93d2ff782f
The main motivation for this change is to: (a) add missing CPU flags
(including those flags that provide mitigation for the recent CVE flaws)
as 'traits'; and (b) adjust and clean up the layout of the 'hw/cpu/'
directory.
To that end, the following are the set of changes in this patch.
(*) Introduce a new cpu/x86 directory; and vendor-specific files: amd.py
and intel.py; with __init__.py containing the *common* stuff:
- hw/cpu/x86/amd.py -- AMD-only traits.
- hw/cpu/x86/intel.py -- Intel-only traits.
- hw/cpu/x86/__init__.py -- Common traits for both AMD and Intel.
- hw/cpu/x86.py -- Two things: (a) move the contents of this file
into x86/__init__.py, which is its new location; this move
preserves the integrity of the string trait names and Python
paths, as they were before; and (b) given point (a), remove the
now no longer needed hw/cpu/x86.py. (Justification: We are
removing this file to maintain consistency with the way it's done
througout the 'os-traits' repository.)
- hw/cpu/amd.py -- Deprecate the contents of this file with a
comment; and copy them into hw/cpu/x86/amd.py, which is its new
location.
Comparison between the old and the new layouts of os_traits/hw/cpu/:
Old Layout New Layout
---------- ----------
cpu/ cpu/
├── aarch64.py ├── aarch64.py
├── amd.py ├── amd.py [DEPRECATED]
├── __init__.py ├── __init__.py
└── x86.py └── x86/
├── amd.py
├── __init__.py
└── intel.py
(*) Add various missing CPU flags to x86/intel.py, x86/amd.py and to
x86/__intel__.py.
(*) Copy, and deprecate with a comment, flags from cpu/x86.py, i.e..
"VMX" (Intel) and "SVM" (AMD), into corresponding vendor-specific
files.
References
----------
[1] Thread start:
http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006281.html
-- On reporting CPU flags that provide mitiation (to CVE flaws) as
Nova 'traits'
[2] Thread conclusion:
http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006364.html
Closes-Bug: #1830948
Change-Id: I1c9a72d19ef9dadfb931efa3894867099974bcc7
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
28 lines
924 B
Python
28 lines
924 B
Python
# -*- coding: utf-8 -*-
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
TRAITS = [
|
|
# Required as mitigation for "MDS" (Microarchitectural Data
|
|
# Sampling) security flaws
|
|
'MD_CLEAR',
|
|
# ref: https://git.qemu.org/?p=qemu.git;a=blob;f=docs/qemu-cpu-models.texi
|
|
# (Important CPU features for Intel x86 hosts)
|
|
'PCID',
|
|
'SPEC_CTRL',
|
|
'SSBD',
|
|
# ref: https://en.wikipedia.org/wiki/VT-x
|
|
'VMX',
|
|
]
|