rpms/qemu-kvm
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Mon Jul 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 4.0.0-5.el8

Browse Source 
- kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306]
- kvm-qxl-check-release-info-object.patch [bz#1712717]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1722839]
- kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1588356]
- kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1588356]
- kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch [bz#1707118]
- Resolves: bz#1588356
  (qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img')
- Resolves: bz#1707118
  (enable device: bochs-display (QEMU))
- Resolves: bz#1712717
  (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8])
- Resolves: bz#1720306
  (VM failed to start with error "failed to install seccomp syscall filter in the kernel")
- Resolves: bz#1722839
  ([Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train)
This commit is contained in:
Miroslav Rezanina 2019-07-08 14:20:34 +02:00
parent 0544bace3c
commit 0ba0561a8b
6 changed files with 460 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch Normal file
View File

@ -0,0 +1,98 @@
From cff152749afe8b045db50fdd065756a217efa6e9 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Tue, 25 Jun 2019 21:07:09 +0200
Subject: [PATCH 4/6] block/file-posix: Unaligned O_DIRECT block-status
RH-Author: Max Reitz <mreitz@redhat.com>
Message-id: <20190625210710.20946-2-mreitz@redhat.com>
Patchwork-id: 88945
O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 1/2] block/file-posix: Unaligned O_DIRECT block-status
Bugzilla: 1588356
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
RH-Acked-by: John Snow <jsnow@redhat.com>
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
Currently, qemu crashes whenever someone queries the block status of an
unaligned image tail of an O_DIRECT image:
$ echo > foo
$ qemu-img map --image-opts driver=file,filename=foo,cache.direct=on
Offset Length Mapped to File
qemu-img: block/io.c:2093: bdrv_co_block_status: Assertion `*pnum &&
QEMU_IS_ALIGNED(*pnum, align) && align > offset - aligned_offset'
failed.
This is because bdrv_co_block_status() checks that the result returned
by the driver's implementation is aligned to the request_alignment, but
file-posix can fail to do so, which is actually mentioned in a comment
there: "[...] possibly including a partial sector at EOF".
Fix this by rounding up those partial sectors.
There are two possible alternative fixes:
(1) We could refuse to open unaligned image files with O_DIRECT
altogether. That sounds reasonable until you realize that qcow2
does necessarily not fill up its metadata clusters, and that nobody
runs qemu-img create with O_DIRECT. Therefore, unpreallocated qcow2
files usually have an unaligned image tail.
(2) bdrv_co_block_status() could ignore unaligned tails. It actually
throws away everything past the EOF already, so that sounds
reasonable.
Unfortunately, the block layer knows file lengths only with a
granularity of BDRV_SECTOR_SIZE, so bdrv_co_block_status() usually
would have to guess whether its file length information is inexact
or whether the driver is broken.
Fixing what raw_co_block_status() returns is the safest thing to do.
There seems to be no other block driver that sets request_alignment and
does not make sure that it always returns aligned values.
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 9c3db310ff0b7473272ae8dce5e04e2f8a825390)
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
block/file-posix.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/block/file-posix.c b/block/file-posix.c
index 1cf4ee4..c185f34 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -2475,6 +2475,8 @@ static int coroutine_fn raw_co_block_status(BlockDriverState *bs,
off_t data = 0, hole = 0;
int ret;
+ assert(QEMU_IS_ALIGNED(offset | bytes, bs->bl.request_alignment));
+
ret = fd_open(bs);
if (ret < 0) {
return ret;
@@ -2500,6 +2502,20 @@ static int coroutine_fn raw_co_block_status(BlockDriverState *bs,
/* On a data extent, compute bytes to the end of the extent,
* possibly including a partial sector at EOF. */
*pnum = MIN(bytes, hole - offset);
+
+ /*
+ * We are not allowed to return partial sectors, though, so
+ * round up if necessary.
+ */
+ if (!QEMU_IS_ALIGNED(*pnum, bs->bl.request_alignment)) {
+ int64_t file_length = raw_getlength(bs);
+ if (file_length > 0) {
+ /* Ignore errors, this is just a safeguard */
+ assert(hole == file_length);
+ }
+ *pnum = ROUND_UP(*pnum, bs->bl.request_alignment);
+ }
+
ret = BDRV_BLOCK_DATA;
} else {
/* On a hole, compute bytes to the beginning of the next extent. */
--
1.8.3.1

182
kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch Normal file
View File

@ -0,0 +1,182 @@
From d986fc898ca8a20b486afe92dc0c7b370f482366 Mon Sep 17 00:00:00 2001
From: Max Reitz <mreitz@redhat.com>
Date: Tue, 25 Jun 2019 21:07:10 +0200
Subject: [PATCH 5/6] iotests: Test unaligned raw images with O_DIRECT
RH-Author: Max Reitz <mreitz@redhat.com>
Message-id: <20190625210710.20946-3-mreitz@redhat.com>
Patchwork-id: 88946
O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 2/2] iotests: Test unaligned raw images with O_DIRECT
Bugzilla: 1588356
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
RH-Acked-by: John Snow <jsnow@redhat.com>
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
We already have 221 for accesses through the page cache, but it is
better to create a new file for O_DIRECT instead of integrating those
test cases into 221. This way, we can make use of
_supported_cache_modes (and _default_cache_mode) so the test is
automatically skipped on filesystems that do not support O_DIRECT.
As part of the split, add _supported_cache_modes to 221. With that, it
no longer fails when run with -c none or -c directsync.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 2fab30c80b33cdc6157c7efe6207e54b6835cf92)
Signed-off-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
tests/qemu-iotests/221 | 4 +++
tests/qemu-iotests/253 | 84 ++++++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/253.out | 14 ++++++++
tests/qemu-iotests/group | 1 +
4 files changed, 103 insertions(+)
create mode 100755 tests/qemu-iotests/253
create mode 100644 tests/qemu-iotests/253.out
diff --git a/tests/qemu-iotests/221 b/tests/qemu-iotests/221
index 808cd9a..92c9b13 100755
--- a/tests/qemu-iotests/221
+++ b/tests/qemu-iotests/221
@@ -1,6 +1,7 @@
#!/usr/bin/env bash
#
# Test qemu-img vs. unaligned images
+# (See also 253, which is the O_DIRECT version)
#
# Copyright (C) 2018 Red Hat, Inc.
#
@@ -37,6 +38,9 @@ _supported_fmt raw
_supported_proto file
_supported_os Linux
+_default_cache_mode writeback
+_supported_cache_modes writeback writethrough unsafe
+
echo
echo "=== Check mapping of unaligned raw image ==="
echo
diff --git a/tests/qemu-iotests/253 b/tests/qemu-iotests/253
new file mode 100755
index 0000000..d88d5af
--- /dev/null
+++ b/tests/qemu-iotests/253
@@ -0,0 +1,84 @@
+#!/usr/bin/env bash
+#
+# Test qemu-img vs. unaligned images; O_DIRECT version
+# (Originates from 221)
+#
+# Copyright (C) 2019 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+seq="$(basename $0)"
+echo "QA output created by $seq"
+
+status=1 # failure is the default!
+
+_cleanup()
+{
+ _cleanup_test_img
+}
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+
+_supported_fmt raw
+_supported_proto file
+_supported_os Linux
+
+_default_cache_mode none
+_supported_cache_modes none directsync
+
+echo
+echo "=== Check mapping of unaligned raw image ==="
+echo
+
+# We do not know how large a physical sector is, but it is certainly
+# going to be a factor of 1 MB
+size=$((1 * 1024 * 1024 - 1))
+
+# qemu-img create rounds size up to BDRV_SECTOR_SIZE
+_make_test_img $size
+$QEMU_IMG map --output=json --image-opts \
+ "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+ | _filter_qemu_img_map
+
+# so we resize it and check again
+truncate --size=$size "$TEST_IMG"
+$QEMU_IMG map --output=json --image-opts \
+ "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+ | _filter_qemu_img_map
+
+# qemu-io with O_DIRECT always writes whole physical sectors. Again,
+# we do not know how large a physical sector is, so we just start
+# writing from a 64 kB boundary, which should always be aligned.
+offset=$((1 * 1024 * 1024 - 64 * 1024))
+$QEMU_IO -c "w $offset $((size - offset))" "$TEST_IMG" | _filter_qemu_io
+$QEMU_IMG map --output=json --image-opts \
+ "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+ | _filter_qemu_img_map
+
+# Resize it and check again -- contrary to 221, we may not get partial
+# sectors here, so there should be only two areas (one zero, one
+# data).
+truncate --size=$size "$TEST_IMG"
+$QEMU_IMG map --output=json --image-opts \
+ "driver=$IMGFMT,file.driver=file,file.filename=$TEST_IMG,cache.direct=on" \
+ | _filter_qemu_img_map
+
+# success, all done
+echo '*** done'
+rm -f $seq.full
+status=0
diff --git a/tests/qemu-iotests/253.out b/tests/qemu-iotests/253.out
new file mode 100644
index 0000000..607c0ba
--- /dev/null
+++ b/tests/qemu-iotests/253.out
@@ -0,0 +1,14 @@
+QA output created by 253
+
+=== Check mapping of unaligned raw image ===
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=1048575
+[{ "start": 0, "length": 1048576, "depth": 0, "zero": true, "data": false, "offset": OFFSET}]
+[{ "start": 0, "length": 1048576, "depth": 0, "zero": true, "data": false, "offset": OFFSET}]
+wrote 65535/65535 bytes at offset 983040
+63.999 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+[{ "start": 0, "length": 983040, "depth": 0, "zero": true, "data": false, "offset": OFFSET},
+{ "start": 983040, "length": 65536, "depth": 0, "zero": false, "data": true, "offset": OFFSET}]
+[{ "start": 0, "length": 983040, "depth": 0, "zero": true, "data": false, "offset": OFFSET},
+{ "start": 983040, "length": 65536, "depth": 0, "zero": false, "data": true, "offset": OFFSET}]
+*** done
diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group
index 0db5e68..3ea739d 100644
--- a/tests/qemu-iotests/group
+++ b/tests/qemu-iotests/group
@@ -248,3 +248,4 @@
246 rw auto quick
247 rw auto quick
248 rw auto quick
+253 rw auto quick
--
1.8.3.1

51
kvm-qxl-check-release-info-object.patch Normal file
View File

@ -0,0 +1,51 @@
From b779db9ffd8626b74f969a7c2484239715f2d9e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
Date: Wed, 19 Jun 2019 17:18:47 +0200
Subject: [PATCH 2/6] qxl: check release info object
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: <20190619171847.32603-2-philmd@redhat.com>
Patchwork-id: 88739
O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH 1/1] qxl: check release info object
Bugzilla: 1712717
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
From: Prasad J Pandit <pjp@fedoraproject.org>
When releasing spice resources in release_resource() routine,
if release info object 'ext.info' is null, it leads to null
pointer dereference. Add check to avoid it.
Reported-by: Bugs SysSec <bugs-syssec@rub.de>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20190425063534.32747-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit d52680fc932efb8a2f334cc6993e705ed1e31e99)
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
hw/display/qxl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/hw/display/qxl.c b/hw/display/qxl.c
index c8ce578..632923a 100644
--- a/hw/display/qxl.c
+++ b/hw/display/qxl.c
@@ -777,6 +777,9 @@ static void interface_release_resource(QXLInstance *sin,
QXLReleaseRing *ring;
uint64_t *item, id;
+ if (!ext.info) {
+ return;
+ }
if (ext.group_id == MEMSLOT_GROUP_HOST) {
/* host group -> vga mode update request */
QXLCommandExt *cmdext = (void *)(intptr_t)(ext.info->id);
--
1.8.3.1

43
kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch Normal file
View File

@ -0,0 +1,43 @@
From 27b7c444c3a568e87647f5386fbfc2c0f2b1ff9b Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Jun 2019 08:34:00 +0200
Subject: [PATCH 6/6] rh: set CONFIG_BOCHS_DISPLAY=y for x86
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
Message-id: <20190628083400.7016-2-kraxel@redhat.com>
Patchwork-id: 88989
O-Subject: [RHEL-AV-8.1.0 qemu-kvm PATCH v2 1/1] rh: set CONFIG_BOCHS_DISPLAY=y for x86
Bugzilla: 1707118
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>
-device bochs-display can replace -device VGA for cases where
legacy vga emulation is not needed. That is the case for UEFI
guests (they use EFI GOP for boot display). seabios guest can
work too with some quirks.
Main advantage: Much simpler device emulation -> reduced attach surface.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
default-configs/x86_64-rh-devices.mak | 1 +
redhat/qemu-kvm.spec.template | 4 ++++
2 files changed, 5 insertions(+)
diff --git a/default-configs/x86_64-rh-devices.mak b/default-configs/x86_64-rh-devices.mak
index 01b5363..05ad6cf 100644
--- a/default-configs/x86_64-rh-devices.mak
+++ b/default-configs/x86_64-rh-devices.mak
@@ -12,6 +12,7 @@ CONFIG_ACPI_X86_ICH=y
CONFIG_AHCI=y
CONFIG_APIC=y
CONFIG_APM=y
+CONFIG_BOCHS_DISPLAY=y
CONFIG_DIMM=y
CONFIG_E1000E_PCI_EXPRESS=y
CONFIG_E1000_PCI=y
--
1.8.3.1

51
kvm-target-i386-add-MDS-NO-feature.patch Normal file
View File

@ -0,0 +1,51 @@
From dd19ddadfbabc54415977cd0b9b3f520a87988ad Mon Sep 17 00:00:00 2001
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Sun, 23 Jun 2019 15:19:17 +0200
Subject: [PATCH 3/6] target/i386: add MDS-NO feature
RH-Author: Paolo Bonzini <pbonzini@redhat.com>
Message-id: <20190623151917.7942-1-pbonzini@redhat.com>
Patchwork-id: 88873
O-Subject: [RHEL-AV-8.1.0 PATCH qemu-kvm] target/i386: add MDS-NO feature
Bugzilla: 1722839
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
RH-Acked-by: Stefano Garzarella <sgarzare@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
Bugzilla: 1722839
Brew build: 22317828
Microarchitectural Data Sampling is a hardware vulnerability which allows
unprivileged speculative access to data which is available in various CPU
internal buffers.
Some Intel processors use the ARCH_CAP_MDS_NO bit in the
IA32_ARCH_CAPABILITIES
MSR to report that they are not vulnerable, make it available to guests.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20190516185320.28340-1-pbonzini@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
(cherry picked from commit 20140a82c67467f53814ca197403d5e1b561a5e5)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
target/i386/cpu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 3886464..2e73821 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1183,7 +1183,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.type = MSR_FEATURE_WORD,
.feat_names = {
"rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
- "ssb-no", NULL, NULL, NULL,
+ "ssb-no", "mds-no", NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
--
1.8.3.1

38
qemu-kvm.spec
View File

@ -67,7 +67,7 @@ Obsoletes: %1-rhev
Summary: QEMU is a machine emulator and virtualizer Summary: QEMU is a machine emulator and virtualizer
Name: qemu-kvm Name: qemu-kvm
Version: 4.0.0 Version: 4.0.0
Release: 4%{?dist} Release: 5%{?dist}
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
Epoch: 15 Epoch: 15
License: GPLv2 and GPLv2+ and CC-BY License: GPLv2 and GPLv2+ and CC-BY
@ -154,6 +154,16 @@ Patch34: kvm-aarch64-Compile-out-IOH3420.patch
Patch35: kvm-vl-Fix-drive-blockdev-persistent-reservation-managem.patch Patch35: kvm-vl-Fix-drive-blockdev-persistent-reservation-managem.patch
# For bz#1714891 - Guest with persistent reservation manager for a disk fails to start # For bz#1714891 - Guest with persistent reservation manager for a disk fails to start
Patch36: kvm-vl-Document-why-objects-are-delayed.patch Patch36: kvm-vl-Document-why-objects-are-delayed.patch
# For bz#1712717 - CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8]
Patch37: kvm-qxl-check-release-info-object.patch
# For bz#1722839 - [Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train
Patch38: kvm-target-i386-add-MDS-NO-feature.patch
# For bz#1588356 - qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img'
Patch39: kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch
# For bz#1588356 - qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img'
Patch40: kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch
# For bz#1707118 - enable device: bochs-display (QEMU)
Patch41: kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch
BuildRequires: zlib-devel BuildRequires: zlib-devel
BuildRequires: glib2-devel BuildRequires: glib2-devel
@ -180,7 +190,7 @@ BuildRequires: libcacard-devel
# For smartcard NSS support # For smartcard NSS support
BuildRequires: nss-devel BuildRequires: nss-devel
%endif %endif
BuildRequires: libseccomp-devel >= 2.3.0 BuildRequires: libseccomp-devel >= 2.4.0
# For network block driver # For network block driver
BuildRequires: libcurl-devel BuildRequires: libcurl-devel
BuildRequires: libssh2-devel BuildRequires: libssh2-devel
@ -297,7 +307,7 @@ Requires: ipxe-roms-qemu >= 20170123-1
Requires: SLOF >= %{SLOF_gittagdate}-1.git%{SLOF_gittagcommit} Requires: SLOF >= %{SLOF_gittagdate}-1.git%{SLOF_gittagcommit}
%endif %endif
Requires: %{name}-common = %{epoch}:%{version}-%{release} Requires: %{name}-common = %{epoch}:%{version}-%{release}
Requires: libseccomp >= 2.3.0 Requires: libseccomp >= 2.4.0
# For compressed guest memory dumps # For compressed guest memory dumps
Requires: lzo snappy Requires: lzo snappy
%if %{have_gluster} %if %{have_gluster}
@ -845,6 +855,8 @@ rom_link() {
rom_link ../seavgabios/vgabios-stdvga.bin vgabios-stdvga.bin rom_link ../seavgabios/vgabios-stdvga.bin vgabios-stdvga.bin
rom_link ../seavgabios/vgabios-vmware.bin vgabios-vmware.bin rom_link ../seavgabios/vgabios-vmware.bin vgabios-vmware.bin
rom_link ../seavgabios/vgabios-virtio.bin vgabios-virtio.bin rom_link ../seavgabios/vgabios-virtio.bin vgabios-virtio.bin
rom_link ../seavgabios/vgabios-ramfb.bin vgabios-ramfb.bin
rom_link ../seavgabios/vgabios-bochs-display.bin vgabios-bochs-display.bin
%endif %endif
%ifarch x86_64 %ifarch x86_64
rom_link ../seabios/bios.bin bios.bin rom_link ../seabios/bios.bin bios.bin
@ -1002,6 +1014,8 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%{_datadir}/%{name}/vgabios-stdvga.bin %{_datadir}/%{name}/vgabios-stdvga.bin
%{_datadir}/%{name}/vgabios-vmware.bin %{_datadir}/%{name}/vgabios-vmware.bin
%{_datadir}/%{name}/vgabios-virtio.bin %{_datadir}/%{name}/vgabios-virtio.bin
%{_datadir}/%{name}/vgabios-ramfb.bin
%{_datadir}/%{name}/vgabios-bochs-display.bin
%{_datadir}/%{name}/efi-e1000.rom %{_datadir}/%{name}/efi-e1000.rom
%{_datadir}/%{name}/efi-e1000e.rom %{_datadir}/%{name}/efi-e1000e.rom
%{_datadir}/%{name}/efi-virtio.rom %{_datadir}/%{name}/efi-virtio.rom
@ -1073,6 +1087,24 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
%changelog %changelog
* Mon Jul 08 2019 Miroslav Rezanina <mrezanin@redhat.com> - 4.0.0-5.el8
- kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1720306]
- kvm-qxl-check-release-info-object.patch [bz#1712717]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1722839]
- kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1588356]
- kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1588356]
- kvm-rh-set-CONFIG_BOCHS_DISPLAY-y-for-x86.patch [bz#1707118]
- Resolves: bz#1588356
(qemu crashed on the source host when do storage migration with source qcow2 disk created by 'qemu-img')
- Resolves: bz#1707118
(enable device: bochs-display (QEMU))
- Resolves: bz#1712717
(CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-av-8])
- Resolves: bz#1720306
(VM failed to start with error "failed to install seccomp syscall filter in the kernel")
- Resolves: bz#1722839
([Intel 8.1 FEAT] MDS_NO exposure to guest - Fast Train)
* Tue Jun 11 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 4.0.0-4.el8 * Tue Jun 11 2019 Danilo Cesar Lemes de Paula <ddepaula@redhat.com> - 4.0.0-4.el8
- kvm-Disable-VXHS-support.patch [bz#1714937] - kvm-Disable-VXHS-support.patch [bz#1714937]
- kvm-aarch64-Add-virt-rhel8.1.0-machine-type-for-ARM.patch [bz#1713735] - kvm-aarch64-Add-virt-rhel8.1.0-machine-type-for-ARM.patch [bz#1713735]