Message ID | 53F21BF1.4020807@canonical.com |
---|---|
State | New |
Headers | show |
Seems like it ought to be eligible for stable.
On Mon, Aug 18, 2014 at 10:29:53AM -0500, Chris J Arges wrote: > BugLink: http://bugs.launchpad.net/bugs/1329434 > > [Impact] > Using nested KVM on some hypervisors doesn't work. > > [Test Case] > A script to make this easier is posted here: > https://gist.github.com/arges/9d21c6da03a8c10d3980 > > 1) enable nested KVM: > sudo modprobe -r kvm_intel > sudo modprobe kvm_intel nested=1 > cat /sys/module/kvm_intel/parameters/nested > # should say Y > 2) generate an L1 guest and then generate an L2 guest inside the L1 guest > - ensure L1 has enough memory to boot L2 > - if using libvirt you may need to edit the default bridge to use a > different subnet than the L1 guest > 3) boot the L2 guest > 4) L2 guest should boot > > [Fix] > > These three upstream patches needed to be backported to 3.13: > > * 533558bcb69ef28aff81b6ae9acda8943575319f > - This provides necessary code changes to make backporting easier. > However vmx_leave_nested function was not yet added, so that function > modification was dropped. > > * b6b8a1451fc40412c57d10c94b62e22acab28f94 > - This patch is necessary in order to ensure that the L1 guest doesn't > crash with just 696dfd95 applied. I had to remove mpx mentions from the > cherry-pick as that feature hasn't been added yet. > > * 696dfd95ba9838327a7013e5988ff3ba60dcc8c8 > - This patch fixes the issue and was the result of the bisection. The > APIC virtualization features need to be disabled as they cause L2 guests > to not boot depending on the CPU. > > -- > > The following changes since commit 0a985c5524ae9cd5759bb3e8a4679b87b3a9d334: > > nfs: check if gssd is running before attempting to use krb5i auth in > SETCLIENTID call (2014-08-14 07:49:46 -0600) > > are available in the git repository at: > > git://kernel.ubuntu.com/arges/ubuntu-trusty.git lp1329434 > > for you to fetch changes up to 4a27cc2dfd2d562c4bb3aaac459b8e54f3ee6fc9: > > KVM: vmx: disable APIC virtualization in nested guests (2014-08-15 > 15:56:40 -0500) > > ---------------------------------------------------------------- > Jan Kiszka (2): > KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit > KVM: nVMX: Rework interception of IRQs and NMIs > > Paolo Bonzini (1): > KVM: vmx: disable APIC virtualization in nested guests > > arch/x86/include/asm/kvm_host.h | 2 ++ > arch/x86/kvm/vmx.c | 130 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------------------------- > arch/x86/kvm/x86.c | 26 +++++++++++++++++++------- > 3 files changed, 95 insertions(+), 63 deletions(-) Ugg. As much as they can be reviewed these look ok. These need some testing on "not whatever they fix" before we release this. Acked-by: Andy Whitcroft <apw@canonical.com> -apw
On 08/18/2014 09:29 AM, Chris J Arges wrote: > BugLink: http://bugs.launchpad.net/bugs/1329434 > > [Impact] > Using nested KVM on some hypervisors doesn't work. > > [Test Case] > A script to make this easier is posted here: > https://gist.github.com/arges/9d21c6da03a8c10d3980 > > 1) enable nested KVM: > sudo modprobe -r kvm_intel > sudo modprobe kvm_intel nested=1 > cat /sys/module/kvm_intel/parameters/nested > # should say Y > 2) generate an L1 guest and then generate an L2 guest inside the L1 guest > - ensure L1 has enough memory to boot L2 > - if using libvirt you may need to edit the default bridge to use a > different subnet than the L1 guest > 3) boot the L2 guest > 4) L2 guest should boot > > [Fix] > > These three upstream patches needed to be backported to 3.13: > > * 533558bcb69ef28aff81b6ae9acda8943575319f > - This provides necessary code changes to make backporting easier. > However vmx_leave_nested function was not yet added, so that function > modification was dropped. > > * b6b8a1451fc40412c57d10c94b62e22acab28f94 > - This patch is necessary in order to ensure that the L1 guest doesn't > crash with just 696dfd95 applied. I had to remove mpx mentions from the > cherry-pick as that feature hasn't been added yet. > > * 696dfd95ba9838327a7013e5988ff3ba60dcc8c8 > - This patch fixes the issue and was the result of the bisection. The > APIC virtualization features need to be disabled as they cause L2 guests > to not boot depending on the CPU. > > -- > > The following changes since commit 0a985c5524ae9cd5759bb3e8a4679b87b3a9d334: > > nfs: check if gssd is running before attempting to use krb5i auth in > SETCLIENTID call (2014-08-14 07:49:46 -0600) > > are available in the git repository at: > > git://kernel.ubuntu.com/arges/ubuntu-trusty.git lp1329434 > > for you to fetch changes up to 4a27cc2dfd2d562c4bb3aaac459b8e54f3ee6fc9: > > KVM: vmx: disable APIC virtualization in nested guests (2014-08-15 > 15:56:40 -0500) > > ---------------------------------------------------------------- > Jan Kiszka (2): > KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit > KVM: nVMX: Rework interception of IRQs and NMIs > > Paolo Bonzini (1): > KVM: vmx: disable APIC virtualization in nested guests > > arch/x86/include/asm/kvm_host.h | 2 ++ > arch/x86/kvm/vmx.c | 130 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------------------------- > arch/x86/kvm/x86.c | 26 +++++++++++++++++++------- > 3 files changed, 95 insertions(+), 63 deletions(-) > >