On Wed, Nov 28, 2018 at 07:13:05AM -0500, John Ferlan wrote:
>
>
> On 11/28/18 5:02 AM, Daniel P. Berrangé wrote:
> > On Tue, Nov 27, 2018 at 02:15:39PM -0500, John Ferlan wrote:
> >>
> >>
> >> On 11/27/18 12:05 PM, Andrea Bolognani wrote:
> >>> On Mon, 2018-11-26 at 18:38 -0500, John Ferlan wrote:
> >>> [...]
> >>>> +static bool
> >>>> +virQEMUCapsKVMIsNested(void)
> >>>> +{
> >>>> + VIR_AUTOFREE(char *) kConfig = NULL;
> >>>> +
> >>>> + /* Intel, AMD, and s390 related checks */
> >>>> + if ((kConfig = virKModConfig()) &&
> >>>> + (strstr(kConfig, "kvm_intel nested=1") ||
> >>>> + strstr(kConfig, "kvm_amd nested=1") ||
> >>>> + strstr(kConfig, "kvm nested=1")))
> >>>> + return true;
> >>>> + return false;
> >>>> +}
> >>>
> >>> I might be doing it wrong, but I'm pretty sure I've enabled nested
> >>> virtualization properly on my laptop given that I can successfully
> >>> run 'modprobe kvm_intel' inside the L1 guest, and yet I get
> >>>
> >>> # modprobe -c | grep -c nested=1
> >>> 0
> >>>
> >>> both in the L0 host and the L1 guest, so this check doesn't seem
> >>> accurate to me.
> >>>
> >>> Oh, wait, I get it now: 'modprobe -c' doesn't dump the *current* host
> >>> configuration, but the *static* one! So if you enable nested KVM
> >>> support by doing
> >>>
> >>> # modprobe -r kvm_intel
> >>> # modprobe kvm_intel nested=1
> >>>
> >>> like I did, then the check above will not report it as enabled even
> >>> though it is; conversely, if you drop the appropriate config snippet
> >>> in /etc/modprobe.d/ but don't reload the module it will report it as
> >>> enabled even though it's not!
> >>
> >> Ugh, sigh... Yep, I was thinking primarily the static config option
> >> since we had helpers to read. Of course that won't be enough. Joy, more
> >> code to probe... Maybe it is easier to just say - clear your
> >> capabilities cache if you alter that particular kernel value.
> >
> > Surely its already easier just to ask the kernel for the live status
> >
> > $ cat /sys/module/kvm_intel/parameters/nested
> > 1
> >
>
> My commentary was more towards I was hoping to "reuse" the exising kmod
> helpers ;-) before I had thought about or written any code to read the
> live data.
>
> The other "annoying" part is that you have "1" in your output and I have
> "Y" or "N". So much for "consistency".
Actually I just invented that output from memory and got it wrong :)
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
