Suppress test warnings about missing Spectre/Meltdown mitigations with TCG

The new pseries-4.0 machine type defaults to enabling Spectre/Meltdown
mitigations.  Unfortunately those mitigations aren't implemented for TCG
because we're not yet sure if they're necessary or how to implement them.
We don't fail fatally, but we do warn in this case, because it is quite
plausible that Spectre/Meltdown can be exploited through TCG (at least for
the guest to get access to the qemu address space).

This create noise in our testcases though.  So, modify the affected tests
to explicitly disable the mitigations to suppress these warnings.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

diff --git a/tests/boot-serial-test.c b/tests/boot-serial-test.c
index 58a48f39bf1d74b341862cbd9bf025de178a7834..c591748aaf00a3abfb10d5b77586fb088b2b07a7 100644 (file)
--- a/tests/boot-serial-test.c
+++ b/tests/boot-serial-test.c
@@ -100,7 +100,9 @@ static testdef_t tests[] = {
     { "ppc64", "ppce500", "", "U-Boot" },
     { "ppc64", "40p", "-m 192", "Memory: 192M" },
     { "ppc64", "mac99", "", "PowerPC,970FX" },
-    { "ppc64", "pseries", "", "Open Firmware" },
+    { "ppc64", "pseries",
+      "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken",
+      "Open Firmware" },
     { "ppc64", "powernv", "-cpu POWER8", "OPAL" },
     { "ppc64", "sam460ex", "-device e1000", "8086  100e" },
     { "i386", "isapc", "-cpu qemu32 -device sga", "SGABIOS" },

diff --git a/tests/prom-env-test.c b/tests/prom-env-test.c
index 4821254b7e330dd486f8c51a30af050e29eb6c35..61bc1d1e7b2e972cbde356baef633426946a85bc 100644 (file)
--- a/tests/prom-env-test.c
+++ b/tests/prom-env-test.c
@@ -44,11 +44,18 @@ static void check_guest_memory(QTestState *qts)
 
 static void test_machine(const void *machine)
 {
-    const char *extra_args;
+    const char *extra_args = "";
     QTestState *qts;
 
-    /* The pseries firmware boots much faster without the default devices */
-    extra_args = strcmp(machine, "pseries") == 0 ? "-nodefaults" : "";
+    /*
+     * The pseries firmware boots much faster without the default
+     * devices, it also needs Spectre/Meltdown workarounds disabled to
+     * avoid warnings with TCG
+     */
+    if (strcmp(machine, "pseries") == 0) {
+        extra_args = "-nodefaults"
+            " -machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken";
+    }
 
     qts = qtest_initf("-M %s,accel=tcg %s -prom-env 'use-nvramrc?=true' "
                       "-prom-env 'nvramrc=%x %x l!' ", (const char *)machine,

diff --git a/tests/pxe-test.c b/tests/pxe-test.c
index 73ac1d1c61442c0e8defc43f19c8534c63d2e738..948b0fbdc727ef129d76f43b7b13be652f96741a 100644 (file)
--- a/tests/pxe-test.c
+++ b/tests/pxe-test.c
@@ -25,6 +25,7 @@ static char disk[] = "tests/pxe-test-disk-XXXXXX";
 typedef struct testdef {
     const char *machine;    /* Machine type */
     const char *model;      /* NIC device model */
+    const char *extra;      /* Any additional parameters */
 } testdef_t;
 
 static testdef_t x86_tests[] = {
@@ -44,13 +45,16 @@ static testdef_t x86_tests_slow[] = {
 };
 
 static testdef_t ppc64_tests[] = {
-    { "pseries", "spapr-vlan" },
-    { "pseries", "virtio-net-pci", },
+    { "pseries", "spapr-vlan",
+      "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
+    { "pseries", "virtio-net-pci",
+      "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
     { NULL },
 };
 
 static testdef_t ppc64_tests_slow[] = {
-    { "pseries", "e1000" },
+    { "pseries", "e1000",
+      "-machine cap-cfpc=broken,cap-sbbc=broken,cap-ibs=broken" },
     { NULL },
 };
 
@@ -63,13 +67,18 @@ static void test_pxe_one(const testdef_t *test, bool ipv6)
 {
     QTestState *qts;
     char *args;
+    const char *extra = test->extra;
+
+    if (!extra) {
+        extra = "";
+    }
 
     args = g_strdup_printf(
         "-machine %s,accel=kvm:tcg -nodefaults -boot order=n "
         "-netdev user,id=" NETNAME ",tftp=./,bootfile=%s,ipv4=%s,ipv6=%s "
-        "-device %s,bootindex=1,netdev=" NETNAME,
+        "-device %s,bootindex=1,netdev=" NETNAME " %s",
         test->machine, disk, ipv6 ? "off" : "on", ipv6 ? "on" : "off",
-        test->model);
+        test->model, extra);
 
     qts = qtest_init(args);
     boot_sector_test(qts);