pkgsrc changes:
- remove stray conflict with qemu-bin - I cannot find references to it in
pkgsrc
- drop mentions of NetBSD version < 6.0 - it's already broken there
regardless of the directives and not supported
- remove stray BUILDLINK_PASSTHRU_DIRS and BUILDLINK_PASSTHRU_RPATHDIRS
this is redundant with the default pkgsrc framework defines
- not yet ported to 3.x as of 2.10.0, newer versions get initial patches
- remove ivshmem - it's not a user settable option, it requires as of now
Linux kernel API (eventfd) and it builds only for Linux now (no longer
for BSD and SunOS)
- add test target - all tests pass on NetBSD 8.99.2 (with disabled PaX
MPROTECT)
- sync PLIST
- drop patches that are no longer needed, proper fixes merged upstream
upstream changelog
==================
The full list of changes are available at:
http://wiki.qemu.org/ChangeLog/2.10
Highlights include:
* Support for ACPI NUMA distance info and control over CPU NUMA
assignments via '-numa cpu' parameters
* Support for LUKS encryption format in qcow2 images
* Monitor/Management interface improvments: additional debug
information available through 'info ramblock/cmma/register/qtree',
support for viewing connected clients via 'info vnc', improved
parsing support for QMP protocol, and other additional commands
* QXL and virtio-gpu support for controlling default display resolution
* Support for vhost-user-scsi devices
* NVMe emulation support for Write Zeroes command and Controller
Memory Buffers
* Guest agent support for querying guest hostname, users, timezone, and
OS version/release information
* ARM: KVM support for Raspberry Pi 3
* ARM: emulation support for MPS2/MPS2+ FPGA-based dev boards
* ARM: zynq: SPIPS flash support
* ARM: exynos4210: hardware PRNG device, SDHCI, and system poweroff
* Microblaze: support for CPU versions 9.4, 9.5, 9.6, and 10.0
* MIPS: support for Enhanced Virtual Addressing (EVA)
* MIPS: initrd support for kaslr-enabled kernels
* OpenRISC: support for shadow registers, idle states, and
numcores/coreid/EVAR/EPH registers
* PowerPC: Multi-threaded TCG emulation support
* PowerPC: OpenBIOS VGA driver for MacOS guests
* PowerPC: pseries: KVM and emulation support for POWER9 guests
* PowerPC: pseries: support for hash page table resizing
* s390: channel device passthrough support via vfio-ccw
* s390: support for channel-attached 3270 "green screen" devices for
use as guest consoles or additional TTYs
* s390: improved support for PCI (AEN, AIS, and zPCI)
* s390: support for z14 CPU models and netboot/TFTP via CCW BIOS,
* s390: TCG support for atomic "LOAD AND x" and "COMPARE SWAP"
operations, LOAD PROGRAM PARAMETER, extended facilities, CPU type,
and many more less-common instructions.
* SH: TCG support for host atomic instructions for emulating tas.b and
gUSA (user-space atomics), and support for fpchg/fsrra instructions
* SPARC: fixes for booting Solaris 2.6 on sun4m/OpenBIOS machines
* x86: Q35 MCH supports TSEG higher than 8MB
* x86: SSE register access via gdbstub
* Xen: support for multi-page shared rings, and 9pfs/virtfs backend
* Xtensa: sim machine console can be directed to chardev via -serial
* and lots more...
== Warning of unsupported host systems ==
This release includes changes to the configure script so that it will now report some host operating systems and
platforms as "unsupported". These are host setups which we do not have access to and are thus unable to test. They will continue to work in this 2.9 release (though configure will warn you about the unsupported status), but in a future QEMU release we may drop support for those hosts unless somebody volunteers to help us with maintaining them (and can provide build/CI machines).
This affects the CPU architectures:
* ia64
and the OSes:
* GNU/kFreeBSD
* DragonFly BSD
* NetBSD
* OpenBSD
* Solaris
* AIX
* Haiku
== System emulation ==
=== Incompatible changes ===
* Improvements to "-drive":
** "-drive"'s <tt>if</tt> option defaults to "none" on machines that do not have an onboard IDE or SCSI controller.
** "-drive if=scsi" does not work anymore with PC machine types, as it created an obsolete SCSI controller model. QEMU supports better controllers (megasas, mptsas, virtio-scsi) but which to use depends on the guest you are using.
** "Orphan" -drive options, where an <tt>if</tt> option is not supported by the emulated machine (e.g. "if=mtd" on x86) is now a fatal error. It had been triggering a warning since version 2.2.
=== Future incompatible changes ===
* Three options are using different names on the command line and in configuration file. In particular:
** The "acpi" configuration file section matches command-line option "acpitable";
** The "boot-opts" configuration file section matches command-line option "boot";
** The "smp-opts" configuration file section matches command-line option "smp".
:-readconfig will standardize on the name for the command line option.
* Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
* Devices "allwinner-a10", "pc87312", "ssi-sd" will be configured with explicit properties instead of implicitly. This is unlikely to affect users.
* For x86, specifying a CPUID feature with both "+feature/-feature" and "feature=on/off" will cause a warning. The current behavior for this combination ("+feature/-feature" wins over "feature=on/off") will be changed so that "+feature" and "-feature" will be synonyms for "feature=on" and "feature=off" respectively).
* Fixed building with C++.
* Fixed building on Darwin (PR 51899).
* Added GTK3 as an option.
* Switched from SDL-1 to SDL-2.
* Depend and enable support for: lzo, jemalloc, snappy, png, curl, jpeg.
Changelog:
== System emulation ==
=== Incompatible changes ===
* The number of allow PCI host bridges for pSeries machine was reduced from 256 to 31 (more can be configured by setting up MMIO windows manually).
* Removed support for tftp:// in the block layer, since this has been broken forever for files bigger than 256KB.
=== Future incompatible changes ===
* Three options are using different names on the command line and in configuration file. In particular:
** The "acpi" configuration file section matches command-line option "acpitable";
** The "boot-opts" configuration file section matches command-line option "boot";
** The "smp-opts" configuration file section matches command-line option "smp".
:-readconfig will standardize on the name for the command line option.
* Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
* Devices "allwinner-a10", "pc87312", "ssi-sd" will be configured with explicit properties instead of implicitly. This is unlikely to affect users.
* QMP command blockdev-add is still a work in progress. It doesn't support all block drivers, it lacks a matching blockdev-del, and more. It might change incompatibly.
* For x86, specifying a CPUID feature with both "+feature/-feature" and "feature=on/off" will cause a warning. The current behavior for this combination ("+feature/-feature" wins over "feature=on/off") will be changed so that "+feature" and "-feature" will be synonyms for "feature=on" and "feature=off" respectively).
=== ARM ===
* Improvements to the Aspeed board.
* Support for HLT semihosting traps in AArch32 mode (both ARM and Thumb).
* The ACPI tables for the "virt" machine type support ITS.
* The Cadence GEM device now supports multiple priority queues through the num-priority-queues property.
* The STM32F2xx board (Netduino 2) now includes ADC and SPI devices.
==== KVM ====
=== MIPS ===
* Support for 24KEc CPUs.
=== PowerPC ===
* Support for POWER9 CPUs.
* Improvements for the new "powernv" platform.
==== pSeries ====
* PCI host bridges can be associated to NUMA nodes.
* Support for more than 1 TiB of guest memory.
* Support for more than 64 GiB of MMIO window in a PCI host bridge.
* Support for the "-prom-env" parameter
=== s390 ===
* Support for CPU models.
* Support for virtio-ccw revision 2.
=== SH ===
=== SPARC ===
=== TileGX ===
=== Tricore ===
=== x86 ===
* Support for several new CPUID features related to AVX-512 instruction set extensions.
* The emulated IOAPIC (used by TCG and, with KVM, if the "-machine kernel_irqchip" option has the value "off" or "split") now defaults to version 0x20, which supports directed end-of-interrupt messages.
* Support for Extended Interrupt Mode (EIM) in the intel_iommu device. EIM requires KVM (Linux v4.7 or newer, for x2APIC support) and "-machine kernel-irqchip=split"; it is enabled automatically if interrupt remapping is enabled ("-machine kernel-irqchip=split -device intel_iommu,intremap=on").
* Support for up to 288 CPUs with the Q35 machine types. 256 or more CPUs are only supported if IOMMU and EIM are enabled.
==== Xen ====
* Support for unplugging SCSI disk.
* Support for SUSE xenlinux-compatible device unplug.
=== Device emulation and assignment ===
* QEMU now includes a generic loader pseudo-device that lets you load multiple images or values into memory at startup. This device is documented in {{src|path=docs/generic-loader.txt}}.
==== ACPI ====
* Support for hotplugging of NVDIMM devices (_FIT)
==== Block devices ====
==== Network devices ====
* Support for fault tolerance based on coarse-grained lock stepping (COLO).
==== SCSI ====
==== PCI/PCIe ====
* The sample EDU device now supports MSI.
* [http://git.qemu.org/?p=qemu.git;a=blob;f=docs/pcie.txt;h=9fb20aaed9f41c302419206e1201d151c35e5a1c;hb=HEAD PCI Express Guidelines documentation] has been added for advice on topology and PCI vs PCIe.
==== USB ====
==== VFIO ====
==== virtio ====
* New device vhost-vsock.
* Initial support for graceful handling of guest errors (i.e. QEMU should not exit on guest errors).
* Support for new virtio-crypto device.
==== Xen ====
* Support for grant copy.
=== Character devices ===
=== Crypto subsystem ===
* Support for more hash algorithms for PBKDF.
* Support for CTR mode.
=== GUI ===
* SPICE can use pure OpenGL rendering if "gl=on" is specified.
=== Monitor ===
=== Migration ===
* Support for fault tolerance based on coarse-grained lock stepping (COLO).
=== Network ===
=== Block devices and tools ===
* More QMP commands support node-name (block-stream, block-commit, blockdev-backup, blockdev-mirror, blockdev-snapshot-delete-internal-sync, blockdev-snapshot-internal-sync, change-backing-file, drive-backup, drive-mirror, nbd-server-add).
* The BLOCK_IO_ERROR event now includes the node name.
* More QMP commands accept device model names (block_set_io_throttle, blockdev-change-medium, eject, x-blockdev-remove-medium, x-blockdev-insert-medium, blockdev-open-tray, blockdev-close-tray)
* The DEVICE_TRAY_MOVED event now includes the device id.
* Throttling now applies to the guest device only, and not to block jobs or the NBD server.
* drive-backup and blockdev-backup support writing out backups in compressed format.
* The LUKS format now can configure the PBKDF iteration count.
* block-stream supports streaming from a backing file to another backing file.
* Support for replication, for coarse-grained lock stepping (COLO) fault tolerance.
* New "dd" subcomamand of qemu-img.
* The DMG driver can be compiled to a separate driver, so as to make QEMU's dependency on libbz2 optional.
* Support for iSER in QEMU's iSCSI initiator through a iser:// URI.
* The NBD client and server support the NBD_CMD_WRITE_ZEROES extension.
* Raw images support "offset" and "size" options to access only a part of the file or device.
=== Tracing ===
* New tracing backend "syslog".
* Support for multiple "-d trace:PATTERN" command-line arguments.
=== CLI options ===
== User-mode emulation ==
=== Removed target support ===
* The unicore32-linux-user target implemented a different system call ABI from mainline Linux for this architecture. Support for it has been dropped.
=== New functionality ===
* Added support for more syscalls including preadv, pwritev, syslog.
* Major scalability improvements for multi-threaded programs (ARM, SPARC, x86).
* QEMU can now understand and generate fence and cmpxchg operations.
== TCG ==
* New TCG primitives have been added for safely modelling architectural synchronisation instructions (e.g. atomics, LL/SC, LOCK prefixes). arm, aarch64, alpha and x86 targets now use these primitives for multi-threaded linux-user programs. TCG target maintainers are encouraged to port their front-ends to use the new facilities.
* The TCG backends now emit appropriate barrier instructions for frontend barriers when running multi-threaded programs. However, emulating a strongly-ordered architecture (e.g., x86) on a weakly-ordered one (e.g., ARM or POWER) will not work yet.
* tb_flush() is finally thread-safe meaning multi-threaded programs are less likely to crash when the translation buffer is reset
* lock contention in the main cpu run-loop has been reduced improving performance for multi-threaded code
* a number of races were identified and fixed
A lot of the TCG work merged in this cycle where prerequisites for supporting multi-threaded system emulation (MTTCG). While full MTTCG support is expected to be merged in the next development cycle, multi-threaded linux-user programs will already benefit from this work.
Changelog:
System emulation
Incompatible changes
SPI flash devices "160s33b", "320s33b", "640s33b", "at25df041a", "at25df321a", "at25df641", "at25fs010", "at25fs040", "at26df081a", "at26df161a", "at26df321", "at26f004", "at45db081d", "en25f32", "en25p32", "en25p64", "en25q32b", "en25q64", "gd25q32", "gd25q64", "m25p05", "m25p10", "m25p128", "m25p16", "m25p20", "m25p32", "m25p40", "m25p64", "m25p80", "m25pe16", "m25pe20", "m25pe80", "m25px32", "m25px32-s0", "m25px32-s1", "m25px64", "m45pe10", "m45pe16", "m45pe80", "mx25l12805d", "mx25l12855e", "mx25l1606e", "mx25l2005a", "mx25l25635e", "mx25l25655e", "mx25l3205d", "mx25l4005a", "mx25l6405d", "mx25l8005", "n25q032", "n25q032a11", "n25q032a13", "n25q064", "n25q064a11", "n25q064a13", "n25q128", "n25q128a11", "n25q128a13", "n25q256a11", "n25q256a13", "s25fl016k", "s25fl064k", "s25fl129p0", "s25fl129p1", "s25fl256s0", "s25fl256s1", "s25fl512s", "s25sl004a", "s25sl008a", "s25sl016a", "s25sl032a", "s25sl032p", "s25sl064a", "s25sl064p", "s25sl12800", "s25sl12801", "s70fl01gs", "sst25vf016b", "sst25vf032b", "sst25vf040b", "sst25vf080b", "sst25wf010", "sst25wf020", "sst25wf040", "sst25wf512", "w25q256", "w25q32", "w25q32dw", "w25q64", "w25q80", "w25q80bl", "w25x10", "w25x16", "w25x20", "w25x32", "w25x40", "w25x64", "w25x80" connect to a backend explicitly named by a "drive" property instead of an implicit -drive if=mtd. This only affect devices created explicitly with -device; "-drive if=mtd" still works for SPI flash devices created by boards, so this should affect almost no one.
Support for the original qcow2 image encryption has been disabled entirely from the system emulators. While QEMU 2.3 attempted to keep it available in system emulators, a bug in the code has actually broken it since 2.4, and no one complained. Supported for the format remains available only in command line tools qemu-img, qemu-io, qemu-nbd to facilitate data liberation. It is recommended to use 'qemu-img convert' to convert qcow2 encrypted images to uncrypted ones. The new LUKS encryption driver can provide a secure replacement, and a future release may integrate luks into qcow2 natively.
Autoconverge is not considered experimental anymore; autoconverge-related commands do not have the "x-" prefix anymore.
The MIPS64R6-generic CPU model was renamed to I6400.
On Q35 machines, IOMMU are now enabled with "-device iommu" instead of "-machine iommu=on".
Future incompatible changes
Three options are using different names on the command line and in configuration file. In particular:
The "acpi" configuration file section matches command-line option "acpitable";
The "boot-opts" configuration file section matches command-line option "boot";
The "smp-opts" configuration file section matches command-line option "smp".
-readconfig will standardize on the name for the command line option.
Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
Devices "allwinner-a10", "pc87312", "ssi-sd" will be configured with explicit properties instead of implicitly. This is unlikely to affect users.
QMP command blockdev-add is still a work in progress. It doesn't support all block drivers, it lacks a matching blockdev-del, and more. It might change incompatibly.
ARM
The "virt" machine type has support for NUMA.
We now implement an emulated GICv3 interrupt controller, which is supported by the "virt" board and can be enabled with "-machine gic-version=3". Note that many guest OSes do not correctly support a GICv3 without security extensions; if your guest is Linux it must include commit 7c9b973061 "irqchip/gic-v3: Configure all interrupts as non-secure Group-1" or a backport of that patch to one of the stable branches. UEFI and FreeBSD are also known to need similar bug fixes.With a GICv3 the "virt" board now supports TCG (emulated CPU) configurations with more than 8 vCPUs.
New Xilinx Zynq ZCU102 board (-M xlnx-zcu102).
Xilinx Zynq boards have experimental support for ARM Security Extensions.
Xilinx Zynq MP supports DisplayPort (graphics and audio) and DDC (used for EDID info).
i.MX6?
KVM
Xilinx Zynq boards support KVM on AArch64 hosts.
MIPS
Support for 10-bit ASIDs
The MIPS64R6-generic CPU model was renamed to I6400.
Initial GIC support
Support for IEE 754-2008
PowerPC
Many TCG fixes.
mac99 machine can now boot MacOS >= 9.1
pSeries
Significant performance improvements for the spapr-llan device.
Support for CPU hotplug.
Performance improvements for VFIO through dynamic DMA windows.
s390
Support for runtime instrumentation
The IPL firmware can boot from devices in subchannel sets > 0
Major refactoring and improvements of the s390x-specific PCI code
Optionally, zPCI specific 'uid' and 'fid' attributes may be provided
Guest-acknowledged hotunplug (rather than 'surprise removal' only)
bootindex support for IPL from SCSI devices
SPARC
Fix for sun4m Solaris 9 "Segmentation fault" regression (see bug #1588328)
x86
CPU hot-remove support based on generic device_add/device_del interface
support arbitrary CPU adding/removal
Limitation: 1st (boot) CPU isn't removable
KVM
Support for LMCE (local MCE) virtualization, which will require Linux 4.8. LMCE can be enabled through "-cpu model,lmce" on all CPUs as long as the kernel supports it.
Device emulation and assignment
ACPI
NVDIMM devices are now described in the ACPI tables and support labels.
new ACPI CPU hotplug MMIO interface since 2.7 machine types for PC/Q35
more than 255 CPUs support
CPU hot-remove support
Guest side CPU hotplug status notification via _OST events
Block devices
Removed dataplane blockers? (Fam)
New -device properties replacing -drive properties?
virtio-blk now supports multiqueue through a "num-queues" device property.
Network devices
New device e1000e for Intel 82574 NIC.
QEMU now includes iPXE ROMs for vmxnet3 devices.
SCSI
scsi-block now passes sense data correctly to the guest, so that it can support for example persistent reservations.
Support for passthrough of SCSI scanner.
PCI/PCIe
On Q35 machines, IOMMU are now enabled with "-device iommu" instead of "-machine iommu=on".
USB
Support for Xen paravirtualized USB
usb-bot and usb-uas now support hotplug.
VFIO
Support for device assignment of Intel integrated graphics devices.
The SR-IOV capability is now hidden to guests when passing through a physical function.
virtio
Initial reconnect support for vhost-user.
Support for busy polling on vhost-net devices ("-netdev tap,...,poll-us=n").
virtio-gpu multi-monitor fixes
virtio-gpu 2d live migration support
Character devices
QEMU for Windows: Fixed handling of files used for character devices – they are now truncated by default like on Linux.
TLS support
Support for overriding the TLS property, for example "-object tls-creds-x509,...,priority=NORMAL:-VERS-SSL3.0" disables SSL 3.0. This can be used both to use a non-standard weaker set of prioririties, or to enforce a stronger default for QEMU. The default priority can also be specified through "--tls-priority=VALUE" at configure time.
GUI
A new option "-machine graphics=on|off" lets you disable graphics in the VM like "-nographic" (e.g. OpenBIOS will use the serial port for boot messages) but without an implicit "-display none".
Monitor
new 'info hotpluggable-cpus' and corresponding 'query-hotpluggable-cpus' QMP commands
to list present/possible CPUs with properties necessary to add a CPU instance using device_add for a given '-smp ...' layout
supported by x86 and SPAPR softmmu targets
Migration
Autoconverge is not considered experimental anymore. Autoconverge-related commands do not have the "x-" prefix.
TODO: TLS support
Network
User-mode networking supports DHCPv6, RDNSS, DNS6 and link-local DNS addresses.
Socket networking in TCP mode can now run over IPv6. UDP and multicast modes do not support IPv6 yet.
Block devices and tools
New "bench" command in qemu-img .
The "write" command in qemu-io grew "-f" and "-z -u" options.
TODO: Block job ids?
TCG
Speed improvements around 20%.
Fixes for self-modifying code.
Tracing
TODO: dfilter
TODO: tracing for qemu-io, qemu-img and qemu-nbd
CLI options
'-cpu cpu-model,feat1=foo,...' acts as a set of '-global cpu-model-type.feat1=foo' options, which affects initial CPUs as well as all CPUs created with help of -device/device_add/cpu-add for a given cpu-model
doesn't apply to SPARC target which uses legacy -cpu semantics as its features haven't been converted to properties.
Changelog:
System emulation
Incompatible changes
The aio=native option to "-drive" now requires the cache=none option, instead of silently disabling itself for other cache modes. The newly invalid combination had been warning since QEMU 2.3.
Specifying block device parameter aio=native is now an error on POSIX systems if qemu is compiled without libaio support. The newly invalid combination had been warning since QEMU 2.3.
The experimental x-drive option for the sdhci-pci device has been removed. Instead of passing a drive directly to the SD controller device you now must create an SD card object (which will automatically be plugged into the SD controller), so "-device sdhci-pci,x-drive=mydrive -drive id=mydrive,[...]" becomes "-device sdhci-pci -device sd-card,drive=mydrive -drive id=mydrive,[...]".
The s390-virtio machine has been removed.
Machine types pc-q35-1.4, pc-q35-1.5, pc-q35-1.6, pc-q35-1.7, pc-q35-2.0, pc-q35-2.1, pc-q35-2.2 and pc-q35-2.3 have been removed.
The "virt" machine type's flash device has changed when TrustZone is active ("-machine virt,secure=on"). The first flash device is only available in secure memory, while the second is available in non-secure memory too.
Future incompatible changes
Three options are using different names on the command line and in configuration file. In particular:
The "acpi" configuration file section matches command-line option "acpitable";
The "boot-opts" configuration file section matches command-line option "boot";
The "smp-opts" configuration file section matches command-line option "smp".
-readconfig will standardize on the name for the command line option.
Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
The original qcow2 image encryption is fatally flawed, and support for it will be disabled entirely from the system emulators. It'll remain available only in command line tools qemu-img, qemu-io, qemu-nbd to facilitate data liberation. It is recommended to use 'qemu-img convert' to convert qcow2 encrypted images to uncrypted ones. The new LUKS encryption driver can provide a secure replacement if raw files are acceptable, while a future release will integrate luks into qcow2 natively.
A few devices will be configured with explicit properties instead of implicitly. Unlikely to affect users; for the full list, see the 2.3 ChangeLog.
QMP command blockdev-add is still a work in progress. It doesn't support all block drivers, it lacks a matching blockdev-del, and more. It might change incompatibly.
ARM
Support for a separate EL3 address space
System mode supports BE8 and BE32. Note that qemu-system-arm can emulate both big-endian and little-endian guests (unlike user-mode emulation which has separate qemu-arm and qemu-armeb binaries).
Support for the SETEND instruction, used most notably on Raspbian through the arm-mem library (previously known as libcofi).
Faster boot thanks to DMA support in fw_cfg
The "virt" machine type supports a virtual power button and the "system_powerdown" monitor command
The "virt" machine type supports configuring network cards with -nic in addition to -netdev
The RAM limit for the "virt" machine type is now 255GB
The "xlnz-zynqmp" machine type now includes SPI controllers
The "xlnx-ep108" machine type now supports SPI flash
New partial Raspberry Pi 2 emulation with "raspi2" machine type. For now, it can boot older releases of Windows and Raspbian, but lacks a number of devices including USB.
New palmetto-bmc machine type using the new, partial ASPEED AST2400 SoC implementation
KVM
Support for guest debugging (software and hardware breakpoints, single step) on AArch64
MIPS
Support for FPU and MSA in KVM guests
Support for R6 Virtual Processors
Initial support for Cluster Power Controller and Global Configuration Registers allowing the guest to control the start of Virtual Processors
Support for Inter-Thread Communication Unit
Support for MAAR registers in P5600 CPU
PowerPC
Improved support for migration of g3beige and mac99 machines
Fix serial ports for g3beige and mac99 machines (OpenBIOS)
The gdb stub supports the VSX instruction set extensions
pSeries
pSeries machine types starting at pseries-2.6 use XHCI as the USB host controller instead of OHCI
Support for more hypercalls (H_SET_SPRG0, H_SET_DABR, H_SET_XDABR and H_PAGE_INIT)
Support for EEH on assigned PCI devices can use the normal spapr-pci-host-bridge instead of the special spapr-pci-vfio-host-bridge.
s390
Fixes and improvements in s390x PCI support
Support for hotplug of s390x cpus via cpu-add
Support for booting from virtio-scsi devices in the s390-ccw bios
SH
SPARC
sun4m: Fix for ldstub instruction resolves several 32-bit Solaris bugs (MUTEX_HELD hang, libC error, Java WebStart segfault)
sun4u: FreeBSD 10.3+ can now run under qemu-system-sparc64 in -nographic mode
TileGX
Tricore
Support for context management, illegal opcode and opd traps
Support for FPU instructions
x86
TCG
Support for the XSAVE/XSAVEOPT, MPX, FSGSBASE and PKE features
KVM
Support for "split irqchip". In this mode, QEMU emulates the IOAPIC, PIC (i8259) and PIT (i8254) devices while leaving the local APIC emulation to the kernel. This mode reduces the attack surface of KVM.
Support for the new PKU feature found in some Skylake processors
Support for migrating the TSC rate
Xen
Q35
Support resume (S3)
Support for legacy Windows guests (XP/2003)
Device emulation and assignment
New IPMI emulation subsystem. QEMU can now emulate an internal BMC or attach to an external BMC simulator such as OpenIPMI's lanserv. IPMI however is not yet exposed in SMBIOS and ACPI tables (do we want to docume?)
FIXME: what's the state of nvdimm?
ACPI
The floppy disk controller's characteristics are now exposed in the ACPI tables, which makes it possible to use floppies on Windows together with UEFI firmware.
Block devices
The floppy disk consk or an empty disk to a 2.88 MB disk
Improved compatibility of the SD device model with various operating systems and firmwares
The NVMe device supports the "bootindex" property.
The SDHCI device supports reset.
ivshmem
No longer available on hosts lacking eventfd(2), because inter-vm interrupts don't work there
New devices ivshmem-plain and ivshmem-doorbell, fully backwards compatible for guests, notable differences to ivshmem:
PCI revision is 1 instead of 0
ivshmem role=master becomes master=on, role=peer becomes master=off
ivshmem x-memdev=ID becomes ivshmem-plain memdev=ID
ivshmem shm=NAME,size=SZ becomes ivshmem-plain memdev=ID, with -object memory-backend-file,id=ID,mem-path=/dev/mem/NAME,size=SZ,share
ivshmem chardev=ID becomes ivshmem-doorbell,chardev=ID
Property ioeventfd defaults to on instead of off
ivshmem-plain never has MSI-X capability, and ivshmem-doorbell always has MSI-X capability
Device ivshmem is deprecated, and its experimental property x-memdev is gone
Interrupting a peer that reuses an unplugged peer's ID works again (broken in v1.2.0)
Unplug no longer destroys the character device, for consistency with other devices
The funny "no shared memory, yet" state is no longer guest-visible, and can no longer fail or mess up migration
Guests may require PCI revision 1 to make sure they're not exposed to the funny state
docs/specs/ivshmem-spec.txt rewritten for completeness and accuracy.
SCSI
Support for the LSI SAS1068 HBA (also known as "MPT Fusion"). Note that some operating systems will not recognize disks attached to this adapter, unless the disks are assigned a world-wide name (WWN).
PCI/PCIe
PCIe Multi-root support (using the new pxb-pcie root-compex)
USB
MTP: initial support for events
VFIO
Support for AMD XGBE platform passthrough
New sysfsdev property provides a more general way to specify the device to attach to.
Provided PCI option ROMs are fixed to include the same vendor and device id as the device exposed to the guest. This facilitates changing the ids of the devices.
virtio
Performance improvements via optimized vring accesses
The balloon driver statistics now include the amount of available memory (corresponding to "Available" in /proc/meminfo for Linux guests).
Character devices
The socket character device backend can now enable TLS over TCP connections, acting either as a TLS server:
$QEMU -object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=server \
-chardev socket,id=s0,host=127.0.0.1,port=9000,tls-creds=tls0,server \
-device isa-serial,chardev=s0 \
...other args...
or a TLS client:
$QEMU -object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=client \
-chardev socket,id=s0,host=127.0.0.1,port=9000,tls-creds=tls0 \
-device isa-serial,chardev=s0 \
...other args...
If operating in server mode, the same set of TLS credentials can be used for both character devices and the VNC server
All character devices can have their output logged to a plain file
$QEMU -chardev stdio,id=mon0,logfile=monitor.log \
-mon chardev=mon0 \
...other args...
will result in logging of all output on the HMP monitor. The logappend parameter controls whether the file is truncated at startup, defaulting to append.
GUI
SDL2 and SPICE now support OpenGL and virgl. For SPICE, Unix sockets are the only usable transport when OpenGL is enabled.
The "-vnc" and "-display vnc" options support ipv4=off and ipv6=off. Previously, only "ipv4" and "ipv6" were available.
Support getting input events directly from linux evdev devices, using "-object input-linux,id=$name,evdev=/dev/input/event$nr"
Support for ncurses on Windows.
Monitor
Support for a new "detach" option to "dump-guest-memory". The option dumps memory in the background. Progress can be queried using the new commands "info dump" (human monitor) and "query-dump" (QMP), as well as through the QMP event DUMP_COMPLETED.
Support for a new command "input-send-event" replacing the previous experimental command "x-input-send-event".
The human monitor command "drive_add -n" allows creating block devices that do not have a BlockBackend (similar to QMP blockdev-add).
Migration
Postcopy is not experimental anymore; the x-postcopy-ram capability was renamed to postcopy-ram.
Network
SLIRP now supports IPv6 for ICMP, UDP, TCP and TFTP.
mirror filter which can mirror traffic from netdev to socket chardev, vice versa.
redirector filter which can redirect traffic from netdev to socket chardev, vice versa.
Secret passing system
There is a new standard mechanism for securely passing secret credentials to QEMU, which will be used in combination with other subsystems. For example, network block device passwords, block device decryption passphrases, or TLS private key passwords can all use the same mechanism.
Passing credentials inline (insecure, only for developer testing)
$QEMU -object secret,id=sec0,data=letmein
Passing credentials via a plain file
$QEMU -object secret,id=sec0,file=mypassword.txt
Passing credentials via a base64 encoded file
$QEMU -object secret,id=sec0,file=mypassword.txt,format=base64
Passing credentials inline, encrypted with a master key (recommended for management apps)
$QEMU -object secret,id=master0,file=mykey.b64,format=base64 \
-object secret,id=sec0,data=[base64 ciphertext],\
keyid=master0,iv=[base64 IV],format=base64
TLS credential handling
It is now possible to use encrypted TLS private keys with credentials for TLS servers/clients in QEMU. The password for unlocking the private key is provided by a secret object whose id is specified via the passwordid' property
$QEMU -object secret,id=tlskey0,file=mypassword.txt \
-object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=server,passwordid=tlskey0 \
...other args...
Block devices
Block device throttling now support specifying a burst length as well. While previously the burst could only be specified as a total number of IOPS (e.g. 10000 IOPS), more complex specifications such as "10000 IOPS for 10 seconds" are now possible. Note that, because of the implementation of the algorithm, a guest that is allowed "10000 IOPS for 10 seconds" will also be allowed to perform for example 5000 IOPS for 20 seconds.
The curl block device driver now supports HTTP authentication and HTTP proxy authentication via the new properties 'username', 'password-secret', 'proxy-username' and 'proxy-password-secret'.
$QEMU -object secret,id=sec0,file=password.txt \
-object secret,id=sec1,file=proxy-password.txt \
-drive driver=http,host=localhost,port=443,username=fred,password-secret=sec0,proxy-username=bob,proxy-password-secret=sec1 \
...other args...
The RBD block device driver can now use the secret object type to securely receive the authentication password without exposing it in the command line args
$QEMU -object secret,id=sec0,file=password.b64,format=base64 \
-drive driver=rbd,filename=rbd:pool/image:id=myname:auth_supported=cephx,password-secret=sec0 \
...other args...
The iSCSI block device driver can now use the secret object type to securely receive the authentication password without exposing it in the command line args
$QEMU -object secret,id=sec0,file=password.txt \
-iscsi user=fred,password-secret=sec0 \
-drive file=iscsi://192.168.122.1:3260/iqn.2013-12.com.example%3Aiscsi-chap-netpool/1
NB this syntax requires that all iSCSI backed drives use the same password
The qemu-io tool gained support for new '--object' and '--image-opts' arguments. The --object argument allows 'secret' and 'tls-creds-x509' objects to be defined for use in association with a block device backend. The '--image-opts' argument instructs qemu-io to parse the image string as a set of image options, instead of a plain filename. For example, to connect qemu-io to an NBD server using TLS
qemu-io -c "read 0 512" \
--object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=client \
--image-opts driver=nbd,host=localhost,port=10809,tls-creds=tls0
The qemu-nbd tool gained support for new '--object' and '--image-opts' arguments. The --object argument allows 'secret' and 'tls-creds-x509' objects to be defined for use in association with a block device backend or the NBD server. The '--image-opts' argument instructs qemu-io to parse the image string as a set of image options, instead of a plain filename. For example, to connect qemu-nbd to an HTTP server with authentication and export it over NBD using TLS
qemu-nbd --readonly \
--object secret,id=sec0,file=passwd.txt \
--object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=server \
--image-opts driver=http,url=http://some.random.host/some/image,username=fred,password-secret=sec0
The qemu-img tool gained support for new '--object' and '--image-opts' arguments. The --object argument allows 'secret' and 'tls-creds-x509' objects to be defined for use in association with a block device backend or the NBD server. The '--image-opts' argument instructs qemu-io to parse the image string as a set of image options, instead of a plain filename. For example, to a remote HTTP server with authentication
qemu-img info --object secret,id=sec0,file=passwd.txt \
--image-opts driver=http,url=http://some.random.host/some/image,username=fred,password-secret=sec0
Support for deleting snapshots on Sheepdog devices.
The NBD client and server now support use of TLS. When enabled, the server will mandate that the client also enable TLS and drop any client which attempts to continue in plain text. To run a qemu-nbd server with TLS:
qemu-nbd --object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=server \
--tls-creds tls0 \
/path/to/disk/image
To connect to a server that requires TLS with qemu-img:
qemu-img info --object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=client \
--image-opts driver=nbd,host=localhost,port=10809,tls-creds=tls0
To start a VM pointing to the NBD server
$QEMU -object tls-creds-x509,id=tls0,dir=$HOME/.pki/qemutls,endpoint=client \
-drive driver=nbd,host=localhost,port=10809,tls-creds=tls0 \
...other args...
The NBD server gained support for specifying an export name. When the client negotiates use of the new style NBD protocol the default export name is "". The --exportname argument allows this to be customized:
qemu-nbd --exportname myvol /path/to/myvol.qcow2
QEMU gained support for volumes formatted with the LUKSv1 data format. To format a new LUKS volume
qemu-img create -f luks \
--object secret,id=sec0,file=passphrase.txt \
-o key-secret=sec0 \
demo.luks 10G
To boot a guest from a LUKS volume:
$QEMU -object secret,id=sec0,file=passphrase.txt \
-drive driver=luks,key-secret=sec0,file=demo.luks \
...other args...
The LUKS implementation is intended to be compatible with that used by cryptsetup/dm-crypt, so it should be possible to use disk images interchangeably between them. The only caveat is that some less common cipher/hash algorithms are not yet supported by QEMU. It is also not yet possible to manage key-slots with qemu-img.
TCG
Record/replay support extended to cover character devices.
Tracing
The "stderr" tracing backend was replaced by the "log" tracing backend, which is now the default. This backend prints tracing messages to the destination specified with the "-D" option.
In addition to the existing "-trace file=...", tracepoints can be enabled using "-trace [enable=]...". The new option also supports globbing, as in "-trace bdrv_aio_*".
In addition to the existing "-trace file=...", tracepoints can be enabling using "-d trace:...". This option also supports globbing, as in "-d trace:bdrv_aio_*".
When using "-daemonize", the "-D" option also provides the file to which QEMU's stderr output will be redirected.
TCG supports a new "-dfilter" option to limit exec, out_asm, op and op_opt logging to a range of guest physical addresses. ARM also applies the filter to in_asm logging; this will be extended to other targets in future releases (FIXME: probably should do it now instead...)
A "%d" substring in the log file name is replaced with QEMU's pid.
User-mode emulation
The default CPU for ppc64 and ppc64le is now POWER8
This fixes building emulators/qemu on netbsd-7 (amd64).
On a related note, it may also make sense to include
security/nettle/buildlink3.mk to the build.
Changelog:
== System emulation ==
* guard pages are now inserted after guest RAM, to guard against guest-triggered buffer overflow attacks
=== Incompatible changes ===
* The mips32r5-generic CPU was renamed to P5600
* Host floppy device pass-through (block driver "host_floppy") has been removed; it is still possible to use them just like any other device file, however, a medium change will no longer be passed through to the guest
=== Future incompatible changes ===
* Three options are using different names on the command line and in configuration file. In particular:
** The "acpi" configuration file section matches command-line option "acpitable";
** The "boot-opts" configuration file section matches command-line option "boot";
** The "smp-opts" configuration file section matches command-line option "smp".
:-readconfig will standardize on the name for the command line option.
* Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
* Image encryption is fatally flawed, and will be dropped entirely. It'll remain available only in qemu-img, so you can use 'qemu-img convert' to convert encrypted images to uncrypted ones.
* Block device parameter aio=native has no effect without cache.direct=on. It will be made an error.
* Block device parameter aio=native has no effect if qemu is compiled without libaio support. It will be made an error.
* A few devices will be configured with explicit properties instead of implicitly. Unlikely to affect users; for the full list, see the 2.3 ChangeLog.
* QMP command blockdev-add is still a work in progress. It doesn't support all block drivers, it lacks a matching blockdev-del, and more. It might change incompatibly.
* The s390-virtio machine has been deprecated for 2.5; it will be removed in 2.6. s390x users should switch to the (default) s390-ccw-virtio machine.
* Changes to device "sdhci-pci" will make migration between old and new versions impossible.
* We intend to drop support for running QEMU on MacOSX 10.5 hosts in the QEMU 2.6 release, unless somebody who uses it wishes to step forward and help us with regular testing.
=== Alpha ===
=== ARM ===
* The "virt" machine type supports passing SMBIOS to the firmware.
* Semihosting support on AArch64
* New i.MX31 SoC.
* The ZynqMP and Allwinner A10 platforms support AHCI.
* Support for VGICv3 in KVM
* Support for GICv3 in the ACPI tables.
* The "virt" machine now has a second PCIe MMIO region of 512GB in size in high memory. Note that older 32-bit ARM Linux kernels built without CONFIG_LPAE have a bug where the presence of this region in high memory causes them to refuse to use the PCIe controller at all. In this case you can either reconfigure your kernel with CONFIG_LPAE=y, or pass QEMU the "-machine highmem=off" option to disable the use of high memory for PCIe. The kernel bug is expected to be fixed in Linux kernel release 4.4.
=== MIPS ===
* The mips32r5-generic CPU was renamed to P5600
* Improvements to MIPS R6 emulation
=== PowerPC ===
==== pSeries ====
* Support for memory hotplug
* The shipped version of SLOF includes GPT support.
* Using VFIO doesn't need spapr-pci-vfio-host-bridge anymore.
* virtio-vga now supported on sPAPR guests.
* [[Features/HRandomHypercall | H_RANDOM hypercall]] device for providing good random data to the guests.
==== Mac99 ====
* Improve ability to boot MacOS 9 (based upon GSoC project "Implement support for Mac OS 9 in QEMU " by Cormac O'Brien)
=== s390 ===
* Storage keys are migrated.
* New "info skeys" command in HMP to dump the storage key for a given address.
* Support for virtio 1 in the virtio-ccw devices.
** A maximum virtio-ccw revision can be specified via the "max_revision" property: max_revision=0 may be used to enforce usage of legacy virtio mode.
* Support for boot from El Torito iso images on virtio-blk has been added.
=== SH ===
=== SPARC ===
* sun4u: Fix EBus device enumeration under FreeBSD SPARC64 (OpenBIOS)
=== TileGX ===
* New target.
=== x86 ===
* The emulated IOMMU (VT-d) supports devices behind a bridge
* QEMU will warn when using a "-cpu" model that includes unsupported features. These features are disabled automatically, just like in previous versions of QEMU
* /machine/icc-bridge was removed from the QOM tree. Software relying on icc-bridge to find CPU objects should use the "qom_path" field of "query-cpus" QMP command
==== CPU models and features ====
* Haswell and Broadwell CPU models now include ABM
* Cache information passthrough (which was enabled by default on "-cpu host") is now disabled by default
* ABM, POPCNT, and SSE4a are not enabled in the default CPU models (qemu64, qemu32) anymore, as many hosts don't support it
* RDTSCP was removed from AMD CPU models, as current KVM versions can't expose RDTSCP to guests in AMD hosts
* New Intel memory instructions (clflushopt/clwb/pcommit) are now supported
* TCG now supports Debug Extensions (CR4.DE)
==== KVM ====
* Support for Hyper-V-compatible reporting of crashes.
==== Xen ====
* Support for passthrough of Intel integrated GPUs.
=== Device emulation and assignment ===
* fw_cfg supports a DMA interface on ARM and x86. This interface makes -kernel/-initrd much faster if supported by the firmware. SeaBIOS supports the DMA interface starting with release 1.9.0 (commit 06316c9d). The UEFI guest fw for ARM VMs (known as ArmVirtQemu or AAVMF) supports the DMA interface starting with git commit 953bcbcc / SVN r18545.
==== ACPI ====
==== Audio ====
==== Block devices ====
==== Character devices ====
==== IDE ====
* AHCI ATAPI PIO transfers greater than one sector are fixed. This helps on OVMF, which utilizes such transfers.
* Zero byte count limits will no longer hang ATAPI drives.
* ATAPI PIO reads, when the byte count limit is set to the ATAPI block size, are now asynchronous. This should help to prevent hangs due to missing CDROM media mounted via NFS.
==== Mouse/keyboard ====
==== Network ====
==== SCSI ====
* scsi-generic devices now can be used together with a "readonly=on" backend.
==== Shared memory device ====
* A sample implementation of the ivshmem client and ivhsmem server is included with QEMU.
* ivshmem supports a new "x-memdev" property that uses a memory object for the backend. This makes it possible to use ivshmem with a hugetlbfs backend. This property is experimental and may be removed in future release in favour of an alternative ivshmem device.
* Use kvm irqfd for msi notifications
* Protocol change, native long -> LE int64_t
==== PCI/PCIe ====
* hotplug support added for multifunction devices. To use, add all functions except function 0 first. Adding function 0 exposes the device to the guest. Request removal on function 0. On guest acknowledge, all functions are ejected together.
==== TPM ====
==== VFIO ====
==== virtio ====
* virtio-gpu now supports 3D mode
* vhost-user now supports live migration. client changes are required to enable this. When used with an old client without migration support, vhost-user will now block migration (instead of failing silently)
* vhost-user now supports multi-queue. Use queues=# to enable this. client changes are required to enable this mode. When used with an old client without multi-queue support, device will automatically fall back on using a single pair of queues.
* vhost-user protocol now includes protocol feature negotiation, including multiple new messages. When used with old clients, all new messages are automatically disabled.
* vhost-user no longer sents the RESET_OWNER message on device stop. The only QEMU version that sent it was 2.4, the message is now officially deprecated.
* migration now works when virtio 1 is enabled for virtio-pci
* For virtio-pci, virtio 1 performance on kvm on Intel CPUs has been improved (on kernel 4.4 and up).
* a new flag modern-pio-notify can be used to enable PIO for notifications in virtio 1 mode, to improve performance for host kernels older than 4.4, and processors without EPT support.
* virtio devices can now be placed on the pci express bus
* vhost is no longer disabled when guest does not use MSI-X. The vhostforce flag is no longer required.
* in virtio 1 mode, scsi passthrough is now disabled for virtio blk
* Please note that for virtio-pci, the modern (virtio 1) interface is still disabled by default. To enable, set the flag disable-modern=off.
==== VGA ====
=== Character devices ===
=== GUI ===
* New syntax for enabling TLS in the VNC server:
** Equivalent to <tt>-vnc hostname:0,tls</tt>: <tt>-object tls-creds-anon,id=tls0,endpoint=server -vnc hostname:0,tls-creds=tls0</tt>
** Equivalent to <tt>-vnc hostname:0,tls,x509=/path/to/certs</tt>: <tt>-object tls-creds-x509,id=tls0,endpoint=server,dir=/path/to/certs,verify-peer=no -vnc hostname:0,tls-creds=tls0</tt>
** Equivalent to <tt>-vnc hostname:0,tls,x509verify=/path/to/certs</tt>: <tt>-object tls-creds-x509,id=tls0,endpoint=server,dir=/path/to/certs,verify-peer=yes -vnc hostname:0,tls-creds=tls0</tt>
* The Cocoa GUI does not have show an 'open image file' dialog box anymore even if QEMU is started without arguments
* Thu curses GUI supports 256 colors and line graphics.
=== Monitor ===
* New "info iothreads" command.
* New "query-qmp-schema" command allows the caller to [[Features/QMP/Introspection | introspect the QMP schema]] used by QEMU.
=== Migration ===
* [[Features/PostCopyLiveMigration | Postcopy migration]] for migration of large/busy guests
* A more flexible [[Features/AutoconvergeLiveMigration | auto-converge mechanism]] (for busy guests)
=== Network ===
* Support for multiqueue in vhost-user.
* Support for network filters. Currently, the only filter objects are "filter-buffer", which batches packets every N microseconds, and "filter-dump", which can be used to log the network traffic in a file. Filters are attached to a netdev device using e.g. "-object filter-buffer,id=filter,netdev=net0,queue=rx,interval=1000" (which creates a 1ms filter-buffer).
=== Block devices in system emulation ===
=== Command-line options ===
=== TCG ===
* Improved system emulation performance for targets with software TLBs (e.g. SPARC).
* Initial support for [[Features/record-replay | record/replay]].
== Block devices and tools ==
* The HMP "change" command (QMP's “"lockdev-change-medium") now allows you to change the read-only mode of the device (e.g. when inserting a read-only floppy disk image into a previously R/W drive)
* Fine-grained control over a block device's tray with the new QMP commands "blockdev-open-tray", "blockdev-close-tray", "x-blockdev-insert-medium", and "x-blockdev-remove-medium" (the latter two are experimental for now)
* New "reopen" command in qemu-io
* block-dirty-bitmap-add and block-dirty-bitmap-clear transaction actions have been added to now fully support (transient) incremental bitmap usage and management.
* QMP transactions now support a "completion-mode" parameter which controls the completion behavior of jobs launched by transactions, which will allow them to fail together. See the [https://github.com/qemu/qemu/blob/master/docs/bitmaps.md bitmaps.md] documentation for how this affects incremental backups.
* Block I/O accounting can now report average queue depth, min/avg/max latency, and failed/invalid request counts
* qcow2 learnt a new option ''cache-clean-interval'', which allows to free unused cache entries after some time.
* An experimental QMP command ''x-blockdev-del'' was added as a completement for the (also still experimental) ''blockdev-add'' command.
* A new QMP command ''blockdev-snapshot'' that allows creating a snapshot using as overlay an image previously opened with ''blockdev-add''. This allows opening the overlay image with arbitrary run-time options, solving one of the limitations of ''blockdev-snapshot-sync''.
* It is now possible to open an image without its backing file by specifying the empty string as a backing file reference when opening the image. This is useful for creating snapshots, since images opened with ''blockdev-add'' are not supposed to have a backing file before the ''blockdev-snapshot'' operation.
* Host CD-ROM support now works on Mac OS X hosts
* Host floppy support has been removed (it was deprecated in QEMU 2.3)
* The temporary "x-data-plane=on/off" option for virtio-blk device is removed now, all users are requested to use the canonical "-object iothread,id=<id> -device virtio-blk,iothread=<id>,..." syntax.
== Audio ==
== Guest agent ==
* Add an optional qemu-ga.conf system configuration
* Support for dumping the configuration current file with --dump-conf
* Win32 support for guest-set-user-password
* New command guest-exec
== User-mode emulation ==
* The configure option --disable-guest-base has been removed.
== Build dependencies ==
* libcacard has been moved to a standalone project, hosted at git://anongit.freedesktop.org/spice/libcacard. The libcacard library from QEMU 2.4 can also be used to build QEMU 2.5.
* virtio-gpu 3D support requires virglrenderer.
== Known issues ==
* SDL audio only works with SDL 1.x.
* 64-bit QEMU might crash on Windows (problems with stack unwinding, depends on build environment, [8fa9c07c9a possible fix])
* QEMU's configure script fails with pdksh from OpenBSD (see [https://bugs.launchpad.net/qemu/+bug/1525682 bug #1525682]. Using another shell with configure should work.
Problems found with existing digests:
Package suse131_libSDL
1c4d17a53bece6243cb3e6dd11c36d50f851a4f4 [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Package suse131_libdbus
de99fcfa8e2c7ced28caf38c24d217d6037aaa56 [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Package suse131_qt4
94daff738912c96ed8878ce1a131cd49fb379206 [recorded]
886206018431aee9f8a01e1fb7e46973e8dca9d9 [calculated]
Problems found locating distfiles for atari800, compat12, compat 13,
compat14, compat15, compat20, compat30, compat40, compat50,
compat50-x11, compat51, compat51-x11, compat60, compat61,
compat61-x11, fmsx, osf1_lib, vice, xbeeb, xm7.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Changelog:
* net: avoid infinite loop when receiving packets(CVE-2015-5278)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, leading to an infinite
loop situation.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 737d2b3c41d59eb8f94ab7eb419b957938f24943)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
* net: add checks to validate ring buffer pointers(CVE-2015-5279)
Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, which could lead to a
memory buffer overflow. Added other checks at initialisation.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 9bbdbc66e5765068dce76e9269dce4547afd8ad4)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
* e1000: Avoid infinite loop in processing transmit descriptor (CVE-2015-6815)
While processing transmit descriptors, it could lead to an infinite
loop if 'bytes' was to become zero; Add a check to avoid it.
[The guest can force 'bytes' to 0 by setting the hdr_len and mss
descriptor fields to 0.
--Stefan]
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 1441383666-6590-1-git-send-email-stefanha@redhat.com
(cherry picked from commit b947ac2bf26479e710489739c465c8af336599e7)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
* vnc: fix memory corruption (CVE-2015-5225)
The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
memory corruption issues" can become negative. Result is (possibly
exploitable) memory corruption. Reason for that is it uses the stride
instead of bytes per scanline to apply limits.
For the server surface is is actually fine. vnc creates that itself,
there is never any padding and thus scanline length always equals stride.
For the guest surface scanline length and stride are typically identical
too, but it doesn't has to be that way. So add and use a new variable
(guest_ll) for the guest scanline length. Also rename min_stride to
line_bytes to make more clear what it actually is. Finally sprinkle
in an assert() to make sure we never use a negative _cmp_bytes again.
Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com>
Reviewed-by: P J P <ppandit@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit eb8934b0418b3b1d125edddc4fc334a54334a49b)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Changelog:
# System emulation
## Incompatible changes
* The handling of the floppy device controller is different between <2.4 and >=2.4 machine types that use the Q35 chipset (e.g. "-M pc-q35-2.3" vs. "-M pc-q35-2.4"). This can cause problems if you are defining floppy drives with command-line options such as "-global isa-fdc.driveA=id.
* The ARM 'virt' board default interface type has changed from IDE to virtio. This means that some incorrect command lines that we previously silently accepted will now fail with an error message like "qemu-system-arm: -drive file=img.qcow2,id=foo: Drive 'foo' is already in use because it has been automatically connected to another device (did you need 'if=none' in the drive options?)". As the error message suggests, you should add "if=none" to the -drive option to fix this.
## Future incompatible changes
* Three options are using different names on the command line and in configuration file. In particular:
** The "acpi" configuration file section matches command-line option "acpitable";
** The "boot-opts" configuration file section matches command-line option "boot";
** The "smp-opts" configuration file section matches command-line option "smp".
-readconfig will standardize on the name for the command line option.
* Behavior of automatic calculation of SMP topology when some SMP topology options for -smp are omitted (sockets, cores, threads) will change in the future. If guest ABI needs to be preserved on upgrades while using the SMP topology options, users should either set set all options explicitly (sockets, cores, threads), or omit all of them.
* Image encryption is fatally flawed, and will be dropped entirely. It'll remain available only in qemu-img, so you can use 'qemu-img convert' to convert encrypted images to uncrypted ones.
* Host floppy device pass-through (block driver "host_floppy") is deprecated, and will be dropped in a future release.
* Block device parameter aio=native has no effect without cache.direct=on. It will be made an error.
* A few devices will be configured with explicit properties instead of implicitly. Unlikely to affect users; for the full list, see the 2.3 ChangeLog.
* QMP command blockdev-add is still a work in progress. It doesn't support all block drivers, it lacks a matching blockdev-del, and more. It might change incompatibly.
* The configure option --disable-guest-base is unneeded and will be removed in a future release.
## Alpha
* Major fixes to the implementation of floating point exceptions.
## ARM
* New board model xlnx-ep108
* Support for ACPI v5.1 tables in the "-M virt" board.
* Support for instantiation sysbus devices from the command line (using "-device") in the "-M virt" board.
* Emulation of the stream ID for MSI writes, for use in GICv3.
* The "virt" board default drive type is now virtio; this means that drives created with if=virtio or with no if= specification will be created as drives plugged into a virtio-blk-pci device. Short form options like -hda will also create this kind of drive. (Note that at time of writing Linux only supports the virt board's PCI controller for 32-bit ARM kernels; support has not yet made it into the 64-bit kernels. So 64-bit guests will need to continue using long command lines and virtio-mmio for now.) Unfortunately this means that some old command lines will need to change -- see the "incompatible changes" section above for details.
## MIPS
* More accurate emulation of the dp8393x network card and RC4030 DMA/IOMMU controller.
* Support for microMIPS32 R6 emulation (enabled in new "-cpu mips32r6-generic")
* Support for unaligned R6 and MSA memory accesses in TCG
* Support for XPA in MIPS32 and LPA in MIPS64 (eXtended and Large Physical Addressing) emulation
* Support for MIPS UHI semihosting
## PowerPC
* The default RAM size for the pseries machine is 512 MB.
* Support of PCI device hotplug on SPAPR (pSeries).
## s390
* Channel I/O is now available when running with TCG. Thus, the default machine for qemu-system-s390x is now s390-ccw.
* Several other fixes for TCG (emulation) mode.
* Extended name and UUID in STSI 3.2.2 information block
* Support for reading/writing guest memory while holding the IPTE lock under KVM, including access register mode
* Various cleanups in the s390-virtio and virtio-ccw transports
* Support for diag288 watchdog (KVM only).
* Support for vector registers
* Add virtio-1 specific ccws to virtio-ccw (SET_REV and v1 version of SET_VQ)
** Revision 1 (and therefore virtio 1.0) is not yet enabled, however.
* The s390-ccw-virtio machine is now versioned; the first versioned machine is s390-ccw-virtio-2.4
** The s390-ccw alias has been removed
## SH
* Optimizations to code generated by TCG.
## SPARC
* Fix SunOS 4.1.4 boot on sun4m with OpenBIOS
## x86
* Improvements to system management mode emulation, including support for high SMRAM and TSEG on machines using the Q35 chipset.
* q35 machine types starting with pc-q35-2.4.0 do not have a floppy disk controller. It will be created if you use "-drive if=floppy", "-fda" or "-fdb" to add a floppy disk drive, or it can be created if necessary with "-device isa-fdc".
* q35 now implements the TCO watchdog. Unlike real hardware, the watchdog is disabled when the virtual machine boot, so as to let existing firmware run with new QEMU. This may change in the future, but the change would be restricted to new machine types.
## KVM
* Support for MMIO operations outside the "big QEMU lock". For now, this only applies to the ACPI PM timer, which can alone improve performance substantially for very large Windows guests as long as they do not span multiple NUMA nodes in the host. For guests that span multiple NUMA nodes more kernel changes are required.
* Support for system management mode (requires Linux 4.1).
* When running under KVM, CPUID information includes the ARAT ("Always running APIC timer") bit
# Device emulation and assignment
## ACPI
* Support for memory hot-unplug.
* S3/S4 states can be disabled for boards using the Q35 machine type via "-global ICH9_LPC.disable_s3=on" and"-global ICH9_LPC.disable_s4=on"
## Block devices
* Minimal support in NVMe emulation for the NVME_VOLATILE_WRITE_CACHE feature.
* The infamous floppy device controller is not added to Q35 boards if not explicitly requested and no floppy drives are specified with "-drive if=floppy".
* I/O throttling now supports "groups" so multiple disks can use share a budget (use -drive groups=<name>)
* Performance of the parallels image format block driver has been improved
## Character devices
* Improved support for flow control in virtio-serial.
## IDE
* Fix macio CDROM detection for PPC
* Fix macio data corruption bug under Darwin/OS X PPC
* AHCI support rerror=stop and werror=stop.
## Mouse/keyboard
* Support for virtio-keyboard, virtio-mouse, virtio-tablet.
## Network
* Support for the "rocker" L2 switch device.
## SCSI
* scsi-generic now supports migration.
## PCI/PCIe
* Support for extra PCI root buses using PCI expander bridge devices. Unlike PCI-PCI bridges, a PCI expander bridge's bus can be associated with a NUMA node, allowing the guest OS to recognize the proximity of a device to RAM and CPUs.
## TPM
* Support for TPM 2
## VFIO
* Support for resetting AMD Bonaire and Hawaii GPUs
* Platform device passthrough support for Calxeda xgmac devices
## virtio
* Support for up to 1024 queues.
* Support for ioeventfd in virtio-mmio.
* FIXME: virtio 1
* New virtio-gpu device (only supports accelerated 2D for now)
* New virtio-input-host, virtio-keyboard, virtio-mouse and virtio-tablet devices (and corresponding virtio-*-pci devices for use on a PCI bus).
* Support for cross-endian vhost (i.e. little-endian host and big-endian guest, or vice versa).
* vhost can now be enabled even if MSI-X is not
* virtio-balloon can tell the guest that it should deflate the balloon on OOM conditions.
## VGA
* Support for virtio-vga, a VGA device that also supports the virtio-gpu interface.
## Character devices
* Improved support for flow control in spice-char.
## GUI
* Support for OpenGL-based display rendering in the SDL2 and GTK+ backend. This is preparatory work for 3D acceleration.
* Improvements to the Cocoa front-end, fixing full-screen mode and adding a list of consoles to the View menu.
* The two extra keys in Brazilian 107-key keyboards are now usable.
## Monitor
* qmp: New MIGRATION event to communicate change in the migration state
## Migration
* Support for compression of RAM data using multiple threads for compression and decompression (using migration capability "compress" and migration parameters "compress_threads", "compress_level" and "decompress_threads").
## Network
* Support for multi-queue vhost-user backends.
## Block devices in system emulation
* The BLOCK_IMAGE_CORRUPTED event has a new "node-name" field.
* FIXME: Throttle groups
* Block device mirroring supports concurrent unmap (aka discard or trim) operations on the source device and can create a thin-provisioned image in this case.
* Block device mirroring can use discard or "write zero" operations to speed up copying of large zero regions.
* FIXME: incremental backup?
## Command-line options
* A longhand version of -global (-global driver=DRIVER,property=PROP,value=VAL) is introduced, to set properties globally for devices that have a period in their name. The older syntax -global DRIVER.PROP=VAL did not allow this.
* New option -fw_cfg to pass arbitrary binary data to the guest.
## TCG
* New command line option "-icount sleep=no". The option will run emulation at the maximum possible speed: every time the CPU would go to sleep, the virtual clock will move to the next timer deadline. For virtual machines that have no other sources of non-determinism (e.g. asynchronous block I/O, character devices or user input) this will also make execution deterministic.
# Block devices and tools
* The "null" block device now has a new "latency-ns" option to delay the answer from the block device.
* The iscsi driver can use the target's FUA capabilities to greatly improve roundtrip times in write-through caching modes (cache.writeback=off). These modes are recommended when the storage has a non-volatile (battery-backed) cache.
* Parallels format driver now supports image creation and write to the image. Performance is significantly improved.
* qcow2 performance improvements.
* qemu-io supports encrypted qcow2 images (which are deprecated).
# Audio
* Obsolete audio backends have been removed: esd (superseded by pulseaudio), winwave (superseded by dsound), fmod (not compatible with the GPL)
# Guest agent
* Support for building a .msi file with the Windows version of the guest agent ("make msi"). This requires msitools.
* qemu-ga implements guest-get-fsinfo and guest-network-get-interfaces on Windows too
# User-mode emulation
* The default CPU for qemu-sh4 and qemu-sh4eb is the sh7785.
# Build dependencies
* QEMU now requires a minimum glib version of 2.22. (In particular, we will no longer build on a stock RHEL5 or Centos 5 system.)
* QEMU can now optionally be linked against tcmalloc.
* QEMU now compiles using clang 3.5 without warnings, which includes disabling GCC features not supported by clang.
* QEMU now compiles with ICC.
* libepoxy is required to compile QEMU with OpenGL support.
* Building on Mac OS X versions earlier than 10.5 is no longer supported.
* Sound on Windows now requires DirectSound (the old 'winwave' default audio backend has been dropped).
# Known issues
* SDL audio only works with SDL 1.x.
* Problems with QEMU for Windows and builds from newer versions of MinGW-w64, see this thread on qemu-devel (this is not a regression, other versions are also affected)
** Crash of 64-bit QEMU (Fix)
** Broken networking (Fix)
* Incomplete translations for GTK user interface
fdc: force the fifo access to be in bounds of the allocated buffer
During processing of certain commands such as FD_CMD_READ_ID and
FD_CMD_DRIVE_SPECIFICATION_COMMAND the fifo memory access could
get out of bounds leading to memory corruption with values coming
from the guest.
Fix this by making sure that the index is always bounded by the
allocated memory.
XXX pull-up where applicable
Changelog:
* Support for 32-bit KVM guests on 64-bit ARM hosts
* Support for running KVM under valgrind
* New IvyBridge CPU model for x86 guests
* Xen: support for ioreq-server API
* New 5KEc and 5KEf MIPS64r2, and M14K and M14Kc MIPS32r2
microMIPS CPU models for MIPS guests
* Basic support for transactional memory extentions in PowerPC guests
* Improved VGA support for little-endian PPC/pSeries guests
* PCI bus support for s390x guests
* Support for automatic guest device unplug when passthrough devices
are unbound from VFIO host driver
* Improved UI performance/support for GTK+/VNC/SDL/Spice, and VNC
support for multiseat
* Performance improvements for virtio-blk emulation: asynchronous SCSI
request handling, and disk read merging.
* QEMU Guest Agent: now also supports file operations in Windows guests,
can be used to enable/disable memory blocks in linux guests in
support for memory hotplug.
* Migration can now include a JSON description of migration stream to aid
in identifying incompatibilities betweens guests/hosts.
* And lots more...
