From 59c1aecdd92dc66e92f8ffe8a2a5e121031a2ae7 Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Fri, 21 Dec 2018 00:31:11 +0100 Subject: [PATCH 1/2] i386: Deprecate arch-facilities and make it block live migration RH-Author: Eduardo Habkost Message-id: <20181221003111.32374-1-ehabkost@redhat.com> Patchwork-id: 83733 O-Subject: [RHEL-7.7 qemu-kvm PATCH] i386: Deprecate arch-facilities and make it block live migration Bugzilla: 1658407 RH-Acked-by: Bandan Das RH-Acked-by: Dr. David Alan Gilbert RH-Acked-by: Jiri Denemark The arch-facilities feature flag is being deprecated because it was never supported upstream. The upstream property is called "arch-capabilities", but it was not backported to RHEL7/qemu-kvm. Note that arch-capabilities is not required for mitigation of CVE-2017-5715. In addition to being deprecated, arch-facilities will now block live migration because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and not migration-safe. Note that the "arch-facilities" option didn't work in RHEL-7.5. It only started working (by accident) on RHEL-7.6, after the KVM kernel module code was updated to report the feature flag on GET_SUPPORTED_CPUID. Signed-off-by: Eduardo Habkost Signed-off-by: Miroslav Rezanina --- target-i386/cpu.c | 35 +++++++++++++++++++++++++++++++++++ target-i386/cpu.h | 1 + 2 files changed, 36 insertions(+) diff --git a/target-i386/cpu.c b/target-i386/cpu.c index 4b3a238e8d..a36483eca9 100644 --- a/target-i386/cpu.c +++ b/target-i386/cpu.c @@ -34,6 +34,7 @@ #include "qapi-visit.h" #include "qapi/visitor.h" #include "sysemu/arch_init.h" +#include "migration/migration.h" #include "hw/hw.h" #if defined(CONFIG_KVM) @@ -1742,6 +1743,14 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def) wi->cpuid_reg); } + /* + * Features that won't be enabled automatically by "-cpu host" even if + * reported by GET_SUPPORTED_CPUID: + */ + + /* arch-facilities: deprecated (see comment on x86_cpu_realizefn()) */ + x86_cpu_def->features[FEAT_7_0_EDX] &= ~CPUID_7_0_EDX_ARCH_CAPABILITIES; + #endif /* CONFIG_KVM */ } @@ -3089,6 +3098,32 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp) #endif } + /* + * RHEL-only: + * + * The arch-facilities feature flag is deprecated because it was never + * supported upstream. The upstream property is "arch-capabilities", + * but it was not backported to this QEMU version. Note that + * arch-capabilities is not required for mitigation of CVE-2017-5715. + * + * In addition to being deprecated, arch-facilities blocks live migration + * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and + * not migration-safe. + */ + if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) { + static bool warned = false; + static Error *arch_facilities_blocker; + if (!warned) { + error_setg(&arch_facilities_blocker, + "The arch-facilities CPU feature is deprecated and " + "does not support live migration"); + migrate_add_blocker(arch_facilities_blocker); + error_report("WARNING: the arch-facilities CPU feature is " + "deprecated and does not support live migration"); + warned = true; + } + } + #ifndef CONFIG_USER_ONLY qemu_register_reset(x86_cpu_machine_reset_cb, cpu); diff --git a/target-i386/cpu.h b/target-i386/cpu.h index debb0e5bf4..73437f16c5 100644 --- a/target-i386/cpu.h +++ b/target-i386/cpu.h @@ -597,6 +597,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ #define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Indirect Branch - Restrict Speculation */ +#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29) /*Arch Capabilities*/ #define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */ #define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */ -- 2.19.1