backends/hostmem.c | 6 +- block.c | 57 +++++------ block/backup-top.c | 4 +- block/backup.c | 13 +-- block/block-copy.c | 16 ++- block/io.c | 2 +- block/nbd.c | 48 +++++---- block/qcow2-bitmap.c | 41 ++++---- block/qcow2-cluster.c | 7 +- block/qcow2-refcount.c | 1 + block/qcow2-threads.c | 12 ++- blockjob.c | 16 +-- contrib/vhost-user-gpu/main.c | 4 +- contrib/vhost-user-gpu/virgl.c | 2 +- docs/interop/qemu-ga.rst | 5 +- dump/dump.c | 2 +- hw/9pfs/9p.h | 8 +- hw/arm/sbsa-ref.c | 1 - hw/block/dataplane/virtio-blk.c | 2 +- hw/block/dataplane/xen-block.c | 48 +++------ hw/core/machine.c | 6 +- hw/core/numa.c | 7 +- hw/i386/amd_iommu.c | 2 +- hw/i386/intel_iommu.c | 93 +++++++++++++---- hw/i386/intel_iommu_internal.h | 1 + hw/i386/x86.c | 8 +- hw/ide/core.c | 30 ++++-- hw/net/dp8393x.c | 200 ++++++++++++++++++++++++------------- hw/net/virtio-net.c | 3 +- hw/vfio/pci.c | 4 +- hw/virtio/virtio-balloon.c | 36 +++---- hw/virtio/virtio-mmio.c | 3 +- hw/virtio/virtio-pci.c | 2 + hw/virtio/virtio.c | 116 ++++++++++++++++++--- include/block/block-copy.h | 15 +-- include/hw/virtio/virtio.h | 2 + include/qemu/job.h | 11 +- include/qemu/progress_meter.h | 58 +++++++++++ job-qmp.c | 4 +- job.c | 6 +- nbd/server.c | 23 ++++- net/net.c | 2 +- plugins/core.c | 1 + qapi/block-core.json | 6 +- qemu-deprecated.texi | 8 ++ qemu-img.c | 6 +- qemu-nbd.c | 6 +- qga/commands-win32.c | 8 +- qga/commands.c | 9 +- qga/installer/qemu-ga.wxs | 2 +- qga/main.c | 4 +- qga/vss-win32/install.cpp | 11 ++ scsi/qemu-pr-helper.c | 17 ++-- target/arm/arm-powerctl.c | 6 ++ target/arm/cpu.h | 8 +- target/arm/helper.c | 14 ++- target/arm/helper.h | 1 + target/arm/translate.c | 9 +- target/arm/vec_helper.c | 2 + target/i386/cpu.c | 8 +- target/ppc/translate.c | 66 ++++++------ target/s390x/helper.c | 2 +- tcg/i386/tcg-target.inc.c | 10 +- tcg/tcg-op.c | 23 ++++- tests/ide-test.c | 174 ++++++++++++++------------------ tests/qemu-iotests/026 | 53 ++++++++++ tests/qemu-iotests/026.out | 16 +++ tests/qemu-iotests/026.out.nocache | 16 +++ tests/qemu-iotests/143 | 4 + tests/qemu-iotests/143.out | 2 + tests/qemu-iotests/244 | 14 +++ tests/qemu-iotests/244.out | 6 ++ 72 files changed, 963 insertions(+), 476 deletions(-) create mode 100644 include/qemu/progress_meter.h
Hi everyone,
The following new patches are queued for QEMU stable v4.2.1:
https://github.com/mdroth/qemu/commits/stable-4.2-staging
The release is planned for 2020-06-25:
https://wiki.qemu.org/Planning/4.2
Due to delays on my part this release is going out beyond the normal
~4 month support window. v5.0.1 is scheduled to be released as normal.
Please respond here or CC qemu-stable@nongnu.org on any additional patches
you think should be included in the release.
Thanks!
----------------------------------------------------------------
Alex Bennée (2):
target/arm: ensure we use current exception state after SCR update
tcg: save vaddr temp for plugin usage
Alexander Popov (2):
tests/ide-test: Create a single unit-test covering more PRDT cases
ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
Anthony PERARD (1):
xen-block: Fix double qlist remove and request leak
Basil Salman (2):
qga: Installer: Wait for installation to finish
qga-win: prevent crash when executing guest-file-read with large count
Christian Borntraeger (1):
s390/sclp: improve special wait psw logic
Christophe de Dinechin (1):
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Cornelia Huck (1):
compat: disable edid on correct virtio-gpu device
Daniel P. Berrangé (1):
qapi: better document NVMe blockdev @device parameter
David Hildenbrand (3):
virtio-balloon: fix free page hinting without an iothread
virtio-balloon: fix free page hinting check on unrealize
virtio-balloon: unref the iothread when unrealizing
Denis Plotnikov (1):
virtio-mmio: update queue size on guest write
Eduardo Habkost (1):
i386: Resolve CPU models to v1 by default
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Eric Blake (3):
qga: Fix undefined C behavior
nbd/server: Avoid long error message assertions CVE-2020-10761
block: Call attention to truncation of long NBD exports
Finn Thain (14):
dp8393x: Mask EOL bit from descriptor addresses
dp8393x: Always use 32-bit accesses
dp8393x: Clean up endianness hacks
dp8393x: Have dp8393x_receive() return the packet size
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Don't clobber packet checksum
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Pad frames to word or long word boundary
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Don't reset Silicon Revision register
dp8393x: Don't stop reception upon RBE interrupt assertion
Greg Kurz (1):
9p: Lock directory streams with a CoMutex
Igor Mammedov (3):
numa: remove not needed check
numa: properly check if numa is supported
hostmem: don't use mbind() if host-nodes is empty
Kevin Wolf (4):
block: Activate recursively even for already active nodes
qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
iotests: Test copy offloading with external data file
Li Hangjing (1):
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
Liu Yi L (2):
intel_iommu: a fix to vtd_find_as_from_bus_num()
intel_iommu: add present bit check for pasid table entries
Max Reitz (4):
backup-top: Begin drain earlier
qcow2: Fix alloc_cluster_abort() for pre-existing clusters
iotests/026: Test EIO on preallocated zero cluster
iotests/026: Test EIO on allocation in a data-file
Michael S. Tsirkin (3):
virtio: update queue size on guest write
virtio: add ability to delete vq through a pointer
virtio: make virtio_delete_queue idempotent
Nicholas Piggin (1):
target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
Niek Linnenbank (2):
arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
arm/arm-powerctl: rebuild hflags after setting CP15 bits in arm_set_cpu_on()
Pan Nengyuan (2):
block/nbd: extract the common cleanup code
block/nbd: fix memory leak in nbd_open()
Peter Maydell (2):
hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
dump: Fix writing of ELF section
Peter Wu (1):
hw/i386/pc: fix regression in parsing vga cmdline parameter
Peter Xu (1):
vfio/pci: Don't remove irqchip notifier if not registered
Philippe Mathieu-Daudé (1):
vhost-user-gpu: Release memory returned by vu_queue_pop() with free()
Raphael Pour (1):
qemu-nbd: Close inherited stderr
Richard Henderson (3):
target/arm: Set ISSIs16Bit in make_issinfo
tcg/i386: Fix INDEX_op_dup2_vec
target/arm: Clear tail in gvec_fmul_idx_*, gvec_fmla_idx_*
Sameeh Jubran (1):
qga-win: Handle VSS_E_PROVIDER_ALREADY_REGISTERED error
Stefan Hajnoczi (2):
virtio: gracefully handle invalid region caches
qemu-ga: document vsock-listen in the man page
Thomas Huth (1):
net: Do not include a newline in the id of -nic devices
Vitaly Chikunov (1):
target/ppc: Fix rlwinm on ppc64
Vladimir Sementsov-Ogievskiy (5):
qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap
block/qcow2-threads: fix qcow2_decompress
job: refactor progress to separate object
block/block-copy: fix progress calculation
block/io: fix bdrv_co_do_copy_on_readv
Yuri Benditovich (2):
virtio: reset region cache when on queue deletion
virtio-net: delete also control queue when TX/RX deleted
backends/hostmem.c | 6 +-
block.c | 57 +++++------
block/backup-top.c | 4 +-
block/backup.c | 13 +--
block/block-copy.c | 16 ++-
block/io.c | 2 +-
block/nbd.c | 48 +++++----
block/qcow2-bitmap.c | 41 ++++----
block/qcow2-cluster.c | 7 +-
block/qcow2-refcount.c | 1 +
block/qcow2-threads.c | 12 ++-
blockjob.c | 16 +--
contrib/vhost-user-gpu/main.c | 4 +-
contrib/vhost-user-gpu/virgl.c | 2 +-
docs/interop/qemu-ga.rst | 5 +-
dump/dump.c | 2 +-
hw/9pfs/9p.h | 8 +-
hw/arm/sbsa-ref.c | 1 -
hw/block/dataplane/virtio-blk.c | 2 +-
hw/block/dataplane/xen-block.c | 48 +++------
hw/core/machine.c | 6 +-
hw/core/numa.c | 7 +-
hw/i386/amd_iommu.c | 2 +-
hw/i386/intel_iommu.c | 93 +++++++++++++----
hw/i386/intel_iommu_internal.h | 1 +
hw/i386/x86.c | 8 +-
hw/ide/core.c | 30 ++++--
hw/net/dp8393x.c | 200 ++++++++++++++++++++++++-------------
hw/net/virtio-net.c | 3 +-
hw/vfio/pci.c | 4 +-
hw/virtio/virtio-balloon.c | 36 +++----
hw/virtio/virtio-mmio.c | 3 +-
hw/virtio/virtio-pci.c | 2 +
hw/virtio/virtio.c | 116 ++++++++++++++++++---
include/block/block-copy.h | 15 +--
include/hw/virtio/virtio.h | 2 +
include/qemu/job.h | 11 +-
include/qemu/progress_meter.h | 58 +++++++++++
job-qmp.c | 4 +-
job.c | 6 +-
nbd/server.c | 23 ++++-
net/net.c | 2 +-
plugins/core.c | 1 +
qapi/block-core.json | 6 +-
qemu-deprecated.texi | 8 ++
qemu-img.c | 6 +-
qemu-nbd.c | 6 +-
qga/commands-win32.c | 8 +-
qga/commands.c | 9 +-
qga/installer/qemu-ga.wxs | 2 +-
qga/main.c | 4 +-
qga/vss-win32/install.cpp | 11 ++
scsi/qemu-pr-helper.c | 17 ++--
target/arm/arm-powerctl.c | 6 ++
target/arm/cpu.h | 8 +-
target/arm/helper.c | 14 ++-
target/arm/helper.h | 1 +
target/arm/translate.c | 9 +-
target/arm/vec_helper.c | 2 +
target/i386/cpu.c | 8 +-
target/ppc/translate.c | 66 ++++++------
target/s390x/helper.c | 2 +-
tcg/i386/tcg-target.inc.c | 10 +-
tcg/tcg-op.c | 23 ++++-
tests/ide-test.c | 174 ++++++++++++++------------------
tests/qemu-iotests/026 | 53 ++++++++++
tests/qemu-iotests/026.out | 16 +++
tests/qemu-iotests/026.out.nocache | 16 +++
tests/qemu-iotests/143 | 4 +
tests/qemu-iotests/143.out | 2 +
tests/qemu-iotests/244 | 14 +++
tests/qemu-iotests/244.out | 6 ++
72 files changed, 963 insertions(+), 476 deletions(-)
create mode 100644 include/qemu/progress_meter.h
Hi Michael,
Our upcoming SLE15-SP2 and Leap 15.2 releases have a qemu package which
is based on v4.2.0. In addition to some of the patches already mentioned, here
is a list of others we have backported as being stable material. I threw a little
wider net this time than usual, so feel free to give it a more critical eye.
commit 8937a39da22e5d5689c516a2d4ce4f2bb6a378fc
Author: Han Han <hhan@redhat.com>
Revert "qemu-options.hx: Update for reboot-timeout parameter"
commit 0f516ca4767042aec8716369d6d62436fa10593a
Author: Robert Foley <robert.foley@linaro.org>
Fix double free issue in qemu_set_log_filename().
commit eb4ea9aaa0051054b3c148ad8631be7510851681
Author: Max Reitz <mreitz@redhat.com>
iotests: Fix IMGOPTSSYNTAX for nbd
commit fcd3f2cc124600385dba46c69a80626985c15b50
Author: Igor Mammedov <imammedo@redhat.com>
numa: properly check if numa is supported
commit ca26b032e5a0e8a190c763ce828a8740d24b9b65
Author: Cole Robinson <crobinso@redhat.com>
vhost-user-gpu: Drop trailing json comma
commit 0d82411d0e38a0de7829f97d04406765c8d2210d
Author: Cameron Esfahani <dirty@apple.com>
display/bochs-display: fix memory leak
commit 3d44c60500785f18bb469c9de0aeba7415c0f28f
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Apply address mask to linear strtab base address
commit 3293b9f514a413e019b7dbc9d543458075b4849e
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Correct SMMU_BASE_ADDR_MASK value
commit 05ff2fb80ce4ca85d8a39d48ff8156de739b4f51
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Check stream IDs against actual table LOG2SIZE
commit 41678c33aac61261522b74f08595ccf2221a430a
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Align stream table base address to table size
commit a7f65ceb851af5a5b639c6e30801076d848db2c2
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Use correct bit positions in EVT_SET_ADDR2 macro
commit b255cafb59578d16716186ed955717bc8f87bdb7
Author: Simon Veith <sveith@amazon.de>
hw/arm/smmuv3: Report F_STE_FETCH fault address in correct word position
commit 7b1d9c4df0603fbc526226a9c5ef91118aa6c957
Author: Max Reitz <mreitz@redhat.com>
block: Add bdrv_qapi_perm_to_blk_perm()
commit 69c6449ff10fe4e3219e960549307096d5366bd0
Author: Max Reitz <mreitz@redhat.com>
blkdebug: Allow taking/unsharing permissions
commit 16c5c6928ff53bd95e6504301ef6c285501531e7
Author: Laurent Vivier <lvivier@redhat.com>
migration-test: ppc64: fix FORTH test program
commit 30d544839e278dc76017b9a42990c41e84a34377
Author: Jeff Kubascik <jeff.kubascik@dornerworks.com>
target/arm: Return correct IL bit in merge_syn_data_abort
commit ddad81bd28de665475a87693a93e6cf5d6fd8bab
Author: Laurent Vivier <lvivier@redhat.com>
runstate: ignore finishmigrate -> prelaunch transition
commit 97e1e06780e70f6e98a0d2df881e0c0927d3aeb6
Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
migration: Rate limit inside host pages
commit 0780ec7be82dd4781e9fd216b5d99a125882ff5a
Author: Gerd Hoffmann <kraxel@redhat.com>
Revert "vnc: allow fall back to RAW encoding"
commit 557ba0e57200014bd4f453f6516f02b61bdfc782
Author: Cameron Esfahani <dirty@apple.com>
vnc: prioritize ZRLE compression over ZLIB
commit 322f244aaa80a5208090d41481c1c09c6face66b
Author: Laurent Vivier <laurent@vivier.eu>
m68k: Fix regression causing Single-Step via GDB/RSP to not single step
commit de0b1bae6461f67243282555475f88b2384a1eb9
Author: Vincent Dehors <vincent.dehors@smile.fr>
target/arm: Fix PAuth sbox functions
commit 420ae1fc51c99abfd03b1c590f55617edd2a2bed
Author: Paolo Bonzini <pbonzini@redhat.com>
target/i386: kvm: initialize feature MSRs very early
commit 3c5fd8074335c67777d9391b84f97070c35d9c63
Author: Cornelia Huck <cohuck@redhat.com>
s390x: adapter routes error handling
commit fb574de81bfdd71fdb0315105a3a7761efb68395
Author: Eiichi Tsukata <devel@etsukata.com>
block/backup: fix memory leak in bdrv_backup_top_append()
commit 71e415c8a75c130875f14d6b2136825789feb297
Author: Marc-André Lureau <marcandre.lureau@redhat.com>
tpm-ppi: page-align PPI RAM
commit 618bacabd3c8c3360be795cd8763bacdf5bec101
Author: Zenghui Yu <yuzenghui@huawei.com>
hw/intc/arm_gicv3_kvm: Stop wrongly programming GICR_PENDBASER.PTZ bit
commit 7a4ede0047a8613b0e3b72c9d351038f013dd357
Author: Gerd Hoffmann <kraxel@redhat.com>
audio/oss: fix buffer pos calculation
commit aeab8e5eb220cc5ff84b0b68b9afccc611bf0fcd
Author: Alex Bennée <alex.bennee@linaro.org>
target/arm: fix TCG leak for fcvt half->double
commit cb8956144ccaccf23d5cc4167677e2c84fa5a9f8
Author: Pan Nengyuan <pannengyuan@huawei.com>
block: fix memleaks in bdrv_refresh_filename
commit 0df62f45c1de6c020f1e6fba4eeafd248209b003
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
block/backup-top: fix failure path
commit a541fcc27c98b96da187c7d4573f3270f3ddd283
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
iotests: add test for backup-top failure on permission activation
commit 0999a4ba8718aa96105b978d3567fc7e90244c7e
Author: Liang Yan <lyan@suse.com>
target/arm/monitor: query-cpu-model-expansion crashed qemu when using machine type none
commit ac9d00bf7b47acae6b0e42910d9ed55fef3af5b8
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
block: fix crash on zero-length unaligned write and read
commit 804359b8b90f76d9d8fbe8d85a6544b68f107f10
Author: Max Reitz <mreitz@redhat.com>
block: Fix VM size field width in snapshot dump
commit a1ed04dd79aabb9dbeeb5fa7d49f1a3de0357553
Author: Peter Maydell <peter.maydell@linaro.org>
target/arm: Correct definition of PMCRDP
commit 9861546e1dae05c5152de7d3bd14e341ecadc972
Author: Pan Nengyuan <pannengyuan@huawei.com>
virtio-pmem: do delete rq_vq in virtio_pmem_unrealize
commit d56e1c8256cb37e68f9b5d98c6cc4e6ca463f1fd
Author: Pan Nengyuan <pannengyuan@huawei.com>
virtio-crypto: do delete ctrl_vq in virtio_crypto_device_unrealize
commit 13e5468127111bf44c5dc314d1dd2ec5a65dfec4
Author: Pan Nengyuan <pannengyuan@huawei.com>
vhost-user-blk: delete virtioqueues in unrealize to fix memleaks
commit 2104df2a1fbf44b2564427aa72fd58d66ce290a7
Author: Niek Linnenbank <nieklinnenbank@gmail.com>
hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition
commit 9bfc04f9ef6802fff0fc77130ff345a541783363
Author: Janosch Frank <frankja@linux.ibm.com>
pc-bios: s390x: Save iplb location in lowcore
commit 69135eb30b9c3fca583737a96df015174dc8e6dd
Author: Eric Blake <eblake@redhat.com>
iotests: Fix nonportable use of od --endian
commit 1583794b9b36911df116cc726750dadbeeac506a
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
ppc/ppc405_boards: Remove unnecessary NULL check
commit 71eaec2e8c7c8d266137b5c5f42da0bd6d6b5eb7
Author: Eric Blake <eblake@redhat.com>
block: Avoid memleak on qcow2 image info failure
commit 6e57963a77df1e275a73dab4c6a7ec9a9d3468d4
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
block: bdrv_set_backing_bs: fix use-after-free
commit d4ff109373ce871928c7e9ef648973eba642b484
Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
hmp/vnc: Fix info vnc list leak
commit 27d07fcfa70c3afa0664288cbce5334ed9595a3a
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
migration/colo: fix use after free of local_err
commit b4a1733c5e6827c72b0dcfa295e07ef7b1ebccff
Author: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
migration/ram: fix use after free of local_err
commit bb40ebce2cb0bd4bf37968074d43d5a864fb6dee
Author: Eric Blake <eblake@redhat.com>
qcow2: List autoclear bit names in header
commit ed049910637be991c88cc25c864115bc5b1e4dab
Author: Eric Blake <eblake@redhat.com>
sheepdog: Consistently set bdrv_has_zero_init_truncate
commit 8ffb7265af64ec81748335ec8f20e7ab542c3850
Author: Prasad J Pandit <pjp@fedoraproject.org>
net: tulip: check frame size and r/w data length
commit 7aab5899764887f6b0512cb2e5c11bdc2a5d3644
Author: David Gibson <david@gibson.dropbear.id.au>
spapr: Fix failure path for attempting to hot unplug PCI bridges
commit 3f6de653b946fe849330208becf79d6af7e876cb
Author: Kevin Wolf <kwolf@redhat.com>
vpc: Don't round up already aligned BAT sizes
commit 1a03362b14affa4d8ddede55df6e21d7a07b87c2
Author: Max Filippov <jcmvbkbc@gmail.com>
target/xtensa: fix pasto in pfwait.r opcode name
commit a4e57084c16d5b0eff3651693fba04f26b30b551
- Bruce
________________________________________
From: Qemu-devel <qemu-devel-bounces+brogers=suse.com@nongnu.org> on behalf of Michael Roth <mdroth@linux.vnet.ibm.com>
Sent: Tuesday, June 16, 2020 8:14 AM
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org
Subject: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
Hi everyone,
The following new patches are queued for QEMU stable v4.2.1:
https://github.com/mdroth/qemu/commits/stable-4.2-staging
The release is planned for 2020-06-25:
https://wiki.qemu.org/Planning/4.2
Due to delays on my part this release is going out beyond the normal
~4 month support window. v5.0.1 is scheduled to be released as normal.
Please respond here or CC qemu-stable@nongnu.org on any additional patches
you think should be included in the release.
Thanks!
----------------------------------------------------------------
Alex Bennée (2):
target/arm: ensure we use current exception state after SCR update
tcg: save vaddr temp for plugin usage
Alexander Popov (2):
tests/ide-test: Create a single unit-test covering more PRDT cases
ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
Anthony PERARD (1):
xen-block: Fix double qlist remove and request leak
Basil Salman (2):
qga: Installer: Wait for installation to finish
qga-win: prevent crash when executing guest-file-read with large count
Christian Borntraeger (1):
s390/sclp: improve special wait psw logic
Christophe de Dinechin (1):
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Cornelia Huck (1):
compat: disable edid on correct virtio-gpu device
Daniel P. Berrangé (1):
qapi: better document NVMe blockdev @device parameter
David Hildenbrand (3):
virtio-balloon: fix free page hinting without an iothread
virtio-balloon: fix free page hinting check on unrealize
virtio-balloon: unref the iothread when unrealizing
Denis Plotnikov (1):
virtio-mmio: update queue size on guest write
Eduardo Habkost (1):
i386: Resolve CPU models to v1 by default
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Eric Blake (3):
qga: Fix undefined C behavior
nbd/server: Avoid long error message assertions CVE-2020-10761
block: Call attention to truncation of long NBD exports
Finn Thain (14):
dp8393x: Mask EOL bit from descriptor addresses
dp8393x: Always use 32-bit accesses
dp8393x: Clean up endianness hacks
dp8393x: Have dp8393x_receive() return the packet size
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Don't clobber packet checksum
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Pad frames to word or long word boundary
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Don't reset Silicon Revision register
dp8393x: Don't stop reception upon RBE interrupt assertion
Greg Kurz (1):
9p: Lock directory streams with a CoMutex
Igor Mammedov (3):
numa: remove not needed check
numa: properly check if numa is supported
hostmem: don't use mbind() if host-nodes is empty
Kevin Wolf (4):
block: Activate recursively even for already active nodes
qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
iotests: Test copy offloading with external data file
Li Hangjing (1):
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
Liu Yi L (2):
intel_iommu: a fix to vtd_find_as_from_bus_num()
intel_iommu: add present bit check for pasid table entries
Max Reitz (4):
backup-top: Begin drain earlier
qcow2: Fix alloc_cluster_abort() for pre-existing clusters
iotests/026: Test EIO on preallocated zero cluster
iotests/026: Test EIO on allocation in a data-file
Michael S. Tsirkin (3):
virtio: update queue size on guest write
virtio: add ability to delete vq through a pointer
virtio: make virtio_delete_queue idempotent
Nicholas Piggin (1):
target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
Niek Linnenbank (2):
arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
arm/arm-powerctl: rebuild hflags after setting CP15 bits in arm_set_cpu_on()
Pan Nengyuan (2):
block/nbd: extract the common cleanup code
block/nbd: fix memory leak in nbd_open()
Peter Maydell (2):
hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
dump: Fix writing of ELF section
Peter Wu (1):
hw/i386/pc: fix regression in parsing vga cmdline parameter
Peter Xu (1):
vfio/pci: Don't remove irqchip notifier if not registered
Philippe Mathieu-Daudé (1):
vhost-user-gpu: Release memory returned by vu_queue_pop() with free()
Raphael Pour (1):
qemu-nbd: Close inherited stderr
Richard Henderson (3):
target/arm: Set ISSIs16Bit in make_issinfo
tcg/i386: Fix INDEX_op_dup2_vec
target/arm: Clear tail in gvec_fmul_idx_*, gvec_fmla_idx_*
Sameeh Jubran (1):
qga-win: Handle VSS_E_PROVIDER_ALREADY_REGISTERED error
Stefan Hajnoczi (2):
virtio: gracefully handle invalid region caches
qemu-ga: document vsock-listen in the man page
Thomas Huth (1):
net: Do not include a newline in the id of -nic devices
Vitaly Chikunov (1):
target/ppc: Fix rlwinm on ppc64
Vladimir Sementsov-Ogievskiy (5):
qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap
block/qcow2-threads: fix qcow2_decompress
job: refactor progress to separate object
block/block-copy: fix progress calculation
block/io: fix bdrv_co_do_copy_on_readv
Yuri Benditovich (2):
virtio: reset region cache when on queue deletion
virtio-net: delete also control queue when TX/RX deleted
backends/hostmem.c | 6 +-
block.c | 57 +++++------
block/backup-top.c | 4 +-
block/backup.c | 13 +--
block/block-copy.c | 16 ++-
block/io.c | 2 +-
block/nbd.c | 48 +++++----
block/qcow2-bitmap.c | 41 ++++----
block/qcow2-cluster.c | 7 +-
block/qcow2-refcount.c | 1 +
block/qcow2-threads.c | 12 ++-
blockjob.c | 16 +--
contrib/vhost-user-gpu/main.c | 4 +-
contrib/vhost-user-gpu/virgl.c | 2 +-
docs/interop/qemu-ga.rst | 5 +-
dump/dump.c | 2 +-
hw/9pfs/9p.h | 8 +-
hw/arm/sbsa-ref.c | 1 -
hw/block/dataplane/virtio-blk.c | 2 +-
hw/block/dataplane/xen-block.c | 48 +++------
hw/core/machine.c | 6 +-
hw/core/numa.c | 7 +-
hw/i386/amd_iommu.c | 2 +-
hw/i386/intel_iommu.c | 93 +++++++++++++----
hw/i386/intel_iommu_internal.h | 1 +
hw/i386/x86.c | 8 +-
hw/ide/core.c | 30 ++++--
hw/net/dp8393x.c | 200 ++++++++++++++++++++++++-------------
hw/net/virtio-net.c | 3 +-
hw/vfio/pci.c | 4 +-
hw/virtio/virtio-balloon.c | 36 +++----
hw/virtio/virtio-mmio.c | 3 +-
hw/virtio/virtio-pci.c | 2 +
hw/virtio/virtio.c | 116 ++++++++++++++++++---
include/block/block-copy.h | 15 +--
include/hw/virtio/virtio.h | 2 +
include/qemu/job.h | 11 +-
include/qemu/progress_meter.h | 58 +++++++++++
job-qmp.c | 4 +-
job.c | 6 +-
nbd/server.c | 23 ++++-
net/net.c | 2 +-
plugins/core.c | 1 +
qapi/block-core.json | 6 +-
qemu-deprecated.texi | 8 ++
qemu-img.c | 6 +-
qemu-nbd.c | 6 +-
qga/commands-win32.c | 8 +-
qga/commands.c | 9 +-
qga/installer/qemu-ga.wxs | 2 +-
qga/main.c | 4 +-
qga/vss-win32/install.cpp | 11 ++
scsi/qemu-pr-helper.c | 17 ++--
target/arm/arm-powerctl.c | 6 ++
target/arm/cpu.h | 8 +-
target/arm/helper.c | 14 ++-
target/arm/helper.h | 1 +
target/arm/translate.c | 9 +-
target/arm/vec_helper.c | 2 +
target/i386/cpu.c | 8 +-
target/ppc/translate.c | 66 ++++++------
target/s390x/helper.c | 2 +-
tcg/i386/tcg-target.inc.c | 10 +-
tcg/tcg-op.c | 23 ++++-
tests/ide-test.c | 174 ++++++++++++++------------------
tests/qemu-iotests/026 | 53 ++++++++++
tests/qemu-iotests/026.out | 16 +++
tests/qemu-iotests/026.out.nocache | 16 +++
tests/qemu-iotests/143 | 4 +
tests/qemu-iotests/143.out | 2 +
tests/qemu-iotests/244 | 14 +++
tests/qemu-iotests/244.out | 6 ++
72 files changed, 963 insertions(+), 476 deletions(-)
create mode 100644 include/qemu/progress_meter.h
On 16 Jun 2020, at 9:14, Michael Roth wrote:
> Hi everyone,
>
> The following new patches are queued for QEMU stable v4.2.1:
>
> https://github.com/mdroth/qemu/commits/stable-4.2-staging
>
> The release is planned for 2020-06-25:
>
> https://wiki.qemu.org/Planning/4.2
>
> Due to delays on my part this release is going out beyond the normal
> ~4 month support window. v5.0.1 is scheduled to be released as normal.
>
> Please respond here or CC qemu-stable@nongnu.org on any additional
> patches
> you think should be included in the release.
CVE related commits:
* 693fd2acdf14 ("iscsi: Cap block count from GET LBA STATUS
(CVE-2020-1711)")
* ac2071c3791b ("ati-vga: Fix checks in ati_2d_blt() to avoid crash")
to fix CVE-2020-11869
* a98610c429d5 ("ati-vga: check mm_index before recursive call
(CVE-2020-13800)")
* 369ff955a849 ("es1370: check total frame count against current frame")
to fix CVE-2020-13361
* Advance the slirp submodule to commit 2faae0f778f8 ("Fix use-afte-free
in ip_reass()") to fix CVE-2019-15890, CVE-2020-8608, and CVE-2020-1983
Fix for a crash:
* 9b3a31c745b6 ("kvm: Reallocate dirty_bmap when we change a slot")
Thank you,
Karl
>
> Thanks!
>
>
> ----------------------------------------------------------------
> Alex Bennée (2):
> target/arm: ensure we use current exception state after SCR
> update
> tcg: save vaddr temp for plugin usage
>
> Alexander Popov (2):
> tests/ide-test: Create a single unit-test covering more PRDT
> cases
> ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
>
> Anthony PERARD (1):
> xen-block: Fix double qlist remove and request leak
>
> Basil Salman (2):
> qga: Installer: Wait for installation to finish
> qga-win: prevent crash when executing guest-file-read with large
> count
>
> Christian Borntraeger (1):
> s390/sclp: improve special wait psw logic
>
> Christophe de Dinechin (1):
> scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
>
> Cornelia Huck (1):
> compat: disable edid on correct virtio-gpu device
>
> Daniel P. Berrangé (1):
> qapi: better document NVMe blockdev @device parameter
>
> David Hildenbrand (3):
> virtio-balloon: fix free page hinting without an iothread
> virtio-balloon: fix free page hinting check on unrealize
> virtio-balloon: unref the iothread when unrealizing
>
> Denis Plotnikov (1):
> virtio-mmio: update queue size on guest write
>
> Eduardo Habkost (1):
> i386: Resolve CPU models to v1 by default
>
> Emilio G. Cota (1):
> plugins/core: add missing break in cb_to_tcg_flags
>
> Eric Blake (3):
> qga: Fix undefined C behavior
> nbd/server: Avoid long error message assertions CVE-2020-10761
> block: Call attention to truncation of long NBD exports
>
> Finn Thain (14):
> dp8393x: Mask EOL bit from descriptor addresses
> dp8393x: Always use 32-bit accesses
> dp8393x: Clean up endianness hacks
> dp8393x: Have dp8393x_receive() return the packet size
> dp8393x: Update LLFA and CRDA registers from rx descriptor
> dp8393x: Clear RRRA command register bit only when appropriate
> dp8393x: Implement packet size limit and RBAE interrupt
> dp8393x: Don't clobber packet checksum
> dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
> dp8393x: Pad frames to word or long word boundary
> dp8393x: Clear descriptor in_use field to release packet
> dp8393x: Always update RRA pointers and sequence numbers
> dp8393x: Don't reset Silicon Revision register
> dp8393x: Don't stop reception upon RBE interrupt assertion
>
> Greg Kurz (1):
> 9p: Lock directory streams with a CoMutex
>
> Igor Mammedov (3):
> numa: remove not needed check
> numa: properly check if numa is supported
> hostmem: don't use mbind() if host-nodes is empty
>
> Kevin Wolf (4):
> block: Activate recursively even for already active nodes
> qcow2: update_refcount(): Reset old_table_index after
> qcow2_cache_put()
> qcow2: Fix qcow2_alloc_cluster_abort() for external data file
> iotests: Test copy offloading with external data file
>
> Li Hangjing (1):
> virtio-blk: fix out-of-bounds access to bitmap in
> notify_guest_bh
>
> Liu Yi L (2):
> intel_iommu: a fix to vtd_find_as_from_bus_num()
> intel_iommu: add present bit check for pasid table entries
>
> Max Reitz (4):
> backup-top: Begin drain earlier
> qcow2: Fix alloc_cluster_abort() for pre-existing clusters
> iotests/026: Test EIO on preallocated zero cluster
> iotests/026: Test EIO on allocation in a data-file
>
> Michael S. Tsirkin (3):
> virtio: update queue size on guest write
> virtio: add ability to delete vq through a pointer
> virtio: make virtio_delete_queue idempotent
>
> Nicholas Piggin (1):
> target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
>
> Niek Linnenbank (2):
> arm/arm-powerctl: set NSACR.{CP11, CP10} bits in
> arm_set_cpu_on()
> arm/arm-powerctl: rebuild hflags after setting CP15 bits in
> arm_set_cpu_on()
>
> Pan Nengyuan (2):
> block/nbd: extract the common cleanup code
> block/nbd: fix memory leak in nbd_open()
>
> Peter Maydell (2):
> hw/i386/amd_iommu.c: Fix corruption of log events passed to
> guest
> dump: Fix writing of ELF section
>
> Peter Wu (1):
> hw/i386/pc: fix regression in parsing vga cmdline parameter
>
> Peter Xu (1):
> vfio/pci: Don't remove irqchip notifier if not registered
>
> Philippe Mathieu-Daudé (1):
> vhost-user-gpu: Release memory returned by vu_queue_pop() with
> free()
>
> Raphael Pour (1):
> qemu-nbd: Close inherited stderr
>
> Richard Henderson (3):
> target/arm: Set ISSIs16Bit in make_issinfo
> tcg/i386: Fix INDEX_op_dup2_vec
> target/arm: Clear tail in gvec_fmul_idx_*, gvec_fmla_idx_*
>
> Sameeh Jubran (1):
> qga-win: Handle VSS_E_PROVIDER_ALREADY_REGISTERED error
>
> Stefan Hajnoczi (2):
> virtio: gracefully handle invalid region caches
> qemu-ga: document vsock-listen in the man page
>
> Thomas Huth (1):
> net: Do not include a newline in the id of -nic devices
>
> Vitaly Chikunov (1):
> target/ppc: Fix rlwinm on ppc64
>
> Vladimir Sementsov-Ogievskiy (5):
> qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap
> block/qcow2-threads: fix qcow2_decompress
> job: refactor progress to separate object
> block/block-copy: fix progress calculation
> block/io: fix bdrv_co_do_copy_on_readv
>
> Yuri Benditovich (2):
> virtio: reset region cache when on queue deletion
> virtio-net: delete also control queue when TX/RX deleted
>
> backends/hostmem.c | 6 +-
> block.c | 57 +++++------
> block/backup-top.c | 4 +-
> block/backup.c | 13 +--
> block/block-copy.c | 16 ++-
> block/io.c | 2 +-
> block/nbd.c | 48 +++++----
> block/qcow2-bitmap.c | 41 ++++----
> block/qcow2-cluster.c | 7 +-
> block/qcow2-refcount.c | 1 +
> block/qcow2-threads.c | 12 ++-
> blockjob.c | 16 +--
> contrib/vhost-user-gpu/main.c | 4 +-
> contrib/vhost-user-gpu/virgl.c | 2 +-
> docs/interop/qemu-ga.rst | 5 +-
> dump/dump.c | 2 +-
> hw/9pfs/9p.h | 8 +-
> hw/arm/sbsa-ref.c | 1 -
> hw/block/dataplane/virtio-blk.c | 2 +-
> hw/block/dataplane/xen-block.c | 48 +++------
> hw/core/machine.c | 6 +-
> hw/core/numa.c | 7 +-
> hw/i386/amd_iommu.c | 2 +-
> hw/i386/intel_iommu.c | 93 +++++++++++++----
> hw/i386/intel_iommu_internal.h | 1 +
> hw/i386/x86.c | 8 +-
> hw/ide/core.c | 30 ++++--
> hw/net/dp8393x.c | 200
> ++++++++++++++++++++++++-------------
> hw/net/virtio-net.c | 3 +-
> hw/vfio/pci.c | 4 +-
> hw/virtio/virtio-balloon.c | 36 +++----
> hw/virtio/virtio-mmio.c | 3 +-
> hw/virtio/virtio-pci.c | 2 +
> hw/virtio/virtio.c | 116 ++++++++++++++++++---
> include/block/block-copy.h | 15 +--
> include/hw/virtio/virtio.h | 2 +
> include/qemu/job.h | 11 +-
> include/qemu/progress_meter.h | 58 +++++++++++
> job-qmp.c | 4 +-
> job.c | 6 +-
> nbd/server.c | 23 ++++-
> net/net.c | 2 +-
> plugins/core.c | 1 +
> qapi/block-core.json | 6 +-
> qemu-deprecated.texi | 8 ++
> qemu-img.c | 6 +-
> qemu-nbd.c | 6 +-
> qga/commands-win32.c | 8 +-
> qga/commands.c | 9 +-
> qga/installer/qemu-ga.wxs | 2 +-
> qga/main.c | 4 +-
> qga/vss-win32/install.cpp | 11 ++
> scsi/qemu-pr-helper.c | 17 ++--
> target/arm/arm-powerctl.c | 6 ++
> target/arm/cpu.h | 8 +-
> target/arm/helper.c | 14 ++-
> target/arm/helper.h | 1 +
> target/arm/translate.c | 9 +-
> target/arm/vec_helper.c | 2 +
> target/i386/cpu.c | 8 +-
> target/ppc/translate.c | 66 ++++++------
> target/s390x/helper.c | 2 +-
> tcg/i386/tcg-target.inc.c | 10 +-
> tcg/tcg-op.c | 23 ++++-
> tests/ide-test.c | 174
> ++++++++++++++------------------
> tests/qemu-iotests/026 | 53 ++++++++++
> tests/qemu-iotests/026.out | 16 +++
> tests/qemu-iotests/026.out.nocache | 16 +++
> tests/qemu-iotests/143 | 4 +
> tests/qemu-iotests/143.out | 2 +
> tests/qemu-iotests/244 | 14 +++
> tests/qemu-iotests/244.out | 6 ++
> 72 files changed, 963 insertions(+), 476 deletions(-)
> create mode 100644 include/qemu/progress_meter.h
On 16/06/2020 15:14, Michael Roth wrote:
> Hi everyone,
>
> The following new patches are queued for QEMU stable v4.2.1:
>
> https://github.com/mdroth/qemu/commits/stable-4.2-staging
>
> The release is planned for 2020-06-25:
>
> https://wiki.qemu.org/Planning/4.2
>
> Due to delays on my part this release is going out beyond the normal
> ~4 month support window. v5.0.1 is scheduled to be released as normal.
>
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should be included in the release.
Does this need to be picked up too?
4a910e1f6ab4 ("target/i386: do not set unsupported VMX secondary
execution controls")
(which fixes https://bugzilla.redhat.com/show_bug.cgi?id=1822682)
Regards,
Liam
>
>
> ----------------------------------------------------------------
> Alex Bennée (2):
> target/arm: ensure we use current exception state after SCR update
> tcg: save vaddr temp for plugin usage
>
> Alexander Popov (2):
> tests/ide-test: Create a single unit-test covering more PRDT cases
> ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
>
> Anthony PERARD (1):
> xen-block: Fix double qlist remove and request leak
>
> Basil Salman (2):
> qga: Installer: Wait for installation to finish
> qga-win: prevent crash when executing guest-file-read with large count
>
> Christian Borntraeger (1):
> s390/sclp: improve special wait psw logic
>
> Christophe de Dinechin (1):
> scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
>
> Cornelia Huck (1):
> compat: disable edid on correct virtio-gpu device
>
> Daniel P. Berrangé (1):
> qapi: better document NVMe blockdev @device parameter
>
> David Hildenbrand (3):
> virtio-balloon: fix free page hinting without an iothread
> virtio-balloon: fix free page hinting check on unrealize
> virtio-balloon: unref the iothread when unrealizing
>
> Denis Plotnikov (1):
> virtio-mmio: update queue size on guest write
>
> Eduardo Habkost (1):
> i386: Resolve CPU models to v1 by default
>
> Emilio G. Cota (1):
> plugins/core: add missing break in cb_to_tcg_flags
>
> Eric Blake (3):
> qga: Fix undefined C behavior
> nbd/server: Avoid long error message assertions CVE-2020-10761
> block: Call attention to truncation of long NBD exports
>
> Finn Thain (14):
> dp8393x: Mask EOL bit from descriptor addresses
> dp8393x: Always use 32-bit accesses
> dp8393x: Clean up endianness hacks
> dp8393x: Have dp8393x_receive() return the packet size
> dp8393x: Update LLFA and CRDA registers from rx descriptor
> dp8393x: Clear RRRA command register bit only when appropriate
> dp8393x: Implement packet size limit and RBAE interrupt
> dp8393x: Don't clobber packet checksum
> dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
> dp8393x: Pad frames to word or long word boundary
> dp8393x: Clear descriptor in_use field to release packet
> dp8393x: Always update RRA pointers and sequence numbers
> dp8393x: Don't reset Silicon Revision register
> dp8393x: Don't stop reception upon RBE interrupt assertion
>
> Greg Kurz (1):
> 9p: Lock directory streams with a CoMutex
>
> Igor Mammedov (3):
> numa: remove not needed check
> numa: properly check if numa is supported
> hostmem: don't use mbind() if host-nodes is empty
>
> Kevin Wolf (4):
> block: Activate recursively even for already active nodes
> qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
> qcow2: Fix qcow2_alloc_cluster_abort() for external data file
> iotests: Test copy offloading with external data file
>
> Li Hangjing (1):
> virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
>
> Liu Yi L (2):
> intel_iommu: a fix to vtd_find_as_from_bus_num()
> intel_iommu: add present bit check for pasid table entries
>
> Max Reitz (4):
> backup-top: Begin drain earlier
> qcow2: Fix alloc_cluster_abort() for pre-existing clusters
> iotests/026: Test EIO on preallocated zero cluster
> iotests/026: Test EIO on allocation in a data-file
>
> Michael S. Tsirkin (3):
> virtio: update queue size on guest write
> virtio: add ability to delete vq through a pointer
> virtio: make virtio_delete_queue idempotent
>
> Nicholas Piggin (1):
> target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
>
> Niek Linnenbank (2):
> arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
> arm/arm-powerctl: rebuild hflags after setting CP15 bits in arm_set_cpu_on()
>
> Pan Nengyuan (2):
> block/nbd: extract the common cleanup code
> block/nbd: fix memory leak in nbd_open()
>
> Peter Maydell (2):
> hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
> dump: Fix writing of ELF section
>
> Peter Wu (1):
> hw/i386/pc: fix regression in parsing vga cmdline parameter
>
> Peter Xu (1):
> vfio/pci: Don't remove irqchip notifier if not registered
>
> Philippe Mathieu-Daudé (1):
> vhost-user-gpu: Release memory returned by vu_queue_pop() with free()
>
> Raphael Pour (1):
> qemu-nbd: Close inherited stderr
>
> Richard Henderson (3):
> target/arm: Set ISSIs16Bit in make_issinfo
> tcg/i386: Fix INDEX_op_dup2_vec
> target/arm: Clear tail in gvec_fmul_idx_*, gvec_fmla_idx_*
>
> Sameeh Jubran (1):
> qga-win: Handle VSS_E_PROVIDER_ALREADY_REGISTERED error
>
> Stefan Hajnoczi (2):
> virtio: gracefully handle invalid region caches
> qemu-ga: document vsock-listen in the man page
>
> Thomas Huth (1):
> net: Do not include a newline in the id of -nic devices
>
> Vitaly Chikunov (1):
> target/ppc: Fix rlwinm on ppc64
>
> Vladimir Sementsov-Ogievskiy (5):
> qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap
> block/qcow2-threads: fix qcow2_decompress
> job: refactor progress to separate object
> block/block-copy: fix progress calculation
> block/io: fix bdrv_co_do_copy_on_readv
>
> Yuri Benditovich (2):
> virtio: reset region cache when on queue deletion
> virtio-net: delete also control queue when TX/RX deleted
>
> backends/hostmem.c | 6 +-
> block.c | 57 +++++------
> block/backup-top.c | 4 +-
> block/backup.c | 13 +--
> block/block-copy.c | 16 ++-
> block/io.c | 2 +-
> block/nbd.c | 48 +++++----
> block/qcow2-bitmap.c | 41 ++++----
> block/qcow2-cluster.c | 7 +-
> block/qcow2-refcount.c | 1 +
> block/qcow2-threads.c | 12 ++-
> blockjob.c | 16 +--
> contrib/vhost-user-gpu/main.c | 4 +-
> contrib/vhost-user-gpu/virgl.c | 2 +-
> docs/interop/qemu-ga.rst | 5 +-
> dump/dump.c | 2 +-
> hw/9pfs/9p.h | 8 +-
> hw/arm/sbsa-ref.c | 1 -
> hw/block/dataplane/virtio-blk.c | 2 +-
> hw/block/dataplane/xen-block.c | 48 +++------
> hw/core/machine.c | 6 +-
> hw/core/numa.c | 7 +-
> hw/i386/amd_iommu.c | 2 +-
> hw/i386/intel_iommu.c | 93 +++++++++++++----
> hw/i386/intel_iommu_internal.h | 1 +
> hw/i386/x86.c | 8 +-
> hw/ide/core.c | 30 ++++--
> hw/net/dp8393x.c | 200 ++++++++++++++++++++++++-------------
> hw/net/virtio-net.c | 3 +-
> hw/vfio/pci.c | 4 +-
> hw/virtio/virtio-balloon.c | 36 +++----
> hw/virtio/virtio-mmio.c | 3 +-
> hw/virtio/virtio-pci.c | 2 +
> hw/virtio/virtio.c | 116 ++++++++++++++++++---
> include/block/block-copy.h | 15 +--
> include/hw/virtio/virtio.h | 2 +
> include/qemu/job.h | 11 +-
> include/qemu/progress_meter.h | 58 +++++++++++
> job-qmp.c | 4 +-
> job.c | 6 +-
> nbd/server.c | 23 ++++-
> net/net.c | 2 +-
> plugins/core.c | 1 +
> qapi/block-core.json | 6 +-
> qemu-deprecated.texi | 8 ++
> qemu-img.c | 6 +-
> qemu-nbd.c | 6 +-
> qga/commands-win32.c | 8 +-
> qga/commands.c | 9 +-
> qga/installer/qemu-ga.wxs | 2 +-
> qga/main.c | 4 +-
> qga/vss-win32/install.cpp | 11 ++
> scsi/qemu-pr-helper.c | 17 ++--
> target/arm/arm-powerctl.c | 6 ++
> target/arm/cpu.h | 8 +-
> target/arm/helper.c | 14 ++-
> target/arm/helper.h | 1 +
> target/arm/translate.c | 9 +-
> target/arm/vec_helper.c | 2 +
> target/i386/cpu.c | 8 +-
> target/ppc/translate.c | 66 ++++++------
> target/s390x/helper.c | 2 +-
> tcg/i386/tcg-target.inc.c | 10 +-
> tcg/tcg-op.c | 23 ++++-
> tests/ide-test.c | 174 ++++++++++++++------------------
> tests/qemu-iotests/026 | 53 ++++++++++
> tests/qemu-iotests/026.out | 16 +++
> tests/qemu-iotests/026.out.nocache | 16 +++
> tests/qemu-iotests/143 | 4 +
> tests/qemu-iotests/143.out | 2 +
> tests/qemu-iotests/244 | 14 +++
> tests/qemu-iotests/244.out | 6 ++
> 72 files changed, 963 insertions(+), 476 deletions(-)
> create mode 100644 include/qemu/progress_meter.h
>
>
>
On 6/16/20 10:14 AM, Michael Roth wrote:
> Hi everyone,
>
> The following new patches are queued for QEMU stable v4.2.1:
>
> https://github.com/mdroth/qemu/commits/stable-4.2-staging
>
> The release is planned for 2020-06-25:
>
> https://wiki.qemu.org/Planning/4.2
>
> Due to delays on my part this release is going out beyond the normal
> ~4 month support window. v5.0.1 is scheduled to be released as normal.
>
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should be included in the release.
>
> Thanks!
A few bug fixes we are carrying in Fedora 32:
commit eca3a945234a5f0a499860dd11df64b5f1a2e0a5
Author: Cole Robinson <crobinso@redhat.com>
Date: Wed Nov 13 16:09:35 2019 -0500
tests: fix modules-test 'duplicate test case' error
commit 8deb8019d696c75e6ecaee7545026b62aba2f1bb
Author: David Gibson <david@gibson.dropbear.id.au>
Date: Fri Oct 18 15:19:31 2019 +1100
spapr: Don't trigger a CAS reboot for XICS/XIVE mode changeover
commit bb8136df698bd565ee4f6c18d26c50dee320bfe4
Author: Pan Nengyuan <pannengyuan@huawei.com>
Date: Tue Dec 10 15:14:37 2019 +0800
riscv/sifive_u: fix a memory leak in soc_realize()
commit a37f21c27d3e2342c2080aafd4cfe7e949612428
Author: Yiting Wang <yiting.wang@windriver.com>
Date: Fri Jan 3 11:53:42 2020 +0800
riscv: Set xPIE to 1 after xRET
commit 613fa160e19abe8e1fe44423fcfa8ec73d3d48e5
Author: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue Jan 14 22:17:31 2020 -0800
target/riscv: Fix tb->flags FS status
commit a59796eb6d59bbd74ce28ddbddb1b83e60674e96
Author: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue Jan 14 22:17:32 2020 -0800
target/riscv: fsd/fsw doesn't dirty FP state
commit 82f014671cf057de51c4a577c9e2ad637dcec6f9
Author: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue Jan 14 22:17:33 2020 -0800
target/riscv: update mstatus.SD when FS is set dirty
Thanks,
Cole
Quoting Michael Roth (2020-06-16 09:14:29)
> Hi everyone,
>
> The following new patches are queued for QEMU stable v4.2.1:
>
> https://github.com/mdroth/qemu/commits/stable-4.2-staging
>
> The release is planned for 2020-06-25:
>
> https://wiki.qemu.org/Planning/4.2
>
> Due to delays on my part this release is going out beyond the normal
> ~4 month support window. v5.0.1 is scheduled to be released as normal.
>
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should be included in the release.
The following additional patches have been added to the staging tree:
iotests/283: Use consistent size for source and target
Fix tulip breakage
tcg/mips: mips sync* encode error
target/xtensa: fix pasto in pfwait.r opcode name
vpc: Don't round up already aligned BAT sizes
spapr: Fix failure path for attempting to hot unplug PCI bridges
net: tulip: check frame size and r/w data length
sheepdog: Consistently set bdrv_has_zero_init_truncate
qcow2: List autoclear bit names in header
migration/ram: fix use after free of local_err
migration/colo: fix use after free of local_err
hmp/vnc: Fix info vnc list leak
block: bdrv_set_backing_bs: fix use-after-free
block: Avoid memleak on qcow2 image info failure
ppc/ppc405_boards: Remove unnecessary NULL check
iotests: Fix nonportable use of od --endian
pc-bios: s390x: Save iplb location in lowcore
hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition
vhost-user-blk: delete virtioqueues in unrealize to fix memleaks
virtio-crypto: do delete ctrl_vq in virtio_crypto_device_unrealize
virtio-pmem: do delete rq_vq in virtio_pmem_unrealize
target/arm: Correct definition of PMCRDP
block: Fix VM size field width in snapshot dump
block: fix crash on zero-length unaligned write and read
target/arm/monitor: query-cpu-model-expansion crashed qemu when using machine type none
iotests: add test for backup-top failure on permission activation
block/backup-top: fix failure path
block: fix memleaks in bdrv_refresh_filename
target/arm: fix TCG leak for fcvt half->double
audio/oss: fix buffer pos calculation
hw/intc/arm_gicv3_kvm: Stop wrongly programming GICR_PENDBASER.PTZ bit
tpm-ppi: page-align PPI RAM
block/backup: fix memory leak in bdrv_backup_top_append()
s390x: adapter routes error handling
target/i386: kvm: initialize feature MSRs very early
target/arm: Fix PAuth sbox functions
m68k: Fix regression causing Single-Step via GDB/RSP to not single step
Revert "vnc: allow fall back to RAW encoding"
migration: Rate limit inside host pages
runstate: ignore finishmigrate -> prelaunch transition
target/arm: Return correct IL bit in merge_syn_data_abort
migration-test: ppc64: fix FORTH test program
blkdebug: Allow taking/unsharing permissions
block: Add bdrv_qapi_perm_to_blk_perm()
hw/arm/smmuv3: Report F_STE_FETCH fault address in correct word position
hw/arm/smmuv3: Use correct bit positions in EVT_SET_ADDR2 macro
hw/arm/smmuv3: Align stream table base address to table size
hw/arm/smmuv3: Check stream IDs against actual table LOG2SIZE
hw/arm/smmuv3: Correct SMMU_BASE_ADDR_MASK value
hw/arm/smmuv3: Apply address mask to linear strtab base address
display/bochs-display: fix memory leak
vhost-user-gpu: Drop trailing json comma
iotests: Fix IMGOPTSSYNTAX for nbd
Fix double free issue in qemu_set_log_filename().
Revert "qemu-options.hx: Update for reboot-timeout parameter"
iotests/026: Move v3-exclusive test to new file
dp8393x: Mask EOL bit from descriptor addresses, take 2
slirp: update to fix CVE-2020-1983
kvm: Reallocate dirty_bmap when we change a slot
es1370: check total frame count against current frame
ati-vga: check mm_index before recursive call (CVE-2020-13800)
ati-vga: Fix checks in ati_2d_blt() to avoid crash
iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)
target/i386: do not set unsupported VMX secondary execution controls
target/riscv: update mstatus.SD when FS is set dirty
target/riscv: fsd/fsw doesn't dirty FP state
target/riscv: Fix tb->flags FS status
riscv: Set xPIE to 1 after xRET
riscv/sifive_u: fix a memory leak in soc_realize()
tests: fix modules-test 'duplicate test case' error
Thanks everyone for the suggestions.
>
> Thanks!
>
>
> ----------------------------------------------------------------
> Alex Bennée (2):
> target/arm: ensure we use current exception state after SCR update
> tcg: save vaddr temp for plugin usage
>
> Alexander Popov (2):
> tests/ide-test: Create a single unit-test covering more PRDT cases
> ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
>
> Anthony PERARD (1):
> xen-block: Fix double qlist remove and request leak
>
> Basil Salman (2):
> qga: Installer: Wait for installation to finish
> qga-win: prevent crash when executing guest-file-read with large count
>
> Christian Borntraeger (1):
> s390/sclp: improve special wait psw logic
>
> Christophe de Dinechin (1):
> scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
>
> Cornelia Huck (1):
> compat: disable edid on correct virtio-gpu device
>
> Daniel P. Berrangé (1):
> qapi: better document NVMe blockdev @device parameter
>
> David Hildenbrand (3):
> virtio-balloon: fix free page hinting without an iothread
> virtio-balloon: fix free page hinting check on unrealize
> virtio-balloon: unref the iothread when unrealizing
>
> Denis Plotnikov (1):
> virtio-mmio: update queue size on guest write
>
> Eduardo Habkost (1):
> i386: Resolve CPU models to v1 by default
>
> Emilio G. Cota (1):
> plugins/core: add missing break in cb_to_tcg_flags
>
> Eric Blake (3):
> qga: Fix undefined C behavior
> nbd/server: Avoid long error message assertions CVE-2020-10761
> block: Call attention to truncation of long NBD exports
>
> Finn Thain (14):
> dp8393x: Mask EOL bit from descriptor addresses
> dp8393x: Always use 32-bit accesses
> dp8393x: Clean up endianness hacks
> dp8393x: Have dp8393x_receive() return the packet size
> dp8393x: Update LLFA and CRDA registers from rx descriptor
> dp8393x: Clear RRRA command register bit only when appropriate
> dp8393x: Implement packet size limit and RBAE interrupt
> dp8393x: Don't clobber packet checksum
> dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
> dp8393x: Pad frames to word or long word boundary
> dp8393x: Clear descriptor in_use field to release packet
> dp8393x: Always update RRA pointers and sequence numbers
> dp8393x: Don't reset Silicon Revision register
> dp8393x: Don't stop reception upon RBE interrupt assertion
>
> Greg Kurz (1):
> 9p: Lock directory streams with a CoMutex
>
> Igor Mammedov (3):
> numa: remove not needed check
> numa: properly check if numa is supported
> hostmem: don't use mbind() if host-nodes is empty
>
> Kevin Wolf (4):
> block: Activate recursively even for already active nodes
> qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
> qcow2: Fix qcow2_alloc_cluster_abort() for external data file
> iotests: Test copy offloading with external data file
>
> Li Hangjing (1):
> virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
>
> Liu Yi L (2):
> intel_iommu: a fix to vtd_find_as_from_bus_num()
> intel_iommu: add present bit check for pasid table entries
>
> Max Reitz (4):
> backup-top: Begin drain earlier
> qcow2: Fix alloc_cluster_abort() for pre-existing clusters
> iotests/026: Test EIO on preallocated zero cluster
> iotests/026: Test EIO on allocation in a data-file
>
> Michael S. Tsirkin (3):
> virtio: update queue size on guest write
> virtio: add ability to delete vq through a pointer
> virtio: make virtio_delete_queue idempotent
>
> Nicholas Piggin (1):
> target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
>
> Niek Linnenbank (2):
> arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
> arm/arm-powerctl: rebuild hflags after setting CP15 bits in arm_set_cpu_on()
>
> Pan Nengyuan (2):
> block/nbd: extract the common cleanup code
> block/nbd: fix memory leak in nbd_open()
>
> Peter Maydell (2):
> hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
> dump: Fix writing of ELF section
>
> Peter Wu (1):
> hw/i386/pc: fix regression in parsing vga cmdline parameter
>
> Peter Xu (1):
> vfio/pci: Don't remove irqchip notifier if not registered
>
> Philippe Mathieu-Daudé (1):
> vhost-user-gpu: Release memory returned by vu_queue_pop() with free()
>
> Raphael Pour (1):
> qemu-nbd: Close inherited stderr
>
> Richard Henderson (3):
> target/arm: Set ISSIs16Bit in make_issinfo
> tcg/i386: Fix INDEX_op_dup2_vec
> target/arm: Clear tail in gvec_fmul_idx_*, gvec_fmla_idx_*
>
> Sameeh Jubran (1):
> qga-win: Handle VSS_E_PROVIDER_ALREADY_REGISTERED error
>
> Stefan Hajnoczi (2):
> virtio: gracefully handle invalid region caches
> qemu-ga: document vsock-listen in the man page
>
> Thomas Huth (1):
> net: Do not include a newline in the id of -nic devices
>
> Vitaly Chikunov (1):
> target/ppc: Fix rlwinm on ppc64
>
> Vladimir Sementsov-Ogievskiy (5):
> qcow2-bitmaps: fix qcow2_can_store_new_dirty_bitmap
> block/qcow2-threads: fix qcow2_decompress
> job: refactor progress to separate object
> block/block-copy: fix progress calculation
> block/io: fix bdrv_co_do_copy_on_readv
>
> Yuri Benditovich (2):
> virtio: reset region cache when on queue deletion
> virtio-net: delete also control queue when TX/RX deleted
>
> backends/hostmem.c | 6 +-
> block.c | 57 +++++------
> block/backup-top.c | 4 +-
> block/backup.c | 13 +--
> block/block-copy.c | 16 ++-
> block/io.c | 2 +-
> block/nbd.c | 48 +++++----
> block/qcow2-bitmap.c | 41 ++++----
> block/qcow2-cluster.c | 7 +-
> block/qcow2-refcount.c | 1 +
> block/qcow2-threads.c | 12 ++-
> blockjob.c | 16 +--
> contrib/vhost-user-gpu/main.c | 4 +-
> contrib/vhost-user-gpu/virgl.c | 2 +-
> docs/interop/qemu-ga.rst | 5 +-
> dump/dump.c | 2 +-
> hw/9pfs/9p.h | 8 +-
> hw/arm/sbsa-ref.c | 1 -
> hw/block/dataplane/virtio-blk.c | 2 +-
> hw/block/dataplane/xen-block.c | 48 +++------
> hw/core/machine.c | 6 +-
> hw/core/numa.c | 7 +-
> hw/i386/amd_iommu.c | 2 +-
> hw/i386/intel_iommu.c | 93 +++++++++++++----
> hw/i386/intel_iommu_internal.h | 1 +
> hw/i386/x86.c | 8 +-
> hw/ide/core.c | 30 ++++--
> hw/net/dp8393x.c | 200 ++++++++++++++++++++++++-------------
> hw/net/virtio-net.c | 3 +-
> hw/vfio/pci.c | 4 +-
> hw/virtio/virtio-balloon.c | 36 +++----
> hw/virtio/virtio-mmio.c | 3 +-
> hw/virtio/virtio-pci.c | 2 +
> hw/virtio/virtio.c | 116 ++++++++++++++++++---
> include/block/block-copy.h | 15 +--
> include/hw/virtio/virtio.h | 2 +
> include/qemu/job.h | 11 +-
> include/qemu/progress_meter.h | 58 +++++++++++
> job-qmp.c | 4 +-
> job.c | 6 +-
> nbd/server.c | 23 ++++-
> net/net.c | 2 +-
> plugins/core.c | 1 +
> qapi/block-core.json | 6 +-
> qemu-deprecated.texi | 8 ++
> qemu-img.c | 6 +-
> qemu-nbd.c | 6 +-
> qga/commands-win32.c | 8 +-
> qga/commands.c | 9 +-
> qga/installer/qemu-ga.wxs | 2 +-
> qga/main.c | 4 +-
> qga/vss-win32/install.cpp | 11 ++
> scsi/qemu-pr-helper.c | 17 ++--
> target/arm/arm-powerctl.c | 6 ++
> target/arm/cpu.h | 8 +-
> target/arm/helper.c | 14 ++-
> target/arm/helper.h | 1 +
> target/arm/translate.c | 9 +-
> target/arm/vec_helper.c | 2 +
> target/i386/cpu.c | 8 +-
> target/ppc/translate.c | 66 ++++++------
> target/s390x/helper.c | 2 +-
> tcg/i386/tcg-target.inc.c | 10 +-
> tcg/tcg-op.c | 23 ++++-
> tests/ide-test.c | 174 ++++++++++++++------------------
> tests/qemu-iotests/026 | 53 ++++++++++
> tests/qemu-iotests/026.out | 16 +++
> tests/qemu-iotests/026.out.nocache | 16 +++
> tests/qemu-iotests/143 | 4 +
> tests/qemu-iotests/143.out | 2 +
> tests/qemu-iotests/244 | 14 +++
> tests/qemu-iotests/244.out | 6 ++
> 72 files changed, 963 insertions(+), 476 deletions(-)
> create mode 100644 include/qemu/progress_meter.h
>
>
Hi Michael,
On Tue, 16 Jun 2020, Michael Roth wrote:
>
> Finn Thain (14):
> dp8393x: Mask EOL bit from descriptor addresses
> dp8393x: Always use 32-bit accesses
> dp8393x: Clean up endianness hacks
> dp8393x: Have dp8393x_receive() return the packet size
> dp8393x: Update LLFA and CRDA registers from rx descriptor
> dp8393x: Clear RRRA command register bit only when appropriate
> dp8393x: Implement packet size limit and RBAE interrupt
> dp8393x: Don't clobber packet checksum
> dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
> dp8393x: Pad frames to word or long word boundary
> dp8393x: Clear descriptor in_use field to release packet
> dp8393x: Always update RRA pointers and sequence numbers
> dp8393x: Don't reset Silicon Revision register
> dp8393x: Don't stop reception upon RBE interrupt assertion
>
Thanks for picking these fixes. When the maintainer originally merged this
series of patches, the first patch got slightly damaged. This was remedied
in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
commit for v4.2.1 please?
[1]
https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9037@vivier.eu/
On Sat, 20 Jun 2020, Finn Thain wrote:
>
> Thanks for picking these fixes. When the maintainer originally merged this
> series of patches, the first patch got slightly damaged. This was remedied
> in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
> Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
> commit for v4.2.1 please?
>
> [1]
> https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9037@vivier.eu/
>
While we're on the subject of cherry-picking fixes for fixes, you may also
want to consider c264e5d2f9f5d73977eac8e5d084f727b3d07ea9. I didn't find
any fixes for fixes for fixes. That search probably needs to be
automated...
Quoting Finn Thain (2020-06-19 22:39:41)
> On Sat, 20 Jun 2020, Finn Thain wrote:
>
> >
> > Thanks for picking these fixes. When the maintainer originally merged this
> > series of patches, the first patch got slightly damaged. This was remedied
> > in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
> > Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
> > commit for v4.2.1 please?
> >
> > [1]
> > https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9037@vivier.eu/
> >
>
> While we're on the subject of cherry-picking fixes for fixes, you may also
> want to consider c264e5d2f9f5d73977eac8e5d084f727b3d07ea9. I didn't find
> any fixes for fixes for fixes. That search probably needs to be
> automated...
Thanks for the catch/suggestion. I've added a script to the process to help
find follow-up fixes, but it still needs to be run manually. Some sort of git
integration would probably be a good next step.
© 2016 - 2026 Red Hat, Inc.