libxl: set nestedhvm for mode host-passthrough

Xen feature nestedhvm is the option on Xen 4.4+ which enables
nested virtualization when mode host-passthrough is applied.

nested HVM is enabled by adding below on the target domain;
<cpu mode='host-passthrough'/>

Virtualization on target domain can be disabled by specifying
such under feature policy rule on target name;

[On Intel (VT-x) architecture]
<feature policy='disable' name='vmx'/>

or:

[On AMD (AMD-V) architecture]
<feature policy='disable' name='svm'/>

Signed-off-by: Joao Martins <joao.m.martins@oracle.com>
Signed-off-by: Wim ten Have <wim.ten.have@oracle.com>

diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index 4bab651b33d64b112f13ae3762c055158f73be69..56bc097194fd94bf98d840afa8447ae697429f7c 100644 (file)
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -47,6 +47,7 @@
 #include "libxl_utils.h"
 #include "virstoragefile.h"
 #include "secret_util.h"
+#include "cpu/cpu.h"
 
 
 #define VIR_FROM_THIS VIR_FROM_LIBXL
@@ -293,6 +294,7 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf)
 static int
 libxlMakeDomBuildInfo(virDomainDefPtr def,
                       libxl_ctx *ctx,
+                      virCapsPtr caps,
                       libxl_domain_config *d_config)
 {
     libxl_domain_build_info *b_info = &d_config->b_info;
@@ -374,6 +376,40 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
                           def->features[VIR_DOMAIN_FEATURE_ACPI] ==
                           VIR_TRISTATE_SWITCH_ON);
 
+        if (caps &&
+            def->cpu && def->cpu->mode == (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
+            bool hasHwVirt = false;
+            bool svm = false, vmx = false;
+
+            if (ARCH_IS_X86(def->os.arch)) {
+                vmx = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "vmx");
+                svm = virCPUCheckFeature(caps->host.arch, caps->host.cpu, "svm");
+                hasHwVirt = vmx | svm;
+            }
+
+            if (def->cpu->nfeatures) {
+                for (i = 0; i < def->cpu->nfeatures; i++) {
+
+                    switch (def->cpu->features[i].policy) {
+
+                        case VIR_CPU_FEATURE_DISABLE:
+                        case VIR_CPU_FEATURE_FORBID:
+                            if ((vmx && STREQ(def->cpu->features[i].name, "vmx")) ||
+                                (svm && STREQ(def->cpu->features[i].name, "svm")))
+                                hasHwVirt = false;
+                            break;
+
+                        case VIR_CPU_FEATURE_FORCE:
+                        case VIR_CPU_FEATURE_REQUIRE:
+                        case VIR_CPU_FEATURE_OPTIONAL:
+                        case VIR_CPU_FEATURE_LAST:
+                            break;
+                    }
+                }
+            }
+            libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
+        }
+
         if (def->nsounds > 0) {
             /*
              * Use first sound device.  man xl.cfg(5) describes soundhw as
@@ -2089,6 +2125,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
                        virDomainDefPtr def,
                        const char *channelDir LIBXL_ATTR_UNUSED,
                        libxl_ctx *ctx,
+                       virCapsPtr caps,
                        libxl_domain_config *d_config)
 {
     libxl_domain_config_init(d_config);
@@ -2096,7 +2133,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
     if (libxlMakeDomCreateInfo(ctx, def, &d_config->c_info) < 0)
         return -1;
 
-    if (libxlMakeDomBuildInfo(def, ctx, d_config) < 0)
+    if (libxlMakeDomBuildInfo(def, ctx, caps, d_config) < 0)
         return -1;
 
     if (libxlMakeDiskList(def, d_config) < 0)

diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h
index c653c9f7e1d9937d19465c1bdeda850355310e36..264df11a1b476704a15abbaebe142a6ba75c00fd 100644 (file)
--- a/src/libxl/libxl_conf.h
+++ b/src/libxl/libxl_conf.h
@@ -217,6 +217,7 @@ libxlBuildDomainConfig(virPortAllocatorPtr graphicsports,
                        virDomainDefPtr def,
                        const char *channelDir LIBXL_ATTR_UNUSED,
                        libxl_ctx *ctx,
+                       virCapsPtr caps,
                        libxl_domain_config *d_config);
 
 static inline void

diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c
index ea28c93345c57488f37402cfedc9396bfd5f723e..256cf1dc18c03421d2fe4a24d673d7d59821017d 100644 (file)
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -1256,7 +1256,7 @@ libxlDomainStart(libxlDriverPrivatePtr driver,
         goto cleanup_dom;
 
     if (libxlBuildDomainConfig(driver->reservedGraphicsPorts, vm->def,
-                               cfg->channelDir, cfg->ctx, &d_config) < 0)
+                               cfg->channelDir, cfg->ctx, cfg->caps, &d_config) < 0)
         goto cleanup_dom;
 
     if (cfg->autoballoon && libxlDomainFreeMem(cfg->ctx, &d_config) < 0)