[ubuntu/eoan-proposed] qemu 1:4.0+dfsg-0ubuntu1 (Accepted)
Christian Ehrhardt
christian.ehrhardt at canonical.com
Wed Jul 3 07:59:19 UTC 2019
qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
* Merge with Upstream release of qemu 4.0.
Among many other things this fixes LP Bugs:
LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
LP: #1828038 - Update s390x CPU Model for more HW support
LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
Remaining Changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-system-common.qemu-kvm.service: systemd unit to call
qemu-kvm-init
- d/qemu-system-common.install: install helper script
- d/qemu-system-common.maintscript: clean old sysv and upstart scripts
- d/qemu-system-common.qemu-kvm.default: defaults for
/etc/default/qemu-kvm
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Enable nesting by default
- d/qemu-system-x86.modprobe: set nested=1 module option on intel.
(is default on amd)
- d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
without nested=1
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
- d/qemu-system-x86.README.Debian: document intention of nested being
default is comfort, not full support
- Distribution specific machine type (LP: 1304107 1621042)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types
- d/qemu-system-x86.NEWS Info on fixed machine type defintions
for host-phys-bits=true (LP: 1776189)
- add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- provide pseries-bionic-2.11-sxxm type as convenience with all
meltdown/spectre workarounds enabled by default. (LP: 1761372).
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- let qemu-utils recommend sharutils
- s390x support
- Create qemu-system-s390x package
- Enable numa support for s390x
- arch aware kvm wrappers
- d/control: update VCS links
- qemu-guest-agent: freeze-hook fixes (LP: 1484990)
- d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
- d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
- d/control-in: enable RDMA support in qemu (LP: 1692476)
- enable RDMA config option
- add libibumad-dev build-dep
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/control-in: Disable capstone disassembler library support (universe)
- Move s390x roms to a new qemu-system-data-s390x
- d/qemu-system-data.install: install s390x roms as architecture:all in
qemu-system-data
- d/rules: build s390-ccw.img with upstream Makefile
- d/rules: build s390-netboot.img with upstream Makefile
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
As that hack to build s390-ccw.img rom can't build s390x-netboot.img
replace it with a build-indep using the upstream makefiles.
This is less prone to miss future changes/fixes that are done to the
makefiles
- d/control-in: add breaks/replaces for moving s390x roms from
qemu-system-s390x to qemu-system-data
- remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
[From not yet uploaded Debian branch]
- d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
- d/rules: fix qemu-kvm service for debhelper compat >=12
- disable pvrdma - besides several security holes there are many other
bugs there as well
* Dropped patches that are upstream in v4.0
- d/p/do-not-link-everything-with-xen.patch
- d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
- d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
- d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
- d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
- d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
- d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
(LP: 1759509)
- d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
- d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
- d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
- d/p/ubuntu/CVE-2018-20815.patch
- d/p/ubuntu/CVE-2019-5008.patch
- d/p/ubuntu/CVE-2019-9824.patch
- d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
avoid misdetection of simplified nesting blocking all migrations
* Dropped further patches
d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
[upstream deprecated the whole subsystem instead of applying the fix]
* Added Changes
- updated ubuntu machine types for v4.0
- added eoan types
- fixed s390x issue of upstream types having a "v" prefix
- add back dropped machine types to avoid more issues like LP: 1802944
- fix kvm split irqchip default in ubuntu q35 machine type
- drop no more needed spapr_machine_2_11_sxxm_instance_options and
adapt updated CamelCase
- -hpb types now need to use GlobalProperties
- pc_compat_2_0 got a _fn suffix and slight changes
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
SLOF of qemu 4.0
- Refreshed patches still needed for v4.0 context changes
- d/p/use-fixed-data-path.patch
- d/p/ubuntu/enable-svm-by-default.patch
- d/p/ubuntu/enable-md-clear.patch
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
- d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
(LP: #1830243)
- d/control: disable bluetooth being deprecated
- d/control*: remove sdlabi which was removed upstream
- d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
- d/control*: enable docs (now explicit) and provide new build-dep
python3-sphinx
- d/not-installed: ignore new interop docs and extra icons for now
- d/not-installed: do not install elf2dmp until namespaced
- d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
- d/qemu-system-data.install: use new paths for formerly used icons
- d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
fix i386 build error
Date: Mon, 24 Jun 2019 16:33:19 +0200
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:4.0+dfsg-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 24 Jun 2019 16:33:19 +0200
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-s390x
Architecture: source
Version: 1:4.0+dfsg-0ubuntu1
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
qemu - fast processor emulator, dummy package
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-data - QEMU full system emulation (data files)
qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-s390x - QEMU full system emulation binaries (s390x)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Launchpad-Bugs-Fixed: 1782206 1828038 1830238 1830243 1832622
Changes:
qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium
.
* Merge with Upstream release of qemu 4.0.
Among many other things this fixes LP Bugs:
LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA)
LP: #1828038 - Update s390x CPU Model for more HW support
LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el
Remaining Changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-system-common.qemu-kvm.service: systemd unit to call
qemu-kvm-init
- d/qemu-system-common.install: install helper script
- d/qemu-system-common.maintscript: clean old sysv and upstart scripts
- d/qemu-system-common.qemu-kvm.default: defaults for
/etc/default/qemu-kvm
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Enable nesting by default
- d/qemu-system-x86.modprobe: set nested=1 module option on intel.
(is default on amd)
- d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
without nested=1
- d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
in qemu64 cpu type.
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
- d/qemu-system-x86.README.Debian: document intention of nested being
default is comfort, not full support
- Distribution specific machine type (LP: 1304107 1621042)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types
- d/qemu-system-x86.NEWS Info on fixed machine type defintions
for host-phys-bits=true (LP: 1776189)
- add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- provide pseries-bionic-2.11-sxxm type as convenience with all
meltdown/spectre workarounds enabled by default. (LP: 1761372).
- improved dependencies
- Make qemu-system-common depend on qemu-block-extra
- Make qemu-utils depend on qemu-block-extra
- let qemu-utils recommend sharutils
- s390x support
- Create qemu-system-s390x package
- Enable numa support for s390x
- arch aware kvm wrappers
- d/control: update VCS links
- qemu-guest-agent: freeze-hook fixes (LP: 1484990)
- d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
- d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
- d/control-in: enable RDMA support in qemu (LP: 1692476)
- enable RDMA config option
- add libibumad-dev build-dep
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/control-in: Disable capstone disassembler library support (universe)
- Move s390x roms to a new qemu-system-data-s390x
- d/qemu-system-data.install: install s390x roms as architecture:all in
qemu-system-data
- d/rules: build s390-ccw.img with upstream Makefile
- d/rules: build s390-netboot.img with upstream Makefile
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
As that hack to build s390-ccw.img rom can't build s390x-netboot.img
replace it with a build-indep using the upstream makefiles.
This is less prone to miss future changes/fixes that are done to the
makefiles
- d/control-in: add breaks/replaces for moving s390x roms from
qemu-system-s390x to qemu-system-data
- remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
[From not yet uploaded Debian branch]
- d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
- d/rules: fix qemu-kvm service for debhelper compat >=12
- disable pvrdma - besides several security holes there are many other
bugs there as well
* Dropped patches that are upstream in v4.0
- d/p/do-not-link-everything-with-xen.patch
- d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
- d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch
- d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
- d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778
- d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch
- d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor
(LP: 1759509)
- d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri
- d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and
- d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement
- d/p/ubuntu/CVE-2018-20815.patch
- d/p/ubuntu/CVE-2019-5008.patch
- d/p/ubuntu/CVE-2019-9824.patch
- d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
avoid misdetection of simplified nesting blocking all migrations
* Dropped further patches
d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665
[upstream deprecated the whole subsystem instead of applying the fix]
* Added Changes
- updated ubuntu machine types for v4.0
- added eoan types
- fixed s390x issue of upstream types having a "v" prefix
- add back dropped machine types to avoid more issues like LP: 1802944
- fix kvm split irqchip default in ubuntu q35 machine type
- drop no more needed spapr_machine_2_11_sxxm_instance_options and
adapt updated CamelCase
- -hpb types now need to use GlobalProperties
- pc_compat_2_0 got a _fn suffix and slight changes
- d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to
SLOF of qemu 4.0
- Refreshed patches still needed for v4.0 context changes
- d/p/use-fixed-data-path.patch
- d/p/ubuntu/enable-svm-by-default.patch
- d/p/ubuntu/enable-md-clear.patch
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch
- d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration
(LP: #1830243)
- d/control: disable bluetooth being deprecated
- d/control*: remove sdlabi which was removed upstream
- d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238)
- d/control*: enable docs (now explicit) and provide new build-dep
python3-sphinx
- d/not-installed: ignore new interop docs and extra icons for now
- d/not-installed: do not install elf2dmp until namespaced
- d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
- d/qemu-system-data.install: use new paths for formerly used icons
- d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch:
fix i386 build error
Checksums-Sha1:
570c2c2cef5be541850a1030e8c3bbad7768d7db 6777 qemu_4.0+dfsg-0ubuntu1.dsc
d70b893d085b7d31d9cbd731e5ed93c8e96ec3f5 32185176 qemu_4.0+dfsg.orig.tar.xz
fcf5b40eb4ced6861ec23fa967acab2ec8e98f6d 189576 qemu_4.0+dfsg-0ubuntu1.debian.tar.xz
e72795c9a1eb7997c893a99ddf10260d900b7c84 9553 qemu_4.0+dfsg-0ubuntu1_source.buildinfo
Checksums-Sha256:
bce9aa50038fe1d6b28cd95064c3ba9820663e84455a7e9d6c69f1a67e83f0d8 6777 qemu_4.0+dfsg-0ubuntu1.dsc
9802e0c920eb6c87371b13864005b51aa8dda288e9667fb80d6b1fa7d185b6d9 32185176 qemu_4.0+dfsg.orig.tar.xz
0d23b04d78b8eaef3a582e2eb58d56831d7e7318a2392e41c90220def77c1ba0 189576 qemu_4.0+dfsg-0ubuntu1.debian.tar.xz
f9469cfeec599a586f57d2f1c71c46be33b3bcd991ae2b57ec31a0932266d326 9553 qemu_4.0+dfsg-0ubuntu1_source.buildinfo
Files:
b2afa4adb03db8b85549a9e1fd9034d5 6777 otherosfs optional qemu_4.0+dfsg-0ubuntu1.dsc
a06a1e78bba9ee44948589f83fc80066 32185176 otherosfs optional qemu_4.0+dfsg.orig.tar.xz
42c493c2b0c0513465a5328d8a3a63fb 189576 otherosfs optional qemu_4.0+dfsg-0ubuntu1.debian.tar.xz
4183352dadcff95f2fa99cfa3e8ab30d 9553 otherosfs optional qemu_4.0+dfsg-0ubuntu1_source.buildinfo
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEktYY9mjyL47YC+71uj4pM4KAskIFAl0cXwoACgkQuj4pM4KA
skIiMhAAh9AsdzHEp3YX7kqtfdN6hA/GMqVBd81B0X69pxqO0p6btOYU4ZEL79hN
iUm2r9Bry5CxPpWSxlb9z6LUVPTU/vV8n+HkFJhS8DyIa1DPkGER8gSEMYbOC/6Y
uP20oDOuyGeJq9Hgs4Y5QkRJOhdX6vGnoRg2TeRqKTSNzlgGjXqS1aJ5Fq6BO9+s
T7gqb2IAs3FIF8inxrccmHgjSn9LDpjD8PAVtoqWmcM1684ooFDfrbUnHn/M4o/a
ofbB6iI81RG36b2lZZS3esY40wnQGZcOmxwlNQRWPcTEkRi7eEQLAyv9MRUPEiP2
4MsAOffsZPWwKP9xNCjVkmzj43NGmdpj0GN5EjS1YjU4r9oQ9EIEVc4a71tfLxJh
3f1HQIet1BMOITto0pVYa0nmFbIQ5cXr4Hp9lJRfywi3qP2TU97TJ+QcFPumysgV
CyuDrHQt26WGPrLvL8gmIwJVxKFG96cU2z+HURBKWbqo/DmLHeYzTH/ey3gVkS3t
kFkfr2A8JtNCmoRC36vJHOOrz0VIABSZ6NoVKX/aeG3cQqInxtzj4vyb7TDYtpE4
+nURO4O5qYhObkIct53slWGxLtgOtgEzK62UxAwN9Epa4zrQsr64XfNzvgJ0oL2w
Gac4dKwxDbsx1HBZB8LG7zjxoa4F2HKmnvXKg7FKFeGcUR0cF80=
=1gBE
-----END PGP SIGNATURE-----
More information about the Eoan-changes
mailing list