Virtio On Xen

From Xen

VirtIO on the Xen Hypervisor

There are three separate development approaches within the Xen community towards building support for enabling use of VirtIO device drivers in guest virtual machines with the Xen hypervisor, and a fourth older completed GSOC project. Work on the active approaches is proceeding on the xen-devel public mailing list.

Placeholder names have been assigned to each of these approaches for ease of reference in this page:

  • VirtIO-MMIO
  • VirtIO-Grant
  • VirtIO-Argo

In addition, Linaro has a project 'Stratos' pursuing: "Establish virtio as the standard interface between hypervisors, freeing a mobile, industrial or automotive platform to migrate between hypervisors and reuse the backend implementation."

The Stratos project teleconference calls are open.

VirtIO-MMIO: enabling existing VirtIO-MMIO transport on Xen, using foreign mappings and an IOREQ server

Development by EPAM and others, with focus on Xen on Arm platforms. Contact: Oleksandr Tyshchenko

Enables use of the existing standardized VirtIO-MMIO transport driver, which is present in the mainline Linux kernel, using Xen's IOREQ emulation infrastructure and use of privileged foreign mappings to establish shared memory for access to guest data by the device model backend.

Status: Support for ARM in the Xen 4.17 release. This includes support in the toolstack (xl / libxl), booting via dom0less DT, as well as a Linux frontend, and a custom userspace backend, virtio-disk

VirtIO on Xen hypervisor (Arm), Oleksandr Tyshchenko, EPAM, Linaro Connect 2021:

VirtIO-Grant: introducing a new VirtIO transport driver that uses Xen grants

Developed by SuSE and EPAM, presented at the Xen Design and Developer Summit 2021 and 2022. Contact: Juergen Gross, Oleksandr Tyshchenko

A new VirtIO transport device driver is added to the guest kernel, to translate guest physical addresses into grant references, enabling VirtIO data path communication over mutually-negotiated shared memory regions between the guest virtual machine and the device model backend. Improves isolation as backend does not need privilege over the guest to perform foreign mappings. Grant references are a Xen-specific interface. Design supports driver domains.

Status: Linux frontend work is upstreamed. Patches for qemu and vhost backends available, but not yet upstreamed; after that, need to add toolstack (libxl / xl) support.

VirtIO and Xen with Full Grant Support:

VirtIO-Argo: introducing a new VirtIO transport driver that uses Argo for interdomain communication, supporting isolation and Mandatory Access Control

Design and analysis performed within the OpenXT and Xen communities. Contact: Christopher Clark

A new VirtIO transport device driver is added to the guest kernel to transmit data between the guest domain and the domain hosting the device model via Argo rings: a Hypervisor-Mediated data eXchange protocol where the hypervisor transfers the data, being trusted to strictly adhere to the delivery protocol. Supports stronger isolation properties and enforcement of Mandatory Access Control security policy over interdomain communication. Does not use shared memory between domains. Development of a Hypervisor-agnostic interface for Argo has been proposed and discussed within the Xen community. Design supports driver domains.

Status: Design and analysis published; funding required for development to proceed.

VirtIO-Argo: Documentation at the OpenXT wiki:

VirtIO-Argo Development:

Minutes from the Argo HMX Transport for VirtIO topic call, 14th January 2021:

Xen-devel mailing list post, 30th September 2020 "VirtIO & Argo: a Linux VirtIO transport driver on Xen":

Legacy GSoC projects

Virtio On Xen - Legacy: GSoC