Ce contenu n'est pas disponible dans la langue sélectionnée.
7.128. libvirt
Updated libvirt packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6.
The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.
Bug Fixes
- BZ#908836
- The AMD family 15h processors CPU architecture consists of "modules", which are represented both as separate cores and separate threads. Management applications needed to choose between one of the approaches, and libvirt did not provide enough information to do this. Management applications were not able to represent the modules in an AMD family 15h processors core according to their needs. The capabilities XML output now contains more information about the processor topology, so that the management applications can extract the information they need.
- BZ#913624
- When auto-port and port were not specified, but the tlsPort attribute was set to "-1", the tlsPort parameter specified in the QEMU command line was set to "1" instead of a valid port. Consequently, QEMU failed, because it was unable to bind a socket on the port. This update replaces the current QEMU driver code for managing port reservations with the new virPortAllocator APIs, and QEMU is able to bind a socket on the port.
- BZ#915344
- Previously, libvirtd was unable to execute an s3/s4 operation for a Microsoft Windows guest which ran the guest agent service. Consequently, this resulted in a "domain s4 fail" error message, due to the domain being destroyed. With this update, the guest is destroyed successfully and the libvirtd service no longer crashes.
- BZ#915347
- When a VM was saved into a compressed file and decompression of that file failed while libvirt was trying to resume the VM, libvirt removed the VM from the list of running VMs, but did not remove the corresponding QEMU process. With this update, the QEMU process is killed in such cases. Moreover, non-fatal decompression errors are now ignored and a VM can be successfully resumed if such an error occurs.
- BZ#915348
- Python bindings for libvirt contained incorrect implementation of getDomain() and getConnect() methods in virDomainSnapshot class. Consequently, the Python client terminated unexpectedly with a segmentation fault. Python bindings now provide proper domain() and connect() accessors that fetch Python objects stored internally within virDomainSnapshot instance and crashes no longer occur.
- BZ#915349
- Previously, libvirt added a cache of storage file backing chains, rather than rediscovering the backing chain details on every operation. This cache was then used to decide which files to label for sVirt, but when libvirt switched over to use the cache, the code only populated when cgroups were in use. On setups that did not use cgroups, due to the lack of backing chain cache information, sVirt was unable to properly label backing chain files, which caused a regression observed by guests being prevented from running. Now, populating the cache was moved earlier, to be independent of cgroups, the cache results in more efficient sVirt operations, and now works whether or not cgroups are in effect.
- BZ#915353
- Occasionally, when users ran multiple virsh create/destroy loops, a race condition could have occurred and libvirtd terminated unexpectedly with a segmentation fault. False error messages regarding the domain having already been destroyed to the caller also occurred. With this update, the outlined script is run and completes without libvirtd crashing.
- BZ#915354
- Previously, libvirt followed relative backing chains differently than QEMU. This resulted in missing sVirt permissions when libvirt could not follow the chain. With this update, relative backing files are now treated identically in libvirt and QEMU, and VDSM use of relative backing files functions properly.
- BZ#915363
- Previously, libvirt reported raw QEMU errors when snapshots failed, and the error message provided was confusing. With this update, libvirt now gives a clear error message when QEMU is not capable of snapshots, which enables more informative handling of the situation.
- BZ#917063
- Previously, libvirt was not tolerant of missing unpriv_sgio support in running kernel even though it was not necessary. After upgrading the host system to Red Hat Enterprise Linux 6.4, users were unable to start domains using shareable block disk devices unless they rebooted the host into the new kernel. The check for unpriv_sgio support is only performed when it is really needed, and libvirt is now able to start all domains that do not strictly require unpriv_sgio support regardless of host kernel support for it.
- BZ#918754
- When asked to create a logical volume with zero allocation, libvirt ran lvcreate to create a volume with no extends, which is not permitted. Creation of logical volumes with zero allocation failed and libvirt returned an error message that did not mention the real error. Now, rather than asking for no extends, libvirt tries to create the volume with a minimal number of extends. The code is also fixed to provide the real error message should the volume creation process fail. Logical volumes with zero allocation can now be successfully created using libvirt.
- BZ#919504
- Previously, when users started the guest with a sharable block CD-Rom, libvirtd failed unexpectedly due to accessing memory that was already freed. This update addresses the aforementioned issue, and libvirtd no longer crashes in the described scenario.
- BZ#922095
- Various memory leaks in libvirtd were discovered when users ran Coverity and Valgrind leak detection tools. This update addresses these issues, and libvirtd no longer leaks memory in the described scenario.
Enhancement
- BZ#915352
- This update adds support for ram_size settings to the QXL device. When using multiple heads in one PCI device, the device needed more RAM assigned. Now, the memory of the RAM bar size is set larger than the default size and libvirt can drive multi-head QXL.
Users of libvirt are advised to upgrade to these updated packages, which fix these bugs and add this enhancement. After installing the updated packages, libvirtd will be restarted automatically.
Updated libvirt packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links associated with each description below.
The libvirt packages provide the
libvirt
library which is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt
provides tools for remote management of virtualized systems.
Note
The libvirt packages have been upgraded to upstream version 0.10.2, which provides a number of bug fixes and enhancements over the previous version, such as support for
Open vSwitch
, a new API for detailed CPU statistics, improved support of LXC method including the sVirt
technology, improvements of the virsh edit
command, improved APIs for listing various objects and support for pinning and tuning emulator threads. (BZ#836934)
Security Fixes
- CVE-2012-3411
- It was discovered that libvirt made certain invalid assumptions about dnsmasq's command line options when setting up DNS masquerading for virtual machines, resulting in dnsmasq incorrectly processing network packets from network interfaces that were intended to be prohibited. This update includes the changes necessary to call dnsmasq with a new command line option, which was introduced to dnsmasq via RHSA-2013:0277.In order for libvirt to be able to make use of the new command line option (--bind-dynamic), updated dnsmasq packages need to be installed. Refer to RHSA-2013:0277 for additional information.
Bug Fixes
- BZ#794523
- The
libvirt
library was issuing thePAUSED
event before the QEMU processor emulator really paused. Consequently, a domain could be reported as paused before it was actually paused, which could confuse a management application using thelibvirt
library. With this update, thePAUSED
event is started after QEMU is stopped on a monitor and the management application is no longer confused bylibvirt
. - BZ#797279, BZ#808980, BZ#869557
- The fixed limit for the maximum size of an RPC message that could be sent between the
libvirtd
daemon and a client, such as thevirsh
utility, was 65536 bytes. However, this limit was not always sufficient and messages that were longer than that could be dropped, leaving a client unable to fetch important data. With this update, the buffer for incoming messages has been made dynamic and both sides, a client andlibvirtd
, now allocate as much memory as is needed for a given message, thus allowing to send much bigger messages. - BZ#807996
- Previously, repeatedly migrating a guest between two machines while using the tunnelled migration could cause the
libvirtd
daemon to lock up unexpectedly. The bug in the code for locking remote drivers has been fixed and repeated tunnelled migrations of domains now work as expected. - BZ#814664
- Previously, multiple
libvirt
API calls were needed to determine the full list of guests on a host controlled by thelibvirt
library. Consequently, a race condition could occur when a guest changed its state between two calls that were needed to enumerate started and stopped guests. This behavior caused the guest to disappear from both of the lists, because the time of enumeration was not considered to be a part of the lists. This update adds a new API function allowing to gather the guest list in one call while the driver is locked. This guarantees that no guest changes its state before the list is gathered so that guests no longer disappear in the described scenario. - BZ#818467
- Previously,
libvirt
did not report many useful error messages that were returned by external programs such as QEMU and only reported a command failure. Consequently, certain problems, whose cause or resolution could be trivial to discover by looking at the error output, were difficult to diagnose. With this update, if any external command run bylibvirt
exits with a failure, its standard error output is added to the system log as alibvirt
error. As a result, problems are now easier to diagnose, because better information is available. - BZ#823716
- Closing a file descriptor multiple times could, under certain circumstances, lead to a failure to execute the qemu-kvm binary. As a consequence, a guest failed to start. A patch has been applied to address this issue, so that the guest now starts successfully.
- BZ#825095
- Prior to this update,
libvirt
used an unsuitable detection procedure to detect NUMA and processor topology of a system. Consequently, topology of some advanced multi-processor systems was detected incorrectly and management applications could not utilize the full potential of the system. Now, the detection has been improved and the topology is properly recognized even on modern systems. - BZ#825820
- Previously, the
libvirt
library had hooks for calling a user-written script when a guest was started or stopped, but had no hook to call a script for each guest when thelibvirtd
daemon itself was restarted. Consequently, certain custom setups that required extra operations not directly provided bylibvirt
could fail whenlibvirtd
was restarted. For example, packet forwarding rules installed to redirect incoming connections to a particular guest could be overridden bylibvirt
's “refresh” of its own iptables packet forwarding rules, breaking the connection forwarding that had been set up. This update improveslibvirt
with a new “reconnect” hook; the QEMU hook script is called with a type of “reconnect” for every active guest each timelibvirtd
is restarted. Users can now write scripts to recognize the “reconnect” event, and for example reload the user-supplied iptables forwarding rules when this event occurs. As a result, incoming connections continue to be forwarded correctly, even whenlibvirtd
is restarted. - BZ#828729
- On certain NUMA architectures,
libvirt
failed to process and expose the NUMA topology, sometimes leading to performance degradation. With this update,libvirt
can parse and expose the NUMA topology on such machines and makes the correct CPU placement, thus avoiding performance degradation. - BZ#831877
- The
virsh undefine
command supports deleting volumes associated with a domain. When using this command, the volumes are passed as additional arguments and if the user adds any trailing string after the basic command, the string is interpreted as a volume to be deleted. Previously, the volumes were checked after the guest was deleted, which could lead to user's errors. With this update, the check of the volume arguments is performed before the deleting process so that errors can be reported sensibly. As a result, the command with an incorrect argument fails before it attempts to delete a guest and the host system stays in a sane state. - BZ#832081
- Due to several bugs in the implementation of keep-alive messages that are used for the detection of broken connections or non-functional peers, these connections and peers could be incorrectly considered broken or non-functional and thus the keep-alive messages were disabled by default in Red Hat Enterprise Linux 6.3. The implementation of the keep-alive messages has been fixed and this feature is now enabled by default.
- BZ#834927
- Previously, a reversed condition in a check which is used during registering callbacks prevented multiple callbacks from being registered. This update applies a patch to fix this condition and multiple callbacks can be registered successfully now.
- BZ#836135
- The
SPICE
server needs certain time at the end of the migration process to transfer an internal state to a destination guest. Previously, thelibvirt
library could kill the source QEMU and theSPICE
server before the internal state was transmitted. This behavior caused the destination client to be unresponsive. With this update,libvirt
waits until the end ofSPICE
migration. As a result, theSPICE
server no longer becomes unresponsive in this situation. - BZ#837659
- When using the
sanlock
daemon for locking resources used by a domain, if such a resource was read-only, the locking attempt failed. Consequently, it was impossible to start a domain with a CD-ROM drive. This bug has been fixed andsanlock
can now be properly used with read-only devices. - BZ#839661
- Previously, the
libvirt
library did not support the S4 (Suspend-to-Disk) event on QEMU domains. Consequently, management applications could not register whether a guest was suspended to disk or powered off. With this update, support for S4 event has been added and management applications can now request receiving S4 events. - BZ#842208
- Due to an installation of the
vdsm
daemon, thelibvirt
library was reconfigured and under certain conditions,libvirt
was searching for a non-existing option when used outside ofvdsm
. Consequently, using thevirsh
utility on such a machine caused the system to terminate with a segmentation fault. The underlying source code has been modified to fix this bug and users can now usevirsh
on machines configured byvdsm
as expected. - BZ#844266
- Previously, a condition in a check, which is used for checking if modification of a domain XML in a saved file was successful or not, was inverted. Consequently, the
virsh
utility reported that this check failed even if it was successful and vice versa. This update applies a patch to fix this bug and success and failure of this check are reported correctly now. - BZ#844408
- Disk hot plug is a two-part action: the
qemuMonitorAddDrive()
call is followed by theqemuMonitorAddDevice()
call. When the first part succeeded but the second one failed,libvirt
failed to roll back the first part and the device remained in use even though the disk hot plug failed. With this update, the rollback for the drive addition is properly performed in the described scenario and disk hot plug now works as expected. - BZ#845448
- Previously the
SIGINT
signal was not blocked when thevirDomainGetBlockJobInfo()
function was performed. Consequently, an attempt to abort a process initialized by a command with the--wait
option specified using the CTRL+C shortcut did not work properly. This update applies a patch to blockSIGINT
duringvirDomainGetBlockJobInfo()
and aborting processes using the CTRL+C shortcut now works as expected. - BZ#845635
- Previously, an unspecified error with a meaningless error code was returned when a guest agent became unresponsive. Consequently, management applications could not recognize why the guest agent hung; whether the guest agent was not configured or was unusable. This update introduces a new
VIR_ERR_AGENT_UNRESPONSIVE
error code and fixes the error message. As a result, management applications now can recognize why the guest agent hangs. - BZ#846639
- Due to a bug in the
libvirt
code, two mutually exclusive cases could occur. In the first case, a guest operating system could fail do detect that it was being suspended because the suspend routine is handled by hypervisor. In the second case, the cooperation of the guest operating system was required, for example during synchronization of the time after the resume routine. Consequently, it was possible to successfully call the suspend routine on a domain with thepmsuspended
status andlibvirt
returned success on operation, which in fact failed. This update adds an additional check to preventlibvirt
from suspending a domain with thepmsuspended
status. - BZ#851397
- Due to recent changes in port allocation, SPICE ports and SPICE TLS ports were the same. Consequently, QEMU domains started with both options configured to use the same port and SPICE TLS ports could not allocate one port twice. With this update, the port allocation has been fixed and the QEMU domains now work as expected in this situation.
- BZ#853567
- A virtual guest can have a network interface that is connected to an SR-IOV (Single Root I/O Virtualization) device's virtual function (VF) using the
macvtap
driver in passthrough mode, and from there is connected to an802.1Qbh
-capable switch. Previously, when shutting down the guest,libvirt
erroneously set SR-IOV device's physical function (PF) instead of VF and the PF offline rather than setting the VF offline. Here is an example of the type of an interface that could be affected:<interface type='direct'> <source dev='eth7' mode='passthrough'/> <virtualport type='802.1Qbh'> <parameters profileid='test'/> </virtualport> </interface>
Consequently, if PF was being used by the host for its own network connectivity, the host networking would be adversely affected, possibly completely disabled, whenever the guest was shut down, or when the guest's network device was detached. The underlying source code has been modified to fix this bug and the PF associated with the VF used by themacvtap
driver now continues to work in the described scenario. - BZ#856247
- Red Hat Enterprise Linux 6.3 implemented the
block copy
feature before the upstream version of QEMU. Since then, several improvements were made to the upstream version of this feature. Consequently, previous versions of thelibvirt
library were unable to fully manage theblock copy
feature in current release of QEMU. With this update, theblock copy
feature has been updated to upstream versions of QEMU andlibvirt
. As a result,libvirt
is able to manage all versions of theblock copy
feature. - BZ#856864
- Previously,
libvirt
put the default USB controller into the XML configuration file during the live migration to Red Hat Enterprise Linux 6.1 hosts. These hosts did not support USB controllers in the XML file. Consequently, live migration to these hosts failed. This update preventslibvirt
from including the default USB controller in the XML configuration file during live migration and live migration works properly in the described scenario. - BZ#856950
- When a QEMU process is being destroyed by
libvirt
, a clean-up operation frees some internal structures and locks. However, since users can destroy QEMU processes at the same time,libvirt
holds the QEMU driver mutex to protect the list of domains and their states, among other things. Previously, a function tried to lock up the QEMU driver mutex when it was already locked, creating a deadlock. The code has been modified to always check if the mutex is free before attempting to lock it up, thus fixing this bug. - BZ#858204
- When the
host_uuid
option was present in thelibvirtd.conf
file, theaugeas libvirt
lens was unable to parse the file. This bug has been fixed and theaugeas libvirt
lens now parseslibvirtd.conf
as expected in the described scenario. - BZ#862515
- Previously, handling of duplicate MAC addresses differed between live attach or detach, and persistent attach or detach of network devices. Consequently, the persistent attach-interface of a device with a MAC address that matches an existing device could fail, even though the live attach-interface of such a device succeed. This behavior was inconsistent, and sometimes led to an incorrect device being detached from the guest. With this update,
libvirt
has been modified to allow duplicate MAC addresses in all cases and to check a unique PCI address in order to distinguish between multiple devices with the same MAC address. - BZ#863115
- Previously,
libvirt
called theqemu-kvm -help
command every time it started a guest to learn what features were available for use in QEMU. On a machine with a number of guests, this behavior caused noticeable delays in starting all of the guests. This update modifieslibvirt
to store information cache about QEMU until the QEMU time stamp is changed. As a result,libvirt
is faster when starting a machine with various guests. - BZ#865670
- Previously, the
ESX 5.1
server was not fully tested. Consequently, connecting toESX 5.1
caused a warning to be returned. TheESX 5.1
server has been properly tested and connecting to this server now works as expected. - BZ#866369
- Under certain circumstances, the
iohelper
process failed to write data to disk while saving a domain and kernel did not report an out-of-space error (ENOSPC
). With this update,libvirt
calls thefdatasync()
function in the described scenario to force the data to be written to disk or catch a write error. As a result, if a write error occurs, it is now properly caught and reported. - BZ#866388
- Certain operations in
libvirt
can be done only when a domain is paused to prevent data corruption. However, if a resuming operation failed, the management application was not notified since no event was sent. This update introduces theVIR_DOMAIN_EVENT_SUSPENDED_API_ERROR
event and management applications can now keep closer track of domain states and act accordingly. - BZ#866999
- When
libvirt
could not find a suitable CPU model for a host CPU, it failed to provide the CPU topology in host capabilities even though the topology was detected correctly. Consequently, applications that work with the host CPU topology but not with the CPU model could not see the topology in host capabilities. With this update, the host capabilities XML description contains the host CPU topology even if the host CPU model is unknown. - BZ#869096
- Previously,
libvirt
supported theemulatorpin
option to set the CPU affinity for a QEMU domain process. However, this behavior overrode the CPU affinity set by thevcpu placement="auto"
setting when creating a cgroup hierarchy for the domain process. This CPU affinity is set with the advisory nodeset from thenumad
daemon. With this update,libvirt
does not allowemulatorpin
option to change the CPU affinity of a domain process if thevcpu placement
setting is set toauto
. As a result, thenumad
daemon is supported as expected. - BZ#873792
- The
libvirt
library allows users to cancel an ongoing migration. Previously, if an attempt to cancel the migration was made in the migration preparation phase, QEMU missed the request and the migration was not canceled. With this update, thevirDomainAbortJob()
function sets a flag when a cancel request is made and this flag is checked before the main phase of the migration starts. As a result, a migration can now be properly canceled even in the preparation phase. - BZ#874050
- Certain AMD processors contain modules which are reported by the kernel as both threads and cores. Previously, the
libvirt
processor topology detection code was not able to detect these modules. Consequently,libvirt
reported the actual number of processors twice. This bug has been fixed by reporting a topology that adds up to the total number of processors reported in the system. However, the actual topology has to be checked in the output of thevirCapabilities()
function. Additionally, documentation for the fallback output has been provided.Note
Note that users should be instructed to use the capability output for topology detection purposes due to performance reasons. The NUMA topology has the important impact performance-wise but the physical topology can differ from that. - BZ#879780
- Due to changes in the
virStorageBackendLogicalCreateVol()
function, the setting of the volume type was removed. Consequently, logical volumes were treated as files without any format andlibvirt
was unable to clone them. This update provides a patch to set the volume type andlibvirt
clones logical volumes as expected. - BZ#880919
- When a saved file could not be opened, the
virFileWrapperFdCatchError()
function was called with aNULL
argument. Consequently, thelibvirtd
daemon terminated unexpectedly due to a NULL pointer dereference. With this update, thevirFileWrapperFdCatchError()
function is called only when the file is open and instead of crashing, the daemon now reports an error. - BZ#884650
- Whenever the
virDomainGetXMLDesc()
function was executed on an unresponsive domain, the call also became unresponsive. With this update, QEMU sends theBALLOON_CHANGE
event when memory usage on a domain changes so thatvirDomainGetXMLDesc()
no longer has to query an unresponsive domain. As a result,virDomainGetXMLDesc()
calls no longer hang in the described scenario.
Enhancements
- BZ#638512
- This update adds support for external live snapshots of disks and RAM.
- BZ#693884
- Previously,
libvirt
could apply packet filters, among others the anti-spoofing filter, to guest network connections using the nwfilter subsystem. However, these filter rules required manually entering the IP address of a guest into the guest configuration. This process was not effective when guests were acquired their IP addresses via theDHCP
protocol; the network needed a manually addedstatic host
entry for each guest and the guest's network interface definition needed that same IP address to be added to its filters. This enhancement improveslibvirt
to automatically learn IP and MAC addresses used by a guest network connection by monitoring the connection'sDHCP
andARP
traffic in order to setup host-based guest-specific packet filtering rules that block traffic with incorrect IP or MAC addresses from the guests. With this new feature, nwfilter packet filters can be written to use automatically detected IP and MAC addresses, which simplifies the process of provisioning a guest. - BZ#724893
- When the guest CPU definition is not supported due to the user's special configuration, an error message is returned. This enhancement improves this error message to contain flags that indicate precisely which options of the user's configuration are not supported.
- BZ#771424
- The Resident Set Size (RSS) limits control how much RAM can a process use. If a process leaks memory, the limits do not let the process influence other processes within the system. With this update, the RSS limits of a QEMU process are set by default according to how much RAM and video RAM is configured for the domain.
- BZ#772088
- Previously, the
libvirt
library could create block snapshots, but could not clean them up. For a long-running guest, creating a large number of snapshots led to performance issues as the QEMU process emulator had to traverse longer chains of backing images. This enhancement improves thelibvirt
library to control the feature of the QEMU process emulator which is responsible for committing the changes in a snapshot image back into the backing file and the backing chain is now kept at a more manageable length. - BZ#772290
- Previously, the automatically allocated ports for the
SPICE
andVNC
protocols started on the port number 5900. With this update, the starting port forSPICE
andVNC
is configurable by users. - BZ#789327
- The QEMU guest and the media of CD_ROM or Floppy could be suspended or resumed inside the guest directly instead of using the
libvirt
API. This enhancement improves thelibvirt
library to support three new events of theQEMU Monitor Protocol
(QMP): theSUSPEND
,WAKEUP
, andDEVICE_TRAY_MOVED
event. These events let a management application know that the guest status or the tray status has been changed:- when the
SUSPEND
event is emitted, the domain status is changed topmsuspended
; - when the
WAKEUP
event is emitted, the domain status is changed torunning
; - when the
DEVICE_TRAY_MOVED
event is emitted for a disk device, the current tray status for the disk is reflected to thelibvirt
XML file, so that management applications do not start the guest with the medium inserted while the medium has been previously ejected inside the guest.
- BZ#804749
- The QEMU process emulator now supports
TSC-Deadline timer
mode for guests that are running on the Intel 64 architecture. This enhancement improves thelibvirt
library with this feature's flag to stay synchronized with QEMU. - BZ#805071
- Previously, it was impossible to move a guest's network connection to a different network without stopping the guest. In order to change the connection, the network needed to be completely detached from the guest and then re-attached after changing the configuration to specify the new connection. With this update, it is now possible to change a guest's interface definition to specify a different type of interface, and to change the network or bridge name or both, all without stopping or pausing the guest or detaching its network device. From the point of view of the guest, the network remains available during the entire transition; if the move requires a new IP address, that can be handled by changing the configuration on the guest, or by requesting that it renews its
DHCP
lease. - BZ#805243
- When connecting to the
libvirt
library, certain form of authentication could be required and if so, interactive prompts were presented to the user. However, in certain cases, the interactive prompts cannot be used, for example when automating background processes. This enhancement improveslibvirt
to use theauth.conf
file located in the$HOME/.libvirt/
directory to supply authentication credentials for connections. As a result, these credentials are pre-populated, thus avoiding the interactive prompts. - BZ#805654
- This enhancement improves
libvirt
to support connection of virtual guest network devices to Open vSwitch bridges, which provides a more fully-featured replacement for the standard Linux Host Bridge. Among other features, Open vSwitch bridges allow setting more connections to a single bridge, transparent VLAN tagging, and better management using the Open Flow standard. As a result,libvirt
is now able to use an already existing Open vSwitch bridge, either directly in the interface definition of a guest, or as a bridge in alibvirt
network. Management of the bridge must be handled outside the scope oflibvirt
, but guest network devices can be attached and detached, and VLAN tags and interface IDs can be assigned on a per-port basis. - BZ#818996
- Certain users prefer to run minimal configurations for server systems and do not need graphical or USB support. This enhancement provides a new feature that allows users to disable USB and graphic controllers in guest machines.
- BZ#820808, BZ#826325
- With this enhancement, the
virsh dump
command is now supported for domains with passthrough devices. As a result, these domains can be dumped with an additional--memory-only
option. - BZ#822064
- The
libvirt
library has already supported pinning and limiting QEMU threads associated with virtual CPUs, but other threads, such as the I/O thread, could not be pinned and limited separately. This enhancement improveslibvirt
to support pinning and limiting of both CPU threads and other emulator threads separately. - BZ#822589
- This enhancement improves the
libvirt
library to be able to configure Discretionary Access Control (DAC) for each domain, so that certain domains can access different resources. - BZ#822601
- Previously, only the “system instance” of the
libvirtd
daemon, that is the one that is running as the root user, could set up a guest network connection using a tap device and host bridge. A “session instance”, that is the one that is running as a non-root user, was only able to use QEMU's limited “user mode” networking. User mode network connection have several limitations; for example, they do not allow incoming connections, or ping in either direction, and are slower than a tap-device based network connection. With this enhancement,libvirt
has been updated to support QEMU's new SUID “network helper”, so that non-privilegedlibvirt
users are able to create guest network connections using tap devices and host bridges. Users who require this behavior need to set the interface type tobridge
in the virtual machine's configuration,libvirtd
then automatically notices that it is running as a non-privileged user, and notifies QEMU to set up the network connection using its “network helper”.Note
This feature is only supported when the interface type isbridge
, and does not work with thenetwork
interface type even if the specified network uses a bridge device. - BZ#822641
- Previously, core dumps for domains with a large amount of memory were unnecessarily huge. With this update, a new
dumpCore
option has been added to control whether guest's memory should be included in a core dump. When this option is set tooff
, core dumps are reduced by the size of the guest's memory. - BZ#831099
- This enhancement allows the
libvirt
library to set the World Wide Name (WWN), which provides stable device paths, for IDE and SCSI disks. - BZ#836462
- This enhancement adds the possibility to control the advertising of S3 (Suspend-to-RAM) and S4 (Suspend-to-Disk) domain states to a guest. As a result, supported versions of QEMU can be configured to not advertise its S3 or S4 capability to a guest.
- BZ#838127
- With this update, support for the AMD Opteron G5 processor model has been added to the
libvirt
library. This change allows the user to utilize the full potential of new features, such as16c
,fma
, andtbm
. - BZ#843087
- This enhancement adds support for the next generation Intel Core and Intel Xeon processors to the
libvirt
library. The next generation supports the following features:fma
,pcid
,movbe
,fsgsbase
,bmi1
,hle
,avx2
,smep
,bmi2
,erms
,invpcid
, andrtm
, compared to the previous Intel Xeon Processor E5-XXXX and Intel Xeon Processor E5-XXXX V2 family of processors. - BZ#844404
- When changing the configuration of a
libvirt
virtual network, it was necessary to restart the network for these changes to take effect. This enhancement adds a newvirsh net-update
command that allows certain parts of a network configuration to be modified, and the changes to be applied immediately without requiring a restart of the network and disconnecting of guests. As a result, it is now possible to add static host entries to and remove them from a network's dhcp section; change the range of IP addresses dynamically assigned by the DHCP server; modify, add, and remove portgroup elements; and add and remove interfaces from a forward element's pool of interfaces, all without restarting the network. Refer to thevirsh(1)
man page for more details about thevirsh net-update
command. - BZ#860570
- With this enhancement, the virsh program supports the
--help
option for all its commands and displays appropriate documentation. - BZ#864606
- With this enhancement, the
libvirt
library can now control thehv_relaxed
feature. This feature makes a Windows guest more tolerant to long periods of inactivity. - BZ#874171
- Current release of the
libvirt
library added several capabilities related to snapshots. Among these was the ability to create an external snapshot, whether the domain was running or was offline. Consequently, it was also necessary to improve the user interface to support those features in the virsh program. With this update, these snapshot-related improvements were added to virsh to provide full support of these features. - BZ#878578
- For security reasons, certain SCSI commands were blocked in a virtual machine. This behavior was related to applications where logical unit numbers (LUNs) of SCSI disks were passed to trusted guests. This enhancement improves
libvirt
to support a newsgio
attribute. Setting this attribute tounfiltered
allows trusted guests to invoke all supported SCSI commands.
All users of libvirt are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing the updated packages, the
libvirtd
daemon must be restarted using the service libvirtd restart
command for this update to take effect.
Updated libvirt packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links associated with each description below.
The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.
Security Fixes
- CVE-2013-4311
- libvirt invokes the PolicyKit pkcheck utility to handle authorization. A race condition was found in the way libvirt used this utility, allowing a local user to bypass intended PolicyKit authorizations or execute arbitrary commands with root privileges.
- CVE-2013-4296
- Note: With this update, libvirt has been rebuilt to communicate with PolicyKit via a different API that is not vulnerable to the race condition. The polkit RHSA-2013:1270 advisory must also be installed to fix the CVE-2013-4311 issue.An invalid free flaw was found in libvirtd's remoteDispatchDomainMemoryStats function. An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd.
The CVE-2013-4296 issue was discovered by Daniel P. Berrange of Red Hat.
Bug Fixes
- BZ#984556
- Prior to this update, the libvirtd daemon leaked memory in the virCgroupMoveTask() function. A fix has been provided which prevents libvirtd from incorrect management of memory allocations.
- BZ#984561
- Previously, the libvirtd daemon was accessing one byte before the array in the virCgroupGetValueStr() function. This bug has been fixed and libvirtd now stays within the array bounds.
- BZ#984578
- When migrating, libvirtd leaked the migration URI (Uniform Resource Identifier) on destination. A patch has been provided to fix this bug and the migration URI is now freed correctly.
- BZ#1003934
- Updating a network interface using virDomainUpdateDeviceFlags API failed when a boot order was set for that interface. The update failed even if the boot order was set in the provided device XML. The virDomainUpdateDeviceFlags API has been fixed to correctly parse the boot order specification from the provided device XML and updating network interfaces with boot orders now works as expected.
Users of libvirt are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, libvirtd will be restarted automatically.