Hello community, here is the log from the commit of package qemu for openSUSE:Factory checked in at 2017-08-24 18:22:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/qemu (Old) and /work/SRC/openSUSE:Factory/.qemu.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu" Thu Aug 24 18:22:04 2017 rev:125 rq:517607 version:2.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2017-06-28 10:35:07.373253436 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-linux-user.changes 2017-08-24 18:22:13.072488620 +0200 @@ -1,0 +2,34 @@ +Tue Aug 15 19:29:59 UTC 2017 - [email protected] + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 +* Patches added: + 0073-xen-mapcache-store-dma-information-.patch + 0074-exec-Add-lock-parameter-to-qemu_ram.patch + +------------------------------------------------------------------- +Tue Jul 25 19:36:58 UTC 2017 - [email protected] + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 +* Patches added: + 0069-qemu-nbd-Ignore-SIGPIPE.patch + 0070-usb-redir-fix-stack-overflow-in-usb.patch + 0071-exec-use-qemu_ram_ptr_length-to-acc.patch + 0072-slirp-check-len-against-dhcp-option.patch + +------------------------------------------------------------------- +Tue Jul 18 19:51:49 UTC 2017 - [email protected] + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 +* Patches added: + 0067-xhci-only-update-dequeue-ptr-on-com.patch + 0068-vnc-Set-default-kbd-delay-to-10ms.patch + +------------------------------------------------------------------- +Mon Jun 26 08:51:24 UTC 2017 - [email protected] + +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 +* Patches added: + 0065-hid-Reset-kbd-modifiers-on-reset.patch + 0066-input-Decrement-queue-count-on-kbd-.patch + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2017-06-28 10:35:07.405248909 +0200 +++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.changes 2017-08-24 18:22:13.108483552 +0200 @@ -1,0 +2,75 @@ +Fri Aug 18 15:35:54 UTC 2017 - [email protected] + +- Postrequire acl for setfacl + +------------------------------------------------------------------- +Wed Aug 16 10:52:58 UTC 2017 - [email protected] + +- Prerequire shadow for groupadd + +------------------------------------------------------------------- +Tue Aug 15 19:30:11 UTC 2017 - [email protected] + +- The recent security fix for CVE-2017-11334 adversely affects Xen. + Include two additional patches to make sure Xen is going to be OK. + 0073-xen-mapcache-store-dma-information-.patch + 0074-exec-Add-lock-parameter-to-qemu_ram.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 + +------------------------------------------------------------------- +Wed Aug 9 12:54:23 UTC 2017 - [email protected] + +- Pre-add group kvm for qemu-tools (bsc#1011144) + +------------------------------------------------------------------- +Mon Aug 7 17:11:59 UTC 2017 - [email protected] + +- Fixed a few more inaccuracies in the support docs. + +------------------------------------------------------------------- +Tue Jul 25 19:36:55 UTC 2017 - [email protected] + +- Address various security/stability issues +* Fix DOS vulnerability in qemu-nbd (bsc#1046636 CVE-2017-10664) + 0069-qemu-nbd-Ignore-SIGPIPE.patch +* Fix DOS from stack overflow in debug messages of usb redirection + support (bsc#1047674 CVE-2017-10806) + 0070-usb-redir-fix-stack-overflow-in-usb.patch +* Fix OOB access during DMA operation (CVE-2017-11334 bsc#1048902) + 0071-exec-use-qemu_ram_ptr_length-to-acc.patch +* Fix OOB access parsing dhcp slirp options (CVE-2017-11434 bsc#1049381) + 0072-slirp-check-len-against-dhcp-option.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 + +------------------------------------------------------------------- +Tue Jul 25 16:51:20 UTC 2017 - [email protected] + +- Fix support docs to indicate ARM64 is now fully L3 supported in + SLES 12 SP3. Apply a few additional clarifications in the support + docs. (bsc#1050268) +- Adjust to libvdeplug-devel package naming changes. + +------------------------------------------------------------------- +Tue Jul 18 19:51:45 UTC 2017 - [email protected] + +- Fix migration with xhci (bsc#1048296) + 0067-xhci-only-update-dequeue-ptr-on-com.patch +- Increase VNC delay to fix missing keyboard input events (bsc#1031692) + 0068-vnc-Set-default-kbd-delay-to-10ms.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 + +------------------------------------------------------------------- +Thu Jun 29 10:58:13 UTC 2017 - [email protected] + +- Remove build dependency package iasl used for seabios + +------------------------------------------------------------------- +Mon Jun 26 08:51:21 UTC 2017 - [email protected] + +- Fixed stuck state during usb keyboard reset (bsc#1044936) + 0065-hid-Reset-kbd-modifiers-on-reset.patch +- Fixed keyboard events getting lost (bsc#1044936) + 0066-input-Decrement-queue-count-on-kbd-.patch +- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9 + +------------------------------------------------------------------- qemu.changes: same change New: ---- 0065-hid-Reset-kbd-modifiers-on-reset.patch 0066-input-Decrement-queue-count-on-kbd-.patch 0067-xhci-only-update-dequeue-ptr-on-com.patch 0068-vnc-Set-default-kbd-delay-to-10ms.patch 0069-qemu-nbd-Ignore-SIGPIPE.patch 0070-usb-redir-fix-stack-overflow-in-usb.patch 0071-exec-use-qemu_ram_ptr_length-to-acc.patch 0072-slirp-check-len-against-dhcp-option.patch 0073-xen-mapcache-store-dma-information-.patch 0074-exec-Add-lock-parameter-to-qemu_ram.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ qemu-linux-user.spec ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.328030227 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:16.340028538 +0200 @@ -90,6 +90,16 @@ Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch +Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch +Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch +Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch +Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch +Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch +Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch +Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch +Patch0072: 0072-slirp-check-len-against-dhcp-option.patch +Patch0073: 0073-xen-mapcache-store-dma-information-.patch +Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. Source400: update_git.sh @@ -207,6 +217,16 @@ %patch0062 -p1 %patch0063 -p1 %patch0064 -p1 +%patch0065 -p1 +%patch0066 -p1 +%patch0067 -p1 +%patch0068 -p1 +%patch0069 -p1 +%patch0070 -p1 +%patch0071 -p1 +%patch0072 -p1 +%patch0073 -p1 +%patch0074 -p1 %build ./configure \ ++++++ qemu-testsuite.spec ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.396020654 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:16.396020654 +0200 @@ -194,6 +194,16 @@ Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch +Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch +Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch +Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch +Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch +Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch +Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch +Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch +Patch0072: 0072-slirp-check-len-against-dhcp-option.patch +Patch0073: 0073-xen-mapcache-store-dma-information-.patch +Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. @@ -238,9 +248,6 @@ %endif BuildRequires: curl-devel BuildRequires: cyrus-sasl-devel -%if %{build_x86_firmware_from_source} -BuildRequires: iasl -%endif BuildRequires: e2fsprogs-devel BuildRequires: fdupes BuildRequires: gcc-c++ @@ -333,7 +340,11 @@ %if 0%{?suse_version} > 1310 BuildRequires: libusb-1_0-devel %endif +%if 0%{?suse_version} > 1320 +BuildRequires: libvdeplug-devel +%else BuildRequires: libvdeplug3-devel +%endif BuildRequires: lzo-devel %if 0%{?suse_version} > 1220 BuildRequires: makeinfo @@ -403,8 +414,10 @@ %endif %endif Requires(pre): pwdutils +Requires(pre): shadow Requires(post): coreutils %if %{kvm_available} +Requires(post): acl Requires(post): udev %ifarch s390x Requires(post): procps @@ -736,7 +749,8 @@ Summary: Universal CPU emulator -- Tools Group: System/Emulators/PC Provides: qemu:%_libexecdir/qemu-bridge-helper -PreReq: permissions +Requires(pre): permissions +Requires(pre): shadow Recommends: qemu-block-curl %if 0%{?with_rbd} Recommends: qemu-block-rbd @@ -755,6 +769,7 @@ Summary: Universal CPU emulator -- Guest agent Group: System/Emulators/PC Provides: qemu:%_bindir/qemu-ga +Requires(pre): shadow Requires(post): udev %if 0%{?with_systemd} %{?systemd_requires} @@ -909,6 +924,16 @@ %patch0062 -p1 %patch0063 -p1 %patch0064 -p1 +%patch0065 -p1 +%patch0066 -p1 +%patch0067 -p1 +%patch0068 -p1 +%patch0069 -p1 +%patch0070 -p1 +%patch0071 -p1 +%patch0072 -p1 +%patch0073 -p1 +%patch0074 -p1 pushd roms/ipxe %patch1100 -p1 @@ -1356,6 +1381,8 @@ %endif %if 0%{?suse_version} >= 1130 +%pre tools +%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null %post tools %set_permissions %_libexecdir/qemu-bridge-helper ++++++ qemu.spec ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.476009391 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:16.484008265 +0200 @@ -194,6 +194,16 @@ Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch +Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch +Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch +Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch +Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch +Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch +Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch +Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch +Patch0072: 0072-slirp-check-len-against-dhcp-option.patch +Patch0073: 0073-xen-mapcache-store-dma-information-.patch +Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch # Please do not add QEMU patches manually here. # Run update_git.sh to regenerate this queue. @@ -238,9 +248,6 @@ %endif BuildRequires: curl-devel BuildRequires: cyrus-sasl-devel -%if %{build_x86_firmware_from_source} -BuildRequires: iasl -%endif BuildRequires: e2fsprogs-devel BuildRequires: fdupes BuildRequires: gcc-c++ @@ -333,7 +340,11 @@ %if 0%{?suse_version} > 1310 BuildRequires: libusb-1_0-devel %endif +%if 0%{?suse_version} > 1320 +BuildRequires: libvdeplug-devel +%else BuildRequires: libvdeplug3-devel +%endif BuildRequires: lzo-devel %if 0%{?suse_version} > 1220 BuildRequires: makeinfo @@ -403,8 +414,10 @@ %endif %endif Requires(pre): pwdutils +Requires(pre): shadow Requires(post): coreutils %if %{kvm_available} +Requires(post): acl Requires(post): udev %ifarch s390x Requires(post): procps @@ -736,7 +749,8 @@ Summary: Universal CPU emulator -- Tools Group: System/Emulators/PC Provides: qemu:%_libexecdir/qemu-bridge-helper -PreReq: permissions +Requires(pre): permissions +Requires(pre): shadow Recommends: qemu-block-curl %if 0%{?with_rbd} Recommends: qemu-block-rbd @@ -755,6 +769,7 @@ Summary: Universal CPU emulator -- Guest agent Group: System/Emulators/PC Provides: qemu:%_bindir/qemu-ga +Requires(pre): shadow Requires(post): udev %if 0%{?with_systemd} %{?systemd_requires} @@ -909,6 +924,16 @@ %patch0062 -p1 %patch0063 -p1 %patch0064 -p1 +%patch0065 -p1 +%patch0066 -p1 +%patch0067 -p1 +%patch0068 -p1 +%patch0069 -p1 +%patch0070 -p1 +%patch0071 -p1 +%patch0072 -p1 +%patch0073 -p1 +%patch0074 -p1 pushd roms/ipxe %patch1100 -p1 @@ -1356,6 +1381,8 @@ %endif %if 0%{?suse_version} >= 1130 +%pre tools +%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null %post tools %set_permissions %_libexecdir/qemu-bridge-helper ++++++ 0016-vnc-password-file-and-incoming-conn.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.723974477 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:16.723974477 +0200 @@ -83,26 +83,26 @@ static QemuOptsList qemu_vnc_opts = { .name = "vnc", .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), -@@ -3202,6 +3245,9 @@ static QemuOptsList qemu_vnc_opts = { +@@ -3201,6 +3244,9 @@ static QemuOptsList qemu_vnc_opts = { + },{ .name = "connections", .type = QEMU_OPT_NUMBER, - },{ ++ },{ + .name = "allowed-connections", + .type = QEMU_OPT_NUMBER, -+ },{ + },{ .name = "to", .type = QEMU_OPT_NUMBER, +@@ -3213,6 +3259,9 @@ static QemuOptsList qemu_vnc_opts = { },{ -@@ -3214,6 +3260,9 @@ static QemuOptsList qemu_vnc_opts = { .name = "password", .type = QEMU_OPT_BOOL, - },{ ++ },{ + .name = "password-file", + .type = QEMU_OPT_STRING, -+ },{ + },{ .name = "reverse", .type = QEMU_OPT_BOOL, - },{ @@ -3766,6 +3815,7 @@ void vnc_display_open(const char *id, Error **errp) const char *share, *device_id; QemuConsole *con; ++++++ 0042-test-string-input-visitor-Add-int-t.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.899949699 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:16.907948572 +0200 @@ -17,18 +17,18 @@ index 79313a7f7a..e00194a649 100644 --- a/tests/test-string-input-visitor.c +++ b/tests/test-string-input-visitor.c -@@ -58,6 +58,14 @@ static void test_visitor_in_int(TestInputVisitorData *data, - visit_type_int(v, NULL, &res, &err); - g_assert(!err); - g_assert_cmpint(res, ==, value); +@@ -55,6 +55,14 @@ static void test_visitor_in_int(TestInputVisitorData *data, + + v = visitor_input_test_init(data, "-42"); + ++ visit_type_int(v, NULL, &res, &err); ++ g_assert(!err); ++ g_assert_cmpint(res, ==, value); + visitor_input_teardown(data, unused); + + value = INT64_MAX; + v = visitor_input_test_init(data, g_strdup_printf("%" PRId64, value)); + -+ visit_type_int(v, NULL, &res, &err); -+ g_assert(!err); -+ g_assert_cmpint(res, ==, value); - - v = visitor_input_test_init(data, "not an int"); - + visit_type_int(v, NULL, &res, &err); + g_assert(!err); + g_assert_cmpint(res, ==, value); ++++++ 0056-jazz_led-fix-bad-snprintf.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:16.991936746 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.003935057 +0200 @@ -1,4 +1,4 @@ -From 5369a4b1932f7c298ae360789fd182c24e14c569 Mon Sep 17 00:00:00 2001 +From 93971b136370f4d22269a605a2d1d60cb0fa185a Mon Sep 17 00:00:00 2001 From: Paolo Bonzini <[email protected]> Date: Wed, 3 May 2017 12:44:41 +0200 Subject: [PATCH] jazz_led: fix bad snprintf ++++++ 0057-slirp-smb-Replace-constant-strings-.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.011933931 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.015933368 +0200 @@ -1,4 +1,4 @@ -From 94cc81bb7e1655b2b8ce0f1c996877ffb156bfb2 Mon Sep 17 00:00:00 2001 +From 40a4715c9e38f67f30bb22565d7e2b1cc59b7832 Mon Sep 17 00:00:00 2001 From: "Dr. David Alan Gilbert" <[email protected]> Date: Fri, 7 Apr 2017 15:32:54 +0100 Subject: [PATCH] slirp/smb: Replace constant strings by glib string ++++++ 0058-altera_timer-fix-incorrect-memset.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.079924358 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.083923795 +0200 @@ -1,4 +1,4 @@ -From 355047e16c0834b88d7df8ef86efef8b0d3b6adc Mon Sep 17 00:00:00 2001 +From ac31e9efbe92ee16903a446db4faa14f28e8a9b8 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini <[email protected]> Date: Mon, 22 May 2017 17:46:40 -0600 Subject: [PATCH] altera_timer: fix incorrect memset ++++++ 0059-Hacks-for-building-on-gcc-7-Fedora-.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.159913095 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.163912532 +0200 @@ -1,4 +1,4 @@ -From 694037b618e2d331c38c287857da993fdab1f011 Mon Sep 17 00:00:00 2001 +From f73df04319a21d9c40ae7b40614637f2fbd5fa3f Mon Sep 17 00:00:00 2001 From: "Dr. David Alan Gilbert" <[email protected]> Date: Mon, 22 May 2017 17:48:13 -0600 Subject: [PATCH] Hacks for building on gcc 7 / Fedora 26 ++++++ 0060-9pfs-local-fix-unlink-of-alien-file.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.175910842 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.175910842 +0200 @@ -1,4 +1,4 @@ -From 85bc346e1f5d90e1be7147f982e18511304daaeb Mon Sep 17 00:00:00 2001 +From 44e4ce741c71d1d2c32f1d2b0d90a1f2e635e44f Mon Sep 17 00:00:00 2001 From: Greg Kurz <[email protected]> Date: Thu, 25 May 2017 10:30:13 +0200 Subject: [PATCH] 9pfs: local: fix unlink of alien files in mapped-file mode ++++++ 0061-megasas-do-not-read-DCMD-opcode-mor.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.187909153 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.191908590 +0200 @@ -1,4 +1,4 @@ -From e0653c80373f056fa0bd72fb9aef161dac13b1cf Mon Sep 17 00:00:00 2001 +From b4c6e40036a569fa10cd2fde63244e707b4d75e5 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini <[email protected]> Date: Mon, 19 Jun 2017 16:36:08 -0600 Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame ++++++ 0062-megasas-always-store-SCSIRequest-in.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.207906337 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.207906337 +0200 @@ -1,4 +1,4 @@ -From 0199dd521a16bff213ee66fe1fb257790006237f Mon Sep 17 00:00:00 2001 +From 5e011980d6a696192ce807c21c145d738668d040 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini <[email protected]> Date: Sat, 10 Jun 2017 14:04:51 -0600 Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd ++++++ 0063-nbd-Fully-initialize-client-in-case.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.227903521 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.227903521 +0200 @@ -1,4 +1,4 @@ -From 94301dd6735f540dc9f6e01943fda914c4bbef8a Mon Sep 17 00:00:00 2001 +From 096703b0e4c619c6cd3015fcb105c65692b2ec56 Mon Sep 17 00:00:00 2001 From: Eric Blake <[email protected]> Date: Fri, 26 May 2017 22:04:21 -0500 Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation ++++++ 0064-9pfs-local-remove-use-correct-path-.patch ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.243901269 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.243901269 +0200 @@ -1,4 +1,4 @@ -From d8ebbbc6a85bc9a6a6e194564719e43a51ec2e86 Mon Sep 17 00:00:00 2001 +From e915b08f89ee946a702b98624c1e73849ddb611c Mon Sep 17 00:00:00 2001 From: Bruce Rogers <[email protected]> Date: Mon, 19 Jun 2017 14:48:02 -0600 Subject: [PATCH] 9pfs: local: remove: use correct path component ++++++ 0065-hid-Reset-kbd-modifiers-on-reset.patch ++++++ >From b1fafc01f55733b0e1aaeba84192b6515c92f7a0 Mon Sep 17 00:00:00 2001 From: Alexander Graf <[email protected]> Date: Thu, 22 Jun 2017 09:33:21 +0200 Subject: [PATCH] hid: Reset kbd modifiers on reset When resetting the keyboard, we need to reset not just the pending keystrokes, but also any pending modifiers. Otherwise there's a race when we're getting reset while running an escape sequence (modifier 0x100). Cc: [email protected] Signed-off-by: Alexander Graf <[email protected]> --- hw/input/hid.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/input/hid.c b/hw/input/hid.c index 93887ecc43..0d049ff61c 100644 --- a/hw/input/hid.c +++ b/hw/input/hid.c @@ -487,6 +487,7 @@ void hid_reset(HIDState *hs) memset(hs->kbd.keycodes, 0, sizeof(hs->kbd.keycodes)); memset(hs->kbd.key, 0, sizeof(hs->kbd.key)); hs->kbd.keys = 0; + hs->kbd.modifiers = 0; break; case HID_MOUSE: case HID_TABLET: ++++++ 0066-input-Decrement-queue-count-on-kbd-.patch ++++++ >From bea345d1c1fa6d351de7cacf66ccc35845406b31 Mon Sep 17 00:00:00 2001 From: Alexander Graf <[email protected]> Date: Thu, 22 Jun 2017 09:36:36 +0200 Subject: [PATCH] input: Decrement queue count on kbd delay Delays in the input layer are special cased input events. Every input event is accounted for in a global intput queue count. The special cased delays however did not get removed from the queue, leading to queue overruns and thus silent key drops after typing quite a few characters. Signed-off-by: Alexander Graf <[email protected]> Fixes: be1a7176 ("input: add support for kbd delays") Cc: [email protected] --- ui/input.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ui/input.c b/ui/input.c index fb1f404095..94ba3d52cf 100644 --- a/ui/input.c +++ b/ui/input.c @@ -252,6 +252,7 @@ static void qemu_input_queue_process(void *opaque) item = QTAILQ_FIRST(queue); g_assert(item->type == QEMU_INPUT_QUEUE_DELAY); QTAILQ_REMOVE(queue, item, node); + queue_count--; g_free(item); while (!QTAILQ_EMPTY(queue)) { ++++++ 0067-xhci-only-update-dequeue-ptr-on-com.patch ++++++ >From a049f58c32e0c783d2d524a918d40ba4b22d96b8 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann <[email protected]> Date: Thu, 8 Jun 2017 09:41:22 +0200 Subject: [PATCH] xhci: only update dequeue ptr on completed transfers The dequeue pointer should only be updated in case the transfer is actually completed. If we update it for inflight transfers we will not pick them up again after migration, which easily triggers with HID devices as they typically have a pending transfer, waiting for user input to happen. Fixes: 243afe858b95765b98d16a1f0dd50dca262858ad Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451631 Signed-off-by: Gerd Hoffmann <[email protected]> Tested-by: Laurent Vivier <[email protected]> Message-id: [email protected] (cherry picked from commit d54fddea989ba4aa2912d49583d86ce01c0d27ea) Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1048296 Signed-off-by: Alexander Graf <[email protected]> --- hw/usb/hcd-xhci.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c index a2d3143bf4..ed0f13f37b 100644 --- a/hw/usb/hcd-xhci.c +++ b/hw/usb/hcd-xhci.c @@ -2119,6 +2119,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid) } assert(!xfer->running_retry); if (xfer->complete) { + /* update ring dequeue ptr */ + xhci_set_ep_state(xhci, epctx, stctx, epctx->state); xhci_ep_free_xfer(epctx->retry); } epctx->retry = NULL; @@ -2169,6 +2171,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid) xhci_fire_transfer(xhci, xfer, epctx); } if (xfer->complete) { + /* update ring dequeue ptr */ + xhci_set_ep_state(xhci, epctx, stctx, epctx->state); xhci_ep_free_xfer(xfer); xfer = NULL; } @@ -2186,8 +2190,6 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid) break; } } - /* update ring dequeue ptr */ - xhci_set_ep_state(xhci, epctx, stctx, epctx->state); epctx->kick_active--; ep = xhci_epid_to_usbep(epctx); ++++++ 0068-vnc-Set-default-kbd-delay-to-10ms.patch ++++++ >From ea61b5439c77d6fdeb62a04c39affa534b09fcdd Mon Sep 17 00:00:00 2001 From: Alexander Graf <[email protected]> Date: Wed, 12 Jul 2017 14:43:45 +0200 Subject: [PATCH] vnc: Set default kbd delay to 10ms The current VNC default keyboard delay is 1ms. With that we're constantly typing faster than the guest receives keyboard events from an XHCI attached USB HID device. The default keyboard delay time in the input layer however is 10ms. I don't know how that number came to be, but empirical tests on some OpenQA driven ARM systems show that 10ms really is a reasonable default number for the delay. This patch moves the VNC delay also to 10ms. That way our default is much safer (good!) and also consistent with the input layer default (also good!). Signed-off-by: Alexander Graf <[email protected]> Reviewed-by: Daniel P. Berrange <[email protected]> Message-id: [email protected] Signed-off-by: Gerd Hoffmann <[email protected]> (cherry picked from commit d3b0db6dfea6b3a9ee0d96aceb796bdcafa84314) [BR: BSC#1031692] Signed-off-by: Bruce Rogers <[email protected]> --- qemu-options.hx | 2 +- ui/vnc.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/qemu-options.hx b/qemu-options.hx index 4712277d7c..ab7e32a4a0 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -1491,7 +1491,7 @@ spec but is traditional QEMU behavior. @item key-delay-ms Set keyboard delay, for key down and key up events, in milliseconds. -Default is 1. Keyboards are low-bandwidth devices, so this slowdown +Default is 10. Keyboards are low-bandwidth devices, so this slowdown can help the device and guest to keep up and not lose events in case events are arriving in bulk. Possible causes for the latter are flaky network connections, or scripts for automated testing. diff --git a/ui/vnc.c b/ui/vnc.c index 51d6f2353f..3528d50c8a 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -3884,7 +3884,7 @@ void vnc_display_open(const char *id, Error **errp) } lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); - key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1); + key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); sasl = qemu_opt_get_bool(opts, "sasl", false); #ifndef CONFIG_VNC_SASL if (sasl) { ++++++ 0069-qemu-nbd-Ignore-SIGPIPE.patch ++++++ >From 40c9dcf30be29a4d76aeb85b5510cea071423b81 Mon Sep 17 00:00:00 2001 From: Max Reitz <[email protected]> Date: Sun, 11 Jun 2017 14:37:14 +0200 Subject: [PATCH] qemu-nbd: Ignore SIGPIPE qemu proper has done so for 13 years (8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have done so for four years (526eda14a68d5b3596be715505289b541288ef2a). Ignoring this signal is especially important in qemu-nbd because otherwise a client can easily take down the qemu-nbd server by dropping the connection when the server wants to send something, for example: $ qemu-nbd -x foo -f raw -t null-co:// & [1] 12726 $ qemu-io -c quit nbd://localhost/bar can't open device nbd://localhost/bar: No export with name 'bar' available [1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co:// In this case, the client sends an NBD_OPT_ABORT and closes the connection (because it is not required to wait for a reply), but the server replies with an NBD_REP_ACK (because it is required to reply). Signed-off-by: Max Reitz <[email protected]> Message-Id: <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]> (cherry picked from commit 041e32b8d9d076980b4e35317c0339e57ab888f1) [BR: BSC#1046636 CVE-2017-10664] Signed-off-by: Bruce Rogers <[email protected]> --- qemu-nbd.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/qemu-nbd.c b/qemu-nbd.c index b44764eb87..83bf9cb46c 100644 --- a/qemu-nbd.c +++ b/qemu-nbd.c @@ -581,6 +581,10 @@ int main(int argc, char **argv) sa_sigterm.sa_handler = termsig_handler; sigaction(SIGTERM, &sa_sigterm, NULL); +#ifdef CONFIG_POSIX + signal(SIGPIPE, SIG_IGN); +#endif + module_call_init(MODULE_INIT_TRACE); qcrypto_init(&error_fatal); ++++++ 0070-usb-redir-fix-stack-overflow-in-usb.patch ++++++ >From 416a6f3bf137b8e6782dd7c1f9563afe8ee97b19 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann <[email protected]> Date: Tue, 9 May 2017 13:01:28 +0200 Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Don't reinvent a broken wheel, just use the hexdump function we have. Impact: low, broken code doesn't run unless you have debug logging enabled. Reported-by: 李强 <[email protected]> Signed-off-by: Gerd Hoffmann <[email protected]> Message-id: [email protected] (cherry picked from commit bd4a683505b27adc1ac809f71e918e58573d851d) [BR: BSC#1047674 CVE-2017-10806] Signed-off-by: Bruce Rogers <[email protected]> --- hw/usb/redirect.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c index 0efe62f725..eb70dc7218 100644 --- a/hw/usb/redirect.c +++ b/hw/usb/redirect.c @@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg) static void usbredir_log_data(USBRedirDevice *dev, const char *desc, const uint8_t *data, int len) { - int i, j, n; - if (dev->debug < usbredirparser_debug_data) { return; } - - for (i = 0; i < len; i += j) { - char buf[128]; - - n = sprintf(buf, "%s", desc); - for (j = 0; j < 8 && i + j < len; j++) { - n += sprintf(buf + n, " %02X", data[i + j]); - } - error_report("%s", buf); - } + qemu_hexdump((char *)data, stderr, desc, len); } /* ++++++ 0071-exec-use-qemu_ram_ptr_length-to-acc.patch ++++++ >From f6658a500e003e91225f59bc2c2305c6b7d2f0d1 Mon Sep 17 00:00:00 2001 From: Prasad J Pandit <[email protected]> Date: Wed, 12 Jul 2017 18:08:40 +0530 Subject: [PATCH] exec: use qemu_ram_ptr_length to access guest ram When accessing guest's ram block during DMA operation, use 'qemu_ram_ptr_length' to get ram block pointer. It ensures that DMA operation of given length is possible; And avoids any OOB memory access situations. Reported-by: Alex <[email protected]> Signed-off-by: Prasad J Pandit <[email protected]> Message-Id: <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]> (cherry picked from commit 04bf2526ce87f21b32c9acba1c5518708c243ad0) [BR: BSC#1048902 CVE-2017-11334] Signed-off-by: Bruce Rogers <[email protected]> --- exec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exec.c b/exec.c index b47b3f9096..1de9107b61 100644 --- a/exec.c +++ b/exec.c @@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr, } } else { /* RAM case */ - ptr = qemu_map_ram_ptr(mr->ram_block, addr1); + ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); memcpy(ptr, buf, l); invalidate_and_set_dirty(mr, addr1, l); } @@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr, } } else { /* RAM case */ - ptr = qemu_map_ram_ptr(mr->ram_block, addr1); + ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); memcpy(buf, ptr, l); } ++++++ 0072-slirp-check-len-against-dhcp-option.patch ++++++ >From 2c4c724d1ad6dfd316ca3941b29d50f52ab625eb Mon Sep 17 00:00:00 2001 From: Prasad J Pandit <[email protected]> Date: Mon, 17 Jul 2017 17:33:26 +0530 Subject: [PATCH] slirp: check len against dhcp options array end While parsing dhcp options string in 'dhcp_decode', if an options' length 'len' appeared towards the end of 'bp_vend' array, ensuing read could lead to an OOB memory access issue. Add check to avoid it. This is CVE-2017-11434. Reported-by: Reno Robert <[email protected]> Signed-off-by: Prasad J Pandit <[email protected]> Signed-off-by: Samuel Thibault <[email protected]> (cherry picked from commit 413d463f43fbc4dd3a601e80a5724aa384a265a0) [BR: BSC#1049381 CVE-2017-11434] Signed-off-by: Bruce Rogers <[email protected]> --- slirp/bootp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/slirp/bootp.c b/slirp/bootp.c index 5a4646c182..5dd1a415b5 100644 --- a/slirp/bootp.c +++ b/slirp/bootp.c @@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type, if (p >= p_end) break; len = *p++; + if (p + len > p_end) { + break; + } DPRINTF("dhcp: tag=%d len=%d\n", tag, len); switch(tag) { ++++++ 0073-xen-mapcache-store-dma-information-.patch ++++++ >From 96ce16c57f821b9f676de88f25d488d52fec68fe Mon Sep 17 00:00:00 2001 From: Stefano Stabellini <[email protected]> Date: Wed, 3 May 2017 14:00:35 -0700 Subject: [PATCH] xen/mapcache: store dma information in revmapcache entries for debugging The Xen mapcache is able to create long term mappings, they are called "locked" mappings. The third parameter of the xen_map_cache call specifies if a mapping is a "locked" mapping. >From the QEMU point of view there are two kinds of long term mappings: [a] device memory mappings, such as option roms and video memory [b] dma mappings, created by dma_memory_map & friends After certain operations, ballooning a VM in particular, Xen asks QEMU kindly to destroy all mappings. However, certainly [a] mappings are present and cannot be removed. That's not a problem as they are not affected by balloonning. The *real* problem is that if there are any mappings of type [b], any outstanding dma operations could fail. This is a known shortcoming. In other words, when Xen asks QEMU to destroy all mappings, it is an error if any [b] mappings exist. However today we have no way of distinguishing [a] from [b]. Because of that, we cannot even print a decent warning. This patch introduces a new "dma" bool field to MapCacheRev entires, to remember if a given mapping is for dma or is a long term device memory mapping. When xen_invalidate_map_cache is called, we print a warning if any [b] mappings exist. We ignore [a] mappings. Mappings created by qemu_map_ram_ptr are assumed to be [a], while mappings created by address_space_map->qemu_ram_ptr_length are assumed to be [b]. The goal of the patch is to make debugging and system understanding easier. Signed-off-by: Stefano Stabellini <[email protected]> Acked-by: Paolo Bonzini <[email protected]> Acked-by: Anthony PERARD <[email protected]> (cherry picked from commit 1ff7c5986a515d2d936eba026ff19947bbc7cb92) [BR: infrastructure (and otherwise useful) for BSC#1048902] Signed-off-by: Bruce Rogers <[email protected]> --- exec.c | 8 ++++---- include/sysemu/xen-mapcache.h | 5 +++-- xen-mapcache.c | 15 ++++++++++----- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/exec.c b/exec.c index 1de9107b61..8f45b902e4 100644 --- a/exec.c +++ b/exec.c @@ -2012,10 +2012,10 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr) * In that case just map until the end of the page. */ if (block->offset == 0) { - return xen_map_cache(addr, 0, 0); + return xen_map_cache(addr, 0, 0, false); } - block->host = xen_map_cache(block->offset, block->max_length, 1); + block->host = xen_map_cache(block->offset, block->max_length, 1, false); } return ramblock_ptr(block, addr); } @@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr, * In that case just map the requested area. */ if (block->offset == 0) { - return xen_map_cache(addr, *size, 1); + return xen_map_cache(addr, *size, 1, true); } - block->host = xen_map_cache(block->offset, block->max_length, 1); + block->host = xen_map_cache(block->offset, block->max_length, 1, true); } return ramblock_ptr(block, addr); diff --git a/include/sysemu/xen-mapcache.h b/include/sysemu/xen-mapcache.h index b8c93b9bce..01daaad00c 100644 --- a/include/sysemu/xen-mapcache.h +++ b/include/sysemu/xen-mapcache.h @@ -17,7 +17,7 @@ typedef hwaddr (*phys_offset_to_gaddr_t)(hwaddr start_addr, void xen_map_cache_init(phys_offset_to_gaddr_t f, void *opaque); uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size, - uint8_t lock); + uint8_t lock, bool dma); ram_addr_t xen_ram_addr_from_mapcache(void *ptr); void xen_invalidate_map_cache_entry(uint8_t *buffer); void xen_invalidate_map_cache(void); @@ -31,7 +31,8 @@ static inline void xen_map_cache_init(phys_offset_to_gaddr_t f, static inline uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size, - uint8_t lock) + uint8_t lock, + bool dma) { abort(); } diff --git a/xen-mapcache.c b/xen-mapcache.c index 1a96d2e5db..8335266698 100644 --- a/xen-mapcache.c +++ b/xen-mapcache.c @@ -62,6 +62,7 @@ typedef struct MapCacheRev { hwaddr paddr_index; hwaddr size; QTAILQ_ENTRY(MapCacheRev) next; + bool dma; } MapCacheRev; typedef struct MapCache { @@ -202,7 +203,7 @@ static void xen_remap_bucket(MapCacheEntry *entry, } static uint8_t *xen_map_cache_unlocked(hwaddr phys_addr, hwaddr size, - uint8_t lock) + uint8_t lock, bool dma) { MapCacheEntry *entry, *pentry = NULL; hwaddr address_index; @@ -289,6 +290,7 @@ tryagain: if (lock) { MapCacheRev *reventry = g_malloc0(sizeof(MapCacheRev)); entry->lock++; + reventry->dma = dma; reventry->vaddr_req = mapcache->last_entry->vaddr_base + address_offset; reventry->paddr_index = mapcache->last_entry->paddr_index; reventry->size = entry->size; @@ -300,12 +302,12 @@ tryagain: } uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size, - uint8_t lock) + uint8_t lock, bool dma) { uint8_t *p; mapcache_lock(); - p = xen_map_cache_unlocked(phys_addr, size, lock); + p = xen_map_cache_unlocked(phys_addr, size, lock, dma); mapcache_unlock(); return p; } @@ -426,8 +428,11 @@ void xen_invalidate_map_cache(void) mapcache_lock(); QTAILQ_FOREACH(reventry, &mapcache->locked_entries, next) { - DPRINTF("There should be no locked mappings at this time, " - "but "TARGET_FMT_plx" -> %p is present\n", + if (!reventry->dma) { + continue; + } + fprintf(stderr, "Locked DMA mapping while invalidating mapcache!" + " "TARGET_FMT_plx" -> %p is present\n", reventry->paddr_index, reventry->vaddr_req); } ++++++ 0074-exec-Add-lock-parameter-to-qemu_ram.patch ++++++ >From 9ca38f9940fd21f0a24f5a5bfac69f81561096f9 Mon Sep 17 00:00:00 2001 From: Anthony PERARD <[email protected]> Date: Wed, 26 Jul 2017 17:53:26 +0100 Subject: [PATCH] exec: Add lock parameter to qemu_ram_ptr_length Commit 04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use qemu_ram_ptr_length to access guest ram) start using qemu_ram_ptr_length instead of qemu_map_ram_ptr, but when used with Xen, the behavior of both function is different. They both call xen_map_cache, but one with "lock", meaning the mapping of guest memory is never released implicitly, and the second one without, which means, mapping can be release later, when needed. In the context of address_space_{read,write}_continue, the ptr to those mapping should not be locked because it is used immediatly and never used again. The lock parameter make it explicit in which context qemu_ram_ptr_length is called. Signed-off-by: Anthony PERARD <[email protected]> Message-Id: <[email protected]> Reviewed-by: Stefano Stabellini <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]> (cherry picked from commit f5aa69bdc3418773f26747ca282c291519626ece) [BR: infrastructure for BSC#1048902] Signed-off-by: Bruce Rogers <[email protected]> --- exec.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/exec.c b/exec.c index 8f45b902e4..9ef33e4f65 100644 --- a/exec.c +++ b/exec.c @@ -2026,7 +2026,7 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr) * Called within RCU critical section. */ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr, - hwaddr *size) + hwaddr *size, bool lock) { RAMBlock *block = ram_block; if (*size == 0) { @@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr, * In that case just map the requested area. */ if (block->offset == 0) { - return xen_map_cache(addr, *size, 1, true); + return xen_map_cache(addr, *size, lock, lock); } - block->host = xen_map_cache(block->offset, block->max_length, 1, true); + block->host = xen_map_cache(block->offset, block->max_length, 1, lock); } return ramblock_ptr(block, addr); @@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr, } } else { /* RAM case */ - ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); + ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false); memcpy(ptr, buf, l); invalidate_and_set_dirty(mr, addr1, l); } @@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr, } } else { /* RAM case */ - ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l); + ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false); memcpy(buf, ptr, l); } @@ -3169,7 +3169,7 @@ void *address_space_map(AddressSpace *as, memory_region_ref(mr); *plen = address_space_extend_translation(as, addr, len, mr, xlat, l, is_write); - ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen); + ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen, true); rcu_read_unlock(); return ptr; ++++++ qemu.spec.in ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.819820177 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.827819051 +0200 @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + %define noarch_supported 1110 %define build_x86_firmware_from_source 0 @@ -81,7 +82,6 @@ %endif %endif - %if 0%{?suse_version} > 1320 %define with_seccomp 1 %endif @@ -175,9 +175,6 @@ %endif BuildRequires: curl-devel BuildRequires: cyrus-sasl-devel -%if %{build_x86_firmware_from_source} -BuildRequires: iasl -%endif BuildRequires: e2fsprogs-devel BuildRequires: fdupes BuildRequires: gcc-c++ @@ -270,7 +267,11 @@ %if 0%{?suse_version} > 1310 BuildRequires: libusb-1_0-devel %endif +%if 0%{?suse_version} > 1320 +BuildRequires: libvdeplug-devel +%else BuildRequires: libvdeplug3-devel +%endif BuildRequires: lzo-devel %if 0%{?suse_version} > 1220 BuildRequires: makeinfo @@ -318,14 +319,14 @@ %if "%{name}" == "qemu-testsuite" BuildRequires: bc BuildRequires: qemu-arm = %version +BuildRequires: qemu-block-curl = %version +BuildRequires: qemu-block-dmg = %version BuildRequires: qemu-extra = %version BuildRequires: qemu-guest-agent = %version BuildRequires: qemu-ppc = %version BuildRequires: qemu-s390 = %version BuildRequires: qemu-tools = %version BuildRequires: qemu-x86 = %version -BuildRequires: qemu-block-curl = %version -BuildRequires: qemu-block-dmg = %version %if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315 BuildRequires: qemu-block-gluster = %version %endif @@ -340,8 +341,10 @@ %endif %endif Requires(pre): pwdutils +Requires(pre): shadow Requires(post): coreutils %if %{kvm_available} +Requires(post): acl Requires(post): udev %ifarch s390x Requires(post): procps @@ -673,7 +676,8 @@ Summary: Universal CPU emulator -- Tools Group: System/Emulators/PC Provides: qemu:%_libexecdir/qemu-bridge-helper -PreReq: permissions +Requires(pre): permissions +Requires(pre): shadow Recommends: qemu-block-curl %if 0%{?with_rbd} Recommends: qemu-block-rbd @@ -692,6 +696,7 @@ Summary: Universal CPU emulator -- Guest agent Group: System/Emulators/PC Provides: qemu:%_bindir/qemu-ga +Requires(pre): shadow Requires(post): udev %if 0%{?with_systemd} %{?systemd_requires} @@ -1230,6 +1235,8 @@ %endif %if 0%{?suse_version} >= 1130 +%pre tools +%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null %post tools %set_permissions %_libexecdir/qemu-bridge-helper ++++++ supported.arm.txt ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.863813983 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.867813420 +0200 @@ -10,13 +10,12 @@ quality or value. The linux kernel includes components which contribute KVM virtualization features as well. This document was created to assist the user in deciding which features can be relied upon to build enterprise class - virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64) - and for IBM System z (s390x) are offered at the L3 (full support) level, - while KVM for the ARM64 architecture (AArch64) is L3 supported for certain - partner-specific use cases. The bulk of this document deals with L3 supported - features and is primarily ARM64 centric. This document should be considered a - companion to the standard virtualization documentation delivered with the - product. + virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64), + for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered + at the L3 (full support) level. The bulk of this document deals with L3 + supported features and is primarily ARM64 centric. This document should be + considered a companion to the standard virtualization documentation delivered + with the product. KVM is implemented in linux kernel modules which enable the linux kernel to function as an integral part of the KVM hypervisor. The hypervisor-guest @@ -57,9 +56,6 @@ Since a KVM guest runs in the context of a normal linux process, some types of execution controls are managed with linux tools. -- Various standard vCPU types are available, along with the ability to specify - individual CPU features visible to the guest. - - QEMU is compatible with EDK based UEFI firmware available with SLES12-SP3, which allow boot options common to physical systems along with other features tailored to virtualization. Various VGABIOS ROMs, from the SEABIOS project, @@ -79,8 +75,8 @@ take place either from certain prior SLES versioned hosts to a SLES 12 SP3 or between hosts of the same version. Certain other restrictions also apply. -- Security considerations include seccomp2 based sandboxing, privileged - helpers and a security model which allows running guests as a non-root user. +- Security considerations include privileged helpers and a security model which + allows running guests as a non-root user. - QEMU provides best effort reuse of existing disk images, including those with systems installed, through geometry probing. Also disk images produced by @@ -208,16 +204,18 @@ instead of virt-2.6) if possible. (note: there is no virt-2.9 machine type!) - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu host -ctrl-grab -d ... @@ -271,12 +269,12 @@ -nodefconfig -no-frame -nographic - -no-hpet -no-quit -no-reboot -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -310,11 +308,11 @@ - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -493,6 +491,7 @@ query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -556,19 +555,19 @@ mx25l6405d|mx25l8005|n25q032|n25q032a11|n25q032a13|n25q064|n25q064a11| n25q064a13|n25q128|n25q128a11|n25q128a13|n25q256a|n25q256a11| n25q256a13|n25q512a|nand|ne2k_isa|nvdimm|omap2-gpio|omap2-intc| - omap-gpio|omap_i2c|omap-intc|onenand|or-irq|pc-dimm|pc-testdev| - piix3-ide|piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary| - pl022|pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary| - pl080|pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330| + omap-gpio|omap_i2c|omap-intc|onenand|pc-dimm|pc-testdev|piix3-ide| + piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary|pl022| + pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary|pl080| + pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330| platform-bus-device|pxa250-arm-cpu|pxa255-arm-cpu|pxa25x-timer| pxa260-arm-cpu|pxa261-arm-cpu|pxa262-arm-cpu|pxa270-a0-arm-cpu| pxa270-a1-arm-cpu|pxa270-arm-cpu|pxa270-b0-arm-cpu|pxa270-b1-arm-cpu| pxa270-c0-arm-cpu|pxa270-c5-arm-cpu|pxa27x-timer|pxa2xx-dma| pxa2xx-fir|pxa2xx-gpio|pxa2xx_i2c|pxa2xx-i2c-slave|pxa2xx-mmci| - pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|qemu,register| - realview_gic|realview_mpcore|realview_pci|realview_sysctl|s25fl016k| - s25fl064k|s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s| - s25sl004a|s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p| + pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|realview_gic| + realview_mpcore|realview_pci|realview_sysctl|s25fl016k|s25fl064k| + s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s|s25sl004a| + s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p| s25sl12800|s25sl12801|s70fl01gs|sa1100-arm-cpu|sa1110-arm-cpu|sb16| scoop|sdhci-pci|sga|sl-nand|smbus-eeprom|smc91c111|sp804| spitz-keyboard|spitz-lcdtg|ssd0303|ssd0323|ssi-sd|sst25vf016b| @@ -585,7 +584,8 @@ w25q80|w25q80bl|w25x10|w25x16|w25x20|w25x32|w25x40|w25x64|w25x80| wm8750|*-x86_64-cpu|xen-backend|xen-pci-passthrough|xen-platform| xen-pvdevice|xen-sysdev|xgmac|xilinxzynq_slcr|xlnx.ps7-qspi| - xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc] + xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc| + unimplemented-device|vmgenid] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|pci-assign|piix-usb-uhci) @@ -595,6 +595,7 @@ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -fda/-fdb ... -g ... -hda/-hdb/-hdc/-hdd ... @@ -616,6 +617,7 @@ -net [dump|socket|vde] ... -netdev [dump|hubport|l2tpv3|socket|vde] ... -no-fd-bootchk + -no-hpet -no-kvm -no-kvm-irqchip -no-kvm-pit @@ -693,6 +695,8 @@ x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint xen-load-devices-state xen-save-devices-state xen-set-global-dirty-log + xen-set-replication ++++++ supported.s390.txt ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.923805536 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.927804973 +0200 @@ -10,21 +10,20 @@ quality or value. The linux kernel includes components which contribute KVM virtualization features as well. This document was created to assist the user in deciding which features can be relied upon to build enterprise class - virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64) - and for IBM System z (s390x) are offered at the L3 (full support) level, - while KVM for the ARM64 architecture (AArch64) is L3 supported for certain - partner-specific use cases. The bulk of this document deals with L3 supported - features and is primarily s390x centric. This document should be considered a - companion to the standard virtualization documentation delivered with the - product. + virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64), + for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered + at the L3 (full support) level. The bulk of this document deals with L3 + supported features and is primarily s390x centric. This document should be + considered a companion to the standard virtualization documentation delivered + with the product. KVM is implemented in linux kernel modules which enable the linux kernel to function as an integral part of the KVM hypervisor. The hypervisor-guest interaction is managed by QEMU through the /dev/kvm ioctl interface. The linux host assists in the virtualization of storage, networking and display - resources as well as allowing direct hardware passthrough of PCI and USB - devices. Linux memory and cpu management features are used by QEMU/KVM to - enable guests to share those host resources as efficiently as possible. + resources as well as allowing direct hardware passthrough of PCI devices. + Linux memory and cpu management features are used by QEMU/KVM to enable guests + to share those host resources as efficiently as possible. QEMU is a primary component of KVM based virtualization. The legacy qemu-kvm program is provided for continuity with pre SLES 12 usage, including in @@ -59,9 +58,6 @@ Since a KVM guest runs in the context of a normal linux process, some types of execution controls are managed with linux tools. -- Various standard vCPU types are available, along with the ability to specify - individual CPU features visible to the guest. - - QEMU incorporates virtualized, 390 specific, ccw bus based firmware for booting s390 guests. This firmware is automatically incorporated and doesn't need to be explicitly referenced. @@ -80,8 +76,8 @@ take place either from certain prior SLES versioned hosts to a SLES 12 SP3 or between hosts of the same version. Certain other restrictions also apply. -- Security considerations include seccomp2 based sandboxing, privileged - helpers and a security model which allows running guests as a non-root user. +- Security considerations include privileged helpers and a security model which + allows running guests as a non-root user. - QEMU provides best effort reuse of existing disk images, including those with systems installed, through geometry probing. Also disk images produced by @@ -97,8 +93,8 @@ - Guest performance is enhanced through the use of virtio devices, various disk caching modes, network acceleration via the vhost-net kernel module, multi- queue network transmit capabilities, host transparent huge pages (THP) and - direct hugetlb usage. Physical PCI and USB devices may also be passed through - to the guest, including SR-IOV VF's. + direct hugetlb usage. Physical PCI devices may also be passed through to the + guest, including SR-IOV VF's. - The guest UI is accessable via GTK, SDL, VNC, Spice, and serial (including curses TUI) interfaces. @@ -209,16 +205,18 @@ s390-ccw-virtio-2.9 instead of s390-ccw-virtio-2.6) if possible. - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu host -ctrl-grab -d ... @@ -262,17 +260,16 @@ -net [bridge|l2tpv3|nic|none|tap|user] ... (for model= only e1000, rtl8139, and virtio are supported) -netdev [bridge|tap|user] ... - -no-acpi -nodefaults -nodefconfig -no-frame -nographic - -no-hpet -no-quit -no-reboot -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -302,11 +299,11 @@ - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -480,6 +477,7 @@ query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -518,36 +516,36 @@ kvm-pci-assign|lsi53c810|lsi53c810a|megasas|mptsas1068|ne2k_isa| ne2k_pci|nec-usb-xhci|nvdimm|nvme|pc-dimm|pci-testdev|pcnet| pc-testdev|piix3-ide|piix3-ide|piix3-ide-xen|piix4-usb-uhci|pvscsi| - pxb|pxb-host|pxb-pcie|qemu,register|qemuregister|qemu-s390-cpu|rocker| - s390-flic|s390-flic-qemu|s390-ipl|s390-pcihost| - s390-sclp-event-facility|s390-skeys-qemu|sb16|sclp|sclpconsole| - sclp-cpu-hotplug|sclplmconsole|sclp-memory-hotplug-dev|sclpquiesce| - sd-card|sdhci-pci|sdhci-pci|secondary-vga|sga|smbus-eeprom|tpci200| - unimplemented-device|usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp| - usb-uas|vfio-amd-xgbe|vfio-calxeda-xgmac|vfio-pci|vhost-scsi-ccw| - vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw|virtio-blk-ccw| - virtio-crypto-ccw|virtio-mmio|virtio-net-ccw|virtio-rng-ccw| - virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|virtual-css-bridge| - vmware-svga|vmxnet3|vt82c686b-usb-uhci|x3130-upstream|*-x86_64-cpu| - xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|xen-sysdev| - xio3130-downstream|z10BC.2-base-s390-cpu|z10BC.2-s390-cpu| - z10BC-base-s390-cpu|z10BC-s390-cpu|z10EC.2-base-s390-cpu| - z10EC.2-s390-cpu|z10EC.3-base-s390-cpu|z10EC.3-s390-cpu| - z10EC-base-s390-cpu|z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu| - z13.2-base-s390-cpu|z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu| - z13s-base-s390-cpu|z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu| - z196-base-s390-cpu|z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu| - z890.2-base-s390-cpu|z890.2-s390-cpu|z890.3-base-s390-cpu| - z890.3-s390-cpu|z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu| - z900.2-s390-cpu|z900.3-base-s390-cpu|z900.3-s390-cpu| - z900-base-s390-cpu|z900-s390-cpu|z990.2-base-s390-cpu|z990.2-s390-cpu| - z990.3-base-s390-cpu|z990.3-s390-cpu|z990.4-base-s390-cpu| - z990.4-s390-cpu|z990.5-base-s390-cpu|z990.5-s390-cpu| - z990-base-s390-cpu|z990-s390-cpu|z9BC.2-base-s390-cpu|z9BC.2-s390-cpu| - z9BC-base-s390-cpu|z9BC-s390-cpu|z9EC.2-base-s390-cpu|z9EC.2-s390-cpu| - z9EC.3-base-s390-cpu|z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu| - zBC12-base-s390-cpu|zBC12-s390-cpu|zEC12.2-base-s390-cpu| - zEC12.2-s390-cpu|zEC12-base-s390-cpu|zEC12-s390-cpu|zpci] + pxb|pxb-host|pxb-pcie|qemu-s390-cpu|rocker|s390-flic|s390-flic-qemu| + s390-ipl|s390-pcihost|s390-sclp-event-facility|s390-skeys-qemu|sb16| + sclp|sclpconsole|sclp-cpu-hotplug|sclplmconsole| + sclp-memory-hotplug-dev|sclpquiesce|sd-card|sdhci-pci|sdhci-pci| + secondary-vga|sga|smbus-eeprom|tpci200|unimplemented-device| + usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp|usb-uas|vfio-pci| + vhost-scsi-ccw|vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw| + virtio-blk-ccw|virtio-crypto-ccw|virtio-mmio|virtio-net-ccw| + virtio-rng-ccw|virtio-scsi-ccw|virtio-serial-ccw|virtio-vga| + virtual-css-bridge|vmware-svga|vmxnet3|vt82c686b-usb-uhci| + x3130-upstream|*-x86_64-cpu|xen-backend|xen-pci-passthrough| + xen-platform|xen-pvdevice|xen-sysdev|xio3130-downstream| + z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|z10BC-base-s390-cpu| + z10BC-s390-cpu|z10EC.2-base-s390-cpu|z10EC.2-s390-cpu| + z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|z10EC-base-s390-cpu| + z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|z13.2-base-s390-cpu| + z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|z13s-base-s390-cpu| + z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|z196-base-s390-cpu| + z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|z890.2-base-s390-cpu| + z890.2-s390-cpu|z890.3-base-s390-cpu|z890.3-s390-cpu| + z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|z900.2-s390-cpu| + z900.3-base-s390-cpu|z900.3-s390-cpu|z900-base-s390-cpu|z900-s390-cpu| + z990.2-base-s390-cpu|z990.2-s390-cpu|z990.3-base-s390-cpu| + z990.3-s390-cpu|z990.4-base-s390-cpu|z990.4-s390-cpu| + z990.5-base-s390-cpu|z990.5-s390-cpu|z990-base-s390-cpu|z990-s390-cpu| + z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|z9BC-base-s390-cpu|z9BC-s390-cpu| + z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|z9EC.3-base-s390-cpu| + z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|zBC12-base-s390-cpu| + zBC12-s390-cpu|zEC12.2-base-s390-cpu|zEC12.2-s390-cpu| + zEC12-base-s390-cpu|zEC12-s390-cpu|zpci|vmgenid] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|virtio-9p|pci-assign|ahci|e1000-82540em) @@ -557,6 +555,7 @@ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -fda/-fdb ... -g ... -hda/-hdb/-hdc/-hdd ... @@ -569,7 +568,9 @@ -mtdblock file -net [dump|socket|vde] ... -netdev [dump|hubport|l2tpv3|socket|vde] ... + -no-acpi -no-fd-bootchk + -no-hpet -no-kvm -no-kvm-irqchip -no-kvm-pit @@ -656,6 +657,8 @@ x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint xen-load-devices-state xen-save-devices-state xen-set-global-dirty-log + xen-set-replication ++++++ supported.x86.txt ++++++ --- /var/tmp/diff_new_pack.Bv8rH6/_old 2017-08-24 18:22:17.975798215 +0200 +++ /var/tmp/diff_new_pack.Bv8rH6/_new 2017-08-24 18:22:17.979797652 +0200 @@ -10,13 +10,12 @@ quality or value. The linux kernel includes components which contribute KVM virtualization features as well. This document was created to assist the user in deciding which features can be relied upon to build enterprise class - virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64) - and for IBM System z (s390x) are offered at the L3 (full support) level, - while KVM for the ARM64 architecture (AArch64) is L3 supported for certain - partner-specific use cases. The bulk of this document deals with L3 supported - features and is primarily x86 centric. This document should be considered a - companion to the standard virtualization documentation delivered with the - product. + virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64), + for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered + at the L3 (full support) level. The bulk of this document deals with L3 + supported features and is primarily x86 centric. This document should be + considered a companion to the standard virtualization documentation delivered + with the product. KVM is implemented in linux kernel modules which enable the linux kernel to function as an integral part of the KVM hypervisor. The hypervisor-guest @@ -300,16 +299,18 @@ instead of pc-i440fx-2.6) if possible. - The following command line options are supported: + -accel ... -add-fd ... -alt-grab -append ... -audio-help -balloon ... -bios ... + -blockdev ... -boot ... -cdrom ... -chardev .. - -clock + -clock ... -cpu ... (all except host) -ctrl-grab -d ... @@ -326,7 +327,7 @@ virtio-rng-pci|i6300esb|ib700|qxl|qxl-vga|pvpanic|vfio-pci|ivshmem| ivshmem-doorbell|ivshmem-plain|pci-bridge|megasas-gen2|pc-dimm| floppy|e1000e|ccid-card-emulated|ccid-card-passthrough|xen-backend| - loader|e1000] + loader|e1000|vmgenid] (the following are aliases of these supported devices: ahci| virtio-blk|virtio-net|virtio-serial|virtio-balloon| virtio-9p| virtio-scsi|virtio-rng|e1000-82540em) @@ -380,6 +381,7 @@ -no-shutdown -no-user-config -object ... + -only-migratable -parallel ... -pidfile ... -qmp ... @@ -416,11 +418,11 @@ - The following monitor commands are supported: ? - balloon target ... + balloon ... block_resize ... boot_set ... c - change device ... + change ... chardev-add ... chardev-remove ... client_migrate_info ... @@ -599,6 +601,7 @@ query-version query-vnc query-vnc-servers + query-xen-replication-status quit remove-fd ringbuf-read @@ -645,13 +648,13 @@ virtio-tablet-pci|virtio-gpu-pci|pci-bridge-seat|pxb|pxb-pcie| allwinner-ahci|sdhci-pci|rocker|virtio-input-host-device| virtio-keyboard-device|virtio-mouse-device|virtio-tablet-device| - virtio-vga|hyperv-testdev|vfio-amd-xgbe|vfio-calxeda-xgmac| - generic-sdhci|igd-passthrough-isa-bridge|ipmi-bmc-extern| - ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|nvdimm|pxb-host| - sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|or-irq|amd-iommu| - AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|virtio-crypto-device| - virtio-crypto-pci|qemu,register|vfio-pci-igd-lpc-bridge|*-i386-cpu| - *-x86_64-cpu] + virtio-vga|hyperv-testdev|generic-sdhci|igd-passthrough-isa-bridge| + ipmi-bmc-extern|ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068| + nvdimm|pxb-host|sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev| + amd-iommu|AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci| + virtio-crypto-device|virtio-crypto-pci|vfio-pci-igd-lpc-bridge| + isabus-bridge|pcie-root-port|qemu-xhci|unimplemented-device| + *-i386-cpu|*-x86_64-cpu] (the following are aliases of these unsupported devices: lsi| virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet| virtio-gpu|pci-assign) @@ -661,6 +664,7 @@ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed or raw] -dtb file + -enable-hax -g ... -icount ... -L ... @@ -751,3 +755,5 @@ x-blockdev-insert-medium x-blockdev-remove-medium x-colo-lost-heartbeat + xen-colo-do-checkpoint + xen-set-replication
