On Fri, Apr 28 2023, Cornelia Huck <cohuck@xxxxxxxxxx> wrote: > Another open problem is mte vs mte3: tcg emulates mte3, kvm gives the guest > whatever the host supports. Without migration support, this is not too much > of a problem yet, but for compatibility handling, we'll need a way to keep > QEMU from handing out mte3 for guests that might be migrated to a mte3-less > host. We could tack this unto the mte property (specifying the version or > max supported), or we could handle this via cpu properties if we go with > handling compatibility via cpu models (sorting this out for kvm is probably > going to be interesting in general.) In any case, I think we'll need a way > to inform kvm of it. Before I start to figure out the initialization breakage, I think it might be worth pointing to this open issue again. As Andrea mentioned in https://listman.redhat.com/archives/libvir-list/2023-May/239926.html, libvirt wants to provide a stable guest ABI, not only in the context of migration compatibility (which we can handwave away via the migration blocker.) The part I'm mostly missing right now is how to tell KVM to not present mte3 to a guest while running on a mte3 capable host (i.e. the KVM interface for that; it's more a case of "we don't have it right now", though.) I'd expect it to be on the cpu level, rather than on the vm level, but it's not there yet; we also probably want something that's not fighting whatever tcg (or other accels) end up doing. I see several options here: - Continue to ignore mte3 and its implications for now. The big risk is that someone might end up implementing support for MTE in libvirt again, with the same stable guest ABI issues as for this version. - Add a "version" qualifier to the mte machine prop (probably with semantics similar to the gic stuff), with the default working with tcg as it does right now (i.e. defaulting to mte3). KVM would only support "no mte" or "same as host" (with no stable guest ABI guarantees) for now. I'm not sure how hairy this might get if we end up with a per-cpu configuration of mte (and other features) with kvm. - Add cpu properties for mte and mte3. I think we've been there before :) It would likely match any KVM infrastructure well, but we gain interactions with the machine property. Also, there's a lot in the whole CPU model area that need proper figuring out first... if we go that route, we won't be able to add MTE support with KVM anytime soon, I fear. The second option might be the most promising, except for potential future headaches; but a lot depends on where we want to be going with cpu models for KVM in general.
