From nobody Thu May 15 13:37:06 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1523781292383321.7751315575249; Sun, 15 Apr 2018 01:34:52 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 22A7E4E4C3; Sun, 15 Apr 2018 08:34:51 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D520517D67; Sun, 15 Apr 2018 08:34:50 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 92839180596E; Sun, 15 Apr 2018 08:34:50 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w3C14MoX018670 for ; Wed, 11 Apr 2018 21:04:22 -0400 Received: by smtp.corp.redhat.com (Postfix) id 822A75D6A6; Thu, 12 Apr 2018 01:04:22 +0000 (UTC) Received: from mx1.redhat.com (ext-mx16.extmail.prod.ext.phx2.redhat.com [10.5.110.45]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7C6C45D6A5 for ; Thu, 12 Apr 2018 01:04:22 +0000 (UTC) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0E2F03136300 for ; Thu, 12 Apr 2018 01:04:15 +0000 (UTC) Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 90845217D5; Wed, 11 Apr 2018 21:04:14 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Wed, 11 Apr 2018 21:04:14 -0400 Received: from localhost.localdomain (ip5b40bfaa.dynamic.kabel-deutschland.de [91.64.191.170]) by mail.messagingengine.com (Postfix) with ESMTPA id F0E0D10260; Wed, 11 Apr 2018 21:04:13 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:in-reply-to:message-id:mime-version :references:references:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=TsdwWT/nrWJa0mWJQ6TK+ExJ/frwNc/dXAxJdkMeg Zc=; b=X16pB7FAXQvInlUyqaGmIhpyU8Vz77nNp9m+HwHWnr20swbBmZlBx+8ns yfIwSPWd5qsBjLWuafcl4k9ot5Us74LYypfN2YIG0xgzUe+1UKkbdGYy7nIKmlyl +Mj+OmYjXjRq2Gb6nd46evngmqiCTbTrBoQ91JOQcyQ5IjSk1FFeWTtmf5WFhYiI i+HnrE2+H6u1vUIn6JDVXDoRBjogMEJj4F+avmdSOOuC/Wp4n0ML4p0IodVBd17s vwEyrOUwzwaDp0D6hC6Nw38ZhoEU1nrQMkeLqXXKV4DgwI3lgJ76jy55feeTThPJ rYkRc7yzF06PH9l7QafFvvPDkwPeA== X-ME-Sender: From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= To: libvir-list@redhat.com Date: Thu, 12 Apr 2018 03:03:22 +0200 Message-Id: <8f6473bc3ee5e4020b56ea25fb7705a10f9747c2.1523494984.git-series.marmarek@invisiblethingslab.com> In-Reply-To: References: MIME-Version: 1.0 In-Reply-To: References: X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 12 Apr 2018 01:04:15 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 12 Apr 2018 01:04:15 +0000 (UTC) for IP:'66.111.4.27' DOMAIN:'out3-smtp.messagingengine.com' HELO:'out3-smtp.messagingengine.com' FROM:'marmarek@invisiblethingslab.com' RCPT:'' X-RedHat-Spam-Score: -0.701 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_LOW, SPF_HELO_PASS) 66.111.4.27 out3-smtp.messagingengine.com 66.111.4.27 out3-smtp.messagingengine.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.45 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v7 4/9] libxl: do not enable nested HVM unless global nested_hvm option enabled X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Sun, 15 Apr 2018 08:34:51 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Introduce global libxl option for enabling nested HVM feature, similar to kvm module parameter. This will prevent enabling experimental feature by mere presence of element in domain config, unless explicitly enabled. element may be used to configure other features, like NUMA, or CPUID. Signed-off-by: Marek Marczykowski-G=C3=B3recki Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Jim Fehlig --- Changes since v6: - really allow per-domain override - fix default value in tests Changes since v4: - add nested_hvm option to test_libvirtd_libxl.aug.in and libvirtd_libxl.a= ug - make it possible to override nested_hvm=3D0 with explicit - split xenconfig changes into separate commits Changes since v3: - use config option nested_hvm, instead of requiring explicit entries - title changed from "libxl: do not enable nested HVM by mere presence of element" - xenconfig: don't add since it is implied by presence of element - xenconfig: produce element even when converting on host not supporting vmx/svm, to not lose setting value Changes since v2: - new patch --- src/libxl/libvirtd_libxl.aug | 2 ++ src/libxl/libxl.conf | 8 ++++++++ src/libxl/libxl_conf.c | 12 +++++++++++- src/libxl/libxl_conf.h | 2 ++ src/libxl/test_libvirtd_libxl.aug.in | 1 + tests/libxlxml2domconfigtest.c | 3 +++ 6 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/libxl/libvirtd_libxl.aug b/src/libxl/libvirtd_libxl.aug index b31cc07..58b9af3 100644 --- a/src/libxl/libvirtd_libxl.aug +++ b/src/libxl/libvirtd_libxl.aug @@ -28,12 +28,14 @@ module Libvirtd_libxl =3D let lock_entry =3D str_entry "lock_manager" let keepalive_interval_entry =3D int_entry "keepalive_interval" let keepalive_count_entry =3D int_entry "keepalive_count" + let nested_hvm_entry =3D bool_entry "nested_hvm" =20 (* Each entry in the config is one of the following ... *) let entry =3D autoballoon_entry | lock_entry | keepalive_interval_entry | keepalive_count_entry + | nested_hvm_entry =20 let comment =3D [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \= t\n][^\n]*)?/ . del /\n/ "\n" ] let empty =3D [ label "#empty" . eol ] diff --git a/src/libxl/libxl.conf b/src/libxl/libxl.conf index 264af7c..72825a7 100644 --- a/src/libxl/libxl.conf +++ b/src/libxl/libxl.conf @@ -41,3 +41,11 @@ # #keepalive_interval =3D 5 #keepalive_count =3D 5 + +# Nested HVM default control. In order to use nested HVM feature, this opt= ion +# needs to be enabled, in addition to specifying +# in domain configuration. This can be overridden in domain configuration = by +# explicitly setting inside +# element. +# By default it is disabled. +#nested_hvm =3D 0 diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 2053ed3..9ea3759 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -395,10 +395,12 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, bool hasHwVirt =3D false; bool svm =3D false, vmx =3D false; =20 + /* enable nested HVM only if global nested_hvm option enable i= t and + * host support it*/ if (ARCH_IS_X86(def->os.arch)) { vmx =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "vmx"); svm =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "svm"); - hasHwVirt =3D vmx | svm; + hasHwVirt =3D cfg->nested_hvm && (vmx | svm); } =20 if (def->cpu->nfeatures) { @@ -415,6 +417,11 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, =20 case VIR_CPU_FEATURE_FORCE: case VIR_CPU_FEATURE_REQUIRE: + if ((vmx && STREQ(def->cpu->features[i].name, = "vmx")) || + (svm && STREQ(def->cpu->features[i].name, = "svm"))) + hasHwVirt =3D true; + break; + case VIR_CPU_FEATURE_OPTIONAL: case VIR_CPU_FEATURE_LAST: break; @@ -1758,6 +1765,9 @@ int libxlDriverConfigLoadFile(libxlDriverConfigPtr cf= g, if (virConfGetValueUInt(conf, "keepalive_count", &cfg->keepAliveCount)= < 0) goto cleanup; =20 + if (virConfGetValueBool(conf, "nested_hvm", &cfg->nested_hvm) < 0) + goto cleanup; + ret =3D 0; =20 cleanup: diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index 633ebf5..61f586f 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -88,6 +88,8 @@ struct _libxlDriverConfig { int keepAliveInterval; unsigned int keepAliveCount; =20 + bool nested_hvm; + /* Once created, caps are immutable */ virCapsPtr caps; =20 diff --git a/src/libxl/test_libvirtd_libxl.aug.in b/src/libxl/test_libvirtd= _libxl.aug.in index 63558e5..372a43f 100644 --- a/src/libxl/test_libvirtd_libxl.aug.in +++ b/src/libxl/test_libvirtd_libxl.aug.in @@ -6,3 +6,4 @@ module Test_libvirtd_libxl =3D { "lock_manager" =3D "lockd" } { "keepalive_interval" =3D "5" } { "keepalive_count" =3D "5" } +{ "nested_hvm" =3D "0" } diff --git a/tests/libxlxml2domconfigtest.c b/tests/libxlxml2domconfigtest.c index 9d280e9..2210d58 100644 --- a/tests/libxlxml2domconfigtest.c +++ b/tests/libxlxml2domconfigtest.c @@ -76,6 +76,9 @@ testCompareXMLToDomConfig(const char *xmlfile, if (!(log =3D (xentoollog_logger *)xtl_createlogger_stdiostream(stderr= , XTL_DEBUG, 0))) goto cleanup; =20 + /* for testing nested HVM */ + cfg->nested_hvm =3D true; + /* replace logger with stderr one */ libxl_ctx_free(cfg->ctx); =20 --=20 git-series 0.9.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list