Re: [Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-06-01 Thread Vadim Rozenfeld 
On Mon, 2015-06-01 at 15:10 +0200, Philipp Hahn wrote:
> Hello,
> 
> On 31.05.2015 12:58, Vadim Rozenfeld wrote:
> > On Sun, 2015-05-31 at 11:26 +0300, Yan Vugenfirer wrote:
> >>> On May 29, 2015, at 5:43 PM, Philipp Hahn 
> >>> wrote:
> ...
> >>> we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM,
> >>> but
> >>> installing the VirtIO viostor.sys driver fails, because the
> >>> signature of
> >>> the driver doesn't seem to match what's stored in the
> >>> corresponding .cat
> >>> file.
> ...
> >> Can you send the error message you are getting from Windows? If
> >> possible attach setupapi.log as well (search your system
> >> for setupapi.*, the location might be different for different OS
> >> versions).
> 
> I attached them to 
> 
> > Do you use the same installation media for v2v and a fresh install, or
> > vfd for a fresh install and iso for v2v conversion? 
> 
> If the drivers are installed during the initial setup, both ISO and VFD
> work - after navigating into the right sub directory and enabling "show
> not matching drivers". No BSOD.
> 
> Using the same ISO after doing the install using the emulated IDE, the
> drivers are rejected with:
> 
> > Processing inf :vioscsi.inf
> > Adding the driver package failed : The hash for the file is not present in 
> > the specified catalog file. The file is likely corrupt or the victim of 
> > tampering.
> > 
> > Processing inf :viostor.inf
> > Adding the driver package failed : The hash for the file is not present in 
> > the specified catalog file. The file is likely corrupt or the victim of 
> > tampering.
> 
> 
> >>> Are there some Linux tools to work with the .cat files and
> >>> signatures to make sure they match?
> 
> Answering my own question: .crt files are DER encoded. "dumpasn1" shows
> them to contain PKCS#7 data.
> 
> >> Vadim and I monitor qemu-devel, you can also open bug in
> >> bugzilla.redhat.com for virtio-win component or report an issue
> >> here: https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues
> 
> I filed . If
> anything is still missing, just ask.
> 

Thanks,
Vadim.

> Thanks for the fast help and for any more help in advance
> Philipp Hahn

Re: [Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-06-01 Thread Philipp Hahn 
Hello,

On 31.05.2015 12:58, Vadim Rozenfeld wrote:
> On Sun, 2015-05-31 at 11:26 +0300, Yan Vugenfirer wrote:
>>> On May 29, 2015, at 5:43 PM, Philipp Hahn 
>>> wrote:
...
>>> we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM,
>>> but
>>> installing the VirtIO viostor.sys driver fails, because the
>>> signature of
>>> the driver doesn't seem to match what's stored in the
>>> corresponding .cat
>>> file.
...
>> Can you send the error message you are getting from Windows? If
>> possible attach setupapi.log as well (search your system
>> for setupapi.*, the location might be different for different OS
>> versions).

I attached them to 

> Do you use the same installation media for v2v and a fresh install, or
> vfd for a fresh install and iso for v2v conversion? 

If the drivers are installed during the initial setup, both ISO and VFD
work - after navigating into the right sub directory and enabling "show
not matching drivers". No BSOD.

Using the same ISO after doing the install using the emulated IDE, the
drivers are rejected with:

> Processing inf :vioscsi.inf
> Adding the driver package failed : The hash for the file is not present in 
> the specified catalog file. The file is likely corrupt or the victim of 
> tampering.
> 
> Processing inf :viostor.inf
> Adding the driver package failed : The hash for the file is not present in 
> the specified catalog file. The file is likely corrupt or the victim of 
> tampering.


>>> Are there some Linux tools to work with the .cat files and
>>> signatures to make sure they match?

Answering my own question: .crt files are DER encoded. "dumpasn1" shows
them to contain PKCS#7 data.

>> Vadim and I monitor qemu-devel, you can also open bug in
>> bugzilla.redhat.com for virtio-win component or report an issue
>> here: https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues

I filed . If
anything is still missing, just ask.

Thanks for the fast help and for any more help in advance
Philipp Hahn

Re: [Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-05-31 Thread Vadim Rozenfeld 
On Sun, 2015-05-31 at 11:26 +0300, Yan Vugenfirer wrote:
> Adding Vadim to the thread.
> 
> > On May 29, 2015, at 5:43 PM, Philipp Hahn 
> > wrote:
> > 
> > Hello,
> > 
> > we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM,
> > but
> > installing the VirtIO viostor.sys driver fails, because the
> > signature of
> > the driver doesn't seem to match what's stored in the
> > corresponding .cat
> > file.
> > 
> > 
> 
> 
> Can you send the error message you are getting from Windows? If
> possible attach setupapi.log as well (search your system
> for setupapi.*, the location might be different for different OS
> versions).
> 
> > On the other hand installing the drivers during a fresh install from
> > the
> > beginning never had any problems.

Do you use the same installation media for v2v and a fresh install, or
vfd for a fresh install and iso for v2v conversion? 

Thanks,
Vadim.

> > 
> > 
> > We use
> > 
> > but also tried "virtio-win-0.1.103.iso" and "virtio-win-0.1-81.iso".
> > 
> > Running the following command on 0.1.104 prints (among others) the
> > following sha1hash:
> > > "C:\Program Files (x86)\Windows Kits\8.1\bin\x86
> > > \signtool.exe" /verify
> > /v /kp E:\NetKVM\2k12\amd64\netkvm.sys
> > ...
> > > Hash of file (sha1): 135E3AA23217610AEE8046F68550B0BA86F4EAE6
> > 
> > > "C:\Program Files (x86)\Windows Kits\8.1\bin\x86
> > > \signtool.exe" /verify
> > /v /kp E:\viostor\2k12\amd64\viostor.sys
> > ...
> > > Hash of file (sha1): EF11F5E539EEE0A9DB6DF3710A0DAA35066C5607
> > 
> > Looking into the corresponding .cat "Security Catalog File"
> > - netkvm.cat contains the above given hash for netkvm.sys,
> > - viostor.cat contains 55FC4DA2EE96ECC3FD4865680436DCDA6B8C6BDD
> > instead!
> > 
> > Running "sha1sum" on Linux print some completely different hashes,
> > so I
> > don't know what the Microsoft tool actually hash:
> > 
> > > #
> > > sha1sum /cdrom/NetKVM/2k12/amd64/netkvm.sys 
> > > /cdrom/viostor/2k12/amd64/viostor.sys 
> > > 1aa91c8e1d7680457d92c1875810a79f68af536d
> > >  /cdrom/NetKVM/2k12/amd64/netkvm.sys
> > > f39bc2b561091addfcac30e370227c91700d2698
> > >  /cdrom/viostor/2k12/amd64/viostor.sys
> > 
> > Is this a known issue?
> > 
> 
> 
> There was some mismatch  reported between Windows and sha1sum on
> Linux.
> 
> > 
> > Are there some (working) alternatives?
> > 
> > Are there some Linux tools to work with the .cat files and
> > signatures to
> > make sure they match?
> > 
> > Is there some better mailing list for VirtIO Windows driver issues?
> > 
> 
> 
> Vadim and I monitor qemu-devel, you can also open bug in
> bugzilla.redhat.com for virtio-win component or report an issue
> here: https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues
> 
> 
> > 
> > 
> > Some more background for our migration procedure:
> > 
> > - The VM was installed some years are on Xen.
> > - The GPLPV drivers were added afterwards.
> > - For the migration the GPLPV drivers were disabled and then
> > removed.
> > - A 2nd VirtIO hard-disk was added in KVM to trigger Windows to
> > request
> > the virstor driver.
> > 
> > If you need any more data, just ask.
> > 
> > Thanks in advance
> > Philipp Hahn
> > 
> > PS: data was copied by hand from Windows, so it might contains
> > copy-paste-errors.
> > -- 
> > Philipp Hahn
> > Open Source Software Engineer
> > 
> > Univention GmbH
> > be open.
> > Mary-Somerville-Str. 1
> > D-28359 Bremen
> > Tel.: +49 421 22232-0
> > Fax : +49 421 22232-99
> > h...@univention.de
> > 
> > http://www.univention.de/
> > Geschäftsführer: Peter H. Ganten
> > HRB 20755 Amtsgericht Bremen
> > Steuer-Nr.: 71-597-02876
> > 
> 
>

Re: [Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-05-31 Thread Yan Vugenfirer 
Adding Vadim to the thread.

> On May 29, 2015, at 5:43 PM, Philipp Hahn  wrote:
> 
> Hello,
> 
> we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM, but
> installing the VirtIO viostor.sys driver fails, because the signature of
> the driver doesn't seem to match what's stored in the corresponding .cat
> file.
> 

Can you send the error message you are getting from Windows? If possible attach 
setupapi.log as well (search your system for setupapi.*, the location might be 
different for different OS versions).

> On the other hand installing the drivers during a fresh install from the
> beginning never had any problems.
> 
> 
> We use
> 
> but also tried "virtio-win-0.1.103.iso" and "virtio-win-0.1-81.iso".
> 
> Running the following command on 0.1.104 prints (among others) the
> following sha1hash:
>> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
> /v /kp E:\NetKVM\2k12\amd64\netkvm.sys
> ...
>> Hash of file (sha1): 135E3AA23217610AEE8046F68550B0BA86F4EAE6
> 
>> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
> /v /kp E:\viostor\2k12\amd64\viostor.sys
> ...
>> Hash of file (sha1): EF11F5E539EEE0A9DB6DF3710A0DAA35066C5607
> 
> Looking into the corresponding .cat "Security Catalog File"
> - netkvm.cat contains the above given hash for netkvm.sys,
> - viostor.cat contains 55FC4DA2EE96ECC3FD4865680436DCDA6B8C6BDD instead!
> 
> Running "sha1sum" on Linux print some completely different hashes, so I
> don't know what the Microsoft tool actually hash:
> 
>> # sha1sum /cdrom/NetKVM/2k12/amd64/netkvm.sys 
>> /cdrom/viostor/2k12/amd64/viostor.sys 
>> 1aa91c8e1d7680457d92c1875810a79f68af536d  /cdrom/NetKVM/2k12/amd64/netkvm.sys
>> f39bc2b561091addfcac30e370227c91700d2698  
>> /cdrom/viostor/2k12/amd64/viostor.sys
> 
> Is this a known issue?

There was some mismatch  reported between Windows and sha1sum on Linux.

> 
> Are there some (working) alternatives?
> 
> Are there some Linux tools to work with the .cat files and signatures to
> make sure they match?
> 
> Is there some better mailing list for VirtIO Windows driver issues?

Vadim and I monitor qemu-devel, you can also open bug in bugzilla.redhat.com 
 for virtio-win component or report an issue here: 
https://github.com/YanVugenfirer/kvm-guest-drivers-windows/issues 


> 
> 
> Some more background for our migration procedure:
> 
> - The VM was installed some years are on Xen.
> - The GPLPV drivers were added afterwards.
> - For the migration the GPLPV drivers were disabled and then removed.
> - A 2nd VirtIO hard-disk was added in KVM to trigger Windows to request
> the virstor driver.
> 
> If you need any more data, just ask.
> 
> Thanks in advance
> Philipp Hahn
> 
> PS: data was copied by hand from Windows, so it might contains
> copy-paste-errors.
> -- 
> Philipp Hahn
> Open Source Software Engineer
> 
> Univention GmbH
> be open.
> Mary-Somerville-Str. 1
> D-28359 Bremen
> Tel.: +49 421 22232-0
> Fax : +49 421 22232-99
> h...@univention.de
> 
> http://www.univention.de/
> Geschäftsführer: Peter H. Ganten
> HRB 20755 Amtsgericht Bremen
> Steuer-Nr.: 71-597-02876

Re: [Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-05-29 Thread Cole Robinson 
On 05/29/2015 10:43 AM, Philipp Hahn wrote:
> Hello,
> 
> we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM, but
> installing the VirtIO viostor.sys driver fails, because the signature of
> the driver doesn't seem to match what's stored in the corresponding .cat
> file.
> 
> On the other hand installing the drivers during a fresh install from the
> beginning never had any problems.
> 
> 
> We use
> 
> but also tried "virtio-win-0.1.103.iso" and "virtio-win-0.1-81.iso".
> 
> Running the following command on 0.1.104 prints (among others) the
> following sha1hash:
>> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
> /v /kp E:\NetKVM\2k12\amd64\netkvm.sys
> ...
>> Hash of file (sha1): 135E3AA23217610AEE8046F68550B0BA86F4EAE6
> 
>> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
> /v /kp E:\viostor\2k12\amd64\viostor.sys
> ...
>> Hash of file (sha1): EF11F5E539EEE0A9DB6DF3710A0DAA35066C5607
> 
> Looking into the corresponding .cat "Security Catalog File"
> - netkvm.cat contains the above given hash for netkvm.sys,
> - viostor.cat contains 55FC4DA2EE96ECC3FD4865680436DCDA6B8C6BDD instead!
> 
> Running "sha1sum" on Linux print some completely different hashes, so I
> don't know what the Microsoft tool actually hash:
> 
>> # sha1sum /cdrom/NetKVM/2k12/amd64/netkvm.sys 
>> /cdrom/viostor/2k12/amd64/viostor.sys 
>> 1aa91c8e1d7680457d92c1875810a79f68af536d  /cdrom/NetKVM/2k12/amd64/netkvm.sys
>> f39bc2b561091addfcac30e370227c91700d2698  
>> /cdrom/viostor/2k12/amd64/viostor.sys
> 
> Is this a known issue?
> 
> Are there some (working) alternatives?
> 
> Are there some Linux tools to work with the .cat files and signatures to
> make sure they match?
> 
> Is there some better mailing list for VirtIO Windows driver issues?
> 

There isn't a specific mailing. For technical issues the closest this is
qemu-devel or kvm list, but this seems more like a packaging/build system issue.

I'd suggest filing a bug at bugzilla.redhat.com, product=Virtualization Tools,
component=virtio-win, and dump all the info you posted above. Vadim is pretty
quick to respond in my experience.

Thanks,
Cole

> 
> Some more background for our migration procedure:
> 
> - The VM was installed some years are on Xen.
> - The GPLPV drivers were added afterwards.
> - For the migration the GPLPV drivers were disabled and then removed.
> - A 2nd VirtIO hard-disk was added in KVM to trigger Windows to request
> the virstor driver.
> 
> If you need any more data, just ask.
> 
> Thanks in advance
> Philipp Hahn
> 
> PS: data was copied by hand from Windows, so it might contains
> copy-paste-errors.
>

[Qemu-devel] VirtIO windows driver: viostor.sys not post-installable

2015-05-29 Thread Philipp Hahn 
Hello,

we tried to migrate some Windows 2008 and 2012 VMs from Xen to KVM, but
installing the VirtIO viostor.sys driver fails, because the signature of
the driver doesn't seem to match what's stored in the corresponding .cat
file.

On the other hand installing the drivers during a fresh install from the
beginning never had any problems.


We use

but also tried "virtio-win-0.1.103.iso" and "virtio-win-0.1-81.iso".

Running the following command on 0.1.104 prints (among others) the
following sha1hash:
> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
/v /kp E:\NetKVM\2k12\amd64\netkvm.sys
...
> Hash of file (sha1): 135E3AA23217610AEE8046F68550B0BA86F4EAE6

> "C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool.exe" /verify
/v /kp E:\viostor\2k12\amd64\viostor.sys
...
> Hash of file (sha1): EF11F5E539EEE0A9DB6DF3710A0DAA35066C5607

Looking into the corresponding .cat "Security Catalog File"
- netkvm.cat contains the above given hash for netkvm.sys,
- viostor.cat contains 55FC4DA2EE96ECC3FD4865680436DCDA6B8C6BDD instead!

Running "sha1sum" on Linux print some completely different hashes, so I
don't know what the Microsoft tool actually hash:

> # sha1sum /cdrom/NetKVM/2k12/amd64/netkvm.sys 
> /cdrom/viostor/2k12/amd64/viostor.sys 
> 1aa91c8e1d7680457d92c1875810a79f68af536d  /cdrom/NetKVM/2k12/amd64/netkvm.sys
> f39bc2b561091addfcac30e370227c91700d2698  
> /cdrom/viostor/2k12/amd64/viostor.sys

Is this a known issue?

Are there some (working) alternatives?

Are there some Linux tools to work with the .cat files and signatures to
make sure they match?

Is there some better mailing list for VirtIO Windows driver issues?


Some more background for our migration procedure:

- The VM was installed some years are on Xen.
- The GPLPV drivers were added afterwards.
- For the migration the GPLPV drivers were disabled and then removed.
- A 2nd VirtIO hard-disk was added in KVM to trigger Windows to request
the virstor driver.

If you need any more data, just ask.

Thanks in advance
Philipp Hahn

PS: data was copied by hand from Windows, so it might contains
copy-paste-errors.
-- 
Philipp Hahn
Open Source Software Engineer

Univention GmbH
be open.
Mary-Somerville-Str. 1
D-28359 Bremen
Tel.: +49 421 22232-0
Fax : +49 421 22232-99
h...@univention.de

http://www.univention.de/
Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876