* Mon Jul 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 4.0.0-5.el8

- kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306] - kvm-qxl-check-release-info-object.patch [bz#1712717] - kvm-target-i386-add-MDS-NO-feature.patch [bz#1722839] - kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1588356] - kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1588356] - kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch [bz#1707118] - Resolves: bz#1588356 (qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img') - Resolves: bz#1707118 (enable device: bochs-display (QEMU)) - Resolves: bz#1712717 (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8]) - Resolves: bz#1720306 (VM failed to start with error "failed to install seccomp syscall filter in the kernel") - Resolves: bz#1722839 ([Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train)
2019-07-08 14:20:34 +02:00 · 2019-07-08 14:20:34 +02:00 · 0ba0561a8b
commit 0ba0561a8b
parent 0544bace3c
6 changed files with 460 additions and 3 deletions
--- a/kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch
+++ b/kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch
@ -0,0 +1,98 @@
+From cff152749afe8b045db50fdd065756a217efa6e9 Mon Sep 17 00:00:00 2001
+From: Max Reitz <mreitz@redhat.com>
+Date: Tue, 25 Jun 2019 21:07:09 +0200
+Subject: [PATCH 4/6] block/file-posix: Unaligned O_DIRECT block-status
+
+RH-Author: Max Reitz <mreitz@redhat.com>
+Message-id: <20190625210710.20946-2-mreitz@redhat.com>
+Patchwork-id: 88945
+O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 1/2] block/file-posix: Unaligned O_DIRECT block-status
+Bugzilla: 1588356
+RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
+RH-Acked-by: John Snow <jsnow@redhat.com>
+RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
+
+Currently, qemu crashes whenever someone queries the block status of an
+unaligned image tail of an O_DIRECT image:
+$ echo > foo
+$ qemu-img map --image-opts driver=file,filename=foo,cache.direct=on
+Offset          Length          Mapped to       File
+qemu-img: block/io.c:2093: bdrv_co_block_status: Assertion `*pnum &&
+QEMU_IS_ALIGNED(*pnum, align) && align > offset - aligned_offset'
+failed.
+
+This is because bdrv_co_block_status() checks that the result returned
+by the driver's implementation is aligned to the request_alignment, but
+file-posix can fail to do so, which is actually mentioned in a comment
+there: "[...] possibly including a partial sector at EOF".
+
+Fix this by rounding up those partial sectors.
+
+There are two possible alternative fixes:
+(1) We could refuse to open unaligned image files with O_DIRECT
+    altogether.  That sounds reasonable until you realize that qcow2
+    does necessarily not fill up its metadata clusters, and that nobody
+    runs qemu-img create with O_DIRECT.  Therefore, unpreallocated qcow2
+    files usually have an unaligned image tail.
+
+(2) bdrv_co_block_status() could ignore unaligned tails.  It actually
+    throws away everything past the EOF already, so that sounds
+    reasonable.
+    Unfortunately, the block layer knows file lengths only with a
+    granularity of BDRV_SECTOR_SIZE, so bdrv_co_block_status() usually
+    would have to guess whether its file length information is inexact
+    or whether the driver is broken.
+
+Fixing what raw_co_block_status() returns is the safest thing to do.
+
+There seems to be no other block driver that sets request_alignment and
+does not make sure that it always returns aligned values.
+
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Max Reitz <mreitz@redhat.com>
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+(cherry picked from commit 9c3db310ff0b7473272ae8dce5e04e2f8a825390)
+Signed-off-by: Max Reitz <mreitz@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ block/file-posix.c | 16 ++++++++++++++++
+ 1 file changed, 16 insertions(+)
+
+diff --git a/block/file-posix.c b/block/file-posix.c
+index 1cf4ee4..c185f34 100644
+--- a/block/file-posix.c
+++ b/block/file-posix.c
+@@ -2475,6 +2475,8 @@ static int coroutine_fn raw_co_block_status(BlockDriverState *bs,
+     off_t data = 0, hole = 0;
+     int ret;
+ 
+    assert(QEMU_IS_ALIGNED(offset | bytes, bs->bl.request_alignment));
+
+     ret = fd_open(bs);
+     if (ret < 0) {
+         return ret;
+@@ -2500,6 +2502,20 @@ static int coroutine_fn raw_co_block_status(BlockDriverState *bs,
+         /* On a data extent, compute bytes to the end of the extent,
+          * possibly including a partial sector at EOF. */
+         *pnum = MIN(bytes, hole - offset);
+
+        /*
+         * We are not allowed to return partial sectors, though, so
+         * round up if necessary.
+         */
+        if (!QEMU_IS_ALIGNED(*pnum, bs->bl.request_alignment)) {
+            int64_t file_length = raw_getlength(bs);
+            if (file_length > 0) {
+                /* Ignore errors, this is just a safeguard */
+                assert(hole == file_length);
+            }
+            *pnum = ROUND_UP(*pnum, bs->bl.request_alignment);
+        }
+
+         ret = BDRV_BLOCK_DATA;
+     } else {
+         /* On a hole, compute bytes to the beginning of the next extent.  */
+-- 
+1.8.3.1
+
--- a/kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch
+++ b/kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch
@ -0,0 +1,182 @@
+From d986fc898ca8a20b486afe92dc0c7b370f482366 Mon Sep 17 00:00:00 2001
+From: Max Reitz <mreitz@redhat.com>
+Date: Tue, 25 Jun 2019 21:07:10 +0200
+Subject: [PATCH 5/6] iotests: Test unaligned raw images with O_DIRECT
+
+RH-Author: Max Reitz <mreitz@redhat.com>
+Message-id: <20190625210710.20946-3-mreitz@redhat.com>
+Patchwork-id: 88946
+O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 2/2] iotests: Test unaligned raw images with O_DIRECT
+Bugzilla: 1588356
+RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
+RH-Acked-by: John Snow <jsnow@redhat.com>
+RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
+
+We already have 221 for accesses through the page cache, but it is
+better to create a new file for O_DIRECT instead of integrating those
+test cases into 221.  This way, we can make use of
+_supported_cache_modes (and _default_cache_mode) so the test is
+automatically skipped on filesystems that do not support O_DIRECT.
+
+As part of the split, add _supported_cache_modes to 221.  With that, it
+no longer fails when run with -c none or -c directsync.
+
+Signed-off-by: Max Reitz <mreitz@redhat.com>
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+(cherry picked from commit 2fab30c80b33cdc6157c7efe6207e54b6835cf92)
+Signed-off-by: Max Reitz <mreitz@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ tests/qemu-iotests/221     |  4 +++
+ tests/qemu-iotests/253     | 84 ++++++++++++++++++++++++++++++++++++++++++++++
+ tests/qemu-iotests/253.out | 14 ++++++++
+ tests/qemu-iotests/group   |  1 +
+ 4 files changed, 103 insertions(+)
+ create mode 100755 tests/qemu-iotests/253
+ create mode 100644 tests/qemu-iotests/253.out
+
+diff --git a/tests/qemu-iotests/221 b/tests/qemu-iotests/221
+index 808cd9a..92c9b13 100755
+--- a/tests/qemu-iotests/221
+++ b/tests/qemu-iotests/221
+@@ -1,6 +1,7 @@
+ #!/usr/bin/env bash
+ #
+ # Test qemu-img vs. unaligned images
+# (See also 253, which is the O_DIRECT version)
+ #
+ # Copyright (C) 2018 Red Hat, Inc.
+ #
+@@ -37,6 +38,9 @@ _supported_fmt raw
+ _supported_proto file
+ _supported_os Linux
+ 
+_default_cache_mode writeback
+_supported_cache_modes writeback writethrough unsafe
+
+ echo
+ echo "=== Check mapping of unaligned raw image ==="
+ echo
+diff --git a/tests/qemu-iotests/253 b/tests/qemu-iotests/253
+new file mode 100755
+index 0000000..d88d5af
+--- /dev/null
+++ b/tests/qemu-iotests/253
+@@ -0,0 +1,84 @@
+#!/usr/bin/env bash
+#
+# Test qemu-img vs. unaligned images; O_DIRECT version
+# (Originates from 221)
+#
+# Copyright (C) 2019 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+seq="$(basename $0)"
+echo "QA output created by $seq"
+
+status=1 # failure is the default!
+
+_cleanup()
+{
+    _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt raw
+_supported_proto file
+_supported_os Linux
+
+_default_cache_mode none
+_supported_cache_modes none directsync
+
+echo
+echo "=== Check mapping of unaligned raw image ==="
+echo
+
+# We do not know how large a physical sector is, but it is certainly
+# going to be a factor of 1 MB
+size=$((1 * 1024 * 1024 - 1))
+
+# qemu-img create rounds size up to BDRV_SECTOR_SIZE
+_make_test_img $size
+$QEMU_IMG map --output=json --image-opts \
+    "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+    | _filter_qemu_img_map
+
+# so we resize it and check again
+truncate --size=$size "$TEST_IMG"
+$QEMU_IMG map --output=json --image-opts \
+    "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+    | _filter_qemu_img_map
+
+# qemu-io with O_DIRECT always writes whole physical sectors.  Again,
+# we do not know how large a physical sector is, so we just start
+# writing from a 64 kB boundary, which should always be aligned.
+offset=$((1 * 1024 * 1024 - 64 * 1024))
+$QEMU_IO -c "w $offset $((size - offset))" "$TEST_IMG" | _filter_qemu_io
+$QEMU_IMG map --output=json --image-opts \
+    "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+    | _filter_qemu_img_map
+
+# Resize it and check again -- contrary to 221, we may not get partial
+# sectors here, so there should be only two areas (one zero, one
+# data).
+truncate --size=$size "$TEST_IMG"
+$QEMU_IMG map --output=json --image-opts \
+    "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+    | _filter_qemu_img_map
+
+# success, all done
+echo '*** done'
+rm -f $seq.full
+status=0
+diff --git a/tests/qemu-iotests/253.out b/tests/qemu-iotests/253.out
+new file mode 100644
+index 0000000..607c0ba
+--- /dev/null
+++ b/tests/qemu-iotests/253.out
+@@ -0,0 +1,14 @@
+QA output created by 253
+
+=== Check mapping of unaligned raw image ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048575
+[{ "start": 0, "length": 1048576, "depth": 0, "zero": true, "data": false, "offset": OFFSET}]
+[{ "start": 0, "length": 1048576, "depth": 0, "zero": true, "data": false, "offset": OFFSET}]
+wrote 65535/65535 bytes at offset 983040
+63.999 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+[{ "start": 0, "length": 983040, "depth": 0, "zero": true, "data": false, "offset": OFFSET},
+{ "start": 983040, "length": 65536, "depth": 0, "zero": false, "data": true, "offset": OFFSET}]
+[{ "start": 0, "length": 983040, "depth": 0, "zero": true, "data": false, "offset": OFFSET},
+{ "start": 983040, "length": 65536, "depth": 0, "zero": false, "data": true, "offset": OFFSET}]
+*** done
+diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
+index 0db5e68..3ea739d 100644
+--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
+@@ -248,3 +248,4 @@
+ 246 rw auto quick
+ 247 rw auto quick
+ 248 rw auto quick
+253 rw auto quick
+-- 
+1.8.3.1
+
--- a/kvm-qxl-check-release-info-object.patch
+++ b/kvm-qxl-check-release-info-object.patch
@ -0,0 +1,51 @@
+From b779db9ffd8626b74f969a7c2484239715f2d9e8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
+Date: Wed, 19 Jun 2019 17:18:47 +0200
+Subject: [PATCH 2/6] qxl: check release info object
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-id: <20190619171847.32603-2-philmd@redhat.com>
+Patchwork-id: 88739
+O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 1/1] qxl: check release info object
+Bugzilla: 1712717
+RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
+RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
+RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
+
+From: Prasad J Pandit <pjp@fedoraproject.org>
+
+When releasing spice resources in release_resource() routine,
+if release info object 'ext.info' is null, it leads to null
+pointer dereference. Add check to avoid it.
+
+Reported-by: Bugs SysSec <bugs-syssec@rub.de>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Message-id: 20190425063534.32747-1-ppandit@redhat.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+(cherry picked from commit d52680fc932efb8a2f334cc6993e705ed1e31e99)
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ hw/display/qxl.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/hw/display/qxl.c b/hw/display/qxl.c
+index c8ce578..632923a 100644
+--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
+@@ -777,6 +777,9 @@ static void interface_release_resource(QXLInstance *sin,
+     QXLReleaseRing *ring;
+     uint64_t *item, id;
+ 
+    if (!ext.info) {
+        return;
+    }
+     if (ext.group_id == MEMSLOT_GROUP_HOST) {
+         /* host group -> vga mode update request */
+         QXLCommandExt *cmdext = (void *)(intptr_t)(ext.info->id);
+-- 
+1.8.3.1
+
--- a/kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch
+++ b/kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch
@ -0,0 +1,43 @@
+From 27b7c444c3a568e87647f5386fbfc2c0f2b1ff9b Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Fri, 28 Jun 2019 08:34:00 +0200
+Subject: [PATCH 6/6] rh: set CONFIG_BOCHS_DISPLAY=y for x86
+
+RH-Author: Gerd Hoffmann <kraxel@redhat.com>
+Message-id: <20190628083400.7016-2-kraxel@redhat.com>
+Patchwork-id: 88989
+O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH v2 1/1] rh: set CONFIG_BOCHS_DISPLAY=y for x86
+Bugzilla: 1707118
+RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
+
+-device bochs-display can replace -device VGA for cases where
+legacy vga emulation is not needed.  That is the case for UEFI
+guests (they use EFI GOP for boot display).  seabios guest can
+work too with some quirks.
+
+Main advantage: Much simpler device emulation -> reduced attach surface.
+
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ default-configs/x86_64-rh-devices.mak | 1 +
+ redhat/qemu-kvm.spec.template         | 4 ++++
+ 2 files changed, 5 insertions(+)
+
+diff --git a/default-configs/x86_64-rh-devices.mak b/default-configs/x86_64-rh-devices.mak
+index 01b5363..05ad6cf 100644
+--- a/default-configs/x86_64-rh-devices.mak
+++ b/default-configs/x86_64-rh-devices.mak
+@@ -12,6 +12,7 @@ CONFIG_ACPI_X86_ICH=y
+ CONFIG_AHCI=y
+ CONFIG_APIC=y
+ CONFIG_APM=y
+CONFIG_BOCHS_DISPLAY=y
+ CONFIG_DIMM=y
+ CONFIG_E1000E_PCI_EXPRESS=y
+ CONFIG_E1000_PCI=y
+-- 
+1.8.3.1
+
--- a/kvm-target-i386-add-MDS-NO-feature.patch
+++ b/kvm-target-i386-add-MDS-NO-feature.patch
@ -0,0 +1,51 @@
+From dd19ddadfbabc54415977cd0b9b3f520a87988ad Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Sun, 23 Jun 2019 15:19:17 +0200
+Subject: [PATCH 3/6] target/i386: add MDS-NO feature
+
+RH-Author: Paolo Bonzini <pbonzini@redhat.com>
+Message-id: <20190623151917.7942-1-pbonzini@redhat.com>
+Patchwork-id: 88873
+O-Subject: [RHEL-AV-8.1.0 PATCH qemu-kvm] target/i386: add MDS-NO feature
+Bugzilla: 1722839
+RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
+RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
+RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
+
+Bugzilla: 1722839
+
+Brew build: 22317828
+
+Microarchitectural Data Sampling is a hardware vulnerability which allows
+unprivileged speculative access to data which is available in various CPU
+internal buffers.
+
+Some Intel processors use the ARCH_CAP_MDS_NO bit in the
+IA32_ARCH_CAPABILITIES
+MSR to report that they are not vulnerable, make it available to guests.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Message-Id: <20190516185320.28340-1-pbonzini@redhat.com>
+Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
+(cherry picked from commit 20140a82c67467f53814ca197403d5e1b561a5e5)
+Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
+---
+ target/i386/cpu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index 3886464..2e73821 100644
+--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
+@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+         .type = MSR_FEATURE_WORD,
+         .feat_names = {
+             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
+-            "ssb-no", NULL, NULL, NULL,
+            "ssb-no", "mds-no", NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+-- 
+1.8.3.1
+
--- a/qemu-kvm.spec
+++ b/qemu-kvm.spec
@ -67,7 +67,7 @@ Obsoletes: %1-rhev
 Summary: QEMU is a machine emulator and virtualizer
 Name: qemu-kvm
 Version: 4.0.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
 Epoch: 15
 License: GPLv2 and GPLv2+ and CC-BY
@ -154,6 +154,16 @@ Patch34: kvm-aarch64-Compile-out-IOH3420.patch
 Patch35: kvm-vl-Fix-drive-blockdev-persistent-reservation-managem.patch
 # For bz#1714891 - Guest with persistent reservation manager for a disk fails to start
 Patch36: kvm-vl-Document-why-objects-are-delayed.patch
+# For bz#1712717 - CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8]
+Patch37: kvm-qxl-check-release-info-object.patch
+# For bz#1722839 - [Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train
+Patch38: kvm-target-i386-add-MDS-NO-feature.patch
+# For bz#1588356 - qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img'
+Patch39: kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch
+# For bz#1588356 - qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img'
+Patch40: kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch
+# For bz#1707118 - enable device: bochs-display (QEMU)
+Patch41: kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch

 BuildRequires: zlib-devel
 BuildRequires: glib2-devel
@ -180,7 +190,7 @@ BuildRequires: libcacard-devel
 # For smartcard NSS support
 BuildRequires: nss-devel
 %endif
-BuildRequires: libseccomp-devel >= 2.3.0
+BuildRequires: libseccomp-devel >= 2.4.0
 # For network block driver
 BuildRequires: libcurl-devel
 BuildRequires: libssh2-devel
@ -297,7 +307,7 @@ Requires: ipxe-roms-qemu >= 20170123-1
 Requires: SLOF >= %{SLOF_gittagdate}-1.git%{SLOF_gittagcommit}
 %endif
 Requires: %{name}-common = %{epoch}:%{version}-%{release}
-Requires: libseccomp >= 2.3.0
+Requires: libseccomp >= 2.4.0
 # For compressed guest memory dumps
 Requires: lzo snappy
 %if %{have_gluster}
@ -845,6 +855,8 @@ rom_link() {
  rom_link ../seavgabios/vgabios-stdvga.bin vgabios-stdvga.bin
  rom_link ../seavgabios/vgabios-vmware.bin vgabios-vmware.bin
  rom_link ../seavgabios/vgabios-virtio.bin vgabios-virtio.bin
+  rom_link ../seavgabios/vgabios-ramfb.bin vgabios-ramfb.bin
+  rom_link ../seavgabios/vgabios-bochs-display.bin vgabios-bochs-display.bin
 %endif
 %ifarch x86_64
  rom_link ../seabios/bios.bin bios.bin
@ -1002,6 +1014,8 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
    %{_datadir}/%{name}/vgabios-stdvga.bin
    %{_datadir}/%{name}/vgabios-vmware.bin
    %{_datadir}/%{name}/vgabios-virtio.bin
+    %{_datadir}/%{name}/vgabios-ramfb.bin
+    %{_datadir}/%{name}/vgabios-bochs-display.bin
    %{_datadir}/%{name}/efi-e1000.rom
    %{_datadir}/%{name}/efi-e1000e.rom
    %{_datadir}/%{name}/efi-virtio.rom
@ -1073,6 +1087,24 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \


 %changelog
+* Mon Jul 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 4.0.0-5.el8
+- kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306]
+- kvm-qxl-check-release-info-object.patch [bz#1712717]
+- kvm-target-i386-add-MDS-NO-feature.patch [bz#1722839]
+- kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1588356]
+- kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1588356]
+- kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch [bz#1707118]
+- Resolves: bz#1588356
+  (qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img')
+- Resolves: bz#1707118
+  (enable device: bochs-display (QEMU))
+- Resolves: bz#1712717
+  (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8])
+- Resolves: bz#1720306
+  (VM failed to start with error "failed to install seccomp syscall filter in the kernel")
+- Resolves: bz#1722839
+  ([Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train)
+
 * Tue Jun 11 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 4.0.0-4.el8
 - kvm-Disable-VXHS-support.patch [bz#1714937]
 - kvm-aarch64-Add-virt-rhel8.1.0-machine-type-for-ARM.patch [bz#1713735]