[pve-devel] [PATCH-SERIES qemu-server/manager 0/7] VM CPU flags: introduce vendor-agnostic 'nested-virt' CPU flag

[Fiona Ebner]

Am 06.11.25 um 6:14 PM schrieb Daniel Kral:
> - setting e.g. `-vmx` in a custom model and `+nested-virt` in the VM's
>   cpu flags will result in:
> 
>     CPU flag 'nested-virt' resolved to 'vmx'
>     warning: CPU flag/setting '+vmx' (manually set for VM) overwrites
>     '-vmx' (set by custom CPU model)
> 
> - but setting `-vmx` in the custom model and `-nested-virt` in the VM's
>   cpu flags will result in only:
> 
>     CPU flag 'nested-virt' resolved to 'vmx'
> 
> The same happens vice versa with `+vmx` in the custom model and
> `{+,-}nested-virt` in the VM's cpu flags.

Well yes, this is part of the existing logic. Such a warning will only
get logged if settings on different configuration levels are
incompatible with each other.

Note that the warning I added in the series is different and triggers
only when both nested-virt and smv/vmx are defined on the same level of
configuration.

> From what I can figure this should also work with live migration,
> because resolve_cpu_flags will be called at vm_start, right?

My series does not change anything there. Between compatible models, it
will work. Between incompatible models, for example one with the flag,
one without or between different vendors, will not.

But there is no early error and that is bad. We only pass along the
running CPU during migration when a custom model is used, but not
otherwise. I'll make sure to also pass it along if the nested-virt flag
is used in v2! And I'll mention the caveat in the description to make
sure people won't think this will magically make live migration between
different vendors with nesting work or something.