Suppress test warnings about missing Spectre/Meltdown mitigations with TCG

The new pseries-4.0 machine type defaults to enabling Spectre/Meltdown
mitigations.  Unfortunately those mitigations aren't implemented for TCG
because we're not yet sure if they're necessary or how to implement them.
We don't fail fatally, but we do warn in this case, because it is quite
plausible that Spectre/Meltdown can be exploited through TCG (at least for
the guest to get access to the qemu address space).

This create noise in our testcases though.  So, modify the affected tests
to explicitly disable the mitigations to suppress these warnings.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
David Gibson 2019-03-12 16:07:14 +11:00
parent ce2918cbc3
commit ba3b40de42
3 changed files with 27 additions and 9 deletions

View File

@ -100,7 +100,9 @@ static testdef_t tests[] = {
{ "ppc64", "ppce500", "", "U-Boot" }, { "ppc64", "ppce500", "", "U-Boot" },
{ "ppc64", "40p", "-m 192", "Memory: 192M" }, { "ppc64", "40p", "-m 192", "Memory: 192M" },
{ "ppc64", "mac99", "", "PowerPC,970FX" }, { "ppc64", "mac99", "", "PowerPC,970FX" },
{ "ppc64", "pseries", "", "Open Firmware" }, { "ppc64", "pseries",
"-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken",
"Open Firmware" },
{ "ppc64", "powernv", "-cpu POWER8", "OPAL" }, { "ppc64", "powernv", "-cpu POWER8", "OPAL" },
{ "ppc64", "sam460ex", "-device e1000", "8086 100e" }, { "ppc64", "sam460ex", "-device e1000", "8086 100e" },
{ "i386", "isapc", "-cpu qemu32 -device sga", "SGABIOS" }, { "i386", "isapc", "-cpu qemu32 -device sga", "SGABIOS" },

View File

@ -44,11 +44,18 @@ static void check_guest_memory(QTestState *qts)
static void test_machine(const void *machine) static void test_machine(const void *machine)
{ {
const char *extra_args; const char *extra_args = "";
QTestState *qts; QTestState *qts;
/* The pseries firmware boots much faster without the default devices */ /*
extra_args = strcmp(machine, "pseries") == 0 ? "-nodefaults" : ""; * The pseries firmware boots much faster without the default
* devices, it also needs Spectre/Meltdown workarounds disabled to
* avoid warnings with TCG
*/
if (strcmp(machine, "pseries") == 0) {
extra_args = "-nodefaults"
" -machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken";
}
qts = qtest_initf("-M %s,accel=tcg %s -prom-env 'use-nvramrc?=true' " qts = qtest_initf("-M %s,accel=tcg %s -prom-env 'use-nvramrc?=true' "
"-prom-env 'nvramrc=%x %x l!' ", (const char *)machine, "-prom-env 'nvramrc=%x %x l!' ", (const char *)machine,

View File

@ -25,6 +25,7 @@ static char disk[] = "tests/pxe-test-disk-XXXXXX";
typedef struct testdef { typedef struct testdef {
const char *machine; /* Machine type */ const char *machine; /* Machine type */
const char *model; /* NIC device model */ const char *model; /* NIC device model */
const char *extra; /* Any additional parameters */
} testdef_t; } testdef_t;
static testdef_t x86_tests[] = { static testdef_t x86_tests[] = {
@ -44,13 +45,16 @@ static testdef_t x86_tests_slow[] = {
}; };
static testdef_t ppc64_tests[] = { static testdef_t ppc64_tests[] = {
{ "pseries", "spapr-vlan" }, { "pseries", "spapr-vlan",
{ "pseries", "virtio-net-pci", }, "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
{ "pseries", "virtio-net-pci",
"-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
{ NULL }, { NULL },
}; };
static testdef_t ppc64_tests_slow[] = { static testdef_t ppc64_tests_slow[] = {
{ "pseries", "e1000" }, { "pseries", "e1000",
"-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
{ NULL }, { NULL },
}; };
@ -63,13 +67,18 @@ static void test_pxe_one(const testdef_t *test, bool ipv6)
{ {
QTestState *qts; QTestState *qts;
char *args; char *args;
const char *extra = test->extra;
if (!extra) {
extra = "";
}
args = g_strdup_printf( args = g_strdup_printf(
"-machine %s,accel=kvm:tcg -nodefaults -boot order=n " "-machine %s,accel=kvm:tcg -nodefaults -boot order=n "
"-netdev user,id=" NETNAME ",tftp=./,bootfile=%s,ipv4=%s,ipv6=%s " "-netdev user,id=" NETNAME ",tftp=./,bootfile=%s,ipv4=%s,ipv6=%s "
"-device %s,bootindex=1,netdev=" NETNAME, "-device %s,bootindex=1,netdev=" NETNAME " %s",
test->machine, disk, ipv6 ? "off" : "on", ipv6 ? "on" : "off", test->machine, disk, ipv6 ? "off" : "on", ipv6 ? "on" : "off",
test->model); test->model, extra);
qts = qtest_init(args); qts = qtest_init(args);
boot_sector_test(qts); boot_sector_test(qts);