The savevm/loadvm feature of qemu[-devel] doesn't work with qemu 0.9.1 from ports. savevm appears to succeed, but a subsequent loadvm fails with "Error -1 while loading VM state". It appears to have been broken by patch-CVE-2008-0928. Reverting this patch for qemu-devel makes it work again. (I didn't try vanilla qemu but suspect it is the same.) The patch in question is security related, but in my case the guest OS is trusted. A better solution should be found which is more secure. There is some relevant info here: http://www.mail-archive.com/kvm@vger.kernel.org/msg01244.html Fix: Workaround is to revert patch-CVE-2008-0928. Proper fix will require more work. How-To-Repeat: savevm foo loadvm foo
Responsible Changed From-To: freebsd-ports-bugs->nox Over to maintainer (via the GNATS Auto Assign Tool)
nox 2008-12-04 22:36:46 UTC FreeBSD ports repository Modified files: emulators/qemu Makefile emulators/qemu/files patch-CVE-2008-0928 emulators/qemu-devel Makefile emulators/qemu-devel/files patch-CVE-2008-0928 Log: Attempt to fix savevm that was broken by the original patch-CVE-2008-0928 by allowing writes outside the disk image boundaries if the guest isn't running. PR: ports/129417 Submitted by: Nate Eldredge <neldredge@math.ucsd.edu> Obtained from: debian (sid kvm_72+dfsg-3.diff.gz, adapted) Revision Changes Path 1.98 +1 -1 ports/emulators/qemu-devel/Makefile 1.2 +26 -8 ports/emulators/qemu-devel/files/patch-CVE-2008-0928 1.92 +1 -1 ports/emulators/qemu/Makefile 1.2 +26 -8 ports/emulators/qemu/files/patch-CVE-2008-0928 _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->feedback I have just merged a fix adapted from debian sid kvm, pleast test. Thanx.
State Changed From-To: feedback->closed Fix confirmed via private email. Thanx!