roots
/
wiki
mirror of https://github.com/PhyllomeOS/wiki.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Various clean-ups, additions 

Refactoring of the home page. Adding a page for virtual machine monitors.
This commit is contained in:
lukas 2024-01-28 17:21:40 +01:00
parent b0827ec21a
commit fb251ea7ef
11 changed files with 165 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
getstarted/windows11.md
View File

@ -8,8 +8,10 @@ editor: markdown
dateCreated: 2023-05-19T17:24:19.852Z
---
# Windows
# Windows 11
## Resources
Windows requires Secureboot to be set up.
## Resources
* https://kevinlocke.name/bits/2021/12/10/windows-11-guest-virtio-libvirt/

2
virt/vm/display.md → gofurther/display.md
View File

@ -18,7 +18,7 @@ A virtual display can be attached to a virtual machine. It is a must-have for no
The [Simple DirectMedia Layer](https://www.libsdl.org/) (SDL)-powered display is a local-only low-latency display.
> The SDL display is only avalable with virtual machines created using the QEMU/KVM **User Session**.
> The SDL display is only avalable with virtual machines created using the QEMU/KVM **User Session**
{.is-info}
> Mouse grab does not currently work with the SDL display

63
home.md
View File

@ -26,18 +26,18 @@ In this wiki, you will find guides about [how to install](#install) and [use](#g
*How to install Phyllome OS*
- [Prepare your computer](/deploy/prepare)
- [Prepare the target computer](/deploy/prepare)
- [Create an installation medium](/deploy/medium)
- [Install from a USB flash drive](/deploy/install)
- [Installation](/deploy/install)
## Get started
*How to deploy common operating systems inside Phyllome OS*
*How to deploy your favorite operating systems inside Phyllome OS*
### Unix-like
- [Install](/getstarted/install-guest) a Linux guest system using an ISO file
- [Automatically deploy](/getstarted/virt-install) an RPM-based guest system with `virt-install` and a kickstart file
- [Install](/getstarted/install-guest) a Linux distribution using an ISO file
- [Automatically provision](/getstarted/virt-install) a Linux distribution using a kickstart file
### Windows NT
@ -48,54 +48,57 @@ In this wiki, you will find guides about [how to install](#install) and [use](#g
*Go further with Phyllome OS*
- [Use Phyllome OS as a live system](/gofurther/live)
- [Resize](/gofurther/resize) an existing virtual disk
- [Encrypt](/gofurther/encrypt) a directory containing virtual disk images
- [Share a directory](/gofurther/virtiofs) with a guest using `virtiofs`
- [Share an input device](/gofurther/evdev) with a guest using `evdev`
- [Configure](/gofurther/vfio-mdev) `vfio-mdev`
- [Resize](/gofurther/resize) a virtual disk
- [Encrypt](/gofurther/encrypt) a directory
- [Share a directory](/gofurther/virtiofs) with a guest using *virtiofs*
- [Share an input device](/gofurther/evdev) with a guest using *evdev*
- [Leverage](/gofurther/vfio-mdev) *vfio-mdev* to create multiple vGPUs
- [Leverage other display options](/virt/vm/display)
## References
## Technical references
*Information about technologies used by Phyllome OS*
*Information about related technologies*
- [A very short history](/virt/history) of virtualization
- [Lexicon](/virt/lexicon)
- [External resources](/virt/resources)
### Guest operating systems
- [Guest operating systems support](/virt/guest.md)
### The host operating system
### Virtualization software
- [KVM-driven virtual machine monitors](/virt/host/vmms)
- [Linux Kernel modules](/virt/host/modules) related to virtualization
- [Virtualization-related paths](/virt/host/paths) on Phyllome OS
- [A libvirt XML file](/virt/host/xml) commented
- [A libvirt XML file](/virt/host/xml)
### (Virtual) hardware
### Virtual machine hardware
- [Chipsets](/virt/vm/chipset)
- [Firmware](/virt/vm/firmware)
- [Display devices](/virt/vm/display)
- [Graphic cards](/virt/vm/graphic-card)
- [Virtual I/O devices](/virt/vm/virtio) (`virtio`)
- [Virtual I/O (virtio) devices](/virt/vm/virtio)
## About Phyllome OS
- [A very short history](/virt/history) of virtualization
- [Context](/phyllomeos/context)
- [Purpose](/phyllomeos/purpose)
- [Roadmap](/phyllomeos/roadmap)
- [How to contribute](/project/contribute)
- [How to join](/project/join)
- [Current infrastructure](/project/infrastructure)
- [Guest operating systems support](/virt/guest.md)
- [Software bill of materials](/phyllomeos/sbom)
- [Security](/phyllomeos/security)
- [FAQ](/phyllomeos/faq)
### Public presence
### About the project
- **The website**: https://phyllo.me
- **This wiki**: https://wiki.phyllo.me
- **The issue board**: [https://kanboard.phyllo.me](https://kanboard.phyllo.me/b/CH7qd98J2v7egmodk/development)
- **GitHub's repositories**: https://github.com/PhyllomeOS
- [How to contribute](/project/contribute)
- [How to join](/project/join)
- [Current infrastructure](/project/infrastructure)
---
**The website**: https://phyllo.me
**This wiki**: https://wiki.phyllo.me
**The issue board**: [https://kanboard.phyllo.me](https://kanboard.phyllo.me/b/CH7qd98J2v7egmodk/development)
**The forge**: https://git.phyllo.me

22
phyllomeos/security.md
View File

@ -13,25 +13,21 @@ dateCreated: 2022-01-31T12:35:54.544Z
> *Phyllome OS is currently in alpha stage. It should not be used to store any sensitive data*
{.is-warning}
Phyllome OS is a Fedora Remix and as such directly inherits every single security measures in place for Fedora-related distributions, such as SELinux. It also brings some unique security-related features.
Phyllome OS is a Fedora Remix that will eventually inherit security measures in place in Fedora.
* **Unique security-related features**
* Unprivileged virtual machines with `qemu:///session`, by default
* Filesystem-level encryption with `fscrypt`
* Minimal sets of applications by default
* **Planned features**
* Unattended installation of security updates
* `systemd` hardening
* `gnome-shell` hardening
* The Cloud Hypervisor for `vfio-pci`
It also intends to bring some unique security-related features:
- Unprivileged virtual machines creation with `qemu:///session`, by default
- Filesystem-level encryption with `fscrypt`
- Minimal set of applications
- Unattended installation of security updates
- Alternative virtual machine monitors like the Cloud Hypervisor
## Features
### Data at-rest encryption
Currently, Phyllome OS does **not** provide any kind of encryption by default at the host level.
It provides early support for Filesystem-level encryption, which is just one line of defense.
Currently, Phyllome OS does ***not*** provide any kind of encryption by default at the host level.
For any virtual disks that will contain personal data, users are strongly advised to use full-disk encryption as provided by their guest operating system.

30
virt/guest.md
View File

@ -8,15 +8,17 @@ editor: markdown
dateCreated: 2022-01-12T14:25:25.960Z
---
# Guest operating system
# Guest operating systems support
> Phyllome OS 🤎 other operating systems. It is meant to be a cozy platform for almost any modern operating systems to thrive.
Although Phyllome OS would like to support as many operating systems as possible, it mainly focuses on modern, UEFI-compatible operating systems that are shipping with at least some support for `virtio` devices.
Although Phyllome OS would like to support as many operating systems as possible, it mainly focuses on modern, UEFI-compatible operating systems that are shipping with at least some support for [virtio devices](/virt/lexicon#paravirtualization).
## Category of operating systems
As of today, without accounting for Linux distributions, there are dozens of production-ready operating systems. There are two families of operating systems that dominate this space, the Unix family and the Windows family. Everything else will be categorized as independent.
As of today, without accounting for Linux distributions, there are dozens of production-ready operating systems.
That being said, there are two families of operating systems that dominate this space, the Unix family and the Windows family. Everything else will be categorized as independent.
### UNIX-family
@ -49,17 +51,17 @@ When it comes to its longevity and number of variants, the UNIX family is by far
| | Linux | Darwin | Windows |
| :- | :-: | :-: | :-: |
| *Chipset* | `i440fx` `Q35` `virt` | `Q35` | `i440fx` `Q35` `virt` |
| *Platform firmware* | [`SeaBIOS`](/virt/vm/firmware#seabios) [`OVMF`](/virt/vm/firmware#ovmf) [`RHF`](/virt/vm/firmware#rust-hypervisor-firmware) [^1] | [`OVMF`](/virt/vm/firmware#ovmf) | [`SeaBIOS`](/virt/vm/firmware#seabios) [`OVMF`](/virt/vm/firmware#ovmf) [`RHF`](/virt/vm/firmware#rust-hypervisor-firmware) |
| *`virtio-gpu`* | **Yes** | No | No |
| *`virtio-video`* | *Upcoming* | No | No |
| *`virtio-snd`* | *Upcoming* | No | No |
| *`virtio-blk`* | **Yes** | **Yes** | **Yes** |
| *`virtio-scsi`* | **Yes** | No | **Yes** |
| *`virtio-fs`* | **Yes** | No | **Yes** |
| *`virtio-net`* | **Yes** | **Yes** | **Yes** |
| *`virtio-keyboard`* | **Yes** | No | **Yes** |
| *`virtio-tablet`* | **Yes** | No | **Yes** |
| *Chipset* | i440fx, Q35, virt | Q35 | i440fx, Q35, virt |
| *Platform firmware* | [SeaBIOS](/virt/vm/firmware#seabios) [OVMF](/virt/vm/firmware#ovmf) [RHF](/virt/vm/firmware#rust-hypervisor-firmware) [^1] | [OVMF](/virt/vm/firmware#ovmf) | [SeaBIOS](/virt/vm/firmware#seabios) [OVMF](/virt/vm/firmware#ovmf) [RHF](/virt/vm/firmware#rust-hypervisor-firmware) |
| *virtio-gpu* | **Yes** | No | No |
| *virtio-video* | *Upcoming* | No | No |
| *virtio-snd* | *Upcoming* | No | No |
| *virtio-blk* | **Yes** | **Yes** | **Yes** |
| *virtio-scsi* | **Yes** | No | **Yes** |
| *virtio-fs* | **Yes** | No | **Yes** |
| *virtio-net* | **Yes** | **Yes** | **Yes** |
| *virtio-keyboard* | **Yes** | No | **Yes** |
| *virtio-tablet* | **Yes** | No | **Yes** |
[^1]: RHF stands for the Rust Hypervisor Firmware

2
virt/host/paths.md
View File

@ -8,7 +8,7 @@ editor: markdown
dateCreated: 2021-11-13T11:58:19.844Z
---
# Paths on Linux
# Virtualization-related folders on Fedora-related Linux distributions
This page lists where most of the stuff related to virtualization is located on a Linux operating system. This is based on Fedora. But it should be similar for other distributions.

47
virt/host/vmm.md Normal file
View File

@ -0,0 +1,47 @@
# KVM-related virtual machine monitors
The Kernel-based Virtual Machine (KVM) module for Linux can be leveraged by many virtual machine monitors (VMMs) to achieve near native performance.
### QEMU
[QEMU](https://wiki.qemu.org/) is a very popular emulator which can be used alongside to KVM to leverage hardware-assisted acceleration as found in modern CPUs. In this mode, as used as a virtualizer in QEMU lingo, it can run guest code directly on the host CPU.
### crosvm
crosvm is the Chrome OS Virtual Machine Monitor. It is integrated with the Chromium Operating System
### cloud-hypervisor
### firecracker
## Comparaison
See Joplin note under Phyllome OS
| | `QEMU` | `crosvm` | `cloud-hypervisor` |
| :- | :-: | :-: | :-: |
| *Firmware* | [SeaBIOS](/virt/vm/firmware#seabios) / [OVMF](/virt/vm/firmware#ovmf) | [SeaBIOS](/virt/vm/firmware#seabios) / [OVMF](/virt/vm/firmware#ovmf) | Modified [OVMF](/virt/vm/firmware#ovmf) / [RHF](/virt/vm/firmware#rust-hypervisor-firmware) |
| *PS/2 devices* | **Yes** | **Yes** | No |
| *USB Controller* | **Yes** | **Yes** | No |
| *SATA Controller* | No | **Yes** | No |
| *IDE Controller* | **Yes** | No | No |
| *Floppy Controller* | **Yes** | No | No |
| *TPM Support* | No | **Yes** | No? |
| *PCI-Express Bus* | No | **Yes** | **Yes** |
| *PCI Bus* | **Yes** | No? | No? |
| *Virtual Function I/O* | No | **Yes** | **Yes** |
## Resources
QEMU documentation
https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md
https://github.com/firecracker-microvm/firecracker/blob/main/docs/design.md
---
*[**Go to parent page**](https://wiki.phyllo.me/)*

52
virt/lexicon.md
View File

@ -13,13 +13,14 @@ dateCreated: 2021-11-13T11:58:43.776Z
## Table of Contents
1. [*Device*](/virt/lexicon#device)
2. [*Emulator*](/virt/lexicon#emulator)
3. [*Hardware-assisted virtualization*](/virt/lexicon#hardware-assisted-virtualization)
4. [*Hypervisor*](/virt/lexicon#hypervisor)
5. [*Nested-virtualization*](/virt/lexicon#nested-virtualization)
6. [*Paravirtualization*](/virt/lexicon#paravirtualization)
7. [*Virtual machine*](/virt/lexicon#virtual-machine)
8. [*Virtualization*](/virt/lexicon#virtualization)
1. [*Emulator*](/virt/lexicon#emulator)
1. [*Hardware-assisted virtualization*](/virt/lexicon#hardware-assisted-virtualization)
1. [*Firmware*](/virt/lexicon#firmware)
1. [*Hypervisor*](/virt/lexicon#hypervisor)
1. [*Nested-virtualization*](/virt/lexicon#nested-virtualization)
1. [*Paravirtualization*](/virt/lexicon#paravirtualization)
1. [*Virtual machine*](/virt/lexicon#virtual-machine)
1. [*Virtualization*](/virt/lexicon#virtualization)
## Device
@ -28,24 +29,23 @@ Devices are computer components that can be attached to machines. They can be cl
| | Physical hardware | Emulated: model-based | Emulated: paravirtual |
| :- | :-: | :-: | :-: |
| *Design* | Specific | Specific | Generic |
| *Type* | Silicon-based | Software-based | Software-based |
| *Type* | Silicon-based | Software-based | Software-based |
* **Physical**
* **Physical**
* Physical components refer to devices that can be attached to a system. For instance, a dedicated physical graphics card attached to a physical system can be directly attached to a virtual machine, which then becomes responsible for managing it, a technique called *passthrough*. The PCI-SIG standards provide IOMMU-related specifications to allow a host operating system to not have a driver for a particular device[^4] and passthrough the device to the guest. The guest will have a device with nearly native performance, and use the standard vendor's drivers for the device.
* The PCI-SIG standards also provide a way to partition compatible devices using so-called Virtual Functions (VFs). In this case, the host manages the way a physical device is used by the guest. Both host and guest must have specific device drivers. It offers nearly native performance.
* Physical components refer to devices that can be attached to a system. For instance, a dedicated physical graphics card attached to a physical system can be directly attached to a virtual machine, which then becomes responsible for managing it, a technique called *passthrough*. The PCI-SIG standards provide IOMMU-related specifications to allow a host operating system to not have a driver for a particular device[^4] and passthrough the device to the guest. The guest will have a device with nearly native performance, and use the standard vendor's drivers for the device.
* The PCI-SIG standards also provide a way to partition compatible devices using so-called Virtual Functions (VFs). In this case, the host manages the way a physical device is used by the guest. Both host and guest must have specific device drivers. It offers nearly native performance.
[^4]: Thanks to Pasha Tatashin for pointing this out.
* **Emulated**
* **Emulated**
* Model-based
* Model-based emulated hardware are designed after real devices, but are made out of computer code, not silicon. The i440fx and Q35 chipsets[^5] are both instances of emulated hardware. This is the slowest (but most compatible) way to provide a device to a guest. An emulated GPU is not going to be fast enough in an emulated mode to do 3D rendering.
* Model-based emulated hardware are designed after real devices, but are made out of computer code, not silicon. The i440fx and Q35 chipsets[^5] are both instances of emulated hardware. This is the slowest (but most compatible) way to provide a device to a guest. An emulated GPU is not going to be fast enough in an emulated mode to do 3D rendering.
* **Paravirtual**
* Paravirtual
* Paravirtual hardware, also known as paravirtualized Virtual I/O devices or simply virtio, are also made out of computer code. Contrary to emulated hardware, they function as a generic piece of software-based hardware which doesn't replicate a specific hardware component.
* Paravirtual hardware, also known as paravirtualized Virtual I/O devices or simply virtio, are also made out of computer code. Contrary to emulated hardware, they function as a generic piece of software-based hardware which doesn't replicate a specific hardware component.
[^5]: The Q35 chipset, contrary to i440fx, provides a PCI Express (PCIe) bus. Alas, the i440fx, despite its limitations to PCI-only, does support passthrough of PCIe devices, as long as the driver follows suit. Thanks to Stefan Reiter for pointing that out.
@ -57,6 +57,10 @@ QEMU[^1] is a popular emulator that can act as a simulator or virtual machine mo
[^1]: In its [online manual](https://qemu.readthedocs.io/en/latest/about/index.html), QEMU is described as follows: “QEMU is a generic and open source machine emulator and virtualizer. QEMU can be used in several different ways. The most common is for “system emulation”, where it provides a virtual model of an entire machine (CPU, memory and emulated devices) to run a guest OS. In this mode the CPU may be fully emulated, or it may work with a hypervisor such as KVM, Xen, Hax or Hypervisor. Framework to allow the guest to run directly on the host CPU.”
## Firmware
Firmware are software that are tightly integrated with the hardware. Almost all devices are shipping with some kind of firmware associated to it. For instance, motherboards include such programs, which in their case is tasked to properly boot hardware devices such as RAM modules, check their state and make them ready-to-use by an operating system.
## Hardware-assisted virtualization
Hardware-assisted virtualization is a feature of certain computer hardware made to take advantage of virtualization.
@ -75,12 +79,12 @@ The hypervisor and VMM work in tandem with emulators, which provide them virtual
As of 2021, there are two major open-source hypervisor that are both are able to leverage hardware-assisted virtualization:
- **Xen**[^2] (2003-).
- **Kernel-based Virtual Machine module**[^3] (KVM) for Linux (2007-).
- **Xen**[^2] (2003-).
- **Kernel-based Virtual Machine module**[^3] (KVM) for Linux (2007-).
[^2]: Originally developed at Cambridge, Xen was first released in 2003. It is primarily used alongside Linux, although Xen is compatible with other operating systems as well. Interestingly, it can function on hardware that lacks hardware-assisted virtualization. AWS is by far the largest Xen shop, but is slowly shifting towards KVM.
[^3]: The Kernel-based Virtual Machine (KVM) module for Linux was first developed by Qumranet, Inc, a former software company focusing on Desktop virtualization which was later acquired by Red Hat. Qumranet, Inc has also developed the SPICE protocol, which among other things allows for interaction with a guest display machine over a network.
[^3]: The Kernel-based Virtual Machine (KVM) module for Linux was first developed by Qumranet, Inc, a former software company focusing on Desktop virtualization which was later acquired by Red Hat. Qumranet, Inc has also developed the SPICE protocol, which among other things allows for interaction with a guest display machine over a network.
## Nested-virtualization
@ -107,9 +111,11 @@ machines.
There are roughly three types of virtualization:
* **Simulation or emulation**: when a computer is fully emulated and can be made to look like any device to an operating system
* **Partition**: when computer resources are split such that each operating system can only see a subset of available hardware resources
* **Paravirtualization**: when both hardware and software-assisted virtualization is being used. In this case, the guest is aware that it is running in the virtualized environment, and acts accordingly.
- **Simulation or emulation**: when a computer is fully emulated and can be made to look like any device to an operating system
- **Partition**: when computer resources are split such that each operating system can only see a subset of available hardware resources
- **Paravirtualization**: when both hardware and software-assisted virtualization is being used. In this case, the guest is aware that it is running in the virtualized environment, and acts accordingly.
Virtualization is used to better isolate resources on a physical computer and to distribute them across various workloads, enabling better use of resources through consolidation. For instance, with virtualization, multiple operating systems can run concurrently on a physical machine.

27
virt/vm/firmware.md
View File

@ -10,34 +10,37 @@ dateCreated: 2022-01-25T14:50:10.751Z
# Platform firmware
Virtual devices, including virtual chipsets, are shipping alongside platform firmware.
Virtual devices, including virtual chipsets, are shipping alongside platform firmware.
> ***Definition**: Firmware are software that are tightly integrated with the hardware. Almost every devices are shipping with some kind of firmware associated to it. For instance, motherboards include such programs, which in their case is tasked to properly boot hardware devices such as RAM modules, check their state and make them ready-to-use by an operating system*
{.is-info}
## Available platform firmware for virtual machines
## Common platform firmware for virtual machines
### SeaBIOS
[SeaBIOS](https://www.seabios.org/SeaBIOS) is an implementation of a x86 BIOS which relies on [Coreboot](https://www.coreboot.org/) and can be used to boot virtual machines. It is incompatible with UEFI. It is also simpler.
[SeaBIOS](https://www.seabios.org/SeaBIOS) is an implementation of an x86 BIOS which relies on [coreboot](https://www.coreboot.org/). It is used for legacy systems, but also to specialized and cloud optimized guests systems which don't require UEFI.
### OVMF
[OVMF](https://github.com/tianocore/tianocore.github.io/wiki/OVMF), which stands for Open Virtual Machine Firmware, is a UEFI-compatible firmware. It is based on the larger [TianoCore](https://www.tianocore.org/) project, which provides an open-source implementation of a platform firmware that follows UEFI specifications. It is the default method to boot UEFI-based operating systems in a virtual machine.
[OVMF](https://github.com/tianocore/tianocore.github.io/wiki/OVMF), which stands for Open Virtual Machine Firmware, is a UEFI-compatible firmware.
It is based on the [TianoCore](https://www.tianocore.org/) project, which provides an open-source implementation of a platform firmware that follows UEFI specifications.
It is the default method to boot UEFI-based operating systems in a virtual machine.
### Rust Hypervisor Firmware
The [Rust Hypervisor Firmware](https://github.com/cloud-hypervisor/rust-hypervisor-firmware) (RHF) is a UEFI-compatible firmware. It is focused on simplicity and performance and is designed for virtual workloads. It is tightly integrated with the Cloud Hypervisor.
The [Rust Hypervisor Firmware](https://github.com/cloud-hypervisor/rust-hypervisor-firmware) (RHF) is a UEFI-compatible firmware. It is focused on simplicity and performance and is designed to run cloud-centric operating systems.
## Comparison
It is developed alongside the Cloud Hypervisor.
## Supported features
| | SeaBIOS | OVMF | RHF |
| :-- | :-: | :-: | :-: |
| *BIOS* | **Yes** | No | No |
| *UEFI* | No | **Yes** | **Yes** |
| *Secureboot* | No | **Yes** | **Yes** |
| *Chipset support* | [`i440fx`](/virt/vm/chipset#i440fx) / [`Q35`](/virt/vm/chipset#q35) | [`i440fx`](/virt/vm/chipset#i440fx) / [`Q35`](/virt/vm/chipset#q35) | [`Q35`](/virt/vm/chipset#q35)? / [`virt`](/virt/vm/chipset#virt) |
| *Guest support* | **Linux** / **Windows** | **Linux** / **Darwin** / **Windows** | **Linux** / **Windows** |
| *Secure Boot* | No | **Yes** | ? |
| *Chipset* | [i440fx](/virt/vm/chipset#i440fx), [Q35](/virt/vm/chipset#q35) | [i440f](/virt/vm/chipset#i440fx), [Q35](/virt/vm/chipset#q35) | [virt](/virt/vm/chipset#virt) |
| *Guests* | **Linux**, **Windows** | **Linux**, **Darwin**, **Windows** | **Linux**, **Windows** |
| *Virtual Function I/O (VFIO)* | No | **Yes** | **Yes** |
---

14
virt/vm/graphic-card.md
View File

@ -10,19 +10,19 @@ dateCreated: 2021-11-13T17:52:22.554Z
# Graphic cards
Phyllome leverages 3D acceleration within guest operating systems extensively, in three different modes depending on the situation.
Phyllome leverages 3D acceleration within guest operating systems extensively, in three different modes depending on the context.
* **vfio-pci** : Passing through a complete physical Graphical Processing Unit (GPU) to the guest via the `vfio-pci` driver
* **vfio-mdev** : Sharing a fraction of a compatible physical GPU such as those using [single-root input/output virtualization](https://en.wikipedia.org/wiki/Single-root_input/output_virtualization) (SR-IOV), via the `vfio-mdev` driver
* **vfio-gpu** : Using some capabilities of the host GPU, via the `vfio-gpu` driver, which creates a virtual GPU as is used in Chromium OS and Spectrum OS
* **vfio-pci** : Passing through a physical Graphical Processing Unit (GPU) to the guest via the `vfio-pci` driver
* **vfio-mdev** : Create multiple vGPUs that can then be passed through to multiple guests. It does require a compatible GPU
* **virtio-gpu** : Expose capabilities of the host GPU to the guest via the `virtio-gpu` driver. Compatible with most GPUs but not many guests
| Description | `vfio-pci` | `vfio-mdev` | `vfio-gpu` |
| Description | vfio-pci | vfio-mdev | vfio-gpu |
|---|---|---|---|
| *Performance* | Near-native performance and full features set | Near-native performance and full features set | Degraded performance and limited features set |
| *Guests support* | UNIX and non-UNIX guests | UNIX and non-UNIX guests | Works only on selected UNIX guests |
| *Driver* | No special driver in the guest | No special driver in the guest | Requires a special driver in the guest |
| *Driver* | No specialized driver in the guest | No specialized driver in the guest | A special driver in the guest is required |
| *Number of host GPUs* | Two GPUs in most situations | A single GPU | A single GPU |
| *GPU support* | Mostly GPU agnostic | Recent Intel integrated GPUs and some professional grade Nvidia GPUs | Mostly GPU agnostic |
| *GPU support* | Mostly GPU agnostic | Recent Intel integrated GPUs and some professional-grade Nvidia GPUs. Some consumer GPUs can be unlocked | Mostly GPU agnostic |
---

6
virt/vm/virtio.md
View File

@ -21,12 +21,12 @@ In this section, the focus is oriented towards Virtual I/O Devices (VIRTIO), bet
### Graphical frame buffer
* [`virtio-gpu`](/virt/virtio/snd)
* [`virtio-gpu`](/virt/virtio/gpu)
* Paravirtual GPU that provides a subset of the host GPU capabilities to a guest virtual machine
### Video decoding/encoding
* [`virtio-video`](/virt/virtio/snd)
* [`virtio-video`](/virt/virtio/video)
* Paravirtual video device that provides encoding and decoding capabilities to a guest virtual machine
### Sound
@ -77,7 +77,7 @@ In this section, the focus is oriented towards Virtual I/O Devices (VIRTIO), bet
| *`virtio-wayland`* | No | No | ? |
| *`virtio-console`* | **Yes** | **Yes** | **Yes** |
## Resourcess
## Resources
* Specifications
* [Version 1.0](https://docs.oasis-open.org/virtio/virtio/v1.0/virtio-v1.0.html) of the specification for Virtual I/O Devices