Skip to content

unable to execute QEMU command - SGX VM using libvirtd

Hello All,

Linux version 5.14.9-custom QEMU emulator version 6.2.0 (v6.2.0)

I am able to start a testvm using following commandline,

sudo qemu-system-x86_64 -nographic -enable-kvm -cpu host,+sgx -object memory-backend-epc,id=mem1,size=8M,prealloc=on -object mem0.memdev

But when I try the same with libvirt, I am getting this,

error: internal error: unable to execute QEMU command 'qom-get': Property 'sgx-epc.unavailable-features' not found

testvm.xml content:

  <name>test</name>
  <uuid>3d5bba5b-0b5b-4b2b-a425-171fe9b31140</uuid>
  <memory unit='KiB'>4194304</memory>
  <currentMemory unit='KiB'>4194304</currentMemory>
  <vcpu placement='static'>1</vcpu>
  <os>
    <type arch='x86_64' machine='pc-i440fx-6.2'>hvm</type>
    <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
    <nvram>/var/lib/libvirt/qemu/nvram/testvm_VARS.fd</nvram>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <pae/>
  </features>
  <cpu mode='custom' match='exact' check='none'>
    <model fallback='forbid'>qemu64</model>
  </cpu>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/local/bin/qemu-system-x86_64</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2' cache='none' io='threads'/>
      <source file='/home/sas/testvm.qcow2'/>
      <target dev='vda' bus='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
    </disk>
    <controller type='ide' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
    </controller>
    <controller type='usb' index='0' model='piix3-uhci'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
    </controller>
    <controller type='pci' index='0' model='pci-root'/>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <memballoon model='virtio'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </memballoon>
  </devices>
  <qemu:commandline>
    <qemu:arg value='-cpu'/>
    <qemu:arg value='host,+sgx,+sgxlc'/>
    <qemu:arg value='-object'/>
    <qemu:arg value='memory-backend-epc,id=mem1,size=8M,prealloc=on'/>
    <qemu:arg value='-machine'/>
    <qemu:arg value='sgx-epc.0.memdev=mem1'/>
  </qemu:commandline>
</domain>

SGX virtualization document not updated for the latest qemu version. https://www.intel.com/content/www/us/en/developer/articles/technical/virtualizing-intel-software-guard-extensions-with-kvm-and-qemu.html

Edited by Daniel P. Berrangé
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information