Recently a kernel bug caused QEMU to report a CPU feature as enabled
while listing it in the "unavailable-features" list of features that
were requested, but could not be enabled. The feature was actually
enabled, but we marked it as disabled when starting a domain. Later when
the domain is migrated, the destination requests the feature to be
disabled, which breaks the guest ABI or if we are lucky QEMU just fails
to load the migration stream.
Let's make similar bugs more visible in the future by refusing to even
start the domain.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
---
src/cpu/cpu_x86.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index 6b2531b360..e8409ce616 100644
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -3019,6 +3019,14 @@ virCPUx86UpdateLive(virCPUDef *cpu,
x86DataIsSubset(&modelDisabled->data, &feature->data))
expected = VIR_CPU_FEATURE_DISABLE;
+ if (x86DataIsSubset(&enabled, &feature->data) &&
+ x86DataIsSubset(&disabled, &feature->data)) {
+ virReportError(VIR_ERR_OPERATION_FAILED,
+ _("hypervisor provided conflicting CPU data: feature '%1$s' is both enabled and disabled at the same time"),
+ feature->name);
+ return -1;
+ }
+
if (expected == VIR_CPU_FEATURE_DISABLE &&
x86DataIsSubset(&enabled, &feature->data)) {
VIR_DEBUG("Feature '%s' enabled by the hypervisor", feature->name);
--
2.44.0
_______________________________________________
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-leave@lists.libvirt.org