ProHoster > Blog > internet news > Release of the QEMU 6.0 emulator

Release of the QEMU 6.0 emulator

The release of the QEMU 6.0 project is presented. As an emulator, QEMU allows you to run a program built for one hardware platform on a system with a completely different architecture, for example, run an ARM application on an x86-compatible PC. In the virtualization mode in QEMU, the performance of code execution in an isolated environment is close to a hardware system due to the direct execution of instructions on the CPU and the use of the Xen hypervisor or KVM module.

The project was originally created by Fabrice Bellard to allow Linux executables built for the x86 platform to run on non-x86 architectures. Over the years of development, full emulation support has been added for 14 hardware architectures, the number of emulated hardware devices has exceeded 400. In preparation for version 6.0, more than 3300 changes have been made from 268 developers.

Key improvements added in QEMU 6.0:

  • The NVMe controller emulator is brought into compliance with the NVMe 1.4 specification and is equipped with experimental support for zoned namespaces, multipath I/O and end-to-end data encryption on the drive.
  • Added experimental options “-machine x-remote” and “-device x-pci-proxy-dev” to move device emulation to external processes. In this mode, only emulation of the lsi53c895 SCSI adapter is currently supported.
  • Added experimental support for creating snapshots of RAM contents.
  • Added a FUSE module for exporting block devices, allowing you to mount a slice of the state of any block device used in the guest system. Export is carried out through the QMP command block-export-add or through the “--export” option in the qemu-storage-daemon utility.
  • The ARM emulator adds support for the ARMv8.1-M 'Helium' architecture and Cortex-M55 processors, as well as the extended ARMv8.4 TTST, SEL2 and DIT instructions. Added support for ARM boards mps3-an524 and mps3-an547 as well. Additional device emulation has been implemented for xlnx-zynqmp, xlnx-versal, sbsa-ref, npcm7xx and sabrelite boards.
  • For ARM, in emulation modes at the system and user environment levels, support for the ARMv8.5 MTE (MemTag, Memory Tagging Extension) extension has been implemented, which allows you to bind tags to each memory allocation operation and organize a pointer check when accessing memory, which must be associated with the correct tag . The extension can be used to block the exploitation of vulnerabilities caused by accessing already freed memory blocks, buffer overflows, accesses before initialization, and use outside the current context.
  • The 68k architecture emulator has added support for a new type of emulated machine “virt”, which uses virtio devices to optimize performance.
  • The x86 emulator adds the ability to use AMD SEV-ES (Secure Encrypted Virtualization) technology to encrypt processor registers used in the guest system, making the contents of the registers inaccessible to the host environment unless the guest system explicitly grants access to them.
  • The classic TCG (Tiny Code Generator) code generator, when emulating x86 systems, implements support for the PKS (Protection Keys Supervisor) mechanism, which can be used to protect access to privileged memory pages.
  • A new type of emulated machines “virt” has been added to the MIPS architecture emulator with support for Chinese Loongson-3 processors.
  • In the PowerPC architecture emulator for emulated machines “powernv”, support for external BMC controllers has been added. For emulated pseries machines, notification of failures when attempting to hot remove memory and CPU is provided.
  • Added support for emulating Qualcomm Hexagon processors with DSP.
  • The classic TCG (Tiny Code Generator) code generator supports macOS host environments on systems with the new Apple M1 ARM chip.
  • The RISC-V architecture emulator for Microchip PolarFire boards supports QSPI NOR flash.
  • The Tricore emulator now supports the new TriBoard board model, which emulates the Infineon TC27x SoC.
  • The ACPI emulator provides the ability to assign names to network adapters in guest systems that are independent of the order in which they are connected to the PCI bus.
  • virtiofs has added support for the FUSE_KILLPRIV_V2 option to improve guest performance.
  • VNC has added support for cursor transparency and support for scaling screen resolution in virtio-vga, based on the window size.
  • QMP (QEMU Machine Protocol) has added support for asynchronous parallel access when performing backup tasks.
  • The USB emulator has added the ability to save traffic generated when working with USB devices into a separate pcap file for subsequent inspection in Wireshark.
  • Added new QMP commands load-snapshot, save-snapshot and delete-snapshot to manage qcow2 snapshots.
  • Vulnerabilities CVE-2020-35517 and CVE-2021-20263 have been fixed in virtiofs. The first problem allows access to the host environment from the guest system by creating a special devices file in the guest system by a privileged user in a directory shared with the host environment. The second issue is caused by a bug in the handling of extended attributes in the 'xattrmap' option and can cause write permissions to be ignored and privilege escalation within the guest system.

Source: opennet.ru

Add a comment