Date: Thu, 4 Dec 2008 03:26:54 -0800 (PST) From: Nate Eldredge <neldredge@math.ucsd.edu> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/129417: emulators/qemu savevm/loadvm broken by patch Message-ID: <200812041126.mB4BQs1w010911@vulcan.lan> Resent-Message-ID: <200812041130.mB4BU03w032209@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 129417 >Category: ports >Synopsis: emulators/qemu savevm/loadvm broken by patch >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 04 11:30:00 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Nate Eldredge >Release: FreeBSD 7.0-RELEASE-p5 amd64 >Organization: >Environment: System: FreeBSD vulcan.lan 7.0-RELEASE-p5 FreeBSD 7.0-RELEASE-p5 #14: Sun Oct 5 11:20:57 PDT 2008 nate@vulcan.lan:/usr/obj/usr/src/sys/VULCAN amd64 >Description: The savevm/loadvm feature of qemu[-devel] doesn't work with qemu 0.9.1 from ports. savevm appears to succeed, but a subsequent loadvm fails with "Error -1 while loading VM state". It appears to have been broken by patch-CVE-2008-0928. Reverting this patch for qemu-devel makes it work again. (I didn't try vanilla qemu but suspect it is the same.) The patch in question is security related, but in my case the guest OS is trusted. A better solution should be found which is more secure. There is some relevant info here: http://www.mail-archive.com/kvm@vger.kernel.org/msg01244.html >How-To-Repeat: savevm foo loadvm foo >Fix: Workaround is to revert patch-CVE-2008-0928. Proper fix will require more work. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812041126.mB4BQs1w010911>