APPLIED: [3.13.y stable][trusty][SRU][pull-request] Fix for LP: #1329434

Tim Gardner tim.gardner at canonical.com
Mon Aug 18 20:38:35 UTC 2014


On 08/18/2014 09:29 AM, Chris J Arges wrote:
> BugLink: http://bugs.launchpad.net/bugs/1329434
> 
> [Impact]
> Using nested KVM on some hypervisors doesn't work.
> 
> [Test Case]
> A script to make this easier is posted here:
> https://gist.github.com/arges/9d21c6da03a8c10d3980
> 
> 1) enable nested KVM:
> sudo modprobe -r kvm_intel
> sudo modprobe kvm_intel nested=1
> cat /sys/module/kvm_intel/parameters/nested
> # should say Y
> 2) generate an L1 guest and then generate an L2 guest inside the L1 guest
> - ensure L1 has enough memory to boot L2
> - if using libvirt you may need to edit the default bridge to use a
> different subnet than the L1 guest
> 3) boot the L2 guest
> 4) L2 guest should boot
> 
> [Fix]
> 
> These three upstream patches needed to be backported to 3.13:
> 
> * 533558bcb69ef28aff81b6ae9acda8943575319f
>   - This provides necessary code changes to make backporting easier.
> However vmx_leave_nested function was not yet added, so that function
> modification was dropped.
> 
> * b6b8a1451fc40412c57d10c94b62e22acab28f94
>   - This patch is necessary in order to ensure that the L1 guest doesn't
> crash with just 696dfd95 applied. I had to remove mpx mentions from the
> cherry-pick as that feature hasn't been added yet.
> 
> * 696dfd95ba9838327a7013e5988ff3ba60dcc8c8
>   - This patch fixes the issue and was the result of the bisection. The
> APIC virtualization features need to be disabled as they cause L2 guests
> to not boot depending on the CPU.
> 
> --
> 
> The following changes since commit 0a985c5524ae9cd5759bb3e8a4679b87b3a9d334:
> 
>   nfs: check if gssd is running before attempting to use krb5i auth in
> SETCLIENTID call (2014-08-14 07:49:46 -0600)
> 
> are available in the git repository at:
> 
>   git://kernel.ubuntu.com/arges/ubuntu-trusty.git lp1329434
> 
> for you to fetch changes up to 4a27cc2dfd2d562c4bb3aaac459b8e54f3ee6fc9:
> 
>   KVM: vmx: disable APIC virtualization in nested guests (2014-08-15
> 15:56:40 -0500)
> 
> ----------------------------------------------------------------
> Jan Kiszka (2):
>       KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit
>       KVM: nVMX: Rework interception of IRQs and NMIs
> 
> Paolo Bonzini (1):
>       KVM: vmx: disable APIC virtualization in nested guests
> 
>  arch/x86/include/asm/kvm_host.h |   2 ++
>  arch/x86/kvm/vmx.c              | 130
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------------------------
>  arch/x86/kvm/x86.c              |  26 +++++++++++++++++++-------
>  3 files changed, 95 insertions(+), 63 deletions(-)
> 
> 


-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list