qemu 1:3.1+dfsg-2ubuntu1 source package in Ubuntu

Changelog

qemu (1:3.1+dfsg-2ubuntu1) disco; urgency=medium

  * Merge with Debian testing, Among many other things this fixes LP Bugs:
    LP: #1806104 - fix misleading page size error on ppc64el
    LP: #1782205 - SnowRidge enabled new ISAs
    LP: #1786956 - upgrade to qemu >= 3.0
    LP: #1809083 - Backward migration to Xenial on ppc64el
    LP: #1803315 - s390x Huge page enablement
    LP: #1657409 - enable virglrenderer
    Remaining Changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-kvm.service: systemd unit to call qemu-kvm-init
      - d/qemu-system-common.install: install systemd unit and helper script
      - d/qemu-system-common.maintscript: clean old sysv and upstart scripts
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: install /etc/default/qemu-kvm
    - Enable nesting by default
      - d/qemu-system-x86.modprobe: set nested=1 module option on intel.
        (is default on amd)
      - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded
        without nested=1
      - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default
        in qemu64 cpu type.
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
      - d/qemu-system-x86.README.Debian: document intention of nested being
        default is comfort, not full support
    - Distribution specific machine type (LP: 1304107 1621042 1776189 1761372)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types
      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
        for host-phys-bits=true (LP: 1776189)
      - add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - d/p/ubuntu/lp-1761372-*: provide pseries-bionic-2.11-sxxm type as
        convenience with all meltdown/spectre workarounds enabled by default.
        (LP: 1761372).
    - improved dependencies
      - Make qemu-system-common depend on qemu-block-extra
      - Make qemu-utils depend on qemu-block-extra
      - let qemu-utils recommend sharutils
    - s390x support
      - Create qemu-system-s390x package
      - Enable numa support for s390x
    - arch aware kvm wrappers
    - d/control: update VCS links (updated to match latest Ubuntu)
    - qemu-guest-agent: freeze-hook fixes (LP: 1484990)
      - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook
      - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d
    - d/control-in: enable RDMA support in qemu (LP: 1692476)
        - enable RDMA config option
        - add libibumad-dev build-dep
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/control-in: Disable capstone disassembler library support (universe)
  * Added Changes:
    - d/p/ubuntu/define-ubuntu-machine-types.patch: update machine type changes
      for qemu 3.1 in the Ubuntu Disco release
    - d/p/ubuntu/lp-1759509-* fix waking up VMs from dompmsuspend (LP: #1759509)
    - Move s390x roms to a new qemu-system-data-s390x
      - d/qemu-system-data.install: install s390x roms as architecture:all in
        qemu-system-data
      - d/rules: build s390-ccw.img with upstream Makefile
      - d/rules: build s390x-netboot.img with upstream Makefile
      - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back
        some SLOF bits stripped in DFSG to be able to build s390x-netboot roms
        As that hack to build s390-ccw.img rom can't build s390x-netboot.img
        replace it with a build-indep using the upstream makefiles.
        This is less prone to miss future changes/fixes that are done to the
        makefiles
      - d/control-in: add breaks/replaces for moving s390x roms from
        qemu-system-s390x to qemu-system-data
    - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945)
      [From not yet uploaded Debian branch]
    - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga
      (Closes: #918378)
    - d/rules: fix qemu-kvm service for debhelper compat >=12
    - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch:
      avoid misdetection of simplified nesting blocking all migrations
    - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-
      unimplement.patch: properly return archicture defined exception
      on bad subcodes of diag 308 (LP: #1812384)
  * Dropped Changes:
    - Include s390-ccw.img firmware (old style native build)
    - d/rules enable install s390x-netboot.img (old style native build)
    - libvirt/qemu user/group support
      - qemu-system-common.postinst: remove acl placed by udev, and add udevadm
        trigger.
        [ Droppable since logind properly sets ACLs now ]
      - qemu-system-common.preinst: add kvm group if needed
        [ Droppable because systemd/udev take care of it since 239-6]
    - d/p/guest-agent-freeze-hook-skip-dpkg-artifacts.patch of qemu-guest-agent
      freeze-hook fixes (LP: 1484990)
      [upstream]
    - d/p/ubuntu/CVE-2018-3639/* update for qemu 2.12 using the final patches
      merged upstream
      [upstream]
    - d/p/ubuntu/CVE-2018-11806-slirp-correct-size.patch: slirp: correct size
      computation while concatenating mbuf.
      CVE-2018-11806
      [upstream]
    - d/p/ubuntu/lp-1781526-powerpc64-align-memory-THP.patch: align to 2MB
      for powerpc64 to speed up translation (LP: 1781526)
      [upstream]
    - d/p/ubuntu/lp-1780773-s390x-cpumodels-add-z14-Model-ZR1.patch: Add
      cpu model for z14 ZR1 (LP: 1780773).
      [upstream]
    - Mark qemu-system-data foreign to be able to install it e.g. on i386
      (Closes: 903562)
      [in Debian]
    - d/control-in: qemu-keymaps is provided by qemu-system-data now (from yet
      unreleased Debian version)
      [in Debian]
    - d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered
      by migrations with UI frontends or frequent guest resolution changes
      (LP #1755912)
      [upstream]
    - d//ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to
      extend eieio for POWER9 emulation (LP: 1787408).
      [upstream]
    - d/p/ubuntu/lp-1789551-seccomp-set-the-seccomp-filter-to-all-threads.patch:
      ensure that the seccomp blacklist is applied to all threads (LP: 1789551)
      [upstream]
    - improve s390x spectre mitigation with etoken facility (LP: 1790457)
      [upstream]
    - Update pxe netboot images for KVM s390x to qemu 3.0 level (LP: 1790901)
      [upstream]
    - d/control-in: our addition of a qemu-system-s390x package needs to follow
      the split of qemu-system-data by adding a dependency to it (LP: 1798084)
      [in Debian]
    - debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
      Adapters on s390x (LP: 1787405)
      [upstream]
    - enable opengl for vfio-MDEV support (LP: 1804766)
      [in Debian]
    - SECURITY UPDATE: integer overflow in NE2000 NIC emulation
      [upstream]
    - SECURITY UPDATE: integer overflow via crafted QMP command
      [upstream]
    - SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
      [upstream]
    - SECURITY UPDATE: buffer overflow in rtl8139
      [upstream]
    - SECURITY UPDATE: buffer overflow in pcnet
      [upstream]
    - SECURITY UPDATE: DoS via large packet sizes
      [upstream]
    - SECURITY UPDATE: DoS in lsi53c895a
      [upstream]
    - SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
      [upstream]
    - SECURITY UPDATE: race condition in 9p
      [upstream]

qemu (1:3.1+dfsg-2) unstable; urgency=medium

  * d/rules: split arch and indep builds
  * enable s390x cross-compiler and build s390-ccw.img (Closes: #684909)
  * build x86 optionrom in qemu-system-data (was in seabios/debian/)
  * qemu-system-data: Multi-Arch: allowed=>foreign (Closes: #903562)
  * fix Replaces: version for qemu-system-common (Closes: #916279)
  * add simple udev rules file for systemd guest agent (Closes: #916674)
  * usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch
    Race condition in usb_mtp implementation (Closes: #916397)
  * bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665.patch
    Memory corruption in bluetooth subsystem (Closes: #916278)
  * hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch (Closes: #917007)
  * bump debhelper compat to 12 (>>11)
  * d/rules: use dh_missing instead of dh_install --list-missing (compat=12)
  * use dh_installsystemd for guest agent (Closes: #916625)
  * mention closing by 3.1: Closes: #912655, CVE-2018-16847
  * mention closing by 2.10:
    Closes: #849798, CVE-2016-10028
    Closes: CVE-2017-9060
    Closes: CVE-2017-8284

qemu (1:3.1+dfsg-1) unstable; urgency=medium

  * new upstream release (3.1)
  * Security bugs fixed by upstream:
    Closes: #910431, CVE-2018-10839:
     integer overflow leads to buffer overflow issue
    Closes: #911468, CVE-2018-17962
     pcnet: integer overflow leads to buffer overflow
    Closes: #911469, CVE-2018-17963
     net: ignore packets with large size
    Closes: #908682, CVE-2018-3639
     qemu should be able to pass the ssbd cpu flag
    Closes: #901017, CVE-2018-11806
     m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
     via incoming fragmented datagrams
    Closes: #902725, CVE-2018-12617
     qmp_guest_file_read in qemu-ga has an integer overflow
    Closes: #907500, CVE-2018-15746
     qemu-seccomp might allow local OS guest users to cause a denial of service
    Closes: #915884, CVE-2018-16867
     dev-mtp: path traversal in usb_mtp_write_data of the MTP
    Closes: #911499, CVE-2018-17958
     Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
     because an incorrect integer data type is used
    Closes: #911470, CVE-2018-18438
     integer overflows because IOReadHandler and its associated functions
     use a signed integer data type for a size value
    Closes: #912535, CVE-2018-18849
     lsi53c895a: OOB msg buffer access leads to DoS
    Closes: #914604, CVE-2018-18954
     pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
     allows out-of-bounds write or read access to PowerNV memory
    Closes: #914599, CVE-2018-19364
     Use-after-free due to race condition while updating fid path
    Closes: #914727, CVE-2018-19489
     9pfs: crash due to race condition in renaming files
    Closes: #912655, CVE-2018-16847
     Out-of-bounds r/w buffer access in cmb operations
  * remove patches which were applied upstream
  * add new manpage qemu-cpu-models.7
  * qemu-system-ppcemb is gone, use qemu-system-ppc[64]
  * do-not-link-everything-with-xen.patch (trivial)
  * get-orig-source: handle 3.x and 4.x, and remove roms again, as
    upstream wants us to use separate source packages for that stuff
  * move generated data from qemu-system-data back to qemu-system-common
  * d/control: enable spice on arm64 (Closes: #902501)
    (probably should enable on all)
  * d/control: change git@salsa urls to https
  * add qemu-guest-agent.service (Closes: #795486)
  * enable opengl support and virglrenderer (Closes: #813658)
  * simplify d/rules just a little bit
  * build-depend on libudev-dev, for qga

 -- Christian Ehrhardt <email address hidden>  Tue, 08 Jan 2019 09:41:08 +0100

Upload details

Uploaded by:
Christian Ehrhardt  on 2019-01-25
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Disco release on 2019-01-30 main misc

Downloads

File Size SHA-256 Checksum
qemu_3.1+dfsg.orig.tar.xz 8.3 MiB 2f277942759dd3eed21f7e00edfeab52b4f58d6f2f22d4f7e1a8aa4dc54c80d7
qemu_3.1+dfsg-2ubuntu1.debian.tar.xz 164.0 KiB 04a3fe39d0d9615d810a06f6763ce420176fcc25e4515914b80b6d9f6a30051d
qemu_3.1+dfsg-2ubuntu1.dsc 6.7 KiB 60edfb863da27eee1d2a71ad85792adc08a94d92237d8bdd9edb787a5076c446

View changes file

Binary packages built by this source

qemu: fast processor emulator, dummy package

 QEMU is a fast processor emulator. Once upon a time there was only one
 package named `qemu', with all functionality included. These days, qemu
 become large and has been split into numerous packages. Different packages
 provides entirely different services, and it is very unlikely one will
 need all of them together. So current `qemu' package makes no sense anymore,
 and is becoming a dummy package.
 .
 If you want full system emulation of some architecture, install one or more
 of qemu-system-ARCH packages. If you want user-mode emulation, install
 qemu-user pr qemu-user-static package. If you need utilities, use qemu-utils
 package.
 .
 This package can safely be removed.

qemu-block-extra: extra block backend modules for qemu-system and qemu-utils

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides extra block device backend modules for qemu-system
 emulation and qemu-img from qemu-utils package, which are rarely used and
 has extra dependencies.

qemu-block-extra-dbgsym: debug symbols for qemu-block-extra
qemu-guest-agent: Guest-side qemu-system agent

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides a daemon (agent) to run inside qemu-system
 guests (full system emulation). It communicates with the host using
 a virtio-serial channel org.qemu.guest_agent.0, and allows one to perform
 some functions in the guest from the host, including:
  - querying and setting guest system time
  - performing guest filesystem sync operation
  - initiating guest shutdown or suspend to ram
  - accessing guest files
  - freezing/thawing guest filesystem operations
  - others.
 .
 Install this package on a system which is running as guest inside
 qemu virtual machine. It is not used on the host.

qemu-guest-agent-dbgsym: debug symbols for qemu-guest-agent
qemu-kvm: QEMU Full virtualization on x86 hardware

 QEMU is a fast processor emulator. This package provides just a wrapper
 script /usr/bin/kvm which run qemu-system-x86 in kvm mode for backwards
 compatibility.

qemu-system: QEMU full system emulation binaries

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This metapackage provides the full system emulation binaries for all supported
 targets, by depending on all per-architecture system emulation packages which
 QEMU supports.

qemu-system-arm: QEMU full system emulation binaries (arm)

 QEMU is a fast processor emulator: currently the package supports
 ARM emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following arm hardware: aarch64 arm.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-arm-dbgsym: debug symbols for qemu-system-arm
qemu-system-common: QEMU full system emulation binaries (common files)

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides common files needed for target-specific
 full system emulation (qemu-system-*) packages.

qemu-system-common-dbgsym: debug symbols for qemu-system-common
qemu-system-data: QEMU full system emulation (data files)

 This package provides architecture-neutral data files
 (such as keyboard definitions, icons) for system-mode
 QEMU emulation (qemu-system-*) packages.

qemu-system-gui: QEMU full system emulation binaries (user interface and audio support)

 This package provides local graphical user interface (currently GTK)
 and audio backends for full system emulation (qemu-system-*) packages.

qemu-system-gui-dbgsym: debug symbols for qemu-system-gui
qemu-system-mips: QEMU full system emulation binaries (mips)

 QEMU is a fast processor emulator: currently the package supports
 MIPS emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following mips hardware: mips mipsel mips64 mips64el.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-mips-dbgsym: debug symbols for qemu-system-mips
qemu-system-misc: QEMU full system emulation binaries (miscellaneous)

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, M68k (ColdFire), MicroBlaze, and SH4
 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 various other hardware which did not made into separate packages.
 Emulators for the following architectures are provided:
   alpha cris lm32 hppa m68k microblaze microblazeel moxie
  nios2 or1k riscv32 riscv64 sh4 sh4eb tricore xtensa xtensaeb unicore32.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-misc-dbgsym: debug symbols for qemu-system-misc
qemu-system-ppc: QEMU full system emulation binaries (ppc)

 QEMU is a fast processor emulator: currently the package supports
 PowerPC emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following PowerPC hardware: ppc ppc64.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-ppc-dbgsym: debug symbols for qemu-system-ppc
qemu-system-s390x: QEMU full system emulation binaries (s390x)

 QEMU is a fast processor emulator: currently the package supports
 s390x emulation. By using dynamic translation it achieves reasonable
 speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following s390x hardware: s390x.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-s390x-dbgsym: debug symbols for qemu-system-s390x
qemu-system-sparc: QEMU full system emulation binaries (sparc)

 QEMU is a fast processor emulator: currently the package supports
 SPARC emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following sparc hardware: sparc sparc64.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.

qemu-system-sparc-dbgsym: debug symbols for qemu-system-sparc
qemu-system-x86: QEMU full system emulation binaries (x86)

 QEMU is a fast processor emulator: currently the package supports
 i386 and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the full system emulation binaries to emulate
 the following x86 hardware: i386 x86_64.
 .
 In system emulation mode QEMU emulates a full system, including a processor
 and various peripherals. It enables easier testing and debugging of system
 code. It can also be used to provide virtual hosting of several virtual
 machines on a single server.
 .
 On x86 host hardware this package also enables KVM kernel virtual machine
 usage on systems which supports it.

qemu-system-x86-dbgsym: debug symbols for qemu-system-x86
qemu-user: QEMU user mode emulation binaries

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the user mode emulation binaries. In this mode
 QEMU can launch Linux processes compiled for one CPU on another CPU.
 .
 If qemu-user-binfmt package is also installed, it will register binary
 format handlers from this qemu-user package with the kernel so it will
 be possible to run foreign binaries directly. However, this might not
 be suitable for using inside foreign chroots, in which case it is
 possible to use qemu-user-static package instead of qemu-user-binmft, --
 qemu-user-static will register statically linked binfmt handlers instead.

qemu-user-binfmt: QEMU user mode binfmt registration for qemu-user

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides binfmt support registration for the user mode
 emulation binaries from qemu-user. This is an empty package, it does
 not contain any additional files, only registration scripts which run
 at install and remove times.

qemu-user-dbgsym: debug symbols for qemu-user
qemu-user-static: QEMU user mode emulation binaries (static version)

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides the user mode emulation binaries, built
 statically. In this mode QEMU can launch Linux processes compiled for
 one CPU on another CPU.
 .
 qemu-user-static package will register binary formats which the provided
 emulators can handle, so that it will be possible to run foreign binaries
 directly.

qemu-user-static-dbgsym: debug symbols for qemu-user-static
qemu-utils: QEMU utilities

 QEMU is a fast processor emulator: currently the package supports
 ARM, CRIS, i386, M68k (ColdFire), MicroBlaze, MIPS, PowerPC, SH4,
 SPARC and x86-64 emulation. By using dynamic translation it achieves
 reasonable speed while being easy to port on new host CPUs.
 .
 This package provides QEMU related utilities:
  * qemu-img: QEMU disk image utility
  * qemu-io: QEMU disk exerciser
  * qemu-nbd: QEMU disk network block device server

qemu-utils-dbgsym: debug symbols for qemu-utils