[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Me
From: |
David Hildenbrand |
Subject: |
Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1 |
Date: |
Wed, 14 Feb 2018 10:48:42 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 |
On 14.02.2018 10:18, Christian Borntraeger wrote:
>
>
> On 02/14/2018 10:11 AM, Cornelia Huck wrote:
>> On Tue, 13 Feb 2018 18:11:05 -0600
>> Michael Roth <address@hidden> wrote:
>>
>>> This blog entry is intended as a follow-up to the original entry in
>>> January regarding Spectre/Meltdown and the proposed changes to address
>>> them in the upcoming 2.11.1 release.
>>>
>>> This entry is meant to accompany the 2.11.1 release (planned for
>>> 2018-02-14) and document how to make use of the new options for
>>> various architectures.
>>>
>>> Cc: Eduardo Habkost <address@hidden>
>>> Cc: Paolo Bonzini <address@hidden>
>>> Cc: Peter Maydell <address@hidden>
>>> Cc: Suraj Jitindar Singh <address@hidden>
>>> Cc: David Gibson <address@hidden>
>>> Cc: Christian Borntraeger <address@hidden>
>>> Cc: Cornelia Huck <address@hidden>
>>> Cc: Thomas Huth <address@hidden>
>>> Signed-off-by: Michael Roth <address@hidden>
>>> ---
>>>
>>> The pseries/s390 bits have gotten some initial review (thanks
>>> Suraj/Christian),
>>> but it can definitely use some additional review on the x86 side of things.
>>>
>>> Also, Peter if think anything extra should to be mentioned on the ARM side
>>> just
>>> let me know what to add.
>>>
>>> .../2018-02-14-qemu-2-11-1-and-spectre-update.md | 180
>>> +++++++++++++++++++++
>>> 1 file changed, 180 insertions(+)
>>> create mode 100644 _posts/2018-02-14-qemu-2-11-1-and-spectre-update.md
>>
>> [some comments/questions regarding s390 cpu models, adding DavidH on cc:]
>>
>>> +## enabling mitigations for s390 KVM guests
>>> +
>>> +For s390 guests there are 2 CPU options relating to Spectre/Meltdown:
>>
>> s/options/feature bits/ ?
>>
>>> +
>>> +* bpb: Branch prediction blocking
>>> +* ppa15: PPA15 is installed
>>> +
>>> +**bpb** requires a host kernel patched with:
>>> +
>>> + commit 35b3fde6203b932b2b1a5b53b3d8808abc9c4f60
>>> + KVM: s390: wire up bpb feature
>>> +
>>> +and both **bpb** and **ppa15** require a firmware with the appropriate
>>> support
>>> +level as well as guest kernel patches to enable the functionality within
>>> +guests. Please check with your distro/vendor to confirm.
>>> +
>>> +Both **bpb** and **ppa15** are enabled by default with newer/patched host
>>> +kernels, and can also be set manually. For example:
>>> +
>>> + qemu-system-s390x -M s390-ccw-virtio-2.11 ... \
>>> + -cpu zEC12,bpb=on,ppa15=on
>>
>> Do we also want to add that bpb/ppa15 are on if you use the _full_
>> model (as opposed to the _base_ model)? Or is this going into too much
>> detail about the cpu model?
>
> full model is just an internal implementation.
> Either use
> - host passthrough
> - host model
> - add bpb and ppa15 manually to the choosen model (e.g. z13,bpb=on,ppa15=on)
Ack. They won't be enabled by existing base (e.g. z13-base) or default
(e.g. z13) CPU models. The full models are internal only.
So "-cpu host" or "-cpu [MODEL],bpb=on,ppa15=on" are the only two
options on the QEMU command line level.
--
Thanks,
David / dhildenb
- [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Michael Roth, 2018/02/13
- Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Bruce Rogers, 2018/02/13
- Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Daniel P . Berrangé, 2018/02/14
- Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Thomas Huth, 2018/02/14
- Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Cornelia Huck, 2018/02/14
- Re: [Qemu-devel] [qemu-web PATCH] Add a blog post documenting Spectre/Meltdown options for QEMU 2.11.1, Dr. David Alan Gilbert, 2018/02/14