From: Wim ten Have <wim.ten.have@oracle.com>
Xen feature nestedhvm is the option on Xen 4.4+ which enables
nested virtualization when mode host-passthrough is applied.
nested HVM is enabled by adding below on the target domain;
<cpu mode='host-passthrough'/>
Virtualization on target domain can be disabled by specifying
such under feature policy rule on target name;
[On Intel (VT-x) architecture]
<feature policy='disable' name='vmx'/>
or:
[On AMD (AMD-V) architecture]
<feature policy='disable' name='svm'/>
Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Signed-off-by: Wim ten Have <wim.ten.have@oracle.com>
---
src/libxl/libxl_conf.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
src/libxl/libxl_conf.h | 2 +-
src/libxl/libxl_domain.c | 2 +-
3 files changed, 43 insertions(+), 7 deletions(-)
diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index f5b788b..31508d6 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -47,6 +47,7 @@
#include "libxl_utils.h"
#include "virstoragefile.h"
#include "secret_util.h"
+#include "cpu/cpu.h"
#define VIR_FROM_THIS VIR_FROM_LIBXL
@@ -292,7 +293,7 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf)
static int
libxlMakeDomBuildInfo(virDomainDefPtr def,
- libxl_ctx *ctx,
+ libxlDriverConfigPtr cfg,
libxl_domain_config *d_config)
{
libxl_domain_build_info *b_info = &d_config->b_info;
@@ -308,7 +309,7 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
libxl_domain_build_info_init_type(b_info, LIBXL_DOMAIN_TYPE_PV);
b_info->max_vcpus = virDomainDefGetVcpusMax(def);
- if (libxl_cpu_bitmap_alloc(ctx, &b_info->avail_vcpus, b_info->max_vcpus))
+ if (libxl_cpu_bitmap_alloc(cfg->ctx, &b_info->avail_vcpus, b_info->max_vcpus))
return -1;
libxl_bitmap_set_none(&b_info->avail_vcpus);
for (i = 0; i < virDomainDefGetVcpus(def); i++)
@@ -374,6 +375,41 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
def->features[VIR_DOMAIN_FEATURE_ACPI] ==
VIR_TRISTATE_SWITCH_ON);
+ if (cfg && def->cpu &&
+ def->cpu->mode == (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
+ bool hasHwVirt = false;
+ bool svm = false, vmx = false;
+ virCapsPtr caps = cfg->caps;
+
+ if (caps && ARCH_IS_X86(def->os.arch)) {
+ vmx = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "vmx");
+ svm = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "svm");
+ hasHwVirt = vmx | svm;
+ }
+
+ if (def->cpu->nfeatures) {
+ for (i = 0; i < def->cpu->nfeatures; i++) {
+
+ switch (def->cpu->features[i].policy) {
+
+ case VIR_CPU_FEATURE_DISABLE:
+ case VIR_CPU_FEATURE_FORBID:
+ if ((vmx && STREQ(def->cpu->features[i].name, "vmx")) ||
+ (svm && STREQ(def->cpu->features[i].name, "svm")))
+ hasHwVirt = false;
+ break;
+
+ case VIR_CPU_FEATURE_FORCE:
+ case VIR_CPU_FEATURE_REQUIRE:
+ case VIR_CPU_FEATURE_OPTIONAL:
+ case VIR_CPU_FEATURE_LAST:
+ break;
+ }
+ }
+ }
+ libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
+ }
+
if (def->nsounds > 0) {
/*
* Use first sound device. man xl.cfg(5) describes soundhw as
@@ -2087,15 +2123,15 @@ int
libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
virDomainDefPtr def,
const char *channelDir LIBXL_ATTR_UNUSED,
- libxl_ctx *ctx,
+ libxlDriverConfigPtr cfg,
libxl_domain_config *d_config)
{
libxl_domain_config_init(d_config);
- if (libxlMakeDomCreateInfo(ctx, def, &d_config->c_info) < 0)
+ if (libxlMakeDomCreateInfo(cfg->ctx, def, &d_config->c_info) < 0)
return -1;
- if (libxlMakeDomBuildInfo(def, ctx, d_config) < 0)
+ if (libxlMakeDomBuildInfo(def, cfg, d_config) < 0)
return -1;
if (libxlMakeDiskList(def, d_config) < 0)
diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h
index c653c9f..7a83669 100644
--- a/src/libxl/libxl_conf.h
+++ b/src/libxl/libxl_conf.h
@@ -216,7 +216,7 @@ int
libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
virDomainDefPtr def,
const char *channelDir LIBXL_ATTR_UNUSED,
- libxl_ctx *ctx,
+ libxlDriverConfigPtr cfg,
libxl_domain_config *d_config);
static inline void
diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c
index 57ec661..562bc67 100644
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -1256,7 +1256,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver,
goto cleanup_dom;
if (libxlBuildDomainConfig(driver->reservedGraphicsPorts, vm->def,
- cfg->channelDir, cfg->ctx, &d_config) < 0)
+ cfg->channelDir, cfg, &d_config) < 0)
goto cleanup_dom;
if (cfg->autoballoon && libxlDomainFreeMem(cfg->ctx, &d_config) < 0)
--
2.9.3
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Wim Ten Have wrote:
> From: Wim ten Have <wim.ten.have@oracle.com>
>
> Xen feature nestedhvm is the option on Xen 4.4+ which enables
> nested virtualization when mode host-passthrough is applied.
>
> nested HVM is enabled by adding below on the target domain;
> <cpu mode='host-passthrough'/>
>
> Virtualization on target domain can be disabled by specifying
> such under feature policy rule on target name;
>
> [On Intel (VT-x) architecture]
> <feature policy='disable' name='vmx'/>
>
> or:
>
> [On AMD (AMD-V) architecture]
> <feature policy='disable' name='svm'/>
>
> Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
> Signed-off-by: Wim ten Have <wim.ten.have@oracle.com>
> ---
> src/libxl/libxl_conf.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
> src/libxl/libxl_conf.h | 2 +-
> src/libxl/libxl_domain.c | 2 +-
> 3 files changed, 43 insertions(+), 7 deletions(-)
>
> diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
> index f5b788b..31508d6 100644
> --- a/src/libxl/libxl_conf.c
> +++ b/src/libxl/libxl_conf.c
> @@ -47,6 +47,7 @@
> #include "libxl_utils.h"
> #include "virstoragefile.h"
> #include "secret_util.h"
> +#include "cpu/cpu.h"
>
>
> #define VIR_FROM_THIS VIR_FROM_LIBXL
> @@ -292,7 +293,7 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf)
>
> static int
> libxlMakeDomBuildInfo(virDomainDefPtr def,
> - libxl_ctx *ctx,
> + libxlDriverConfigPtr cfg,
> libxl_domain_config *d_config)
> {
> libxl_domain_build_info *b_info = &d_config->b_info;
> @@ -308,7 +309,7 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
> libxl_domain_build_info_init_type(b_info, LIBXL_DOMAIN_TYPE_PV);
>
> b_info->max_vcpus = virDomainDefGetVcpusMax(def);
> - if (libxl_cpu_bitmap_alloc(ctx, &b_info->avail_vcpus, b_info->max_vcpus))
> + if (libxl_cpu_bitmap_alloc(cfg->ctx, &b_info->avail_vcpus, b_info->max_vcpus))
> return -1;
> libxl_bitmap_set_none(&b_info->avail_vcpus);
> for (i = 0; i < virDomainDefGetVcpus(def); i++)
> @@ -374,6 +375,41 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
> def->features[VIR_DOMAIN_FEATURE_ACPI] ==
> VIR_TRISTATE_SWITCH_ON);
>
> + if (cfg && def->cpu &&
> + def->cpu->mode == (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
> + bool hasHwVirt = false;
> + bool svm = false, vmx = false;
> + virCapsPtr caps = cfg->caps;
> +
> + if (caps && ARCH_IS_X86(def->os.arch)) {
> + vmx = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "vmx");
> + svm = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "svm");
> + hasHwVirt = vmx | svm;
> + }
> +
> + if (def->cpu->nfeatures) {
> + for (i = 0; i < def->cpu->nfeatures; i++) {
> +
> + switch (def->cpu->features[i].policy) {
> +
> + case VIR_CPU_FEATURE_DISABLE:
> + case VIR_CPU_FEATURE_FORBID:
> + if ((vmx && STREQ(def->cpu->features[i].name, "vmx")) ||
> + (svm && STREQ(def->cpu->features[i].name, "svm")))
> + hasHwVirt = false;
> + break;
> +
> + case VIR_CPU_FEATURE_FORCE:
> + case VIR_CPU_FEATURE_REQUIRE:
> + case VIR_CPU_FEATURE_OPTIONAL:
> + case VIR_CPU_FEATURE_LAST:
> + break;
> + }
> + }
> + }
> + libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
> + }
> +
> if (def->nsounds > 0) {
> /*
> * Use first sound device. man xl.cfg(5) describes soundhw as
> @@ -2087,15 +2123,15 @@ int
> libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
> virDomainDefPtr def,
> const char *channelDir LIBXL_ATTR_UNUSED,
> - libxl_ctx *ctx,
> + libxlDriverConfigPtr cfg,
> libxl_domain_config *d_config)
I replied to your question about this function in the V2 thread. Essentially,
I'd like to see this function changed to
libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
virDomainDefPtr def,
const char *channelDir LIBXL_ATTR_UNUSED,
libxl_ctx *ctx,
virCapsPtr caps,
libxl_domain_config *d_config)
Looks good otherwise!
Regards,
Jim
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
On Thu, 20 Apr 2017 14:28:11 -0600
Jim Fehlig <jfehlig@suse.com> wrote:
> Wim Ten Have wrote:
> > From: Wim ten Have <wim.ten.have@oracle.com>
> >
> > Xen feature nestedhvm is the option on Xen 4.4+ which enables
> > nested virtualization when mode host-passthrough is applied.
> >
> > nested HVM is enabled by adding below on the target domain;
> > <cpu mode='host-passthrough'/>
> >
> > Virtualization on target domain can be disabled by specifying
> > such under feature policy rule on target name;
> >
> > [On Intel (VT-x) architecture]
> > <feature policy='disable' name='vmx'/>
> >
> > or:
> >
> > [On AMD (AMD-V) architecture]
> > <feature policy='disable' name='svm'/>
> >
> > Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
> > Signed-off-by: Wim ten Have <wim.ten.have@oracle.com>
> > ---
> > src/libxl/libxl_conf.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
> > src/libxl/libxl_conf.h | 2 +-
> > src/libxl/libxl_domain.c | 2 +-
> > 3 files changed, 43 insertions(+), 7 deletions(-)
> >
> > diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
> > index f5b788b..31508d6 100644
> > --- a/src/libxl/libxl_conf.c
> > +++ b/src/libxl/libxl_conf.c
> > @@ -47,6 +47,7 @@
> > #include "libxl_utils.h"
> > #include "virstoragefile.h"
> > #include "secret_util.h"
> > +#include "cpu/cpu.h"
> >
> >
> > #define VIR_FROM_THIS VIR_FROM_LIBXL
> > @@ -292,7 +293,7 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf)
> >
> > static int
> > libxlMakeDomBuildInfo(virDomainDefPtr def,
> > - libxl_ctx *ctx,
> > + libxlDriverConfigPtr cfg,
> > libxl_domain_config *d_config)
> > {
> > libxl_domain_build_info *b_info = &d_config->b_info;
> > @@ -308,7 +309,7 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
> > libxl_domain_build_info_init_type(b_info, LIBXL_DOMAIN_TYPE_PV);
> >
> > b_info->max_vcpus = virDomainDefGetVcpusMax(def);
> > - if (libxl_cpu_bitmap_alloc(ctx, &b_info->avail_vcpus, b_info->max_vcpus))
> > + if (libxl_cpu_bitmap_alloc(cfg->ctx, &b_info->avail_vcpus, b_info->max_vcpus))
> > return -1;
> > libxl_bitmap_set_none(&b_info->avail_vcpus);
> > for (i = 0; i < virDomainDefGetVcpus(def); i++)
> > @@ -374,6 +375,41 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
> > def->features[VIR_DOMAIN_FEATURE_ACPI] ==
> > VIR_TRISTATE_SWITCH_ON);
> >
> > + if (cfg && def->cpu &&
> > + def->cpu->mode == (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
> > + bool hasHwVirt = false;
> > + bool svm = false, vmx = false;
> > + virCapsPtr caps = cfg->caps;
> > +
> > + if (caps && ARCH_IS_X86(def->os.arch)) {
> > + vmx = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "vmx");
> > + svm = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "svm");
> > + hasHwVirt = vmx | svm;
> > + }
> > +
> > + if (def->cpu->nfeatures) {
> > + for (i = 0; i < def->cpu->nfeatures; i++) {
> > +
> > + switch (def->cpu->features[i].policy) {
> > +
> > + case VIR_CPU_FEATURE_DISABLE:
> > + case VIR_CPU_FEATURE_FORBID:
> > + if ((vmx && STREQ(def->cpu->features[i].name, "vmx")) ||
> > + (svm && STREQ(def->cpu->features[i].name, "svm")))
> > + hasHwVirt = false;
> > + break;
> > +
> > + case VIR_CPU_FEATURE_FORCE:
> > + case VIR_CPU_FEATURE_REQUIRE:
> > + case VIR_CPU_FEATURE_OPTIONAL:
> > + case VIR_CPU_FEATURE_LAST:
> > + break;
> > + }
> > + }
> > + }
> > + libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
> > + }
> > +
> > if (def->nsounds > 0) {
> > /*
> > * Use first sound device. man xl.cfg(5) describes soundhw as
> > @@ -2087,15 +2123,15 @@ int
> > libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
> > virDomainDefPtr def,
> > const char *channelDir LIBXL_ATTR_UNUSED,
> > - libxl_ctx *ctx,
> > + libxlDriverConfigPtr cfg,
> > libxl_domain_config *d_config)
>
>
> I replied to your question about this function in the V2 thread. Essentially,
> I'd like to see this function changed to
>
> libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
> virDomainDefPtr def,
> const char *channelDir LIBXL_ATTR_UNUSED,
> libxl_ctx *ctx,
> virCapsPtr caps,
> libxl_domain_config *d_config)
>
> Looks good otherwise!
Noticed! And and changing signature adding caps as suggested is
of course doable. I'll prepare PATCH v4 and submit tomorrow.
Regards,
- Wim.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
© 2016 - 2026 Red Hat, Inc.