From patchwork Thu Mar 21 19:35:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 10864229 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0F9941669 for ; Thu, 21 Mar 2019 19:37:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E83012A2C4 for ; Thu, 21 Mar 2019 19:37:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DC6B82A3FE; Thu, 21 Mar 2019 19:37:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 73BEC2A2C4 for ; Thu, 21 Mar 2019 19:37:37 +0000 (UTC) Received: from localhost ([127.0.0.1]:45741 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73VQ-0004Jw-KX for patchwork-qemu-devel@patchwork.kernel.org; Thu, 21 Mar 2019 15:37:36 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58698) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73U4-0002zj-Sp for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73U3-0006Zr-Vy for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:12 -0400 Received: from mx1.redhat.com ([209.132.183.28]:47646) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73U3-0006YE-Js for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:11 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D6CFA7E42E; Thu, 21 Mar 2019 19:36:10 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6710D5D9D6; Thu, 21 Mar 2019 19:36:10 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:56 -0300 Message-Id: <20190321193600.15935-2-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 21 Mar 2019 19:36:10 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 1/5] i386: kvm: Disable arch_capabilities if MSR can't be set X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP KVM has two bugs in the handling of MSR_IA32_ARCH_CAPABILITIES: 1) Linux commit commit 1eaafe91a0df ("kvm: x86: IA32_ARCH_CAPABILITIES is always supported") makes GET_SUPPORTED_CPUID return arch_capabilities even if running on SVM. This makes "-cpu host,migratable=off" incorrectly expose arch_capabilities on CPUID on AMD hosts (where the MSR is not emulated by KVM). 2) KVM_GET_MSR_INDEX_LIST does not return MSR_IA32_ARCH_CAPABILITIES if the MSR is not supported by the host CPU. This makes QEMU not initialize the MSR properly at kvm_put_msrs() on those hosts. Work around both bugs on the QEMU side, by checking if the MSR was returned by KVM_GET_MSR_INDEX_LIST before returning the feature flag on kvm_arch_get_supported_cpuid(). This has the unfortunate side effect of making arch_capabilities unavailable on hosts without hardware support for the MSR until bug #2 is fixed on KVM, but I can't see another way to work around bug #1 without that side effect. Signed-off-by: Eduardo Habkost Message-Id: <20190125220606.4864-2-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost --- target/i386/kvm.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/target/i386/kvm.c b/target/i386/kvm.c index beae1b99da..3b29ce5c0d 100644 --- a/target/i386/kvm.c +++ b/target/i386/kvm.c @@ -389,6 +389,15 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function, if (host_tsx_blacklisted()) { ret &= ~(CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_HLE); } + } else if (function == 7 && index == 0 && reg == R_EDX) { + /* + * Linux v4.17-v4.20 incorrectly return ARCH_CAPABILITIES on SVM hosts. + * We can detect the bug by checking if MSR_IA32_ARCH_CAPABILITIES is + * returned by KVM_GET_MSR_INDEX_LIST. + */ + if (!has_msr_arch_capabs) { + ret &= ~CPUID_7_0_EDX_ARCH_CAPABILITIES; + } } else if (function == 0x80000001 && reg == R_ECX) { /* * It's safe to enable TOPOEXT even if it's not returned by From patchwork Thu Mar 21 19:35:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 10864237 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 848BE17E0 for ; Thu, 21 Mar 2019 19:40:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6985C2A408 for ; Thu, 21 Mar 2019 19:40:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5D4BB2A40B; Thu, 21 Mar 2019 19:40:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 090682A408 for ; Thu, 21 Mar 2019 19:40:42 +0000 (UTC) Received: from localhost ([127.0.0.1]:45803 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73YP-0007KD-A0 for patchwork-qemu-devel@patchwork.kernel.org; Thu, 21 Mar 2019 15:40:41 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58767) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UE-00034u-G1 for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UD-0006sf-LI for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:36069) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UD-0006qQ-9s for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:21 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8CA7C30FE5D1; Thu, 21 Mar 2019 19:36:20 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1A64E1001DC1; Thu, 21 Mar 2019 19:36:19 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:57 -0300 Message-Id: <20190321193600.15935-3-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Thu, 21 Mar 2019 19:36:20 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 2/5] i386: Make arch_capabilities migratable X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Now that kvm_arch_get_supported_cpuid() will only return arch_capabilities if QEMU is able to initialize the MSR properly, we know that the feature is safely migratable. Signed-off-by: Eduardo Habkost Message-Id: <20190125220606.4864-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost --- target/i386/cpu.c | 1 - 1 file changed, 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index d90c01a059..9d3a20eac4 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1089,7 +1089,6 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { .reg = R_EDX, }, .tcg_features = TCG_7_0_EDX_FEATURES, - .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES, }, [FEAT_8000_0007_EDX] = { .type = CPUID_FEATURE_WORD, From patchwork Thu Mar 21 19:35:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 10864241 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F32B91669 for ; Thu, 21 Mar 2019 19:41:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D6BE72A408 for ; Thu, 21 Mar 2019 19:41:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C9D362A415; Thu, 21 Mar 2019 19:41:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id D487F2A408 for ; Thu, 21 Mar 2019 19:41:02 +0000 (UTC) Received: from localhost ([127.0.0.1]:45809 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73Yk-0007d2-5u for patchwork-qemu-devel@patchwork.kernel.org; Thu, 21 Mar 2019 15:41:02 -0400 Received: from eggs.gnu.org ([209.51.188.92]:58914) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UM-0003C4-IJ for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UL-00077v-8l for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:30 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41746) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UK-000760-TZ for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:29 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 281C720265; Thu, 21 Mar 2019 19:36:28 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9E6885D6A9; Thu, 21 Mar 2019 19:36:27 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:58 -0300 Message-Id: <20190321193600.15935-4-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 21 Mar 2019 19:36:28 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 3/5] i386: Disable OSPKE on CPU model definitions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Tao Xu , Robert Hoo , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Currently, the Cascadelake-Server, Icelake-Client, and Icelake-Server are always generating the following warning: qemu-system-x86_64: warning: \ host doesn't support requested feature: CPUID.07H:ECX [bit 4] This happens because OSPKE was never returned by GET_SUPPORTED_CPUID or x86_cpu_get_supported_feature_word(). OSPKE is a runtime flag automatically set by the KVM module or by TCG code, was always cleared by x86_cpu_filter_features(), and was not supposed to appear on the CPU model table. Remove the OSPKE flag from the CPU model table entries, to avoid the bogus warning and avoid returning invalid feature data on query-cpu-* QMP commands. As OSPKE was always cleared by x86_cpu_filter_features(), this won't have any guest-visible impact. Include a test case that should detect the problem if we introduce a similar bug again. Fixes: c7a88b52f62b ("i386: Add new model of Cascadelake-Server") Fixes: 8a11c62da914 ("i386: Add new CPU model Icelake-{Server,Client}") Cc: Tao Xu Cc: Robert Hoo Signed-off-by: Eduardo Habkost Message-Id: <20190319200515.14999-1-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost --- target/i386/cpu.c | 6 +++--- tests/acceptance/cpu_queries.py | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 tests/acceptance/cpu_queries.py diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 9d3a20eac4..d6bb57d210 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -2532,7 +2532,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_AVX512BW | CPUID_7_0_EBX_AVX512CD | CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT, .features[FEAT_7_0_ECX] = - CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_OSPKE | + CPUID_7_0_ECX_PKU | CPUID_7_0_ECX_AVX512VNNI, .features[FEAT_7_0_EDX] = CPUID_7_0_EDX_SPEC_CTRL | CPUID_7_0_EDX_SPEC_CTRL_SSBD, @@ -2585,7 +2585,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_SMAP, .features[FEAT_7_0_ECX] = CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | - CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | + CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ | CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG | CPUID_7_0_ECX_AVX512_VPOPCNTDQ, @@ -2643,7 +2643,7 @@ static X86CPUDefinition builtin_x86_defs[] = { CPUID_7_0_EBX_AVX512VL | CPUID_7_0_EBX_CLFLUSHOPT, .features[FEAT_7_0_ECX] = CPUID_7_0_ECX_VBMI | CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_PKU | - CPUID_7_0_ECX_OSPKE | CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | + CPUID_7_0_ECX_VBMI2 | CPUID_7_0_ECX_GFNI | CPUID_7_0_ECX_VAES | CPUID_7_0_ECX_VPCLMULQDQ | CPUID_7_0_ECX_AVX512VNNI | CPUID_7_0_ECX_AVX512BITALG | CPUID_7_0_ECX_AVX512_VPOPCNTDQ | CPUID_7_0_ECX_LA57, diff --git a/tests/acceptance/cpu_queries.py b/tests/acceptance/cpu_queries.py new file mode 100644 index 0000000000..e71edec39f --- /dev/null +++ b/tests/acceptance/cpu_queries.py @@ -0,0 +1,33 @@ +# Sanity check of query-cpu-* results +# +# Copyright (c) 2019 Red Hat, Inc. +# +# Author: +# Eduardo Habkost +# +# This work is licensed under the terms of the GNU GPL, version 2 or +# later. See the COPYING file in the top-level directory. + +import logging + +from avocado_qemu import Test + +class QueryCPUModelExpansion(Test): + """ + Run query-cpu-model-expansion for each CPU model, and validate results + """ + + def test(self): + self.vm.set_machine('none') + self.vm.add_args('-S') + self.vm.launch() + + cpus = self.vm.command('query-cpu-definitions') + for c in cpus: + print(repr(c)) + self.assertNotIn('', c['unavailable-features'], c['name']) + + for c in cpus: + model = {'name': c['name']} + e = self.vm.command('query-cpu-model-expansion', model=model, type='full') + self.assertEquals(e['model']['name'], c['name']) From patchwork Thu Mar 21 19:35:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 10864233 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D064714DE for ; Thu, 21 Mar 2019 19:38:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B4A8D2A3C4 for ; Thu, 21 Mar 2019 19:38:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A90D32A408; Thu, 21 Mar 2019 19:38:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5A2072A3C4 for ; Thu, 21 Mar 2019 19:38:10 +0000 (UTC) Received: from localhost ([127.0.0.1]:45747 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73Vx-0004pU-Lm for patchwork-qemu-devel@patchwork.kernel.org; Thu, 21 Mar 2019 15:38:09 -0400 Received: from eggs.gnu.org ([209.51.188.92]:59042) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73UT-0003HP-Bj for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73US-0007Gi-DG for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:37 -0400 Received: from mx1.redhat.com ([209.132.183.28]:47138) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73US-0007Fq-4z for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:36 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 66DCA308429D; Thu, 21 Mar 2019 19:36:35 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id E7B9C1001DC1; Thu, 21 Mar 2019 19:36:34 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:35:59 -0300 Message-Id: <20190321193600.15935-5-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Thu, 21 Mar 2019 19:36:35 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 4/5] docs: clarify that spec-ctrl is only needed for Spectre v2 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Daniel P. Berrangé The docs currently say that the spec-ctrl feature is needed for both Spectre variants, but it is only used to address Spectre v2. Also remove the note about retpolines. The guest OS is usually treated as a blackbox from host mgmt pov, so it won't have knowledge about use of retpolines and thus should unconditionally expose spec-ctrl, allowing the guest to decide whether to use it or not. Signed-off-by: Daniel P. Berrangé Message-Id: <20190307121838.6345-2-berrange@redhat.com> Signed-off-by: Eduardo Habkost --- docs/qemu-cpu-models.texi | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 1b72584161..0ce528806d 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -158,8 +158,7 @@ support this feature. @item @code{spec-ctrl} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in Intel CPU models with -IBRS suffix. @@ -249,8 +248,7 @@ included if using "Host passthrough" or "Host model". @item @code{ibpb} -Required to enable the Spectre (CVE-2017-5753 and CVE-2017-5715) fix, -in cases where retpolines are not sufficient. +Required to enable the Spectre v2 (CVE-2017-5715) fix. Included by default in AMD CPU models with -IBPB suffix. From patchwork Thu Mar 21 19:36:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eduardo Habkost X-Patchwork-Id: 10864245 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5605214DE for ; Thu, 21 Mar 2019 19:44:31 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2C42C2A236 for ; Thu, 21 Mar 2019 19:44:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 18C812A248; Thu, 21 Mar 2019 19:44:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 8B6C32A236 for ; Thu, 21 Mar 2019 19:44:30 +0000 (UTC) Received: from localhost ([127.0.0.1]:45861 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73c4-0001ep-NX for patchwork-qemu-devel@patchwork.kernel.org; Thu, 21 Mar 2019 15:44:28 -0400 Received: from eggs.gnu.org ([209.51.188.92]:59080) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h73Ua-0003KX-Nn for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h73UZ-0007M9-M6 for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:44 -0400 Received: from mx1.redhat.com ([209.132.183.28]:43960) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h73UZ-0007LM-Ay for qemu-devel@nongnu.org; Thu, 21 Mar 2019 15:36:43 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8D8F73082B43; Thu, 21 Mar 2019 19:36:42 +0000 (UTC) Received: from localhost (ovpn-116-26.gru2.redhat.com [10.97.116.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1F98360857; Thu, 21 Mar 2019 19:36:41 +0000 (UTC) From: Eduardo Habkost To: Peter Maydell , qemu-devel@nongnu.org Date: Thu, 21 Mar 2019 16:36:00 -0300 Message-Id: <20190321193600.15935-6-ehabkost@redhat.com> In-Reply-To: <20190321193600.15935-1-ehabkost@redhat.com> References: <20190321193600.15935-1-ehabkost@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 21 Mar 2019 19:36:42 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PULL 5/5] docs: add note about stibp CPU feature for spectre v2 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Eduardo Habkost , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP From: Daniel P. Berrangé While the stibp CPU feature is not commonly used by guest OS for spectre mitigation due to its performance impact, it is none the less best practice to expose it to all guest OS. This allows the guest OS to decide whether to make use or it. Signed-off-by: Daniel P. Berrangé Message-Id: <20190307121838.6345-3-berrange@redhat.com> Signed-off-by: Eduardo Habkost --- docs/qemu-cpu-models.texi | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/docs/qemu-cpu-models.texi b/docs/qemu-cpu-models.texi index 0ce528806d..23c11dc86f 100644 --- a/docs/qemu-cpu-models.texi +++ b/docs/qemu-cpu-models.texi @@ -168,6 +168,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all Intel CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{ssbd} Required to enable the CVE-2018-3639 fix @@ -258,6 +269,17 @@ Requires the host CPU microcode to support this feature before it can be used for guest CPUs. +@item @code{stibp} + +Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some +operating systems. + +Must be explicitly turned on for all AMD CPU models. + +Requires the host CPU microcode to support this feature before it +can be used for guest CPUs. + + @item @code{virt-ssbd} Required to enable the CVE-2018-3639 fix