On Wed, Jun 30, 2021 at 1:19 PM Michael Neises <neisesmichael@gmail.com> wrote:
Peter and Kent,
I did `sudo apt-get install qemu-kvm` and I got an update. I can reboot and do `groups` to verify I'm in the correct group. By this webpage I have that my CPU supports vt-x: https://ark.intel.com/content/www/us/en/ark/products/72164/intel-core-i5-323... When I run `cat /sys/module/kvm_intel/parameters/nested` it outputs 'Y'.
All said, when I enter the Docker container and do: sudo ./simulate --machine q35,accel=kvm,kernel-irqchip=split --mem-size 2G --extra-cpu-opts "+vmx" --extra-qemu-args="-enable-kvm -device intel-iommu,intremap=off -net nic,model=e1000 -net tap,script=no,ifname=tap0"
(or even just ./simulate with the -enable-kvm option added)
I still get this error:
Could not access KVM kernel module: No such file or directory
qemu-system-x86_64: failed to initialize KVM: No such file or directory
By all rights it seems like I have KVM and it's loaded and I have the right permissions. However, if I do `groups` from within the Docker instance, I am not part of the kvm group, and in fact there is apparently no visible kvm group by way of `cat /etc/group | grep kvm`- nor is there a /dev/kvm to speak of. If it's a problem with using Docker, I can try to install the dependencies natively, but I've been there before and it's difficult to maintain.
Docker probably doesn't make the KVM host resources available inside the container by default. This post looks like it may be what you need to do: https://stackoverflow.com/questions/48422001/how-to-launch-qemu-kvm-from-ins... You can still build inside the docker, but running qemu outside of the container should only require installing the qemu dependencies and not all of the build dependencies.
If need be, I can also go back to booting the image on its own machine, but I have really enjoyed the turnover times that simulation allows.
Cheers,
Michael Neises
On Tue, Jun 29, 2021 at 9:18 PM Kent Mcleod <kent.mcleod72@gmail.com> wrote:
On Wed, Jun 30, 2021 at 11:53 AM Michael Neises <neisesmichael@gmail.com> wrote:
Kent,
I tried using those extra arguments and got the same error regarding kvm I reported a few minutes ago:
./simulate: qemu-system-x86_64 -machine q35,accel=kvm,kernel-irqchip=split -cpu Nehalem,+vme,+pdpe1gb,-xsave,-xsaveopt,-xsavec,-fsgsbase,-invpcid,+syscall,+lm,enforce,+vmx -nographic -serial mon:stdio -m size=2G -enable-kvm -device intel-iommu,intremap=off -net nic,model=e1000 -net tap,script=no,ifname=tap0 -kernel images/kernel-x86_64-pc99 -initrd images/capdl-loader-image-x86_64-pc99 Could not access KVM kernel module: No such file or directory
qemu-system-x86_64: failed to initialize KVM: No such file or directory
There are instructions on how to setup KVM and nested virtualization on the tutorial that I've pasted here: "Note if you are using QEMU it is important to ensure that your host machine has VT-x support and KVM (https://www.linux-kvm.org/page/Main_Page) installed. You also need to ensure you have enabled nested virtulisation with KVM guests as described here (https://www.linux-kvm.org/page/Nested_Guests)."
A quick way to check if nested virtualization is enabled (and therefore supported) on your host is to run `cat /sys/module/kvm_intel/parameters/nested`. `Y` should be returned if it's enabled.
It may be easier to run the image on an actual machine instead of in qemu. The images produced can be loaded by a multiboot loader such as grub or pxelinux. (https://docs.sel4.systems/Hardware/VMware/#add-grub2-option-to-run-sel4) has an example grub config.