Whitelist two more SSBD-related CPU flags for AMD ('amd-ssbd', 'amd-no-ssb')
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Won't Fix
|
Undecided
|
Unassigned | ||
Ocata |
Fix Committed
|
High
|
Elod Illes | ||
Pike |
Fix Committed
|
High
|
Dan Smith | ||
Queens |
Fix Committed
|
High
|
Dan Smith |
Bug Description
In addition to the existing 'virt-ssbd', future AMD CPUs will have
another (architectural) way to deal with SSBD (Speculative Store Bypass
Disable), via the CPU flag: 'amd-ssbd'.
Furthermore, future AMD CPUs also will expose a mechanism to tell the
guest that the "Speculative Store Bypass Disable" (SSBD) is not needed
and that the CPU is all good. This is via the CPU flag: 'amd-no-ssb'
In summary, two new flags are[1][2]:
amd-ssbd
amd-no-ssb
It is recommended to add the above two flags to the whitelist of Nova's
`cpu_model_
Pike and Ocata).
For Rocky and above release, no such white-listing is required, since we
allow free-form CPU flags[3].
* * *
Additional notes (from the QEMU mailing list thread[4]) related to
performance and live migration:
- tl;dr: On an AMD Compute node, a guest should be presented with
'amd-ssbd', if available, in preference to 'virt-ssbd'.
Details: Tom Lendacky from AMD writes[4] -- "The idea behind
'virt-ssbd' was to provide an architectural method for a guest to do
SSBD when 'amd-ssbd' isn't present. The 'amd-ssbd' feature will use
SPEC_CTRL which is intended to not be intercepted and will be fast.
The use of 'virt-ssbd' will always be intercepted and therefore will
not be as fast. So a guest should be presented with 'amd-ssbd', if
available, in preference to 'virt-ssbd'."
- It is safe to use 'amd-ssbd' (it is an architectural method for
guest to do SSBD) in a guest which can be live migrated between
different generations/
[1] libvirt patch:
https:/
[2] QEMU patch:
https:/
[3] http://
libvirt: Lift the restriction of choices for `cpu_model_
[4] https:/
tags: | added: queens-backport-potential |
tags: | added: security |
tags: | added: pike-backport-potential |
description: | updated |
description: | updated |
summary: |
- Whitelist two more SSBD-related CPU flags for AMD ('amd-ssbd', 'amd-no- + Whitelist two more SSBD-related CPU flags for AMD ('amd-ssb', 'amd-no- ssb') |
summary: |
- Whitelist two more SSBD-related CPU flags for AMD ('amd-ssb', 'amd-no- + Whitelist two more SSBD-related CPU flags for AMD ('amd-ssbd', 'amd-no- ssb') |
description: | updated |
Fix proposed to branch: stable/queens /review. openstack. org/576270
Review: https:/