- Issued:
- 2013-01-07
- Updated:
- 2013-01-07
RHBA-2013:0007 - kvm bug fix update
Synopsis
kvm bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated kvm packages that fix various bugs are now available for Red Hat Enterprise Linux 5.
Description
KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel.
This update fixes the following bugs:
-
Under certain circumstances, the qemu-kvm utility tried to invalidate an incorrect physical memory block, which resulted in qemu-kvm to terminate unexpectedly with a segmentation fault. The code has been fixed and the crashes no longer occur. (BZ#814096)
-
Previously, when an I/O error occurred on a KVM host, the guest running on it became paused. After the guest was migrated to another host, the guest could not be properly resumed. Consequently, it was impossible to log in to the guest via SSH or a console. This bug has been fixed and migrated guests can now be resumed as expected. (BZ#684745)
-
Due to an accounting error in the QEMU I/O thread subsystem, I/O delays were occurring on guests, which were observed as unresponsive for the time of the delay. This bug has been fixed and the delays no longer occur. (BZ#782631)
-
Due to an incompatibility between previously used encryption modes and FIPS mode, it was impossible to start KVM guests when running kernel in FIPS mode. With this update, VNC password authentication is disabled when the host system is operating in FIPS mode, and QEMU exits and returns an error message if it is configured to run as a password-authenticated VNC server. If QEMU is configured to run as an unauthenticated VNC server, it will work as expected. (BZ#805676)
-
Previously, the typeperf command of the virtualized Microsoft Windows Server 2008 Service Pack 2 for the x86 architecture with the SQL Server 2005 Service Pack 3 installed returned an invalid value for the Processor Time. This bug has been fixed and typeperf now returns a correct value. (BZ#838466)
-
Previously, a simple counter was used to track GSIs (Global System Interrupts) that were given to devices. Consequently, when a hot plug or unplug operation was performed approximately 30 times on certain Ethernet controllers in a Microsoft Windows Server 2008 guest on the AMD64 and Intel 64 architectures, the controller driver returned a large number of error messages on incorrectly deallocated MSI-X table entries. This update uses a bitmap to track GSIs and the errors no longer occur. (BZ#761350)
-
Previously, KVM did not provide receive overrun status information, which is used for virtual serial devices. Consequently, virtual machines using a serial console redirection became unresponsive on startup. This update implements receive overrun status and the hangs no longer occur. (BZ#843683)
-
Due to a coding bug, the masking in the device assignment function was invalid. Consequently, the KVM device assignment bridge test could break virtual function of certain devices that implement BAR (Base Address Register) resources. This bug has been fixed and the test now works as expected. (BZ#829040)
-
Under certain circumstances, implementation of the Realtek 8139 Ethernet driver allowed the qemu-kvm utility to attempt to allocate unlimited buffer size. If it happened, qemu-kvm terminated unexpectedly with a glib error, unable to allocate such a buffer. This update limits the transmission buffer size of the driver, thus fixing this bug. (BZ#781922)
-
Previously, it was possible to shut down a guest using the system_powerdown command even if the "-no-shutdown" option was specified on the command line. This bug has been fixed and "-no-shutdown" is now handled properly. (BZ#819413)
Users of KVM are advised to upgrade to these updated packages, which fix these bugs. Note that the procedure in the Solution section must be performed before this update will take effect.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
The following procedure must be performed before this update will take effect:
-
Stop all KVM guest virtual machines.
-
Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.
-
Restart the KVM guest virtual machines.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
Updated Packages
- kmod-kvm-debug-83-262.el5.x86_64.rpm
- kvm-qemu-img-83-262.el5.x86_64.rpm
- kvm-83-262.el5.x86_64.rpm
- kvm-83-262.el5.src.rpm
- kmod-kvm-83-262.el5.x86_64.rpm
- kvm-debuginfo-83-262.el5.x86_64.rpm
- kvm-tools-83-262.el5.x86_64.rpm
Fixes
- This content is not included.BZ - 761350
- This content is not included.BZ - 781922
- This content is not included.BZ - 805676
- This content is not included.BZ - 829040
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.