From: Daniel Berrange <1788665@bugs.launchpad.net>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [Bug 1788665] Re: Low 2D graphics performance with Windows 10 (1803) VGA passthrough VM using "Spectre" protection
Date: Fri, 24 Aug 2018 17:11:12 -0000 [thread overview]
Message-ID: <153513067304.12274.16891085269120620268.malone@soybean.canonical.com> (raw)
In-Reply-To: 153504502595.30588.13203676939349086206.malonedeb@soybean.canonical.com
You're mis-understanding how microcode works a little. Microcode is
loaded into physical CPUs in the host. This affects everything that runs
on these CPUs thereafter. A KVM guest is merely a process running on the
host CPUs, so it is affected by the updated microcode. There is no
notion of the virtual CPUs having a different microcode.
The doc you pointed to above
https://docs.microsoft.com/en-us/virtualization/hyper-v-on-
windows/CVE-2017-5715-and-hyper-v-vms
indicates that you must install the microcode in the host, which enables
new CPUs features. These features should then be exposed to the guest.
You say you've installed the microcode which is good, but did you also
update the kernel ?
Host kernel updates were required in order for KVM to be able to expose
the new features from the microcode, to the guest. Essentially if your
guest kernel shows "pti ssbd ibrs ibpb stibp" features as present,
then thanks to your "-cpu host" usage, the guest should see them too.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1788665
Title:
Low 2D graphics performance with Windows 10 (1803) VGA passthrough VM
using "Spectre" protection
Status in QEMU:
New
Bug description:
Windows 10 (1803) VM using VGA passthrough via qemu script.
After upgrading Windows 10 Pro VM to version 1803, or possibly after
applying the March/April security updates from Microsoft, the VM would
show low 2D graphics performance (sluggishness in 2D applications and
low Passmark results).
Turning off Spectre vulnerability protection in Windows remedies the
issue.
Expected behavior:
qemu/kvm hypervisor to expose firmware capabilities of host to guest OS - see https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/CVE-2017-5715-and-hyper-v-vms
Background:
Starting in March or April Microsoft began to push driver updates in
their updates / security updates. See https://support.microsoft.com
/en-us/help/4073757/protect-your-windows-devices-against-spectre-
meltdown
One update concerns the Intel microcode - see
https://support.microsoft.com/en-us/help/4100347. It is activated by
default within Windows.
Once the updates are applied within the Windows guest, 2D graphics
performance drops significantly. Other performance benchmarks are not
affected.
A bare metal Windows installation does not display a performance loss
after the update. See https://heiko-sieger.info/low-2d-graphics-
benchmark-with-windows-10-1803-kvm-vm/
Similar reports can be found here:
https://www.reddit.com/r/VFIO/comments/97unx4/passmark_lousy_2d_graphics_performance_on_windows/
Hardware:
6 core Intel Core i7-3930K (-MT-MCP-)
Host OS:
Linux Mint 19/Ubuntu 18.04
Kernel: 4.15.0-32-generic x86_64
Qemu: QEMU emulator version 2.11.1
Intel microcode (host): 0x714
dmesg | grep microcode
[ 0.000000] microcode: microcode updated early to revision 0x714, date = 2018-05-08
[ 2.810683] microcode: sig=0x206d7, pf=0x4, revision=0x714
[ 2.813340] microcode: Microcode Update Driver: v2.2.
Note: I manually updated the Intel microcode on the host from 0x713 to
0x714. However, both microcode versions produce the same result in the
Windows guest.
Guest OS:
Windows 10 Pro 64 bit, release 1803
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1788665/+subscriptions
next prev parent reply other threads:[~2018-08-24 17:28 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-23 17:23 [Qemu-devel] [Bug 1788665] [NEW] Low 2D graphics performance with Windows 10 (1803) VGA passthrough VM using "Spectre" protection Heiko Sieger
2018-08-24 8:16 ` [Qemu-devel] [Bug 1788665] " Daniel Berrange
2018-08-24 16:47 ` Heiko Sieger
2018-08-24 17:11 ` Daniel Berrange [this message]
2018-08-24 21:43 ` Heiko Sieger
2018-08-25 15:20 ` Heiko Sieger
2018-08-25 15:27 ` Heiko Sieger
2018-08-28 16:07 ` Daniel Berrange
2018-08-28 17:20 ` Heiko Sieger
2018-08-30 10:40 ` Heiko Sieger
2018-08-30 11:08 ` Heiko Sieger
2018-08-30 11:53 ` Daniel Berrange
2018-08-30 15:21 ` Heiko Sieger
2018-08-30 16:11 ` Daniel Berrange
2018-08-30 20:21 ` Heiko Sieger
2018-08-31 9:45 ` Dr. David Alan Gilbert
2018-09-05 6:12 ` Heiko Sieger
2018-09-05 10:21 ` Dr. David Alan Gilbert
2018-09-05 20:01 ` Heiko Sieger
2018-09-11 18:56 ` George Amanakis
2018-09-14 17:27 ` George Amanakis
2018-09-14 17:42 ` Dr. David Alan Gilbert
2018-09-14 20:02 ` George Amanakis
2020-11-12 18:24 ` Thomas Huth
2020-11-19 20:23 ` Heiko Sieger
2021-01-21 18:18 ` Thomas Huth
2021-01-22 4:17 ` Launchpad Bug Tracker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=153513067304.12274.16891085269120620268.malone@soybean.canonical.com \
--to=1788665@bugs.launchpad.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.