1@c man begin SYNOPSIS 2QEMU / KVM CPU model configuration 3@c man end 4 5@set qemu_system_x86 qemu-system-x86_64 6 7@c man begin DESCRIPTION 8 9@menu 10* recommendations_cpu_models_x86:: Recommendations for KVM CPU model configuration on x86 hosts 11* recommendations_cpu_models_MIPS:: Supported CPU model configurations on MIPS hosts 12* cpu_model_syntax_apps:: Syntax for configuring CPU models 13@end menu 14 15QEMU / KVM virtualization supports two ways to configure CPU models 16 17@table @option 18 19@item Host passthrough 20 21This passes the host CPU model features, model, stepping, exactly to the 22guest. Note that KVM may filter out some host CPU model features if they 23cannot be supported with virtualization. Live migration is unsafe when 24this mode is used as libvirt / QEMU cannot guarantee a stable CPU is 25exposed to the guest across hosts. This is the recommended CPU to use, 26provided live migration is not required. 27 28@item Named model 29 30QEMU comes with a number of predefined named CPU models, that typically 31refer to specific generations of hardware released by Intel and AMD. 32These allow the guest VMs to have a degree of isolation from the host CPU, 33allowing greater flexibility in live migrating between hosts with differing 34hardware. 35@end table 36 37In both cases, it is possible to optionally add or remove individual CPU 38features, to alter what is presented to the guest by default. 39 40Libvirt supports a third way to configure CPU models known as "Host model". 41This uses the QEMU "Named model" feature, automatically picking a CPU model 42that is similar the host CPU, and then adding extra features to approximate 43the host model as closely as possible. This does not guarantee the CPU family, 44stepping, etc will precisely match the host CPU, as they would with "Host 45passthrough", but gives much of the benefit of passthrough, while making 46live migration safe. 47 48@node recommendations_cpu_models_x86 49@subsection Recommendations for KVM CPU model configuration on x86 hosts 50 51The information that follows provides recommendations for configuring 52CPU models on x86 hosts. The goals are to maximise performance, while 53protecting guest OS against various CPU hardware flaws, and optionally 54enabling live migration between hosts with heterogeneous CPU models. 55 56@menu 57* preferred_cpu_models_intel_x86:: Preferred CPU models for Intel x86 hosts 58* important_cpu_features_intel_x86:: Important CPU features for Intel x86 hosts 59* preferred_cpu_models_amd_x86:: Preferred CPU models for AMD x86 hosts 60* important_cpu_features_amd_x86:: Important CPU features for AMD x86 hosts 61* default_cpu_models_x86:: Default x86 CPU models 62* other_non_recommended_cpu_models_x86:: Other non-recommended x86 CPUs 63@end menu 64 65@node preferred_cpu_models_intel_x86 66@subsubsection Preferred CPU models for Intel x86 hosts 67 68The following CPU models are preferred for use on Intel hosts. Administrators / 69applications are recommended to use the CPU model that matches the generation 70of the host CPUs in use. In a deployment with a mixture of host CPU models 71between machines, if live migration compatibility is required, use the newest 72CPU model that is compatible across all desired hosts. 73 74@table @option 75@item @code{Skylake-Server} 76@item @code{Skylake-Server-IBRS} 77 78Intel Xeon Processor (Skylake, 2016) 79 80 81@item @code{Skylake-Client} 82@item @code{Skylake-Client-IBRS} 83 84Intel Core Processor (Skylake, 2015) 85 86 87@item @code{Broadwell} 88@item @code{Broadwell-IBRS} 89@item @code{Broadwell-noTSX} 90@item @code{Broadwell-noTSX-IBRS} 91 92Intel Core Processor (Broadwell, 2014) 93 94 95@item @code{Haswell} 96@item @code{Haswell-IBRS} 97@item @code{Haswell-noTSX} 98@item @code{Haswell-noTSX-IBRS} 99 100Intel Core Processor (Haswell, 2013) 101 102 103@item @code{IvyBridge} 104@item @code{IvyBridge-IBRS} 105 106Intel Xeon E3-12xx v2 (Ivy Bridge, 2012) 107 108 109@item @code{SandyBridge} 110@item @code{SandyBridge-IBRS} 111 112Intel Xeon E312xx (Sandy Bridge, 2011) 113 114 115@item @code{Westmere} 116@item @code{Westmere-IBRS} 117 118Westmere E56xx/L56xx/X56xx (Nehalem-C, 2010) 119 120 121@item @code{Nehalem} 122@item @code{Nehalem-IBRS} 123 124Intel Core i7 9xx (Nehalem Class Core i7, 2008) 125 126 127@item @code{Penryn} 128 129Intel Core 2 Duo P9xxx (Penryn Class Core 2, 2007) 130 131 132@item @code{Conroe} 133 134Intel Celeron_4x0 (Conroe/Merom Class Core 2, 2006) 135 136@end table 137 138@node important_cpu_features_intel_x86 139@subsubsection Important CPU features for Intel x86 hosts 140 141The following are important CPU features that should be used on Intel x86 142hosts, when available in the host CPU. Some of them require explicit 143configuration to enable, as they are not included by default in some, or all, 144of the named CPU models listed above. In general all of these features are 145included if using "Host passthrough" or "Host model". 146 147 148@table @option 149 150@item @code{pcid} 151 152Recommended to mitigate the cost of the Meltdown (CVE-2017-5754) fix 153 154Included by default in Haswell, Broadwell & Skylake Intel CPU models. 155 156Should be explicitly turned on for Westmere, SandyBridge, and IvyBridge 157Intel CPU models. Note that some desktop/mobile Westmere CPUs cannot 158support this feature. 159 160 161@item @code{spec-ctrl} 162 163Required to enable the Spectre v2 (CVE-2017-5715) fix. 164 165Included by default in Intel CPU models with -IBRS suffix. 166 167Must be explicitly turned on for Intel CPU models without -IBRS suffix. 168 169Requires the host CPU microcode to support this feature before it 170can be used for guest CPUs. 171 172 173@item @code{stibp} 174 175Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some 176operating systems. 177 178Must be explicitly turned on for all Intel CPU models. 179 180Requires the host CPU microcode to support this feature before it 181can be used for guest CPUs. 182 183 184@item @code{ssbd} 185 186Required to enable the CVE-2018-3639 fix 187 188Not included by default in any Intel CPU model. 189 190Must be explicitly turned on for all Intel CPU models. 191 192Requires the host CPU microcode to support this feature before it 193can be used for guest CPUs. 194 195 196@item @code{pdpe1gb} 197 198Recommended to allow guest OS to use 1GB size pages 199 200Not included by default in any Intel CPU model. 201 202Should be explicitly turned on for all Intel CPU models. 203 204Note that not all CPU hardware will support this feature. 205 206@item @code{md-clear} 207 208Required to confirm the MDS (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, 209CVE-2019-11091) fixes. 210 211Not included by default in any Intel CPU model. 212 213Must be explicitly turned on for all Intel CPU models. 214 215Requires the host CPU microcode to support this feature before it 216can be used for guest CPUs. 217@end table 218 219 220@node preferred_cpu_models_amd_x86 221@subsubsection Preferred CPU models for AMD x86 hosts 222 223The following CPU models are preferred for use on Intel hosts. Administrators / 224applications are recommended to use the CPU model that matches the generation 225of the host CPUs in use. In a deployment with a mixture of host CPU models 226between machines, if live migration compatibility is required, use the newest 227CPU model that is compatible across all desired hosts. 228 229@table @option 230 231@item @code{EPYC} 232@item @code{EPYC-IBPB} 233 234AMD EPYC Processor (2017) 235 236 237@item @code{Opteron_G5} 238 239AMD Opteron 63xx class CPU (2012) 240 241 242@item @code{Opteron_G4} 243 244AMD Opteron 62xx class CPU (2011) 245 246 247@item @code{Opteron_G3} 248 249AMD Opteron 23xx (Gen 3 Class Opteron, 2009) 250 251 252@item @code{Opteron_G2} 253 254AMD Opteron 22xx (Gen 2 Class Opteron, 2006) 255 256 257@item @code{Opteron_G1} 258 259AMD Opteron 240 (Gen 1 Class Opteron, 2004) 260@end table 261 262@node important_cpu_features_amd_x86 263@subsubsection Important CPU features for AMD x86 hosts 264 265The following are important CPU features that should be used on AMD x86 266hosts, when available in the host CPU. Some of them require explicit 267configuration to enable, as they are not included by default in some, or all, 268of the named CPU models listed above. In general all of these features are 269included if using "Host passthrough" or "Host model". 270 271 272@table @option 273 274@item @code{ibpb} 275 276Required to enable the Spectre v2 (CVE-2017-5715) fix. 277 278Included by default in AMD CPU models with -IBPB suffix. 279 280Must be explicitly turned on for AMD CPU models without -IBPB suffix. 281 282Requires the host CPU microcode to support this feature before it 283can be used for guest CPUs. 284 285 286@item @code{stibp} 287 288Required to enable stronger Spectre v2 (CVE-2017-5715) fixes in some 289operating systems. 290 291Must be explicitly turned on for all AMD CPU models. 292 293Requires the host CPU microcode to support this feature before it 294can be used for guest CPUs. 295 296 297@item @code{virt-ssbd} 298 299Required to enable the CVE-2018-3639 fix 300 301Not included by default in any AMD CPU model. 302 303Must be explicitly turned on for all AMD CPU models. 304 305This should be provided to guests, even if amd-ssbd is also 306provided, for maximum guest compatibility. 307 308Note for some QEMU / libvirt versions, this must be force enabled 309when when using "Host model", because this is a virtual feature 310that doesn't exist in the physical host CPUs. 311 312 313@item @code{amd-ssbd} 314 315Required to enable the CVE-2018-3639 fix 316 317Not included by default in any AMD CPU model. 318 319Must be explicitly turned on for all AMD CPU models. 320 321This provides higher performance than virt-ssbd so should be 322exposed to guests whenever available in the host. virt-ssbd 323should none the less also be exposed for maximum guest 324compatibility as some kernels only know about virt-ssbd. 325 326 327@item @code{amd-no-ssb} 328 329Recommended to indicate the host is not vulnerable CVE-2018-3639 330 331Not included by default in any AMD CPU model. 332 333Future hardware generations of CPU will not be vulnerable to 334CVE-2018-3639, and thus the guest should be told not to enable 335its mitigations, by exposing amd-no-ssb. This is mutually 336exclusive with virt-ssbd and amd-ssbd. 337 338 339@item @code{pdpe1gb} 340 341Recommended to allow guest OS to use 1GB size pages 342 343Not included by default in any AMD CPU model. 344 345Should be explicitly turned on for all AMD CPU models. 346 347Note that not all CPU hardware will support this feature. 348@end table 349 350 351@node default_cpu_models_x86 352@subsubsection Default x86 CPU models 353 354The default QEMU CPU models are designed such that they can run on all hosts. 355If an application does not wish to do perform any host compatibility checks 356before launching guests, the default is guaranteed to work. 357 358The default CPU models will, however, leave the guest OS vulnerable to various 359CPU hardware flaws, so their use is strongly discouraged. Applications should 360follow the earlier guidance to setup a better CPU configuration, with host 361passthrough recommended if live migration is not needed. 362 363@table @option 364@item @code{qemu32} 365@item @code{qemu64} 366 367QEMU Virtual CPU version 2.5+ (32 & 64 bit variants) 368 369qemu64 is used for x86_64 guests and qemu32 is used for i686 guests, when no 370-cpu argument is given to QEMU, or no <cpu> is provided in libvirt XML. 371@end table 372 373 374@node other_non_recommended_cpu_models_x86 375@subsubsection Other non-recommended x86 CPUs 376 377The following CPUs models are compatible with most AMD and Intel x86 hosts, but 378their usage is discouraged, as they expose a very limited featureset, which 379prevents guests having optimal performance. 380 381@table @option 382 383@item @code{kvm32} 384@item @code{kvm64} 385 386Common KVM processor (32 & 64 bit variants) 387 388Legacy models just for historical compatibility with ancient QEMU versions. 389 390 391@item @code{486} 392@item @code{athlon} 393@item @code{phenom} 394@item @code{coreduo} 395@item @code{core2duo} 396@item @code{n270} 397@item @code{pentium} 398@item @code{pentium2} 399@item @code{pentium3} 400 401Various very old x86 CPU models, mostly predating the introduction of 402hardware assisted virtualization, that should thus not be required for 403running virtual machines. 404@end table 405 406@node recommendations_cpu_models_MIPS 407@subsection Supported CPU model configurations on MIPS hosts 408 409QEMU supports variety of MIPS CPU models: 410 411@menu 412* cpu_models_MIPS32:: Supported CPU models for MIPS32 hosts 413* cpu_models_MIPS64:: Supported CPU models for MIPS64 hosts 414* cpu_models_nanoMIPS:: Supported CPU models for nanoMIPS hosts 415* preferred_cpu_models_MIPS:: Preferred CPU models for MIPS hosts 416@end menu 417 418@node cpu_models_MIPS32 419@subsubsection Supported CPU models for MIPS32 hosts 420 421The following CPU models are supported for use on MIPS32 hosts. Administrators / 422applications are recommended to use the CPU model that matches the generation 423of the host CPUs in use. In a deployment with a mixture of host CPU models 424between machines, if live migration compatibility is required, use the newest 425CPU model that is compatible across all desired hosts. 426 427@table @option 428@item @code{mips32r6-generic} 429 430MIPS32 Processor (Release 6, 2015) 431 432 433@item @code{P5600} 434 435MIPS32 Processor (P5600, 2014) 436 437 438@item @code{M14K} 439@item @code{M14Kc} 440 441MIPS32 Processor (M14K, 2009) 442 443 444@item @code{74Kf} 445 446MIPS32 Processor (74K, 2007) 447 448 449@item @code{34Kf} 450 451MIPS32 Processor (34K, 2006) 452 453 454@item @code{24Kc} 455@item @code{24KEc} 456@item @code{24Kf} 457 458MIPS32 Processor (24K, 2003) 459 460 461@item @code{4Kc} 462@item @code{4Km} 463@item @code{4KEcR1} 464@item @code{4KEmR1} 465@item @code{4KEc} 466@item @code{4KEm} 467 468MIPS32 Processor (4K, 1999) 469@end table 470 471@node cpu_models_MIPS64 472@subsubsection Supported CPU models for MIPS64 hosts 473 474The following CPU models are supported for use on MIPS64 hosts. Administrators / 475applications are recommended to use the CPU model that matches the generation 476of the host CPUs in use. In a deployment with a mixture of host CPU models 477between machines, if live migration compatibility is required, use the newest 478CPU model that is compatible across all desired hosts. 479 480@table @option 481@item @code{I6400} 482 483MIPS64 Processor (Release 6, 2014) 484 485 486@item @code{Loongson-2F} 487 488MIPS64 Processor (Loongson 2, 2008) 489 490 491@item @code{Loongson-2E} 492 493MIPS64 Processor (Loongson 2, 2006) 494 495 496@item @code{mips64dspr2} 497 498MIPS64 Processor (Release 2, 2006) 499 500 501@item @code{MIPS64R2-generic} 502@item @code{5KEc} 503@item @code{5KEf} 504 505MIPS64 Processor (Release 2, 2002) 506 507 508@item @code{20Kc} 509 510MIPS64 Processor (20K, 2000) 511 512 513@item @code{5Kc} 514@item @code{5Kf} 515 516MIPS64 Processor (5K, 1999) 517 518 519@item @code{VR5432} 520 521MIPS64 Processor (VR, 1998) 522 523 524@item @code{R4000} 525 526MIPS64 Processor (MIPS III, 1991) 527@end table 528 529@node cpu_models_nanoMIPS 530@subsubsection Supported CPU models for nanoMIPS hosts 531 532The following CPU models are supported for use on nanoMIPS hosts. Administrators / 533applications are recommended to use the CPU model that matches the generation 534of the host CPUs in use. In a deployment with a mixture of host CPU models 535between machines, if live migration compatibility is required, use the newest 536CPU model that is compatible across all desired hosts. 537 538@table @option 539@item @code{I7200} 540 541MIPS I7200 (nanoMIPS, 2018) 542 543@end table 544 545@node preferred_cpu_models_MIPS 546@subsubsection Preferred CPU models for MIPS hosts 547 548The following CPU models are preferred for use on different MIPS hosts: 549 550@table @option 551@item @code{MIPS III} 552R4000 553 554@item @code{MIPS32R2} 55534Kf 556 557@item @code{MIPS64R6} 558I6400 559 560@item @code{nanoMIPS} 561I7200 562@end table 563 564@node cpu_model_syntax_apps 565@subsection Syntax for configuring CPU models 566 567The example below illustrate the approach to configuring the various 568CPU models / features in QEMU and libvirt 569 570@menu 571* cpu_model_syntax_qemu:: QEMU command line 572* cpu_model_syntax_libvirt:: Libvirt guest XML 573@end menu 574 575@node cpu_model_syntax_qemu 576@subsubsection QEMU command line 577 578@table @option 579 580@item Host passthrough 581 582@example 583 $ @value{qemu_system_x86} -cpu host 584@end example 585 586With feature customization: 587 588@example 589 $ @value{qemu_system_x86} -cpu host,-vmx,... 590@end example 591 592@item Named CPU models 593 594@example 595 $ @value{qemu_system_x86} -cpu Westmere 596@end example 597 598With feature customization: 599 600@example 601 $ @value{qemu_system_x86} -cpu Westmere,+pcid,... 602@end example 603 604@end table 605 606@node cpu_model_syntax_libvirt 607@subsubsection Libvirt guest XML 608 609@table @option 610 611@item Host passthrough 612 613@example 614 <cpu mode='host-passthrough'/> 615@end example 616 617With feature customization: 618 619@example 620 <cpu mode='host-passthrough'> 621 <feature name="vmx" policy="disable"/> 622 ... 623 </cpu> 624@end example 625 626@item Host model 627 628@example 629 <cpu mode='host-model'/> 630@end example 631 632With feature customization: 633 634@example 635 <cpu mode='host-model'> 636 <feature name="vmx" policy="disable"/> 637 ... 638 </cpu> 639@end example 640 641@item Named model 642 643@example 644 <cpu mode='custom'> 645 <model name="Westmere"/> 646 </cpu> 647@end example 648 649With feature customization: 650 651@example 652 <cpu mode='custom'> 653 <model name="Westmere"/> 654 <feature name="pcid" policy="require"/> 655 ... 656 </cpu> 657@end example 658 659@end table 660 661@c man end 662 663@ignore 664 665@setfilename qemu-cpu-models 666@settitle QEMU / KVM CPU model configuration 667 668@c man begin SEEALSO 669The HTML documentation of QEMU for more precise information and Linux 670user mode emulator invocation. 671@c man end 672 673@c man begin AUTHOR 674Daniel P. Berrange 675@c man end 676 677@end ignore 678