[PATCH RESEND v1 0/7] add Spectre related PowerPC features
Recent changes in master (adding aio_io_uring cap, splitting feature parsing code to a new function, updates in news.xml) broke rebase for all patches in the series. Re-sending it, rebased with master at 606fb3979ab4. **** Hi, This series implements 3 Spectre related PowerPC features that were added back in QEMU 2.12: - CFPC: Cache Flush on Privilege Change - SBBC: Speculation Barrier Bounds Checking - IBS: Indirect Branch Speculation These options aren't much of a problem for users using latest hardware and guests with recent Linux kernels. Users with outdated hardware/firmware or trying to run AIX guests/guests with older kernels, however, will need to fine tune these options because QEMU defaults won't work. Instead of making users rely on <qemu:commandline> elements to hardcode the options in the XML, let's support them in Libvirt. Daniel Henrique Barboza (7): qemu: Add capability for CFPC pSeries feature qemu: Implement the CFPC pSeries feature qemu: Add capability for SBBC pSeries feature qemu: Implement the SBBC pSeries feature qemu: Add capability for IBS pSeries feature qemu: Implement the IBS pSeries feature news: Update for the recent added pSeries features docs/formatdomain.html.in | 36 +++++ docs/news.xml | 10 ++ docs/schemas/domaincommon.rng | 47 ++++++ src/conf/domain_conf.c | 134 ++++++++++++++++++ src/conf/domain_conf.h | 38 +++++ src/libvirt_private.syms | 3 + src/qemu/qemu_capabilities.c | 8 ++ src/qemu/qemu_capabilities.h | 5 + src/qemu/qemu_command.c | 15 ++ src/qemu/qemu_validate.c | 33 +++++ .../caps_2.12.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 3 + tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 3 + tests/qemuxml2argvtest.c | 53 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 3 + tests/qemuxml2xmltest.c | 5 +- 21 files changed, 411 insertions(+), 3 deletions(-) -- 2.25.4
CFPC (Cache Flush on Privilege Change) is one of the capabilities added to QEMU to mitigate Spectre vulnerabilities in Power chips. It was implemented in QEMU 2.12 by commit 6898aed77f46. This capability is still used today due to differences in how the host setup (hardware and firmware/kernel) can handle this mitigation. Its default value also varies with the pseries machine version of the time. There's also certain OSes, like AIX, that might not support the default value of the pseries machine the guest uses. Exposing this in the Libvirt XML as a feature will allow users to tune CFPC values in a cleaner way, instead of hacking parameters in <qemu:commandline> elements. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index f6b3c96a3d..4838f3cfb5 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -574,6 +574,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "virtio.packed", "pcie-root-port.hotplug", "aio.io_uring", + "machine.pseries.cap-cfpc", ); @@ -1617,6 +1618,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-htm", QEMU_CAPS_MACHINE_PSERIES_CAP_HTM }, { "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV }, { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, + { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 0e9a161f94..88cf44ed59 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -555,6 +555,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ QEMU_CAPS_VIRTIO_PACKED_QUEUES, /* virtio.packed */ QEMU_CAPS_PCIE_ROOT_PORT_HOTPLUG, /* pcie-root-port.hotplug */ QEMU_CAPS_AIO_IO_URING, /* -blockdev {...,"aio":"io_uring",...} */ + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */ QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index 38a3103c4a..cdd4f26993 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -154,6 +154,7 @@ <flag name='memory-backend-file.align'/> <flag name='drive-nvme'/> <flag name='i8042'/> + <flag name='machine.pseries.cap-cfpc'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 9a0b9c05c2..84e9ad2dcc 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -156,6 +156,7 @@ <flag name='ramfb'/> <flag name='drive-nvme'/> <flag name='i8042'/> + <flag name='machine.pseries.cap-cfpc'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index 6801023208..3d70a67dab 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -161,6 +161,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index f7e69fcc97..ce2d470cb2 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -175,6 +175,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index 99ec98e8cd..a813776660 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -180,6 +180,7 @@ <flag name='i8042'/> <flag name='rng-builtin'/> <flag name='storage.werror'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index b08916132a..c33786b0bf 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -192,6 +192,7 @@ <flag name='storage.werror'/> <flag name='fsdev.multidevs'/> <flag name='virtio.packed'/> + <flag name='machine.pseries.cap-cfpc'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.4
This patch adds the implementation of the CFPC pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC capability added in the previous patch. CPFC can have the values "broken", "workaround" or "fixed". Extra code is required to handle it since it's not a regular tristate capability. This is the XML format for the cap: <features> <cfpc value='workaround'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 11 +++++ docs/schemas/domaincommon.rng | 15 +++++++ src/conf/domain_conf.c | 44 +++++++++++++++++++ src/conf/domain_conf.h | 12 +++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 +++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 17 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 121 insertions(+), 3 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index c5305739d2..a99407675f 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2078,6 +2078,7 @@ <htm state='on'/> <ccf-assist state='on'/> <msrs unknown='ignore'/> + <cfpc value='workaround'/> </features> ...</pre> @@ -2406,6 +2407,16 @@ defined, the hypervisor default will be used. <span class="since">Since 5.9.0</span> (QEMU/KVM only) </dd> + <dt><code>cfpc</code></dt> + <dd>Configure cfpc (Cache Flush on Privilege Change) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (software workaround available) and <code>fixed</code> (fixed in + hardware). If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 7f18e5b669..6441e01717 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5434,6 +5434,9 @@ <ref name="featurestate"/> </element> </optional> + <optional> + <ref name="cfpc"/> + </optional> </interleave> </element> </optional> @@ -5693,6 +5696,18 @@ </element> </define> + <define name="cfpc"> + <element name="cfpc"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 89cd8c5f32..e53586cdf2 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -174,6 +174,7 @@ VIR_ENUM_IMPL(virDomainFeature, "msrs", "ccf-assist", "xen", + "cfpc", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1266,6 +1267,14 @@ VIR_ENUM_IMPL(virDomainOsDefFirmware, "efi", ); +VIR_ENUM_IMPL(virDomainCFPC, + VIR_DOMAIN_CFPC_LAST, + "none", + "broken", + "workaround", + "fixed", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -19326,6 +19335,21 @@ virDomainFeaturesDefParse(virDomainDefPtr def, } break; + case VIR_DOMAIN_FEATURE_CFPC: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainCFPCTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_CFPC_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; + case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: @@ -23377,6 +23401,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_CFPC: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainCFPCTypeToString(src->features[i]), + "value", virDomainCFPCTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29211,6 +29247,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainMsrsUnknownTypeToString(def->msrs_features[VIR_DOMAIN_MSRS_UNKNOWN])); break; + case VIR_DOMAIN_FEATURE_CFPC: + if (def->features[i] == VIR_DOMAIN_CFPC_NONE) + break; + + virBufferAsprintf(&childBuf, "<cfpc value='%s'/>\n", + virDomainCFPCTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index ecb80ef8f2..8594049e52 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1816,6 +1816,7 @@ typedef enum { VIR_DOMAIN_FEATURE_MSRS, VIR_DOMAIN_FEATURE_CCF_ASSIST, VIR_DOMAIN_FEATURE_XEN, + VIR_DOMAIN_FEATURE_CFPC, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1987,6 +1988,17 @@ typedef enum { VIR_ENUM_DECL(virDomainHPTResizing); +typedef enum { + VIR_DOMAIN_CFPC_NONE = 0, + VIR_DOMAIN_CFPC_BROKEN, + VIR_DOMAIN_CFPC_WORKAROUND, + VIR_DOMAIN_CFPC_FIXED, + + VIR_DOMAIN_CFPC_LAST +} virDomainCFPC; + +VIR_ENUM_DECL(virDomainCFPC); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a9694f34c0..308959b493 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -235,6 +235,7 @@ virDomainBlockIoTuneInfoHasMaxLength; virDomainBootTypeFromString; virDomainBootTypeToString; virDomainCapabilitiesPolicyTypeToString; +virDomainCFPCTypeToString; virDomainChrConsoleTargetTypeFromString; virDomainChrConsoleTargetTypeToString; virDomainChrDefForeach; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 45dd830781..4cb454769a 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7171,6 +7171,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-ccf-assist=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_CFPC] != VIR_DOMAIN_CFPC_NONE) { + const char *str = virDomainCFPCTypeToString(def->features[VIR_DOMAIN_FEATURE_CFPC]); + virBufferAsprintf(&buf, ",cap-cfpc=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index cb0ff8d636..31d36e938b 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -136,6 +136,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_CFPC: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("cfpc configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -194,6 +204,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: + case VIR_DOMAIN_FEATURE_CFPC: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 7aa357a54e..8540252c17 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -11,7 +11,8 @@ QEMU_AUDIO_DRV=none \ -name guest \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ -cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on \ +cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ +cap-cfpc=fixed \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index 8ccc1b73d8..f07a204cb7 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -13,6 +13,7 @@ <htm state='on'/> <nested-hv state='off'/> <ccf-assist state='on'/> + <cfpc value='fixed'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 1a1b9026c4..1bad60bfce 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1964,6 +1964,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1972,7 +1973,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, - QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1980,6 +1982,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1988,6 +1991,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -1996,6 +2000,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2004,8 +2009,18 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); DO_TEST("pseries-serial-native", diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index a5df840394..1b5d78ce74 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -15,6 +15,7 @@ <htm state='on'/> <nested-hv state='off'/> <ccf-assist state='on'/> + <cfpc value='fixed'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 4e43fa6fc6..2a89c289a4 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -695,7 +695,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.4
On 4/27/20 2:14 PM, Daniel Henrique Barboza wrote:
This patch adds the implementation of the CFPC pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC capability added in the previous patch.
CPFC can have the values "broken", "workaround" or "fixed". Extra code is required to handle it since it's not a regular tristate capability.
This is the XML format for the cap:
<features> <cfpc value='workaround'/> </features>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 11 +++++ docs/schemas/domaincommon.rng | 15 +++++++ src/conf/domain_conf.c | 44 +++++++++++++++++++ src/conf/domain_conf.h | 12 +++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 +++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 17 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 121 insertions(+), 3 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index ecb80ef8f2..8594049e52 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1816,6 +1816,7 @@ typedef enum { VIR_DOMAIN_FEATURE_MSRS, VIR_DOMAIN_FEATURE_CCF_ASSIST, VIR_DOMAIN_FEATURE_XEN, + VIR_DOMAIN_FEATURE_CFPC,
VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1987,6 +1988,17 @@ typedef enum {
VIR_ENUM_DECL(virDomainHPTResizing);
+typedef enum { + VIR_DOMAIN_CFPC_NONE = 0, + VIR_DOMAIN_CFPC_BROKEN, + VIR_DOMAIN_CFPC_WORKAROUND, + VIR_DOMAIN_CFPC_FIXED, + + VIR_DOMAIN_CFPC_LAST +} virDomainCFPC; + +VIR_ENUM_DECL(virDomainCFPC); +
This declares both: virDomainCFPCTypeToString() virDomainCFPCTypeFromString()
/* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a9694f34c0..308959b493 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -235,6 +235,7 @@ virDomainBlockIoTuneInfoHasMaxLength; virDomainBootTypeFromString; virDomainBootTypeToString; virDomainCapabilitiesPolicyTypeToString; +virDomainCFPCTypeToString;
And even though we need only this, I'd like to expose TypeFromString() too for a possible future use. I mean, it's declared in the header file.
virDomainChrConsoleTargetTypeFromString; virDomainChrConsoleTargetTypeToString; virDomainChrDefForeach;
Michal
SBBC (Speculation Barrier Bounds Checking) is another capability related to Spectre mitigation efforts in Power processors. It was implemented in QEMU 2.12 by commit 09114fd81799. This patch introduces it as QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC to be implemented in the next patch. Like the case with the now implemented CFPC, exposing this feature in the XML allows for a cleaner way for users to tune the SBBC accordingly, given that not all hypervisor and guest setups supports this Spectre mitigation. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 13 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 4838f3cfb5..2e2b9874a7 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -575,6 +575,9 @@ VIR_ENUM_IMPL(virQEMUCaps, "pcie-root-port.hotplug", "aio.io_uring", "machine.pseries.cap-cfpc", + + /* 365 */ + "machine.pseries.cap-sbbc", ); @@ -1619,6 +1622,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV }, { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, + { "cap-sbbc", QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 88cf44ed59..4040c50dc4 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -557,6 +557,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ QEMU_CAPS_AIO_IO_URING, /* -blockdev {...,"aio":"io_uring",...} */ QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */ + /* 365 */ + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, /* -machine pseries.cap-sbbc */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index cdd4f26993..2046f1097c 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -155,6 +155,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 84e9ad2dcc..9e71080152 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -157,6 +157,7 @@ <flag name='drive-nvme'/> <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index 3d70a67dab..f13b384e91 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -162,6 +162,7 @@ <flag name='i8042'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index ce2d470cb2..674e4b4944 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -176,6 +176,7 @@ <flag name='i8042'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index a813776660..f89498171b 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -181,6 +181,7 @@ <flag name='rng-builtin'/> <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index c33786b0bf..ebc39130df 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -193,6 +193,7 @@ <flag name='fsdev.multidevs'/> <flag name='virtio.packed'/> <flag name='machine.pseries.cap-cfpc'/> + <flag name='machine.pseries.cap-sbbc'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.4
This patch adds the implementation of the SBBC pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC capability added in the previous patch. Like the previously added CFPC feature, SBBC can have the values "broken", "workaround" or "fixed". Extra code is required to handle it since it's not a regular tristate capability. This is the XML format for the cap: <features> <sbbc value='workaround'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 11 +++++ docs/schemas/domaincommon.rng | 15 +++++++ src/conf/domain_conf.c | 44 +++++++++++++++++++ src/conf/domain_conf.h | 12 +++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 +++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 2 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 21 ++++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 123 insertions(+), 4 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index a99407675f..dd8172fff2 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2079,6 +2079,7 @@ <ccf-assist state='on'/> <msrs unknown='ignore'/> <cfpc value='workaround'/> + <sbbc value='workaround'/> </features> ...</pre> @@ -2417,6 +2418,16 @@ default will be used. <span class="since">Since 6.3.0</span> (QEMU/KVM only) </dd> + <dt><code>sbbc</code></dt> + <dd>Configure sbbc (Speculation Barrier Bounds Checking) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (software workaround available) and <code>fixed</code> (fixed in + hardware). If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 6441e01717..2a7a433c03 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5437,6 +5437,9 @@ <optional> <ref name="cfpc"/> </optional> + <optional> + <ref name="sbbc"/> + </optional> </interleave> </element> </optional> @@ -5708,6 +5711,18 @@ </element> </define> + <define name="sbbc"> + <element name="sbbc"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index e53586cdf2..226a0012fc 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -175,6 +175,7 @@ VIR_ENUM_IMPL(virDomainFeature, "ccf-assist", "xen", "cfpc", + "sbbc", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1275,6 +1276,14 @@ VIR_ENUM_IMPL(virDomainCFPC, "fixed", ); +VIR_ENUM_IMPL(virDomainSBBC, + VIR_DOMAIN_SBBC_LAST, + "none", + "broken", + "workaround", + "fixed", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -19350,6 +19359,21 @@ virDomainFeaturesDefParse(virDomainDefPtr def, } break; + case VIR_DOMAIN_FEATURE_SBBC: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainSBBCTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_SBBC_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; + case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: @@ -23413,6 +23437,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_SBBC: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainSBBCTypeToString(src->features[i]), + "value", virDomainSBBCTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29255,6 +29291,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainCFPCTypeToString(def->features[i])); break; + case VIR_DOMAIN_FEATURE_SBBC: + if (def->features[i] == VIR_DOMAIN_SBBC_NONE) + break; + + virBufferAsprintf(&childBuf, "<sbbc value='%s'/>\n", + virDomainSBBCTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 8594049e52..ac84591b17 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1817,6 +1817,7 @@ typedef enum { VIR_DOMAIN_FEATURE_CCF_ASSIST, VIR_DOMAIN_FEATURE_XEN, VIR_DOMAIN_FEATURE_CFPC, + VIR_DOMAIN_FEATURE_SBBC, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -1999,6 +2000,17 @@ typedef enum { VIR_ENUM_DECL(virDomainCFPC); +typedef enum { + VIR_DOMAIN_SBBC_NONE = 0, + VIR_DOMAIN_SBBC_BROKEN, + VIR_DOMAIN_SBBC_WORKAROUND, + VIR_DOMAIN_SBBC_FIXED, + + VIR_DOMAIN_SBBC_LAST +} virDomainSBBC; + +VIR_ENUM_DECL(virDomainSBBC); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 308959b493..cccae12323 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -582,6 +582,7 @@ virDomainRNGModelTypeToString; virDomainRNGRemove; virDomainRunningReasonTypeFromString; virDomainRunningReasonTypeToString; +virDomainSBBCTypeToString; virDomainSCSIDriveAddressIsUsed; virDomainSeclabelTypeFromString; virDomainSeclabelTypeToString; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 4cb454769a..b7c6be0d50 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7176,6 +7176,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-cfpc=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_SBBC] != VIR_DOMAIN_SBBC_NONE) { + const char *str = virDomainSBBCTypeToString(def->features[VIR_DOMAIN_FEATURE_SBBC]); + virBufferAsprintf(&buf, ",cap-sbbc=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 31d36e938b..0d5df6f426 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -146,6 +146,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_SBBC: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("sbbc configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -205,6 +215,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: case VIR_DOMAIN_FEATURE_CFPC: + case VIR_DOMAIN_FEATURE_SBBC: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 8540252c17..9a64df7593 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -12,7 +12,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ -cap-cfpc=fixed \ +cap-cfpc=fixed,cap-sbbc=broken \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index f07a204cb7..ef431b0067 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -14,6 +14,7 @@ <nested-hv state='off'/> <ccf-assist state='on'/> <cfpc value='fixed'/> + <sbbc value='broken'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 1bad60bfce..83f451f750 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1965,6 +1965,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1974,7 +1975,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1983,6 +1985,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1992,6 +1995,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -2001,6 +2005,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2010,6 +2015,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ @@ -2019,7 +2025,18 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, - QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST); + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_SBBC */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index 1b5d78ce74..3700ffa195 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -16,6 +16,7 @@ <nested-hv state='off'/> <ccf-assist state='on'/> <cfpc value='fixed'/> + <sbbc value='broken'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 2a89c289a4..c2596161c3 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -696,7 +696,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.4
IBS (Indirect Branch Speculation) is the last capability added in QEMU 2.12 related to Spectre mitigation for Power. It was added in commit 4be8d4e7d935. This patch introduces it as QEMU_CAPS_MACHINE_PSERIES_CAP_IBS. Like CFPC and SBBC, users might want to tune in IBS based on their HW and guest OS requirements, and it's better to do it so in a proper Libvirt feature than to put QEMU arguments in the middle of the domain XML. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- src/qemu/qemu_capabilities.c | 2 ++ src/qemu/qemu_capabilities.h | 1 + tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 1 + tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 1 + 8 files changed, 9 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 2e2b9874a7..3e00299a91 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -578,6 +578,7 @@ VIR_ENUM_IMPL(virQEMUCaps, /* 365 */ "machine.pseries.cap-sbbc", + "machine.pseries.cap-ibs", ); @@ -1623,6 +1624,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = { { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, { "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC }, { "cap-sbbc", QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC }, + { "cap-ibs", QEMU_CAPS_MACHINE_PSERIES_CAP_IBS }, }; static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 4040c50dc4..281aca5ea7 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -559,6 +559,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ /* 365 */ QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, /* -machine pseries.cap-sbbc */ + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, /* -machine pseries.cap-ibs */ QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml index 2046f1097c..4c1758fbfe 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.ppc64.xml @@ -156,6 +156,7 @@ <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>2011090</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900289</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml index 9e71080152..a8390a12eb 100644 --- a/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.0.0.ppc64.xml @@ -158,6 +158,7 @@ <flag name='i8042'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>2012050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900239</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml index f13b384e91..d96caaa9ed 100644 --- a/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_3.1.0.ppc64.xml @@ -163,6 +163,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>3000091</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml index 674e4b4944..44c1b9205e 100644 --- a/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.0.0.ppc64.xml @@ -177,6 +177,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4000000</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900240</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml index f89498171b..2eef337cc4 100644 --- a/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_4.2.0.ppc64.xml @@ -182,6 +182,7 @@ <flag name='storage.werror'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4001050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900242</microcodeVersion> diff --git a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml index ebc39130df..d972def4b3 100644 --- a/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml +++ b/tests/qemucapabilitiesdata/caps_5.0.0.ppc64.xml @@ -194,6 +194,7 @@ <flag name='virtio.packed'/> <flag name='machine.pseries.cap-cfpc'/> <flag name='machine.pseries.cap-sbbc'/> + <flag name='machine.pseries.cap-ibs'/> <version>4002050</version> <kvmVersion>0</kvmVersion> <microcodeVersion>42900241</microcodeVersion> -- 2.25.4
This patch adds the implementation of the IBS pSeries feature, using the QEMU_CAPS_MACHINE_PSERIES_CAP_IBS capability added in the previous patch. IBS can have the following values: "broken", "workaround", "fixed-ibs", "fixed-ccd" and "fixed-na". This is the XML format for the cap: <features> <ibs value='fixed-ibs'/> </features> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/formatdomain.html.in | 14 ++++++ docs/schemas/domaincommon.rng | 17 +++++++ src/conf/domain_conf.c | 46 +++++++++++++++++++ src/conf/domain_conf.h | 14 ++++++ src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 5 ++ src/qemu/qemu_validate.c | 11 +++++ tests/qemuxml2argvdata/pseries-features.args | 2 +- tests/qemuxml2argvdata/pseries-features.xml | 1 + tests/qemuxml2argvtest.c | 25 ++++++++-- tests/qemuxml2xmloutdata/pseries-features.xml | 1 + tests/qemuxml2xmltest.c | 3 +- 12 files changed, 135 insertions(+), 5 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index dd8172fff2..91d6f6c0d3 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -2080,6 +2080,7 @@ <msrs unknown='ignore'/> <cfpc value='workaround'/> <sbbc value='workaround'/> + <ibs value='fixed-na'/> </features> ...</pre> @@ -2428,6 +2429,19 @@ default will be used. <span class="since">Since 6.3.0</span> (QEMU/KVM only) </dd> + <dt><code>ibs</code></dt> + <dd>Configure ibs (Indirect Branch Speculation) availability for + pSeries guests. + Possible values for the <code>value</code> attribute + are <code>broken</code> (no protection), <code>workaround</code> + (count cache flush), <code>fixed-ibs</code> (fixed by + serializing indirect branches), <code>fixed-ccd</code> (fixed by + disabling the cache count) and <code>fixed-na (fixed in + hardware - no longer applicable)</code>. + If the attribute is not defined, the hypervisor + default will be used. + <span class="since">Since 6.3.0</span> (QEMU/KVM only) + </dd> </dl> <h3><a id="elementsTime">Time keeping</a></h3> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 2a7a433c03..9d60b090f3 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5440,6 +5440,9 @@ <optional> <ref name="sbbc"/> </optional> + <optional> + <ref name="ibs"/> + </optional> </interleave> </element> </optional> @@ -5723,6 +5726,20 @@ </element> </define> + <define name="ibs"> + <element name="ibs"> + <attribute name="value"> + <choice> + <value>broken</value> + <value>workaround</value> + <value>fixed-ibs</value> + <value>fixed-ccd</value> + <value>fixed-na</value> + </choice> + </attribute> + </element> + </define> + <define name="address"> <element name="address"> <choice> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 226a0012fc..8a87586936 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -176,6 +176,7 @@ VIR_ENUM_IMPL(virDomainFeature, "xen", "cfpc", "sbbc", + "ibs", ); VIR_ENUM_IMPL(virDomainCapabilitiesPolicy, @@ -1284,6 +1285,16 @@ VIR_ENUM_IMPL(virDomainSBBC, "fixed", ); +VIR_ENUM_IMPL(virDomainIBS, + VIR_DOMAIN_IBS_LAST, + "none", + "broken", + "workaround", + "fixed-ibs", + "fixed-ccd", + "fixed-na", +); + /* Internal mapping: subset of block job types that can be present in * <mirror> XML (remaining types are not two-phase). */ VIR_ENUM_DECL(virDomainBlockJob); @@ -19374,6 +19385,21 @@ virDomainFeaturesDefParse(virDomainDefPtr def, } break; + case VIR_DOMAIN_FEATURE_IBS: + tmp = virXMLPropString(nodes[i], "value"); + if (tmp) { + int value = virDomainIBSTypeFromString(tmp); + if (value < 0 || value == VIR_DOMAIN_IBS_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Unknown value: %s"), + tmp); + goto error; + } + def->features[val] = value; + VIR_FREE(tmp); + } + break; + case VIR_DOMAIN_FEATURE_HTM: case VIR_DOMAIN_FEATURE_NESTED_HV: case VIR_DOMAIN_FEATURE_CCF_ASSIST: @@ -23449,6 +23475,18 @@ virDomainDefFeaturesCheckABIStability(virDomainDefPtr src, } break; + case VIR_DOMAIN_FEATURE_IBS: + if (src->features[i] != dst->features[i]) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("State of feature '%s' differs: " + "source: '%s=%s', destination: '%s=%s'"), + featureName, + "value", virDomainIBSTypeToString(src->features[i]), + "value", virDomainIBSTypeToString(dst->features[i])); + return false; + } + break; + case VIR_DOMAIN_FEATURE_MSRS: break; @@ -29299,6 +29337,14 @@ virDomainDefFormatFeatures(virBufferPtr buf, virDomainSBBCTypeToString(def->features[i])); break; + case VIR_DOMAIN_FEATURE_IBS: + if (def->features[i] == VIR_DOMAIN_IBS_NONE) + break; + + virBufferAsprintf(&childBuf, "<ibs value='%s'/>\n", + virDomainIBSTypeToString(def->features[i])); + break; + /* coverity[dead_error_begin] */ case VIR_DOMAIN_FEATURE_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index ac84591b17..4afd8f04bc 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1818,6 +1818,7 @@ typedef enum { VIR_DOMAIN_FEATURE_XEN, VIR_DOMAIN_FEATURE_CFPC, VIR_DOMAIN_FEATURE_SBBC, + VIR_DOMAIN_FEATURE_IBS, VIR_DOMAIN_FEATURE_LAST } virDomainFeature; @@ -2011,6 +2012,19 @@ typedef enum { VIR_ENUM_DECL(virDomainSBBC); +typedef enum { + VIR_DOMAIN_IBS_NONE = 0, + VIR_DOMAIN_IBS_BROKEN, + VIR_DOMAIN_IBS_WORKAROUND, + VIR_DOMAIN_IBS_FIXEDIBS, + VIR_DOMAIN_IBS_FIXEDCCD, + VIR_DOMAIN_IBS_FIXEDNA, + + VIR_DOMAIN_IBS_LAST +} virDomainIBS; + +VIR_ENUM_DECL(virDomainIBS); + /* Operating system configuration data & machine / arch */ struct _virDomainOSEnv { char *name; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index cccae12323..c70ea9e642 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -455,6 +455,7 @@ virDomainHubTypeFromString; virDomainHubTypeToString; virDomainHypervTypeFromString; virDomainHypervTypeToString; +virDomainIBSTypeToString; virDomainInputBusTypeToString; virDomainInputDefFind; virDomainInputDefFree; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index b7c6be0d50..a76e7d6f61 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7181,6 +7181,11 @@ qemuBuildMachineCommandLine(virCommandPtr cmd, virBufferAsprintf(&buf, ",cap-sbbc=%s", str); } + if (def->features[VIR_DOMAIN_FEATURE_IBS] != VIR_DOMAIN_IBS_NONE) { + const char *str = virDomainIBSTypeToString(def->features[VIR_DOMAIN_FEATURE_IBS]); + virBufferAsprintf(&buf, ",cap-ibs=%s", str); + } + if (cpu && cpu->model && cpu->mode == VIR_CPU_MODE_HOST_MODEL && qemuDomainIsPSeries(def) && diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 0d5df6f426..cd297aa734 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -156,6 +156,16 @@ qemuValidateDomainDefPSeriesFeature(const virDomainDef *def, return -1; } + break; + + case VIR_DOMAIN_FEATURE_IBS: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_CAP_IBS)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("ibs configuration is not supported by " + "this QEMU binary")); + return -1; + } + break; } @@ -216,6 +226,7 @@ qemuValidateDomainDefFeatures(const virDomainDef *def, case VIR_DOMAIN_FEATURE_CCF_ASSIST: case VIR_DOMAIN_FEATURE_CFPC: case VIR_DOMAIN_FEATURE_SBBC: + case VIR_DOMAIN_FEATURE_IBS: if (qemuValidateDomainDefPSeriesFeature(def, qemuCaps, i) < 0) return -1; break; diff --git a/tests/qemuxml2argvdata/pseries-features.args b/tests/qemuxml2argvdata/pseries-features.args index 9a64df7593..668eeb157b 100644 --- a/tests/qemuxml2argvdata/pseries-features.args +++ b/tests/qemuxml2argvdata/pseries-features.args @@ -12,7 +12,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pseries,accel=tcg,usb=off,dump-guest-core=off,resize-hpt=required,\ cap-hpt-max-page-size=1048576k,cap-htm=on,cap-nested-hv=off,cap-ccf-assist=on,\ -cap-cfpc=fixed,cap-sbbc=broken \ +cap-cfpc=fixed,cap-sbbc=broken,cap-ibs=fixed-ccd \ -m 512 \ -realtime mlock=off \ -smp 1,sockets=1,cores=1,threads=1 \ diff --git a/tests/qemuxml2argvdata/pseries-features.xml b/tests/qemuxml2argvdata/pseries-features.xml index ef431b0067..6e4700a56a 100644 --- a/tests/qemuxml2argvdata/pseries-features.xml +++ b/tests/qemuxml2argvdata/pseries-features.xml @@ -15,6 +15,7 @@ <ccf-assist state='on'/> <cfpc value='fixed'/> <sbbc value='broken'/> + <ibs value='fixed-ccd'/> </features> <devices> <emulator>/usr/bin/qemu-system-ppc64</emulator> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 83f451f750..d3c8b048cb 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1966,6 +1966,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT */ @@ -1976,7 +1977,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE */ DO_TEST_PARSE_ERROR("pseries-features", @@ -1986,6 +1988,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_HTM */ @@ -1996,6 +1999,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV */ @@ -2006,6 +2010,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST */ @@ -2016,6 +2021,7 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_CFPC */ @@ -2026,7 +2032,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); /* parse error: no QEMU_CAPS_MACHINE_PSERIES_SBBC */ DO_TEST_PARSE_ERROR("pseries-features", @@ -2036,7 +2043,19 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, - QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC); + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); + + /* parse error: no QEMU_CAPS_MACHINE_PSERIES_IBS */ + DO_TEST_PARSE_ERROR("pseries-features", + QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, + QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, + QEMU_CAPS_MACHINE_PSERIES_CAP_HPT_MAX_PAGE_SIZE, + QEMU_CAPS_MACHINE_PSERIES_CAP_HTM, + QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV, + QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, + QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); DO_TEST_PARSE_ERROR("pseries-features-invalid-machine", NONE); diff --git a/tests/qemuxml2xmloutdata/pseries-features.xml b/tests/qemuxml2xmloutdata/pseries-features.xml index 3700ffa195..e1c1d7306e 100644 --- a/tests/qemuxml2xmloutdata/pseries-features.xml +++ b/tests/qemuxml2xmloutdata/pseries-features.xml @@ -17,6 +17,7 @@ <ccf-assist state='on'/> <cfpc value='fixed'/> <sbbc value='broken'/> + <ibs value='fixed-ccd'/> </features> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index c2596161c3..06145e767a 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -697,7 +697,8 @@ mymain(void) QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST, QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, - QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC); + QEMU_CAPS_MACHINE_PSERIES_CAP_SBBC, + QEMU_CAPS_MACHINE_PSERIES_CAP_IBS); DO_TEST("pseries-serial-native", QEMU_CAPS_DEVICE_SPAPR_PCI_HOST_BRIDGE, -- 2.25.4
Update news.xml to inform about the availability of CFPC, SBBC and IBS features. Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> --- docs/news.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 5835013c19..80819aec23 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -109,6 +109,16 @@ and/or fine tuned per individual host. </description> </change> + <change> + <summary> + qemu: Implement pSeries Spectre mitigation features + </summary> + <description> + Users can now setup the following capabilities of pSeries guests: + CFPC (Cache Flush on Privilege Change), SBBC (Speculation Barrier + Bounds Checking) and IBS (Indirect Branch Speculation). + </description> + </change> </section> <section title="Improvements"> </section> -- 2.25.4
On 4/27/20 2:14 PM, Daniel Henrique Barboza wrote:
Recent changes in master (adding aio_io_uring cap, splitting feature parsing code to a new function, updates in news.xml) broke rebase for all patches in the series. Re-sending it, rebased with master at 606fb3979ab4.
****
Hi,
This series implements 3 Spectre related PowerPC features that were added back in QEMU 2.12:
- CFPC: Cache Flush on Privilege Change - SBBC: Speculation Barrier Bounds Checking - IBS: Indirect Branch Speculation
These options aren't much of a problem for users using latest hardware and guests with recent Linux kernels. Users with outdated hardware/firmware or trying to run AIX guests/guests with older kernels, however, will need to fine tune these options because QEMU defaults won't work.
Instead of making users rely on <qemu:commandline> elements to hardcode the options in the XML, let's support them in Libvirt.
Daniel Henrique Barboza (7): qemu: Add capability for CFPC pSeries feature qemu: Implement the CFPC pSeries feature qemu: Add capability for SBBC pSeries feature qemu: Implement the SBBC pSeries feature qemu: Add capability for IBS pSeries feature qemu: Implement the IBS pSeries feature news: Update for the recent added pSeries features
docs/formatdomain.html.in | 36 +++++ docs/news.xml | 10 ++ docs/schemas/domaincommon.rng | 47 ++++++ src/conf/domain_conf.c | 134 ++++++++++++++++++ src/conf/domain_conf.h | 38 +++++ src/libvirt_private.syms | 3 + src/qemu/qemu_capabilities.c | 8 ++ src/qemu/qemu_capabilities.h | 5 + src/qemu/qemu_command.c | 15 ++ src/qemu/qemu_validate.c | 33 +++++ .../caps_2.12.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_3.1.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.0.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_4.2.0.ppc64.xml | 3 + .../qemucapabilitiesdata/caps_5.0.0.ppc64.xml | 3 + tests/qemuxml2argvdata/pseries-features.args | 3 +- tests/qemuxml2argvdata/pseries-features.xml | 3 + tests/qemuxml2argvtest.c | 53 ++++++- tests/qemuxml2xmloutdata/pseries-features.xml | 3 + tests/qemuxml2xmltest.c | 5 +- 21 files changed, 411 insertions(+), 3 deletions(-)
I've fixed all three TypeFromString()/TypeToString() places, and pushed. Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal
participants (2)
-
Daniel Henrique Barboza -
Michal Privoznik