After CVE-2019-11477 and a few other CVEs broke out, Linux kernel released 5.1.11 to address the vulnerabilities. My VM host machine is constantly running on the latest kernel (provided by ELRepo).
When I reboot into the new kernel and want to start one of my KVM boxes, this error appears:
Host CPU does not provide required features: spec-ctrl
After a bit of Googling, I understand this is related to kernel updates, the guest CPU model name of the VM’s XML setting does not match. The resolution is very quick also.
Find out what model your host machine is:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| virsh capabilities | |
| <capabilities> | |
| <host> | |
| <uuid>161bf4fa-b9d9-e011-8919-505054503030</uuid> | |
| <cpu> | |
| <arch>x86_64</arch> | |
| <model>IvyBridge</model> | |
| … # skipped |
My model is IvyBridge
Edit the VM’s XML configuration
virsh edit --domain vm1
The model of the VM is IvyBridge-IBRS, so I deleted the -IBRS part.
Start VM
virsh start vm1
Done!