use PVE::JSONSchema;
use PVE::Cluster qw(cfs_register_file cfs_read_file);
+use PVE::Tools qw(get_host_arch);
use PVE::QemuServer::Helpers qw(min_version);
use base qw(PVE::SectionConfig Exporter);
our @EXPORT_OK = qw(
print_cpu_device
get_cpu_options
+get_cpu_bitness
+is_native_arch
);
# under certain race-conditions, this module might be loaded before pve-cluster
}
my $default_filename = "virtual-guest/cpu-models.conf";
-cfs_register_file($default_filename,
- sub { PVE::QemuServer::CPUConfig->parse_config(@_); },
- sub { PVE::QemuServer::CPUConfig->write_config(@_); });
+cfs_register_file(
+ $default_filename,
+ sub { PVE::QemuServer::CPUConfig->parse_config(@_); },
+ sub { PVE::QemuServer::CPUConfig->write_config(@_); },
+);
sub load_custom_model_conf {
return cfs_read_file($default_filename);
}
+#builtin models : reported-model is mandatory
+my $builtin_models = {
+ 'x86-64-v2' => {
+ 'reported-model' => 'qemu64',
+ flags => "+popcnt;+pni;+sse4.1;+sse4.2;+ssse3",
+ },
+ 'x86-64-v2-AES' => {
+ 'reported-model' => 'qemu64',
+ flags => "+aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3",
+ },
+ 'x86-64-v3' => {
+ 'reported-model' => 'qemu64',
+ flags => "+aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3;+avx;+avx2;+bmi1;+bmi2;+f16c;+fma;+abm;+movbe;+xsave",
+ },
+ 'x86-64-v4' => {
+ 'reported-model' => 'qemu64',
+ flags => "+aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3;+avx;+avx2;+bmi1;+bmi2;+f16c;+fma;+abm;+movbe;+xsave;+avx512f;+avx512bw;+avx512cd;+avx512dq;+avx512vl",
+ },
+};
+
+my $depreacated_cpu_map = {
+ # there never was such a client CPU, so map it to the server one for backward compat
+ 'Icelake-Client' => 'Icelake-Server',
+ 'Icelake-Client-noTSX' => 'Icelake-Server-noTSX',
+};
+
+my $cputypes_32bit = {
+ '486' => 1,
+ 'pentium' => 1,
+ 'pentium2' => 1,
+ 'pentium3' => 1,
+ 'coreduo' => 1,
+ 'athlon' => 1,
+ 'kvm32' => 1,
+ 'qemu32' => 1,
+};
+
my $cpu_vendor_list = {
# Intel CPUs
486 => 'GenuineIntel',
'Skylake-Client' => 'GenuineIntel',
'Skylake-Client-IBRS' => 'GenuineIntel',
'Skylake-Client-noTSX-IBRS' => 'GenuineIntel',
+ 'Skylake-Client-v4' => 'GenuineIntel',
'Skylake-Server' => 'GenuineIntel',
'Skylake-Server-IBRS' => 'GenuineIntel',
'Skylake-Server-noTSX-IBRS' => 'GenuineIntel',
+ 'Skylake-Server-v4' => 'GenuineIntel',
+ 'Skylake-Server-v5' => 'GenuineIntel',
'Cascadelake-Server' => 'GenuineIntel',
+ 'Cascadelake-Server-v2' => 'GenuineIntel',
'Cascadelake-Server-noTSX' => 'GenuineIntel',
+ 'Cascadelake-Server-v4' => 'GenuineIntel',
+ 'Cascadelake-Server-v5' => 'GenuineIntel',
+ 'Cooperlake' => 'GenuineIntel',
+ 'Cooperlake-v2' => 'GenuineIntel',
KnightsMill => 'GenuineIntel',
- 'Icelake-Client' => 'GenuineIntel',
- 'Icelake-Client-noTSX' => 'GenuineIntel',
+ 'Icelake-Client' => 'GenuineIntel', # depreacated, removed with QEMU 7.1
+ 'Icelake-Client-noTSX' => 'GenuineIntel', # depreacated, removed with QEMU 7.1
'Icelake-Server' => 'GenuineIntel',
'Icelake-Server-noTSX' => 'GenuineIntel',
+ 'Icelake-Server-v3' => 'GenuineIntel',
+ 'Icelake-Server-v4' => 'GenuineIntel',
+ 'Icelake-Server-v5' => 'GenuineIntel',
+ 'Icelake-Server-v6' => 'GenuineIntel',
+ 'SapphireRapids' => 'GenuineIntel',
+ 'SapphireRapids-v2' => 'GenuineIntel',
+ 'GraniteRapids' => 'GenuineIntel',
# AMD CPUs
athlon => 'AuthenticAMD',
Opteron_G5 => 'AuthenticAMD',
EPYC => 'AuthenticAMD',
'EPYC-IBPB' => 'AuthenticAMD',
+ 'EPYC-v3' => 'AuthenticAMD',
+ 'EPYC-v4' => 'AuthenticAMD',
'EPYC-Rome' => 'AuthenticAMD',
+ 'EPYC-Rome-v2' => 'AuthenticAMD',
+ 'EPYC-Rome-v3' => 'AuthenticAMD',
+ 'EPYC-Rome-v4' => 'AuthenticAMD',
+ 'EPYC-Milan' => 'AuthenticAMD',
+ 'EPYC-Milan-v2' => 'AuthenticAMD',
+ 'EPYC-Genoa' => 'AuthenticAMD',
# generic types, use vendor from host node
host => 'default',
my $cpu_flag_supported_re = qr/([+-])(@{[join('|', @supported_cpu_flags)]})/;
my $cpu_flag_any_re = qr/([+-])([a-zA-Z0-9\-_\.]+)/;
-our $qemu_cmdline_cpu_re = qr/^((?>[+-]?[\w\-_=]+,?)+)$/;
+our $qemu_cmdline_cpu_re = qr/^((?>[+-]?[\w\-\._=]+,?)+)$/;
my $cpu_fmt = {
cputype => {
},
'reported-model' => {
description => "CPU model and vendor to report to the guest. Must be a QEMU/KVM supported model."
- . " Only valid for custom CPU model definitions, default models will always report themselves to the guest OS.",
+ ." Only valid for custom CPU model definitions, default models will always report themselves to the guest OS.",
type => 'string',
enum => [ sort { lc("$a") cmp lc("$b") } keys %$cpu_vendor_list ],
default => 'kvm64',
optional => 1,
},
flags => {
- description => "List of additional CPU flags separated by ';'."
- . " Use '+FLAG' to enable, '-FLAG' to disable a flag."
- . " Custom CPU models can specify any flag supported by"
- . " QEMU/KVM, VM-specific flags must be from the following"
- . " set for security reasons: @{[join(', ', @supported_cpu_flags)]}.",
+ description => "List of additional CPU flags separated by ';'. Use '+FLAG' to enable,"
+ ." '-FLAG' to disable a flag. Custom CPU models can specify any flag supported by"
+ ." QEMU/KVM, VM-specific flags must be from the following set for security reasons: "
+ . join(', ', @supported_cpu_flags),
format_description => '+FLAG[;-FLAG...]',
type => 'string',
pattern => qr/$cpu_flag_any_re(;$cpu_flag_any_re)*/,
type => 'string',
format => 'pve-phys-bits',
format_description => '8-64|host',
- description => "The physical memory address bits that are reported to"
- . " the guest OS. Should be smaller or equal to the host's."
- . " Set to 'host' to use value from host CPU, but note that"
- . " doing so will break live migration to CPUs with other values.",
+ description => "The physical memory address bits that are reported to the guest OS. Should"
+ ." be smaller or equal to the host's. Set to 'host' to use value from host CPU, but"
+ ." note that doing so will break live migration to CPUs with other values.",
optional => 1,
},
};
if ($str !~ m/^(host|\d{1,2})$/) {
die $err_msg if !$noerr;
- return undef;
+ return;
}
if ($str =~ m/^\d+$/ && (int($str) < 8 || int($str) > 64)) {
die $err_msg if !$noerr;
- return undef;
+ return;
}
return $str;
PVE::JSONSchema::register_format('pve-cpu-conf', $cpu_fmt, \&validate_cpu_conf);
sub validate_cpu_conf {
my ($cpu) = @_;
-
- # required, but can't be forced in schema since it's encoded in section
- # header for custom models
+ # required, but can't be forced in schema since it's encoded in section header for custom models
die "CPU is missing cputype\n" if !$cpu->{cputype};
+ return $cpu;
}
PVE::JSONSchema::register_format('pve-vm-cpu-conf', $cpu_fmt, \&validate_vm_cpu_conf);
sub validate_vm_cpu_conf {
get_custom_model($cputype);
} else {
die "Built-in cputype '$cputype' is not defined (missing 'custom-' prefix?)\n"
- if !defined($cpu_vendor_list->{$cputype});
+ if !defined($cpu_vendor_list->{$cputype}) && !defined($builtin_models->{$cputype});
}
# in a VM-specific config, certain properties are limited/forbidden
die "VM-specific CPU flags must be a subset of: @{[join(', ', @supported_cpu_flags)]}\n"
- if ($cpu->{flags} && $cpu->{flags} !~ m/$cpu_flag_supported_re(;$cpu_flag_supported_re)*/);
+ if ($cpu->{flags} && $cpu->{flags} !~ m/^$cpu_flag_supported_re(;$cpu_flag_supported_re)*$/);
die "Property 'reported-model' not allowed in VM-specific CPU config.\n"
if defined($cpu->{'reported-model'});
my ($type, $sectionId, $errmsg, $config) =
$class->SUPER::parse_section_header($line);
- return undef if !$type;
+ return if !$type;
return ($type, $sectionId, $errmsg, {
# name is given by section header, and we can always prepend 'custom-'
# since we're reading the custom CPU file
};
}
+ for my $model (keys %{$builtin_models}) {
+ my $reported_model = $builtin_models->{$model}->{'reported-model'};
+ my $vendor = $cpu_vendor_list->{$reported_model};
+ push @$models, {
+ name => $model,
+ custom => 0,
+ vendor => $vendor,
+ };
+ }
+
return $models if !$include_custom;
my $conf = load_custom_model_conf();
my $entry = $conf->{ids}->{$name};
if (!defined($entry)) {
die "Custom cputype '$name' not found\n" if !$noerr;
- return undef;
+ return;
}
my $model = {};
# Print a QEMU device node for a given VM configuration for hotplugging CPUs
sub print_cpu_device {
- my ($conf, $id) = @_;
+ my ($conf, $arch, $id) = @_;
+
+ # FIXME: hot plugging other architectures like our unofficial aarch64 support?
+ die "Hotplug of non x86_64 CPU not yet supported" if $arch ne 'x86_64';
- my $kvm = $conf->{kvm} // 1;
- my $cpu = $kvm ? "kvm64" : "qemu64";
+ my $kvm = $conf->{kvm} // is_native_arch($arch);
+ my $cpu = get_default_cpu_type('x86_64', $kvm);
if (my $cputype = $conf->{cpu}) {
my $cpuconf = PVE::JSONSchema::parse_property_string('pve-vm-cpu-conf', $cputype)
or die "Cannot parse cpu description: $cputype\n";
$cpu = $cpuconf->{cputype};
- if (is_custom_model($cpu)) {
+ if (my $model = $builtin_models->{$cpu}) {
+ $cpu = $model->{'reported-model'};
+ } elsif (is_custom_model($cputype)) {
my $custom_cpu = get_custom_model($cpu);
- $cpu = $custom_cpu->{'reported-model'} //
- $cpu_fmt->{'reported-model'}->{default};
+ $cpu = $custom_cpu->{'reported-model'} // $cpu_fmt->{'reported-model'}->{default};
+ }
+ if (my $replacement_type = $depreacated_cpu_map->{$cpu}) {
+ $cpu = $replacement_type;
}
}
return $res if !$flaglist;
foreach my $flag (split(";", $flaglist)) {
- if ($flag =~ $re) {
+ if ($flag =~ m/^$re$/) {
$res->{$2} = { op => $1, reason => $reason };
}
}
sub get_cpu_options {
my ($conf, $arch, $kvm, $kvm_off, $machine_version, $winversion, $gpu_passthrough) = @_;
- my $cputype = $kvm ? "kvm64" : "qemu64";
- if ($arch eq 'aarch64') {
- $cputype = 'cortex-a57';
- }
+ my $cputype = get_default_cpu_type($arch, $kvm);
my $cpu = {};
my $custom_cpu;
+ my $builtin_cpu;
my $hv_vendor_id;
if (my $cpu_prop_str = $conf->{cpu}) {
$cpu = PVE::JSONSchema::parse_property_string('pve-vm-cpu-conf', $cpu_prop_str)
or die "Cannot parse cpu description: $cpu_prop_str\n";
$cputype = $cpu->{cputype};
-
- if (is_custom_model($cputype)) {
+ if (my $model = $builtin_models->{$cputype}) {
+ $cputype = $model->{'reported-model'};
+ $builtin_cpu->{flags} = $model->{'flags'};
+ } elsif (is_custom_model($cputype)) {
$custom_cpu = get_custom_model($cputype);
- $cputype = $custom_cpu->{'reported-model'} //
- $cpu_fmt->{'reported-model'}->{default};
- $kvm_off = $custom_cpu->{hidden}
- if defined($custom_cpu->{hidden});
+ $cputype = $custom_cpu->{'reported-model'} // $cpu_fmt->{'reported-model'}->{default};
+ $kvm_off = $custom_cpu->{hidden} if defined($custom_cpu->{hidden});
$hv_vendor_id = $custom_cpu->{'hv-vendor-id'};
}
+ if (my $replacement_type = $depreacated_cpu_map->{$cputype}) {
+ $cputype = $replacement_type;
+ }
+
# VM-specific settings override custom CPU config
- $kvm_off = $cpu->{hidden}
- if defined($cpu->{hidden});
- $hv_vendor_id = $cpu->{'hv-vendor-id'}
- if defined($cpu->{'hv-vendor-id'});
+ $kvm_off = $cpu->{hidden} if defined($cpu->{hidden});
+ $hv_vendor_id = $cpu->{'hv-vendor-id'} if defined($cpu->{'hv-vendor-id'});
}
- my $pve_flags = get_pve_cpu_flags($conf, $kvm, $cputype, $arch,
- $machine_version);
+ my $pve_flags = get_pve_cpu_flags($conf, $kvm, $cputype, $arch, $machine_version);
- my $hv_flags = get_hyperv_enlightenments($winversion, $machine_version,
- $conf->{bios}, $gpu_passthrough, $hv_vendor_id) if $kvm;
+ my $hv_flags = $kvm
+ ? get_hyperv_enlightenments(
+ $winversion,
+ $machine_version,
+ $conf->{bios},
+ $gpu_passthrough,
+ $hv_vendor_id,
+ )
+ : undef;
- my $custom_cputype_flags = parse_cpuflag_list($cpu_flag_any_re,
- "set by custom CPU model", $custom_cpu->{flags});
+ my $builtin_cputype_flags = parse_cpuflag_list(
+ $cpu_flag_any_re, "set by builtin CPU model", $builtin_cpu->{flags});
- my $vm_flags = parse_cpuflag_list($cpu_flag_supported_re,
- "manually set for VM", $cpu->{flags});
+ my $custom_cputype_flags = parse_cpuflag_list(
+ $cpu_flag_any_re, "set by custom CPU model", $custom_cpu->{flags});
+
+ my $vm_flags = parse_cpuflag_list(
+ $cpu_flag_supported_re, "manually set for VM", $cpu->{flags});
my $pve_forced_flags = {};
$pve_forced_flags->{'enforce'} = {
my $cpu_str = $cputype;
# will be resolved in parameter order
- $cpu_str .= resolve_cpu_flags($pve_flags, $hv_flags, $custom_cputype_flags,
- $vm_flags, $pve_forced_flags);
+ $cpu_str .= resolve_cpu_flags(
+ $pve_flags, $hv_flags, $builtin_cputype_flags, $custom_cputype_flags, $vm_flags, $pve_forced_flags);
my $phys_bits = '';
foreach my $conf ($custom_cpu, $cpu) {
return $1;
}
+sub get_default_cpu_type {
+ my ($arch, $kvm) = @_;
+
+ my $cputype = $kvm ? 'kvm64' : 'qemu64';
+ $cputype = 'cortex-a57' if $arch eq 'aarch64';
+
+ return $cputype;
+}
+
+sub is_native_arch($) {
+ my ($arch) = @_;
+ return get_host_arch() eq $arch;
+}
+
+sub get_cpu_bitness {
+ my ($cpu_prop_str, $arch) = @_;
+
+ $arch //= get_host_arch();
+
+ my $cputype = get_default_cpu_type($arch, 0);
+
+ if ($cpu_prop_str) {
+ my $cpu = PVE::JSONSchema::parse_property_string('pve-vm-cpu-conf', $cpu_prop_str)
+ or die "Cannot parse cpu description: $cpu_prop_str\n";
+
+ $cputype = $cpu->{cputype};
+
+ if (my $model = $builtin_models->{$cputype}) {
+ $cputype = $model->{'reported-model'};
+ } elsif (is_custom_model($cputype)) {
+ my $custom_cpu = get_custom_model($cputype);
+ $cputype = $custom_cpu->{'reported-model'} // $cpu_fmt->{'reported-model'}->{default};
+ }
+ }
+
+ return $cputypes_32bit->{$cputype} ? 32 : 64 if $arch eq 'x86_64';
+ return 64 if $arch eq 'aarch64';
+
+ die "unsupported architecture '$arch'\n";
+}
+
__PACKAGE__->register();
__PACKAGE__->init();