Hi, On 2026-01-19 17:01, Fiona Ebner wrote:
NOTE: Needs to still be tested on an actually affected system!
I tested both patches with the kernel 6.17.9 on my affected system (Ryzen 9 9900X, Gigabyte X870 AORUS ELITE WIFI7, Firmware-Version: F8). Without the patches I get this error with kernel 6.17.9 when using CPU type 'EPYC': kvm: warning: host doesn't support requested feature: CPUID[eax=07h,ecx=00h].EBX.rdseed [bit 18] kvm: Host doesn't support requested features TASK ERROR: start failed: QEMU exited with code 1 With the patches applied I get the same error with more context: kvm: warning: host doesn't support requested feature: CPUID[eax=07h,ecx=00h].EBX.rdseed [bit 18] WARN: On Zen 5 systems, the rdseed CPU flag might not be available when the CPU firmware is outdated. See: https://security-tracker.debian.org/tracker/CVE-2025-62626 https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysadmin_firmware_cpu kvm: Host doesn't support requested features TASK ERROR: start failed: QEMU exited with code 1 Tested-by: Markus Frank <[email protected]>
With the 6.17.9 kernel, the rdseed feature bit is not available for some Zen 5 host CPUs anymore unless the firmware is new enough. QEMU will complain about the missing feature bit upon VM start. Add some context to the QEMU error message if the host is Zen 5 (or 6, same CPU family number, but the warning message already states 'Zen 5' explicitly and probably the feature bit won't be missing in the first place). pve-common: Fiona Ebner (1): procfs tools: cpuinfo: also return CPU vendor and family src/PVE/ProcFSTools.pm | 6 ++++++ 1 file changed, 6 insertions(+) qemu-server: Fiona Ebner (1): vm start: catch outdated Zen 5 firmware src/PVE/QemuServer.pm | 13 +++++++++++++ 1 file changed, 13 insertions(+) Summary over all repositories: 2 files changed, 19 insertions(+), 0 deletions(-)
_______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
