OpenStack Compute (nova)

RFE: libvirt: Add ability to configure extra CPU flags for named CPU models

Bug #1750829 reported by Kashyap Chamarthy
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Fix Released
High
Kashyap Chamarthy
Ocata
Fix Released
Medium
Lee Yarwood
Pike
Fix Committed
Medium
Kashyap Chamarthy
Queens
Fix Committed
Medium
Kashyap Chamarthy
OpenStack Nova Compute Charm
Fix Released
Medium
Chris MacNaughton
OpenStack Nova Compute Charm 18.08

Bug Description

Motivation
----------

The recent "Meltdown" CVE fixes resulted in critical performance
penalty, From here[*]:

    [...] However, in examining both the various fixes rolled out in
    actual Linux distros over the past few days and doing some very
    informal surveying of environments I have access to, I discovered
    that the PCID ["process-context identifiers"] processor feature,
    which used to be a virtual no-op, is now a performance AND security
    critical item.[...]

So if a Nova user has applied all the "Meltdown" CVE fixes, and is using
a named CPU model (like "IvyBridge", or "Westmere" — which specifically
lack the said obscure "PCID" feature) they will incur severe performance
degradation[*].

Note that some of Intel *physical* CPUs themselves include the 'pcid'
CPU feature flag; but the named CPU models provided by libvirt & QEMU
lack that flag — hence we explicitly specify it for virtual CPUs via the
following proposed config attribute.

[*] https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU

Proposed change
---------------

Modify Nova's libvirt driver such that it will be possible to set
granular CPU feature flags for named CPU models. E.g. to explicitly
specify the 'pcid' feature flag with Intel IvyBridge CPU model, set the
following in /etc/nova.conf:

    ...
    [libvirt]
    cpu_model=IvyBridge
    cpu_model_extra_flags="pcid"
    ...

The list of known CPU feature flags ('vmx', 'xtpr', 'pcid', et cetera)
can be found in /usr/share/libvirt/cpu_map.xml.

Note that before specifying extra CPU feature flags, one should check if
the named CPU models (provided by libvirt) already include the said
flags. E.g. the 'Broadwell', 'Haswell-noTSX' named CPU models provided
by libvirt already provides the 'pcid' CPU feature flag.

Other use cases
---------------

  - Nested Virtualization — an operator can specify the Intel 'vmx' or
    AMD 'svm' flags in the level-1 guest (i.e. the guest hypervisor)

  - Ability to use 1GB huge pages with Haswell model as one use case for
    extra flags (thanks: Daniel Berrangé, for mentioning this scenario):

        cpu_model_extra_flags=Haswell
        cpu_model_extra_flags="pdpe1gb"

See original description
Kashyap Chamarthy (kashyapc)
tags: added: libvirt
OpenStack Infra (hudson-openstack)
Changed in nova:
assignee: nobody → Kashyap Chamarthy (kashyapc)
status: New → In Progress
Revision history for this message
Kashyap Chamarthy (kashyapc) wrote :

The (WIP) proposed change: https://review.openstack.org/#/c/534384/ -- libvirt: Allow to specify granular CPU feature flags

Revision history for this message
Kashyap Chamarthy (kashyapc) wrote :

Quoting one quick and simple user benchmark with and without "pcid" feature
flag from 'qemu-devel' mailing list post[1]:

[quote]

    the performance difference is significant:

    no pcid:
    # time for i in $(seq 1 1 50); do du -sx /; done
    ...
    real 0m26.614s
    user 0m17.548s
    sys 0m9.056s

    kvm started with +pcid:
    # time for i in $(seq 1 1 50); do du -sx /; done
    ...
    real 0m14.734s
    user 0m7.755s
    sys 0m6.973s

[/quote]

[1] https://lists.nongnu.org/archive/html/qemu-devel/2018-01/msg01508.html

Kashyap Chamarthy (kashyapc)
description: updated
Kashyap Chamarthy (kashyapc)
Changed in nova:
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Reviewed: https://review.openstack.org/534384
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=6b601b7cf6e7f23077f428353a3a4e81084eb3a1
Submitter: Zuul
Branch: master

commit 6b601b7cf6e7f23077f428353a3a4e81084eb3a1
Author: Kashyap Chamarthy <email address hidden>
Date: Tue Jan 16 17:56:51 2018 +0100

    libvirt: Allow to specify granular CPU feature flags

    The recent "Meltdown" CVE fixes have resulted in a critical performance
    penalty[*] that will impact every Nova guest with certain CPU models.

    I.e. assume you have applied all the "Meltdown" CVE fixes, and performed
    a cold reboot (explicit stop & start) of all Nova guests, for the
    updates to take effect. Now, if any guests that are booted with certain
    named virtual CPU models (e.g. "IvyBridge", "Westmere", etc), then those
    guests, will incur noticeable performance degradation[*], while being
    protected from the CVE itself.

    To alleviate this guest performance impact, it is now important to
    specify an obscure Intel CPU feature flag, 'PCID' (Process-Context ID)
    -- for the virtual CPU models that don't already include it (more on
    this below). To that end, this change will allow Nova to explicitly
    specify CPU feature flags via a new configuration attribute,
    `cpu_model_extra_flags`, e.g. in `nova.conf`:

        ...
        [libvirt]
        cpu_mode = custom
        cpu_model = IvyBridge
        cpu_model_extra_flags = pcid
        ...

    NB: In the first iteration, the choices for `cpu_model_extra_flags` is
    restricted to only 'pcid' (the option is case-insensitive) -- to address
    the earlier mentioned guest performance degradation. A future patch
    will remove this restriction, allowing to add / remove multiple CPU
    feature flags, thus making way for other useful features.

    Some have asked: "Why not simply hardcode the 'PCID' CPU feature flag
    into Nova?" That's not graceful, and more importantly, impractical:

      (1) Not every Intel CPU model has 'PCID':

           - The only Intel CPU models that include the 'PCID' capability
             are: "Haswell", "Broadwell", and "Skylake" variants.

           - The libvirt / QEMU Intel CPU models: "Nehalem", "Westmere",
             "SandyBridge", and "IvyBridge" will *not* expose the 'PCID'
             capability, even if the host CPUs by the same name include it.
             I.e. 'PCID' needs to be explicitly when using the said virtual
             CPU models.

      (2) Magically adding new CPU feature flags under the user's feet
          impacts live migration.

    [*] https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU

    Closes-Bug: #1750829
    Change-Id: I6bb956808aa3df58747c865c92e5b276e61aff44
    BluePrint: libvirt-cpu-model-extra-flags

Changed in nova:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/559700

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/559702

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/queens)

Reviewed: https://review.openstack.org/559700
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=98eb85f29c5f0775de480d5ea2946dcbba85fe8a
Submitter: Zuul
Branch: stable/queens

commit 98eb85f29c5f0775de480d5ea2946dcbba85fe8a
Author: Kashyap Chamarthy <email address hidden>
Date: Tue Jan 16 17:56:51 2018 +0100

    libvirt: Allow to specify granular CPU feature flags

    The recent "Meltdown" CVE fixes have resulted in a critical performance
    penalty[*] that will impact every Nova guest with certain CPU models.

    I.e. assume you have applied all the "Meltdown" CVE fixes, and performed
    a cold reboot (explicit stop & start) of all Nova guests, for the
    updates to take effect. Now, if any guests that are booted with certain
    named virtual CPU models (e.g. "IvyBridge", "Westmere", etc), then those
    guests, will incur noticeable performance degradation[*], while being
    protected from the CVE itself.

    To alleviate this guest performance impact, it is now important to
    specify an obscure Intel CPU feature flag, 'PCID' (Process-Context ID)
    -- for the virtual CPU models that don't already include it (more on
    this below). To that end, this change will allow Nova to explicitly
    specify CPU feature flags via a new configuration attribute,
    `cpu_model_extra_flags`, e.g. in `nova.conf`:

        ...
        [libvirt]
        cpu_mode = custom
        cpu_model = IvyBridge
        cpu_model_extra_flags = pcid
        ...

    NB: In the first iteration, the choices for `cpu_model_extra_flags` is
    restricted to only 'pcid' (the option is case-insensitive) -- to address
    the earlier mentioned guest performance degradation. A future patch
    will remove this restriction, allowing to add / remove multiple CPU
    feature flags, thus making way for other useful features.

    Some have asked: "Why not simply hardcode the 'PCID' CPU feature flag
    into Nova?" That's not graceful, and more importantly, impractical:

      (1) Not every Intel CPU model has 'PCID':

           - The only Intel CPU models that include the 'PCID' capability
             are: "Haswell", "Broadwell", and "Skylake" variants.

           - The libvirt / QEMU Intel CPU models: "Nehalem", "Westmere",
             "SandyBridge", and "IvyBridge" will *not* expose the 'PCID'
             capability, even if the host CPUs by the same name include it.
             I.e. 'PCID' needs to be explicitly when using the said virtual
             CPU models.

      (2) Magically adding new CPU feature flags under the user's feet
          impacts live migration.

    [*] https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU

    Closes-Bug: #1750829
    Change-Id: I6bb956808aa3df58747c865c92e5b276e61aff44
    (cherry picked from commit 6b601b7cf6e7f23077f428353a3a4e81084eb3a1)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/pike)

Reviewed: https://review.openstack.org/559702
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=56350b977e412d59da96a79290d80c6422fa44b1
Submitter: Zuul
Branch: stable/pike

commit 56350b977e412d59da96a79290d80c6422fa44b1
Author: Kashyap Chamarthy <email address hidden>
Date: Tue Jan 16 17:56:51 2018 +0100

    libvirt: Allow to specify granular CPU feature flags

    The recent "Meltdown" CVE fixes have resulted in a critical performance
    penalty[*] that will impact every Nova guest with certain CPU models.

    I.e. assume you have applied all the "Meltdown" CVE fixes, and performed
    a cold reboot (explicit stop & start) of all Nova guests, for the
    updates to take effect. Now, if any guests that are booted with certain
    named virtual CPU models (e.g. "IvyBridge", "Westmere", etc), then those
    guests, will incur noticeable performance degradation[*], while being
    protected from the CVE itself.

    To alleviate this guest performance impact, it is now important to
    specify an obscure Intel CPU feature flag, 'PCID' (Process-Context ID)
    -- for the virtual CPU models that don't already include it (more on
    this below). To that end, this change will allow Nova to explicitly
    specify CPU feature flags via a new configuration attribute,
    `cpu_model_extra_flags`, e.g. in `nova.conf`:

        ...
        [libvirt]
        cpu_mode = custom
        cpu_model = IvyBridge
        cpu_model_extra_flags = pcid
        ...

    NB: In the first iteration, the choices for `cpu_model_extra_flags` is
    restricted to only 'pcid' (the option is case-insensitive) -- to address
    the earlier mentioned guest performance degradation. A future patch
    will remove this restriction, allowing to add / remove multiple CPU
    feature flags, thus making way for other useful features.

    Some have asked: "Why not simply hardcode the 'PCID' CPU feature flag
    into Nova?" That's not graceful, and more importantly, impractical:

      (1) Not every Intel CPU model has 'PCID':

           - The only Intel CPU models that include the 'PCID' capability
             are: "Haswell", "Broadwell", and "Skylake" variants.

           - The libvirt / QEMU Intel CPU models: "Nehalem", "Westmere",
             "SandyBridge", and "IvyBridge" will *not* expose the 'PCID'
             capability, even if the host CPUs by the same name include it.
             I.e. 'PCID' needs to be explicitly when using the said virtual
             CPU models.

      (2) Magically adding new CPU feature flags under the user's feet
          impacts live migration.

    [*] https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU

    Closes-Bug: #1750829
    Change-Id: I6bb956808aa3df58747c865c92e5b276e61aff44
    (cherry picked from commit 6b601b7cf6e7f23077f428353a3a4e81084eb3a1)
    (cherry picked from commit 98eb85f29c5f0775de480d5ea2946dcbba85fe8a)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/ocata)

Fix proposed to branch: stable/ocata
Review: https://review.openstack.org/561168

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 18.0.0.0b1

This issue was fixed in the openstack/nova 18.0.0.0b1 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (stable/ocata)
Download full text (3.2 KiB)

Reviewed: https://review.openstack.org/561168
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=1c6b2fce289b68af92afeddf8d30efcda1903f06
Submitter: Zuul
Branch: stable/ocata

commit 1c6b2fce289b68af92afeddf8d30efcda1903f06
Author: Kashyap Chamarthy <email address hidden>
Date: Tue Jan 16 17:56:51 2018 +0100

    libvirt: Allow to specify granular CPU feature flags

    The recent "Meltdown" CVE fixes have resulted in a critical performance
    penalty[*] that will impact every Nova guest with certain CPU models.

    I.e. assume you have applied all the "Meltdown" CVE fixes, and performed
    a cold reboot (explicit stop & start) of all Nova guests, for the
    updates to take effect. Now, if any guests that are booted with certain
    named virtual CPU models (e.g. "IvyBridge", "Westmere", etc), then those
    guests, will incur noticeable performance degradation[*], while being
    protected from the CVE itself.

    To alleviate this guest performance impact, it is now important to
    specify an obscure Intel CPU feature flag, 'PCID' (Process-Context ID)
    -- for the virtual CPU models that don't already include it (more on
    this below). To that end, this change will allow Nova to explicitly
    specify CPU feature flags via a new configuration attribute,
    `cpu_model_extra_flags`, e.g. in `nova.conf`:

        ...
        [libvirt]
        cpu_mode = custom
        cpu_model = IvyBridge
        cpu_model_extra_flags = pcid
        ...

    NB: In the first iteration, the choices for `cpu_model_extra_flags` is
    restricted to only 'pcid' (the option is case-insensitive) -- to address
    the earlier mentioned guest performance degradation. A future patch
    will remove this restriction, allowing to add / remove multiple CPU
    feature flags, thus making way for other useful features.

    Some have asked: "Why not simply hardcode the 'PCID' CPU feature flag
    into Nova?" That's not graceful, and more importantly, impractical:

      (1) Not every Intel CPU model has 'PCID':

           - The only Intel CPU models that include the 'PCID' capability
             are: "Haswell", "Broadwell", and "Skylake" variants.

           - The libvirt / QEMU Intel CPU models: "Nehalem", "Westmere",
             "SandyBridge", and "IvyBridge" will *not* expose the 'PCID'
             capability, even if the host CPUs by the same name include it.
             I.e. 'PCID' needs to be explicitly when using the said virtual
             CPU models.

      (2) Magically adding new CPU feature flags under the user's feet
          impacts live migration.

    [*] https://groups.google.com/forum/m/#!topic/mechanical-sympathy/L9mHTbeQLNU

    Conflicts:
            nova/virt/libvirt/driver.py

    NOTE(lyarwood): The above is a trivial warning log translation conflict
    required prior to stable/pike.

    Closes-Bug: #1750829
    Change-Id: I6bb956808aa3df58747c865c92e5b276e61aff44
    (cherry picked from commit 6b601b7cf6e7f23077f428353a3a4e81084eb3a1)
    (cherry picked from commit 98eb85f29c5f0775de480d5ea2946dcbba85fe8a)
    (cherry picked from commit 56350b977...

Read more...

tags: added: in-stable-ocata
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 16.1.2

This issue was fixed in the openstack/nova 16.1.2 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 17.0.3

This issue was fixed in the openstack/nova 17.0.3 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (master)

Reviewed: https://review.openstack.org/565043
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=8e438eda9bb16cdd3b627b93da2435572275b921
Submitter: Zuul
Branch: master

commit 8e438eda9bb16cdd3b627b93da2435572275b921
Author: Kashyap Chamarthy <email address hidden>
Date: Sat Apr 28 18:55:25 2018 +0200

    libvirt: Make `cpu_model_extra_flags` case-insensitive for real

    When we introduced `cpu_model_extra_flags` config attribute (in
    commit: 6b601b7 -- "libvirt: Allow to specify granular CPU feature
    flags"), we said it was case-insensitive; but unfortunately I missed to
    _really_ make it so (despite proposing code for it in one of the
    revisions).

    Address that mistake by making `cpu_model_extra_flags` case-insensitive
    for real, from Nova's point of view.

    NB: Internally, this patch is normalizing 'extra_flags' to _lower_
    casing -- because CPU flags _must_ be lower case from libvirt's point of
    view. Nova must honour that; otherwise, launching instances with an
    upper case CPU flag, 'FOO', will fail with: "libvirtError: internal
    error: Unknown CPU feature FOO".

    Related-Bug: #1750829
    Change-Id: Ia7ff0566a5109c76c009f3a0c6199c4ba419cfb1
    Reported-by: Daniel P. Berrangé <email address hidden>
    Signed-off-by: Kashyap Chamarthy <email address hidden>

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to nova (stable/queens)

Related fix proposed to branch: stable/queens
Review: https://review.openstack.org/565668

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to nova (stable/pike)

Related fix proposed to branch: stable/pike
Review: https://review.openstack.org/565670

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to nova (stable/ocata)

Related fix proposed to branch: stable/ocata
Review: https://review.openstack.org/565672

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/nova 15.1.1

This issue was fixed in the openstack/nova 15.1.1 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/queens)

Reviewed: https://review.openstack.org/565668
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=f9ab466c6d9bb657409356f29139a9edfbb98747
Submitter: Zuul
Branch: stable/queens

commit f9ab466c6d9bb657409356f29139a9edfbb98747
Author: Kashyap Chamarthy <email address hidden>
Date: Sat Apr 28 18:55:25 2018 +0200

    libvirt: Make `cpu_model_extra_flags` case-insensitive for real

    When we introduced `cpu_model_extra_flags` config attribute (in
    commit: 6b601b7 -- "libvirt: Allow to specify granular CPU feature
    flags"), we said it was case-insensitive; but unfortunately I missed to
    _really_ make it so (despite proposing code for it in one of the
    revisions).

    Address that mistake by making `cpu_model_extra_flags` case-insensitive
    for real, from Nova's point of view.

    NB: Internally, this patch is normalizing 'extra_flags' to _lower_
    casing -- because CPU flags _must_ be lower case from libvirt's point of
    view. Nova must honour that; otherwise, launching instances with an
    upper case CPU flag, 'FOO', will fail with: "libvirtError: internal
    error: Unknown CPU feature FOO".

    Related-Bug: #1750829
    Change-Id: Ia7ff0566a5109c76c009f3a0c6199c4ba419cfb1
    Reported-by: Daniel P. Berrangé <email address hidden>
    Signed-off-by: Kashyap Chamarthy <email address hidden>
    (cherry picked from commit 8e438eda9bb16cdd3b627b93da2435572275b921)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/pike)

Reviewed: https://review.openstack.org/565670
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=efa26e8dc24b5e828447fb78d0f54004054ae8b9
Submitter: Zuul
Branch: stable/pike

commit efa26e8dc24b5e828447fb78d0f54004054ae8b9
Author: Kashyap Chamarthy <email address hidden>
Date: Sat Apr 28 18:55:25 2018 +0200

    libvirt: Make `cpu_model_extra_flags` case-insensitive for real

    When we introduced `cpu_model_extra_flags` config attribute (in
    commit: 6b601b7 -- "libvirt: Allow to specify granular CPU feature
    flags"), we said it was case-insensitive; but unfortunately I missed to
    _really_ make it so (despite proposing code for it in one of the
    revisions).

    Address that mistake by making `cpu_model_extra_flags` case-insensitive
    for real, from Nova's point of view.

    NB: Internally, this patch is normalizing 'extra_flags' to _lower_
    casing -- because CPU flags _must_ be lower case from libvirt's point of
    view. Nova must honour that; otherwise, launching instances with an
    upper case CPU flag, 'FOO', will fail with: "libvirtError: internal
    error: Unknown CPU feature FOO".

    Related-Bug: #1750829
    Change-Id: Ia7ff0566a5109c76c009f3a0c6199c4ba419cfb1
    Reported-by: Daniel P. Berrangé <email address hidden>
    Signed-off-by: Kashyap Chamarthy <email address hidden>
    (cherry picked from commit 8e438eda9bb16cdd3b627b93da2435572275b921)
    (cherry picked from commit f9ab466c6d9bb657409356f29139a9edfbb98747)

tags: added: in-stable-pike
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/ocata)

Reviewed: https://review.openstack.org/565672
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=691ffcfe93c56efba44230c65884118dbd9f89af
Submitter: Zuul
Branch: stable/ocata

commit 691ffcfe93c56efba44230c65884118dbd9f89af
Author: Kashyap Chamarthy <email address hidden>
Date: Sat Apr 28 18:55:25 2018 +0200

    libvirt: Make `cpu_model_extra_flags` case-insensitive for real

    When we introduced `cpu_model_extra_flags` config attribute (in
    commit: 6b601b7 -- "libvirt: Allow to specify granular CPU feature
    flags"), we said it was case-insensitive; but unfortunately I missed to
    _really_ make it so (despite proposing code for it in one of the
    revisions).

    Address that mistake by making `cpu_model_extra_flags` case-insensitive
    for real, from Nova's point of view.

    NB: Internally, this patch is normalizing 'extra_flags' to _lower_
    casing -- because CPU flags _must_ be lower case from libvirt's point of
    view. Nova must honour that; otherwise, launching instances with an
    upper case CPU flag, 'FOO', will fail with: "libvirtError: internal
    error: Unknown CPU feature FOO".

    Related-Bug: #1750829
    Change-Id: Ia7ff0566a5109c76c009f3a0c6199c4ba419cfb1
    Reported-by: Daniel P. Berrangé <email address hidden>
    Signed-off-by: Kashyap Chamarthy <email address hidden>
    (cherry picked from commit 8e438eda9bb16cdd3b627b93da2435572275b921)
    (cherry picked from commit f9ab466c6d9bb657409356f29139a9edfbb98747)
    (cherry picked from commit efa26e8dc24b5e828447fb78d0f54004054ae8b9)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/569442

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to nova (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/569449

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/queens)

Reviewed: https://review.openstack.org/570271
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=a27ea0f9100d0061c1cf3b20407095d3cd04df26
Submitter: Zuul
Branch: stable/queens

commit a27ea0f9100d0061c1cf3b20407095d3cd04df26
Author: Dan Smith <email address hidden>
Date: Wed May 23 15:21:38 2018 -0700

    Add ssbd and virt-ssbd flags to cpu_model_extra_flags whitelist

    This adds two other flags to the whitelist of available options to
    the cpu_model_extra_flags variable related to further variants of
    Meltdown/Spectre recently published.

    Related-Bug: #1750829
    Change-Id: I72085016c8756ff88a4da722368f62359bcd7080

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to nova (stable/pike)

Related fix proposed to branch: stable/pike
Review: https://review.openstack.org/570513

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to nova (stable/ocata)

Related fix proposed to branch: stable/ocata
Review: https://review.openstack.org/570514

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on nova (stable/queens)

Change abandoned by Kashyap Chamarthy (<email address hidden>) on branch: stable/queens
Review: https://review.openstack.org/569442

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/pike)

Reviewed: https://review.openstack.org/570513
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=27bacacdd8a3741cfbd7e14a4ea50713c5e1d9e5
Submitter: Zuul
Branch: stable/pike

commit 27bacacdd8a3741cfbd7e14a4ea50713c5e1d9e5
Author: Dan Smith <email address hidden>
Date: Wed May 23 15:21:38 2018 -0700

    Add ssbd and virt-ssbd flags to cpu_model_extra_flags whitelist

    This adds two other flags to the whitelist of available options to
    the cpu_model_extra_flags variable related to further variants of
    Meltdown/Spectre recently published.

    Related-Bug: #1750829
    Change-Id: I72085016c8756ff88a4da722368f62359bcd7080
    (cherry picked from commit a27ea0f9100d0061c1cf3b20407095d3cd04df26)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to nova (stable/ocata)

Reviewed: https://review.openstack.org/570514
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=c18cd38d4d72524c55b4ad3bfa8d9ed5e6b44caf
Submitter: Zuul
Branch: stable/ocata

commit c18cd38d4d72524c55b4ad3bfa8d9ed5e6b44caf
Author: Dan Smith <email address hidden>
Date: Wed May 23 15:21:38 2018 -0700

    Add ssbd and virt-ssbd flags to cpu_model_extra_flags whitelist

    This adds two other flags to the whitelist of available options to
    the cpu_model_extra_flags variable related to further variants of
    Meltdown/Spectre recently published.

    Related-Bug: #1750829
    Change-Id: I72085016c8756ff88a4da722368f62359bcd7080
    (cherry picked from commit a27ea0f9100d0061c1cf3b20407095d3cd04df26)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on nova (stable/pike)

Change abandoned by Matt Riedemann (<email address hidden>) on branch: stable/pike
Review: https://review.openstack.org/569449

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-nova-compute (master)

Reviewed: https://review.openstack.org/581730
Committed: https://git.openstack.org/cgit/openstack/charm-nova-compute/commit/?id=1700603b0dd257cd934e5a39aea6b571f9d29c94
Submitter: Zuul
Branch: master

commit 1700603b0dd257cd934e5a39aea6b571f9d29c94
Author: Chris MacNaughton <email address hidden>
Date: Wed Jul 11 15:01:17 2018 +0200

    Add configuration for cpu model flags

    Change-Id: Ia26d0f2d4f540dd5b35743d0348aa6e2b8ab1954
    Closes-Bug: #1750829

Changed in charm-nova-compute:
status: New → Fix Committed
Frode Nordahl (fnordahl)
Changed in charm-nova-compute:
assignee: nobody → Chris MacNaughton (chris.macnaughton)
importance: Undecided → Medium
milestone: none → 18.08
David Ames (thedac)
Changed in charm-nova-compute:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.