Accepting request 517607 from Virtualization
Latest fixes, including security issues. Also includes adjustment to libvdeplug-devel package name change. Also a couple Pre and Post Requires added as needed (were missing). I'm hoping this is the last supersede request. OBS-URL: https://build.opensuse.org/request/show/517607 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=125
This commit is contained in:
commit
83798c3a9f
@ -83,26 +83,26 @@ index 349cfc9d86..486d2759e4 100644
|
||||
static QemuOptsList qemu_vnc_opts = {
|
||||
.name = "vnc",
|
||||
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
|
||||
@@ -3202,6 +3245,9 @@ static QemuOptsList qemu_vnc_opts = {
|
||||
@@ -3201,6 +3244,9 @@ static QemuOptsList qemu_vnc_opts = {
|
||||
},{
|
||||
.name = "connections",
|
||||
.type = QEMU_OPT_NUMBER,
|
||||
},{
|
||||
+ },{
|
||||
+ .name = "allowed-connections",
|
||||
+ .type = QEMU_OPT_NUMBER,
|
||||
+ },{
|
||||
},{
|
||||
.name = "to",
|
||||
.type = QEMU_OPT_NUMBER,
|
||||
@@ -3213,6 +3259,9 @@ static QemuOptsList qemu_vnc_opts = {
|
||||
},{
|
||||
@@ -3214,6 +3260,9 @@ static QemuOptsList qemu_vnc_opts = {
|
||||
.name = "password",
|
||||
.type = QEMU_OPT_BOOL,
|
||||
},{
|
||||
+ },{
|
||||
+ .name = "password-file",
|
||||
+ .type = QEMU_OPT_STRING,
|
||||
+ },{
|
||||
},{
|
||||
.name = "reverse",
|
||||
.type = QEMU_OPT_BOOL,
|
||||
},{
|
||||
@@ -3766,6 +3815,7 @@ void vnc_display_open(const char *id, Error **errp)
|
||||
const char *share, *device_id;
|
||||
QemuConsole *con;
|
||||
|
@ -17,18 +17,18 @@ diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor
|
||||
index 79313a7f7a..e00194a649 100644
|
||||
--- a/tests/test-string-input-visitor.c
|
||||
+++ b/tests/test-string-input-visitor.c
|
||||
@@ -58,6 +58,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
|
||||
visit_type_int(v, NULL, &res, &err);
|
||||
g_assert(!err);
|
||||
g_assert_cmpint(res, ==, value);
|
||||
@@ -55,6 +55,14 @@ static void test_visitor_in_int(TestInputVisitorData *data,
|
||||
|
||||
v = visitor_input_test_init(data, "-42");
|
||||
|
||||
+ visit_type_int(v, NULL, &res, &err);
|
||||
+ g_assert(!err);
|
||||
+ g_assert_cmpint(res, ==, value);
|
||||
+ visitor_input_teardown(data, unused);
|
||||
+
|
||||
+ value = INT64_MAX;
|
||||
+ v = visitor_input_test_init(data, g_strdup_printf("%" PRId64, value));
|
||||
+
|
||||
+ visit_type_int(v, NULL, &res, &err);
|
||||
+ g_assert(!err);
|
||||
+ g_assert_cmpint(res, ==, value);
|
||||
|
||||
v = visitor_input_test_init(data, "not an int");
|
||||
|
||||
visit_type_int(v, NULL, &res, &err);
|
||||
g_assert(!err);
|
||||
g_assert_cmpint(res, ==, value);
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 5369a4b1932f7c298ae360789fd182c24e14c569 Mon Sep 17 00:00:00 2001
|
||||
From 93971b136370f4d22269a605a2d1d60cb0fa185a Mon Sep 17 00:00:00 2001
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Wed, 3 May 2017 12:44:41 +0200
|
||||
Subject: [PATCH] jazz_led: fix bad snprintf
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 94cc81bb7e1655b2b8ce0f1c996877ffb156bfb2 Mon Sep 17 00:00:00 2001
|
||||
From 40a4715c9e38f67f30bb22565d7e2b1cc59b7832 Mon Sep 17 00:00:00 2001
|
||||
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
|
||||
Date: Fri, 7 Apr 2017 15:32:54 +0100
|
||||
Subject: [PATCH] slirp/smb: Replace constant strings by glib string
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 355047e16c0834b88d7df8ef86efef8b0d3b6adc Mon Sep 17 00:00:00 2001
|
||||
From ac31e9efbe92ee16903a446db4faa14f28e8a9b8 Mon Sep 17 00:00:00 2001
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Mon, 22 May 2017 17:46:40 -0600
|
||||
Subject: [PATCH] altera_timer: fix incorrect memset
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 694037b618e2d331c38c287857da993fdab1f011 Mon Sep 17 00:00:00 2001
|
||||
From f73df04319a21d9c40ae7b40614637f2fbd5fa3f Mon Sep 17 00:00:00 2001
|
||||
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
|
||||
Date: Mon, 22 May 2017 17:48:13 -0600
|
||||
Subject: [PATCH] Hacks for building on gcc 7 / Fedora 26
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 85bc346e1f5d90e1be7147f982e18511304daaeb Mon Sep 17 00:00:00 2001
|
||||
From 44e4ce741c71d1d2c32f1d2b0d90a1f2e635e44f Mon Sep 17 00:00:00 2001
|
||||
From: Greg Kurz <groug@kaod.org>
|
||||
Date: Thu, 25 May 2017 10:30:13 +0200
|
||||
Subject: [PATCH] 9pfs: local: fix unlink of alien files in mapped-file mode
|
||||
|
@ -1,4 +1,4 @@
|
||||
From e0653c80373f056fa0bd72fb9aef161dac13b1cf Mon Sep 17 00:00:00 2001
|
||||
From b4c6e40036a569fa10cd2fde63244e707b4d75e5 Mon Sep 17 00:00:00 2001
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Mon, 19 Jun 2017 16:36:08 -0600
|
||||
Subject: [PATCH] megasas: do not read DCMD opcode more than once from frame
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 0199dd521a16bff213ee66fe1fb257790006237f Mon Sep 17 00:00:00 2001
|
||||
From 5e011980d6a696192ce807c21c145d738668d040 Mon Sep 17 00:00:00 2001
|
||||
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Date: Sat, 10 Jun 2017 14:04:51 -0600
|
||||
Subject: [PATCH] megasas: always store SCSIRequest* into MegasasCmd
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 94301dd6735f540dc9f6e01943fda914c4bbef8a Mon Sep 17 00:00:00 2001
|
||||
From 096703b0e4c619c6cd3015fcb105c65692b2ec56 Mon Sep 17 00:00:00 2001
|
||||
From: Eric Blake <eblake@redhat.com>
|
||||
Date: Fri, 26 May 2017 22:04:21 -0500
|
||||
Subject: [PATCH] nbd: Fully initialize client in case of failed negotiation
|
||||
|
@ -1,4 +1,4 @@
|
||||
From d8ebbbc6a85bc9a6a6e194564719e43a51ec2e86 Mon Sep 17 00:00:00 2001
|
||||
From e915b08f89ee946a702b98624c1e73849ddb611c Mon Sep 17 00:00:00 2001
|
||||
From: Bruce Rogers <brogers@suse.com>
|
||||
Date: Mon, 19 Jun 2017 14:48:02 -0600
|
||||
Subject: [PATCH] 9pfs: local: remove: use correct path component
|
||||
|
27
0065-hid-Reset-kbd-modifiers-on-reset.patch
Normal file
27
0065-hid-Reset-kbd-modifiers-on-reset.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From b1fafc01f55733b0e1aaeba84192b6515c92f7a0 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Graf <agraf@suse.de>
|
||||
Date: Thu, 22 Jun 2017 09:33:21 +0200
|
||||
Subject: [PATCH] hid: Reset kbd modifiers on reset
|
||||
|
||||
When resetting the keyboard, we need to reset not just the pending keystrokes,
|
||||
but also any pending modifiers. Otherwise there's a race when we're getting
|
||||
reset while running an escape sequence (modifier 0x100).
|
||||
|
||||
Cc: qemu-stable@nongnu.org
|
||||
Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
---
|
||||
hw/input/hid.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/hw/input/hid.c b/hw/input/hid.c
|
||||
index 93887ecc43..0d049ff61c 100644
|
||||
--- a/hw/input/hid.c
|
||||
+++ b/hw/input/hid.c
|
||||
@@ -487,6 +487,7 @@ void hid_reset(HIDState *hs)
|
||||
memset(hs->kbd.keycodes, 0, sizeof(hs->kbd.keycodes));
|
||||
memset(hs->kbd.key, 0, sizeof(hs->kbd.key));
|
||||
hs->kbd.keys = 0;
|
||||
+ hs->kbd.modifiers = 0;
|
||||
break;
|
||||
case HID_MOUSE:
|
||||
case HID_TABLET:
|
29
0066-input-Decrement-queue-count-on-kbd-.patch
Normal file
29
0066-input-Decrement-queue-count-on-kbd-.patch
Normal file
@ -0,0 +1,29 @@
|
||||
From bea345d1c1fa6d351de7cacf66ccc35845406b31 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Graf <agraf@suse.de>
|
||||
Date: Thu, 22 Jun 2017 09:36:36 +0200
|
||||
Subject: [PATCH] input: Decrement queue count on kbd delay
|
||||
|
||||
Delays in the input layer are special cased input events. Every input
|
||||
event is accounted for in a global intput queue count. The special cased
|
||||
delays however did not get removed from the queue, leading to queue overruns
|
||||
and thus silent key drops after typing quite a few characters.
|
||||
|
||||
Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
Fixes: be1a7176 ("input: add support for kbd delays")
|
||||
Cc: qemu-stable@nongnu.org
|
||||
---
|
||||
ui/input.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/ui/input.c b/ui/input.c
|
||||
index fb1f404095..94ba3d52cf 100644
|
||||
--- a/ui/input.c
|
||||
+++ b/ui/input.c
|
||||
@@ -252,6 +252,7 @@ static void qemu_input_queue_process(void *opaque)
|
||||
item = QTAILQ_FIRST(queue);
|
||||
g_assert(item->type == QEMU_INPUT_QUEUE_DELAY);
|
||||
QTAILQ_REMOVE(queue, item, node);
|
||||
+ queue_count--;
|
||||
g_free(item);
|
||||
|
||||
while (!QTAILQ_EMPTY(queue)) {
|
54
0067-xhci-only-update-dequeue-ptr-on-com.patch
Normal file
54
0067-xhci-only-update-dequeue-ptr-on-com.patch
Normal file
@ -0,0 +1,54 @@
|
||||
From a049f58c32e0c783d2d524a918d40ba4b22d96b8 Mon Sep 17 00:00:00 2001
|
||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Date: Thu, 8 Jun 2017 09:41:22 +0200
|
||||
Subject: [PATCH] xhci: only update dequeue ptr on completed transfers
|
||||
|
||||
The dequeue pointer should only be updated in case the transfer
|
||||
is actually completed. If we update it for inflight transfers
|
||||
we will not pick them up again after migration, which easily
|
||||
triggers with HID devices as they typically have a pending
|
||||
transfer, waiting for user input to happen.
|
||||
|
||||
Fixes: 243afe858b95765b98d16a1f0dd50dca262858ad
|
||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451631
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Tested-by: Laurent Vivier <lvivier@redhat.com>
|
||||
Message-id: 20170608074122.32099-1-kraxel@redhat.com
|
||||
(cherry picked from commit d54fddea989ba4aa2912d49583d86ce01c0d27ea)
|
||||
Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1048296
|
||||
Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
---
|
||||
hw/usb/hcd-xhci.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
|
||||
index a2d3143bf4..ed0f13f37b 100644
|
||||
--- a/hw/usb/hcd-xhci.c
|
||||
+++ b/hw/usb/hcd-xhci.c
|
||||
@@ -2119,6 +2119,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
|
||||
}
|
||||
assert(!xfer->running_retry);
|
||||
if (xfer->complete) {
|
||||
+ /* update ring dequeue ptr */
|
||||
+ xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
|
||||
xhci_ep_free_xfer(epctx->retry);
|
||||
}
|
||||
epctx->retry = NULL;
|
||||
@@ -2169,6 +2171,8 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
|
||||
xhci_fire_transfer(xhci, xfer, epctx);
|
||||
}
|
||||
if (xfer->complete) {
|
||||
+ /* update ring dequeue ptr */
|
||||
+ xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
|
||||
xhci_ep_free_xfer(xfer);
|
||||
xfer = NULL;
|
||||
}
|
||||
@@ -2186,8 +2190,6 @@ static void xhci_kick_epctx(XHCIEPContext *epctx, unsigned int streamid)
|
||||
break;
|
||||
}
|
||||
}
|
||||
- /* update ring dequeue ptr */
|
||||
- xhci_set_ep_state(xhci, epctx, stctx, epctx->state);
|
||||
epctx->kick_active--;
|
||||
|
||||
ep = xhci_epid_to_usbep(epctx);
|
54
0068-vnc-Set-default-kbd-delay-to-10ms.patch
Normal file
54
0068-vnc-Set-default-kbd-delay-to-10ms.patch
Normal file
@ -0,0 +1,54 @@
|
||||
From ea61b5439c77d6fdeb62a04c39affa534b09fcdd Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Graf <agraf@suse.de>
|
||||
Date: Wed, 12 Jul 2017 14:43:45 +0200
|
||||
Subject: [PATCH] vnc: Set default kbd delay to 10ms
|
||||
|
||||
The current VNC default keyboard delay is 1ms. With that we're constantly
|
||||
typing faster than the guest receives keyboard events from an XHCI attached
|
||||
USB HID device.
|
||||
|
||||
The default keyboard delay time in the input layer however is 10ms. I don't know
|
||||
how that number came to be, but empirical tests on some OpenQA driven ARM
|
||||
systems show that 10ms really is a reasonable default number for the delay.
|
||||
|
||||
This patch moves the VNC delay also to 10ms. That way our default is much
|
||||
safer (good!) and also consistent with the input layer default (also good!).
|
||||
|
||||
Signed-off-by: Alexander Graf <agraf@suse.de>
|
||||
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
|
||||
Message-id: 1499863425-103133-1-git-send-email-agraf@suse.de
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
(cherry picked from commit d3b0db6dfea6b3a9ee0d96aceb796bdcafa84314)
|
||||
[BR: BSC#1031692]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
qemu-options.hx | 2 +-
|
||||
ui/vnc.c | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/qemu-options.hx b/qemu-options.hx
|
||||
index 4712277d7c..ab7e32a4a0 100644
|
||||
--- a/qemu-options.hx
|
||||
+++ b/qemu-options.hx
|
||||
@@ -1491,7 +1491,7 @@ spec but is traditional QEMU behavior.
|
||||
@item key-delay-ms
|
||||
|
||||
Set keyboard delay, for key down and key up events, in milliseconds.
|
||||
-Default is 1. Keyboards are low-bandwidth devices, so this slowdown
|
||||
+Default is 10. Keyboards are low-bandwidth devices, so this slowdown
|
||||
can help the device and guest to keep up and not lose events in case
|
||||
events are arriving in bulk. Possible causes for the latter are flaky
|
||||
network connections, or scripts for automated testing.
|
||||
diff --git a/ui/vnc.c b/ui/vnc.c
|
||||
index 51d6f2353f..3528d50c8a 100644
|
||||
--- a/ui/vnc.c
|
||||
+++ b/ui/vnc.c
|
||||
@@ -3884,7 +3884,7 @@ void vnc_display_open(const char *id, Error **errp)
|
||||
}
|
||||
|
||||
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
|
||||
- key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
|
||||
+ key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10);
|
||||
sasl = qemu_opt_get_bool(opts, "sasl", false);
|
||||
#ifndef CONFIG_VNC_SASL
|
||||
if (sasl) {
|
47
0069-qemu-nbd-Ignore-SIGPIPE.patch
Normal file
47
0069-qemu-nbd-Ignore-SIGPIPE.patch
Normal file
@ -0,0 +1,47 @@
|
||||
From 40c9dcf30be29a4d76aeb85b5510cea071423b81 Mon Sep 17 00:00:00 2001
|
||||
From: Max Reitz <mreitz@redhat.com>
|
||||
Date: Sun, 11 Jun 2017 14:37:14 +0200
|
||||
Subject: [PATCH] qemu-nbd: Ignore SIGPIPE
|
||||
|
||||
qemu proper has done so for 13 years
|
||||
(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
|
||||
done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
|
||||
Ignoring this signal is especially important in qemu-nbd because
|
||||
otherwise a client can easily take down the qemu-nbd server by dropping
|
||||
the connection when the server wants to send something, for example:
|
||||
|
||||
$ qemu-nbd -x foo -f raw -t null-co:// &
|
||||
[1] 12726
|
||||
$ qemu-io -c quit nbd://localhost/bar
|
||||
can't open device nbd://localhost/bar: No export with name 'bar' available
|
||||
[1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
|
||||
|
||||
In this case, the client sends an NBD_OPT_ABORT and closes the
|
||||
connection (because it is not required to wait for a reply), but the
|
||||
server replies with an NBD_REP_ACK (because it is required to reply).
|
||||
|
||||
Signed-off-by: Max Reitz <mreitz@redhat.com>
|
||||
Message-Id: <20170611123714.31292-1-mreitz@redhat.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
(cherry picked from commit 041e32b8d9d076980b4e35317c0339e57ab888f1)
|
||||
[BR: BSC#1046636 CVE-2017-10664]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
qemu-nbd.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/qemu-nbd.c b/qemu-nbd.c
|
||||
index b44764eb87..83bf9cb46c 100644
|
||||
--- a/qemu-nbd.c
|
||||
+++ b/qemu-nbd.c
|
||||
@@ -581,6 +581,10 @@ int main(int argc, char **argv)
|
||||
sa_sigterm.sa_handler = termsig_handler;
|
||||
sigaction(SIGTERM, &sa_sigterm, NULL);
|
||||
|
||||
+#ifdef CONFIG_POSIX
|
||||
+ signal(SIGPIPE, SIG_IGN);
|
||||
+#endif
|
||||
+
|
||||
module_call_init(MODULE_INIT_TRACE);
|
||||
qcrypto_init(&error_fatal);
|
||||
|
50
0070-usb-redir-fix-stack-overflow-in-usb.patch
Normal file
50
0070-usb-redir-fix-stack-overflow-in-usb.patch
Normal file
@ -0,0 +1,50 @@
|
||||
From 416a6f3bf137b8e6782dd7c1f9563afe8ee97b19 Mon Sep 17 00:00:00 2001
|
||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Date: Tue, 9 May 2017 13:01:28 +0200
|
||||
Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Don't reinvent a broken wheel, just use the hexdump function we have.
|
||||
|
||||
Impact: low, broken code doesn't run unless you have debug logging
|
||||
enabled.
|
||||
|
||||
Reported-by: 李强 <liqiang6-s@360.cn>
|
||||
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Message-id: 20170509110128.27261-1-kraxel@redhat.com
|
||||
(cherry picked from commit bd4a683505b27adc1ac809f71e918e58573d851d)
|
||||
[BR: BSC#1047674 CVE-2017-10806]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
hw/usb/redirect.c | 13 +------------
|
||||
1 file changed, 1 insertion(+), 12 deletions(-)
|
||||
|
||||
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
|
||||
index 0efe62f725..eb70dc7218 100644
|
||||
--- a/hw/usb/redirect.c
|
||||
+++ b/hw/usb/redirect.c
|
||||
@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
|
||||
static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
|
||||
const uint8_t *data, int len)
|
||||
{
|
||||
- int i, j, n;
|
||||
-
|
||||
if (dev->debug < usbredirparser_debug_data) {
|
||||
return;
|
||||
}
|
||||
-
|
||||
- for (i = 0; i < len; i += j) {
|
||||
- char buf[128];
|
||||
-
|
||||
- n = sprintf(buf, "%s", desc);
|
||||
- for (j = 0; j < 8 && i + j < len; j++) {
|
||||
- n += sprintf(buf + n, " %02X", data[i + j]);
|
||||
- }
|
||||
- error_report("%s", buf);
|
||||
- }
|
||||
+ qemu_hexdump((char *)data, stderr, desc, len);
|
||||
}
|
||||
|
||||
/*
|
43
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
Normal file
43
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
Normal file
@ -0,0 +1,43 @@
|
||||
From f6658a500e003e91225f59bc2c2305c6b7d2f0d1 Mon Sep 17 00:00:00 2001
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Wed, 12 Jul 2017 18:08:40 +0530
|
||||
Subject: [PATCH] exec: use qemu_ram_ptr_length to access guest ram
|
||||
|
||||
When accessing guest's ram block during DMA operation, use
|
||||
'qemu_ram_ptr_length' to get ram block pointer. It ensures
|
||||
that DMA operation of given length is possible; And avoids
|
||||
any OOB memory access situations.
|
||||
|
||||
Reported-by: Alex <broscutamaker@gmail.com>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Message-Id: <20170712123840.29328-1-ppandit@redhat.com>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
(cherry picked from commit 04bf2526ce87f21b32c9acba1c5518708c243ad0)
|
||||
[BR: BSC#1048902 CVE-2017-11334]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
exec.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/exec.c b/exec.c
|
||||
index b47b3f9096..1de9107b61 100644
|
||||
--- a/exec.c
|
||||
+++ b/exec.c
|
||||
@@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
|
||||
}
|
||||
} else {
|
||||
/* RAM case */
|
||||
- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
|
||||
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
|
||||
memcpy(ptr, buf, l);
|
||||
invalidate_and_set_dirty(mr, addr1, l);
|
||||
}
|
||||
@@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
|
||||
}
|
||||
} else {
|
||||
/* RAM case */
|
||||
- ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
|
||||
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
|
||||
memcpy(buf, ptr, l);
|
||||
}
|
||||
|
35
0072-slirp-check-len-against-dhcp-option.patch
Normal file
35
0072-slirp-check-len-against-dhcp-option.patch
Normal file
@ -0,0 +1,35 @@
|
||||
From 2c4c724d1ad6dfd316ca3941b29d50f52ab625eb Mon Sep 17 00:00:00 2001
|
||||
From: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Date: Mon, 17 Jul 2017 17:33:26 +0530
|
||||
Subject: [PATCH] slirp: check len against dhcp options array end
|
||||
|
||||
While parsing dhcp options string in 'dhcp_decode', if an options'
|
||||
length 'len' appeared towards the end of 'bp_vend' array, ensuing
|
||||
read could lead to an OOB memory access issue. Add check to avoid it.
|
||||
|
||||
This is CVE-2017-11434.
|
||||
|
||||
Reported-by: Reno Robert <renorobert@gmail.com>
|
||||
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
|
||||
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
||||
(cherry picked from commit 413d463f43fbc4dd3a601e80a5724aa384a265a0)
|
||||
[BR: BSC#1049381 CVE-2017-11434]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
slirp/bootp.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/slirp/bootp.c b/slirp/bootp.c
|
||||
index 5a4646c182..5dd1a415b5 100644
|
||||
--- a/slirp/bootp.c
|
||||
+++ b/slirp/bootp.c
|
||||
@@ -123,6 +123,9 @@ static void dhcp_decode(const struct bootp_t *bp, int *pmsg_type,
|
||||
if (p >= p_end)
|
||||
break;
|
||||
len = *p++;
|
||||
+ if (p + len > p_end) {
|
||||
+ break;
|
||||
+ }
|
||||
DPRINTF("dhcp: tag=%d len=%d\n", tag, len);
|
||||
|
||||
switch(tag) {
|
161
0073-xen-mapcache-store-dma-information-.patch
Normal file
161
0073-xen-mapcache-store-dma-information-.patch
Normal file
@ -0,0 +1,161 @@
|
||||
From 96ce16c57f821b9f676de88f25d488d52fec68fe Mon Sep 17 00:00:00 2001
|
||||
From: Stefano Stabellini <sstabellini@kernel.org>
|
||||
Date: Wed, 3 May 2017 14:00:35 -0700
|
||||
Subject: [PATCH] xen/mapcache: store dma information in revmapcache entries
|
||||
for debugging
|
||||
|
||||
The Xen mapcache is able to create long term mappings, they are called
|
||||
"locked" mappings. The third parameter of the xen_map_cache call
|
||||
specifies if a mapping is a "locked" mapping.
|
||||
|
||||
>From the QEMU point of view there are two kinds of long term mappings:
|
||||
|
||||
[a] device memory mappings, such as option roms and video memory
|
||||
[b] dma mappings, created by dma_memory_map & friends
|
||||
|
||||
After certain operations, ballooning a VM in particular, Xen asks QEMU
|
||||
kindly to destroy all mappings. However, certainly [a] mappings are
|
||||
present and cannot be removed. That's not a problem as they are not
|
||||
affected by balloonning. The *real* problem is that if there are any
|
||||
mappings of type [b], any outstanding dma operations could fail. This is
|
||||
a known shortcoming. In other words, when Xen asks QEMU to destroy all
|
||||
mappings, it is an error if any [b] mappings exist.
|
||||
|
||||
However today we have no way of distinguishing [a] from [b]. Because of
|
||||
that, we cannot even print a decent warning.
|
||||
|
||||
This patch introduces a new "dma" bool field to MapCacheRev entires, to
|
||||
remember if a given mapping is for dma or is a long term device memory
|
||||
mapping. When xen_invalidate_map_cache is called, we print a warning if
|
||||
any [b] mappings exist. We ignore [a] mappings.
|
||||
|
||||
Mappings created by qemu_map_ram_ptr are assumed to be [a], while
|
||||
mappings created by address_space_map->qemu_ram_ptr_length are assumed
|
||||
to be [b].
|
||||
|
||||
The goal of the patch is to make debugging and system understanding
|
||||
easier.
|
||||
|
||||
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
|
||||
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
|
||||
(cherry picked from commit 1ff7c5986a515d2d936eba026ff19947bbc7cb92)
|
||||
[BR: infrastructure (and otherwise useful) for BSC#1048902]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
exec.c | 8 ++++----
|
||||
include/sysemu/xen-mapcache.h | 5 +++--
|
||||
xen-mapcache.c | 15 ++++++++++-----
|
||||
3 files changed, 17 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/exec.c b/exec.c
|
||||
index 1de9107b61..8f45b902e4 100644
|
||||
--- a/exec.c
|
||||
+++ b/exec.c
|
||||
@@ -2012,10 +2012,10 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr)
|
||||
* In that case just map until the end of the page.
|
||||
*/
|
||||
if (block->offset == 0) {
|
||||
- return xen_map_cache(addr, 0, 0);
|
||||
+ return xen_map_cache(addr, 0, 0, false);
|
||||
}
|
||||
|
||||
- block->host = xen_map_cache(block->offset, block->max_length, 1);
|
||||
+ block->host = xen_map_cache(block->offset, block->max_length, 1, false);
|
||||
}
|
||||
return ramblock_ptr(block, addr);
|
||||
}
|
||||
@@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
|
||||
* In that case just map the requested area.
|
||||
*/
|
||||
if (block->offset == 0) {
|
||||
- return xen_map_cache(addr, *size, 1);
|
||||
+ return xen_map_cache(addr, *size, 1, true);
|
||||
}
|
||||
|
||||
- block->host = xen_map_cache(block->offset, block->max_length, 1);
|
||||
+ block->host = xen_map_cache(block->offset, block->max_length, 1, true);
|
||||
}
|
||||
|
||||
return ramblock_ptr(block, addr);
|
||||
diff --git a/include/sysemu/xen-mapcache.h b/include/sysemu/xen-mapcache.h
|
||||
index b8c93b9bce..01daaad00c 100644
|
||||
--- a/include/sysemu/xen-mapcache.h
|
||||
+++ b/include/sysemu/xen-mapcache.h
|
||||
@@ -17,7 +17,7 @@ typedef hwaddr (*phys_offset_to_gaddr_t)(hwaddr start_addr,
|
||||
void xen_map_cache_init(phys_offset_to_gaddr_t f,
|
||||
void *opaque);
|
||||
uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size,
|
||||
- uint8_t lock);
|
||||
+ uint8_t lock, bool dma);
|
||||
ram_addr_t xen_ram_addr_from_mapcache(void *ptr);
|
||||
void xen_invalidate_map_cache_entry(uint8_t *buffer);
|
||||
void xen_invalidate_map_cache(void);
|
||||
@@ -31,7 +31,8 @@ static inline void xen_map_cache_init(phys_offset_to_gaddr_t f,
|
||||
|
||||
static inline uint8_t *xen_map_cache(hwaddr phys_addr,
|
||||
hwaddr size,
|
||||
- uint8_t lock)
|
||||
+ uint8_t lock,
|
||||
+ bool dma)
|
||||
{
|
||||
abort();
|
||||
}
|
||||
diff --git a/xen-mapcache.c b/xen-mapcache.c
|
||||
index 1a96d2e5db..8335266698 100644
|
||||
--- a/xen-mapcache.c
|
||||
+++ b/xen-mapcache.c
|
||||
@@ -62,6 +62,7 @@ typedef struct MapCacheRev {
|
||||
hwaddr paddr_index;
|
||||
hwaddr size;
|
||||
QTAILQ_ENTRY(MapCacheRev) next;
|
||||
+ bool dma;
|
||||
} MapCacheRev;
|
||||
|
||||
typedef struct MapCache {
|
||||
@@ -202,7 +203,7 @@ static void xen_remap_bucket(MapCacheEntry *entry,
|
||||
}
|
||||
|
||||
static uint8_t *xen_map_cache_unlocked(hwaddr phys_addr, hwaddr size,
|
||||
- uint8_t lock)
|
||||
+ uint8_t lock, bool dma)
|
||||
{
|
||||
MapCacheEntry *entry, *pentry = NULL;
|
||||
hwaddr address_index;
|
||||
@@ -289,6 +290,7 @@ tryagain:
|
||||
if (lock) {
|
||||
MapCacheRev *reventry = g_malloc0(sizeof(MapCacheRev));
|
||||
entry->lock++;
|
||||
+ reventry->dma = dma;
|
||||
reventry->vaddr_req = mapcache->last_entry->vaddr_base + address_offset;
|
||||
reventry->paddr_index = mapcache->last_entry->paddr_index;
|
||||
reventry->size = entry->size;
|
||||
@@ -300,12 +302,12 @@ tryagain:
|
||||
}
|
||||
|
||||
uint8_t *xen_map_cache(hwaddr phys_addr, hwaddr size,
|
||||
- uint8_t lock)
|
||||
+ uint8_t lock, bool dma)
|
||||
{
|
||||
uint8_t *p;
|
||||
|
||||
mapcache_lock();
|
||||
- p = xen_map_cache_unlocked(phys_addr, size, lock);
|
||||
+ p = xen_map_cache_unlocked(phys_addr, size, lock, dma);
|
||||
mapcache_unlock();
|
||||
return p;
|
||||
}
|
||||
@@ -426,8 +428,11 @@ void xen_invalidate_map_cache(void)
|
||||
mapcache_lock();
|
||||
|
||||
QTAILQ_FOREACH(reventry, &mapcache->locked_entries, next) {
|
||||
- DPRINTF("There should be no locked mappings at this time, "
|
||||
- "but "TARGET_FMT_plx" -> %p is present\n",
|
||||
+ if (!reventry->dma) {
|
||||
+ continue;
|
||||
+ }
|
||||
+ fprintf(stderr, "Locked DMA mapping while invalidating mapcache!"
|
||||
+ " "TARGET_FMT_plx" -> %p is present\n",
|
||||
reventry->paddr_index, reventry->vaddr_req);
|
||||
}
|
||||
|
84
0074-exec-Add-lock-parameter-to-qemu_ram.patch
Normal file
84
0074-exec-Add-lock-parameter-to-qemu_ram.patch
Normal file
@ -0,0 +1,84 @@
|
||||
From 9ca38f9940fd21f0a24f5a5bfac69f81561096f9 Mon Sep 17 00:00:00 2001
|
||||
From: Anthony PERARD <anthony.perard@citrix.com>
|
||||
Date: Wed, 26 Jul 2017 17:53:26 +0100
|
||||
Subject: [PATCH] exec: Add lock parameter to qemu_ram_ptr_length
|
||||
|
||||
Commit 04bf2526ce87f21b32c9acba1c5518708c243ad0 (exec: use
|
||||
qemu_ram_ptr_length to access guest ram) start using qemu_ram_ptr_length
|
||||
instead of qemu_map_ram_ptr, but when used with Xen, the behavior of
|
||||
both function is different. They both call xen_map_cache, but one with
|
||||
"lock", meaning the mapping of guest memory is never released
|
||||
implicitly, and the second one without, which means, mapping can be
|
||||
release later, when needed.
|
||||
|
||||
In the context of address_space_{read,write}_continue, the ptr to those
|
||||
mapping should not be locked because it is used immediatly and never
|
||||
used again.
|
||||
|
||||
The lock parameter make it explicit in which context qemu_ram_ptr_length
|
||||
is called.
|
||||
|
||||
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
|
||||
Message-Id: <20170726165326.10327-1-anthony.perard@citrix.com>
|
||||
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
|
||||
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||
(cherry picked from commit f5aa69bdc3418773f26747ca282c291519626ece)
|
||||
[BR: infrastructure for BSC#1048902]
|
||||
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
||||
---
|
||||
exec.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/exec.c b/exec.c
|
||||
index 8f45b902e4..9ef33e4f65 100644
|
||||
--- a/exec.c
|
||||
+++ b/exec.c
|
||||
@@ -2026,7 +2026,7 @@ void *qemu_map_ram_ptr(RAMBlock *ram_block, ram_addr_t addr)
|
||||
* Called within RCU critical section.
|
||||
*/
|
||||
static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
|
||||
- hwaddr *size)
|
||||
+ hwaddr *size, bool lock)
|
||||
{
|
||||
RAMBlock *block = ram_block;
|
||||
if (*size == 0) {
|
||||
@@ -2045,10 +2045,10 @@ static void *qemu_ram_ptr_length(RAMBlock *ram_block, ram_addr_t addr,
|
||||
* In that case just map the requested area.
|
||||
*/
|
||||
if (block->offset == 0) {
|
||||
- return xen_map_cache(addr, *size, 1, true);
|
||||
+ return xen_map_cache(addr, *size, lock, lock);
|
||||
}
|
||||
|
||||
- block->host = xen_map_cache(block->offset, block->max_length, 1, true);
|
||||
+ block->host = xen_map_cache(block->offset, block->max_length, 1, lock);
|
||||
}
|
||||
|
||||
return ramblock_ptr(block, addr);
|
||||
@@ -2767,7 +2767,7 @@ static MemTxResult address_space_write_continue(AddressSpace *as, hwaddr addr,
|
||||
}
|
||||
} else {
|
||||
/* RAM case */
|
||||
- ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
|
||||
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
|
||||
memcpy(ptr, buf, l);
|
||||
invalidate_and_set_dirty(mr, addr1, l);
|
||||
}
|
||||
@@ -2858,7 +2858,7 @@ MemTxResult address_space_read_continue(AddressSpace *as, hwaddr addr,
|
||||
}
|
||||
} else {
|
||||
/* RAM case */
|
||||
- ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l);
|
||||
+ ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
|
||||
memcpy(buf, ptr, l);
|
||||
}
|
||||
|
||||
@@ -3169,7 +3169,7 @@ void *address_space_map(AddressSpace *as,
|
||||
|
||||
memory_region_ref(mr);
|
||||
*plen = address_space_extend_translation(as, addr, len, mr, xlat, l, is_write);
|
||||
- ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen);
|
||||
+ ptr = qemu_ram_ptr_length(mr->ram_block, xlat, plen, true);
|
||||
rcu_read_unlock();
|
||||
|
||||
return ptr;
|
@ -1,3 +1,37 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 15 19:29:59 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
* Patches added:
|
||||
0073-xen-mapcache-store-dma-information-.patch
|
||||
0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 25 19:36:58 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
* Patches added:
|
||||
0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
0072-slirp-check-len-against-dhcp-option.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 18 19:51:49 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
* Patches added:
|
||||
0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 26 08:51:24 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
* Patches added:
|
||||
0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 20 14:14:17 UTC 2017 - brogers@suse.com
|
||||
|
||||
|
@ -90,6 +90,16 @@ Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
|
||||
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
|
||||
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
|
||||
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
|
||||
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
|
||||
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
|
||||
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
Source400: update_git.sh
|
||||
@ -207,6 +217,16 @@ run cross-architecture builds.
|
||||
%patch0062 -p1
|
||||
%patch0063 -p1
|
||||
%patch0064 -p1
|
||||
%patch0065 -p1
|
||||
%patch0066 -p1
|
||||
%patch0067 -p1
|
||||
%patch0068 -p1
|
||||
%patch0069 -p1
|
||||
%patch0070 -p1
|
||||
%patch0071 -p1
|
||||
%patch0072 -p1
|
||||
%patch0073 -p1
|
||||
%patch0074 -p1
|
||||
|
||||
%build
|
||||
./configure \
|
||||
|
@ -1,3 +1,78 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 18 15:35:54 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Postrequire acl for setfacl
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 16 10:52:58 UTC 2017 - schwab@suse.de
|
||||
|
||||
- Prerequire shadow for groupadd
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 15 19:30:11 UTC 2017 - brogers@suse.com
|
||||
|
||||
- The recent security fix for CVE-2017-11334 adversely affects Xen.
|
||||
Include two additional patches to make sure Xen is going to be OK.
|
||||
0073-xen-mapcache-store-dma-information-.patch
|
||||
0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 9 12:54:23 UTC 2017 - lyan@suse.com
|
||||
|
||||
- Pre-add group kvm for qemu-tools (bsc#1011144)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 7 17:11:59 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fixed a few more inaccuracies in the support docs.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 25 19:36:55 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Address various security/stability issues
|
||||
* Fix DOS vulnerability in qemu-nbd (bsc#1046636 CVE-2017-10664)
|
||||
0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
* Fix DOS from stack overflow in debug messages of usb redirection
|
||||
support (bsc#1047674 CVE-2017-10806)
|
||||
0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
* Fix OOB access during DMA operation (CVE-2017-11334 bsc#1048902)
|
||||
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
* Fix OOB access parsing dhcp slirp options (CVE-2017-11434 bsc#1049381)
|
||||
0072-slirp-check-len-against-dhcp-option.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 25 16:51:20 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fix support docs to indicate ARM64 is now fully L3 supported in
|
||||
SLES 12 SP3. Apply a few additional clarifications in the support
|
||||
docs. (bsc#1050268)
|
||||
- Adjust to libvdeplug-devel package naming changes.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 18 19:51:45 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fix migration with xhci (bsc#1048296)
|
||||
0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
- Increase VNC delay to fix missing keyboard input events (bsc#1031692)
|
||||
0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 29 10:58:13 UTC 2017 - lyan@suse.com
|
||||
|
||||
- Remove build dependency package iasl used for seabios
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 26 08:51:21 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fixed stuck state during usb keyboard reset (bsc#1044936)
|
||||
0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
- Fixed keyboard events getting lost (bsc#1044936)
|
||||
0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 20 14:14:14 UTC 2017 - brogers@suse.com
|
||||
|
||||
|
@ -194,6 +194,16 @@ Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
|
||||
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
|
||||
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
|
||||
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
|
||||
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
|
||||
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
|
||||
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
|
||||
@ -238,9 +248,6 @@ BuildRequires: brlapi-devel
|
||||
%endif
|
||||
BuildRequires: curl-devel
|
||||
BuildRequires: cyrus-sasl-devel
|
||||
%if %{build_x86_firmware_from_source}
|
||||
BuildRequires: iasl
|
||||
%endif
|
||||
BuildRequires: e2fsprogs-devel
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
@ -333,7 +340,11 @@ BuildRequires: libssh2-devel
|
||||
%if 0%{?suse_version} > 1310
|
||||
BuildRequires: libusb-1_0-devel
|
||||
%endif
|
||||
%if 0%{?suse_version} > 1320
|
||||
BuildRequires: libvdeplug-devel
|
||||
%else
|
||||
BuildRequires: libvdeplug3-devel
|
||||
%endif
|
||||
BuildRequires: lzo-devel
|
||||
%if 0%{?suse_version} > 1220
|
||||
BuildRequires: makeinfo
|
||||
@ -403,8 +414,10 @@ BuildRequires: qemu-block-ssh = %version
|
||||
%endif
|
||||
%endif
|
||||
Requires(pre): pwdutils
|
||||
Requires(pre): shadow
|
||||
Requires(post): coreutils
|
||||
%if %{kvm_available}
|
||||
Requires(post): acl
|
||||
Requires(post): udev
|
||||
%ifarch s390x
|
||||
Requires(post): procps
|
||||
@ -736,7 +749,8 @@ over an SSH network connection from qemu-img tool and QEMU system emulation.
|
||||
Summary: Universal CPU emulator -- Tools
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_libexecdir/qemu-bridge-helper
|
||||
PreReq: permissions
|
||||
Requires(pre): permissions
|
||||
Requires(pre): shadow
|
||||
Recommends: qemu-block-curl
|
||||
%if 0%{?with_rbd}
|
||||
Recommends: qemu-block-rbd
|
||||
@ -755,6 +769,7 @@ This sub-package contains various tools, including a bridge helper.
|
||||
Summary: Universal CPU emulator -- Guest agent
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_bindir/qemu-ga
|
||||
Requires(pre): shadow
|
||||
Requires(post): udev
|
||||
%if 0%{?with_systemd}
|
||||
%{?systemd_requires}
|
||||
@ -909,6 +924,16 @@ This package provides a service file for starting and stopping KSM.
|
||||
%patch0062 -p1
|
||||
%patch0063 -p1
|
||||
%patch0064 -p1
|
||||
%patch0065 -p1
|
||||
%patch0066 -p1
|
||||
%patch0067 -p1
|
||||
%patch0068 -p1
|
||||
%patch0069 -p1
|
||||
%patch0070 -p1
|
||||
%patch0071 -p1
|
||||
%patch0072 -p1
|
||||
%patch0073 -p1
|
||||
%patch0074 -p1
|
||||
|
||||
pushd roms/ipxe
|
||||
%patch1100 -p1
|
||||
@ -1356,6 +1381,8 @@ fi
|
||||
%endif
|
||||
|
||||
%if 0%{?suse_version} >= 1130
|
||||
%pre tools
|
||||
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null
|
||||
%post tools
|
||||
%set_permissions %_libexecdir/qemu-bridge-helper
|
||||
|
||||
|
75
qemu.changes
75
qemu.changes
@ -1,3 +1,78 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 18 15:35:54 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Postrequire acl for setfacl
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 16 10:52:58 UTC 2017 - schwab@suse.de
|
||||
|
||||
- Prerequire shadow for groupadd
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 15 19:30:11 UTC 2017 - brogers@suse.com
|
||||
|
||||
- The recent security fix for CVE-2017-11334 adversely affects Xen.
|
||||
Include two additional patches to make sure Xen is going to be OK.
|
||||
0073-xen-mapcache-store-dma-information-.patch
|
||||
0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 9 12:54:23 UTC 2017 - lyan@suse.com
|
||||
|
||||
- Pre-add group kvm for qemu-tools (bsc#1011144)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 7 17:11:59 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fixed a few more inaccuracies in the support docs.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 25 19:36:55 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Address various security/stability issues
|
||||
* Fix DOS vulnerability in qemu-nbd (bsc#1046636 CVE-2017-10664)
|
||||
0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
* Fix DOS from stack overflow in debug messages of usb redirection
|
||||
support (bsc#1047674 CVE-2017-10806)
|
||||
0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
* Fix OOB access during DMA operation (CVE-2017-11334 bsc#1048902)
|
||||
0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
* Fix OOB access parsing dhcp slirp options (CVE-2017-11434 bsc#1049381)
|
||||
0072-slirp-check-len-against-dhcp-option.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 25 16:51:20 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fix support docs to indicate ARM64 is now fully L3 supported in
|
||||
SLES 12 SP3. Apply a few additional clarifications in the support
|
||||
docs. (bsc#1050268)
|
||||
- Adjust to libvdeplug-devel package naming changes.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 18 19:51:45 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fix migration with xhci (bsc#1048296)
|
||||
0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
- Increase VNC delay to fix missing keyboard input events (bsc#1031692)
|
||||
0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 29 10:58:13 UTC 2017 - lyan@suse.com
|
||||
|
||||
- Remove build dependency package iasl used for seabios
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 26 08:51:21 UTC 2017 - brogers@suse.com
|
||||
|
||||
- Fixed stuck state during usb keyboard reset (bsc#1044936)
|
||||
0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
- Fixed keyboard events getting lost (bsc#1044936)
|
||||
0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 20 14:14:14 UTC 2017 - brogers@suse.com
|
||||
|
||||
|
35
qemu.spec
35
qemu.spec
@ -194,6 +194,16 @@ Patch0061: 0061-megasas-do-not-read-DCMD-opcode-mor.patch
|
||||
Patch0062: 0062-megasas-always-store-SCSIRequest-in.patch
|
||||
Patch0063: 0063-nbd-Fully-initialize-client-in-case.patch
|
||||
Patch0064: 0064-9pfs-local-remove-use-correct-path-.patch
|
||||
Patch0065: 0065-hid-Reset-kbd-modifiers-on-reset.patch
|
||||
Patch0066: 0066-input-Decrement-queue-count-on-kbd-.patch
|
||||
Patch0067: 0067-xhci-only-update-dequeue-ptr-on-com.patch
|
||||
Patch0068: 0068-vnc-Set-default-kbd-delay-to-10ms.patch
|
||||
Patch0069: 0069-qemu-nbd-Ignore-SIGPIPE.patch
|
||||
Patch0070: 0070-usb-redir-fix-stack-overflow-in-usb.patch
|
||||
Patch0071: 0071-exec-use-qemu_ram_ptr_length-to-acc.patch
|
||||
Patch0072: 0072-slirp-check-len-against-dhcp-option.patch
|
||||
Patch0073: 0073-xen-mapcache-store-dma-information-.patch
|
||||
Patch0074: 0074-exec-Add-lock-parameter-to-qemu_ram.patch
|
||||
# Please do not add QEMU patches manually here.
|
||||
# Run update_git.sh to regenerate this queue.
|
||||
|
||||
@ -238,9 +248,6 @@ BuildRequires: brlapi-devel
|
||||
%endif
|
||||
BuildRequires: curl-devel
|
||||
BuildRequires: cyrus-sasl-devel
|
||||
%if %{build_x86_firmware_from_source}
|
||||
BuildRequires: iasl
|
||||
%endif
|
||||
BuildRequires: e2fsprogs-devel
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
@ -333,7 +340,11 @@ BuildRequires: libssh2-devel
|
||||
%if 0%{?suse_version} > 1310
|
||||
BuildRequires: libusb-1_0-devel
|
||||
%endif
|
||||
%if 0%{?suse_version} > 1320
|
||||
BuildRequires: libvdeplug-devel
|
||||
%else
|
||||
BuildRequires: libvdeplug3-devel
|
||||
%endif
|
||||
BuildRequires: lzo-devel
|
||||
%if 0%{?suse_version} > 1220
|
||||
BuildRequires: makeinfo
|
||||
@ -403,8 +414,10 @@ BuildRequires: qemu-block-ssh = %version
|
||||
%endif
|
||||
%endif
|
||||
Requires(pre): pwdutils
|
||||
Requires(pre): shadow
|
||||
Requires(post): coreutils
|
||||
%if %{kvm_available}
|
||||
Requires(post): acl
|
||||
Requires(post): udev
|
||||
%ifarch s390x
|
||||
Requires(post): procps
|
||||
@ -736,7 +749,8 @@ over an SSH network connection from qemu-img tool and QEMU system emulation.
|
||||
Summary: Universal CPU emulator -- Tools
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_libexecdir/qemu-bridge-helper
|
||||
PreReq: permissions
|
||||
Requires(pre): permissions
|
||||
Requires(pre): shadow
|
||||
Recommends: qemu-block-curl
|
||||
%if 0%{?with_rbd}
|
||||
Recommends: qemu-block-rbd
|
||||
@ -755,6 +769,7 @@ This sub-package contains various tools, including a bridge helper.
|
||||
Summary: Universal CPU emulator -- Guest agent
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_bindir/qemu-ga
|
||||
Requires(pre): shadow
|
||||
Requires(post): udev
|
||||
%if 0%{?with_systemd}
|
||||
%{?systemd_requires}
|
||||
@ -909,6 +924,16 @@ This package provides a service file for starting and stopping KSM.
|
||||
%patch0062 -p1
|
||||
%patch0063 -p1
|
||||
%patch0064 -p1
|
||||
%patch0065 -p1
|
||||
%patch0066 -p1
|
||||
%patch0067 -p1
|
||||
%patch0068 -p1
|
||||
%patch0069 -p1
|
||||
%patch0070 -p1
|
||||
%patch0071 -p1
|
||||
%patch0072 -p1
|
||||
%patch0073 -p1
|
||||
%patch0074 -p1
|
||||
|
||||
pushd roms/ipxe
|
||||
%patch1100 -p1
|
||||
@ -1356,6 +1381,8 @@ fi
|
||||
%endif
|
||||
|
||||
%if 0%{?suse_version} >= 1130
|
||||
%pre tools
|
||||
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null
|
||||
%post tools
|
||||
%set_permissions %_libexecdir/qemu-bridge-helper
|
||||
|
||||
|
21
qemu.spec.in
21
qemu.spec.in
@ -15,6 +15,7 @@
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%define noarch_supported 1110
|
||||
|
||||
%define build_x86_firmware_from_source 0
|
||||
@ -81,7 +82,6 @@
|
||||
%endif
|
||||
%endif
|
||||
|
||||
|
||||
%if 0%{?suse_version} > 1320
|
||||
%define with_seccomp 1
|
||||
%endif
|
||||
@ -175,9 +175,6 @@ BuildRequires: brlapi-devel
|
||||
%endif
|
||||
BuildRequires: curl-devel
|
||||
BuildRequires: cyrus-sasl-devel
|
||||
%if %{build_x86_firmware_from_source}
|
||||
BuildRequires: iasl
|
||||
%endif
|
||||
BuildRequires: e2fsprogs-devel
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
@ -270,7 +267,11 @@ BuildRequires: libssh2-devel
|
||||
%if 0%{?suse_version} > 1310
|
||||
BuildRequires: libusb-1_0-devel
|
||||
%endif
|
||||
%if 0%{?suse_version} > 1320
|
||||
BuildRequires: libvdeplug-devel
|
||||
%else
|
||||
BuildRequires: libvdeplug3-devel
|
||||
%endif
|
||||
BuildRequires: lzo-devel
|
||||
%if 0%{?suse_version} > 1220
|
||||
BuildRequires: makeinfo
|
||||
@ -318,14 +319,14 @@ BuildRequires: zlib-devel
|
||||
%if "%{name}" == "qemu-testsuite"
|
||||
BuildRequires: bc
|
||||
BuildRequires: qemu-arm = %version
|
||||
BuildRequires: qemu-block-curl = %version
|
||||
BuildRequires: qemu-block-dmg = %version
|
||||
BuildRequires: qemu-extra = %version
|
||||
BuildRequires: qemu-guest-agent = %version
|
||||
BuildRequires: qemu-ppc = %version
|
||||
BuildRequires: qemu-s390 = %version
|
||||
BuildRequires: qemu-tools = %version
|
||||
BuildRequires: qemu-x86 = %version
|
||||
BuildRequires: qemu-block-curl = %version
|
||||
BuildRequires: qemu-block-dmg = %version
|
||||
%if 0%{?suse_version} >= 1310 && 0%{?suse_version} != 1315
|
||||
BuildRequires: qemu-block-gluster = %version
|
||||
%endif
|
||||
@ -340,8 +341,10 @@ BuildRequires: qemu-block-ssh = %version
|
||||
%endif
|
||||
%endif
|
||||
Requires(pre): pwdutils
|
||||
Requires(pre): shadow
|
||||
Requires(post): coreutils
|
||||
%if %{kvm_available}
|
||||
Requires(post): acl
|
||||
Requires(post): udev
|
||||
%ifarch s390x
|
||||
Requires(post): procps
|
||||
@ -673,7 +676,8 @@ over an SSH network connection from qemu-img tool and QEMU system emulation.
|
||||
Summary: Universal CPU emulator -- Tools
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_libexecdir/qemu-bridge-helper
|
||||
PreReq: permissions
|
||||
Requires(pre): permissions
|
||||
Requires(pre): shadow
|
||||
Recommends: qemu-block-curl
|
||||
%if 0%{?with_rbd}
|
||||
Recommends: qemu-block-rbd
|
||||
@ -692,6 +696,7 @@ This sub-package contains various tools, including a bridge helper.
|
||||
Summary: Universal CPU emulator -- Guest agent
|
||||
Group: System/Emulators/PC
|
||||
Provides: qemu:%_bindir/qemu-ga
|
||||
Requires(pre): shadow
|
||||
Requires(post): udev
|
||||
%if 0%{?with_systemd}
|
||||
%{?systemd_requires}
|
||||
@ -1230,6 +1235,8 @@ fi
|
||||
%endif
|
||||
|
||||
%if 0%{?suse_version} >= 1130
|
||||
%pre tools
|
||||
%{_bindir}/getent group kvm >/dev/null || %{_sbindir}/groupadd -r kvm 2>/dev/null
|
||||
%post tools
|
||||
%set_permissions %_libexecdir/qemu-bridge-helper
|
||||
|
||||
|
@ -10,13 +10,12 @@ Overview
|
||||
quality or value. The linux kernel includes components which contribute KVM
|
||||
virtualization features as well. This document was created to assist the user
|
||||
in deciding which features can be relied upon to build enterprise class
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
|
||||
and for IBM System z (s390x) are offered at the L3 (full support) level,
|
||||
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
|
||||
partner-specific use cases. The bulk of this document deals with L3 supported
|
||||
features and is primarily ARM64 centric. This document should be considered a
|
||||
companion to the standard virtualization documentation delivered with the
|
||||
product.
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64),
|
||||
for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered
|
||||
at the L3 (full support) level. The bulk of this document deals with L3
|
||||
supported features and is primarily ARM64 centric. This document should be
|
||||
considered a companion to the standard virtualization documentation delivered
|
||||
with the product.
|
||||
|
||||
KVM is implemented in linux kernel modules which enable the linux kernel to
|
||||
function as an integral part of the KVM hypervisor. The hypervisor-guest
|
||||
@ -57,9 +56,6 @@ Major QEMU/KVM Supported Features
|
||||
Since a KVM guest runs in the context of a normal linux process, some types
|
||||
of execution controls are managed with linux tools.
|
||||
|
||||
- Various standard vCPU types are available, along with the ability to specify
|
||||
individual CPU features visible to the guest.
|
||||
|
||||
- QEMU is compatible with EDK based UEFI firmware available with SLES12-SP3,
|
||||
which allow boot options common to physical systems along with other features
|
||||
tailored to virtualization. Various VGABIOS ROMs, from the SEABIOS project,
|
||||
@ -79,8 +75,8 @@ Major QEMU/KVM Supported Features
|
||||
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
|
||||
or between hosts of the same version. Certain other restrictions also apply.
|
||||
|
||||
- Security considerations include seccomp2 based sandboxing, privileged
|
||||
helpers and a security model which allows running guests as a non-root user.
|
||||
- Security considerations include privileged helpers and a security model which
|
||||
allows running guests as a non-root user.
|
||||
|
||||
- QEMU provides best effort reuse of existing disk images, including those with
|
||||
systems installed, through geometry probing. Also disk images produced by
|
||||
@ -208,16 +204,18 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
instead of virt-2.6) if possible. (note: there is no virt-2.9 machine type!)
|
||||
|
||||
- The following command line options are supported:
|
||||
-accel ...
|
||||
-add-fd ...
|
||||
-alt-grab
|
||||
-append ...
|
||||
-audio-help
|
||||
-balloon ...
|
||||
-bios ...
|
||||
-blockdev ...
|
||||
-boot ...
|
||||
-cdrom ...
|
||||
-chardev ..
|
||||
-clock
|
||||
-clock ...
|
||||
-cpu host
|
||||
-ctrl-grab
|
||||
-d ...
|
||||
@ -271,12 +269,12 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-nodefconfig
|
||||
-no-frame
|
||||
-nographic
|
||||
-no-hpet
|
||||
-no-quit
|
||||
-no-reboot
|
||||
-no-shutdown
|
||||
-no-user-config
|
||||
-object ...
|
||||
-only-migratable
|
||||
-parallel ...
|
||||
-pidfile ...
|
||||
-qmp ...
|
||||
@ -310,11 +308,11 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
|
||||
- The following monitor commands are supported:
|
||||
?
|
||||
balloon target ...
|
||||
balloon ...
|
||||
block_resize ...
|
||||
boot_set ...
|
||||
c
|
||||
change device ...
|
||||
change ...
|
||||
chardev-add ...
|
||||
chardev-remove ...
|
||||
client_migrate_info ...
|
||||
@ -493,6 +491,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-version
|
||||
query-vnc
|
||||
query-vnc-servers
|
||||
query-xen-replication-status
|
||||
quit
|
||||
remove-fd
|
||||
ringbuf-read
|
||||
@ -556,19 +555,19 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
mx25l6405d|mx25l8005|n25q032|n25q032a11|n25q032a13|n25q064|n25q064a11|
|
||||
n25q064a13|n25q128|n25q128a11|n25q128a13|n25q256a|n25q256a11|
|
||||
n25q256a13|n25q512a|nand|ne2k_isa|nvdimm|omap2-gpio|omap2-intc|
|
||||
omap-gpio|omap_i2c|omap-intc|onenand|or-irq|pc-dimm|pc-testdev|
|
||||
piix3-ide|piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary|
|
||||
pl022|pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary|
|
||||
pl080|pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330|
|
||||
omap-gpio|omap_i2c|omap-intc|onenand|pc-dimm|pc-testdev|piix3-ide|
|
||||
piix3-ide|piix3-ide-xen|piix3-usb-uhci|pl011|pl011_luminary|pl022|
|
||||
pl031|pl041|pl050_keyboard|pl050_mouse|pl061|pl061_luminary|pl080|
|
||||
pl081|pl110|pl110_versatile|pl111|pl181|pl190|pl330|
|
||||
platform-bus-device|pxa250-arm-cpu|pxa255-arm-cpu|pxa25x-timer|
|
||||
pxa260-arm-cpu|pxa261-arm-cpu|pxa262-arm-cpu|pxa270-a0-arm-cpu|
|
||||
pxa270-a1-arm-cpu|pxa270-arm-cpu|pxa270-b0-arm-cpu|pxa270-b1-arm-cpu|
|
||||
pxa270-c0-arm-cpu|pxa270-c5-arm-cpu|pxa27x-timer|pxa2xx-dma|
|
||||
pxa2xx-fir|pxa2xx-gpio|pxa2xx_i2c|pxa2xx-i2c-slave|pxa2xx-mmci|
|
||||
pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|qemu,register|
|
||||
realview_gic|realview_mpcore|realview_pci|realview_sysctl|s25fl016k|
|
||||
s25fl064k|s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s|
|
||||
s25sl004a|s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p|
|
||||
pxa2xx-pcmcia|pxa2xx_pic|pxa2xx_rtc|pxa2xx-ssp|realview_gic|
|
||||
realview_mpcore|realview_pci|realview_sysctl|s25fl016k|s25fl064k|
|
||||
s25fl129p0|s25fl129p1|s25fl256s0|s25fl256s1|s25fl512s|s25sl004a|
|
||||
s25sl008a|s25sl016a|s25sl032a|s25sl032p|s25sl064a|s25sl064p|
|
||||
s25sl12800|s25sl12801|s70fl01gs|sa1100-arm-cpu|sa1110-arm-cpu|sb16|
|
||||
scoop|sdhci-pci|sga|sl-nand|smbus-eeprom|smc91c111|sp804|
|
||||
spitz-keyboard|spitz-lcdtg|ssd0303|ssd0323|ssi-sd|sst25vf016b|
|
||||
@ -585,7 +584,8 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
w25q80|w25q80bl|w25x10|w25x16|w25x20|w25x32|w25x40|w25x64|w25x80|
|
||||
wm8750|*-x86_64-cpu|xen-backend|xen-pci-passthrough|xen-platform|
|
||||
xen-pvdevice|xen-sysdev|xgmac|xilinxzynq_slcr|xlnx.ps7-qspi|
|
||||
xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc]
|
||||
xlnx.ps7-spi|xlnxps7-usb|xlnxzynqmp|xlnxzynq-xadc|
|
||||
unimplemented-device|vmgenid]
|
||||
(the following are aliases of these unsupported devices: lsi|
|
||||
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
|
||||
virtio-gpu|pci-assign|piix-usb-uhci)
|
||||
@ -595,6 +595,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed
|
||||
or raw]
|
||||
-dtb file
|
||||
-enable-hax
|
||||
-fda/-fdb ...
|
||||
-g ...
|
||||
-hda/-hdb/-hdc/-hdd ...
|
||||
@ -616,6 +617,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-net [dump|socket|vde] ...
|
||||
-netdev [dump|hubport|l2tpv3|socket|vde] ...
|
||||
-no-fd-bootchk
|
||||
-no-hpet
|
||||
-no-kvm
|
||||
-no-kvm-irqchip
|
||||
-no-kvm-pit
|
||||
@ -693,6 +695,8 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
x-colo-lost-heartbeat
|
||||
xen-colo-do-checkpoint
|
||||
xen-load-devices-state
|
||||
xen-save-devices-state
|
||||
xen-set-global-dirty-log
|
||||
xen-set-replication
|
||||
|
@ -10,21 +10,20 @@ Overview
|
||||
quality or value. The linux kernel includes components which contribute KVM
|
||||
virtualization features as well. This document was created to assist the user
|
||||
in deciding which features can be relied upon to build enterprise class
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
|
||||
and for IBM System z (s390x) are offered at the L3 (full support) level,
|
||||
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
|
||||
partner-specific use cases. The bulk of this document deals with L3 supported
|
||||
features and is primarily s390x centric. This document should be considered a
|
||||
companion to the standard virtualization documentation delivered with the
|
||||
product.
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64),
|
||||
for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered
|
||||
at the L3 (full support) level. The bulk of this document deals with L3
|
||||
supported features and is primarily s390x centric. This document should be
|
||||
considered a companion to the standard virtualization documentation delivered
|
||||
with the product.
|
||||
|
||||
KVM is implemented in linux kernel modules which enable the linux kernel to
|
||||
function as an integral part of the KVM hypervisor. The hypervisor-guest
|
||||
interaction is managed by QEMU through the /dev/kvm ioctl interface. The linux
|
||||
host assists in the virtualization of storage, networking and display
|
||||
resources as well as allowing direct hardware passthrough of PCI and USB
|
||||
devices. Linux memory and cpu management features are used by QEMU/KVM to
|
||||
enable guests to share those host resources as efficiently as possible.
|
||||
resources as well as allowing direct hardware passthrough of PCI devices.
|
||||
Linux memory and cpu management features are used by QEMU/KVM to enable guests
|
||||
to share those host resources as efficiently as possible.
|
||||
|
||||
QEMU is a primary component of KVM based virtualization. The legacy qemu-kvm
|
||||
program is provided for continuity with pre SLES 12 usage, including in
|
||||
@ -59,9 +58,6 @@ Major QEMU/KVM Supported Features
|
||||
Since a KVM guest runs in the context of a normal linux process, some types
|
||||
of execution controls are managed with linux tools.
|
||||
|
||||
- Various standard vCPU types are available, along with the ability to specify
|
||||
individual CPU features visible to the guest.
|
||||
|
||||
- QEMU incorporates virtualized, 390 specific, ccw bus based firmware for
|
||||
booting s390 guests. This firmware is automatically incorporated and
|
||||
doesn't need to be explicitly referenced.
|
||||
@ -80,8 +76,8 @@ Major QEMU/KVM Supported Features
|
||||
take place either from certain prior SLES versioned hosts to a SLES 12 SP3
|
||||
or between hosts of the same version. Certain other restrictions also apply.
|
||||
|
||||
- Security considerations include seccomp2 based sandboxing, privileged
|
||||
helpers and a security model which allows running guests as a non-root user.
|
||||
- Security considerations include privileged helpers and a security model which
|
||||
allows running guests as a non-root user.
|
||||
|
||||
- QEMU provides best effort reuse of existing disk images, including those with
|
||||
systems installed, through geometry probing. Also disk images produced by
|
||||
@ -97,8 +93,8 @@ Major QEMU/KVM Supported Features
|
||||
- Guest performance is enhanced through the use of virtio devices, various disk
|
||||
caching modes, network acceleration via the vhost-net kernel module, multi-
|
||||
queue network transmit capabilities, host transparent huge pages (THP) and
|
||||
direct hugetlb usage. Physical PCI and USB devices may also be passed through
|
||||
to the guest, including SR-IOV VF's.
|
||||
direct hugetlb usage. Physical PCI devices may also be passed through to the
|
||||
guest, including SR-IOV VF's.
|
||||
|
||||
- The guest UI is accessable via GTK, SDL, VNC, Spice, and serial (including
|
||||
curses TUI) interfaces.
|
||||
@ -209,16 +205,18 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
s390-ccw-virtio-2.9 instead of s390-ccw-virtio-2.6) if possible.
|
||||
|
||||
- The following command line options are supported:
|
||||
-accel ...
|
||||
-add-fd ...
|
||||
-alt-grab
|
||||
-append ...
|
||||
-audio-help
|
||||
-balloon ...
|
||||
-bios ...
|
||||
-blockdev ...
|
||||
-boot ...
|
||||
-cdrom ...
|
||||
-chardev ..
|
||||
-clock
|
||||
-clock ...
|
||||
-cpu host
|
||||
-ctrl-grab
|
||||
-d ...
|
||||
@ -262,17 +260,16 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-net [bridge|l2tpv3|nic|none|tap|user] ... (for model= only e1000, rtl8139,
|
||||
and virtio are supported)
|
||||
-netdev [bridge|tap|user] ...
|
||||
-no-acpi
|
||||
-nodefaults
|
||||
-nodefconfig
|
||||
-no-frame
|
||||
-nographic
|
||||
-no-hpet
|
||||
-no-quit
|
||||
-no-reboot
|
||||
-no-shutdown
|
||||
-no-user-config
|
||||
-object ...
|
||||
-only-migratable
|
||||
-parallel ...
|
||||
-pidfile ...
|
||||
-qmp ...
|
||||
@ -302,11 +299,11 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
|
||||
- The following monitor commands are supported:
|
||||
?
|
||||
balloon target ...
|
||||
balloon ...
|
||||
block_resize ...
|
||||
boot_set ...
|
||||
c
|
||||
change device ...
|
||||
change ...
|
||||
chardev-add ...
|
||||
chardev-remove ...
|
||||
client_migrate_info ...
|
||||
@ -480,6 +477,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-version
|
||||
query-vnc
|
||||
query-vnc-servers
|
||||
query-xen-replication-status
|
||||
quit
|
||||
remove-fd
|
||||
ringbuf-read
|
||||
@ -518,36 +516,36 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
kvm-pci-assign|lsi53c810|lsi53c810a|megasas|mptsas1068|ne2k_isa|
|
||||
ne2k_pci|nec-usb-xhci|nvdimm|nvme|pc-dimm|pci-testdev|pcnet|
|
||||
pc-testdev|piix3-ide|piix3-ide|piix3-ide-xen|piix4-usb-uhci|pvscsi|
|
||||
pxb|pxb-host|pxb-pcie|qemu,register|qemuregister|qemu-s390-cpu|rocker|
|
||||
s390-flic|s390-flic-qemu|s390-ipl|s390-pcihost|
|
||||
s390-sclp-event-facility|s390-skeys-qemu|sb16|sclp|sclpconsole|
|
||||
sclp-cpu-hotplug|sclplmconsole|sclp-memory-hotplug-dev|sclpquiesce|
|
||||
sd-card|sdhci-pci|sdhci-pci|secondary-vga|sga|smbus-eeprom|tpci200|
|
||||
unimplemented-device|usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp|
|
||||
usb-uas|vfio-amd-xgbe|vfio-calxeda-xgmac|vfio-pci|vhost-scsi-ccw|
|
||||
vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw|virtio-blk-ccw|
|
||||
virtio-crypto-ccw|virtio-mmio|virtio-net-ccw|virtio-rng-ccw|
|
||||
virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|virtual-css-bridge|
|
||||
vmware-svga|vmxnet3|vt82c686b-usb-uhci|x3130-upstream|*-x86_64-cpu|
|
||||
xen-backend|xen-pci-passthrough|xen-platform|xen-pvdevice|xen-sysdev|
|
||||
xio3130-downstream|z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|
|
||||
z10BC-base-s390-cpu|z10BC-s390-cpu|z10EC.2-base-s390-cpu|
|
||||
z10EC.2-s390-cpu|z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|
|
||||
z10EC-base-s390-cpu|z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|
|
||||
z13.2-base-s390-cpu|z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|
|
||||
z13s-base-s390-cpu|z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|
|
||||
z196-base-s390-cpu|z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|
|
||||
z890.2-base-s390-cpu|z890.2-s390-cpu|z890.3-base-s390-cpu|
|
||||
z890.3-s390-cpu|z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|
|
||||
z900.2-s390-cpu|z900.3-base-s390-cpu|z900.3-s390-cpu|
|
||||
z900-base-s390-cpu|z900-s390-cpu|z990.2-base-s390-cpu|z990.2-s390-cpu|
|
||||
z990.3-base-s390-cpu|z990.3-s390-cpu|z990.4-base-s390-cpu|
|
||||
z990.4-s390-cpu|z990.5-base-s390-cpu|z990.5-s390-cpu|
|
||||
z990-base-s390-cpu|z990-s390-cpu|z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|
|
||||
z9BC-base-s390-cpu|z9BC-s390-cpu|z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|
|
||||
z9EC.3-base-s390-cpu|z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|
|
||||
zBC12-base-s390-cpu|zBC12-s390-cpu|zEC12.2-base-s390-cpu|
|
||||
zEC12.2-s390-cpu|zEC12-base-s390-cpu|zEC12-s390-cpu|zpci]
|
||||
pxb|pxb-host|pxb-pcie|qemu-s390-cpu|rocker|s390-flic|s390-flic-qemu|
|
||||
s390-ipl|s390-pcihost|s390-sclp-event-facility|s390-skeys-qemu|sb16|
|
||||
sclp|sclpconsole|sclp-cpu-hotplug|sclplmconsole|
|
||||
sclp-memory-hotplug-dev|sclpquiesce|sd-card|sdhci-pci|sdhci-pci|
|
||||
secondary-vga|sga|smbus-eeprom|tpci200|unimplemented-device|
|
||||
usb-audio|usb-bot|usb-bt-dongle|usb-ccid|usb-mtp|usb-uas|vfio-pci|
|
||||
vhost-scsi-ccw|vhost-vsock-ccw|virtio-9p-device|virtio-balloon-ccw|
|
||||
virtio-blk-ccw|virtio-crypto-ccw|virtio-mmio|virtio-net-ccw|
|
||||
virtio-rng-ccw|virtio-scsi-ccw|virtio-serial-ccw|virtio-vga|
|
||||
virtual-css-bridge|vmware-svga|vmxnet3|vt82c686b-usb-uhci|
|
||||
x3130-upstream|*-x86_64-cpu|xen-backend|xen-pci-passthrough|
|
||||
xen-platform|xen-pvdevice|xen-sysdev|xio3130-downstream|
|
||||
z10BC.2-base-s390-cpu|z10BC.2-s390-cpu|z10BC-base-s390-cpu|
|
||||
z10BC-s390-cpu|z10EC.2-base-s390-cpu|z10EC.2-s390-cpu|
|
||||
z10EC.3-base-s390-cpu|z10EC.3-s390-cpu|z10EC-base-s390-cpu|
|
||||
z10EC-s390-cpu|z114-base-s390-cpu|z114-s390-cpu|z13.2-base-s390-cpu|
|
||||
z13.2-s390-cpu|z13-base-s390-cpu|z13-s390-cpu|z13s-base-s390-cpu|
|
||||
z13s-s390-cpu|z196.2-base-s390-cpu|z196.2-s390-cpu|z196-base-s390-cpu|
|
||||
z196-s390-cpu|z800-base-s390-cpu|z800-s390-cpu|z890.2-base-s390-cpu|
|
||||
z890.2-s390-cpu|z890.3-base-s390-cpu|z890.3-s390-cpu|
|
||||
z890-base-s390-cpu|z890-s390-cpu|z900.2-base-s390-cpu|z900.2-s390-cpu|
|
||||
z900.3-base-s390-cpu|z900.3-s390-cpu|z900-base-s390-cpu|z900-s390-cpu|
|
||||
z990.2-base-s390-cpu|z990.2-s390-cpu|z990.3-base-s390-cpu|
|
||||
z990.3-s390-cpu|z990.4-base-s390-cpu|z990.4-s390-cpu|
|
||||
z990.5-base-s390-cpu|z990.5-s390-cpu|z990-base-s390-cpu|z990-s390-cpu|
|
||||
z9BC.2-base-s390-cpu|z9BC.2-s390-cpu|z9BC-base-s390-cpu|z9BC-s390-cpu|
|
||||
z9EC.2-base-s390-cpu|z9EC.2-s390-cpu|z9EC.3-base-s390-cpu|
|
||||
z9EC.3-s390-cpu|z9EC-base-s390-cpu|z9EC-s390-cpu|zBC12-base-s390-cpu|
|
||||
zBC12-s390-cpu|zEC12.2-base-s390-cpu|zEC12.2-s390-cpu|
|
||||
zEC12-base-s390-cpu|zEC12-s390-cpu|zpci|vmgenid]
|
||||
(the following are aliases of these unsupported devices: lsi|
|
||||
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
|
||||
virtio-gpu|virtio-9p|pci-assign|ahci|e1000-82540em)
|
||||
@ -557,6 +555,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed
|
||||
or raw]
|
||||
-dtb file
|
||||
-enable-hax
|
||||
-fda/-fdb ...
|
||||
-g ...
|
||||
-hda/-hdb/-hdc/-hdd ...
|
||||
@ -569,7 +568,9 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-mtdblock file
|
||||
-net [dump|socket|vde] ...
|
||||
-netdev [dump|hubport|l2tpv3|socket|vde] ...
|
||||
-no-acpi
|
||||
-no-fd-bootchk
|
||||
-no-hpet
|
||||
-no-kvm
|
||||
-no-kvm-irqchip
|
||||
-no-kvm-pit
|
||||
@ -656,6 +657,8 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
x-colo-lost-heartbeat
|
||||
xen-colo-do-checkpoint
|
||||
xen-load-devices-state
|
||||
xen-save-devices-state
|
||||
xen-set-global-dirty-log
|
||||
xen-set-replication
|
||||
|
@ -10,13 +10,12 @@ Overview
|
||||
quality or value. The linux kernel includes components which contribute KVM
|
||||
virtualization features as well. This document was created to assist the user
|
||||
in deciding which features can be relied upon to build enterprise class
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64)
|
||||
and for IBM System z (s390x) are offered at the L3 (full support) level,
|
||||
while KVM for the ARM64 architecture (AArch64) is L3 supported for certain
|
||||
partner-specific use cases. The bulk of this document deals with L3 supported
|
||||
features and is primarily x86 centric. This document should be considered a
|
||||
companion to the standard virtualization documentation delivered with the
|
||||
product.
|
||||
virtualization solutions. KVM based virtualization for x86 (Intel 64/AMD64),
|
||||
for IBM System z (s390x) and for the ARM64 architecture (AArch64) are offered
|
||||
at the L3 (full support) level. The bulk of this document deals with L3
|
||||
supported features and is primarily x86 centric. This document should be
|
||||
considered a companion to the standard virtualization documentation delivered
|
||||
with the product.
|
||||
|
||||
KVM is implemented in linux kernel modules which enable the linux kernel to
|
||||
function as an integral part of the KVM hypervisor. The hypervisor-guest
|
||||
@ -300,16 +299,18 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
instead of pc-i440fx-2.6) if possible.
|
||||
|
||||
- The following command line options are supported:
|
||||
-accel ...
|
||||
-add-fd ...
|
||||
-alt-grab
|
||||
-append ...
|
||||
-audio-help
|
||||
-balloon ...
|
||||
-bios ...
|
||||
-blockdev ...
|
||||
-boot ...
|
||||
-cdrom ...
|
||||
-chardev ..
|
||||
-clock
|
||||
-clock ...
|
||||
-cpu ... (all except host)
|
||||
-ctrl-grab
|
||||
-d ...
|
||||
@ -326,7 +327,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
virtio-rng-pci|i6300esb|ib700|qxl|qxl-vga|pvpanic|vfio-pci|ivshmem|
|
||||
ivshmem-doorbell|ivshmem-plain|pci-bridge|megasas-gen2|pc-dimm|
|
||||
floppy|e1000e|ccid-card-emulated|ccid-card-passthrough|xen-backend|
|
||||
loader|e1000]
|
||||
loader|e1000|vmgenid]
|
||||
(the following are aliases of these supported devices: ahci|
|
||||
virtio-blk|virtio-net|virtio-serial|virtio-balloon| virtio-9p|
|
||||
virtio-scsi|virtio-rng|e1000-82540em)
|
||||
@ -380,6 +381,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-no-shutdown
|
||||
-no-user-config
|
||||
-object ...
|
||||
-only-migratable
|
||||
-parallel ...
|
||||
-pidfile ...
|
||||
-qmp ...
|
||||
@ -416,11 +418,11 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
|
||||
- The following monitor commands are supported:
|
||||
?
|
||||
balloon target ...
|
||||
balloon ...
|
||||
block_resize ...
|
||||
boot_set ...
|
||||
c
|
||||
change device ...
|
||||
change ...
|
||||
chardev-add ...
|
||||
chardev-remove ...
|
||||
client_migrate_info ...
|
||||
@ -599,6 +601,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
query-version
|
||||
query-vnc
|
||||
query-vnc-servers
|
||||
query-xen-replication-status
|
||||
quit
|
||||
remove-fd
|
||||
ringbuf-read
|
||||
@ -645,13 +648,13 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
virtio-tablet-pci|virtio-gpu-pci|pci-bridge-seat|pxb|pxb-pcie|
|
||||
allwinner-ahci|sdhci-pci|rocker|virtio-input-host-device|
|
||||
virtio-keyboard-device|virtio-mouse-device|virtio-tablet-device|
|
||||
virtio-vga|hyperv-testdev|vfio-amd-xgbe|vfio-calxeda-xgmac|
|
||||
generic-sdhci|igd-passthrough-isa-bridge|ipmi-bmc-extern|
|
||||
ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|nvdimm|pxb-host|
|
||||
sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|or-irq|amd-iommu|
|
||||
AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|virtio-crypto-device|
|
||||
virtio-crypto-pci|qemu,register|vfio-pci-igd-lpc-bridge|*-i386-cpu|
|
||||
*-x86_64-cpu]
|
||||
virtio-vga|hyperv-testdev|generic-sdhci|igd-passthrough-isa-bridge|
|
||||
ipmi-bmc-extern|ipmi-bmc-sim|isa-ipmi-bt|isa-ipmi-kcs|mptsas1068|
|
||||
nvdimm|pxb-host|sd-card|virtio-gpu-device|kvm-pci-assign|xen-sysdev|
|
||||
amd-iommu|AMDVI-PCI|vhost-vsock-device|vhost-vsock-pci|
|
||||
virtio-crypto-device|virtio-crypto-pci|vfio-pci-igd-lpc-bridge|
|
||||
isabus-bridge|pcie-root-port|qemu-xhci|unimplemented-device|
|
||||
*-i386-cpu|*-x86_64-cpu]
|
||||
(the following are aliases of these unsupported devices: lsi|
|
||||
virtio-input-host|virtio-keyboard|virtio-mouse|virtio-tablet|
|
||||
virtio-gpu|pci-assign)
|
||||
@ -661,6 +664,7 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
-drive ,if=[scsi|mtd|pflash], snapshot=on, format=[anything besides qcow2, qed
|
||||
or raw]
|
||||
-dtb file
|
||||
-enable-hax
|
||||
-g ...
|
||||
-icount ...
|
||||
-L ...
|
||||
@ -751,3 +755,5 @@ QEMU Command-Line and Monitor Syntax and Support
|
||||
x-blockdev-insert-medium
|
||||
x-blockdev-remove-medium
|
||||
x-colo-lost-heartbeat
|
||||
xen-colo-do-checkpoint
|
||||
xen-set-replication
|
||||
|
Loading…
Reference in New Issue
Block a user