[PATCH v1 0/7] add Spectre related PowerPC features
Hi, This series implements 3 Spectre related PowerPC features that were added back in QEMU 2.12: - CFPC: Cache Flush on Privilege Change - SBBC: Speculation Barrier Bounds Checking - IBS: Indirect Branch Speculation These options aren't much of a problem for users using latest hardware and guests with recent Linux kernels. Users with outdated hardware/firmware or trying to run AIX guests/guests with older kernels, however, will need to fine tune these options because QEMU defaults won't work. Instead of making users rely on <qemu:commandline> elements to hardcode the options in the XML, let's support them in Libvirt. Daniel Henrique Barboza (7): qemu: Add capability for CFPC pSeries feature qemu: Implement the CFPC pSeries feature qemu: Add capability for SBBC pSeries feature qemu: Implement the SBBC pSeries feature qemu: Add capability for IBS pSeries feature qemu: Implement the IBS pSeries feature news: Update for the recent added pSeries features docs/formatdomain.html.in | 36 +++++ docs/news.xml | 10 ++ docs/schemas/domaincommon.rng | 47 ++++++ src/conf/domain_conf.c | 134 ++++++++++++++++++ src/conf/domain_conf.h | 38 +++++ src/libvirt_private.syms | 3 + src/qemu/qemu_capabilities.c | 8 ++ src/qemu/qemu_capabilities.h | 5 + src/qemu/qemu_command.c | 15 ++ src/qemu/qemu_validate.c | 33 +++++ .../caps_2.12.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 3 + tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 3 + tests/qemuxml2argvtest.c | 53 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 3 + tests/qemuxml2xmltest.c | 5 +- 21 files changed, 411 insertions(+), 3 deletions(-) -- 2.25.2
CFPC (Cache Flush on Privilege Change) is one of the capabilities added to QEMU to mitigate Spectre vulnerabilities in Power chips. It was implemented in QEMU 2.12 by commit 6898aed77f46. This capability is still used today due to differences in how the host setup (hardware and firmware/kernel) can handle this mitigation. Its default value also varies with the pseries machine version of the time. There's also certain OSes, like AIX, that might not support the default value of the pseries machine the guest uses. Exposing this in the Libvirt XML as a feature will allow users to tune CFPC values in a cleaner way, instead of hacking parameters in <qemu:commandline> elements. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index fe311048d4..4a262dc71d 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -573,6 +573,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "fsdev.multidevs", "virtio.packed", "pcie-root-port.hotplug", + "machine.pseries.cap-cfpc", ); @@ -1615,6 +1616,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-htm", QEMU_CAPS_MACHINE_PSERIES_CAP_HTM }, { "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV }, { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, + { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 1681fc79a8..81d67d2efe 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -554,6 +554,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ QEMU_CAPS_FSDEV_MULTIDEVS, /* fsdev.multidevs */ QEMU_CAPS_VIRTIO_PACKED_QUEUES, /* virtio.packed */ QEMU_CAPS_PCIE_ROOT_PORT_HOTPLUG, /* pcie-root-port.hotplug */ + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */ QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index 38a3103c4a..cdd4f26993 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -154,6 +154,7 @@ <flag name='memory-backend-file.align'/> <flag name='drive-nvme'/> <flag name='i8042'/> + <flag name='machine.pseries.cap-cfpc'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 9a0b9c05c2..84e9ad2dcc 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -156,6 +156,7 @@ <flag name='ramfb'/> <flag name='drive-nvme'/> <flag name='i8042'/> + <flag name='machine.pseries.cap-cfpc'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index 6801023208..3d70a67dab 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -161,6 +161,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index f7e69fcc97..ce2d470cb2 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -175,6 +175,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index 99ec98e8cd..a813776660 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -180,6 +180,7 @@ <flag name='i8042'/> <flag name='rng-builtin'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index b08916132a..c33786b0bf 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -192,6 +192,7 @@ <flag name='storage.werror'/> <flag name='fsdev.multidevs'/> <flag name='virtio.packed'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.2
This patch adds the implementation of the CFPC pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC capability added in the previous patch. CPFC can have the values "broken", "workaround" or "fixed". Extra code is required to handle it since it's not a regular tristate capability. This is the XML format for the cap: <features> <cfpc value='workaround'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 11 +++++ docs/schemas/domaincommon.rng | 15 +++++++ src/conf/domain_conf.c | 45 +++++++++++++++++++ src/conf/domain_conf.h | 12 +++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 +++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 17 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 122 insertions(+), 3 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 0077666862..607e815413 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2074,6 +2074,7 @@ <htm state='on'/> <ccf-assist state='on'/> <msrs unknown='ignore'/> + <cfpc value='workaround'/> </features> ...</pre> @@ -2379,6 +2380,16 @@ defined, the hypervisor default will be used. <span class="since">Since 5.9.0</span> (QEMU/KVM only) </dd> + <dt><code>cfpc</code></dt> + <dd>Configure cfpc (Cache Flush on Privilege Change) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (software workaround available) and <code>fixed</code> (fixed in + hardware). If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 65d6580434..40785752f7 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5430,6 +5430,9 @@ <ref name="featurestate"/> </element> </optional> + <optional> + <ref name="cfpc"/> + </optional> </interleave> </element> </optional> @@ -5689,6 +5692,18 @@ </element> </define> + <define name="cfpc"> + <element name="cfpc"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 8700d56761..4bfb17b7c8 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -173,6 +173,7 @@ VIR_ENUM_IMPL(virDomainFeature, "nested-hv", "msrs", "ccf-assist", + "cfpc", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1251,6 +1252,14 @@ VIR_ENUM_IMPL(virDomainOsDefFirmware, "efi", ); +VIR_ENUM_IMPL(virDomainCFPC, + VIR_DOMAIN_CFPC_LAST, + "none", + "broken", + "workaround", + "fixed", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -20961,6 +20970,22 @@ virDomainDefParseXML(xmlDocPtr xml, } break; + case VIR_DOMAIN_FEATURE_CFPC: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainCFPCTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_CFPC_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; + + case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: @@ -23266,6 +23291,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_CFPC: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainCFPCTypeToString(src->features[i]), + "value", virDomainCFPCTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29024,6 +29061,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainMsrsUnknownTypeToString(def->msrs_features[VIR_DOMAIN_MSRS_UNKNOWN])); break; + case VIR_DOMAIN_FEATURE_CFPC: + if (def->features[i] == VIR_DOMAIN_CFPC_NONE) + break; + + virBufferAsprintf(&childBuf, "<cfpc value='%s'/>\n", + virDomainCFPCTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 7d8f1aa31b..a59e3cd41a 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1814,6 +1814,7 @@ typedef enum { VIR_DOMAIN_FEATURE_NESTED_HV, VIR_DOMAIN_FEATURE_MSRS, VIR_DOMAIN_FEATURE_CCF_ASSIST, + VIR_DOMAIN_FEATURE_CFPC, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1970,6 +1971,17 @@ typedef enum { VIR_ENUM_DECL(virDomainHPTResizing); +typedef enum { + VIR_DOMAIN_CFPC_NONE = 0, + VIR_DOMAIN_CFPC_BROKEN, + VIR_DOMAIN_CFPC_WORKAROUND, + VIR_DOMAIN_CFPC_FIXED, + + VIR_DOMAIN_CFPC_LAST +} virDomainCFPC; + +VIR_ENUM_DECL(virDomainCFPC); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index ec367653d5..df48176e6a 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -235,6 +235,7 @@ virDomainBlockIoTuneInfoHasMaxLength; virDomainBootTypeFromString; virDomainBootTypeToString; virDomainCapabilitiesPolicyTypeToString; +virDomainCFPCTypeToString; virDomainChrConsoleTargetTypeFromString; virDomainChrConsoleTargetTypeToString; virDomainChrDefForeach; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 95402fc4ff..302cee79ad 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7163,6 +7163,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-ccf-assist=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_CFPC] != VIR_DOMAIN_CFPC_NONE) { + const char *str = virDomainCFPCTypeToString(def->features[VIR_DOMAIN_FEATURE_CFPC]); + virBufferAsprintf(&buf, ",cap-cfpc=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 971e4a945a..11d310ed8f 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -136,6 +136,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_CFPC: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("cfpc configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -194,6 +204,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: + case VIR_DOMAIN_FEATURE_CFPC: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 7aa357a54e..8540252c17 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -11,7 +11,8 @@ QEMU_AUDIO_DRV=none \ -name guest \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ -cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on \ +cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ +cap-cfpc=fixed \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index 8ccc1b73d8..f07a204cb7 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -13,6 +13,7 @@ <htm state='on'/> <nested-hv state='off'/> <ccf-assist state='on'/> + <cfpc value='fixed'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 66472a5ee5..8cb53b2416 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1963,6 +1963,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1971,7 +1972,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, - QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1979,6 +1981,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1987,6 +1990,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -1995,6 +1999,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2003,8 +2008,18 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); DO_TEST("pseries-serial-native", diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index a5df840394..1b5d78ce74 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -15,6 +15,7 @@ <htm state='on'/> <nested-hv state='off'/> <ccf-assist state='on'/> + <cfpc value='fixed'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index cf5abeac35..41510fd17a 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -694,7 +694,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.2
SBBC (Speculation Barrier Bounds Checking) is another capability related to Spectre mitigation efforts in Power processors. It was implemented in QEMU 2.12 by commit 09114fd81799. This patch introduces it as QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC to be implemented in the next patch. Like the case with the now implemented CFPC, exposing this feature in the XML allows for a cleaner way for users to tune the SBBC accordingly, given that not all hypervisor and guest setups supports this Spectre mitigation. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 4a262dc71d..dd04393c95 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -574,6 +574,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "virtio.packed", "pcie-root-port.hotplug", "machine.pseries.cap-cfpc", + "machine.pseries.cap-sbbc", ); @@ -1617,6 +1618,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV }, { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, + { "cap-sbbc", QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 81d67d2efe..83932fb96f 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -555,6 +555,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ QEMU_CAPS_VIRTIO_PACKED_QUEUES, /* virtio.packed */ QEMU_CAPS_PCIE_ROOT_PORT_HOTPLUG, /* pcie-root-port.hotplug */ QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */ + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, /* -machine pseries.cap-sbbc */ QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index cdd4f26993..2046f1097c 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -155,6 +155,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 84e9ad2dcc..9e71080152 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -157,6 +157,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index 3d70a67dab..f13b384e91 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -162,6 +162,7 @@ <flag name='i8042'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index ce2d470cb2..674e4b4944 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -176,6 +176,7 @@ <flag name='i8042'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index a813776660..f89498171b 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -181,6 +181,7 @@ <flag name='rng-builtin'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index c33786b0bf..ebc39130df 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -193,6 +193,7 @@ <flag name='fsdev.multidevs'/> <flag name='virtio.packed'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.2
This patch adds the implementation of the SBBC pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC capability added in the previous patch. Like the previously added CPFC feature, SBBC can have the values "broken", "workaround" or "fixed". Extra code is required to handle it since it's not a regular tristate capability. This is the XML format for the cap: <features> <sbbc value='workaround'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 11 +++++ docs/schemas/domaincommon.rng | 15 +++++++ src/conf/domain_conf.c | 43 +++++++++++++++++++ src/conf/domain_conf.h | 12 ++++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 +++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 2 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 21 ++++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 122 insertions(+), 4 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 607e815413..2146374475 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2075,6 +2075,7 @@ <ccf-assist state='on'/> <msrs unknown='ignore'/> <cfpc value='workaround'/> + <sbbc value='workaround'/> </features> ...</pre> @@ -2390,6 +2391,16 @@ default will be used. <span class="since">Since 6.3.0</span> (QEMU/KVM only) </dd> + <dt><code>sbbc</code></dt> + <dd>Configure sbbc (Speculation Barrier Bounds Checking) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (software workaround available) and <code>fixed</code> (fixed in + hardware). If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 40785752f7..72c281aa8f 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5433,6 +5433,9 @@ <optional> <ref name="cfpc"/> </optional> + <optional> + <ref name="sbbc"/> + </optional> </interleave> </element> </optional> @@ -5704,6 +5707,18 @@ </element> </define> + <define name="sbbc"> + <element name="sbbc"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 4bfb17b7c8..5373b29263 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -174,6 +174,7 @@ VIR_ENUM_IMPL(virDomainFeature, "msrs", "ccf-assist", "cfpc", + "sbbc", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1260,6 +1261,14 @@ VIR_ENUM_IMPL(virDomainCFPC, "fixed", ); +VIR_ENUM_IMPL(virDomainSBBC, + VIR_DOMAIN_SBBC_LAST, + "none", + "broken", + "workaround", + "fixed", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -20985,6 +20994,20 @@ virDomainDefParseXML(xmlDocPtr xml, } break; + case VIR_DOMAIN_FEATURE_SBBC: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainSBBCTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_SBBC_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: @@ -23303,6 +23326,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_SBBC: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainSBBCTypeToString(src->features[i]), + "value", virDomainSBBCTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29069,6 +29104,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainCFPCTypeToString(def->features[i])); break; + case VIR_DOMAIN_FEATURE_SBBC: + if (def->features[i] == VIR_DOMAIN_SBBC_NONE) + break; + + virBufferAsprintf(&childBuf, "<sbbc value='%s'/>\n", + virDomainSBBCTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index a59e3cd41a..c04441e587 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1815,6 +1815,7 @@ typedef enum { VIR_DOMAIN_FEATURE_MSRS, VIR_DOMAIN_FEATURE_CCF_ASSIST, VIR_DOMAIN_FEATURE_CFPC, + VIR_DOMAIN_FEATURE_SBBC, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1982,6 +1983,17 @@ typedef enum { VIR_ENUM_DECL(virDomainCFPC); +typedef enum { + VIR_DOMAIN_SBBC_NONE = 0, + VIR_DOMAIN_SBBC_BROKEN, + VIR_DOMAIN_SBBC_WORKAROUND, + VIR_DOMAIN_SBBC_FIXED, + + VIR_DOMAIN_SBBC_LAST +} virDomainSBBC; + +VIR_ENUM_DECL(virDomainSBBC); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index df48176e6a..99e74eee84 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -582,6 +582,7 @@ virDomainRNGModelTypeToString; virDomainRNGRemove; virDomainRunningReasonTypeFromString; virDomainRunningReasonTypeToString; +virDomainSBBCTypeToString; virDomainSCSIDriveAddressIsUsed; virDomainSeclabelTypeFromString; virDomainSeclabelTypeToString; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 302cee79ad..0c3b37760a 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7168,6 +7168,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-cfpc=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_SBBC] != VIR_DOMAIN_SBBC_NONE) { + const char *str = virDomainSBBCTypeToString(def->features[VIR_DOMAIN_FEATURE_SBBC]); + virBufferAsprintf(&buf, ",cap-sbbc=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 11d310ed8f..f75cec93c2 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -146,6 +146,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_SBBC: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("sbbc configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -205,6 +215,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: case VIR_DOMAIN_FEATURE_CFPC: + case VIR_DOMAIN_FEATURE_SBBC: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 8540252c17..9a64df7593 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -12,7 +12,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ -cap-cfpc=fixed \ +cap-cfpc=fixed,cap-sbbc=broken \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index f07a204cb7..ef431b0067 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -14,6 +14,7 @@ <nested-hv state='off'/> <ccf-assist state='on'/> <cfpc value='fixed'/> + <sbbc value='broken'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 8cb53b2416..0b4dc0dec5 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1964,6 +1964,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1973,7 +1974,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1982,6 +1984,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1991,6 +1994,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -2000,6 +2004,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2009,6 +2014,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ @@ -2018,7 +2024,18 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, - QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_SBBC */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index 1b5d78ce74..3700ffa195 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -16,6 +16,7 @@ <nested-hv state='off'/> <ccf-assist state='on'/> <cfpc value='fixed'/> + <sbbc value='broken'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 41510fd17a..9e1b5be13c 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -695,7 +695,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.2
IBS (Indirect Branch Speculation) is the last capability added in QEMU 2.12 related to Spectre mitigation for Power. It was added in commit 4be8d4e7d935. This patch introduces it as QEMU_CAPS_MACHINE_PSERIES_CAP_IBS. Like CFPC and SBBC, users might want to tune in IBS based on their HW and guest OS requirements, and it's better to do it so in a proper Libvirt feature than to put QEMU arguments in the middle of the domain XML. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 13 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index dd04393c95..4ea01d4ea9 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -575,6 +575,9 @@ VIR_ENUM_IMPL(virQEMUCaps, "pcie-root-port.hotplug", "machine.pseries.cap-cfpc", "machine.pseries.cap-sbbc", + + /* 365 */ + "machine.pseries.cap-ibs", ); @@ -1619,6 +1622,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, { "cap-sbbc", QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC }, + { "cap-ibs", QEMU_CAPS_MACHINE_PSERIES_CAP_IBS }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 83932fb96f..21e3eb3327 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -557,6 +557,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */ QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, /* -machine pseries.cap-sbbc */ + /* 365 */ + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, /* -machine pseries.cap-ibs */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index 2046f1097c..4c1758fbfe 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -156,6 +156,7 @@ <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 9e71080152..a8390a12eb 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -158,6 +158,7 @@ <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index f13b384e91..d96caaa9ed 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -163,6 +163,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index 674e4b4944..44c1b9205e 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -177,6 +177,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index f89498171b..2eef337cc4 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -182,6 +182,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index ebc39130df..d972def4b3 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -194,6 +194,7 @@ <flag name='virtio.packed'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.2
This patch adds the implementation of the IBS pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_IBS capability added in the previous patch. IBS can have the following values: "broken", "workaround", "fixed-ibs", "fixed-ccd" and "fixed-na". This is the XML format for the cap: <features> <ibs value='fixed-ibs'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 14 ++++++ docs/schemas/domaincommon.rng | 17 +++++++ src/conf/domain_conf.c | 46 +++++++++++++++++++ src/conf/domain_conf.h | 14 ++++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 ++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 2 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 25 ++++++++-- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 135 insertions(+), 5 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 2146374475..01aa825fc6 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2076,6 +2076,7 @@ <msrs unknown='ignore'/> <cfpc value='workaround'/> <sbbc value='workaround'/> + <ibs value='fixed-na'/> </features> ...</pre> @@ -2401,6 +2402,19 @@ default will be used. <span class="since">Since 6.3.0</span> (QEMU/KVM only) </dd> + <dt><code>ibs</code></dt> + <dd>Configure ibs (Indirect Branch Speculation) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (count cache flush), <code>fixed-ibs</code> (fixed by + serializing indirect branches), <code>fixed-ccd</code> (fixed by + disabling the cache count) and <code>fixed-na (fixed in + hardware - no longer applicable)</code>. + If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 72c281aa8f..75d5cd3271 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5436,6 +5436,9 @@ <optional> <ref name="sbbc"/> </optional> + <optional> + <ref name="ibs"/> + </optional> </interleave> </element> </optional> @@ -5719,6 +5722,20 @@ </element> </define> + <define name="ibs"> + <element name="ibs"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed-ibs</value> + <value>fixed-ccd</value> + <value>fixed-na</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 5373b29263..dfa7421249 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -175,6 +175,7 @@ VIR_ENUM_IMPL(virDomainFeature, "ccf-assist", "cfpc", "sbbc", + "ibs", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1269,6 +1270,16 @@ VIR_ENUM_IMPL(virDomainSBBC, "fixed", ); +VIR_ENUM_IMPL(virDomainIBS, + VIR_DOMAIN_IBS_LAST, + "none", + "broken", + "workaround", + "fixed-ibs", + "fixed-ccd", + "fixed-na", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -21009,6 +21020,21 @@ virDomainDefParseXML(xmlDocPtr xml, } break; + case VIR_DOMAIN_FEATURE_IBS: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainIBSTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_IBS_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; + case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: @@ -23338,6 +23364,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_IBS: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainIBSTypeToString(src->features[i]), + "value", virDomainIBSTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29112,6 +29150,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainSBBCTypeToString(def->features[i])); break; + case VIR_DOMAIN_FEATURE_IBS: + if (def->features[i] == VIR_DOMAIN_IBS_NONE) + break; + + virBufferAsprintf(&childBuf, "<ibs value='%s'/>\n", + virDomainIBSTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index c04441e587..a5582f7a34 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1816,6 +1816,7 @@ typedef enum { VIR_DOMAIN_FEATURE_CCF_ASSIST, VIR_DOMAIN_FEATURE_CFPC, VIR_DOMAIN_FEATURE_SBBC, + VIR_DOMAIN_FEATURE_IBS, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1994,6 +1995,19 @@ typedef enum { VIR_ENUM_DECL(virDomainSBBC); +typedef enum { + VIR_DOMAIN_IBS_NONE = 0, + VIR_DOMAIN_IBS_BROKEN, + VIR_DOMAIN_IBS_WORKAROUND, + VIR_DOMAIN_IBS_FIXEDIBS, + VIR_DOMAIN_IBS_FIXEDCCD, + VIR_DOMAIN_IBS_FIXEDNA, + + VIR_DOMAIN_IBS_LAST +} virDomainIBS; + +VIR_ENUM_DECL(virDomainIBS); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 99e74eee84..09a6ca8956 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -455,6 +455,7 @@ virDomainHubTypeFromString; virDomainHubTypeToString; virDomainHypervTypeFromString; virDomainHypervTypeToString; +virDomainIBSTypeToString; virDomainInputBusTypeToString; virDomainInputDefFind; virDomainInputDefFree; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 0c3b37760a..32565b49a9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7173,6 +7173,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-sbbc=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_IBS] != VIR_DOMAIN_IBS_NONE) { + const char *str = virDomainIBSTypeToString(def->features[VIR_DOMAIN_FEATURE_IBS]); + virBufferAsprintf(&buf, ",cap-ibs=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index f75cec93c2..7d356f683a 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -156,6 +156,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_IBS: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_IBS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ibs configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -216,6 +226,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_CCF_ASSIST: case VIR_DOMAIN_FEATURE_CFPC: case VIR_DOMAIN_FEATURE_SBBC: + case VIR_DOMAIN_FEATURE_IBS: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 9a64df7593..668eeb157b 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -12,7 +12,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ -cap-cfpc=fixed,cap-sbbc=broken \ +cap-cfpc=fixed,cap-sbbc=broken,cap-ibs=fixed-ccd \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index ef431b0067..6e4700a56a 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -15,6 +15,7 @@ <ccf-assist state='on'/> <cfpc value='fixed'/> <sbbc value='broken'/> + <ibs value='fixed-ccd'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 0b4dc0dec5..eb509e0bc0 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1965,6 +1965,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1975,7 +1976,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1985,6 +1987,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1995,6 +1998,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -2005,6 +2009,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2015,6 +2020,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ @@ -2025,7 +2031,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_SBBC */ DO_TEST_PARSE_ERROR("pseries-features", @@ -2035,7 +2042,19 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); + + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_IBS */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index 3700ffa195..e1c1d7306e 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -17,6 +17,7 @@ <ccf-assist state='on'/> <cfpc value='fixed'/> <sbbc value='broken'/> + <ibs value='fixed-ccd'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 9e1b5be13c..78fa9060e1 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -696,7 +696,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.2
Update news.xml to inform about the availability of CFPC, SBBC and IBS features. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/news.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 4d0efd4219..2066f0eef3 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -56,6 +56,16 @@ hotplug/unplug attempts, but this is often undesireable). </description> </change> + <change> + <summary> + qemu: Implement pSeries Spectre mitigation features + </summary> + <description> + Users can now setup the following capabilities of pSeries guests: + CFPC (Cache Flush on Privilege Change), SBBC (Speculation Barrier + Bounds Checking) and IBS (Indirect Branch Speculation). + </description> + </change> </section> <section title="Improvements"> </section> -- 2.25.2
Ping On 4/16/20 6:24 PM, Daniel Henrique Barboza wrote:
Hi,
This series implements 3 Spectre related PowerPC features that were added back in QEMU 2.12:
- CFPC: Cache Flush on Privilege Change - SBBC: Speculation Barrier Bounds Checking - IBS: Indirect Branch Speculation
These options aren't much of a problem for users using latest hardware and guests with recent Linux kernels. Users with outdated hardware/firmware or trying to run AIX guests/guests with older kernels, however, will need to fine tune these options because QEMU defaults won't work.
Instead of making users rely on <qemu:commandline> elements to hardcode the options in the XML, let's support them in Libvirt.
Daniel Henrique Barboza (7): qemu: Add capability for CFPC pSeries feature qemu: Implement the CFPC pSeries feature qemu: Add capability for SBBC pSeries feature qemu: Implement the SBBC pSeries feature qemu: Add capability for IBS pSeries feature qemu: Implement the IBS pSeries feature news: Update for the recent added pSeries features
docs/formatdomain.html.in | 36 +++++ docs/news.xml | 10 ++ docs/schemas/domaincommon.rng | 47 ++++++ src/conf/domain_conf.c | 134 ++++++++++++++++++ src/conf/domain_conf.h | 38 +++++ src/libvirt_private.syms | 3 + src/qemu/qemu_capabilities.c | 8 ++ src/qemu/qemu_capabilities.h | 5 + src/qemu/qemu_command.c | 15 ++ src/qemu/qemu_validate.c | 33 +++++ .../caps_2.12.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 3 + tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 3 + tests/qemuxml2argvtest.c | 53 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 3 + tests/qemuxml2xmltest.c | 5 +- 21 files changed, 411 insertions(+), 3 deletions(-)
participants (2)
-
Daniel Henrique Barboza -
Michal Privoznik