Hacker News new | past | comments | ask | show | jobs | submit login

Can you explain about paravirtualization?



Yes, instead of using a virtual GPU driver that simulates the behavior of a real device, a paravirtualized driver is a shim that connects a device in the virtualized operating system to a real device on the host.

In summary:

* Full virtualization is a complete, in-software implementation of a device. Early virtualization technology was typically of this nature.

* Paravirtualization typically requires cooperation between the host and the guest, with a special communication layer (in WSL2's case, provided by Hyper-V) between a guest device driver and a host driver.

There are at least two more method of passing a host device through to a VM.

* "GPU passthrough", "PCIe passthrough", or "VFIO passthrough" depending on the source, Microsoft bucks these all and calls this direct device assignment, or DDA. In this mode, the guest OS is given exclusive access to a device or a device hierarchy (defined by the layout of the motherboard itself). This uses the MMU and IOMMU of the host to allow a VM to run a native driver, e.g.: nvidia's CUDA driver, and it will see a real physical device. (Nvidia's driver has historically blocked this by detecting that other parts of the guest OS are virtualized, because from the driver's perspective the device is a real, authentic Nvidia device, but the rest of the OS devices are virtualized and there are ways to detect that.)

* SR-IOV (https://en.wikipedia.org/wiki/Single-root_input/output_virtu...) is a PCI-express native method of splitting a device into virtual functions which can be mapped into a guest. I think the first real use for this was network adapters, which allowed VMs to get 10-40GBps network adapters working at native speeds by passing through virtual functions so that hardware offloading worked. Nvidia supports this on some of their server platforms, with GPUs offering up to 7 or 8 "virtual functions" which allows a single GPU to be partitioned and assigned to separate VMs. Once split up in this fashion though, I think it can be tricky to present the full device as a unified GPU.


Thank you so much for the through explanation.


The name “paravirtualization” is sort of misleading. It has more to do with history of virtualization than anything to do with technical aspects of it. The intention was to separate it from full on emulation, which is much slower. All modern virtualization is paravirtualization, unless you’re trying to emulate something specifically, e.g. develop for an ARM µc on an x64 workstation.

Technically it just means there’s a client & server components and they communicate through some IPC. In this example you’re talking to a GPU driver running on the host, instead of the GPU directly. The communication goes through a VM boundary, the host driver accesses the device, then returns the result through the boundary, once more. You could just as well do all of this via a network socket, it would just be a little slow.

When you “pass-through” a device the guest is talking to it directly, all the host has to do is set up the IOMMU to limit the guest and the device from accessing the host’s or other guests’ memory. Basically VLANs for PCIe and the IOMMU is a firewall.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: