#StackBounty: #pi-3 #qemu #virtualization Unable to boot two latest releases of Raspberry Pi OS

Bounty: 50

I’m trying to emulate Raspberry Pi 3 B in QEMU and I was able to successfully boot the oldest OS release from here:
https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2020-08-24/2020-08-20-raspios-buster-arm64-lite.zip

I used the following sequence of commands (on MacOS host) to obtain the kernel and dtb files:

wget "${URL}"
FILENAME=$(basename $URL)
NAME=$(basename $URL .zip)
unzip $FILENAME
rm -f $FILENAME

hdiutil mount "${NAME}.img" -mountpoint "/Volumes/${NAME}"
mkdir $NAME

# Copy kernel files
cp -r /Volumes/$NAME/kernel*.img ./$NAME/
# Copy dtb files
cp -r /Volumes/$NAME/*.dtb ./$NAME/
hdiutil unmount "/Volumes/${NAME}"

qemu-img convert -f raw -O qcow2 "${NAME}.img" "${NAME}.qcow"

# resize the image so it can be used as SD card
qemu-img resize -f qcow2 "${NAME}.qcow" 2G

and then the following command to launch the VM in QEMU:

NAME="2020-08-20-raspios-buster-arm64-lite"

qemu-system-aarch64 
    -M raspi3 
    -append "rw earlyprintk loglevel=8 console=ttyAMA0,115200 dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootdelay=1" 
    -dtb ./$NAME/bcm2710-rpi-3-b.dtb 
    -drive id=card0,if=none,format=qcow2,index=0,file=./$NAME.qcow 
    -device sd-card,drive=card0 
    -kernel ./$NAME/kernel8.img 
    -m 1G 
    -smp 4 
    -serial stdio 
    -usb 
    -device usb-mouse 
    -device usb-kbd

This works with the above release, but not the two later releases downloadable from here:

Instead of successful boot I get just a black QEMU window and no output in the terminal.

Is there any way I can debug this to understand the differences between these OS releases and why the two don’t work?


Get this bounty!!!

#StackBounty: #20.04 #nvidia #virtualization #cuda #gpu How does one make a GPU in a brand new ubuntu 20.04 VM usable?

Bounty: 50

I’ve been trying all day to have this (v100) GPU working on a new ubuntu VM. I tried installing the drivers and rebooting and also purging/uninstalling everything to do with nvidia but none of these things seem to work.

In particular I ran this specifically:

apt update;
apt install build-essential;

sudo add-apt-repository ppa:graphics-drivers
sudo apt install ubuntu-drivers-common
ubuntu-drivers devices
sudo apt-get install nvidia-driver-460
sudo reboot now

Then sometimes it seems that nvidia-smi is working (as of the writing of this question it wasn’t so I wasn’t able to copy paste what is said when it works) but when it doesn’t work it says this:

(synthesis) miranda9@miranda9:~$ nvidia-smi
Unable to determine the device handle for GPU 0000:00:06.0: Unknown Error

any help is appreciated.

Note I also do not have access to the VMs vmx file so this question and answers are useless/meaningless to me: https://forums.developer.nvidia.com/t/nvidia-smi-reports-unable-to-determine-the-device-handle-for-gpu/46835

In addition I have tried to uninstall everything from nivida and re-install it with:

sudo apt-get --purge remove "*nvidia*"
sudo /usr/bin/nvidia-uninstall

then

apt update;
apt install build-essential;

sudo add-apt-repository ppa:graphics-drivers
sudo apt install ubuntu-drivers-common
ubuntu-drivers devices
sudo apt-get install nvidia-driver-460
sudo reboot now

but that doesnt seem to work


More info in case it helps:

(synthesis) miranda9@miranda9:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.2 LTS
Release:        20.04
Codename:       focal

also:

(synthesis) miranda9@miranda9:~$ python
Python 3.9.5 (default, Jun  4 2021, 12:28:51) 
[GCC 7.5.0] :: Anaconda, Inc. on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import torch
>>> torch.cuda.is_available()
/home/miranda9/miniconda3/envs/synthesis/lib/python3.9/site-packages/torch/cuda/__init__.py:52: UserWarning: CUDA initialization: Unexpected error from cudaGetDeviceCount(). Did you run some cuda functions before calling NumCudaDevices() that might have already set an error? Error 101: invalid device ordinal (Triggered internally at  /opt/conda/conda-bld/pytorch_1623448238472/work/c10/cuda/CUDAFunctions.cpp:115.)
  return torch._C._cuda_getDeviceCount() > 0
False

As requested by comment:

# lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] (rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
00:02.0 VGA compatible controller: Cirrus Logic GD 5446
00:03.0 SCSI storage controller: XenSource, Inc. Xen Platform Device (rev 01)
00:05.0 System peripheral: XenSource, Inc. Citrix XenServer PCI Device for Windows Update (rev 01)
00:06.0 3D controller: NVIDIA Corporation GV100GL [Tesla V100 PCIe 16GB] (rev a1)

another vm:

$ lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] (rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
00:02.0 VGA compatible controller: Cirrus Logic GD 5446
00:03.0 SCSI storage controller: XenSource, Inc. Xen Platform Device (rev 01)
00:05.0 System peripheral: XenSource, Inc. Citrix XenServer PCI Device for Windows Update (rev 01)
00:06.0 3D controller: NVIDIA Corporation GV100GL [Tesla V100 PCIe 16GB] (rev a1)

Resources I’ve search for help:


Get this bounty!!!

#StackBounty: #18.04 #kernel #virtualization #xen How to stop loading Xen 4.9-amd64 on boot

Bounty: 50

I installed xen on ubuntu following this question. Now, when I boot ubuntu 18.04, it takes ages and it says in the beginning:

Loading Xen 4.9-amd64 ...
WARNING: no console will be available to OS
Loading Linux 4.15.0-144-generic ...
Loading initial ramdisk ...

How can I stop Xen from loading and delete it altogether. In short how do I get back my old OS or What did Xen destroy in my system settings?

When I installed Xen also messed with /etc/network/interfaces, which now looks like this:

# interfaces(5) file used by ifup(8) and ifdown(8)
# The loopback network interface
auto lo eth0
iface lo inet loopback

# The primary network interface
iface eth0 inet dhcp

Maybe that could be the cause?


Get this bounty!!!

#StackBounty: #graphics #virtualization #kvm #opengl #virt-manager How to use OpenGL/3D acceleration in virt-manager with ubuntu?

Bounty: 100

Currently on Ubuntu 20.04 both as host and guest, I followed http://ryan.himmelwright.net/post/virtio-3d-vms/ and activated 3D acceleration on video, and OpenGL on dsplay, but on VM launch I get

SPICE GL support is local only for now and incompatible with -spice port/tls-port

How can I make it work?

UPDATE:

I disabled Listen Type to None

like thisenter image description here

but I get a very glitchy image:

enter image description here


Get this bounty!!!

#StackBounty: #linux #windows #virtualization #qemu QEMU and SPICE on Win 10 host

Bounty: 50

I am trying to run a Linux kernel based VM image (1) using QEMU on Windows 10 host. I have installed QEMU from https://qemu.weilnetz.de/w64/qemu-w64-setup-20190815.exe and SPICE client from https://virt-manager.org/download/sources/virt-viewer/virt-viewer-x64-8.0.msi .

I noticed that

qemu-system-x86_64 -vga help

does not list qxl as one of the available options.

Also,

qemu-system-x86_64 -chardev help

does not list spicevmc either.

Therefore, I assume I am either missing some drivers and libraries, or they exist, but somehow qemu binary on Windows is not aware of them.

Can anyone enlighten me how to run the VM using SPICE and have the QXL driver available? I might be missing something obvious, since I haven’t been using MS products for anything serious until I was recently forced to.

(1) The image is based on https://ftp.gnu.org/gnu/guix/guix-system-vm-image-1.0.1.x86_64-linux.xz .


Get this bounty!!!

#StackBounty: #windows-10 #networking #virtualization #hyper-v HyperV fails to run VMs that are connected to a virtual switch, but work…

Bounty: 50

I am running Windows 10 20H2 on a HP EliteBook G4.

I have the following problem:

I cannot run VMs attached to a virtual switch.

  • All VMs run successfully when not using a Virtual Switch ("not connected" under network adapter)
  • When I assign a virtual switch (any type, any kind) to a VM, it hangs in starting at 10% and eventually fails with a timeout error. I tried both an empty VM not containing an OS (this should at least show the UEFI screen) and a VM containing an installation of Ubuntu 20.04 LTS.

I expect that I can run VMs connected to virtual switches.

What have I tried?

  • Disable Antivirus
  • Network reset in Windows 10 (multiple times, e.g. netcfg -d)
  • Uninstall Hyper-V, delete any superfluous networking interfaces and reinstall it
  • Upgrade Windows 10 (it was at 1903 before that)
  • Update ethernet driver with that from HP
  • Delete ethernet driver and use the default
  • Upgrade BIOS
  • file system and system files checks

In total I already spent about 20h also involving people from IT on this problem researching and trying various commands, following various websites. It is a problem I have not found so far (or still missed?). I hope to find someone that had the exact same problem and can remember the solution.

What errors do I get?

I think these are the relevant ones:

  • Hyper-V-Worker
    • Event ID 12006 with following message
      • ‘Ubuntu20.04.1LTS’ Synthetic Ethernet Port: Failed to finish reserving resources with Error ‘This operation returned because the timeout period expired.’ (0x800705B4). (Virtual machine ID XXXX-XXX-…)
    • Event ID 12030 with following message
      • ‘Ubuntu20.04.1LTS’ failed to start. (Virtual machine ID XXXX-XXX-…)
    • Event ID 12010 with following message for a "Generation 1" VM with a legacy network adapter
      • ‘Emptyv1_net’ Emulated Ethernet Port (Instance ID XXXX-XXX-…): Failed to Power on with Error ‘Access is denied.’ (0x80070005). (Virtual machine ID XXXX-XXX-…)
  • Hyper-V-SynthNic
    • Event ID 12670 with following messages
      • ‘Ubuntu20.04.1LTS’ failed to allocate resources while connecting to a virtual network: This operation returned because the timeout period expired. (0x800705B4) (Virtual Machine ID XXXX-XXX-…). The Ethernet switch may not exist.
      • ‘Ubuntu20.04.1LTS’ failed to allocate resources while connecting to a virtual network: Access is denied. (0x80070005) (Virtual Machine ID XXXX-XXX-…). The Ethernet switch may not exist.


Get this bounty!!!

#StackBounty: #suspend #virtualization #20.10 #virt-manager Ubuntu 20.10 VM restarts sometimes after wake from sleep

Bounty: 50

I’m runing ubuntu 20.04 on the host and Ubuntu 20.10 on two VMs. I always let them open and running. Sometimes, after waking the laptop from sleep, one of them has the screen locked (they both are configured to never lock screen/sleep). Then I put the password and unlock it, the screen gets black and I have to force reset the VM for it to work again.

It’s annoying because I then have to reopen everything I was working on.

What can I do to solve this problem? It’s not always that it happens and not on both VMs at the same time.

I use virt-manager for the virtualization


Get this bounty!!!

#StackBounty: #virtualization #confidentiality Can Google access data in their Confidential Computing VMs?

Bounty: 50

A cloud operator such as Google can take a snapshot of a normal VM. This includes CPU state, RAM and disk. This can then be copied to another physical and resumed there. Or it can be analyzed off-line, and any cryptokeys in memory or in the CPU state can be extracted.

This means that if you do not trust your cloud VM provider (maybe your cloud VM provider is owned by your worst competitor), you should not process confidential data on those VMs.

https://cloud.google.com/confidential-computing seems to use AMD’s Secure Encrypted Virtualization which includes hardware RAM encryption: https://developer.amd.com/sev/

If the RAM is encrypted, it will make it harder to use attacks like https://rambleed.com/

But will it also protect against Google?

It seems the RAM is encrypted with a key, that lives in the CPU. But is this key included when Google takes a snapshot of the CPU state of the VM?

In theory I could see it work like this: The CPU has a small web server with a TLS certificate signed by AMD. I access the web server, verify AMD’s certificate, and now I have a secure connection to the CPU that Google cannot access.

Then I give the CPU a secret key to encrypt RAM with. Then I give it a disk image encrypted with the same key. Then I boot the VM.

If the secret key physically cannot leave the CPU, then it should be impossible for Google to access my data: The RAM is encrypted, data to the disk and to the network is encrypted. So I do not need to trust neither the RAM, the storage, nor the network. It will, however, also mean Google cannot snapshot my VM and restore it on another CPU.

This would also mean that this answer is outdated: https://security.stackexchange.com/a/215927/84564

Currently I see no way to do something similar to
verifing the AMD certificate in Google’s current solution. And thus I see no way to securely set a key that Google does not have access to.

Can Google take a snapshot of a running confidential computing VM and restore it?

Using AMD’s SEV can CIA safely process their most secret data on North Korea’s Confidential cloud (assuming they have that) without North Korea being able to access the data – assuming that AMD is trustworthy, but all other hardware apart from the CPU is made in North Korea?


Get this bounty!!!

#StackBounty: #windows #virtualization #snapshot #windows-server-2019 #smb-conf Network share with multiple users and snapshots

Bounty: 50

I want to make a network share with read/write and it will be accessed by multiple computers.

Every time a new computer connects to it, they should find it in an initial state.

Every change made on the files after should be stored separately as snapshots for each User accessing it.

For example: 
Initial state - A 
Computer 1 - State B
Computer 2 - State C
Computer 3 - State D  etc  
If Computer 1 for example deleted some files or made bad changes, I will reset the share to state A so everything is functional again. 
Computer 2 and Computer 3 will still have access to the network share in state C and D.

Is there any way to do it?


Get this bounty!!!