Re: [libvirt] [PATCH v2] qemu: Add check for whether KVM nesting is enabled

On Tue, Nov 27, 2018 at 02:15:39PM -0500, John Ferlan wrote: > > > On 11/27/18 12:05 PM, Andrea Bolognani wrote: >> On Mon, 2018-11-26 at 18:38 -0500, John Ferlan wrote: >> [...] >>> +static bool >>> +virQEMUCapsKVMIsNested(void) >>> +{ >>> + VIR_AUTOFREE(char *) kConfig = NULL; >>> + >>> + /* Intel, AMD, and s390 related checks */ >>> + if ((kConfig = virKModConfig()) && >>> + (strstr(kConfig, "kvm_intel nested=1") || >>> + strstr(kConfig, "kvm_amd nested=1") || >>> + strstr(kConfig, "kvm nested=1"))) >>> + return true; >>> + return false; >>> +} >> >> I might be doing it wrong, but I'm pretty sure I've enabled nested >> virtualization properly on my laptop given that I can successfully >> run 'modprobe kvm_intel' inside the L1 guest, and yet I get >> >> # modprobe -c | grep -c nested=1 >> 0 >> >> both in the L0 host and the L1 guest, so this check doesn't seem >> accurate to me. >> >> Oh, wait, I get it now: 'modprobe -c' doesn't dump the *current* host >> configuration, but the *static* one! So if you enable nested KVM >> support by doing >> >> # modprobe -r kvm_intel >> # modprobe kvm_intel nested=1 >> >> like I did, then the check above will not report it as enabled even >> though it is; conversely, if you drop the appropriate config snippet >> in /etc/modprobe.d/ but don't reload the module it will report it as >> enabled even though it's not! > > Ugh, sigh... Yep, I was thinking primarily the static config option > since we had helpers to read. Of course that won't be enough. Joy, more > code to probe... Maybe it is easier to just say - clear your > capabilities cache if you alter that particular kernel value. Surely its already easier just to ask the kernel for the live status $ cat /sys/module/kvm_intel/parameters/nested 1