TLDR:
- How to get rid of the WARN in virt-host-validate qemu
- How to activate C&P from Host to VM
Long Version:
So, after many months in which I merely tolerated my use of VirtualBox it is finally time to switch over to VirtManager. This will be my fourth time that I try this, but my first time with the help of the allmighty EOS forum.
So, basic information: AMD Zen 4 CPU, current EOS, Linux as kernel, boots with grub.
What I did so far:
-
RTFM
- [Tutorial] How to install Virt-Manager Correctly on EOS/Arch base systems
- https://gist.github.com/tatumroaquin/c6464e1ccaef40fd098a4f31db61ab22
- Virt-Manager Tutorial
- https://wiki.manjaro.org/index.php?title=Virt-manager
The Manjaro Link is from earlier “endevours” (bad fun intended) which failed…
-
Installed the stack:
lscpu | grep -i Virtualization
zgrep CONFIG_KVM /proc/config.gz
sudo pacman -S qemu-full qemu-img libvirt virt-install virt-manager virt-viewer edk2-ovmf dnsmasq swtpm guestfs-tools libosinfo tuned libguestfs
sudo systemctl enable libvirtd.service
sudo virsh net-autostart default
- Checked the success:
sudo virt-host-validate qemu
QEMU: Checking for hardware virtualization : PASS
QEMU: Checking if device '/dev/kvm' exists : PASS
QEMU: Checking if device '/dev/kvm' is accessible : PASS
QEMU: Checking if device '/dev/vhost-net' exists : PASS
QEMU: Checking if device '/dev/net/tun' exists : PASS
QEMU: Checking for cgroup 'cpu' controller support : PASS
QEMU: Checking for cgroup 'cpuacct' controller support : PASS
QEMU: Checking for cgroup 'cpuset' controller support : PASS
QEMU: Checking for cgroup 'memory' controller support : PASS
QEMU: Checking for cgroup 'devices' controller support : PASS
QEMU: Checking for cgroup 'blkio' controller support : PASS
QEMU: Checking for device assignment IOMMU support : PASS
QEMU: Checking if IOMMU is enabled by kernel : PASS
QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support)
- Tried (and failed) to get rid of the WARN:
- Read this: https://libvirt.org/kbase/launch_security_sev.html
- And this: https://bugzilla.redhat.com/show_bug.cgi?id=1850351#c5
- Modifed kernel parameters and regenerated grub.config:
# GRUB boot loader configuration GRUB_DEFAULT='0' GRUB_TIMEOUT='5' GRUB_DISTRIBUTOR='EndeavourOS' GRUB_CMDLINE_LINUX_DEFAULT='nowatchdog nvme_load=YES loglevel=3 zswap.enabled=0 amd-pstate=active' GRUB_CMDLINE_LINUX="mem_encrypt=on kvm_amd.sev=1"
sudo grub-mkconfig -o /boot/grub/grub.cfg - Checked result:
cat /proc/cmdline BOOT_IMAGE=/@/boot/vmlinuz-linux root=UUID=178ba18b-3faa-4b38-b7e5-5b0f5d2f285c rw rootflags=subvol=@ mem_encrypt=on kvm_amd.sev=1 nowatchdog nvme_load=YES loglevel=3 zswap.enabled=0 amd-pstate=active - Added sev conf and rebooted:
echo "options kvm_amd sev=1" | sudo tee /etc/modprobe.d/amd-sev.conf
echo "options kvm_amd sev=1" | sudo tee /etc/modprobe.d/sev.conf - checked outcome:
cat /sys/module/kvm_amd/parameters/sev Nsudo virt-host-validate qemu QEMU: Checking for hardware virtualization : PASS QEMU: Checking if device '/dev/kvm' exists : PASS QEMU: Checking if device '/dev/kvm' is accessible : PASS QEMU: Checking if device '/dev/vhost-net' exists : PASS QEMU: Checking if device '/dev/net/tun' exists : PASS QEMU: Checking for cgroup 'cpu' controller support : PASS QEMU: Checking for cgroup 'cpuacct' controller support : PASS QEMU: Checking for cgroup 'cpuset' controller support : PASS QEMU: Checking for cgroup 'memory' controller support : PASS QEMU: Checking for cgroup 'devices' controller support : PASS QEMU: Checking for cgroup 'blkio' controller support : PASS QEMU: Checking for device assignment IOMMU support : PASS QEMU: Checking if IOMMU is enabled by kernel : PASS QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support)```
- At this point I got a bit frustrated and needed a break. And after a meal I decided "screw the warning, let’s go Arch!
So I started with the installation of an Arch VM - so far so good, used the “lazy” way arch-install and was greeted with the login of the Arch shell - GREAT, success. But then the next source of frustration hit me: Copy-Paste from the Host to the VM does not work. Very annoying! This is a functionality that - imho - should be either on by default or easily configured, but this seems not to be the case.
So I read a bit about it and installed spice-vdagentd on both the host and the VM and ensured it uses SPICE, but still can’t C&P…
Got even more frustrated and started to give up. Had a good night sleep, woke up and found my willpower again. Asking NOW for help is the way to go!
More information:
sudo inxi -zF
System:
Kernel: 6.14.2-arch1-1 arch: x86_64 bits: 64
Desktop: KDE Plasma v: 6.3.4 Distro: EndeavourOS
Machine:
Type: Desktop Mobo: Micro-Star model: MAG X570 TOMAHAWK WIFI (MS-7C84)
v: 1.0 serial: <filter> UEFI: American Megatrends LLC. v: 1.F0
date: 10/12/2023
CPU:
Info: 16-core model: AMD Ryzen 9 5950X bits: 64 type: MT MCP cache:
L2: 8 MiB
Speed (MHz): avg: 3596 min/max: 550/5086 cores: 1: 3596 2: 3596 3: 3596
4: 3596 5: 3596 6: 3596 7: 3596 8: 3596 9: 3596 10: 3596 11: 3596 12: 3596
13: 3596 14: 3596 15: 3596 16: 3596 17: 3596 18: 3596 19: 3596 20: 3596
21: 3596 22: 3596 23: 3596 24: 3596 25: 3596 26: 3596 27: 3596 28: 3596
29: 3596 30: 3596 31: 3596 32: 3596
Graphics:
Device-1: Advanced Micro Devices [AMD/ATI] Navi 21 [Radeon RX 6800/6800 XT
/ 6900 XT] driver: amdgpu v: kernel
Display: unspecified server: X.Org v: 21.1.16 with: Xwayland v: 24.1.6
driver: X: loaded: amdgpu unloaded: modesetting,radeon dri: radeonsi
gpu: amdgpu resolution: 1: N/A 2: N/A
API: EGL v: 1.5 drivers: radeonsi,swrast
platforms: gbm,x11,surfaceless,device
API: OpenGL v: 4.6 compat-v: 4.5 vendor: amd mesa v: 25.0.3-arch1.1
renderer: AMD Radeon RX 6800 XT (radeonsi navi21 LLVM 19.1.7 DRM 3.61
6.14.2-arch1-1)
API: Vulkan v: 1.4.309 drivers: N/A surfaces: xcb,xlib
Info: Tools: api: clinfo, eglinfo, glxinfo, vulkaninfo
de: kscreen-console,kscreen-doctor gpu: lact wl: wayland-info
x11: xdpyinfo, xprop, xrandr
Audio:
Device-1: Advanced Micro Devices [AMD/ATI] Navi 21/23 HDMI/DP Audio
driver: snd_hda_intel
Device-2: Thesycon System & Consulting GmbH DX3 Pro+ driver: snd-usb-audio
type: USB
API: ALSA v: k6.14.2-arch1-1 status: kernel-api
Network:
Device-1: Mellanox MT27500 Family [ConnectX-3] driver: mlx4_core
IF: enp36s0 state: up speed: 10000 Mbps duplex: full mac: <filter>
Device-2: Realtek RTL8125 2.5GbE driver: r8169
IF: enp38s0 state: down mac: <filter>
Device-3: Intel Wi-Fi 6 AX200 driver: iwlwifi
IF: wlan0 state: down mac: <filter>
IF-ID-1: virbr0 state: down mac: <filter>
Bluetooth:
Device-1: Intel AX200 Bluetooth driver: btusb type: USB
Report: btmgmt ID: hci0 rfk-id: 2 state: down bt-service: enabled,running
rfk-block: hardware: no software: yes address: <filter> bt-v: 5.2
Drives:
Local Storage: total: 18.66 TiB used: 10.92 TiB (58.5%)
ID-1: /dev/nvme0n1 vendor: Seagate model: FireCuda 530 ZP2000GM30013
size: 1.82 TiB
ID-2: /dev/nvme1n1 vendor: Seagate model: FireCuda 530 ZP2000GM30013
size: 1.82 TiB
ID-3: /dev/sda vendor: Samsung model: SSD 860 PRO 512GB size: 476.94 GiB
ID-4: /dev/sdb vendor: Seagate model: ST16000NM001G-2KK103 size: 14.55 TiB
Partition:
ID-1: / size: 1.82 TiB used: 1.58 TiB (86.9%) fs: btrfs dev: /dev/nvme0n1p2
ID-2: /boot/efi size: 998 MiB used: 576 KiB (0.1%) fs: vfat
dev: /dev/nvme0n1p1
ID-3: /home size: 1.82 TiB used: 1.58 TiB (86.9%) fs: btrfs
dev: /dev/nvme0n1p2
ID-4: /var/log size: 1.82 TiB used: 1.58 TiB (86.9%) fs: btrfs
dev: /dev/nvme0n1p2
Swap:
ID-1: swap-1 type: zram size: 16 GiB used: 11.3 MiB (0.1%) dev: /dev/zram0
Sensors:
System Temperatures: cpu: 39.0 C mobo: 37.0 C gpu: amdgpu temp: 69.0 C
Fan Speeds (rpm): fan-1: 0 fan-2: 414 fan-3: 365 fan-4: 0 fan-5: 0
fan-6: 0 fan-7: 0 gpu: amdgpu fan: 0
Info:
Memory: total: 64 GiB available: 62.71 GiB used: 9.81 GiB (15.6%)
Processes: 579 Uptime: 2h 37m Shell: Sudo inxi: 3.3.37