1.65. kvm

Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.

A data structure field in kvm_vcpu_ioctl_x86_get_vcpu_events() in QEMU-KVM was not initialized properly before being copied to user-space. A privileged host user with access to "/dev/kvm" could use this flaw to leak kernel stack memory to user-space. (CVE-2010-4525)

Red Hat would like to thank Stephan Mueller of atsec information security for reporting this issue.

These updated packages also fix several bugs. Documentation for these bug fixes will be available shortly in the "kvm" section of the Red Hat Enterprise Linux 5.6 Technical Notes, linked to in the References.

All KVM users should upgrade to these updated packages, which resolve this issue as well as fixing the bugs noted in the Technical Notes. Note: The procedure in the Solution section must be performed before this update will take effect.

Updated kvm packages that resolve several issues are now available.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. KVM can run multiple unmodified, virtualized guest Windows and Linux operating systems.

These updated kvm packages provide fixes for the following bugs:

* When a new virtual guest was created from a template, using Red Hat Enterprise Virtualization Manager on NFS storage, which was mounted remotely, it was handled by the qemu-img command. This operation took a considerable amount of time, about an hour for a 5-10GB image. With this update, the convert operation no longer results in poor performance and works as expected. ( BZ#629574)

* Previously, the debug info package was missing from kvm-qemu-img-83-164.el5_5.12. With this update, it is included. ( BZ#629635)

All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues.

Updated kvm packages that resolve several issues are now available.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. KVM can run multiple unmodified, virtualized guest Windows and Linux operating systems.

These updated kvm packages provide fixes for the following bugs:

* the virtio-blk back end for qemu-kvm performed unnecessary zeroing of memory on every I/O request, which reduced virtual guest performance. With this update, the virtio-blk back end avoids spurious zeroing of request structures on each I/O request, with the result that guest performance is increased. ( BZ#604159)

* in the kvm kernel module, some internal KVM memory slots were incorrectly being handled by copy-on-write after a fork() function call, which caused issues when qemu-kvm ran child processes. This update fixes the handling of internal KVM memory slots on fork() to avoid those issues. ( BZ#610341)

* when using the Network File System (NFS), lseek(SEEK_END) operations resulted in a GETATTR command being sent to th eserver, with the result that performance was reduced on disk images over NFS. With this update, the pread() and pwrite() functions are used instead of lseek(), read() and write(), with the result that performance is increased when using NFS. ( BZ#610344)

* following writing metadata to a QCOW2 disk image, metadata was not flushed, which could have potentially caused the disk image to become corrupted in the event of system disruption (such as a power outage). With this update, metadata is flushed after being written, thus increasing QCOW2 image integrity, and decreasing the likelihood of image corruption. ( BZ#612507)

* when using QCOW2 disk images, certain I/O operation or disk space depletion errors could potentially have caused image corruption or a virtual guest to stop running. This was due to the improper error-handling code for QCOW2 disk images. This has been fixed with this update so that the aforementioned types of errors are handled correctly, thus increasing QCOW2 disk integrity in such situations. ( BZ#612508)

All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues.

Updated kvm packages that address several issues are now available.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. KVM can run multiple unmodified, virtualized guest Windows and Linux operating systems.

These updated packages fix the following bugs:

* it was found that qemu-img rebase could corrupt output images under certain conditions, due to clusters being taken from the backing file rather than the COW file. qemu-image rebase now always gives clusters in the COW file priority over those in the backing file, resolving this issue. ( BZ#596378)

* for particular workloads, KVM would become stuck in an infinite loop while updating a guest page table entry (PTE). The qemu process used by qemu-kvm could not be killed, but continues to consume resources. This issue has been resolved. ( BZ#596381)

* a rare theoretical race condition was found in the pvclock code for setting the wallclock. An unprotected global variable was used to hold version data, allowing guests to interfere with one another if they would both write wallclock data at the same time. The race condition has been removed, and this issue is now resolved. ( BZ#596625)

* an error in a rarely used code path in the refcount table growth code of qcow2 caused inconsistencies in the metadata, which could lead to real data corruption later on. The corruption after refblock allocation was fixed, and this issue is now resolved. ( BZ#602363)

* after saving a guest snapshot and restarting it, guests failed to boot and suffered a kernel panic. This issue only occurred when guests used virtio block drivers and ran multiple requests at the same time. The qcow2 block driver lacked a synchronous version, which has been added, and the issue is now resolved. ( BZ#604188)

All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues.

Updated kvm packages that address several issues are now available.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. KVM can run multiple unmodified, virtualized guest Windows and Linux operating systems.

These updated packages fix the following bugs:

* when run on SMP systems, 64-bit Windows 2003 Server and 64-bit Windows 2008 Server only use the boot CPU for time-keeping, despite configuring the RTC interrupt for broadcast. KVM cannot tell, therefore, if the RTC interrupt can be used for time-keeping purposes or not. Consequently, 64-bit Windows 2003 Server and 64-bit Windows 2008 Server showed significant clock drift when run as guests on SMP systems. With this update, KVM now checks the RTC interrupt only on vcpu0, the 64-bit Windows 2003 Server and 64-bit Windows 2008 Server boot CPU when they run as SMP guests under KVM. ( BZ#577266)

* some Linux-based para-virtualised guests (eg Fedora 11 and Fedora 12) which accessed para-virtualised (PV) MMU page tables crashed during startup when launched on AMD-based hosts which had Rapid Virtualization Indexing (RVI, formerly known as Nested Page Tables or NPT) disabled. (RVI is AMD's hardware-assisted virtualization technology for allowing guests to modify their own MMU page tables. It was called NPT during development.)

The crash occurred because a system call made by such guests (via the hypercall driver) attempted to write to a read-only page. With this update, the PV MMU reporting capability was disabled and Linux-based guests which make these calls no longer cause KVM to inject a page fault and crash. ( BZ#578579)

* an error in irq_source_id size verification meant guest operating systems with eight assigned virtual functions (VF) hung on boot. This update corrects the error: verification is now done using bit numbers, not bytes and guests with eight VFs bound to the pci-stub driver boot (and can use the assigned virtual devices) as expected. ( BZ#579863)

* in some circumstances, memory was reported as still SwapCached and Cached even after all virtual machines were quit and all the processes whose memory had been swapped out were no longer running. Although this memory is eventually reclaimed by the system, available free memory is a factor in deciding which host to use when launching a virtual machine: inaccurately reported memory could result in sub-optimal host allocation. With this update, kvm explicitly removes old pages from swapcache if they are the last mapped page, ensuring reported free memory is accurate. ( BZ#581764)

* as part of the qcow2 image format, each cluster has an associate reference count (refcount) that takes two values: zero (free) and not-zero (in use). These refcounts are stored in a refcount block which, itself, has a refcount. Previously, the refcount of this refcount block was only updated after cluster refcount allocation had finished. If an I/O error occurred during refcount allocation, however, the not updated refcount block refcount could cause the qcow2 image to corrupt. With this update, the refcount block's refcount is automatically changed as cluster refcount allocation occurs, ensuring it is always accurate and protecting the qcow2 image in the event of I/O errors. ( BZ#581766)

* an abort() call was incorrectly added to an I/O error condition. As a consequence, in some circumstances, if a guest was writing a file and an I/O error occurred, the entire guest would crash. This update removes the call and corrects this regression. If the equivalent I/O error now occurs, the guest stops trying to write the file (and a "free_clusters failed" error is logged) but otherwise continues unaffected. ( BZ#586246)

All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues.