[PATCH v2 1/1] cpu_map: Add more -noTSX x86 CPU models
Jiri Denemark
jdenemar at redhat.com
Wed Mar 18 10:15:05 UTC 2020
On Tue, Mar 10, 2020 at 11:48:06 +0100, Christian Ehrhardt wrote:
> One of the mitigation methods for TAA[1] is to disable TSX
> support on the host system. Linux added a mechanism to disable
> TSX globally through the kernel command line, and many Linux
> distributions now default to tsx=off. This makes existing CPU
> models that have HLE and RTM enabled not usable anymore.
>
> Add new versions of all CPU models that have the HLE and RTM
> features enabled, that can be used when TSX is disabled in the
> host system.
>
> On systems disabling the features without those types defined
> in cpu-maps users end up without modern CPU types in the list
> of usable CPUs to use in the likes of virsh domcapabilities
> or tools higher in the stack like virt-manager.
>
> This adds:
> -Cascadelake-Server-noTSX
> -Icelake-Client-noTSX
> -Icelake-Server-noTSX
> -Skylake-Server-noTSX-IBRS
> -Skylake-Client-noTSX-IBRS
>
> Introduced in QEMU by commit v4.2.0-rc2-3-g9ab2237f19 (function)
> and commit v4.2.0-rc2-4-g02fa60d101 (names)
>
> References:
>
> [1] TAA, TSX asynchronous Abort:
> https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
> https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html
>
> Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1853200
>
> Signed-off-by: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Reviewed-by: Jiri Denemark <jdenemar at redhat.com>
I just resent this patch (with my Reviewed-by already applied) together
with a few additional patches for not using the new noTSX model for
host-model CPUs.
Jirka
More information about the libvir-list
mailing list