yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
d740ea
From 59c1aecdd92dc66e92f8ffe8a2a5e121031a2ae7 Mon Sep 17 00:00:00 2001
ce3aa4
From: Eduardo Habkost <ehabkost@redhat.com>
ce3aa4
Date: Fri, 21 Dec 2018 00:31:11 +0100
d740ea
Subject: [PATCH 1/2] i386: Deprecate arch-facilities and make it block live
ce3aa4
 migration
ce3aa4
ce3aa4
RH-Author: Eduardo Habkost <ehabkost@redhat.com>
ce3aa4
Message-id: <20181221003111.32374-1-ehabkost@redhat.com>
ce3aa4
Patchwork-id: 83733
ce3aa4
O-Subject: [RHEL-7.7 qemu-kvm PATCH] i386: Deprecate arch-facilities and make it block live migration
d740ea
Bugzilla: 1658407
ce3aa4
RH-Acked-by: Bandan Das <bsd@redhat.com>
ce3aa4
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
ce3aa4
RH-Acked-by: Jiri Denemark <jdenemar@redhat.com>
ce3aa4
ce3aa4
The arch-facilities feature flag is being deprecated because it
ce3aa4
was never supported upstream.  The upstream property is
ce3aa4
called "arch-capabilities", but it was not backported to
ce3aa4
RHEL7/qemu-kvm.
ce3aa4
ce3aa4
Note that arch-capabilities is not required for mitigation of
ce3aa4
CVE-2017-5715.
ce3aa4
ce3aa4
In addition to being deprecated, arch-facilities will now block
ce3aa4
live migration because the value of MSR_IA32_ARCH_CAPABILITIES is
ce3aa4
host-dependent and not migration-safe.
ce3aa4
ce3aa4
Note that the "arch-facilities" option didn't work in RHEL-7.5.
ce3aa4
It only started working (by accident) on RHEL-7.6, after the KVM
ce3aa4
kernel module code was updated to report the feature flag on
ce3aa4
GET_SUPPORTED_CPUID.
ce3aa4
ce3aa4
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
ce3aa4
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
ce3aa4
---
ce3aa4
 target-i386/cpu.c | 35 +++++++++++++++++++++++++++++++++++
ce3aa4
 target-i386/cpu.h |  1 +
ce3aa4
 2 files changed, 36 insertions(+)
ce3aa4
ce3aa4
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
ce3aa4
index 4b3a238e8d..a36483eca9 100644
ce3aa4
--- a/target-i386/cpu.c
ce3aa4
+++ b/target-i386/cpu.c
ce3aa4
@@ -34,6 +34,7 @@
ce3aa4
 #include "qapi-visit.h"
ce3aa4
 #include "qapi/visitor.h"
ce3aa4
 #include "sysemu/arch_init.h"
ce3aa4
+#include "migration/migration.h"
ce3aa4
 
ce3aa4
 #include "hw/hw.h"
ce3aa4
 #if defined(CONFIG_KVM)
ce3aa4
@@ -1742,6 +1743,14 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def)
ce3aa4
                                          wi->cpuid_reg);
ce3aa4
     }
ce3aa4
 
ce3aa4
+    /*
ce3aa4
+     * Features that won't be enabled automatically by "-cpu host" even if
ce3aa4
+     * reported by GET_SUPPORTED_CPUID:
ce3aa4
+     */
ce3aa4
+
ce3aa4
+    /* arch-facilities: deprecated (see comment on x86_cpu_realizefn()) */
ce3aa4
+    x86_cpu_def->features[FEAT_7_0_EDX] &= ~CPUID_7_0_EDX_ARCH_CAPABILITIES;
ce3aa4
+
ce3aa4
 #endif /* CONFIG_KVM */
ce3aa4
 }
ce3aa4
 
ce3aa4
@@ -3089,6 +3098,32 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
ce3aa4
 #endif
ce3aa4
     }
ce3aa4
 
ce3aa4
+    /*
ce3aa4
+     * RHEL-only:
ce3aa4
+     *
ce3aa4
+     * The arch-facilities feature flag is deprecated because it was never
ce3aa4
+     * supported upstream.  The upstream property is "arch-capabilities",
ce3aa4
+     * but it was not backported to this QEMU version.  Note that
ce3aa4
+     * arch-capabilities is not required for mitigation of CVE-2017-5715.
ce3aa4
+     *
ce3aa4
+     * In addition to being deprecated, arch-facilities blocks live migration
ce3aa4
+     * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and
ce3aa4
+     * not migration-safe.
ce3aa4
+     */
ce3aa4
+    if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) {
ce3aa4
+        static bool warned = false;
ce3aa4
+        static Error *arch_facilities_blocker;
ce3aa4
+        if (!warned) {
ce3aa4
+            error_setg(&arch_facilities_blocker,
ce3aa4
+                       "The arch-facilities CPU feature is deprecated and "
ce3aa4
+                       "does not support live migration");
ce3aa4
+            migrate_add_blocker(arch_facilities_blocker);
ce3aa4
+            error_report("WARNING: the arch-facilities CPU feature is "
ce3aa4
+                         "deprecated and does not support live migration");
ce3aa4
+            warned = true;
ce3aa4
+        }
ce3aa4
+    }
ce3aa4
+
ce3aa4
 #ifndef CONFIG_USER_ONLY
ce3aa4
     qemu_register_reset(x86_cpu_machine_reset_cb, cpu);
ce3aa4
 
ce3aa4
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
ce3aa4
index debb0e5bf4..73437f16c5 100644
ce3aa4
--- a/target-i386/cpu.h
ce3aa4
+++ b/target-i386/cpu.h
ce3aa4
@@ -597,6 +597,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS];
ce3aa4
 #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */
ce3aa4
 #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */
ce3aa4
 #define CPUID_7_0_EDX_SPEC_CTRL     (1U << 26) /* Indirect Branch - Restrict Speculation */
ce3aa4
+#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29)  /*Arch Capabilities*/
ce3aa4
 #define CPUID_7_0_EDX_SPEC_CTRL_SSBD  (1U << 31) /* Speculative Store Bypass Disable */
ce3aa4
 
ce3aa4
 #define CPUID_8000_0008_EBX_IBPB    (1U << 12) /* Indirect Branch Prediction Barrier */
ce3aa4
-- 
ce3aa4
2.19.1
ce3aa4