[regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel: meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
The Ubuntu-power-systems project |
Fix Released
|
Critical
|
Canonical Kernel Team | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Ubuntu on IBM Power Systems Bug Triage | ||
Bionic |
Fix Released
|
Undecided
|
Ubuntu on IBM Power Systems Bug Triage |
Bug Description
---Problem Description---
4.15.0-17-generic #18-Ubuntu introduces newer knob to control enabling rfi_flush to mitigate meltdown/spectre which is set to disable by default for guest instead of enable.
#cat /sys/kernel/
0 -------
Expected:
/sys/kernel/
---uname output---
Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux
---Additional Hardware Info---
power9 boston 2.2 (pvr 004e 1202), power8 tuleta 2.1 (pvr 004b 0201)
Machine Type = power9 boston 2.2 (pvr 004e 1202), power8 tuleta 2.1 (pvr 004b 0201)
---Steps to Reproduce---
Pre-requite:
FW version-
power9 boston: SUPERMICRO-
power8 tuleta: fips861/
Host: 4.15.0-17-generic #18-Ubuntu
qemu: 1:2.11+
Guest: 4.15.0-17-generic #18-Ubuntu
Results of Power9 Host:
++++++++++++++++++
1) Boot a ubuntu 18.04 guest with latest kernel(
# make tests
=========
Machine details from dmesg:
dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush
[ 0.000000] Using pSeries machine description
[ 0.000000] rfi-flush: fallback displacement flush available
[ 0.000000] rfi-flush: ori type flush available
[ 0.000000] rfi-flush: mttrig type flush available
[ 0.000000] rfi-flush: patched 9 locations (no flush)
=========
Running tests...
Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000071 branches, 10000006 branch misses)
Testing mitigation for meltdown (l1d flush - syscall)... FAIL (132523 misses, 192000000 expected) [10/10 failures]
Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8)
# uname -a
Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux
2) Once we enable rfi_flush i.e. /sys/kernel/
#echo 1 > /sys/kernel/
# cat /sys/kernel/
1
# make tests
=========
Machine details from dmesg:
dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush
[ 0.000000] Using pSeries machine description
[ 0.000000] rfi-flush: fallback displacement flush available
[ 0.000000] rfi-flush: ori type flush available
[ 0.000000] rfi-flush: mttrig type flush available
[ 0.000000] rfi-flush: patched 9 locations (no flush)
[ 1502.627548] rfi-flush: patched 9 locations (ori+mttrig type flush)
=========
Running tests...
Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000074 branches, 10000010 branch misses)
Testing mitigation for meltdown (l1d flush - syscall)... PASS (196010325 misses, 192000000 expected) [10/10 pass]
Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8)
Results of Power8 Host:
+++++++++++++++++++
1)
#cat /sys/kernel/
0
# make tests
=========
Machine details from dmesg:
dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush
[ 0.000000] Using pSeries machine description
[ 0.000000] rfi-flush: fallback displacement flush available
[ 0.000000] rfi-flush: patched 9 locations (no flush)
=========
Running tests...
Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000066 branches, 10000010 branch misses)
Testing mitigation for meltdown (l1d flush - syscall)... FAIL (150100 misses, 192000000 expected) [10/10 failures]
Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8)
2)
#echo 1 > /sys/kernel/
#cat /sys/kernel/
1
# make tests
=========
Machine details from dmesg:
dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush
[ 0.000000] Using pSeries machine description
[ 0.000000] rfi-flush: fallback displacement flush available
[ 0.000000] rfi-flush: patched 9 locations (no flush)
[ 243.736201] rfi-flush: patched 9 locations (fallback displacement flush)
=========
Running tests...
Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000054 branches, 10000008 branch misses)
Testing mitigation for meltdown (l1d flush - syscall)... PASS (195105463 misses, 192000000 expected) [10/10 pass]
Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8)
# uname -a
Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux
== Breno Leitao ==
Patch sent to the mailing list already:
https:/
tags: | added: architecture-ppc64le bugnameltc-166922 severity-critical targetmilestone-inin1804 |
Changed in ubuntu: | |
assignee: | nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) |
affects: | ubuntu → linux (Ubuntu) |
Changed in ubuntu-power-systems: | |
importance: | Undecided → Critical |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
tags: | added: triage-g |
Changed in linux (Ubuntu Bionic): | |
status: | New → Fix Committed |
Changed in ubuntu-power-systems: | |
status: | New → Fix Committed |
Changed in ubuntu-power-systems: | |
status: | Fix Committed → Fix Released |
This bug was fixed in the package linux - 4.15.0-19.20
---------------
linux (4.15.0-19.20) bionic; urgency=medium
* linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
* Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
- Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
- Revert "genirq/affinity: assign vectors to all possible CPUs"
linux (4.15.0-18.19) bionic; urgency=medium
* linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
* [regression] Ubuntu 18.04:[ 4.15.0- 17-generic #18] KVM Guest Kernel:
meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
(LP: #1765429)
- powerpc/pseries: Fix clearing of security feature flags
* signing: only install a signed kernel (LP: #1764794)
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Config] signing -- enable Opal signing for ppc64el
- [Packaging] printenv -- add signing options
* [18.04 FEAT] Sign POWER host/NV kernels (LP: #1696154)
- [Packaging] signing -- add support for signing Opal kernel binaries
* Please cherrypick s390 unwind fix (LP: #1765083)
- s390/compat: fix setup_frame32
* Ubuntu 18.04 installer does not detect any IPR based HDD/RAID array [S822L] core-modules on ppc64el
[ipr] (LP: #1751813)
- d-i: move ipr to storage-
* drivers/ gpu/drm/ bridge/ adv7511/ adv7511. ko missing (LP: #1764816)
- SAUCE: (no-up) rename the adv7511 drm driver to adv7511_drm
* Miscellaneous Ubuntu changes
- [Packaging] Add linux-oem to rebuild test blacklist.
linux (4.15.0-17.18) bionic; urgency=medium
* linux: 4.15.0-17.18 -proposed tracker (LP: #1764498)
* Eventual OOM with profile reloads (LP: #1750594)
- SAUCE: apparmor: fix memory leak when duplicate profile load
linux (4.15.0-16.17) bionic; urgency=medium
* linux: 4.15.0-16.17 -proposed tracker (LP: #1763785)
* [18.04] [bug] CFL-S(CNP)/CNL GPIO testing failed (LP: #1757346) PINCTRL_ CANNONLAKE= y
- [Config]: Set CONFIG_
* [Ubuntu 18.04] USB Type-C test failed on GLK (LP: #1758797)
- SAUCE: usb: typec: ucsi: Increase command completion timeout value
* Fix trying to "push" an already active pool VP (LP: #1763386)
- SAUCE: powerpc/xive: Fix trying to "push" an already active pool VP
* hisi_sas: Revert and replace SAUCE patches w/ upstream (LP: #1762824) DEVICE_ TABLE()
- Revert "UBUNTU: SAUCE: scsi: hisi_sas: export device table of v3 hw to
userspace"
- Revert "UBUNTU: SAUCE: scsi: hisi_sas: config for hip08 ES"
- scsi: hisi_sas: modify some register config for hip08
- scsi: hisi_sas: add v3 hw MODULE_
* Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
- misc: rtsx: Move Realtek Card Reader Driver to misc
- updateconfigs for Realtek Card Reader Driver
- misc: rtsx: Add support for RTS5260
- misc: rtsx: Fix symbol clashes
* Mellanox [mlx5] [bionic] UBSAN: Undefined behaviour in linux/net_ dim.h (LP: #1...
./include/