1. Technical Field
The present invention relates generally to communication protocols between a host computer and an input/output (I/O) adapter. More specifically, the present invention provides an implementation for virtualizing resources in a physical I/O adapter. In particular, the present invention provides a method, apparatus, and computer instructions for efficient and flexible sharing of adapter resources among multiple operating system instances.
2. Description of Related Art
A partitioned server is one in which platform firmware, such as a hypervisor, manages multiple partitions (one operating system (OS) instance in each partition) and each partition has allocated resources: processor (processors or portion of a processor), memory, and I/O adapters. An example of platform firmware used in logical partitioned data processing systems is a hypervisor, which is available from International Business Machines Corporation. The hypervisor mediates data movement between partitions to insure that the only data approved by their respective owning partitions are involved.
Existing partitioned servers typically have three access control levels:
(1) Hypervisor level—This level is used to subdivide physical server resources (processor, memory and I/O) into one or more shared resource groups that are allocated to an operating system (OS) instance. This level is referred to as privileged, because it is the only level that can perform physical resource allocation.
(2) OS level—Each OS instance created by the hypervisor executes at this level. An OS instance may only access resources that have been allocated to the OS instance at the hypervisor level. Each OS instance is isolated from other OS instances through hardware and the resource allocations performed at the hypervisor level. The resources allocated to a single OS instance can be further subdivided into one or more shared resource groups that are allocated to an application instance.
(3) Application level—Each application instance created by the OS executes at this level. An application instance can only access resources that have been allocated to the application instance at the OS level. Each application instance is isolated from other application instances through hardware and the resource allocations performed at the OS level.
A problem encountered with using I/O adapters in virtualized systems is an inability of the I/O adapter to share its resources. Currently, I/O adapters provide a single bus space for all memory mapped I/O operations. Currently available I/O adapters do not have a mechanism to configure multiple address spaces per adapter, where (1) each address space is associated to particular access level (hypervisor, OS, and application, respectively); and (2) the I/O adapter in conjunction with virtual memory manager (VMM) provides access isolation between the various OS instances that share the I/O adapter, on different access levels.
Without a direct mechanism for sharing I/O adapters, OS instances do not share an I/O adapter, or, alternatively, they share an I/O adapter by going through an intermediary, such as a hosting partition, hypervisor, or special I/O processor. The inability to share an I/O adapter between OS instances presents several problems, including requiring more I/O slots and adapters per physical server, and high performance I/O adapters may not be fully utilized by a single OS instance. Sharing an I/O adapter through a hosting partition or hypervisor also presents several problems, the most significant being the additional latency added to every I/O operation by going through the intermediary. If the intermediary is in the host (e.g., hosting partition or hypervisor), then the sharing function takes CPU cycles away from the application for each I/O operation. If the intermediary is outboard (e.g., I/O processor), then the sharing function requires an additional card, thus adding cost to the total server solution.
Therefore, it would be advantageous to have a mechanism for the direct sharing of adapter resources among multiple OS instances while the adapter enforces access level validation to the adapter resources.