diff options
author | Pavel Hrdina <phrdina@redhat.com> | 2019-03-29 10:22:08 +0100 |
---|---|---|
committer | Pavel Hrdina <phrdina@redhat.com> | 2019-04-04 11:49:29 +0200 |
commit | 29f815fbd23082dff79d2d716e32a644b5a15d4a (patch) | |
tree | afcf8e2ea9f55eb35abee3dd02cc0129c8aff787 /tests/cli-test-xml/compare/virt-install-singleton-config-2.xml | |
parent | c6b5f22fa61d87557b5fab23be080073d2f7906e (diff) | |
download | virt-manager-29f815fbd23082dff79d2d716e32a644b5a15d4a.tar.gz |
domcapabilities: remove recommended CPU features from security features
These features are only recommended to be enabled since they improve
performance of the VMs if security features are enabled.
pcid is a very useful perf feature, but missing in some silicon
so not portable.
pdpe1gb lets the guest use 1 GB pages which is good for perf
but again not all silicon can do it.
amd-ssbd is a security feature which fixes the same SSBD flaws as the
virt-ssbd feature does. virt-ssbd is usable across all CPU models
affected by SSBD, while amd-ssbd is only available in very new silicon.
So virt-ssbd is the bette rchoice.
amd-no-ssb just indicates that the CPU is not affected by SSBD, so not
critical to expose. I expect a future named CPU model will include that
where appropriate.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'tests/cli-test-xml/compare/virt-install-singleton-config-2.xml')
-rw-r--r-- | tests/cli-test-xml/compare/virt-install-singleton-config-2.xml | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml index 0bc36089..08f9cbb7 100644 --- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml @@ -94,8 +94,6 @@ <model>foobar</model> <vendor>meee</vendor> <topology sockets="2" cores="2" threads="2"/> - <feature policy="require" name="pcid"/> - <feature policy="require" name="pdpe1gb"/> <feature policy="force" name="x2apic"/> <feature policy="force" name="x2apicagain"/> <feature policy="require" name="reqtest"/> @@ -291,8 +289,6 @@ <model>foobar</model> <vendor>meee</vendor> <topology sockets="2" cores="2" threads="2"/> - <feature policy="require" name="pcid"/> - <feature policy="require" name="pdpe1gb"/> <feature policy="force" name="x2apic"/> <feature policy="force" name="x2apicagain"/> <feature policy="require" name="reqtest"/> |