diff --git a/pve-admin-guide.adoc b/pve-admin-guide.adoc index eaa2609..5bac3d6 100644 --- a/pve-admin-guide.adoc +++ b/pve-admin-guide.adoc @@ -319,6 +319,15 @@ include::calendar-events.adoc[] :leveloffset: 0 +[appendix] +QEMU vCPU List +-------------- + +:leveloffset: 1 +include::qm-vcpu-list.adoc[] + +:leveloffset: 0 + [appendix] Firewall Macro Definitions -------------------------- diff --git a/qm-vcpu-list.adoc b/qm-vcpu-list.adoc new file mode 100644 index 0000000..2aa1bfd --- /dev/null +++ b/qm-vcpu-list.adoc @@ -0,0 +1,108 @@ +[[chapter_qm_vcpu_list]] +Introduction +------------- + +This is a list of AMD and Intel x86-64/amd64 CPU types as defined in QEMU, +going back to 2007. + +Intel CPU Types +--------------- + +https://en.wikipedia.org/wiki/List_of_Intel_Xeon_processors[Intel processors] + +* 'Nahelem' : https://en.wikipedia.org/wiki/Nehalem_(microarchitecture)[1st generation of the Intel Core processor] ++ +* 'Nahelem-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') ++ +* 'Westmere' : https://en.wikipedia.org/wiki/Westmere_(microarchitecture)[1st generation of the Intel Core processor (Xeon E7-)] ++ +* 'Westmere-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') ++ +* 'SandyBridge' : https://en.wikipedia.org/wiki/Sandy_Bridge[2nd generation of the Intel Core processor] ++ +* 'SandyBridge-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') ++ +* 'IvyBridge' : https://en.wikipedia.org/wiki/Ivy_Bridge_(microarchitecture)[3rd generation of the Intel Core processor] ++ +* 'IvyBridge-IBRS (v2)': add Spectre v1 protection ('+spec-ctrl') ++ +* 'Haswell' : https://en.wikipedia.org/wiki/Haswell_(microarchitecture)[4th generation of the Intel Core processor] ++ +* 'Haswell-noTSX (v2)' : disable TSX ('-hle', '-rtm') ++ +* 'Haswell-IBRS (v3)' : re-add TSX, add Spectre v1 protection ('+hle', '+rtm', +'+spec-ctrl') ++ +* 'Haswell-noTSX-IBRS (v4)' : disable TSX ('-hle', '-rtm') ++ +* 'Broadwell': https://en.wikipedia.org/wiki/Broadwell_(microarchitecture)[5th generation of the Intel Core processor] ++ +* 'Skylake': https://en.wikipedia.org/wiki/Skylake_(microarchitecture)[1st generation Xeon Scalable server processors] ++ +* 'Skylake-IBRS (v2)' : add Spectre v1 protection, disable CLFLUSHOPT +('+spec-ctrl', '-clflushopt') ++ +* 'Skylake-noTSX-IBRS (v3)' : disable TSX ('-hle', '-rtm') ++ +* 'Skylake-v4': add EPT switching ('+vmx-eptp-switching') ++ +* 'Cascadelake': https://en.wikipedia.org/wiki/Cascade_Lake_(microprocessor)[2nd generation Xeon Scalable processor] ++ +* 'Cascadelake-v2' : add arch_capabilities msr ('+arch-capabilities', +'+rdctl-no', '+ibrs-all', '+skip-l1dfl-vmentry', '+mds-no') ++ +* 'Cascadelake-v3' : disable TSX ('-hle', '-rtm') ++ +* 'Cascadelake-v4' : add EPT switching ('+vmx-eptp-switching') ++ +* 'Cascadelake-v5' : add XSAVES ('+xsaves', '+vmx-xsaves') ++ +* 'Cooperlake' : https://en.wikipedia.org/wiki/Cooper_Lake_(microprocessor)[3rd generation Xeon Scalable processors for 4 & 8 sockets servers] ++ +* 'Cooperlake-v2' : add XSAVES ('+xsaves', '+vmx-xsaves') ++ +* 'Icelake': https://en.wikipedia.org/wiki/Ice_Lake_(microprocessor)[3rd generation Xeon Scalable server processors] ++ +* 'Icelake-v2' : disable TSX ('-hle', '-rtm') ++ +* 'Icelake-v3' : add arch_capabilities msr ('+arch-capabilities', '+rdctl-no', +'+ibrs-all', '+skip-l1dfl-vmentry', '+mds-no', '+pschange-mc-no', '+taa-no') ++ +* 'Icelake-v4' : add missing flags ('+sha-ni', '+avx512ifma', '+rdpid', '+fsrm', +'+vmx-rdseed-exit', '+vmx-pml', '+vmx-eptp-switching') ++ +* 'Icelake-v5' : add XSAVES ('+xsaves', '+vmx-xsaves') ++ +* 'Icelake-v6' : add "5-level EPT" ('+vmx-page-walk-5') ++ +* 'SapphireRapids' : https://en.wikipedia.org/wiki/Sapphire_Rapids[4th generation Xeon Scalable server processors] + + +AMD CPU Types +------------- + +https://en.wikipedia.org/wiki/List_of_AMD_processors[AMD processors] + +* 'Opteron_G3' : https://en.wikipedia.org/wiki/AMD_10h[K10] ++ +* 'Opteron_G4' : https://en.wikipedia.org/wiki/Bulldozer_(microarchitecture)[Bulldozer] ++ +* 'Opteron_G5' : https://en.wikipedia.org/wiki/Piledriver_(microarchitecture)[Piledriver] ++ +* 'EPYC' : https://en.wikipedia.org/wiki/Zen_(first_generation)[1st generation of Zen processors] ++ +* 'EPYC-IBPB (v2)' : add Spectre v1 protection ('+ibpb') ++ +* 'EPYC-v3' : add missing flags ('+perfctr-core', '+clzero', '+xsaveerptr', +'+xsaves') ++ +* 'EPYC-Rome' : https://en.wikipedia.org/wiki/Zen_2[2nd generation of Zen processors] ++ +* 'EPYC-Rome-v2' : add Spectre v2, v4 protection ('+ibrs', '+amd-ssbd') ++ +* 'EPYC-Milan' : https://en.wikipedia.org/wiki/Zen_3[3rd generation of Zen processors] ++ +* 'EPYC-Milan-v2' : add missing flags ('+vaes', '+vpclmulqdq', +'+stibp-always-on', '+amd-psfd', '+no-nested-data-bp', +'+lfence-always-serializing', '+null-sel-clr-base') + diff --git a/qm.adoc b/qm.adoc index e35dbf0..3894048 100644 --- a/qm.adoc +++ b/qm.adoc @@ -388,7 +388,7 @@ cluster, choose the lowest compatible virtual QEMU CPU type. NOTE: Live migrations between Intel and AMD host CPUs have no guarantee to work. See also -xref:qm_amd_intel_cpu_types_list[List of AMD and Intel CPU Types as Defined in QEMU]. +xref:chapter_qm_vcpu_list[List of AMD and Intel CPU Types as Defined in QEMU]. QEMU CPU Types ^^^^^^^^^^^^^^ @@ -1823,111 +1823,6 @@ remove such a lock manually (for example after a power failure). CAUTION: Only do that if you are sure the action which set the lock is no longer running. -[[qm_amd_intel_cpu_types_list]] -Appendix: List of AMD and Intel CPU Types as Defined in QEMU ------------------------------------------------------------- - -Intel CPU Types Since 2007 as Defined in QEMU -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -https://en.wikipedia.org/wiki/List_of_Intel_Xeon_processors[Intel processors] - -* 'Nahelem' : https://en.wikipedia.org/wiki/Nehalem_(microarchitecture)[1st generation of the Intel Core processor] -+ -* 'Nahelem-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') -+ -* 'Westmere' : https://en.wikipedia.org/wiki/Westmere_(microarchitecture)[1st generation of the Intel Core processor (Xeon E7-)] -+ -* 'Westmere-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') -+ -* 'SandyBridge' : https://en.wikipedia.org/wiki/Sandy_Bridge[2nd generation of the Intel Core processor] -+ -* 'SandyBridge-IBRS (v2)' : add Spectre v1 protection ('+spec-ctrl') -+ -* 'IvyBridge' : https://en.wikipedia.org/wiki/Ivy_Bridge_(microarchitecture)[3rd generation of the Intel Core processor] -+ -* 'IvyBridge-IBRS (v2)': add Spectre v1 protection ('+spec-ctrl') -+ -* 'Haswell' : https://en.wikipedia.org/wiki/Haswell_(microarchitecture)[4th generation of the Intel Core processor] -+ -* 'Haswell-noTSX (v2)' : disable TSX ('-hle', '-rtm') -+ -* 'Haswell-IBRS (v3)' : re-add TSX, add Spectre v1 protection ('+hle', '+rtm', -'+spec-ctrl') -+ -* 'Haswell-noTSX-IBRS (v4)' : disable TSX ('-hle', '-rtm') -+ -* 'Broadwell': https://en.wikipedia.org/wiki/Broadwell_(microarchitecture)[5th generation of the Intel Core processor] -+ -* 'Skylake': https://en.wikipedia.org/wiki/Skylake_(microarchitecture)[1st generation Xeon Scalable server processors] -+ -* 'Skylake-IBRS (v2)' : add Spectre v1 protection, disable CLFLUSHOPT -('+spec-ctrl', '-clflushopt') -+ -* 'Skylake-noTSX-IBRS (v3)' : disable TSX ('-hle', '-rtm') -+ -* 'Skylake-v4': add EPT switching ('+vmx-eptp-switching') -+ -* 'Cascadelake': https://en.wikipedia.org/wiki/Cascade_Lake_(microprocessor)[2nd generation Xeon Scalable processor] -+ -* 'Cascadelake-v2' : add arch_capabilities msr ('+arch-capabilities', -'+rdctl-no', '+ibrs-all', '+skip-l1dfl-vmentry', '+mds-no') -+ -* 'Cascadelake-v3' : disable TSX ('-hle', '-rtm') -+ -* 'Cascadelake-v4' : add EPT switching ('+vmx-eptp-switching') -+ -* 'Cascadelake-v5' : add XSAVES ('+xsaves', '+vmx-xsaves') -+ -* 'Cooperlake' : https://en.wikipedia.org/wiki/Cooper_Lake_(microprocessor)[3rd generation Xeon Scalable processors for 4 & 8 sockets servers] -+ -* 'Cooperlake-v2' : add XSAVES ('+xsaves', '+vmx-xsaves') -+ -* 'Icelake': https://en.wikipedia.org/wiki/Ice_Lake_(microprocessor)[3rd generation Xeon Scalable server processors] -+ -* 'Icelake-v2' : disable TSX ('-hle', '-rtm') -+ -* 'Icelake-v3' : add arch_capabilities msr ('+arch-capabilities', '+rdctl-no', -'+ibrs-all', '+skip-l1dfl-vmentry', '+mds-no', '+pschange-mc-no', '+taa-no') -+ -* 'Icelake-v4' : add missing flags ('+sha-ni', '+avx512ifma', '+rdpid', '+fsrm', -'+vmx-rdseed-exit', '+vmx-pml', '+vmx-eptp-switching') -+ -* 'Icelake-v5' : add XSAVES ('+xsaves', '+vmx-xsaves') -+ -* 'Icelake-v6' : add "5-level EPT" ('+vmx-page-walk-5') -+ -* 'SapphireRapids' : https://en.wikipedia.org/wiki/Sapphire_Rapids[4th generation Xeon Scalable server processors] - - -AMD CPU Types Since 2007 as Defined in QEMU -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -https://en.wikipedia.org/wiki/List_of_AMD_processors[AMD processors] - -* 'Opteron_G3' : https://en.wikipedia.org/wiki/AMD_10h[K10] -+ -* 'Opteron_G4' : https://en.wikipedia.org/wiki/Bulldozer_(microarchitecture)[Bulldozer] -+ -* 'Opteron_G5' : https://en.wikipedia.org/wiki/Piledriver_(microarchitecture)[Piledriver] -+ -* 'EPYC' : https://en.wikipedia.org/wiki/Zen_(first_generation)[1st generation of Zen processors] -+ -* 'EPYC-IBPB (v2)' : add Spectre v1 protection ('+ibpb') -+ -* 'EPYC-v3' : add missing flags ('+perfctr-core', '+clzero', '+xsaveerptr', -'+xsaves') -+ -* 'EPYC-Rome' : https://en.wikipedia.org/wiki/Zen_2[2nd generation of Zen processors] -+ -* 'EPYC-Rome-v2' : add Spectre v2, v4 protection ('+ibrs', '+amd-ssbd') -+ -* 'EPYC-Milan' : https://en.wikipedia.org/wiki/Zen_3[3rd generation of Zen processors] -+ -* 'EPYC-Milan-v2' : add missing flags ('+vaes', '+vpclmulqdq', -'+stibp-always-on', '+amd-psfd', '+no-nested-data-bp', -'+lfence-always-serializing', '+null-sel-clr-base') - ifdef::wiki[] See Also