Fwd: virt-v2v creating image that does not install guest agent on first boot
by Richard W.M. Jones
This message got caught in moderation because the attachment
was large. I put the attachment here:
http://oirase.annexia.org/tmp/2023-lgarrett-virt-v2v-debug-output.txt
----- Forwarded message from Lee Garrett <lgarrett(a)rocketjump.eu> -----
Date: Sun, 10 Sep 2023 00:09:17 +0200
From: Lee Garrett <lgarrett(a)rocketjump.eu>
To: libguestfs(a)redhat.com
Subject: virt-v2v creating image that does not install guest agent on first
boot
Hi,
rwmjones from #guestfs on libera IRC pointed me to this mail address.
I've noticed that converting the latest Windows 11 trial image via
virt-v2v does not install the guest agent any more on first boot. I
have let the machine settle for ~10 minutes to ensure it's not just
because I'm too impatient. I can see C:\qemu-ga-x86-64.msi, and also a
bunch of files in "C:\Program Files\Guestfs\Firstboot\" and
.\Scripts, so the files are definitely copied onto the VM image, just
not executed for some reason.
The vmware image was downloaded from https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/.
The issue should be 100% reproducible (at least for me). I recall that
an older image from two, three weeks ago downloaded from the same
location did not have this issue. There guest agent was installed and
working on the first boot. Unfortunately I overwrote the image so I
cannot verify this.
I have attached the debug output of the virt-v2v run of the latest
image where this issue is apparent (guest agent not being installed).
Please let me know if there's anything else I can check, or if you
need any further info.
Cheers,
Lee
----- End forwarded message -----
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
1 year, 3 months
[PATCH libnbd 0/5] copy: Allow human sizes for --queue-size, etc
by Richard W.M. Jones
See companion patch:
Subject: [PATCH nbdkit] server: Move size parsing code (nbdkit_parse_size) to common/include
This is the second part of the patch. It adds the new
human_size_parse function to libnbd and then uses it for parsing
--queue-size, --request-size and --sparse.
The main complication here is that there was already a
common/utils/human-size.h header which ends up (eventually) being
combined with the new header, but the process to get there and ensure
that git bisection works is lengthy.
Eventually we can copy the new, combined "human-size.h" back to
nbdkit, but I didn't add that yet.
Rich.
1 year, 3 months
[PATCH v7 00/12] NBD 64-bit extensions for qemu
by Eric Blake
v6 was here:
https://lists.gnu.org/archive/html/qemu-devel/2023-08/msg05231.html
Since then:
- patches v6 1-5 included in pull request
- patch v6 6 logic improved, now v7 patch 1
- rebased to master
Still needing review:
- patch 1,6,7,11,12
Eric Blake (12):
nbd/server: Support a request payload
nbd/server: Prepare to receive extended header requests
nbd/server: Prepare to send extended header replies
nbd/server: Support 64-bit block status
nbd/server: Enable initial support for extended headers
nbd/client: Plumb errp through nbd_receive_replies
nbd/client: Initial support for extended headers
nbd/client: Accept 64-bit block status chunks
nbd/client: Request extended headers during negotiation
nbd/server: Refactor list of negotiated meta contexts
nbd/server: Prepare for per-request filtering of BLOCK_STATUS
nbd/server: Add FLAG_PAYLOAD support to CMD_BLOCK_STATUS
docs/interop/nbd.txt | 1 +
include/block/nbd.h | 5 +-
nbd/nbd-internal.h | 5 +-
block/nbd.c | 67 ++-
nbd/client-connection.c | 2 +-
nbd/client.c | 124 ++++--
nbd/server.c | 418 ++++++++++++++----
qemu-nbd.c | 4 +
block/trace-events | 1 +
nbd/trace-events | 5 +-
tests/qemu-iotests/223.out | 18 +-
tests/qemu-iotests/233.out | 4 +
tests/qemu-iotests/241.out | 3 +
tests/qemu-iotests/307.out | 15 +-
.../tests/nbd-qemu-allocation.out | 3 +-
15 files changed, 516 insertions(+), 159 deletions(-)
--
2.41.0
1 year, 3 months
libguestfs kernel panic
by Clark, Dennis
[root@ol-kvm-h01 work]# LIBGUESTFS_BACKEND=direct libguestfs-test-tool
************************************************************
* IMPORTANT NOTICE
*
* When reporting bugs, include the COMPLETE, UNEDITED
* output below in your bug report.
*
************************************************************
libguestfs: trace: set_verbose true
libguestfs: trace: set_verbose = 0
libguestfs: trace: set_backend "direct"
libguestfs: trace: set_backend = 0
libguestfs: trace: set_verbose true
libguestfs: trace: set_verbose = 0
LIBGUESTFS_BACKEND=direct
LIBGUESTFS_TRACE=1
LIBGUESTFS_DEBUG=1
PATH=/usr/share/Modules/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
SELinux: Enforcing
libguestfs: trace: add_drive_scratch 104857600
libguestfs: trace: get_tmpdir
libguestfs: trace: get_tmpdir = "/tmp"
libguestfs: trace: disk_create "/tmp/libguestfsTuyhmZ/scratch1.img" "raw" 104857600
libguestfs: trace: disk_create = 0
libguestfs: trace: add_drive "/tmp/libguestfsTuyhmZ/scratch1.img" "format:raw" "cachemode:unsafe"
libguestfs: trace: add_drive = 0
libguestfs: trace: add_drive_scratch = 0
libguestfs: trace: get_append
libguestfs: trace: get_append = "NULL"
guestfs_get_append: (null)
libguestfs: trace: get_autosync
libguestfs: trace: get_autosync = 1
guestfs_get_autosync: 1
libguestfs: trace: get_backend
libguestfs: trace: get_backend = "direct"
guestfs_get_backend: direct
libguestfs: trace: get_backend_settings
libguestfs: trace: get_backend_settings = []
guestfs_get_backend_settings: []
libguestfs: trace: get_cachedir
libguestfs: trace: get_cachedir = "/var/tmp"
guestfs_get_cachedir: /var/tmp
libguestfs: trace: get_hv
libguestfs: trace: get_hv = "/usr/libexec/qemu-kvm"
guestfs_get_hv: /usr/libexec/qemu-kvm
libguestfs: trace: get_memsize
libguestfs: trace: get_memsize = 1280
guestfs_get_memsize: 1280
libguestfs: trace: get_network
libguestfs: trace: get_network = 0
guestfs_get_network: 0
libguestfs: trace: get_path
libguestfs: trace: get_path = "/usr/lib64/guestfs"
guestfs_get_path: /usr/lib64/guestfs
libguestfs: trace: get_pgroup
libguestfs: trace: get_pgroup = 0
guestfs_get_pgroup: 0
libguestfs: trace: get_program
libguestfs: trace: get_program = "libguestfs-test-tool"
guestfs_get_program: libguestfs-test-tool
libguestfs: trace: get_recovery_proc
libguestfs: trace: get_recovery_proc = 1
guestfs_get_recovery_proc: 1
libguestfs: trace: get_smp
libguestfs: trace: get_smp = 1
guestfs_get_smp: 1
libguestfs: trace: get_sockdir
libguestfs: trace: get_sockdir = "/tmp"
guestfs_get_sockdir: /tmp
libguestfs: trace: get_tmpdir
libguestfs: trace: get_tmpdir = "/tmp"
guestfs_get_tmpdir: /tmp
libguestfs: trace: get_trace
libguestfs: trace: get_trace = 1
guestfs_get_trace: 1
libguestfs: trace: get_verbose
libguestfs: trace: get_verbose = 1
guestfs_get_verbose: 1
host_cpu: x86_64
Launching appliance, timeout set to 600 seconds.
libguestfs: trace: launch
libguestfs: trace: max_disks
libguestfs: trace: max_disks = 255
libguestfs: trace: version
libguestfs: trace: version = <struct guestfs_version = major: 1, minor: 44, release: 0, extra: rhel=8,release=5.0.1.module+el8.7.0+21035+a8208c98,libvirt, >
libguestfs: trace: get_backend
libguestfs: trace: get_backend = "direct"
libguestfs: launch: program=libguestfs-test-tool
libguestfs: launch: version=1.44.0rhel=8,release=5.0.1.module+el8.7.0+21035+a8208c98,libvirt
libguestfs: launch: backend registered: unix
libguestfs: launch: backend registered: uml
libguestfs: launch: backend registered: libvirt
libguestfs: launch: backend registered: direct
libguestfs: launch: backend=direct
libguestfs: launch: tmpdir=/tmp/libguestfsTuyhmZ
libguestfs: launch: umask=0022
libguestfs: launch: euid=0
libguestfs: trace: get_cachedir
libguestfs: trace: get_cachedir = "/var/tmp"
libguestfs: begin building supermin appliance
libguestfs: run supermin
libguestfs: command: run: /usr/bin/supermin
libguestfs: command: run: \ --build
libguestfs: command: run: \ --verbose
libguestfs: command: run: \ --if-newer
libguestfs: command: run: \ --lock /var/tmp/.guestfs-0/lock
libguestfs: command: run: \ --copy-kernel
libguestfs: command: run: \ -f ext2
libguestfs: command: run: \ --host-cpu x86_64
libguestfs: command: run: \ /usr/lib64/guestfs/supermin.d
libguestfs: command: run: \ -o /var/tmp/.guestfs-0/appliance.d
supermin: version: 5.2.1
supermin: rpm: detected RPM version 4.14
supermin: rpm: detected RPM architecture x86_64
supermin: package handler: fedora/rpm
supermin: acquiring lock on /var/tmp/.guestfs-0/lock
supermin: if-newer: output does not need rebuilding
libguestfs: finished building supermin appliance
libguestfs: begin testing qemu features
libguestfs: trace: get_cachedir
libguestfs: trace: get_cachedir = "/var/tmp"
libguestfs: checking for previously cached test results of /usr/libexec/qemu-kvm, in /var/tmp/.guestfs-0
libguestfs: loading previously cached test results
libguestfs: qemu version: 6.2
libguestfs: qemu mandatory locking: yes
libguestfs: qemu KVM: enabled
libguestfs: trace: get_backend_setting "force_tcg"
libguestfs: trace: get_backend_setting = NULL (error)
libguestfs: trace: get_sockdir
libguestfs: trace: get_sockdir = "/tmp"
libguestfs: finished testing qemu features
libguestfs: trace: get_backend_setting "gdb"
libguestfs: trace: get_backend_setting = NULL (error)
libguestfs: command: run: file
libguestfs: command: run: \ -- /var/tmp/.guestfs-0/appliance.d/root
/usr/libexec/qemu-kvm \
-global virtio-blk-pci.scsi=off \
-no-user-config \
-enable-fips \
-nodefaults \
-display none \
-machine accel=kvm:tcg \
-cpu host \
-m 1280 \
-no-reboot \
-rtc driftfix=slew \
-no-hpet \
-global kvm-pit.lost_tick_policy=discard \
-kernel /var/tmp/.guestfs-0/appliance.d/kernel \
-initrd /var/tmp/.guestfs-0/appliance.d/initrd \
-object rng-random,filename=/dev/urandom,id=rng0 \
-device virtio-rng-pci,rng=rng0 \
-device virtio-scsi-pci,id=scsi \
-drive file=/tmp/libguestfsTuyhmZ/scratch1.img,cache=unsafe,format=raw,id=hd0,if=none \
-device scsi-hd,drive=hd0 \
-drive file=/var/tmp/.guestfs-0/appliance.d/root,snapshot=on,id=appliance,cache=unsafe,if=none,format=raw \
-device scsi-hd,drive=appliance \
-device virtio-serial-pci \
-serial stdio \
-device sga \
-chardev socket,path=/tmp/libguestfsWsaSSV/guestfsd.sock,id=channel0 \
-device virtserialport,chardev=channel0,name=org.libguestfs.channel.0 \
-append "panic=1 console=ttyS0 edd=off udevtimeout=6000 udev.event-timeout=6000 no_timer_check printk.time=1 cgroup_disable=memory usbcore.nousb cryptomgr.notests tsc=reliable 8250.nr_uarts=1 root=UUID=87d4a125-2636-4712-8847-0665c39d6774 selinux=0 guestfs_verbose=1 TERM=xterm"
qemu-kvm: -enable-fips: warning: -enable-fips is deprecated, please build QEMU with the `libgcrypt` library as the cryptography provider to enable FIPS compliance
qemu-kvm: -device sga: warning: -device sga is deprecated, use -machine graphics=off
libguestfs: responding to serial console Device Status Report
\x1b[1;256r\x1b[256;256H\x1b[6n
Google, Inc.
Serial Graphics Adapter 04/01/23
SGABIOS $Id$ (mockbuild@) Sat Apr 1 07:37:40 UTC 2023
Term: 80x24
4 0
SeaBIOS (version 1.16.0-3.module+el8.8.0+20990+60c1530a)
Booting from ROM...
\x1b[2J[ 0.000000] Linux version 5.15.0-105.125.6.2.2.el8uek.x86_64 (mockbuild@host-100-100-224-56) (gcc (GCC) 11.2.1 20220127 (Red Hat 11.2.1-9.1.0.6), GNU ld version 2.36.1-2.0.1.el8) #2 SMP Tue Sep 19 21:02:08 PDT 2023
[ 0.000000] Command line: panic=1 console=ttyS0 edd=off udevtimeout=6000 udev.event-timeout=6000 no_timer_check printk.time=1 cgroup_disable=memory usbcore.nousb cryptomgr.notests tsc=reliable 8250.nr_uarts=1 root=UUID=87d4a125-2636-4712-8847-0665c39d6774 selinux=0 guestfs_verbose=1 TERM=xterm
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009f7ff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009f800-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000004ffdcfff] usable
[ 0.000000] BIOS-e820: [mem 0x000000004ffdd000-0x000000004fffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.8 present.
[ 0.000000] DMI: Red Hat KVM, BIOS 1.16.0-3.module+el8.8.0+20990+60c1530a 04/01/2014
[ 0.000000] Hypervisor detected: KVM
[ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
[ 0.000000] kvm-clock: cpu 0, msr 15c01001, primary cpu clock
[ 0.000001] kvm-clock: using sched offset of 302829251 cycles
[ 0.000003] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[ 0.000006] tsc: Detected 2445.374 MHz processor
[ 0.000330] last_pfn = 0x4ffdd max_arch_pfn = 0x400000000
[ 0.000941] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
[ 0.004022] found SMP MP-table at [mem 0x000f5b50-0x000f5b5f]
[ 0.004299] Using GB pages for direct mapping
[ 0.004751] RAMDISK: [mem 0x4f76e000-0x4ffcffff]
[ 0.004859] ACPI: Early table checksum verification disabled
[ 0.004897] ACPI: RSDP 0x00000000000F5930 000014 (v00 BOCHS )
[ 0.004902] ACPI: RSDT 0x000000004FFE17D1 000030 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.004908] ACPI: FACP 0x000000004FFE16BD 000074 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.004912] ACPI: DSDT 0x000000004FFE0040 00167D (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.004915] ACPI: FACS 0x000000004FFE0000 000040
[ 0.004917] ACPI: APIC 0x000000004FFE1731 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.004920] ACPI: WAET 0x000000004FFE17A9 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.004922] ACPI: Reserving FACP table memory at [mem 0x4ffe16bd-0x4ffe1730]
[ 0.004924] ACPI: Reserving DSDT table memory at [mem 0x4ffe0040-0x4ffe16bc]
[ 0.004925] ACPI: Reserving FACS table memory at [mem 0x4ffe0000-0x4ffe003f]
[ 0.004927] ACPI: Reserving APIC table memory at [mem 0x4ffe1731-0x4ffe17a8]
[ 0.004928] ACPI: Reserving WAET table memory at [mem 0x4ffe17a9-0x4ffe17d0]
[ 0.005808] No NUMA configuration found
[ 0.005811] Faking a node at [mem 0x0000000000000000-0x000000004ffdcfff]
[ 0.005821] NODE_DATA(0) allocated [mem 0x4f743000-0x4f76dfff]
[ 0.006152] Zone ranges:
[ 0.006154] DMA [mem 0x0000000000001000-0x0000000000ffffff]
[ 0.006156] DMA32 [mem 0x0000000001000000-0x000000004ffdcfff]
[ 0.006158] Normal empty
[ 0.006159] Device empty
[ 0.006160] Movable zone start for each node
[ 0.006162] Early memory node ranges
[ 0.006163] node 0: [mem 0x0000000000001000-0x000000000009efff]
[ 0.006165] node 0: [mem 0x0000000000100000-0x000000004ffdcfff]
[ 0.006167] Initmem setup node 0 [mem 0x0000000000001000-0x000000004ffdcfff]
[ 0.006359] On node 0, zone DMA: 1 pages in unavailable ranges
[ 0.006393] On node 0, zone DMA: 97 pages in unavailable ranges
[ 0.007281] On node 0, zone DMA32: 35 pages in unavailable ranges
[ 0.008479] ACPI: PM-Timer IO Port: 0x608
[ 0.008502] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[ 0.008625] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
[ 0.008629] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[ 0.008631] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[ 0.008633] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[ 0.008636] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[ 0.008637] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[ 0.008641] ACPI: Using ACPI (MADT) for SMP configuration information
[ 0.008643] TSC deadline timer available
[ 0.008668] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
[ 0.008755] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
[ 0.008757] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[ 0.008759] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
[ 0.008760] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[ 0.008761] [mem 0x50000000-0xfeffbfff] available for PCI devices
[ 0.008763] Booting paravirtualized kernel on KVM
[ 0.008765] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
[ 0.013702] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:1 nr_cpu_ids:1 nr_node_ids:1
[ 0.013962] percpu: Embedded 62 pages/cpu s217088 r8192 d28672 u2097152
[ 0.014019] kvm-guest: stealtime: cpu 0, msr 4e034080
[ 0.014035] kvm-guest: PV spinlocks disabled, single CPU
[ 0.014040] Built 1 zonelists, mobility grouping on. Total pages: 322269
[ 0.014042] Policy zone: DMA32
[ 0.014043] Kernel command line: panic=1 console=ttyS0 edd=off udevtimeout=6000 udev.event-timeout=6000 no_timer_check printk.time=1 cgroup_disable=memory usbcore.nousb cryptomgr.notests tsc=reliable 8250.nr_uarts=1 root=UUID=87d4a125-2636-4712-8847-0665c39d6774 selinux=0 guestfs_verbose=1 TERM=xterm
[ 0.014179] cgroup: Disabling memory control group subsystem
[ 0.014234] Unknown kernel command line parameters "edd=off udevtimeout=6000 guestfs_verbose=1", will be passed to user space.
[ 0.014461] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear)
[ 0.014513] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
[ 0.014560] mem auto-init: stack:all(zero), heap alloc:off, heap free:off
[ 0.018168] Memory: 260860K/1310188K available (16393K kernel code, 6106K rwdata, 12476K rodata, 3156K init, 18472K bss, 107052K reserved, 0K cma-reserved)
[ 0.018894] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.018944] ftrace: allocating 48548 entries in 190 pages
[ 0.042395] ftrace: allocated 190 pages with 6 groups
[ 0.042735] rcu: Hierarchical RCU implementation.
[ 0.042737] rcu: \tRCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=1.
[ 0.042739] \tRude variant of Tasks RCU enabled.
[ 0.042740] \tTracing variant of Tasks RCU enabled.
[ 0.042742] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
[ 0.042743] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[ 0.047040] NR_IRQS: 524544, nr_irqs: 256, preallocated irqs: 16
[ 0.047582] Console: colour *CGA 80x25
[ 0.282699] printk: console [ttyS0] enabled
[ 0.284290] ACPI: Core revision 20210730
[ 0.285910] APIC: Switch to symmetric I/O mode setup
[ 0.288778] x2apic enabled
[ 0.290884] Switched APIC routing to physical x2apic.
[ 0.297210] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x233fa695ddd, max_idle_ns: 440795303581 ns
[ 0.301201] Calibrating delay loop (skipped) preset value.. 4890.74 BogoMIPS (lpj=2445374)
[ 0.302196] x86/cpu: User Mode Instruction Prevention (UMIP) activated
[ 0.302196] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
[ 0.302196] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
[ 0.302196] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[ 0.302196] Spectre V2 : Mitigation: Retpolines
[ 0.302196] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 0.302196] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT
[ 0.302196] Spectre V2 : Enabling Restricted Speculation for firmware calls
[ 0.302196] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
[ 0.302196] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp
[ 0.302196] Speculative Return Stack Overflow: IBPB-extending microcode not applied!
[ 0.302196] Speculative Return Stack Overflow: WARNING: See https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html for mitigation options.
[ 0.302196] Speculative Return Stack Overflow: Mitigation: safe RET, no microcode
[ 0.302196] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[ 0.302196] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[ 0.302196] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[ 0.302196] x86/fpu: Supporting XSAVE feature 0x200: 'Protection Keys User registers'
[ 0.302196] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
[ 0.302196] x86/fpu: xstate_offset[9]: 832, xstate_sizes[9]: 8
[ 0.302196] x86/fpu: Enabled xstate features 0x207, context size is 840 bytes, using 'compacted' format.
[ 0.302196] Freeing SMP alternatives memory: 40K
[ 0.302196] pid_max: default: 32768 minimum: 301
[ 0.302196] LSM: Security Framework initializing
[ 0.302196] Yama: becoming mindful.
[ 0.302196] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
[ 0.302196] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
[ 0.302196] smpboot: CPU0: AMD EPYC 7J13 64-Core Processor (family: 0x19, model: 0x1, stepping: 0x1)
[ 0.302492] Performance Events: Fam17h+ core perfctr, AMD PMU driver.
[ 0.303217] ... version: 0
[ 0.304208] ... bit width: 48
[ 0.305208] ... generic registers: 6
[ 0.306208] ... value mask: 0000ffffffffffff
[ 0.307208] ... max period: 00007fffffffffff
[ 0.308208] ... fixed-purpose events: 0
[ 0.309208] ... event mask: 000000000000003f
[ 0.310417] signal: max sigframe size: 3376
[ 0.311249] rcu: Hierarchical SRCU implementation.
[ 0.312886] smp: Bringing up secondary CPUs ...
[ 0.313215] smp: Brought up 1 node, 1 CPU
[ 0.314208] smpboot: Max logical packages: 1
[ 0.315209] smpboot: Total of 1 processors activated (4890.74 BogoMIPS)
[ 0.324901] node 0 deferred pages initialised in 7ms
[ 0.325466] devtmpfs: initialized
[ 0.326328] x86/mm: Memory block size: 128MB
[ 0.327887] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
[ 0.328217] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
[ 0.329329] pinctrl core: initialized pinctrl subsystem
[ 0.330798] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[ 0.331474] DMA: preallocated 256 KiB GFP_KERNEL pool for atomic allocations
[ 0.332216] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[ 0.333212] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations
[ 0.334245] audit: initializing netlink subsys (disabled)
[ 0.335453] thermal_sys: Registered thermal governor 'fair_share'
[ 0.335455] thermal_sys: Registered thermal governor 'bang_bang'
[ 0.336214] thermal_sys: Registered thermal governor 'step_wise'
[ 0.337209] thermal_sys: Registered thermal governor 'user_space'
[ 0.338215] cpuidle: using governor menu
[ 0.340213] audit: type=2000 audit(1695904171.489:1): state=initialized audit_enabled=0 res=1
[ 0.343172] HugeTLB: can free 4095 vmemmap pages for hugepages-1048576kB
[ 0.343217] ACPI: bus type PCI registered
[ 0.344209] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[ 0.345512] PCI: Using configuration type 1 for base access
[ 0.346210] PCI: Using configuration type 1 for extended access
[ 0.349764] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible.
[ 0.350377] HugeTLB: can free 7 vmemmap pages for hugepages-2048kB
[ 0.351213] HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages
[ 0.352209] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[ 0.353391] alg: self-tests disabled
[ 0.355881] ACPI: Added _OSI(Module Device)
[ 0.356212] ACPI: Added _OSI(Processor Device)
[ 0.357208] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 0.358213] ACPI: Added _OSI(Processor Aggregator Device)
[ 0.359267] ACPI: Added _OSI(Linux-Dell-Video)
[ 0.360217] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[ 0.361219] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
[ 0.363373] ACPI: 1 ACPI AML tables successfully acquired and loaded
[ 0.365411] ACPI: Interpreter enabled
[ 0.366219] ACPI: PM: (supports S0 S5)
[ 0.367209] ACPI: Using IOAPIC for interrupt routing
[ 0.368224] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[ 0.369386] ACPI: Enabled 2 GPEs in block 00 to 0F
[ 0.373924] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[ 0.374216] acpi PNP0A03:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI EDR HPX-Type3]
[ 0.375639] acpiphp: Slot [2] registered
[ 0.376261] acpiphp: Slot [3] registered
[ 0.377251] acpiphp: Slot [4] registered
[ 0.378253] acpiphp: Slot [5] registered
[ 0.379259] acpiphp: Slot [6] registered
[ 0.380252] acpiphp: Slot [7] registered
[ 0.381254] acpiphp: Slot [8] registered
[ 0.382252] acpiphp: Slot [9] registered
[ 0.383277] acpiphp: Slot [10] registered
[ 0.384251] acpiphp: Slot [11] registered
[ 0.385261] acpiphp: Slot [12] registered
[ 0.386262] acpiphp: Slot [13] registered
[ 0.387250] acpiphp: Slot [14] registered
[ 0.388252] acpiphp: Slot [15] registered
[ 0.389251] acpiphp: Slot [16] registered
[ 0.390250] acpiphp: Slot [17] registered
[ 0.391259] acpiphp: Slot [18] registered
[ 0.392268] acpiphp: Slot [19] registered
[ 0.393252] acpiphp: Slot [20] registered
[ 0.394250] acpiphp: Slot [21] registered
[ 0.395250] acpiphp: Slot [22] registered
[ 0.396254] acpiphp: Slot [23] registered
[ 0.397258] acpiphp: Slot [24] registered
[ 0.398269] acpiphp: Slot [25] registered
[ 0.399251] acpiphp: Slot [26] registered
[ 0.400251] acpiphp: Slot [27] registered
[ 0.401260] acpiphp: Slot [28] registered
[ 0.402252] acpiphp: Slot [29] registered
[ 0.403251] acpiphp: Slot [30] registered
[ 0.404260] acpiphp: Slot [31] registered
[ 0.405241] PCI host bridge to bus 0000:00
[ 0.406209] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
[ 0.407209] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
[ 0.408212] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 0.409212] pci_bus 0000:00: root bus resource [mem 0x50000000-0xfebfffff window]
[ 0.410211] pci_bus 0000:00: root bus resource [mem 0x100000000-0x17fffffff window]
[ 0.411209] pci_bus 0000:00: root bus resource [bus 00-ff]
[ 0.412936] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
[ 0.415631] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
[ 0.418326] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
[ 0.422086] pci 0000:00:01.1: reg 0x20: [io 0xc0a0-0xc0af]
[ 0.423291] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
[ 0.424209] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
[ 0.425209] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
[ 0.426208] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
[ 0.427758] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
[ 0.429846] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
[ 0.430247] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
[ 0.432413] pci 0000:00:02.0: [1af4:1005] type 00 class 0x00ff00
[ 0.434078] pci 0000:00:02.0: reg 0x10: [io 0xc080-0xc09f]
[ 0.437842] pci 0000:00:02.0: reg 0x20: [mem 0xfebf0000-0xfebf3fff 64bit pref]
[ 0.441994] pci 0000:00:03.0: [1af4:1004] type 00 class 0x010000
[ 0.443209] pci 0000:00:03.0: reg 0x10: [io 0xc000-0xc03f]
[ 0.445210] pci 0000:00:03.0: reg 0x14: [mem 0xfebfe000-0xfebfefff]
[ 0.449209] pci 0000:00:03.0: reg 0x20: [mem 0xfebf4000-0xfebf7fff 64bit pref]
[ 0.455016] pci 0000:00:04.0: [1af4:1003] type 00 class 0x078000
[ 0.456638] pci 0000:00:04.0: reg 0x10: [io 0xc040-0xc07f]
[ 0.458213] pci 0000:00:04.0: reg 0x14: [mem 0xfebff000-0xfebfffff]
[ 0.461647] pci 0000:00:04.0: reg 0x20: [mem 0xfebf8000-0xfebfbfff 64bit pref]
[ 0.466951] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
[ 0.467436] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
[ 0.468422] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
[ 0.469500] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
[ 0.470324] ACPI: PCI: Interrupt link LNKS configured for IRQ 9
[ 0.471502] iommu: Default domain type: Passthrough
[ 0.472252] vgaarb: loaded
[ 0.473398] SCSI subsystem initialized
[ 0.474244] usbcore: USB support disabled
[ 0.475238] pps_core: LinuxPPS API ver. 1 registered
[ 0.476208] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti giometti(a)linux.it<mailto:giometti@linux.it>
[ 0.477220] PTP clock support registered
[ 0.478290] EDAC MC: Ver: 3.0.0
[ 0.480034] NetLabel: Initializing
[ 0.480208] NetLabel: domain hash size = 128
[ 0.481208] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
[ 0.482285] NetLabel: unlabeled traffic allowed by default
[ 0.483209] PCI: Using ACPI for IRQ routing
[ 0.484886] clocksource: Switched to clocksource kvm-clock
[ 0.507658] VFS: Disk quotas dquot_6.6.0
[ 0.509340] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[ 0.515247] pnp: PnP ACPI init
[ 0.517208] pnp: PnP ACPI: found 5 devices
[ 0.525633] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[ 0.529264] NET: Registered PF_INET protocol family
[ 0.531284] IP idents hash table entries: 32768 (order: 6, 262144 bytes, linear)
[ 0.535368] tcp_listen_portaddr_hash hash table entries: 1024 (order: 3, 32768 bytes, linear)
[ 0.538773] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear)
[ 0.541880] TCP established hash table entries: 16384 (order: 5, 131072 bytes, linear)
[ 0.545087] TCP bind hash table entries: 16384 (order: 6, 262144 bytes, linear)
[ 0.547988] TCP: Hash tables configured (established 16384 bind 16384)
[ 0.550643] MPTCP token hash table entries: 2048 (order: 3, 49152 bytes, linear)
[ 0.553595] UDP hash table entries: 1024 (order: 3, 32768 bytes, linear)
[ 0.556244] UDP-Lite hash table entries: 1024 (order: 3, 32768 bytes, linear)
[ 0.559187] NET: Registered PF_UNIX/PF_LOCAL protocol family
[ 0.561484] NET: Registered PF_XDP protocol family
[ 0.563511] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
[ 0.565964] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
[ 0.568460] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
[ 0.571177] pci_bus 0000:00: resource 7 [mem 0x50000000-0xfebfffff window]
[ 0.573916] pci_bus 0000:00: resource 8 [mem 0x100000000-0x17fffffff window]
[ 0.576819] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[ 0.579142] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[ 0.581530] pci 0000:00:01.0: Activating ISA DMA hang workarounds
[ 0.584097] PCI: CLS 0 bytes, default 64
[ 0.585754] Trying to unpack rootfs image as initramfs...
[ 0.591070] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x233fa695ddd, max_idle_ns: 440795303581 ns
[ 0.596053] Freeing initrd memory: 8584K
[ 0.598367] Initialise system trusted keyrings
[ 0.600256] Key type blacklist registered
[ 0.602023] workingset: timestamp_bits=36 max_order=19 bucket_order=0
[ 0.607533] zbud: loaded
[ 0.609006] integrity: Platform Keyring initialized
[ 0.610991] integrity: Machine keyring initialized
[ 0.612928] Allocating IMA blacklist keyring.
[ 0.618350] NET: Registered PF_ALG protocol family
[ 0.620283] Key type asymmetric registered
[ 0.621953] Asymmetric key parser 'x509' registered
[ 0.623928] Key type pkcs7_test registered
[ 0.625653] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 247)
[ 0.628627] io scheduler mq-deadline registered
[ 0.630459] io scheduler kyber registered
[ 0.632100] io scheduler bfq registered
[ 0.634594] atomic64_test: passed for x86-64 platform with CX8 and with SSE
[ 0.637687] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[ 0.640491] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[ 0.643460] ACPI: button: Power Button [PWRF]
[ 0.645586] Serial: 8250/16550 driver, 1 ports, IRQ sharing enabled
[ 0.648503] 00:03: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[ 0.651708] Non-volatile memory driver v1.3
[ 0.653474] Linux agpgart interface v0.103
[ 0.655265] AMD-Vi: AMD IOMMUv2 functionality not available on this system - This is not a bug.
[ 0.658878] rdac: device handler registered
[ 0.660643] hp_sw: device handler registered
[ 0.662358] emc: device handler registered
[ 0.664045] alua: device handler registered
[ 0.665957] VFIO - User Level meta-driver version: 0.3
[ 0.668111] usbserial: usb_serial_init - registering generic driver failed
[ 0.670988] usbserial: usb_serial_init - returning with error -19
[ 0.673517] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[ 0.678711] serio: i8042 KBD port at 0x60,0x64 irq 1
[ 0.680853] serio: i8042 AUX port at 0x60,0x64 irq 12
[ 0.683094] mousedev: PS/2 mouse device common for all mice
[ 0.686351] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[ 0.690534] rtc_cmos 00:04: RTC can wake from S4
[ 0.694780] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input4
[ 0.698273] rtc_cmos 00:04: registered as rtc0
[ 0.700426] rtc_cmos 00:04: setting system clock to 2023-09-28T12:29:32 UTC (1695904172)
[ 0.703953] rtc_cmos 00:04: alarms up to one day, y3k, 242 bytes nvram
[ 0.707346] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input3
[ 0.711294] hid: raw HID events driver (C) Jiri Kosina
[ 0.713594] drop_monitor: Initializing network drop monitor service
[ 0.716163] Initializing XFRM netlink socket
[ 0.718110] NET: Registered PF_INET6 protocol family
[ 0.720504] Segment Routing with IPv6
[ 0.722038] In-situ OAM (IOAM) with IPv6
[ 0.723670] NET: Registered PF_PACKET protocol family
[ 0.725735] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
[ 0.730976] sctp: Hash tables configured (bind 256/256)
[ 0.733211] tipc: Activated (version 2.0.0)
[ 0.734964] NET: Registered PF_TIPC protocol family
[ 0.736954] tipc: Started in single node mode
[ 0.739111] IPI shorthand broadcast: enabled
[ 0.741052] registered taskstats version 1
[ 0.743083] Loading compiled-in X.509 certificates
[ 0.745661] Loaded X.509 cert 'Oracle CA Server: 1c0b46cf56e9fa28dc8a6c93bc34093ae9a559ae'
[ 0.749346] Loaded X.509 cert 'Oracle Linux Kernel Module Signing Key: 2bb352412969a3653f0eb6021763408ebb9bb5ab'
[ 0.753887] Loaded X.509 cert 'Oracle America, Inc.: Ksplice Kernel Module Signing Key: 09010ebef5545fa7c54b626ef518e077b5b1ee4c'
[ 0.758865] Loaded X.509 cert 'Oracle IMA signing CA: a2f28976a05984028f7d1a4904ae14e8e468e551'
[ 0.762275] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.765030] Loaded X.509 cert 'Oracle Corporation: 7f559b8e9d9e05183480a7149e5a1de0bc265ada'
[ 0.768509] Loaded X.509 cert 'Oracle Corporation: c179886de39a159135e9877492debf044af7d1eb'
[ 0.771878] Loaded X.509 cert 'Oracle Corporation: 51698ec3be0f5eb8cba8ec197d291879098fade4'
[ 0.775488] zswap: loaded using pool lzo/zsmalloc
[ 0.777527] page_owner is disabled
[ 0.779016] Key type .fscrypt registered
[ 0.780642] Key type fscrypt-provisioning registered
[ 0.783111] Key type encrypted registered
[ 0.784779] ima: No TPM chip found, activating TPM-bypass!
[ 0.787085] Loading compiled-in module X.509 certificates
[ 0.789711] Loaded X.509 cert 'Oracle CA Server: 1c0b46cf56e9fa28dc8a6c93bc34093ae9a559ae'
[ 0.793070] ima: Allocated hash algorithm: sha256
[ 0.794976] ima: No architecture policies found
[ 0.796811] evm: Initialising EVM extended attributes:
[ 0.798847] evm: security.selinux
[ 0.800171] evm: security.SMACK64 (disabled)
[ 0.801885] evm: security.SMACK64EXEC (disabled)
[ 0.803699] evm: security.SMACK64TRANSMUTE (disabled)
[ 0.805663] evm: security.SMACK64MMAP (disabled)
[ 0.807557] evm: security.apparmor (disabled)
[ 0.809320] evm: security.ima
[ 0.810600] evm: security.capability
[ 0.812035] evm: HMAC attrs: 0x1
[ 0.813884] RAS: Correctable Errors collector initialized.
[ 0.816134] Unstable clock detected, switching default tracing clock to "global"
[ 0.816134] If you want to keep using the local clock, then add:
[ 0.816134] "trace_clock=local"
[ 0.816134] on the kernel command line
[ 0.824964] integrity: Unable to open file: /etc/keys/x509_ima.der (-2)
[ 0.826253] Freeing unused decrypted memory: 2036K
[ 0.831327] Freeing unused kernel image (initmem) memory: 3156K
[ 0.833720] Write protecting the kernel read-only data: 32768k
[ 0.836596] Freeing unused kernel image (text/rodata gap) memory: 2036K
[ 0.839432] Freeing unused kernel image (rodata/data gap) memory: 1860K
[ 0.842011] rodata_test: all tests were successful
[ 0.843934] Run /init as init process
[ 0.845792] traps: init[1] general protection fault ip:43faa8 sp:7ffe9b9904b0 error:0 in init[400000+a7000]
[ 0.849636] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[ 0.850592] CPU: 0 PID: 1 Comm: init Not tainted 5.15.0-105.125.6.2.2.el8uek.x86_64 #2
[ 0.850592] Hardware name: Red Hat KVM, BIOS 1.16.0-3.module+el8.8.0+20990+60c1530a 04/01/2014
[ 0.850592] Call Trace:
[ 0.850592] <TASK>
[ 0.850592] dump_stack_lvl+0x46/0x69
[ 0.850592] panic+0x113/0x2eb
[ 0.850592] do_exit.cold+0x9f/0x9f
[ 0.850592] do_group_exit+0x33/0x96
[ 0.850592] get_signal+0x14a/0x93f
[ 0.850592] ? __ret+0x40/0x2
[ 0.850592] arch_do_signal_or_restart+0x10d/0x12a
[ 0.850592] exit_to_user_mode_loop+0xc4/0x1b1
[ 0.850592] exit_to_user_mode_prepare+0x121/0x129
[ 0.850592] irqentry_exit_to_user_mode+0x5/0x23
[ 0.850592] asm_exc_general_protection+0x22/0x27
[ 0.850592] RIP: 0033:0x43faa8
[ 0.850592] Code: 1f 00 f3 0f 1e fa 55 48 89 f5 53 89 fb 48 83 ec 08 48 8b 05 6a e6 26 00 48 c1 c8 11 64 48 33 04 25 30 00 00 00 48 85 c0 74 30 <ff> d0 48 3d 00 f0 ff ff 76 1b 48 83 f8 da 74 20 48 c7 c2 b8 ff ff
[ 0.850592] RSP: 002b:00007ffe9b9904b0 EFLAGS: 00010202
[ 0.850592] RAX: 3775f539b2c7e0dc RBX: 0000000000000001 RCX: 0000000000451fb5
[ 0.850592] RDX: ffffffffffffffb8 RSI: 00007ffe9b9904d0 RDI: 0000000000000001
[ 0.850592] RBP: 00007ffe9b9904d0 R08: 0000000001000000 R09: 0000000000000000
[ 0.850592] R10: 00000000000000ee R11: 0000000000000246 R12: 00000000000004a1
[ 0.850592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 0.850592] </TASK>
[ 0.850592] Kernel Offset: 0x7000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 0.850592] Rebooting in 1 seconds..
libguestfs: error: appliance closed the connection unexpectedly, see earlier error messages
libguestfs: child_cleanup: 0x562f648a7a70: child process died
libguestfs: sending SIGTERM to process 715291
libguestfs: qemu maxrss 238800K
libguestfs: error: guestfs_launch failed, see earlier error messages
libguestfs: trace: launch = -1 (error)
libguestfs: trace: close
libguestfs: closing guestfs handle 0x562f648a7a70 (state 0)
libguestfs: command: run: rm
libguestfs: command: run: \ -rf /tmp/libguestfsTuyhmZ
libguestfs: command: run: rm
libguestfs: command: run: \ -rf /tmp/libguestfsWsaSSV
[root@ol-kvm-h01 work]#
Regards,
Dennis Clark RHCE, OCP
Principal Consultant, Technical Architect / DBA, DXC Practice for Oracle
T. +64 27 530 6595 | M. +64 21 637 145 | dclark66(a)dxc.com<mailto:dclark66@dxc.com>
[Unix/Linux System: designer, builder, implementer, administrator, monitor, developer, scripter, integrator]
[Oracle OVM: designer, builder, implementer, administrator, monitor, automater, integrator]
[Oracle DB: designer, builder, implementer, administrator, monitor, developer, scripter, integrator]
[Member of DXC Technology: Database Guild]
[Member of DXC Practice for Oracle: Cloud and Technology Practice]
DXC Technology
Wellington, New Zealand
[Level 8, Majestic Centre, 100 Willis St, Wellington Central]
DXC.com <https://www.dxc.com/nz/en/practices/oracle> | Twitter<https://twitter.com/DXC_RedRock> | Facebook<https://www.facebook.com/DXCTechnology/> | LinkedIn<https://www.linkedin.com/company/dxcredrock/>
DXC Technology NZ Limited (Company number 1441241).
1 year, 3 months
[libnbd PATCH] info: Try harder for graceful disconnect from server
by Eric Blake
There are a number of ways in which gathering information can fail.
But when possible, it makes sense to let the server know that we are
done talking, as it minimizes the likelihood that nbdinfo's error
message will be obscured by an accompanying error message by the
server complaining about an unclean disconnect.
For example, with a one-off qemu temporarily patched as mentioned in
commit 0f8ee8c6 to advertise sizes larger than 2^63, kicking off
'qemu-nbd -f raw -r file &' produces:
pre-patch:
$ ./run nbdinfo --size nbd://localhost
/home/eblake/libnbd/info/.libs/nbdinfo: nbd_get_size: server claims size 9223372036854781440 which does not fit in signed result: Value too large for defined data type
qemu-nbd: option negotiation failed: Failed to read opts magic: Unexpected end-of-file before all data were read
post-patch:
$ ./run nbdinfo --size nbd://localhost
/home/eblake/libnbd/info/.libs/nbdinfo: nbd_get_size: server claims size 9223372036854781440 which does not fit in signed result: Value too large for defined data type
if nbdinfo is run in the same terminal as qemu-nbd.
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
info/main.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/info/main.c b/info/main.c
index c8248c61..05f19f43 100644
--- a/info/main.c
+++ b/info/main.c
@@ -88,6 +88,17 @@ usage (FILE *fp, int exitcode)
exit (exitcode);
}
+void
+clean_shutdown (void)
+{
+ /* If we are connected but detect an error, try to give the server
+ * notice that we are done talking. Ignore failures, as this is
+ * only a courtesy measure.
+ */
+ if (nbd)
+ nbd_shutdown (nbd, 0);
+}
+
int
main (int argc, char *argv[])
{
@@ -277,6 +288,7 @@ main (int argc, char *argv[])
fprintf (stderr, "%s: %s\n", progname, nbd_get_error ());
exit (EXIT_FAILURE);
}
+ atexit (clean_shutdown);
nbd_set_uri_allow_local_file (nbd, true); /* Allow ?tls-psk-file. */
/* Set optional modes in the handle. */
@@ -353,6 +365,7 @@ main (int argc, char *argv[])
free_exports ();
nbd_shutdown (nbd, 0);
nbd_close (nbd);
+ nbd = NULL;
/* Close the output stream and copy it to the real stdout. */
if (fclose (fp) == EOF) {
--
2.41.0
1 year, 4 months
LIBNBD SECURITY: Negative results from nbd_get_size()
by Eric Blake
We have discovered a security flaw with potential minor impact in
libnbd.
Lifecycle
---------
Reported: 2023-09-17 Fixed: 2023-09-22 Published: 2023-09-26
At the time of this email, the Red Hat security team is analyzing
potential security impacts to determine if a CVE is warranted against
libnbd; if one is assigned, a followup email will announce that
identifier. However, even if a CVE is not assigned to libnbd, the
issues documented here warrant an audit of clients that utilize the
nbd_get_size() API from libnbd, to see if they might be subject to a
weakness when interpreting a large size as a negative value. The
libnbd developers felt it more important to issue this security notice
prior to the release of v1.18 than to hold up the release schedule
waiting for final analysis on whether libnbd needs a CVE.
Credit
------
Reported by Rich Jones (rjones(a)redhat.com) during fuzz tests, patched
by Eric Blake <eblake(a)redhat.com>
Description
-----------
libnbd is a Network Block Device (NBD) client library. The NBD
protocol states that a server advertises the size of an export using a
64-bit unsigned number. In turn, libnbd has an API nbd_get_size()
that returns int64_t, documenting that a non-negative value is a
successful return of the server's export size, and -1 is an error
indicator with a corresponding error message in nbd_get_error(3).
This leads to confusing results when talking to a server that
advertises an export with an unsigned size of 2^63 bytes or larger: a
client that tests 'result < 0' would treat the size as an error
although libnbd did not provide an error message; while a client that
tests 'result == -1' and stores size as a signed integer could end up
seeing a negative value as success, and possibly go on to encounter
subsequent logic issues due to integer overflow or iteration bounds
that are not expecting comparison against a negative value. This
confusing API result has been present in all stable releases of
libnbd, since v1.0 in April 2019. In patched libnbd, the API now
uniformly treats all large export sizes as an EOVERFLOW error with a
return value of -1 and corresponding error message.
In the efforts to patch the nbd_get_size() issue in stable libnbd, two
additional related issues were identified that were introduced in the
experimental v1.17.4 release: code added for 64-bit NBD extensions
could hit libnbd assertion failures during the nbd_block_status() API
based on actions taken by a malicious server (one by intentionally
advertising a large export size regardless of whether extended headers
are in use, the other by intentionally disobeying the NBD protocol for
the contents of a 64-bit block status reply when extended headers are
in use). Odd-numbered minor version releases have always been
considered experimental; production systems should only be using
even-numbered minor version releases, and thus are not vulnerable to a
server-triggered assertion failure.
Test if libnbd is vulnerable
----------------------------
There are no direct methods for testing whether nbd_get_size() will
convert a large export size into an EOVERFLOW error, when using a
compliant server. However, the libnbd patches include instructions
for making one-off modifications to qemu to create an intentionally
non-compliant server for reproducing all scenarios described in this
notice. In general, it is probably faster to upgrade to a known-good
libnbd than to try and test if an installed libnbd is still
vulnerable.
Workarounds
-----------
As a mitigating factor, no known production servers (such as
nbd-server, qemu-nbd, nbdkit) will advertise an export size large
enough to overflow the subset of non-negative int64_t values. An
application that insists on using TLS to connect only to a known-good
server will never encounter a size that would result in an
undocumented result to nbd_get_size(). Without TLS, an application
that wishes to deal solely with positive sizes for exports should
check that nbd_get_size() is non-negative, rather than the weaker
comparison of the result to just -1. Other libnbd API take offset
parameters as a uint64_t; an audit of these APIs did not find any
scenarios where a negative size value returned by nbd_get_size() and
then converted to uint64_t could cause any further misbehavior in
libnbd.
Fixes
-----
The original nbd_get_size(3) ambiguous return value flaw was
introduced in libnbd v0.1 (commit 40881fce75), when the API was
introduced. The server-triggered assertion failures on
nbd_block_status(3) were introduced in libnbd v1.17.4 (commits
e8d837d306 and ab992766cd); there are no plans to release a
development v1.17.6 containing the fixes, since stable v1.18.0 is
scheduled for 27 September 2023. As of this email, the following
branches have been patched:
* development branch (1.17)
https://gitlab.com/nbdkit/libnbd/-/commit/0f8ee8c6bd6dd93de771e6d4da87ec5...
https://gitlab.com/nbdkit/libnbd/-/commit/dbc08c932c17e72d42944a5df447d0e...
https://gitlab.com/nbdkit/libnbd/-/commit/47797419dd56a0d1c156ff266c10620...
no intentions to release 1.17.6; instead use libnbd >= 1.18.0 from
http://download.libguestfs.org/libnbd/1.18-stable/
* stable branch 1.16
https://gitlab.com/nbdkit/libnbd/-/commit/f03330181229360a1a97a264aa956fe...
or use libnbd >= 1.16.5 from
http://download.libguestfs.org/libnbd/1.16-stable/
* stable branch 1.14
https://gitlab.com/nbdkit/libnbd/-/commit/258ee95fa2acfa264b05c0346c6c2fd...
Contact the developers if a release of 1.14.3 is required but not yet listed at
http://download.libguestfs.org/libnbd/1.14-stable/
* all earlier stable branches (1.0 through 1.12)
Backports of 0f8ee8c6bd are not deemed high priority at this time;
contact the developers if a new stable release is required
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
1 year, 4 months
ANNOUNCE: nbdkit 1.36 and libnbd 1.18 released
by Richard W.M. Jones
I'm pleased to announce new stable releases of nbdkit 1.36 and libnbd 1.18.
nbdkit is a Network Block Device (NBD) server with a stable plugin ABI
and a permissive license. libnbd is an NBD client library in
userspace.
Among the major new features are: Rust bindings for libnbd, 64 bit
extended headers (NBD protocol extension) support in libnbd, a
completely rewritten curl plugin for nbdkit, qcow2 support for nbdkit.
Complete release notes are attached below.
nbdkit 1.36.0 can be downloaded here:
https://download.libguestfs.org/nbdkit/1.36-stable/
libnbd 1.18.0 can be downloaded here:
https://download.libguestfs.org/libnbd/1.18-stable/
Release notes for nbdkit 1.36 online:
https://libguestfs.org/nbdkit-release-notes-1.36.1.html
Release notes for libnbd 1.18 online:
https://libguestfs.org/libnbd-release-notes-1.18.1.html
Rich.
----------------------------------------------------------------------
nbdkit-release-notes-1.36 - release notes for nbdkit 1.36
These are the release notes for nbdkit stable release 1.36. This
describes the major changes since 1.34.
nbdkit 1.36.0 was released on 27 September 2023.
Security
No security issues were identified in this release.
All past security issues and information about how to report new ones
can be found in nbdkit-security(1).
Plugins
New nbdkit-ones-plugin(1) which creates a fully allocated disk
containing all 0xff (all ones), or another byte of your choice.
nbdkit-curl-plugin(1) now uses a curl "multi" interface. This enables
much better performance, and also allows the curl plugin to handle
requests in parallel. The curl plugin now falls back to making a "GET"
request to get the size of the remote file for certain servers which do
not support "HEAD" requests. This plugin adds new options: "ipresolve"
(force IPv4 or IPv6), "resolve" (force a particular IP address), -D
curl.times=1 (print detailed timing stats), and -D curl.verbose.ids=1
(display connection and transfer IDs).
nbdkit-memory-plugin(1) now uses a read-write lock to protect internal
structures, resulting in improved performance for mostly read
workloads.
nbdkit-data-plugin(1) now has more optimizations.
nbdkit-file-plugin(1) now supports 4k sector sizes on Windows (Brian
Carnes).
Filters
New nbdkit-evil-filter(1) adds random but consistent data corruption to
the underlying plugin.
New nbdkit-qcow2dec-filter(1) which can decode qcow2 files (but not
write to them).
nbdkit-ip-filter(1) can now filter by client SELinux label.
nbdkit-partition-filter(1) now supports 4k sector sizes (Brian Carnes).
nbdkit-retry-request-filter(1) allows the "get_size" operation to be
retried.
nbdkit-tar-filter(1) adds new "tar-limit" parameter which can be used
to ensure the filter does not read indefinite amounts of input when
opening the tar file.
Filters can now append their own output to nbdkit --dump-plugin output.
Language bindings
Rust bindings add support for "after_fork", "block_size",
"nbdkit_debug", "nbdkit_is_tls", "nbdkit_parse_size",
"nbdkit_parse_bool" and "nbdkit_parse_probability". The "open" method
can now return an error; note this is not backwards compatible and
requires a small source code change to Rust plugins. (Thanks Alan
Somers)
nbdkit-ocaml-plugin(3) now supports OCaml 5.
OCaml bindings add support for "nbdkit_stdio_safe", "nbdkit_is_tls",
"nbdkit_peer_name" and "nbdkit_peer_security_context".
nbdkit-perl-plugin(3) now supports Perl 5.38.
Shell script plugins (nbdkit-sh-plugin(3)) may now ignore stdin in
their "pwrite" method, whereas previously it was required to read and
discard stdin along error paths (thanks Eric Blake).
Server
When using the --run option, the default is now to use a private Unix
domain socket (as if -U - was specified), whereas in nbdkit ≤ 1.34 the
default was to open a TCP port. The new default reflects the most
common and safest way to use the --run option. You can find out if
nbdkit has the new behaviour by checking "nbdkit --dump-config" and
looking for "run_default_socket=Unix" in the output.
Debug strings containing control codes and other non-printable
characters are now escaped properly.
New flag -D nbdkit.environ=1 can be used to dump the server environment
in debug output.
API
New "nbdkit_parse_probability" function which can be used to parse
probabilities in various formats, like "10%" or "1:10".
New "nbdkit_peer_security_context" function which returns the security
context (usually SELinux label) of the client.
Bug fixes
Fix long-standing double-free in nbdkit-file-plugin(1) when the client
closes the connection during negotiation (thanks Eric Blake).
nbdkit-file-plugin now has improved error messages when you try to open
a file with an empty name ("").
Documentation
Miscellaneous documentation improvements for Windows (Brian Carnes).
Fuzzing instructions updated for Clang 17, AFL++ 4.08c.
Tests
Ongoing CI maintenance and fixes (Laszlo Ersek, Eric Blake).
Many fixes in the test suite for MinGW and Wine.
Several internal consistency checks were added to the test suite, to
ensure, for example, that we always use "requires_run" when the test
uses the nbdkit --run option.
Build
Optionally "zlib-ng" can be used (instead of "zlib") for faster
decompression in various places.
No longer link with msvcrt on Windows.
"awk" is a build requirement. It was implicitly required before
(because it is needed by the "./configure" script generated by
autoconf), but now the dependency is explicit (Eric Blake).
Internals
"podwrapper" has a new --replace parameter which makes it easier to use
"AC_SUBST"-substitutions in documentation.
SEE ALSO
nbdkit(1).
AUTHORS
Authors of nbdkit 1.36:
Alan Somers
Brian Carnes
Eric Blake
Laszlo Ersek
Richard W.M. Jones
----------------------------------------------------------------------
libnbd-release-notes-1.18 - release notes for libnbd 1.18
These are the release notes for libnbd stable release 1.18. This
describes the major changes since 1.16.
libnbd 1.18.0 was released on 27 September 2023.
Security
Eric Blake found a case where a server could cause libnbd to crash,
although not in the normal libnbd configuration. For more information
see the announcement here:
https://listman.redhat.com/archives/libguestfs/2023-July/032035.html
Eric Blake found an issue with nbd_get_size(3) where a server that
returns a size > (uint64_t)INT64_MAX and < (uint64_t)-1 would cause
nbd_get_size to return a negative number (which is not -1 and so
callers may or may not treat it as an error). While no client code in
libnbd itself is affected by this, it could affect external clients.
libnbd ≥ 1.16.5 now returns an error (-1) and sets nbd_get_errno to
"EOVERFLOW" in this case. We have applied for a decision on a CVE.
See the announcement here:
https://listman.redhat.com/archives/libguestfs/2023-September/032711.html
During routine fuzzing we found several security problems which had
been introduced during this development cycle and have subsequently
been fixed. Stable (even numbered) releases of libnbd should not be
vulnerable; do not use the development (odd numbered) releases in
production.
If you find a security issue, please read SECURITY in the source
(online here: https://gitlab.com/nbdkit/libnbd/blob/master/SECURITY).
To find out about previous security issues in libnbd, see
libnbd-security(3).
New APIs
nbd_block_status_64(3)
nbd_aio_block_status_64(3)
Make a 64 bit block status request, see "Protocol" below (Eric
Blake).
nbd_block_status_filter(3)
nbd_aio_block_status_filter(3)
Send filtered block status command, see "Protocol" below (Eric
Blake).
nbd_can_block_status_payload(3)
Find out if the server supports filtered block status command (Eric
Blake).
nbd_set_request_extended_headers(3)
nbd_get_request_extended_headers(3)
nbd_get_extended_headers_negotiated(3)
nbd_opt_extended_headers(3)
nbd_aio_opt_extended_headers(3)
Set/get whether we request extended headers from the server, and
find out if we negotiated extended headers, see "Protocol" below
(Eric Blake).
Enhancements to existing APIs
"qemu:" meta-context constants (eg. "qemu:dirty-bitmap" as
"LIBNBD_CONTEXT_QEMU_DIRTY_BITMAP") are now available through the C,
Golang, OCaml and Python language bindings (Eric Blake).
nbd_shutdown(3) now works correctly when in opt mode (Eric Blake).
nbd_set_string(3) adds "LIBNBD_STRICT_AUTO_FLAG" which allows the
client to test how servers behave when the payload length flag is
adjusted (Eric Blake).
Protocol
libnbd now supports NBD 64 bit "extended headers" and extent sizes. In
practice this allows certain requests such as zeroing very large
sections of the disk to be implemented much more efficiently, with
servers that support this (Eric Blake).
libnbd now supports filtered block status requests (Eric Blake).
Tools
nbdcopy(1), nbdinfo(1) and nbddump(1) have been expanded to use and
report NBD 64 bit / extended header support when the server supports it
(Eric Blake).
nbdinfo --has can be used as an alias for --can, eg.
"nbdinfo --has structured-reply URI" (Eric Blake).
nbdinfo makes the export size output optional, for servers which send
an oversized one (Eric Blake).
nbdcopy now supports "human sizes" for some parameters, eg.
"nbdcopy --request-size=1M ...".
Language bindings
New Rust bindings. There is a basic API for ordinary use, and an
asynch API implemented using Tokio. Rust ≥ 1.69 is required. (Tage
Johansson, supported by sponsorship from Google Summer of Code 2023,
additional review and fixes by Eric Blake).
OCaml 5 is now supported.
Golang 1.21 is now supported. The minimum version is now 1.17 (Eric
Blake).
Use "gofmt" to format Golang bindings (Eric Blake).
Use "unsafe.Slice" when converting C arrays to Golang slices (Eric
Blake).
All language bindings support NBD 64 bit / extended headers, and
examples of how to use this feature are available (Eric Blake).
Tests
Fix a couple of race conditions in tests where we did not fully consume
stdin in nbdkit-sh-plugin(3) pwrite method (Eric Blake).
Fuzzing now disables client-side strictness checks, enabling a wider
range of inputs to be fuzzed (Eric Blake).
Other improvements and bug fixes
Consistently wrap source code at 80 columns (Laszlo Ersek).
Debug messages no longer print the very verbose state transitions
inside the state machine as these are not usually useful. You can
reenable this by defining "-DLIBNBD_STATE_VERBOSE=1" at compile time.
Completion ".callback" methods are now always called exactly once, and
documentation is clearer on when this happens (Eric Blake).
Documentation
"podwrapper" has a new --replace parameter which makes it easier to use
"AC_SUBST"-substitutions in documentation.
Build
Automake's "subdir-objects" option is now used (Eric Blake).
Multiple, ongoing fixes to the CI tests (Eric Blake).
SEE ALSO
libnbd(3).
AUTHORS
Eric Blake
Laszlo Ersek
Richard W.M. Jones
Tage Johansson
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html
1 year, 4 months
[PATCH v2v 0/5] convert: Find out if Windows guest is expecting BIOS localtime or UTC
by Richard W.M. Jones
[Alice: See patch 2]
[This patch is a bit rough, it could do with better commit messages
and some tests. Please test it to see if it solves the Windows
conversion issue described in the thread below.]
We currently do not set any <clock/> field in guest output. Most
Windows guests expect the BIOS to be set to localtime, whereas almost
all Linux guests would expect it to be set to UTC. It is also
possible to configure a Windows guest to expect BIOS set to UTC.
The default is usually BIOS set to UTC, so for many Windows guests
this would be wrong. This specifically may cause problems when
scheduling qemu-ga installation, see the thread here:
https://listman.redhat.com/archives/libguestfs/2023-September/thread.html...
but could cause other general issues with time in the guest.
One way to implement this would be to copy the source hypervisor
information across; however I'm not confident this information is read
correctly. A better way is to read out what the guest is expecting
from the Windows registry. (For Linux we just assume BIOS is always
UTC, since that's the default for almost any Linux guest which hasn't
been dual-booted with Windows, which for VMs would be incredibly
rare.)
Rich.
1 year, 4 months