1 package PVE
::QemuServer
::CPUConfig
;
7 use PVE
::Cluster
qw(cfs_register_file cfs_read_file);
8 use PVE
::QemuServer
::Helpers
qw(min_version);
10 use base
qw(PVE::SectionConfig Exporter);
17 # under certain race-conditions, this module might be loaded before pve-cluster
18 # has started completely, so ensure we don't prevent the FUSE mount with our dir
19 if (PVE
::Cluster
::check_cfs_is_mounted
(1)) {
20 mkdir "/etc/pve/virtual-guest";
23 my $default_filename = "virtual-guest/cpu-models.conf";
24 cfs_register_file
($default_filename,
25 sub { PVE
::QemuServer
::CPUConfig-
>parse_config(@_); },
26 sub { PVE
::QemuServer
::CPUConfig-
>write_config(@_); });
28 sub load_custom_model_conf
{
29 return cfs_read_file
($default_filename);
32 my $cpu_vendor_list = {
34 486 => 'GenuineIntel',
35 pentium
=> 'GenuineIntel',
36 pentium2
=> 'GenuineIntel',
37 pentium3
=> 'GenuineIntel',
38 coreduo
=> 'GenuineIntel',
39 core2duo
=> 'GenuineIntel',
40 Conroe
=> 'GenuineIntel',
41 Penryn
=> 'GenuineIntel',
42 Nehalem
=> 'GenuineIntel',
43 'Nehalem-IBRS' => 'GenuineIntel',
44 Westmere
=> 'GenuineIntel',
45 'Westmere-IBRS' => 'GenuineIntel',
46 SandyBridge
=> 'GenuineIntel',
47 'SandyBridge-IBRS' => 'GenuineIntel',
48 IvyBridge
=> 'GenuineIntel',
49 'IvyBridge-IBRS' => 'GenuineIntel',
50 Haswell
=> 'GenuineIntel',
51 'Haswell-IBRS' => 'GenuineIntel',
52 'Haswell-noTSX' => 'GenuineIntel',
53 'Haswell-noTSX-IBRS' => 'GenuineIntel',
54 Broadwell
=> 'GenuineIntel',
55 'Broadwell-IBRS' => 'GenuineIntel',
56 'Broadwell-noTSX' => 'GenuineIntel',
57 'Broadwell-noTSX-IBRS' => 'GenuineIntel',
58 'Skylake-Client' => 'GenuineIntel',
59 'Skylake-Client-IBRS' => 'GenuineIntel',
60 'Skylake-Client-noTSX-IBRS' => 'GenuineIntel',
61 'Skylake-Server' => 'GenuineIntel',
62 'Skylake-Server-IBRS' => 'GenuineIntel',
63 'Skylake-Server-noTSX-IBRS' => 'GenuineIntel',
64 'Cascadelake-Server' => 'GenuineIntel',
65 'Cascadelake-Server-noTSX' => 'GenuineIntel',
66 KnightsMill
=> 'GenuineIntel',
67 'Icelake-Client' => 'GenuineIntel',
68 'Icelake-Client-noTSX' => 'GenuineIntel',
69 'Icelake-Server' => 'GenuineIntel',
70 'Icelake-Server-noTSX' => 'GenuineIntel',
73 athlon
=> 'AuthenticAMD',
74 phenom
=> 'AuthenticAMD',
75 Opteron_G1
=> 'AuthenticAMD',
76 Opteron_G2
=> 'AuthenticAMD',
77 Opteron_G3
=> 'AuthenticAMD',
78 Opteron_G4
=> 'AuthenticAMD',
79 Opteron_G5
=> 'AuthenticAMD',
80 EPYC
=> 'AuthenticAMD',
81 'EPYC-IBPB' => 'AuthenticAMD',
83 # generic types, use vendor from host node
92 my @supported_cpu_flags = (
106 my $cpu_flag_supported_re = qr/([+-])(@{[join('|', @supported_cpu_flags)]})/;
107 my $cpu_flag_any_re = qr/([+-])([a-zA-Z0-9\-_\.]+)/;
109 our $qemu_cmdline_cpu_re = qr/^((?>[+-]?[\w\-_=]+,?)+)$/;
113 description
=> "Emulated CPU type. Can be default or custom name (custom model names must be prefixed with 'custom-').",
115 format_description
=> 'string',
120 'reported-model' => {
121 description
=> "CPU model and vendor to report to the guest. Must be a QEMU/KVM supported model."
122 . " Only valid for custom CPU model definitions, default models will always report themselves to the guest OS.",
124 enum
=> [ sort { lc("$a") cmp lc("$b") } keys %$cpu_vendor_list ],
129 description
=> "Do not identify as a KVM virtual machine.",
136 pattern
=> qr/[a-zA-Z0-9]{1,12}/,
137 format_description
=> 'vendor-id',
138 description
=> 'The Hyper-V vendor ID. Some drivers or programs inside Windows guests need a specific ID.',
142 description
=> "List of additional CPU flags separated by ';'."
143 . " Use '+FLAG' to enable, '-FLAG' to disable a flag."
144 . " Custom CPU models can specify any flag supported by"
145 . " QEMU/KVM, VM-specific flags must be from the following"
146 . " set for security reasons: @{[join(', ', @supported_cpu_flags)]}.",
147 format_description
=> '+FLAG[;-FLAG...]',
149 pattern
=> qr/$cpu_flag_any_re(;$cpu_flag_any_re)*/,
154 # $cpu_fmt describes both the CPU config passed as part of a VM config, as well
155 # as the definition of a custom CPU model. There are some slight differences
156 # though, which we catch in the custom verification function below.
157 PVE
::JSONSchema
::register_format
('pve-cpu-conf', \
&parse_cpu_conf_basic
);
158 sub parse_cpu_conf_basic
{
159 my ($cpu_str, $noerr) = @_;
161 my $cpu = eval { PVE
::JSONSchema
::parse_property_string
($cpu_fmt, $cpu_str) };
167 # required, but can't be forced in schema since it's encoded in section
168 # header for custom models
169 if (!$cpu->{cputype
}) {
170 die "CPU is missing cputype\n" if !$noerr;
177 PVE
::JSONSchema
::register_format
('pve-vm-cpu-conf', \
&parse_vm_cpu_conf
);
178 sub parse_vm_cpu_conf
{
179 my ($cpu_str, $noerr) = @_;
181 my $cpu = parse_cpu_conf_basic
($cpu_str, $noerr);
182 return undef if !$cpu;
184 my $cputype = $cpu->{cputype
};
186 # a VM-specific config is only valid if the cputype exists
187 if (is_custom_model
($cputype)) {
188 eval { get_custom_model
($cputype); };
194 if (!defined($cpu_vendor_list->{$cputype})) {
195 die "Built-in cputype '$cputype' is not defined (missing 'custom-' prefix?)\n" if !$noerr;
200 # in a VM-specific config, certain properties are limited/forbidden
202 if ($cpu->{flags
} && $cpu->{flags
} !~ m/$cpu_flag_supported_re(;$cpu_flag_supported_re)*/) {
203 die "VM-specific CPU flags must be a subset of: @{[join(', ', @supported_cpu_flags)]}\n"
208 die "Property 'reported-model' not allowed in VM-specific CPU config.\n"
209 if defined($cpu->{'reported-model'});
214 # Section config settings
216 # shallow copy, since SectionConfig modifies propertyList internally
217 propertyList
=> { %$cpu_fmt },
225 return { %$cpu_fmt };
232 sub parse_section_header
{
233 my ($class, $line) = @_;
235 my ($type, $sectionId, $errmsg, $config) =
236 $class->SUPER::parse_section_header
($line);
238 return undef if !$type;
239 return ($type, $sectionId, $errmsg, {
240 # name is given by section header, and we can always prepend 'custom-'
241 # since we're reading the custom CPU file
242 cputype
=> "custom-$sectionId",
247 my ($class, $filename, $cfg) = @_;
249 mkdir "/etc/pve/virtual-guest";
251 for my $model (keys %{$cfg->{ids
}}) {
252 my $model_conf = $cfg->{ids
}->{$model};
254 die "internal error: tried saving built-in CPU model (or missing prefix): $model_conf->{cputype}\n"
255 if !is_custom_model
($model_conf->{cputype
});
257 die "internal error: tried saving custom cpumodel with cputype (ignoring prefix: $model_conf->{cputype}) not equal to \$cfg->ids entry ($model)\n"
258 if "custom-$model" ne $model_conf->{cputype
};
260 # saved in section header
261 delete $model_conf->{cputype
};
264 $class->SUPER::write_config
($filename, $cfg);
267 sub is_custom_model
{
269 return $cputype =~ m/^custom-/;
272 # Use this to get a single model in the format described by $cpu_fmt.
273 # Allows names with and without custom- prefix.
274 sub get_custom_model
{
275 my ($name, $noerr) = @_;
277 $name =~ s/^custom-//;
278 my $conf = load_custom_model_conf
();
280 my $entry = $conf->{ids
}->{$name};
281 if (!defined($entry)) {
282 die "Custom cputype '$name' not found\n" if !$noerr;
287 for my $property (keys %$cpu_fmt) {
288 if (my $value = $entry->{$property}) {
289 $model->{$property} = $value;
296 # Print a QEMU device node for a given VM configuration for hotplugging CPUs
297 sub print_cpu_device
{
298 my ($conf, $id) = @_;
300 my $kvm = $conf->{kvm
} // 1;
301 my $cpu = $kvm ?
"kvm64" : "qemu64";
302 if (my $cputype = $conf->{cpu
}) {
303 my $cpuconf = parse_cpu_conf_basic
($cputype)
304 or die "Cannot parse cpu description: $cputype\n";
305 $cpu = $cpuconf->{cputype
};
307 if (is_custom_model
($cpu)) {
308 my $custom_cpu = get_custom_model
($cpu);
310 $cpu = $custom_cpu->{'reported-model'} //
311 $cpu_fmt->{'reported-model'}->{default};
315 my $cores = $conf->{cores
} || 1;
317 my $current_core = ($id - 1) % $cores;
318 my $current_socket = int(($id - 1 - $current_core)/$cores);
320 return "$cpu-x86_64-cpu,id=cpu$id,socket-id=$current_socket,core-id=$current_core,thread-id=0";
323 # Calculate QEMU's '-cpu' argument from a given VM configuration
324 sub get_cpu_options
{
325 my ($conf, $arch, $kvm, $kvm_off, $machine_version, $winversion, $gpu_passthrough) = @_;
328 my $ostype = $conf->{ostype
};
330 my $cpu = $kvm ?
"kvm64" : "qemu64";
331 if ($arch eq 'aarch64') {
335 if (my $cputype = $conf->{cpu
}) {
336 my $cpuconf = PVE
::JSONSchema
::parse_property_string
($cpu_fmt, $cputype)
337 or die "Cannot parse cpu description: $cputype\n";
338 $cpu = $cpuconf->{cputype
};
339 $kvm_off = 1 if $cpuconf->{hidden
};
340 $hv_vendor_id = $cpuconf->{'hv-vendor-id'};
342 if (defined(my $flags = $cpuconf->{flags
})) {
343 push @$cpuFlags, split(";", $flags);
347 push @$cpuFlags , '+lahf_lm' if $cpu eq 'kvm64' && $arch eq 'x86_64';
349 push @$cpuFlags , '-x2apic' if $ostype && $ostype eq 'solaris';
351 push @$cpuFlags, '+sep' if $cpu eq 'kvm64' || $cpu eq 'kvm32';
353 push @$cpuFlags, '-rdtscp' if $cpu =~ m/^Opteron/;
355 if (min_version
($machine_version, 2, 3) && $arch eq 'x86_64') {
357 push @$cpuFlags , '+kvm_pv_unhalt' if $kvm;
358 push @$cpuFlags , '+kvm_pv_eoi' if $kvm;
361 add_hyperv_enlightenments
($cpuFlags, $winversion, $machine_version, $conf->{bios
}, $gpu_passthrough, $hv_vendor_id) if $kvm;
363 push @$cpuFlags, 'enforce' if $cpu ne 'host' && $kvm && $arch eq 'x86_64';
365 push @$cpuFlags, 'kvm=off' if $kvm_off;
367 if (my $cpu_vendor = $cpu_vendor_list->{$cpu}) {
368 push @$cpuFlags, "vendor=${cpu_vendor}"
369 if $cpu_vendor ne 'default';
370 } elsif ($arch ne 'aarch64') {
371 die "internal error"; # should not happen
374 $cpu .= "," . join(',', @$cpuFlags) if scalar(@$cpuFlags);
376 return ('-cpu', $cpu);
379 sub add_hyperv_enlightenments
{
380 my ($cpuFlags, $winversion, $machine_version, $bios, $gpu_passthrough, $hv_vendor_id) = @_;
382 return if $winversion < 6;
383 return if $bios && $bios eq 'ovmf' && $winversion < 8;
385 if ($gpu_passthrough || defined($hv_vendor_id)) {
386 $hv_vendor_id //= 'proxmox';
387 push @$cpuFlags , "hv_vendor_id=$hv_vendor_id";
390 if (min_version
($machine_version, 2, 3)) {
391 push @$cpuFlags , 'hv_spinlocks=0x1fff';
392 push @$cpuFlags , 'hv_vapic';
393 push @$cpuFlags , 'hv_time';
395 push @$cpuFlags , 'hv_spinlocks=0xffff';
398 if (min_version
($machine_version, 2, 6)) {
399 push @$cpuFlags , 'hv_reset';
400 push @$cpuFlags , 'hv_vpindex';
401 push @$cpuFlags , 'hv_runtime';
404 if ($winversion >= 7) {
405 push @$cpuFlags , 'hv_relaxed';
407 if (min_version
($machine_version, 2, 12)) {
408 push @$cpuFlags , 'hv_synic';
409 push @$cpuFlags , 'hv_stimer';
412 if (min_version
($machine_version, 3, 1)) {
413 push @$cpuFlags , 'hv_ipi';
418 sub get_cpu_from_running_vm
{
421 my $cmdline = PVE
::QemuServer
::Helpers
::parse_cmdline
($pid);
422 die "could not read commandline of running machine\n"
423 if !$cmdline->{cpu
}->{value
};
425 # sanitize and untaint value
426 $cmdline->{cpu
}->{value
} =~ $qemu_cmdline_cpu_re;
430 __PACKAGE__-
>register();