From veillard at redhat.com Fri Jan 9 13:16:40 2009 From: veillard at redhat.com (Daniel Veillard) Date: Fri, 9 Jan 2009 14:16:40 +0100 Subject: [fedora-virt] test Message-ID: <20090109131640.GA9484@redhat.com> To activate the archival code, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ From tomackell at duke-energy.com Mon Jan 12 17:46:12 2009 From: tomackell at duke-energy.com (Mackell, Thomas O) Date: Mon, 12 Jan 2009 12:46:12 -0500 Subject: [fedora-virt] help Message-ID: -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 862 bytes Desc: image001.gif URL: From loganjerry at gmail.com Mon Jan 12 18:15:55 2009 From: loganjerry at gmail.com (Jerry James) Date: Mon, 12 Jan 2009 11:15:55 -0700 Subject: [fedora-virt] Display resolution: virt-manager + qemu + kvm Message-ID: <870180fe0901121015qb9119cavb846641056c101ab@mail.gmail.com> I used virt-manager to create a virtual Rawhide machine for testing, with qemu and kvm providing the virtualization. My virtual machine is stuck at a low resolution (640x480? I don't remember right now and its on my home machine). When I looked in /var/log/Xorg.log on the virtual machine, I saw lots of complaints about modes being out of range. Resizing the window and going to full screen just scale the low resolution up to the window/screen size. I've combed through the virt-manager man page without finding any mention of video resolution. The kvm man page tells me to use the -std-vga option, but I don't know how to pass it from virt-manager. Does anybody know how to get higher resolutions? The host is a Fedora 10 x86-64 machine, and the virtual machine is a Rawhide x86-64 machine, by the way. -- Jerry James http://loganjerry.googlepages.com/ From markmc at redhat.com Mon Jan 12 19:01:06 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 12 Jan 2009 19:01:06 +0000 Subject: [fedora-virt] Display resolution: virt-manager + qemu + kvm In-Reply-To: <870180fe0901121015qb9119cavb846641056c101ab@mail.gmail.com> References: <870180fe0901121015qb9119cavb846641056c101ab@mail.gmail.com> Message-ID: <1231786866.4290.166.camel@localhost.localdomain> Hi Jerry, On Mon, 2009-01-12 at 11:15 -0700, Jerry James wrote: > I used virt-manager to create a virtual Rawhide machine for testing, > with qemu and kvm providing the virtualization. My virtual machine is > stuck at a low resolution (640x480? I don't remember right now and > its on my home machine). When I looked in /var/log/Xorg.log on the > virtual machine, I saw lots of complaints about modes being out of > range. Sounds like it might be an Xorg bug. I'll try and reproduce soon, but in the meantime please file a bug against Xorg with your Xorg.log and post the bug number here. Thanks, Mark. From loganjerry at gmail.com Tue Jan 13 04:59:10 2009 From: loganjerry at gmail.com (Jerry James) Date: Mon, 12 Jan 2009 21:59:10 -0700 Subject: [fedora-virt] Display resolution: virt-manager + qemu + kvm In-Reply-To: <1231786866.4290.166.camel@localhost.localdomain> References: <870180fe0901121015qb9119cavb846641056c101ab@mail.gmail.com> <1231786866.4290.166.camel@localhost.localdomain> Message-ID: <870180fe0901122059x53a0e6cah622d8081fe1de879@mail.gmail.com> On Mon, Jan 12, 2009 at 12:01 PM, Mark McLoughlin wrote: > Sounds like it might be an Xorg bug. I'll try and reproduce soon, but in > the meantime please file a bug against Xorg with your Xorg.log and post > the bug number here. > > Thanks, > Mark. Thanks, Mark. Here's the bug: https://bugzilla.redhat.com/show_bug.cgi?id=479792 -- Jerry James http://loganjerry.googlepages.com/ From markmc at redhat.com Wed Jan 14 18:32:53 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Wed, 14 Jan 2009 18:32:53 +0000 Subject: [fedora-virt] Fedora virtualization wiki pages Message-ID: <1231957973.4944.323.camel@localhost.localdomain> Hey, I've just spent a few hours trying to clean up the wiki pages. What we're basically left with is: 1) The landing page for virt stuff: https://fedoraproject.org/wiki/Tools/Virtualization The original page was way out of date, so I hacked it to pieces and added a list of packages, mailing list and irc info etc. 2) A bug reporting page: https://fedoraproject.org/wiki/Tools/Virtualization/BugReporting This is just a first cut, plenty of info missing I'm sure 3) The QuickStart page: https://fedoraproject.org/wiki/Tools/Virtualization/QuickStart I haven't touched this apart from moving it under Tools/Virtualization (yes, I added a redirect). This needs some majory surgery IMHO to bring it up to date and provide a nice and simple "getting started with Fedora virtualization" page. Lots of the more difficult content could be moved to "virt tips" pages, probably. 4) The Category:Virtualization page: https://fedoraproject.org/wiki/Category:Virtualization I removed some of the really old cruft pages from the category and added the feature pages. None of this is in any way perfect, so please do feel free to jump in and improve them ... Thanks, Mark. From markmc at redhat.com Thu Jan 15 15:34:48 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Thu, 15 Jan 2009 15:34:48 +0000 Subject: [fedora-virt] Fedora virtualization wiki pages In-Reply-To: <1231957973.4944.323.camel@localhost.localdomain> References: <1231957973.4944.323.camel@localhost.localdomain> Message-ID: <1232033688.5205.30.camel@localhost.localdomain> On Wed, 2009-01-14 at 18:32 +0000, Mark McLoughlin wrote: > Hey, > I've just spent a few hours trying to clean up the wiki pages. What > we're basically left with is: And today I read: https://fedoraproject.org/wiki/Help:Wiki_Structure I'm going to make the changes below soon unless anyone hollers. > 1) The landing page for virt stuff: > > https://fedoraproject.org/wiki/Tools/Virtualization > > The original page was way out of date, so I hacked it to pieces > and added a list of packages, mailing list and irc info etc. Re-naming this page to "Virtualization" > 2) A bug reporting page: > > https://fedoraproject.org/wiki/Tools/Virtualization/BugReporting > > This is just a first cut, plenty of info missing I'm sure Re-naming this to "Reporting virtualization bugs" > 3) The QuickStart page: > > https://fedoraproject.org/wiki/Tools/Virtualization/QuickStart > > I haven't touched this apart from moving it under > Tools/Virtualization (yes, I added a redirect). > > This needs some majory surgery IMHO to bring it up to date and > provide a nice and simple "getting started with Fedora > virtualization" page. > > Lots of the more difficult content could be moved to "virt tips" > pages, probably. Re-naming this to "Getting started with virtualization" > 4) The Category:Virtualization page: > > https://fedoraproject.org/wiki/Category:Virtualization > > I removed some of the really old cruft pages from the category and > added the feature pages. Moving these crufty old pages: Tools/Xen HypervisorDevelopment Tools/VirtAppDevelopment Tools/VirtAPIDevelopment Lhype under "Archive:" Cheers, Mark. From quiubi-ambiente1232343086 at ubibanca.it Mon Jan 19 05:31:26 2009 From: quiubi-ambiente1232343086 at ubibanca.it (Qui UBi per l'ambiente) Date: Mon, 19 Jan 2009 06:31:26 +0100 Subject: [fedora-virt] premia il suo account 1232342407 Message-ID: <200901190531.n0J5VQfK023496@lma.local> An HTML attachment was scrubbed... URL: From markmc at redhat.com Mon Jan 19 15:36:10 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 19 Jan 2009 15:36:10 +0000 Subject: [fedora-virt] Fedora virtualization wiki pages In-Reply-To: <1232033688.5205.30.camel@localhost.localdomain> References: <1231957973.4944.323.camel@localhost.localdomain> <1232033688.5205.30.camel@localhost.localdomain> Message-ID: <1232379370.5627.330.camel@blaa> On Thu, 2009-01-15 at 15:34 +0000, Mark McLoughlin wrote: > On Wed, 2009-01-14 at 18:32 +0000, Mark McLoughlin wrote: > > Hey, > > I've just spent a few hours trying to clean up the wiki pages. What > > we're basically left with is: > > And today I read: > > https://fedoraproject.org/wiki/Help:Wiki_Structure > > I'm going to make the changes below soon unless anyone hollers. > > > 1) The landing page for virt stuff: > > > > https://fedoraproject.org/wiki/Tools/Virtualization > > > > The original page was way out of date, so I hacked it to pieces > > and added a list of packages, mailing list and irc info etc. > > Re-naming this page to "Virtualization" https://fedoraproject.org/wiki/Virtualization > > 2) A bug reporting page: > > > > https://fedoraproject.org/wiki/Tools/Virtualization/BugReporting > > > > This is just a first cut, plenty of info missing I'm sure > > Re-naming this to "Reporting virtualization bugs" https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > 3) The QuickStart page: > > > > https://fedoraproject.org/wiki/Tools/Virtualization/QuickStart > > > > I haven't touched this apart from moving it under > > Tools/Virtualization (yes, I added a redirect). > > > > This needs some majory surgery IMHO to bring it up to date and > > provide a nice and simple "getting started with Fedora > > virtualization" page. > > > > Lots of the more difficult content could be moved to "virt tips" > > pages, probably. > > Re-naming this to "Getting started with virtualization" https://fedoraproject.org/wiki/Getting_started_with_virtualization > > 4) The Category:Virtualization page: > > > > https://fedoraproject.org/wiki/Category:Virtualization > > > > I removed some of the really old cruft pages from the category and > > added the feature pages. > > Moving these crufty old pages: > > Tools/Xen > HypervisorDevelopment > Tools/VirtAppDevelopment > Tools/VirtAPIDevelopment > Lhype > > under "Archive:" https://fedoraproject.org/wiki/Category:Virtualization_archive Cheers, Mark. From markmc at redhat.com Mon Jan 19 15:38:30 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 19 Jan 2009 15:38:30 +0000 Subject: [fedora-virt] Helping with virt bugs Message-ID: <1232379510.5627.333.camel@blaa> Hey, Here's another wiki page - this one for anyone wanting to help out with Fedora virt bugs: https://fedoraproject.org/wiki/Virtualization_bugs We now have another mailing list, fedora-virt-maint, which you can subscribe to and get bugzilla/CVS spam for all virt packages. Cheers, Mark. From cochranb at speakeasy.net Mon Jan 19 16:11:52 2009 From: cochranb at speakeasy.net (Robert L Cochran) Date: Mon, 19 Jan 2009 11:11:52 -0500 Subject: [fedora-virt] Fedora virtualization wiki pages In-Reply-To: <1232379370.5627.330.camel@blaa> References: <1231957973.4944.323.camel@localhost.localdomain> <1232033688.5205.30.camel@localhost.localdomain> <1232379370.5627.330.camel@blaa> Message-ID: <4974A648.4050404@speakeasy.net> I looked over the "Getting Started" page and it is really nice. I wish there was a section on enabling access to USB devices, the hard drive, internet...and so on. How can I contribute to the wiki in these areas, should I go through Mark M. with any submissions? Thanks a lot Bob Cochran Greenbelt, Maryland, USA Mark McLoughlin wrote: > On Thu, 2009-01-15 at 15:34 +0000, Mark McLoughlin wrote: > >> On Wed, 2009-01-14 at 18:32 +0000, Mark McLoughlin wrote: >> >>> Hey, >>> I've just spent a few hours trying to clean up the wiki pages. What >>> we're basically left with is: >>> >> And today I read: >> >> https://fedoraproject.org/wiki/Help:Wiki_Structure >> >> I'm going to make the changes below soon unless anyone hollers. >> >> >>> 1) The landing page for virt stuff: >>> >>> https://fedoraproject.org/wiki/Tools/Virtualization >>> >>> The original page was way out of date, so I hacked it to pieces >>> and added a list of packages, mailing list and irc info etc. >>> >> Re-naming this page to "Virtualization" >> > > https://fedoraproject.org/wiki/Virtualization > > >>> 2) A bug reporting page: >>> >>> https://fedoraproject.org/wiki/Tools/Virtualization/BugReporting >>> >>> This is just a first cut, plenty of info missing I'm sure >>> >> Re-naming this to "Reporting virtualization bugs" >> > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > >>> 3) The QuickStart page: >>> >>> https://fedoraproject.org/wiki/Tools/Virtualization/QuickStart >>> >>> I haven't touched this apart from moving it under >>> Tools/Virtualization (yes, I added a redirect). >>> >>> This needs some majory surgery IMHO to bring it up to date and >>> provide a nice and simple "getting started with Fedora >>> virtualization" page. >>> >>> Lots of the more difficult content could be moved to "virt tips" >>> pages, probably. >>> >> Re-naming this to "Getting started with virtualization" >> > > https://fedoraproject.org/wiki/Getting_started_with_virtualization > > >>> 4) The Category:Virtualization page: >>> >>> https://fedoraproject.org/wiki/Category:Virtualization >>> >>> I removed some of the really old cruft pages from the category and >>> added the feature pages. >>> >> Moving these crufty old pages: >> >> Tools/Xen >> HypervisorDevelopment >> Tools/VirtAppDevelopment >> Tools/VirtAPIDevelopment >> Lhype >> >> under "Archive:" >> > > https://fedoraproject.org/wiki/Category:Virtualization_archive > > Cheers, > Mark. > > _______________________________________________ > Fedora-virt mailing list > Fedora-virt at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-virt > > > From markmc at redhat.com Mon Jan 19 16:53:53 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 19 Jan 2009 16:53:53 +0000 Subject: [fedora-virt] Fedora virtualization wiki pages In-Reply-To: <4974A648.4050404@speakeasy.net> References: <1231957973.4944.323.camel@localhost.localdomain> <1232033688.5205.30.camel@localhost.localdomain> <1232379370.5627.330.camel@blaa> <4974A648.4050404@speakeasy.net> Message-ID: <1232384033.5627.365.camel@blaa> Hi Robert, On Mon, 2009-01-19 at 11:11 -0500, Robert L Cochran wrote: > I looked over the "Getting Started" page and it is really nice. I wish > there was a section on enabling access to USB devices, the hard drive, > internet...and so on. > > How can I contribute to the wiki in these areas, should I go through > Mark M. with any submissions? Great stuff. All you need to do is open a Fedora account. It should be fairly painless. See here: https://fedoraproject.org/wiki/Help:Editing#Gaining_Edit_Access Basically you create an account here: https://admin.fedoraproject.org/accounts/user/new and then read/accept the Contributor License Agreement (CLA). Thanks, Mark. From markmc at redhat.com Mon Jan 19 17:04:04 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 19 Jan 2009 17:04:04 +0000 Subject: [fedora-virt] Helping with virt bugs In-Reply-To: <1232379510.5627.333.camel@blaa> References: <1232379510.5627.333.camel@blaa> Message-ID: <1232384644.5627.367.camel@blaa> On Mon, 2009-01-19 at 15:38 +0000, Mark McLoughlin wrote: > Hey, > Here's another wiki page - this one for anyone wanting to help out with > Fedora virt bugs: > > https://fedoraproject.org/wiki/Virtualization_bugs > > We now have another mailing list, fedora-virt-maint, which you can > subscribe to and get bugzilla/CVS spam for all virt packages. Okay, I've just updated this page again. Because of a knotty bugzilla issue, if you wish to receive bugzilla spam then you need to add fedora-virt-maint at redhat.com to the "watch list" in your bugzilla account preferences: https://bugzilla.redhat.com/userprefs.cgi?tab=email Cheers, Mark. From jswanson at valuecommerce.co.jp Tue Jan 20 05:19:36 2009 From: jswanson at valuecommerce.co.jp (Jon Swanson) Date: Tue, 20 Jan 2009 14:19:36 +0900 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host Message-ID: Hi, I've posted this same problem on the fedora-xen list, and the fedora forums. Sorry to anybody who is getting duplicates. Additional log info is available at http://forums.fedoraforum.org/showthread.php?p=1149972&posted=1#post1149 972 It is also formatted a lot better and may be easier to follow. ------------------------------------------------------------------ I have two machines running fresh installs of f8 with the xen. Kernel and all software versions are the same on both. Specifically: [root at machineA boot]# uname -a Linux machineA 2.6.21.7-5.fc8xen #1 SMP Thu Aug 7 12:44:22 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux [root at machineA boot]# virsh version Compiled against library: libvir 0.4.4 Using library: libvir 0.4.4 Using API: Xen 3.0.1 Running hypervisor: Xen 3.1.0 ------------------------------------------------------------------ And: ------------------------------------------------------------------ [root at machineB ~]# uname -a Linux machineB 2.6.21.7-5.fc8xen #1 SMP Thu Aug 7 12:44:22 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux [root at machineB ~]# virsh version Compiled against library: libvir 0.4.4 Using library: libvir 0.4.4 Using API: Xen 3.0.1 Running hypervisor: Xen 3.1.0 MachineA has two AMD Opteron 275s. MachineB has four Intel(R) Xeon(TM) CPU 2.80GHz processors. Both machines are as up to date as possible. I can boot or create x86_64 f10 guests on MachineA with no trouble whatsoever. MachineB will not boot/create x86_64 f10 guests. The configuration files are created in the same manner, but as soon as Xen tries to unpause the newly created domain, it crashes pretty much instantly. ------------------------------------------------------------------ /var/log/xen/xend.log relevant output: [2009-01-16 14:45:32 4120] DEBUG (DevController:150) Waiting for devices vtpm. [2009-01-16 14:45:32 4120] INFO (XendDomain:1130) Domain f10testB (21) unpaused. [2009-01-16 14:45:32 4120] WARNING (XendDomainInfo:1203) Domain has crashed: name=f10testB id=21. [2009-01-16 14:45:32 4120] DEBUG (XendDomainInfo:1802) XendDomainInfo.destroy: domid=21 [2009-01-16 14:45:32 4120] DEBUG (XendDomainInfo:1821) XendDomainInfo.destroyDomain(21) ------------------------------------------------------------------ I've also tried moving a functional guest from MachineA to MachineB to boot it there, with the same results. Guest will not boot on MachineB. f8 64bit guests will boot on MachineB with no problems. f10 32bit guests will boot on MachineB with no problems. Only 64bit machines seem to be borked. Mark on the fedora-xen list suggested running xenctx on the crashed domain. Output is as follows: ------------------------------------------------------------------ xenctx output: /usr/lib64/xen/bin/xenctx -s System.map-2.6.27.5-117.fc10.x86_64 46 rip: ffffffff8100b8a2 set_page_prot+0x6d rsp: ffffffff81573f08 rax: ffffffea rbx: 000016e1 rcx: 00000055 rdx: 00000000 rsi: 800000014ffc6061 rdi: ffffffff816e1000 rbp: ffffffff81573f68 r8: 0000000f r9: ffffffff817eb450 r10: ffffffff817eb650 r11: 00000010 r12: ffffffff816e1000 r13: 800000014ffc6061 r14: 8000000000000161 r15: 00000016 cs: 0000e033 ds: 00000000 fs: 00000000 gs: 00000000 Stack: 0000000000000055 0000000000000010 ffffffff8100b8a2 000000010000e030 0000000000010082 ffffffff81573f48 000000000000e02b ffffffff8100b89e 0000000000000200 ffffffff816e4000 0000000000000800 0000000000002c00 ffffffff81573ff8 ffffffff815a3c60 0000000000002c00 0000000000000000 Code: 7b 4a 1d 00 4c 89 e7 4c 89 ee 31 d2 e8 22 d9 ff ff 85 c0 74 04 <0f> 0b eb fe 5b 41 5c 41 5d 41 5e Call Trace: [] set_page_prot+0x6d <-- [] set_page_prot+0x6d [] set_page_prot+0x69 [] xen_start_kernel+0x5dd ------------------------------------------------------------------ I also finally figured out you can look at the Xen dmesg, which includes the following line: (XEN) traps.c:405:d44 Unhandled invalid opcode fault/trap [#6] in domain 46 on VCPU 0 [ec=0000] The domain does install so the following bug does not seem to be the cause of the current issues: http://fedoraproject.org/wiki/Bugs/F10Common#Installing_Fedora_10_DomU_o n_Fedora_8_Dom0_Fails Any information / help / insight as to why this is happening would be very much appreciated. The machines are pretty similar, and since the guests are paravirtualized it does not really make sense for the processors to be the cause of the problem. Thanks, jon From markmc at redhat.com Tue Jan 20 10:27:29 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Tue, 20 Jan 2009 10:27:29 +0000 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: References: Message-ID: <1232447249.24817.22.camel@blaa> (Jeremy/Ian - here's some more info on the bug reported here: http://lists.xensource.com/archives/html/xen-devel/2009-01/msg00176.html ) Hi Jon/Phill, Thanks for all the info. Here's the important bits: 1) Host kernel is 2.6.21.7-5.fc8xen, that means the hypervisor is xen-3.1.4 2) The guest kernel is 2.6.27.5-117.fc10.x86_64 3) Phill points out the faulting instruction is UD2. That just means the guest kernel is hitting a BUG() assertion. See /asm-x86/bug.h: #define BUG() \ do { \ asm volatile("ud2"); \ for (;;) ; \ } while (0) 4) The backtrace shows the fault happens in set_page_prot() 5) Jon's dmesg contains: (XEN) mm.c:1362:d46 Bad L1 flags 800000 That means the guest is faulting here: static void set_page_prot(void *addr, pgprot_t prot) { .... if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0)) BUG(); } because the PTE update is failing in the HV here: static int mod_l1_entry(l1_pgentry_t *pl1e, l1_pgentry_t nl1e, unsigned long gl1mfn) { ... if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) { MEM_LOG("Bad L1 flags %x", l1e_get_flags(nl1e) & L1_DISALLOW_MASK); return 0; } ... } the PTE flags are 800000 which corresponds to: #define _PAGE_NX_BIT (1U<<23) Jon/Phill - can one of you two file a bug (bugzilla.redhat.com) with all this info? Thanks, Mark. Previous posts, for reference: http://www.redhat.com/archives/fedora-xen/2009-January/thread.html#00022 http://www.redhat.com/archives/fedora-virt/2009-January/thread.html#00013 From markmc at redhat.com Tue Jan 20 12:34:48 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Tue, 20 Jan 2009 12:34:48 +0000 Subject: [fedora-virt] Re: [et-mgmt-tools] New virt-manager + virtinst releases end of week In-Reply-To: <4974B5B7.3030909@redhat.com> References: <4974B5B7.3030909@redhat.com> Message-ID: <1232454888.5277.4.camel@blaa> (replying on fedora-virt, since et-mgmt-tools isn't strictly a Fedora list) On Mon, 2009-01-19 at 12:17 -0500, Cole Robinson wrote: > Hi all, > > I think it's a good time to push new releases for virt-manager and > virtinst (well, it's actually overdue). > > If there are any changes or bugs you would like to see addressed, please > raise them asap. Ideally I'd like to have any changes committed by > friday, then wrap up and push the release over the weekend. This is probably crazy talk, but the freeze for F11 Alpha is today if you thought it was possible to do these releases sooner. Cheers, Mark. From crobinso at redhat.com Tue Jan 20 15:28:15 2009 From: crobinso at redhat.com (Cole Robinson) Date: Tue, 20 Jan 2009 10:28:15 -0500 Subject: [fedora-virt] Re: [et-mgmt-tools] New virt-manager + virtinst releases end of week In-Reply-To: <1232454888.5277.4.camel@blaa> References: <4974B5B7.3030909@redhat.com> <1232454888.5277.4.camel@blaa> Message-ID: <4975ED8F.6050603@redhat.com> Mark McLoughlin wrote: > (replying on fedora-virt, since et-mgmt-tools isn't strictly a Fedora > list) > > On Mon, 2009-01-19 at 12:17 -0500, Cole Robinson wrote: >> Hi all, >> >> I think it's a good time to push new releases for virt-manager and >> virtinst (well, it's actually overdue). >> >> If there are any changes or bugs you would like to see addressed, please >> raise them asap. Ideally I'd like to have any changes committed by >> friday, then wrap up and push the release over the weekend. > > This is probably crazy talk, but the freeze for F11 Alpha is today if > you thought it was possible to do these releases sooner. > > Cheers, > Mark. > Unfortunately my pre-release list is a bit too long for that, though I wish I had made a point to line up with the alpha. Sorry about that. Thanks, Cole From Ian.Campbell at citrix.com Tue Jan 20 15:55:38 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Tue, 20 Jan 2009 15:55:38 +0000 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: <1232447249.24817.22.camel@blaa> References: <1232447249.24817.22.camel@blaa> Message-ID: <1232466938.22248.92.camel@zakaz.uk.xensource.com> On Tue, 2009-01-20 at 10:27 +0000, Mark McLoughlin wrote: > if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) > { > MEM_LOG("Bad L1 flags %x", > l1e_get_flags(nl1e) & L1_DISALLOW_MASK); > return 0; > } > ... > } > > the PTE flags are 800000 which corresponds to: > > #define _PAGE_NX_BIT (1U<<23) At least in xen-unstable (and I think for much longer) L1_DISALLOW_MASK contains _PAGE_NX_BIT dynamically depending on the processor capabilities. #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) ... /* * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL. * Permit the NX bit if the hardware supports it. */ #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) Does the hardware support NX? What does /proc/cpuinfo in dom0 think? The guest kernel should be setting up __supported_pte_mask appropriately to match the hardware and hence shouldn't be using NX if it isn't available. There's a command line option to force NX, can you try noexec=off on the guest command line. My guess would be that the guest is getting a wrong EFER from somewhere... Ian. From Ian.Campbell at citrix.com Tue Jan 20 17:03:21 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Tue, 20 Jan 2009 17:03:21 +0000 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: <1232447249.24817.22.camel@blaa> References: <1232447249.24817.22.camel@blaa> Message-ID: <1232471001.22248.111.camel@zakaz.uk.xensource.com> (resending with original xen-devel thread participants on CC, please reply to this subthread, I'll forward you guys Mark's original mail in a second) On Tue, 2009-01-20 at 10:27 +0000, Mark McLoughlin wrote: > if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) > { > MEM_LOG("Bad L1 flags %x", > l1e_get_flags(nl1e) & L1_DISALLOW_MASK); > return 0; > } > ... > } > > the PTE flags are 800000 which corresponds to: > > #define _PAGE_NX_BIT (1U<<23) At least in xen-unstable (and I think for much longer) L1_DISALLOW_MASK contains _PAGE_NX_BIT dynamically depending on the processor capabilities. #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) ... /* * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL. * Permit the NX bit if the hardware supports it. */ #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) Does the hardware support NX? What does /proc/cpuinfo in dom0 think? The guest kernel should be setting up __supported_pte_mask appropriately to match the hardware and hence shouldn't be using NX if it isn't available. There's a command line option to force NX, can you try noexec=off on the guest command line. My guess would be that the guest is getting a wrong EFER from somewhere... Ian. From virtualization at webwombat.com.au Wed Jan 21 00:45:53 2009 From: virtualization at webwombat.com.au (Virtualization) Date: Wed, 21 Jan 2009 11:45:53 +1100 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: <1232471001.22248.111.camel@zakaz.uk.xensource.com> References: <1232447249.24817.22.camel@blaa> <1232471001.22248.111.camel@zakaz.uk.xensource.com> Message-ID: <1232498753.3016.15.camel@phills901.wwoffice.com.au> Hi Ian, Indeed nx is on one and not the other! However, that doesn't help... Broken CPU: /proc/cpuinfo: model name : Intel(R) Xeon(TM) CPU 3.00GHz flags : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall lm constant_tsc up pni monitor ds_cpl cid cx16 xtpr Good CPU: model name : AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow rep_good pni cx16 lahf_lm cmp_legacy svm extapic cr8_legacy 3dnowprefetch So, ran it again with noexec=0, [ Minimal BASH-like line editing is supported. ESC at any time cancels. ENTER at any time accepts your changes. ] > kernel /vmlinuz-2.6.27.9-159.fc10.x86_64 ro root=LABEL=/ selinux=0 noipv6 nomodeset noexec=off Results: [ root at office64 xen ]# /usr/lib64/xen/bin/xenctx -s System.map-2.6.27.9-159.fc10.x86_64 119 rip: ffffffff8100b8a2 set_page_prot+0x6d rsp: ffffffff81575f08 rax: ffffffea rbx: 000016e4 rcx: 00000055 rdx: 00000000 rsi: 800000014a293061 rdi: ffffffff816e4000 rbp: ffffffff81575f68 r8: 0000000f r9: ffffffff817ee350 r10: ffffffff817ee550 r11: 00000010 r12: ffffffff816e4000 r13: 800000014a293061 r14: 8000000000000161 r15: 00002c00 cs: 0000e033 ds: 00000000 fs: 00000000 gs: 00000000 Stack: 0000000000000055 0000000000000010 ffffffff8100b8a2 000000010000e030 0000000000010082 ffffffff81575f48 000000000000e02b ffffffff8100b89e 0000000000000200 ffffffff816e7000 0000000000000800 0000000000000016 ffffffff81575ff8 ffffffff815a5c60 0000000000002c00 0000000000000000 Code: df 54 1d 00 4c 89 e7 4c 89 ee 31 d2 e8 22 d9 ff ff 85 c0 74 04 <0f> 0b eb fe 5b 41 5c 41 5d 41 5e Call Trace: [] set_page_prot+0x6d <-- [] set_page_prot+0x6d [] set_page_prot+0x69 [] xen_start_kernel+0x5dd Battling with bugzilla trying to get a new account. It doesn't like me :-( Might have to leave it up to Jon to do the bugzilla thing. Cheers Phill. On Tue, 2009-01-20 at 17:03 +0000, Ian Campbell wrote: > (resending with original xen-devel thread participants on CC, please > reply to this subthread, I'll forward you guys Mark's original mail in a > second) > > On Tue, 2009-01-20 at 10:27 +0000, Mark McLoughlin wrote: > > if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) > > { > > MEM_LOG("Bad L1 flags %x", > > l1e_get_flags(nl1e) & L1_DISALLOW_MASK); > > return 0; > > } > > ... > > } > > > > the PTE flags are 800000 which corresponds to: > > > > #define _PAGE_NX_BIT (1U<<23) > > At least in xen-unstable (and I think for much longer) L1_DISALLOW_MASK > contains _PAGE_NX_BIT dynamically depending on the processor > capabilities. > > #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) > ... > /* > * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL. > * Permit the NX bit if the hardware supports it. > */ > #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) > > #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) > > Does the hardware support NX? What does /proc/cpuinfo in dom0 think? > > The guest kernel should be setting up __supported_pte_mask appropriately > to match the hardware and hence shouldn't be using NX if it isn't > available. There's a command line option to force NX, can you try > noexec=off on the guest command line. > > My guess would be that the guest is getting a wrong EFER from > somewhere... > > Ian. > > From jswanson at valuecommerce.co.jp Wed Jan 21 03:22:07 2009 From: jswanson at valuecommerce.co.jp (Jon Swanson) Date: Wed, 21 Jan 2009 12:22:07 +0900 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) References: <1232447249.24817.22.camel@blaa> Message-ID: Thank you again Mark, Ian, and Phil. As Phil pointed out, my working host has the NX feature, the broken host does not. I also could not create a bugzilla account, but was able to use a co-worker's credentials to create this ticket: https://bugzilla.redhat.com/show_bug.cgi?id=480880 Ian, I didn't have any luck with the noexec=off. xm dmesg output is the same as posted earlier. (XEN) mm.c:1362:d52 Bad L1 flags 800000 (XEN) traps.c:405:d52 Unhandled invalid opcode fault/trap [#6] in domain 52 on VCPU 0 [ec=0000] (XEN) domain_crash_sync called from entry.S (XEN) Domain 52 (vcpu#0) crashed on cpu#3: ... xenctx output: /usr/lib64/xen/bin/xenctx -s System.map-2.6.27.5-117.fc10.x86_64 52 rip: ffffffff8100b8a2 set_page_prot+0x6d rsp: ffffffff81573f08 rax: ffffffea rbx: 000016e1 rcx: 00000054 rdx: 00000000 rsi: 80000000a7be7061 rdi: ffffffff816e1000 rbp: ffffffff81573f68 r8: 0000000f r9: ffffffff817eb450 r10: ffffffff817eb650 r11: 00000010 r12: ffffffff816e1000 r13: 80000000a7be7061 r14: 8000000000000161 r15: 00000016 cs: 0000e033 ds: 00000000 fs: 00000000 gs: 00000000 Stack: 0000000000000054 0000000000000010 ffffffff8100b8a2 000000010000e030 0000000000010082 ffffffff81573f48 000000000000e02b ffffffff8100b89e 0000000000000200 ffffffff816e4000 0000000000000800 0000000000002c00 ffffffff81573ff8 ffffffff815a3c60 0000000000002c00 0000000000000000 Code: 7b 4a 1d 00 4c 89 e7 4c 89 ee 31 d2 e8 22 d9 ff ff 85 c0 74 04 <0f> 0b eb fe 5b 41 5c 41 5d 41 5e Call Trace: [] set_page_prot+0x6d <-- [] set_page_prot+0x6d [] set_page_prot+0x69 [] xen_start_kernel+0x5dd Thanks, jon -----Original Message----- From: Mark McLoughlin [mailto:markmc at redhat.com] Sent: Tuesday, January 20, 2009 7:27 PM To: Jon Swanson Cc: fedora-virt at redhat.com; virtualization at webwombat.com.au; Jeremy Fitzhardinge; Ian Campbell Subject: Re: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) (Jeremy/Ian - here's some more info on the bug reported here: http://lists.xensource.com/archives/html/xen-devel/2009-01/msg00176.html ) Hi Jon/Phill, Thanks for all the info. Here's the important bits: 1) Host kernel is 2.6.21.7-5.fc8xen, that means the hypervisor is xen-3.1.4 2) The guest kernel is 2.6.27.5-117.fc10.x86_64 3) Phill points out the faulting instruction is UD2. That just means the guest kernel is hitting a BUG() assertion. See /asm-x86/bug.h: #define BUG() \ do { \ asm volatile("ud2"); \ for (;;) ; \ } while (0) 4) The backtrace shows the fault happens in set_page_prot() 5) Jon's dmesg contains: (XEN) mm.c:1362:d46 Bad L1 flags 800000 That means the guest is faulting here: static void set_page_prot(void *addr, pgprot_t prot) { .... if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0)) BUG(); } because the PTE update is failing in the HV here: static int mod_l1_entry(l1_pgentry_t *pl1e, l1_pgentry_t nl1e, unsigned long gl1mfn) { ... if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) { MEM_LOG("Bad L1 flags %x", l1e_get_flags(nl1e) & L1_DISALLOW_MASK); return 0; } ... } the PTE flags are 800000 which corresponds to: #define _PAGE_NX_BIT (1U<<23) Jon/Phill - can one of you two file a bug (bugzilla.redhat.com) with all this info? Thanks, Mark. Previous posts, for reference: http://www.redhat.com/archives/fedora-xen/2009-January/thread.html#00022 http://www.redhat.com/archives/fedora-virt/2009-January/thread.html#0001 3 From ondrejj at salstar.sk Wed Jan 21 15:01:01 2009 From: ondrejj at salstar.sk (Jan ONDREJ (SAL)) Date: Wed, 21 Jan 2009 16:01:01 +0100 Subject: [fedora-virt] Problem moving machine from Xen to KVM In-Reply-To: <1232548927.5013.72.camel@blaa> References: <20090121082048.GD9111@salstar.sk> <20090121115039.GA7741@amd.home.annexia.org> <20090121121252.GM9111@salstar.sk> <20090121121931.GA8157@amd.home.annexia.org> <20090121132836.GP9111@salstar.sk> <20090121134552.GA17614@amd.home.annexia.org> <20090121134854.GE28254@redhat.com> <49772CCA.9080509@redhat.com> <20090121142904.GQ9111@salstar.sk> <1232548927.5013.72.camel@blaa> Message-ID: <20090121150100.GA28559@salstar.sk> On Wed, Jan 21, 2009 at 02:42:07PM +0000, Mark McLoughlin wrote: > On Wed, 2009-01-21 at 15:29 +0100, Jan ONDREJ (SAL) wrote: > > > Unable to do success with installing virtio_pci on > > 2.6.27.9-159.fc10.i686.PAE but works well with 2.6.27.9-159.fc10.i686. > > May be there is something wrong with PAE kernel or with initrd. > > Please post the error messages to the fedora-virt at redhat.com list. OK, doing here. All my tryes to create an functional virtio initrd failed on kernel-PAE, when system was booted as "ide" machine. Boot success happened with kernel (non-PAE) and after boot I was able to uninstall kernel-PAE and reinstall it. After this change there are all required modules installed and kernel-PAE boot with virtio drivers (disk and net). More info in this thread: https://www.redhat.com/archives/fedora-xen/2009-January/msg00052.html SAL From markmc at redhat.com Wed Jan 21 16:28:09 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Wed, 21 Jan 2009 16:28:09 +0000 Subject: [fedora-virt] Problem moving machine from Xen to KVM In-Reply-To: <20090121150100.GA28559@salstar.sk> References: <20090121082048.GD9111@salstar.sk> <20090121115039.GA7741@amd.home.annexia.org> <20090121121252.GM9111@salstar.sk> <20090121121931.GA8157@amd.home.annexia.org> <20090121132836.GP9111@salstar.sk> <20090121134552.GA17614@amd.home.annexia.org> <20090121134854.GE28254@redhat.com> <49772CCA.9080509@redhat.com> <20090121142904.GQ9111@salstar.sk> <1232548927.5013.72.camel@blaa> <20090121150100.GA28559@salstar.sk> Message-ID: <1232555289.5013.112.camel@blaa> On Wed, 2009-01-21 at 16:01 +0100, Jan ONDREJ (SAL) wrote: > On Wed, Jan 21, 2009 at 02:42:07PM +0000, Mark McLoughlin wrote: > > On Wed, 2009-01-21 at 15:29 +0100, Jan ONDREJ (SAL) wrote: > > > > > Unable to do success with installing virtio_pci on > > > 2.6.27.9-159.fc10.i686.PAE but works well with 2.6.27.9-159.fc10.i686. > > > May be there is something wrong with PAE kernel or with initrd. > > > > Please post the error messages to the fedora-virt at redhat.com list. > > OK, doing here. > > All my tryes to create an functional virtio initrd failed on kernel-PAE, > when system was booted as "ide" machine. > > Boot success happened with kernel (non-PAE) and after boot I was able to > uninstall kernel-PAE and reinstall it. After this change there are all > required modules installed and kernel-PAE boot with virtio drivers (disk > and net). Sorry, I'm a little confused - it's working okay for you now? (Small tip for others, to check the contents of your initrd, do: $> mkdir initrd-dump && cd initrd-dump $> gzip -cd < /boot/initrd-foo.img | cpio -ivd ) Cheers, Mark. From ondrejj at salstar.sk Wed Jan 21 16:35:11 2009 From: ondrejj at salstar.sk (Jan ONDREJ (SAL)) Date: Wed, 21 Jan 2009 17:35:11 +0100 Subject: [fedora-virt] Problem moving machine from Xen to KVM In-Reply-To: <1232555289.5013.112.camel@blaa> References: <20090121121252.GM9111@salstar.sk> <20090121121931.GA8157@amd.home.annexia.org> <20090121132836.GP9111@salstar.sk> <20090121134552.GA17614@amd.home.annexia.org> <20090121134854.GE28254@redhat.com> <49772CCA.9080509@redhat.com> <20090121142904.GQ9111@salstar.sk> <1232548927.5013.72.camel@blaa> <20090121150100.GA28559@salstar.sk> <1232555289.5013.112.camel@blaa> Message-ID: <20090121163511.GB30939@salstar.sk> On Wed, Jan 21, 2009 at 04:28:09PM +0000, Mark McLoughlin wrote: > > Boot success happened with kernel (non-PAE) and after boot I was able to > > uninstall kernel-PAE and reinstall it. After this change there are all > > required modules installed and kernel-PAE boot with virtio drivers (disk > > and net). > > Sorry, I'm a little confused - it's working okay for you now? Yes, it's working well with PAE and non PAE kernel too. But I don't know, what has been difference, why there was no virtio_pci in my initrd. > (Small tip for others, to check the contents of your initrd, do: > > $> mkdir initrd-dump && cd initrd-dump > $> gzip -cd < /boot/initrd-foo.img | cpio -ivd > ) An better way for those, who likes "mc" (midnight commander): # ln -s /boot/initrd-$(uname -r).img /tmp/initrd.cpio.gz and normally open /tmp/initrd.cpio.gz in mc. :) SAL From markmc at redhat.com Thu Jan 22 11:53:19 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Thu, 22 Jan 2009 11:53:19 +0000 Subject: [fedora-virt] F11 features Message-ID: <1232625199.4964.35.camel@blaa> Hey, We're a bit behind on writing up descriptions for the virt features coming in F11, but here's the first two pages: https://fedoraproject.org/wiki/Features/VirtVNCAuth Define a mapping of SASL authentication into the VNC protocol, and implement it for QEMU and GTK-VNC, providing strongly authenticated, securely encrypted remote access of virtual guest consoles. https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment Assign PCI devices from your KVM host machine to guest virtual machines. A common example is assigning a network card to a guest. Please jump in with comments, testing, wiki edits, etc. Cheers, Mark. From shunt at recordsreduction.com Thu Jan 22 16:37:35 2009 From: shunt at recordsreduction.com (Shane Hunt) Date: Thu, 22 Jan 2009 08:37:35 -0800 Subject: [fedora-virt] =?utf-8?q?Do_you_dread_moving_the_=E2=80=9908_file?= =?utf-8?q?s_to_make_room_for_=E2=80=9909=3F?= Message-ID: <200901221703.n0MGpH5q006938@mx1.redhat.com> Let us do it for you?.FREE of charge. Records Reduction, Inc. is offering FREE pickup for new customers in January & February, 2009. In addition, we will also pull the files from the filing cabinets and box them at NO CHARGE! That?s right, this year you will have to touch a file to get ready for ?09 files. It?s the perfect time for you to begin using our services. Scanning ? This is the best solutions for files that you must keep long term,or that require a lot of retrievals. Records Reduction, Inc. will scan them in and provide a legal copy on disk. You can save the files on your system and have a networked imaging solution with no additional software. Off site file storage ? This is the most economical solution for files that you don?t have to keep long term and for those that are rarely retrieved. Shredding ? If you have files that no longer have to be kept, let us pick them up and provide secure shredding. It?s also a great solution for any documents that contain Names, Social Security Numbers, or other identifying information. We can do large purges, or provide secure bins for ongoing shredding. Please call Shane Hunt @ 704-724-3313, or email shunt at recordsreduction.com for more information. www.recordsreduction.com Electronic filing (scanning/imaging) is the best long-term storage solution for any files that you must keep long term, or if you do a lot of retrievals from them. Examples include, but are not limited to: Accounts Payable Human Resources Medical Charts EOBs Sales Files Job Files Accounts Receivable Engineering Drawings School Records Educational Materials Legal Files Real Estate Files Bill of Ladings Workers Comp Files Which Service is Right for You? Document Scanning Document scanning is perfect for files that you must store for a long time ? typically five years or greater. Also, if you have to do many retrievals, scanning will pay for itself by increasing efficiencies in the office. With scanning, there are no ongoing costs. You pay once and you have a legal copy of your business documents forever. Some examples where scanning makes sense include Accounts Payables, Job Files, Corporate Financials, Medical Files, Legal Files, Insurance Documents, Human Resources, etc. www.recordsreduction.com Offsite Record Storage Offsite document Storage is best for files that you do not have to keep forever, and do very little retrievals. Records Reduction, Inc. provides records storage, retrieval, delivery and pick-up services for companies in the Carolinas. Records are stored at our secure service center where our team members retrieve boxes or individual files as requested by our clients. Records are normally delivered the next day & emergency delivery options are also available. We can always retrieve the file, scan it and email or fax it to you within minutes. Records Reduction, Inc. will become an extension to your existing file room or storage area by providing: - Secure, confidential document storage - Efficient retrieval of records - Next-day & emergency deliveries - The highest level of customer service in the industry We manage your records inventory through computer software tracking system. Once records are entered into our database and placed into storage, our customers can simply call or email and have their files physically or electronically delivered. www.recordsreduction.com Ongoing, Onsite Document Destruction Identity theft is the fastest rising crime in America. Companies can be found liable if they do not protect information that can be used in identity theft. You can use our secure bins for paper that contains information that might be used for identity theft. Many companies now use the bins for ALL of their discarded paper - sensitive or not - simply because they know it will be recycled. It's just another way to help protect our planet! Records Reduction, Inc. provides FREE locked, secure containers for thestorage of your confidential material while awaiting destruction. The containers are attractive and fit in well with all office environments. Our containers will segregate and secure sensitive materials in between our service visits. The containers are locked and can only be opened by authorized personnel, eliminating the chance of sensitive documents being made public or falling into the wrong hands. The locked containers will be picked up and placed in a secure document shredding system. In addition to paper document shredding services, Records Reduction provides secure destruction services for X-Rays, Computer Hard Drives, CDs, and Magnetic Media Tapes. www.recordsreduction.com Bulk Purge Shredding Services Companies file away storage boxes year after year. Often, they are kept long after their legal requirement. Shredding has become a necessary business service to not only comply with regulatory requirements but to protect your business, employees and customers from identity theft. Experts recommend that you shred most files as soon as it is legally permissible. Records Reduction, Inc. can provide onsite or offsite secure shredding services. www.recordsreduction.com eDocHealth ? Electronic Medical Records Solution Enhance Patient Care, reduce cost of operations and increase revenues through eDocHealth. eDocHealth is a proven medical document management solution that instantly improves medical office document access as well as practice workflow by electronically scanning and filing your documents and making them accessible to your entire staff regardless of their location. When you minimize paper-based activity and work within a digital environment, you trim overhead costs by reducing reliance on paper, streamline workflow with quick access to information, and protect patient records with strict user-control. The burden of administrative and clinical documents in a medical practice is considerable. Busy offices lead to inaccessible administrative documents and charts; whether misplaced, lost, or in use by another staff member. Physician practices continue to seek a solution to reduce or eliminate the increasing volumes of paper within their organizations. The optimal product would eliminate the issues of overcrowded office space and storage facilities as well as the problems associated with paper medical records such as lost or misplaced patient charts, patient EOBs, etc. Medical staff and providers demand a user friendly HIPAA compliant solution that enhances patient care, and reduces cost of operations while increasing revenue and generating a rapid return on investment (ROI). eDocHealth is a cost-effective way to meet those needs, by automation of administrative and clinical documents management. eDocHealth does not force you to change your office workflow, instead, it can adapt to it or be configured for ?best operational practices?. eDocHealth can work in conjunction with your Practice Management software and Electronic Medical Records software (EMR/EHR). In most cases document management solutions are better suited to manage medical records than traditional EMR/EHR. It is a non fact that document management solutions have near 98% implementation success while traditional EMR/HER solutions are more challenging endeavors. www.recordsreduction.com PO Box 3322, Matthews, NC 28106 http://app.streamsend.com/private/tF8d/2bm/tbuVb85/unsubscribe/2511712 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjones at redhat.com Thu Jan 22 20:24:37 2009 From: rjones at redhat.com (Richard W.M. Jones) Date: Thu, 22 Jan 2009 20:24:37 +0000 Subject: [fedora-virt] Re: virt-p2v In-Reply-To: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> References: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> Message-ID: <20090122202437.GA15629@amd.home.annexia.org> On Thu, Jan 22, 2009 at 10:34:22AM -0800, Brian Krusic wrote: > I've used virt-p2v many times with great success. > > However I have an issue. > > I've always converted hosts having small disks of around 35G over to > domUs but have an issue were my current host in need of being > virtualized has a physical disk of 400G but its / partition is only 35G, > the rest of the drive is unallocated/unpartitioned and therefore unused. [...] > I obviously don't want to migrate the entire 400G disk as it only has a > 35G root partition (ext3, no LVMs in this case). Oh dear, this is a problem :-( The answer unfortunately is that virt-p2v currently doesn't support this - we can only migrate whole block devices. Unfortunately even compression doesn't help very much here. Even if the disk is mainly zeroes, the gzip-based compression used doesn't compress very well, so you'll still have a longish wait. You can try selecting compression anyway to see if it helps. It's on the long to-do list to fix this so that people can migrate partial disks (including just subdirectories, and excluding subdirectories). BTW, if the disk doesn't use LVM, you will need to use version 0.9.9, uploaded to the website a few days ago, because that fixes a bug related to having the root partition not being on LVM. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones Read my OCaml programming blog: http://camltastic.blogspot.com/ Fedora now supports 68 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora From belegdol at gmail.com Fri Jan 23 11:59:11 2009 From: belegdol at gmail.com (Julian Sikorski) Date: Fri, 23 Jan 2009 12:59:11 +0100 Subject: [fedora-virt] xenner service not started automatically Message-ID: <4979B10F.2040407@gmail.com> Hi, It seems that the xenner service is not started when you attempt to install a paravirt guest. It took me a while to figure out that it needs to be started manually. Is it possible to make that service get started on demand? There is a bug on that, #462120. Regards, Julian From belegdol at gmail.com Fri Jan 23 12:21:47 2009 From: belegdol at gmail.com (Julian Sikorski) Date: Fri, 23 Jan 2009 13:21:47 +0100 Subject: [fedora-virt] xenner service not started automatically Message-ID: <4979B65B.7070006@gmail.com> Hi, It seems that the xenner service is not started when you attempt to install a paravirt guest. It took me a while to figure out that it needs to be started manually. Is it possible to make that service get started on demand? There is a bug on that, #462120. Regards, Julian From belegdol at gmail.com Fri Jan 23 12:22:04 2009 From: belegdol at gmail.com (Julian Sikorski) Date: Fri, 23 Jan 2009 13:22:04 +0100 Subject: [fedora-virt] Unable to install kvm paravirt guest Message-ID: <4979B66C.3080907@gmail.com> Hi, I am trying to install i386 paravirt rawhide kvm guest (using xenner) into a Fedora 10 x86_64 host. I use the following command: virt-install --paravirt --os-type=linux --location=http://ftp.ps.pl/pub/Linux/fedora-linux/development/i386/os/ --name=pararawhide-i386 --vcpus=1 --file=/var/lib/libvirt/images/pararawhide-i386.img --accelerate --nonsparse --ram=512 --file-size=15 Unfortunately, anaconda fails when it is supposed to fetch install.img, it says there was an error configuring the network connection. The log is attached. Do you have any ideas what is wrong here? Regards, Julian From belegdol at gmail.com Fri Jan 23 12:23:39 2009 From: belegdol at gmail.com (Julian Sikorski) Date: Fri, 23 Jan 2009 13:23:39 +0100 Subject: [fedora-virt] Unable to install kvm paravirt guest Message-ID: <4979B6CB.3010707@gmail.com> Hi, I am trying to install i386 paravirt rawhide kvm guest (using xenner) into a Fedora 10 x86_64 host. I use the following command: virt-install --paravirt --os-type=linux --location=http://ftp.ps.pl/pub/Linux/fedora-linux/development/i386/os/ --name=pararawhide-i386 --vcpus=1 --file=/var/lib/libvirt/images/pararawhide-i386.img --accelerate --nonsparse --ram=512 --file-size=15 Unfortunately, anaconda fails when it is supposed to fetch install.img, it says there was an error configuring the network connection. The log is attached. Do you have any ideas what is wrong here? Regards, Julian From belegdol at gmail.com Fri Jan 23 12:45:41 2009 From: belegdol at gmail.com (Julian Sikorski) Date: Fri, 23 Jan 2009 13:45:41 +0100 Subject: [fedora-virt] Re: Unable to install kvm paravirt guest In-Reply-To: <4979B6CB.3010707@gmail.com> References: <4979B6CB.3010707@gmail.com> Message-ID: <4979BBF5.7040503@gmail.com> Julian Sikorski pisze: > Hi, > > I am trying to install i386 paravirt rawhide kvm guest (using xenner) > into a Fedora 10 x86_64 host. I use the following command: > > virt-install --paravirt --os-type=linux > --location=http://ftp.ps.pl/pub/Linux/fedora-linux/development/i386/os/ > --name=pararawhide-i386 --vcpus=1 > --file=/var/lib/libvirt/images/pararawhide-i386.img --accelerate > --nonsparse --ram=512 --file-size=15 > > Unfortunately, anaconda fails when it is supposed to fetch install.img, > it says there was an error configuring the network connection. The log > is attached. Do you have any ideas what is wrong here? > > Regards, > Julian > Seems like I forgot to attach the actual log. Sorry. Julian -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: pararawhide-i386.log URL: From markmc at redhat.com Fri Jan 23 15:25:16 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Fri, 23 Jan 2009 15:25:16 +0000 Subject: [fedora-virt] F11 features - KVM and QEMU merge In-Reply-To: <1232625199.4964.35.camel@blaa> References: <1232625199.4964.35.camel@blaa> Message-ID: <1232724316.5115.101.camel@blaa> Hi, Here's another one: https://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge Glommer is fleshing out more of the details on this as we speak. Cheers, Mark. From Ian.Campbell at citrix.com Fri Jan 23 15:59:27 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Fri, 23 Jan 2009 15:59:27 +0000 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: References: <1232447249.24817.22.camel@blaa> Message-ID: <1232726367.1818.19.camel@zakaz.uk.xensource.com> On Wed, 2009-01-21 at 12:22 +0900, Jon Swanson wrote: > Thank you again Mark, Ian, and Phil. > > As Phil pointed out, my working host has the NX feature, the broken host > does not. > > I also could not create a bugzilla account, but was able to use a > co-worker's credentials to create this ticket: > https://bugzilla.redhat.com/show_bug.cgi?id=480880 > > Ian, I didn't have any luck with the noexec=off. It turns out that nonx_setup() and check_efer() both run quite a while after all the set_page_prot calls in xen_setup_kernel() which include _PAGE_NX via PAGE_KERNEL_RO. On 32 bit __supported_pte_mask starts off without NX in it and it gets added later if the system supports it. This is safe but means that the pages frobbed by the early Xen setup won't have NX set when they could (unless they all get frobbed again later?) On 64 bit __supported_pte_mask contains NX at start of day and it is taken away later on if the system turns out not to support it. Native seems to mainly use _KERNPG_TABLE which does not include NX, can you try this patch? (lots of printks because I don't have any non-NX hardware to test properly). diff -r ec792b22009f arch/x86/mm/init_64.c --- a/arch/x86/mm/init_64.c Fri Jan 23 15:27:45 2009 +0000 +++ b/arch/x86/mm/init_64.c Fri Jan 23 15:58:03 2009 +0000 @@ -103,12 +103,15 @@ */ static int __init nonx_setup(char *str) { + printk(KERN_CRIT "noexec_setup %s\n", str); if (!str) return -EINVAL; if (!strncmp(str, "on", 2)) { + printk(KERN_CRIT "noexec_setup: enabling NX\n"); __supported_pte_mask |= _PAGE_NX; do_not_nx = 0; } else if (!strncmp(str, "off", 3)) { + printk(KERN_CRIT "noexec_setup: disabling NX\n"); do_not_nx = 1; __supported_pte_mask &= ~_PAGE_NX; } @@ -121,8 +124,13 @@ unsigned long efer; rdmsrl(MSR_EFER, efer); - if (!(efer & EFER_NX) || do_not_nx) + if (!(efer & EFER_NX) || do_not_nx) { + printk(KERN_CRIT "check_efer: disabling NX\n"); __supported_pte_mask &= ~_PAGE_NX; + } else + printk(KERN_CRIT "check_efer: leaving NX alone. supported_pte_mask %s the NX bit\n", + __supported_pte_mask & _PAGE_NX ? "includes" : "excludes"); + } int force_personality32; diff -r ec792b22009f arch/x86/xen/enlighten.c --- a/arch/x86/xen/enlighten.c Fri Jan 23 15:27:45 2009 +0000 +++ b/arch/x86/xen/enlighten.c Fri Jan 23 15:58:03 2009 +0000 @@ -54,6 +54,9 @@ #include "xen-ops.h" #include "mmu.h" #include "multicalls.h" + +#define _KERNPG_TABLE_RO __pgprot(_KERNPG_TABLE & ~_PAGE_RW) +//#define _KERNPG_TABLE_RO (_KERNPG_TABLE) EXPORT_SYMBOL_GPL(hypercall_page); @@ -1476,6 +1479,15 @@ { unsigned long pfn = __pa(addr) >> PAGE_SHIFT; pte_t pte = pfn_pte(pfn, prot); + static int once = 5; + + if (once > 0 && pte_val(pte) & _PAGE_NX) { + once--; + printk(KERN_CRIT "set_page_prot to %#lx (incl NX) supported_pte_mask %#lx %s the NX bit\n", + pgprot_val(prot), __supported_pte_mask, __supported_pte_mask & _PAGE_NX ? "includes" : "excludes"); + printk(KERN_CRIT "pte is %#lx\n", pte_val(pte)); + WARN_ON(1); + } if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0)) BUG(); @@ -1522,9 +1534,9 @@ } for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE) - set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO); + set_page_prot(&level1_ident_pgt[pteidx], _KERNPG_TABLE_RO); - set_page_prot(pmd, PAGE_KERNEL_RO); + set_page_prot(pmd, _KERNPG_TABLE_RO); } static __init void xen_ident_map_ISA(void) @@ -1601,12 +1613,12 @@ xen_map_identity_early(level2_ident_pgt, max_pfn); /* Make pagetable pieces RO */ - set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); + set_page_prot(init_level4_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_ident_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_user_vsyscall, _KERNPG_TABLE_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level2_fixmap_pgt, _KERNPG_TABLE_RO); /* Pin down new L4 */ pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, @@ -1670,9 +1682,9 @@ set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY], __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT)); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO); - set_page_prot(empty_zero_page, PAGE_KERNEL_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(swapper_pg_dir, _KERNPG_TABLE_RO); + set_page_prot(empty_zero_page, _KERNPG_TABLE_RO); pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd))); From jlaska at redhat.com Fri Jan 23 16:14:00 2009 From: jlaska at redhat.com (James Laska) Date: Fri, 23 Jan 2009 11:14:00 -0500 Subject: [fedora-virt] F11 features - KVM and QEMU merge In-Reply-To: <1232724316.5115.101.camel@blaa> References: <1232625199.4964.35.camel@blaa> <1232724316.5115.101.camel@blaa> Message-ID: <1232727240.3647.227.camel@localhost.localdomain> On Fri, 2009-01-23 at 15:25 +0000, Mark McLoughlin wrote: > Hi, > > Here's another one: > > https://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge > > Glommer is fleshing out more of the details on this as we speak. Great stuff! I'm actively looking to fill slots (https://fedoraproject.org/wiki/QA/Test_Days/F11) for upcoming test days. Glommer, just let me know if you would like to have a Fedora Test Day for this feature. We can use the a test day for whatever you feel needs the most attention (unit tests, test planning, test case development, exploratory testing, integration etc...). Just let me know how I can of service :) Thanks, James -- ========================================== James Laska -- jlaska at redhat.com Quality Engineering -- Red Hat, Inc. ========================================== -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: From glommer at redhat.com Fri Jan 23 16:31:37 2009 From: glommer at redhat.com (Glauber Costa) Date: Fri, 23 Jan 2009 14:31:37 -0200 Subject: [fedora-virt] F11 features - KVM and QEMU merge In-Reply-To: <1232727240.3647.227.camel@localhost.localdomain> References: <1232625199.4964.35.camel@blaa> <1232724316.5115.101.camel@blaa> <1232727240.3647.227.camel@localhost.localdomain> Message-ID: <20090123163137.GE12049@poweredge.glommer> On Fri, Jan 23, 2009 at 11:14:00AM -0500, James Laska wrote: > On Fri, 2009-01-23 at 15:25 +0000, Mark McLoughlin wrote: > > Hi, > > > > Here's another one: > > > > https://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge > > > > Glommer is fleshing out more of the details on this as we speak. > > Great stuff! I'm actively looking to fill slots > (https://fedoraproject.org/wiki/QA/Test_Days/F11) for upcoming test > days. > > Glommer, just let me know if you would like to have a Fedora Test Day > for this feature. We can use the a test day for whatever you feel needs > the most attention (unit tests, test planning, test case development, > exploratory testing, integration etc...). That would be awesome, since the last release we have for qemu is so old, that problems are likely to appear. Be it with an hypotetical official qemu release, be it with one of our own. From glommer at redhat.com Fri Jan 23 16:50:20 2009 From: glommer at redhat.com (Glauber Costa) Date: Fri, 23 Jan 2009 14:50:20 -0200 Subject: [fedora-virt] F11 features - KVM and QEMU merge In-Reply-To: <1232727240.3647.227.camel@localhost.localdomain> References: <1232625199.4964.35.camel@blaa> <1232724316.5115.101.camel@blaa> <1232727240.3647.227.camel@localhost.localdomain> Message-ID: <20090123165020.GF12049@poweredge.glommer> On Fri, Jan 23, 2009 at 11:14:00AM -0500, James Laska wrote: > On Fri, 2009-01-23 at 15:25 +0000, Mark McLoughlin wrote: > > Hi, > > > > Here's another one: > > > > https://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge > > > > Glommer is fleshing out more of the details on this as we speak. > > Great stuff! I'm actively looking to fill slots > (https://fedoraproject.org/wiki/QA/Test_Days/F11) for upcoming test > days. > > Glommer, just let me know if you would like to have a Fedora Test Day > for this feature. We can use the a test day for whatever you feel needs > the most attention (unit tests, test planning, test case development, > exploratory testing, integration etc...). > > Just let me know how I can of service :) I have a test build of it at: http://koji.fedoraproject.org/koji/taskinfo?taskID=1076765 I haven't underwent any kind of testing yet, and it does not include kvm support - To make it step by step, I based it on qemu-svn, not kvm-userspace.git From markmc at redhat.com Fri Jan 23 17:49:39 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Fri, 23 Jan 2009 17:49:39 +0000 Subject: [fedora-virt] Weekly virt status Message-ID: <1232732979.5115.110.camel@blaa> Hey, I've started sending out a "Fedora Virtualization status report" to folks at Red Hat to keep people informed about what's going on. Dan Berrange suggested I send it here too ... not sure why I didn't think of that myself. Feedback or suggestions very welcome. Cheers, Mark. The Fedora 11 Alpha Freeze happened this week, but unfortunately things we in great shape. Wait, that's a good thing! Well, things were in such great shape, there was going to be too big a gap between the freeze and release, so rel-eng has decided to try the freeze again next week. So it now looks like: 2009-01-27 Alpha Freeze (4 days) 2009-03-03 Feature freeze (39 days) 2009-03-10 Beta Freeze (46 days) 2009-04-14 Final freeze (81 days) Alpha Freeze, Take 1 ==================== We had a bunch of blockers to resolve before the freeze. Rawhide installs had all sorts of issues, mainly in anaconda. However, just because they're anaconda bugs doesn't let us off the hook. Some of these were virt specific, and the existance of any of these blockers meant that we weren't rigorous enough about testing and filing bugs against rawhide. Hopefully we'll do better for the rest of the release cycle. Some of the anaconda blockers: rawhide anaconda stage1 x86_64 images missing virtio drivers https://bugzilla.redhat.com/480307 anaconda loader crashes when configuring a network interface https://bugzilla.redhat.com/479707 rawhide anaconda vnc install failure https://bugzilla.redhat.com/480308 No networking configured after rawhide kickstart install https://bugzilla.redhat.com/480769 And we had one fairly random libvirt blocker caused by a change in chkconfig: libvirt default network not enabled at install time (chkconfig regression) https://bugzilla.redhat.com/480805 Alpha Freeze, Take 2 ==================== Cole is working on new virt-manager and virtinst releases. Will we make the freeze this time? We didn't get the libvirt 0.6.0 release done this week, but maybe in time for next Tuesday? On the KVM side, we should aim to get a resolution either way for the unsynchronized TSC issue: https://bugzilla.redhat.com/475598 Avi, Gerd, Glauber and Juan have all been actively looking at this. Looks like we're close to a patch. But at this point, we need to decide either to include the patch in the alpha or disable kvmclock temporarily. fedora-maint-list ================= We created a fedora-maint-list to allow people to easily watch what's going on with all virt related packages in Fedora. Sign up here: http://www.redhat.com/mailman/listinfo/fedora-virt-maint/ and also add fedora-maint-list at redhat.com to your bugzilla watch list: https://bugzilla.redhat.com/userprefs.cgi?tab=email If you want to filter these mails, try this: Sender is bugzilla at redhat.com X-Bugzilla-Reason is None X-Bugzilla-Watch-Reason contains fedora-virt-maint at redhat.com That way you can keep them separate from mails sent because you were directly cc-ed on a bug. Tracker Bugs and Queries ======================== See this wiki page: https://fedoraproject.org/wiki/Virtualization_bugs We now have virt tracker bugs for F11: https://bugzilla.redhat.com/showdependencytree.cgi?id=F11VirtTarget&hide_resolved=1 https://bugzilla.redhat.com/showdependencytree.cgi?id=F11VirtBlocker&hide_resolved=1 and also a bunch of pre-canned bugzilla queries for all the different virt packages. F11 Features ============ These features have been posted to the wiki: https://fedoraproject.org/wiki/Features/VirtVNCAuth https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment https://fedoraproject.org/wiki/Features/KVM_and_QEMU_merge More drafts are in progress. Fedora 10 Kernel ================ 2.6.28 is coming soon to F10: http://www.redhat.com/archives/fedora-devel-list/2009-January/msg01302.html An initial build is already in Koji if people want to give it some early testing. bugs ==== The page: https://fedoraproject.org/wiki/Virtualization_bugs has a bunch of bugzilla queries. I'll quote the number of open Fedora virt bugs here from week to week to track progress. DOOM-O-METER: 186 open bugs KVM issues: KVM running on 32-bit host on 64-bit CPU passes EM64T flag to guests https://bugzilla.redhat.com/481274 Just filed, needs triaging kvm/ kernel crash upon installation of guest https://bugzilla.redhat.com/480779 MMU bug, Marcelo looking Sound under KVM requires exclusive access to the sound device https://bugzilla.redhat.com/477955 Warren built a fix, need to explore PA option SDL graphics is wrongly decoding keycode symbols https://bugzilla.redhat.com/478976 Patch needs sending upstream Include kvm_stat for debugging https://bugzilla.redhat.com/480942 Two netdev/slub related oops in 2.6.29: virtio_net oops during rawhide guest install on rawhide host https://bugzilla.redhat.com/480822 rtl8139 oops while installing rawhide/x86_64 guest on F-10/x86_64 host https://bugzilla.redhat.com/480850 A good number of libvirt etc. bugs were triaged/closed this week, some of the remaining interesting ones: Running KVM guests as a normal user https://bugzilla.redhat.com/481260 Lots involved here, will be split out into separate bugs Virtual network won't work until restart https://bugzilla.redhat.com/467687 aka. who's freaking loading /etc/sysctl.conf? virt-install doesn't know to use virtio for RHEL5.3 https://bugzilla.redhat.com/477752 dnsmasq DNS returns 127.0.0.1 for lookup of host https://bugzilla.redhat.com/470391 Xen pv_ops issues: f10 x86_64 xen guests fail to boot on f8 host (NX issue) https://bugzilla.redhat.com/480880 anaconda installs the wrong kernel for i686 xen guests https://bugzilla.redhat.com/470905 From waf at brunz.org Fri Jan 23 19:38:10 2009 From: waf at brunz.org (Wayne Feick) Date: Fri, 23 Jan 2009 11:38:10 -0800 Subject: [fedora-virt] Does KVM PCI Device Assignment allow guests to access firewire? Message-ID: <1232739490.22018.4.camel@localhost.localdomain> https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment The work on PCI device assignment looks like it might allow guests to access a firewire device. Can anyone confirm or deny whether that will be the case? Specifically, I currently run Linux as my desktop and Windows in a VMware guest for software like Adobe Premiere. This arrangement lets me do video editing, but not video capture from firewire since VMware doesn't support it. If KVM allows me to run a Windows guest that will be able to do capture video from the firewire port, I'll be switching away from VMware. Wayne. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jswanson at valuecommerce.co.jp Mon Jan 26 08:52:27 2009 From: jswanson at valuecommerce.co.jp (Jon Swanson) Date: Mon, 26 Jan 2009 17:52:27 +0900 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host(guest setting NX bit in L1 PTE?) References: <1232447249.24817.22.camel@blaa> <1232726367.1818.19.camel@zakaz.uk.xensource.com> Message-ID: Hey Ian, Probably incompetence on my part, but I am unable to get the patch to apply. What specific version of the kernel are you doing this on? I'm getting the following error: ------------------------------------------------------------------------ --------------------------------------------- ~/rpmbuild/BUILD> patch --dry-run -p0 < ~/f10xenNoNX.patch.txt patching file a/arch/x86/mm/init_64.c patch: **** malformed patch at line 19: @@ -121,8 +124,13 @@ ------------------------------------------------------------------------ --------------------------------------------- I've tried with the following kernel versions, and duplicated your directory structure: kernel-2.6.27.5-117.fc10.src.rpm kernel-2.6.27.9-159.fc10.src.rpm I've also tried just patching one of the files: ------------------------------------------------------------------------ --------------------------------------------- ~/rpmbuild/BUILD>patch --dry-run --verbose a/arch/x86/mm/init_64.c ~/f10init_64.c.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |diff -r ec792b22009f arch/x86/mm/init_64.c |--- a/arch/x86/mm/init_64.c Fri Jan 23 15:27:45 2009 +0000 |+++ b/arch/x86/mm/init_64.c Fri Jan 23 15:58:03 2009 +0000 -------------------------- Patching file a/arch/x86/mm/init_64.c using Plan A... patch: **** malformed patch at line 19: @@ -121,8 +124,13 @@ ------------------------------------------------------------------------ --------------------------------------------- I opened up the file and was about to do it manually, but it seems radically different so stopped. ------------------------------------------------------------------------ --------------------------------------------- ~/rpmbuild/BUILD> sed -n '120,125p' a/arch/x86/mm/init_64.c pud = pud_page + pud_index(vaddr); if (pud_none(*pud)) { pmd = (pmd_t *) spp_getpage(); pud_populate(&init_mm, pud, pmd); if (pmd != pmd_offset(pud, 0)) { ------------------------------------------------------------------------ --------------------------------------------- I'm sorry if I'm just being an idiot, but any insight you can share would be greatly appreciated. Thanks, jon -----Original Message----- From: Ian Campbell [mailto:Ian.Campbell at citrix.com] Sent: Saturday, January 24, 2009 12:59 AM To: Jon Swanson Cc: Mark McLoughlin; fedora-virt at redhat.com; virtualization at webwombat.com.au; Jeremy Fitzhardinge Subject: RE: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host(guest setting NX bit in L1 PTE?) On Wed, 2009-01-21 at 12:22 +0900, Jon Swanson wrote: > Thank you again Mark, Ian, and Phil. > > As Phil pointed out, my working host has the NX feature, the broken > host does not. > > I also could not create a bugzilla account, but was able to use a > co-worker's credentials to create this ticket: > https://bugzilla.redhat.com/show_bug.cgi?id=480880 > > Ian, I didn't have any luck with the noexec=off. It turns out that nonx_setup() and check_efer() both run quite a while after all the set_page_prot calls in xen_setup_kernel() which include _PAGE_NX via PAGE_KERNEL_RO. On 32 bit __supported_pte_mask starts off without NX in it and it gets added later if the system supports it. This is safe but means that the pages frobbed by the early Xen setup won't have NX set when they could (unless they all get frobbed again later?) On 64 bit __supported_pte_mask contains NX at start of day and it is taken away later on if the system turns out not to support it. Native seems to mainly use _KERNPG_TABLE which does not include NX, can you try this patch? (lots of printks because I don't have any non-NX hardware to test properly). diff -r ec792b22009f arch/x86/mm/init_64.c --- a/arch/x86/mm/init_64.c Fri Jan 23 15:27:45 2009 +0000 +++ b/arch/x86/mm/init_64.c Fri Jan 23 15:58:03 2009 +0000 @@ -103,12 +103,15 @@ */ static int __init nonx_setup(char *str) { + printk(KERN_CRIT "noexec_setup %s\n", str); if (!str) return -EINVAL; if (!strncmp(str, "on", 2)) { + printk(KERN_CRIT "noexec_setup: enabling NX\n"); __supported_pte_mask |= _PAGE_NX; do_not_nx = 0; } else if (!strncmp(str, "off", 3)) { + printk(KERN_CRIT "noexec_setup: disabling NX\n"); do_not_nx = 1; __supported_pte_mask &= ~_PAGE_NX; } @@ -121,8 +124,13 @@ unsigned long efer; rdmsrl(MSR_EFER, efer); - if (!(efer & EFER_NX) || do_not_nx) + if (!(efer & EFER_NX) || do_not_nx) { + printk(KERN_CRIT "check_efer: disabling NX\n"); __supported_pte_mask &= ~_PAGE_NX; + } else + printk(KERN_CRIT "check_efer: leaving NX alone. supported_pte_mask %s the NX bit\n", + __supported_pte_mask & _PAGE_NX ? "includes" : "excludes"); + } int force_personality32; diff -r ec792b22009f arch/x86/xen/enlighten.c --- a/arch/x86/xen/enlighten.c Fri Jan 23 15:27:45 2009 +0000 +++ b/arch/x86/xen/enlighten.c Fri Jan 23 15:58:03 2009 +0000 @@ -54,6 +54,9 @@ #include "xen-ops.h" #include "mmu.h" #include "multicalls.h" + +#define _KERNPG_TABLE_RO __pgprot(_KERNPG_TABLE & ~_PAGE_RW) //#define +_KERNPG_TABLE_RO (_KERNPG_TABLE) EXPORT_SYMBOL_GPL(hypercall_page); @@ -1476,6 +1479,15 @@ { unsigned long pfn = __pa(addr) >> PAGE_SHIFT; pte_t pte = pfn_pte(pfn, prot); + static int once = 5; + + if (once > 0 && pte_val(pte) & _PAGE_NX) { + once--; + printk(KERN_CRIT "set_page_prot to %#lx (incl NX) supported_pte_mask %#lx %s the NX bit\n", + pgprot_val(prot), __supported_pte_mask, __supported_pte_mask & _PAGE_NX ? "includes" : "excludes"); + printk(KERN_CRIT "pte is %#lx\n", pte_val(pte)); + WARN_ON(1); + } if (HYPERVISOR_update_va_mapping((unsigned long)addr, pte, 0)) BUG(); @@ -1522,9 +1534,9 @@ } for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE) - set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO); + set_page_prot(&level1_ident_pgt[pteidx], _KERNPG_TABLE_RO); - set_page_prot(pmd, PAGE_KERNEL_RO); + set_page_prot(pmd, _KERNPG_TABLE_RO); } static __init void xen_ident_map_ISA(void) @@ -1601,12 +1613,12 @@ xen_map_identity_early(level2_ident_pgt, max_pfn); /* Make pagetable pieces RO */ - set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); + set_page_prot(init_level4_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_ident_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_user_vsyscall, _KERNPG_TABLE_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level2_fixmap_pgt, _KERNPG_TABLE_RO); /* Pin down new L4 */ pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, @@ -1670,9 +1682,9 @@ set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY], __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT)); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO); - set_page_prot(empty_zero_page, PAGE_KERNEL_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(swapper_pg_dir, _KERNPG_TABLE_RO); + set_page_prot(empty_zero_page, _KERNPG_TABLE_RO); pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd))); From markmc at redhat.com Mon Jan 26 08:57:39 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Mon, 26 Jan 2009 08:57:39 +0000 Subject: [fedora-virt] Does KVM PCI Device Assignment allow guests to access firewire? In-Reply-To: <1232739490.22018.4.camel@localhost.localdomain> References: <1232739490.22018.4.camel@localhost.localdomain> Message-ID: <1232960259.3724.25.camel@blaa> Hi Wayne, On Fri, 2009-01-23 at 11:38 -0800, Wayne Feick wrote: > https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment > > The work on PCI device assignment looks like it might allow guests to > access a firewire device. Can anyone confirm or deny whether that will > be the case? Personally, I have no idea - when we have all the bits in place you could just give it a try. > Specifically, I currently run Linux as my desktop and Windows in a > VMware guest for software like Adobe Premiere. This arrangement lets > me do video editing, but not video capture from firewire since VMware > doesn't support it. If KVM allows me to run a Windows guest that will > be able to do capture video from the firewire port, I'll be switching > away from VMware. You could re-send all this to kvm at vger.kernel.org - you might get a definite answer, or even someone interested in working on it and needing testers. Cheers, Mark. From crobinso at redhat.com Mon Jan 26 20:02:23 2009 From: crobinso at redhat.com (Cole Robinson) Date: Mon, 26 Jan 2009 15:02:23 -0500 Subject: [fedora-virt] [ANNOUNCE] New release virt-manager 0.6.1 Message-ID: <497E16CF.2080209@redhat.com> I'm happy to announce a new virt-manager release, version 0.6.1. The release can be downloaded from: http://virt-manager.org/download.html The direct download link is: http://virt-manager.org/download/sources/virt-manager/virt-manager-0.6.1.tar.gz This release includes: - VM disk and network stats reporting (Guido Gunther) - VM Migration support (Shigeki Sakamoto) - Support for adding sound devices to an existing VM - Enumerate host devices attached to an existing VM - Allow specifying a device model when adding a network device to an existing VM - Combine the serial console view with the VM Details window - Allow connection to multiple VM serial consoles - Bug fixes and many minor improvements. Thanks to everyone who has contributed to this release through testing, bug reporting, submitting patches, and otherwise sending in feedback! Thanks, Cole From crobinso at redhat.com Mon Jan 26 20:02:32 2009 From: crobinso at redhat.com (Cole Robinson) Date: Mon, 26 Jan 2009 15:02:32 -0500 Subject: [fedora-virt] [ANNOUNCE] New release virtinst 0.400.1 Message-ID: <497E16D8.8080601@redhat.com> I'm happy to announce a new virtinst release, version 0.4.1. The release can be downloaded from: http://virt-manager.org/download.html The direct download link is: http://virt-manager.org/download/sources/virtinst/virtinst-0.400.1.tar.gz This release includes: - Add virt-image -> vmx support to virt-convert, replacing virt-pack (Joey Boggs) - Add disk checksum support to virt-image (Joey Boggs) - Enhanced URL install support: Debian Xen paravirt, Ubuntu kernel and boot.iso, Mandriva kernel, and Solaris Xen Paravirt (Guido Gunther, John Levon, Cole Robinson) - Expanded test suite - Numerous bug fixes, cleanups, and minor improvements Thanks to everyone who has contributed to this release through testing, bug reporting, submitting patches, and otherwise sending in feedback! Thanks, Cole From waf at brunz.org Tue Jan 27 06:32:51 2009 From: waf at brunz.org (Wayne Feick) Date: Tue, 27 Jan 2009 06:32:51 +0000 Subject: [fedora-virt] running Vista under KVM Message-ID: <1233037971.27627.58.camel@localhost.localdomain> I've been trying to experiment with running Vista under KVM today, but I'm running into a cryptic error message that doesn't mean much to me: Unable to complete install ' internal error QEMU quit during console startup Traceback (most recent call last): File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install dom = guest.start_install(False, meter = meter) File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install return self._do_install(consolecb, meter, removeOld, wait) File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install self.domain = self.conn.createLinux(install_xml, 0) File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) libvirtError: internal error QEMU quit during console startup ' Here is what I did. I made sure libvirtd was running, launched Applications -> System Tools -> Virtual Machine Manager and walked my way through the wizard screens until I get to the "Ready to begin installation" screen. Summary Virtualization method: Fully virtualized Initial memory: 512 MB Maximum memory: 512 MB Virtual CPUs: 1 Install media Operating System: Microsoft Windows Vista Installation source: /home/waf/vista64.iso Kiskstart source: Storage Disk image: /var/lib/libvirt/images/Vista-1.img Disk size: 4000 MB Network Connection type: Virtual network Target: default MAC address: - Sound Enable Audio: True When I select Finish, I get a popup window with the error message. I have the right processor capabilities to virtualize. It's a Core 2 T7200 with the following flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr lahf_lm I can't seem to find a good KVM quick start guide on fedoraproject.org. Any pointers would be greatly appreciated. Wayne. From markmc at redhat.com Tue Jan 27 07:55:22 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Tue, 27 Jan 2009 07:55:22 +0000 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233037971.27627.58.camel@localhost.localdomain> References: <1233037971.27627.58.camel@localhost.localdomain> Message-ID: <1233042922.4789.11.camel@blaa> Hi Wayne, On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: > I've been trying to experiment with running Vista under KVM today, but > I'm running into a cryptic error message that doesn't mean much to me: > > Unable to complete install ' internal error QEMU quit during console startup > > Traceback (most recent call last): > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install > dom = guest.start_install(False, meter = meter) > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install > return self._do_install(consolecb, meter, removeOld, wait) > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install > self.domain = self.conn.createLinux(install_xml, 0) > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) > libvirtError: internal error QEMU quit during console startup > > ' See this page: https://fedoraproject.org/wiki/Reporting_virtualization_bugs Is there anything interesting in the log in /var/log/libvirt/qemu? Thanks, Mark. From markmc at redhat.com Tue Jan 27 10:19:45 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Tue, 27 Jan 2009 10:19:45 +0000 Subject: [fedora-virt] F11 features - Shared Network Interface In-Reply-To: <1232625199.4964.35.camel@blaa> References: <1232625199.4964.35.camel@blaa> Message-ID: <1233051585.4789.39.camel@blaa> Hi, Another one: https://fedoraproject.org/wiki/Features/Shared_Network_Interface "Enable guest virtual machines to share a physical network interface (NIC) with other guests and the host operating system. This allows guests to independently appear on the same network as the host machine." Cheers, Mark. From waf at brunz.org Tue Jan 27 17:52:15 2009 From: waf at brunz.org (Wayne Feick) Date: Tue, 27 Jan 2009 09:52:15 -0800 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233042922.4789.11.camel@blaa> References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> Message-ID: <1233078735.4099.10.camel@localhost.localdomain> On Tue, 2009-01-27 at 07:55 +0000, Mark McLoughlin wrote: > Hi Wayne, > > On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: > > I've been trying to experiment with running Vista under KVM today, but > > I'm running into a cryptic error message that doesn't mean much to me: > > > > Unable to complete install ' internal error QEMU quit during console startup > > > > Traceback (most recent call last): > > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install > > dom = guest.start_install(False, meter = meter) > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install > > return self._do_install(consolecb, meter, removeOld, wait) > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install > > self.domain = self.conn.createLinux(install_xml, 0) > > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux > > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) > > libvirtError: internal error QEMU quit during console startup > > > > ' > > See this page: > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > Is there anything interesting in the log in /var/log/libvirt/qemu? > > Thanks, > Mark. > Thanks, Mark. I was looking in /var/log/messages, but hadn't found /var/log/libvirt/qemu. Here's what it says: Supported machines are: xenfv Xen Fully-virtualized PC (default) xenpv Xen Para-virtualized PC I eventually figured out that some more services needed to be started, but I wasn't entirely sure which. After a reboot, things seem to be working. So the key point is that you can't just install the Fedora 11 virtualization group and go, you have to either reboot first, or figure out which services need to be started. Now I just need to figure out why the 64-bit Vista install fails with a blue screen showing: *** STOP: 0x000000A5 (0x0001000B,0x50434146,0xFFD0702C,0x00000000) Wayne. From valtteri.kiviniemi at dataproof.fi Tue Jan 27 17:42:10 2009 From: valtteri.kiviniemi at dataproof.fi (Valtteri Kiviniemi) Date: Tue, 27 Jan 2009 19:42:10 +0200 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: <1232498753.3016.15.camel@phills901.wwoffice.com.au> References: <1232447249.24817.22.camel@blaa> <1232471001.22248.111.camel@zakaz.uk.xensource.com> <1232498753.3016.15.camel@phills901.wwoffice.com.au> Message-ID: <497F4772.50807@dataproof.fi> Hi, I can confirm this. With NX enabled in BIOS the domU boots fine (tested with 2.6.28). If I disable NX in BIOS the domU will crash. - Valtteri Kiviniemi Virtualization kirjoitti: > Hi Ian, > > Indeed nx is on one and not the other! However, that doesn't help... > > Broken CPU: > /proc/cpuinfo: > model name : Intel(R) Xeon(TM) CPU 3.00GHz > flags : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall lm constant_tsc up pni monitor ds_cpl cid cx16 xtpr > > Good CPU: > model name : AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow rep_good pni cx16 lahf_lm cmp_legacy svm extapic cr8_legacy 3dnowprefetch > > So, ran it again with noexec=0, > > [ Minimal BASH-like line editing is supported. > ESC at any time cancels. ENTER at any time accepts your changes. ] > > > > kernel /vmlinuz-2.6.27.9-159.fc10.x86_64 ro root=LABEL=/ selinux=0 noipv6 nomodeset noexec=off > > Results: > > [ root at office64 xen ]# /usr/lib64/xen/bin/xenctx -s System.map-2.6.27.9-159.fc10.x86_64 119 > rip: ffffffff8100b8a2 set_page_prot+0x6d > rsp: ffffffff81575f08 > rax: ffffffea rbx: 000016e4 rcx: 00000055 rdx: 00000000 > rsi: 800000014a293061 rdi: ffffffff816e4000 rbp: ffffffff81575f68 > r8: 0000000f r9: ffffffff817ee350 r10: ffffffff817ee550 r11: 00000010 > r12: ffffffff816e4000 r13: 800000014a293061 r14: 8000000000000161 r15: 00002c00 > cs: 0000e033 ds: 00000000 fs: 00000000 gs: 00000000 > > Stack: > 0000000000000055 0000000000000010 ffffffff8100b8a2 000000010000e030 > 0000000000010082 ffffffff81575f48 000000000000e02b ffffffff8100b89e > 0000000000000200 ffffffff816e7000 0000000000000800 0000000000000016 > ffffffff81575ff8 ffffffff815a5c60 0000000000002c00 0000000000000000 > > Code: > df 54 1d 00 4c 89 e7 4c 89 ee 31 d2 e8 22 d9 ff ff 85 c0 74 04 <0f> 0b eb fe 5b 41 5c 41 5d 41 5e > > Call Trace: > [] set_page_prot+0x6d <-- > [] set_page_prot+0x6d > [] set_page_prot+0x69 > [] xen_start_kernel+0x5dd > > Battling with bugzilla trying to get a new account. It doesn't like me :-( > > Might have to leave it up to Jon to do the bugzilla thing. > > Cheers > Phill. > > On Tue, 2009-01-20 at 17:03 +0000, Ian Campbell wrote: >> (resending with original xen-devel thread participants on CC, please >> reply to this subthread, I'll forward you guys Mark's original mail in a >> second) >> >> On Tue, 2009-01-20 at 10:27 +0000, Mark McLoughlin wrote: >>> if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) >>> { >>> MEM_LOG("Bad L1 flags %x", >>> l1e_get_flags(nl1e) & L1_DISALLOW_MASK); >>> return 0; >>> } >>> ... >>> } >>> >>> the PTE flags are 800000 which corresponds to: >>> >>> #define _PAGE_NX_BIT (1U<<23) >> At least in xen-unstable (and I think for much longer) L1_DISALLOW_MASK >> contains _PAGE_NX_BIT dynamically depending on the processor >> capabilities. >> >> #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) >> ... >> /* >> * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL. >> * Permit the NX bit if the hardware supports it. >> */ >> #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) >> >> #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) >> >> Does the hardware support NX? What does /proc/cpuinfo in dom0 think? >> >> The guest kernel should be setting up __supported_pte_mask appropriately >> to match the hardware and hence shouldn't be using NX if it isn't >> available. There's a command line option to force NX, can you try >> noexec=off on the guest command line. >> >> My guess would be that the guest is getting a wrong EFER from >> somewhere... >> >> Ian. >> >> > From markmc at redhat.com Tue Jan 27 18:19:12 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Tue, 27 Jan 2009 18:19:12 +0000 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233078735.4099.10.camel@localhost.localdomain> References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> <1233078735.4099.10.camel@localhost.localdomain> Message-ID: <1233080352.4789.73.camel@blaa> On Tue, 2009-01-27 at 09:52 -0800, Wayne Feick wrote: > On Tue, 2009-01-27 at 07:55 +0000, Mark McLoughlin wrote: > > Hi Wayne, > > > > On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: > > > I've been trying to experiment with running Vista under KVM today, but > > > I'm running into a cryptic error message that doesn't mean much to me: > > > > > > Unable to complete install ' internal error QEMU quit during console startup > > > > > > Traceback (most recent call last): > > > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install > > > dom = guest.start_install(False, meter = meter) > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install > > > return self._do_install(consolecb, meter, removeOld, wait) > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install > > > self.domain = self.conn.createLinux(install_xml, 0) > > > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux > > > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) > > > libvirtError: internal error QEMU quit during console startup > > > > > > ' > > > > See this page: > > > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > > > Is there anything interesting in the log in /var/log/libvirt/qemu? > > > > Thanks, > > Mark. > > > > Thanks, Mark. I was looking in /var/log/messages, but hadn't > found /var/log/libvirt/qemu. Here's what it says: > > Supported machines are: > xenfv Xen Fully-virtualized PC (default) > xenpv Xen Para-virtualized PC > > I eventually figured out that some more services needed to be started, > but I wasn't entirely sure which. After a reboot, things seem to be > working. > > So the key point is that you can't just install the Fedora 11 > virtualization group and go, you have to either reboot first, or figure > out which services need to be started. Interesting indeed. I haven't seen that in my own testing. Please file a bug against Fedora/libvirt in bugzilla.redhat.com. Thanks much, Mark. From lutter at redhat.com Tue Jan 27 22:31:44 2009 From: lutter at redhat.com (David Lutterkort) Date: Tue, 27 Jan 2009 22:31:44 +0000 Subject: [fedora-virt] Re: virt-p2v In-Reply-To: <20090122202437.GA15629@amd.home.annexia.org> References: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> <20090122202437.GA15629@amd.home.annexia.org> Message-ID: <1233095504.32681.29.camel@localhost.localdomain> On Thu, 2009-01-22 at 20:24 +0000, Richard W.M. Jones wrote: > On Thu, Jan 22, 2009 at 10:34:22AM -0800, Brian Krusic wrote: > > I've used virt-p2v many times with great success. > > > > However I have an issue. > > > > I've always converted hosts having small disks of around 35G over to > > domUs but have an issue were my current host in need of being > > virtualized has a physical disk of 400G but its / partition is only 35G, > > the rest of the drive is unallocated/unpartitioned and therefore unused. > [...] > > I obviously don't want to migrate the entire 400G disk as it only has a > > 35G root partition (ext3, no LVMs in this case). > > Oh dear, this is a problem :-( > > The answer unfortunately is that virt-p2v currently doesn't support > this - we can only migrate whole block devices. As I understand Brian, the block device is whatever / is mounted on, a 25G partition, and it shouldn't matter how big the actual disk is containing the partition. David From cochranb at speakeasy.net Wed Jan 28 03:28:14 2009 From: cochranb at speakeasy.net (Robert L Cochran) Date: Tue, 27 Jan 2009 22:28:14 -0500 Subject: [fedora-virt] How To Get Fedora 10 Guest To See USB Device? Message-ID: <497FD0CE.5010100@speakeasy.net> Here is the xml I have for my Fedora 10 guest machine running in my Fedora 10 host machine. Question: if I plug a USB flash drive into the host, how do I make that accessible (as in readable and writable) to the guest machine? Look at the ebtry I have coded below. I must be doing something wrong because when I: *plug the flash drive in to the host *verify the drive is mounted on the host *start the guest the guest cannot see that flash drive. Is the xml formatted incorrectly? Or do I have to do something in the guest? Or do I need to plug the flash drive in after starting the guest? fedora10x64 33e7e731-4e18-dd90-222e-b1df83a76cad 2097152 2097152 1 hvm destroy restart restart /usr/bin/qemu-kvm ------------------------------------------------------------------ Thanks much! Bob Cochran From waf at brunz.org Wed Jan 28 05:12:06 2009 From: waf at brunz.org (Wayne Feick) Date: Tue, 27 Jan 2009 21:12:06 -0800 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233078735.4099.10.camel@localhost.localdomain> References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> <1233078735.4099.10.camel@localhost.localdomain> Message-ID: <1233119526.11203.8.camel@localhost.localdomain> On Tue, 2009-01-27 at 09:52 -0800, Wayne Feick wrote: > On Tue, 2009-01-27 at 07:55 +0000, Mark McLoughlin wrote: > > Hi Wayne, > > > > On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: > > > I've been trying to experiment with running Vista under KVM today, but > > > I'm running into a cryptic error message that doesn't mean much to me: > > > > > > Unable to complete install ' internal error QEMU quit during console startup > > > > > > Traceback (most recent call last): > > > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install > > > dom = guest.start_install(False, meter = meter) > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install > > > return self._do_install(consolecb, meter, removeOld, wait) > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install > > > self.domain = self.conn.createLinux(install_xml, 0) > > > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux > > > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) > > > libvirtError: internal error QEMU quit during console startup > > > > > > ' > > > > See this page: > > > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > > > Is there anything interesting in the log in /var/log/libvirt/qemu? > > > > Thanks, > > Mark. > > > > Thanks, Mark. I was looking in /var/log/messages, but hadn't > found /var/log/libvirt/qemu. Here's what it says: > > Supported machines are: > xenfv Xen Fully-virtualized PC (default) > xenpv Xen Para-virtualized PC > > I eventually figured out that some more services needed to be started, > but I wasn't entirely sure which. After a reboot, things seem to be > working. > > So the key point is that you can't just install the Fedora 11 > virtualization group and go, you have to either reboot first, or figure > out which services need to be started. > > Now I just need to figure out why the 64-bit Vista install fails with a > blue screen showing: > > *** STOP: 0x000000A5 (0x0001000B,0x50434146,0xFFD0702C,0x00000000) > > Wayne. And just for posterity in case someone else finds this thread while searching for a solution, I needed to enable virtualization in my BIOS as well. Vista is now running in all its 64-bit glory inside a cage on linux. Wayne. -------------- next part -------------- An HTML attachment was scrubbed... URL: From markmc at redhat.com Wed Jan 28 09:34:32 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Wed, 28 Jan 2009 09:34:32 +0000 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233080352.4789.73.camel@blaa> References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> <1233078735.4099.10.camel@localhost.localdomain> <1233080352.4789.73.camel@blaa> Message-ID: <1233135272.22103.14.camel@blaa> Hi Wayne, On Tue, 2009-01-27 at 18:19 +0000, Mark McLoughlin wrote: > On Tue, 2009-01-27 at 09:52 -0800, Wayne Feick wrote: > > On Tue, 2009-01-27 at 07:55 +0000, Mark McLoughlin wrote: > > > Hi Wayne, > > > > > > On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: > > > > I've been trying to experiment with running Vista under KVM today, but > > > > I'm running into a cryptic error message that doesn't mean much to me: > > > > > > > > Unable to complete install ' internal error QEMU quit during console startup > > > > > > > > Traceback (most recent call last): > > > > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install > > > > dom = guest.start_install(False, meter = meter) > > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install > > > > return self._do_install(consolecb, meter, removeOld, wait) > > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install > > > > self.domain = self.conn.createLinux(install_xml, 0) > > > > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux > > > > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) > > > > libvirtError: internal error QEMU quit during console startup > > > > > > > > ' > > > > > > See this page: > > > > > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs > > > > > > Is there anything interesting in the log in /var/log/libvirt/qemu? > > > > > > Thanks, > > > Mark. > > > > > > > Thanks, Mark. I was looking in /var/log/messages, but hadn't > > found /var/log/libvirt/qemu. Here's what it says: > > > > Supported machines are: > > xenfv Xen Fully-virtualized PC (default) > > xenpv Xen Para-virtualized PC > > > > I eventually figured out that some more services needed to be started, > > but I wasn't entirely sure which. After a reboot, things seem to be > > working. > > > > So the key point is that you can't just install the Fedora 11 > > virtualization group and go, you have to either reboot first, or figure > > out which services need to be started. > > Interesting indeed. I haven't seen that in my own testing. Please file a > bug against Fedora/libvirt in bugzilla.redhat.com. Have you filed that bug? I can't seem to find it, but that's not unusual with bugzilla :-) Thanks, Mark. From brian at krusic.com Tue Jan 27 23:11:16 2009 From: brian at krusic.com (Brian Krusic) Date: Tue, 27 Jan 2009 15:11:16 -0800 Subject: [fedora-virt] Re: virt-p2v In-Reply-To: <1233095504.32681.29.camel@localhost.localdomain> References: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> <20090122202437.GA15629@amd.home.annexia.org> <1233095504.32681.29.camel@localhost.localdomain> Message-ID: <984D3B54-08F6-46D6-B1F1-667221159607@krusic.com> Hi David, Well, my / is 25G however the image that gets produced is 400G. The 400G is that actual size of my entire disk but I only have a 25G partition defined, the rest of the drive is blank other then for a small swap partition. - Brian On Jan 27, 2009, at 2:31 PM, David Lutterkort wrote: > On Thu, 2009-01-22 at 20:24 +0000, Richard W.M. Jones wrote: >> On Thu, Jan 22, 2009 at 10:34:22AM -0800, Brian Krusic wrote: >>> I've used virt-p2v many times with great success. >>> >>> However I have an issue. >>> >>> I've always converted hosts having small disks of around 35G over to >>> domUs but have an issue were my current host in need of being >>> virtualized has a physical disk of 400G but its / partition is >>> only 35G, >>> the rest of the drive is unallocated/unpartitioned and therefore >>> unused. >> [...] >>> I obviously don't want to migrate the entire 400G disk as it only >>> has a >>> 35G root partition (ext3, no LVMs in this case). >> >> Oh dear, this is a problem :-( >> >> The answer unfortunately is that virt-p2v currently doesn't support >> this - we can only migrate whole block devices. > > As I understand Brian, the block device is whatever / is mounted on, a > 25G partition, and it shouldn't matter how big the actual disk is > containing the partition. > > David > > From rjones at redhat.com Wed Jan 28 10:47:09 2009 From: rjones at redhat.com (Richard W.M. Jones) Date: Wed, 28 Jan 2009 10:47:09 +0000 Subject: [fedora-virt] Re: virt-p2v In-Reply-To: <1233095504.32681.29.camel@localhost.localdomain> References: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> <20090122202437.GA15629@amd.home.annexia.org> <1233095504.32681.29.camel@localhost.localdomain> Message-ID: <20090128104709.GD23486@amd.home.annexia.org> On Tue, Jan 27, 2009 at 10:31:44PM +0000, David Lutterkort wrote: > On Thu, 2009-01-22 at 20:24 +0000, Richard W.M. Jones wrote: > > On Thu, Jan 22, 2009 at 10:34:22AM -0800, Brian Krusic wrote: > > > I've used virt-p2v many times with great success. > > > > > > However I have an issue. > > > > > > I've always converted hosts having small disks of around 35G over to > > > domUs but have an issue were my current host in need of being > > > virtualized has a physical disk of 400G but its / partition is only 35G, > > > the rest of the drive is unallocated/unpartitioned and therefore unused. > > [...] > > > I obviously don't want to migrate the entire 400G disk as it only has a > > > 35G root partition (ext3, no LVMs in this case). > > > > Oh dear, this is a problem :-( > > > > The answer unfortunately is that virt-p2v currently doesn't support > > this - we can only migrate whole block devices. > > As I understand Brian, the block device is whatever / is mounted on, a > 25G partition, and it shouldn't matter how big the actual disk is > containing the partition. Unfortunately not - virt-p2v can only migrate whole disks. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v From rjones at redhat.com Wed Jan 28 10:54:15 2009 From: rjones at redhat.com (Richard W.M. Jones) Date: Wed, 28 Jan 2009 10:54:15 +0000 Subject: [fedora-virt] Re: virt-p2v In-Reply-To: <984D3B54-08F6-46D6-B1F1-667221159607@krusic.com> References: <57FF8323-16BE-4E80-B450-ACA77C75705A@krusic.com> <20090122202437.GA15629@amd.home.annexia.org> <1233095504.32681.29.camel@localhost.localdomain> <984D3B54-08F6-46D6-B1F1-667221159607@krusic.com> Message-ID: <20090128105415.GF23486@amd.home.annexia.org> On Tue, Jan 27, 2009 at 03:11:16PM -0800, Brian Krusic wrote: > Hi David, > > Well, my / is 25G however the image that gets produced is 400G. > > The 400G is that actual size of my entire disk but I only have a 25G > partition defined, the rest of the drive is blank other then for a small > swap partition. We completely need a way to manipulate disk images - eg. resize LVM partitions, read out data from filesystems nested inside partitions inside LVM, etc etc. In other words, a non-broken gparted. virt-df has much of the machinery required to do this. Turn it into a library, package it up ... If only I had the time. Rich. -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top From itamar at ispbrasil.com.br Wed Jan 28 23:11:19 2009 From: itamar at ispbrasil.com.br (Itamar Reis Peixoto) Date: Wed, 28 Jan 2009 21:11:19 -0200 Subject: [fedora-virt] running Vista under KVM In-Reply-To: <1233135272.22103.14.camel@blaa> References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> <1233078735.4099.10.camel@localhost.localdomain> <1233080352.4789.73.camel@blaa> <1233135272.22103.14.camel@blaa> Message-ID: here are the bug https://bugzilla.redhat.com/show_bug.cgi?id=468024 On Wed, Jan 28, 2009 at 7:34 AM, Mark McLoughlin wrote: > Hi Wayne, > > On Tue, 2009-01-27 at 18:19 +0000, Mark McLoughlin wrote: >> On Tue, 2009-01-27 at 09:52 -0800, Wayne Feick wrote: >> > On Tue, 2009-01-27 at 07:55 +0000, Mark McLoughlin wrote: >> > > Hi Wayne, >> > > >> > > On Tue, 2009-01-27 at 06:32 +0000, Wayne Feick wrote: >> > > > I've been trying to experiment with running Vista under KVM today, but >> > > > I'm running into a cryptic error message that doesn't mean much to me: >> > > > >> > > > Unable to complete install ' internal error QEMU quit during console startup >> > > > >> > > > Traceback (most recent call last): >> > > > File "/usr/share/virt-manager/virtManager/create.py", line 723, in do_install >> > > > dom = guest.start_install(False, meter = meter) >> > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 732, in start_install >> > > > return self._do_install(consolecb, meter, removeOld, wait) >> > > > File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line 767, in _do_install >> > > > self.domain = self.conn.createLinux(install_xml, 0) >> > > > File "/usr/lib64/python2.5/site-packages/libvirt.py", line 915, in createLinux >> > > > if ret is None:raise libvirtError('virDomainCreateLinux() failed', conn=self) >> > > > libvirtError: internal error QEMU quit during console startup >> > > > >> > > > ' >> > > >> > > See this page: >> > > >> > > https://fedoraproject.org/wiki/Reporting_virtualization_bugs >> > > >> > > Is there anything interesting in the log in /var/log/libvirt/qemu? >> > > >> > > Thanks, >> > > Mark. >> > > >> > >> > Thanks, Mark. I was looking in /var/log/messages, but hadn't >> > found /var/log/libvirt/qemu. Here's what it says: >> > >> > Supported machines are: >> > xenfv Xen Fully-virtualized PC (default) >> > xenpv Xen Para-virtualized PC >> > >> > I eventually figured out that some more services needed to be started, >> > but I wasn't entirely sure which. After a reboot, things seem to be >> > working. >> > >> > So the key point is that you can't just install the Fedora 11 >> > virtualization group and go, you have to either reboot first, or figure >> > out which services need to be started. >> >> Interesting indeed. I haven't seen that in my own testing. Please file a >> bug against Fedora/libvirt in bugzilla.redhat.com. > > Have you filed that bug? I can't seem to find it, but that's not unusual > with bugzilla :-) > > Thanks, > Mark. > > _______________________________________________ > Fedora-virt mailing list > Fedora-virt at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-virt > -- ------------ Itamar Reis Peixoto e-mail/msn: itamar at ispbrasil.com.br sip: itamar at ispbrasil.com.br skype: itamarjp icq: 81053601 +55 11 4063 5033 +55 34 3221 8599 From jameshubbard at gmail.com Thu Jan 29 02:34:45 2009 From: jameshubbard at gmail.com (James Hubbard) Date: Wed, 28 Jan 2009 21:34:45 -0500 Subject: [fedora-virt] selinux /dev/net/tun Message-ID: I have a windows xp guest working using qemu-kvm with "-net nic -net user". I'm attempting to use bridging. I've created the br0 interface and modified my eth0 file. Bridging seems to be working. I'm able to access the machine from other places. When I try to start qemu-kvm with these options "-net nic,macaddr=11:22:33:44:55:66 -net tap" I get this error: warning: could not configure /dev/net/tun: no virtual network emulation Could not initialize device 'tap' These errors are in /var/log/messages. setroubleshoot: SELinux is preventing qemu-kvm (qemu_t) "read write" to tun (virt_image_t). For complete SELinux messages. run sealert -l 2ca593ab-ec5f-407b-a6d5-291abc0b2e29 setroubleshoot: SELinux is preventing chcon (unconfined_t) "mac_admin" unconfined_t. For complete SELinux messages. run sealert -l 94da622e-0446-455d-bd85-da5f9d486b7b setroubleshoot: SELinux is preventing qemu-kvm (qemu_t) "net_admin" qemu_t. For complete SELinux messages. run sealert -l 9ab69ab1-ce67-442f-a628-f1909914a52f Any suggestions? -- James Hubbard From markmc at redhat.com Thu Jan 29 08:41:39 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Thu, 29 Jan 2009 08:41:39 +0000 Subject: [fedora-virt] running Vista under KVM In-Reply-To: References: <1233037971.27627.58.camel@localhost.localdomain> <1233042922.4789.11.camel@blaa> <1233078735.4099.10.camel@localhost.localdomain> <1233080352.4789.73.camel@blaa> <1233135272.22103.14.camel@blaa> Message-ID: <1233218499.6470.11.camel@blaa> Hi Itamar, On Wed, 2009-01-28 at 21:11 -0200, Itamar Reis Peixoto wrote: > here are the bug > > > https://bugzilla.redhat.com/show_bug.cgi?id=468024 "qemu-kvm crashing with windows vista" This is a different issue than the one Wayne was seeing. Thanks for filing the report, and sorry that no developers have gotten to it yet. It's one of those bugs that needs a developer to sit down, reproduce it and debug it. Perhaps you could try the rawhide version of qemu-kvm? http://koji.fedoraproject.org/koji/buildinfo?buildID=79590 If the bug still exists with that, you could also try going here: http://kvm.qumranet.com/kvmwiki/Downloads downloading kvm-83 and building kvm.ko. That way developers can know whether it's a bug that has been fixed upstream since kvm-74 was released. Thanks, Mark. From markmc at redhat.com Thu Jan 29 08:52:29 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Thu, 29 Jan 2009 08:52:29 +0000 Subject: [fedora-virt] selinux /dev/net/tun In-Reply-To: References: Message-ID: <1233219149.6470.13.camel@blaa> Hi James, On Wed, 2009-01-28 at 21:34 -0500, James Hubbard wrote: > I have a windows xp guest working using qemu-kvm with "-net nic -net > user". I'm attempting to use bridging. I've created the br0 interface > and modified my eth0 file. Bridging seems to be working. I'm able to > access the machine from other places. You follow the instructions here? http://wiki.libvirt.org/page/Networking > When I try to start qemu-kvm > with these options "-net nic,macaddr=11:22:33:44:55:66 -net tap" I get > this error: > warning: could not configure /dev/net/tun: no virtual network emulation > Could not initialize device 'tap' > > These errors are in /var/log/messages. > setroubleshoot: SELinux is preventing qemu-kvm (qemu_t) "read write" > to tun (virt_image_t). For complete SELinux messages. run sealert -l > 2ca593ab-ec5f-407b-a6d5-291abc0b2e29 Strange. Do what it says and run 'sealert -l ...' to help figure out what's wrong. Does e.g. 'restorecon /dev/net/tun' help? Cheers, Mark. From Ian.Campbell at citrix.com Fri Jan 30 11:40:07 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Fri, 30 Jan 2009 11:40:07 +0000 Subject: [fedora-virt] f10 x86_64 xen VM guests fail to boot on f8 host (guest setting NX bit in L1 PTE?) In-Reply-To: <497F4772.50807@dataproof.fi> References: <1232447249.24817.22.camel@blaa> <1232471001.22248.111.camel@zakaz.uk.xensource.com> <1232498753.3016.15.camel@phills901.wwoffice.com.au> <497F4772.50807@dataproof.fi> Message-ID: <1233315607.9970.17.camel@zakaz.uk.xensource.com> On Tue, 2009-01-27 at 19:42 +0200, Valtteri Kiviniemi wrote: > Hi, > > I can confirm this. With NX enabled in BIOS the domU boots fine (tested > with 2.6.28). > > If I disable NX in BIOS the domU will crash. Thanks for confirming. Did you get a chance to try the patch I sent? Ian. > > - Valtteri Kiviniemi > > Virtualization kirjoitti: > > Hi Ian, > > > > Indeed nx is on one and not the other! However, that doesn't help... > > > > Broken CPU: > > /proc/cpuinfo: > > model name : Intel(R) Xeon(TM) CPU 3.00GHz > > flags : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall lm constant_tsc up pni monitor ds_cpl cid cx16 xtpr > > > > Good CPU: > > model name : AMD Athlon(tm) 64 X2 Dual Core Processor 3600+ > > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow rep_good pni cx16 lahf_lm cmp_legacy svm extapic cr8_legacy 3dnowprefetch > > > > So, ran it again with noexec=0, > > > > [ Minimal BASH-like line editing is supported. > > ESC at any time cancels. ENTER at any time accepts your changes. ] > > > > > > > kernel /vmlinuz-2.6.27.9-159.fc10.x86_64 ro root=LABEL=/ selinux=0 noipv6 nomodeset noexec=off > > > > Results: > > > > [ root at office64 xen ]# /usr/lib64/xen/bin/xenctx -s System.map-2.6.27.9-159.fc10.x86_64 119 > > rip: ffffffff8100b8a2 set_page_prot+0x6d > > rsp: ffffffff81575f08 > > rax: ffffffea rbx: 000016e4 rcx: 00000055 rdx: 00000000 > > rsi: 800000014a293061 rdi: ffffffff816e4000 rbp: ffffffff81575f68 > > r8: 0000000f r9: ffffffff817ee350 r10: ffffffff817ee550 r11: 00000010 > > r12: ffffffff816e4000 r13: 800000014a293061 r14: 8000000000000161 r15: 00002c00 > > cs: 0000e033 ds: 00000000 fs: 00000000 gs: 00000000 > > > > Stack: > > 0000000000000055 0000000000000010 ffffffff8100b8a2 000000010000e030 > > 0000000000010082 ffffffff81575f48 000000000000e02b ffffffff8100b89e > > 0000000000000200 ffffffff816e7000 0000000000000800 0000000000000016 > > ffffffff81575ff8 ffffffff815a5c60 0000000000002c00 0000000000000000 > > > > Code: > > df 54 1d 00 4c 89 e7 4c 89 ee 31 d2 e8 22 d9 ff ff 85 c0 74 04 <0f> 0b eb fe 5b 41 5c 41 5d 41 5e > > > > Call Trace: > > [] set_page_prot+0x6d <-- > > [] set_page_prot+0x6d > > [] set_page_prot+0x69 > > [] xen_start_kernel+0x5dd > > > > Battling with bugzilla trying to get a new account. It doesn't like me :-( > > > > Might have to leave it up to Jon to do the bugzilla thing. > > > > Cheers > > Phill. > > > > On Tue, 2009-01-20 at 17:03 +0000, Ian Campbell wrote: > >> (resending with original xen-devel thread participants on CC, please > >> reply to this subthread, I'll forward you guys Mark's original mail in a > >> second) > >> > >> On Tue, 2009-01-20 at 10:27 +0000, Mark McLoughlin wrote: > >>> if ( unlikely(l1e_get_flags(nl1e) & L1_DISALLOW_MASK) ) > >>> { > >>> MEM_LOG("Bad L1 flags %x", > >>> l1e_get_flags(nl1e) & L1_DISALLOW_MASK); > >>> return 0; > >>> } > >>> ... > >>> } > >>> > >>> the PTE flags are 800000 which corresponds to: > >>> > >>> #define _PAGE_NX_BIT (1U<<23) > >> At least in xen-unstable (and I think for much longer) L1_DISALLOW_MASK > >> contains _PAGE_NX_BIT dynamically depending on the processor > >> capabilities. > >> > >> #define _PAGE_NX (cpu_has_nx ? _PAGE_NX_BIT : 0) > >> ... > >> /* > >> * Disallow unused flag bits plus PAT/PSE, PCD, PWT and GLOBAL. > >> * Permit the NX bit if the hardware supports it. > >> */ > >> #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) > >> > >> #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) > >> > >> Does the hardware support NX? What does /proc/cpuinfo in dom0 think? > >> > >> The guest kernel should be setting up __supported_pte_mask appropriately > >> to match the hardware and hence shouldn't be using NX if it isn't > >> available. There's a command line option to force NX, can you try > >> noexec=off on the guest command line. > >> > >> My guess would be that the guest is getting a wrong EFER from > >> somewhere... > >> > >> Ian. > >> > >> > > From markmc at redhat.com Fri Jan 30 12:42:45 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Fri, 30 Jan 2009 12:42:45 +0000 Subject: [fedora-virt] F11 features - sVirt Mandatory Access Control In-Reply-To: <1232625199.4964.35.camel@blaa> References: <1232625199.4964.35.camel@blaa> Message-ID: <1233319365.3989.79.camel@blaa> Hey, Yet another feature page: https://fedoraproject.org/wiki/SVirt_Mandatory_Access_Control Cheers, Mark. From Ian.Campbell at citrix.com Fri Jan 30 18:19:22 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Fri, 30 Jan 2009 18:19:22 +0000 Subject: [fedora-virt] [PATCH] xen: do not set NX bit when making initial pagetables readonly Message-ID: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> __supported_pte_mask has not been correctly configured at this point and Xen prevents us from using the NX bit if the hardware does not support it. Some BIOSes seem to offer the option to disable NX. Signed-off-by: Ian Campbell Cc: Mark McLoughlin Cc: Jon Swanson Cc: fedora-virt at redhat.com Cc: Jeremy Fitzhardinge Cc: Ingo Molnar --- arch/x86/xen/enlighten.c | 24 +++++++++++++----------- 1 files changed, 13 insertions(+), 11 deletions(-) diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c index bea2152..e705bdf 100644 --- a/arch/x86/xen/enlighten.c +++ b/arch/x86/xen/enlighten.c @@ -53,6 +53,8 @@ #include "mmu.h" #include "multicalls.h" +#define _KERNPG_TABLE_RO __pgprot(_KERNPG_TABLE & ~_PAGE_RW) + EXPORT_SYMBOL_GPL(hypercall_page); DEFINE_PER_CPU(struct vcpu_info *, xen_vcpu); @@ -1487,9 +1489,9 @@ static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn) } for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE) - set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO); + set_page_prot(&level1_ident_pgt[pteidx], _KERNPG_TABLE_RO); - set_page_prot(pmd, PAGE_KERNEL_RO); + set_page_prot(pmd, _KERNPG_TABLE_RO); } #ifdef CONFIG_X86_64 @@ -1543,12 +1545,12 @@ static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, xen_map_identity_early(level2_ident_pgt, max_pfn); /* Make pagetable pieces RO */ - set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); + set_page_prot(init_level4_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_ident_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level3_user_vsyscall, _KERNPG_TABLE_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(level2_fixmap_pgt, _KERNPG_TABLE_RO); /* Pin down new L4 */ pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, @@ -1597,9 +1599,9 @@ static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY], __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT)); - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); - set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO); - set_page_prot(empty_zero_page, PAGE_KERNEL_RO); + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); + set_page_prot(swapper_pg_dir, _KERNPG_TABLE_RO); + set_page_prot(empty_zero_page, _KERNPG_TABLE_RO); pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd))); -- 1.5.6.5 From markmc at redhat.com Fri Jan 30 18:29:27 2009 From: markmc at redhat.com (Mark McLoughlin) Date: Fri, 30 Jan 2009 18:29:27 +0000 Subject: [fedora-virt] Fedora virt status Message-ID: <1233340167.3989.155.camel@blaa> 2009-03-03 Feature freeze (32 days) 2009-03-10 Beta Freeze (39 days) 2009-04-14 Final freeze (74 days) Alpha Freeze, Take 2 ==================== Cole released new versions of virt-manager and virtinst releases: http://www.redhat.com/archives/fedora-virt/2009-January/msg00041.html http://www.redhat.com/archives/fedora-virt/2009-January/msg00042.html Unfortunately, no libvirt release, but more on that below. The biggest virt issue that we would have liked to get resolved the alpha is the infamous "unsynchronized TSC" issue which causes guests on certain hosts to hang or crash: https://bugzilla.redhat.com/475598 Juan Quintela is close to a fix suitable for sending upstream, but in the meantime we've applied a temporary fix to disable KVM's paravirt clock on those hosts. The current rawhide kernel has this fix and the upcoming 2.6.29 kernel for F-10 will have it too. On Monday, rel-eng met and decided to try for an alpha refresh using Tuesday's rawhide. A number of issues were found including: https://bugzilla.redhat.com/481716 rawhide anaconda traceback when installing KVM guest (yum-HEAD.patch) This turned out to be a problem with yum and was quickly fixed. There also were issues with latest yum that affected the tools for building the release tree and these were fixed. https://bugzilla.redhat.com/482907 f11alpha anaconda hanging when moving to timezone screen Initially KVM was accussed, but evidence was produced and we were granted a reprieve. Right now, the fingers are pointing at a bizarre GtkCheckButton related issue but no doubt the problem will turn out to be completely random. Plenty of fun to be had here if anyone is interested in helping. So, the alpha has definitely frozen now, but blockers are still being worked on. Fedora Weekly News ================== A new issue of FWN was posted with some nice virt coverage: http://fedoraproject.org/wiki/FWN/Issue160#Virtualization Thanks to Dale Bewley. Fedora 10 Kernel ================ Plans have changed, F10 is going to get 2.6.29: https://www.redhat.com/archives/fedora-kernel-list/2009-January/msg00098.html Initial builds are available in Koji for testing. libvirt ======= Work in preparation for a new release has been ongoing all week. The release is likely to happen this weekend. Some highlights from the week: - Lots and lots of fixes - libvirt_proxy vulvnerability: http://thread.gmane.org/gmane.comp.emulators.libvirt/11459 - qemu disk format support, including support for COW backing stores - virtio GSO is now enabled for KVM guests where appropriate PCI Device Assignment ===================== https://fedoraproject.org/wiki/Features/KVM_PCI_Device_Assignment This came up for review by FESCo this week and received a very positive reception - seven +1s. Lots of time was spent discussing, but most questions seemed to be just FESCo member's personal interest in the feature rather than any real concerns over whether it should be approved. Kevin Fenzi (nirik) and Dennis Gilmore (dgilmore) both mentioned that they're using TDM cards with Asterisk and would like to be able to move this service into a KVM guest. Supporting these cards are on of the most common requests. Some time was spent discussing exactly what PCI devices can be assigned. The first requirement is VT-d and AMD IOMMU. PCIe devices should work well. Multiple conventional PCI devices on the same bridge can't be assigned to different guests. Graphics cards won't work for now. Will Woods asked about VT-d support causing issues with some BIOSes. Fedora disabled CONFIG_DMAR in May because of this issue but it has been re-enabled recently again. The goal is to resolve any of these issues, perhaps through blacklisting. Any users experiencing issues should try disabling DMAR with intel_iommu=off and report to iommu at lists.linux-foundation.org if that fixes their problem. On the testing front, basic device assignment seems to be working. Assigning an e1000e device to a guest using qemu-kvm directly from the command line works fine. One issue is that rawhide was missing the pci-stub module: https://bugzilla.redhat.com/482792 but that's now resolved. A more serious issue is "TX Unit Hang" problems when trying to do an install using an assigned NIC. These warnings seems to be a suggest that the NIC isn't being fully reset before being used. CONFIG_DMAR =========== Related to PCI device assignment are Intel VT-d issues that have been reported recently. Basically, on some machines - e.g. Lenovo x200, Dell Precision T5400 and Dell Latitude E6400 - VT-d support is causing serious and, in one case, data loss. Kyle Martin sensibly made intel_iommu=off the default in rawhide: * Fri Jan 23 2009 Kyle McMartin - disable intel_iommu by default (enable with "intel_iommu=on") and has sent his patch to do so upstream. More details on the issue: https://bugzilla.redhat.com/479996 http://bugzilla.kernel.org/show_bug.cgi?id=12578 https://lists.linux-foundation.org/pipermail/iommu/2009-January/001028.html David Woodhouse has promised to dig into it next week. Bhavesh Davda and Adar Dembo from VMware are both working on the issue too. Adar tried DMA_API_DEBUG, but no driver issues were uncovered. Disk Access Errors ================== Dan Walsh and Cole have been looking into how to solve the issue of qemu blowing up when it doesn't have access to disk images because e.g. it was downloaded to a user's homedir and doesn't have the appropriate SELinux label. One suggestion is to add a qemuaccess program which would be run early on by virt-managerto check that qemu will have access. That way the problem could be reported earlier to the user in a manner that is easier to diagnose. sVirt ===== A new F11 feature page has been posted: https://fedoraproject.org/wiki/SVirt_Mandatory_Access_Control "sVirt integrates SELinux with the Fedora virtualization stack to allow Mandatory Access Control (MAC) security be applied to guest virtual machines. Amongst other things, this prevents a security bug in the hypervisor from allowing guests to attack the host or one another." James Morris is hacking away on adding this to libvirt. Dan Walsh is going to handle making sure it works well for Fedora. Fedora Package Updates ====================== A discussion around what a Fedora package update description should contain generated a wide discussion around how package maintainers should handles updates in general. Some guidelines have been proposed here: https://fedoraproject.org/wiki/User:Markmc/Draft_package_update_guidelines These guidelines are virt specific, but might interest virt package maintainers. pv_ops ====== Jeremy Fitzhardinge has posted some patches to reduce the overhead of enabling paravirt_ops on bare-metal: http://lkml.org/lkml/2009/1/28/438 "In testing, the net result was that the overhead dropped by about 75%" Fedora's kernel has pv_ops enabled, of course, so this should prove a nice win. bugs ==== DOOM-O-METER: 186 open bugs last week, 191 this week. Booo! (Hmm, how do you drop needinfo bugs from bugzilla queries?) Some interesting ones: https://bugzilla.redhat.com/454415 dnsmasq --user=nobody broken on F9 -> fixed now https://bugzilla.redhat.com/479622 libvirt should avoid creating virtual networks with the same bridge name -> Edouard found that if he created multiple virtual networks in virt-manager, they all had the same bridge name. https://bugzilla.redhat.com/460649 libvirtd requires restart in order to detect KVM support -> If you install KVM after libvirtd has started, KVM support won't be available in virt-manager. Fixing this may involve libvirtd having to be restarted, or libvirtd might re-poll periodically for KVM. https://bugzilla.redhat.com/480779 https://bugzilla.redhat.com/483204 F10 kvm mmu bugs: -> Some users reported KVM MMU issues. The wiley Glauber Costa noticed that the kernels in question had an nVidia driver loaded at the time. Since Linux developers can't do anything to fix closed source drivers, these bugs will be closed unless they can be reproduced without the nVidia driver. https://bugzilla.redhat.com/480822 https://bugzilla.redhat.com/480850 virtio_net oops during rawhide guest install on rawhide host -> These oopses in slab_alloc() are still a major issue. From Ian.Campbell at citrix.com Fri Jan 30 18:50:49 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Fri, 30 Jan 2009 18:50:49 +0000 Subject: [fedora-virt] Re: [PATCH] xen: do not set NX bit when making initial pagetables readonly In-Reply-To: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> References: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> Message-ID: <1233341449.7436.4.camel@localhost.localdomain> I meant to CC lkml and stable@ (some of the original reports are against 2.6.27) and fat-fingered the to: line. A few previous threads on the subject: http://lists.xensource.com/archives/html/xen-devel/2009-01/msg00176.html http://www.redhat.com/archives/fedora-xen/2009-January/msg00022.html http://www.redhat.com/archives/fedora-virt/2009-January/msg00013.html Ian. On Fri, 2009-01-30 at 18:19 +0000, Ian Campbell wrote: > __supported_pte_mask has not been correctly configured at this point > and Xen prevents us from using the NX bit if the hardware does not > support it. Some BIOSes seem to offer the option to disable NX. > > Signed-off-by: Ian Campbell > Cc: Mark McLoughlin > Cc: Jon Swanson > Cc: fedora-virt at redhat.com > Cc: Jeremy Fitzhardinge > Cc: Ingo Molnar > --- > arch/x86/xen/enlighten.c | 24 +++++++++++++----------- > 1 files changed, 13 insertions(+), 11 deletions(-) > > diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c > index bea2152..e705bdf 100644 > --- a/arch/x86/xen/enlighten.c > +++ b/arch/x86/xen/enlighten.c > @@ -53,6 +53,8 @@ > #include "mmu.h" > #include "multicalls.h" > > +#define _KERNPG_TABLE_RO __pgprot(_KERNPG_TABLE & ~_PAGE_RW) > + > EXPORT_SYMBOL_GPL(hypercall_page); > > DEFINE_PER_CPU(struct vcpu_info *, xen_vcpu); > @@ -1487,9 +1489,9 @@ static __init void xen_map_identity_early(pmd_t *pmd, unsigned long max_pfn) > } > > for (pteidx = 0; pteidx < ident_pte; pteidx += PTRS_PER_PTE) > - set_page_prot(&level1_ident_pgt[pteidx], PAGE_KERNEL_RO); > + set_page_prot(&level1_ident_pgt[pteidx], _KERNPG_TABLE_RO); > > - set_page_prot(pmd, PAGE_KERNEL_RO); > + set_page_prot(pmd, _KERNPG_TABLE_RO); > } > > #ifdef CONFIG_X86_64 > @@ -1543,12 +1545,12 @@ static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, > xen_map_identity_early(level2_ident_pgt, max_pfn); > > /* Make pagetable pieces RO */ > - set_page_prot(init_level4_pgt, PAGE_KERNEL_RO); > - set_page_prot(level3_ident_pgt, PAGE_KERNEL_RO); > - set_page_prot(level3_kernel_pgt, PAGE_KERNEL_RO); > - set_page_prot(level3_user_vsyscall, PAGE_KERNEL_RO); > - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); > - set_page_prot(level2_fixmap_pgt, PAGE_KERNEL_RO); > + set_page_prot(init_level4_pgt, _KERNPG_TABLE_RO); > + set_page_prot(level3_ident_pgt, _KERNPG_TABLE_RO); > + set_page_prot(level3_kernel_pgt, _KERNPG_TABLE_RO); > + set_page_prot(level3_user_vsyscall, _KERNPG_TABLE_RO); > + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); > + set_page_prot(level2_fixmap_pgt, _KERNPG_TABLE_RO); > > /* Pin down new L4 */ > pin_pagetable_pfn(MMUEXT_PIN_L4_TABLE, > @@ -1597,9 +1599,9 @@ static __init pgd_t *xen_setup_kernel_pagetable(pgd_t *pgd, > set_pgd(&swapper_pg_dir[KERNEL_PGD_BOUNDARY], > __pgd(__pa(level2_kernel_pgt) | _PAGE_PRESENT)); > > - set_page_prot(level2_kernel_pgt, PAGE_KERNEL_RO); > - set_page_prot(swapper_pg_dir, PAGE_KERNEL_RO); > - set_page_prot(empty_zero_page, PAGE_KERNEL_RO); > + set_page_prot(level2_kernel_pgt, _KERNPG_TABLE_RO); > + set_page_prot(swapper_pg_dir, _KERNPG_TABLE_RO); > + set_page_prot(empty_zero_page, _KERNPG_TABLE_RO); > > pin_pagetable_pfn(MMUEXT_UNPIN_TABLE, PFN_DOWN(__pa(pgd))); > From Ian.Campbell at citrix.com Fri Jan 30 19:07:57 2009 From: Ian.Campbell at citrix.com (Ian Campbell) Date: Fri, 30 Jan 2009 19:07:57 +0000 Subject: [fedora-virt] Re: [PATCH] xen: do not set NX bit when making initial pagetables readonly In-Reply-To: <49834D42.9020705@goop.org> References: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> <49834D42.9020705@goop.org> Message-ID: <1233342477.27119.1.camel@localhost.localdomain> On Fri, 2009-01-30 at 10:56 -0800, Jeremy Fitzhardinge wrote: > Ian Campbell wrote: > > __supported_pte_mask has not been correctly configured at this point > > and Xen prevents us from using the NX bit if the hardware does not > > support it. Some BIOSes seem to offer the option to disable NX. > > > Could we sniff EFER and update __supported_pte_mask accordingly? Perhaps, we might also have to handle the various noexec= command line options? I don't suppose they matter so much in a guest though. The equivalent native seems to use _KERNPG_TABLE as well (e.g. head_64.S) -- is there something later on which comes along and tries to apply the NX bit to those pages which didn't get it at start of day? Ian. From jeremy at goop.org Fri Jan 30 18:56:02 2009 From: jeremy at goop.org (Jeremy Fitzhardinge) Date: Fri, 30 Jan 2009 10:56:02 -0800 Subject: [fedora-virt] Re: [PATCH] xen: do not set NX bit when making initial pagetables readonly In-Reply-To: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> References: <1233339562-24011-1-git-send-email-Ian.Campbell@citrix.com> Message-ID: <49834D42.9020705@goop.org> Ian Campbell wrote: > __supported_pte_mask has not been correctly configured at this point > and Xen prevents us from using the NX bit if the hardware does not > support it. Some BIOSes seem to offer the option to disable NX. > Could we sniff EFER and update __supported_pte_mask accordingly? J