    > Dear all,
    > when running
    >       sudo jailhouse enable configs/qemu-vm.cell
    > I get
    >       JAILHOUSE_ENABLE: Invalid argument
    > The tracing console says
    >       hypervisor/arch/x86/amd_iommu.c:329: returning error -EINVAL
    > meaning that the following condition fails:
    >       327  /* Protect against accidental VT-d configs. */
    >       328  if (!iommu->amd_bdf)
    > Therefore, apparently I have misconfigured some setting about AMD IOMMU.
    > However, looking at the documentation I have not found any AMD-specific 
    > Here is some further information about my configuration:
    > HOST:
    >  - Linux distribution: Ubuntu 16.04.1 LTS
    >  - Linux kernel: 4.4.0-36 x86_64
    >  - Qemu version: 2.7.0
    > GUEST:
    >  - Linux distribution: Linux Mint 18 Sarah
    >  - Linux kernel: 4.4.0-36 x86_64
    >  - Kernel boot param: memmap=66M$0x3b000000
    >  - Run through the following command: qemu-system-x86_64 -machine q35 -m 
1G -enable-kvm -smp 4 -cpu 
host,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+x2apic -drive
    file="Mint.vdi",id=disk,if=none -device ide-hd,drive=disk -serial
    stdio -serial vc -s -net user,hostfwd=tcp::22222-:22 -net nic

    First of all, there is no IOMMU configured in your qemu command line.

I see. BTW, can you please tell me which specific Qemu argument I was
missing ?

-device intel-iommu - see README.

    But then the question is if you re running on an AMD host processor. The
    qemu-vm.cell is pre-configured for an Intel VM with Intel IOMMU

    AMD is a different beast. Patches for IOMMU emulation are on their way
    upstream but not yet complete for use with Jailhouse. Moreover, KVM has
    some bug (or more) when in comes to running Jailhouse as a guest. Fixing
    this is long on my to-do list, but there is too much right now.

    Long story short: better try on an Intel host when you want it inside
    KVM. Running Jailhouse natively on AMD should be fine again (no known
    issues ATM).

I understand. Therefore, I'm going to use Intel.

However, let me point out that the documentation
at https://github.com/siemens/jailhouse is measleading as it says "The
included system configuration *qemu-vm.c* can be used to run Jailhouse
in QEMU/KVM virtual machine on x86 hosts (*Intel and AMD are supported*).".

Yeah, indeed. We'll have to fix it, one way or the other.
I feel, we should at least split Qemu configs for Intel and AMD-based hosts. It also makes sense to add some notes regrading issues related to nested virtualization to the README.



