RHBA-2010:0419 - Bug Fix Advisory

Topic

Updated kvm packages that address several issues are now available.

Description

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel. KVM can run multiple
unmodified, virtualized guest Windows and Linux operating systems.

These updated packages fix the following bugs:

• when run on SMP systems, 64-bit Windows 2003 Server and 64-bit Windows

2008 Server only use the boot CPU for time-keeping, despite configuring the
RTC interrupt for broadcast. KVM cannot tell, therefore, if the RTC
interrupt can be used for time-keeping purposes or not. Consequently,
64-bit Windows 2003 Server and 64-bit Windows 2008 Server showed
significant clock drift when run as guests on SMP systems. With this
update, KVM now checks the RTC interrupt only on vcpu0, the 64-bit Windows
2003 Server and 64-bit Windows 2008 Server boot CPU when they run as SMP
guests under KVM. (BZ#577266)

• some Linux-based para-virtualised guests (eg Fedora 11 and Fedora 12)

which accessed para-virtualised (PV) MMU page tables crashed during startup
when launched on AMD-based hosts which had Rapid Virtualization Indexing
(RVI, formerly known as Nested Page Tables or NPT) disabled. (RVI is AMD's
hardware-assisted virtualization technology for allowing guests to modify
their own MMU page tables. It was called NPT during development.)

The crash occurred because a system call made by such guests (via the
hypercall driver) attempted to write to a read-only page. With this update,
the PV MMU reporting capability was disabled and Linux-based guests which
make these calls no longer cause KVM to inject a page fault and crash.
(BZ#578579)

• an error in irq_source_id size verification meant guest operating systems

with eight assigned virtual functions (VF) hung on boot. This update
corrects the error: verification is now done using bit numbers, not bytes
and guests with eight VFs bound to the pci-stub driver boot (and can use
the assigned virtual devices) as expected. (BZ#579863)

• in some circumstances, memory was reported as still SwapCached and Cached

even after all virtual machines were quit and all the processes whose
memory had been swapped out were no longer running. Although this memory is
eventually reclaimed by the system, available free memory is a factor in
deciding which host to use when launching a virtual machine: inaccurately
reported memory could result in sub-optimal host allocation. With this
update, kvm explicitly removes old pages from swapcache if they are the
last mapped page, ensuring reported free memory is accurate. (BZ#581764)

• as part of the qcow2 image format, each cluster has an associate

reference count (refcount) that takes two values: zero (free) and not-zero
(in use). These refcounts are stored in a refcount block which, itself, has
a refcount. Previously, the refcount of this refcount block was only
updated after cluster refcount allocation had finished. If an I/O error
occurred during refcount allocation, however, the not updated refcount
block refcount could cause the qcow2 image to corrupt. With this update,
the refcount block's refcount is automatically changed as cluster refcount
allocation occurs, ensuring it is always accurate and protecting the qcow2
image in the event of I/O errors. (BZ#581766)

• an abort() call was incorrectly added to an I/O error condition. As a

consequence, in some circumstances, if a guest was writing a file and an
I/O error occurred, the entire guest would crash. This update removes the
call and corrects this regression. If the equivalent I/O error now occurs,
the guest stops trying to write the file (and a "free_clusters failed"
error is logged) but otherwise continues unaffected. (BZ#586246)

All KVM users should upgrade to these updated packages, which contain
backported patches to resolve these issues.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Workstation 5 x86_64

Fixes

• BZ - 577266 - Time drift in win2k3-64bit and win2k8-64bit smp guest
• BZ - 578579 - Linux pvmmu guests (FC11, FC12, etc) crash on boot on AMD hosts with NPT disabled
• BZ - 579863 - SR-IOV -- Guest exit and host hang on if boot VM with 8 VFs assigned
• BZ - 581764 - memory reported as used (by SwapCache and by Cache) though no process holds it.
• BZ - 581766 - qcow2 corruption with I/O error during refcount block allocation
• BZ - 586246 - Guest aborted when make guest stop on write error

CVEs

(none)

References

(none)