Hello community,
here is the log from the commit of package qemu for openSUSE:Factory checked in
at 2017-11-03 16:22:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/qemu (Old)
and /work/SRC/openSUSE:Factory/.qemu.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qemu"
Fri Nov 3 16:22:06 2017 rev:130 rq:537250 version:2.10.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/qemu/qemu-linux-user.changes 2017-10-13
14:03:11.990232213 +0200
+++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-linux-user.changes
2017-11-03 16:22:23.569577002 +0100
@@ -1,0 +2,9 @@
+Thu Oct 19 21:58:01 UTC 2017 - brog...@suse.com
+
+- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
+* Patches added:
+ 0040-io-monitor-encoutput-buffer-size-fr.patch
+ 0041-cirrus-fix-oob-access-in-mode4and5-.patch
+ 0042-9pfs-use-g_malloc0-to-allocate-spac.patch
+
+-------------------------------------------------------------------
--- /work/SRC/openSUSE:Factory/qemu/qemu-testsuite.changes 2017-10-13
14:03:12.122226408 +0200
+++ /work/SRC/openSUSE:Factory/.qemu.new/qemu-testsuite.changes 2017-11-03
16:22:26.717462432 +0100
@@ -1,0 +2,42 @@
+Thu Oct 26 15:25:01 UTC 2017 - l...@suse.com
+
+- Wrap analyze-migration and vmstate-static-checker into tools from
+ qemu scripts folder, also changed introduction of qemu-tools in
+ spec file
+- Move supportplugin position in spec file
+
+-------------------------------------------------------------------
+Thu Oct 19 21:57:57 UTC 2017 - brog...@suse.com
+
+- Add announcement in support docs about qed storage format no
+ longer being supported in next major SLE release (SLE15)
+ (fate#324200)
+- Address various security/stability issues
+* Fix DoS in I/O channel websockets (CVE-2017-15268 bsc#1062942)
+ 0040-io-monitor-encoutput-buffer-size-fr.patch
+* Fix OOB access in cirrus vga device emulation (CVE-2017-15289
+ bsc#1063122)
+ 0041-cirrus-fix-oob-access-in-mode4and5-.patch
+* Fix information leak in 9pfs interface (CVE-2017-15038 bsc#1062069)
+ 0042-9pfs-use-g_malloc0-to-allocate-spac.patch
+- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.10
+
+-------------------------------------------------------------------
+Mon Oct 16 14:50:03 UTC 2017 - brog...@suse.com
+
+- Don't tie glusterfs support to specific arch
+- Build skiboot firmware (OPAL), particularly since it's fairly
+ easy to do so
+ skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch
+ skiboot-libc-stdio-vsnprintf.c-add-expli.patch
+
+-------------------------------------------------------------------
+Fri Oct 13 10:57:49 UTC 2017 - henrik.k...@origenis.de
+
+- Added the global macro 'with_glusterfs' in order to re-enable
+ glusterfs support. The macro enable easier future adjustments
+ for various ARCH/targets/requiremnets.
+ At first glusterfs support is enabled for openSUSE Leap 42.x and
+ Factory for ARCH x86_64.
+
+-------------------------------------------------------------------
qemu.changes: same change
New:
----
0040-io-monitor-encoutput-buffer-size-fr.patch
0041-cirrus-fix-oob-access-in-mode4and5-.patch
0042-9pfs-use-g_malloc0-to-allocate-spac.patch
skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch
skiboot-libc-stdio-vsnprintf.c-add-expli.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ qemu-linux-user.spec ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:33.869202139 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:33.873201993 +0100
@@ -65,6 +65,9 @@
Patch0037: 0037-io-fix-check-for-handshake-completi.patch
Patch0038: 0038-crypto-fix-test-cert-generation-to-.patch
Patch0039: 0039-vhost-user-disable-the-broken-subpr.patch
+Patch0040: 0040-io-monitor-encoutput-buffer-size-fr.patch
+Patch0041: 0041-cirrus-fix-oob-access-in-mode4and5-.patch
+Patch0042: 0042-9pfs-use-g_malloc0-to-allocate-spac.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
Source400: update_git.sh
@@ -157,6 +160,9 @@
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
+%patch0040 -p1
+%patch0041 -p1
+%patch0042 -p1
%build
./configure \
++++++ qemu-testsuite.spec ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:33.893201266 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:33.893201266 +0100
@@ -19,6 +19,7 @@
%define noarch_supported 1110
%define build_x86_firmware_from_source 0
+%define build_skiboot_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
@@ -38,11 +39,13 @@
%endif
%ifarch ppc64
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%endif
@@ -59,6 +62,10 @@
%define with_systemd 1
%endif
+%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?is_opensuse} )
+%define with_glusterfs 1
+%endif
+
%ifarch x86_64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && (
0%{?is_opensuse} == 0 || 0%{?sle_version} > 120100 ) )
%define with_rbd 1
@@ -177,6 +184,9 @@
Patch0037: 0037-io-fix-check-for-handshake-completi.patch
Patch0038: 0038-crypto-fix-test-cert-generation-to-.patch
Patch0039: 0039-vhost-user-disable-the-broken-subpr.patch
+Patch0040: 0040-io-monitor-encoutput-buffer-size-fr.patch
+Patch0041: 0041-cirrus-fix-oob-access-in-mode4and5-.patch
+Patch0042: 0042-9pfs-use-g_malloc0-to-allocate-spac.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@@ -193,6 +203,10 @@
# SLOF (Currently no patches)
+# skiboot
+Patch1400: skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch
+Patch1401: skiboot-libc-stdio-vsnprintf.c-add-expli.patch
+
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
@@ -227,7 +241,7 @@
%endif
%endif
BuildRequires: glib2-devel
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: glusterfs-devel
%endif
%if 0%{?suse_version} >= 1220
@@ -367,7 +381,7 @@
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -413,7 +427,7 @@
Suggests: qemu-arm
%endif
Suggests: qemu-block-dmg
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
Suggests: qemu-block-gluster
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -431,10 +445,17 @@
Recommends: qemu-ksm = %{version}
%endif
-%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
+%if %{build_skiboot_from_source} && %{build_slof_from_source}
+%define ppc_extra_built_firmware {skiboot.lid slof.bin}
+%else
+%if %{build_skiboot_from_source}
+%define ppc_extra_built_firmware {skiboot.lid}
+%endif
+%if %{build_slof_from_source}
%define ppc_extra_built_firmware {slof.bin}
%endif
+%endif
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
@@ -647,7 +668,7 @@
This sub-package contains a module for accessing Mac OS X image files
from qemu-img tool and QEMU system emulation.
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%package block-gluster
Summary: Universal CPU emulator -- GlusterFS block support
Group: System/Emulators/PC
@@ -733,7 +754,8 @@
system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
-This sub-package contains various tools, including a bridge helper.
+This sub-package contains various tools, including a bridge helper,
+ivshmem, qemu disk tools and some scripts for different purposes.
%package guest-agent
Summary: Universal CPU emulator -- Guest agent
@@ -869,6 +891,9 @@
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
+%patch0040 -p1
+%patch0041 -p1
+%patch0042 -p1
pushd roms/ipxe
%patch1100 -p1
@@ -884,6 +909,11 @@
pushd roms/SLOF
popd
+pushd roms/skiboot
+%patch1400 -p1
+%patch1401 -p1
+popd
+
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
@@ -927,7 +957,7 @@
--enable-gcrypt \
--disable-nettle \
%endif
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
--enable-glusterfs \
%else
--disable-glusterfs \
@@ -1132,6 +1162,10 @@
done
%endif
+%if %{build_skiboot_from_source}
+make %{?_smp_mflags} -C roms skiboot SKIBOOT_VERSION=skiboot-5.3.7
+%endif
+
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
@@ -1215,15 +1249,16 @@
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
install -D -p -m 0644 %{SOURCE8} %{buildroot}%{_udevrulesdir}/80-qemu-ga.rules
+install -D -m 755 scripts/analyze-migration.py
%{buildroot}%{_bindir}/analyze-migration.py
+install -D -m 755 scripts/vmstate-static-checker.py
%{buildroot}%{_bindir}/vmstate-static-checker.py
+mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
+install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if 0%{?is_opensuse} == 0
install -D -m 0644 %{SOURCE12} %{buildroot}%{_docdir}/qemu-x86/supported.txt
install -D -m 0644 %{SOURCE13} %{buildroot}%{_docdir}/qemu-s390/supported.txt
install -D -m 0644 %{SOURCE14} %{buildroot}%{_docdir}/qemu-arm/supported.txt
install -D -m 0644 %{SOURCE15} %{buildroot}%{_docdir}/qemu-ppc/supported.txt
%endif
-# install supportconfig plugin
-mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
-install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if %{legacy_qemu_kvm}
cat > %{buildroot}%{_bindir}/qemu-kvm << 'EOF'
#!/bin/sh
@@ -1509,7 +1544,7 @@
%dir %_libdir/%name
%_libdir/%name/block-dmg-bz2.so
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%files block-gluster
%defattr(-, root, root)
%dir %_libdir/%name
@@ -1597,6 +1632,8 @@
%verify(not mode) %attr(4750,root,kvm) %_libexecdir/qemu-bridge-helper
%dir %_sysconfdir/%name
%config %_sysconfdir/%name/bridge.conf
+%_bindir/analyze-migration.py
+%_bindir/vmstate-static-checker.py
%files guest-agent
%defattr(-, root, root)
++++++ qemu.spec ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:33.913200537 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:33.917200392 +0100
@@ -19,6 +19,7 @@
%define noarch_supported 1110
%define build_x86_firmware_from_source 0
+%define build_skiboot_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
@@ -38,11 +39,13 @@
%endif
%ifarch ppc64
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%endif
@@ -59,6 +62,10 @@
%define with_systemd 1
%endif
+%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?is_opensuse} )
+%define with_glusterfs 1
+%endif
+
%ifarch x86_64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && (
0%{?is_opensuse} == 0 || 0%{?sle_version} > 120100 ) )
%define with_rbd 1
@@ -177,6 +184,9 @@
Patch0037: 0037-io-fix-check-for-handshake-completi.patch
Patch0038: 0038-crypto-fix-test-cert-generation-to-.patch
Patch0039: 0039-vhost-user-disable-the-broken-subpr.patch
+Patch0040: 0040-io-monitor-encoutput-buffer-size-fr.patch
+Patch0041: 0041-cirrus-fix-oob-access-in-mode4and5-.patch
+Patch0042: 0042-9pfs-use-g_malloc0-to-allocate-spac.patch
# Please do not add QEMU patches manually here.
# Run update_git.sh to regenerate this queue.
@@ -193,6 +203,10 @@
# SLOF (Currently no patches)
+# skiboot
+Patch1400: skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch
+Patch1401: skiboot-libc-stdio-vsnprintf.c-add-expli.patch
+
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
@@ -227,7 +241,7 @@
%endif
%endif
BuildRequires: glib2-devel
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: glusterfs-devel
%endif
%if 0%{?suse_version} >= 1220
@@ -367,7 +381,7 @@
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -413,7 +427,7 @@
Suggests: qemu-arm
%endif
Suggests: qemu-block-dmg
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
Suggests: qemu-block-gluster
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -431,10 +445,17 @@
Recommends: qemu-ksm = %{version}
%endif
-%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
+%if %{build_skiboot_from_source} && %{build_slof_from_source}
+%define ppc_extra_built_firmware {skiboot.lid slof.bin}
+%else
+%if %{build_skiboot_from_source}
+%define ppc_extra_built_firmware {skiboot.lid}
+%endif
+%if %{build_slof_from_source}
%define ppc_extra_built_firmware {slof.bin}
%endif
+%endif
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
@@ -647,7 +668,7 @@
This sub-package contains a module for accessing Mac OS X image files
from qemu-img tool and QEMU system emulation.
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%package block-gluster
Summary: Universal CPU emulator -- GlusterFS block support
Group: System/Emulators/PC
@@ -733,7 +754,8 @@
system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
-This sub-package contains various tools, including a bridge helper.
+This sub-package contains various tools, including a bridge helper,
+ivshmem, qemu disk tools and some scripts for different purposes.
%package guest-agent
Summary: Universal CPU emulator -- Guest agent
@@ -869,6 +891,9 @@
%patch0037 -p1
%patch0038 -p1
%patch0039 -p1
+%patch0040 -p1
+%patch0041 -p1
+%patch0042 -p1
pushd roms/ipxe
%patch1100 -p1
@@ -884,6 +909,11 @@
pushd roms/SLOF
popd
+pushd roms/skiboot
+%patch1400 -p1
+%patch1401 -p1
+popd
+
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
@@ -927,7 +957,7 @@
--enable-gcrypt \
--disable-nettle \
%endif
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
--enable-glusterfs \
%else
--disable-glusterfs \
@@ -1132,6 +1162,10 @@
done
%endif
+%if %{build_skiboot_from_source}
+make %{?_smp_mflags} -C roms skiboot SKIBOOT_VERSION=skiboot-5.3.7
+%endif
+
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
@@ -1215,15 +1249,16 @@
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
install -D -p -m 0644 %{SOURCE8} %{buildroot}%{_udevrulesdir}/80-qemu-ga.rules
+install -D -m 755 scripts/analyze-migration.py
%{buildroot}%{_bindir}/analyze-migration.py
+install -D -m 755 scripts/vmstate-static-checker.py
%{buildroot}%{_bindir}/vmstate-static-checker.py
+mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
+install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if 0%{?is_opensuse} == 0
install -D -m 0644 %{SOURCE12} %{buildroot}%{_docdir}/qemu-x86/supported.txt
install -D -m 0644 %{SOURCE13} %{buildroot}%{_docdir}/qemu-s390/supported.txt
install -D -m 0644 %{SOURCE14} %{buildroot}%{_docdir}/qemu-arm/supported.txt
install -D -m 0644 %{SOURCE15} %{buildroot}%{_docdir}/qemu-ppc/supported.txt
%endif
-# install supportconfig plugin
-mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
-install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if %{legacy_qemu_kvm}
cat > %{buildroot}%{_bindir}/qemu-kvm << 'EOF'
#!/bin/sh
@@ -1509,7 +1544,7 @@
%dir %_libdir/%name
%_libdir/%name/block-dmg-bz2.so
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%files block-gluster
%defattr(-, root, root)
%dir %_libdir/%name
@@ -1597,6 +1632,8 @@
%verify(not mode) %attr(4750,root,kvm) %_libexecdir/qemu-bridge-helper
%dir %_sysconfdir/%name
%config %_sysconfdir/%name/bridge.conf
+%_bindir/analyze-migration.py
+%_bindir/vmstate-static-checker.py
%files guest-agent
%defattr(-, root, root)
++++++ 0040-io-monitor-encoutput-buffer-size-fr.patch ++++++
>From e0032c4d69b0c6b3eeeded2ab496db61c4632e46 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berra...@redhat.com>
Date: Wed, 18 Oct 2017 14:51:33 -0600
Subject: [PATCH] io: monitor encoutput buffer size from websocket GSource
The websocket GSource is monitoring the size of the rawoutput
buffer to determine if the channel can accepts more writes.
The rawoutput buffer, however, is merely a temporary staging
buffer before data is copied into the encoutput buffer. Thus
its size will always be zero when the GSource runs.
This flaw causes the encoutput buffer to grow without bound
if the other end of the underlying data channel doesn't
read data being sent. This can be seen with VNC if a client
is on a slow WAN link and the guest OS is sending many screen
updates. A malicious VNC client can act like it is on a slow
link by playing a video in the guest and then reading data
very slowly, causing QEMU host memory to expand arbitrarily.
This issue is assigned CVE-2017-15268, publically reported in
https://bugs.launchpad.net/qemu/+bug/1718964
(cherry picked from commit a7b20a8efa28e5f22c26c06cd06c2f12bc863493)
Reviewed-by: Eric Blake <ebl...@redhat.com>
[Dan: Added extra checks to deal with code refactored in master but
not stable 2.10]
Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
[BR: BSC#1062942 CVE-2017-15268]
Signed-off-by: Bruce Rogers <brog...@suse.com>
---
io/channel-websock.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/io/channel-websock.c b/io/channel-websock.c
index 5a3badbec2..19116dc148 100644
--- a/io/channel-websock.c
+++ b/io/channel-websock.c
@@ -26,7 +26,7 @@
#include "trace.h"
-/* Max amount to allow in rawinput/rawoutput buffers */
+/* Max amount to allow in rawinput/encoutput buffers */
#define QIO_CHANNEL_WEBSOCK_MAX_BUFFER 8192
#define QIO_CHANNEL_WEBSOCK_CLIENT_KEY_LEN 24
@@ -1006,7 +1006,7 @@ qio_channel_websock_source_prepare(GSource *source,
if (wsource->wioc->rawinput.offset) {
cond |= G_IO_IN;
}
- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
+ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
cond |= G_IO_OUT;
}
@@ -1022,7 +1022,7 @@ qio_channel_websock_source_check(GSource *source)
if (wsource->wioc->rawinput.offset) {
cond |= G_IO_IN;
}
- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
+ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
cond |= G_IO_OUT;
}
@@ -1041,7 +1041,7 @@ qio_channel_websock_source_dispatch(GSource *source,
if (wsource->wioc->rawinput.offset) {
cond |= G_IO_IN;
}
- if (wsource->wioc->rawoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
+ if (wsource->wioc->encoutput.offset < QIO_CHANNEL_WEBSOCK_MAX_BUFFER) {
cond |= G_IO_OUT;
}
++++++ 0041-cirrus-fix-oob-access-in-mode4and5-.patch ++++++
>From f3c7b39cec549039b89fa1c6b2ab238b4bac1a97 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kra...@redhat.com>
Date: Wed, 18 Oct 2017 14:54:15 -0600
Subject: [PATCH] cirrus: fix oob access in mode4and5 write functions
Move dst calculation into the loop, so we apply the mask on each
interation and will not overflow vga memory.
Cc: Prasad J Pandit <p...@fedoraproject.org>
Reported-by: Niu Guoxiang <niuguoxi...@huawei.com>
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
Message-id: 20171011084314.21752-1-kra...@redhat.com
[BR: BSC#1063122 CVE-2017-15289]
Signed-off-by: Bruce Rogers <brog...@suse.com
---
hw/display/cirrus_vga.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/hw/display/cirrus_vga.c b/hw/display/cirrus_vga.c
index afc290ab91..077a8cb74f 100644
--- a/hw/display/cirrus_vga.c
+++ b/hw/display/cirrus_vga.c
@@ -2038,15 +2038,14 @@ static void
cirrus_mem_writeb_mode4and5_8bpp(CirrusVGAState * s,
unsigned val = mem_value;
uint8_t *dst;
- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
for (x = 0; x < 8; x++) {
+ dst = s->vga.vram_ptr + ((offset + x) & s->cirrus_addr_mask);
if (val & 0x80) {
*dst = s->cirrus_shadow_gr1;
} else if (mode == 5) {
*dst = s->cirrus_shadow_gr0;
}
val <<= 1;
- dst++;
}
memory_region_set_dirty(&s->vga.vram, offset, 8);
}
@@ -2060,8 +2059,8 @@ static void
cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
unsigned val = mem_value;
uint8_t *dst;
- dst = s->vga.vram_ptr + (offset &= s->cirrus_addr_mask);
for (x = 0; x < 8; x++) {
+ dst = s->vga.vram_ptr + ((offset + 2 * x) & s->cirrus_addr_mask & ~1);
if (val & 0x80) {
*dst = s->cirrus_shadow_gr1;
*(dst + 1) = s->vga.gr[0x11];
@@ -2070,7 +2069,6 @@ static void
cirrus_mem_writeb_mode4and5_16bpp(CirrusVGAState * s,
*(dst + 1) = s->vga.gr[0x10];
}
val <<= 1;
- dst += 2;
}
memory_region_set_dirty(&s->vga.vram, offset, 16);
}
++++++ 0042-9pfs-use-g_malloc0-to-allocate-spac.patch ++++++
>From 89a7eced18edb0d38a444abc1b367d241ae6cff8 Mon Sep 17 00:00:00 2001
From: Prasad J Pandit <p...@fedoraproject.org>
Date: Mon, 16 Oct 2017 14:21:59 +0200
Subject: [PATCH] 9pfs: use g_malloc0 to allocate space for xattr
9p back-end first queries the size of an extended attribute,
allocates space for it via g_malloc() and then retrieves its
value into allocated buffer. Race between querying attribute
size and retrieving its could lead to memory bytes disclosure.
Use g_malloc0() to avoid it.
Reported-by: Tuomas Tynkkynen <tuomas.tynkky...@iki.fi>
Signed-off-by: Prasad J Pandit <p...@fedoraproject.org>
Signed-off-by: Greg Kurz <gr...@kaod.org>
(cherry picked from commit 7bd92756303f2158a68d5166264dc30139b813b6)
[BR: BSC#1062069 CVE-2017-15038]
Signed-off-by: Bruce Rogers <brog...@suse.com>
---
hw/9pfs/9p.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 8e9490c5f5..c41c0eb106 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -3236,7 +3236,7 @@ static void coroutine_fn v9fs_xattrwalk(void *opaque)
xattr_fidp->fid_type = P9_FID_XATTR;
xattr_fidp->fs.xattr.xattrwalk_fid = true;
if (size) {
- xattr_fidp->fs.xattr.value = g_malloc(size);
+ xattr_fidp->fs.xattr.value = g_malloc0(size);
err = v9fs_co_llistxattr(pdu, &xattr_fidp->path,
xattr_fidp->fs.xattr.value,
xattr_fidp->fs.xattr.len);
@@ -3269,7 +3269,7 @@ static void coroutine_fn v9fs_xattrwalk(void *opaque)
xattr_fidp->fid_type = P9_FID_XATTR;
xattr_fidp->fs.xattr.xattrwalk_fid = true;
if (size) {
- xattr_fidp->fs.xattr.value = g_malloc(size);
+ xattr_fidp->fs.xattr.value = g_malloc0(size);
err = v9fs_co_lgetxattr(pdu, &xattr_fidp->path,
&name, xattr_fidp->fs.xattr.value,
xattr_fidp->fs.xattr.len);
++++++ qemu.spec.in ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:34.261187872 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:34.261187872 +0100
@@ -19,6 +19,7 @@
%define noarch_supported 1110
%define build_x86_firmware_from_source 0
+%define build_skiboot_from_source 0
%define build_slof_from_source 0
%define kvm_available 0
%define legacy_qemu_kvm 0
@@ -38,11 +39,13 @@
%endif
%ifarch ppc64
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%ifarch ppc64le
%if 0%{?suse_version} > 1320 || 0%{?suse_version} == 1315
+%define build_skiboot_from_source 1
%define build_slof_from_source 1
%endif
%endif
@@ -59,6 +62,10 @@
%define with_systemd 1
%endif
+%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?is_opensuse} )
+%define with_glusterfs 1
+%endif
+
%ifarch x86_64
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 && (
0%{?is_opensuse} == 0 || 0%{?sle_version} > 120100 ) )
%define with_rbd 1
@@ -155,6 +162,10 @@
# SLOF (Currently no patches)
+# skiboot
+Patch1400: skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch
+Patch1401: skiboot-libc-stdio-vsnprintf.c-add-expli.patch
+
# this is to make lint happy
Source300: qemu-rpmlintrc
Source301: ipxe-stub-out-the-SAN-req-s-in-int13.patch
@@ -189,7 +200,7 @@
%endif
%endif
BuildRequires: glib2-devel
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: glusterfs-devel
%endif
%if 0%{?suse_version} >= 1220
@@ -329,7 +340,7 @@
BuildRequires: qemu-s390 = %version
BuildRequires: qemu-tools = %version
BuildRequires: qemu-x86 = %version
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
BuildRequires: qemu-block-gluster = %version
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -375,7 +386,7 @@
Suggests: qemu-arm
%endif
Suggests: qemu-block-dmg
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
Suggests: qemu-block-gluster
%endif
%if 0%{?suse_version} > 1320 || ( 0%{?suse_version} == 1315 &&
0%{?sle_version} > 120100 )
@@ -393,10 +404,17 @@
Recommends: qemu-ksm = %{version}
%endif
-%if %{build_slof_from_source}
%define ppc_default_built_firmware {%nil}
+%if %{build_skiboot_from_source} && %{build_slof_from_source}
+%define ppc_extra_built_firmware {skiboot.lid slof.bin}
+%else
+%if %{build_skiboot_from_source}
+%define ppc_extra_built_firmware {skiboot.lid}
+%endif
+%if %{build_slof_from_source}
%define ppc_extra_built_firmware {slof.bin}
%endif
+%endif
%ifarch ppc64
%define ppc64_only_default_built_firmware {spapr-rtas.bin}
@@ -609,7 +627,7 @@
This sub-package contains a module for accessing Mac OS X image files
from qemu-img tool and QEMU system emulation.
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%package block-gluster
Summary: Universal CPU emulator -- GlusterFS block support
Group: System/Emulators/PC
@@ -695,7 +713,8 @@
system. It currently emulates x86, ARM, PowerPC and SPARC CPUs as well
as PC and PowerMac systems.
-This sub-package contains various tools, including a bridge helper.
+This sub-package contains various tools, including a bridge helper,
+ivshmem, qemu disk tools and some scripts for different purposes.
%package guest-agent
Summary: Universal CPU emulator -- Guest agent
@@ -808,6 +827,11 @@
pushd roms/SLOF
popd
+pushd roms/skiboot
+%patch1400 -p1
+%patch1401 -p1
+popd
+
# as a safeguard, delete the firmware files that we intend to build
for i in %built_firmware
do
@@ -851,7 +875,7 @@
--enable-gcrypt \
--disable-nettle \
%endif
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
--enable-glusterfs \
%else
--disable-glusterfs \
@@ -1056,6 +1080,10 @@
done
%endif
+%if %{build_skiboot_from_source}
+make %{?_smp_mflags} -C roms skiboot SKIBOOT_VERSION=skiboot-5.3.7
+%endif
+
%if %{build_slof_from_source}
make %{?_smp_mflags} -C roms slof
%endif
@@ -1139,15 +1167,16 @@
install -D -m 644 %{SOURCE302} %{buildroot}%{_sysconfdir}/qemu/bridge.conf
install -D -m 755 %{SOURCE2} %{buildroot}/usr/share/qemu/qemu-ifup
install -D -p -m 0644 %{SOURCE8} %{buildroot}%{_udevrulesdir}/80-qemu-ga.rules
+install -D -m 755 scripts/analyze-migration.py
%{buildroot}%{_bindir}/analyze-migration.py
+install -D -m 755 scripts/vmstate-static-checker.py
%{buildroot}%{_bindir}/vmstate-static-checker.py
+mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
+install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if 0%{?is_opensuse} == 0
install -D -m 0644 %{SOURCE12} %{buildroot}%{_docdir}/qemu-x86/supported.txt
install -D -m 0644 %{SOURCE13} %{buildroot}%{_docdir}/qemu-s390/supported.txt
install -D -m 0644 %{SOURCE14} %{buildroot}%{_docdir}/qemu-arm/supported.txt
install -D -m 0644 %{SOURCE15} %{buildroot}%{_docdir}/qemu-ppc/supported.txt
%endif
-# install supportconfig plugin
-mkdir -p %{buildroot}%{_libexecdir}/supportconfig/plugins
-install -D -m 0755 %{SOURCE16}
%{buildroot}%{_libexecdir}/supportconfig/plugins/qemu
%if %{legacy_qemu_kvm}
cat > %{buildroot}%{_bindir}/qemu-kvm << 'EOF'
#!/bin/sh
@@ -1433,7 +1462,7 @@
%dir %_libdir/%name
%_libdir/%name/block-dmg-bz2.so
-%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
+%if 0%{?with_glusterfs}
%files block-gluster
%defattr(-, root, root)
%dir %_libdir/%name
@@ -1521,6 +1550,8 @@
%verify(not mode) %attr(4750,root,kvm) %_libexecdir/qemu-bridge-helper
%dir %_sysconfdir/%name
%config %_sysconfdir/%name/bridge.conf
+%_bindir/analyze-migration.py
+%_bindir/vmstate-static-checker.py
%files guest-agent
%defattr(-, root, root)
++++++ skiboot-GCC7-fixes-for-Wimplicit-fallthr.patch ++++++
>From d2c3aad5b260f52dbc87dc93e81733daad154051 Mon Sep 17 00:00:00 2001
From: Stewart Smith <stew...@linux.vnet.ibm.com>
Date: Wed, 10 May 2017 19:33:52 +1000
Subject: [PATCH] GCC7: fixes for -Wimplicit-fallthrough expected regexes
It turns out GCC7 adds a useful warning and does fancy things like
parsing your comments to work out that you intended to do the fallthrough.
There's a few places where we don't match the regex. Fix them, as it's
harmless to do so.
Found by building on Fedora Rawhide in Travis.
Signed-off-by: Stewart Smith <stew...@linux.vnet.ibm.com>
Signed-off-by: Bruce Rogers <brog...@suse.com>
---
core/pcie-slot.c | 3 ++-
hw/fsp/fsp-sysparam.c | 2 +-
platforms/ibm-fsp/firenze-pci.c | 3 ++-
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/core/pcie-slot.c b/core/pcie-slot.c
index 62933a40..80972a6f 100644
--- a/core/pcie-slot.c
+++ b/core/pcie-slot.c
@@ -383,7 +383,8 @@ static int64_t pcie_slot_sm_freset(struct pci_slot *slot)
PCI_SLOT_STATE_FRESET_POWER_OFF);
return pci_slot_set_sm_timeout(slot, msecs_to_tb(50));
}
- /* No power state change, fall through */
+ /* No power state change, */
+ /* fallthrough */
case PCI_SLOT_STATE_FRESET_POWER_OFF:
PCIE_SLOT_DBG(slot, "FRESET: Power is off, turn on\n");
if (slot->ops.set_power_state)
diff --git a/hw/fsp/fsp-sysparam.c b/hw/fsp/fsp-sysparam.c
index 2dbf05c6..5d7ae91e 100644
--- a/hw/fsp/fsp-sysparam.c
+++ b/hw/fsp/fsp-sysparam.c
@@ -100,7 +100,7 @@ static int fsp_sysparam_process(struct sysparam_req *r)
case 0x00: /* XXX Is that even possible ? */
case 0x11: /* Data in request */
memcpy(r->ubuf, &r->resp.data.words[2], len);
- /* pass through */
+ /* fallthrough */
case 0x12: /* Data in TCE */
stlen = len;
break;
diff --git a/platforms/ibm-fsp/firenze-pci.c b/platforms/ibm-fsp/firenze-pci.c
index fd15e88a..66f6efa9 100644
--- a/platforms/ibm-fsp/firenze-pci.c
+++ b/platforms/ibm-fsp/firenze-pci.c
@@ -507,7 +507,8 @@ static int64_t firenze_pci_slot_freset(struct pci_slot
*slot)
msecs_to_tb(FIRENZE_PCI_SLOT_DELAY));
}
- /* Fall through: Power is off, turn it on */
+ /* Power is off, turn it on */
+ /* Fallthrough */
case FIRENZE_PCI_SLOT_FRESET_POWER_OFF:
/* Update last power status */
pval = (uint8_t *)(plat_slot->req->rw_buf);
--
2.14.1
++++++ skiboot-libc-stdio-vsnprintf.c-add-expli.patch ++++++
>From bfb0e54f493d4003a397d5c1b50fc77195e7ffb5 Mon Sep 17 00:00:00 2001
From: Stewart Smith <stew...@linux.vnet.ibm.com>
Date: Thu, 2 Feb 2017 16:35:40 +1100
Subject: [PATCH] libc/stdio/vsnprintf.c: add explicit fallthrough
silences recent GCC warning
Signed-off-by: Stewart Smith <stew...@linux.vnet.ibm.com>
Signed-off-by: Bruce Rogers <brog...@suse.com>
---
libc/stdio/vsnprintf.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libc/stdio/vsnprintf.c b/libc/stdio/vsnprintf.c
index fbb84a0b..e83cee84 100644
--- a/libc/stdio/vsnprintf.c
+++ b/libc/stdio/vsnprintf.c
@@ -164,6 +164,7 @@ print_format(char **buffer, size_t bufsize, const char
*format, void *var)
break;
case 'X':
upper = true;
+ /* fallthrough */
case 'x':
sizec[i] = '\0';
value = (unsigned long) var &
convert[length_mod];
--
2.14.1
++++++ supported.arm.txt ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:34.301186416 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:34.305186271 +0100
@@ -182,6 +182,12 @@
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
+- Due to upstream's decision to no longer fully support the qed storage format
+ going forward (since it really provides no benefit over qcow2 and is now no
+ longer actively maintained upstream), creating qed storage images is no
longer
+ supported and it is highly discouraged to continuing to use existing qed
+ images. They should instead be converted to another supported format.
+
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
@@ -189,10 +195,10 @@
qemu-system-aarch64 [options]
Where 'options' are taken from the options listed below.
- The images used with -drive or -cdrom, may be in the raw (no format), qcow2
- or qed storage formats, and may be located in files within the host
- filesystem, logical volumes, host physical disks, or network based storage.
- Read only media may also be accessed via URL style protocol specifiers.
+ The images used with -drive or -cdrom, may be in the raw (no format) or qcow2
+ storage formats, and may be located in files within the host filesystem,
+ logical volumes, host physical disks, or network based storage. Read only
+ media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which
serve
to replace an older option or interface, you are strongly encouraged to adapt
@@ -234,7 +240,7 @@
virtio-scsi|virtio-rng|e1000-82540em)
-dfilter range, ...
-display ...
- -drive ... (if specified if=[virtio] and format=[qcow2|qed|raw] and
+ -drive ... (if specified if=[virtio] and format=[qcow2|raw] and
snapshot=off only)
-echr ...
-enable-fips
@@ -597,8 +603,8 @@
(note that some of these device names represent supported devices and
are used internally, but are not specifyable via -device even though
they appear in the list of devices)
- -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2,
qed
- or raw]
+ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2 or
+ raw]
-dtb file
-enable-hax
-fda/-fdb ...
++++++ supported.ppc.txt ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:34.329185397 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:34.333185252 +0100
@@ -182,6 +182,12 @@
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
+- Due to upstream's decision to no longer fully support the qed storage format
+ going forward (since it really provides no benefit over qcow2 and is now no
+ longer actively maintained upstream), creating qed storage images is no
longer
+ supported and it is highly discouraged to continuing to use existing qed
+ images. They should instead be converted to another supported format.
+
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
@@ -189,10 +195,10 @@
qemu-system-ppc64 [options]
Where 'options' are taken from the options listed below.
- The images used with -drive or -cdrom, may be in the raw (no format), qcow2
- or qed storage formats, and may be located in files within the host
- filesystem, logical volumes, host physical disks, or network based storage.
- Read only media may also be accessed via URL style protocol specifiers.
+ The images used with -drive or -cdrom, may be in the raw (no format) or qcow2
+ storage formats, and may be located in files within the host filesystem,
+ logical volumes, host physical disks, or network based storage. Read only
+ media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which
serve
to replace an older option or interface, you are strongly encouraged to adapt
@@ -234,7 +240,7 @@
virtio-scsi|virtio-rng|e1000-82540em)
-dfilter range, ...
-display ...
- -drive ... (if specified if=[virtio] and format=[qcow2|qed|raw] and
+ -drive ... (if specified if=[virtio] and format=[qcow2|raw] and
snapshot=off only)
-echr ...
-enable-fips
@@ -547,8 +553,8 @@
(note that some of these device names represent supported devices and
are used internally, but are not specifyable via -device even though
they appear in the list of devices)
- -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2,
qed
- or raw]
+ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2 or
+ raw]
-dtb file
-enable-hax
-fda/-fdb ...
++++++ supported.s390.txt ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:34.361184233 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:34.361184233 +0100
@@ -183,6 +183,12 @@
- The previously supported blkdev-add QMP command has been flagged as lacking
and could possibly change syntax in the future.
+- Due to upstream's decision to no longer fully support the qed storage format
+ going forward (since it really provides no benefit over qcow2 and is now no
+ longer actively maintained upstream), creating qed storage images is no
longer
+ supported and it is highly discouraged to continuing to use existing qed
+ images. They should instead be converted to another supported format.
+
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
@@ -190,10 +196,10 @@
qemu-system-s390x [options]
Where 'options' are taken from the options listed below.
- The images used with -drive or -cdrom, may be in the raw (no format), qcow2
- or qed storage formats, and may be located in files within the host
- filesystem, logical volumes, host physical disks, or network based storage.
- Read only media may also be accessed via URL style protocol specifiers.
+ The images used with -drive or -cdrom, may be in the raw (no format) or qcow2
+ storage formats, and may be located in files within the host filesystem,
+ logical volumes, host physical disks, or network based storage. Read only
+ media may also be accessed via URL style protocol specifiers.
Note that as a general rule, as new command line options are added which
serve
to replace an older option or interface, you are strongly encouraged to adapt
@@ -230,7 +236,7 @@
virtio-net|virtio-serial|virtio-balloon|virtio-scsi|virtio-rng)
-dfilter range, ...
-display ...
- -drive ... (if specified if=[virtio] and format=[qcow2|qed|raw] and
+ -drive ... (if specified if=[virtio] and format=[qcow2|raw] and
snapshot=off only)
-echr ...
-enable-fips
@@ -557,8 +563,8 @@
(note that some of these device names represent supported devices and
are used internally, but are not specifyable via -device even though
they appear in the list of devices)
- -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2,
qed
- or raw]
+ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2 or
+ raw]
-dtb file
-enable-hax
-fda/-fdb ...
++++++ supported.x86.txt ++++++
--- /var/tmp/diff_new_pack.X9V7tg/_old 2017-11-03 16:22:34.385183359 +0100
+++ /var/tmp/diff_new_pack.X9V7tg/_new 2017-11-03 16:22:34.389183213 +0100
@@ -274,6 +274,12 @@
are not supported in this release. The current q35 machine type is however
now
fully supported.
+- Due to upstream's decision to no longer fully support the qed storage format
+ going forward (since it really provides no benefit over qcow2 and is now no
+ longer actively maintained upstream), creating qed storage images is no
longer
+ supported and it is highly discouraged to continuing to use existing qed
+ images. They should instead be converted to another supported format.
+
QEMU Command-Line and Monitor Syntax and Support
------------------------------------------------
@@ -284,9 +290,9 @@
Where 'options' are taken from the options listed below, and 'disk_image' is
the file system reference to the the x86 guest's primary IDE based hard disk
image. This image as well as those used with -drive or -cdrom, may be in the
- raw (no format), qcow2 or qed storage formats, and may be located in files
- within the host filesystem, logical volumes, host physical disks, or network
- based storage. Read only media may also be accessed via URL style protocol
+ raw (no format) or qcow2 storage formats, and may be located in files within
+ the host filesystem, logical volumes, host physical disks, or network based
+ storage. Read only media may also be accessed via URL style protocol
specifiers.
Note that as a general rule, as new command line options are added which
serve
@@ -333,7 +339,7 @@
virtio-scsi|virtio-rng|e1000-82540em)
-dfilter range, ...
-display ...
- -drive ... (if specified if=[floppy|ide|virtio] and format=[qcow2|qed|raw]
and
+ -drive ... (if specified if=[floppy|ide|virtio] and format=[qcow2|raw] and
snapshot=off only)
-echr ...
-enable-fips
@@ -669,8 +675,8 @@
(note that some of these device names represent supported devices and
are used internally, but are not specifyable via -device even though
they appear in the list of devices)
- -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2,
qed
- or raw]
+ -drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2 or
+ raw]
-dtb file
-enable-hax
-g ...
