Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian....@packages.debian.org
Usertags: pu
Hello,
I am facing the same issue in debian as it is reported in ubuntu launchpad
bug
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1825195
Could you please release new revision of libvirt to buster ?
Debdiff attached.
Original bug filled by me:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944248
Thanks,
Michal Arbet
-- System Information:
Debian Release: 9.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'oldstable-updates'), (500,
'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/32 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru libvirt-5.0.0/debian/changelog libvirt-5.0.0/debian/changelog
--- libvirt-5.0.0/debian/changelog 2019-06-17 19:05:40.000000000 +0200
+++ libvirt-5.0.0/debian/changelog 2019-11-07 10:01:27.000000000 +0100
@@ -1,3 +1,13 @@
+libvirt (5.0.0-4.1) buster; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix issues with old guests that defined
+ the never functional osxsave and ospke features (Closes: #944248).
+ - d/p/bug-944248-qemu-do-not-define-known-no-op-features.patch
+ - d/p/bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
+
+ -- Michal Arbet <michal.ar...@ultimum.io> Thu, 07 Nov 2019 10:01:27 +0100
+
libvirt (5.0.0-4) unstable; urgency=medium
* [0fdc2af] Fix multiple CVEs related to privilege escalations on R/O
diff -Nru
libvirt-5.0.0/debian/patches/bug-944248-qemu-do-not-define-known-no-op-features.patch
libvirt-5.0.0/debian/patches/bug-944248-qemu-do-not-define-known-no-op-features.patch
---
libvirt-5.0.0/debian/patches/bug-944248-qemu-do-not-define-known-no-op-features.patch
1970-01-01 01:00:00.000000000 +0100
+++
libvirt-5.0.0/debian/patches/bug-944248-qemu-do-not-define-known-no-op-features.patch
2019-11-07 10:01:27.000000000 +0100
@@ -0,0 +1,103 @@
+From 2900575db892700fab8a4b8541474d9bd3444a4a Mon Sep 17 00:00:00 2001
+From: Christian Ehrhardt <christian.ehrha...@canonical.com>
+Date: Thu, 25 Apr 2019 11:04:29 +0200
+Subject: [PATCH 1/2] qemu: do not define known no-op features
+
+Qemu dropped cpu features for osxsave and ospke [1][2].
+The reason for the instant removal is that those features were never
+configurable as discussed in [3].
+
+Fortunately the use cases adding those flags in the past are rare, but
+they exist. One that I identified are e.g. older virt-install when used
+with --cpu=host-model and there always could be the case of a user
+adding it to the guest xml.
+
+This triggers an issue like:
+ qemu-system-x86_64: can't apply global Broadwell-noTSX-x86_64-
+ cpu.osxsave=on: Property '.osxsave' not found
+
+Ensure that this does no more break spawning newer qemu versions by
+not rendering those features into the qemu command line.
+
+Fixes: https://bugs.launchpad.net/fedora/+source/qemu/+bug/1825195
+Resolves: https://bugzilla.redhat.com/1644848
+
+[1]: https://git.qemu.org/?p=qemu.git;a=commit;h=f1a2352
+[2]: https://git.qemu.org/?p=qemu.git;a=commit;h=9ccb978
+[3]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg561877.html
+
+Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
+Reviewed-by: Daniel Henrique Barboza <danielhb...@gmail.com>
+Tested-by: Daniel Henrique Barboza <danielhb...@gmail.com>
+
+Origin: backport,
https://libvirt.org/git/?p=libvirt.git;a=commit;h=2900575db892700fab8a4b8541474d9bd3444a4a
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1825195
+Last-Update: 2019-05-15
+
+---
+ src/qemu/qemu_command.c | 23 +++++++++++++++++++
+ .../qemuxml2argvdata/cpu-host-model-cmt.args | 2 +-
+ tests/qemuxml2argvdata/cpu-tsc-frequency.args | 4 ++--
+ 3 files changed, 26 insertions(+), 3 deletions(-)
+
+--- a/src/qemu/qemu_command.c
++++ b/src/qemu/qemu_command.c
+@@ -6844,6 +6844,27 @@ qemuBuildGlobalControllerCommandLine(vir
+ return 0;
+ }
+
++/**
++ * qemuFeatureNoEffect:
++ * @feature: CPU Feature
++ *
++ * Returns true, if the feature is known to have (never had) an effect on
QEMU.
++ * Those features might be dropped in qemu without a longer deprecation cycle
++ * and must therefore be known e.g. to no more define them on command line.
++ */
++static bool
++qemuFeatureNoEffect(virCPUFeatureDefPtr feature)
++{
++ if (!feature->name)
++ return false;
++
++ if (STREQ(feature->name, "osxsave"))
++ return true;
++ if (STREQ(feature->name, "ospke"))
++ return true;
++
++ return false;
++}
+
+ static int
+ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
+@@ -6912,6 +6933,8 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr
+ virBufferAsprintf(buf, ",vendor=%s", cpu->vendor_id);
+
+ for (i = 0; i < cpu->nfeatures; i++) {
++ if (qemuFeatureNoEffect(&(cpu->features[i])))
++ continue;
+ switch ((virCPUFeaturePolicy) cpu->features[i].policy) {
+ case VIR_CPU_FEATURE_FORCE:
+ case VIR_CPU_FEATURE_REQUIRE:
+--- a/tests/qemuxml2argvdata/cpu-host-model-cmt.args
++++ b/tests/qemuxml2argvdata/cpu-host-model-cmt.args
+@@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \
+ -S \
+ -machine pc,accel=tcg,usb=off,dump-guest-core=off \
+ -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\
+-+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \
+++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \
+ -m 214 \
+ -smp 6,sockets=6,cores=1,threads=1 \
+ -uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+--- a/tests/qemuxml2argvdata/cpu-tsc-frequency.args
++++ b/tests/qemuxml2argvdata/cpu-tsc-frequency.args
+@@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \
+ -S \
+ -machine pc,accel=kvm,usb=off,dump-guest-core=off \
+ -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\
+-+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\
+++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\
+ +invtsc,tsc-frequency=3504000000 \
+ -m 214 \
+ -smp 1,sockets=1,cores=1,threads=1 \
diff -Nru
libvirt-5.0.0/debian/patches/bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
libvirt-5.0.0/debian/patches/bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
---
libvirt-5.0.0/debian/patches/bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
1970-01-01 01:00:00.000000000 +0100
+++
libvirt-5.0.0/debian/patches/bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
2019-11-07 10:01:27.000000000 +0100
@@ -0,0 +1,96 @@
+From b51bfa70554f4bc43cbd6841b78d67b391909184 Mon Sep 17 00:00:00 2001
+From: Christian Ehrhardt <christian.ehrha...@canonical.com>
+Date: Thu, 25 Apr 2019 11:51:55 +0200
+Subject: [PATCH 2/2] qemuxml2argvtest: add test for remove cpu features
+
+CPU features that always were a no-op in qemu got removed there.
+We no more specify them as that would trigger errors and fail to start
+qemu. This test ensures that those features really are not rendered into
+qemu command line.
+
+Without the related fix this test will trigger and fail like:
+ In 'tests/qemuxml2argvdata/cpu-no-removed-features.args':
+ Offset 371
+ Expect [ ]
+ Actual [,-osxsave,-ospke ]
+
+Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com>
+Reviewed-by: Daniel Henrique Barboza <danielhb...@gmail.com>
+Tested-by: Daniel Henrique Barboza <danielhb...@gmail.com>
+
+Origin: backport,
https://libvirt.org/git/?p=libvirt.git;a=commit;h=b51bfa70554f4bc43cbd6841b78d67b391909184
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1825195
+Last-Update: 2019-05-15
+
+---
+ .../cpu-no-removed-features.args | 29 +++++++++++++++++++
+ .../cpu-no-removed-features.xml | 23 +++++++++++++++
+ tests/qemuxml2argvtest.c | 1 +
+ 3 files changed, 53 insertions(+)
+ create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.args
+ create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.xml
+
+--- /dev/null
++++ b/tests/qemuxml2argvdata/cpu-no-removed-features.args
+@@ -0,0 +1,25 @@
++LC_ALL=C \
++PATH=/bin \
++HOME=/home/test \
++USER=test \
++LOGNAME=test \
++QEMU_AUDIO_DRV=none \
++/usr/bin/qemu-system-x86_64 \
++-name QEMUGuest1 \
++-S \
++-machine pc,accel=kvm,usb=off,dump-guest-core=off \
++-cpu core2duo \
++-m 214 \
++-smp 6,sockets=6,cores=1,threads=1 \
++-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
++-display none \
++-no-user-config \
++-nodefaults \
++-chardev
socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
++server,nowait \
++-mon chardev=charmonitor,id=monitor,mode=control \
++-rtc base=utc \
++-no-shutdown \
++-no-acpi \
++-usb \
++-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
+--- /dev/null
++++ b/tests/qemuxml2argvdata/cpu-no-removed-features.xml
+@@ -0,0 +1,23 @@
++<domain type='kvm'>
++ <name>QEMUGuest1</name>
++ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
++ <memory unit='KiB'>219100</memory>
++ <currentMemory unit='KiB'>219100</currentMemory>
++ <vcpu placement='static'>6</vcpu>
++ <os>
++ <type arch='x86_64' machine='pc'>hvm</type>
++ <boot dev='network'/>
++ </os>
++ <cpu match='exact'>
++ <model>core2duo</model>
++ <feature name='osxsave' policy='optional'/>
++ <feature name='ospke' policy='optional'/>
++ </cpu>
++ <clock offset='utc'/>
++ <on_poweroff>destroy</on_poweroff>
++ <on_reboot>restart</on_reboot>
++ <on_crash>destroy</on_crash>
++ <devices>
++ <emulator>/usr/bin/qemu-system-x86_64</emulator>
++ </devices>
++</domain>
+--- a/tests/qemuxml2argvtest.c
++++ b/tests/qemuxml2argvtest.c
+@@ -1771,6 +1771,7 @@ mymain(void)
+ DO_TEST("cpu-fallback", QEMU_CAPS_KVM);
+ DO_TEST_FAILURE("cpu-nofallback", QEMU_CAPS_KVM);
+ DO_TEST("cpu-strict1", QEMU_CAPS_KVM);
++ DO_TEST("cpu-no-removed-features", QEMU_CAPS_KVM);
+ DO_TEST("cpu-numa1", NONE);
+ DO_TEST("cpu-numa2", NONE);
+ DO_TEST("cpu-numa-no-memory-element", NONE);
diff -Nru libvirt-5.0.0/debian/patches/series
libvirt-5.0.0/debian/patches/series
--- libvirt-5.0.0/debian/patches/series 2019-06-17 19:05:40.000000000 +0200
+++ libvirt-5.0.0/debian/patches/series 2019-11-07 10:01:27.000000000 +0100
@@ -35,3 +35,5 @@
security/api-disallow-virConnect-HypervisorCPU-on-read-only-connec.patch
Include-etc-pki-qemu-in-apparmor.patch
apparmor-Allow-run-pygrup.patch
+bug-944248-qemu-do-not-define-known-no-op-features.patch
+bug-944248-qemuxml2argvtest-add-test-for-remove-cpu-features.patch
