* Merge with Debian testing, Among many other things this fixes LP Bugs:
ok LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
ok LP: #1812822 - avoid crashes on detaching vhost_net interfaces
Remaining changes:
ok - qemu-kvm to systemd unit
ok - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, huge...
ok - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-...
ok - d/qemu-system-common.install: install helper script
ok - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
ok - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm
ok - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
ok - Distribution specific machine type (LP: 1304107 1621042)
ok - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types
ok - d/qemu-system-x86.NEWS Info on fixed machine type definitions for ...
ok - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
ok - provide pseries-bionic-2.11-sxxm type as convenience with all melt...
ok - improved dependencies
ok - Make qemu-system-common depend on qemu-block-extra
ok - Make qemu-utils depend on qemu-block-extra
ok - let qemu-utils recommend sharutils
ok - s390x support
ok - Create qemu-system-s390x package
ok - Enable numa support for s390x
ok - d/rules: build s390-ccw.img with upstream Makefile
ok - d/rules: build s390-netboot.img with upstream Makefile
-- - arch aware kvm wrappers
?? (are you blocking one to run QEMU/KVM on Power8 because sec issues only ?)
?? (is that something worth doing by default ?)
ok - d/control: update VCS links
ok - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
ok - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types ...
ok - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to ...
ok - d/control-in: Disable capstone disassembler library support (universe)
ok - d/control: disable bluetooth being deprecated
ok - d/not-installed: ignore new interop docs and extra icons for now
ok - d/not-installed: do not install elf2dmp until namespaced
?? (out of curiosity only, what do you mean by elf2dmp being namespaced ?)
ok - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap
ok - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
-- - d/binfmt-update-in: fix binfmt being called in some containers ...
?? (is this upstreamable ?)
- Dropped changes (in Debian)
ok - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
ok - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
ok - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
-- - d/control-in: enable RDMA support in qemu (LP: 1692476)
-- - enable RDMA config option
-- - add libibumad-dev build-dep
?? (why ? was support dropped from upstream ? is it just us ?)
ok - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back...
ok - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
ok - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
ok - d/rules: fix qemu-kvm service for debhelper compat >=12
ok - Refreshed patches for v4.0 context changes
ok - d/control*: remove sdlabi which was removed upstream
ok - d/control*: enable docs (now explicit) and provide new build-dep ...
ok - d/qemu-system-data.install: use new paths for formerly used icons
ok - Merge with Upstream release of qemu 4.0
ok - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch
- Dropped changes (Upstream)
ok - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP 1830243)
ok - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP 1830238)
ok - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: fix ...
ok - d/p/ubuntu/lp-1836066-s390-cpumodel-fix-description-for-the-new-vector ...
ok - d/p/ubuntu/lp-1836159-fix-with-latest-kernel.patch: fix build issues ...
ok - d/p/ubuntu/lp-1836154-*: further fixups for HW CPU model for newer ...
ok - d/p/ubuntu/lp-1841066-*: fix detection of arch_capability flags (LP 1...
ok - d/p/lp-1842774-s390x-cpumodel-Add-the-z15-name-to-the-description-o.p...
ok - d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.p...
ok - d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-*: ...
ok - d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch ...
ok - SECURITY UPDATE: Add support for exposing md-clear functionality to guests
ok - d/p/ubuntu/enable-md-clear.patch
ok - d/p/ubuntu/enable-md-no.patch
ok - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
ok - SECURITY UPDATE: heap overflow when loading device tree blob
ok - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to ...
ok - CVE-2018-20815
ok - SECURITY UPDATE: device driver denial of service via NULL pointer der...
ok - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read' routine
ok - CVE-2019-5008
ok - SECURITY UPDATE: information leak in SLiRP
ok - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when emulating ...
ok - CVE-2019-9824
ok - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimpl...
!! (typo: archicture, prob from upstream)
* Dropped changes (no more needed)
ok - d/qemu-guest-agent.pre{rm|inst}/.postrm: special handling for mv_conf...
[ only needed between disco and eoan ]
ok - disable pvrdma
ok [ CVEs all fixed now ]
!! (does this mean we now have the pvrdma feature ? should we highlight that ?)
ok - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: av...
[ qemu now detects and handles nesting - needs kernel >=4.20 ]
ok - Enable nesting by default
ok - d/qemu-system-x86.modprobe: set nested=1 module option on intel. ...
ok - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded ...
ok - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default ...
ok - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default...
ok - d/qemu-system-x86.README.Debian: document intention of nested being ...
[ nesting is default in kernel modules and default selected cpu types ]
* Added changes
ok - d/control: regenerate debian/control out of control-in
ok - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
ok - added ubuntu focal types for qemu 4.2
ok - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
ok - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model (LP: #1857033)
ok - d/qemu-system-x86.README.Debian: add info abou nesting changes
!! (abou <- typo)
ok - d/control*, d/rules: disable xen by default, but provide universe pac...
ok - fix typos in changelog and d/qemu-system-x86.NEWS
?? (maybe remove typo changes as they are not important for changelog ?)
ok - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
-- Christian Ehrhardt <email address hidden> Wed, 08 Jan 2020 15:27:42 +0100
(https:/ /pastebin. ubuntu. com/p/b5hgJggtS p/)
##
## NOTES USING CHANGELOG FILE
##
qemu (1:4.2-1ubuntu1) focal; urgency=medium
* Merge with Debian testing, Among many other things this fixes LP Bugs:
ok LP: #1847806 - add mff* instructions to not break on ppc64 with newer glibc
ok LP: #1812822 - avoid crashes on detaching vhost_net interfaces
Remaining changes:
ok - qemu-kvm to systemd unit system- common. qemu-kvm. service: systemd unit to call qemu-kvm-... system- common. install: install helper script system- common. maintscript: clean old sysv and upstart scripts system- common. qemu-kvm. default: defaults for /etc/default/ qemu-kvm define- ubuntu- machine- types.patch: define distro machine types system- x86.NEWS Info on fixed machine type definitions for ... qemu-system- x86.NEWS bionic- 2.11-sxxm type as convenience with all melt... pre-bionic- 256k-ipxe- efi-roms. patch: old machine types ... 256k-compat- efi-roms to be able to ... utils.install: install new tools qemu-edid and qemu-keymap
ok - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, huge...
ok - d/qemu-
ok - d/qemu-
ok - d/qemu-
ok - d/qemu-
ok - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
ok - Distribution specific machine type (LP: 1304107 1621042)
ok - d/p/ubuntu/
ok - d/qemu-
ok - add an info about -hpb machine type in debian/
ok - provide pseries-
ok - improved dependencies
ok - Make qemu-system-common depend on qemu-block-extra
ok - Make qemu-utils depend on qemu-block-extra
ok - let qemu-utils recommend sharutils
ok - s390x support
ok - Create qemu-system-s390x package
ok - Enable numa support for s390x
ok - d/rules: build s390-ccw.img with upstream Makefile
ok - d/rules: build s390-netboot.img with upstream Makefile
-- - arch aware kvm wrappers
?? (are you blocking one to run QEMU/KVM on Power8 because sec issues only ?)
?? (is that something worth doing by default ?)
ok - d/control: update VCS links
ok - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
ok - d/p/ubuntu/
ok - d/control-in: depend on ipxe-qemu-
ok - d/control-in: Disable capstone disassembler library support (universe)
ok - d/control: disable bluetooth being deprecated
ok - d/not-installed: ignore new interop docs and extra icons for now
ok - d/not-installed: do not install elf2dmp until namespaced
?? (out of curiosity only, what do you mean by elf2dmp being namespaced ?)
ok - d/qemu-
ok - d/control-in: promote qemu-efi/ovmf in Ubuntu (LP 1570617)
-- - d/binfmt-update-in: fix binfmt being called in some containers ...
?? (is this upstreamable ?)
- Dropped changes (in Debian)
ok - qemu-guest-agent: freeze-hook fixes (LP: 1484990) guest-agent. install: provide /etc/qemu/ fsfreeze- hook guest-agent. dirs: provide /etc/qemu/ fsfreeze- hook.d lp-1790901- partial- SLOF-for- s390x-netboot. patch: bring back... qemu-guest- service. patch: fix path of qemu-ga system- data.install: use new paths for formerly used icons lp-1790901- partial- SLOF-for- s390x-netboot. patch
ok - d/qemu-
ok - d/qemu-
-- - d/control-in: enable RDMA support in qemu (LP: 1692476)
-- - enable RDMA config option
-- - add libibumad-dev build-dep
?? (why ? was support dropped from upstream ? is it just us ?)
ok - d/p/ubuntu/
ok - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
ok - d/p/debianize-
ok - d/rules: fix qemu-kvm service for debhelper compat >=12
ok - Refreshed patches for v4.0 context changes
ok - d/control*: remove sdlabi which was removed upstream
ok - d/control*: enable docs (now explicit) and provide new build-dep ...
ok - d/qemu-
ok - Merge with Upstream release of qemu 4.0
ok - d/p/ubuntu/
- Dropped changes (Upstream)
ok - d/p/ubuntu/ lp-1830243- *: s390x Secure Linux Boot Toleration (LP 1830243) lp-1830238- *: s390x hardware cpu model (LP 1830238) linux-user- fix-__NR_ semtimedop- undeclared- error.patch: fix ... lp-1836066- s390-cpumodel- fix-description -for-the- new-vector ... lp-1836159- fix-with- latest- kernel. patch: fix build issues ... lp-1836154- *: further fixups for HW CPU model for newer ... lp-1841066- *: fix detection of arch_capability flags (LP 1... 1842774- s390x-cpumodel- Add-the- z15-name- to-the- description- o.p... lp-1848556- curl-Handle- success- in-multi_ check_completio n.p... 1848497- virtio- balloon- fix-QEMU- 4.0-config- size-migration- *: ... lp-1830704- s390x-cpumodel- ignore- csske-for- expansion. patch ... enable- md-clear. patch enable- md-no.patch CVE-2018- 20815.patch: specify how large the buffer to ... CVE-2019- 5008.patch: Define skeleton 'power_mem_read' routine CVE-2019- 9824.patch: check sscanf result when emulating ... lp-1812384- s390x-Return- specification- exception- for-unimpl. ..
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/p/lp-
ok - d/p/ubuntu/
ok - d/p/u/lp-
ok - d/p/ubuntu/
ok - SECURITY UPDATE: Add support for exposing md-clear functionality to guests
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
ok - SECURITY UPDATE: heap overflow when loading device tree blob
ok - d/p/ubuntu/
ok - CVE-2018-20815
ok - SECURITY UPDATE: device driver denial of service via NULL pointer der...
ok - d/p/ubuntu/
ok - CVE-2019-5008
ok - SECURITY UPDATE: information leak in SLiRP
ok - d/p/ubuntu/
ok - CVE-2019-9824
ok - d/p/ubuntu/
!! (typo: archicture, prob from upstream)
* Dropped changes (no more needed)
ok - d/qemu- guest-agent. pre{rm| inst}/. postrm: special handling for mv_conf... Revert- target- i386-kvm- add-VMX- migration- blocker. patch: av... system- x86.modprobe: set nested=1 module option on intel. ... system- x86.postinst: re-load kvm_intel.ko if it was loaded ... expose- vmx_qemu64cpu. patch: expose nested kvm by default ... enable- svm-by- default. patch: Enable nested svm by default... system- x86.README. Debian: document intention of nested being ...
[ only needed between disco and eoan ]
ok - disable pvrdma
ok [ CVEs all fixed now ]
!! (does this mean we now have the pvrdma feature ? should we highlight that ?)
ok - d/p/ubuntu/
[ qemu now detects and handles nesting - needs kernel >=4.20 ]
ok - Enable nesting by default
ok - d/qemu-
ok - d/qemu-
ok - d/p/ubuntu/
ok - d/p/ubuntu/
ok - d/qemu-
[ nesting is default in kernel modules and default selected cpu types ]
* Added changes
ok - d/control: regenerate debian/control out of control-in lp-1857033- *: add support for Cooper Lake cpu model (LP: #1857033) system- x86.README. Debian: add info abou nesting changes system- x86.NEWS
ok - updated ubuntu machine types to match qemu 4.2 in Ubuntu 20.04 Focal
ok - added ubuntu focal types for qemu 4.2
ok - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
ok - d/p/ubuntu/
ok - d/qemu-
!! (abou <- typo)
ok - d/control*, d/rules: disable xen by default, but provide universe pac...
ok - fix typos in changelog and d/qemu-
?? (maybe remove typo changes as they are not important for changelog ?)
ok - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527)
-- Christian Ehrhardt <email address hidden> Wed, 08 Jan 2020 15:27:42 +0100