On 15/07/2024 9:16 am, Jan Beulich wrote: > On 15.07.2024 09:38, Fonyuy-Asheri Caleb wrote: >>> Perhaps the more important question, are you booting the skylake with >>> cpuid=no-avx on the command line by any chance? >> No. I didn't boot any of the machines with any cpuid modification >> whatsoever. > Yet is there perhaps "Mitigating GDS by disabling AVX" in the boot log of > the hypervisor (which sadly so far you didn't supply anywhere afaics)?
Oh - good point. I'd completely forgotten about that. If you've got out-of-date microcode (specifically microcode prior to 2023-08-08), then yes, Xen will disable AVX by default to mitigate CVE-2022-40982 / "Gather Data Sampling", and the symptoms would look exactly like this. ~Andrew
