From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexander Graf Subject: Re: Nested KVM Date: Wed, 24 Dec 2008 10:20:38 +0100 Message-ID: <9F8C73AC-8AEF-48A7-8AC6-3BEEAF348ED9@suse.de> References: <1e16a9ed0812221855i78de14c4p98c047a3908b6884@mail.gmail.com> <1e16a9ed0812230835l11579c23p51511f5e1b9f4760@mail.gmail.com> <1e16a9ed0812232018u1b7af5f4x98bbde49a4dfb9ba@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v930.3) Content-Type: multipart/mixed; boundary=Apple-Mail-4-547651657 Cc: "kvm@vger.kernel.org" To: deshantm@gmail.com Return-path: Received: from ns2.suse.de ([195.135.220.15]:42243 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751548AbYLXJUl (ORCPT ); Wed, 24 Dec 2008 04:20:41 -0500 In-Reply-To: <1e16a9ed0812232018u1b7af5f4x98bbde49a4dfb9ba@mail.gmail.com> Sender: kvm-owner@vger.kernel.org List-ID: --Apple-Mail-4-547651657 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit On 24.12.2008, at 05:18, Todd Deshane wrote: > On Tue, Dec 23, 2008 at 12:04 PM, Alexander Graf > wrote: >> Your KVM kernel module does not like that the guest writes into >> MSR_VM_HSAVE_PA. This is pretty fundamental and should always work >> if you >> build current git kvm kernel modules. Are you sure you're using the >> current >> git modules? Are you using the -enable-nesting option for qemu? >> >> Please try to rmmod everything, take a fresh checkout from git, >> compile it >> and load the module with insmod kvm-amd.ko nested=1. I can't think >> of any >> way this could fail. >> > > OK, so I followed your directions above much more carefully, got the > latest > checkout and insmod'd kvm, kvm-amd nested=1 and watched carefully > to the syslog (dmesg). > > When the kvm_amd module was loaded I get: > > kvm: Nested Virtualization enabled > > Good sign. > > So I booted up a guest with: > > sudo qemu-system-x86_64 -enable-nesting -m 512 -drive > file=/dev/storage/deshantm-desktop,if=virtio,boot=on -drive > file=/dev/storage/deshantm-temp-space,if=virtio -usb -usbdevice tablet > -net nic,macaddr=00:16:3e:16:00:00,model=virtio -net > tap,script=/usr/local/share/qemu-ifup -daemonize -vnc :16 > > I checked /proc/cpuinfo, which showed the svm flag (doesn't show the > svm flag without the -enable-nesting) > > So all looks pretty good. Yep. That looks all pretty good :-). A lot better than before! > > > During the guest boot, some normal looking messages. > Dec 23 22:42:28 amdbox kernel: [15715.578035] device tap0 entered > promiscuous mode > Dec 23 22:42:28 amdbox kernel: [15715.578059] br0: port 2(tap0) > entering learning state > Dec 23 22:42:29 amdbox avahi-daemon[5457]: Registering new address > record for fe80::f01d:36ff:fe6f:597 on tap0.*. > Dec 23 22:42:37 amdbox kernel: [15724.576010] br0: topology change > detected, propagating > Dec 23 22:42:37 amdbox kernel: [15724.576014] br0: port 2(tap0) > entering forwarding state > Dec 23 22:42:38 amdbox kernel: [15725.185009] tap0: no IPv6 routers > present > > > Then, in the guest I run a more simple command: > sudo qemu-system-x86_64 -hda ubuntu-server.img -cdrom install_cd.iso > which produces dmesg in the base as follows: > > Dec 23 22:44:05 amdbox kernel: [15812.088706] __ratelimit: 20 > callbacks suppressed > Dec 23 22:44:05 amdbox kernel: [15812.088710] emulation failed (mmio) > rip ffffffffa0370a11 0f 01 da 0f Ugh. Looks like the emulation part is still broken :-(. Please use the attached patch to disable the emulation optimization for now. Avi, could you please apply that patch for kvm-82 too, so we get something working out? I'll take a closer look at what's broken exactly later on. Alex --Apple-Mail-4-547651657 Content-Disposition: attachment; filename=disable-emulation.patch Content-Type: application/octet-stream; x-unix-mode=0644; name="disable-emulation.patch" Content-Transfer-Encoding: 7bit diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 6577934..8b87869 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1848,7 +1848,7 @@ static int stgi_interception(struct vcpu_svm *svm, struct kvm_run *kvm_run) static int clgi_interception(struct vcpu_svm *svm, struct kvm_run *kvm_run) { - int loopcount = 0; + int loopcount = 100; if (nested_svm_check_permissions(svm)) return 1; --Apple-Mail-4-547651657 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit --Apple-Mail-4-547651657--