The KVM Backend for VirtualBox
In this presentation, we will share our experience of developing the KVM backend for VirtualBox. It allows VirtualBox to use KVM as a hypervisor and makes the VirtualBox third-party kernel modules unnecessary.
VirtualBox is a vast C++ codebase that implements a full virtualization solution in a cathedral style. It consists of a tightly integrated kernel and userspace part with lots of flexibility to execute code in kernel or userspace depending on the situation. Both components are highly portable across operating systems. This unique architecture predates KVM and is very different from how Qemu interacts with KVM.
Because shipping a third-party hypervisor is more and more problematic on Windows and MacOS, VirtualBox has introduced a new internal abstraction, the Native Execution Manager (NEM). NEM allows using the native virtualization API of the operating system. There are unfinished and experimental NEM backends in the VirtualBox code base for Hyper-V, the Apple Hypervisor Framework and KVM.
Starting from the incomplete KVM backend already present in the VirtualBox code base, we gradually turned it into a fully-featured and stable backend ready for day-to-day use. We will discuss the main challenges we faced in this journey. We will mostly focus on the following two topics:
- Integrating VirtualBox with KVM’s IRQCHIP abstraction to leverage advanced interrupt virtualization features (something that vanilla VirtualBox cannot do),
- Enabling nested virtualization for VirtualBox and the challenges we faced around the KVM API.
As we previously worked extensively on custom hypervisors, we also want to share our constructive thoughts on the KVM API, highlighting its successes, complexities and maybe even starting a discussion on how to simplify it.