[20.04 FEAT] Base KVM setup for secure guests - qemu part
Bug #1835546 reported by
bugproxy
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
High
|
Canonical Server | ||
qemu (Ubuntu) |
Fix Released
|
High
|
Skipper Bug Screeners |
Bug Description
Enable KVM guests to start and control a guest running in secure mode.
With that Customers can securely run sensitive workloads in KVM on premise and in the cloud.
Feature request for contribution to qemu > 4.0
Currently not available.
Git-Commit will be provided once available
Related branches
~paelzer/ubuntu/+source/qemu:lp-1835546-s390x-protvirt-final
Merged
into
ubuntu/+source/qemu:ubuntu/focal-devel
at
revision 8173c35832629eff7c983b284f34f86f3c0c9ce9
- Rafael David Tinoco (community): Approve
- Canonical Server: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 7167 lines (+6697/-18)68 files modifieddebian/changelog (+29/-0)
debian/patches/series (+64/-1)
debian/patches/stable/lp-1867519-arm-arm-powerctl-rebuild-hflags-after-setting-CP15-b.patch (+48/-0)
debian/patches/stable/lp-1867519-arm-arm-powerctl-set-NSACR.-CP11-CP10-bits-in-arm_se.patch (+49/-0)
debian/patches/stable/lp-1867519-backup-top-Begin-drain-earlier.patch (+46/-0)
debian/patches/stable/lp-1867519-block-Activate-recursively-even-for-already-active-n.patch (+108/-0)
debian/patches/stable/lp-1867519-block-backup-top-fix-failure-path.patch (+97/-0)
debian/patches/stable/lp-1867519-block-block-copy-fix-progress-calculation.patch (+201/-0)
debian/patches/stable/lp-1867519-block-fix-crash-on-zero-length-unaligned-write-and-r.patch (+107/-0)
debian/patches/stable/lp-1867519-block-io-fix-bdrv_co_do_copy_on_readv.patch (+44/-0)
debian/patches/stable/lp-1867519-block-nbd-extract-the-common-cleanup-code.patch (+78/-0)
debian/patches/stable/lp-1867519-block-nbd-fix-memory-leak-in-nbd_open.patch (+76/-0)
debian/patches/stable/lp-1867519-block-qcow2-threads-fix-qcow2_decompress.patch (+79/-0)
debian/patches/stable/lp-1867519-hw-i386-pc-fix-regression-in-parsing-vga-cmdline-par.patch (+58/-0)
debian/patches/stable/lp-1867519-intel_iommu-a-fix-to-vtd_find_as_from_bus_num.patch (+44/-0)
debian/patches/stable/lp-1867519-intel_iommu-add-present-bit-check-for-pasid-table-en.patch (+202/-0)
debian/patches/stable/lp-1867519-iotests-add-test-for-backup-top-failure-on-permissio.patch (+138/-0)
debian/patches/stable/lp-1867519-job-refactor-progress-to-separate-object.patch (+230/-0)
debian/patches/stable/lp-1867519-plugins-core-add-missing-break-in-cb_to_tcg_flags.patch (+41/-0)
debian/patches/stable/lp-1867519-qcow2-Fix-alloc_cluster_abort-for-pre-existing-clust.patch (+39/-0)
debian/patches/stable/lp-1867519-qcow2-Fix-qcow2_alloc_cluster_abort-for-external-dat.patch (+44/-0)
debian/patches/stable/lp-1867519-qcow2-bitmaps-fix-qcow2_can_store_new_dirty_bitmap.patch (+102/-0)
debian/patches/stable/lp-1867519-qemu-img-Fix-convert-n-B-for-backing-less-targets.patch (+54/-0)
debian/patches/stable/lp-1867519-s390-sclp-improve-special-wait-psw-logic.patch (+40/-0)
debian/patches/stable/lp-1867519-target-arm-Return-correct-IL-bit-in-merge_syn_data_a.patch (+46/-0)
debian/patches/stable/lp-1867519-target-arm-Set-ISSIs16Bit-in-make_issinfo.patch (+42/-0)
debian/patches/stable/lp-1867519-target-arm-arm-semi-fix-SYS_OPEN-to-return-nonzero-f.patch (+79/-0)
debian/patches/stable/lp-1867519-target-arm-ensure-we-use-current-exception-state-aft.patch (+127/-0)
debian/patches/stable/lp-1867519-target-i386-kvm-initialize-feature-MSRs-very-early.patch (+169/-0)
debian/patches/stable/lp-1867519-tcg-save-vaddr-temp-for-plugin-usage.patch (+98/-0)
debian/patches/stable/lp-1867519-tpm-ppi-page-align-PPI-RAM.patch (+47/-0)
debian/patches/stable/lp-1867519-vfio-pci-Don-t-remove-irqchip-notifier-if-not-regist.patch (+50/-0)
debian/patches/stable/lp-1867519-virtio-gracefully-handle-invalid-region-caches.patch (+331/-0)
debian/patches/stable/lp-1867519-virtio-mmio-update-queue-size-on-guest-write.patch (+40/-0)
debian/patches/stable/lp-1867519-virtio-net-delete-also-control-queue-when-TX-RX-dele.patch (+41/-0)
debian/patches/stable/lp-1867519-virtio-update-queue-size-on-guest-write.patch (+40/-0)
debian/patches/ubuntu/lp-1835546-Sync-pv.patch (+98/-0)
debian/patches/ubuntu/lp-1835546-pc-bios-s390x-Save-iplb-location-in-lowcore.patch (+138/-0)
debian/patches/ubuntu/lp-1835546-s390x-Add-SIDA-memory-ops.patch (+141/-0)
debian/patches/ubuntu/lp-1835546-s390x-Add-missing-vcpu-reset-functions.patch (+165/-0)
debian/patches/ubuntu/lp-1835546-s390x-Add-unpack-facility-feature-to-GA1.patch (+67/-0)
debian/patches/ubuntu/lp-1835546-s390x-Beautify-diag308-handling.patch (+119/-0)
debian/patches/ubuntu/lp-1835546-s390x-Don-t-do-a-normal-reset-on-the-initial-cpu.patch (+41/-0)
debian/patches/ubuntu/lp-1835546-s390x-Move-clear-reset.patch (+135/-0)
debian/patches/ubuntu/lp-1835546-s390x-Move-diagnose-308-subcodes-and-rcs-into-ipl.h.patch (+67/-0)
debian/patches/ubuntu/lp-1835546-s390x-Move-initial-reset.patch (+148/-0)
debian/patches/ubuntu/lp-1835546-s390x-Move-reset-normal-to-shared-reset-handler.patch (+134/-0)
debian/patches/ubuntu/lp-1835546-s390x-ipl-Consolidate-iplb-validity-check-into-one-f.patch (+70/-0)
debian/patches/ubuntu/lp-1835546-s390x-kvm-Make-kvm_sclp_service_call-void.patch (+72/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Add-migration-blocker.patch (+70/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Disable-address-checks-for-PV-guest-I.patch (+126/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Handle-SIGP-store-status-correctly.patch (+50/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Inhibit-balloon-when-switching-to-pro.patch (+91/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-KVM-intercept-changes.patch (+66/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Move-IO-control-structures-over-SIDA.patch (+162/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Move-STSI-data-over-SIDAD.patch (+61/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Move-diag-308-data-over-SIDA.patch (+84/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-SCLP-interpretation.patch (+162/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Set-guest-IPL-PSW.patch (+51/-0)
debian/patches/ubuntu/lp-1835546-s390x-protvirt-Support-unpack-facility.patch (+875/-0)
debian/patches/ubuntu/lp-1847361-modules-load-upgrade.patch (+125/-0)
debian/patches/ubuntu/lp-1847361-vhost-correctly-turn-on-VIRTIO_F_IOMMU_PLATFORM.patch (+61/-0)
debian/qemu-block-extra.postrm.in (+43/-0)
debian/qemu-block-extra.prerm.in (+45/-0)
debian/qemu-system-gui.postrm.in (+44/-0)
debian/qemu-system-gui.prerm.in (+46/-0)
debian/rules (+12/-0)
dev/null (+0/-17)
tags: | added: architecture-s39064 bugnameltc-177557 severity-high targetmilestone-inin1910 |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → qemu (Ubuntu) |
summary: |
- [19.10 FEAT] Base KVM setup for secure guests - qemu part + [20.04 FEAT] Base KVM setup for secure guests - qemu part |
tags: | added: qemu-20.04 |
information type: | Private → Public |
Changed in qemu (Ubuntu): | |
status: | Incomplete → New |
Changed in ubuntu-z-systems: | |
status: | Incomplete → Triaged |
Changed in qemu (Ubuntu): | |
importance: | Undecided → High |
Changed in ubuntu-z-systems: | |
status: | Triaged → Fix Released |
To post a comment you must log in.
Waiting and setting to Incomplete until git commits are shared.