2020-04-24 08:10:23 |
bugproxy |
bug |
|
|
added bug |
2020-04-24 08:10:26 |
bugproxy |
tags |
|
architecture-s39064 bugnameltc-185546 severity-medium targetmilestone-inin2004 |
|
2020-04-24 08:10:28 |
bugproxy |
ubuntu: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
2020-04-24 08:10:33 |
bugproxy |
affects |
ubuntu |
linux (Ubuntu) |
|
2020-04-24 08:18:08 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
2020-04-24 08:19:20 |
Frank Heimes |
ubuntu-z-systems: importance |
Undecided |
Medium |
|
2020-04-24 08:22:25 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Incomplete |
|
2020-04-24 09:30:58 |
Christian Ehrhardt |
affects |
linux (Ubuntu) |
libvirt (Ubuntu) |
|
2020-04-24 09:31:07 |
Christian Ehrhardt |
libvirt (Ubuntu): status |
New |
Triaged |
|
2020-04-24 09:31:09 |
Christian Ehrhardt |
libvirt (Ubuntu): importance |
Undecided |
Medium |
|
2020-06-19 07:56:17 |
Christian Ehrhardt |
tags |
architecture-s39064 bugnameltc-185546 severity-medium targetmilestone-inin2004 |
architecture-s39064 bugnameltc-185546 libvirt-20.10 severity-medium targetmilestone-inin2004 |
|
2020-06-19 07:56:59 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
Christian Ehrhardt (paelzer) |
|
2020-06-19 07:57:24 |
Frank Heimes |
ubuntu-z-systems: status |
Incomplete |
Triaged |
|
2020-06-19 07:57:37 |
Frank Heimes |
libvirt (Ubuntu): assignee |
Skipper Bug Screeners (skipper-screen-team) |
Christian Ehrhardt (paelzer) |
|
2020-06-19 07:57:50 |
Frank Heimes |
ubuntu-z-systems: assignee |
Christian Ehrhardt (paelzer) |
Skipper Bug Screeners (skipper-screen-team) |
|
2020-07-20 09:55:21 |
Frank Heimes |
nominated for series |
|
Ubuntu Groovy |
|
2020-07-20 09:55:21 |
Frank Heimes |
bug task added |
|
libvirt (Ubuntu Groovy) |
|
2020-07-20 09:55:21 |
Frank Heimes |
nominated for series |
|
Ubuntu Focal |
|
2020-07-20 09:55:21 |
Frank Heimes |
bug task added |
|
libvirt (Ubuntu Focal) |
|
2020-08-19 13:24:53 |
Christian Ehrhardt |
merge proposal linked |
|
https://code.launchpad.net/~paelzer/ubuntu/+source/libvirt/+git/libvirt/+merge/389531 |
|
2020-08-26 13:03:25 |
Christian Ehrhardt |
libvirt (Ubuntu Groovy): status |
Triaged |
In Progress |
|
2020-08-26 13:14:17 |
Frank Heimes |
ubuntu-z-systems: status |
Triaged |
In Progress |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
libvirt (Ubuntu Groovy): status |
In Progress |
Fix Released |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
bug watch added |
|
https://salsa.debian.org/salsa/support/issues/180 |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
bug watch added |
|
https://salsa.debian.org/salsa/support/issues/191 |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
cve linked |
|
2020-10701 |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
cve linked |
|
2020-12430 |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
cve linked |
|
2020-14301 |
|
2020-08-29 14:32:53 |
Launchpad Janitor |
cve linked |
|
2020-14339 |
|
2020-09-01 07:32:22 |
Christian Ehrhardt |
description |
Stale libvirt cache leads to VM startup failures
Contact Information = Viktor Mihajlovski <mihajlov@de.ibm.com>
---Additional Hardware Info---
Z15 with IBM Secute Execution
---uname output---
Linux linux02 5.4.0-21-generic #25-Ubuntu SMP Sat Mar 28 13:10:00 UTC 2020 s390x s390x s390x GNU/Linux
Machine Type = 8562 (IBM Z15)
---Debugger---
A debugger is not configured
---Steps to Reproduce---
1. Install Ubuntu 20.04 in the LPAR
2. Modify the host kernel command line in /etc/zipl.conf to include prot_virt=1, run zipl and reboot.
3. Define at least one KVM guest with host CPU model and start and stop it
4. Define a secure KVM guest using the host CPU model and start and stop it.
5. Change back the host kernel command line, re-run zipl, reboot.
6. Try to start the first KVM guest, which fails with a message like:
error: internal error: qemu unexpectedly closed the monitor: 2020-04-23T13:55:30.889152Z qemu-system-s390x: Some features requested in the CPU model are not available in the configuration: unpack
The reason for that is that libvirt caches the domaincapabilities reported during the first boot and doesn't update them after the reboot in step 5 even though changing the prot_virt= in the command line changes the CPU features as reported by domcapabilities. So even though the guest may not require the unpack feature, libvirt constructs a CPU model which can't be satisfied on this configuration.
The issue also occurs the other way around, going from prot_virt=0 to prot_virt=1, in which case the guest will fail to boot as it requires the unpack feature.
Manually removing the content of /var/cache/libvirt/qemu/capabilities/ will force libvirt to refresh it's capabilities cache and temporarily resolve the situation. |
[Impact]
* capability caching by libvirt is required for efficiency, but
often stumbles over changes it misses to pick up and refresh
* This backports several fixes to catch more of such situations
and refresh the caches in those cases
- AMD SEV changed
- s390x protvirt changed
- CPU changed
* Backporting these changes
[Test Case]
* For AMS SEV and s390x protvirt you'd need the respective HW and
environments. Maybe IBM can test the latter then.
- For nested we can test it thou
1. create a guest with host-model type
2. install libvirt in the guest
3. run "virsh capabilities" and save it to a file
4. shut down guest
5. edit the guest and take away some cpu features
6. start guest again and run "virsh capabilities" again
It will still report these features as present (wrong)
With the fix at #6 it will realize the CPU has changed and refresh the
capabilities cache.
[Regression Potential]
* This increases the amount of capability refreshes, the regression that
comes to mind is that if this contains false-positives it might trigger
too often and therefore slow down operations on systems where this
happens.
Functionally that would be no breakage, even not caching at all works
fine, but a performance issue. The added tests seem fine thou as a cpu
attribute has to change which isn't a high frequency event.
[Other Info]
* n/a
---
Stale libvirt cache leads to VM startup failures
Contact Information = Viktor Mihajlovski <mihajlov@de.ibm.com>
---Additional Hardware Info---
Z15 with IBM Secute Execution
---uname output---
Linux linux02 5.4.0-21-generic #25-Ubuntu SMP Sat Mar 28 13:10:00 UTC 2020 s390x s390x s390x GNU/Linux
Machine Type = 8562 (IBM Z15)
---Debugger---
A debugger is not configured
---Steps to Reproduce---
1. Install Ubuntu 20.04 in the LPAR
2. Modify the host kernel command line in /etc/zipl.conf to include prot_virt=1, run zipl and reboot.
3. Define at least one KVM guest with host CPU model and start and stop it
4. Define a secure KVM guest using the host CPU model and start and stop it.
5. Change back the host kernel command line, re-run zipl, reboot.
6. Try to start the first KVM guest, which fails with a message like:
error: internal error: qemu unexpectedly closed the monitor: 2020-04-23T13:55:30.889152Z qemu-system-s390x: Some features requested in the CPU model are not available in the configuration: unpack
The reason for that is that libvirt caches the domaincapabilities reported during the first boot and doesn't update them after the reboot in step 5 even though changing the prot_virt= in the command line changes the CPU features as reported by domcapabilities. So even though the guest may not require the unpack feature, libvirt constructs a CPU model which can't be satisfied on this configuration.
The issue also occurs the other way around, going from prot_virt=0 to prot_virt=1, in which case the guest will fail to boot as it requires the unpack feature.
Manually removing the content of /var/cache/libvirt/qemu/capabilities/ will force libvirt to refresh it's capabilities cache and temporarily resolve the situation. |
|
2020-09-02 05:14:22 |
Christian Ehrhardt |
libvirt (Ubuntu Groovy): assignee |
Christian Ehrhardt (paelzer) |
|
|
2020-09-02 05:14:28 |
Christian Ehrhardt |
libvirt (Ubuntu Focal): assignee |
|
Christian Ehrhardt (paelzer) |
|
2020-09-02 05:14:33 |
Christian Ehrhardt |
libvirt (Ubuntu Focal): status |
New |
In Progress |
|
2020-09-03 10:15:41 |
Frank Heimes |
ubuntu-z-systems: status |
In Progress |
Incomplete |
|
2020-09-04 06:39:25 |
Frank Heimes |
ubuntu-z-systems: status |
Incomplete |
In Progress |
|
2020-09-15 20:08:26 |
Brian Murray |
libvirt (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2020-09-15 20:08:28 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2020-09-15 20:08:31 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2020-09-15 20:08:35 |
Brian Murray |
tags |
architecture-s39064 bugnameltc-185546 libvirt-20.10 severity-medium targetmilestone-inin2004 |
architecture-s39064 bugnameltc-185546 libvirt-20.10 severity-medium targetmilestone-inin2004 verification-needed verification-needed-focal |
|
2020-09-16 05:20:50 |
Frank Heimes |
ubuntu-z-systems: status |
In Progress |
Fix Committed |
|
2020-09-16 06:28:09 |
Christian Ehrhardt |
tags |
architecture-s39064 bugnameltc-185546 libvirt-20.10 severity-medium targetmilestone-inin2004 verification-needed verification-needed-focal |
architecture-s39064 bugnameltc-185546 libvirt-20.10 severity-medium targetmilestone-inin2004 verification-done verification-done-focal |
|
2020-09-24 14:11:25 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2020-09-24 14:11:23 |
Launchpad Janitor |
libvirt (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2020-09-24 14:51:48 |
Frank Heimes |
ubuntu-z-systems: status |
Fix Committed |
Fix Released |
|