On 12.06.2025 13:45, Teddy Astie wrote: > In Xen x86, there is the shadow paging that could be used in some cases > (notably with HVM), and is used when HAP is not available. It may also > be used in very specific cases for PV guests. > > With the vast majority of hardware supporting HAP (through EPT or NPT), > it's rarely used in practice for HVM, with most downstream projects > (XenServer, XCP-ng, QubesOS) are compiling-out its support by default. > It also performs very significantly worse than HAP.
Whenever this argument was made, iirc it was in particular George (who was involved in the original work aiui) who kept pointing that such a statement is not generally true, for numbers being workload dependent. > Therefore, it's not very used in production, and unsurprisingly isn't > actively being worked on (most projects being around HAP). Is it not? Feel free to review this 2 year old series (https://lists.xen.org/archives/html/xen-devel/2023-05/msg01140.html), to allow it to finally go in. I'm simply reluctant to do any other work in that area until such earlier work was properly settled. In fact I may have added one or two patches on top in the meantime, but I saw no good reason to even post them, given the state of the series. > One of the issues of Shadow Paging is that it relies on a heavy set of > optimizations, with some of them being effectively obselete > (optimisations based on heuristics designed for more than 20 years old > kernels) or eventually problematic (e.g with modern CPU mitigations e.g > L1TF mitigations). > Most of these optimizations are hard to reason regarding reliability and > security and difficult to debug. Some of these optimizations causes very > subtle issues with TLB refactoring for ASID management rework [1]. > Moreover, it's fair to say performance is no longer the priority for > shadow paging. > > My proposal would be to : > - significantly reduce the complexity of shadow paging by dropping most > of the complex optimizations If such can be proven to have no dramatic effect on performance, maybe. > - consider Shadow Paging as Deprecated I consider this impossible as long as it's still used for PV migration and PV L1TF fallback. In particular ... > > Functional completeness: Yes > > Functional stability: Quirky > > Interface stability: No (as in, may disappear the next release) ... I don't see this as being possible to happen any time soon. Jan > > Security supported: Yes > > Teddy > > [1] > https://lore.kernel.org/xen-devel/9cdb3e67abd01390bcc4cd103ca539d6bf7adbc0.1747312394.git.teddy.as...@vates.tech/ > > > | Vates > > XCP-ng & Xen Orchestra - Vates solutions > > web: https://vates.tech > >
