Compiling Qemu-KVM

ddemuro — Thu, 07 Jul 2016 06:28:09 +0000

Lets compile KVM – QEMU from scratch on Debian Jessie

This… will take a long ass time!.

mkdir -p /usr/local/libexec
mkdir -p /usr/local/lib/qemu
mkdir -p /usr/local/var
mkdir -p /usr/local/share/doc
 
cd /usr/local/src/
git clone git://git.qemu-project.org/qemu.git
 
sudo aptitude install libglib2.0-dev libfdt-dev libpixman-1-dev zlib1g-dev libaio-dev \
    libbluetooth-dev libbrlapi-dev libbz2-dev  libcap-dev libcap-ng-dev libcurl4-gnutls-dev \
    libgtk-3-dev libibverbs-dev libjpeg8-dev libncurses5-dev libnuma-dev librbd-dev \
    librdmacm-dev libsasl2-dev libsdl1.2-dev libseccomp-dev libsnappy-dev libssh2-1-dev \
    libvde-dev libvdeplug-dev libvte-2.90-dev libxen-dev liblzo2-dev valgrind xfslibs-dev \
    gnutls-dev libiscsi-dev libgoogle-perftools-dev libspice-protocol-dev libspice-server-dev \
    libusb-dev libusb-1.0-0-dev libusbredirparser-dev libusbredirparser1 libnfs-dev
 
./configure --target-list=i386-linux-user,i386-softmmu,x86_64-linux-user,x86_64-softmmu --enable-system \
    --enable-sdl --enable-gtk --enable-vte --enable-kvm --enable-bzip2 --enable-libssh2 --enable-linux-user \
    --enable-docs --enable-gnutls --enable-nettle --enable-curses --enable-modules --enable-virtfs \
    --enable-curl --enable-fdt --enable-rdma --enable-uuid --enable-vde --enable-linux-aio --enable-cap-ng \
    --enable-attr --enable-vhost-net --enable-spice --enable-rbd --enable-libiscsi --enable-libnfs --enable-libusb \
    --enable-usb-redir --enable-lzo --enable-snappy --enable-seccomp --enable-coroutine-pool --enable-glusterfs \
    --enable-tpm --enable-vhdx --enable-numa --enable-tcmalloc
 
make -j4 <- (Core count)
 
checkinstall -D
 
(This will create the .deb package), make sure to fill in version, package name, etc.
dpkg -i (just created package)
qemu-system-x86_64 –version <== Check it's your version.

Find attached my .deb if you’re too lazy for that.

Meet this requirements first, before using my .deb !!

apt-get install libdrm-intel1 libdrm-nouveau2 libdrm-radeon1 libgl1-mesa-glx libdrm2 libelf1 libglapi-mesa \
    libllvm3.5 libpciaccess0 libtxc-dxtn-s2tc0 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 \
    libxcb-present0 libxcb-sync1 libxshmfence1 libxxf86vm1 libgl1-mesa-dri libglib2.0 libfdt \
    libpixman-1 zlib1g libaio libbluetooth libbrlapi libbz2 libcap libcap-ng libcurl4-gnutls \
    libgtk-3 libibverbs libjpeg8 libncurses5 libnuma librbd librdmacm libsasl2 libsdl1.2 libseccomp \
    libsnappy libssh2-1 libvde libvdeplug libvte-2.90 libxen liblzo2 xfslibs gnutls libiscsi \
    libgoogle-perftools libgoogle-perftools4 libspice-protocol libspice-server libusb libusb-1.0-0 \
    libusbredirparser1 libnfs4 libnfs8

If you’re missing packages… then… here you also have my apt sources.list

#------------------------------------------------------------------------------#
#                   OFFICIAL DEBIAN REPOS                    
#------------------------------------------------------------------------------#
 
###### Debian Main Repos
deb https://ftp.us.debian.org/debian/ jessie main contrib non-free
deb-src https://ftp.us.debian.org/debian/ jessie main contrib non-free
 
###### Debian Update Repos
deb https://security.debian.org/ jessie/updates main contrib non-free
deb https://ftp.us.debian.org/debian/ jessie-proposed-updates main contrib non-free
deb-src https://security.debian.org/ jessie/updates main contrib non-free
deb-src https://ftp.us.debian.org/debian/ jessie-proposed-updates main contrib non-free
 
#------------------------------------------------------------------------------#
#                      UNOFFICIAL  REPOS                       #
#------------------------------------------------------------------------------#
 
###### 3rd Party Binary Repos
 
#### Debian Mozilla team - https://mozilla.debian.net/
## Run this command: apt-get install pkg-mozilla-archive-keyring
deb https://mozilla.debian.net/ jessie-backports firefox-release
 
#### Debian Multimedia - https://deb-multimedia.org/
## Run this command: apt-get update && apt-get install deb-multimedia-keyring && apt-get update
deb https://www.deb-multimedia.org stable main non-free
 
#### Dotdeb - https://www.dotdeb.org
## Run this command: wget -q -O - https://www.dotdeb.org/dotdeb.gpg | apt-key add -
deb https://packages.dotdeb.org oldstable all
 
 
####### 3rd Party Source Repos
 
#### Dotdeb (Source) - https://www.dotdeb.org
## Run this command: wget -q -O - https://www.dotdeb.org/dotdeb.gpg | apt-key add -
deb-src https://packages.dotdeb.org oldstable all
 
deb https://cloudmin.virtualmin.com/kvm/debian binary/

Install missing keyrings!

apt-get install pkg-mozilla-archive-keyring
apt-get update && apt-get install deb-multimedia-keyring && apt-get update
wget -q -O - https://www.dotdeb.org/dotdeb.gpg | apt-key add -

KVM Nested virtualization Ubuntu 12.04 bug.

ddemuro — Wed, 29 Jul 2015 06:34:09 +0000

KVM Nested virtualization.

For my current project, I needed to perform nested virtualization on KVM using Ubuntu 12.04, and I encountered the VM would pause itself after showing the bios.

That error dragged me to the logs where this line called my attention:

KVM: entry failed, hardware error 0x80000021
 
If you're running a guest on an Intel machine without unrestricted mode
support, the failure can be most likely due to the guest entering an invalid
state for Intel VT. For example, the guest is maybe running in a real big mode, which is not supported on less recent Intel processors.
 
EAX=00000011 EBX=00000000 ECX=00000030 EDX=00007baa
ESI=c007deba EDI=00038110 EBP=00000000 ESP=00007baa
EIP=00000370 EFL=00010006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0030 0009aef0 ffffffff 0000f300 DPL=3 DS16 [-WA]
CS =9a60 0009a630 0000ffff 00009b00 DPL=0 CS16 [-RA]
SS =0000 00000000 0000ffff 00009300 DPL=0 DS16 [-WA]
DS =0030 0009aef0 ffffffff 0000f300 DPL=3 DS16 [-WA]
FS =0030 0009aef0 ffffffff 0000f300 DPL=3 DS16 [-WA]
GS =0030 0009aef0 ffffffff 0000f300 DPL=3 DS16 [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     0009af30 00000037
IDT=     00000000 0000ffff
CR0=00000011 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
Code=66 0f 01 16 40 00 66 0f 01 1e 78 00 0f 20 c0 0c 01 0f 22 c0 <66> ea a4 00 00 00 08 00 0f 20 c0 24 fe 0f 22 c0 ff 2e 7e 00 2e a1 14 08 8e d8 8e c0 8e e0
handle_dev_stop: stop

And digging, I found out it’s a bug known issue with the 12.04 kernel. After that, 400 patches came along and cleared the whole issue, and now I got to perform nested virtualization without issues. Updating the kernel fixed it, but how did we do it?:

In the KVM host, make sure you have nested VT enabled.
Reboot, and make sure when the machine comes back, the change is still there.
Test nested virtualization, and if it’s your case, like mine, three levels of virtualization, then perform the same changes to the second host.
Reboot the 2nd level host.
Check the changes are still there.
If so, you got your 3d level of hardware-assisted VT.

cat /sys/module/kvm_intel/parameters/nested 
Y
systool -m kvm_intel -v   | grep -i nested
---Not a command---
Otherwise, you can add that to modprobe...
---Not a command---
echo "options kvm-intel nested=y" > /etc/modprobe.d/dist.conf
or
echo "options kvm-intel nested=y" > /etc/modprobe.d/kvm.conf
---Not a command---
For AMD
---Not a command---
echo "options kvm-amd nested=0" > /etc/modprobe.d/kvm.conf

With that, you can now run your second host with the following params to make sure he gets to see he has VT.