[clug] Haswell CPU
George at Clug
Clug at goproject.info
Thu Nov 23 10:08:40 UTC 2017
https://www.lifehacker.com.au/2017/11/security-issues-found-in-recent-intel-cpus/
https://patchwork.ozlabs.org/patch/452199/
With the Intel microcode update that removed HLE and RTM, there will
be different kinds of Haswell and Broadwell CPUs out there: some that
still have the HLE and RTM features, and some that don't have the HLE
and RTM features. On both cases people may be willing to use the
pc-*-2.3 machine-types. So, to cover both cases, introduce
Haswell-noTSX and Broadwell-noTSX CPU models, for hosts that have
Haswell and Broadwell CPUs without TSX support.
https://serverfault.com/questions/824566/libvirt-cpu-mode-host-model-confuses-while-mapping-cpu-models/825293
https://serverfault.com/questions/824566/libvirt-cpu-mode-host-model-confuses-while-mapping-cpu-modelsWhat
I think is going on here is that your older version of libvirt is not
aware of the fact that Intel disabled TSX [1] in Haswell chips in a
microcode update which your processor has almost certainly received by
now. Libvirt only became aware of and advertised a Haswell-noTSX CPU
model in version 1.2.14 [2]. Because your CPU has had some features
disabled that libvirt uses for CPU type detection, it mistakenly
thinks it is a SandyBridge. On a current version of libvirt, it should
be correctly detected as Haswell-noTSX.
In practice, this should not really affect you at all, except for VMs
being unable to use the other features [3] introduced in Haswell and
not present in SandyBridge, but you can manually add these [4] to your
VM definition XML if you can't upgrade libvirt and really want them.
Keep in mind that you probably will also need to upgrade qemu. And at
that point you should probably just use a more current hypervisor.
found another workaround which doesn't require to upgrade libvirt. I
removed hle and rtm flags from the definition of Haswell in cpu
mapping xml file used by libvirt (/usr/share/libvirt/cpu_map.xml). And
then I restarted libvirt process. Then I rebooted VM and it showed
correct model name as Haswell.
https://gitlab.com/libvirt/libvirt/commit/c563b50605ae9895b981d198e11dbe9f6e18027b
CPU: ADD {HASWELL,BROADWELL}-NOTSX CPU MODELS
QEMU 2.3 adds these new models to cover Haswell and Broadwell CPUs
with updated microcode. Luckily, they also reverted former the machine
type specific changes to existing models. And since these changes were
never released, we don't need to hack around them in libvirt.
https://doc.opensuse.org/documentation/leap/virtualization/html/book.virt/cha.qemu.running.html
Links:
------
[1]
https://en.wikipedia.org/wiki/Transactional_Synchronization_Extensions
[2] https://libvirt.org/news-2015.html
[3]
https://libvirt.org/git/?p=libvirt.git;a=blobdiff;f=src/cpu/cpu_map.xml;h=eb69a3428444b2a97ee008779f2ce17b084bee2e;hp=7ff91be2a9ae69b0675726f8b00dd79301551a3b;hb=bb2704e7b5e027fb325f71128cccee777fd6b080;hpb=70f0bbe8e046dae1b811378f735872d3e61f4609
[4] https://libvirt.org/formatdomain.html#elementsCPU
More information about the linux
mailing list