[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests
From: |
Simon John |
Subject: |
[Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests |
Date: |
Sat, 11 Jul 2020 21:34:39 -0000 |
Thanks Mark, what an interesting exercise that was - and sorry, didn't
know 5.1 was due.
So the git bisect revealed this:
$ git bisect good
5d971f9e672507210e77d020d89e0e89165c8fc9 is the first bad commit
commit 5d971f9e672507210e77d020d89e0e89165c8fc9
Author: Michael S. Tsirkin <mst@redhat.com>
Date: Wed Jun 10 09:47:49 2020 -0400
memory: Revert "memory: accept mismatching sizes in
memory_region_access_valid"
Memory API documentation documents valid .min_access_size and
.max_access_size
fields and explains that any access outside these boundaries is blocked.
This is what devices seem to assume.
However this is not what the implementation does: it simply
ignores the boundaries unless there's an "accepts" callback.
Naturally, this breaks a bunch of devices.
Revert to the documented behaviour.
Devices that want to allow any access can just drop the valid field,
or add the impl field to have accesses converted to appropriate
length.
Cc: qemu-stable@nongnu.org
Reviewed-by: Richard Henderson <rth@twiddle.net>
Fixes: CVE-2020-13754
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1842363
Fixes: a014ed07bd5a ("memory: accept mismatching sizes in
memory_region_access_valid")
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Message-Id: <20200610134731.1514409-1-mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
memory.c | 29 +++++++++--------------------
1 file changed, 9 insertions(+), 20 deletions(-)
** Bug watch added: Red Hat Bugzilla #1842363
https://bugzilla.redhat.com/show_bug.cgi?id=1842363
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13754
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1886318
Title:
Qemu after v5.0.0 breaks macos guests
Status in QEMU:
New
Bug description:
The Debian Sid 5.0-6 qemu-kvm package can no longer get further than
the Clover bootloader whereas 5.0-6 and earlier worked fine.
So I built qemu master from github and it has the same problem,
whereas git tag v5.0.0 (or 4.2.1) does not, so something between
v5.0.0 release and the last few days has caused the problem.
Here's my qemu script, pretty standard macOS-Simple-KVM setup on a
Xeon host:
qemu-system-x86_64 \
-enable-kvm \
-m 4G \
-machine q35,accel=kvm \
-smp 4,sockets=1,cores=2,threads=2 \
-cpu
Penryn,vendor=GenuineIntel,kvm=on,+sse3,+sse4.2,+aes,+xsave,+avx,+xsaveopt,+xsavec,+xgetbv1,+avx2,+bmi2,+smep,+bmi1,+fma,+movbe,+invtsc
\
-device
isa-applesmc,osk="ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc"
\
-smbios type=2 \
-drive if=pflash,format=raw,readonly,file="/tmp/OVMF_CODE.fd" \
-drive if=pflash,format=raw,file="/tmp/macos_catalina_VARS.fd" \
-vga qxl \
-device ich9-ahci,id=sata \
-drive id=ESP,if=none,format=raw,file=/tmp/ESP.img \
-device ide-hd,bus=sata.2,drive=ESP \
-drive id=InstallMedia,format=raw,if=none,file=/tmp/BaseSystem.img \
-device ide-hd,bus=sata.3,drive=InstallMedia \
-drive id=SystemDisk,if=none,format=raw,file=/tmp/macos_catalina.img \
-device ide-hd,bus=sata.4,drive=SystemDisk \
-usb -device usb-kbd -device usb-mouse
Perhaps something has changed in Penryn support recently, as that's
required for macos?
See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964247
Also on a related note, kernel 5.6/5.7 (on Debian) hard crashes the
host when I try GPU passthrough on macos, whereas Ubuntu20/Win10 work
fine - as does 5.5 kernel.
See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961676
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1886318/+subscriptions
- [Bug 1886318] [NEW] Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/05
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Mark Cave-Ayland, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests,
Simon John <=
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Michael Tokarev, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Mark Cave-Ayland, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/11
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Mark Cave-Ayland, 2020/07/12
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/12
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Mark Cave-Ayland, 2020/07/12
- [Bug 1886318] Re: Qemu after v5.0.0 breaks macos guests, Simon John, 2020/07/12