Discussion:
QEMU in Jessie: call for testers
Santiago R.R.
2018-11-21 09:23:19 UTC
Permalink
Hi there,

I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
place:

deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security

Thanks!

-- Santiago
Lucas Kanashiro
2018-11-22 22:20:01 UTC
Permalink
Hi Santiago,
Post by Santiago R.R.
Hi there,
I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security
I installed your package in a clean environment and made some basic use
of it, such as create raw disks, create instances (some different
architectures), boot existent disks. Everything seems fine so far.

Cheers.
--
Lucas Kanashiro
Hugo Lefeuvre
2018-11-23 06:45:08 UTC
Permalink
Post by Lucas Kanashiro
Post by Santiago R.R.
I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security
I installed your package in a clean environment and made some basic use
of it, such as create raw disks, create instances (some different
architectures), boot existent disks. Everything seems fine so far.
I will proceed to a few tests on my side this afternoon if the upload can
wait till then. Those will probably be run on a fresh Jessie livecd though
(my processor does not support nested virtualization which is quite
annoying when I want to test QEMU in a Jessie VM...)

cheers,
Hugo
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Ben Hutchings
2018-11-23 18:55:46 UTC
Permalink
Post by Hugo Lefeuvre
Post by Lucas Kanashiro
Post by Santiago R.R.
I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security
I installed your package in a clean environment and made some basic use
of it, such as create raw disks, create instances (some different
architectures), boot existent disks. Everything seems fine so far.
I will proceed to a few tests on my side this afternoon if the upload can
wait till then. Those will probably be run on a fresh Jessie livecd though
(my processor does not support nested virtualization which is quite
annoying when I want to test QEMU in a Jessie VM...)
So far as I know, any x86 processor supporting VMX or SVM supports
nested virtualisation. However, nested VMX was considered
experimental in KVM for a long time so you have to set a module
parameter to enable it.

Ben.
--
Ben Hutchings
I'm always amazed by the number of people who take up solipsism because
they heard someone else explain it. - E*Borg on alt.fan.pratchett
Hugo Lefeuvre
2018-11-24 09:46:26 UTC
Permalink
Post by Ben Hutchings
Post by Hugo Lefeuvre
Post by Lucas Kanashiro
Post by Santiago R.R.
I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security
I installed your package in a clean environment and made some basic use
of it, such as create raw disks, create instances (some different
architectures), boot existent disks. Everything seems fine so far.
I will proceed to a few tests on my side this afternoon if the upload can
wait till then. Those will probably be run on a fresh Jessie livecd though
(my processor does not support nested virtualization which is quite
annoying when I want to test QEMU in a Jessie VM...)
So far as I know, any x86 processor supporting VMX or SVM supports
nested virtualisation. However, nested VMX was considered
experimental in KVM for a long time so you have to set a module
parameter to enable it.
Oh, thanks ! That's right, nested virtualization was not enabled by default,
setting nested=1 to kvm_intel did it. :)

for the tests:

+ install the update
+ create a new disk image (qcow + raw img), start debian installer, various
archs, convert between formats
+ boot a few official test images, FreeDOS, minimal NetBSD, Aurelien's
Debian images for amd64[0]
+ test with different memory parameters, cpu number, with and without kvm

Seems fine to me.

You might be interested in running QemuIoTests[1] ?

cheers,
Hugo

[0] https://wiki.qemu.org/Testing/System_Images
[1] https://wiki.qemu.org/Testing/QemuIoTests
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Santiago R.R.
2018-11-24 18:21:58 UTC
Permalink
Post by Hugo Lefeuvre
Post by Ben Hutchings
Post by Hugo Lefeuvre
Post by Lucas Kanashiro
Post by Santiago R.R.
I have prepared a preliminary package for qemu to fix most of currently
open CVEs (among those that have a patch or have been fixed in stretch).
I would be glad if someone could give it a try. It is found in the usual
deb https://people.debian.org/~santiago/debian santiago-jessie-security/
deb-src https://people.debian.org/~santiago/debian santiago-jessie-security
I installed your package in a clean environment and made some basic use
of it, such as create raw disks, create instances (some different
architectures), boot existent disks. Everything seems fine so far.
I will proceed to a few tests on my side this afternoon if the upload can
wait till then. Those will probably be run on a fresh Jessie livecd though
(my processor does not support nested virtualization which is quite
annoying when I want to test QEMU in a Jessie VM...)
So far as I know, any x86 processor supporting VMX or SVM supports
nested virtualisation. However, nested VMX was considered
experimental in KVM for a long time so you have to set a module
parameter to enable it.
Oh, thanks ! That's right, nested virtualization was not enabled by default,
setting nested=1 to kvm_intel did it. :)
+ install the update
+ create a new disk image (qcow + raw img), start debian installer, various
archs, convert between formats
+ boot a few official test images, FreeDOS, minimal NetBSD, Aurelien's
Debian images for amd64[0]
+ test with different memory parameters, cpu number, with and without kvm
Seems fine to me.
Thanks to all of you!
Post by Hugo Lefeuvre
You might be interested in running QemuIoTests[1] ?
I will take a look at them before uploading. Thanks again.

Cheers,

Santiago

Loading...