]>
git.proxmox.com Git - pve-qemu-kvm.git/log
Wolfgang Bumiller [Mon, 8 Feb 2016 07:40:19 +0000 (08:40 +0100)]
Fix #885: vma-writer: don't bail out on zero length files
Dietmar Maurer [Mon, 1 Feb 2016 16:16:36 +0000 (17:16 +0100)]
bump version to 2.5-4
Wolfgang Bumiller [Mon, 1 Feb 2016 09:57:25 +0000 (10:57 +0100)]
Fix CVE-2016-2197 and CVE-2016-2198
CVE-2016-2197: ide: ahci: add check before calling dma_memory_unmap
CVE-2016-2198: usb: ehci: add capability mmio write function
Dietmar Maurer [Fri, 22 Jan 2016 08:09:53 +0000 (09:09 +0100)]
bump version to 2.5-3
Wolfgang Bumiller [Fri, 22 Jan 2016 07:54:49 +0000 (08:54 +0100)]
Fix CVE-2016-1981
e1000: eliminate infinite loops on out-of-bounds transfer start
Dietmar Maurer [Wed, 20 Jan 2016 07:41:16 +0000 (08:41 +0100)]
bump version to 2.5-2
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:29 +0000 (11:21 +0100)]
Added CVE-2016-1922 and tlscreds use-after-free fix
vnc: clear vs->tlscreds after unparenting it
CVE-2016-1922: i386: avoid null pointer dereference
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:28 +0000 (11:21 +0100)]
bump version to 2.5
--disable-smartcard-nss is now --disable-smartcard
--enable-vnc-tls is gone
--enable-gnutls was added instead
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:27 +0000 (11:21 +0100)]
adding 2.5 pve patches and left-over extra fixes
Wolfgang Bumiller [Mon, 18 Jan 2016 10:21:26 +0000 (11:21 +0100)]
moving all old patches to the old/ directory
Wolfgang Bumiller [Mon, 11 Jan 2016 08:52:18 +0000 (09:52 +0100)]
Two more fixes
New version for CVE-2015-8619:
hmp: fix sendkey out of bounds write (CVE-2015-8619)
And:
CVE-2016-1568: ide: ahci: reset ncq object to unused on error
Dietmar Maurer [Mon, 11 Jan 2016 14:23:40 +0000 (15:23 +0100)]
bump version to 2.4-21
Wolfgang Bumiller [Mon, 11 Jan 2016 08:51:27 +0000 (09:51 +0100)]
close #849: iproute is a transitional package for iproute2
Dietmar Maurer [Fri, 8 Jan 2016 11:43:42 +0000 (12:43 +0100)]
bump version to 2.4-20
Wolfgang Bumiller [Fri, 8 Jan 2016 09:21:53 +0000 (10:21 +0100)]
Removing wrong CVE-2015-8619
It's not required and breaks 'sendkey' of combined keys such
as "ctrl-f1".
Dietmar Maurer [Thu, 7 Jan 2016 10:13:20 +0000 (11:13 +0100)]
bump version to 2.4-19
Wolfgang Bumiller [Thu, 7 Jan 2016 08:59:21 +0000 (09:59 +0100)]
Several fixes
CVE-2015-8613 scsi: initialise info object with appropriate size
CVE-2015-8619 hmp: avoid redundant null termination of buffer
CVE-2015-8666 acpi: fix buffer overrun on migration
CVE-2015-8701 net: rocker: fix an incorrect array bounds check
CVE-2015-8743 net: ne2000: fix bounds check in ioport operations
CVE-2015-8744 net/vmxnet3: Refine l2 header validation
CVE-2015-8745 vmxnet3: Support reading IMR registers on bar0
Dietmar Maurer [Fri, 18 Dec 2015 08:13:00 +0000 (09:13 +0100)]
bump version to 2.4-18
Wolfgang Bumiller [Tue, 15 Dec 2015 14:53:29 +0000 (15:53 +0100)]
fixes for CVEs 2015-7549, 2015-8858 and for vmxnet3
The third one has no number assigned yet but was reviewed
and is queued for 2.6 and probably also 2.5.1.
Dietmar Maurer [Wed, 9 Dec 2015 11:16:31 +0000 (12:16 +0100)]
set RELEASE=4.1
Dietmar Maurer [Wed, 9 Dec 2015 11:12:22 +0000 (12:12 +0100)]
bump version to 2.4-17
Wolfgang Bumiller [Wed, 9 Dec 2015 08:46:48 +0000 (09:46 +0100)]
added fix for CVE-2015-8504
Dietmar Maurer [Tue, 1 Dec 2015 08:52:06 +0000 (09:52 +0100)]
bump version to 2.4-16
Wolfgang Bumiller [Mon, 30 Nov 2015 12:18:47 +0000 (13:18 +0100)]
added fixes for CVE-2015-7504 and CVE-2015-7512
Affected components: pcnet (so not exposed via our GUI)
The patches were tagged for 2.5 but the code they're
modifying is still the same as it was in 2.4. They apply
and work.
Wolfgang Link [Thu, 26 Nov 2015 10:23:38 +0000 (11:23 +0100)]
refactor qmp_backup
Wolfgang Link [Thu, 26 Nov 2015 09:31:31 +0000 (10:31 +0100)]
add firewall config to qmp_backup
now it is possible to backup the firewall setting with qemu live backup
Dietmar Maurer [Thu, 26 Nov 2015 06:57:06 +0000 (07:57 +0100)]
bump version to 2.4-15
Dietmar Maurer [Thu, 26 Nov 2015 06:55:50 +0000 (07:55 +0100)]
changed OVMF bios file permissions to 0644
Alexandre Derumier [Sat, 21 Nov 2015 07:52:50 +0000 (08:52 +0100)]
add ovmf uefi roms V2
src : https://www.kraxel.org/repos/jenkins/edk2/edk2.git-ovmf-x64-0-
20151117 .b1317.g386cdfb.noarch.rpm
https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF
changelog:
add OVMF-pure-efi.fd instead OVMF-CODE-pure-efi.fd to have virtio support
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Mon, 9 Nov 2015 15:38:55 +0000 (16:38 +0100)]
add reference to bug report
Dietmar Maurer [Mon, 9 Nov 2015 05:27:11 +0000 (06:27 +0100)]
bump version to 2.4-14
Alexandre Derumier [Mon, 9 Nov 2015 02:58:07 +0000 (03:58 +0100)]
savevm async : setup raw format by default fo vmstate file
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Fri, 6 Nov 2015 08:47:36 +0000 (09:47 +0100)]
bump version to 2.4-13
Dietmar Maurer [Fri, 6 Nov 2015 08:46:18 +0000 (09:46 +0100)]
update qemu to 2.4.1
Dietmar Maurer [Fri, 23 Oct 2015 07:42:37 +0000 (09:42 +0200)]
bump version to 2.4-12
Dietmar Maurer [Fri, 23 Oct 2015 07:41:40 +0000 (09:41 +0200)]
define QEMU_PKGVERSION
Dietmar Maurer [Thu, 22 Oct 2015 06:47:22 +0000 (08:47 +0200)]
bump version to 2.4-11
Dietmar Maurer [Thu, 22 Oct 2015 06:45:31 +0000 (08:45 +0200)]
update ipxe binaries, re-enable efi pxe ROMs
Dietmar Maurer [Tue, 13 Oct 2015 15:06:44 +0000 (17:06 +0200)]
bump version to 2.4-10
Alexandre Derumier [Tue, 13 Oct 2015 13:55:01 +0000 (15:55 +0200)]
pve-qemu-kvm : block: mirror - fix full sync mode when target does not support zeroes init
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Wed, 30 Sep 2015 07:34:34 +0000 (09:34 +0200)]
bump version to 2.4-9
Alexandre Derumier [Wed, 30 Sep 2015 07:24:01 +0000 (09:24 +0200)]
qemu :disable smm support
kernel 4.2 and qemu 2.4 machine introduce support for SMM
(system management support).
this is needed to manage uefi inside guest.
But it seem to hang on a lot of servers.
So for now, disable the feature in qemu side.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Wed, 23 Sep 2015 04:45:57 +0000 (06:45 +0200)]
update to qemu 2.4.0.1, bump version to 2.4-8
Dietmar Maurer [Sun, 20 Sep 2015 08:08:11 +0000 (10:08 +0200)]
bump version to 2.4-7
Wolfgang Bumiller [Fri, 18 Sep 2015 11:56:26 +0000 (13:56 +0200)]
savevm-async: move global_state_store to the end
The migration process does it in the end, and since we work
asynchronously it makes more sense for us, too. (This also
seems to fix some size and performance issues that regular
'savevm' is currently still experiencing.)
Dietmar Maurer [Tue, 15 Sep 2015 07:07:57 +0000 (09:07 +0200)]
bump version to 2.4-6
Wolfgang Bumiller [Mon, 14 Sep 2015 13:33:59 +0000 (15:33 +0200)]
fix snapshot/rollback of running vm
updating the internal-snapshot-async.patch:
-) qemu now needs a savevm state header
-) global_state_store needs to be called before storing the
vmstate as of
560d027b .
-) migration_incoming_state_new must be called before
loading the vmstate as of
bca7856a .
Fixes #694
Dietmar Maurer [Wed, 9 Sep 2015 09:27:32 +0000 (11:27 +0200)]
bump version to 2.4-5
Dietmar Maurer [Wed, 9 Sep 2015 09:25:25 +0000 (11:25 +0200)]
fix for empty vma archives (config only)
We need to run the event loop correctly.
Dietmar Maurer [Sat, 5 Sep 2015 08:15:17 +0000 (10:15 +0200)]
bump version to 2.4-4
Dietmar Maurer [Sat, 5 Sep 2015 08:12:18 +0000 (10:12 +0200)]
update qemu sources with reverted commit
b8eb5512
Alexandre Derumier [Wed, 2 Sep 2015 04:49:33 +0000 (06:49 +0200)]
fix q35 pci passthrough
revert commit
b8eb5512fd8a115f164edbbe897cdf8884920ccb
bug report:
http://forum.proxmox.com/threads/23346-Proxmox-4b1-q35-machines-failing-to-reboot-problems-with-PCI-passthrough
https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg03281.html
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Wed, 2 Sep 2015 04:49:32 +0000 (06:49 +0200)]
add depend on libjpeg62-turbo
previously on wheezy, we build qemu with libjpeg8. (qemu depend on libsdl, which depend on libjpeg)
But this package is missing is jessie (because of a last minute bug).
But that mean that upgrading from wheezy to jessie, keep the old wheezy libjpeg8. (and libjpeg8-dev).
So, it's better to add explicit depencines on libjpeg-dev and libjpeg62-turbo. (like the official qemu debian package)
to force the upgrade of the libs.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Thu, 13 Aug 2015 15:06:59 +0000 (17:06 +0200)]
bump version to 2.4-3
Alexandre Derumier [Thu, 13 Aug 2015 13:16:12 +0000 (15:16 +0200)]
add mirror-fix-coroutine-reentrance.patch
This fix a regression introduced by qemu commit
dcfb3beb ("mirror: Do zero
write on target if sectors not allocated").
This patch is not in final qemu 2.4 released.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Thu, 13 Aug 2015 15:02:12 +0000 (17:02 +0200)]
add v2.4.0 sources
Dietmar Maurer [Sat, 8 Aug 2015 13:24:47 +0000 (15:24 +0200)]
include BSD license to avoid lintian warning
Dietmar Maurer [Sat, 8 Aug 2015 13:16:09 +0000 (15:16 +0200)]
bump version to 2.4-2, update to upstream v2.4.0-rc4
Dietmar Maurer [Thu, 30 Jul 2015 07:44:03 +0000 (09:44 +0200)]
update to v2.4.0-rc3, bump version to 2.4-1
Dietmar Maurer [Wed, 29 Jul 2015 08:07:38 +0000 (10:07 +0200)]
bump version to 2.3-8
Dietmar Maurer [Wed, 29 Jul 2015 08:06:33 +0000 (10:06 +0200)]
update to latest upstream
Dietmar Maurer [Mon, 27 Jul 2015 08:24:13 +0000 (10:24 +0200)]
remove mirror-sleep patches (now upstream)
Wolfgang Bumiller [Tue, 14 Jul 2015 09:06:16 +0000 (11:06 +0200)]
target-x86_64.conf was finally removed in
1b93c9a1
Wolfgang Bumiller [Mon, 13 Jul 2015 14:01:59 +0000 (16:01 +0200)]
whitelist get_link_status to return a built-in
Seems like a better approach than to encapsulate it in a
LinkStatus type.
Also fixed its example.
Wolfgang Bumiller [Mon, 13 Jul 2015 13:39:47 +0000 (15:39 +0200)]
adapt to nested-pause change:
751ebd76e6
Wolfgang Bumiller [Mon, 13 Jul 2015 13:27:55 +0000 (15:27 +0200)]
update backup/blockdev patches
Wolfgang Bumiller [Mon, 13 Jul 2015 12:37:30 +0000 (14:37 +0200)]
error_set updates according to
81e5f78a9f
also error_report was moved to another header
Wolfgang Bumiller [Mon, 13 Jul 2015 11:43:34 +0000 (13:43 +0200)]
Merged Alexandre's qmp-schema.json related updates
Wolfgang Bumiller [Mon, 13 Jul 2015 11:36:04 +0000 (13:36 +0200)]
updating mirror-sleep patches again
Alexandre Derumier [Fri, 10 Jul 2015 14:21:43 +0000 (16:21 +0200)]
mirror: Speed up bitmap initial scanning
https://www.mail-archive.com/qemu-devel@nongnu.org/msg309500.html
replace my old mirror-sleep2.patch,
Fam Zheng from redhat has finally fix it in a better way.
mirror-sleep1.patch && mirror-sleep2.patch are not yet in qemu 2.4 master
mirror-sleep2 patch reference : http://patchwork.ozlabs.org/patch/471656/
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Mon, 13 Jul 2015 11:31:50 +0000 (13:31 +0200)]
Merge Alexandre's 2.4 updates for jemalloc.patch
Wolfgang Bumiller [Mon, 13 Jul 2015 11:27:33 +0000 (13:27 +0200)]
part 1 of 2.4 patch update series
Dietmar Maurer [Mon, 27 Jul 2015 08:01:51 +0000 (10:01 +0200)]
update to latest upstream (v2.4.0-rc2 + a few patches)
Alexandre Derumier [Thu, 2 Jul 2015 05:31:58 +0000 (07:31 +0200)]
mirror sleep : set sleep to SLICE_TIME/10 (10ms)
Current make too much sleep because
if (now - last_pause_ns > SLICE_TIME) {
last_pause_ns = now;
block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, SLICE_TIME);
so, we sleep SLICE_TIME, then at next iteration if lastpause("SLICE_TIME") > SLICE_TIME, we sleep again.
So, it almost always sleep at each iteration.
This patch set the sleep value to SLICE_TIME/10.
I have benched it, I have very scanning speed without impacting vm performance.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Wed, 1 Jul 2015 04:17:08 +0000 (06:17 +0200)]
bump version to 2.3-6
Alexandre Derumier [Wed, 1 Jul 2015 04:01:41 +0000 (06:01 +0200)]
qemu : add drive-mirror sleep patches
Currently when drive-mirror is starting,
the vm and qmp it's hanging on bitmap scanning phase (mainly with raw, nfs and block raw driver).
This patch do regular pause between each iteration
The initial patch from qemu mailing is working,but pause time is really too short,
so we still hang qmp hangs and qemu big slowdown.
I increase it to SLICE_TIME, which is 100ms by default
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Fri, 19 Jun 2015 15:08:55 +0000 (17:08 +0200)]
bump version to 2.3-5
Alexandre Derumier [Fri, 19 Jun 2015 12:41:14 +0000 (14:41 +0200)]
use jemalloc as default memory allocator
(jemalloc support patch sent to qemu devel mailing list
http://lists.nongnu.org/archive/html/qemu-devel/2015-06/msg05265.html
)
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Wolfgang Bumiller [Thu, 18 Jun 2015 12:16:20 +0000 (14:16 +0200)]
Added patch for vvfat's file.label option
Dietmar Maurer [Thu, 18 Jun 2015 12:06:56 +0000 (14:06 +0200)]
bump version to 2.3-4
Alexandre Derumier [Wed, 17 Jun 2015 07:31:00 +0000 (09:31 +0200)]
remove tcmalloc default memory allocator
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Wed, 10 Jun 2015 15:48:49 +0000 (17:48 +0200)]
avoid compiler warnings
Dietmar Maurer [Wed, 10 Jun 2015 15:43:47 +0000 (17:43 +0200)]
set localstatedir=/var
Dietmar Maurer [Wed, 10 Jun 2015 15:33:44 +0000 (17:33 +0200)]
bump version to 2.3-3
Dietmar Maurer [Wed, 10 Jun 2015 15:32:35 +0000 (17:32 +0200)]
rename previous patch (cleanup)
w.link@proxmox.com [Wed, 10 Jun 2015 13:06:04 +0000 (15:06 +0200)]
add BlockDevice type to prevent warning.
The raw_bsd.c insert a check to warn when mounting BD, what has no device type.
Signed-off-by: w.link@proxmox.com <Wolfgang Link>
Dietmar Maurer [Wed, 10 Jun 2015 08:44:49 +0000 (10:44 +0200)]
bump version to 2.3-2
Alexandre Derumier [Wed, 10 Jun 2015 07:52:47 +0000 (09:52 +0200)]
tcmalloc : add depend on libgoogle-perftools4 not libtcmalloc-minimal4
qemu link to libtcmalloc.so not libtcmalloc_minimal.so
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Sat, 6 Jun 2015 07:28:37 +0000 (09:28 +0200)]
tcmalloc.patch: make it work without bash
Alexandre Derumier [Fri, 5 Jun 2015 11:46:51 +0000 (13:46 +0200)]
enable tcmalloc
This patch is already available in qemu 2.4, and can give an extra boost with librbd
with a lot of iops and reduce iops latencies
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Dietmar Maurer [Fri, 5 Jun 2015 05:31:25 +0000 (07:31 +0200)]
upload target: remove old debug package
Dietmar Maurer [Fri, 5 Jun 2015 05:04:45 +0000 (07:04 +0200)]
bump version to 2.3-1
Wolfgang Bumiller [Wed, 3 Jun 2015 07:27:31 +0000 (09:27 +0200)]
Update to v2.3.0
keymap.diff: removing last hunk
It only removes spaces, upstream already did that when
adding an assertion to it.
pve-auth.diff & fairsched.diff:
* dropped fairsched and moved vmid code to pve-auth.diff
* adapt pve-auth.diff to new qemu option parsing
virtio-balloon-fix-query.patch:
* merged ram_size -> get_current_ram_size() change
backup-modify-job-api.patch
* move new bdrv_op_unblock(target) into target guard
* fuzz/context fixup
* added NULL target checks to new places where necessary
(bdrv_op_is_blocked is now used on the target in
backup_start)
* annotated some hunks with their function
* applied same backup_start fixup of qmp_drive_backup to
the new qmp_blockdev_backup (introduced in
c29c1dd3 )
disable-efi-enable-pxe-roms.patch: fuzz/context fixup
virtio-balloon-dimmfix1.patch: is now upstream
virtio-balloon-dimmfix2.patch: is now upstream
virtio-balloon-dimmfix3.patch:
merged into virtio-balloon-fix-query.patch
virtio-scsi_fix_assert.patch: is now upstream
backup-add-dir-format.patch,
backup-add-pve-monitor-commands.patch,
internal-snapshot-async.patch:
* Convert bdrv_find to blk_by_name
bdrv_find was dropped and the code now uses blk_by_name
and blk_bs
internal-snapshot-async.patch:
* fuzz/context fixups
* added missing sysemu/block-backend.h for blk_by_name
Dietmar Maurer [Fri, 5 Jun 2015 05:03:18 +0000 (07:03 +0200)]
update qemu sources to 2.3.0
Wolfgang Bumiller [Thu, 21 May 2015 12:08:09 +0000 (14:08 +0200)]
Added patch to make ipv6 life easier.
Copy of the patch notes:
[PATCH] friendlier ai_flag hints for ipv6 hosts
*) Do not use AI_ADDRCONFIG on listening sockets, because this flag
makes it impossible to explicitly listen on '127.0.0.1' if no global
ipv4 address is configured additionally, making this a very
uncomfortable option.
*) Add AI_V4MAPPED hint for connecting sockets for a similar purpose.
If your system is globally only connected via ipv6 you still want to be
able to use '127.0.0.1' and 'localhost'.
Specifically, PVE - unless explicitly asking for insecure mode - uses
loopback addresses with QEMU for live migrations tunneled over SSH.
These fail to start because AI_ADDRCONFIG makes getaddrinfo refuse to
work with '127.0.0.1'.
As for the AI_V4MAPPED flag the situation is similar.
I also want to point out that glibc explicitly sidesteps POSIX standards
when passing 0 as hints by then assuming both AI_V4MAPPED and
AI_ADDRCONFIG (the latter being a rather weird choice IMO), while
according to POSIX.1-2001 it should be assumed 0. (glibc considers its
choice an improvement.)
Since either AI_CANONNAME or AI_PASSIVE are passed in our cases, glibc's
default flags in turn are disabled again unless explicitly added, which
I do with this patch.
Dietmar Maurer [Thu, 2 Apr 2015 04:56:41 +0000 (06:56 +0200)]
fix lintian warnings for debug package
Dietmar Maurer [Thu, 2 Apr 2015 04:46:44 +0000 (06:46 +0200)]
also install/upload debug package by default
spriebe [Wed, 1 Apr 2015 09:24:51 +0000 (11:24 +0200)]
add dbg package / disable strip for qemu
Signed-off-by: Stefan Priebe <s.priebe@profihost.ag>
Stefan Priebe [Mon, 30 Mar 2015 10:34:28 +0000 (12:34 +0200)]
qemu 2.2.1: fix assert while resizing or hot plugging virtio scsi disks
Signed-off-by: Stefan Priebe <s.priebe@profihost.ag>
Dietmar Maurer [Tue, 31 Mar 2015 04:07:29 +0000 (06:07 +0200)]
fix typo