The arch-capabilities MSR is not defined on AMD CPUs, but KVM has always
been emulating them. Unfortunately, this may cause Windows to crash so
QEMU (since 10.1, commit
d3a24134e37d57abd3e7445842cda2717f49e96d)
decided to mask the MSR by default with some additional compatibility
code for older machine types.
This is all mostly transparent except for probing when we run QEMU
without a machine type and expand the "host" CPU model. With QEMU 10.1
and newer none of the arch-capabilities features will be shown as
enabled, which may cause unexpected issues for users (such as KubeVirt)
that get the list of all supported features from the host-model CPU
definition in domain capabilities to select possible target nodes for
migration. As a result of the change, no AMD host with new QEMU will be
shown as available for incoming migration from older hosts.
Since the features are supported on the host (it's possible to
explicitly enable them), but they should not be enabled by default in
host-model CPU, we only add the to domain capabilities when
VIR_CONNECT_GET_DOMAIN_CAPABILITIES_SUPPORTED_CPU_FEATURES flag is set.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
{
virQEMUCapsHostCPUType cpuType;
virCPUDef *cpu;
+ virArch arch = domCaps->arch;
if (flags & VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES)
cpuType = VIR_QEMU_CAPS_HOST_CPU_EXPANDED;
cpu, VIR_CPU_FEATURE_DISABLE);
}
+ if (flags & VIR_CONNECT_GET_DOMAIN_CAPABILITIES_SUPPORTED_CPU_FEATURES) {
+ uint32_t index = 0x10a; /* arch-capabilities MSR */
+ uint64_t msr = 0;
+
+ /* While the arch-capabilities MSR is not defined on AMD CPUs, KVM has
+ * always been emulating them. Unfortunately, this may cause some
+ * Windows version to crash so QEMU decided to mask the MSR by default.
+ * When asked for all CPU features supported on a host we need to add
+ * the affected features to the host-model.
+ */
+ if (ARCH_IS_X86(arch) &&
+ STREQ_NULLABLE(cpu->vendor, "AMD") &&
+ virCPUCheckFeature(arch, cpu, "arch-capabilities") == 0 &&
+ virHostCPUGetMSRFromKVM(index, &msr) == 0) {
+ g_autoptr(virCPUData) data = virCPUDataNew(arch);
+ virCPUFeaturePolicy policy = VIR_CPU_FEATURE_REQUIRE;
+
+ virCPUx86DataAddMSR(data, index, msr);
+ virCPUUpdateFeatures(arch, cpu, data, policy);
+ virCPUDefUpdateFeature(cpu, "arch-capabilities", policy);
+ }
+ }
+
virCPUDefSortFeatures(cpu);
domCaps->cpu.hostModel = cpu;
}
g_autoptr(virDomainCaps) domCaps = NULL;
virCheckFlags(VIR_CONNECT_GET_DOMAIN_CAPABILITIES_DISABLE_DEPRECATED_FEATURES |
- VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES,
+ VIR_CONNECT_GET_DOMAIN_CAPABILITIES_EXPAND_CPU_FEATURES |
+ VIR_CONNECT_GET_DOMAIN_CAPABILITIES_SUPPORTED_CPU_FEATURES,
NULL);
if (virConnectGetDomainCapabilitiesEnsureACL(conn) < 0)
<vendor>AMD</vendor>
<maxphysaddr mode='passthrough' limit='64'/>
<feature policy='require' name='amd-ssbd'/>
+ <feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='cmp_legacy'/>
<feature policy='require' name='flushbyasid'/>
+ <feature policy='require' name='gds-no'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='ibpb-brtype'/>
<feature policy='require' name='invtsc'/>
<feature policy='require' name='lbrv'/>
<feature policy='require' name='lfence-always-serializing'/>
+ <feature policy='require' name='mds-no'/>
<feature policy='require' name='null-sel-clr-base'/>
<feature policy='require' name='overflow-recov'/>
<feature policy='require' name='pause-filter'/>
<feature policy='require' name='pfthreshold'/>
+ <feature policy='require' name='pschange-mc-no'/>
+ <feature policy='require' name='rdctl-no'/>
+ <feature policy='require' name='rfds-no'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='stibp'/>
<feature policy='require' name='succor'/>
<model fallback='forbid'>EPYC-Turin</model>
<vendor>AMD</vendor>
<maxphysaddr mode='passthrough' limit='64'/>
+ <feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='cmp_legacy'/>
<feature policy='require' name='flush-l1d'/>
+ <feature policy='require' name='gds-no'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='invtsc'/>
<feature policy='disable' name='la57'/>
+ <feature policy='require' name='mds-no'/>
<feature policy='disable' name='pcid'/>
+ <feature policy='require' name='pschange-mc-no'/>
+ <feature policy='require' name='rdctl-no'/>
<feature policy='disable' name='rdseed'/>
+ <feature policy='require' name='rfds-no'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
<feature policy='require' name='spec-ctrl'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='stibp'/>
<model fallback='forbid'>EPYC-Turin</model>
<vendor>AMD</vendor>
<maxphysaddr mode='passthrough' limit='64'/>
+ <feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='cet-ss'/>
<feature policy='require' name='cmp_legacy'/>
<feature policy='require' name='flush-l1d'/>
+ <feature policy='require' name='gds-no'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='invtsc'/>
<feature policy='disable' name='la57'/>
+ <feature policy='require' name='mds-no'/>
<feature policy='disable' name='pcid'/>
+ <feature policy='require' name='pschange-mc-no'/>
+ <feature policy='require' name='rdctl-no'/>
<feature policy='disable' name='rdseed'/>
+ <feature policy='require' name='rfds-no'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
<feature policy='require' name='spec-ctrl'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='stibp'/>
<model fallback='forbid'>EPYC-Turin</model>
<vendor>AMD</vendor>
<maxphysaddr mode='passthrough' limit='64'/>
+ <feature policy='require' name='arch-capabilities'/>
<feature policy='require' name='cet-ss'/>
<feature policy='require' name='cmp_legacy'/>
<feature policy='require' name='flush-l1d'/>
+ <feature policy='require' name='gds-no'/>
<feature policy='require' name='hypervisor'/>
<feature policy='require' name='invtsc'/>
<feature policy='disable' name='la57'/>
+ <feature policy='require' name='mds-no'/>
<feature policy='disable' name='pcid'/>
+ <feature policy='require' name='pschange-mc-no'/>
+ <feature policy='require' name='rdctl-no'/>
<feature policy='disable' name='rdseed'/>
+ <feature policy='require' name='rfds-no'/>
+ <feature policy='require' name='skip-l1dfl-vmentry'/>
<feature policy='require' name='spec-ctrl'/>
<feature policy='require' name='ssbd'/>
<feature policy='require' name='stibp'/>
projects / thirdparty / libvirt.git / commitdiff
