mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 13:45:38 +00:00
cpu: x86: Check for invalid CPU data from hypervisor
Recently a kernel bug caused QEMU to report a CPU feature as enabled while listing it in the "unavailable-features" list of features that were requested, but could not be enabled. The feature was actually enabled, but we marked it as disabled when starting a domain. Later when the domain is migrated, the destination requests the feature to be disabled, which breaks the guest ABI or if we are lucky QEMU just fails to load the migration stream. Let's make similar bugs more visible in the future by refusing to even start the domain. Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
parent
bdee774285
commit
ac120f1855
@ -3019,6 +3019,14 @@ virCPUx86UpdateLive(virCPUDef *cpu,
|
||||
x86DataIsSubset(&modelDisabled->data, &feature->data))
|
||||
expected = VIR_CPU_FEATURE_DISABLE;
|
||||
|
||||
if (x86DataIsSubset(&enabled, &feature->data) &&
|
||||
x86DataIsSubset(&disabled, &feature->data)) {
|
||||
virReportError(VIR_ERR_OPERATION_FAILED,
|
||||
_("hypervisor provided conflicting CPU data: feature '%1$s' is both enabled and disabled at the same time"),
|
||||
feature->name);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (expected == VIR_CPU_FEATURE_DISABLE &&
|
||||
x86DataIsSubset(&enabled, &feature->data)) {
|
||||
VIR_DEBUG("Feature '%s' enabled by the hypervisor", feature->name);
|
||||
|
Loading…
Reference in New Issue
Block a user