Hi Mr. Kiszka, I have one machine with: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz The setup is win10-> Ubuntu 20 on VMware and I found this while running lscpu: Vulnerability Itlb multihit: KVM: Mitigation: VMX disabled Vulnerability L1tf: Mitigation; PTE Inversion; VMX flush not necessary, SMT disabled
The other machine has Ubuntu 18. Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz Both have virtualization VT-x. I think that I do not simply have access to enabling VT-x from Bios settings. I am thinking of buying a Pi4 and try Jailhouse on real hardware, would that be a good idea? Thanks in advance -----Ursprüngliche Nachricht----- Von: Jan Kiszka <[email protected]> Gesendet: Sonntag, 25. April 2021 12:05 An: Moustafa Noufale <[email protected]>; Ralf Ramsauer <[email protected]>; [email protected] Betreff: Re: [EXT] AW: AW: Inquiry On 25.04.21 11:32, Moustafa Noufale wrote: > Yes, the machine is working and jailhouse is present in the list of Modules. > However, when I run this command: > jailhouse enable /etc/jailhouse/qemu-x86.cell I get on the QEMU side " > Input/output error" > > and on the terminal: > Initializing Jailhouse hypervisor v0.12 (0-g92db71f2-dirty) on CPU 2 > Code location: 0xfffffffff0000050 Using x2APIC > > Then I ran jailhouse hardware check and everything is available, except for: > "Virtualize APIC access MISSING" > Also when running on a native Linux host? This is unusual. What CPU do you have (lscpu)? Jan > Then I tried to figure it out with different ways: > sudo modprobe kvm_amd nested=1 > sudo modprobe kvm_intel enable_apicv=1 > > or editing the kvm.conf file, but with testing with the following command: > cat /sys/module/kvm_intel/parameters/nested > returns Y and it is okay. > cat /sys/module/kvm_intel/parameters/enable_apicv > it returns always N. > > I tried two setups: > 1- Ubuntu 20.1 as a VM on Win10 machine. > 2- Ubuntu 18 as the main host machine. > > Thanks in advance > > -----Ursprüngliche Nachricht----- > Von: Ralf Ramsauer <[email protected]> > Gesendet: Freitag, 23. April 2021 20:40 > An: Moustafa Noufale <[email protected]>; Jan Kiszka > <[email protected]>; [email protected] > Betreff: Re: [EXT] AW: AW: Inquiry > > Hi Moustafa, > > On 23/04/2021 15:04, Moustafa Noufale wrote: >> Hello, >> I would like to thank you for your support and maybe you can give me a >> little help with building "jailhouse.ko" >> I have tried make, make install with and without root in this directory >> "jailhouse-master/driver" and I am not sure if I am following the correct >> procedure. What I have done so far is building an image of a virtual x-86 >> through running ./build-images.sh and I can start it using ./start-qemu.sh. > > Okay - so you did build successfully build your target with jailhouse-images, > and start-qemu.sh gives you a running qemu instance? > > In this case, everything is already installed and in place. The jailhouse > module will already be loaded - you can check that with `lsmod`. > > To enable jailhouse, you can simply check the history of you bash, or have a > look here: > > https://github.com/siemens/jailhouse-images/blob/master/recipes-core/c > ustomizations/files/.bash_history-qemu-amd64 > > HTH, > Ralf > >> What I have understood from the tutorial is that I have to inject >> jailhouse.ko into the kernel and then start the guest. >> Thanks in advance >> Moustafa Noufale >> >> -----Ursprüngliche Nachricht----- >> Von: Ralf Ramsauer <[email protected]> >> Gesendet: Dienstag, 20. April 2021 11:39 >> An: Moustafa Noufale <[email protected]>; Jan Kiszka >> <[email protected]>; [email protected] >> Betreff: Re: AW: Inquiry >> >> Hi, >> >> On 20/04/2021 11:29, Moustafa Noufale wrote: >>> Hi Mr. Kiszka, >>> I have tried to build an image through running "build-images.sh" with and >>> without root access: >>> >>> without root access: >>> >>> Select images to build (space-separated index list): 1 >>> docker: Got permission denied while trying to connect to the Docker daemon >>> socket at unix:///var/run/docker.sock: Post >>> http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create: dial unix >>> /var/run/docker.sock: connect: permission denied. >> >> your local user needs to be in the docker group. >> >>> See 'docker run --help'. >>> >>> With root access: >>> >>> Select images to build (space-separated index list): 1 >>> Error: Running as root - may break certain recipes. >>> Better give a regular user docker access. Set KAS_ALLOW_ROOT=yes to >>> override. >> >> Simply read the error message and follow the instructions: If you want to >> run docker as root, you have to set KAS_ALLOW_ROOT=yes to your environment. >> For good reasons: You shouldn't do that as root. >> >> Anyway, solve the issue by adding your user to the docker group. >> >> Ralf >> >>> >>> I have installed QEMU version 5, KVM 2.2 and enabled nested virtualization. >>> I would really appreciate it, if you could me a hint. >>> Thanks in advance, >>> Moustafa Noufale >>> >>> -----Ursprüngliche Nachricht----- >>> Von: Jan Kiszka <[email protected]> >>> Gesendet: Samstag, 17. April 2021 11:45 >>> An: Moustafa Noufale <[email protected]>; >>> [email protected] >>> Betreff: Re: Inquiry >>> >>> Hi Moustafa, >>> >>> On 16.04.21 10:29, Moustafa Noufale wrote: >>>> >>>> To whom it may concern, >>>> I am a Master student in Rostock University and I am studying >>>> Jailhouse this semester as a Master project and I would like to >>>> gather information about this Hypervisor, as well as I would like >>>> to ask, whether it is possible to install it on an Ubuntu Virtual >>>> Machine? I just need an outline, how I can learn it. I spent today >>>> reading the code on GitHub, but I need more information and appreciate it >>>> if you can help me. >>>> >>> >>> A good starting point for experiments can be the images generated by [1], >>> both for KVM VMs, pure QEMU emulation target or also real boards. >>> Note that emulating target inside a VM will work but using KVM (for x86) >>> may not or is at least fairly slow. I would recommend a native Linux host. >>> >>> Then you will find a lot of presentations on Jailhouse on the internet as >>> well as an (aging) tutorial on how to bring it up on new hardware. >>> >>> Jan >>> >>> [1] https://github.com/siemens/jailhouse-images >>> [2] >>> https://events.static.linuxfound.org/sites/events/files/slides/ELCE2 >>> 0 >>> 1 >>> 6-Jailhouse-Tutorial.pdf [2] >>> https://www.youtube.com/watch?v=7fiJbwmhnRw >>> -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/c029ad37ed324934b2e0aa3f05ad1713%40uni-rostock.de.
