Skip to content

deploy: support running sc2 on azure vms #143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 14 commits into
base: main
Choose a base branch
from
Draft

deploy: support running sc2 on azure vms #143

wants to merge 14 commits into from

Conversation

csegarragonz
Copy link
Collaborator

@csegarragonz csegarragonz commented Feb 11, 2025
edited
Loading

There are two issues when running on Azure that need patching:

  1. The change in kata of passing OVMF with -bios instead of -pflash needs to be reverted.
  2. The nydus-image tool does not work, as the Azure VMs we use are based on 22.04.

Both problems should be solved if we use our own patched host kernel, and can also be temporarily worked-around.

When trying to patch our own host kernel, there is still a bug during kernel initialization:

(sc2-deploy) sc2@sc2-snp-test:~/git/sc2-sys/deploy$ sudo dmesg | grep -Ee 'SEV|SNP|ccp|kvm'
[    2.237713]  ? __pfx_mmu_page_zap_pte+0x10/0x10 [kvm]
[    2.237785]  ? __pfx_page_fault_can_be_fast+0x10/0x10 [kvm]
[    2.237853]  ? __pfx_page_fault_handle_page_track+0x10/0x10 [kvm]
[    2.237923]  ? __SCT__tp_func_kvm_mmu_split_huge_page+0x8/0x8 [kvm]
[    2.238021]  ? __pfx_mmu_page_zap_pte+0x10/0x10 [kvm]
[    2.238098]  ? __pfx_mmu_page_zap_pte+0x10/0x10 [kvm]
[    2.238173]  ? __pfx_mmu_page_zap_pte+0x10/0x10 [kvm]
[    2.309490] kvm_amd: TSC scaling supported
[    2.309498] kvm_amd: Nested Virtualization enabled
[    2.309500] kvm_amd: Nested Paging enabled
[    2.309509] LBRV must be present for SEV-ES support
[    2.309519] WARNING: CPU: 7 PID: 251 at arch/x86/kvm/svm/sev.c:3041 sev_hardware_setup+0x3fc/0x11f0 [kvm_amd]
[    2.309531] Modules linked in: kvm_amd(+) joydev ccp mac_hid mlxfw psample tls hid_generic serio_raw kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel sha512_ssse3 sha256_ssse3 hyperv_drm sha1_ssse3 aesni_intel drm_shmem_helper drm_kms_helper crypto_simd hid_hyperv cryptd hyperv_fb hid hv_netvsc hyperv_keyboard dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua sch_fq_codel drm efi_pstore i2c_core ip_tables x_tables autofs4
[    2.309583] RIP: 0010:sev_hardware_setup+0x3fc/0x11f0 [kvm_amd]
[    2.309631]  ? sev_hardware_setup+0x3fc/0x11f0 [kvm_amd]
[    2.309664]  ? sev_hardware_setup+0x3fc/0x11f0 [kvm_amd]
[    2.309673]  svm_hardware_setup+0x3ca/0xc90 [kvm_amd]
[    2.309684]  kvm_x86_vendor_init+0x1e2/0x1b50 [kvm]
[    2.309740]  svm_init+0x2f/0x90 [kvm_amd]
[    2.309748]  ? svm_init+0x2f/0x90 [kvm_amd]
[    2.309755]  ? __pfx_svm_init+0x10/0x10 [kvm_amd]
[    2.309964] kvm_amd: SEV unusable (ASIDs 17 - 16)
[    2.309966] kvm_amd: SEV-ES disabled (ASIDs 1 - 16)
[    2.309968] kvm_amd: kvm_amd: Hyper-V enlightened NPT TLB flush enabled
[    2.309970] kvm_amd: kvm_amd: Hyper-V Direct TLB Flush enabled
[    2.309976] kvm_amd: Virtual VMLOAD VMSAVE supported
[    2.309977] kvm_amd: PMU virtualization is disabled

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@csegarragonz