Hi, On 08/05/2017 02:06 PM, Michael Tokarev wrote: > 05.08.2017 15:02, Christian Seiler wrote: >>>> xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch >>> >>> What's the complete qemu command line? >> >> It's quite long (generated from libvirt), I posted that in the initial >> bug report: >> >> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869807#5 >> >>> Does it include nec-xhci? >> >> Yes, it does: >> >> -device nec-usb-xhci,id=usb,bus=pci.0,addr=0x5 >> >> (I did configure XHCI in libvirt to be able to pass through >> USB 3 devices.) >> >> And indeed, if I change that back to USB 2.0 in libvirt's configuration, >> and install +deb9u1, the VM now boots again. > > This is #869945, and the actual problem is not what you've > posted but the xhci assertion failure.
Yeah, I just noticed that the __kvm_hv_spinlocks error also occurs if the VM is started successfully - and is in fact only a warning message. Unfortunately, due to the way libvirtd invokes qemu I don't see any assertion failure in the logs (or I just don't know which log to look at). > I'll merge this bug with #869945. Yes, I can verify that the VM boots again with +deb9u2. (I had kept the package on hold via apt-mark until I knew the problem was resolved.) Sorry for providing a red herring with the CPU flag. And many thanks for your work! Regards, Christian
