On 01/28/2018 08:22 PM, Marek Marczykowski-Górecki wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sun, Jan 28, 2018 at 06:23:02PM +0000, BePe wrote:
Hi All,
FYI, and it in case that it can help, I have succesfully installed Qubes 4.0
rc3 in KVM with nested virtualization and iommu enabled.
I had to hack a little bit the qemu intel_iommu.c, but now I have fully
fonctional Qubes 4 (with all the VM in hvm mode).
The VM are not flying but they do work.
I've tried that too, but gave up after few iterations. Can you send
exact modifications to intel_iommu.c? Anything more than this:
http://lists.nongnu.org/archive/html/qemu-devel/2018-01/msg05901.html
?
Also, exact qemu cmdline would help.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlpuMSEACgkQ24/THMrX
1yyRQAf/V0/yeHFrgdrAeF5X/jSAvcFi1QXDKOIG+lM9lebY6VpTuoMEMmPETLnf
Ky/jTXgCICCedAC2KSIFTG6A7dz+gEEVgIof4XjlVbfEow+H41zYOt878gd9QS9+
BfDAPPbNjdirA2fhtC4swCjsFQzdARP1mfPHr7Q4TR+Crfa41qYqYNd4F682bNAF
A2sxQlg+eiEil1NrxvPyC4p/TY+XjociYpZLeZK7oYw/N1HTk75hmccu9mLi1sIa
3r/9yLcwsDaRu9Fyvp+rF3tsGJKVp1xr4iKp/yfLA6IcZTi9BVXbRqiQG1JWBh1d
NR1XRijdC3zJ7RTdclGp1whWPwNiyA==
=xS71
-----END PGP SIGNATURE-----
I was not aware of the patch in the URL you have indic ated, but I have
done something like that to be able to have the QUEBES 4 VM to run.
After that I had to configure the VM using some hints available here :
https://www.berrange.com/posts/2017/02/16/setting-up-a-nested-kvm-guest-for-developing-testing-pci-device-assignment-with-numa
Please find attached the XML file of the VM that is working.
I am using qemu 2.11.
Hope that it will help.
P.S.: Don't take into account the number of network interfaces
configured, I needed it to test assignment of PCI devices (it works also).
-
BePe - From Bamako
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/c9396df1-cc49-0133-6e69-8219da0376ac%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
<domain type='kvm'>
<name>QUBESOS_VM</name>
<uuid>9a398f64-4f46-48f3-8714-33b0e8ff8d25</uuid>
<memory unit='KiB'>20971520</memory>
<currentMemory unit='KiB'>20971520</currentMemory>
<vcpu placement='static'>4</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64' machine='pc-q35-2.11'>hvm</type>
</os>
<features>
<acpi/>
<apic/>
<viridian/>
<kvm>
<hidden state='on'/>
</kvm>
<vmport state='off'/>
<ioapic driver='qemu'/>
</features>
<cpu mode='host-passthrough' check='full'>
<topology sockets='1' cores='4' threads='1'/>
</cpu>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-kvm</emulator>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='Qubes-R4.0-rc3-x86_64.iso'/>
<target dev='sdb' bus='sata'/>
<readonly/>
<address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='QUBESOS_VM.qcow2'/>
<target dev='sdc' bus='sata'/>
<boot order='1'/>
<address type='drive' controller='0' bus='0' target='0' unit='2'/>
</disk>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='dmi-to-pci-bridge'>
<model name='i82801b11-bridge'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1e' function='0x0'/>
</controller>
<controller type='pci' index='2' model='pci-bridge'>
<model name='pci-bridge'/>
<target chassisNr='2'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='3' model='pcie-expander-bus'>
<model name='pxb-pcie'/>
<target busNr='180'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</controller>
<controller type='pci' index='4' model='pcie-expander-bus'>
<model name='pxb-pcie'/>
<target busNr='200'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</controller>
<controller type='pci' index='5' model='pcie-expander-bus'>
<model name='pxb-pcie'/>
<target busNr='220'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='ioh3420'/>
<target chassis='6' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='ioh3420'/>
<target chassis='7' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='ioh3420'/>
<target chassis='8' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='12' model='pcie-expander-bus'>
<model name='pxb-pcie'/>
<target busNr='240'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='ioh3420'/>
<target chassis='13' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x0c' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='ioh3420'/>
<target chassis='14' port='0x0'/>
<address type='pci' domain='0x0000' bus='0x0c' slot='0x01' function='0x0'/>
</controller>
<controller type='usb' index='0' model='nec-xhci'>
<address type='pci' domain='0x0000' bus='0x09' slot='0x00' function='0x0'/>
</controller>
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/>
</controller>
<interface type='direct'>
<mac address='52:54:00:7e:6e:c7'/>
<source dev='enp0s31f6' mode='bridge'/>
<model type='vmxnet3'/>
<link state='up'/>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</interface>
<interface type='network'>
<mac address='52:54:00:7e:6e:d7'/>
<source network='Internal'/>
<model type='vmxnet3'/>
<link state='up'/>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
</interface>
<interface type='network'>
<mac address='52:54:00:7e:6e:e7'/>
<source network='Internal'/>
<model type='vmxnet3'/>
<link state='up'/>
<address type='pci' domain='0x0000' bus='0x08' slot='0x00' function='0x0'/>
</interface>
<interface type='direct'>
<mac address='52:54:00:7e:6e:f7'/>
<source dev='enp0s31f6' mode='bridge'/>
<model type='vmxnet3'/>
<link state='up'/>
<address type='pci' domain='0x0000' bus='0x0d' slot='0x00' function='0x0'/>
</interface>
<interface type='network'>
<mac address='52:54:00:7e:6e:f8'/>
<source network='Internal'/>
<model type='vmxnet3'/>
<link state='up'/>
<address type='pci' domain='0x0000' bus='0x0e' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='mouse' bus='ps2'/>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<sound model='ich6'>
<address type='pci' domain='0x0000' bus='0x0b' slot='0x00' function='0x0'/>
</sound>
<video>
<model type='vga' vram='65536' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='3'/>
</redirdev>
<memballoon model='none'/>
<iommu model='intel'>
<driver intremap='on' caching_mode='on' iotlb='on'/>
</iommu>
</devices>
</domain>
