You have been subscribed to a public bug: ---Problem Description--- 4.15.0-17-generic #18-Ubuntu introduces newer knob to control enabling rfi_flush to mitigate meltdown/spectre which is set to disable by default for guest instead of enable.
#cat /sys/kernel/debug/powerpc/rfi_flush 0 --------------------------------------------------------------NOK Expected: /sys/kernel/debug/powerpc/rfi_flush should be 1 bydefault if guest has the capability to mitigate. ---uname output--- Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux ---Additional Hardware Info--- power9 boston 2.2 (pvr 004e 1202), power8 tuleta 2.1 (pvr 004b 0201) Machine Type = power9 boston 2.2 (pvr 004e 1202), power8 tuleta 2.1 (pvr 004b 0201) ---Steps to Reproduce--- Pre-requite: FW version- power9 boston: SUPERMICRO-P9DSU-V1.10-20180413-imp (that supports mitigation) power8 tuleta: fips861/b0320a_1812.861 (that supports mitigation) Host: 4.15.0-17-generic #18-Ubuntu qemu: 1:2.11+dfsg-1ubuntu6 Guest: 4.15.0-17-generic #18-Ubuntu Results of Power9 Host: ++++++++++++++++++ 1) Boot a ubuntu 18.04 guest with latest kernel(4.15.0-17-generic #18) with pseries-bionic-sxxm machine type, it boots with "no flush" i.e /sys/kernel/debug/powerpc/rfi_flush = 0 which leads to below failure in (l1d flush - syscall) unit test for meltdown. # make tests ========= Machine details from dmesg: dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush [ 0.000000] Using pSeries machine description [ 0.000000] rfi-flush: fallback displacement flush available [ 0.000000] rfi-flush: ori type flush available [ 0.000000] rfi-flush: mttrig type flush available [ 0.000000] rfi-flush: patched 9 locations (no flush) ========= Running tests... Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000071 branches, 10000006 branch misses) Testing mitigation for meltdown (l1d flush - syscall)... FAIL (132523 misses, 192000000 expected) [10/10 failures] Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8) # uname -a Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux 2) Once we enable rfi_flush i.e. /sys/kernel/debug/powerpc/rfi_flush = 1 manually the tests are passing fine, #echo 1 > /sys/kernel/debug/powerpc/rfi_flush # cat /sys/kernel/debug/powerpc/rfi_flush 1 # make tests ========= Machine details from dmesg: dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush [ 0.000000] Using pSeries machine description [ 0.000000] rfi-flush: fallback displacement flush available [ 0.000000] rfi-flush: ori type flush available [ 0.000000] rfi-flush: mttrig type flush available [ 0.000000] rfi-flush: patched 9 locations (no flush) [ 1502.627548] rfi-flush: patched 9 locations (ori+mttrig type flush) ========= Running tests... Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000074 branches, 10000010 branch misses) Testing mitigation for meltdown (l1d flush - syscall)... PASS (196010325 misses, 192000000 expected) [10/10 pass] Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8) Results of Power8 Host: +++++++++++++++++++ 1) #cat /sys/kernel/debug/powerpc/rfi_flush 0 # make tests ========= Machine details from dmesg: dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush [ 0.000000] Using pSeries machine description [ 0.000000] rfi-flush: fallback displacement flush available [ 0.000000] rfi-flush: patched 9 locations (no flush) ========= Running tests... Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000066 branches, 10000010 branch misses) Testing mitigation for meltdown (l1d flush - syscall)... FAIL (150100 misses, 192000000 expected) [10/10 failures] Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8) 2) #echo 1 > /sys/kernel/debug/powerpc/rfi_flush #cat /sys/kernel/debug/powerpc/rfi_flush 1 # make tests ========= Machine details from dmesg: dmesg | grep -e 'pSeries machine' -e 'OPAL detected' -e rfi-fixups -e rfi-flush [ 0.000000] Using pSeries machine description [ 0.000000] rfi-flush: fallback displacement flush available [ 0.000000] rfi-flush: patched 9 locations (no flush) [ 243.736201] rfi-flush: patched 9 locations (fallback displacement flush) ========= Running tests... Testing mitigation for spectre (ii. indirect branch prediction)... PASS (20000054 branches, 10000008 branch misses) Testing mitigation for meltdown (l1d flush - syscall)... PASS (195105463 misses, 192000000 expected) [10/10 pass] Testing mitigation for meltdown (l1d flush - userspace)... SKIP (!power8) # uname -a Linux ubuntu 4.15.0-17-generic #18-Ubuntu SMP Mon Apr 16 21:16:36 UTC 2018 ppc64le ppc64le ppc64le GNU/Linux == Breno Leitao == Patch sent to the mailing list already: https://lists.ubuntu.com/archives/kernel-team/2018-April/091789.html ** Affects: linux (Ubuntu) Importance: Undecided Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) Status: New ** Tags: architecture-ppc64le bugnameltc-166922 severity-critical targetmilestone-inin1804 -- [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel: meltdown: rfi/fallback displacement flush not enabled bydefault (kvm) https://bugs.launchpad.net/bugs/1765429 You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
