Thomas Lamprecht
f36fa39113
migration/block-dirty-bitmap: migrate other bitmaps even if one fails
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-11-04 18:35:50 +01:00
Thomas Lamprecht
d95ad93eed
apply dirty-bitmap state migration + fix
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-10-29 18:05:43 +01:00
Stefan Reiter
72ae34ecce
Several fixes for backup abort and error reporting
...
Also add my Signed-off-by to some patches where it was missing.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-10-29 17:57:47 +01:00
Stefan Reiter
d333327a1b
Add transaction patches and fix for blocking finish
...
With the transaction patches, patch 0026-PVE-Backup-modify-job-api.patch
is no longer necessary, so drop it and rebase all following patches on
top.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-09-29 09:21:15 +02:00
Thomas Lamprecht
4b7a18845c
cherry-pick: "usb: fix setup_len init (CVE-2020-14364)"
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-09-14 19:38:34 +02:00
Thomas Lamprecht
7895b0d523
work around #3002 : revert "qemu-img convert: Don't pre-zero images"
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-09-14 19:37:45 +02:00
Stefan Reiter
437d68473c
Add systemd journal logging patch
...
Prints QEMU errors that occur *after* the "-daemonize" fork to the
systemd journal, instead of pushing them into /dev/null like before.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-09-08 17:13:29 +02:00
Stefan Reiter
60ae3775bf
update to QEMU 5.1
...
No major semantic changes, mostly just deprecations and changed function
signatures. Drop the extra/ patches, as they have been applied upstream.
The added extra/ patch was accepted upstream[0] but has not been picked
up for 5.1. It is required for non-4M aligned backups to work with PBS.
[0] https://lists.gnu.org/archive/html/qemu-devel/2020-08/msg01671.html
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-08-20 13:40:36 +02:00
Thomas Lamprecht
f00a720d7e
PVE: add query-pbs-bitmap-info QMP call
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-08-19 18:11:23 +02:00
Thomas Lamprecht
c5f7dc1d72
PVE: add zero block handling to PBS dump callback
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-08-19 13:56:03 +02:00
Fabian Grünbichler
2821f02d70
fix PBS write callback with big blocks
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-08-11 11:14:36 +02:00
Oguz Bektas
95fd47ecb9
patch for possible DOS in qemu network packet processing
...
fixes an assertion failure in qemu network packet processing, which can
lead to DOS'ing the qemu process on the host. this affects 'e1000e' and
'vmxnet3' network devices.
patch is cherry-picked from the commit mentioned in the oss-security email.
more info on oss-security [0]
[0]: https://www.openwall.com/lists/oss-security/2020/08/10/1
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2020-08-11 11:08:39 +02:00
Wolfgang Bumiller
6d46b2ff4c
fix backup qmp parameters to pass along encryption info
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-07-10 13:31:52 +02:00
Thomas Lamprecht
3499c5b45a
PBS patches: block driver, adapat encrypt/compress param, add query-proxmox-support QMP cmd
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-09 13:15:49 +02:00
Thomas Lamprecht
3ab149ccdd
update/add PBS integration patches
...
* rename "incremental" param to "use-dirty-bitmap", avoids confusion
as the backup can be incrementally also with that param set to
false.
* use new proxmox_backup_check_incremental
* fix setting dirty counter and adapt to new connect API semantic
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-06 22:13:12 +02:00
Thomas Lamprecht
d7f4e01a34
debian/patches: squash some followup patches and regroup a bit more together
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-02 13:33:16 +02:00
Dietmar Maurer
c96a4a38cb
add incremental backup patches
...
and fix typo: s/BPS/PBS/
2020-06-30 10:34:00 +02:00
Stefan Reiter
f0b53ef0b2
fix #2794 : Include legacy-igd passthrough fix
...
See https://bugs.launchpad.net/qemu/+bug/1882784
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-06-25 13:24:34 +02:00
Thomas Lamprecht
b570f1c41e
Fix backup for not 64k-aligned storages
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Tested-by: Roland Kammerer <roland.kammerer@linbit.com>
2020-06-24 16:26:30 +02:00
Thomas Lamprecht
f063a8aadb
fix vmstate-snapshots with iothread=1
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-05-27 18:54:06 +02:00
Wolfgang Bumiller
abc9e57f05
add optional buffer size to QEMUFile
...
and use 4M for our savevm-async buffer size
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-05-04 15:09:10 +02:00
Wolfgang Bumiller
24e289d025
experimentally move savevm-async back into a coroutine
...
Move qemu_savevm_state_{header,setup} into the main loop and
the rest of the iteration into a coroutine. The former need
to lock the iothread (and we can't unlock it in the
coroutine), and the latter can't deal with being in a
separate thread, so a coroutine it must be.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-05-04 15:09:10 +02:00
Thomas Lamprecht
751ed3661b
avoid using QemuRecMutex inside coroutines, QemuMutex to lock outside
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-17 09:09:12 +02:00
Thomas Lamprecht
d5619ef646
pve backup: avoid using recursive mutex
...
Release the lock on qemu_coroutine_yield, so coroutines don't
deadlock.
Originally-by: Stefan Reiter <s.reiter@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-16 15:20:22 +02:00
Thomas Lamprecht
83faa3fe30
import QEMU 5.0.0-rc2 and rebase patches
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-08 15:36:32 +02:00
Thomas Lamprecht
48d490fe54
patches: move upstream cherry picked to extra folder, like we did in the past
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-23 10:16:35 +01:00
Fabian Grünbichler
059a9447e2
add bitmap drive-mirror patches
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-23 10:15:22 +01:00
Oguz Bektas
1be32c854f
slirp: re-add security patches
...
the first two patches were mistakenly left out during the 4.2 qemu
rebase.
also adds another patch for issue CVE-2019-14378 (heap-based BOF)
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2020-03-13 13:20:11 +01:00
Dietmar Maurer
20505f521e
fixup backup with io-threads
2020-03-12 10:30:18 +01:00
Thomas Lamprecht
6402d96100
update submodule and patches for 4.2.0
...
The long overdue nice rebase+cleanup was done by Dietmar
Originally-by: Dietmar Maurer <dietmar@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-11 07:26:21 +01:00
Oguz Bektas
284d3b2cab
security patches for libslirp CVE-2020-8608
...
original commits and email can be found here[0]
A out-of-bounds heap buffer access issue was found in the SLiRP
networking implementation of the QEMU emulator. It occurs in tcp_emu()
routine while emulating IRC and other protocols due to unsafe usage of
snprintf(3) function.
A user/process could use this flaw to crash the Qemu process on the host
resulting in DoS or potentially execute arbitrary code with privileges
of the QEMU process on the host.
[0]: https://seclists.org/oss-sec/2020/q1/64
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-06 15:17:29 +01:00
Oguz Bektas
ee8bd5bfbe
add patch for CVE-2019-20382 (vnc disconnect memory leak)
...
oss-security email can be found here[0]
upstream commit here[1]
this effects our vncproxy. dominik and me tested if the issue is present
on our branch and it appears that it is.
in essence when we disconnect from a vnc connection, the memory isn't
free'd afterwards which causes the qemu process to use more and more
memory with each disconnect, which could lead to a dos scenario.
we tested the patch and it seems to mitigate the problem.
[0]: https://seclists.org/oss-sec/2020/q1/105
[1]: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0
Tested-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2020-03-05 13:34:29 +01:00
Dietmar Maurer
84403c2d53
improve qemu backup by reducing lock contention
...
- reducing lock contention by using CoRwLock
- correctly call aio_wait_kick()
2020-02-18 10:47:21 +01:00
Tim Marx
f47a9db42a
fix hmp info backup command
...
Signed-off-by: Tim Marx <t.marx@proxmox.com>
2020-01-25 16:09:47 +01:00
Stefan Reiter
d090eaa209
fix #2486 : include fix for disk hot-resize regression (w/ iothread=1)
...
See: https://lists.nongnu.org/archive/html/qemu-devel/2019-09/msg03201.html
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-25 13:50:28 +01:00
Thomas Lamprecht
ac2969b218
allow to pass PVE version to machine
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-25 09:12:48 +01:00
Thomas Lamprecht
99b86f4f9d
handle virtio-balloon cfg size compat with our 4.0 machines
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-22 10:07:39 +01:00
Stefan Reiter
a9b8206ded
Apply fixups for 4.1
...
* Fix VMA tool build
* Change PVE code to new blockjob API
* Acquire missing lock for block_job_add_bdrv
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-21 07:59:05 +01:00
Wolfgang Bumiller
d4824fa37a
fix backup speed regression
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-04 14:23:17 +01:00
Thomas Lamprecht
22ff24871d
various small pve backup co-routine related fixes
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-30 16:03:56 +01:00
Thomas Lamprecht
a5db0e22d7
backup: add various cleanups
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-24 08:49:09 +02:00
Thomas Lamprecht
cbb547903c
run backup related code inside co-routines and improve locking
...
Patches-by: Dietmar Maurer <dietmar@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-23 09:14:51 +02:00
Thomas Lamprecht
b8d43c594b
update sources for v4.0.1
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-22 09:52:03 +02:00
Dietmar Maurer
69cb18950a
fix #1071 : use correct AioContext to cope with IOThreads
...
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2019-10-21 15:51:43 +02:00
Wolfgang Bumiller
23ea029343
disable oob again
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-10 11:03:20 +02:00
Wolfgang Bumiller
3b1986f02f
merge monitor oob fixup
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-02 10:16:40 +02:00
Wolfgang Bumiller
d09c80068a
merge fix for CVE-2019-14378
...
merge: slirp: Fix heap overflow in ip_reass on big packet input
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-08-05 11:22:10 +02:00
Wolfgang Bumiller
99c47abaac
update live migration patches
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 09:34:03 +02:00
Thomas Lamprecht
d5699f0388
virtio-balloon: use smaller config on older guests
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-04 16:14:49 +02:00
Thomas Lamprecht
b855dce76d
update patches for v4.0.0
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-25 11:39:54 +02:00
Oguz Bektas
9be61fa466
add fixes for intel MDS CVEs
...
fixes for:
* CVE-2018-12126
* CVE-2018-12127
* CVE-2018-12130
* CVE-2019-11091
adds the md-clear cpuflag.
Not included by default in any Intel CPU model.
Must be explicitly turned on for all Intel CPU models.
Requires the host CPU microcode to support this feature before it
can be used for guest CPUs.
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2019-06-05 14:21:44 +02:00
Wolfgang Bumiller
c36c53f829
merge: make file locking optional also on creation
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-26 09:18:00 +02:00
Wolfgang Bumiller
0775f12b63
bump version to 3.0.1-1
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-19 10:32:03 +02:00
Wolfgang Bumiller
53e83913af
bump version to 3.0.0-1
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-09-07 14:52:23 +02:00
Wolfgang Bumiller
e220dcddbc
merge: vma & rbd changes
...
vma: remove forced NO_FLUSH option
rbd: fix cache mode behavior
vma: add cache option to device map
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-04-05 11:04:11 +02:00
Alexandre Derumier
46598e97c3
qemu-img : add -n option to dd to skip destination image create
2018-03-21 15:34:39 +01:00
Wolfgang Bumiller
c854115a5f
merge: qemu-img dd: add isize parameter
...
to write small images from stdin to bigger destinations
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-23 10:33:09 +01:00
Wolfgang Bumiller
23f2c0ccb0
reapply: vma: add throttling options to drive mapping fifo protocol
...
This one got lost when rebasing
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-22 17:15:45 +01:00
Wolfgang Bumiller
6838f03890
bump version to 2.11.1-1
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-22 12:40:28 +01:00
Wolfgang Bumiller
507c6de3ce
merge EPYC and EPYC-IPBP cpu models
...
and a patch format cleanup round
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-19 10:40:26 +01:00
Wolfgang Bumiller
b07d2367db
vma: add throttling options to drive mapping fifo protocol
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-19 10:39:42 +01:00
Alexandre Derumier
b45e13fe5c
fix qemu 2.9 drive mirroring to nbd target
...
cherry pick from qemu-kvm-ev-2.9.0-16.el7_4.11.1
https://cbs.centos.org/koji/buildinfo?buildID=21003
Tue Jun 13 2017 Miroslav Rezanina <mrezanin@redhat.com> - rhev-2.9.0-10.el7
- kvm-nbd-make-it-thread-safe-fix-qcow2-over-nbd.patch [bz#1454582]
Tue Aug 15 2017 Miroslav Rezanina <mrezanin@redhat.com> - rhev-2.9.0-16.el7_4.4
- kvm-nbd-strict-nbd_wr_syncv.patch [bz#1467509]
- kvm-nbd-read_sync-and-friends-return-0-on-success.patch [bz#1467509]
- kvm-nbd-make-nbd_drop-public.patch [bz#1467509]
- kvm-nbd-server-get-rid-of-nbd_negotiate_read-and-friends.patch [bz#1467509]
Mon Oct 09 2017 Miroslav Rezanina <mrezanin@redhat.com> - rhev-2.9.0-16.el7_4.9
- kvm-nbd-client-Fix-regression-when-server-sends-garbage.patch [bz#1495474]
- kvm-fix-build-failure-in-nbd_read_reply_entry.patch [bz#1495474]
- kvm-nbd-client-avoid-spurious-qio_channel_yield-re-entry.patch [bz#1495474]
- kvm-nbd-client-avoid-read_reply_co-entry-if-send-failed.patch [bz#1495474]
- kvm-qemu-iotests-improve-nbd-fault-injector.py-startup-p.patch [bz#1495474]
- kvm-qemu-iotests-test-NBD-over-UNIX-domain-sockets-in-08.patch [bz#1495474]
- kvm-block-nbd-client-nbd_co_send_request-fix-return-code.patch [bz#1495474]
- Resolves: bz#1495474
2018-02-08 10:12:21 +01:00
Wolfgang Bumiller
22ea5045c3
fix #1642 : merge: ratelimit: don't align wait time with slices
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-08 10:03:10 +01:00
Wolfgang Bumiller
3dcc8d3ba2
merge SPEC_CTRL MSR and -IBRS CPU model patches
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-01-15 15:26:07 +01:00
Wolfgang Bumiller
e49090106b
merge gluster fixes
...
* block/gluster: glfs_lseek() workaround
https://bugzilla.redhat.com/show_bug.cgi?id=1425293
https://bugzilla.redhat.com/show_bug.cgi?id=1451191
* gluster: add support for PREALLOC_MODE_FALLOC
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-06 11:46:25 +01:00
Wolfgang Bumiller
c25a222062
merge CVE-2017-17381 fix and backup race condition fix
...
* CVE-2017-17381: virtio: divide by zero exception while updating rings
* race condition when issuing a 'backup-stop' command
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-06 09:06:59 +01:00
Wolfgang Bumiller
c53dfb5728
bump version to 2.9.1-3
2017-11-29 10:15:04 +01:00
Wolfgang Bumiller
fb8b489c87
fix #1107 : merge: virtio: fix descriptor counting in virtqueue_pop
2017-10-16 09:54:18 +02:00
Wolfgang Bumiller
ddbcf45e51
bump version to 2.9.1-1
2017-09-08 09:44:31 +02:00
Wolfgang Bumiller
e74c0f316d
add CVE fixes
...
CVE-2017-7539:
qemu-nbd crashes due to undefined I/O coroutine
CVE-2017-11434:
slirp: out-of-bounds read while parsing dhcp options
CVE-2017-11334:
exec: oob access during dma operation
CVE-2017-10806:
usb-redirect: stack buffer overflow in debug logging
CVE-2017-10664:
qemu-nbd: server breaks with SIGPIPE upon client abort
CVE-2017-9524:
nbd: segmentation fault due to client non-negotiation
CVE-2017-9503:
scsi: null pointer dereference while processing megasas command
2017-08-07 10:32:32 +02:00
Wolfgang Bumiller
67af0fa481
rebased pve patches
2017-08-07 10:16:57 +02:00
Wolfgang Bumiller
3c6facff3f
add qemu-img dd stdin/stdout pipe patch
2017-06-23 12:12:36 +02:00
Wolfgang Bumiller
90a6d95729
merge various stable fixes
2017-06-06 13:27:30 +02:00
Wolfgang Bumiller
076b402685
update to 2.9.0-rc5
2017-04-19 12:11:00 +02:00
Wolfgang Bumiller
4516929316
bump version to 2.9.0-1~rc3
2017-04-05 12:15:08 +02:00
Wolfgang Bumiller
a544966dce
update to 2.9.0-rc2 build files
2017-04-05 11:40:20 +02:00
Wolfgang Bumiller
9525982417
import stable-4 build files
2017-04-05 11:39:09 +02:00