It seem that on Ubuntu they reverted the patch See https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1612089 I tested on Ubuntu with 14.04 and it working ii ipxe-qemu 1.0.0+git-20131111.c3d1e78-2ubuntu1.1 all PXE boot firmware - ROM images for qemu ii qemu-keymaps 2.0.0+dfsg-2ubuntu1.22 all QEMU keyboard maps ii qemu-kvm 2.0.0+dfsg-2ubuntu1.27 amd64 QEMU Full virtualization ii qemu-system-common 2.0.0+dfsg-2ubuntu1.22 amd64 QEMU full system emulation binaries (common files) ii qemu-system-x86 2.0.0+dfsg-2ubuntu1.27 I also test it with Ubuntu 16.04 and it working. But on redhat 7.2 I still have the issue. qemu-img-1.5.3-105.el7_2.7.x86_64 libvirt-daemon-driver-qemu-1.2.17-13.el7_2.5.x86_64 qemu-system-x86-2.0.0-1.el7.6.x86_64 ipxe-roms-qemu-20160127-1.git6366fa7a.el7.noarch qemu-common-2.0.0-1.el7.6.x86_64 qemu-kvm-common-1.5.3-105.el7_2.7.x86_64 qemu-kvm-1.5.3-105.el7_2.7.x86_64 I didn't find new packages that revert the patch. Does anyone know what is the plan for RedHat?

-----Original Message----- From: Moshe Levi Sent: Monday, August 08, 2016 2:50 PM To: Libvirt <libvir-list@redhat.com> Subject: Virtqueue size exceeded error when resuming VM

Hi, A new security fix [1],[2] and [3] merged to qemu. After updating the packages we started to get "qemu-system-x86_64: Virtqueue size exceeded", when resuming the guest.

Our environment is OpenStack master and we have Mellanox CI that test SR- IOV functionality. Ubuntu 14.04 with Qemu 2.0.0+dfsg-2ubuntu1.26 that contains the fixes see [2] ii qemu-kvm 2.0.0+dfsg-2ubuntu1.26 amd64 QEMU Full virtualization ii qemu-system-x86 2.0.0+dfsg-2ubuntu1.26 amd64 QEMU full system emulation binaries (x86) ii qemu-utils 2.0.0+dfsg-2ubuntu1.26 amd64 QEMU utilities Our CI started to fail last week when this security packages released.

The scenarios is as follows (sorry for the OpenStack commands :)) : 1. nova boot guest 2. nova suspend guest 3. nova resume guest

The result is that the guest is in poweroff state and when I power it on everything is working fine.

I tested in direct port (SR-IOV) and normal port (virtual port) and it happens in both cases.

According to the [3] it prevent from malicious guest to submit more requests than the virtqueuesize permits. Our CI uses proprietary Cirros image with mlnx4_en driver. (http://13.69.151.247/images/mellanox_eth.img) I started to test it with other images to see if the problem with our image. I also tested with Ubuntu image - https://cloud- images.ubuntu.com/wily/current/wily-server-cloudimg-amd64-disk1.img And OpenStack Cirros image http://download.cirros-cloud.net/0.3.4/cirros- 0.3.4-x86_64-disk.img

The Ubuntu image had the same failure, but the Cirros worked.

I wonder if there is a problem with the patch or with the images? What in these images can make them malicious guest?

[1] - https://access.redhat.com/security/cve/cve-2016-5403 [2] - http://www.ubuntu.com/usn/usn-3047-1/ [3] - https://lists.gnu.org/archive/html/qemu-devel/2016-07/msg06257.html