Public bug reported:
I just tried (first time for a while) a very recent qemu on a power8
machine.
I ran into this:
qemu-system-ppc64le: Requested safe cache capability level not supported by
kvm, try cap-cfpc=broken
Now I wonder, do we "just" need a FW update for the scope of
spectre/meltdown&co.
Or does the qemu actually need extra pacthes to work well again with power8
machines?
Steps to reproduce:
- power8 machine
- install eoan (qemu 4.0)
- try to start a KVM guest
Current vulnerabilities as reported by the kernel:
/sys/devices/system/cpu/vulnerabilities/l1tf
Not affected
/sys/devices/system/cpu/vulnerabilities/mds
Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown
Mitigation: RFI Flush
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
Mitigation: Kernel entry/exit barrier (hwsync)
/sys/devices/system/cpu/vulnerabilities/spectre_v1
Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable
Caps and Domcaps:
$ virsh capabilities
<capabilities>
<host>
<uuid>de868906-44ea-4d29-85dd-138f8daf2d49</uuid>
<cpu>
<arch>ppc64le</arch>
<model>POWER8</model>
<vendor>IBM</vendor>
<topology sockets='1' cores='5' threads='8'/>
<pages unit='KiB' size='64'/>
<pages unit='KiB' size='16384'/>
<pages unit='KiB' size='16777216'/>
</cpu>
<power_management>
<suspend_mem/>
</power_management>
<iommu support='yes'/>
<migration_features>
<live/>
<uri_transports>
<uri_transport>tcp</uri_transport>
<uri_transport>rdma</uri_transport>
</uri_transports>
</migration_features>
<topology>
...
$ virsh domcapabilities
<domainCapabilities>
<path>/usr/bin/qemu-system-ppc64</path>
<domain>kvm</domain>
<machine>pseries-eoan</machine>
<arch>ppc64le</arch>
<vcpu max='1024'/>
<iothreads supported='yes'/>
<os supported='yes'>
<enum name='firmware'/>
<loader supported='yes'>
<enum name='type'>
<value>rom</value>
<value>pflash</value>
</enum>
<enum name='readonly'>
<value>yes</value>
<value>no</value>
</enum>
<enum name='secure'>
<value>no</value>
</enum>
</loader>
</os>
<cpu>
<mode name='host-passthrough' supported='yes'/>
<mode name='host-model' supported='yes'>
<model fallback='allow'>POWER8</model>
<vendor>IBM</vendor>
</mode>
<mode name='custom' supported='no'/>
</cpu>
...
As a fallback, I haven't foudn the right libvirt'y way to specify cap-cfpc to
qemu.
I know we did with HTM but it seems all other controls but HTM got dropped?
=> https://www.redhat.com/archives/libvir-list/2018-March/msg00474.html
Sorry, but I'm lost and trying random optins seems wrong.
I'm sure you run P8 regularly and know what we'd need.
=> how would I get to use a guest on these machines?
** Affects: qemu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1839065
Title:
power8 machines need FW update or qemu/libvirt code - cap-cfpc=broken
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1839065/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
