1570610 – [RHOS-13] RFE: add ability to configure extra CPU flags for named CPU models

Bug 1570610 - [RHOS-13] RFE: add ability to configure extra CPU flags for named CPU models

Summary: [RHOS-13] RFE: add ability to configure extra CPU flags for named CPU models

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-nova
Sub Component:
Version:	13.0 (Queens)
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	z2
Target Release:	13.0 (Queens)
Assignee:	Kashyap Chamarthy
QA Contact:	OSP DFG:Compute
Docs Contact:
URL:
Whiteboard:
Depends On:	1398343 1570611 1570614 1570617 1612360
Blocks:	1547954 1571741 1571744 1571750 1571756 1800566 1800679
TreeView+	depends on / blocked

Reported:	2018-04-23 10:37 UTC by Kashyap Chamarthy
Modified:	2023-03-21 18:48 UTC (History)
CC List:	14 users (show)
Fixed In Version:	openstack-nova-17.0.3-0.20180420001139.el7ost
Doc Type:	Enhancement
Doc Text:
Clone Of:	1398343
Environment:
Last Closed:	2018-08-09 10:39:05 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Launchpad	1750829	None	None	None	2018-04-23 10:37:27 UTC
OpenStack gerrit	559700	'None'	MERGED	libvirt: Allow to specify granular CPU feature flags	2020-08-05 11:24:34 UTC
Red Hat Issue Tracker	OSP-7833	None	None	None	2022-08-10 09:42:20 UTC
Red Hat Knowledge Base (Solution)	2778991	None	None	None	2018-04-23 10:37:27 UTC

Comment 3 Kashyap Chamarthy 2018-04-23 13:19:12 UTC

The patch[*] is already in RHOS-13:

    $> git branch --contains 98eb85f
    rhos-13.0-patches

[*] From RHOS-13 branch:

$ git show 98eb85f
commit 98eb85f29c5f0775de480d5ea2946dcbba85fe8a
Author: Kashyap Chamarthy <kchamart>
Date:   Tue Jan 16 17:56:51 2018 +0100

    libvirt: Allow to specify granular CPU feature flags
    
    The recent "Meltdown" CVE fixes have resulted in a critical performance
    penalty[*] that will impact every Nova guest with certain CPU models.
    
    I.e. assume you have applied all the "Meltdown" CVE fixes, and performed
    a cold reboot (explicit stop & start) of all Nova guests, for the
    updates to take effect.  Now, if any guests that are booted with certain
    named virtual CPU models (e.g. "IvyBridge", "Westmere", etc), then those
    guests, will incur noticeable performance degradation[*], while being
    protected from the CVE itself.
    
    To alleviate this guest performance impact, it is now important to
    specify an obscure Intel CPU feature flag, 'PCID' (Process-Context ID)
    -- for the virtual CPU models that don't already include it (more on
    this below).  To that end, this change will allow Nova to explicitly
    specify CPU feature flags via a new configuration attribute,
    `cpu_model_extra_flags`, e.g. in `nova.conf`:
    
    [...]

Comment 7 Jon Schlueter 2018-06-27 19:41:11 UTC

According to our records, this should be resolved by openstack-nova-17.0.3-0.20180420001141.el7ost.  This build is available now.

Note You need to log in before you can comment on or make changes to this bug.