From nobody Mon Feb 9 17:34:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1493039266639454.14408906267374; Mon, 24 Apr 2017 06:07:46 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6A7FCC04BD25; Mon, 24 Apr 2017 13:07:44 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 18AE789F59; Mon, 24 Apr 2017 13:07:44 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5703618523CD; Mon, 24 Apr 2017 13:07:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v3OD7f0w029282 for ; Mon, 24 Apr 2017 09:07:41 -0400 Received: by smtp.corp.redhat.com (Postfix) id 61EC478A3A; Mon, 24 Apr 2017 13:07:41 +0000 (UTC) Received: from mx1.redhat.com (ext-mx03.extmail.prod.ext.phx2.redhat.com [10.5.110.27]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5AF1617136 for ; Mon, 24 Apr 2017 13:07:41 +0000 (UTC) Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4179E80F93 for ; Mon, 24 Apr 2017 13:07:40 +0000 (UTC) Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id v3OD7dYD030314 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 24 Apr 2017 13:07:39 GMT Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0021.oracle.com (8.13.8/8.14.4) with ESMTP id v3OD7c8L030213 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 24 Apr 2017 13:07:38 GMT Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10]) by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id v3OD7aV0029330; Mon, 24 Apr 2017 13:07:37 GMT Received: from nina.dynamic.ziggo.nl (/10.175.173.12) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 24 Apr 2017 06:07:36 -0700 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 6A7FCC04BD25 Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=oracle.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 6A7FCC04BD25 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 4179E80F93 Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=oracle.com Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=wim.ten.have@oracle.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 4179E80F93 From: Wim Ten Have To: Libvirt Development List Date: Mon, 24 Apr 2017 15:06:59 +0200 Message-Id: <20170424130701.12156-2-wim.ten.have@oracle.com> In-Reply-To: <20170424130701.12156-1-wim.ten.have@oracle.com> References: <20170424130701.12156-1-wim.ten.have@oracle.com> X-Source-IP: aserv0021.oracle.com [141.146.126.233] X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 203 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Mon, 24 Apr 2017 13:07:40 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Mon, 24 Apr 2017 13:07:40 +0000 (UTC) for IP:'156.151.31.81' DOMAIN:'userp1040.oracle.com' HELO:'userp1040.oracle.com' FROM:'wim.ten.have@oracle.com' RCPT:'' X-RedHat-Spam-Score: -101.621 (BAYES_50, DCC_REPUT_13_19, RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, RP_MATCHES_RCVD, SPF_PASS, UNPARSEABLE_RELAY, USER_IN_WHITELIST) 156.151.31.81 userp1040.oracle.com 156.151.31.81 userp1040.oracle.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.27 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Cc: Joao Martins , Wim ten Have Subject: [libvirt] [PATCH v4 1/3] libxl: set nestedhvm for mode host-passthrough X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Mon, 24 Apr 2017 13:07:45 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" From: Wim ten Have Xen feature nestedhvm is the option on Xen 4.4+ which enables nested virtualization when mode host-passthrough is applied. nested HVM is enabled by adding below on the target domain; Virtualization on target domain can be disabled by specifying such under feature policy rule on target name; [On Intel (VT-x) architecture] or: [On AMD (AMD-V) architecture] Signed-off-by: Joao Martins Signed-off-by: Wim ten Have --- src/libxl/libxl_conf.c | 39 ++++++++++++++++++++++++++++++++++++++- src/libxl/libxl_conf.h | 1 + src/libxl/libxl_domain.c | 2 +- 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 4bab651..56bc097 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -47,6 +47,7 @@ #include "libxl_utils.h" #include "virstoragefile.h" #include "secret_util.h" +#include "cpu/cpu.h" =20 =20 #define VIR_FROM_THIS VIR_FROM_LIBXL @@ -293,6 +294,7 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf) static int libxlMakeDomBuildInfo(virDomainDefPtr def, libxl_ctx *ctx, + virCapsPtr caps, libxl_domain_config *d_config) { libxl_domain_build_info *b_info =3D &d_config->b_info; @@ -374,6 +376,40 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, def->features[VIR_DOMAIN_FEATURE_ACPI] =3D=3D VIR_TRISTATE_SWITCH_ON); =20 + if (caps && + def->cpu && def->cpu->mode =3D=3D (VIR_CPU_MODE_HOST_PASSTHROU= GH)) { + bool hasHwVirt =3D false; + bool svm =3D false, vmx =3D false; + + if (ARCH_IS_X86(def->os.arch)) { + vmx =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "vmx"); + svm =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "svm"); + hasHwVirt =3D vmx | svm; + } + + if (def->cpu->nfeatures) { + for (i =3D 0; i < def->cpu->nfeatures; i++) { + + switch (def->cpu->features[i].policy) { + + case VIR_CPU_FEATURE_DISABLE: + case VIR_CPU_FEATURE_FORBID: + if ((vmx && STREQ(def->cpu->features[i].name, = "vmx")) || + (svm && STREQ(def->cpu->features[i].name, = "svm"))) + hasHwVirt =3D false; + break; + + case VIR_CPU_FEATURE_FORCE: + case VIR_CPU_FEATURE_REQUIRE: + case VIR_CPU_FEATURE_OPTIONAL: + case VIR_CPU_FEATURE_LAST: + break; + } + } + } + libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt); + } + if (def->nsounds > 0) { /* * Use first sound device. man xl.cfg(5) describes soundhw as @@ -2089,6 +2125,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicspo= rts, virDomainDefPtr def, const char *channelDir LIBXL_ATTR_UNUSED, libxl_ctx *ctx, + virCapsPtr caps, libxl_domain_config *d_config) { libxl_domain_config_init(d_config); @@ -2096,7 +2133,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicspo= rts, if (libxlMakeDomCreateInfo(ctx, def, &d_config->c_info) < 0) return -1; =20 - if (libxlMakeDomBuildInfo(def, ctx, d_config) < 0) + if (libxlMakeDomBuildInfo(def, ctx, caps, d_config) < 0) return -1; =20 if (libxlMakeDiskList(def, d_config) < 0) diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index c653c9f..264df11 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -217,6 +217,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicsport= s, virDomainDefPtr def, const char *channelDir LIBXL_ATTR_UNUSED, libxl_ctx *ctx, + virCapsPtr caps, libxl_domain_config *d_config); =20 static inline void diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c index ea28c93..256cf1d 100644 --- a/src/libxl/libxl_domain.c +++ b/src/libxl/libxl_domain.c @@ -1256,7 +1256,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver, goto cleanup_dom; =20 if (libxlBuildDomainConfig(driver->reservedGraphicsPorts, vm->def, - cfg->channelDir, cfg->ctx, &d_config) < 0) + cfg->channelDir, cfg->ctx, cfg->caps, &d_co= nfig) < 0) goto cleanup_dom; =20 if (cfg->autoballoon && libxlDomainFreeMem(cfg->ctx, &d_config) < 0) --=20 2.9.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list