Commit Graph

81 Commits

Author SHA1 Message Date
Thomas Lamprecht
15b9c76e1f pbs: query-backup: set reused field also for dirty-bitmap
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-03 19:26:09 +02:00
Thomas Lamprecht
d7f4e01a34 debian/patches: squash some followup patches and regroup a bit more together
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-02 13:33:16 +02:00
Thomas Lamprecht
20be7fa0a0 backup: improve QAPI info and remove all dirty-bitmaps on failed drive-job
effectively two commits merged as one:
https://pve.proxmox.com/pipermail/pve-devel/2020-July/044185.html
https://pve.proxmox.com/pipermail/pve-devel/2020-July/044194.html

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-07-02 13:03:49 +02:00
Dietmar Maurer
c96a4a38cb add incremental backup patches
and fix typo: s/BPS/PBS/
2020-06-30 10:34:00 +02:00
Stefan Reiter
f0b53ef0b2 fix #2794: Include legacy-igd passthrough fix
See https://bugs.launchpad.net/qemu/+bug/1882784

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-06-25 13:24:34 +02:00
Thomas Lamprecht
b570f1c41e Fix backup for not 64k-aligned storages
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Tested-by: Roland Kammerer <roland.kammerer@linbit.com>
2020-06-24 16:26:30 +02:00
Thomas Lamprecht
fff7e250ee pbs-restore: flush verbose log before calling into library
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-06-02 13:20:56 +02:00
Thomas Lamprecht
bce72611f9 pbs-restore: be more verbose if asked to
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-05-30 18:48:00 +02:00
Thomas Lamprecht
c6979241f1 small cleanups for pbs-restore
Add trailing newline to two error messages, and drop an extra
unconditional `qdict_put_str(options, "driver", format);`
Besides that it's just formatting.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-05-30 15:24:20 +02:00
Thomas Lamprecht
f063a8aadb fix vmstate-snapshots with iothread=1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-05-27 18:54:06 +02:00
Wolfgang Bumiller
abc9e57f05 add optional buffer size to QEMUFile
and use 4M for our savevm-async buffer size

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-05-04 15:09:10 +02:00
Wolfgang Bumiller
24e289d025 experimentally move savevm-async back into a coroutine
Move qemu_savevm_state_{header,setup} into the main loop and
the rest of the iteration into a coroutine. The former need
to lock the iothread (and we can't unlock it in the
coroutine), and the latter can't deal with being in a
separate thread, so a coroutine it must be.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-05-04 15:09:10 +02:00
Thomas Lamprecht
751ed3661b avoid using QemuRecMutex inside coroutines, QemuMutex to lock outside
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-17 09:09:12 +02:00
Thomas Lamprecht
d5619ef646 pve backup: avoid using recursive mutex
Release the lock on qemu_coroutine_yield, so coroutines don't
deadlock.

Originally-by: Stefan Reiter <s.reiter@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-16 15:20:22 +02:00
Thomas Lamprecht
b7e851a529 rebase patches onto v5.0.0-rc3
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-16 15:19:31 +02:00
Thomas Lamprecht
83faa3fe30 import QEMU 5.0.0-rc2 and rebase patches
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-04-08 15:36:32 +02:00
Thomas Lamprecht
48d490fe54 patches: move upstream cherry picked to extra folder, like we did in the past
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-23 10:16:35 +01:00
Fabian Grünbichler
059a9447e2 add bitmap drive-mirror patches
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-23 10:15:22 +01:00
Dominic Jäger
66e3df5d45 vma_writer: Display more error information
Also print the reason why the function vma_writer_register_stream failed to
help debug errors like in [0].

[0] https://forum.proxmox.com/threads/backup-error-vma_writer_register_stream-drive-scsi0-failed-pve-6-1-7.65925/

Signed-off-by: Dominic Jäger <d.jaeger@proxmox.com>
Reviewed-by: Stefan Reiter <s.reiter@proxmox.com>
2020-03-19 18:58:47 +01:00
Oguz Bektas
1be32c854f slirp: re-add security patches
the first two patches were mistakenly left out during the 4.2 qemu
rebase.

also adds another patch for issue CVE-2019-14378 (heap-based BOF)

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2020-03-13 13:20:11 +01:00
Dietmar Maurer
20505f521e fixup backup with io-threads 2020-03-12 10:30:18 +01:00
Thomas Lamprecht
6402d96100 update submodule and patches for 4.2.0
The long overdue nice rebase+cleanup was done by Dietmar

Originally-by: Dietmar Maurer <dietmar@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-11 07:26:21 +01:00
Oguz Bektas
284d3b2cab security patches for libslirp CVE-2020-8608
original commits and email can be found here[0]

A out-of-bounds heap buffer access issue was found in the SLiRP
networking implementation of the QEMU emulator. It occurs in tcp_emu()
routine while emulating IRC and other protocols due to unsafe usage of
snprintf(3) function.

A user/process could use this flaw to crash the Qemu process on the host
resulting in DoS or potentially execute arbitrary code with privileges
of the QEMU process on the host.

[0]: https://seclists.org/oss-sec/2020/q1/64

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-06 15:17:29 +01:00
Oguz Bektas
ee8bd5bfbe add patch for CVE-2019-20382 (vnc disconnect memory leak)
oss-security email can be found here[0]

upstream commit here[1]

this effects our vncproxy. dominik and me tested if the issue is present
on our branch and it appears that it is.
in essence when we disconnect from a vnc connection, the memory isn't
free'd afterwards which causes the qemu process to use more and more
memory with each disconnect, which could lead to a dos scenario.

we tested the patch and it seems to mitigate the problem.

[0]: https://seclists.org/oss-sec/2020/q1/105
[1]: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0

Tested-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2020-03-05 13:34:29 +01:00
Dietmar Maurer
84403c2d53 improve qemu backup by reducing lock contention
- reducing lock contention by using CoRwLock
- correctly call aio_wait_kick()
2020-02-18 10:47:21 +01:00
Thomas Lamprecht
2c67b15290 followup: fix indentation
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-01-25 16:17:23 +01:00
Tim Marx
f47a9db42a fix hmp info backup command
Signed-off-by: Tim Marx <t.marx@proxmox.com>
2020-01-25 16:09:47 +01:00
Thomas Lamprecht
9714cead2c grammar fix: s/does not exists/does not exist/g
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-12-13 12:10:51 +01:00
Stefan Reiter
d090eaa209 fix #2486: include fix for disk hot-resize regression (w/ iothread=1)
See: https://lists.nongnu.org/archive/html/qemu-devel/2019-09/msg03201.html

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-25 13:50:28 +01:00
Thomas Lamprecht
a0866d18a5 fixup patch author
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-25 11:49:06 +01:00
Thomas Lamprecht
ac2969b218 allow to pass PVE version to machine
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-25 09:12:48 +01:00
Thomas Lamprecht
99b86f4f9d handle virtio-balloon cfg size compat with our 4.0 machines
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-22 10:07:39 +01:00
Thomas Lamprecht
917265984c update diffs/indexes from patches
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-22 10:07:39 +01:00
Stefan Reiter
1dc952cf51 Update and rebase to QEMU 4.1.1
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-21 07:59:09 +01:00
Stefan Reiter
a9b8206ded Apply fixups for 4.1
* Fix VMA tool build
* Change PVE code to new blockjob API
* Acquire missing lock for block_job_add_bdrv

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-21 07:59:05 +01:00
Stefan Reiter
be901f6656 Update and rebase to QEMU 4.1
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-11-21 07:58:57 +01:00
Wolfgang Bumiller
d4824fa37a fix backup speed regression
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-11-04 14:23:17 +01:00
Thomas Lamprecht
22ff24871d various small pve backup co-routine related fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-30 16:03:56 +01:00
Thomas Lamprecht
a5db0e22d7 backup: add various cleanups
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-24 08:49:09 +02:00
Thomas Lamprecht
cbb547903c run backup related code inside co-routines and improve locking
Patches-by: Dietmar Maurer <dietmar@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-23 09:14:51 +02:00
Thomas Lamprecht
b8d43c594b update sources for v4.0.1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-22 09:52:03 +02:00
Dietmar Maurer
69cb18950a fix #1071: use correct AioContext to cope with IOThreads
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2019-10-21 15:51:43 +02:00
Wolfgang Bumiller
23ea029343 disable oob again
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-10 11:03:20 +02:00
Wolfgang Bumiller
3b1986f02f merge monitor oob fixup
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-10-02 10:16:40 +02:00
Wolfgang Bumiller
d09c80068a merge fix for CVE-2019-14378
merge: slirp: Fix heap overflow in ip_reass on big packet input

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-08-05 11:22:10 +02:00
Wolfgang Bumiller
99c47abaac update live migration patches
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-07-11 09:34:03 +02:00
Thomas Lamprecht
d5699f0388 virtio-balloon: use smaller config on older guests
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-04 16:14:49 +02:00
Thomas Lamprecht
b855dce76d update patches for v4.0.0
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-25 11:39:54 +02:00
Oguz Bektas
9be61fa466 add fixes for intel MDS CVEs
fixes for:
* CVE-2018-12126
* CVE-2018-12127
* CVE-2018-12130
* CVE-2019-11091

adds the md-clear cpuflag.

Not included by default in any Intel CPU model.

Must be explicitly turned on for all Intel CPU models.

Requires the host CPU microcode to support this feature before it
can be used for guest CPUs.

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2019-06-05 14:21:44 +02:00
Wolfgang Bumiller
c36c53f829 merge: make file locking optional also on creation
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-26 09:18:00 +02:00