Package: libvirt-daemon Version: 5.0.0-4 Hello,
I am facing the same issue in debian as it is reported in ubuntu launchpad bug https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1825195 Could you please fix and release security update ? Patches from ubuntu package attached. I've tried to apply these patches to source in g...@salsa.debian.org:libvirt-team/libvirt.git in debian/buster branch and they applied successfully. Thanks, Michal Arbet
From b51bfa70554f4bc43cbd6841b78d67b391909184 Mon Sep 17 00:00:00 2001 From: Christian Ehrhardt <christian.ehrha...@canonical.com> Date: Thu, 25 Apr 2019 11:51:55 +0200 Subject: [PATCH 2/2] qemuxml2argvtest: add test for remove cpu features CPU features that always were a no-op in qemu got removed there. We no more specify them as that would trigger errors and fail to start qemu. This test ensures that those features really are not rendered into qemu command line. Without the related fix this test will trigger and fail like: In 'tests/qemuxml2argvdata/cpu-no-removed-features.args': Offset 371 Expect [ ] Actual [,-osxsave,-ospke ] Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com> Reviewed-by: Daniel Henrique Barboza <danielhb...@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb...@gmail.com> Origin: backport, https://libvirt.org/git/?p=libvirt.git;a=commit;h=b51bfa70554f4bc43cbd6841b78d67b391909184 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1825195 Last-Update: 2019-05-15 --- .../cpu-no-removed-features.args | 29 +++++++++++++++++++ .../cpu-no-removed-features.xml | 23 +++++++++++++++ tests/qemuxml2argvtest.c | 1 + 3 files changed, 53 insertions(+) create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.args create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.xml --- /dev/null +++ b/tests/qemuxml2argvdata/cpu-no-removed-features.args @@ -0,0 +1,25 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/home/test \ +USER=test \ +LOGNAME=test \ +QEMU_AUDIO_DRV=none \ +/usr/bin/qemu-system-x86_64 \ +-name QEMUGuest1 \ +-S \ +-machine pc,accel=kvm,usb=off,dump-guest-core=off \ +-cpu core2duo \ +-m 214 \ +-smp 6,sockets=6,cores=1,threads=1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\ +server,nowait \ +-mon chardev=charmonitor,id=monitor,mode=control \ +-rtc base=utc \ +-no-shutdown \ +-no-acpi \ +-usb \ +-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 --- /dev/null +++ b/tests/qemuxml2argvdata/cpu-no-removed-features.xml @@ -0,0 +1,23 @@ +<domain type='kvm'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <memory unit='KiB'>219100</memory> + <currentMemory unit='KiB'>219100</currentMemory> + <vcpu placement='static'>6</vcpu> + <os> + <type arch='x86_64' machine='pc'>hvm</type> + <boot dev='network'/> + </os> + <cpu match='exact'> + <model>core2duo</model> + <feature name='osxsave' policy='optional'/> + <feature name='ospke' policy='optional'/> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-x86_64</emulator> + </devices> +</domain> --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1771,6 +1771,7 @@ mymain(void) DO_TEST("cpu-fallback", QEMU_CAPS_KVM); DO_TEST_FAILURE("cpu-nofallback", QEMU_CAPS_KVM); DO_TEST("cpu-strict1", QEMU_CAPS_KVM); + DO_TEST("cpu-no-removed-features", QEMU_CAPS_KVM); DO_TEST("cpu-numa1", NONE); DO_TEST("cpu-numa2", NONE); DO_TEST("cpu-numa-no-memory-element", NONE);
From 2900575db892700fab8a4b8541474d9bd3444a4a Mon Sep 17 00:00:00 2001 From: Christian Ehrhardt <christian.ehrha...@canonical.com> Date: Thu, 25 Apr 2019 11:04:29 +0200 Subject: [PATCH 1/2] qemu: do not define known no-op features Qemu dropped cpu features for osxsave and ospke [1][2]. The reason for the instant removal is that those features were never configurable as discussed in [3]. Fortunately the use cases adding those flags in the past are rare, but they exist. One that I identified are e.g. older virt-install when used with --cpu=host-model and there always could be the case of a user adding it to the guest xml. This triggers an issue like: qemu-system-x86_64: can't apply global Broadwell-noTSX-x86_64- cpu.osxsave=on: Property '.osxsave' not found Ensure that this does no more break spawning newer qemu versions by not rendering those features into the qemu command line. Fixes: https://bugs.launchpad.net/fedora/+source/qemu/+bug/1825195 Resolves: https://bugzilla.redhat.com/1644848 [1]: https://git.qemu.org/?p=qemu.git;a=commit;h=f1a2352 [2]: https://git.qemu.org/?p=qemu.git;a=commit;h=9ccb978 [3]: https://www.mail-archive.com/qemu-devel@nongnu.org/msg561877.html Signed-off-by: Christian Ehrhardt <christian.ehrha...@canonical.com> Reviewed-by: Daniel Henrique Barboza <danielhb...@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb...@gmail.com> Origin: backport, https://libvirt.org/git/?p=libvirt.git;a=commit;h=2900575db892700fab8a4b8541474d9bd3444a4a Bug-Ubuntu: https://bugs.launchpad.net/bugs/1825195 Last-Update: 2019-05-15 --- src/qemu/qemu_command.c | 23 +++++++++++++++++++ .../qemuxml2argvdata/cpu-host-model-cmt.args | 2 +- tests/qemuxml2argvdata/cpu-tsc-frequency.args | 4 ++-- 3 files changed, 26 insertions(+), 3 deletions(-) --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -6844,6 +6844,27 @@ qemuBuildGlobalControllerCommandLine(vir return 0; } +/** + * qemuFeatureNoEffect: + * @feature: CPU Feature + * + * Returns true, if the feature is known to have (never had) an effect on QEMU. + * Those features might be dropped in qemu without a longer deprecation cycle + * and must therefore be known e.g. to no more define them on command line. + */ +static bool +qemuFeatureNoEffect(virCPUFeatureDefPtr feature) +{ + if (!feature->name) + return false; + + if (STREQ(feature->name, "osxsave")) + return true; + if (STREQ(feature->name, "ospke")) + return true; + + return false; +} static int qemuBuildCpuModelArgStr(virQEMUDriverPtr driver, @@ -6912,6 +6933,8 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr virBufferAsprintf(buf, ",vendor=%s", cpu->vendor_id); for (i = 0; i < cpu->nfeatures; i++) { + if (qemuFeatureNoEffect(&(cpu->features[i]))) + continue; switch ((virCPUFeaturePolicy) cpu->features[i].policy) { case VIR_CPU_FEATURE_FORCE: case VIR_CPU_FEATURE_REQUIRE: --- a/tests/qemuxml2argvdata/cpu-host-model-cmt.args +++ b/tests/qemuxml2argvdata/cpu-host-model-cmt.args @@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pc,accel=tcg,usb=off,dump-guest-core=off \ -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\ -+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \ ++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \ -m 214 \ -smp 6,sockets=6,cores=1,threads=1 \ -uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ --- a/tests/qemuxml2argvdata/cpu-tsc-frequency.args +++ b/tests/qemuxml2argvdata/cpu-tsc-frequency.args @@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \ -S \ -machine pc,accel=kvm,usb=off,dump-guest-core=off \ -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\ -+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\ ++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\ +invtsc,tsc-frequency=3504000000 \ -m 214 \ -smp 1,sockets=1,cores=1,threads=1 \
