This bug was fixed in the package qemu - 1:2.11+dfsg-1ubuntu7.17
---------------
qemu (1:2.11+dfsg-1ubuntu7.17) bionic; urgency=medium
* {Ice,Cascade}Lake IA32_ARCH_CAPABILITIES support (LP: 1828495)
Needed patch is in d/p/u/lp1828495-:
- 0017-target-i386-add-MDS-NO-feature.patch:
target/i386: add MDS-NO feature
qemu (1:2.11+dfsg-1ubuntu7.16) bionic; urgency=medium
[ Christian Ehrhardt ]
* d/p/ubuntu/lp-1830243-s390-bios-Skip-bootmap-signature-entries.patch:
tolerate guests with secure boot loaders (LP: #1830243)
[ Rafael David Tinoco ]
* {Ice,Cascade}Lake CPUs + IA32_ARCH_CAPABILITIES support (LP: #1828495)
Needed patches are in d/p/u/lp1828495-:
- 0001-guidance-cpu-models.patch:
docs: add guidance on configuring CPU models for x86
+ d/qemu-system-common.install: include man/man7/qemu-cpu-models.7
- 0002-msr-new-msr-indices.patch:
i386: Add new MSR indices for IA32_PRED_CMD and IA32_ARCH_CAPABILITIES
- 0003-cpuid-feature-ia32-arch-capabilities.patch:
i386: Add CPUID bit and feature words for IA32_ARCH_CAPABILITIES MSR
- 0004-cpuid-bit-for-wbnoinvd.patch:
i386: Add CPUID bit for WBNOINVD
- 0005-new-cpu-model-for-icelake.patch:
i386: Add new CPU model Icelake-{Server,Client}
- 0006-update-headers-to-4.16-rc5.patch:
update Linux headers to 4.16-rc5
- 0007-kvm-get-msr-feature-index_list.patch:
kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and
- 0008-x86-msr-related-data-structure-changes.patch:
x86: Data structure changes to support MSR based features
- 0009-feature-wordS-arch-capabilities.patch:
x86: define a new MSR based feature word -- FEATURE_WORDS_ARCH
- 0010-use-kvm-get-msr-index-list.patch:
kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support
- 0011-disable-arch-cap-when-no-msr.patch:
i386: kvm: Disable arch_capabilities if MSR can't be set
- 0012-arch-capabilities-migratable.patch:
i386: Make arch_capabilities migratable
- 0013-cascadelake-server.patch:
i386: Add new model of Cascadelake-Server
- 0014-remove-cpuid-pconfig.patch:
i386: remove the new CPUID 'PCONFIG' from Icelake-Server CPU model
- 0015-remove-cpuid-intel_pt.patch:
i386: remove the 'INTEL_PT' CPUID bit from named CPU models
- 0016-no-ospke-on-some.patch:
i386: Disable OSPKE on CPU model definitions
-- Rafael David Tinoco <rafaeldtin...@ubuntu.com> Mon, 05 Aug 2019
19:12:08 +0000
** Changed in: qemu (Ubuntu Bionic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1828495
Title:
[KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM.
Status in intel:
New
Status in libvirt package in Ubuntu:
Fix Released
Status in linux package in Ubuntu:
In Progress
Status in qemu package in Ubuntu:
Fix Released
Status in libvirt source package in Bionic:
Confirmed
Status in linux source package in Bionic:
Confirmed
Status in qemu source package in Bionic:
Fix Released
Status in libvirt source package in Cosmic:
Won't Fix
Status in linux source package in Cosmic:
Won't Fix
Status in qemu source package in Cosmic:
Won't Fix
Status in libvirt source package in Disco:
Confirmed
Status in linux source package in Disco:
Confirmed
Status in qemu source package in Disco:
Fix Released
Status in libvirt source package in Eoan:
Fix Released
Status in linux source package in Eoan:
In Progress
Status in qemu source package in Eoan:
Fix Released
Bug description:
[Impact]
* QEMU does not support IceLake and CascadeLake CPUs specific features.
* Most important feature to be supported is: IA32_ARCH_CAPABILITIES MSR.
* With IA32_ARCH_CAPABILITIES, QEMU is able to advertise HW mitigations:
- Rogue Data Cache Load
- Enhanced IBRS
- RSB Alternate
- L1D flush need on VMENTRY
- speculative Store Bypass
to guests, as described in document:
Intel 336996-Speculative-Execution-Side-Channel-Mitigations.pdf
[Test Case]
* From Original Description:
"""
1. Boot up guest using: -cpu Cascadelake-Server
[root@clx-2s2 yexin]# qemu-system-x86_64 -accel kvm -drive
if=virtio,id=hd,file=/home/x/x,format=qcow2 -m 4096 -smp 4 -cpu
Cascadelake-Server -serial stdio
char device redirected to /dev/pts/3 (label serial0)
qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.07H:ECX [bit 4]
qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.07H:ECX [bit 4]
qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.07H:ECX [bit 4]
qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.07H:ECX [bit 4]
2. To check CPU ID related to features[FEAT_7_0_EDX]
:CPUID_7_0_EDX_ARCH_CAPABILITIES
Expected Result: Both host and guest's CPUID.07H EDX bit 29 should be
1.
Actual Result:
Host's cpuid: 0x00000007 0x00: eax=0x00000000 ebx=0xd39ffffb
ecx=0x00000818 edx=0xbc000000 (EDX bit 29=1)
Guest's cpuid : 0x00000007 0x00: eax=0x00000000 ebx=0xd19f0fb9
ecx=0x00000818 edx=0x84000000 (EDX bit 29=0)
Commit:2bdb76c015df7125783d8394d6339d181cb5bc30
Target Kerned: 5.1
Target Release: 19.10
"""
[Regression Potential]
* Most changes are related to CPU type definitions and its supported
features. They are all based in upstream changes but, for obvious
reasons, backporting and/or cherry-picking those could bring issues.
Biggest concern is breaking something that currently works. Right now,
the parts being changed that could affect other CPU types would be
related to a small refactoring of how the features are organized, and
that would be seen right away when trying to start a new VM after the
package is installed.
* Other tests, related to the features being backported, are being
done by our KVM regression tests, including migration combinations, to
reduce chances that a regression is introduced.
[Other Info]
* N/A
To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1828495/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
