qemu: Add capability for CFPC pSeries feature

CFPC (Cache Flush on Privilege Change) is one of the capabilities
added to QEMU to mitigate Spectre vulnerabilities in Power chips.
It was implemented in QEMU 2.12 by commit 6898aed77f46.

This capability is still used today due to differences in how
the host setup (hardware and firmware/kernel) can handle this
mitigation. Its default value also varies with the pseries machine
version of the time. There's also certain OSes, like AIX, that
might not support the default value of the pseries machine the
guest uses.

Exposing this in the Libvirt XML as a feature will allow users to tune
CFPC values in a cleaner way, instead of hacking parameters in
<qemu:commandline> elements.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Daniel Henrique Barboza 2020-04-27 09:14:26 -03:00 committed by Michal Privoznik
parent 606fb3979a
commit a0a2c8ab73
8 changed files with 9 additions and 0 deletions

View File

@ -574,6 +574,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
"virtio.packed", "virtio.packed",
"pcie-root-port.hotplug", "pcie-root-port.hotplug",
"aio.io_uring", "aio.io_uring",
"machine.pseries.cap-cfpc",
); );
@ -1617,6 +1618,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsPSeries[] = {
{ "cap-htm", QEMU_CAPS_MACHINE_PSERIES_CAP_HTM }, { "cap-htm", QEMU_CAPS_MACHINE_PSERIES_CAP_HTM },
{ "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV }, { "cap-nested-hv", QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV },
{ "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST }, { "cap-ccf-assist", QEMU_CAPS_MACHINE_PSERIES_CAP_CCF_ASSIST },
{ "cap-cfpc", QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC },
}; };
static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = { static struct virQEMUCapsStringFlags virQEMUCapsMachinePropsVirt[] = {

View File

@ -555,6 +555,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
QEMU_CAPS_VIRTIO_PACKED_QUEUES, /* virtio.packed */ QEMU_CAPS_VIRTIO_PACKED_QUEUES, /* virtio.packed */
QEMU_CAPS_PCIE_ROOT_PORT_HOTPLUG, /* pcie-root-port.hotplug */ QEMU_CAPS_PCIE_ROOT_PORT_HOTPLUG, /* pcie-root-port.hotplug */
QEMU_CAPS_AIO_IO_URING, /* -blockdev {...,"aio":"io_uring",...} */ QEMU_CAPS_AIO_IO_URING, /* -blockdev {...,"aio":"io_uring",...} */
QEMU_CAPS_MACHINE_PSERIES_CAP_CFPC, /* -machine pseries.cap-cfpc */
QEMU_CAPS_LAST /* this must always be the last item */ QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags; } virQEMUCapsFlags;

View File

@ -154,6 +154,7 @@
<flag name='memory-backend-file.align'/> <flag name='memory-backend-file.align'/>
<flag name='drive-nvme'/> <flag name='drive-nvme'/>
<flag name='i8042'/> <flag name='i8042'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>2011090</version> <version>2011090</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900289</microcodeVersion> <microcodeVersion>42900289</microcodeVersion>

View File

@ -156,6 +156,7 @@
<flag name='ramfb'/> <flag name='ramfb'/>
<flag name='drive-nvme'/> <flag name='drive-nvme'/>
<flag name='i8042'/> <flag name='i8042'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>2012050</version> <version>2012050</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900239</microcodeVersion> <microcodeVersion>42900239</microcodeVersion>

View File

@ -161,6 +161,7 @@
<flag name='drive-nvme'/> <flag name='drive-nvme'/>
<flag name='i8042'/> <flag name='i8042'/>
<flag name='storage.werror'/> <flag name='storage.werror'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>3000091</version> <version>3000091</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900240</microcodeVersion> <microcodeVersion>42900240</microcodeVersion>

View File

@ -175,6 +175,7 @@
<flag name='drive-nvme'/> <flag name='drive-nvme'/>
<flag name='i8042'/> <flag name='i8042'/>
<flag name='storage.werror'/> <flag name='storage.werror'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>4000000</version> <version>4000000</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900240</microcodeVersion> <microcodeVersion>42900240</microcodeVersion>

View File

@ -180,6 +180,7 @@
<flag name='i8042'/> <flag name='i8042'/>
<flag name='rng-builtin'/> <flag name='rng-builtin'/>
<flag name='storage.werror'/> <flag name='storage.werror'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>4001050</version> <version>4001050</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900242</microcodeVersion> <microcodeVersion>42900242</microcodeVersion>

View File

@ -192,6 +192,7 @@
<flag name='storage.werror'/> <flag name='storage.werror'/>
<flag name='fsdev.multidevs'/> <flag name='fsdev.multidevs'/>
<flag name='virtio.packed'/> <flag name='virtio.packed'/>
<flag name='machine.pseries.cap-cfpc'/>
<version>4002050</version> <version>4002050</version>
<kvmVersion>0</kvmVersion> <kvmVersion>0</kvmVersion>
<microcodeVersion>42900241</microcodeVersion> <microcodeVersion>42900241</microcodeVersion>