From nobody Thu May 15 04:13:26 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1518131246522743.7702251684685; Thu, 8 Feb 2018 15:07:26 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 150208B103; Thu, 8 Feb 2018 23:07:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D09905D9CD; Thu, 8 Feb 2018 23:07:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8D01A4A470; Thu, 8 Feb 2018 23:07:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w18N1rnW023518 for ; Thu, 8 Feb 2018 18:01:53 -0500 Received: by smtp.corp.redhat.com (Postfix) id 8E5BB60BB6; Thu, 8 Feb 2018 23:01:53 +0000 (UTC) Received: from mx1.redhat.com (ext-mx08.extmail.prod.ext.phx2.redhat.com [10.5.110.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 87B06620B8 for ; Thu, 8 Feb 2018 23:01:51 +0000 (UTC) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 63A1BC059726 for ; Thu, 8 Feb 2018 23:01:50 +0000 (UTC) Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id E488820FDA; Thu, 8 Feb 2018 18:01:49 -0500 (EST) Received: from frontend1 ([10.202.2.160]) by compute7.internal (MEProxy); Thu, 08 Feb 2018 18:01:49 -0500 Received: from localhost.localdomain (ip5b40bfaa.dynamic.kabel-deutschland.de [91.64.191.170]) by mail.messagingengine.com (Postfix) with ESMTPA id 476777E3DF; Thu, 8 Feb 2018 18:01:49 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:in-reply-to:in-reply-to :message-id:references:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=enBnYO7VjIkJ56k1Gn3cVePYsv6yA DGHmNKjjoYZSCY=; b=jCZCMKIRqWiDtrbvYDLZwmm9PGSkPgb4L3iXWCvBECCKt kZt7MzUQAmeKKPdsPLe+MrBkdWOoL9JSAVJu8aUTfItN1r2aEi8rnohFuUGtP+ne UVeFJ3sKl8euQYztKh+NCDXcQwZfkIhbWfpAjfjlFzBNMXWnjAeV5E+J8wylGuTz Yn0PzlZfhewptgee0hBzr/O8lDLmTTOjU1P/iwOAjepVLzMRHBdYx7GamPwgMRFy cCZafhKbEDFUHlBwa6uSDI3hl3pXJK/5pR8szdvYpZ2LVE5vfnzmzHLl/xk8SINj LK9W3CXfLiJdmRYLA0Jh5ZMHWMEGC0hHq4b4IMSEQ== X-ME-Sender: From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= To: libvir-list@redhat.com Date: Thu, 8 Feb 2018 23:58:57 +0100 Message-Id: In-Reply-To: References: In-Reply-To: References: X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 08 Feb 2018 23:01:50 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 08 Feb 2018 23:01:50 +0000 (UTC) for IP:'66.111.4.26' DOMAIN:'out2-smtp.messagingengine.com' HELO:'out2-smtp.messagingengine.com' FROM:'marmarek@invisiblethingslab.com' RCPT:'' X-RedHat-Spam-Score: -0.72 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL) 66.111.4.26 out2-smtp.messagingengine.com 66.111.4.26 out2-smtp.messagingengine.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.32 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v4 4/8] libxl: do not enable nested HVM unless global nested_hvm option enabled X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 08 Feb 2018 23:07:25 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Introduce global libxl option for enabling nested HVM feature, similar to kvm module parameter. This will prevent enabling experimental feature by mere presence of element in domain config, unless explicitly enabled. element may be used to configure other features, like NUMA, or CPUID. Also, adjust xenconfig driver to appropriately translate to/from nestedhvm=3D1. While at it, adjust xenconfig driver to not override def->cpu if already set elsewhere. This will help with adding cpuid support. --- As for xenconfig part, I'm not sure if missing "nestedhvm" option in xl config shouldn't produce element too, to disable nested HVM (as it would be on plain xl). Any preference? Changes since v3: - use config option nested_hvm, instead of requiring explicit entries - title changed from "libxl: do not enable nested HVM by mere presence of element" - xenconfig: don't add since it is implied by presence of element - xenconfig: produce element even when converting on host not supporting vmx/svm, to not lose setting value Changes since v2: - new patch --- src/libxl/libxl.conf | 6 ++++++- src/libxl/libxl_conf.c | 7 ++++++- src/libxl/libxl_conf.h | 2 ++- src/xenconfig/xen_xl.c | 37 +++++++++++------------------------ tests/libxlxml2domconfigtest.c | 3 +++- 5 files changed, 29 insertions(+), 26 deletions(-) diff --git a/src/libxl/libxl.conf b/src/libxl/libxl.conf index 264af7c..0e842c9 100644 --- a/src/libxl/libxl.conf +++ b/src/libxl/libxl.conf @@ -41,3 +41,9 @@ # #keepalive_interval =3D 5 #keepalive_count =3D 5 + +# Nested HVM global control. In order to use nested HVM feature, this opti= on +# needs to be enabled, in addition to specifying +# in domain configuration. +# By default it is disabled. +#nested_hvm =3D 0 diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 66956a7..417ce7c 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -366,7 +366,9 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, return -1; } =20 - if (ARCH_IS_X86(def->os.arch)) { + /* consider host support for nested HVM only if global nested_= hvm + * option enable it */ + if (cfg->nested_hvm && ARCH_IS_X86(def->os.arch)) { vmx =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "vmx"); svm =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu= , "svm"); hasHwVirt =3D vmx | svm; @@ -1699,6 +1701,9 @@ int libxlDriverConfigLoadFile(libxlDriverConfigPtr cf= g, if (virConfGetValueUInt(conf, "keepalive_count", &cfg->keepAliveCount)= < 0) goto cleanup; =20 + if (virConfGetValueBool(conf, "nested_hvm", &cfg->nested_hvm) < 0) + goto cleanup; + ret =3D 0; =20 cleanup: diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h index 8eefe06..e32a5e7 100644 --- a/src/libxl/libxl_conf.h +++ b/src/libxl/libxl_conf.h @@ -88,6 +88,8 @@ struct _libxlDriverConfig { int keepAliveInterval; unsigned int keepAliveCount; =20 + bool nested_hvm; + /* Once created, caps are immutable */ virCapsPtr caps; =20 diff --git a/src/xenconfig/xen_xl.c b/src/xenconfig/xen_xl.c index 6cda305..394cc0d 100644 --- a/src/xenconfig/xen_xl.c +++ b/src/xenconfig/xen_xl.c @@ -170,17 +170,8 @@ xenParseXLOS(virConfPtr conf, virDomainDefPtr def, vir= CapsPtr caps) if (xenConfigGetBool(conf, "nestedhvm", &val, -1) < 0) return -1; =20 - if (val =3D=3D 1) { - virCPUDefPtr cpu; - - if (VIR_ALLOC(cpu) < 0) - return -1; - - cpu->mode =3D VIR_CPU_MODE_HOST_PASSTHROUGH; - cpu->type =3D VIR_CPU_TYPE_GUEST; - def->cpu =3D cpu; - } else if (val =3D=3D 0) { - const char *vtfeature =3D NULL; + if (val !=3D -1) { + const char *vtfeature =3D "vmx"; =20 if (caps && caps->host.cpu && ARCH_IS_X86(def->os.arch)) { if (virCPUCheckFeature(caps->host.arch, caps->host.cpu, "v= mx")) @@ -189,28 +180,24 @@ xenParseXLOS(virConfPtr conf, virDomainDefPtr def, vi= rCapsPtr caps) vtfeature =3D "svm"; } =20 - if (vtfeature) { + if (!def->cpu) { virCPUDefPtr cpu; - if (VIR_ALLOC(cpu) < 0) return -1; =20 - if (VIR_ALLOC(cpu->features) < 0) { - VIR_FREE(cpu); - return -1; - } - - if (VIR_STRDUP(cpu->features->name, vtfeature) < 0) { - VIR_FREE(cpu->features); - VIR_FREE(cpu); - return -1; - } - cpu->features->policy =3D VIR_CPU_FEATURE_DISABLE; - cpu->nfeatures =3D cpu->nfeatures_max =3D 1; cpu->mode =3D VIR_CPU_MODE_HOST_PASSTHROUGH; cpu->type =3D VIR_CPU_TYPE_GUEST; + cpu->nfeatures =3D 0; + cpu->nfeatures_max =3D 0; def->cpu =3D cpu; } + + if (val =3D=3D 0) { + if (virCPUDefAddFeature(def->cpu, + vtfeature, + VIR_CPU_FEATURE_DISABLE) < 0) + return -1; + } } } else { if (xenConfigCopyStringOpt(conf, "bootloader", &def->os.bootloader= ) < 0) diff --git a/tests/libxlxml2domconfigtest.c b/tests/libxlxml2domconfigtest.c index 0105550..f2af286 100644 --- a/tests/libxlxml2domconfigtest.c +++ b/tests/libxlxml2domconfigtest.c @@ -74,6 +74,9 @@ testCompareXMLToDomConfig(const char *xmlfile, if (!(log =3D (xentoollog_logger *)xtl_createlogger_stdiostream(stderr= , XTL_DEBUG, 0))) goto cleanup; =20 + /* for testing nested HVM */ + cfg->nested_hvm =3D true; + /* replace logger with stderr one */ libxl_ctx_free(cfg->ctx); =20 --=20 git-series 0.9.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list