The workarounds involve enabling nested virtualization so that Hyper-V is running in your HVM qube and can create its own VMs.
I haven’t tried this with Windows/Docker, but a quick way to enable nested virtualization:
-
create a file (as root) in dom0:
/etc/qubes/templates/libvirt/xen/by-name/[name of your windows hvm qube].xml -
Override the default CPU feature flags so that it passes your CPUs virtualization support to the guest (default is to explicitly disable):
{% extends 'libvirt/xen.xml' %} {% block cpu %} <cpu mode='host-passthrough'> <feature name='svm' policy='optional' /> <feature name='vmx' policy='optional' /> </cpu> {% endblock %}
Doing this on a Fedora 32 HVM spit out stuff about nested virtualization by kvm in dmesg, so that at least enables it. How functional it is, I haven’t tried or had a need to. Feel free to report results.
This has been discussed at https://github.com/QubesOS/qubes-issues/issues/4104 but according to that thread there were some crashes or lack of Xen support for it - perhaps that’s improved now (on R4.0, Xen 4.8.5-27, Fedora 32, 5.8.16 kernel).
I believe WSL 2 still uses virtualization at its core. It may not be the whole suite of Hyper-V functionality, but I presume somewhere along the line there are some VMX/SVM instructions being used. Whereas pre-WSL2 one would explicitly need Hyper-V, my speculation is WSL 2 uses the essential core of Hyper-V that performs VM management. In any event, please report if you have any success!