On Wed, Nov 28, 2018 at 07:13:05AM -0500, John Ferlan wrote:
On 11/28/18 5:02 AM, Daniel P. Berrangé wrote:
On Tue, Nov 27, 2018 at 02:15:39PM -0500, John Ferlan wrote:
On 11/27/18 12:05 PM, Andrea Bolognani wrote:
On Mon, 2018-11-26 at 18:38 -0500, John Ferlan wrote: [...]
+static bool +virQEMUCapsKVMIsNested(void) +{ + VIR_AUTOFREE(char *) kConfig = NULL; + + /* Intel, AMD, and s390 related checks */ + if ((kConfig = virKModConfig()) && + (strstr(kConfig, "kvm_intel nested=1") || + strstr(kConfig, "kvm_amd nested=1") || + strstr(kConfig, "kvm nested=1"))) + return true; + return false; +}
I might be doing it wrong, but I'm pretty sure I've enabled nested virtualization properly on my laptop given that I can successfully run 'modprobe kvm_intel' inside the L1 guest, and yet I get
# modprobe -c | grep -c nested=1 0
both in the L0 host and the L1 guest, so this check doesn't seem accurate to me.
Oh, wait, I get it now: 'modprobe -c' doesn't dump the *current* host configuration, but the *static* one! So if you enable nested KVM support by doing
# modprobe -r kvm_intel # modprobe kvm_intel nested=1
like I did, then the check above will not report it as enabled even though it is; conversely, if you drop the appropriate config snippet in /etc/modprobe.d/ but don't reload the module it will report it as enabled even though it's not!
Ugh, sigh... Yep, I was thinking primarily the static config option since we had helpers to read. Of course that won't be enough. Joy, more code to probe... Maybe it is easier to just say - clear your capabilities cache if you alter that particular kernel value.
Surely its already easier just to ask the kernel for the live status
$ cat /sys/module/kvm_intel/parameters/nested 1
My commentary was more towards I was hoping to "reuse" the exising kmod helpers ;-) before I had thought about or written any code to read the live data.
The other "annoying" part is that you have "1" in your output and I have "Y" or "N". So much for "consistency".
Actually I just invented that output from memory and got it wrong :) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|