Nested Virtulization CPU options not available

Bobie · September 22, 2018, 8:07pm

Hi.

It types you need to install linux-image-amd64, but Whonix 14 use amd64 by default so I installed VirtualBox in my KVM.
When I go to Settings of VirtualBox VM System > Processor - the slider is grayed and I can’t use more than 1 processor and Acceleration tab is grayed I can’t access it.

HulaHoop · September 23, 2018, 1:42pm

That’s because the current config file masks out the virtualizaztion instruction. However you can change it to the config below to have all cpu features passed through.

Use on the host:

# EDITOR=kate virsh edit Whonix-Workstation

and replace all with the text linked here:

https://raw.githubusercontent.com/Whonix/whonix-libvirt/8b2d22bbe4d609fbab615e512c996fdc9904d17e/usr/share/whonix-libvirt/xml/Whonix-Workstation.xml

Your welcome.

Bobie · September 24, 2018, 10:27am

I changed config but still the slider is grayed and Acceleration is grayed

HulaHoop · September 24, 2018, 4:28pm

Can you post the output of:

$ cat /proc/cpuinfo

Bobie · September 24, 2018, 9:00pm

Host or Workstation ?

click both there

HulaHoop · September 24, 2018, 10:53pm

Well vmx is there… so the only thing that explains it is VBox is buggy and/or you are assigning more resources to the VM than what is available so it refuses to even run.

I’m not interested in VBox so please any further questions about that platform are better discussed upstream. Nested KVM is mature enough by now.

Bobie · September 25, 2018, 6:25am

vmx is there only for Host $ cat /proc/cpuinfo
for Workstation $ cat /proc/cpuinfo vmx is missing
maybe I need to install some drivers or virtualbox modules ?

Or sudo apt install -t stretch-backports virtualbox
is enough ?

Algernon · September 25, 2018, 7:38am

Try to reproduce it first on a debian VM. Also you might need to load some modules: Nested Guests - KVM
and afaik some (older) processors only support one virtualization layer.

Bobie · September 25, 2018, 10:03am

This
# If you have an Intel CPU, use this:
$ cat /etc/modprobe.d/kvm_intel.conf
options kvm-intel nested=Y

# If you have an AMD CPU, then this:
$ cat /etc/modprobe.d/kvm_amd.conf
options kvm-amd nested=1

fixed it

HulaHoop · September 25, 2018, 1:20pm

New section on the wiki:

Bobie · September 27, 2018, 8:10am

It’s very laggy. Can you give a link to KVM forum ? I can’t find any, I found only the IRC channel

Algernon · September 27, 2018, 11:26am

There is only an IRC channel and maybe a mailing list. It is laggy because you are using an additional virtualization layer and nested virtualization is not really a priority for most vendors. I don’t think you will get acceptable performance any time soon. Though this might also depend on your workload, hardware and hypervisor. iirc from the benchmarks I saw a while back the the second layer was CPU wise mostly on a pentium level. Use your favorite search engine for more information, this is also not really a Whonix specific issue.