qemu dropped osxsave/ospke feature triggering upgrade issues
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned | ||
Eoan |
Fix Released
|
Medium
|
Unassigned | ||
qemu (Fedora) |
Won't Fix
|
Undecided
|
|||
qemu (Ubuntu) |
Won't Fix
|
Medium
|
Unassigned | ||
Disco |
Won't Fix
|
Undecided
|
Unassigned | ||
Eoan |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
[Impact]
* Newer qemu dropped a few features (that never worked) without
deprecation period. In some edge cases that might trigger qemu no more
starting at all.
* Fix by backporting the upstream fix (in those Ubuntu releases that have
an affected qemu, which means >=Disco)
[Test Case]
* Define a lbivirt Guest in your preferred style (uvtool / virt-install /
...).
* Shutdown the guest and then modify it to contain the following:
<cpu mode='custom' match='exact' check='partial'>
<model fallback=
<feature policy='disable' name='osxsave'/>
<feature policy='disable' name='ospke'/>
</cpu>
* Start the guest again.
Without the fix it will fail and show:
... Property '.osxsave' not found
[Regression Potential]
* The features never did anything to qemu (which is the reason they got
dropped), so there can#t be an actual feature regression.
The one issue I could imagine is if people prior to Disco were used to
check their qemu cmdline and expect ospke/osxsave to be there.
Those people will now see it gone (but if it is there in there case
they are affected by this bug and their guests won't start anymore). So
those people affected by this corner case are exactly thos ethat would
most likely want the fix.
[Other Info]
* n/a
---
## Bug ##
There are conditions where old qemu/libvirt created guests with the osxsafe or ospke cpu feature:
<feature policy='disable' name='osxsave'/>
<feature policy='optional' name='ospke'/>
That feature was removed in recent qemu, this triggers issues starting some old guests definitions using it after upgrade.
qemu-
cpu.osxsave=on: Property '.osxsave' not found
Same bug in Fedora (incomplete) [5] for being non reproducible - probably didn't see the new virt-install avoiding (but not fixing) it.
## What happened ##
Both commandline arg drops "osxsave" / "ospke" were effective no-ops as it was - quote: "never configurable: KVM never returned OSXSAVE on GET_SUPPORTED_
Discussions went on if this should be warnings instead of errors for a while (the deprecation discussion is ongoing anyway). But for now we are in the situation that calling qemu with those features makes it fail to start. I'd not want to derive from upstream qemu and the discussion on depreceation - as mentioned - is a longer one that won't resolve too soon - a.k.a we can't wait on that.
The discussion at [3] reached no conclusion and was forgotten. I checked with Jiri and there was no follow on.
But since specifying the features never meant anything to qemu we should at least consider libvirt to learn about that and just not specify the flags.
If there is a good place for a warning we might emit one if required was set, but this is not strictly required at first.
## when does it trigger => severity ##
Comment 14 [4] adds more details, we checked usage through virsh, python-livbirt (uvtool, multipass, openstack) and virt-install. We only found two cases in virt-install either:
- created the guest in the past --cpu=host-model
This guest will fail to start on upgrade
- pre virt-install 2.0 (not a Ubuntu combo) it would also break with
e.g. virt-install 1.5 and qemu 3.1 with --cpu=host-copy
=> Both options were not even documented anymore back n Xenial, but they are kept for compatibility.
Overall - unless we missed a more important use case - this is ugly but not show-stopping in prio.
To further enforce this not being a common case, if you'd have set required you'd have got the following all along:
error: the CPU is incompatible with host CPU:
Host CPU does not provide required features: ospke
This is due to the features rarely (never?) exists in the host.
But if set to off or optional (which becomes off if the host doesn't have it) then you'd have seen the new issue. The same applies to "disable" which would pass the pre-check but then let new qemu fail.
Obviously it also triggers if:
- libvirt XML with added <feature policy='optional' name='osxsave'/>
- virt-install with --cpu ...,+osxsave / ospke
## Workaround until resolved ##
Per the analysis above it hopefully should only affect a very low number of people with very old virtual machines anyway, but if you are affected you want a way out and that is fair.
For now just remove that features:
$ virsh edit <guestname>
# remove lines like these
<feature policy='optional' name='osxsave'/>
<feature policy='optional' name='ospke'/>
Or the same with disable instead of optional.
Now your guest will start again.
---
[1]: https:/
[2]: https:/
[3]: https://<email address hidden>
[4]: https:/
[5]: https:/
CVE References
Changed in qemu (Fedora): | |
importance: | Unknown → Undecided |
status: | Unknown → Won't Fix |
description: | updated |
summary: |
- qemu lost osxsave feature bit (ok) which might cause upgrade issues (not - so ok) + qemu dropped osxsave/ospke feature triggering upgrade issues |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in qemu (Ubuntu Eoan): | |
status: | Triaged → Won't Fix |
Changed in qemu (Ubuntu Disco): | |
status: | New → Won't Fix |
Changed in libvirt (Ubuntu Disco): | |
status: | New → Triaged |
Changed in libvirt (Ubuntu Eoan): | |
status: | Triaged → In Progress |
Changed in qemu (Ubuntu): | |
status: | Triaged → Won't Fix |
Description of problem:
An existing VM (running Fedora 28) will not start in F29.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.Attempt to run a VM created under F28, using Virtual Machine Manager
2.Fail
3.
Actual results:
Error starting domain: internal error: process exited while connecting to monitor: 2018-10- 31T17:12: 46.079682Z qemu-system-x86_64: can't apply global IvyBridge- IBRS-x86_ 64-cpu. osxsave= on: Property '.osxsave' not found
Traceback (most recent call last): virt-manager/ virtManager/ asyncjob. py", line 75, in cb_wrapper asyncjob, *args, **kwargs) virt-manager/ virtManager/ asyncjob. py", line 111, in tmpcb virt-manager/ virtManager/ libvirtobject. py", line 66, in newfn virt-manager/ virtManager/ domain. py", line 1344, in startup _backend. create( ) python3. 7/site- packages/ libvirt. py", line 1080, in create libvirtError: internal error: process exited while connecting to monitor: 2018-10- 31T17:12: 46.079682Z qemu-system-x86_64: can't apply global IvyBridge- IBRS-x86_ 64-cpu. osxsave= on: Property '.osxsave' not found
File "/usr/share/
callback(
File "/usr/share/
callback(*args, **kwargs)
File "/usr/share/
ret = fn(self, *args, **kwargs)
File "/usr/share/
self.
File "/usr/lib64/
if ret == -1: raise libvirtError ('virDomainCreate() failed', dom=self)
libvirt.
Expected results:
VM working as before
Additional info:
Guest is a basic F28 server with no GUI and has worked correctly before updating the host to F29.