Ubuntu
qemu package

Merge ~paelzer/ubuntu/+source/qemu:lp1776189-hpb-cosmic into ubuntu/+source/qemu:ubuntu/devel

  1. Git
  2. lp:~paelzer/ubuntu/+source/qemu
  3. lp1776189-hpb-cosmic
  4. Merge into ubuntu/devel
Proposed by Christian Ehrhardt 
Status: Merged
Merge reported by: Christian Ehrhardt 
Merged at revision: 08298f5a70c959fb7b4f16b3e99faf65d5733ef1
Proposed branch: ~paelzer/ubuntu/+source/qemu:lp1776189-hpb-cosmic
Merge into: ubuntu/+source/qemu:ubuntu/devel
Diff against target: 176 lines (+146/-0)
4 files modified
debian/changelog (+8/-0)
debian/patches/series (+1/-0)
debian/patches/ubuntu/machine-type-hpb.patch (+88/-0)
debian/qemu-system-x86.NEWS (+49/-0)
Reviewer Review Type Date Requested Status
Robie Basak Approve
Ryan Harper Pending
Canonical Server packageset reviewers Pending
Canonical Server Pending
Review via email: mp+347801@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This can be tested from PPA [1]
and was Regression tested against the functionally equal (other type names) [2]

Initially implemented for the bug, then adapted for our discussion around naming.
Finally regression tests found an issue in the type aliasing that was fixed as well.

Example without the new type using more than 1TB of memory:
The guest starts up a while, but when initializing memory it crashes and the guest log will show:
KVM internal error. Suberror: 1
emulation failure
RAX=0000000000000000 RBX=0000000000000046 RCX=0000000000000000 RDX=00000000000003f4
...

With the new type set (e.g. via virsh edit) the guest works.

[1]: https://launchpad.net/~canonical-server/+archive/ubuntu/large-virt
[2]: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3284

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Added the planned NEWS file, now ready for review.

Revision history for this message
Robie Basak (racb) wrote :

Looks good, thanks. I appreciate the detailed description and rationale included. A few minor inline comments.

The patch itself I'm not confident in reviewing myself in detail as I'm not familiar with qemu internals. It looks reasonable to me though, and doesn't look like it'll impact anything else as it's adding a new type rather than making changes to anything existing. I did try to compare to RH's patch but as that one changes an existing machine type it is rather different.

Maybe get Ryan to review the qemu patch, if time permits?

Revision history for this message
Robie Basak (racb) :
review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

It was all a nice thought with the "+" sign.
But it is not allowed in all layers of the stack above as machine type.

So changing this to be a - as it was before.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

MP here updated to have the "-" based diff now, no other changes, so not resetting the former ack.

Revision history for this message
Ryan Harper (raharper) wrote :

Couple of nits in-line.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Adressed Ryans Nits and pushed again.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Agreed on IRC to consider ryan as an ack after Nits were adressed.
This is merged now, setting status accordingly.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index c5f3553..6922757 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
1qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
2
3 * d/p/ubuntu/machine-type-hpb.patch: add -hpb machine type
4 for host-phys-bits=true (LP: #1776189)
5 - add an info about this change in debian/qemu-system-x86.NEWS
6
7 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:01:00 +0200
8
1qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium9qemu (1:2.11+dfsg-1ubuntu10) cosmic; urgency=medium
210
3 * SECURITY UPDATE: Speculative Store Bypass11 * SECURITY UPDATE: Speculative Store Bypass
diff --git a/debian/patches/series b/debian/patches/series
index 02b853f..b43c1d8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -37,3 +37,4 @@ ubuntu/CVE-2018-7858.patch
37ubuntu/CVE-2018-3639/0001-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch37ubuntu/CVE-2018-3639/0001-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch
38ubuntu/CVE-2018-3639/0002-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch38ubuntu/CVE-2018-3639/0002-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch
39ubuntu/CVE-2018-3639/0003-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch39ubuntu/CVE-2018-3639/0003-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch
40ubuntu/machine-type-hpb.patch
diff --git a/debian/patches/ubuntu/machine-type-hpb.patch b/debian/patches/ubuntu/machine-type-hpb.patch
40new file mode 10064441new file mode 100644
index 0000000..45316ce
--- /dev/null
+++ b/debian/patches/ubuntu/machine-type-hpb.patch
@@ -0,0 +1,88 @@
1Description: Add a -hpb Ubuntu specific machine type suffix
2
3This works already fine on commandline, but Libvirt and other stacks above
4have no exploitation yet. Using a machine type has the benefit of being already
5controllable by most upper layer software like Libvirt (type= in os tag) but
6even up to Openstack (nova.conf or per image metadata on hw_machine_type).
7
8This is based on a discussion:
9 https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1769053
10
11A similar change is in CentOS/RH (there the default is switched, without
12even a way to go back.
13But since this can cause issues e.g. when migrating
14across hosts with different characteristics, it is not set as the default
15in Ubuntu with this change.
16
17Further we want to avoid "machine type proliferation", so we certainly won't
18add a type for every feature. But using a huge guest is more common and
19otherwise not yet achievable.
20
21This can be dropped when:
22 - libvirt exposes phys-bits/host-phys-bits natively
23 - at least the important stacks above exploit that config
24As an alternative we might decide at some point to make it the default without
25a way to switch back in following releases, but for now we don't want to do so.
26
27Forwarded: not-needed
28Forward-info: downstream decision
29Author: Christian Ehrhardt <christian.ehrhardt@canonical.com>
30Origin: http://mirrors.ibiblio.org/ovirt/pub/ovirt-4.0/src/qemu-kvm-ev/kvm-target-i386-Enable-host-phys-bits-on-RHEL.patch
31Bug-Ubuntu: https://bugs.launchpad.net/bugs/1776189
32Last-Update: 2018-06-06
33
34--- a/hw/i386/pc_piix.c
35+++ b/hw/i386/pc_piix.c
36@@ -1181,6 +1181,16 @@ static void pc_bionic_machine_options(Ma
37 DEFINE_I440FX_MACHINE(bionic, "pc-i440fx-bionic", NULL,
38 pc_bionic_machine_options);
39
40+static void pc_bionic_hpb_machine_options(MachineClass *m)
41+{
42+ pc_i440fx_2_11_machine_options(m);
43+ m->desc = "Ubuntu 18.04 PC (i440FX + PIIX, +host-phys-bits=true, 1996)";
44+ m->alias = NULL;
45+ SET_MACHINE_COMPAT(m, PC_HOST_PHYS_BITS_TRUE);
46+}
47+DEFINE_I440FX_MACHINE(bionic_hpb, "pc-i440fx-bionic-hpb", NULL,
48+ pc_bionic_hpb_machine_options);
49+
50 /*
51 * Due to bug 1621042 we have to consider the broken old wily machine
52 * type as valid xenial type to ensure older VMs that got created prio
53--- a/hw/i386/pc_q35.c
54+++ b/hw/i386/pc_q35.c
55@@ -432,3 +432,14 @@ static void pc_q35_bionic_machine_option
56 }
57 DEFINE_Q35_MACHINE(bionic, "pc-q35-bionic", NULL,
58 pc_q35_bionic_machine_options);
59+
60+static void pc_q35_bionic_hpb_machine_options(MachineClass *m)
61+{
62+ pc_q35_2_11_machine_options(m);
63+ m->desc = "Ubuntu 18.04 PC (Q35 + ICH9, +host-phys-bits=true, 2009)";
64+ /* The ubuntu alias and default is on the i440fx type */
65+ m->alias = NULL;
66+ SET_MACHINE_COMPAT(m, PC_HOST_PHYS_BITS_TRUE);
67+}
68+DEFINE_Q35_MACHINE(bionic_hpb, "pc-q35-bionic-hpb", NULL,
69+ pc_q35_bionic_hpb_machine_options);
70--- a/include/hw/i386/pc.h
71+++ b/include/hw/i386/pc.h
72@@ -1002,5 +1002,16 @@ bool e820_get_entry(int, uint32_t, uint6
73 } \
74 type_init(pc_machine_init_##suffix)
75
76+/* This switches the host-phys-bits property default to true which will
77+ * allow to run rather huge guests at the price of reduced migratability
78+ * between rather different hosts.
79+ */
80+#define PC_HOST_PHYS_BITS_TRUE \
81+ { \
82+ .driver = TYPE_X86_CPU,\
83+ .property = "host-phys-bits",\
84+ .value = "on",\
85+ },
86+
87 extern void igd_passthrough_isa_bridge_create(PCIBus *bus, uint16_t gpu_dev_id);
88 #endif
diff --git a/debian/qemu-system-x86.NEWS b/debian/qemu-system-x86.NEWS
index 0f1e44b..c158a3b 100644
--- a/debian/qemu-system-x86.NEWS
+++ b/debian/qemu-system-x86.NEWS
@@ -1,3 +1,52 @@
1qemu (1:2.11+dfsg-1ubuntu11) cosmic; urgency=medium
2
3 Summary:
4 Adding new Ubuntu machine types with -hpb suffix to allow users to run
5 guests >1TB using the qemu host-phys-bits setting. If a cpu provides more
6 physical adressing bits than the default virtual 40 one can drive larger
7 guests by setting host-phys-bits. Using a machine type to do so allows to
8 control this through libvirt and higher virt stack components as of today.
9
10 Details:
11 Currently the virtualization stack has the feature to run guests bigger than
12 one Terabyte, but lacks the means to express and configure that easily.
13
14 Qemu provides phys-bits and host-phys-bits attributes on the -cpu parameter.
15 But due to the fact that higher layers do not expose any configuration for it
16 this feature is so far restricted to qemu commandline users or manual tweaks.
17
18 Long term we want to see libvirt exposing configuration for that and higher
19 layers to exploit it, see https://bugs.launchpad.net/bugs/1769053
20
21 But Ubuntu users ask for a way to configure guests like that right now.
22 To do so we provide a new Ubuntu specific machine type that matches the
23 usual Ubuntu machine type but with host-phys-bits switched on.
24
25 To express in their short names that they are like the base type but plus
26 HostPhysBits turned on they have a -hpb suffix on the usual shortname.
27 - pc-i440fx-bionic-hpb
28 - pc-q35-bionic-hpb
29 And they also list "+host-phys-bits=true" in their description.
30
31 The drawback using this type in an uncontrolled environment, is that you
32 might run into trouble migrating between systems of different hardware
33 characteristics (if the target CPU is not able to handle that many
34 phys-bits). This also is the main reason why we didn't want to make it the
35 default for everyone just yet.
36
37 Since machine type is rather old higher stacks often expose a configuration
38 for it, here for example links in regard to OpenStack:
39 1. Global via nova config:
40 https://docs.openstack.org/nova/pike/configuration/config.html
41 2. Per image via metadata:
42 https://docs.openstack.org/image-guide/image-metadata.html
43
44 The intention is to provide such kind of types until we either decide that
45 it is safe enough to switch it on by default (no extra type) or once libvirt
46 and higher stacks can control (host-)phys-bits directly.
47
48 -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 12 Jun 2018 09:28:17 +0200
49
1qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=low50qemu (1:2.8+dfsg-2ubuntu1) zesty; urgency=low
251
3 The ubuntu specific machine types for Trusty, Utopic and Vivid had a bug in52 The ubuntu specific machine types for Trusty, Utopic and Vivid had a bug in

Subscribers

People subscribed via source and target branches