Questions on Nested Virtualizaion

Temporary forum to discuss issues and problems during a VirtualBox Beta or Release Candidate phase.

Questions on Nested Virtualizaion

Postby Technologov » 16. Sep 2019, 20:00

hi all!

Congratulations to Oracle for releasing the next gen v6. 1 BETA!

Question :
"Virtualization core: support for nested hardware-virtualization on Intel CPUs (starting with 5th generation Core i, codename Broadwell)"

1. I have heard rumors, that there was experimental support for AMD CPUs as well? Does it exist? Is it stable? (rumors from v6.0)

2. Why Broadwell instead of Haswell?
I mean those CPU architectures are very similar, brothers, yet Haswell is more common among users. Any new instructions that are specifically required? Which? Is it simple to support Haswell also?
(Broadwell = Core i7 5000-series and Xeon v4 vs. Haswell = Core i7 4000-series and Xeon v3)

Thanks,
-Technologov
Technologov
Volunteer
 
Posts: 3313
Joined: 10. May 2007, 16:59
Location: Israel

Re: Questions on Nested Virtualizaion

Postby klaus » 16. Sep 2019, 20:25

1. Rumors about nested virtualization for AMD CPUs? Already present in 6.0, and should work quite nicely. Was much less complicated than the nested VT-x.

2. Broadwell, because not all Haswell (the rather late ones would be OK) have the "VMCS shadowing" feature of VT-x, which helps a lot with achieving decent performance. We went for this in the changelog, because performance with older CPUs (bare minimum requirement is actually "unrestricted execution", which some 1st gen Core i and all 2nd gen Core i CPUs should have) can be unsatisfactory.

And yes, we know... BETA1 contains a bug which keeps the "nested virtualization" checkbox in the GUI disabled. Not a GUI bug, the API doesn't report the feature to the GUI. The Windows build has this already fixed (which reflects the "bare minimum requirement"), but for all others this wasn't possible to include...
klaus
Oracle Corporation
 
Posts: 710
Joined: 10. May 2007, 14:57

Re: Questions on Nested Virtualizaion

Postby Technologov » 16. Sep 2019, 20:35

"VMCS shadowing" according to Google exists in all Haswell CPUs.

https://blog.bjornhouben.com/2013/04/29 ... alization/

Nested Virtualization for AMD was never declared 'stable', would be nice to change the v6.1 description to supports AMD and Intel CPUs, because some users may think that only Intel are supported.
Technologov
Volunteer
 
Posts: 3313
Joined: 10. May 2007, 16:59
Location: Israel

Re: Questions on Nested Virtualizaion

Postby socratis » 17. Sep 2019, 08:29

@Technologov
There are other articles that claim otherwise. For example, in https://searchservervirtualization.tech ... -shadowing I see (emphasis mine):
Intel currently deploys VMCS shadowing in certain fourth-generation Intel Core vPro processors, such as i5 vPro and i7 vPro, used in desktop and notebook systems, as well as the Xeon E5-2600, E5-1600 and E3-1200 processor families for enterprise servers.

@ALL
For those analyzing the logs, here's what's required. Looking in the "VT-x features" section:
00:00:00.987730 DMI Product Name: MacBookPro11,5
...
00:00:01.163288 CPUM: Matched host CPU INTEL 0x6/0x46/0x1 Intel_Core7_Haswell with CPU DB entry 'Intel Core i7-5600U' (INTEL 0x6/0x3d/0x4 Intel_Core7_Broadwell)
...
00:00:01.397175 Full Name: "Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz"
...
00:00:01.397194 *********************** VT-x features ***********************
00:00:01.397195 Nested hardware virtualization - VMX features
00:00:01.397195 Mnemonic - Description = guest (host)
00:00:01.397212 UnrestrictedGuest - Unrestricted guest = 0 (1)
00:00:01.397215 VmcsShadowing - VMCS shadowing = 0 (1)

whereas on my older MBP:
00:00:06.744806 DMI Product Name: MacBookPro8,3
00:00:07.111203 CPUM: Matched host CPU INTEL 0x6/0x2a/0x7 Intel_Core7_SandyBridge with CPU DB entry 'Intel Core i7-2635QM' (INTEL 0x6/0x2a/0x7 Intel_Core7_SandyBridge)
00:00:08.650086 Full Name: "Intel(R) Core(TM) i7-2820QM CPU @ 2.30GHz"
00:00:08.650145 UnrestrictedGuest - Unrestricted guest = 0 (1)
00:00:08.650151 VmcsShadowing - VMCS shadowing = 0 (0)


@Technologov
Technologov wrote:Nested Virtualization for AMD was never declared 'stable'

You should tell that to the following features, all snippets from the User Manual when searching for experimental:
  • Oracle VM VirtualBox 3.2 added experimental support for Mac OS X guests
  • Note that the ICH9 support is experimental and not recommended for guest OSes which do not require it.
  • Oracle VM VirtualBox includes experimental support for the Extensible Firmware Interface (EFI)
  • The Oracle VM VirtualBox Guest Additions contain experimental hardware 3D support for Windows, Linux, and Oracle Solaris guests.
  • both OpenGL and Direct3D 8/9 are supported on an experimental basis.
  • As an experimental feature, for additional capabilities, it is possible to give the guest direct access to the CD/DVD host drive by enabling passthrough mode.
  • Starts a VM with a detachable UI. Technically, it is a headless VM with user interface in a separate process. This is an experimental feature...
  • When running on Linux hosts with a kernel version later than 2.6.31, experimental host PCI devices passthrough is available.
  • Oracle VM VirtualBox 4.3 includes an experimental feature which enables a guest to use a host webcam.
  • As an experimental feature, Oracle VM VirtualBox enables access to an iSCSI target
  • Another extension pack called VNC is available. This extension pack is open source and replaces the previous integration of the VNC remote access protocol. This is experimental code...
  • As an experimental feature, primarily due to being limited to Linux host only and unknown Linux distribution coverage, Oracle VM VirtualBox supports passing through the PC speaker to the host.
  • Oracle VM VirtualBox can be used on a Windows host where Hyper-V is running. This is an experimental feature.
or nicely summed up in ch. 14.1. Experimental Features. I guess the only thing you can "charge" them with is that they didn't include "nested virtualization on AMD CPUs" ;)
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 25830
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Questions on Nested Virtualizaion

Postby michaln » 17. Sep 2019, 08:36

Technologov wrote:"VMCS shadowing" according to Google exists in all Haswell CPUs.

Would you believe me if I told you that the Internet is full of lies?

It's possible that back in 2013, someone thought all Haswell CPUs will have VMCS shadowing (it's even possible that Intel gave that impression). The reality is that they don't. Some Haswell CPUs do have VMCS shadowing; as far as we know Haswell server CPUs do have it, and we know some Haswell desktop CPUs do (i7-4990 for example), but not all of them. Most non-server Haswell CPUs probably don't have it. See for example here showing that i7-4770K doesn't.

If you show us CPUID + VMX feature dumps (like the ones in VBox.log) covering a range of Haswell CPUs and indicating that they all have VMCS shadowing, that would be convincing. What some random person on the Internet said before the Haswell CPUs were even out is not.
michaln
Oracle Corporation
 
Posts: 2958
Joined: 19. Dec 2007, 15:45
Primary OS: MS Windows 7
VBox Version: PUEL
Guest OSses: Any and all

Re: Questions on Nested Virtualizaion

Postby andyp73 » 17. Sep 2019, 12:24

socratis wrote:For those analyzing the logs, here's what's required. Looking in the "VT-x features" section:
00:00:01.397194 *********************** VT-x features ***********************
00:00:01.397195 Nested hardware virtualization - VMX features
00:00:01.397195 Mnemonic - Description = guest (host)
00:00:01.397212 UnrestrictedGuest - Unrestricted guest = 0 (1)
00:00:01.397215 VmcsShadowing - VMCS shadowing = 0 (1)

The existing logs on my iMac with i5-7500 (Kaby Lake) has all the right ticks in all the right places. Time to unleash v6.1 and see what chaos I can create! :lol:

-Andy.
My crystal ball is currently broken. If you want assistance you are going to have to give me all of the necessary information.
Please don't ask me to do your homework for you, I have more than enough of my own things to do.
andyp73
Volunteer
 
Posts: 1640
Joined: 25. May 2010, 23:48
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Assorted Linux, Windows Server 2012, DOS, Windows 10, BIOS/UEFI emulation

Re: Questions on Nested Virtualizaion

Postby socratis » 17. Sep 2019, 18:35

andyp73 wrote:Time to unleash v6.1 and see what chaos I can create!

Don't be so sure about it. The only test I tried (need to try some more) was:
    OSX 10.11.6 host, VirtualBox 6.1.0b1
      Win10-64 VM, VirtualBox 6.1.0b1
        FreeDOS VM.
The Win10 VM froze every time. :(
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
socratis
Site Moderator
 
Posts: 25830
Joined: 22. Oct 2010, 11:03
Location: Greece
Primary OS: Mac OS X other
VBox Version: PUEL
Guest OSses: Win(*>98), Linux*, OSX>10.5

Re: Questions on Nested Virtualizaion

Postby ManWithNoName » 27. Sep 2019, 23:37

That's a good news !!!
I look forward to test the INTEL nested virtualisation feature of the final v6.1 release.
Thanks to the dev team :D
ManWithNoName
 
Posts: 8
Joined: 15. Aug 2013, 09:11


Return to VirtualBox Beta / Release Candidate Feedback

Who is online

Users browsing this forum: No registered users and 2 guests