Blob Blame Raw
From a99cae3466f0fae8a46c58f4e07ed6b6a481a0a5 Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 22 Jul 2019 18:22:17 +0100
Subject: [PATCH 36/39] target/i386: kvm: Add nested migration blocker only
 when kernel lacks required capabilities

RH-Author: Paolo Bonzini <pbonzini@redhat.com>
Message-id: <20190722182220.19374-16-pbonzini@redhat.com>
Patchwork-id: 89632
O-Subject: [RHEL-8.1.0 PATCH qemu-kvm v3 15/18] target/i386: kvm: Add nested migration blocker only when kernel lacks required capabilities
Bugzilla: 1689269
RH-Acked-by: Peter Xu <zhexu@redhat.com>
RH-Acked-by: Laurent Vivier <lvivier@redhat.com>
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

From: Liran Alon <liran.alon@oracle.com>

Previous commits have added support for migration of nested virtualization
workloads. This was done by utilising two new KVM capabilities:
KVM_CAP_NESTED_STATE and KVM_CAP_EXCEPTION_PAYLOAD. Both which are
required in order to correctly migrate such workloads.

Therefore, change code to add a migration blocker for vCPUs exposed with
Intel VMX or AMD SVM in case one of these kernel capabilities is
missing.

Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Maran Wilson <maran.wilson@oracle.com>
Message-Id: <20190619162140.133674-11-liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 12604092e26cdace44c901bc429e7e4c7c3e0cab)
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
---
 target/i386/kvm.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index aa2d589..0619aba 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -1159,9 +1159,14 @@ int kvm_arch_init_vcpu(CPUState *cs)
                                   !!(c->ecx & CPUID_EXT_SMX);
     }
 
-    if (cpu_has_vmx(env) && !nested_virt_mig_blocker) {
+    if (cpu_has_vmx(env) && !nested_virt_mig_blocker &&
+        ((kvm_max_nested_state_length() <= 0) || !has_exception_payload)) {
         error_setg(&nested_virt_mig_blocker,
-                   "Nested virtualization does not support live migration yet");
+                   "Kernel do not provide required capabilities for "
+                   "nested virtualization migration. "
+                   "(CAP_NESTED_STATE=%d, CAP_EXCEPTION_PAYLOAD=%d)",
+                   kvm_max_nested_state_length() > 0,
+                   has_exception_payload);
         r = migrate_add_blocker(nested_virt_mig_blocker, &local_err);
         if (local_err) {
             error_report_err(local_err);
-- 
1.8.3.1