in the VM) it is bound to misbehave or even crash when its trying to access devices that would be emulated by QEMU. We anticipate that for certain use-cases this would be an acceptable situation, in case for example when fuzzing is performed of code segments that don't access such devices. Launching the device model requires the QEMU Xen savefile to be generated manually from the parent VM. This can be accomplished simply by connecting to its QMP socket and issuing the "xen-save-devices-state" command. For example using the standard tool socat these commands can be used to generate the file: socat - UNIX-CONNECT:/var/run/xen/qmp-libxl- { "execute": "qmp_capabilities" } { "execute": "xen-save-devices-state", \ "arguments": { "filename": "/path/to/save/qemu_state", \ "live": false} } At runtime the forked VM starts running with an empty p2m which gets lazily populated when the VM generates EPT faults, similar to how altp2m views are populated. If the memory access is a read-only access, the p2m entry is populated with a memory shared entry with its parent. For write memory accesses or in case memory sharing wasn't possible (for example in case a reference is held by a third party), a new page is allocated and the page contents are copied over from the parent VM. Forks can be further forked if needed, thus allowing for further memory savings. A VM fork reset hypercall is also added that allows the fork to be reset to the state it was just after a fork, also accessible via xl: xl fork-vm --fork-reset -p This is an optimization for cases where the forks are very short-lived and run without a device model, so resetting saves some time compared to creating a brand new fork provided the fork has not aquired a lot of memory. If the fork has a lot of memory deduplicated it is likely going to be faster to create a new fork from scratch and asynchronously destroying the old one. The series has been tested with both Linux and Windows VMs and functions as expected. VM forking time has been measured to be 0.0007s, device model launch to be around 1s depending largely on the number of devices being emulated. Fork resets have been measured to be 0.0001s under the optimal circumstances. New in v7: rebasing on staging and minor changes as requested Patches 1-4 can be committed out-of-order Patch 1 is a bugfix in existing code in p2m Patch 2-3 implement changes to make forking possible Patch 4 is a bugfix in mem_sharing Patch 5-6 implements the VM fork and reset operation hypervisor side bits Patch 7 adds the toolstack-side code implementing VM forking and reset Tamas K Lengyel (7): x86/p2m: Allow p2m_get_page_from_gfn to return shared entries x86/hvm: introduce hvm_copy_context_and_params xen/x86: Make hap_get_allocation accessible x86/mem_sharing: use default_access in add_to_physmap xen/mem_sharing: VM forking x86/mem_sharing: reset a fork xen/tools: VM forking toolstack side docs/man/xl.1.pod.in | 36 ++++ tools/libxc/include/xenctrl.h | 13 ++ tools/libxc/xc_memshr.c | 22 ++ tools/libxl/libxl.h | 7 + tools/libxl/libxl_create.c | 256 +++++++++++++++-------- tools/libxl/libxl_dm.c | 2 +- tools/libxl/libxl_dom.c | 43 +++- tools/libxl/libxl_internal.h | 1 + tools/libxl/libxl_types.idl | 1 + tools/xl/xl.h | 5 + tools/xl/xl_cmdtable.c | 12 ++ tools/xl/xl_saverestore.c | 95 +++++++++ tools/xl/xl_vmcontrol.c | 8 + xen/arch/x86/domain.c | 11 + xen/arch/x86/hvm/hvm.c | 255 +++++++++++++---------- xen/arch/x86/mm/hap/hap.c | 3 +- xen/arch/x86/mm/mem_sharing.c | 325 +++++++++++++++++++++++++++++- xen/arch/x86/mm/p2m.c | 25 ++- xen/include/asm-x86/hap.h | 1 + xen/include/asm-x86/hvm/hvm.h | 2 + xen/include/asm-x86/mem_sharing.h | 17 ++ xen/include/public/memory.h | 6 + xen/include/xen/sched.h | 2 + 23 files changed, 938 insertions(+), 210 deletions(-)