The Chromium Projects

Search this site

Except as otherwise noted, the content of this page is licensed under a Creative Commons Attribution 2.5 license, and examples are licensed under the BSD License.

Running virtual machines on your chromebook

Contents

  1. 1 Introduction
  2. 2 Building ChromiumOS w/KVM
  3. 3 Board Specific Notes
  4. 4 Enabling VMX Support
  5. 5 Checking VMX Support on Unofficial Hardware
    1. 5.1 CPU Support
    2. 5.2 BIOS Settings
      1. 5.2.1 Using kvm-ok Helper

Introduction

The Chromebooks with Intel processors are fast. I've replaced my Macbook Air with a Chromebook, and run the standard ChromeOS software on VT01, and virtual machines on VT02. I have booted both Windows and different versions of Linux and the 9front version of Plan 9.

I currently use a custom build of Qemu. It's a bit hard to get Qemu built in the ChromeOS build system at present, so I've got a directory containing Qemu, its libraries and BIOS files, and scripts to chroot to that directory and run Qemu. Access to devices, where needed, is provided via bind-mounts. The setup sounds a bit kludgy but works well for me; nevertheless, we welcome improvements. What we'd most prefer is to get this patch series into chromeos, so we have qemu as part of a "real" build.

https://gerrit.chromium.org/gerrit/#/c/15445/

FWIW, this particular instance of qemu was built on arch Linux, lost, sadly, when my Air was stolen.

Building ChromiumOS w/KVM

To start, you're going to need an image that has the KVM modules. You should update your sources, then build an image with (at minimum) the USE=kvm option, viz:

USE=kvm ./build_image --board=lumpy --noenable_rootfs_verification --boot_args 'disablevmx=off lsm.module_locking=0'

Googlers: I have USB sticks that you can use for this install. Come see me if you want one. Sorry, can't hand these out yet :-(

Install this image in your favorite manner, either via update engine or usb stick. Boot the stick as usual.

Board Specific Notes

Be aware that on earlier ChromeOS devices, the firmware contained bugs such that they locked VMX support during power on.  It's known to affect:

For devices marked with a *, you might be able to restore support by hacking the firmware.  Please see the respective device pages for more details.

Enabling VMX Support

For ChromeOS systems, the (read-only) firmware will clear the VMX enable bits, but not lock the settings.  This way the kernel itself can take care of disabling things at boot time.  If the user doesn't want that, they can modify the kernel command line rather than having to resort to modifying the firmware.  This keeps things fast.

The magic kernel command line option is disablevmx.  So you want to add disablevmx=off to the kernel command line.

Log in as root.
  mount -o remount /
  /usr/share/kernel/use_kvm.sh

to test:
  modprobe kvm_intel

This will almost certainly get an error. There are a few more steps to make sure virtual machines can be used. 
  /usr/share/vboot/bin/make_dev_ssd.sh --save_config /tmp/x

Edit this config and add the line
  disablevmx=off lsm.module_locking=0

to the command line. Then
   /usr/share/vboot/bin/make_dev_ssd.sh --set_config /tmp/x

Then comes the interesting part. On the laptops, you have to hard-disconnect the battery. On samsung, you do this by putting a paperclip into the hole on the underside of the trackpad. 

Once that's done, you're going to need to pull down two files:

https://docs.google.com/open?id=0By47TDljmWaSWEttVGNBbVUwMEU, which is the qemu and other bits.

cd to /usr/local; mkdir kvm; cd there and untar this file into it. This creates a directory called qroot. 

Next, you need a virtual machine image; I've set an example up at https://docs.google.com/open?id=0By47TDljmWaSX2N6VlpkS21Pd3c. Uncompress this in /usr/local/kvm (NOT the qroot directory; the one above it).

Now cd /usr/local/kvm/qroot, and

sh Linux

and it might just work. Please let rminnich@chromium.org know about bugs.

Checking VMX Support on Unofficial Hardware

If you are trying to run ChromiumOS on your own hardware (i.e. not a Chromebook/Chromebox), you should make sure your system is properly configured first.

CPU Support

Make sure your CPU has support for the Intel VMX extensions.  Simply look at /proc/cpuinfo to see if it has the vmx flag:

$ grep '^flags\s*:.* vmx ' /proc/cpuinfo
flags           : ... vmx smx ...

If you don't, then sorry, but your CPU doesn't support VMX extensions.

BIOS Settings

Most BIOSs today have an option to enable/disable VMX support at boot, and then lock any further modifications.  They often times default to disabling the VMX extensions.

You can check at runtime by using the rdmsr command from the iotools package:

$ sudo modprobe msr
$ sudo iotools rdmsr 0 0x3a
0x0000000000000001

You only care about the lower 3 bits.  An explanation of the first few bits:

 Bit  Meaning
 0  Settings are locked
 1  VMX Extensions
 2  SMX Extensions 

Thus, if the last digit in the output is "1" (or much less unlikely, "8"), your BIOS has disabled VMX support and locked further modification.  You will need to reboot into your BIOS, find the option, and enable it.  Look for the word "virtualization".

Using kvm-ok Helper

The latest versions of QEMU/KVM include a tool called kvm-ok which is designed to perform various sanity checks on the system and see if things will work.  Simply install it (note: it's often included in the "kvm" package in your distro) and run it:

$ kvm-ok
Comments