Bug #1957924 “rpc-worker: debugfs access is restricted” : Bugs : libvirt

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-27:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libvirt (Ubuntu):
status:	New → Confirmed

Revision history for this message

Jon Smirl (jonsmirl) wrote on 2022-04-19:

#2

From libvirt gitlib...

Daniel P. Berrangé 💬 @berrange · 2 months ago
Owner
The QEMU patches required to solve this are here https://lists.gnu.org/archive/html/qemu-devel/2022-02/msg03279.html

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-04-23:

#3

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in qemu (Ubuntu):
status:	New → Confirmed

Revision history for this message

Lucas Kanashiro (lucaskanashiro) wrote on 2022-04-25:

#4

Since this is a non-critical issue, I think it is best to wait until it get merged upstream to fix it in Ubuntu.

Bug Watch Updater (bug-watch-updater) on 2022-05-20

Changed in libvirt:
status:	Unknown → New

Patrik Lundquist (patrik-lundquist) on 2022-09-01

tags:

added: impish

Revision history for this message

AceLan Kao (acelankao) wrote on 2022-09-02:

#5

The fix has landed on qemu v7.1.0

467ef823d8 qmp: add filtering of statistics by target vCPU
cc01a3f4ca kvm: Support for querying fd-based stats
b9f88dc071 qmp: Support for querying stats

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-09-08:

#6

Qemu 22.10 is in feature freeze right now, once 23.04 is open we can merge this qemu change.
And probably also a libvirt change that makes use of it if it exists by then.

From there on we can then evaluate which backport options (if any) we have.
So far it does not look too compelling for an SRU, also the workarounds options as quoted in the upstream case are not too great :-/

tags:	added: qemu-23.04
Changed in qemu (Ubuntu):
status:	Confirmed → Triaged

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2023-01-05:

#7

Merging qemu 7.2 for Lunar, marking the qemu part as done as part of that upload.

Changed in qemu (Ubuntu):
status:	Triaged → In Progress
tags:	added: libvirt-23.04

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2023-01-05:

#8

The qemu bits landed and are in 7.2 that I'm merging right now.
But on the libvirt side the case [1] seems stuck or at least not updated yet.

[1]: https://gitlab.com/libvirt/libvirt/-/issues/213

Revision history for this message

Launchpad Janitor (janitor) wrote on 2023-03-06:

#9

Download full text (9.9 KiB)

This bug was fixed in the package qemu - 1:7.2+dfsg-4ubuntu1

---------------
qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993438), among many other fixes
    this resolvs these bugs:
    (LP: #1957924) - support for querying stats,
    (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x)
    (LP: #1959966) - guest dump encryption with customer keys (s390x)
    (LP: #1999885) - pv: don't allow userspace to set the clock under PV
    (LP: #1957924) - add filtering of statistics by target vCPU
    remaining changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type
      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types containing release versioned machine attributes
      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
        for host-phys-bits=true
      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
    - Enable nesting by default
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
    - Ease the use of module retention on upgrades (LP 1913421)
      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
    - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
      landed in Debian but under a different name.
    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
        fix qboot FTBFS with LTO
  * Dropped Changes [now part of upstream v7.2.0]
    - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
      error 'migration was active, but no RAM info was set' (LP 1994002)
    - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
      Fix FTBFS with libbpf 1.0.1-2.
      + Header updates that were added as part of the libbpf fixes
        but not mentioned in changelog
    - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339)
    - Fix I/O stalls when using NVMe storage (LP 1970737).
      + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
        in laio_io_unplug.
    - SECURITY UPDATE...

This bug was fixed in the package qemu - 1:7.2+dfsg-4ubuntu1

---------------
qemu (1:7.2+dfsg-4ubuntu1) lunar; urgency=medium

* Merge with Debian unstable (LP: #1993438), among many other fixes
    this resolvs these bugs:
    (LP: #1957924) - support for querying stats,
    (LP: #1853307) - Enhanced Interpretation for PCI Functions (s390x)
    (LP: #1959966) - guest dump encryption with customer keys (s390x)
    (LP: #1999885) - pv: don't allow userspace to set the clock under PV
    (LP: #1957924) - add filtering of statistics by target vCPU
    remaining changes:
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type
      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types containing release versioned machine attributes
      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
        for host-phys-bits=true
      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
    - Enable nesting by default
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
    - Ease the use of module retention on upgrades (LP 1913421)
      - debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
    - d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
      landed in Debian but under a different name.
    - Remaining GCC-12 FTBFS (LP 1988710 + LP 1921664)
      + d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch:
        fix qboot FTBFS with LTO
  * Dropped Changes [now part of upstream v7.2.0]
    - d/p/u/lp1994002-migration-Read-state-once.patch: Fix for libvirt
      error 'migration was active, but no RAM info was set' (LP 1994002)
    - d/p/u/ebpf-replace-deprecated-bpf_program__set_socket_filt.patch:
      Fix FTBFS with libbpf 1.0.1-2.
      + Header updates that were added as part of the libbpf fixes
        but not mentioned in changelog
    - d/p/u/lp-1981339-*: fix s390x system emulation (LP 1981339)
    - Fix I/O stalls when using NVMe storage (LP 1970737).
      + d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
        in laio_io_unplug.
    - SECURITY UPDATE: heap overflow in floppy disk emulator
      + debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
        hw/block/fdc.c.
    - SECURITY UPDATE: use-after-free vulnerability
      + debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
        lsi_do_msgout
    - SECURITY UPDATE: heap overflow vulnerability
      + debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
        memories
    - SECURITY UPDATE: integer underflow vulnerability
      + debian/patches/CVE-2022-3165.patch: fix integer underflow in
        vnc_client_cut_text_ext
  * Dropped Changes in regard to GCC-12 FTBFS (LP 1988710)
    [not all are needed in lunar]
    -  d/p/u/lp1988710-silence-openbios-array-bounds-false-positive.patch.
       Silence -Warray-bounds false positive [no more needed]
    - d/rules: set -O1 for alpha firmware build
    - d/p/u/lp1988710-opensbi-Makefile-fix-build-with-binutils-2.38.patch:
      further FTBFS fixup
  * Dropped Changes [in Debian 1:7.2+dfsg-3]
    - d/rules: disable LTO on non-amd64 builds (LP 1921664)
  * Added Changes
    - d/control-in: libnfs is in main since focal, enable direct nfs
      storage support (LP: #1988704)
    - d/control-in: libsndio is in universe in ubuntu

qemu (1:7.2+dfsg-4) unstable; urgency=medium

* block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch:
    re-pick now from master (the same patch, moved to master/).
  * revert x86-don-t-let-decompressed-kernel-image-clobber-setu.patch
    Closes: ##1031682 .
    This turned out to be wrong move, breaking more stuff than fixing.
    Upstream is going to revert it too.

qemu (1:7.2+dfsg-3) unstable; urgency=medium

[ Paride Legovini ]
  * Disable LTO on non-amd64 builds (LP: #1921664)

[ Michael Tokarev ]
  * target-arm-Fix-physical-address-resolution-for-Stage2.patch:
    re-fetch now from master branch
  * 4 more patches picked from master:
    x86-don-t-let-decompressed-kernel-image-clobber-setu.patch
    migration-ram-Fix-error-handling-in-ram_write_tracki.patch
    migration-ram-Fix-populate_read_range.patch
    qcow2-Fix-theoretical-corruption-in-store_bitmap-err.patch
  * 5 fixes picked from current pullreqs:
    block-fix-detect-zeroes-with-BDRV_REQ_REGISTERED_BUF.patch
    tests_tcg_i386-introduce-and-use-reg_t-consistently.patch
    target_i386-fix-BEXTR-instruction.patch
    target_i386-fix-C-flag-for-BLSI-BLSMSK-BLSR.patch
    target_i386-fix-ADOX-followed-by-ADCX.patch
  * disable dwz on certain architectures for older dwz
    (FTBFS on bullseye, #968670)

qemu (1:7.2+dfsg-2) unstable; urgency=medium

* d/rules: add -ffile-prefix-map when building skiboot
  * d/control: provide qemu-kvm in qemu-system-misc on s390x
    (Closes: #1029309)
  * d/control: drop dependency of qemu-guest-agent on lsb-base
  * Picked patches from qemu master branch tagged for qemu-stable
    up to commit deabea6e88 (2023-02-02):
    target-sh4-Mask-restore-of-env-flags-from-tb-flags.patch
    vhost-fix-vq-dirty-bitmap-syncing-when-vIOMMU-is-ena.patch
    virtio-mem-Fix-the-bitmap-index-of-the-section-offse.patch
    virtio-mem-Fix-the-iterator-variable-in-a-vmem-rdl_l.patch
    target-arm-fix-handling-of-HLT-semihosting-in-system.patch
    meson-accept-relative-symlinks-in-meson-introspect-i.patch
    target-riscv-Set-pc_succ_insn-for-rvc-illegal-insn.patch
    acpi-cpuhp-fix-guest-visible-maximum-access-size-to-.patch
    hw-nvme-fix-missing-endian-conversions-for-doorbell-.patch
    hw-nvme-fix-missing-cq-eventidx-update.patch
    configure-fix-GLIB_VERSION-for-cross-compilation.patch
    target-arm-Fix-sve_probe_page.patch
    target-arm-allow-writes-to-SCR_EL3.HXEn-bit-when-FEA.patch
    target-arm-Fix-in_debug-path-in-S1_ptw_translate.patch
  * Also: target-arm-Fix-physical-address-resolution-for-Stage.patch

qemu (1:7.2+dfsg-1) unstable; urgency=medium

* new upstream release
    Closes: #1025123 CVE-2022-4172
    (erst: undefined behavior in memcpy in write_erst_record)
    Closes: #1021981 qemu-user: faccessat2 is not implemented
    Closes: #1021019 CVE-2022-3165 (VNC: integer underflow in
    vnc_client_cut_text_ext leads to CPU exhaustion)
  * remove patches applied upstream
  * refresh note-missing-module-pkg-name.diff
  * slirp is always external package now, not a submodule anymore
  * d/control: require meson >> 0.61.5~ for build
  * spelling.diff: update with more spelling error
  * add some lintian-overrides
  * fix minor spelling errors in patches
  * d/control: Bump Standards-Version to 4.6.1
  * debian shell programs use "which" instead of the "command -v",
    fix that (Closes: #1018254)
  * Better fix for #1019011 (gcc ICE building palcode-clipper), use -O1
    instead of -O2 for the failing compile when it actually fails
    (no need to depend on gcc-11, Closes: #1011003)

qemu (1:7.1+dfsg-2) unstable; urgency=medium

* tulip-restrict-DMA-engine-to-memories-CVE-2022-2962.patch
    fix possible stack or heap overflow (tulip: DMA reentrancy issue)
    Closes: #1018055, CVE-2022-2962
  * hw-pvrdma-protect-against-guest-driver-CVE-2022-1050.patch
    fix possible use-after-free in paravirtual RDMA device.
    Closes: #1014589, CVE-2022-1050
  * mention closing of #979677 (CVE-2020-14394) by 7.1
  * d/rules: parametrify extra-cflags & extra-ldflags
  * d/rules: explicitly disable pie on arm64 due to
    https://sourceware.org/bugzilla/show_bug.cgi?id=29514
    Fixes FTBFS.

qemu (1:7.1+dfsg-1) unstable; urgency=medium

* new upstream release (7.1)
    Closes: #1014958, CVE-2022-35414
    Closes: #1014590, CVE-2022-0216
    Closes: #979677, CVE-2020-14394
    Closes: #987410, CVE-2021-3507
    Closes: #988333, #1018913
  * d/copyright:
   - remove mentions of slirp (packaged separately)
   - blindly convert to dep-5 (it needs a complete rewrite)
   - add Files-Excluded from d/get-orig-source.sh
  * d/gbp.conf: remove filter= (and whole [import-orig])
  * d/watch: verify upstream tarballs
  * d/rules: stop faking skiboot version, it is now properly included in
    roms/skiboot/.version file. Add a dependency on this file too
  * d/patches:
   - remove use-fixed-data-path.patch: not needed anymore
   - linux-user-binfmt-P.diff: refresh
   - remove patches applied upstream
  * d/control:
   - it is --enable-capstone now, not --enable-capstone=system
   - it is --enable-png now, not --enable-vnc-png
  * d/rules: fix --enable-vhost-* options
  * d/rules: remove vnc-png for xen too
  * openbios-array-bounds-gcc12.patch
  * opensbi-fix-build-with-binutils-2.38.patch
  * d/rules: adopt vof build changes
  * d/qemu-system-data.docs: omit ccid.txt (removed)
  * temporary workaround for gcc-12 bug #1019011: use gcc-11-alpha-linux-gnu
    instead of gcc-alpha-linux-gnu (another option is to use -Os)
  * d/control: temporarily build-depend on libva-dev till #1019485 is fixed
  * add loongarch64 qemu-user and qemu-user arch

-- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 04 Jan 2023 13:18:43 +0100

Changed in qemu (Ubuntu):
status:	In Progress → Fix Released

Bug Watch Updater (bug-watch-updater) on 2023-10-27

Changed in libvirt:
status:	New → Fix Released

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2024-01-02:

#10

As outlined upstream in the linked issue:

"Libvirt queries the qemu monitor instead of debugfs if available to fetch the stats." since 6353e8f5c1f8336a58c2fde93c1c17de224a4dfb which is in v8.7.0 and later and therefore in Ubuntu lunar and later.

Combined with the qemu fix that was done in Lunar this should be good on both.

Changed in libvirt (Ubuntu):
status:	Confirmed → Fix Released

	Status	Importance	Assigned to
libvirt	Fix Released	Unknown	auto-gitlab.com-libvirt-libvirt-- #213
libvirt (Ubuntu)	Fix Released	Undecided	Unassigned
qemu (Ubuntu)	Fix Released	Undecided	Unassigned

libvirt

rpc-worker: debugfs access is restricted

Bug Description

Related branches

CVE References

Other bug subscribers

Remote bug watches