• previously, when anaconda could not read the extended display identification data (EDID) of a monitor, it reverted to text mode. However, EDID information is frequently not available on systems connected to Keyboard–Video–Mouse (KVM) switches. Therefore, when installing Red Hat Enterprise Linux 5 on a system with a KVM switch, installation would be constrained to text mode. Anaconda no longer checks for bad or missing EDID, and allows graphical installation to proceed even when this information is unavailable. Graphical installation on machines attached to KVM switches therefore continues as if them monitor were connected directly to the graphics adapter. (BZ#445486)
• previously, anaconda expected storage devices to be available immediately when it probed for the location of a kickstart file. On systems where USB storage might not be available immedately (for example, IBM BladeCenter systems), anaconda would not find the kickstart file and would prompt the user for its location. This interaction negated the usefulness of kickstart, since the installation could not then complete unattended. Anaconda now waits until it has probed five times or for more than 31 seconds before prompting the user for the location of a kickstart file. This allows USB storage enough time to respond and for kickstart to proceed unattended. (BZ#460566)
• previously, some user interface elements in the the Malayalam translation of anaconda overlapped. The overlapping elements disabled some buttons in the screen where anaconda lets users to choose a partitioning scheme for the system, and prevented installation from continuing. The text of the Malayalam translation has been shortened so that the interface elements no longer overlap. The buttons on the partitioning scheme screen now work correctly and allow installation to continue. (BZ#479353)
• during installation, anaconda automatically examines any storage device that has the label OEMDRV for driver updates and applies any updates that it finds there. Previously, anaconda searched for this label on the devices listed in /proc/partitions. However, /proc/partitions does not identify CD or DVD media, so anaconda overlooked optical disks that had the correct label. Anaconda now examines the devices listed in /sys/block. Therefore, anaconda correctly identifies CDs and DVDs labelled OEMDRV as driver discs and automatically applies any driver updates contained on them. (BZ#485060)
• previously, if anaconda required network access early in an installation (for example, to retrieve a kickstart file or driver disk image), it temporarily saved information about the network configuration while it enabled access to the network. However, if anaconda required network access again for a separate reason, it would not attempt to configure network access again, but would not be able to connect to the network either, because it no longer retained the configuration information that it had already used. Therefore, anaconda could not download both a kickstart file and a driver disk image over a network. Anaconda now retains the network configuration that it obtains early in the installation process, and can reuse this information multiple times. Therefore, anaconda can use more than one resource obtained over a network during installation. (BZ#495042)
• previously, while upgrading a system, anaconda did not check whether packages marked for installation as dependencies were already installed on the system. Consequently, many packages would be reinstalled during an upgrade, wasting time and, in the case of network installations, bandwidth. Now, when performing an upgrade, anaconda matches the packages to be installed against the packages that are already installed. Any packages with the same Name, Arch, Epoch, Version, Release (NAEVR) as a package already on the system are skipped and not reinstalled. (BZ#495796)
• previously, anaconda did not specify a value for HOTPLUG when writing the system's networking configuration files, although it did write a value for ONBOOT. Because HOTPLUG is enabled by default, the effect of disabling ONBOOT was limited because any interface not activated at boot time would be enabled anyway whenever probed by the system. Anaconda now writes a value for HOTPLUG, setting it to the same value as ONBOOT. Therefore, any network interface not meant to be enabled at boot time will not be automatically enabled by probing either. (BZ#498086)
• the part kickstart command accepts an option called --label that allows a label to be applied to a disk partition during a kickstart installation. However, the code that implemented this option was previously missing from anaconda. Any label specified in a kickstart file was therefore ignored. Anaconda now includes code to transfer the specified label from the kickstart file to the disk partition. Users can now label disk partitions during kickstart installations. (BZ#498856)
• when running in rescue mode, anaconda previously lacked the ability to identify partitions on logical volumes if the partitions were identified in fstab by label rather than by device name. Therefore, if the root (/) partition were identified in this way, the usefulness of rescue mode would be limited. Anaconda in rescue mode now uses the getLabels() method to find partitions and therefore properly detects root partition even if it resides on a logical volume and is identified by label in fstab. (BZ#502178)
• previously, the help text available while configuring NETTYPE for IBM System z systems did not mention HiperSockets. Users new to System z might therefore not have known to choose qeth to configure HiperSocket interfaces on their hardware. The help text has now been updated to indicate the correct choice and users can select the appropriate option. (BZ#511962)
• when the RUNKS was set to 0 in the CMSCONFFILE file on IBM System z systems, anaconda should have performed an installation in interactive mode. However, a rewrite of linuxrc.s390 changed the behavior of RUNKS and led to anaconda ignoring this variable. Installation would therefore proceed in non-interactive mode regardless of what value was set in CMSCONFFILE. A new test is now included in the version of linuxrc.s390 in Red Hat Enterprise Linux 5.5 so that anaconda honors RUNKS=0 and performs an interactive install if this value is set. (BZ#513951)
• by design, anaconda recognizes any block device with the label OEMDRV as a driver disc and searches it for a driver update. However, anaconda previously failed to examine dev nodes and therefore, it would not recognize this label on USB storage devices mounted as a partitionless block devices. Anaconda now examines dev nodes for the label OEMDRV and treats them the same as partitions with this label. It is therefore possible to use a partitionless device as a driver disc. (BZ#515437)
• previously, anaconda did not reinitialize its record of the partition layout on a system when users clicked the back button from the partitioning screen. Therefore, when a user selected a partition layout, went back to an earlier screen, and then went forward again to choose a different partition layout, anaconda would attempt to implement the new partition layout over the previously-selected partition layout instead of the partition layout actually present on the system. This would sometimes result in a crash. Now, when users step backwards from the partitioning screen. anaconda reinitializes its record of the partitions present on the system. Users can therefore change their minds about partitioning options without crashing anaconda. (BZ#516715)
• systems store information about iSCSI targets to which they are connected in the iSCSI Boot Firmware Table (iBFT) in BIOS. Previously, however, when anaconda installed Red Hat Enterprise Linux 5 from a local installation source such as a CD, DVD, or hard disk, it would not initialize network connections before asking users to configure storage on the system. Therefore, on systems with iSCSI storage, users would have to configure a network connection manually before proceding with installation, even when this information was already available to anaconda in the system BIOS. Now, when anaconda detects a valid iBFT present on a system, it automatically loads the network configuration specified there and does not requre users to enter this information. Installation from local media on systems with iSCSI storage is therefore simpler and more reliable. (BZ#517768)
• due to faulty logic, anaconda previously did not parse IPv6 addresses correctly and attempted to read the final byte of the address as a port number. It was therefore not possible, for example, to install on an iSCSI target specified by in IPv6 address. The logic by which anaconda parses IP addresses has now been corrected, but now requires IPv6 addresses to be specified in the [address]:port form to comply with the relevant RFCs. This form removes ambiguity, since IPv6 addresses are still valid if they omit a sequence of bytes with zero values. When IPv6 addresses are specified in this format, anaconda parses them correctly and installation continues as normal. (BZ#525054)
• comments in kickstart files are marked with a pound symbol (#) at the start of the line. However, anaconda did not previously account for the possibility that users might mark a comment with multiple pound symbols (for example, #####). Anaconda would therefore attempt to parse lines that started with multiple pound symbols and installation would fail. Anaconda now recognizes lines that start with multiple pound symbols as comments and does not attempt to parse them. Users can now safely mark comments in kickstart files in this way. (BZ#525676)
• to avoid a circular dependency that exists between the ghostscript and ghostscript-fonts packages, anaconda ignored ghostscript's dependency on ghostscript-fonts. However, ghostscript-fonts was not explicitly installed as part of the Printing package group. The usefulness of Ghostscript as installed by anaconda was therefore limited. Anaconda still avoids the circular dependency, but now specifically installs ghostscript-fonts when users select the Printing package group. (BZ#530548)
• previously, anaconda did not automatically instruct the kernel to check for multipath devices when installing on IBM System z systems. Therefore, unless users booted with the mpath boot option, iSCSI devices detected on more than one path would be represented in the installer multiple times, one for each path. Anaconda now automatically loads the mpath boot option and therefore represents multipath devices correctly. (BZ#538129)
• Dell PowerEdge servers equipped with the SAS6i/R integrated RAID controller use BIOS Enhanced Disk Drive Services (EDD) to identify the storage device from which to boot the operating system. Previously, anaconda did not parse EDD to identify the correct boot device. Consequently, with a RAID 0 and RAID 1 configured on the system, anaconda would choose the wrong device and the system would not be bootable. Anaconda now parses EDD to support the SAS6i/R integrated RAID controller, so that it selects the correct boot device for systems that use this device. (BZ#540637)
• previously, anaconda would always attempt to reconstruct pre-existing Logical Volume Management (LVM) devices during installation. Anaconda would attempt to recreate the LVM device even when a user cleared the LVM partitions from one or more of the disks that held partitions that formed part of a volume group. In this case, installation would fail. Now, anaconda no longer attempts to reconstruct incomplete LVM devices. Users can therefore safely re-allocate storage that was once part of a volume group and installation will proceed as expected. (BZ#545869)
• when ksdevice=link is set in a kickstart file, anaconda should automatically select the first available network interface and use it during installation. This avoids the need for user input and allows installation to proceed unattended. However, if interfaces were in a state where anaconda could not determine their status, anaconda would revert to interactive more and prompt the user to select a network interface, thus making unattended installation impossible on systems where network interfaces could be in such a state. Anaconda now forces the network interfaces on the system into IFF_UP and IFF_RUNNING states before it attempts to obtain link status. Because the interfaces are now in a state where they can report their link status to anaconda, Anaconda can automatically choose one to use during installation and kickstart installations can proceed unattended. (BZ#549751)
• previously, when installing on IBM System z systems, anaconda assumed that the network gateway was unreachable if its attempt to ping the gateway timed out after 10 seconds. Anaconda would then prompt the user to select a gateway. However, if IPADDR in the conf file has changed recently, network interfaces take longer to respond. Anaconda now prompts the user only when three pings have failed and therefore avoids prompting the user for gateway information that is already correctly specified in the conf file. (BZ#506742)

• after transferring installation files to a z/VM guest, a user must execute a series of Conversational Monitor System (CMS) commands to IPL the zLinux installation. These commands can be scripted, but no such script was previously included with Red Hat Enterprise Linux 5. The lack of a readymade script made installation more difficult for users unfamiliar with CMS commands. The CMS script for starting the install process on z/VM is now included in the Red Hat Enterprise Linux 5 images, simplifying installation. (BZ#475343)
• anaconda now loads the Brocade BNA Ethernet Controller driver, and supports Brocade Fibre Channel to PCIe Host Bus Adapters. (BZ#475707)
• previously, anaconda did not offer users the opportunity to configure NFS options during interactive installation (although these could be configured in kickstart files). Users who needed to fine-tune NFS parameters for installation were therefore forced to run an unattended installation. Now, anaconda presents users who select NFS installation with a dialog in which they can configure NFS options to suit their needs. (BZ#493052)
• previously, it was not possible to configure hypervisor parameters during a kickstart installation. As a result, users needed to specify hypervisor parameters manually after installation, negating the usefulness of kickstart as as a mechanism for unattended installations. Now, anaconda recognizes a new kickstart option, --hvargs and sets Hypervisor parameters accordingly. (BZ#501438)
• previouisly, during a kickstart installation when multiple multipath LUNs were available, anaconda would automatically choose the LUN with the lowest ID number for the root device. Users had no ready way to customize this behavior. Now, anaconda supports a multipath kickstart command with --name and --device options that allow users to specify a LUN for root. (BZ#502768)
• anaconda can retrieve kickstart files from FTP servers. Previously, however, anaconda did not support users specifying authentication credentials to access an FTP server. Therefore, if access to the server were protected by a passphrase, anaconda could not retrieve the kickstart file. Now, when specifying the location of a kickstart file with the ks= boot option, users can provide a passphrase to allow anaconda to retrieve the kickstart files fom a protected server. (BZ#505424)
• previously, troubleshooting errors that occurred while running %pre and %post kickstart scriptlets was very difficult because anaconda did not log the behavior of these scriptlets. Anaconda now copies %pre and %post kickstart scriptlets to /tmp together with a log. These records make troubleshooting kickstart installations easier. (BZ#510636)
• Reipl is a kernel feature that instructs IBM System z systems where to boot next, as these systems do not have a default boot location. Anaconda did not previously support Reipl, which meant that during installation, users had to specify a boot location manually between different phases of the installation. Anaconda now supports Reipl, so these reboots can happen automatically. (BZ#512195)
• NPort ID Virtualization (NPIV) presents one physical Fibre Channel adapter port to the SAN as multiple WWNN/WWPN pairs. Anaconda now supports NPIV, which allows users on PowerPC systems to install to a NPIV LUN. (BZ#512237)
• the Python executables that make up anaconda now all explicitly use the system Python (#! /usr/bin/python instead of #! /usr/bin/env python). This ensures that anaconda functions correctly when more than one Python stack is present on a system. (BZ#521337)
• anaconda now supports the Emulex OneConnect iSCSI network interface card. (BZ#529442)
• anaconda now supports PMC Sierra MaxRAID controller adapters. (BZ#532777)
• although users have been able to specify package groups for installation in kickstart files, using the @ prefix, it was not possible to exclude package groups from installation, only individual packages. Anaconda now supports excluding package groups with the -@ prefix (BZ#558516)
• anaconda now loads the xorg-x11-qxl-drv and xorg-x11-ast-drv X11 video drivers as required. xorg-x11-qxl-drv supports the qemu QXL video accelerator when installing Red Hat Enterprise Linux 5 as a guest operating system. xorg-x11-ast-drv supports ASPEED Technologies video hardware. (BZ#567666)

• If an included map read failed, autofs returned an error and subsequent master map entries were not read. This update reports the failure in the log but master map reading no longer ceases. (BZ#506034)
• autofs could segfault if it called xmlCleanupParser concurrently from multiple threads, as this function is not re-entrant. autofs has been changed to call this function only once from its main thread, when the application exits. (BZ#513289)
• autofs could segfault at startup when using LDAP under certain circumstances. autofs would fail to try and retrieve a query dn if:
  • LDAP is being used to store autofs maps and...
  • The LDAP schema to be used for the maps is explicitly defined in the autofs configuration and...
  • No master map entries exist in LDAP.
  This set of conditions would return success instead of failure. This update fixes the get query dn failure. (BZ#572603)
• If a master map entry is changed in any other way besides the map name (for example, map wide options) the system encountered two application data structures for the "same" map during a map re-read. If the contents of that map has also changed, a deadlock can occur.
  Having the duplicate data structure also caused entries in the problem map to be umounted. Since direct mount maps have a distinct autofs mount for each entry direct mount they appeared to stop working. This update corrects this behaviour. (BZ#514412)
• autofs would block for several minutes when attempting to mount from a server that was not available. A new mount_wait parameter has been added to prevent this block. This update requires SELinux policy 255 or later. (BZ#517349)
• The autofs parser objected to locations containing the characters '@' and '#' (Lustre and sshfs mounts) causing the mount request to fail. This update allows autofs to parse these characters and mount successfully. (BZ#520745)
• Due to an incorrect system call an error message stating "Operation not permitted" would be returned when attempting to mount an unknown hostname. This call has been corrected and autofs now returns "hostname lookup failed" as would be expected. (BZ#533323)
• A typing error in the usage text of the autofs service script has been corrected. (BZ#534012)
• When changing the timed wait from using select(2) to poll(2) in the non-blocking TCP connection function, to overcome the 1024 file handle limit of select(2), the wait timeout was not correctly converted from seconds to milliseconds. This update corrects the problem. (BZ#539747)
• autofs failed to mount locations whose path depended on another local auto-mounted mount. Dependent mounts are triggered by calling access(2) on the mount location path prior to mounting the location. The check for whether a location was a local path was restrictive and didn't cater for all cases. This has now been fixed. (BZ#537403)
• Inter-operability between autofs and some non-open source LDAP servers was impaired when a SASL authenticated connection was used over muliple bind and unbind operations. autofs has been updated use distinct authentication connection for each server it binds to. (BZ#537793)
• autofs failed to load its maps if all LDAP servers were down, or unreachable, when the daemon started. The dependency on an LDAP server being available at startup has been removed. This change resolved the issue of the map server being unreachable for some common usage cases. (BZ#543554)
• The random selection option used with mount locations that have multiple servers was not being set correctly during the paring of master map entries. If specified as a mount option in master map entries the option is now used as has been requested. (BZ#548476)
• Setting the expire timeout to 0 was causing autofs to constantly schedule expire runs leading to excessive resource usage and preature umounting of mounts. Setting the timeout to 0 should in fact disable expiry of mounts and this update fixes this incorrect behavior. (BZ#548277)
• autofs would abort when using DIGEST-MD5 authentication under heavy concurrent access. This was caused by autofs not providing the locking functions required by the cyrus-sasl library. In addition the cyrus-sasl library locking functions contained a race which sometimes lead to a deadlock. This update adds the needed locking functions to autofs and passes them to cyrus-sasl at initialization. The bug in the cyrus-sasl library is fixed in cyrus-sasl-lib 2.1.22-5.el5.el5_4.3 and later which is required for the update to install if cyrus-sasl is also installed. (BZ#559430)

Security fixes:

• A flaw was found in sctp_packet_config() in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could use this flaw to cause a denial of service. (CVE-2010-3432, Important)
• A missing integer overflow check was found in snd_ctl_new() in the Linux kernel's sound subsystem. A local, unprivileged user on a 32-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3442, Important)
• A heap overflow flaw in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation could allow a local, unprivileged user to escalate their privileges. (CVE-2010-3859, Important)
• An integer overflow flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3865, Important)
• A flaw was found in the Xenbus code for the unified block-device I/O interface back end. A privileged guest user could use this flaw to cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-3699, Moderate)
• Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate)
• A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for monitoring the sockets of INET transport protocols. By sending a netlink message with certain bytecode, a local, unprivileged user could cause a denial of service. (CVE-2010-3880, Moderate)
• Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)
• The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243 introduced a regression. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4161, Moderate)
• A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)
• It was found that a malicious guest running on the Xen hypervisor could place invalid data in the memory that the guest shared with the blkback and blktap back-end drivers, resulting in a denial of service on the host system. (CVE-2010-4247, Moderate)
• A flaw was found in the Linux kernel's CPU time clocks implementation for the POSIX clock interface. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4248, Moderate)
• Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3876, CVE-2010-4083, Low)

• Setting the cpu_set variable to 1 online in the qemu Monitor and then shutting down the guest would cause the host or the guest to crash. The updated package resolves this issue and prevents the host or guest from crashing in this scenario. (BZ#487857)
• The KVM configure script would not abort if the correct options were not enabled. The KVM configure script now verifies features are enabled or disabled by the configure script and aborts if the features was not loaded as requested. (BZ#489900)
• The para-virtualized network drivers (virtio-net) lacked non-maskable interrupt (NMI) injection masking on AMD-based hosts. This caused Windows XP guests using the para-virtualized network driver could fail with a Blue Screen error during certain tests. The updated packages resolve this issue. (BZ#492290)
• Timer events were processed before entering guest mode. This meant that certain timer events may not have been processed. Timer events are now processed in the main VCPU event loop so timer events are processed while the VCPU is halted. Timer events may inject interrupts or non-maskable interrupt (NMI) which will then unhalt the VCPU. This fixes the issue of unconditionally unhalting the VCPU. (BZ#492663)
• If one or more VCPUs was disabled, VCPUs would appear in Windows Server 2008 Device Manager as devices with the ! symbol indicating an error. Windows does not handle CPUs marked as present (bit 0 in ACPI spec), but not enabled (bit 1), which causes this issue.
  However, there are situations where Linux expects CPUs to be present but not enabled. This is a heuristic test used by Linux to determine if a CPU is hot-pluggable.
  The updated package fixes virtualized CPU detection for Windows but breaks the ability to hot-add CPUs into Linux guests. (BZ#495844)
• Using the numeric keypad of a keyboard with or without Num Lock produced erroneous input on guests accessed with VNC through the QEMU monitor application. The number pad keys should now work for input on guests accessed with VNC. (BZ#497507)
• An unhandled interrupt from the kvm_vcpu_block() call unhalted a VCPU outside of the interrupt window. As a consequence, when the "there is no bootable disk" error presented the qemu process used 100% of the available CPUs. The updated packages resolve this issue and the interrupt is now handled correctly. (BZ#502086)
• Windows Server 2008 R2 guests would hang after a restart if the guest was created with multiple VCPUs. This was caused by not properly filtering non-maskable interrupts (NMIs) from the guests during the restart procedure. The updated packages fix this issue and Windows Server 2008 R2 guests can successfully use multiple VCPU. (BZ#502543 BZ#503322)
• Migrating a paused guest caused the guest to resume at the destination. Paused guests now remain paused after a migration. (BZ#503367)
• Multiple virtualized guests using the hypercall device resulted in one or more of the guests using 100% of their assigned CPUs or becoming unresponsive. The updated packages fix the hypercall device, preventing this issue. (BZ#503759)
• VCPUs were not reported correctly to Windows XP guests. On the Windows XP guest the number for CPUs listed in Task Manager was lower than the number of CPUs assigned to the guest. Windows XP guests should now use and display the number of VCPUs assign if the guest can handle that number of CPUs. (BZ#508040)
• A segmentation fault occurred when a guest used a i82551 emulated network interface card was used. The segmentation fault is fixed in the packages. (BZ#510706)
• Creating guests that use both 64k and 4k image block cluster sizes and virtualized IDE as the storage device driver would cause a segmentation fault in the qemu-kvm process. The updated packages resolve this issue. (BZ#542923)
• Running the migrate_set_speed command in the QEMU console after running migrate_cancel causes segmentation fault in KVM. The updated packages fix this issue and the code causing the segmentation fault is fixed. (BZ#522887)
• A segmentation fault occurred when using the qemu-img rebase command to rebase an image snapshot. (BZ#563141)
• The qemu-img rebase command failed with an "Operation not supported" error message when it was run on locally-attached block devices. (BZ#569762)
• The qemu-img command failed to copy a RAW image to a Fibre Channel storage device. The qemu-image command can now copy, convert and create images on Fibre Channel storage devices. (BZ#511072)
• Storage I/O errors were processed out of order causing the guest to change state or crash unexpectedly. The guest state handlers now process storage I/O errors in the proper order. (BZ#514522)
• A guest would occasionally not accept keystrokes or mouse clicks after rebooting. The updated package resolves this issue and user interactions are accepted after repeatedly rebooting guests. (BZ#515275)
• In rare instances, certain virtualized guests could lock up while requesting a raw_pread system call. The offset was larger than the file size of the read failures which causes the system to infinitely loop I/O requests. This could, in certain circumstances lead to file system corruption on virtualized guests. The updated pacakges add a result test which prevents the infinite request loop. (BZ#515655)
• The guest could change the QXL device ROM which could result in memory corruption. The updated packages prevent the guest from modifying the QXL device ROM. (BZ#537888)
• The MRS storage array (msrs) in kvm_arch_save_regs() function. The array was sized too small for the function and may cause stack corruption. (BZ#528917)
• Incorrectly handled I/O errors could cause guests file system corruption when using the para-virtualized block drivers and IDE emulation of NFS storage. The updated packages resolve this issue and host I/O errors will pause the guest instead of causing file system corruption. (BZ#531827)
• With Red Hat Enterprise Virtualization, the virtio_blk_dma_restart_bh() function previously handled write errors. The function was not updated for this, causing read errors to be resubmitted as writes. This caused guest image corruption in some cases.
  Additionally, the return values of the bdrv_aio_write() and bdrv_aio_read() functions were ignored. If an immediate failure occurred in one of these functions, errors would be missed and the guest could hang or read corrupted data. (BZ#552487)
• with Red Hat Enterprise Virtualization, guests continued to run after encountering disk read errors. This could have caused guest file systems to corrupt (but not the host's), notably in environments that use networked storage. With this update, the qemu-kvm command's -drive "werror=stop" option now applies not only to write errors but also to read errors. When using this option, guests will pause on disk read and write errors.
  By default, guests managed by Red Hat Enterprise Virtualization use the "werror=stop" option. This option is not used by default for guests managed by libvirt. (BZ#533390)
• KVM would crash or fail to boot when attempting to assign 64GB of memory to 32-bit guests using PAE. KVM now supports addressing up to 48 bits of physical memory with PAE. (BZ#516545)
• Windows Server 2003 32-bit guests assigned more than 4GB of RAM would crash after rebooting the guest. The updated packages resolve this issue and Windows Server 2003 32-bit guests can be assigned more than 4GB of RAM. 32-bit guests may not be able to use more than 4GB of RAM, refer to the guest operating system's documentation. (BZ#516762)
• 64-bit guests would hang on an AMD host if one or more of the guest's VCPUs were changed from offline to online. This issue is resolved in the updated package. (BZ#525699 and BZ#517223)
• When using the virtual vm8086 mode, bugs in the emulated hardware task switching implementation may have caused older guest operating systems to malfunction. (BZ#517324)
• An "unhandled vm exit: 0x31 vcpu_id 0" error message could appear when installing certain guest operating systems, such as SUSE Linux Enterprise Server 11, using a para-virtualized block device (virtio-blk). The updated packages resolve this issue and installation with the para-virtualized drivers is supported and working. (BZ#518081)
• The __kvm_mmu_free_some_pages list was not verified empty before it was used. The updated package verifies the __kvm_mmu_free_some_pages list is empty before attempting to look at list entries. (BZ#519397)
• Windows Server 2008 64 bit guests use a cr8 call which executed a vmexit call. This caused performance issues for Windows Server 2008 guests. The updated packages use a different call method to handle cr8 calls which significantly improves the performance of Windows Server 2008 64 bit guests. (BZ#520285)
• When attempting to resume from hibernate with Windows Server 2003 guests, KVM would attempt to stop the QEMU emulated audio device which was not activated. This caused a "snd_playback_stop: ASSERT playback_channel->base.active failed" error message to appear and the resume process to fail and the guest to crash. The updated package resolves this issue. (BZ#520394)
• Time drift may have occurred in Windows guests that use the IOAPIC interrupt for timing. The updated packages resolve this issue and Windows guests should now keep time accurately. (BZ#521025)
• Windows Server 2003 (32-bit and 64-bit) guests may have experienced time drift. (BZ#543137)
• On AMD hosts, Window Server 2008 R2 Datacenter guests would stop during the installation at the step "Setup will continue after restarting your computer". This issue is resolved and Windows Server 2008 R2 Datacenter guests now successfully install. (BZ#521749)
• Resetting the PCI status of a para-virtualized network device (virtio-net) would cause KVM to crash. This issue is resolved the the updated packages. (BZ#521829)
• The German keyboard map was missing some keys in when accessing a guest with VNC. The German keyboard map now contains all keys when accessing guests with VNC. (BZ#521835)
• When a guest issued an Inter-processor Interrupt (IPI) call, the call would cause KVM to issue a global IPI call on the host. The global IPI call interrupts all processors instead of just those assigned to the guest. The updated packages resolve the issue by using the kernel's IPI handling functions instead of emulating the IPI handler. (BZ#524970)
• KVM and virtualized guests would become unresponsive due to waiting infinitely for an aio threads to return. The updated packages resolve this issue by correctly timing out threads which do not return. (BZ#525114)
• The host KVM process could crash or use 100% of the allocated CPUs when a guest with more than one VCPU received high volumes of network traffic through a device using the para-virtualized network drivers (virtio-net). This issue is resolved in the updated packages. (BZ#525323)
• KVM did not change the pacakge address of the etherboot .zrom file. KVM would always used the default, the ne.zrom file. Guests could not get an IP address or access PXE servers. The updated packages resolve this issue and guests can access PXE server when using non-default network devices. (BZ#526124)
• KVM could generate invalid memory types in Memory Type Range Registers (MTRR) and Page Attribute Tables (PAT). This could be used by guests running random code to possibly store (and later use) a random MTRR type. The updated package prevent these invalid memory types from being created. (BZ#526837)
• An error in the Makefile prevented users from using the source RPM to install KVM. (BZ#527722)
• Linux guest initrd images greater than 4GB would cause the guest to crash. KVM now limits the size of initrd images to less than 4GB. (BZ#529694)
• If the qemu-kvm command's -net user option was used, unattended Windows XP installations would not receive an IP address after rebooting. The guest requests a second DHCP address which makes the list of free DHCP addresses run out much quicker. This issue is fixed by reassigning the same addressed requested with DHCP to the guest after the guest reboots. (BZ#531631)
• The para-virtualized clock (pvclock) Mode-specific register values were not preserved after a migration. This issue also affected the para-virtualized clock when a guest was saved and restored. These drivers not being saved could cause the guest's time keeping to become significantly skewed after restoring or migrating the guest. In the updated packages, the MSR values are preserved when a guest is saved and restored, and for migrations. (BZ#531701)
• Installing Windows Server 2008 R2 from an ISO image could result in a blue screen "BAD_POOL_HEADER" stop error. (BZ#531887)
• Running certain test functions on Windows 7 guests caused a blue screen "HAL_RTC_IRQF_WILL_NOT_CLEAR" stop error. (BZ#556455)
• Windows Server 2003 R2 Service Pack 2 32-bit guests using the para-virtualized block drivers could crash with an unhandledvm exit error during reboot. The hypervisor now handles this error, resolving the issue. (BZ#532086)
• After restoring a migrated Windows Server 2008 R2 guest, a race condition caused the guest to hang during the shut down sequence. The updated packages resolve this issue and Windows Server 2008 R2 guests will successfully shut down when requested after a migration. (BZ#533090)
• a bug in the grow_refcount_table() error handling caused infinite recursion in some cases. This caused the qemu-kvm process to hang and eventually crash. (BZ#537075)
• Full I/O error codes were not passed up to the host or the Red Hat Enterprise Virtualization Manager. Accurate I/O error codes are now forwarded to the user and management tools. (BZ#537077)
• There was a regression in the qemu-img command, Fibre Channel devices could not be formatted using RAW or use preallocated RAW devices. The qemu-img command is updated to handle Fibre Channel devices in the RAW format. (BZ#537655)
• Guests could not eject CD-ROMs from physical CD-ROM drives attached to the guest. The updated packages resolve this issue and guests can now eject CD-ROMs from physical CD-ROM drives. (BZ#539250)
• The qcow2 file format unnecessarily rounded up the length of the backing format string to the next multiple of 8. The array in BlockDriverState can only store 15 characters, causing backing formats with 9 characters or more to fail. This issue effected devices using the host_device format. The updated packages resolve this issue by determining the length of the backing format of qcow2 devices. (BZ#540893)
• Migrations could fail due to invisible physical CPU states. A new set of IOCTL exports report user-invisible states related to exceptions, interrupts, and Non-Maskable Interrupts (NMIs). These functions allow management tools to prevent this type of failed migration. (BZ#541084)
• Guests could not PXE boot with gPXE and an emulated e1000 network interface card. The updated packages fix this issue and guests can boot images using gPXE and the emulated e1000 driver. (BZ#543979 and BZ#550265)
• The KVM process could become non-responsive if a networked or local connect to the QXL driver was lost while the driver was running. This cause a "qxl_display_update: waiting for command" error message to be printed in the logs. The updated packages resolve this issue. (BZ#544785)
• The qemu-kvm man page incorrectly described the qcow2 default as cache=writeback. The default is cache=none for qcow2 images and cache=writethrough for all other disk types. The man page for qemu-kvm has been updated to reflect this. (BZ#545194)
• KVM did not verify if barriers were required for migration. KVM now verifies if barriers are required for guest migration and disables barriers if they are not required. (BZ#549938)
• The hypercall driver for Windows guests did not reset the device when the guest was shut down or rebooted. This occasionally caused the driver to use 100% of the CPU and cause the guest to hang. (BZ#550755)
• The kvm-qemu-img command failed to convert sparse RAW image files to qcow2 sparse snapshot image files. (BZ#558195)
• Migration with the -M rhel5.5.0 parameter did not work for migration to or from Red Hat Enterprise Linux 5.5. Migration with the -M parameter is now supported and functional. (BZ#559163)
• Removed a warning message which appeared when the -initrd option was used. (BZ#512672)
• The KVM kernel module would panic if the paging64_sync_page() call was executed on a system using PCI passthrough devices. This kernel panic error could occur if a guest with an attached PCI device was started. The updated packages resolve this issue. (BZ#566385)
• Various issues with compiling the KVM modules and packages. (BZ#533453,BZ#533059, BZ#539589 and BZ#533197)
• Removed a debugging message qemu_popen: returning result of qemu_fopen_ops that displayed when saving a virtualized guest state into a compressed file. (BZ#530533)

• Support for migration and image compatibility between Red Hat Enterprise Linux 5.4.4 and Red Hat Enterprise Linux 5.5 hosts. (BZ#553187 and BZ#557327)
• The KVM hypervisor does not accept MSR_KERNEL_GS_BASE intercept calls for Windows Server 2008 guests. This improves performance of Windows Server 2008 guests under heavy loads. (BZ#488130)
• qcow2 now uses 64Kb as the default block cluster size instead of 4Kb blocks which improves performance for guests using qcow2. (BZ#502809)
• Various unsupported features of the qemu-kvm command are now compiled out of the kvm pacakges. (BZ#516672)
• Support for migration from older hypervisors which use versions of savevm with additional fields which are not supported by newer versions. This feature is required for migrations from older hypervisors to newer versions of KVM. (BZ#541731)
• Significantly improved performance of qcow2 devices using the cache=off parameter. (BZ#518169)
• Support for guest access to advanced CPU extensions, including: SSE4.1, SSE4.2 and SSE4a. (BZ#518090)
• SMBIOS table 4 data is now generated for Windows guests. (BZ#537178)
• The cache flushing command was changed from fsync to fdatasync. This allows write caches to be exposed to guests and allows the guest to request for flushing I/O buffers. This improves I/O performance for some guests. (BZ#537646)
• KVM can now use gPXE or etherboot roms stored in the /usr/share/qemu-pxe-roms directory. (BZ#546019 and BZ#550053)
• Support for changing the file format of an in-place backing file. (BZ#530134)
• Support for Red Hat Enterprise Linux 3.9 guests running the para-virtualized drivers. (BZ#536749)
• The QXL driver now supports setting resolutions of 1024x576 and 1024x600. (BZ#552240)

• On Xen guests, the netfront and RTL8192 network drivers could run concurrently, bringing up two network interfaces where only one was configured. The two interfaces would share the same MAC address and could cause networking difficulties. Support for a netfront interface model has been added, meaning only the single netfront interface is configured.
  BZ#483884
• The storage pool deletion routine did not distinguish between files and directories when removing data. As a result, inactive storage pools could not be deleted. With this update, files and directories are removed appropriately, allowing inactive storage pools to be deleted.
  BZ#496579
• When adding a new physical host PCI device, libvirt would not attempt to reset the PCI bus if other functions or devices were present on the same bus. Some PCI devices could not utilized for virtualization as a result. Attempts to reset the PCI bus will now be made, allowing affected devices to be used for virtualization.
  BZ#500213
• Devices attached to a guest in managed mode were not automatically re-attached to the host OS when the guest shut down. Manual intervention was required to use these devices again when the guest is re-started. Managed mode devices will now be re-attached to the host when the guest shuts down, allowing them to be automatically used when the guest is re-started..
  BZ#500217
• The Xen driver was not checking that guest domains with the same UUID also had the same name. Using the virsh edit command to change the name of a Xen domain would make a new copy of the configuration file with the new name, but not alter the original configuration file. UUIDs and names for guest domains are now checked to ensure they match. Attempting to change the name of a domain using the virsh edit command will now return an error message and not make any change to the system.
  BZ#504262
• Valid values for the credit scheduler parameter are in the range 0-65534. A value of 65535 was being accepted as valid, but would not alter the scheduler configuration. With this release, only values within the valid range are accepted.
  BZ#504914
• Using the info command to change memory values on a KVM guest showed that inactive KVM guest memory was not being reported correctly. Memory reporting for unused domains was corrected in the qemu driver and the info command now returns the correct value.
  BZ#508266
• Running the command virsh vol-key volname was sometimes resulting in a segmentation fault. A change was made to the way pool objects are handled and the key lookup no longer crashes.
  BZ#509293
• Using the pool parameter with the virsh vol-path command would result in errors. The virsh vol-path command was altered to support the pool parameter and the errors no longer occur.
  BZ#509306
• The virsh find-storage-pool-sources command failed to find any dir/nfs/netfs pool sources and failed with unknown failure. The error reporting was fixed and the command now works as expected.
  BZ#509979
• The virsh nodedev-create command resulted in an out of memory error. This was found to be a false positive. The checks were updated, and the error now only occurs if there is an actual memory problem.
  BZ#510426
• Two different methods were using the same name for different libvirt entry points, which created a device error when creating nodes. One of the methods was renamed and node creation now works as expected.
  BZ#510427
• Running the virsh nodedev-destroy command to destroy a NIC interface caused libvirtd to hang indefinitely. The locking issue was found and rectified and the libvirtd crash no longer occurs.
  BZ#510430
• Running the virsh vol-delete command produced a failed to connect to the hypervisor error and libvirtd needed to be restarted. The code was altered to refresh allocation and permissions information, but not capacity information, and the command now works as expected.
  BZ#510450
• When an XML configuration file was generated using virsh dumpxml for a running virtual machine, it contained parameters used for backwards compatibility with previous versions. virt-xml-validate would report that the generated file was not valid because of these legacy parameters. The validate program was altered to accept the parameters used in the generated XML file, which now validates correctly.
  BZ#512069
• Running concurrent TLS connections under the libvirt python wrapper caused libvirt to crash. Changes were made to the way that GNUTLS handles threading and the crash no longer occurs.
  BZ#512367
• libvirt was not reporting current vCPU and pCPU placement or the vCPU execution time counter accurately. The behavior was changed so that libvirt doesn't find out the affinity when set with taskset, but does when set with virsh vcpupin. The reporting is now correct.
  BZ#514082
• Creating npiv devices works as expected, but puts error messages into the /var/log/messages file. The Opened WWN path /sys/class/fc_host//host5/port_name for reading message was updated and the error messages no longer appear in the log file.
  BZ#514324
• The virsh man page described “most operations” as being asynchronous, which is not the case. The man page was updated to state that most operations are synchronous except creation and shutdown of domains.
  BZ#514532
• Guests that use the default source clock try to compensate for lost ticks by reading the TSC as well. This can cause the guest clock to go out of synchronization. All Red Hat Enterprise Linux guests now unconditionally add --no-kvm-pit-reinjection to the qemu command line, and the guest no longer falls out of synchronization.
  BZ#517278
• libvirt would not perform a power management reset if there were other functions on the device. The PCI Power Management reset only affects individual functions, and not the whole device. The check for other functions was removed, so that where both are available, the whole device reset is preferred over individual function resets.
  BZ#517460
• When a migration was performed to a virtual machine that had been paused, the virtual machine would no longer be paused after the migration had completed. The behavior of qemu-kvm was changed so that it no longer 'forgets' the virtual machine is paused, and it will now stay paused during a migration.
  BZ#519204
• libvirt was ordering disks unecessarily. When a new disk was added, it would sometimes shift the boot disk later in the list, causing the user to be unable to boot. The sorting algorithm was changed, and will now insert a new disk as far to the end of the list as possible, while being ordered correctly with other disks on the same bus. This resolved booting errors caused by disk ordering.
  BZ#521053
• A typographical error in an XML domain file caused libvirtd to suffer a segmentation fault. A check was added, and a typing mistake will now cause libvirtd to fail gracefully and produce a meaningful error report.
  BZ#523418
• Devices that are assigned below a non-ACS switch can cause transactions to bypass the VT-d hardware and the validation process. libvirt now successfully blocks devices between non-ACS switches, unless the user specifies the permissive='yes' attribute for <hostdev>, so all transactions now undergo validation by default.
  BZ#526713
• When querying Xen remotely virsh would sometimes raise an "unknown failure" error. The semantics were modified and where possible, the error is now more informative.
  BZ#531729
• When using xen+ssh:// to connect to a host, sometimes an RPC entry point would not be available and dominfo would raise an uninformative error: unknown procedure error. The error reporting was changed and it now reports as an unsupported entry point.
  BZ#531735
• When a network created a bridge, it would only be enabled if the host had an IP on that bridge. This would cause the bridge creation to fail quietly, and packets would not be passed as expected. The error messages were improved for bridge creation and deletion, and if a failure occurs, it will now produce an informative error.
  BZ#532834
• HVM VT-d PCI passthrough attach and detach was not working correctly and devices could not be hotplugged. The attach and detach code now has additional checks and hotplugging functions as expected.
  BZ#546671
• When virt-manager tried to attach a PCI device to a Xen guest, it called virNodeDeviceReset and subsequently crashed. The Xen driver was updated, and it now checks if a given PCI device is assigned to another guest, so that PCI devices can be attached as expected.
  BZ#555309
• When the host was running the KVM hypervisor, the libvirtd process was occasionally unable to connect to the hypervisor. In this case, qemu-kvm failed to start, and gave a false NUMA out of memory error. The error handling was changed so that NUMA errors are now non-fatal. Errors are now logged, and connection progresses as expected.
  BZ#559755
• libvirt was found to be incorrectly detecting machine types supported by KVM. This meant that KVM guests which did not specify any machine type could not be created. This also caused some rare problems that would cause /distribution/virt/install to fail. libvirt was updated to correctly detect and identify KVM-supported machine types.
  BZ#563151 & BZ#569372

• Support has been added for assigning Single Root I/O Virtualization (SR-IOV) devices to qemu guests.
  BZ#481748
• Implementation of the virsh dump command for QEMU/KVM guests is included in this release.
  BZ#507551
• Support was added to libvirt for KVM PCI device assignment hotplug.
  BZ#517465
• Added -mem-prealloc to the KVM command line when using hugepage.
  BZ#518099
• libvirt now allows the creation of more than 256 guests, and more than 150 DHCP leases.
  BZ#519729 & BZ#524280
• The -M rhel5.4 arguments are now passed by default when launching qemu-kvm. This improves backward migration ability.
  BZ#542665

• booting a Storage Area Network (SAN) from a replicated Logical Unit Number (LUN) following a loss of the primary site would fail when doing array-based synchronous data replication to a remote site. This was due to the fact that the initrd on the replicated LUN is configured to see the World Wide Identifier (WWID) of the primary LUN only. A patch has been applied that allows for the creation of all multipath devices so that the replicated LUN is visible for booting. It should be noted that some manual configuration is required following the installation of the updated package:
  1. ensure that multipath.conf has the correct stanzas for both multipath devices.
  2. run mkinitrd again.
  A replicated LUN will now successfully boot provided:
  1. the multipath.conf in the initrd does not blacklist the new LUN and;
  2. /var/lib/multipath/bindings in the initrd is either empty or contains an entry binding mpath0 (or the device originally installed to) to the replicated LUN's WWID.
  (BZ#438887)
• scsi_model devflag options appended to /etc/modprobe.conf can be of the form: “options scsi_mod dev_flags="HITACHI:OPEN-9     -SUN:0x240” to specify more than one SCSI model. These strings are written as arguments to the insmod command within the initrd script. The leading spaces of the second model name in the above example were incorrectly read as a single space by the nash command resulting in the /proc/scsi/device_info file containing invalid strings. A user specifying a SCSI model in this way would have to manually edit the /proc/scsi/device_info file as a result. A patch has been applied to nash.c to correctly handle the quoted string following the dev_flag argument. The string is now written to the /proc/scsi/device_info file in the correct format. (BZ#467850)
• mkinitrd uses a global variable rootdev to store the name of the root device. This is either auto-detected or passed in via the command line --rootdev= parameter. Changes applied to mkinitrd to support boot from multipath introduced the local rootdev variable. This variable overrides the global variable resulting in an incorrect root device, such as a component SCSI device, being written to the /init script preventing the system from booting. The local variable has been renamed to avoid the conflict. Running mkinitrd on a multipath boot system now results in a successful boot of the system. (BZ#503567)
• mkinitrd runs nash on each logical volume. The block_find_fs_by_key() method calls the nashDmGetDevName() method for each logical volume. The nash command does not run to completion in a reasonable time-frame as the nashDmGetDevName() recurses through all devices each time it is called. This update allows nashDmGetDevName() to cache its results, so nash no longer uses 100% of the CPU when installing RPMs. (BZ#516047)
• mkinitrd copied the lvm.conf file verbatim to the initrd without parsing it properly. If the logical volume manager (LVM) was configured to use host tags, Red Hat Enterprise Linux would not boot because a host name could not be set at initrd time. lvm --dumpconfig is now used to retrieve the LVM configuration file. (BZ#517868)
• mkinitrd attempted to explicitly activate the subsets of a nested RAID 10 set. Error messages would then be printed to the log during boot. These messages could safely be ignored. They have now been removed to avoid confusion. (BZ#526246)
• mkinitrd copied the symbolic link of a bootpath driver instead of the actual bootpath driver. This caused kernel panic due to an unavailable driver on first boot of the operating system. mkinitrd now checks the full path of symbolically linked drivers. (BZ#540641)
• when the root file system was on the logical volume manager (LVM), as is the default installation option, nash received a segmentation fault reference if some modules did not load during post-installation reboot. This caused unwarranted kernel panic. Kernel panic no longer occurs as a result of the non-loading of modules. (BZ#560567)
• several virtio modules were missing from the previous version of mkinitrd. This meant that mkinitrd built incorrectly upon installation if virtio block or network devices were used within the Kernel Based Virtual Machine (KVM). The final result was kernel panic. These updated packages contain the required modules which allow mkinitrd to build and install correctly. (BZ#560672)