# CHECKLIST ---------------------------- [.] changelog entry correct [.] targeted to correct codename [.] version number is correct [.] update-maintainer has been run before ---- [.] changes forwarded upstream/debian (if appropriate) [.] patches match what was proposed upstream ---- [.] patches correctly included in debian/patches/series? [.] patches have correct DEP3 metadata ---------------------------- [.] = ok | [x] = not ok | [?] = question | [!] = note | [-] = n/a ---------------------------- # comments: qemu (1:5.0-5ubuntu1) groovy; urgency=medium * Merge with Debian testing (LP: #1749393), remaining changes: 4581740cab7 * qemu-kvm to systemd unit - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm 79aed57fd1c - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372) - d/p/ubunt> - Distribution specific machine type (LP: 1304107 1621042) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types - d/qemu-system-x86.NEWS Info on fixed machine type definitions for host-phys-bits=true (LP: 1776189) - add an info about -hpb machine type in debian/qemu-system-x86.NEWS - provide pseries-bionic-2.11-sxxm type as convenience with all meltdown/spectre workarounds enabled by default. (LP: 1761372). - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type acf3107a07e * Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested sv> - Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd [ No more strictly needed, but required for backward compatibility ] c704d2e77cf * improved dependencies - Make qemu-system-common depend on qemu-block-extra - improved dependencies - Make qemu-system-common depend on qemu-block-extra c327586b02b - Make qemu-utils depend on qemu-block-extra - Make qemu-utils depend on qemu-block-extra c6e094c8034 - let qemu-utils recommend sharutils - let qemu-utils recommend sharutils 6eef2a30dd4 * arch aware kvm wrappers - arch aware kvm wrappers 5f2950e6fec - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) - d/p/ubuntu/> - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. b65fdaa793b - d/control-in: Disable capstone disassembler library support (universe) - d/control-in: Disable capstone disassembler library support (universe) 7c33bc83f46 d/qemu-system-x86.README.Debian: add into about nesting changes - d/qemu-system-x86.README.Debian: add info about updated nesting changes 1c5c2fec351 d/control*, d/rules: disable xen by default provide universe package qemu-system-x86-xen> - d/control*, d/rules: disable xen by default, but provide universe package qemu-system-x86-xen as alternative [includes --disable-xen for user-static builds] d3069656c90 d/control-in: disable pmem on ppc64 as it is currently considered experimental on that a> - d/control-in: disable pmem on ppc64 as it is currently considered experimental on that architecture (pmdk v1.8-1) f560dd1c35a d/rules: makefile definitions can't be recursive - sys_systems for s390x - d/rules: makefile definitions can't be recursive - sys_systems for s390x ad66acef94b d/rules: report config log from the correct subdir - microvm build 23ff38c85ca d/rules: report config log from the correct subdir - xen build 24306f13e4d d/rules: report config log from the correct subdir - base build - d/rules: report config log from the correct subdir a35285a97e0 DROP (upstream): d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: allow qemu to load ol> - allow qemu to load old modules post upgrade (LP 1847361) 9b59e4122d9 d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on upgrade - d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on upgrade 6cbb985271f d/rules: generate maintainer scripts matching package version - d/rules: generate maintainer scripts matching package version on build f2e0ca838fd d/rules: enable --enable-module-upgrades where --enable-modules is set - d/rules: enable --enable-module-upgrades where --enable-modules is set 1b4f9a1be70 d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP: #1835546) - d/p/ubuntu/lp-1835546-*: backport the s390x protvirt feature (LP 1835546) 5fc3bef29d6 d/control-in: disable rbd support unavailable on riscv - d/control-in: disable rbd support unavailable on riscv (LP: 1872931) 737c16c3ebf fix assert in qemu guest agent that crashes on shutdown (LP: #1878973) - debian/patches/ubuntu/lp-1878973-*: fix assert in qemu-guest-agent that crashes it on shutdown (LP 1878973) * Dropped changes (no more needed) 4581740cab7 * qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation - d/qemu-system-common.maintscript: clean old sysv and upstart scripts ???????? THIS was not dropped, right ? acf3107a07e * Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default in qemu64 cpu type. 6a32617d607 DROP (no more needed): d/control: avoid upgrade issues by moving ivshmem tools later tha> - d/control: avoid upgrade issues triggered by moving ivshmem tools after Debian. Fixed by bumping the related Breaks/Replaces to the Version Ubuntu introduced the change (LP 1862287) * Dropped changes (in Debian) e1681d9738a * improved s390x support - d/rules: pxe netboot images for KVM s390x (LP: 1732094) - improved s390x support 0c705e13fd1 DROP (in Debian): d/binfmt-update-in: fix binfmt being called in some containers (LP: #1> - d/binfmt-update-in: fix binfmt being called in some containers (LP 1840956) 344037262e9 DROP (in Debian): d/control-in: new package qemu-system-x86-minimal for qboot/microvm us> - qemu-system-x86-microvm package In addition to the generic multi-purpose qemu also provide a minimal feature binary that is loading faster for use cases with microvm machine type and qboot bios - d/control-in: add a new qemu-system-x86-microvm package 585662b344f DROP (in Debian): d/rules: build minimal configuration for qboot/microvm usage - d/rules: add an extra config/build step to get the minimal qemu 17897a8c05d DROP (upstream): arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch e97c6b24846 DROP (upstream): net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch (#9> - Security and packaging fixes (LP 1872937) - arm-fix-PAuth-sbox-functions-CVE-2020-10702.patch - net-tulip-check-frame-size-and-r-w-data-length-CVE-2020-11102.patch CVE-2020-10702 CVE-2020-11102 - fix external spice UI 4d0147941f4 DROP (debian): install ui-spice-app.so in qemu-system-common + install ui-spice-app.so in qemu-system-common fd4ab0c7801 DROP (debian): install ui-spice-app.so only if built, spice is optional + install ui-spice-app.so only if built, spice is optional 8b8d57faa3a DROP (debian): switch binfmt registration to use update-binfmts --[un]import (#866756) - switch binfmt registration to use update-binfmts --[un]import (#866756) 8b04cd3bc4f DROP (debian): qemu-system-gui: Multi-Arch=same, not foreign (#956763) - qemu-system-gui: Multi-Arch=same, not foreign (#956763) d76929bc037 DROP (debian): qemu-system-data: s/highcolor/hicolor/ (#955741) - qemu-system-data: s/highcolor/hicolor/ (#955741) 95742c0834e DROP (debian): enable support for riscv64 hosts - enable riscv build (LP 1872931) [ changes picked from Debian ] - enable support for riscv64 hosts 5f4c8f19eb0 DROP (debian): only enable librbd on architectures where it is built - only enable librbd on architectures where it is built 2d4d87c7bfe DROP (debian): ceph: do not list librados-dev as we only use librbd-dev and the latter d> - ceph: do not list librados-dev as we only use librbd-dev and the latter depends on the former 710c181c6e8 DROP (debian): seccomp grew up, no need in versioned build-dep - seccomp grew up, no need in versioned build-dep 3db489e81ae DROP (debian): (temporarily) enable seccomp only on architectures where it can be built - enable seccomp only on architectures where it can be built * Dropped changes (upstream) 010f452dfce DROP (upstream): d/p/lp-1857033-*: add support for Cooper Lake cpu model (LP: #1857033) - d/p/ubuntu/lp-1857033-*: add support for Cooper Lake cpu model (LP 1857033) 4a2e4bf64c1 DROP (upstream): d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP: #1859527) - d/p/lp-1859527-*: avoid breakage on high virtqueue counts (LP 1859527) 1be12c3b506 DROP (upstream): d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing o> - d/p/ubuntu/vhost-user-gpu-Drop-trailing-json-comma.patch: fix parsing of vhost-user-gpu 919c10b300b DROP (upstream): d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.p> - d/p/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch: avoid unnecessary IOTLB transactions (LP 1866207) f95aa7213a6 DROP (upstream): d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream patches @qemu> - d/p/stable/lp-1867519-*: Stabilize qemu 4.2 with upstream patches @qemu-stable (LP 1867519) acf3107a07e * Enable nesting by default - d/p/ubuntu/enable-svm-by-default.patch: Enable nested sv> - remove d/p/ubuntu/expose-vmx_qemu64cpu.patch: Stop adding VMX to qemu64 to avoid broken nesting (LP 1868692) b98b163a6ae DROP (upstream): d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR (LP: #1> - d/p/ubuntu/lp-1871830-*: avoid crash when using QEMU_MODULE_DIR (LP 1871830) e937b7e96fe DROP (upstream): d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP: #1872> - d/p/ubuntu/lp-1872107*: fix migration while rebooting guests (LP 1872107) 4f8a615c839 d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms - d/p/ubuntu/lp-1872931-*: fix build on non KVM platforms fe2e8876b50 DROP (upstream): d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh > - d/p/ubuntu/lp-1872945-*: fix riscv emulation errors that e.g. hung ssh and clobbered doubles (LP 1872945) a7ea6fa0a89 DROP (upstream): CVE-2020-11869: DoS via integer overflow in ati_2d_blt() - SECURITY UPDATE: DoS via integer overflow in ati_2d_blt() - debian/patches/ubuntu/CVE-2020-11869.patch: fix checks in ati_2d_blt() to avoid crash in hw/display/ati_2d.c. - CVE-2020-11869 53eaf465d40 DROP (upstream): * d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts - async> - d/p/ubuntu/lp-1805256*: Fixes for QEMU on aarch64 ARM hosts - async: use explicit memory barriers (LP 1805256) - aio-wait: delegate polling of main AioContext if BQL not held b57ff143cf0 DROP (upstream): d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not> - d/p/ubuntu/lp-1882774-*: fix issues with VMX subfeatures on systems not supporting to set them (LP 1882774) a35285a97e0 DROP (upstream): d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: allow qemu to load ol> - d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: to fallback module load to a versioned path * Added Changes: 9287d98394e d/control: regenerate debian/control out of control-in - d/control: regenerate debian/control out of control-in - update d/p/ubuntu/lp-1835546-* to the final versions - 11 patches dropped as they are in 5.0 - 20 patches updated to how they will be in 5.1 - d/p/ubuntu/virtio-net-fix-rsc_ext-compat-handling.patch: fix FTBFS in groovy - Make qemu-system-x86-microvm a transitional package as the binary is now in qemu-system-x86 itself. - d/control-in: build-dep libcap is no more needed 6eef2a30dd4 * arch aware kvm wrappers - d/rules: update arch aware kvm wrappers 2cdbea6f0b4 d/qemu-system-x86.README.Debian: fix typo - d/qemu-system-x86.README.Debian: fix typo