
<div dir="ltr">Hello Guido,<div><br></div><div>Version was current buster 5.0.0-4</div><div>I've built new version with fix and open release bug here -> <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944294" target="_blank">https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944294</a></div><div>I've also forked libvirt git repo and open merge request here ->  <a href="https://salsa.debian.org/libvirt-team/libvirt/merge_requests/36">https://salsa.debian.org/libvirt-team/libvirt/merge_requests/36</a>  ( there is conflict in debian/series as there is one commit after tag debian/5.0.0-4, but not big issue)</div><div><br></div><div>Debdiff attached.</div><div><br></div><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">st 27. 11. 2019 v 12:10 odesílatel Guido Günther <<a href="mailto:agx@sigxcpu.org" target="_blank">agx@sigxcpu.org</a>> napsal:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,<br>

On Wed, Nov 06, 2019 at 05:39:49PM +0100, Michal Arbet wrote:<br>

> Package: libvirt-daemon<br>

> Version: 5.0.0-4<br>

> <br>

> Hello,<br>

> <br>

> I am facing the same issue in debian as it is reported in ubuntu launchpad<br>

> bug<br>

> <a href="https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1825195" rel="noreferrer" target="_blank">https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1825195</a><br>

> <br>

> Could you please fix and release security update ?<br>

> Patches from ubuntu package attached.<br>

> <br>

> I've tried to apply these patches to source in<br>

> git@salsa.debian.org:libvirt-team/libvirt.git<br>

> in debian/buster branch and they applied successfully.<br>

<br>

<br>

> <br>

> Thanks,<br>

> Michal Arbet<br>

<br>

> From b51bfa70554f4bc43cbd6841b78d67b391909184 Mon Sep 17 00:00:00 2001<br>

> From: Christian Ehrhardt <<a href="mailto:christian.ehrhardt@canonical.com" target="_blank">christian.ehrhardt@canonical.com</a>><br>

> Date: Thu, 25 Apr 2019 11:51:55 +0200<br>

> Subject: [PATCH 2/2] qemuxml2argvtest: add test for remove cpu features<br>

> <br>

> CPU features that always were a no-op in qemu got removed there.<br>

> We no more specify them as that would trigger errors and fail to start<br>

> qemu. This test ensures that those features really are not rendered into<br>

> qemu command line.<br>

> <br>

> Without the related fix this test will trigger and fail like:<br>

>  In 'tests/qemuxml2argvdata/cpu-no-removed-features.args':<br>

>  Offset 371<br>

>  Expect [ ]<br>

>  Actual [,-osxsave,-ospke ]<br>

> <br>

> Signed-off-by: Christian Ehrhardt <<a href="mailto:christian.ehrhardt@canonical.com" target="_blank">christian.ehrhardt@canonical.com</a>><br>

> Reviewed-by: Daniel Henrique Barboza <<a href="mailto:danielhb413@gmail.com" target="_blank">danielhb413@gmail.com</a>><br>

> Tested-by: Daniel Henrique Barboza <<a href="mailto:danielhb413@gmail.com" target="_blank">danielhb413@gmail.com</a>><br>

> <br>

> Origin: backport, <a href="https://libvirt.org/git/?p=libvirt.git;a=commit;h=b51bfa70554f4bc43cbd6841b78d67b391909184" rel="noreferrer" target="_blank">https://libvirt.org/git/?p=libvirt.git;a=commit;h=b51bfa70554f4bc43cbd6841b78d67b391909184</a><br>

> Bug-Ubuntu: <a href="https://bugs.launchpad.net/bugs/1825195" rel="noreferrer" target="_blank">https://bugs.launchpad.net/bugs/1825195</a><br>

> Last-Update: 2019-05-15<br>

> <br>

> ---<br>

>  .../cpu-no-removed-features.args              | 29 +++++++++++++++++++<br>

>  .../cpu-no-removed-features.xml               | 23 +++++++++++++++<br>

>  tests/qemuxml2argvtest.c                      |  1 +<br>

>  3 files changed, 53 insertions(+)<br>

>  create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.args<br>

>  create mode 100644 tests/qemuxml2argvdata/cpu-no-removed-features.xml<br>

> <br>

> --- /dev/null<br>

> +++ b/tests/qemuxml2argvdata/cpu-no-removed-features.args<br>

> @@ -0,0 +1,25 @@<br>

> +LC_ALL=C \<br>

> +PATH=/bin \<br>

> +HOME=/home/test \<br>

> +USER=test \<br>

> +LOGNAME=test \<br>

> +QEMU_AUDIO_DRV=none \<br>

> +/usr/bin/qemu-system-x86_64 \<br>

> +-name QEMUGuest1 \<br>

> +-S \<br>

> +-machine pc,accel=kvm,usb=off,dump-guest-core=off \<br>

> +-cpu core2duo \<br>

> +-m 214 \<br>

> +-smp 6,sockets=6,cores=1,threads=1 \<br>

> +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \<br>

> +-display none \<br>

> +-no-user-config \<br>

> +-nodefaults \<br>

> +-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\<br>

> +server,nowait \<br>

> +-mon chardev=charmonitor,id=monitor,mode=control \<br>

> +-rtc base=utc \<br>

> +-no-shutdown \<br>

> +-no-acpi \<br>

> +-usb \<br>

> +-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3<br>

> --- /dev/null<br>

> +++ b/tests/qemuxml2argvdata/cpu-no-removed-features.xml<br>

> @@ -0,0 +1,23 @@<br>

> +<domain type='kvm'><br>

> +  <name>QEMUGuest1</name><br>

> +  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid><br>

> +  <memory unit='KiB'>219100</memory><br>

> +  <currentMemory unit='KiB'>219100</currentMemory><br>

> +  <vcpu placement='static'>6</vcpu><br>

> +  <os><br>

> +    <type arch='x86_64' machine='pc'>hvm</type><br>

> +    <boot dev='network'/><br>

> +  </os><br>

> +  <cpu match='exact'><br>

> +    <model>core2duo</model><br>

> +    <feature name='osxsave' policy='optional'/><br>

> +    <feature name='ospke' policy='optional'/><br>

> +  </cpu><br>

> +  <clock offset='utc'/><br>

> +  <on_poweroff>destroy</on_poweroff><br>

> +  <on_reboot>restart</on_reboot><br>

> +  <on_crash>destroy</on_crash><br>

> +  <devices><br>

> +      <emulator>/usr/bin/qemu-system-x86_64</emulator><br>

> +  </devices><br>

> +</domain><br>

> --- a/tests/qemuxml2argvtest.c<br>

> +++ b/tests/qemuxml2argvtest.c<br>

> @@ -1771,6 +1771,7 @@ mymain(void)<br>

>      DO_TEST("cpu-fallback", QEMU_CAPS_KVM);<br>

>      DO_TEST_FAILURE("cpu-nofallback", QEMU_CAPS_KVM);<br>

>      DO_TEST("cpu-strict1", QEMU_CAPS_KVM);<br>

> +    DO_TEST("cpu-no-removed-features", QEMU_CAPS_KVM);<br>

>      DO_TEST("cpu-numa1", NONE);<br>

>      DO_TEST("cpu-numa2", NONE);<br>

>      DO_TEST("cpu-numa-no-memory-element", NONE);<br>

<br>

> From 2900575db892700fab8a4b8541474d9bd3444a4a Mon Sep 17 00:00:00 2001<br>

> From: Christian Ehrhardt <<a href="mailto:christian.ehrhardt@canonical.com" target="_blank">christian.ehrhardt@canonical.com</a>><br>

> Date: Thu, 25 Apr 2019 11:04:29 +0200<br>

> Subject: [PATCH 1/2] qemu: do not define known no-op features<br>

> <br>

> Qemu dropped cpu features for osxsave and ospke [1][2].<br>

> The reason for the instant removal is that those features were never<br>

> configurable as discussed in [3].<br>

> <br>

> Fortunately the use cases adding those flags in the past are rare, but<br>

> they exist. One that I identified are e.g. older virt-install when used<br>

> with --cpu=host-model and there always could be the case of a user<br>

> adding it to the guest xml.<br>

> <br>

> This triggers an issue like:<br>

>   qemu-system-x86_64: can't apply global Broadwell-noTSX-x86_64-<br>

>   cpu.osxsave=on: Property '.osxsave' not found<br>

> <br>

> Ensure that this does no more break spawning newer qemu versions by<br>

> not rendering those features into the qemu command line.<br>

> <br>

> Fixes: <a href="https://bugs.launchpad.net/fedora/+source/qemu/+bug/1825195" rel="noreferrer" target="_blank">https://bugs.launchpad.net/fedora/+source/qemu/+bug/1825195</a><br>

> Resolves: <a href="https://bugzilla.redhat.com/1644848" rel="noreferrer" target="_blank">https://bugzilla.redhat.com/1644848</a><br>

> <br>

> [1]: <a href="https://git.qemu.org/?p=qemu.git;a=commit;h=f1a2352" rel="noreferrer" target="_blank">https://git.qemu.org/?p=qemu.git;a=commit;h=f1a2352</a><br>

> [2]: <a href="https://git.qemu.org/?p=qemu.git;a=commit;h=9ccb978" rel="noreferrer" target="_blank">https://git.qemu.org/?p=qemu.git;a=commit;h=9ccb978</a><br>

> [3]: <a href="https://www.mail-archive.com/qemu-devel@nongnu.org/msg561877.html" rel="noreferrer" target="_blank">https://www.mail-archive.com/qemu-devel@nongnu.org/msg561877.html</a><br>

> <br>

> Signed-off-by: Christian Ehrhardt <<a href="mailto:christian.ehrhardt@canonical.com" target="_blank">christian.ehrhardt@canonical.com</a>><br>

> Reviewed-by: Daniel Henrique Barboza <<a href="mailto:danielhb413@gmail.com" target="_blank">danielhb413@gmail.com</a>><br>

> Tested-by: Daniel Henrique Barboza <<a href="mailto:danielhb413@gmail.com" target="_blank">danielhb413@gmail.com</a>><br>

> <br>

> Origin: backport, <a href="https://libvirt.org/git/?p=libvirt.git;a=commit;h=2900575db892700fab8a4b8541474d9bd3444a4a" rel="noreferrer" target="_blank">https://libvirt.org/git/?p=libvirt.git;a=commit;h=2900575db892700fab8a4b8541474d9bd3444a4a</a><br>

> Bug-Ubuntu: <a href="https://bugs.launchpad.net/bugs/1825195" rel="noreferrer" target="_blank">https://bugs.launchpad.net/bugs/1825195</a><br>

> Last-Update: 2019-05-15<br>

> <br>

> ---<br>

>  src/qemu/qemu_command.c                       | 23 +++++++++++++++++++<br>

>  .../qemuxml2argvdata/cpu-host-model-cmt.args  |  2 +-<br>

>  tests/qemuxml2argvdata/cpu-tsc-frequency.args |  4 ++--<br>

>  3 files changed, 26 insertions(+), 3 deletions(-)<br>

> <br>

> --- a/src/qemu/qemu_command.c<br>

> +++ b/src/qemu/qemu_command.c<br>

> @@ -6844,6 +6844,27 @@ qemuBuildGlobalControllerCommandLine(vir<br>

>      return 0;<br>

>  }<br>

>  <br>

> +/**<br>

> + * qemuFeatureNoEffect:<br>

> + * @feature: CPU Feature<br>

> + *<br>

> + * Returns true, if the feature is known to have (never had) an effect on QEMU.<br>

> + * Those features might be dropped in qemu without a longer deprecation cycle<br>

> + * and must therefore be known e.g. to no more define them on command line.<br>

> + */<br>

> +static bool<br>

> +qemuFeatureNoEffect(virCPUFeatureDefPtr feature)<br>

> +{<br>

> +    if (!feature->name)<br>

> +        return false;<br>

> +<br>

> +    if (STREQ(feature->name, "osxsave"))<br>

> +        return true;<br>

> +    if (STREQ(feature->name, "ospke"))<br>

> +        return true;<br>

> +<br>

> +    return false;<br>

> +}<br>

>  <br>

>  static int<br>

>  qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,<br>

> @@ -6912,6 +6933,8 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr<br>

>          virBufferAsprintf(buf, ",vendor=%s", cpu->vendor_id);<br>

>  <br>

>      for (i = 0; i < cpu->nfeatures; i++) {<br>

> +        if (qemuFeatureNoEffect(&(cpu->features[i])))<br>

> +            continue;<br>

>          switch ((virCPUFeaturePolicy) cpu->features[i].policy) {<br>

>          case VIR_CPU_FEATURE_FORCE:<br>

>          case VIR_CPU_FEATURE_REQUIRE:<br>

> --- a/tests/qemuxml2argvdata/cpu-host-model-cmt.args<br>

> +++ b/tests/qemuxml2argvdata/cpu-host-model-cmt.args<br>

> @@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \<br>

>  -S \<br>

>  -machine pc,accel=tcg,usb=off,dump-guest-core=off \<br>

>  -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\<br>

> -+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \<br>

> ++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm \<br>

>  -m 214 \<br>

>  -smp 6,sockets=6,cores=1,threads=1 \<br>

>  -uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \<br>

> --- a/tests/qemuxml2argvdata/cpu-tsc-frequency.args<br>

> +++ b/tests/qemuxml2argvdata/cpu-tsc-frequency.args<br>

> @@ -9,7 +9,7 @@ QEMU_AUDIO_DRV=none \<br>

>  -S \<br>

>  -machine pc,accel=kvm,usb=off,dump-guest-core=off \<br>

>  -cpu Haswell,+vme,+ds,+acpi,+ss,+ht,+tm,+pbe,+dtes64,+monitor,+ds_cpl,+vmx,\<br>

> -+smx,+est,+tm2,+xtpr,+pdcm,+osxsave,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\<br>

> ++smx,+est,+tm2,+xtpr,+pdcm,+f16c,+rdrand,+pdpe1gb,+abm,+lahf_lm,\<br>

>  +invtsc,tsc-frequency=3504000000 \<br>

>  -m 214 \<br>

>  -smp 1,sockets=1,cores=1,threads=1 \<br>

<br>

which qemu version did you hit this with?<br>

 -- Guido<br>

</blockquote></div></div>