1558558 – Enhance detection of host CPU model to avoid guesses based on fea.ture list length

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1558558 - Enhance detection of host CPU model to avoid guesses based on fea.ture list length

Summary: Enhance detection of host CPU model to avoid guesses based on fea.ture list l...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	7.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Jiri Denemark
QA Contact:	jiyan
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1597088 (view as bug list)
Depends On:
Blocks:	1686895 1686898 1687515
TreeView+	depends on / blocked

Reported:	2018-03-20 13:41 UTC by Sanjay Rao
Modified:	2021-09-09 13:28 UTC (History)
CC List:	25 users (show)
Fixed In Version:	libvirt-4.5.0-11.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1686895 1687515 (view as bug list)
Environment:
Last Closed:	2019-08-06 13:13:52 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
info needed in "comment-4" (4.61 KB, application/gzip) 2019-01-08 03:05 UTC, jiyan	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	2574771	0	Learn more	None	RHEV/KVM: how are the CPU models mapped to the CPU flags?	2019-03-07 18:52:49 UTC
Red Hat Product Errata	RHSA-2019:2294	0	None	None	None	2019-08-06 13:14:21 UTC

Description Sanjay Rao 2018-03-20 13:41:18 UTC

Description of problem:
With the CVE patches, when the "Copy host cpu configuration" is used, the cpu type in the VM does not match the host cpu.

The host in the configuration is Broadwell and with the CPU patches, Broadwell-IBRS is available for the VM.

Here is the output of the qemu process which shows the cpu as Broadwell-IBRS

qemu      2053     1 88 Mar16 ?        3-05:26:28 /usr/libexec/qemu-kvm -name guest=rhel7.4,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-12-rhel7.4/master-key.aes -machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off -cpu Broadwell-IBRS -m 122880 -realtime mlock=off -smp 64,sockets=64,cores=1,threads=1 -uuid ca974783-fdd3-465d-991d-414b4cf7ce0a -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-12-rhel7.4/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive file=/var/lib/libvirt/images/rhel7.4.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/dev/nvme0n1,format=raw,if=none,id=drive-virtio-disk1,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x9,drive=drive-virtio-disk1,id=virtio-disk1 -netdev tap,fd=25,id=hostnet0,vhost=on,vhostfd=27 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:9a:38:2f,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-12-rhel7.4/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -device usb-tablet,id=input0,bus=usb.0,port=1 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vram64_size_mb=0,vgamem_mb=16,max_outputs=1,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0,bus=usb.0,port=2 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1,bus=usb.0,port=3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -msg timestamp=on

When the host cpu option is checked, the client is automatically set to Skylake-Client-IBRS as shown in the qemu process output

qemu     21674     1  8 09:08 ?        00:02:14 /usr/libexec/qemu-kvm -name guest=rhel7.4,debug-threads=on -S -object secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-13-rhel7.4/master-key.aes -machine pc-i440fx-rhel7.4.0,accel=kvm,usb=off,vmport=off,dump-guest-core=off -cpu Skylake-Client-IBRS,ss=on,hypervisor=on,tsc_adjust=on,pdpe1gb=on,mpx=off,xsavec=off,xgetbv1=off -m 122880 -realtime mlock=off -smp 64,sockets=64,cores=1,threads=1 -uuid ca974783-fdd3-465d-991d-414b4cf7ce0a -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-13-rhel7.4/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc,driftfix=slew -global kvm-pit.lost_tick_policy=delay -no-hpet -no-shutdown -global PIIX4_PM.disable_s3=1 -global PIIX4_PM.disable_s4=1 -boot strict=on -device ich9-usb-ehci1,id=usb,bus=pci.0,addr=0x5.0x7 -device ich9-usb-uhci1,masterbus=usb.0,firstport=0,bus=pci.0,multifunction=on,addr=0x5 -device ich9-usb-uhci2,masterbus=usb.0,firstport=2,bus=pci.0,addr=0x5.0x1 -device ich9-usb-uhci3,masterbus=usb.0,firstport=4,bus=pci.0,addr=0x5.0x2 -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 -drive file=/var/lib/libvirt/images/rhel7.4.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x7,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -drive file=/dev/nvme0n1,format=raw,if=none,id=drive-virtio-disk1,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x9,drive=drive-virtio-disk1,id=virtio-disk1 -netdev tap,fd=25,id=hostnet0,vhost=on,vhostfd=27 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:9a:38:2f,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -chardev socket,id=charchannel0,path=/var/lib/libvirt/qemu/channel/target/domain-13-rhel7.4/org.qemu.guest_agent.0,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=org.qemu.guest_agent.0 -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -device usb-tablet,id=input0,bus=usb.0,port=1 -spice port=5900,addr=127.0.0.1,disable-ticketing,image-compression=off,seamless-migration=on -device qxl-vga,id=video0,ram_size=67108864,vram_size=67108864,vram64_size_mb=0,vgamem_mb=16,max_outputs=1,bus=pci.0,addr=0x2 -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -chardev spicevmc,id=charredir0,name=usbredir -device usb-redir,chardev=charredir0,id=redir0,bus=usb.0,port=2 -chardev spicevmc,id=charredir1,name=usbredir -device usb-redir,chardev=charredir1,id=redir1,bus=usb.0,port=3 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x8 -msg timestamp=on


Version-Release number of selected component (if applicable):

Kernel - 3.10.0-693.19.1.el7.x86_64

qemu-kvm-rhev-2.9.0-16.el7_4.13.x86_64
libvirt-daemon-driver-qemu-3.2.0-14.el7_4.9.x86_64
qemu-img-rhev-2.9.0-16.el7_4.13.x86_64
ipxe-roms-qemu-20170123-1.git4e85b27.el7_4.1.noarch
qemu-kvm-common-rhev-2.9.0-16.el7_4.13.x86_64

How reproducible:
Every time

Steps to Reproduce:
1. Install the software bits on Broadwell
2. Set cpu type to host pass thru
3. check the qemu process

Actual results:

VM shows cpu type Skylake-client-IBRS

Expected results:

VM should show Broadwell-IBRS

Additional info:

Comment 2 Sanjay Rao 2018-03-20 13:54:50 UTC

Output of xml files for the both config and the host cpu info 

cat /proc/cpuinfo

processor	: 63
vendor_id	: GenuineIntel
cpu family	: 6
model		: 79
model name	: Intel(R) Xeon(R) CPU E5-2697A v4 @ 2.60GHz
stepping	: 1
microcode	: 0xb000025
cpu MHz		: 2941.554
cache size	: 40960 KB
physical id	: 1
siblings	: 32
core id		: 15
cpu cores	: 16
apicid		: 63
initial apicid	: 63
fpu		: yes
fpu_exception	: yes
cpuid level	: 20
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch epb cat_l3 cdp_l3 invpcid_single intel_pt spec_ctrl ibpb_support tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm cqm rdt_a rdseed adx smap xsaveopt cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local dtherm ida arat pln pts
bogomips	: 5205.60
clflush size	: 64
cache_alignment	: 64
address sizes	: 46 bits physical, 48 bits virtual
power management:


xml file with cpu set to Broadwell-IBRS
[root@perf45 ~]# more rhel7.4_Broadwell-IBRS.xml
<domain type='kvm'>
  <name>rhel7.4</name>
  <uuid>ca974783-fdd3-465d-991d-414b4cf7ce0a</uuid>
  <memory unit='KiB'>125829120</memory>
  <currentMemory unit='KiB'>125829120</currentMemory>
  <vcpu placement='static'>64</vcpu>
  <os>
    <type arch='x86_64' machine='pc-i440fx-rhel7.4.0'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <vmport state='off'/>
  </features>
  <cpu mode='custom' match='exact' check='partial'>
    <model fallback='allow'>Broadwell-IBRS</model>
  </cpu>
  <clock offset='utc'>
    <timer name='rtc' tickpolicy='catchup'/>
    <timer name='pit' tickpolicy='delay'/>
    <timer name='hpet' present='no'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <pm>
    <suspend-to-mem enabled='no'/>
    <suspend-to-disk enabled='no'/>
  </pm>
  <devices>
    <emulator>/usr/libexec/qemu-kvm</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2'/>
      <source file='/var/lib/libvirt/images/rhel7.4.qcow2'/>
      <target dev='vda' bus='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
    </disk>
    <disk type='block' device='disk'>
      <driver name='qemu' type='raw' cache='none' io='native'/>
      <source dev='/dev/nvme0n1'/>
      <target dev='vdb' bus='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
    </disk>
    <controller type='usb' index='0' model='ich9-ehci1'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x7'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci1'>
      <master startport='0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0' multifunction='on'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci2'>
      <master startport='2'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x1'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci3'>
      <master startport='4'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x2'/>
    </controller>
    <controller type='pci' index='0' model='pci-root'/>
    <controller type='virtio-serial' index='0'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
    </controller>
    <interface type='bridge'>
      <mac address='52:54:00:9a:38:2f'/>
      <source bridge='br1'/>
      <model type='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>
    <serial type='pty'>
      <target port='0'/>
    </serial>
    <console type='pty'>
      <target type='serial' port='0'/>
    </console>
    <channel type='unix'>
      <target type='virtio' name='org.qemu.guest_agent.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>
    <channel type='spicevmc'>
      <target type='virtio' name='com.redhat.spice.0'/>
      <address type='virtio-serial' controller='0' bus='0' port='2'/>
    </channel>
    <input type='tablet' bus='usb'>
      <address type='usb' bus='0' port='1'/>
    </input>
    <input type='mouse' bus='ps2'/>
    <input type='keyboard' bus='ps2'/>
    <graphics type='spice' autoport='yes'>
      <listen type='address'/>
      <image compression='off'/>
    </graphics>
    <sound model='ich6'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </sound>
    <video>
      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </video>
    <redirdev bus='usb' type='spicevmc'>
      <address type='usb' bus='0' port='2'/>
    </redirdev>
    <redirdev bus='usb' type='spicevmc'>
      <address type='usb' bus='0' port='3'/>
    </redirdev>
    <memballoon model='virtio'>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
    </memballoon>
  </devices>
</domain>


xml file with cpu = host cpu configuration

[root@perf45 ~]# more rhel7.4_hostpcu.xml
<domain type='kvm' id='13'>
  <name>rhel7.4</name>
  <uuid>ca974783-fdd3-465d-991d-414b4cf7ce0a</uuid>
  <memory unit='KiB'>125829120</memory>
  <currentMemory unit='KiB'>125829120</currentMemory>
  <vcpu placement='static'>64</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64' machine='pc-i440fx-rhel7.4.0'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
    <vmport state='off'/>
  </features>
  <cpu mode='custom' match='exact' check='full'>
    <model fallback='forbid'>Skylake-Client-IBRS</model>
    <vendor>Intel</vendor>
    <feature policy='require' name='ss'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='require' name='tsc_adjust'/>
    <feature policy='require' name='pdpe1gb'/>
    <feature policy='disable' name='mpx'/>
    <feature policy='disable' name='xsavec'/>
    <feature policy='disable' name='xgetbv1'/>
  </cpu>
  <clock offset='utc'>
    <timer name='rtc' tickpolicy='catchup'/>
    <timer name='pit' tickpolicy='delay'/>
    <timer name='hpet' present='no'/>
  </clock>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <pm>
    <suspend-to-mem enabled='no'/>
    <suspend-to-disk enabled='no'/>
  </pm>
  <devices>
    <emulator>/usr/libexec/qemu-kvm</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2'/>
      <source file='/var/lib/libvirt/images/rhel7.4.qcow2'/>
      <backingStore/>
      <target dev='vda' bus='virtio'/>
      <alias name='virtio-disk0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
    </disk>
    <disk type='block' device='disk'>
      <driver name='qemu' type='raw' cache='none' io='native'/>
      <source dev='/dev/nvme0n1'/>
      <backingStore/>
      <target dev='vdb' bus='virtio'/>
      <alias name='virtio-disk1'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
    </disk>
    <controller type='usb' index='0' model='ich9-ehci1'>
      <alias name='usb'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x7'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci1'>
      <alias name='usb'/>
      <master startport='0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0' multifunction='on'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci2'>
      <alias name='usb'/>
      <master startport='2'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x1'/>
    </controller>
    <controller type='usb' index='0' model='ich9-uhci3'>
      <alias name='usb'/>
      <master startport='4'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x2'/>
    </controller>
    <controller type='pci' index='0' model='pci-root'>
      <alias name='pci.0'/>
    </controller>
    <controller type='virtio-serial' index='0'>
      <alias name='virtio-serial0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
    </controller>
    <interface type='bridge'>
      <mac address='52:54:00:9a:38:2f'/>
      <source bridge='br1'/>
      <target dev='vnet0'/>
      <model type='virtio'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>
    <serial type='pty'>
      <source path='/dev/pts/3'/>
      <target port='0'/>
      <alias name='serial0'/>
    </serial>
    <console type='pty' tty='/dev/pts/3'>
      <source path='/dev/pts/3'/>
      <target type='serial' port='0'/>
      <alias name='serial0'/>
    </console>
    <channel type='unix'>
      <source mode='bind' path='/var/lib/libvirt/qemu/channel/target/domain-13-rhel7.4/org.qemu.guest_agent.0'/>
      <target type='virtio' name='org.qemu.guest_agent.0' state='connected'/>
      <alias name='channel0'/>
      <address type='virtio-serial' controller='0' bus='0' port='1'/>
    </channel>
    <channel type='spicevmc'>
      <target type='virtio' name='com.redhat.spice.0' state='disconnected'/>
      <alias name='channel1'/>
      <address type='virtio-serial' controller='0' bus='0' port='2'/>
    </channel>
    <input type='tablet' bus='usb'>
      <alias name='input0'/>
      <address type='usb' bus='0' port='1'/>
    </input>
    <input type='mouse' bus='ps2'>
      <alias name='input1'/>
    </input>
    <input type='keyboard' bus='ps2'>
      <alias name='input2'/>
    </input>
    <graphics type='spice' port='5900' autoport='yes' listen='127.0.0.1'>
      <listen type='address' address='127.0.0.1'/>
      <image compression='off'/>
    </graphics>
    <sound model='ich6'>
      <alias name='sound0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </sound>
    <video>
      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
      <alias name='video0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
    </video>
    <redirdev bus='usb' type='spicevmc'>
      <alias name='redir0'/>
      <address type='usb' bus='0' port='2'/>
    </redirdev>
    <redirdev bus='usb' type='spicevmc'>
      <alias name='redir1'/>
      <address type='usb' bus='0' port='3'/>
    </redirdev>
    <memballoon model='virtio'>
      <alias name='balloon0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
    </memballoon>
  </devices>
  <seclabel type='dynamic' model='selinux' relabel='yes'>
    <label>system_u:system_r:svirt_t:s0:c381,c617</label>
    <imagelabel>system_u:object_r:svirt_image_t:s0:c381,c617</imagelabel>
  </seclabel>
  <seclabel type='dynamic' model='dac' relabel='yes'>
    <label>+107:+107</label>
    <imagelabel>+107:+107</imagelabel>
  </seclabel>
</domain>

Comment 3 Eduardo Habkost 2018-03-23 19:15:55 UTC

Moving to libvirt, as this is libvirt choosing Skylake-Client instead of Broadwell.

The CPU definition generated by libvirt is not entirely wrong (because Skylake-Client is the same as Broadwell+MPX+XSAVEC+XGETBV1.  But I understand it is confusing.

It looks like the Broadwell CPU model in libvirt cpu_map.xml is missing the following features: ABM, ARAT, F16C, RDRAND, VME, XSAVEOPT.

Comment 4 Jiri Denemark 2018-03-26 07:36:28 UTC

Could you please provide the output of the following commands:

1. virsh capabilities
2. virsh domcapabilities
3. ./cpu-gather.sh

The script mentioned in step 3 can be downloaded from https://libvirt.org/git/?p=libvirt.git;a=blob;f=tests/cputestdata/cpu-gather.sh and you mean need to install cpuid package if it's not installed already.

Comment 5 Sanjay Rao 2018-08-21 19:04:54 UTC

<capabilities>

  <host>
    <uuid>00000000-0000-0000-0000-ac1f6b2c6da8</uuid>
    <cpu>
      <arch>x86_64</arch>
      <model>Broadwell-IBRS</model>
      <vendor>Intel</vendor>
      <microcode version='184549422'/>
      <topology sockets='1' cores='16' threads='2'/>
      <feature name='vme'/>
      <feature name='ds'/>
      <feature name='acpi'/>
      <feature name='ss'/>
      <feature name='ht'/>
      <feature name='tm'/>
      <feature name='pbe'/>
      <feature name='dtes64'/>
      <feature name='monitor'/>
      <feature name='ds_cpl'/>
      <feature name='vmx'/>
      <feature name='smx'/>
      <feature name='est'/>
      <feature name='tm2'/>
      <feature name='xtpr'/>
      <feature name='pdcm'/>
      <feature name='dca'/>
      <feature name='osxsave'/>
      <feature name='f16c'/>
      <feature name='rdrand'/>
      <feature name='arat'/>
      <feature name='tsc_adjust'/>
      <feature name='cmt'/>
      <feature name='stibp'/>
      <feature name='ssbd'/>
      <feature name='xsaveopt'/>
      <feature name='mbm_total'/>
      <feature name='mbm_local'/>
      <feature name='pdpe1gb'/>
      <feature name='abm'/>
      <feature name='invtsc'/>
      <pages unit='KiB' size='4'/>
      <pages unit='KiB' size='2048'/>
      <pages unit='KiB' size='1048576'/>
    </cpu>
    <power_management>
      <suspend_mem/>
    </power_management>
    <migration_features>
      <live/>
      <uri_transports>
        <uri_transport>tcp</uri_transport>
        <uri_transport>rdma</uri_transport>
      </uri_transports>
    </migration_features>
    <topology>
      <cells num='2'>
        <cell id='0'>
          <memory unit='KiB'>66992532</memory>
          <pages unit='KiB' size='4'>16748133</pages>
          <pages unit='KiB' size='2048'>0</pages>
          <pages unit='KiB' size='1048576'>0</pages>
          <distances>
            <sibling id='0' value='10'/>
            <sibling id='1' value='21'/>
          </distances>
          <cpus num='32'>
            <cpu id='0' socket_id='0' core_id='0' siblings='0,32'/>
            <cpu id='1' socket_id='0' core_id='1' siblings='1,33'/>
            <cpu id='2' socket_id='0' core_id='2' siblings='2,34'/>
            <cpu id='3' socket_id='0' core_id='3' siblings='3,35'/>
            <cpu id='4' socket_id='0' core_id='4' siblings='4,36'/>
            <cpu id='5' socket_id='0' core_id='5' siblings='5,37'/>
            <cpu id='6' socket_id='0' core_id='6' siblings='6,38'/>
            <cpu id='7' socket_id='0' core_id='7' siblings='7,39'/>
            <cpu id='8' socket_id='0' core_id='8' siblings='8,40'/>
            <cpu id='9' socket_id='0' core_id='9' siblings='9,41'/>
            <cpu id='10' socket_id='0' core_id='10' siblings='10,42'/>
            <cpu id='11' socket_id='0' core_id='11' siblings='11,43'/>
            <cpu id='12' socket_id='0' core_id='12' siblings='12,44'/>
            <cpu id='13' socket_id='0' core_id='13' siblings='13,45'/>
            <cpu id='14' socket_id='0' core_id='14' siblings='14,46'/>
            <cpu id='15' socket_id='0' core_id='15' siblings='15,47'/>
            <cpu id='32' socket_id='0' core_id='0' siblings='0,32'/>
            <cpu id='33' socket_id='0' core_id='1' siblings='1,33'/>
            <cpu id='34' socket_id='0' core_id='2' siblings='2,34'/>
            <cpu id='35' socket_id='0' core_id='3' siblings='3,35'/>
            <cpu id='36' socket_id='0' core_id='4' siblings='4,36'/>
            <cpu id='37' socket_id='0' core_id='5' siblings='5,37'/>
            <cpu id='38' socket_id='0' core_id='6' siblings='6,38'/>
            <cpu id='39' socket_id='0' core_id='7' siblings='7,39'/>
            <cpu id='40' socket_id='0' core_id='8' siblings='8,40'/>
            <cpu id='41' socket_id='0' core_id='9' siblings='9,41'/>
            <cpu id='42' socket_id='0' core_id='10' siblings='10,42'/>
            <cpu id='43' socket_id='0' core_id='11' siblings='11,43'/>
            <cpu id='44' socket_id='0' core_id='12' siblings='12,44'/>
            <cpu id='45' socket_id='0' core_id='13' siblings='13,45'/>
            <cpu id='46' socket_id='0' core_id='14' siblings='14,46'/>
            <cpu id='47' socket_id='0' core_id='15' siblings='15,47'/>
          </cpus>
        </cell>
        <cell id='1'>
          <memory unit='KiB'>67108864</memory>
          <pages unit='KiB' size='4'>16777216</pages>
          <pages unit='KiB' size='2048'>0</pages>
          <pages unit='KiB' size='1048576'>0</pages>
          <distances>
            <sibling id='0' value='21'/>
            <sibling id='1' value='10'/>
          </distances>
          <cpus num='32'>
            <cpu id='16' socket_id='1' core_id='0' siblings='16,48'/>
            <cpu id='17' socket_id='1' core_id='1' siblings='17,49'/>
            <cpu id='18' socket_id='1' core_id='2' siblings='18,50'/>
            <cpu id='19' socket_id='1' core_id='3' siblings='19,51'/>
            <cpu id='20' socket_id='1' core_id='4' siblings='20,52'/>
            <cpu id='21' socket_id='1' core_id='5' siblings='21,53'/>
            <cpu id='22' socket_id='1' core_id='6' siblings='22,54'/>
            <cpu id='23' socket_id='1' core_id='7' siblings='23,55'/>
            <cpu id='24' socket_id='1' core_id='8' siblings='24,56'/>
            <cpu id='25' socket_id='1' core_id='9' siblings='25,57'/>
            <cpu id='26' socket_id='1' core_id='10' siblings='26,58'/>
            <cpu id='27' socket_id='1' core_id='11' siblings='27,59'/>
            <cpu id='28' socket_id='1' core_id='12' siblings='28,60'/>
            <cpu id='29' socket_id='1' core_id='13' siblings='29,61'/>
            <cpu id='30' socket_id='1' core_id='14' siblings='30,62'/>
            <cpu id='31' socket_id='1' core_id='15' siblings='31,63'/>
            <cpu id='48' socket_id='1' core_id='0' siblings='16,48'/>
            <cpu id='49' socket_id='1' core_id='1' siblings='17,49'/>
            <cpu id='50' socket_id='1' core_id='2' siblings='18,50'/>
            <cpu id='51' socket_id='1' core_id='3' siblings='19,51'/>
            <cpu id='52' socket_id='1' core_id='4' siblings='20,52'/>
            <cpu id='53' socket_id='1' core_id='5' siblings='21,53'/>
            <cpu id='54' socket_id='1' core_id='6' siblings='22,54'/>
            <cpu id='55' socket_id='1' core_id='7' siblings='23,55'/>
            <cpu id='56' socket_id='1' core_id='8' siblings='24,56'/>
            <cpu id='57' socket_id='1' core_id='9' siblings='25,57'/>
            <cpu id='58' socket_id='1' core_id='10' siblings='26,58'/>
            <cpu id='59' socket_id='1' core_id='11' siblings='27,59'/>
            <cpu id='60' socket_id='1' core_id='12' siblings='28,60'/>
            <cpu id='61' socket_id='1' core_id='13' siblings='29,61'/>
            <cpu id='62' socket_id='1' core_id='14' siblings='30,62'/>
            <cpu id='63' socket_id='1' core_id='15' siblings='31,63'/>
          </cpus>
        </cell>
      </cells>
    </topology>
    <cache>
      <bank id='0' level='3' type='both' size='40' unit='MiB' cpus='0-15,32-47'/>
      <bank id='1' level='3' type='both' size='40' unit='MiB' cpus='16-31,48-63'/>
    </cache>
    <secmodel>
      <model>selinux</model>
      <doi>0</doi>
      <baselabel type='kvm'>system_u:system_r:svirt_t:s0</baselabel>
      <baselabel type='qemu'>system_u:system_r:svirt_tcg_t:s0</baselabel>
    </secmodel>
    <secmodel>
      <model>dac</model>
      <doi>0</doi>
      <baselabel type='kvm'>+107:+107</baselabel>
      <baselabel type='qemu'>+107:+107</baselabel>
    </secmodel>
  </host>

  <guest>
    <os_type>hvm</os_type>
    <arch name='i686'>
      <wordsize>32</wordsize>
      <emulator>/usr/libexec/qemu-kvm</emulator>
      <machine maxCpus='240'>pc-i440fx-rhel7.4.0</machine>
      <machine canonical='pc-i440fx-rhel7.4.0' maxCpus='240'>pc</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.0.0</machine>
      <machine maxCpus='240'>rhel6.3.0</machine>
      <machine maxCpus='240'>rhel6.4.0</machine>
      <machine maxCpus='240'>rhel6.0.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.1.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.2.0</machine>
      <machine maxCpus='255'>pc-q35-rhel7.3.0</machine>
      <machine maxCpus='240'>rhel6.5.0</machine>
      <machine maxCpus='384'>pc-q35-rhel7.4.0</machine>
      <machine canonical='pc-q35-rhel7.4.0' maxCpus='384'>q35</machine>
      <machine maxCpus='240'>rhel6.6.0</machine>
      <machine maxCpus='240'>rhel6.1.0</machine>
      <machine maxCpus='240'>rhel6.2.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.3.0</machine>
      <domain type='qemu'/>
      <domain type='kvm'>
        <emulator>/usr/libexec/qemu-kvm</emulator>
      </domain>
    </arch>
    <features>
      <cpuselection/>
      <deviceboot/>
      <disksnapshot default='on' toggle='no'/>
      <acpi default='on' toggle='yes'/>
      <apic default='on' toggle='no'/>
      <pae/>
      <nonpae/>
    </features>
  </guest>

  <guest>
    <os_type>hvm</os_type>
    <arch name='x86_64'>
      <wordsize>64</wordsize>
      <emulator>/usr/libexec/qemu-kvm</emulator>
      <machine maxCpus='240'>pc-i440fx-rhel7.4.0</machine>
      <machine canonical='pc-i440fx-rhel7.4.0' maxCpus='240'>pc</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.0.0</machine>
      <machine maxCpus='240'>rhel6.3.0</machine>
      <machine maxCpus='240'>rhel6.4.0</machine>
      <machine maxCpus='240'>rhel6.0.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.1.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.2.0</machine>
      <machine maxCpus='255'>pc-q35-rhel7.3.0</machine>
      <machine maxCpus='240'>rhel6.5.0</machine>
      <machine maxCpus='384'>pc-q35-rhel7.4.0</machine>
      <machine canonical='pc-q35-rhel7.4.0' maxCpus='384'>q35</machine>
      <machine maxCpus='240'>rhel6.6.0</machine>
      <machine maxCpus='240'>rhel6.1.0</machine>
      <machine maxCpus='240'>rhel6.2.0</machine>
      <machine maxCpus='240'>pc-i440fx-rhel7.3.0</machine>
      <domain type='qemu'/>
      <domain type='kvm'>
        <emulator>/usr/libexec/qemu-kvm</emulator>
      </domain>
    </arch>
    <features>
      <cpuselection/>
      <deviceboot/>
      <disksnapshot default='on' toggle='no'/>
      <acpi default='on' toggle='yes'/>
      <apic default='on' toggle='no'/>
    </features>
  </guest>

</capabilities>


[root@perf45 yum.repos.d]# virsh domcapabilities
<domainCapabilities>
  <path>/usr/libexec/qemu-kvm</path>
  <domain>kvm</domain>
  <machine>pc-i440fx-rhel7.4.0</machine>
  <arch>x86_64</arch>
  <vcpu max='240'/>
  <os supported='yes'>
    <loader supported='yes'>
      <value>/usr/share/OVMF/OVMF_CODE.secboot.fd</value>
      <enum name='type'>
        <value>rom</value>
        <value>pflash</value>
      </enum>
      <enum name='readonly'>
        <value>yes</value>
        <value>no</value>
      </enum>
    </loader>
  </os>
  <cpu>
    <mode name='host-passthrough' supported='yes'/>
    <mode name='host-model' supported='yes'>
      <model fallback='forbid'>Skylake-Client-IBRS</model>
      <vendor>Intel</vendor>
      <feature policy='require' name='ss'/>
      <feature policy='require' name='hypervisor'/>
      <feature policy='require' name='tsc_adjust'/>
      <feature policy='require' name='stibp'/>
      <feature policy='require' name='ssbd'/>
      <feature policy='require' name='pdpe1gb'/>
      <feature policy='require' name='invtsc'/>
      <feature policy='disable' name='mpx'/>
      <feature policy='disable' name='xsavec'/>
      <feature policy='disable' name='xgetbv1'/>
    </mode>
    <mode name='custom' supported='yes'>
      <model usable='yes'>qemu64</model>
      <model usable='yes'>qemu32</model>
      <model usable='no'>phenom</model>
      <model usable='yes'>pentium3</model>
      <model usable='yes'>pentium2</model>
      <model usable='yes'>pentium</model>
      <model usable='yes'>n270</model>
      <model usable='yes'>kvm64</model>
      <model usable='yes'>kvm32</model>
      <model usable='no'>cpu64-rhel6</model>
      <model usable='yes'>coreduo</model>
      <model usable='yes'>core2duo</model>
      <model usable='no'>athlon</model>
      <model usable='yes'>Westmere</model>
      <model usable='yes'>Westmere-IBRS</model>
      <model usable='no'>Skylake-Client</model>
      <model usable='no'>Skylake-Client-IBRS</model>
      <model usable='yes'>SandyBridge</model>
      <model usable='yes'>SandyBridge-IBRS</model>
      <model usable='yes'>Penryn</model>
      <model usable='no'>Opteron_G5</model>
      <model usable='no'>Opteron_G4</model>
      <model usable='no'>Opteron_G3</model>
      <model usable='yes'>Opteron_G2</model>
      <model usable='yes'>Opteron_G1</model>
      <model usable='yes'>Nehalem</model>
      <model usable='yes'>Nehalem-IBRS</model>
      <model usable='yes'>IvyBridge</model>
      <model usable='yes'>IvyBridge-IBRS</model>
      <model usable='yes'>Haswell</model>
      <model usable='yes'>Haswell-noTSX</model>
      <model usable='yes'>Haswell-noTSX-IBRS</model>
      <model usable='yes'>Haswell-IBRS</model>
      <model usable='yes'>Conroe</model>
      <model usable='yes'>Broadwell</model>
      <model usable='yes'>Broadwell-noTSX</model>
      <model usable='yes'>Broadwell-noTSX-IBRS</model>
      <model usable='yes'>Broadwell-IBRS</model>
      <model usable='yes'>486</model>
    </mode>
  </cpu>
  <devices>
    <disk supported='yes'>
      <enum name='diskDevice'>
        <value>disk</value>
        <value>cdrom</value>
        <value>floppy</value>
        <value>lun</value>
      </enum>
      <enum name='bus'>
        <value>ide</value>
        <value>fdc</value>
        <value>scsi</value>
        <value>virtio</value>
        <value>usb</value>
        <value>sata</value>
      </enum>
    </disk>
    <graphics supported='yes'>
      <enum name='type'>
        <value>sdl</value>
        <value>vnc</value>
        <value>spice</value>
      </enum>
    </graphics>
    <video supported='yes'>
      <enum name='modelType'>
        <value>vga</value>
        <value>cirrus</value>
        <value>qxl</value>
        <value>virtio</value>
      </enum>
    </video>
    <hostdev supported='yes'>
      <enum name='mode'>
        <value>subsystem</value>
      </enum>
      <enum name='startupPolicy'>
        <value>default</value>
        <value>mandatory</value>
        <value>requisite</value>
        <value>optional</value>
      </enum>
      <enum name='subsysType'>
        <value>usb</value>
        <value>pci</value>
        <value>scsi</value>
      </enum>
      <enum name='capsType'/>
      <enum name='pciBackend'/>
    </hostdev>
  </devices>
  <features>
    <gic supported='no'/>
  </features>
</domainCapabilities>



[root@perf45 yum.repos.d]# ./cpu_gather.sh 
model name	: Intel(R) Xeon(R) CPU E5-2697A v4 @ 2.60GHz
./cpu_gather.sh: line 9: cpuid: command not found

{"QMP": {"version": {"qemu": {"micro": 0, "minor": 9, "major": 2}, "package": "(qemu-kvm-rhev-2.9.0-16.el7_4.18)"}, "capabilities": []}}
{"return": {}}
{"return": {"model": {"name": "base", "props": {"phys-bits": 0, "core-id": -1, "xlevel": 2147483656, "cmov": true, "ia64": false, "aes": true, "mmx": true, "arat": true, "rdpid": false, "pause-filter": false, "xsavec": false, "osxsave": false, "tsc-frequency": 0, "xd": true, "hv-vendor-id": "", "kvm-asyncpf": true, "kvm_asyncpf": true, "perfctr_core": false, "perfctr-core": false, "mpx": false, "decodeassists": false, "avx512cd": false, "pbe": false, "sse4.1": true, "sse4-1": true, "sse4_1": true, "family": 6, "vmware-cpuid-freq": true, "avx512f": false, "xcrypt": false, "msr": true, "mce": true, "mca": true, "thread-id": -1, "min-level": 13, "xgetbv1": false, "cid": false, "hv-relaxed": false, "fxsr": true, "ds": false, "hv-crash": false, "xsaveopt": true, "xtpr": false, "avx512-vpopcntdq": false, "phe": false, "avx512vl": false, "extapic": false, "3dnowprefetch": true, "cr8legacy": false, "stibp": true, "cpuid-0xb": true, "xcrypt-en": false, "kvm_pv_eoi": true, "apic-id": 4294967295, "pn": false, "dca": false, "vendor": "GenuineIntel", "pku": false, "smx": false, "cmp-legacy": false, "cmp_legacy": false, "avx512-4fmaps": false, "vmcb-clean": false, "vmcb_clean": false, "3dnowext": false, "hle": true, "npt": false, "memory": "/machine/unattached/system[0]", "clwb": false, "lbrv": false, "adx": true, "ss": true, "pni": true, "svm_lock": false, "svm-lock": false, "smep": true, "pfthreshold": false, "smap": true, "x2apic": true, "avx512vbmi": false, "i64": true, "flushbyasid": false, "f16c": true, "ace2-en": false, "pat": true, "pae": true, "sse": true, "phe-en": false, "kvm-nopiodelay": true, "kvm_nopiodelay": true, "tm": false, "kvmclock-stable-bit": true, "hypervisor": true, "socket-id": -1, "pcommit": false, "syscall": true, "level": 13, "avx512dq": false, "svm": false, "full-cpuid-auto-level": true, "invtsc": false, "sse3": true, "sse2": true, "ssbd": true, "est": false, "avx512ifma": false, "tm2": false, "kvm-pv-eoi": true, "cx8": true, "kvm-mmu": false, "kvm_mmu": false, "sse4_2": true, "sse4.2": true, "sse4-2": true, "pge": true, "fill-mtrr-mask": true, "pdcm": false, "nodeid_msr": false, "model": 79, "movbe": true, "nrip-save": false, "nrip_save": false, "sse4a": false, "ssse3": true, "kvm_pv_unhalt": true, "invpcid": true, "pdpe1gb": true, "tsc-deadline": true, "fma": true, "cx16": true, "de": true, "enforce": false, "stepping": 1, "xsave": true, "clflush": true, "arch-facilities": false, "skinit": false, "tce": false, "tsc": true, "fpu": true, "ds-cpl": false, "ds_cpl": false, "ibs": false, "host-phys-bits": true, "fma4": false, "la57": false, "osvw": false, "check": true, "hv-spinlocks": -1, "pmm": false, "apic": true, "pmu": false, "spec-ctrl": true, "min-xlevel2": 0, "tsc-adjust": true, "tsc_adjust": true, "kvm-steal-time": true, "kvm_steal_time": true, "kvmclock": true, "l3-cache": true, "lwp": false, "xop": false, "ibpb": false, "avx": true, "ospke": false, "ace2": false, "acpi": false, "avx512bw": false, "hv-vapic": false, "fsgsbase": true, "ht": false, "nx": true, "pclmulqdq": true, "mmxext": false, "popcnt": true, "xsaves": false, "lm": true, "umip": false, "avx2": true, "pse": true, "sep": true, "pclmuldq": true, "virt-ssbd": false, "nodeid-msr": false, "kvm": true, "misalignsse": false, "min-xlevel": 2147483656, "bmi2": true, "bmi1": true, "kvm-pv-unhalt": true, "realized": false, "tsc-scale": false, "tsc_scale": false, "topoext": false, "xlevel2": 0, "clflushopt": false, "kvm-no-smi-migration": false, "monitor": false, "avx512er": false, "pmm-en": false, "pcid": true, "3dnow": false, "erms": true, "lahf-lm": true, "lahf_lm": true, "xstore": false, "fxsr-opt": false, "fxsr_opt": false, "rtm": true, "lmce": true, "hv-time": false, "perfctr-nb": false, "perfctr_nb": false, "ffxsr": false, "rdrand": true, "rdseed": true, "avx512-4vnniw": false, "vme": true, "vmx": false, "dtes64": false, "mtrr": true, "rdtscp": true, "pse36": true, "tbm": false, "wdt": false, "pause_filter": false, "model-id": "Intel(R) Xeon(R) CPU E5-2697A v4 @ 2.60GHz", "sha-ni": false, "abm": true, "avx512pf": false, "xstore-en": false}}}, "id": "model-expansion"}
{"return": [{"name": "max", "typename": "max-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": false}, {"name": "host", "typename": "host-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": false}, {"name": "base", "typename": "base-x86_64-cpu", "unavailable-features": [], "static": true, "migration-safe": true}, {"name": "qemu64", "typename": "qemu64-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "qemu32", "typename": "qemu32-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "phenom", "typename": "phenom-x86_64-cpu", "unavailable-features": ["mmxext", "fxsr-opt", "3dnowext", "3dnow", "sse4a", "npt"], "static": false, "migration-safe": true}, {"name": "pentium3", "typename": "pentium3-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "pentium2", "typename": "pentium2-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "pentium", "typename": "pentium-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "n270", "typename": "n270-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "kvm64", "typename": "kvm64-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "kvm32", "typename": "kvm32-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "cpu64-rhel6", "typename": "cpu64-rhel6-x86_64-cpu", "unavailable-features": ["sse4a"], "static": false, "migration-safe": true}, {"name": "coreduo", "typename": "coreduo-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "core2duo", "typename": "core2duo-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "athlon", "typename": "athlon-x86_64-cpu", "unavailable-features": ["mmxext", "3dnowext", "3dnow"], "static": false, "migration-safe": true}, {"name": "Westmere", "typename": "Westmere-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Westmere-IBRS", "typename": "Westmere-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Skylake-Client", "typename": "Skylake-Client-x86_64-cpu", "unavailable-features": ["mpx", "xsavec", "xgetbv1", "mpx", "mpx"], "static": false, "migration-safe": true}, {"name": "Skylake-Client-IBRS", "typename": "Skylake-Client-IBRS-x86_64-cpu", "unavailable-features": ["mpx", "xsavec", "xgetbv1", "mpx", "mpx"], "static": false, "migration-safe": true}, {"name": "SandyBridge", "typename": "SandyBridge-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "SandyBridge-IBRS", "typename": "SandyBridge-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Penryn", "typename": "Penryn-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Opteron_G5", "typename": "Opteron_G5-x86_64-cpu", "unavailable-features": ["sse4a", "misalignsse", "xop", "fma4", "tbm"], "static": false, "migration-safe": true}, {"name": "Opteron_G4", "typename": "Opteron_G4-x86_64-cpu", "unavailable-features": ["sse4a", "misalignsse", "xop", "fma4"], "static": false, "migration-safe": true}, {"name": "Opteron_G3", "typename": "Opteron_G3-x86_64-cpu", "unavailable-features": ["sse4a", "misalignsse"], "static": false, "migration-safe": true}, {"name": "Opteron_G2", "typename": "Opteron_G2-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Opteron_G1", "typename": "Opteron_G1-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Nehalem", "typename": "Nehalem-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Nehalem-IBRS", "typename": "Nehalem-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "IvyBridge", "typename": "IvyBridge-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "IvyBridge-IBRS", "typename": "IvyBridge-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Haswell", "typename": "Haswell-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Haswell-noTSX", "typename": "Haswell-noTSX-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Haswell-noTSX-IBRS", "typename": "Haswell-noTSX-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Haswell-IBRS", "typename": "Haswell-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Conroe", "typename": "Conroe-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Broadwell", "typename": "Broadwell-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Broadwell-noTSX", "typename": "Broadwell-noTSX-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Broadwell-noTSX-IBRS", "typename": "Broadwell-noTSX-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "Broadwell-IBRS", "typename": "Broadwell-IBRS-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}, {"name": "486", "typename": "486-x86_64-cpu", "unavailable-features": [], "static": false, "migration-safe": true}], "id": "definitions"}
{"return": {}}
{"timestamp": {"seconds": 1534878264, "microseconds": 373898}, "event": "SHUTDOWN", "data": {"guest": false}}

Comment 6 jiyan 2019-01-08 03:01:19 UTC

Reproduced this bug on the following components.

Version:
kernel-3.10.0-693.el7.x86_64
qemu-kvm-rhev-2.9.0-16.el7_4.13.x86_64
libvirt-3.2.0-14.el7_4.9.x86_64

Steps:
1. Related info
# lscpu
...
Model name:            Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz
...

# virsh capabilities 
<capabilities>
  <host>
...
      <model>Broadwell</model>

# virsh domcapabilities
  <cpu>
    <mode name='host-passthrough' supported='yes'/>
    <mode name='host-model' supported='yes'>
      <model fallback='forbid'>Skylake-Client</model>       *********
...
    </mode>
    <mode name='custom' supported='yes'>
...
      <model usable='no'>Skylake-Client</model>  *********
...
      <model usable='yes'>Broadwell</model>  *********
    </mode>
  </cpu>

2. In "virt-manager", enable "copy host CPU configuration" 
# virsh domstate test1
shut off

# virsh dumpxml test1 --inactive |grep "<cpu" -A3
  <cpu mode='host-model' check='partial'>
    <model fallback='allow'/>
  </cpu>

# virsh start test1
Domain test1 started

# virsh dumpxml test1 |grep "<cpu" -A17
  <cpu mode='custom' match='exact' check='full'>
    <model fallback='forbid'>Skylake-Client</model>       *********
    <vendor>Intel</vendor>
    <feature policy='require' name='ss'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='require' name='tsc_adjust'/>
    <feature policy='require' name='pdpe1gb'/>
    <feature policy='disable' name='mpx'/>
    <feature policy='disable' name='xsavec'/>
    <feature policy='disable' name='xgetbv1'/>
  </cpu>

# ps -ef |grep test1
-cpu Skylake-Client,ss=on,hypervisor=on,tsc_adjust=on,pdpe1gb=on,mpx=off,xsavec=off,xgetbv1=off -m 1024 -realtime mlock=off -smp 2,sockets=2,cores=1,threads=1

Comment 7 jiyan 2019-01-08 03:05:43 UTC

Created attachment 1519105 [details]
info needed in "comment-4"

Comment 11 Jiri Denemark 2019-02-14 16:12:33 UTC

The difference between QEMU's and libvirt's specification of a given CPU model
is not an issue and in fact it is inevitable since some CPU models in QEMU
provide different features depending on the chosen machine type.

If users ask for Broadwell via libvirt, they will always get what QEMU
understands as Broadwell, libvirt's definition for this is irrelevant.

The definitions in libvirt are mostly used for detecting which CPU model
corresponds to the host CPU. However, it is partially also used for checking
guest vs. host CPU compatibilty and that's the reason we don't change CPU
model definitions in libvirt. Users wouldn't like their domain to suddenly
fail to start after libvirt is upgraded in case their host CPU does not
support any of the additional features possibly added to the CPU model they
use.

The problem (which is not exactly easy to fix) is that detecting a CPU model
just from a set of CPU features is not 100% reliable. Thus, we try to match
family/model numbers, but we only have a limited list of CPU signatures (in
fact we just use those from QEMU CPU models), while in real world a single CPU
model is shipped with several different family/model numbers. Unfortunately,
there seems to be no official documentation from Intel which would let us list
all CPU signatures for each CPU model. I'll try to talk to them about this,
but without such knowledge, we can't really do much.

That said, if host-model is resulting in an incorrect CPU model, users can
always use a specific CPU model.

Comment 15 Andrew Theurer 2019-02-15 12:51:45 UTC

(In reply to Jiri Denemark from comment #11)
> The difference between QEMU's and libvirt's specification of a given CPU
> model
> is not an issue and in fact it is inevitable since some CPU models in QEMU
> provide different features depending on the chosen machine type.
> 
> If users ask for Broadwell via libvirt, they will always get what QEMU
> understands as Broadwell, libvirt's definition for this is irrelevant.

So, should this problem be fixed in Qemu, and why would Qemu select "Skylake-IBRS" when we want "Broadwell-IBRS"?

Do we know exactly what it is within the Skylake-IBRS definition that causes the performance degradation?  Shared cache definitions? A missing instruction?

Comment 16 Paolo Bonzini 2019-02-15 15:34:52 UTC

QEMU does not make any decision here.  "host-model" only exists at the libvirt level.

> Do we know exactly what it is within the Skylake-IBRS definition that causes the performance degradation? 

What performance degradation?

Comment 20 Sanjay Rao 2019-02-18 20:14:14 UTC

(In reply to Paolo Bonzini from comment #16)
> QEMU does not make any decision here.  "host-model" only exists at the
> libvirt level.
> 
> > Do we know exactly what it is within the Skylake-IBRS definition that causes the performance degradation? 
> 
> What performance degradation?


Paolo

We first saw this when we tested the CVE mitigation code and compared to results on a KVM kernel without mitigations, we saw that when we set the flag to host model, it would set the KVM cpu type to Skylake-client-IBRS and we saw performance degradation compared to not using the flag.

When the cpu type set to Broadwell-IBRS, we saw a 5 % drop compared to a baseline obtained on a kernel without mitigation but when the host model box was checked, the wrong cpu type was set and we saw a 25% drop compared to the baseline.

Comment 21 Bob Sibley 2019-02-18 22:51:42 UTC

The issue has nothing to do with Mitigation:

When:

  <cpu mode='host-model' check='none'>
    <model fallback='allow'/>
  </cpu>

is selected, before guest is started, in .xml the cpu mode has host-model.

after starting guest:

  <cpu mode='custom' match='exact' check='full'>
    <model fallback='forbid'>Skylake-Client</model>
    <vendor>Intel</vendor>
    <feature policy='require' name='ss'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='require' name='tsc_adjust'/>
    <feature policy='require' name='umip'/>
    <feature policy='require' name='pdpe1gb'/>
    <feature policy='disable' name='mpx'/>
    <feature policy='disable' name='xsavec'/>
    <feature policy='disable' name='xgetbv1'/>
  </cpu>

in the .xml cpu mode, now has "Skylake-Client", now this shouldn't matter, except we're seeing performance degragation (as stated in "comment 20").

We're only seeing this in Intel Broadwell, the cpu mode flags  Broadwell, Broadwell-IBRS, Broadwell-noTSX, and Broadwell-noTSX-IBRS, when selected didn't change.

Comment 22 Paolo Bonzini 2019-02-19 00:59:59 UTC

Ugh, IBRS indeed:

bool spec_ctrl_cond_enable_ibrs(bool full_retp)
{
        if (cpu_has_spec_ctrl() && (is_skylake_era() || !full_retp) &&
            !noibrs_cmdline) {
                if (boot_cpu_has(X86_FEATURE_IBRS_ENHANCED))
                        spec_ctrl_enable_ibrs_enhanced();
                else
                        set_spec_ctrl_pcp_ibrs();
                return true;
        }

        return false;
}

I think libvirt should be changed to never use a CPU that has a newer family/model than the host one.  Jiri, does that sound doable?

Comment 23 Jiri Denemark 2019-02-19 11:40:37 UTC

Well, IMHO it's essentially what I suggested in comment #11, unless there's a
way to actually check what CPU is newer by comparing family/model numbers
without listing all possible combinations along individual CPU models in
cpu_map. As far as I can tell the family/model numbers are assigned pretty
randomly which makes comparisons pretty much impossible. Please, correct me if
I'm wrong it would make me happy.

Comment 29 Jiri Denemark 2019-02-27 13:31:33 UTC

Patches sent upstream for review: https://www.redhat.com/archives/libvir-list/2019-February/msg01528.html

Comment 30 Jiri Denemark 2019-03-05 18:58:03 UTC

This is fixed upstream since

commit 4ff74a806ad42820eef3877c8ec146770914d8df
Refs: v5.1.0-74-g4ff74a806a
Author:     Jiri Denemark <jdenemar>
AuthorDate: Fri Feb 22 14:45:24 2019 +0100
Commit:     Jiri Denemark <jdenemar>
CommitDate: Tue Mar 5 14:47:49 2019 +0100

    cpu_map: Add more signatures for Broadwell CPU models

    This fixes several CPUs which were incorrectly detected as
    Skylake-Client.

    Signed-off-by: Jiri Denemark <jdenemar>
    Reviewed-by: Ján Tomko <jtomko>

Comment 35 Jiri Denemark 2019-03-08 11:44:29 UTC

One more additional patch is needed to fix a bug in the original series:

commit 62cb9c335c43a722e81ac0a1ed6e1111ba1d428b
Refs: v5.1.0-144-g62cb9c335c
Author:     Michal Privoznik <mprivozn>
AuthorDate: Thu Mar 7 14:17:01 2019 +0100
Commit:     Michal Privoznik <mprivozn>
CommitDate: Thu Mar 7 15:30:40 2019 +0100

    cpu: Don't access invalid memory in virCPUx86Translate

    Problem is that if there are no signatures for a CPU, then we
    still allocate cpu->signatures (even though with size 0). Later,
    we access cpu->signatures[0] if cpu->signatures is not NULL.

     Invalid read of size 4
        at 0x5F439D7: virCPUx86Translate (cpu_x86.c:2930)
        by 0x5F3C239: virCPUTranslate (cpu.c:927)
        by 0x57CE7A1: qemuProcessUpdateGuestCPU (qemu_process.c:5870)
        ...
      Address 0xf752d40 is 0 bytes after a block of size 0 alloc'd
        at 0x4C30EC6: calloc (vg_replace_malloc.c:711)
        by 0x5DBDE4E: virAllocN (viralloc.c:190)
        by 0x5F3E4FA: x86ModelCopySignatures (cpu_x86.c:990)
        by 0x5F3E60F: x86ModelCopy (cpu_x86.c:1008)
        by 0x5F3E7CB: x86ModelFromCPU (cpu_x86.c:1068)
        by 0x5F4397E: virCPUx86Translate (cpu_x86.c:2922)
        by 0x5F3C239: virCPUTranslate (cpu.c:927)
        by 0x57CE7A1: qemuProcessUpdateGuestCPU (qemu_process.c:5870)
        ...

    Signed-off-by: Michal Privoznik <mprivozn>
    Reviewed-by: Jiri Denemark <jdenemar>

Comment 38 jiyan 2019-03-29 07:05:49 UTC

Version:
libvirt-4.5.0-11.el7.x86_64
qemu-kvm-rhev-2.12.0-25.el7.x86_64
kernel-3.10.0-1031.el7.x86_64

Steps:
1. Check the output of 'virsh capabilities' and 'virsh domcapabilities' of 'Broadwell' physical machine.
# lscpu
...
Model name:            Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz

# virsh capabilities
<capabilities>
  <host>
    <uuid>4f11c612-e27d-11e7-9a7d-0894ef59df54</uuid>
    <cpu>
      <arch>x86_64</arch>
**      <model>Broadwell</model> **
      <vendor>Intel</vendor>
      <microcode version='184549410'/>
...

# virsh domcapabilities
...
  <cpu>
    <mode name='host-model' supported='yes'>
**      <model fallback='forbid'>Broadwell</model> **
      <vendor>Intel</vendor>
      <feature policy='require' name='vme'/>
      <feature policy='require' name='ss'/>
      <feature policy='require' name='f16c'/>
      <feature policy='require' name='rdrand'/>
      <feature policy='require' name='hypervisor'/>
      <feature policy='require' name='arat'/>
      <feature policy='require' name='tsc_adjust'/>
      <feature policy='require' name='xsaveopt'/>
      <feature policy='require' name='pdpe1gb'/>
      <feature policy='require' name='abm'/>
      <feature policy='require' name='invtsc'/>
    </mode>
...

2. Start VM with 'host-model' cpu conf, start VM
# virsh domstate avocado-vt-vm1
shut off

# virsh dumpxml avocado-vt-vm1 --inactive |grep "<cpu" -A3
  <cpu mode='host-model' check='partial'>
    <model fallback='allow'/>
  </cpu>

# virsh start avocado-vt-vm1
Domain avocado-vt-vm1 started

3. After Step-2, check the CPU conf in active dumpxml and qemu cmd line.
# virsh dumpxml avocado-vt-vm1 |grep "<cpu" -A20
  <cpu mode='custom' match='exact' check='full'>
 **   <model fallback='forbid'>Broadwell</model>  **
    <vendor>Intel</vendor>
    <feature policy='require' name='vme'/>
    <feature policy='require' name='ss'/>
    <feature policy='require' name='f16c'/>
    <feature policy='require' name='rdrand'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='require' name='arat'/>
    <feature policy='require' name='tsc_adjust'/>
    <feature policy='require' name='xsaveopt'/>
    <feature policy='require' name='pdpe1gb'/>
    <feature policy='require' name='abm'/>
  </cpu>

# ps -ef |grep avocado-vt-vm1 
...
-cpu **Broadwell**,vme=on,ss=on,f16c=on,rdrand=on,hypervisor=on,arat=on,tsc_adjust=on,xsaveopt=on,pdpe1gb=on,abm=on,rtm=on,hle=on

The test result is as expected, move this bug to be verified.

Comment 39 Jiri Denemark 2019-04-25 09:37:14 UTC

*** Bug 1597088 has been marked as a duplicate of this bug. ***

Comment 41 errata-xmlrpc 2019-08-06 13:13:52 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:2294

Note You need to log in before you can comment on or make changes to this bug.

atheurer
chayang
dshaks
dyuan
ehabkost
fjin
gveitmic
hfukumot
jdenemar
jinzhao
juzhang
knoel
marjones
mkalinin
mvanderw
pbonzini
pveiga
qzhang
rbalakri
rsibley
srao
virt-maint
xuzhang
yalzhang
zhguo