cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
9ae3a8
From 59c1aecdd92dc66e92f8ffe8a2a5e121031a2ae7 Mon Sep 17 00:00:00 2001
9ae3a8
From: Eduardo Habkost <ehabkost@redhat.com>
9ae3a8
Date: Fri, 21 Dec 2018 00:31:11 +0100
9ae3a8
Subject: [PATCH 1/2] i386: Deprecate arch-facilities and make it block live
9ae3a8
 migration
9ae3a8
9ae3a8
RH-Author: Eduardo Habkost <ehabkost@redhat.com>
9ae3a8
Message-id: <20181221003111.32374-1-ehabkost@redhat.com>
9ae3a8
Patchwork-id: 83733
9ae3a8
O-Subject: [RHEL-7.7 qemu-kvm PATCH] i386: Deprecate arch-facilities and make it block live migration
9ae3a8
Bugzilla: 1658407
9ae3a8
RH-Acked-by: Bandan Das <bsd@redhat.com>
9ae3a8
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
9ae3a8
RH-Acked-by: Jiri Denemark <jdenemar@redhat.com>
9ae3a8
9ae3a8
The arch-facilities feature flag is being deprecated because it
9ae3a8
was never supported upstream.  The upstream property is
9ae3a8
called "arch-capabilities", but it was not backported to
9ae3a8
RHEL7/qemu-kvm.
9ae3a8
9ae3a8
Note that arch-capabilities is not required for mitigation of
9ae3a8
CVE-2017-5715.
9ae3a8
9ae3a8
In addition to being deprecated, arch-facilities will now block
9ae3a8
live migration because the value of MSR_IA32_ARCH_CAPABILITIES is
9ae3a8
host-dependent and not migration-safe.
9ae3a8
9ae3a8
Note that the "arch-facilities" option didn't work in RHEL-7.5.
9ae3a8
It only started working (by accident) on RHEL-7.6, after the KVM
9ae3a8
kernel module code was updated to report the feature flag on
9ae3a8
GET_SUPPORTED_CPUID.
9ae3a8
9ae3a8
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
9ae3a8
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
9ae3a8
---
9ae3a8
 target-i386/cpu.c | 35 +++++++++++++++++++++++++++++++++++
9ae3a8
 target-i386/cpu.h |  1 +
9ae3a8
 2 files changed, 36 insertions(+)
9ae3a8
9ae3a8
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
9ae3a8
index 4b3a238e8d..a36483eca9 100644
9ae3a8
--- a/target-i386/cpu.c
9ae3a8
+++ b/target-i386/cpu.c
9ae3a8
@@ -34,6 +34,7 @@
9ae3a8
 #include "qapi-visit.h"
9ae3a8
 #include "qapi/visitor.h"
9ae3a8
 #include "sysemu/arch_init.h"
9ae3a8
+#include "migration/migration.h"
9ae3a8
 
9ae3a8
 #include "hw/hw.h"
9ae3a8
 #if defined(CONFIG_KVM)
9ae3a8
@@ -1742,6 +1743,14 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def)
9ae3a8
                                          wi->cpuid_reg);
9ae3a8
     }
9ae3a8
 
9ae3a8
+    /*
9ae3a8
+     * Features that won't be enabled automatically by "-cpu host" even if
9ae3a8
+     * reported by GET_SUPPORTED_CPUID:
9ae3a8
+     */
9ae3a8
+
9ae3a8
+    /* arch-facilities: deprecated (see comment on x86_cpu_realizefn()) */
9ae3a8
+    x86_cpu_def->features[FEAT_7_0_EDX] &= ~CPUID_7_0_EDX_ARCH_CAPABILITIES;
9ae3a8
+
9ae3a8
 #endif /* CONFIG_KVM */
9ae3a8
 }
9ae3a8
 
9ae3a8
@@ -3089,6 +3098,32 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
9ae3a8
 #endif
9ae3a8
     }
9ae3a8
 
9ae3a8
+    /*
9ae3a8
+     * RHEL-only:
9ae3a8
+     *
9ae3a8
+     * The arch-facilities feature flag is deprecated because it was never
9ae3a8
+     * supported upstream.  The upstream property is "arch-capabilities",
9ae3a8
+     * but it was not backported to this QEMU version.  Note that
9ae3a8
+     * arch-capabilities is not required for mitigation of CVE-2017-5715.
9ae3a8
+     *
9ae3a8
+     * In addition to being deprecated, arch-facilities blocks live migration
9ae3a8
+     * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and
9ae3a8
+     * not migration-safe.
9ae3a8
+     */
9ae3a8
+    if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) {
9ae3a8
+        static bool warned = false;
9ae3a8
+        static Error *arch_facilities_blocker;
9ae3a8
+        if (!warned) {
9ae3a8
+            error_setg(&arch_facilities_blocker,
9ae3a8
+                       "The arch-facilities CPU feature is deprecated and "
9ae3a8
+                       "does not support live migration");
9ae3a8
+            migrate_add_blocker(arch_facilities_blocker);
9ae3a8
+            error_report("WARNING: the arch-facilities CPU feature is "
9ae3a8
+                         "deprecated and does not support live migration");
9ae3a8
+            warned = true;
9ae3a8
+        }
9ae3a8
+    }
9ae3a8
+
9ae3a8
 #ifndef CONFIG_USER_ONLY
9ae3a8
     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
9ae3a8
 
9ae3a8
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
9ae3a8
index debb0e5bf4..73437f16c5 100644
9ae3a8
--- a/target-i386/cpu.h
9ae3a8
+++ b/target-i386/cpu.h
9ae3a8
@@ -597,6 +597,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
9ae3a8
 #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
9ae3a8
 #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
9ae3a8
 #define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Indirect Branch - Restrict Speculation */
9ae3a8
+#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29)  /*Arch Capabilities*/
9ae3a8
 #define CPUID_7_0_EDX_SPEC_CTRL_SSBD  (1U << 31) /* Speculative Store Bypass Disable */
9ae3a8
 
9ae3a8
 #define CPUID_8000_0008_EBX_IBPB    (1U << 12) /* Indirect Branch Prediction Barrier */
9ae3a8
-- 
9ae3a8
2.19.1
9ae3a8