* Fri Apr 26 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 3.1.0-24.el8
- kvm-x86-host-phys-bits-limit-option.patch [bz#1688915] - kvm-rhel-Set-host-phys-bits-limit-48-on-rhel-machine-typ.patch [bz#1688915] - Resolves: bz#1688915 ([Intel 8.0 Alpha] physical bits should <= 48 when host with 5level paging &EPT5 and qemu command with "-cpu qemu64" parameters.)
This commit is contained in:
parent
7d4fc9ff68
commit
c82fe81190
@ -0,0 +1,57 @@
|
|||||||
|
From e204c887357f2d2ee1df5436a7d7f68b227c4b64 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "plai@redhat.com" <plai@redhat.com>
|
||||||
|
Date: Fri, 22 Mar 2019 17:45:15 +0000
|
||||||
|
Subject: [PATCH 2/2] rhel: Set host-phys-bits-limit=48 on rhel machine-types
|
||||||
|
|
||||||
|
RH-Author: plai@redhat.com
|
||||||
|
Message-id: <1553276715-26278-3-git-send-email-plai@redhat.com>
|
||||||
|
Patchwork-id: 85126
|
||||||
|
O-Subject: [RHEL8.0 qemu-kvm PATCH 2/2] rhel: Set host-phys-bits-limit=48 on rhel machine-types
|
||||||
|
Bugzilla: 1688915
|
||||||
|
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
RH-Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
|
||||||
|
From: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
|
||||||
|
Upstream status: not applicable
|
||||||
|
|
||||||
|
Currently we use the host physical address size by default on
|
||||||
|
VMs. This was a good default on most cases, but this is not the
|
||||||
|
case on host CPUs supporting 5-level EPT. On those cases, we
|
||||||
|
want VMs to use 4-level EPT by default.
|
||||||
|
|
||||||
|
Ensure VMs will use 4-level EPT by default, by limiting physical
|
||||||
|
address bits to 48.
|
||||||
|
|
||||||
|
Not applicable upstream because upstream doesn't set
|
||||||
|
host-phys-bits=on by default.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||||
|
(cherry picked from commit 01a2ecb4c38fe4a35455ea706e76984ee8d5a769)
|
||||||
|
Signed-off-by: Paul Lai <plai@redhat.com>
|
||||||
|
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||||
|
---
|
||||||
|
include/hw/i386/pc.h | 5 +++++
|
||||||
|
1 file changed, 5 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h
|
||||||
|
index 782d728..de25407 100644
|
||||||
|
--- a/include/hw/i386/pc.h
|
||||||
|
+++ b/include/hw/i386/pc.h
|
||||||
|
@@ -992,6 +992,11 @@ extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id);
|
||||||
|
.property = "host-phys-bits",\
|
||||||
|
.value = "on",\
|
||||||
|
},\
|
||||||
|
+ { /* PC_RHEL_COMPAT */ \
|
||||||
|
+ .driver = TYPE_X86_CPU,\
|
||||||
|
+ .property = "host-phys-bits-limit",\
|
||||||
|
+ .value = "48",\
|
||||||
|
+ },\
|
||||||
|
{ /* PC_RHEL_COMPAT bz 1508330 */ \
|
||||||
|
.driver = "vfio-pci",\
|
||||||
|
.property = "x-no-geforce-quirks",\
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
97
kvm-x86-host-phys-bits-limit-option.patch
Normal file
97
kvm-x86-host-phys-bits-limit-option.patch
Normal file
@ -0,0 +1,97 @@
|
|||||||
|
From 5588db6fc02b530c73e51b43a0119562aa93f51d Mon Sep 17 00:00:00 2001
|
||||||
|
From: "plai@redhat.com" <plai@redhat.com>
|
||||||
|
Date: Fri, 22 Mar 2019 17:45:14 +0000
|
||||||
|
Subject: [PATCH 1/2] x86: host-phys-bits-limit option
|
||||||
|
|
||||||
|
RH-Author: plai@redhat.com
|
||||||
|
Message-id: <1553276715-26278-2-git-send-email-plai@redhat.com>
|
||||||
|
Patchwork-id: 85128
|
||||||
|
O-Subject: [RHEL8.0 qemu-kvm PATCH 1/2] x86: host-phys-bits-limit option
|
||||||
|
Bugzilla: 1688915
|
||||||
|
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
RH-Acked-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
|
||||||
|
From: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
|
||||||
|
Some downstream distributions of QEMU set host-phys-bits=on by
|
||||||
|
default. This worked very well for most use cases, because
|
||||||
|
phys-bits really didn't have huge consequences. The only
|
||||||
|
difference was on the CPUID data seen by guests, and on the
|
||||||
|
handling of reserved bits.
|
||||||
|
|
||||||
|
This changed in KVM commit 855feb673640 ("KVM: MMU: Add 5 level
|
||||||
|
EPT & Shadow page table support"). Now choosing a large
|
||||||
|
phys-bits value for a VM has bigger impact: it will make KVM use
|
||||||
|
5-level EPT even when it's not really necessary. This means
|
||||||
|
using the host phys-bits value may not be the best choice.
|
||||||
|
|
||||||
|
Management software could address this problem by manually
|
||||||
|
configuring phys-bits depending on the size of the VM and the
|
||||||
|
amount of MMIO address space required for hotplug. But this is
|
||||||
|
not trivial to implement.
|
||||||
|
|
||||||
|
However, there's another workaround that would work for most
|
||||||
|
cases: keep using the host phys-bits value, but only if it's
|
||||||
|
smaller than 48. This patch makes this possible by introducing a
|
||||||
|
new "-cpu" option: "host-phys-bits-limit". Management software
|
||||||
|
or users can make sure they will always use 4-level EPT using:
|
||||||
|
"host-phys-bits=on,host-phys-bits-limit=48".
|
||||||
|
|
||||||
|
This behavior is still not enabled by default because QEMU
|
||||||
|
doesn't enable host-phys-bits=on by default. But users,
|
||||||
|
management software, or downstream distributions may choose to
|
||||||
|
change their defaults using the new option.
|
||||||
|
|
||||||
|
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
Message-Id: <20181211192527.13254-1-ehabkost@redhat.com>
|
||||||
|
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
||||||
|
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||||
|
(cherry picked from commit b6a062c64f9639558a88f46edc3dd76b54b26bb5)
|
||||||
|
Signed-off-by: Paul Lai <plai@redhat.com>
|
||||||
|
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
|
||||||
|
---
|
||||||
|
target/i386/cpu.c | 5 +++++
|
||||||
|
target/i386/cpu.h | 3 +++
|
||||||
|
2 files changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
|
||||||
|
index d92c128..0c2e1c7 100644
|
||||||
|
--- a/target/i386/cpu.c
|
||||||
|
+++ b/target/i386/cpu.c
|
||||||
|
@@ -5211,6 +5211,10 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
|
||||||
|
if (cpu->host_phys_bits) {
|
||||||
|
/* The user asked for us to use the host physical bits */
|
||||||
|
cpu->phys_bits = host_phys_bits;
|
||||||
|
+ if (cpu->host_phys_bits_limit &&
|
||||||
|
+ cpu->phys_bits > cpu->host_phys_bits_limit) {
|
||||||
|
+ cpu->phys_bits = cpu->host_phys_bits_limit;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Print a warning if the user set it to a value that's not the
|
||||||
|
@@ -5798,6 +5802,7 @@ static Property x86_cpu_properties[] = {
|
||||||
|
DEFINE_PROP_BOOL("kvm", X86CPU, expose_kvm, true),
|
||||||
|
DEFINE_PROP_UINT32("phys-bits", X86CPU, phys_bits, 0),
|
||||||
|
DEFINE_PROP_BOOL("host-phys-bits", X86CPU, host_phys_bits, false),
|
||||||
|
+ DEFINE_PROP_UINT8("host-phys-bits-limit", X86CPU, host_phys_bits_limit, 0),
|
||||||
|
DEFINE_PROP_BOOL("fill-mtrr-mask", X86CPU, fill_mtrr_mask, true),
|
||||||
|
DEFINE_PROP_UINT32("level", X86CPU, env.cpuid_level, UINT32_MAX),
|
||||||
|
DEFINE_PROP_UINT32("xlevel", X86CPU, env.cpuid_xlevel, UINT32_MAX),
|
||||||
|
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
|
||||||
|
index 26412f1..db49f44 100644
|
||||||
|
--- a/target/i386/cpu.h
|
||||||
|
+++ b/target/i386/cpu.h
|
||||||
|
@@ -1458,6 +1458,9 @@ struct X86CPU {
|
||||||
|
/* if true override the phys_bits value with a value read from the host */
|
||||||
|
bool host_phys_bits;
|
||||||
|
|
||||||
|
+ /* if set, limit maximum value for phys_bits when host_phys_bits is true */
|
||||||
|
+ uint8_t host_phys_bits_limit;
|
||||||
|
+
|
||||||
|
/* Stop SMI delivery for migration compatibility with old machines */
|
||||||
|
bool kvm_no_smi_migration;
|
||||||
|
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
@ -69,7 +69,7 @@ Obsoletes: %1-rhev
|
|||||||
Summary: QEMU is a machine emulator and virtualizer
|
Summary: QEMU is a machine emulator and virtualizer
|
||||||
Name: qemu-kvm
|
Name: qemu-kvm
|
||||||
Version: 3.1.0
|
Version: 3.1.0
|
||||||
Release: 23%{?dist}
|
Release: 24%{?dist}
|
||||||
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
|
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
|
||||||
Epoch: 15
|
Epoch: 15
|
||||||
License: GPLv2 and GPLv2+ and CC-BY
|
License: GPLv2 and GPLv2+ and CC-BY
|
||||||
@ -243,6 +243,10 @@ Patch79: kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch
|
|||||||
Patch80: kvm-i386-Make-arch_capabilities-migratable.patch
|
Patch80: kvm-i386-Make-arch_capabilities-migratable.patch
|
||||||
# For bz#1693173 - CVE-2018-20815 qemu-kvm: QEMU: device_tree: heap buffer overflow while loading device tree blob [rhel-av-8]
|
# For bz#1693173 - CVE-2018-20815 qemu-kvm: QEMU: device_tree: heap buffer overflow while loading device tree blob [rhel-av-8]
|
||||||
Patch81: kvm-device_tree-Fix-integer-overflowing-in-load_device_t.patch
|
Patch81: kvm-device_tree-Fix-integer-overflowing-in-load_device_t.patch
|
||||||
|
# For bz#1688915 - [Intel 8.0 Alpha] physical bits should <= 48 when host with 5level paging &EPT5 and qemu command with "-cpu qemu64" parameters.
|
||||||
|
Patch82: kvm-x86-host-phys-bits-limit-option.patch
|
||||||
|
# For bz#1688915 - [Intel 8.0 Alpha] physical bits should <= 48 when host with 5level paging &EPT5 and qemu command with "-cpu qemu64" parameters.
|
||||||
|
Patch83: kvm-rhel-Set-host-phys-bits-limit-48-on-rhel-machine-typ.patch
|
||||||
|
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: glib2-devel
|
BuildRequires: glib2-devel
|
||||||
@ -1141,6 +1145,12 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 26 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 3.1.0-24.el8
|
||||||
|
- kvm-x86-host-phys-bits-limit-option.patch [bz#1688915]
|
||||||
|
- kvm-rhel-Set-host-phys-bits-limit-48-on-rhel-machine-typ.patch [bz#1688915]
|
||||||
|
- Resolves: bz#1688915
|
||||||
|
([Intel 8.0 Alpha] physical bits should <= 48 when host with 5level paging &EPT5 and qemu command with "-cpu qemu64" parameters.)
|
||||||
|
|
||||||
* Tue Apr 23 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 3.1.0-23.el8
|
* Tue Apr 23 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 3.1.0-23.el8
|
||||||
- kvm-device_tree-Fix-integer-overflowing-in-load_device_t.patch [bz#1693173]
|
- kvm-device_tree-Fix-integer-overflowing-in-load_device_t.patch [bz#1693173]
|
||||||
- Resolves: bz#1693173
|
- Resolves: bz#1693173
|
||||||
|
Loading…
Reference in New Issue
Block a user