Bug#1050939: ovmf: AMD-SEV + TPM (swtpm) + vCPU > 6 = problem
Package: ovmf Version: 2022.11-6 Severity: important After upgrading to Debian 12.x (from 11.x), some of my VMs are not booting anymore. It looks like the ovmf crashes even before loading the shim/bootloader from the virtual disk. The problem is somehow related to combination of: AMD-SEV + TPM (swtpm) and number of vCPUs configured for the quest OS. I found a workaround to boot the problematic VMs, more precisely any (one) change from the list below allows to boot a VM: - downgrade the ovmf to version ovmf_2020.11-2+deb11u1_all.deb (from bullseye) - reduce the number of vCPUs to 6 or less (>6 does not work) - remove the swtpm from the guest configuration - disable the AMD-SEV functionality After some testing, I am pretty sure that the problem is NOT related to: - qemu-system-x86 version (both bookworm = 7.2+dfsg-7 and bookworm-backports = 8.0.4+dfsg-1~bpo12+1 are affected) - kernel version (both bookworm = 6.1.38-4 and bookworm-backports = 6.4.4-3~bpo12+1 are affected) - CPU configuration for the guest VM (tried multiple different configurations, and the result is the same) and it looks like the issue is present also in the current debian testing (ovmf 2023.05-1) - the only working version is ovmf_2020.11-2+deb11u1_all.deb (from bullseye). The problematic libvirt XML (with reboot loop): test MY_UUID test VM 16777216 16777216 8 hvm /var/lib/libvirt/qemu/nvram/test_VARS.fd qemu64 destroy restart destroy /usr/bin/kvm 47 1 0x0033 The same XML works after any of the following changes: - reducing the vcpu number, for example: 6 - removing the swtpm definition: - removing the AMD-SEV definition (which disables the AMD-SEV functionality): 47 1 0x0033 - dowgrading the ovmf to ovmf_2020.11-2+deb11u1_all.deb (from bullseye), without any change in the XML There is no any warning/error log in the corresponding /var/log/libvirt/qemu/test.log, dmesg or /var/log/syslog ... -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-0.deb12.2-amd64 (SMP w/48 CPU threads; PREEMPT) GNU C Library: libc-bin 2.36-9+deb12u1 Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#986765: AMD SEV guest crash after "Loading initial ramdisk ..."
Package: qemu-system-x86
Version: 1:5.2+dfsg-9
When I try to boot an AMD SEV enabled guest OS it crashes immediately after the
"Loading initial ramdisk ..." message (the result is infinite reboot loop).
Here is my libvirt XML which works fine without the
"..." XML element (which enables the AMD
SEV):
test
4dea22b3-1d52-d8f3-2516-782e98ab3fa0
ab826c0a-a349-4470-bbb9-d2b6ee23e8c3
Test Server
8388608
8388608
9437184
4
1
hvm
/var/lib/libvirt/qemu/nvram/test_VARS.fd
destroy
restart
coredump-restart
restart
/usr/bin/kvm
/dev/random
47
1
0x0033
kvm command line arguments (from the XML above):
/usr/bin/kvm -name guest=test,debug-threads=on -S -object
secret,id=masterKey0,format=raw,file=/var/lib/libvirt/qemu/domain-12-test/master-key.aes
-blockdev
{"driver":"file","filename":"/usr/share/OVMF/OVMF_CODE_4M.ms.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}
-blockdev
{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}
-blockdev
{"driver":"file","filename":"/var/lib/libvirt/qemu/nvram/test_VARS.fd","node-name":"libvirt-pflash1-storage","auto-read-only":true,"discard":"unmap"}
-blockdev
{"node-name":"libvirt-pflash1-format","read-only":false,"driver":"raw","file":"libvirt-pflash1-storage"}
-machine
pc-q35-5.2,accel=kvm,usb=off,smm=on,dump-guest-core=off,kernel_irqchip=on,memory-encryption=sev0,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-format,memory-backend=pc.ram
-cpu
host,migratable=off,topoext=on,kvmclock=on,kvm-pv-unhalt=on,kvm-hint-dedicated=on,kvm-poll-control=on,host-cache-info=on,l3-cache=off
-global driver=cfi.pflash01,property=secure,value=on -m 8192 -object
memory-backend-memfd,id=pc.ram,hugetlb=yes,hugetlbsize=2097152,share=yes,prealloc=yes,size=8589934592
-overcommit mem-lock=on -smp 4,sockets=1,dies=1,cores=2,threads=2 -object
iothread,id=iothread1 -uuid 4dea22b3-1d52-d8f3-2516-782e98ab3fa0 -device
vmgenid,guid=ab826c0a-a349-4470-bbb9-d2b6ee23e8c3,id=vmgenid0 -no-user-config
-nodefaults -device sga -chardev socket,id=charmonitor,fd=33,server,nowait -mon
chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot
menu=on,splash-time=5000,strict=on -device
pcie-root-port,port=0x10,chassis=1,id=pci.1,bus=pcie.0,multifunction=on,addr=0x1
-device pcie-root-port,port=0x11,chassis=2,id=pci.2,bus=pcie.0,addr=0x1.0x1
-device pcie-root-port,port=0x12,chassis=3,id=pci.3,bus=pcie.0,addr=0x1.0x2
-device pcie-root-port,port=0x13,chassis=4,id=pci.4,bus=pcie.0,addr=0x1.0x3
-device pcie-root-port,port=0x14,chassis=5,id=pci.5,bus=pcie.0,addr=0x1.0x4
-device pcie-root-port,port=0x15,chassis=6,id=pci.6,bus=pcie.0,addr=0x1.0x5
-device pcie-root-port,port=0x16,chassis=7,id=pci.7,bus=pcie.0,addr=0x1.0x6
-device qemu-xhci,id=usb,bus=pci.2,addr=0x0 -device
virtio-serial-pci,id=virtio-serial0,iommu_platform=on,bus=pci.6,addr=0x0
-blockdev
{"driver":"file","filename":"/home/data/debian.iso","node-name":"libvirt-3-storage","auto-read-only":true,"discard":"unmap"}
-blockdev
{"node-name":"libvirt-3-format","read-only":true,"driver":"raw","file":"libvirt-3-storage"}
-device ide-cd,bus=ide.0,drive=libvirt-3-format,id=sata0-0-0,bootindex=2
-blockdev
{"driver":"host_device","filename":"/dev/vg_storage/lv_test-swap","aio":"native","node-name":"libvirt-2-storage","cache":{"direct":true,"no-flush":false},"auto-read-only":true,"discard":"unmap"}
-blockdev
{"node-name":"libvirt-2-format","read-only":false,"cache":{"direct":true,"no-flush":false},"driver":"raw","file":"libvirt-2-storage"}
-device
virtio-blk-pci-non-transitional,iothread=iothread1,iommu_platform=on,bus=pci.3,addr=0x0,drive=libvirt-2-format,id=virtio-disk0,write-cache=on
-blockdev
{"driver":"host_device","filename":"/dev/vg_storage/lv_test-root","aio":"native","node-name":"libvirt-1-storage","cache":{"direct":true,"no-flush":false},"auto-read-only":true,"discard":"unmap"}
-blockdev
Bug#899068: [DAViCal-devel] Bug#899068: davical does not sync contacts on iOS and macos
Hi all, this bug is already fixed in iOS 12 and macOS Mojave 10.14 - everything work well on both OS (tested on beta 1, 2 & 3). JM > On 18 May 2018, at 22:03, Norbert Schulz wrote: > > Package: davical > Version: 1.1.7-1~bpo9+1 > Severity: normal > > Dear Maintainer, > > dacical does not sync contact on iOS and macos. The accounts on iOS and macos > can be created and the > connection might be established. But there is no sync of the contact between > the devices. There is no > possibility to check if the contacts of one of the devices send them to > davical. > > The calendar part of davical works very well with iOS and macos so that the > general setup might be okay. > > > Regards > Norbert Schulz > > -- System Information: > Debian Release: 9.4 > APT prefers stable > APT policy: (500, 'stable') > Architecture: armel (armv5tel) > > Kernel: Linux 4.9.0-6-marvell > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), > LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages davical depends on: > ii libawl-php 0.59-1~bpo9+1 > ii libdbd-pg-perl 3.5.3-1+b2 > ii libyaml-perl 1.21-1 > ii perl 5.24.1-3+deb9u3 > ii php1:7.0+49 > ii php-cli1:7.0+49 > ii php-pgsql 1:7.0+49 > ii php-xml1:7.0+49 > ii php7.0 [php] 7.0.27-0+deb9u1 > ii php7.0-cli [php-cli] 7.0.27-0+deb9u1 > ii php7.0-pgsql [php-pgsql] 7.0.27-0+deb9u1 > ii php7.0-xml [php-xml] 7.0.27-0+deb9u1 > ii postgresql-client-9.6 [postgresql-client] 9.6.7-0+deb9u1 > > Versions of packages davical recommends: > ii php-curl1:7.0+49 > ii php7.0-curl [php-curl] 7.0.27-0+deb9u1 > ii postgresql 9.6+181+deb9u1 > > Versions of packages davical suggests: > pn php-ldap | php5-ldap > > -- no debconf information > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > ___ > DAViCal-devel mailing list > davical-de...@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/davical-devel smime.p7s Description: S/MIME cryptographic signature
Bug#784282: [DAViCal-devel] Bug#784282: davical: Sync not working after upgrading from wheezy to jessie on iOS
Hi Sven, the hide_TODO options was a temporary fix for people who use one calendar collection for VEVENT and also VTODOS (few years ago). This approach NOT works anymore with new iOS/OSX (it forces user to use different collection for VEVENTS and VTODOS). So the reason why this options was created has gone and there is really NO reason to use it. Changing it REQUIRES to disable and re-enable your CalDAV account on iOS, because a config change cannot create calendar sychronization tokens (the reason why you still see these todos). The reason why it may work with other clients is that these use WebDAV synchronization (instead of real CalDAV synchronization /iOS, OS X, CalDavZAP, .../). JM On 04 May 2015, at 23:33, Sven Strickroth sven.strickr...@hu-berlin.de wrote: Package: davical Version: 1.1.3.1-1 Severity: important Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** I just upgraded from wheezy to jessie and now syncing with iOS devices such as iPhones does not fully work any more. Creating and removing VEVENTS on the iPhone works. When I delete an event created on a iPhone on another device, e.g. in Lighning, the event never vanishes from the iPhone (but on all other Lighning instances). When I include $c-hide_TODO = false; into my existing config, it works again. However, the old events (created on iPhone, but deleted somewhere else) stay on the iPhone (I can deleted these manually on the iPhone, but I think these should disappear automatically as those at not in the DB any more). -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages davical depends on: ii libawl-php 0.55-1 ii libdbd-pg-perl 3.4.2-1 ii libyaml-perl 1.13-1 ii perl 5.20.2-3 ii php5 5.6.7+dfsg-1 ii php5-cli 5.6.7+dfsg-1 ii php5-pgsql 5.6.7+dfsg-1 ii postgresql-client 9.4+165 ii postgresql-client-9.4 [postgresql-client] 9.4.1-1 Versions of packages davical recommends: ii php5-curl 5.6.7+dfsg-1 ii postgresql 9.4+165 Versions of packages davical suggests: ii php5-ldap 5.6.7+dfsg-1 -- no debconf information -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ DAViCal-devel mailing list davical-de...@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/davical-devel smime.p7s Description: S/MIME cryptographic signature
