Muli Ben-Yehuda's journal

November 24, 2008

new IOMMU paper available

Filed under: Uncategorized — Muli Ben-Yehuda @ 8:34 PM

New online for your perusing pleasure: “Direct
Device Assignment for Untrusted Fully-Virtualized Virtual
, by Ben-Ami Yassour, Muli Ben-Yehuda and Orit Wasserman,
IBM Research Report H-0263.

This is a short paper describing and evaluating our work earlier this
year on direct device assignment in KVM, using Intel’s VT-d IOMMU. Not
much new here if you’ve read our other IOMMU papers, but it does make
two contributions. First, it’s the best (and only) available
description (IMHO) of KVM’s direct device assignment code, and second
it’s yet another data point on the relative performance of device
emulation vs. virtual I/O drivers vs. direct device assignment. As
always, comments appreciated. The abstract follows.

The I/O interfaces between a host platform and a guest virtual machine
take one of three forms: either the hypervisor provides the guest with
emulation of hardware devices, or the hypervisor provides virtual I/O
drivers, or the hypervisor assigns a selected subset of the host’s
real I/O devices directly to the guest. Each method has advantages and
disadvantages, but letting VMs access devices directly has a number of
particularly interesting benefits, such as not requiring any guest VM
changes and in theory providing near-native performance.

In an effort to quantify the benefits of direct device access, we have
implemented direct device assignment for untrusted, fully-virtualized
virtual machines in the Linux/KVM environment using Intel’s VT-d
IOMMU. Our implementation required no guest OS changes and—unlike
alternative I/O virtualization approaches—provided near native I/O
performance. In particular, a quantitative comparison of network
performance on a 1GbE network shows that with large-enough messages
direct device access throughput is statistically indistinguishable
from native, albeit with CPU utilization that is slightly higher.


  1. I wish you implemented the sparse bus numbering in Calgary to begin with. So not looking forward to fixing it up. On the other hand, they pay me for it, so I should not complain in this economy…

    Comment by zaitcev — November 24, 2008 @ 8:58 PM | Reply

    • Err, what sparse bus numbering?
      Calgary is pretty much dead, it always amazes me when people actually use it.

      Comment by mulix — November 25, 2008 @ 8:04 AM | Reply

      • It panics instantly on boot with 4 racks, because bus numbers exceed 128.

        Comment by zaitcev — November 25, 2008 @ 6:19 PM

      • Fun stuff. Sorry it fell on you to fix it 😉

        Comment by mulix — November 26, 2008 @ 6:38 PM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: