OpenStack Compute (nova)

hide_hypervisor_id doesn't hide hyperv signature for Windows VMs

Bug #1779845 reported by Konstantinos Samaras-Tsakiris on 2018-07-03

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	Fix Released	Wishlist	Konstantinos Samaras-Tsakiris

Bug Description

Blueprints hide-hypervisor-id-flavor-extra-spec and add-kvm-hidden-feature allow hiding KVM's signature for guests, which is necessary for Nvidia drivers to work in VMs with passthrough GPUs.
While this works well for linux guests on KVM hypervisors, it doesn't work for Windows guests on KVM. For them, KVM emulates some HyperV features. With the current implementation, KVM's signature is hidden, but HyperV's is not, and Nvidia drivers don't work in Windows VMs.

I propose generating an extra tag in the libvirt xml for Windows guests on KVM which obfuscates HyperV's signature too, controlled by the existing image and flavor parameters (img_hide_hypervisor_id and hide_hypervisor_id correspondingly).

Tags:

Konstantinos Samaras-Tsakiris (kosamara) on 2018-07-03

tags:	added: libvirt removed: libvir
tags:	added: pci
Changed in nova:
assignee:	nobody → Konstantinos Samaras-Tsakiris (kosamara)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-07-03: Fix proposed to nova (master)

Fix proposed to branch: master
Review: https://review.openstack.org/579897

Changed in nova:
status:	New → In Progress

Revision history for this message

Maciej Jozefczyk (maciejjozefczyk) wrote on 2018-08-02:

I can confirm that bug, and the presented solution looks reasonable.

sean mooney (sean-k-mooney) on 2018-08-02

tags:

added: rfe

Revision history for this message

melanie witt (melwitt) wrote on 2019-05-29:

This looks like an enhancement to the existing hiding hypervisor id code, rather than a defect in the existing support. As such, I'm setting this as a Wishlist bug.

Changed in nova:
importance:	Undecided → Wishlist

OpenStack Infra (hudson-openstack) on 2019-05-31

Changed in nova:
assignee:	Konstantinos Samaras-Tsakiris (kosamara) → Eric Fried (efried)

Eric Fried (efried) on 2019-05-31

Changed in nova:
assignee:	Eric Fried (efried) → Konstantinos Samaras-Tsakiris (kosamara)

OpenStack Infra (hudson-openstack) on 2019-06-03

Changed in nova:
assignee:	Konstantinos Samaras-Tsakiris (kosamara) → Eric Fried (efried)

Eric Fried (efried) on 2019-06-03

Changed in nova:
assignee:	Eric Fried (efried) → Konstantinos Samaras-Tsakiris (kosamara)

OpenStack Infra (hudson-openstack) on 2019-06-04

Changed in nova:
assignee:	Konstantinos Samaras-Tsakiris (kosamara) → Matt Riedemann (mriedem)

Matt Riedemann (mriedem) on 2019-06-04

Changed in nova:
assignee:	Matt Riedemann (mriedem) → Konstantinos Samaras-Tsakiris (kosamara)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-06: Fix merged to nova (master)

Reviewed: https://review.opendev.org/579897
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=ca543438e183b2bd97a08ef781ddeab8303354ed
Submitter: Zuul
Branch: master

commit ca543438e183b2bd97a08ef781ddeab8303354ed
Author: Konstantinos Samaras-Tsakiris <email address hidden>
Date: Tue Jul 3 12:28:55 2018 +0000

Hide hypervisor id on windows guests

    Blueprints hide-hypervisor-id-flavor-extra-spec [1] and
    add-kvm-hidden-feature [2] allow hiding KVM's signature for guests,
    which is necessary for Nvidia drivers to work in VMs with passthrough
    GPUs. While this works well for linux guests on KVM, it doesn't work
    for Windows guests.

    For them, KVM emulates some HyperV features. With the
    current implementation, KVM's signature is hidden, but HyperV's is not,
    and Nvidia drivers don't work in Windows VMs.

    This change generates an extra element in the libvirt xml for Windows
    guests on KVM which obfuscates HyperV's signature too, controlled by the
    existing image and flavor parameters (img_hide_hypervisor_id and
    hide_hypervisor_id correspondingly). The extra xml element is
      <vendor_id state='on' value='1234567890ab'/>
    in features/hyperv.

[1] https://blueprints.launchpad.net/nova/+spec/hide-hypervisor-id-flavor-extra-spec
[2] https://blueprints.launchpad.net/nova/+spec/add-kvm-hidden-feature

Change-Id: Iaaeae9281301f14f4ae9b43f4a06de58b699fd68
Closes-Bug: 1779845

Changed in nova:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-06-06: Fix proposed to nova (stable/stein)

Fix proposed to branch: stable/stein
Review: https://review.opendev.org/663616

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-09-27: Fix included in openstack/nova 20.0.0.0rc1

This issue was fixed in the openstack/nova 20.0.0.0rc1 release candidate.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2022-11-11: Change abandoned on nova (stable/stein)

Change abandoned by "Elod Illes <email address hidden>" on branch: stable/stein
Review: https://review.opendev.org/c/openstack/nova/+/663616
Reason: This branch transitioned to End of Life for this project, open patches needs to be closed to be able to delete the branch.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Related blueprints

Hide hypervisor signature on Windows guests for nvidia GPU

Remote bug watches

Bug watches keep track of this bug in other bug trackers.