This bug was fixed in the package qemu - 1:4.0+dfsg-0ubuntu1 --------------- qemu (1:4.0+dfsg-0ubuntu1) eoan; urgency=medium * Merge with Upstream release of qemu 4.0. Among many other things this fixes LP Bugs: LP: #1782206 - SnowRidge Accelerator Interfacing Architecture (AIA) LP: #1828038 - Update s390x CPU Model for more HW support LP: #1832622 - count cache flush Spectre v2 mitigation for ppc64el Remaining Changes: - qemu-kvm to systemd unit - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm, hugepages and architecture specifics - d/qemu-system-common.qemu-kvm.service: systemd unit to call qemu-kvm-init - d/qemu-system-common.install: install helper script - d/qemu-system-common.maintscript: clean old sysv and upstart scripts - d/qemu-system-common.qemu-kvm.default: defaults for /etc/default/qemu-kvm - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm - Enable nesting by default - d/qemu-system-x86.modprobe: set nested=1 module option on intel. (is default on amd) - d/qemu-system-x86.postinst: re-load kvm_intel.ko if it was loaded without nested=1 - d/p/ubuntu/expose-vmx_qemu64cpu.patch: expose nested kvm by default in qemu64 cpu type. - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default in qemu64 on amd - d/qemu-system-x86.README.Debian: document intention of nested being default is comfort, not full support - Distribution specific machine type (LP: 1304107 1621042) - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine types - d/qemu-system-x86.NEWS Info on fixed machine type defintions for host-phys-bits=true (LP: 1776189) - add an info about -hpb machine type in debian/qemu-system-x86.NEWS - provide pseries-bionic-2.11-sxxm type as convenience with all meltdown/spectre workarounds enabled by default. (LP: 1761372). - improved dependencies - Make qemu-system-common depend on qemu-block-extra - Make qemu-utils depend on qemu-block-extra - let qemu-utils recommend sharutils - s390x support - Create qemu-system-s390x package - Enable numa support for s390x - arch aware kvm wrappers - d/control: update VCS links - qemu-guest-agent: freeze-hook fixes (LP: 1484990) - d/qemu-guest-agent.install: provide /etc/qemu/fsfreeze-hook - d/qemu-guest-agent.dirs: provide /etc/qemu/fsfreeze-hook.d - d/control-in: enable RDMA support in qemu (LP: 1692476) - enable RDMA config option - add libibumad-dev build-dep - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490) - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types reference 256k path - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to handle incoming migrations from former releases. - d/control-in: Disable capstone disassembler library support (universe) - Move s390x roms to a new qemu-system-data-s390x - d/qemu-system-data.install: install s390x roms as architecture:all in qemu-system-data - d/rules: build s390-ccw.img with upstream Makefile - d/rules: build s390-netboot.img with upstream Makefile - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: bring back some SLOF bits stripped in DFSG to be able to build s390x-netboot roms As that hack to build s390-ccw.img rom can't build s390x-netboot.img replace it with a build-indep using the upstream makefiles. This is less prone to miss future changes/fixes that are done to the makefiles - d/control-in: add breaks/replaces for moving s390x roms from qemu-system-s390x to qemu-system-data - remove /dev/kvm permission handling (moved to systemd 239-6) (#892945) [From not yet uploaded Debian branch] - d/p/debianize-qemu-guest-service.patch: fix path of qemu-ga - d/rules: fix qemu-kvm service for debhelper compat >=12 - disable pvrdma - besides several security holes there are many other bugs there as well * Dropped patches that are upstream in v4.0 - d/p/do-not-link-everything-with-xen.patch - d/p/usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch - d/p/hw_usb-fix-mistaken-de-initialization-of-CCID-state.patch - d/p/scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch - d/p/slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778 - d/p/i2c-ddc-fix-oob-read-CVE-2019-3812.patch - d/p/ubuntu/lp-1759509-qmp-query-current-machine-with-wakeup-suspend-suppor (LP: 1759509) - d/p/ubuntu/lp-1759509-qga-update-guest-suspend-ram-and-guest-suspend-hybri - d/p/ubuntu/lp-1759509-qmp-hmp-Make-system_wakeup-check-wake-up-support-and - d/p/ubuntu/lp-1812384-s390x-Return-specification-exception-for-unimplement - d/p/ubuntu/CVE-2018-20815.patch - d/p/ubuntu/CVE-2019-5008.patch - d/p/ubuntu/CVE-2019-9824.patch - d/p/ubuntu/Revert-target-i386-kvm-add-VMX-migration-blocker.patch: avoid misdetection of simplified nesting blocking all migrations * Dropped further patches d/p/bt-use-size_t-type-for-length-parameters-instead-of-int-CVE-2018-19665 [upstream deprecated the whole subsystem instead of applying the fix] * Added Changes - updated ubuntu machine types for v4.0 - added eoan types - fixed s390x issue of upstream types having a "v" prefix - add back dropped machine types to avoid more issues like LP: 1802944 - fix kvm split irqchip default in ubuntu q35 machine type - drop no more needed spapr_machine_2_11_sxxm_instance_options and adapt updated CamelCase - -hpb types now need to use GlobalProperties - pc_compat_2_0 got a _fn suffix and slight changes - d/p/ubuntu/lp-1790901-partial-SLOF-for-s390x-netboot.patch: update to SLOF of qemu 4.0 - Refreshed patches still needed for v4.0 context changes - d/p/use-fixed-data-path.patch - d/p/ubuntu/enable-svm-by-default.patch - d/p/ubuntu/enable-md-clear.patch - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch - d/p/ubuntu/lp-1830243-*: s390x Secure Linux Boot Toleration (LP: #1830243) - d/control: disable bluetooth being deprecated - d/control*: remove sdlabi which was removed upstream - d/p/ubuntu/lp-1830238-*: s390x hardware cpu model (LP: #1830238) - d/control*: enable docs (now explicit) and provide new build-dep python3-sphinx - d/not-installed: ignore new interop docs and extra icons for now - d/not-installed: do not install elf2dmp until namespaced - d/qemu-utils.install: install new tools qemu-edid and qemu-keymap - d/qemu-system-data.install: use new paths for formerly used icons - d/p/ubuntu/linux-user-fix-__NR_semtimedop-undeclared-error.patch: fix i386 build error -- Christian Ehrhardt