Public bug reported:
TL;DR this is the time to decide to either drop debian/patches/ubuntu
/expose-vmx_qemu64cpu.patch or to update it.
Default nesting issue:
uvt-kvm create --memory 2048 --cpu 4 --disk 16 --password=ubuntu focal-kvm
release=focal arch=amd64 label=daily
Default CPU used is:
<cpu mode='custom' match='exact' check='full'>
<model fallback='forbid'>qemu64</model>
<feature policy='require' name='vmx'/> <-- even has VMX enabled
<feature policy='require' name='x2apic'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='lahf_lm'/>
<feature policy='disable' name='svm'/>
</cpu>
Guest:
uvt-kvm create --disk 5 --machine-type ubuntu --password=ubuntu focal-2nd-lvm
release=focal arch=amd64 label=daily
It comes down to non-loadable module in the lvl1 guest:
$ sudo modprobe kvm_intel
modprobe: ERROR: could not insert 'kvm_intel': Input/output error
Try the same with host-passthrough to check if it is the (default) cpu
type
<cpu mode='host-passthrough' check='none'/>
$ kvm-ok
INFO: /dev/kvm exists
KVM acceleration can be used
<cpu mode='host-model' check='none'/>
Even adapting the qemu64 type to represent the features of Haswell didn't work.
<cpu mode='custom' match='exact' check='full'>
<model fallback='forbid'>qemu64</model>
<feature policy='require' name='vmx'/>
<feature policy='require' name='x2apic'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='lahf_lm'/>
<feature policy='disable' name='svm'/>
<feature policy='require' name='aes'/>
<feature policy='require' name='avx'/>
<feature policy='require' name='avx2'/>
<feature policy='require' name='bmi1'/>
<feature policy='require' name='bmi2'/>
<feature policy='require' name='erms'/>
<feature policy='require' name='fma'/>
<feature policy='require' name='fsgsbase'/>
<feature policy='require' name='invpcid'/>
<feature policy='require' name='movbe'/>
<feature policy='require' name='pcid'/>
<feature policy='require' name='pclmuldq'/>
<feature policy='require' name='popcnt'/>
<feature policy='require' name='rdtscp'/>
<feature policy='require' name='smep'/>
<feature policy='require' name='spec-ctrl'/>
<feature policy='require' name='sse4.1'/>
<feature policy='require' name='sse4.2'/>
<feature policy='require' name='ssse3'/>
<feature policy='require' name='tsc-deadline'/>
<feature policy='require' name='xsave'/>
<feature policy='require' name='ss'/>
<feature policy='require' name='vme'/>
<feature policy='require' name='pat'/>
<feature policy='require' name='rdrand'/>
<feature policy='require' name='f16c'/>
<feature policy='require' name='arat'/>
<feature policy='require' name='tsc_adjust'/>
<feature policy='require' name='umip'/>
<feature policy='require' name='md-clear'/>
<feature policy='require' name='stibp'/>
<feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='xsaveopt'/>
<feature policy='require' name='pdpe1gb'/>
<feature policy='require' name='abm'/>
<feature policy='require' name='ibpb'/>
<feature policy='require' name='amd-ssbd'/>
<feature policy='require' name='skip-l1dfl-vmentry'/>
</cpu>
The reason is that VMX now is set in subfeatures and therefore even with
the same "input" definition the guest looses features.
60a63,68
> tpr_shadow
> vnmi
> flexpriority
> ept
> vpid
> ept_ad
This is just dependent on the userspace stack (qemu upgrade) due to the change:
https://git.qemu.org/?p=qemu.git;a=commit;h=0723cc8a5558c94388db75ae1f4991314914edd3
Even the same commandline will deliver different results:
Eoan vs Focal
E:
-cpu
qemu64,vmx=on,x2apic=on,hypervisor=on,lahf_lm=on,svm=off,aes=on,avx=on,avx2=on,bmi1=on,bmi2=on,erms=on,fma=on,fsgsbase=on,invpcid=on,movbe=on,pcid=on,pclmuldq=on,popcnt=on,rdtscp=on,smep=on,spec-ctrl=on,sse4.1=on,sse4.2=on,ssse3=on,tsc-deadline=on,xsave=on,ss=on,vme=on,pat=on,rdrand=on,f16c=on,arat=on,tsc_adjust=on,umip=on,md-clear=on,stibp=on,arch-capabilities=on,ssbd=on,xsaveopt=on,pdpe1gb=on,abm=on,ibpb=on,amd-ssbd=on
F:
-cpu
qemu64,vmx=on,x2apic=on,hypervisor=on,lahf-lm=on,svm=off,aes=on,avx=on,avx2=on,bmi1=on,bmi2=on,erms=on,fma=on,fsgsbase=on,invpcid=on,movbe=on,pcid=on,pclmulqdq=on,popcnt=on,rdtscp=on,smep=on,spec-ctrl=on,sse4.1=on,sse4.2=on,ssse3=on,tsc-deadline=on,xsave=on,ss=on,vme=on,pat=on,rdrand=on,f16c=on,arat=on,tsc-adjust=on,umip=on,md-clear=on,stibp=on,arch-capabilities=on,ssbd=on,xsaveopt=on,pdpe1gb=on,abm=on,ibpb=on,amd-ssbd=on
Just remaining differences:
-lahf_lm=on
+lahf-lm=on
-pclmuldq=on
+pclmulqdq=on
-tsc_adjust=on
+tsc-adjust=on
=> args renamed
But CPU flags change a lot:
-tpr_shadow
-vnmi
-flexpriority
-ept
-vpid
-ept_ad
Due to the commit above our old Delta in debian/patches/ubuntu/expose-
vmx_qemu64cpu.patch which exposed VMX by default on qemu64 (for ease of
use) isn't working as-is anymore.
We'll need to accept the degradation (to be closer to upstream) or -
this also will be an upgrade regression for some users - fix the bug by
changing it to what was added to the kvm64 type in the commit above.
+ /* VMX features from Cedar Mill/Prescott */
+ .features[FEAT_VMX_ENTRY_CTLS] = VMX_VM_ENTRY_IA32E_MODE,
+ .features[FEAT_VMX_EXIT_CTLS] = VMX_VM_EXIT_ACK_INTR_ON_EXIT,
+ .features[FEAT_VMX_MISC] = MSR_VMX_MISC_ACTIVITY_HLT,
+ .features[FEAT_VMX_PINBASED_CTLS] = VMX_PIN_BASED_EXT_INTR_MASK |
+ VMX_PIN_BASED_NMI_EXITING,
+ .features[FEAT_VMX_PROCBASED_CTLS] =
VMX_CPU_BASED_VIRTUAL_INTR_PENDING |
+ VMX_CPU_BASED_USE_TSC_OFFSETING | VMX_CPU_BASED_HLT_EXITING |
+ VMX_CPU_BASED_INVLPG_EXITING | VMX_CPU_BASED_MWAIT_EXITING |
+ VMX_CPU_BASED_RDPMC_EXITING | VMX_CPU_BASED_RDTSC_EXITING |
+ VMX_CPU_BASED_CR8_LOAD_EXITING | VMX_CPU_BASED_CR8_STORE_EXITING |
+ VMX_CPU_BASED_TPR_SHADOW | VMX_CPU_BASED_MOV_DR_EXITING |
+ VMX_CPU_BASED_UNCOND_IO_EXITING | VMX_CPU_BASED_USE_IO_BITMAPS |
+ VMX_CPU_BASED_MONITOR_EXITING | VMX_CPU_BASED_PAUSE_EXITING,
.xlevel = 0x80000008,
.model_id = "Common KVM processor"
** Affects: qemu (Ubuntu)
Importance: Undecided
Assignee: Christian Ehrhardt (paelzer)
Status: Triaged
** Changed in: qemu (Ubuntu)
Status: New => Triaged
** Changed in: qemu (Ubuntu)
Assignee: (unassigned) => Christian Ehrhardt (paelzer)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868692
Title:
default cpu (qemu64) no more capable of nesting
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1868692/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
