[fedora-virt] Fedora virt status
markmc at redhat.com
Fri Jan 30 18:29:27 UTC 2009
2009-03-03 Feature freeze (32 days)
2009-03-10 Beta Freeze (39 days)
2009-04-14 Final freeze (74 days)
Alpha Freeze, Take 2
Cole released new versions of virt-manager and virtinst releases:
Unfortunately, no libvirt release, but more on that below.
The biggest virt issue that we would have liked to get resolved the alpha is
the infamous "unsynchronized TSC" issue which causes guests on certain hosts
to hang or crash:
Juan Quintela is close to a fix suitable for sending upstream, but in the
meantime we've applied a temporary fix to disable KVM's paravirt clock on those
hosts. The current rawhide kernel has this fix and the upcoming 2.6.29 kernel
for F-10 will have it too.
On Monday, rel-eng met and decided to try for an alpha refresh using Tuesday's
rawhide. A number of issues were found including:
rawhide anaconda traceback when installing KVM guest (yum-HEAD.patch)
This turned out to be a problem with yum and was quickly fixed. There also
were issues with latest yum that affected the tools for building the
release tree and these were fixed.
f11alpha anaconda hanging when moving to timezone screen
Initially KVM was accussed, but evidence was produced and we were granted
Right now, the fingers are pointing at a bizarre GtkCheckButton related
issue but no doubt the problem will turn out to be completely random.
Plenty of fun to be had here if anyone is interested in helping.
So, the alpha has definitely frozen now, but blockers are still being worked
Fedora Weekly News
A new issue of FWN was posted with some nice virt coverage:
Thanks to Dale Bewley.
Fedora 10 Kernel
Plans have changed, F10 is going to get 2.6.29:
Initial builds are available in Koji for testing.
Work in preparation for a new release has been ongoing all week. The release is
likely to happen this weekend.
Some highlights from the week:
- Lots and lots of fixes
- libvirt_proxy vulvnerability:
- qemu disk format support, including support for COW backing stores
- virtio GSO is now enabled for KVM guests where appropriate
PCI Device Assignment
This came up for review by FESCo this week and received a very positive
reception - seven +1s. Lots of time was spent discussing, but most questions
seemed to be just FESCo member's personal interest in the feature rather than
any real concerns over whether it should be approved.
Kevin Fenzi (nirik) and Dennis Gilmore (dgilmore) both mentioned that they're
using TDM cards with Asterisk and would like to be able to move this service
into a KVM guest. Supporting these cards are on of the most common requests.
Some time was spent discussing exactly what PCI devices can be assigned. The
first requirement is VT-d and AMD IOMMU. PCIe devices should work well.
Multiple conventional PCI devices on the same bridge can't be assigned to
different guests. Graphics cards won't work for now.
Will Woods asked about VT-d support causing issues with some BIOSes. Fedora
disabled CONFIG_DMAR in May because of this issue but it has been re-enabled
recently again. The goal is to resolve any of these issues, perhaps through
blacklisting. Any users experiencing issues should try disabling DMAR with
intel_iommu=off and report to iommu at lists.linux-foundation.org if that fixes
On the testing front, basic device assignment seems to be working. Assigning
an e1000e device to a guest using qemu-kvm directly from the command line works
fine. One issue is that rawhide was missing the pci-stub module:
but that's now resolved. A more serious issue is "TX Unit Hang" problems when
trying to do an install using an assigned NIC. These warnings seems to be a
suggest that the NIC isn't being fully reset before being used.
Related to PCI device assignment are Intel VT-d issues that have been reported
Basically, on some machines - e.g. Lenovo x200, Dell Precision T5400 and Dell
Latitude E6400 - VT-d support is causing serious and, in one case, data loss.
Kyle Martin sensibly made intel_iommu=off the default in rawhide:
* Fri Jan 23 2009 Kyle McMartin <kyle at redhat.com>
- disable intel_iommu by default (enable with "intel_iommu=on")
and has sent his patch to do so upstream.
More details on the issue:
David Woodhouse has promised to dig into it next week. Bhavesh Davda and
Adar Dembo from VMware are both working on the issue too. Adar tried
DMA_API_DEBUG, but no driver issues were uncovered.
Disk Access Errors
Dan Walsh and Cole have been looking into how to solve the issue of qemu
blowing up when it doesn't have access to disk images because e.g. it was
downloaded to a user's homedir and doesn't have the appropriate SELinux label.
One suggestion is to add a <code>qemuaccess</code> program which would be run
early on by virt-managerto check that qemu will have access. That way the
problem could be reported earlier to the user in a manner that is easier to
A new F11 feature page has been posted:
"sVirt integrates SELinux with the Fedora virtualization stack to allow
Mandatory Access Control (MAC) security be applied to guest virtual
machines. Amongst other things, this prevents a security bug in the
hypervisor from allowing guests to attack the host or one another."
James Morris is hacking away on adding this to libvirt. Dan Walsh is going to
handle making sure it works well for Fedora.
Fedora Package Updates
A discussion around what a Fedora package update description should contain
generated a wide discussion around how package maintainers should handles
updates in general. Some guidelines have been proposed here:
These guidelines are virt specific, but might interest virt package
Jeremy Fitzhardinge has posted some patches to reduce the overhead of enabling
paravirt_ops on bare-metal:
"In testing, the net result was that the overhead dropped by about 75%"
Fedora's kernel has pv_ops enabled, of course, so this should prove a nice win.
DOOM-O-METER: 186 open bugs last week, 191 this week. Booo!
(Hmm, how do you drop needinfo bugs from bugzilla queries?)
Some interesting ones:
dnsmasq --user=nobody broken on F9
-> fixed now
libvirt should avoid creating virtual networks with the same bridge name
-> Edouard found that if he created multiple virtual networks in
virt-manager, they all had the same bridge name.
libvirtd requires restart in order to detect KVM support
-> If you install KVM after libvirtd has started, KVM support won't be
available in virt-manager. Fixing this may involve libvirtd having
to be restarted, or libvirtd might re-poll periodically for KVM.
F10 kvm mmu bugs:
-> Some users reported KVM MMU issues. The wiley Glauber Costa noticed that
the kernels in question had an nVidia driver loaded at the time. Since
Linux developers can't do anything to fix closed source drivers, these
bugs will be closed unless they can be reproduced without the nVidia
virtio_net oops during rawhide guest install on rawhide host
-> These oopses in slab_alloc() are still a major issue.
More information about the Fedora-virt