kvm security and bug fix update

2011-01-20T00:00:00
ID ELSA-2011-0028
Type oraclelinux
Reporter Oracle
Modified 2011-01-20T00:00:00

Description

[kvm-83-224.0.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-224.el5] - kvm-kernel-KVM-x86-zero-kvm_vcpu_events-interrupt.pad.patch [bz#665407] - Resolves: bz#665407 (kvm_vcpu_events.interrupt.pad must be zeroed) - CVE: CVE-2010-4525 [kvm-83-223.el5] - Updated kversion to 2.6.18-237.el to match build root - Reverting patches for bz#608709 as they are not complete - kvm-kernel-Revert-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709] - kvm-kernel-Revert-KVM-Don-t-spin-on-virt-instruction-faults-dur.patch [bz#608709] - bz#608709: reboot(RB_AUTOBOOT) fails if kvm instance is running - Related: bz#661117 [kvm-83-222.el5] - kvm-kernel-kvm-change-signed-int-to-unsigned-in-mmu_shrink.patch [bz#661117] - Resolves: bz#661117 ([RHEL5.6 CC] mmu_shrink patch) [kvm-83-221.el5] - Updated kversion to 2.6.18-236.el to match build root - kvm-kernel-KVM-Don-t-spin-on-virt-instruction-faults-during-reb.patch [bz#608709] - kvm-kernel-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709] - Resolves: bz#608709 (reboot(RB_AUTOBOOT) fails if kvm instance is running) [kvm-83-220.el5] - Updated kversion to 2.6.18-235.el to match build root - kvm-load-registers-after-restoring-pvclock-msrs.patch [bz#655990] - Resolves: bz#655990 (clock drift when migrating a guest between mis-matched CPU clock speed) [kvm-83-219.el5] - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems-additional-f.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-218.el5] - kvm-vnc-fix-key-event-processing.patch [bz#643317] - Resolves: bz#643317 ('sendkey ctrl-alt-delete' dont work via VNC) [kvm-83-217.el5] - kvm-kernel-fix-null-pointer-dereference.patch [bz#570532] - Resolves: bz#570532 (CVE-2010-0435 kvm: vmx null pointer dereference) - CVE: CVE-2010-0435 [kvm-83-216.el5] - Updated kversion to 2.6.18-233.el to match build root - kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-215.el5] - Reverts previous patch (it doesnt build) - kvm-kernel-Revert-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659] - Related: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-214.el5] - kvm-kernel-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659] - Resolves: bz#642659 (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.) [kvm-83-213.el5] - kvm-No-need-to-iterate-if-we-already-are-over-the-limit.patch [bz#513765 bz#589017] - kvm-don-t-care-about-TLB-handling.patch [bz#513765 bz#589017] - kvm-Fix-transferred-memory-calculation.patch [bz#513765 bz#589017] - kvm-Maintaing-number-of-dirty-pages.patch [bz#513765 bz#589017] - kvm-Exit-loop-if-we-have-been-there-too-long.patch [bz#513765 bz#589017] - kvm-Change-calculation-to-exit-live-migration.patch [bz#513765 bz#589017] - Resolves: bz#513765 (Large guest ( 256G RAM + 16 vcpu ) hang during live migration) - Resolves: bz#589017 ([rhel5.5] [kvm] dead lock in qemu during off-line migration) [kvm-83-212.el5] - kvm-implement-dummy-PnP-support.patch [bz#652671] - Resolves: bz#652671 (If VM boot seq. is set up as nc (PXE then disk) the VM is always stuck on trying to PXE boot) [kvm-83-211.el5] - Dont try build kvmctl - Resolves: bz#632707 [kvm-83-210.el5] - Adding load_gs_index to kmod symbol greylist - Related: bz#639887 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6]) [kvm-83-209.el5] - kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639887] - Resolves: bz#639887 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6]) [kvm-83-208.el5] - Updated kversion to 2.6.18-232.el5 to match build root - kvm-kernel-KVM-x86-fix-information-leak-to-userland.patch [bz#649929] - Resolves: bz#649929 (CVE-2010-3881 kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory [5.6]) - kvm-usb-linux-increase-buffer-for-USB-control-requests.patch [bz#627343] - kvm-e1000-Fix-TCP-checksum-overflow-with-TSO.patch [bz#648328] - kvm-fix-help-string-to-reflect-the-fact-that-cpu-topolog.patch [bz#611785] - kvm-VGA-Don-t-register-deprecated-VBE-range.patch [bz#651715] - Resolves: bz#611785 ([RFE] Support cores/sockets/threads topology configuration) - Resolves: bz#627343 (husb: ctrl buffer too small error received for passthrough usb device, fixed upstream) - Resolves: bz#648328 (TCP checksum overflows in qemus e1000 emulation code when TSO is enabled in guest OS) - Resolves: bz#651715 (qemu-kvm aborted when installing the driver for the newly hotplugged rtl8139 nic) [kvm-83-207.el5] - kvm-Add-drive-readonly-option-to-help-output.patch [bz#645798] - Resolves: bz#645798 (Add drive readonly option to help output) [kvm-83-206.el5] - Updated kversion to 2.6.18-227.el5 to match build root - spec: fix/hack dependencies of kvm-kmod-debug - Resolves: bz#643272 - create qemu user/group on %post - Resolves: bz#643525 [kvm-83-205.el5] - Require right gcrypt version - Resolves: bz#503118 - spec: fix the kmod kernel version checking code - Resolves: bz#637267 - spec: fix module dir name on %install - Resolves: bz#517565 - Build kmod-kvm for kernel-debug too - Resolves: bz#517565 [kvm-83-204.el5] - kvm-don-t-link-qemu-tools-against-spice-libs.patch [bz#514578] - kvm-block-Fix-image-re-open-in-bdrv_commit.patch [bz#640949] - Resolves: bz#514578 (kvm-qemu-img subpackage has dependency on qspice-libs) - Resolves: bz#640949 (Can not commit copy-on-write images data to raw backing-image) [kvm-83-203.el5] - Updated kversion to 2.6.18-226.el5 to match build root - Add pci_get_domain_bus_and_slot to kmod symbol greylist - Related: bz#539642 (use native pci_get_bus_and_slot function) [kvm-83-202.el5] - kvm-fix-and-on-russian-keymap.patch [bz#580637] - Resolves: bz#580637 (Incorrect russian vnc keymap) [kvm-83-201.el5] - kvm-kernel-KVM-Fix-reboot-on-Intel-hosts.patch [bz#608709] - Resolves: bz#608709 (reboot(RB_AUTOBOOT) fails if kvm instance is running) - kvm-kmod-move-cancel_work_sync-availability-test-to-conf.patch [bz#539642] - kvm-kmod-use-native-pci_get_bus_and_slot-if-available.patch [bz#539642] - Resolves: bz#539642 (use native pci_get_bus_and_slot function) [kvm-83-200.el5] - Updated kversion to 2.6.18-225.el5 to match build root - kvm-qemu-fix-unsafe-ring-handling.patch [bz#568817] - CVE: CVE-2010-0431 - Resolves: bz#568817 (CVE-2010-0431 qemu: Insufficient guest provided pointers validation) [kvm-83-199.el5] - Updated kversion to 2.6.18-221.el5 to match build root - kvm-kernel-KVM-Prevent-kvm_init-from-corrupting-debugfs-structu.patch [bz#619268] - Resolves: bz#619268 (rmmod kvm modules cause host kernel panic) [kvm-83-198.el5] - run 'make sync' before final ./configure line on build - Resolves: bz#632707 (fix kvm build warnings and enable -Werror) [kvm-83-197.el5] - Updated kversion to 2.6.18-219.el5 to match build root - kvm-kill-bogus-return-ret-on-spawn_thread.patch [bz#632707] - kvm-virtio-net-fix-format-strings-on-virtio_net_receive2.patch [bz#632707] - kvm-kvmtrace-check-for-ftruncate-errors.patch [bz#632707] - Add --enable-werror to ./configure command-line [bz#632707] - Add ./configure arguments: --enable-kvm-cap-pit --enable-kvm-cap-device-assignment - Remove duplicate --enable-spice arg from ./configure - Resolves: bz#632707 (fix kvm build warnings and enable -Werror) [kvm-83-196.el5] - Updated kversion to 2.6.18-215.el5 to match build root - kvm-introduce-__rhel5-marker-into-the-migration-save-dat.patch [bz#603026] - kvm-block-raw-posix-Factor-out-cdrom_probe_device.patch [bz#609472] - kvm-raw-posix-Detect-CDROM-via-ioctl-on-linux.patch [bz#609472] - kvm-raw-posix-Don-t-use-file-name-for-host_cdrom-detecti.patch [bz#609472] - Resolves: bz#603026 (CPU save version is now 9, but the format is very different from non-RHEL5 version 9) - Resolves: bz#609472 (qemu-kvm misclassifies a /dev/cd/ disk device as a CD-ROM) [kvm-83-195.el5] - Updated kversion to 2.6.18-211.el5 to match build root - kvm-use-native-cancel_work_sync-function-if-available.patch [bz#629334] - Resolves: bz#629334 (use native cancel_work_sync() function) [kvm-83-194.el5] - Updated kversion to 2.6.18-212.el5 to match build root - kvm-Add-cache-unsafe-parameter-to-drive.patch [bz#623484] - kvm-qemu-img-convert-Use-cache-unsafe-for-output-image.patch [bz#623484] - kvm-fix-cancel_work_sync-conflict-on-compat-code.patch [bz#629333] - kvm-bz-547276-e1000-secrc-support.patch [bz#547276] - kvm-Use-native-smp_call_function_single-on-RHEL-5.5.patch [bz#533078] - kvm-use-native-smp_call_function_many.patch [bz#533078] - kvm-qemu-don-t-strip-qemu-img-and-qemu-io-in-make-instal.patch [bz#606394] - Resolves: bz#533078 (use native smp_call_function_many/single functions) - Resolves: bz#547276 (Vmcore cannot be captured by netdump when RHEL3.9 was installed as guest OS on KVM.) - Resolves: bz#606394 ([kvm] debug-info missing from kvm-qemu-img-83-164.el5_5.12) - Resolves: bz#623484 (KVM: qemu-img convert poor performance ( on NFS storage )) - Resolves: bz#629333 (fix build against kernel-devel-2.6.18-214.el5.x86_64: (cancel_work_sync() conflict)) [kvm-83-193.el5] - kvm-virtio-net-correct-packet-length-checks.patch [bz#606238] - kvm-Fix-segfault-in-mmio-subpage-handling-code.patch [bz#619413] - Resolves: bz#606238 (Virtio: Transfer file caused guest in same vlan abnormally quit) - Resolves: bz#619413 (CVE-2010-2784 qemu: insufficient constraints checking in exec.c:subpage_register() [rhel-5.6]) [kvm-83-192.el5] - kvm-Fix-changing-password-using-monitor-over-VNC.patch [bz#569743] - kvm-qcow2-Fix-qemu-img-check-segfault-on-corrupted-image.patch [bz#606434] - kvm-qcow2-Don-t-try-to-check-tables-that-couldn-t-be-loa.patch [bz#606434] - kvm-qemu-img-check-Distinguish-different-kinds-of-errors.patch [bz#606651] - kvm-qcow2-Change-check-to-distinguish-error-cases.patch [bz#606651] - Resolves: bz#569743 (Change vnc password caused 'Segmentation fault') - Resolves: bz#606434 ([kvm] segmentation fault when running qemu-img check on faulty image) - Resolves: bz#606651 ([kvm] qemu image check returns cluster errors when using virtIO block (thinly provisioned) during e_no_space events (along with EIO errors)) [kvm-83-191.el5] - kvm-kernel-KVM-MMU-fix-conflict-access-permissions-in-direct-sp.patch [bz#615225] - Resolves: bz#615225 (KVM uses wrong permissions for large guest pages) [kvm-83-190.el5] - kvm-New-slots-need-dirty-tracking-enabled-when-migrating.patch [bz#567046] - Resolves: bz#567046 (SPICE - race in KVM/Spice would cause migration to fail (slots are not registered properly?)) [kvm-83-189.el5] - kvm-Monitor-Check-for-error-in-do_change.patch [bz#611982] - Resolves: bz#611982 (Monitor doesnt check for 'change' command failure) [kvm-83-188.el5] - kvm-qcow2-Fix-access-after-end-of-array.patch [bz#605701] - kvm-qcow2-Don-t-ignore-immediate-read-write-failures.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-write_l2_entries.patch [bz#605701] - kvm-qcow2-Fix-error-return-code-in-qcow2_alloc_cluster_l.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-write_l1_entry.patch [bz#605701] - kvm-qcow2-Return-0-errno-in-l2_allocate.patch [bz#605701] - kvm-qcow2-Allow-qcow2_get_cluster_offset-to-return-error.patch [bz#605701] - kvm-qcow2-Change-l2_load-to-return-0-errno.patch [bz#605701] - kvm-qcow2-Return-right-error-code-in-write_refcount_bloc.patch [bz#605701] - kvm-qcow2-Fix-corruption-after-error-in-update_refcount.patch [bz#605701] - kvm-qcow2-Clear-L2-table-cache-after-write-error.patch [bz#605701] - kvm-qcow2-Fix-error-handling-in-l2_allocate.patch [bz#605701] - kvm-qcow2-Restore-L1-entry-on-l2_allocate-failure.patch [bz#605701] - kvm-qcow2-Allow-get_refcount-to-return-errors.patch [bz#605701] - kvm-qcow2-Allow-alloc_clusters_noref-to-return-errors.patch [bz#605701] - kvm-qcow2-Return-real-error-code-in-load_refcount_block.patch [bz#605701] - kvm-block-Add-bdrv_-p-write_sync.patch [bz#572825] - kvm-qcow2-Use-bdrv_-p-write_sync-for-metadata-writes.patch [bz#572825] - Resolves: bz#572825 (qcow2 image corruption when using cache=writeback) - Resolves: bz#605701 (Backport qcow2 fixes to RHEL 5) [kvm-83-187.el5] - kvm-Error-checking.patch [bz#587049] - kvm-Avoid-thundering-herd-problem.patch [bz#587049] - Resolves: bz#587049 (qemu posix_aio use pthread_cond_signal instead of broadcast to prevent lock storm) [kvm-83-186.el5] - Updated kversion to 2.6.18-203.el5 to match build root - kvm-kernel-KVM-Keep-slot-ID-in-memory-slot-structure.patch [bz#606953] - kvm-kernel-KVM-Prevent-internal-slots-from-being-COWed.patch [bz#606953] - Resolves: bz#606953 (fork causes trouble for vcpu threads) [kvm-83-185.el5] - kvm-turn-off-kvmclock-when-resetting-cpu.patch [bz#588878] - kvm-raw-posix-Use-pread-pwrite-instead-of-lseek-read-wri.patch [bz#600375] - kvm-block-Cache-total_sectors-to-reduce-bdrv_getlength-c.patch [bz#600375] - Resolves: bz#588878 (Rebooting a kernel with kvmclock enabled, into a kernel with kvmclock disabled, causes random crashes) - Resolves: bz#600375 (Excessive lseek() causes severe performance issues with vm disk images over NFS) [kvm-83-184.el5] - kvm-virtio-net-truncating-packet.patch [bz#606238] - Resolves: bz#606238 (Virtio: Transfer file caused guest in same vlan abnormally quit) [kvm-83-183.el5] - kvm-virtio-blk.c-avoid-zero-every-request-structure.patch [bz#598042] - kvm-qemu-io-Open-files-read-write-again.patch [bz#601494] - Resolves: bz#598042 (virtio-blk: Avoid zeroing every request structure) - Resolves: bz#601494 (qemu-io: No permission to write image) [kvm-83-182.el5] - kvm-kernel-KVM-Fix-wallclock-version-writing-race.patch [bz#592021] - Resolves: bz#592021 (race condition in pvclock wallclock calculation) - kvm-qcow2-Fix-corruption-after-refblock-allocation.patch [bz#598488] - Resolves: bz#598488 (qcow2 corruption bug in refcount table growth) [kvm-83-181.el5] - kvm-kernel-KVM-MMU-bail-out-pagewalk-on-kvm_read_guest-error.patch [bz#588251] - Resolves: bz#588251 (kvm spinning updating a guest pte, unkillable) - kvm-qemu-img-rebase-Fix-output-image-corruption.patch [bz#587278] - kvm-block-Fix-bdrv_commit.patch [bz#587604] - Resolves: bz#587278 (After re-base snapshot, the file in the snapshot disappeared) - Resolves: bz#587604 (Qcow2 snapshot got corruption after commit using block device) [kvm-83-180.el5] - kvm-qemu-img-open-file-to-be-rebased-with-read-write-per.patch [bz#587605] - Resolves: bz#587605 (Failed to re-base qcow2 snapshot) [kvm-83-179.el5] - Renumber kvm module patches from 501-625 to 1501-1625 (so the userspace patch numbers can use slots 501 to 1500) - kvm-qcow2-Export-synchronous-qcow_read-write-to-avoid-br.patch [bz#542954] - Resolves: bz#542954 (Guest suffers kernel panic when save snapshot then restart guest) [kvm-83-178.el5] - Remove bios-nohotplug.bin from package - Related: bz#498774 (QEMU: Too many devices are available for unplug in Windows XP (and we dont support that)) [kvm-83-177.el5] - kvm-Bail-out-when-VCPU_CREATE-fails.patch [bz#587661] - Resolves: bz#587661 (Fix segfault when creating more vcpus than allowed.) [kvm-83-176.el5] - kvm-Revert-fix-wrong-acpi-mapping-rhel5.x-kvm-userspace.patch [bz#576554] - patch causes issues when using Spice without QXL on some guest OSes [bz#581758 comment 8] - Related: bz#576554 (Win7/32 stuck on 100% CPU (in testing VDI driver unclassified WHQL tests)) [kvm-83-175.el5] - kvm-kernel-EPT-accessed-bit-emulation-fixed.patch [bz#582038] - Resolves: bz#582038 (backport EPT accessed bit emulation) [kvm-83-174.el5] - kvm-kernel-Revert-EPT-accessed-bit-emulation.patch [bz#582038] (patch fails to build) - Related: bz#582038 (backport EPT accessed bit emulation) [kvm-83-173.el5] - kvm-kernel-EPT-accessed-bit-emulation.patch [bz#582038] - Resolves: bz#582038 (backport EPT accessed bit emulation) [kvm-83-172.el5] - kvm-qcow2-Remove-abort-on-free_clusters-failure.patch [bz#583947] - Resolves: bz#583947 (Guest aborted when make guest stop on write error) [kvm-83-171.el5] - kvm-pcnet-make-subsystem-vendor-id-match-hardware.patch [bz#521247] - kvm-read-only-add-RO-feature-macro.patch [bz#510630] - kvm-read-only-Pass-the-read-only-attribute-to-the-Guest.patch [bz#510630] - kvm-read-only-BDRV_O_FLAGS-changes-default-now-is-read-o.patch [bz#510630] - kvm-read-only-qemu-img-Allow-opening-an-image-with-read-.patch [bz#510630] - kvm-read-only-Added-readonly-option-to-drive-s-command-l.patch [bz#510630] - kvm-read-only-Make-CDROM-a-read-only-drive.patch [bz#510630] - kvm-read-only-Disable-fall-back-to-read-only.patch [bz#510630] - kvm-read-only-Open-backing-file-read-only-where-possible.patch [bz#510630] - kvm-read-only-don-t-rely-on-CDROM-hint-for-read_only-att.patch [bz#510630] - kvm-read-only-open-for-read-only-where-possible.patch [bz#510630] - kvm-read-only-allow-read-only-CDROM-with-any-interface.patch [bz#510630] - Resolves: bz#510630 (-drive arg has no way to request a read only disk) - Resolves: bz#521247 (emulated pcnet nic in qemu-kvm has wrong PCI subsystem ID for Windows XP driver) [kvm-83-170.el5] - kvm-fix-wrong-acpi-mapping-rhel5.x-kvm-userspace.patch [bz#576554] - Resolves: bz#576554 (Win7/32 stuck on 100% CPU (in testing VDI driver unclassified WHQL tests)) [kvm-83-169.el5] - kvm-qcow2-Factor-next_refcount_table_size-out.patch [bz#577225] - kvm-qcow2-Rewrite-alloc_refcount_block-grow_refcount_tab.patch [bz#577225] - kvm-qcow2-More-checks-for-qemu-img-check.patch [bz#577225] - Resolves: bz#577225 (qcow2 corruption with I/O error during refcount block allocation) - Added register_kprobe and unregister_kprobe to the ignored ksyms list - Resolves: bz#580410 (Failed to install kvm for failed dependencies: ksym) [kvm-83-168.el5] - Fix build warnings: - kvm-Revert-avoid-leaving-orphaned-swapcache-in-ksm.patch [bz#575585] - Related: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) - kvm-avoid-leaving-orphaned-swapcache-in-ksm-v2.patch.patch [bz#575585] - Resolves: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) [kvm-83-167.el5] - kvm-avoid-leaving-orphaned-swapcache-in-ksm.patch [bz#575585] - Resolves: bz#575585 (memory reported as used (by SwapCache and by Cache) though no process holds it.) [kvm-83-166.el5] - kvm-Build-an-additional-bios-without-hotplug-support.patch [bz#498774] - Resolves: bz#498774 (QEMU: Too many devices are available for unplug in Windows XP (and we dont support that)) [kvm-83-165.el5] - Updated kversion to 2.6.18-194.el5 to match build root - kvm-kernel-account-only-for-IRQ-injected-into-vcpu0.patch [bz#555727] - kvm-kernel-Backport-KVM-fix-irq_source_id-size-verification.patch [bz#520572] - kvm-kernel-KVM-x86-disable-paravirt-mmu-reporting.patch [bz#574621] - Resolves: bz#520572 (SR-IOV -- Guest exit and host hang on if boot VM with 8 VFs assigned) - Resolves: bz#555727 (Time drift in win2k3-64bit and win2k8-64bit smp guest) - Resolves: bz#574621 (Linux pvmmu guests (FC11, FC12, etc) crash on boot on AMD hosts with NPT disabled) - kvm-kbd-leds-infrastructure.patch [bz#517814] - kvm-kbd-leds-ps-2-kbd.patch [bz#517814] - kvm-kbd-leds-usb-kbd.patch [bz#517814] - kvm-kbd-keds-vnc.patch [bz#517814] - Resolves: bz#517814 (Caps Lock the keys appearance of guest is not synchronous as hosts --view kvm with vnc)