** Description changed: - The EPYC-Rome model is missing the IBRS and SSBD flags due to an - oversight + [Impact] + + * IBRS was forgotten in the initial Rome type definitions. + On one hand that makes the feature non exposed/controllable and on the + other it can lead to crashes like bug 1915063 + + * backport chnges to teach: + - qemu about the IBRS feature existing in Rome chips and making it the + new default (-v2 and unspecified) type + - libvirt about the IBRS feature existign for that CPU + + [Test Plan] + + * First of all we'll (and have in advance) run general regression tests + + * Qemu should list the new type (and the old one) + # qemu-system-x86_64 -cpu ? | grep EPYC-Rome + x86 EPYC-Rome (alias configured by machine type) + x86 EPYC-Rome-v1 AMD EPYC-Rome Processor + x86 EPYC-Rome-v2 AMD EPYC-Rome Processor + + * Libvirt with the fix has the ability to control ibrs for Rome chips. + For example on a post Naples Epyc chip this is what host-model expands + (in my example) to - the exact list depends on your chip: + + <cpu mode='custom' match='exact' check='full'> + <model fallback='forbid'>EPYC-Rome</model> + <vendor>AMD</vendor> + <feature policy='require' name='pcid'/> + <feature policy='require' name='x2apic'/> + <feature policy='require' name='tsc-deadline'/> + <feature policy='require' name='hypervisor'/> + <feature policy='require' name='tsc_adjust'/> + <feature policy='require' name='erms'/> + <feature policy='require' name='invpcid'/> + <feature policy='require' name='pku'/> + <feature policy='require' name='vaes'/> + <feature policy='require' name='vpclmulqdq'/> + <feature policy='require' name='fsrm'/> + <feature policy='require' name='spec-ctrl'/> + <feature policy='require' name='stibp'/> + <feature policy='require' name='arch-capabilities'/> + <feature policy='require' name='ssbd'/> + <feature policy='require' name='xsaves'/> + <feature policy='require' name='cmp_legacy'/> + <feature policy='require' name='amd-ssbd'/> + <feature policy='require' name='virt-ssbd'/> + <feature policy='require' name='rdctl-no'/> + <feature policy='require' name='skip-l1dfl-vmentry'/> + <feature policy='require' name='mds-no'/> + <feature policy='require' name='pschange-mc-no'/> + <feature policy='require' name='topoext'/> + </cpu> + + Neither the named type nor the added features define IBRS + + Even if one manually adds + <feature policy='require' name='ibrs'/> + You'd get + error: unsupported configuration: unknown CPU feature: ibrs + + With the fixes in place libvirt knows what bit to check and qemu can + (on the new v2) control that flag. + + The above does no more return an error with the fix + + [Where problems could occur] + + * There are two areas to look at + a) compat behavior on old systems - e.g. libvirt would now detect IBRS + on such AMD chips and one might wonder about the change. + E.g. compatibility would exist between old-code/new-code/old->new + code; but any action (e.g. suspend resume) from new to old code + might run into trouble (not supported that way but worth to mention + for awareness) + b) Migrations between systems - this should be covered by chip + versioning but still is worth to mention. Versioning will recognize + a formerly started system as v1 and continue to handle it that way. + Only new started guests would become v2 and behave the new and + improved way. + + + [Other Info] + + * n/a + + --- + + + The EPYC-Rome model is missing the IBRS and SSBD flags due to an oversight https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07378.html They have been added as a EPYC-Rome-v2 in https://lists.gnu.org/archive/html/qemu-devel/2021-03/msg01020.html This patch depends on the IBRS and AMD SSBD definitions that were added as part of the EPYC-Milan patch: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg03370.html - diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 8d599bb5b8..888c3a59e2 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -816,8 +816,12 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS]; - #define CPUID_8000_0008_EBX_WBNOINVD (1U << 9) - /* Indirect Branch Prediction Barrier */ - #define CPUID_8000_0008_EBX_IBPB (1U << 12) + #define CPUID_8000_0008_EBX_WBNOINVD (1U << 9) + /* Indirect Branch Prediction Barrier */ + #define CPUID_8000_0008_EBX_IBPB (1U << 12) +/* Indirect Branch Restricted Speculation */ +#define CPUID_8000_0008_EBX_IBRS (1U << 14) - /* Single Thread Indirect Branch Predictors */ - #define CPUID_8000_0008_EBX_STIBP (1U << 15) + /* Single Thread Indirect Branch Predictors */ + #define CPUID_8000_0008_EBX_STIBP (1U << 15) +/* Speculative Store Bypass Disable */ +#define CPUID_8000_0008_EBX_AMD_SSBD (1U << 24)
** Description changed: [Impact] - * IBRS was forgotten in the initial Rome type definitions. - On one hand that makes the feature non exposed/controllable and on the - other it can lead to crashes like bug 1915063 + * IBRS was forgotten in the initial Rome type definitions. + On one hand that makes the feature non exposed/controllable and on the + other it can lead to crashes like bug 1915063 - * backport chnges to teach: - - qemu about the IBRS feature existing in Rome chips and making it the - new default (-v2 and unspecified) type - - libvirt about the IBRS feature existign for that CPU + * backport changes to teach: + - qemu about the IBRS feature existing in Rome chips and making it the + new default (-v2 and unspecified) type + - libvirt about the IBRS feature existign for that CPU [Test Plan] - * First of all we'll (and have in advance) run general regression tests + * First of all we'll (and have in advance) run general regression tests - * Qemu should list the new type (and the old one) - # qemu-system-x86_64 -cpu ? | grep EPYC-Rome - x86 EPYC-Rome (alias configured by machine type) - x86 EPYC-Rome-v1 AMD EPYC-Rome Processor - x86 EPYC-Rome-v2 AMD EPYC-Rome Processor + * Qemu should list the new type (and the old one) + # qemu-system-x86_64 -cpu ? | grep EPYC-Rome + x86 EPYC-Rome (alias configured by machine type) + x86 EPYC-Rome-v1 AMD EPYC-Rome Processor + x86 EPYC-Rome-v2 AMD EPYC-Rome Processor - * Libvirt with the fix has the ability to control ibrs for Rome chips. - For example on a post Naples Epyc chip this is what host-model expands - (in my example) to - the exact list depends on your chip: + * Libvirt with the fix has the ability to control ibrs for Rome chips. + For example on a post Naples Epyc chip this is what host-model expands + (in my example) to - the exact list depends on your chip: - <cpu mode='custom' match='exact' check='full'> - <model fallback='forbid'>EPYC-Rome</model> - <vendor>AMD</vendor> - <feature policy='require' name='pcid'/> - <feature policy='require' name='x2apic'/> - <feature policy='require' name='tsc-deadline'/> - <feature policy='require' name='hypervisor'/> - <feature policy='require' name='tsc_adjust'/> - <feature policy='require' name='erms'/> - <feature policy='require' name='invpcid'/> - <feature policy='require' name='pku'/> - <feature policy='require' name='vaes'/> - <feature policy='require' name='vpclmulqdq'/> - <feature policy='require' name='fsrm'/> - <feature policy='require' name='spec-ctrl'/> - <feature policy='require' name='stibp'/> - <feature policy='require' name='arch-capabilities'/> - <feature policy='require' name='ssbd'/> - <feature policy='require' name='xsaves'/> - <feature policy='require' name='cmp_legacy'/> - <feature policy='require' name='amd-ssbd'/> - <feature policy='require' name='virt-ssbd'/> - <feature policy='require' name='rdctl-no'/> - <feature policy='require' name='skip-l1dfl-vmentry'/> - <feature policy='require' name='mds-no'/> - <feature policy='require' name='pschange-mc-no'/> - <feature policy='require' name='topoext'/> - </cpu> + <cpu mode='custom' match='exact' check='full'> + <model fallback='forbid'>EPYC-Rome</model> + <vendor>AMD</vendor> + <feature policy='require' name='pcid'/> + <feature policy='require' name='x2apic'/> + <feature policy='require' name='tsc-deadline'/> + <feature policy='require' name='hypervisor'/> + <feature policy='require' name='tsc_adjust'/> + <feature policy='require' name='erms'/> + <feature policy='require' name='invpcid'/> + <feature policy='require' name='pku'/> + <feature policy='require' name='vaes'/> + <feature policy='require' name='vpclmulqdq'/> + <feature policy='require' name='fsrm'/> + <feature policy='require' name='spec-ctrl'/> + <feature policy='require' name='stibp'/> + <feature policy='require' name='arch-capabilities'/> + <feature policy='require' name='ssbd'/> + <feature policy='require' name='xsaves'/> + <feature policy='require' name='cmp_legacy'/> + <feature policy='require' name='amd-ssbd'/> + <feature policy='require' name='virt-ssbd'/> + <feature policy='require' name='rdctl-no'/> + <feature policy='require' name='skip-l1dfl-vmentry'/> + <feature policy='require' name='mds-no'/> + <feature policy='require' name='pschange-mc-no'/> + <feature policy='require' name='topoext'/> + </cpu> - Neither the named type nor the added features define IBRS + Neither the named type nor the added features define IBRS - Even if one manually adds - <feature policy='require' name='ibrs'/> - You'd get - error: unsupported configuration: unknown CPU feature: ibrs + Even if one manually adds + <feature policy='require' name='ibrs'/> + You'd get + error: unsupported configuration: unknown CPU feature: ibrs - With the fixes in place libvirt knows what bit to check and qemu can - (on the new v2) control that flag. + With the fixes in place libvirt knows what bit to check and qemu can + (on the new v2) control that flag. - The above does no more return an error with the fix + The above does no more return an error with the fix [Where problems could occur] - * There are two areas to look at - a) compat behavior on old systems - e.g. libvirt would now detect IBRS - on such AMD chips and one might wonder about the change. - E.g. compatibility would exist between old-code/new-code/old->new - code; but any action (e.g. suspend resume) from new to old code - might run into trouble (not supported that way but worth to mention - for awareness) - b) Migrations between systems - this should be covered by chip - versioning but still is worth to mention. Versioning will recognize - a formerly started system as v1 and continue to handle it that way. - Only new started guests would become v2 and behave the new and - improved way. - + * There are two areas to look at + a) compat behavior on old systems - e.g. libvirt would now detect IBRS + on such AMD chips and one might wonder about the change. + E.g. compatibility would exist between old-code/new-code/old->new + code; but any action (e.g. suspend resume) from new to old code + might run into trouble (not supported that way but worth to mention + for awareness) + b) Migrations between systems - this should be covered by chip + versioning but still is worth to mention. Versioning will recognize + a formerly started system as v1 and continue to handle it that way. + Only new started guests would become v2 and behave the new and + improved way. [Other Info] - * n/a + * n/a --- - - The EPYC-Rome model is missing the IBRS and SSBD flags due to an oversight + The EPYC-Rome model is missing the IBRS and SSBD flags due to an + oversight https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07378.html They have been added as a EPYC-Rome-v2 in https://lists.gnu.org/archive/html/qemu-devel/2021-03/msg01020.html This patch depends on the IBRS and AMD SSBD definitions that were added as part of the EPYC-Milan patch: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg03370.html diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 8d599bb5b8..888c3a59e2 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -816,8 +816,12 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS]; #define CPUID_8000_0008_EBX_WBNOINVD (1U << 9) /* Indirect Branch Prediction Barrier */ #define CPUID_8000_0008_EBX_IBPB (1U << 12) +/* Indirect Branch Restricted Speculation */ +#define CPUID_8000_0008_EBX_IBRS (1U << 14) /* Single Thread Indirect Branch Predictors */ #define CPUID_8000_0008_EBX_STIBP (1U << 15) +/* Speculative Store Bypass Disable */ +#define CPUID_8000_0008_EBX_AMD_SSBD (1U << 24) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1921754 Title: Add missing cpu feature bits in EPYC-Rome model To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1921754/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
