[kvm-unit-test,3/5] travis.yml: Test with KVM instead of TCG (on x86)
diff mbox series

Message ID 20191113112649.14322-4-thuth@redhat.com
State New
Headers show
Series
  • Improvements for the Travis CI
Related show

Commit Message

Thomas Huth Nov. 13, 2019, 11:26 a.m. UTC
Travis nowadays supports KVM in their CI pipelines, so we can finally
run the kvm-unit-tests with KVM instead of TCG here. Unfortunately, there
are some quirks: First, the QEMU binary has to be running as root, otherwise
you get an "permission denied" error here - even if you fix up the access
permissions to /dev/kvm first. Second, not all x86 tests are working in
this environment, so we still have to manually select the test set here
(but the amount of tests is definitely higher now than what we were able
to run with TCG before).

Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 .travis.yml | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

Comments

Alex Bennée Nov. 13, 2019, 1:49 p.m. UTC | #1
Thomas Huth <thuth@redhat.com> writes:

> Travis nowadays supports KVM in their CI pipelines, so we can finally
> run the kvm-unit-tests with KVM instead of TCG here. Unfortunately, there
> are some quirks: First, the QEMU binary has to be running as root, otherwise
> you get an "permission denied" error here - even if you fix up the access
> permissions to /dev/kvm first.

Could it be another resource it's trying to access?

> Second, not all x86 tests are working in
> this environment, so we still have to manually select the test set here
> (but the amount of tests is definitely higher now than what we were able
> to run with TCG before).
>
> Signed-off-by: Thomas Huth <thuth@redhat.com>
> ---
>  .travis.yml | 18 +++++++++++++-----
>  1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/.travis.yml b/.travis.yml
> index 3f5b5ee..f91118c 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -1,4 +1,4 @@
> -sudo: false
> +sudo: true
>  dist: bionic
>  language: c
>  cache: ccache
> @@ -13,16 +13,21 @@ matrix:
>        env:
>        - CONFIG=""
>        - BUILD_DIR="."
> -      - TESTS="vmexit_cpuid vmexit_mov_from_cr8 vmexit_mov_to_cr8 vmexit_ipi
> -             vmexit_ple_round_robin vmexit_tscdeadline vmexit_tscdeadline_immed"
> +      - TESTS="access asyncpf debug emulator ept hypercall hyperv_stimer
> +               hyperv_synic idt_test intel_iommu ioapic ioapic-split
> +               kvmclock_test msr pcid rdpru realmode rmap_chain s3 umip"
> +      - ACCEL="kvm"
>
>      - addons:
>          apt_packages: gcc qemu-system-x86
>        env:
>        - CONFIG=""
>        - BUILD_DIR="x86-builddir"
> -      - TESTS="ioapic-split ioapic smptest smptest3 eventinj msr port80 syscall
> -             tsc rmap_chain umip intel_iommu vmexit_inl_pmtimer vmexit_ipi_halt"
> +      - TESTS="smptest smptest3 tsc tsc_adjust xsave vmexit_cpuid vmexit_vmcall
> +               sieve vmexit_inl_pmtimer vmexit_ipi_halt vmexit_mov_from_cr8
> +               vmexit_mov_to_cr8 vmexit_ple_round_robin vmexit_tscdeadline
> +               vmexit_tscdeadline_immed  vmx_apic_passthrough_thread syscall"
> +      - ACCEL="kvm"
>
>      - addons:
>          apt_packages: gcc-arm-linux-gnueabihf qemu-system-arm
> @@ -85,6 +90,9 @@ matrix:
>        - ACCEL="tcg,firmware=s390x/run"
>
>  before_script:
> +  - if [ "$ACCEL" = "kvm" ]; then
> +      sudo chmod u+s /usr/bin/qemu-system-* ;
> +    fi
>    - mkdir -p $BUILD_DIR && cd $BUILD_DIR
>    - if [ -e ./configure ]; then ./configure $CONFIG ; fi
>    - if [ -e ../configure ]; then ../configure $CONFIG ; fi


--
Alex Bennée
Thomas Huth Nov. 13, 2019, 4:07 p.m. UTC | #2
On 13/11/2019 14.49, Alex Bennée wrote:
> 
> Thomas Huth <thuth@redhat.com> writes:
> 
>> Travis nowadays supports KVM in their CI pipelines, so we can finally
>> run the kvm-unit-tests with KVM instead of TCG here. Unfortunately, there
>> are some quirks: First, the QEMU binary has to be running as root, otherwise
>> you get an "permission denied" error here - even if you fix up the access
>> permissions to /dev/kvm first.
> 
> Could it be another resource it's trying to access?

I did some more tests with strace and some "ls -l /dev/kvm" spread
around the scripts, and it seems like the permissions get reset on
Debian when a process tries to open /dev/kvm ? I.e. after doing a
"chmod", I correctly see:

crw-rw-rw- 1 root kvm 10, 232 Nov 13 15:03 /dev/kvm

... but after the run script tried to launch qemu, it's back to:

crw-rw---- 1 root kvm 10, 232 Nov 13 15:03 /dev/kvm

I assume some udev magic is enforcing this?

So it's as Paolo said in his mail, you need to be root or in the kvm
group to be able to use KVM on Debian / Ubuntu. Unfortunately a simple
"usermod -a -G kvm $USER" also does not seem to work here, since you
need a new login shell to take the change into account ... well, I could
then run the run_test.sh script through "sudo -E su $USER -c ..." [1]
but that's ugly too.

But instead of doing "chmod u+s ...", this seems to be working, too:

  sudo chgrp kvm /usr/bin/qemu-system-*
  sudo chmod g+s /usr/bin/qemu-system-*

... which sounds like the least ugliest hack to me currently, so I think
I'll go with that version.

 Thomas


[1] That's also what Travis suggests here:
    https://docs.travis-ci.com/user/reference/trusty/#group-membership

Patch
diff mbox series

diff --git a/.travis.yml b/.travis.yml
index 3f5b5ee..f91118c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,4 +1,4 @@ 
-sudo: false
+sudo: true
 dist: bionic
 language: c
 cache: ccache
@@ -13,16 +13,21 @@  matrix:
       env:
       - CONFIG=""
       - BUILD_DIR="."
-      - TESTS="vmexit_cpuid vmexit_mov_from_cr8 vmexit_mov_to_cr8 vmexit_ipi
-             vmexit_ple_round_robin vmexit_tscdeadline vmexit_tscdeadline_immed"
+      - TESTS="access asyncpf debug emulator ept hypercall hyperv_stimer
+               hyperv_synic idt_test intel_iommu ioapic ioapic-split
+               kvmclock_test msr pcid rdpru realmode rmap_chain s3 umip"
+      - ACCEL="kvm"
 
     - addons:
         apt_packages: gcc qemu-system-x86
       env:
       - CONFIG=""
       - BUILD_DIR="x86-builddir"
-      - TESTS="ioapic-split ioapic smptest smptest3 eventinj msr port80 syscall
-             tsc rmap_chain umip intel_iommu vmexit_inl_pmtimer vmexit_ipi_halt"
+      - TESTS="smptest smptest3 tsc tsc_adjust xsave vmexit_cpuid vmexit_vmcall
+               sieve vmexit_inl_pmtimer vmexit_ipi_halt vmexit_mov_from_cr8
+               vmexit_mov_to_cr8 vmexit_ple_round_robin vmexit_tscdeadline
+               vmexit_tscdeadline_immed  vmx_apic_passthrough_thread syscall"
+      - ACCEL="kvm"
 
     - addons:
         apt_packages: gcc-arm-linux-gnueabihf qemu-system-arm
@@ -85,6 +90,9 @@  matrix:
       - ACCEL="tcg,firmware=s390x/run"
 
 before_script:
+  - if [ "$ACCEL" = "kvm" ]; then
+      sudo chmod u+s /usr/bin/qemu-system-* ;
+    fi
   - mkdir -p $BUILD_DIR && cd $BUILD_DIR
   - if [ -e ./configure ]; then ./configure $CONFIG ; fi
   - if [ -e ../configure ]; then ../configure $CONFIG ; fi