Backport T2S/T2CL template fix to v1.3 #3937
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We updated the fingerprint files in PR firecracker-microvm#3813, since Intel microcode release (microcode-20230512) changed to set IA32_ARCH_CAPABILITIES.RRSBA (bit 19) to 1 on Intel CascadeLake CPU. The mitigation itself is already in place which is eIBRS. Since the kernel enables eIBRS by default using SPECTRE_V2_EIBRS mode regardless of the IA32_ARCH_CAPABILITIES.RRSBA bit, hosts and guests should not get impacted by this change. However, it has a role to inform softwares whether the part has the RRSBA behavior. The T2S template has set it to 0 explicitly before, but this commit changes to set it to 1 so that guest kernels and applications can know that the processor has the RRSBA behavior. The reason why it sets the bit to 1 instead of passing through it from the host is that it aims to provide the ability to securely migrate snapshots between Intel Skylake and Intel CascadeLake. Signed-off-by: Takahiro Itazuri <itazur@amazon.com>
roypat
previously approved these changes
Jul 5, 2023
zulinx86
force-pushed
the
backport-v1.3
branch
3 times, most recently
from
fba3a94 to
a8fc839
Compare
We updated the fingerprint files in PR firecracker-microvm#3813, since Intel microcode release (microcode-20230512) changed to set IA32_ARCH_CAPABILITIES.RRSBA (bit 19) to 1 on Intel CascadeLake CPU. The mitigation itself is already in place which is eIBRS. Since the kernel enables eIBRS by default using SPECTRE_V2_EIBRS mode regardless of the IA32_ARCH_CAPABILITIES.RRSBA bit, hosts and guests should not get impacted by this change. However, it has a role to inform softwares whether the part has the RRSBA behavior. The T2CL template has set the RRSBA bit to 0 explicitly before, but this commit changes to pass through the bit from the host so that guest kernels and applications can know that the processor has the RRSBA behavior. The reason why it passes through the bit from the host opposed to the T2S template is that the T2CL template is not designed to allow snapshot migration between different CPU models. In addition to the RRSBA bit, this comit also changes to pass through the RSBA bit, as it is safer to let guest know these informative bits of the host CPU than to overwrite them with templates. Signed-off-by: Takahiro Itazuri <itazur@amazon.com>
m6a.metal tests have been timing out due to too many different combinations of firecracker versions being tested in the snapshot tests. Signed-off-by: Patrick Roy <roypat@amazon.co.uk>
Removing as it is a microbenchmark and not representative or a real workload. If there is a performance regression on this piece, the snapshot/restore should be able to detect it. Signed-off-by: Pablo Barbáchano <pablob@amazon.com>
zulinx86
added
the
Status: Awaiting review
roypat
approved these changes
Jul 5, 2023
kalyazin
approved these changes
Jul 5, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
Reason
An Intel microcode update set IA32_ARCH_CAPABILITIES.RRSBA to 1 on CascadeLake, which requires T2S/T2CL templates to be revised since they overwrite these bits.
License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following
Developer Certificate of Origin and signing off your commits, please check
CONTRIBUTING.md.PR Checklist
[ ] If a specific issue led to this PR, this PR closes the issue.[ ] Any required documentation changes (code and docs) are included in this PR.[ ] API changes follow the Runbook for Firecracker API changes.CHANGELOG.md.[ ] NewTODOs link to an issue.rust-vmm.