From nobody Thu May 15 00:22:36 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1521099662240231.76497527559297; Thu, 15 Mar 2018 00:41:02 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id ED52919CBC4; Thu, 15 Mar 2018 07:41:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5FDC85D77D; Thu, 15 Mar 2018 07:41:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 04D8869E2C; Thu, 15 Mar 2018 07:41:00 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w2E2R77b008657 for ; Tue, 13 Mar 2018 22:27:19 -0400 Received: by smtp.corp.redhat.com (Postfix) id BA5E817C37; Wed, 14 Mar 2018 02:27:07 +0000 (UTC) Received: from mx1.redhat.com (ext-mx06.extmail.prod.ext.phx2.redhat.com [10.5.110.30]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B41735D6A3 for ; Wed, 14 Mar 2018 02:27:07 +0000 (UTC) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7053F2820B for ; Wed, 14 Mar 2018 02:26:59 +0000 (UTC) Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id ECAD020FDD; Tue, 13 Mar 2018 22:26:58 -0400 (EDT) Received: from frontend2 ([10.202.2.161]) by compute7.internal (MEProxy); Tue, 13 Mar 2018 22:26:58 -0400 Received: from localhost.localdomain (ip5b40bfaa.dynamic.kabel-deutschland.de [91.64.191.170]) by mail.messagingengine.com (Postfix) with ESMTPA id 4AA0524038; Tue, 13 Mar 2018 22:26:58 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:in-reply-to:message-id:mime-version :references:references:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=jG42mnEzN5kw9PNSl0lOzYI114MmnvGErZIC9wLM/ 7I=; b=an+gQwrgeII4aRow19xSt4uxp/U4guzqWBRmzwx3D3iEplNPbHOqygydZ gQBiSnDgY3pI3Up7sSzAPNmtZ2gkjlKXSRb1N6qCtWvq+oboAH+O2xv/ZpsL1kKG EUebvtoJOFGc0IBPA9g+EH1uD2M+a8B9xZKFVTvcj9fOv6USCSTEbV9NK33lY2rD DD5PZ3n3E0nNoDEUg5YIf/553naiV7jbpkRQ3TkaT8FrfBpCK4EgmHEA9HfGh7gw A1U7zqRscb/PZiNZTOmdq2+vkegstIkqaxTPbUz/n5lZVFpw011ACckoQdOflDgb nU/5wWP7zKu6aYrHrDYyHXJ6ktHZw== X-ME-Sender: From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= To: libvir-list@redhat.com Date: Wed, 14 Mar 2018 03:26:11 +0100 Message-Id: <54bb4f518c42badbbf52c964c182550b408e68b6.1520994153.git-series.marmarek@invisiblethingslab.com> In-Reply-To: References: MIME-Version: 1.0 In-Reply-To: References: X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 14 Mar 2018 02:26:59 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 14 Mar 2018 02:26:59 +0000 (UTC) for IP:'66.111.4.25' DOMAIN:'out1-smtp.messagingengine.com' HELO:'out1-smtp.messagingengine.com' FROM:'marmarek@invisiblethingslab.com' RCPT:'' X-RedHat-Spam-Score: -0.721 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS) 66.111.4.25 out1-smtp.messagingengine.com 66.111.4.25 out1-smtp.messagingengine.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.30 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v5 4/9] libxl: do not enable nested HVM unless global nested_hvm option enabled X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 15 Mar 2018 07:41:01 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Introduce global libxl option for enabling nested HVM feature, similar to kvm module parameter. This will prevent enabling experimental feature by mere presence of element in domain config, unless explicitly enabled. element may be used to configure other features, like NUMA, or CPUID. Signed-off-by: Marek Marczykowski-G=C3=B3recki Reviewed-by: Daniel P. Berrang=C3=A9 --- Changes since v4: - add nested_hvm option to test_libvirtd_libxl.aug.in and libvirtd_libxl.a= ug - make it possible to override nested_hvm=3D0 with explicit - split xenconfig changes into separate commits Changes since v3: - use config option nested_hvm, instead of requiring explicit entries - title changed from "libxl: do not enable nested HVM by mere presence of element" - xenconfig: don't add since it is implied by presence of element - xenconfig: produce element even when converting on host not supporting vmx/svm, to not lose setting value Changes since v2: - new patch --- src/libxl/libvirtd_libxl.aug | 2 ++ src/libxl/libxl.conf | 8 ++++++++ src/libxl/libxl_conf.c | 12 +++++++++++- src/libxl/libxl_conf.h | 2 ++ src/libxl/test_libvirtd_libxl.aug.in | 1 + tests/libxlxml2domconfigtest.c | 3 +++ 6 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/libxl/libvirtd_libxl.aug b/src/libxl/libvirtd_libxl.aug index b31cc07..58b9af3 100644 --- a/src/libxl/libvirtd_libxl.aug +++ b/src/libxl/libvirtd_libxl.aug @@ -28,12 +28,14 @@ module Libvirtd_libxl =3D let lock_entry =3D str_entry "lock_manager" let keepalive_interval_entry =3D int_entry "keepalive_interval" let keepalive_count_entry =3D int_entry "keepalive_count" + let nested_hvm_entry =3D bool_entry "nested_hvm" =20 (* Each entry in the config is one of the following ... *) let entry =3D autoballoon_entry | lock_entry | keepalive_interval_entry | keepalive_count_entry + | nested_hvm_entry =20 let comment =3D [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \= t\n][^\n]*)?/ . del /\n/ "\n" ] let empty =3D [ label "#empty" . eol ] diff --git a/src/libxl/libxl.conf b/src/libxl/libxl.conf index 264af7c..72825a7 100644 --- a/src/libxl/libxl.conf +++ b/src/libxl/libxl.conf @@ -41,3 +41,11 @@ # #keepalive_interval =3D 5 #keepalive_count =3D 5 + +# Nested HVM default control. In order to use nested HVM feature, this opt= ion +# needs to be enabled, in addition to specifying +# in domain configuration. This can be overridden in domain configuration = by +# explicitly setting inside +# element. +# By default it is disabled. +#nested_hvm =3D 0 diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 9301731..09264ce 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -366,7 +366,9 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, return -1; } =20 - if (ARCH_IS_X86(def->os.arch)) { + /* enable nested HVM only if global nested_hvm option enable i= t and + * host support it*/ + if (cfg->nested_hvm && ARCH_IS_X86(def->os.arch)) { vmx =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "vmx"); svm =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "svm"); hasHwVirt =3D vmx | svm; @@ -386,6 +388,11 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, =20 case VIR_CPU_FEATURE_FORCE: case VIR_CPU_FEATURE_REQUIRE: + if ((vmx && STREQ(def->cpu->features[i].name, = "vmx")) || + (svm && STREQ(def->cpu->features[i].name, = "svm"))) + hasHwVirt =3D true; + break; + case VIR_CPU_FEATURE_OPTIONAL: case VIR_CPU_FEATURE_LAST: break; @@ -1699,6 +1706,9 @@ int libxlDriverConfigLoadFile(libxlDriverConfigPtr cf= g, if (virConfGetValueUInt(conf, "keepalive_count", &cfg->keepAliveCount)= < 0) goto cleanup; =20 + if (virConfGetValueBool(conf, "nested_hvm", &cfg->nested_hvm) < 0) + goto cleanup; + ret =3D 0; =20 cleanup: diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index ce9db26..27cfc1a 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -88,6 +88,8 @@ struct _libxlDriverConfig { int keepAliveInterval; unsigned int keepAliveCount; =20 + bool nested_hvm; + /* Once created, caps are immutable */ virCapsPtr caps; =20 diff --git a/src/libxl/test_libvirtd_libxl.aug.in b/src/libxl/test_libvirtd= _libxl.aug.in index 63558e5..9106abe 100644 --- a/src/libxl/test_libvirtd_libxl.aug.in +++ b/src/libxl/test_libvirtd_libxl.aug.in @@ -6,3 +6,4 @@ module Test_libvirtd_libxl =3D { "lock_manager" =3D "lockd" } { "keepalive_interval" =3D "5" } { "keepalive_count" =3D "5" } +{ "nested_hvm" =3D "1" } diff --git a/tests/libxlxml2domconfigtest.c b/tests/libxlxml2domconfigtest.c index cfbc37c..8819032 100644 --- a/tests/libxlxml2domconfigtest.c +++ b/tests/libxlxml2domconfigtest.c @@ -76,6 +76,9 @@ testCompareXMLToDomConfig(const char *xmlfile, if (!(log =3D (xentoollog_logger *)xtl_createlogger_stdiostream(stderr= , XTL_DEBUG, 0))) goto cleanup; =20 + /* for testing nested HVM */ + cfg->nested_hvm =3D true; + /* replace logger with stderr one */ libxl_ctx_free(cfg->ctx); =20 --=20 git-series 0.9.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list