[pve-devel] [PATCH-SERIES v5 qemu-server/manager] add and set x86-64-v2-AES as default model for new vms

Alexandre Derumier aderumier at odiso.com
Tue Jun 6 17:04:37 CEST 2023


we used kvm64 as default cpumodel since the begin of proxmox. (basically, it's like a pentium4 cpu flags).

New distros like rhel9 are compiled to use more modern cpu flags.
(and windows already use new flags since year, and we already add some extra cpu flags)

In 2020, AMD, Intel, Red Hat, and SUSE worked together to define
three microarchitecture levels on top of the historical x86-64

  * x86-64-v1: original x86_64 baseline instruction set
  * x86-64-v2: vector instructions up to Streaming SIMD
               Extensions 4.2 (SSE4.2)  and Supplemental
               Streaming SIMD Extensions 3 (SSSE3), the
               POPCNT instruction, and CMPXCHG16B
  * x86-64-v3: vector instructions up to AVX2, MOVBE,
               and additional bit-manipulation instructions.
  * x86-64-v4: vector instructions from some of the
               AVX-512 variants.


This patch series add new models inspired from a patch was found on qemu mailing, but never appplied


In addition to theses model, I have enabled aes too.
I think it's really important, because a lot of users use default values and have
bad performance with ssl and other crypto stuffs.

This was discussed on the qemu mailing

Crypto accelerator caveats

Similarly I'm not a huge fan of leaving out the "aes"
instruction for accelerated crypto, as missing "aes" is
also one of the key factors in making qemu64 a bad choice.

If we include 'aes' in x86-64-v2, then we loose support
for Nehalem hosts.

If we include 'aes' in x86-64-v3 then we further loose
support for Dhyana hosts (an EPYC derived CPU).

Nahelemn is a 2008 cpu, so I think it's ok, we are in 2013 ;)
(and user can disable aes flag in gui too)

Dhyana is a chinese fork of epyc, so we don't support the vendor

I still think than enable aes by default is really the more easy,
but for x86-64-v2, just do 1 model without aes (for nehalem), and a
model with aes.

Like this, users don't need to play manually with flags.

This patch series add new models, and set x86-64-v2-AES model as default in pve-manager
wizard only.
(to not break current vm, where kvm64 is the default when cputype is not defined
in configuration)

Here the new builtin models:

x86-64-v1 : not implemented, as it's basicaly qemu64|kvm64 -vme,-cx16 for compat Opteron_G1 from 2004
            so will use it as qemu64|kvm64 is higher are not working on opteron_g1 anyway

x86-64-v2 : Derived from qemu, +popcnt;+pni;+sse4.1;+sse4.2;+ssse3

min intel: Nehalem
min amd : Opteron_G3

x86-64-v2-AES : Derived from qemu, +aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3

min intel: Westmere
min amd : Opteron_G3

x86-64-v3 : Derived from qemu64 +aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3;+avx;+avx2;+bmi1;+bmi2;+f16c;+fma;+abm;+movbe

min intel: Haswell
min amd : EPYC_v1

x86-64-v4 : Derived from qemu64 +aes;+popcnt;+pni;+sse4.1;+sse4.2;+ssse3;+avx;+avx2;+bmi1;+bmi2;+f16c;+fma;+abm;+movbe;+avx512f;+avx512bw;+avx512cd;+avx512dq;+avx512vl

min intel: Skylake
min amd : EPYC_v4

changelog v4:
 - remove patches for best cpu detection (maybe do a standalone tool later)
 - use qemu64 as base model and add extra flags
 - add x64-64-v2-AES (default)
 - remove x64-64-v1
 - add x64-64-v4
 - fix fiona comments

changelog v5:
 - fix fiona comments


Alexandre Derumier (1):
  cpuconfig: add new x86-64-vX models

 PVE/QemuServer/CPUConfig.pm | 48 +++++++++++++++++++++++++++++++++----
 1 file changed, 43 insertions(+), 5 deletions(-)


Alexandre Derumier (1):
  qemu: processor : set x86-64-v2-AES as default cputype for create

 www/manager6/qemu/OSDefaults.js | 1 +
 www/manager6/qemu/OSTypeEdit.js | 1 +
 2 files changed, 2 insertions(+)


More information about the pve-devel mailing list