On 27.11.2009, at 17:30, Adrian Terranova wrote: > On Fri, Nov 27, 2009 at 11:13 AM, Alexander Graf <agraf@xxxxxxx> wrote: >> >> On 27.11.2009, at 17:01, Adrian Terranova wrote: >> >>> On Thu, Nov 26, 2009 at 12:55 PM, Alexander Graf <agraf@xxxxxxx> wrote: >>>> >>>> On 26.11.2009, at 17:06, Adrian Terranova wrote: >>>> >>>>> Hello, >>>>> >>>>> Looking for a pointer to a working setup of kvm nesting kvm with svm >>>>> extensions working thruout. >>>>> >>>>> I'm working with proxmox - and trying to get a proxmox in a proxmox >>>>> working. KVM is called as follows from the proxmox host. >>>>> >>>>> 31515 ? Sl 27:15 /usr/bin/kvm -monitor >>>>> unix:/var/run/qemu-server/109.mon,server,nowait -vnc >>>>> unix:/var/run/qemu-server/109.vnc,password -pidfile >>>>> /var/run/qemu-server/109.pid -daemonize -usbdevice tablet -name >>>>> proxmoxkvmtest -smp sockets=1,cores=1 -vga cirrus -tdf -k en-us -drive >>>>> file=/mnt/pve/nfsimages/images/109/vm-109-disk-1.raw,if=ide,index=0,boot=on >>>>> -drive file=/var/lib/vz/template/iso/proxmox-ve_1.4-4390.iso,if=ide,index=2,media=cdrom >>>>> -m 512 -net tap,vlan=0,ifname=vmtab109i0,script=/var/lib/qemu-server/bridge-vlan >>>>> -net nic,vlan=0,model=e1000,macaddr=A2:40:B2:EF:69:B8 -id 109 >>>>> -cpuunits 1000 -enable-nesting >>>>> >>>>> The key thing (it appears - is the enable nesting) - the other piece >>>>> that it looks like it needs is a kernel argument to properly enable >>>>> the kvm extensions cause there is no >>>>> >>>>> /dev/kvm >>>>> >>>>> but there is an error in dmesg from the dmesg output / boot console of >>>>> the virtualized kvm instance of the following >>>>> >>>>> [snip from dmesg of first boot] >>>>> ... >>>>> tun: (C) 1999-2004 Max Krasnyansky <maxk@xxxxxxxxxxxx> >>>>> general protection fault: 0000 [1] PREEMPT SMP >>>>> CPU: 0 >>>>> Modules linked in: kvm_amd kvm vzethdev vznetdev simfs vzrst vzcpt tun vzdquota >>>>> vzmon vzdev xt_tcpudp xt_length ipt_ttl xt_tcpmss xt_TCPMSS iptable_mangle iptab >>>>> le_filter xt_multiport xt_limit ipt_tos ipt_REJECT ip_tables x_tables ipv6 ib_is >>>>> er rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi scsi_tran >>>>> sport_iscsi bridge virtio_balloon parport_pc parport floppy psmouse pcspkr serio >>>>> _raw e1000 joydev evdev thermal button processor sg scsi_wait_scan virtio_blk dm >>>>> _mod usbhid hid usb_storage libusual sd_mod sr_mod ide_disk ide_generic ide_cd c >>>>> drom ide_core ata_piix pata_acpi ata_generic libata scsi_mod uhci_hcd usbcore i2 >>>>> c_piix4 i2c_core virtio_pci virtio_ring virtio isofs msdos fat >>>>> Pid: 2914, comm: modprobe Not tainted 2.6.24-8-pve #1 ovz005 >>>>> RIP: 0010:[<ffffffff884532b0>] [<ffffffff884532b0>] :kvm_amd:svm_hardware_enabl >>>>> e+0x80/0xe0 >>>>> RSP: 0018:ffff81001dcb5de8 EFLAGS: 00010006 >>>>> RAX: 0000000000001d01 RBX: 0000000000000010 RCX: 00000000c0000080 >>>>> RDX: 0000000000000000 RSI: ffffffff88458b26 RDI: 0000000000000000 >>>>> RBP: ffff81001d49b240 R08: 0000000000000001 R09: 0000000000000000 >>>>> R10: 0000000000000000 R11: ffffffff88453230 R12: ffffffff88420050 >>>>> R13: ffffffff8845c100 R14: ffffffff8845c100 R15: ffffc200001f8618 >>>>> FS: 00007fe49ff576e0(0000) GS:ffffffff80628000(0000) knlGS:0000000000000000 >>>>> CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b >>>>> ... >>>>> >>>>> More can be found here if you feel really interested >>>>> >>>>> http://www.proxmox.com/forum/showthread.php?t=2675 >>>>> >>>>> trying to figure out what I missed. >>>> >>>> You need to modprobe kvm-amd with the "nested=1" parameter on the host. >>>> >>>> Alex >>> Did that - and get ht following in the guest >>> >>> [snip] >>> more dmesg output ... >>> >>> kvm: Nested Virtualization enabled >>> general protection fault: 0000 [1] PREEMPT SMP >> >> You should get "Nested Virtualization enabled" on the host and the GPF inside the guest. >> >> The fact that you get the GPF tells me that kvm blocked the hardware_enable which is setting a bit in EFER. That's exactly what the enable_nested=1 parameter is supposed to allow. >> >> I don't really know Proxmox or what version of KVM they use. Could you please try something reasonably recent? >> >> Alex > > Alex, > > It works - I was being stupid and setting it in the guest -not the > host - this is what I get now (it just works) Yep, the guest doesn't need any modifications for this to work. So in fact you can even run Xen HVM inside KVM. Hyper-V still breaks, but in theory getting that working is the goal :-). Btw - I'd recommend using nested SVM only with nested paging capable machines. Doing shadow paging on the host and the guest is unbearably slow. Alex-- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
