Comment # 10 on bug 1174374 from 
Did a further research, the default of cap-ccf-assist is off but changed by
below commit in qemu-5.0.

===============
commit 37965dfe4dffa3ac49438337417608e7f346b58a
Author: David Gibson <david@gibson.dropbear.id.au>
Date:   Thu Jan 30 10:28:56 2020 +1100

    spapr: Enable DD2.3 accelerated count cache flush in pseries-5.0 machine

    For POWER9 DD2.2 cpus, the best current Spectre v2 indirect branch
    mitigation is "count cache disabled", which is configured with:
        -machine cap-ibs=fixed-ccd
    However, this option isn't available on DD2.3 CPUs with KVM, because they
    don't have the count cache disabled.



+        uint8_t kvm_ibs = kvmppc_get_cap_safe_indirect_branch();
+
+        if (kvm_ibs == SPAPR_CAP_FIXED_CCD) {
+            /*
+             * If we don't have CCF assist on the host, the assist
+             * instruction is a harmless no-op.  It won't correctly
+             * implement the cache count flush *but* if we have
+             * count-cache-disabled in the host, that flush is
+             * unnnecessary.  So, specifically allow this case.  This
+             * allows us to have better performance on POWER9 DD2.3,
+             * while still working on POWER9 DD2.2 and POWER8 host
+             * cpus.
+             */
+            return;
+        }
         error_setg(errp,
 "Requested count cache flush assist capability level not supported by kvm,"
                    " try appending -machine cap-ccf-assist=off");
     }

According to above code, it seems KVM host does not support
count-cache-disabled. Because cap-ccf-assist will be recongnized as a no-op if
it supports.
You may need to update host firmware to support it.

You are receiving this mail because: