<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 6/15/20 5:40 PM, Stephen John
Smoogen wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CANnLRdj9PtyoScPn=mQain1o3P=b9Sefdo4K2L3dxkHuDBr0Dw@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, 15 Jun 2020 at
09:42, Manuel Wolfshant <<a
href="mailto:wolfy@nobugconsulting.ro"
moz-do-not-send="true">wolfy@nobugconsulting.ro</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<div>On 6/15/20 2:46 PM, Stephen John Smoogen wrote:<br>
</div>
<br>
I got inspired by Adi's earlier suggestion and after
reading <a
href="https://access.redhat.com/articles/3311301"
target="_blank" moz-do-not-send="true">https://access.redhat.com/articles/3311301</a>
I've tried today all variants of disabling the spectre
mitigations. Whatever I do, immediately after a reboot,
yum reinstall kernel does not take less than 5 minutes :(
It goes down to 2 min if I repeat the operation afterwards
so I guess some caching kicks in. I will try later today
the kernels from elrepo and maybe even <a
href="http://xen.crc.id.au" target="_blank"
moz-do-not-send="true">xen.crc.id.au</a> ( I kind of
hate the "disable selinux" recommendation from the install
page so I postponed it in the hope of other solution ).<br>
<br>
</div>
<br>
</blockquote>
<div><br>
</div>
<div>If you can do a full reinstall, could you see if a KVM
host/guest combo has the same problem? That would at least
point the finger more firmly at VT, spectre or something
else. </div>
</div>
<br clear="all">
<div><br>
</div>
</div>
</blockquote>
<br>
<p>I finally managed to install a fresh KVM host / guest pair on an
identical blade ( HS21XM, 64 GB ram, 2*E5450@ 3.00GHz ). Here are
the results I see:</p>
<p><br>
</p>
1. KVM host, stock instalation and fully updated, kernel
3.10.0-1127.10.1<br>
#cd /sys/kernel/debug/x86/<br>
#cat ibrs_enabled pti_enabled retp_enabled<br>
0<br>
1<br>
1<br>
<br>
#time yum -y reinstall kernel-3.10.0-1127.el7.x86_64<br>
real 0m50.026s<br>
user 0m32.872s<br>
sys 0m23.312s<br>
<p><br>
</p>
<p>2. KVM guest on the same machine (virt-install --name
guest1-rhel7 --memory 2048 --vcpus 2 --disk size=20
--network=bridge:br0 --pxe --os-variant rhel7 <=== copy/paste
from
<a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_installation_overview-creating_guests_with_virt_install">https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_installation_overview-creating_guests_with_virt_install</a>
), stock installation and fully updated with absolutely no change
towards the defaults including same ibrs_enabled pti_enabled
retp_enabled as the host, , kernel 3.10.0-1127.10.1 </p>
<br>
#time yum -y reinstall kernel-3.10.0-1127.el7.x86_64<br>
real 2m39.644s<br>
user 1m54.662s<br>
sys 1m32.496s<br>
<p><br>
</p>
<p>3. Xen Domu, 3.10.0-1127.8.2.el7.x86_6 ( but results are
consistent across all kernels ) <br>
</p>
<p># cat ibrs_enabled pti_enabled retp_enabled<br>
0<br>
0<br>
0<br>
</p>
<p># time yum -y reinstall kernel-3.10.0-1127.el7.x86_64<br>
real 5m44.030s<br>
user 2m9.931s<br>
sys 4m7.771s<br>
</p>
<p><br>
</p>
<p>4. Dom0, 4.9.215-36.el7.x86_64, , xen 4.12 from centos' repo</p>
<p># time yum -y reinstall kernel-3.10.0-1127.el7.x86_64<br>
real 1m52.417s<br>
user 0m45.704s<br>
sys 1m32.167s<br>
<br>
</p>
</body>
</html>