Public bug reported:
When nested kvm virtualization is used (with host-passthrough), if the
first level guest is a trusty vm, odd behavior is seen in the second
level guest:
host os:
disco/5.0.0-15.16-generic/qemu 1:3.1+dfsg-2ubuntu3.1
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT vulnerable
1st level vm:
trusty/4.4.0-148.174~14.04.1-generic/qemu 2.0.0+dfsg-2ubuntu1.46
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Not affected
This behavior is not seen when the first level guest is a xenial or
bionic vm (same bare metal hardware):
1st level vm:
bionic/4.15.0-50.54-generic/qemu 1:2.11+dfsg-1ubuntu7.13
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
and:
1st level vm:
xenial/4.4.0-148.174-generic/qemu 1:2.5+dfsg-5ubuntu10.39
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
It's not clear whether this is an issue with linux/kvm or qemu in
trusty.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Incomplete
** Affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Tags: trusty
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1829555
Title:
nested virtualization w/first level trusty guests has odd MDS behavior
Status in linux package in Ubuntu:
Incomplete
Status in qemu package in Ubuntu:
New
Bug description:
When nested kvm virtualization is used (with host-passthrough), if the
first level guest is a trusty vm, odd behavior is seen in the second
level guest:
host os:
disco/5.0.0-15.16-generic/qemu 1:3.1+dfsg-2ubuntu3.1
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT vulnerable
1st level vm:
trusty/4.4.0-148.174~14.04.1-generic/qemu 2.0.0+dfsg-2ubuntu1.46
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Not affected
This behavior is not seen when the first level guest is a xenial or
bionic vm (same bare metal hardware):
1st level vm:
bionic/4.15.0-50.54-generic/qemu 1:2.11+dfsg-1ubuntu7.13
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
and:
1st level vm:
xenial/4.4.0-148.174-generic/qemu 1:2.5+dfsg-5ubuntu10.39
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
2nd level vm:
bionic/4.15.0-50.54-generic
contents of /sys/devices/system/cpu/vulnerabilities/mds:
Mitigation: Clear CPU buffers; SMT Host state unknown
It's not clear whether this is an issue with linux/kvm or qemu in
trusty.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1829555/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
