[2019] Core-Scheduling for Virtualization: Where are We? (If We Want It!) by Dario Faggioli

Clever scheduling of virtual CPUs on Symmetric MultiThreaded systems for, among other things, making highly impractical side-channel attacks even more unpractical, is no new idea. Unfortunately, via exploiting L1TF and MDS vulnerabilities in Intel CPUs, impractical is becoming practical!

But, instead than disabling SMT, we can avoid that VM share cores. This is called core-scheduling, and implementing it requires quite some scheduler changes. Nevertheless, work toward that is being done for both KVM and Xen (and other hypervisors have it already).

After an overview of L1TF and MDS, we will see how core-scheduling may help and why it is so tricky to implement (although in different ways) for both KVM and Xen.

We will show numbers from performance evaluation of the currently available implementations. In fact, all this only matters if performance are better than turning SMT off.

---

Dario Faggioli
SUSE
Virtualization Software Engineer

Dario is a Virtualization Software Engineer at SUSE. He's been active in the Open Source virtualization space since ~8 years, mostly on the Xen project, and he's currently a maintainer of the Xen hypervisor scheduler.

Currently, he is also working on KVM, Libvirt, QEMU and other things. His primary focus is on scheduling and on performance evaluation and improvement.

During his Ph.D, he worked on real-time scheduling on Linux, and he's one of the original author of what today is the SCHED_DEADLINE scheduling class.

Since 2010, he has spoke and presented his work at several events and conferences, like Linux Kernel Summit, Linux Plumbers, Xen Project Developers Summit, FOSDEM, LinuxLab and OSPM. Just very recently, he's given technical seminars to Computer Architecture students at Italian universities of Pisa and Modena.