| 2021-01-26 08:09:34 |
bugproxy |
bug |
|
|
added bug |
| 2021-01-26 08:09:36 |
bugproxy |
tags |
|
architecture-s39064 bugnameltc-191018 severity-medium targetmilestone-inin2104 |
|
| 2021-01-26 08:09:37 |
bugproxy |
ubuntu: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
| 2021-01-26 08:09:41 |
bugproxy |
affects |
ubuntu |
linux (Ubuntu) |
|
| 2021-01-26 09:29:02 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
| 2021-01-26 09:29:19 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
| 2021-01-26 09:29:24 |
Frank Heimes |
linux (Ubuntu): assignee |
Skipper Bug Screeners (skipper-screen-team) |
|
|
| 2021-01-26 09:29:31 |
Frank Heimes |
ubuntu-z-systems: importance |
Undecided |
Medium |
|
| 2021-01-26 09:29:36 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Incomplete |
|
| 2021-01-26 09:56:06 |
Frank Heimes |
linux (Ubuntu): status |
New |
Incomplete |
|
| 2021-01-27 19:08:31 |
Frank Heimes |
affects |
linux (Ubuntu) |
qemu (Ubuntu) |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
nominated for series |
|
Ubuntu Hirsute |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
bug task added |
|
qemu (Ubuntu Hirsute) |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
nominated for series |
|
Ubuntu Focal |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
bug task added |
|
qemu (Ubuntu Focal) |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
nominated for series |
|
Ubuntu Groovy |
|
| 2021-01-27 19:11:54 |
Frank Heimes |
bug task added |
|
qemu (Ubuntu Groovy) |
|
| 2021-01-27 19:12:03 |
Frank Heimes |
qemu (Ubuntu Hirsute): status |
Incomplete |
New |
|
| 2021-01-29 14:48:47 |
Frank Heimes |
ubuntu-z-systems: status |
Incomplete |
Triaged |
|
| 2021-01-29 14:49:41 |
Frank Heimes |
bug |
|
|
added subscriber Christian Ehrhardt |
| 2021-01-29 14:49:50 |
Frank Heimes |
qemu (Ubuntu Hirsute): importance |
Undecided |
Medium |
|
| 2021-01-29 14:49:54 |
Frank Heimes |
qemu (Ubuntu Groovy): importance |
Undecided |
Medium |
|
| 2021-01-29 14:49:57 |
Frank Heimes |
qemu (Ubuntu Focal): importance |
Undecided |
Medium |
|
| 2021-01-29 14:50:11 |
Frank Heimes |
qemu (Ubuntu Hirsute): assignee |
|
Canonical Server Team (canonical-server) |
|
| 2021-02-01 15:52:46 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
| 2021-02-01 15:52:58 |
Christian Ehrhardt |
tags |
architecture-s39064 bugnameltc-191018 severity-medium targetmilestone-inin2104 |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 |
|
| 2021-02-02 06:32:20 |
Christian Ehrhardt |
bug task added |
|
libvirt (Ubuntu) |
|
| 2021-02-02 06:32:29 |
Christian Ehrhardt |
bug task deleted |
qemu (Ubuntu) |
|
|
| 2021-02-02 06:32:40 |
Christian Ehrhardt |
bug task deleted |
qemu (Ubuntu Focal) |
|
|
| 2021-02-02 06:32:44 |
Christian Ehrhardt |
bug task deleted |
qemu (Ubuntu Groovy) |
|
|
| 2021-02-02 06:32:46 |
Christian Ehrhardt |
bug task deleted |
qemu (Ubuntu Hirsute) |
|
|
| 2021-02-02 07:38:52 |
Christian Ehrhardt |
libvirt (Ubuntu Hirsute): status |
New |
In Progress |
|
| 2021-02-02 07:41:20 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/libvirt/+git/libvirt/+merge/397259 |
|
| 2021-02-02 08:15:40 |
Frank Heimes |
ubuntu-z-systems: status |
Triaged |
In Progress |
|
| 2021-02-05 14:50:31 |
Launchpad Janitor |
libvirt (Ubuntu Hirsute): status |
In Progress |
Fix Released |
|
| 2021-02-09 06:08:33 |
Christian Ehrhardt |
libvirt (Ubuntu Focal): status |
New |
Incomplete |
|
| 2021-02-09 06:08:34 |
Christian Ehrhardt |
libvirt (Ubuntu Groovy): status |
New |
Incomplete |
|
| 2021-02-09 14:39:52 |
bugproxy |
attachment added |
|
FOCAL_0001-qemu-Add-virtio-related-options-to-vsock.patch https://bugs.launchpad.net/bugs/1913266/+attachment/5461662/+files/FOCAL_0001-qemu-Add-virtio-related-options-to-vsock.patch |
|
| 2021-02-09 14:39:55 |
bugproxy |
attachment added |
|
GROOVY_0001-qemu-Add-virtio-related-options-to-vsock.patch https://bugs.launchpad.net/bugs/1913266/+attachment/5461663/+files/GROOVY_0001-qemu-Add-virtio-related-options-to-vsock.patch |
|
| 2021-02-09 14:51:45 |
Christian Ehrhardt |
libvirt (Ubuntu Focal): status |
Incomplete |
In Progress |
|
| 2021-02-09 14:51:47 |
Christian Ehrhardt |
libvirt (Ubuntu Groovy): status |
Incomplete |
In Progress |
|
| 2021-02-09 15:18:03 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/libvirt/+git/libvirt/+merge/397736 |
|
| 2021-02-09 15:18:28 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/libvirt/+git/libvirt/+merge/397737 |
|
| 2021-02-10 06:35:21 |
Christian Ehrhardt |
description |
Problem:
vsock can't be used with Secure Execution
---uname output---
Linux se1 5.4.0-62-generic #70-Ubuntu SMP Tue Jan 12 16:27:38 UTC 2021 s390x s390x s390x GNU/Linux
Machine Type = z15 8562
---Debugger---
A debugger is not configured
---Steps to Reproduce---
In a Secure Execution environment the Qemu driver vhost-vsock-ccw driver requires the argument "iommu_platform=on".
E.g. "qemu-system-s390x -device vhost-vsock-ccw,guest-cid=42,iommu_platform=on ..."
Currently Libvirt does not support this argument. Therfore Vsock can't be defined in XML correctly. Libvirt Version is 6.0.0-0ubuntu8.5.
Userspace tool common name: virsh
The userspace tool has the following bit modes: 64
Userspace rpm: libvirt-clients
Userspace tool obtained from project website: na
Please apply this update to 21.04, 20.10 and 20.04 ! |
[Impact]
* Support for secure execution environments was in Focal since release,
but a few more use-cases were found that don't work well in those
conditions. This is one of them and fixing it shall further complete
the capabilities in SE as part of the "SRU for HW exploitation".
* Qemu already has the code needed, but libvirt needs to be able to pass
the right options which hereby is implemented.
[Test Case]
* Get a KVM/Qemu guest on s390x
* Edit the guest defninition and add a vsock device like
<vsock model='virtio'>
<cid auto='no' address='3'/>
<driver iommu='on'/>
</vsock>
* Starting the guest should
a) in any environment now render iommu_platform=on into the qemu
commandline
b) in a Secure Execution environment allow the guest to start (due to
that extra argument that now is configurable)
[Where problems could occur]
* The code it changes is mostly specific around vsock and to some extend
on a more generic level around qemu command validation. Therefore the
places to look out for (of the many very different qemu/kvm/libvirt use
cases are a) vsock usage and b) commandline generation
[Other Info]
* n/a
---
Problem:
vsock can't be used with Secure Execution
---uname output---
Linux se1 5.4.0-62-generic #70-Ubuntu SMP Tue Jan 12 16:27:38 UTC 2021 s390x s390x s390x GNU/Linux
Machine Type = z15 8562
---Debugger---
A debugger is not configured
---Steps to Reproduce---
In a Secure Execution environment the Qemu driver vhost-vsock-ccw driver requires the argument "iommu_platform=on".
E.g. "qemu-system-s390x -device vhost-vsock-ccw,guest-cid=42,iommu_platform=on ..."
Currently Libvirt does not support this argument. Therfore Vsock can't be defined in XML correctly. Libvirt Version is 6.0.0-0ubuntu8.5.
Userspace tool common name: virsh
The userspace tool has the following bit modes: 64
Userspace rpm: libvirt-clients
Userspace tool obtained from project website: na
Please apply this update to 21.04, 20.10 and 20.04 ! |
|
| 2021-02-17 05:27:47 |
Chris Halse Rogers |
libvirt (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
| 2021-02-17 05:27:51 |
Chris Halse Rogers |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2021-02-17 05:27:53 |
Chris Halse Rogers |
bug |
|
|
added subscriber SRU Verification |
| 2021-02-17 05:27:59 |
Chris Halse Rogers |
tags |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 verification-needed verification-needed-focal |
|
| 2021-02-17 05:33:45 |
Chris Halse Rogers |
libvirt (Ubuntu Groovy): status |
In Progress |
Fix Committed |
|
| 2021-02-17 05:33:54 |
Chris Halse Rogers |
tags |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 verification-needed verification-needed-focal |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 verification-needed verification-needed-focal verification-needed-groovy |
|
| 2021-02-17 10:12:43 |
Christian Ehrhardt |
tags |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 verification-needed verification-needed-focal verification-needed-groovy |
architecture-s39064 bugnameltc-191018 qemu-21.04 server-next severity-medium targetmilestone-inin2104 verification-done verification-done-focal verification-done-groovy |
|
| 2021-02-17 11:08:04 |
Frank Heimes |
ubuntu-z-systems: status |
In Progress |
Fix Committed |
|
| 2021-03-01 10:40:06 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2021-03-01 10:50:07 |
Launchpad Janitor |
libvirt (Ubuntu Groovy): status |
Fix Committed |
Fix Released |
|
| 2021-03-01 10:53:31 |
Launchpad Janitor |
libvirt (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2021-03-01 11:12:05 |
Frank Heimes |
ubuntu-z-systems: status |
Fix Committed |
Fix Released |
|
