Branch: refs/heads/stable-7.2
Home: https://github.com/qemu/qemu
Commit: 010f9a472c8c762a727d72310f55db3258cda3d5
https://github.com/qemu/qemu/commit/010f9a472c8c762a727d72310f55db3258cda3d5
Author: Jamin Lin <jamin_...@aspeedtech.com>
Date: 2025-05-29 (Thu, 29 May 2025)
Changed paths:
M hw/misc/aspeed_hace.c
Log Message:
-----------
hw/misc/aspeed_hace: Ensure HASH_IRQ is always set to prevent firmware hang
Currently, if the program encounters an unsupported algorithm, it does not set
the HASH_IRQ bit in the status register and send an interrupt to indicate
command completion. As a result, the FW gets stuck waiting for a completion
signal from the HACE module.
Additionally, in do_hash_operation, if an error occurs within the conditional
statement, the HASH_IRQ bit is not set in the status register. This causes the
firmware to continuously send HASH commands, as it is unaware that the HACE
model has completed processing the command.
To fix this, the HASH_IRQ bit in the status register must always be set to
ensure that the firmware receives an interrupt from the HACE module, preventing
it from getting stuck or repeatedly sending HASH commands.
Signed-off-by: Jamin Lin <jamin_...@aspeedtech.com>
Fixes: c5475b3 ("hw: Model ASPEED's Hash and Crypto Engine")
Reviewed-by: Cédric Le Goater <c...@redhat.com>
Link:
https://lore.kernel.org/qemu-devel/20250515081008.583578-4-jamin_...@aspeedtech.com
Signed-off-by: Cédric Le Goater <c...@redhat.com>
(cherry picked from commit fb8e59abbe46957cd599bb9aa9221fad1e4e989e)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 9ee786d9d850ef60838f031f9fbdd99a39bee124
https://github.com/qemu/qemu/commit/9ee786d9d850ef60838f031f9fbdd99a39bee124
Author: Huaitong Han <han...@chinatelecom.cn>
Date: 2025-06-02 (Mon, 02 Jun 2025)
Changed paths:
M hw/pci/pci.c
M hw/virtio/virtio-pci.c
M include/hw/pci/pci.h
Log Message:
-----------
vhost: Don't set vring call if guest notifier is unused
The vring call fd is set even when the guest does not use MSI-X (e.g., in the
case of virtio PMD), leading to unnecessary CPU overhead for processing
interrupts.
The commit 96a3d98d2c("vhost: don't set vring call if no vector") optimized the
case where MSI-X is enabled but the queue vector is unset. However, there's an
additional case where the guest uses INTx and the INTx_DISABLED bit in the PCI
config is set, meaning that no interrupt notifier will actually be used.
In such cases, the vring call fd should also be cleared to avoid redundant
interrupt handling.
Fixes: 96a3d98d2c("vhost: don't set vring call if no vector")
Reported-by: Zhiyuan Yuan <yuanzhiy...@chinatelecom.cn>
Signed-off-by: Jidong Xia <xi...@chinatelecom.cn>
Signed-off-by: Huaitong Han <han...@chinatelecom.cn>
Message-Id: <20250522100548.212740-1-han...@chinatelecom.cn>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit a9403bfcd93025df7b1924d0cf34fbc408955b33)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: f9a70c82c231f745726f40bd190763775d16b1e8
https://github.com/qemu/qemu/commit/f9a70c82c231f745726f40bd190763775d16b1e8
Author: Volker Rümelin <vr_q...@t-online.de>
Date: 2025-06-05 (Thu, 05 Jun 2025)
Changed paths:
M audio/audio.c
Log Message:
-----------
audio: fix SIGSEGV in AUD_get_buffer_size_out()
As far as the emulated audio devices are concerned the pointer
returned by AUD_open_out() is an opaque handle. This includes
the NULL pointer. In this case, AUD_get_buffer_size_out() should
return a sensible buffer size instead of triggering a segmentation
fault. All other public AUD_*_out() and audio_*_out() functions
handle this case.
Reviewed-by: Marc-André Lureau <marcandre.lur...@redhat.com>
Signed-off-by: Volker Rümelin <vr_q...@t-online.de>
Message-Id: <20250515054429.7385-2-vr_q...@t-online.de>
(cherry picked from commit 5ddd6c8dc849b4af44bd06840c9133d64e62c27c)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 2d39032357c2627cddadacb2d797c854b9bbb28c
https://github.com/qemu/qemu/commit/2d39032357c2627cddadacb2d797c854b9bbb28c
Author: Fiona Ebner <f.eb...@proxmox.com>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M hw/core/qdev-properties-system.c
Log Message:
-----------
hw/core/qdev-properties-system: Add missing return in set_drive_helper()
Currently, changing the 'drive' property of e.g. a scsi-hd object will
result in an assertion failure if the aio context of the block node
it's replaced with doesn't match the current aio context:
> bdrv_replace_child_noperm: Assertion `bdrv_get_aio_context(old_bs) ==
> bdrv_get_aio_context(new_bs)' failed.
The problematic scenario is already detected, but a 'return' statement
was missing.
Cc: qemu-sta...@nongnu.org
Fixes: d1a58c176a ("qdev: allow setting drive property for realized device")
Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
Message-ID: <20250523070211.280498-1-f.eb...@proxmox.com>
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Reviewed-by: Kevin Wolf <kw...@redhat.com>
Signed-off-by: Kevin Wolf <kw...@redhat.com>
(cherry picked from commit eef2dd03f948a512499775043bdc0c5c88d8a2dd)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 741f5877da67abf84d3594f1af7346b998a817bf
https://github.com/qemu/qemu/commit/741f5877da67abf84d3594f1af7346b998a817bf
Author: Bibo Mao <maob...@loongson.cn>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M hw/loongarch/acpi-build.c
Log Message:
-----------
hw/loongarch/virt: Fix big endian support with MCFG table
With API build_mcfg(), it is not necessary with parameter structure
AcpiMcfgInfo to convert to little endian since it is directly used
with host native endian.
Here remove endian conversion before calling function build_mcfg().
With this patch, bios-tables-test passes to run on big endian host
machine S390.
Fixes: 735143f10d3e ("hw/loongarch: Add acpi ged support")
Cc: qemu-sta...@nongnu.org
Signed-off-by: Bibo Mao <maob...@loongson.cn>
Reviewed-by: Song Gao <gaos...@loongson.cn>
Message-Id: <20250604065502.1114098-2-maob...@loongson.cn>
Signed-off-by: Song Gao <gaos...@loongson.cn>
(cherry picked from commit 9c55c03c05c1899521ff0c991b9296633d759890)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 9d40968725bf502b252c3b5248a7333bb4aa9ef9
https://github.com/qemu/qemu/commit/9d40968725bf502b252c3b5248a7333bb4aa9ef9
Author: Shameer Kolothum <shameerali.kolothum.th...@huawei.com>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M hw/arm/virt.c
Log Message:
-----------
hw/arm/virt: Check bypass iommu is not set for iommu-map DT property
default_bus_bypass_iommu tells us whether the bypass_iommu is set
for the default PCIe root bus. Make sure we check that before adding
the "iommu-map" DT property.
Cc: qemu-sta...@nongnu.org
Fixes: 6d7a85483a06 ("hw/arm/virt: Add default_bus_bypass_iommu machine option")
Suggested-by: Eric Auger <eric.au...@redhat.com>
Signed-off-by: Shameer Kolothum <shameerali.kolothum.th...@huawei.com>
Reviewed-by: Donald Dutile <ddut...@redhat.com>
Reviewed-by: Eric Auger <eric.au...@redhat.com>
Message-id: 20250602114655.42920-1-shameerali.kolothum.th...@huawei.com
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit f5ec751ee70d7960a97c6c675f69e924d82dc60d)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: dc8199d66b1f6f9a1e35952bc4fc100a4c7fedb5
https://github.com/qemu/qemu/commit/dc8199d66b1f6f9a1e35952bc4fc100a4c7fedb5
Author: Ethan Chen <etha...@andestech.com>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M qemu-options.hx
Log Message:
-----------
qemu-options.hx: Fix reversed description of icount sleep behavior
The documentation for the -icount option incorrectly describes the behavior
of the sleep suboption. Based on the actual implementation and system
behavior, the effects of sleep=on and sleep=off were inadvertently reversed.
This commit updates the description to reflect their intended functionality.
Cc: qemu-sta...@nongnu.org
Fixes: fa647905e6ba ("qemu-options.hx: Fix minor issues in icount
documentation")
Signed-off-by: Ethan Chen <etha...@andestech.com>
Message-id: 20250606095728.3672832-1-etha...@andestech.com
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit e372214e663a4370fe064f7867f402eade37357e)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 62ed767ba08fc1ad10c8c95ee65855660c410990
https://github.com/qemu/qemu/commit/62ed767ba08fc1ad10c8c95ee65855660c410990
Author: J. Neuschäfer <j.neuschae...@gmx.net>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M linux-user/arm/cpu_loop.c
Log Message:
-----------
linux-user/arm: Fix return value of SYS_cacheflush
Although the emulated cacheflush syscall does nothing, it still needs to
return zero to indicate success.
Cc: qemu-sta...@nongnu.org
Signed-off-by: J. Neuschäfer <j.neuschae...@gmx.net>
Message-id: 20250613-cache-v1-1-ee9f4a9ba...@gmx.net
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit 5ad2b1f443a96444cf3e7a2fbe17aae696201012)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 3b2089e6f29e1ce691057f347495ecce779d5d48
https://github.com/qemu/qemu/commit/3b2089e6f29e1ce691057f347495ecce779d5d48
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M tcg/tcg.c
Log Message:
-----------
tcg: Fix constant propagation in tcg_reg_alloc_dup
The scalar constant must be replicated for dup.
Cc: qemu-sta...@nongnu.org
Fixes: bab1671f0fa ("tcg: Manually expand INDEX_op_dup_vec")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3002
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
(cherry picked from commit 0d0fc3f4658937fb81fcc16a89738e83bd8d4795)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: d12f379cd416a63e8404428af7bf6d4ceb707fe9
https://github.com/qemu/qemu/commit/d12f379cd416a63e8404428af7bf6d4ceb707fe9
Author: Philippe Mathieu-Daudé <phi...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/hvf/hvf.c
M target/arm/kvm64.c
Log Message:
-----------
target/arm: Correct KVM & HVF dtb_compatible value
Linux kernel knows how to parse "arm,armv8", not "arm,arm-v8".
See arch/arm64/boot/dts/foundation-v8.dts:
https://github.com/torvalds/linux/commit/90556ca1ebdd
Cc: qemu-sta...@nongnu.org
Fixes: 26861c7ce06 ("target-arm: Add minimal KVM AArch64 support")
Fixes: 585df85efea ("hvf: arm: Implement -cpu host")
Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250623121845.7214-10-phi...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit a412575837b6a46584fba891e3706e87bd09a3e6)
(Mjt: the change is in target/arm/kvm64.c, not ../kvm.c)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: a9ec693b720b62225df85a6f534f13069e3f9755
https://github.com/qemu/qemu/commit/a9ec693b720b62225df85a6f534f13069e3f9755
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/translate-a64.c
Log Message:
-----------
target/arm: Fix SME vs AdvSIMD exception priority
We failed to raise an exception when
sme_excp_el == 0 and fp_excp_el == 1.
Cc: qemu-sta...@nongnu.org
Fixes: 3d74825f4d6 ("target/arm: Add SME enablement checks")
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250704142112.1018902-2-richard.hender...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit f9b0f69304071384b12912bf9dd78e9ffd261cec)
(Mjt: compensate for target/arm/translate-a64.c => target/arm/tcg/
files move by v7.2.0-1632-gf0984d4040c3)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 30f9eb2b2a9cbfb8653bfd02169cc482560ccb8c
https://github.com/qemu/qemu/commit/30f9eb2b2a9cbfb8653bfd02169cc482560ccb8c
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/translate-a64.c
Log Message:
-----------
target/arm: Fix sve_access_check for SME
Do not assume SME implies SVE. Ensure that the non-streaming
check is present along the SME path, since it is not implied
by sme_*_enabled_check.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250704142112.1018902-3-richard.hender...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit b4b2e070f41dd8774a70c6186141678558d79a38)
(Mjt: compensate for target/arm/translate-a64.c => target/arm/tcg/
files move by v7.2.0-1632-gf0984d4040c3)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: aee67c8b3992b5b0871b81a45ee08e0980ef3dbf
https://github.com/qemu/qemu/commit/aee67c8b3992b5b0871b81a45ee08e0980ef3dbf
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/translate-sve.c
Log Message:
-----------
target/arm: Fix 128-bit element ZIP, UZP, TRN
We missed the instructions UDEF when the vector size is too small.
We missed marking the instructions non-streaming with SME.
Cc: qemu-sta...@nongnu.org
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250704142112.1018902-4-richard.hender...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit e6ffd009c7710a8cc98094897fa0af609c114683)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 7095d415fd193a877fe727e2eec202b481a1bd73
https://github.com/qemu/qemu/commit/7095d415fd193a877fe727e2eec202b481a1bd73
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/translate-sve.c
Log Message:
-----------
target/arm: Fix PSEL size operands to tcg_gen_gvec_ands
Gvec only operates on size 8 and multiples of 16.
Predicates may be any multiple of 2.
Round up the size using the appropriate function.
Cc: qemu-sta...@nongnu.org
Fixes: 598ab0b24c0 ("target/arm: Implement PSEL")
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250704142112.1018902-8-richard.hender...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit 3801c5b75ffc60957265513338e8fd5f8b6ce8a1)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 1aa8057181bacab7a499a8ffd04c2de519e2171c
https://github.com/qemu/qemu/commit/1aa8057181bacab7a499a8ffd04c2de519e2171c
Author: Richard Henderson <richard.hender...@linaro.org>
Date: 2025-07-09 (Wed, 09 Jul 2025)
Changed paths:
M target/arm/sme_helper.c
Log Message:
-----------
target/arm: Fix f16_dotadd vs nan selection
Implement FPProcessNaNs4 within f16_dotadd, rather than
simply letting NaNs propagate through the function.
Cc: qemu-sta...@nongnu.org
Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)")
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-id: 20250704142112.1018902-9-richard.hender...@linaro.org
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
(cherry picked from commit cfc688c00ade84f6b32c7814b52c217f1d3b5eb1)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 5e1f406424b3a67e8d540e99d9d657c2d32cda47
https://github.com/qemu/qemu/commit/5e1f406424b3a67e8d540e99d9d657c2d32cda47
Author: Geoffrey Thomas <geo...@ldpreload.com>
Date: 2025-07-13 (Sun, 13 Jul 2025)
Changed paths:
M linux-user/fd-trans.h
M linux-user/main.c
Log Message:
-----------
linux-user: Hold the fd-trans lock across fork
If another thread is holding target_fd_trans_lock during a fork,
then the lock becomes permanently locked in the child and the
emulator deadlocks at the next interaction with the fd-trans table.
As with other locks, acquire the lock in fork_start() and release
it in fork_end().
Cc: qemu-sta...@nongnu.org
Signed-off-by: Geoffrey Thomas <geo...@ldpreload.com>
Fixes: c093364f4d91 "fd-trans: Fix race condition on reallocation of the
translation table."
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2846
Buglink: https://github.com/astral-sh/uv/issues/6105
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Message-ID: <20250314124742.4965-1-geo...@ldpreload.com>
(cherry picked from commit e4e839b2eeea5745c48ce47144c7842eb7cd455f)
(Mjt: adjust context in linux/main.c for 7.2)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 94ab5f6743b6d56f8ff6366ebde42e62e93b517d
https://github.com/qemu/qemu/commit/94ab5f6743b6d56f8ff6366ebde42e62e93b517d
Author: Chaney, Ben <bcha...@akamai.com>
Date: 2025-07-13 (Sun, 13 Jul 2025)
Changed paths:
M migration/ram.c
Log Message:
-----------
migration: Don't sync volatile memory after migration completes
Syncing volatile memory provides no benefit, instead it can cause
performance issues in some cases. Only sync memory that is marked as
non-volatile after migration completes on destination.
Signed-off-by: Ben Chaney <bcha...@akamai.com>
Fixes: bd108a44bc29 (migration: ram: Switch to ram block writeback)
Link: https://lore.kernel.org/r/1cc43f59-336f-4a12-84ad-db89e0a17...@akamai.com
Signed-off-by: Peter Xu <pet...@redhat.com>
(cherry picked from commit 983899eab4939dc4dff67fa4d822c5b4df7eae21)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: cd4ac461e161ba794cef048f4796de84c62ae25b
https://github.com/qemu/qemu/commit/cd4ac461e161ba794cef048f4796de84c62ae25b
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.h
Log Message:
-----------
amd_iommu: Fix Miscellaneous Information Register 0 encoding
The definitions encoding the maximum Virtual, Physical, and Guest Virtual
Address sizes supported by the IOMMU are using incorrect offsets i.e. the
VASize and GVASize offsets are switched. The value in the GVAsize field is
also modified, since it was incorrectly encoded.
Cc: qemu-sta...@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Co-developed-by: Ethan MILON <ethan.mi...@eviden.com>
Signed-off-by: Ethan MILON <ethan.mi...@eviden.com>
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Message-Id: <20250617150427.20585-2-alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 091c7d7924f33781c2fb8e7297dc54971e0c3785)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 4002ea511dcb39efdc2aad0b6f9e85c5e6e4c390
https://github.com/qemu/qemu/commit/4002ea511dcb39efdc2aad0b6f9e85c5e6e4c390
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.c
Log Message:
-----------
amd_iommu: Fix Device ID decoding for INVALIDATE_IOTLB_PAGES command
The DeviceID bits are extracted using an incorrect offset in the call to
amdvi_iotlb_remove_page(). This field is read (correctly) earlier, so use
the value already retrieved for devid.
Cc: qemu-sta...@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-3-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit c63b8d1425ba8b3b08ee4f7346457fd8a7f12a24)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: c309fddb3af8b4f0a234fa51eb022dc86d23c371
https://github.com/qemu/qemu/commit/c309fddb3af8b4f0a234fa51eb022dc86d23c371
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.c
M hw/i386/amd_iommu.h
Log Message:
-----------
amd_iommu: Update bitmasks representing DTE reserved fields
The DTE validation method verifies that all bits in reserved DTE fields are
unset. Update them according to the latest definition available in AMD I/O
Virtualization Technology (IOMMU) Specification - Section 2.2.2.1 Device
Table Entry Format. Remove the magic numbers and use a macro helper to
generate bitmasks covering the specified ranges for better legibility.
Note that some reserved fields specify that events are generated when they
contain non-zero bits, or checks are skipped under certain configurations.
This change only updates the reserved masks, checks for special conditions
are not yet implemented.
Cc: qemu-sta...@nongnu.org
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-4-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit ff3dcb3bf652912466dcc1cd10d3267f185c212e)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 7d8c916b772dead117c9d0aff30db00fa5ae7afe
https://github.com/qemu/qemu/commit/7d8c916b772dead117c9d0aff30db00fa5ae7afe
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.h
Log Message:
-----------
amd_iommu: Fix masks for various IOMMU MMIO Registers
Address various issues with definitions of the MMIO registers e.g. for the
Device Table Address Register, the size mask currently encompasses reserved
bits [11:9], so change it to only extract the bits [8:0] encoding size.
Convert masks to use GENMASK64 for consistency, and make unrelated
definitions independent.
Cc: qemu-sta...@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-5-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 108e10ff69099c3ebe147f505246be7c2ad2a499)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: dc0191c7c13f1151c65834259cba85a12d5ac69f
https://github.com/qemu/qemu/commit/dc0191c7c13f1151c65834259cba85a12d5ac69f
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.h
Log Message:
-----------
amd_iommu: Fix mask to retrieve Interrupt Table Root Pointer from DTE
Fix an off-by-one error in the definition of AMDVI_IR_PHYS_ADDR_MASK. The
current definition masks off the most significant bit of the Interrupt Table
Root ptr i.e. it only generates a mask with bits [50:6] set. See the AMD I/O
Virtualization Technology (IOMMU) Specification for the Interrupt Table
Root Pointer[51:6] field in the Device Table Entry format.
Cc: qemu-sta...@nongnu.org
Fixes: b44159fe0078 ("x86_iommu/amd: Add interrupt remap support when VAPIC is
not enabled")
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-6-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 123cf4bdd378f746dfa2f5415ba084148dded3e3)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 452a0cb27bf8a2c3aa98e28c24fbce12c1034fb0
https://github.com/qemu/qemu/commit/452a0cb27bf8a2c3aa98e28c24fbce12c1034fb0
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.c
Log Message:
-----------
amd_iommu: Fix the calculation for Device Table size
Correctly calculate the Device Table size using the format encoded in the
Device Table Base Address Register (MMIO Offset 0000h).
Cc: qemu-sta...@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-7-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 67d3077ee403472d45794399e97c9f329242fce9)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: cae7315f45ae6662e193e7126959e775a6d49040
https://github.com/qemu/qemu/commit/cae7315f45ae6662e193e7126959e775a6d49040
Author: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.h
Log Message:
-----------
amd_iommu: Remove duplicated definitions
No functional change.
Signed-off-by: Alejandro Jimenez <alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Message-Id: <20250617150427.20585-8-alejandro.j.jime...@oracle.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 5959b641c98b5ae9677e2c1d89902dac31b344d9)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 385eb77f6051d265322782a6f53a89bca9967d61
https://github.com/qemu/qemu/commit/385eb77f6051d265322782a6f53a89bca9967d61
Author: Ethan Milon <ethan.mi...@eviden.com>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M hw/i386/amd_iommu.c
Log Message:
-----------
amd_iommu: Fix truncation of oldval in amdvi_writeq
The variable `oldval` was incorrectly declared as a 32-bit `uint32_t`.
This could lead to truncation and incorrect behavior where the upper
read-only 32 bits are significant.
Fix the type of `oldval` to match the return type of `ldq_le_p()`.
Cc: qemu-sta...@nongnu.org
Fixes: d29a09ca6842 ("hw/i386: Introduce AMD IOMMU")
Signed-off-by: Ethan Milon <ethan.mi...@eviden.com>
Message-Id: <20250617150427.20585-9-alejandro.j.jime...@oracle.com>
Reviewed-by: Vasant Hegde <vasant.he...@amd.com>
Reviewed-by: Michael S. Tsirkin <m...@redhat.com>
Signed-off-by: Michael S. Tsirkin <m...@redhat.com>
(cherry picked from commit 5788929e05e18ed5f76dc8ade4210f022c9ba5a1)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 196137c1c6653adf6a49889814fe1d209d937861
https://github.com/qemu/qemu/commit/196137c1c6653adf6a49889814fe1d209d937861
Author: Akihiko Odaki <od...@rsg.ci.i.u-tokyo.ac.jp>
Date: 2025-07-16 (Wed, 16 Jul 2025)
Changed paths:
M ui/vnc-enc-zlib.c
M ui/vnc.c
M ui/vnc.h
Log Message:
-----------
ui/vnc: Do not copy z_stream
vnc_worker_thread_loop() copies z_stream stored in its local VncState to
the persistent VncState, and the copied one is freed with deflateEnd()
later. However, deflateEnd() refuses to operate with a copied z_stream
and returns Z_STREAM_ERROR, leaking the allocated memory.
Avoid copying the zlib state to fix the memory leak.
Fixes: bd023f953e5e ("vnc: threaded VNC server")
Signed-off-by: Akihiko Odaki <od...@rsg.ci.i.u-tokyo.ac.jp>
Reviewed-by: Marc-André Lureau <marcandre.lur...@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
Message-Id: <20250603-zlib-v3-1-20b857bd8...@rsg.ci.i.u-tokyo.ac.jp>
(cherry picked from commit aef22331b5a4670f42638a5f63a26e93bf779aae)
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Commit: 5a6481389d939c3efd6db63ecf68a5e15782f055
https://github.com/qemu/qemu/commit/5a6481389d939c3efd6db63ecf68a5e15782f055
Author: Michael Tokarev <m...@tls.msk.ru>
Date: 2025-07-22 (Tue, 22 Jul 2025)
Changed paths:
M VERSION
Log Message:
-----------
Update version for 7.2.19 release
Signed-off-by: Michael Tokarev <m...@tls.msk.ru>
Compare: https://github.com/qemu/qemu/compare/ceb3cba94bfa...5a6481389d93
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
