Skip to content

config: enable KVM in embedded kernel #125

Merged
slp merged 2 commits into
libkrun:mainfrom
dustymabe:dusty-enable-nested-virt
May 13, 2026
Merged

config: enable KVM in embedded kernel #125
slp merged 2 commits into
libkrun:mainfrom
dustymabe:dusty-enable-nested-virt

Conversation

@dustymabe
Copy link
Copy Markdown
Contributor

@dustymabe dustymabe commented May 12, 2026
edited
Loading

There are 3 commits here to enable nested virtualization support in the libkrun VM.

This is needed to leverage containers/libkrun#630 because if the kernel doesn't have these modules built in then /dev/kvm definitely won't be there.

These chanes were assisted by anthropic/claude-opus-4.6.

@dustymabe
config: enable KVM host support on x86_64
46e6d11 
Enable CONFIG_KVM, CONFIG_KVM_INTEL, and CONFIG_KVM_AMD as built-in
so the guest kernel can act as a KVM host. This is needed for nested
virtualization: when libkrun exposes VMX/SVM CPUID bits to the guest
(via krun_set_nested_virt), the guest kernel needs KVM support to
create /dev/kvm and run VMs.

Both Intel and AMD variants are enabled so the same kernel binary
works on either vendor.

Assisted-by: <anthropic/claude-opus-4.6>
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
@tylerfanelli
Copy link
Copy Markdown
Collaborator

tylerfanelli commented May 12, 2026

Thanks for the contribution. The SEV commit can be removed, as I don't think we'd support that at the moment.

@dustymabe dustymabe force-pushed the dusty-enable-nested-virt branch from d80d9ba to eef0137 Compare May 12, 2026 21:09
tylerfanelli
tylerfanelli requested changes May 12, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@tylerfanelli tylerfanelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SEV nested virt can be removed.

@dustymabe
config: enable KVM host support on aarch64
e97350d 
Enable CONFIG_VIRTUALIZATION and CONFIG_KVM in the aarch64 kernel
config for nested virtualization support. On ARM64 there are no
separate vendor-specific KVM modules (unlike x86_64's KVM_INTEL
and KVM_AMD).

Assisted-by: <anthropic/claude-opus-4.6>
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
@dustymabe dustymabe force-pushed the dusty-enable-nested-virt branch from eef0137 to e97350d Compare May 12, 2026 21:09
@dustymabe
Copy link
Copy Markdown
Contributor Author

dustymabe commented May 12, 2026

SEV nested virt can be removed.

done

@dustymabe dustymabe requested a review from tylerfanelli May 12, 2026 21:47
tylerfanelli
tylerfanelli approved these changes May 13, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@tylerfanelli tylerfanelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! @slp PTAL.

slp
slp approved these changes May 13, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@slp slp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM too, thanks

@slp slp merged commit e0647fa into libkrun:main May 13, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@slp slp slp approved these changes

@tylerfanelli tylerfanelli tylerfanelli approved these changes

@MatiasVara MatiasVara Awaiting requested review from MatiasVara MatiasVara is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dustymabe @tylerfanelli @slp