RHBA-2013:0007 - Bug Fix Advisory

Topic

Updated kvm packages that fix various bugs are now available for Red Hat
Enterprise Linux 5.

Description

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux
on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the
standard Red Hat Enterprise Linux kernel.

This update fixes the following bugs:

• Under certain circumstances, the qemu-kvm utility tried to invalidate an

incorrect physical memory block, which resulted in qemu-kvm to terminate
unexpectedly with a segmentation fault. The code has been fixed and the crashes
no longer occur. (BZ#814096)

• Previously, when an I/O error occurred on a KVM host, the guest running on it

became paused. After the guest was migrated to another host, the guest could not
be properly resumed. Consequently, it was impossible to log in to the guest via
SSH or a console. This bug has been fixed and migrated guests can now be resumed
as expected. (BZ#684745)

• Due to an accounting error in the QEMU I/O thread subsystem, I/O delays were

occurring on guests, which were observed as unresponsive for the time of the
delay. This bug has been fixed and the delays no longer occur. (BZ#782631)

• Due to an incompatibility between previously used encryption modes and FIPS

mode, it was impossible to start KVM guests when running kernel in FIPS mode.
With this update, VNC password authentication is disabled when the host system
is operating in FIPS mode, and QEMU exits and returns an error message if it is
configured to run as a password-authenticated VNC server. If QEMU is configured
to run as an unauthenticated VNC server, it will work as expected. (BZ#805676)

• Previously, the typeperf command of the virtualized Microsoft Windows Server

2008 Service Pack 2 for the x86 architecture with the SQL Server 2005 Service
Pack 3 installed returned an invalid value for the Processor Time. This bug has
been fixed and typeperf now returns a correct value. (BZ#838466)

• Previously, a simple counter was used to track GSIs (Global System Interrupts)

that were given to devices. Consequently, when a hot plug or unplug operation
was performed approximately 30 times on certain Ethernet controllers in a
Microsoft Windows Server 2008 guest on the AMD64 and Intel 64 architectures, the
controller driver returned a large number of error messages on incorrectly
deallocated MSI-X table entries. This update uses a bitmap to track GSIs and the
errors no longer occur. (BZ#761350)

• Previously, KVM did not provide receive overrun status information, which is

used for virtual serial devices. Consequently, virtual machines using a serial
console redirection became unresponsive on startup. This update implements
receive overrun status and the hangs no longer occur. (BZ#843683)

• Due to a coding bug, the masking in the device assignment function was

invalid. Consequently, the KVM device assignment bridge test could break virtual
function of certain devices that implement BAR (Base Address Register)
resources. This bug has been fixed and the test now works as expected.
(BZ#829040)

• Under certain circumstances, implementation of the Realtek 8139 Ethernet

driver allowed the qemu-kvm utility to attempt to allocate unlimited buffer
size. If it happened, qemu-kvm terminated unexpectedly with a glib error, unable
to allocate such a buffer. This update limits the transmission buffer size of
the driver, thus fixing this bug. (BZ#781922)

• Previously, it was possible to shut down a guest using the system_powerdown

command even if the "-no-shutdown" option was specified on the command line.
This bug has been fixed and "-no-shutdown" is now handled properly. (BZ#819413)

Users of KVM are advised to upgrade to these updated packages, which fix these
bugs. Note that the procedure in the Solution section must be performed before
this update will take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

The following procedure must be performed before this update will take
effect:

1) Stop all KVM guest virtual machines.

2) Either reboot the hypervisor machine or, as the root user, remove (using
"modprobe -r [module]") and reload (using "modprobe [module]") all of the
following modules which are currently running (determined using "lsmod"):
kvm, ksm, kvm-intel or kvm-amd.

3) Restart the KVM guest virtual machines.

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Workstation 5 x86_64

Fixes

• BZ - 761350 - "assigned_dev_update_msix_mmio: No such device or address" when repeatedly hot plug/unplug PF
• BZ - 781922 - rtl8139: prevernt unlimited buffer allocated for guest descriptors.
• BZ - 805676 - FIPS 140-2 kernel and KVM
• BZ - 829040 - Fix KVM device assignment bridge test

CVEs

(none)

References

(none)