Yesterday, the right honorable James Page asked whether nested kvm was supported. It’s been long supported on AMD, but for a long time the answer has been “check back later” for Intel. I hadn’t checked in a while though, so I took a quick look. And lo! It appears to have been introduced in the upstream kernel in May 2011. It is turned off by default. To turn it on, you must provide the ‘nested=1’ parameter when loading the kvm_intel module.
I did a few tests with that parameter, and saw no instability nor performance degradation. So as of today, qemu-kvm in precise will by default enable nesting on Intel. If you want to turn it off, edit /etc/default/qemu-kvm and set KVM_NESTED=””.
The userspace qemu-kvm doesn’t need any changes to use this, however you do have to pass either ‘-cpu host’ or ‘-cpu qemu64,+vmx’ to the qemu command line options. So, for instance, I was testing with:
kvm -cpu host -drive file=x.img,if=virtio,cache=none,index=0 -m 1024 -redir tcp:2222::22
In that VM I started a nested minimal ubuntu install and compiled a tiny program, ii. With nested kvm that took 0.8s. With it (that is, without passing ‘-cpu host’ to the top level qemu), it took 2.8 seconds.