Bug 1731395
Summary: | [RFE] Introduce a "Secure" variant of CPUs following the CPU-related vulnerability mitigations | ||
---|---|---|---|
Product: | [oVirt] ovirt-engine | Reporter: | Michal Skrivanek <michal.skrivanek> |
Component: | BLL.Virt | Assignee: | Lucia Jelinkova <ljelinko> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Tamir <tamir> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.4.0 | CC: | bugs, ljelinko, rdlugyhe, sgoodman |
Target Milestone: | ovirt-4.4.0 | Keywords: | FutureFeature, Rebase |
Target Release: | --- | Flags: | michal.skrivanek:
ovirt-4.4?
pm-rhel: planning_ack? michal.skrivanek: devel_ack+ pm-rhel: testing_ack+ |
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | rhv-4.4.0-29 | Doc Type: | Enhancement |
Doc Text: |
Previously, with every security update, a new CPU type was created in the vdc_options table under the key ServerCPUList in the database for all affected architectures. For example, the Intel Skylake Client Family included the following CPU types:
- Intel Skylake Client Family +
- Intel Skylake Client IBRS Family +
- Intel Skylake Client IBRS SSBD Family +
- Intel Skylake Client IBRS SSBD MDS Family +
With this update, only two CPU Types are now supported for any CPU microarchitecture that has security updates, keeping the CPU list manageable. For example:
- Intel Skylake Client Family
- Secure Intel Skylake Client Family
The default CPU type will not change. The Secure CPU type will contain the latest updates.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-08-05 06:09:49 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Virt | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Michal Skrivanek
2019-07-19 10:20:45 UTC
Verified the RFE on RHV 4.4.1-11 with hosts RHEL 4.4 and RHEL 4.3. The tests are attached in the Polarion link. This bugzilla is included in oVirt 4.4.0 release, published on May 20th 2020. Since the problem described in this bug report should be resolved in oVirt 4.4.0 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report. |