Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
Quoting Finn Thain (2020-06-19 22:39:41)
> On Sat, 20 Jun 2020, Finn Thain wrote:
>
> >
> > Thanks for picking these fixes. When the maintainer originally merged this
> > series of patches, the first patch got slightly damaged. This was remedied
> > in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
> > Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
> > commit for v4.2.1 please?
> >
> > [1]
> > https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9...@vivier.eu/
> >
>
> While we're on the subject of cherry-picking fixes for fixes, you may also
> want to consider c264e5d2f9f5d73977eac8e5d084f727b3d07ea9. I didn't find
> any fixes for fixes for fixes. That search probably needs to be
> automated...
Thanks for the catch/suggestion. I've added a script to the process to help
find follow-up fixes, but it still needs to be run manually. Some sort of git
integration would probably be a good next step.
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
Quoting Michael Roth (2020-06-16 09:14:29) > Hi everyone, > > The following new patches are queued for QEMU stable v4.2.1: > > https://github.com/mdroth/qemu/commits/stable-4.2-staging > > The release is planned for 2020-06-25: > > https://wiki.qemu.org/Planning/4.2 > > Due to delays on my part this release is going out beyond the normal > ~4 month support window. v5.0.1 is scheduled to be released as normal. > > Please respond here or CC qemu-sta...@nongnu.org on any additional patches > you think should be included in the release. The following additional patches have been added to the staging tree: iotests/283: Use consistent size for source and target Fix tulip breakage tcg/mips: mips sync* encode error target/xtensa: fix pasto in pfwait.r opcode name vpc: Don't round up already aligned BAT sizes spapr: Fix failure path for attempting to hot unplug PCI bridges net: tulip: check frame size and r/w data length sheepdog: Consistently set bdrv_has_zero_init_truncate qcow2: List autoclear bit names in header migration/ram: fix use after free of local_err migration/colo: fix use after free of local_err hmp/vnc: Fix info vnc list leak block: bdrv_set_backing_bs: fix use-after-free block: Avoid memleak on qcow2 image info failure ppc/ppc405_boards: Remove unnecessary NULL check iotests: Fix nonportable use of od --endian pc-bios: s390x: Save iplb location in lowcore hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition vhost-user-blk: delete virtioqueues in unrealize to fix memleaks virtio-crypto: do delete ctrl_vq in virtio_crypto_device_unrealize virtio-pmem: do delete rq_vq in virtio_pmem_unrealize target/arm: Correct definition of PMCRDP block: Fix VM size field width in snapshot dump block: fix crash on zero-length unaligned write and read target/arm/monitor: query-cpu-model-expansion crashed qemu when using machine type none iotests: add test for backup-top failure on permission activation block/backup-top: fix failure path block: fix memleaks in bdrv_refresh_filename target/arm: fix TCG leak for fcvt half->double audio/oss: fix buffer pos calculation hw/intc/arm_gicv3_kvm: Stop wrongly programming GICR_PENDBASER.PTZ bit tpm-ppi: page-align PPI RAM block/backup: fix memory leak in bdrv_backup_top_append() s390x: adapter routes error handling target/i386: kvm: initialize feature MSRs very early target/arm: Fix PAuth sbox functions m68k: Fix regression causing Single-Step via GDB/RSP to not single step Revert "vnc: allow fall back to RAW encoding" migration: Rate limit inside host pages runstate: ignore finishmigrate -> prelaunch transition target/arm: Return correct IL bit in merge_syn_data_abort migration-test: ppc64: fix FORTH test program blkdebug: Allow taking/unsharing permissions block: Add bdrv_qapi_perm_to_blk_perm() hw/arm/smmuv3: Report F_STE_FETCH fault address in correct word position hw/arm/smmuv3: Use correct bit positions in EVT_SET_ADDR2 macro hw/arm/smmuv3: Align stream table base address to table size hw/arm/smmuv3: Check stream IDs against actual table LOG2SIZE hw/arm/smmuv3: Correct SMMU_BASE_ADDR_MASK value hw/arm/smmuv3: Apply address mask to linear strtab base address display/bochs-display: fix memory leak vhost-user-gpu: Drop trailing json comma iotests: Fix IMGOPTSSYNTAX for nbd Fix double free issue in qemu_set_log_filename(). Revert "qemu-options.hx: Update for reboot-timeout parameter" iotests/026: Move v3-exclusive test to new file dp8393x: Mask EOL bit from descriptor addresses, take 2 slirp: update to fix CVE-2020-1983 kvm: Reallocate dirty_bmap when we change a slot es1370: check total frame count against current frame ati-vga: check mm_index before recursive call (CVE-2020-13800) ati-vga: Fix checks in ati_2d_blt() to avoid crash iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) target/i386: do not set unsupported VMX secondary execution controls target/riscv: update mstatus.SD when FS is set dirty target/riscv: fsd/fsw doesn't dirty FP state target/riscv: Fix tb->flags FS status riscv: Set xPIE to 1 after xRET riscv/sifive_u: fix a memory leak in soc_realize() tests: fix modules-test 'duplicate test case' error Thanks everyone for the suggestions. > > Thanks! > > > > Alex Bennée (2): > target/arm: ensure we use current exception state after SCR update > tcg: save vaddr temp for plugin usage > > Alexander Popov (2): > tests/ide-test: Create a single unit-test covering more PRDT cases > ide: Fix incorrect handling of some PRDTs in ide_dma_cb() > > Anthony PERARD (1): > xen-block: Fix double qlist remove and request leak > > Basil Salman (2): > qga: Installer: Wait for installation to finish > qga-win: prevent crash when executing guest-file-read with large count > > Christian
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
finition of PMCRDP commit 9861546e1dae05c5152de7d3bd14e341ecadc972 Author: Pan Nengyuan virtio-pmem: do delete rq_vq in virtio_pmem_unrealize commit d56e1c8256cb37e68f9b5d98c6cc4e6ca463f1fd Author: Pan Nengyuan virtio-crypto: do delete ctrl_vq in virtio_crypto_device_unrealize commit 13e5468127111bf44c5dc314d1dd2ec5a65dfec4 Author: Pan Nengyuan vhost-user-blk: delete virtioqueues in unrealize to fix memleaks commit 2104df2a1fbf44b2564427aa72fd58d66ce290a7 Author: Niek Linnenbank hw/arm/cubieboard: use ARM Cortex-A8 as the default CPU in machine definition commit 9bfc04f9ef6802fff0fc77130ff345a541783363 Author: Janosch Frank pc-bios: s390x: Save iplb location in lowcore commit 69135eb30b9c3fca583737a96df015174dc8e6dd Author: Eric Blake iotests: Fix nonportable use of od --endian commit 1583794b9b36911df116cc726750dadbeeac506a Author: Philippe Mathieu-Daudé ppc/ppc405_boards: Remove unnecessary NULL check commit 71eaec2e8c7c8d266137b5c5f42da0bd6d6b5eb7 Author: Eric Blake block: Avoid memleak on qcow2 image info failure commit 6e57963a77df1e275a73dab4c6a7ec9a9d3468d4 Author: Vladimir Sementsov-Ogievskiy block: bdrv_set_backing_bs: fix use-after-free commit d4ff109373ce871928c7e9ef648973eba642b484 Author: Dr. David Alan Gilbert hmp/vnc: Fix info vnc list leak commit 27d07fcfa70c3afa0664288cbce5334ed9595a3a Author: Vladimir Sementsov-Ogievskiy migration/colo: fix use after free of local_err commit b4a1733c5e6827c72b0dcfa295e07ef7b1ebccff Author: Vladimir Sementsov-Ogievskiy migration/ram: fix use after free of local_err commit bb40ebce2cb0bd4bf37968074d43d5a864fb6dee Author: Eric Blake qcow2: List autoclear bit names in header commit ed049910637be991c88cc25c864115bc5b1e4dab Author: Eric Blake sheepdog: Consistently set bdrv_has_zero_init_truncate commit 8ffb7265af64ec81748335ec8f20e7ab542c3850 Author: Prasad J Pandit net: tulip: check frame size and r/w data length commit 7aab5899764887f6b0512cb2e5c11bdc2a5d3644 Author: David Gibson spapr: Fix failure path for attempting to hot unplug PCI bridges commit 3f6de653b946fe849330208becf79d6af7e876cb Author: Kevin Wolf vpc: Don't round up already aligned BAT sizes commit 1a03362b14affa4d8ddede55df6e21d7a07b87c2 Author: Max Filippov target/xtensa: fix pasto in pfwait.r opcode name commit a4e57084c16d5b0eff3651693fba04f26b30b551 - Bruce From: Qemu-devel on behalf of Michael Roth Sent: Tuesday, June 16, 2020 8:14 AM To: qemu-devel@nongnu.org Cc: qemu-sta...@nongnu.org Subject: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22 Hi everyone, The following new patches are queued for QEMU stable v4.2.1: https://github.com/mdroth/qemu/commits/stable-4.2-staging The release is planned for 2020-06-25: https://wiki.qemu.org/Planning/4.2 Due to delays on my part this release is going out beyond the normal ~4 month support window. v5.0.1 is scheduled to be released as normal. Please respond here or CC qemu-sta...@nongnu.org on any additional patches you think should be included in the release. Thanks! Alex Bennée (2): target/arm: ensure we use current exception state after SCR update tcg: save vaddr temp for plugin usage Alexander Popov (2): tests/ide-test: Create a single unit-test covering more PRDT cases ide: Fix incorrect handling of some PRDTs in ide_dma_cb() Anthony PERARD (1): xen-block: Fix double qlist remove and request leak Basil Salman (2): qga: Installer: Wait for installation to finish qga-win: prevent crash when executing guest-file-read with large count Christian Borntraeger (1): s390/sclp: improve special wait psw logic Christophe de Dinechin (1): scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[] Cornelia Huck (1): compat: disable edid on correct virtio-gpu device Daniel P. Berrangé (1): qapi: better document NVMe blockdev @device parameter David Hildenbrand (3): virtio-balloon: fix free page hinting without an iothread virtio-balloon: fix free page hinting check on unrealize virtio-balloon: unref the iothread when unrealizing Denis Plotnikov (1): virtio-mmio: update queue size on guest write Eduardo Habkost (1): i386: Resolve CPU models to v1 by default Emilio G. Cota (1): plugins/core: add missing break in cb_to_tcg_flags Eric Blake (3): qga: Fix undefined C behavior nbd/server: Avoid long error message assertions CVE-2020-10761 block: Call attention to truncation of long NBD exports Finn Thain (14): dp8393x: Mask EOL bit from descriptor addresses dp8393x: Always use 32-bit accesses dp8393x: Clean up endianness hacks dp8393x: Have dp8393x_receive() return the packet size dp8393x: Update LLFA and CRDA registers from rx descriptor dp8393x: Clear RRRA
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
On Sat, 20 Jun 2020, Finn Thain wrote:
>
> Thanks for picking these fixes. When the maintainer originally merged this
> series of patches, the first patch got slightly damaged. This was remedied
> in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
> Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
> commit for v4.2.1 please?
>
> [1]
> https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9...@vivier.eu/
>
While we're on the subject of cherry-picking fixes for fixes, you may also
want to consider c264e5d2f9f5d73977eac8e5d084f727b3d07ea9. I didn't find
any fixes for fixes for fixes. That search probably needs to be
automated...
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
Hi Michael,
On Tue, 16 Jun 2020, Michael Roth wrote:
>
> Finn Thain (14):
> dp8393x: Mask EOL bit from descriptor addresses
> dp8393x: Always use 32-bit accesses
> dp8393x: Clean up endianness hacks
> dp8393x: Have dp8393x_receive() return the packet size
> dp8393x: Update LLFA and CRDA registers from rx descriptor
> dp8393x: Clear RRRA command register bit only when appropriate
> dp8393x: Implement packet size limit and RBAE interrupt
> dp8393x: Don't clobber packet checksum
> dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
> dp8393x: Pad frames to word or long word boundary
> dp8393x: Clear descriptor in_use field to release packet
> dp8393x: Always update RRA pointers and sequence numbers
> dp8393x: Don't reset Silicon Revision register
> dp8393x: Don't stop reception upon RBE interrupt assertion
>
Thanks for picking these fixes. When the maintainer originally merged this
series of patches, the first patch got slightly damaged. This was remedied
in a subsequent patch[1]. That is, mainline commit a0cf4297d6 ("dp8393x:
Mask EOL bit from descriptor addresses, take 2"). Would you also pick that
commit for v4.2.1 please?
[1]
https://lore.kernel.org/qemu-devel/23179263-a8fb-57cc-e98a-bfe9a2ee9...@vivier.eu/
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
On 16 Jun 2020, at 9:14, Michael Roth wrote:
Hi everyone,
The following new patches are queued for QEMU stable v4.2.1:
https://github.com/mdroth/qemu/commits/stable-4.2-staging
The release is planned for 2020-06-25:
https://wiki.qemu.org/Planning/4.2
Due to delays on my part this release is going out beyond the normal
~4 month support window. v5.0.1 is scheduled to be released as normal.
Please respond here or CC qemu-sta...@nongnu.org on any additional
patches
you think should be included in the release.
CVE related commits:
* 693fd2acdf14 ("iscsi: Cap block count from GET LBA STATUS
(CVE-2020-1711)")
* ac2071c3791b ("ati-vga: Fix checks in ati_2d_blt() to avoid crash")
to fix CVE-2020-11869
* a98610c429d5 ("ati-vga: check mm_index before recursive call
(CVE-2020-13800)")
* 369ff955a849 ("es1370: check total frame count against current frame")
to fix CVE-2020-13361
* Advance the slirp submodule to commit 2faae0f778f8 ("Fix use-afte-free
in ip_reass()") to fix CVE-2019-15890, CVE-2020-8608, and CVE-2020-1983
Fix for a crash:
* 9b3a31c745b6 ("kvm: Reallocate dirty_bmap when we change a slot")
Thank you,
Karl
Thanks!
Alex Bennée (2):
target/arm: ensure we use current exception state after SCR
update
tcg: save vaddr temp for plugin usage
Alexander Popov (2):
tests/ide-test: Create a single unit-test covering more PRDT
cases
ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
Anthony PERARD (1):
xen-block: Fix double qlist remove and request leak
Basil Salman (2):
qga: Installer: Wait for installation to finish
qga-win: prevent crash when executing guest-file-read with large
count
Christian Borntraeger (1):
s390/sclp: improve special wait psw logic
Christophe de Dinechin (1):
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Cornelia Huck (1):
compat: disable edid on correct virtio-gpu device
Daniel P. Berrangé (1):
qapi: better document NVMe blockdev @device parameter
David Hildenbrand (3):
virtio-balloon: fix free page hinting without an iothread
virtio-balloon: fix free page hinting check on unrealize
virtio-balloon: unref the iothread when unrealizing
Denis Plotnikov (1):
virtio-mmio: update queue size on guest write
Eduardo Habkost (1):
i386: Resolve CPU models to v1 by default
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Eric Blake (3):
qga: Fix undefined C behavior
nbd/server: Avoid long error message assertions CVE-2020-10761
block: Call attention to truncation of long NBD exports
Finn Thain (14):
dp8393x: Mask EOL bit from descriptor addresses
dp8393x: Always use 32-bit accesses
dp8393x: Clean up endianness hacks
dp8393x: Have dp8393x_receive() return the packet size
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Don't clobber packet checksum
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Pad frames to word or long word boundary
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Don't reset Silicon Revision register
dp8393x: Don't stop reception upon RBE interrupt assertion
Greg Kurz (1):
9p: Lock directory streams with a CoMutex
Igor Mammedov (3):
numa: remove not needed check
numa: properly check if numa is supported
hostmem: don't use mbind() if host-nodes is empty
Kevin Wolf (4):
block: Activate recursively even for already active nodes
qcow2: update_refcount(): Reset old_table_index after
qcow2_cache_put()
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
iotests: Test copy offloading with external data file
Li Hangjing (1):
virtio-blk: fix out-of-bounds access to bitmap in
notify_guest_bh
Liu Yi L (2):
intel_iommu: a fix to vtd_find_as_from_bus_num()
intel_iommu: add present bit check for pasid table entries
Max Reitz (4):
backup-top: Begin drain earlier
qcow2: Fix alloc_cluster_abort() for pre-existing clusters
iotests/026: Test EIO on preallocated zero cluster
iotests/026: Test EIO on allocation in a data-file
Michael S. Tsirkin (3):
virtio: update queue size on guest write
virtio: add ability to delete vq through a pointer
virtio: make virtio_delete_queue idempotent
Nicholas Piggin (1):
target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
Niek Linnenbank (2):
arm/arm-powerctl: set NSACR.{CP11, CP10} bits in
arm_set_cpu_on()
arm/arm-powerctl: rebuild hflags after setting CP15 bits in
arm_set_cpu_on()
Pan Nengyuan (2):
block/nbd: extract the common
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
On 16/06/2020 15:14, Michael Roth wrote:
Hi everyone,
The following new patches are queued for QEMU stable v4.2.1:
https://github.com/mdroth/qemu/commits/stable-4.2-staging
The release is planned for 2020-06-25:
https://wiki.qemu.org/Planning/4.2
Due to delays on my part this release is going out beyond the normal
~4 month support window. v5.0.1 is scheduled to be released as normal.
Please respond here or CC qemu-sta...@nongnu.org on any additional patches
you think should be included in the release.
Does this need to be picked up too?
4a910e1f6ab4 ("target/i386: do not set unsupported VMX secondary
execution controls")
(which fixes https://bugzilla.redhat.com/show_bug.cgi?id=1822682)
Regards,
Liam
Alex Bennée (2):
target/arm: ensure we use current exception state after SCR update
tcg: save vaddr temp for plugin usage
Alexander Popov (2):
tests/ide-test: Create a single unit-test covering more PRDT cases
ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
Anthony PERARD (1):
xen-block: Fix double qlist remove and request leak
Basil Salman (2):
qga: Installer: Wait for installation to finish
qga-win: prevent crash when executing guest-file-read with large count
Christian Borntraeger (1):
s390/sclp: improve special wait psw logic
Christophe de Dinechin (1):
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Cornelia Huck (1):
compat: disable edid on correct virtio-gpu device
Daniel P. Berrangé (1):
qapi: better document NVMe blockdev @device parameter
David Hildenbrand (3):
virtio-balloon: fix free page hinting without an iothread
virtio-balloon: fix free page hinting check on unrealize
virtio-balloon: unref the iothread when unrealizing
Denis Plotnikov (1):
virtio-mmio: update queue size on guest write
Eduardo Habkost (1):
i386: Resolve CPU models to v1 by default
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Eric Blake (3):
qga: Fix undefined C behavior
nbd/server: Avoid long error message assertions CVE-2020-10761
block: Call attention to truncation of long NBD exports
Finn Thain (14):
dp8393x: Mask EOL bit from descriptor addresses
dp8393x: Always use 32-bit accesses
dp8393x: Clean up endianness hacks
dp8393x: Have dp8393x_receive() return the packet size
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Don't clobber packet checksum
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Pad frames to word or long word boundary
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Don't reset Silicon Revision register
dp8393x: Don't stop reception upon RBE interrupt assertion
Greg Kurz (1):
9p: Lock directory streams with a CoMutex
Igor Mammedov (3):
numa: remove not needed check
numa: properly check if numa is supported
hostmem: don't use mbind() if host-nodes is empty
Kevin Wolf (4):
block: Activate recursively even for already active nodes
qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
iotests: Test copy offloading with external data file
Li Hangjing (1):
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
Liu Yi L (2):
intel_iommu: a fix to vtd_find_as_from_bus_num()
intel_iommu: add present bit check for pasid table entries
Max Reitz (4):
backup-top: Begin drain earlier
qcow2: Fix alloc_cluster_abort() for pre-existing clusters
iotests/026: Test EIO on preallocated zero cluster
iotests/026: Test EIO on allocation in a data-file
Michael S. Tsirkin (3):
virtio: update queue size on guest write
virtio: add ability to delete vq through a pointer
virtio: make virtio_delete_queue idempotent
Nicholas Piggin (1):
target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
Niek Linnenbank (2):
arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
arm/arm-powerctl: rebuild hflags after setting CP15 bits in
arm_set_cpu_on()
Pan Nengyuan (2):
block/nbd: extract the common cleanup code
block/nbd: fix memory leak in nbd_open()
Peter Maydell (2):
hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
dump: Fix writing of ELF section
Peter Wu (1):
hw/i386/pc: fix regression in parsing vga cmdline parameter
Peter Xu (1):
vfio/pci: Don't remove irqchip notifier if not registered
Philippe Mathieu-Daudé
Re: [PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
On 6/16/20 10:14 AM, Michael Roth wrote: > Hi everyone, > > The following new patches are queued for QEMU stable v4.2.1: > > https://github.com/mdroth/qemu/commits/stable-4.2-staging > > The release is planned for 2020-06-25: > > https://wiki.qemu.org/Planning/4.2 > > Due to delays on my part this release is going out beyond the normal > ~4 month support window. v5.0.1 is scheduled to be released as normal. > > Please respond here or CC qemu-sta...@nongnu.org on any additional patches > you think should be included in the release. > > Thanks! A few bug fixes we are carrying in Fedora 32: commit eca3a945234a5f0a499860dd11df64b5f1a2e0a5 Author: Cole Robinson Date: Wed Nov 13 16:09:35 2019 -0500 tests: fix modules-test 'duplicate test case' error commit 8deb8019d696c75e6ecaee7545026b62aba2f1bb Author: David Gibson Date: Fri Oct 18 15:19:31 2019 +1100 spapr: Don't trigger a CAS reboot for XICS/XIVE mode changeover commit bb8136df698bd565ee4f6c18d26c50dee320bfe4 Author: Pan Nengyuan Date: Tue Dec 10 15:14:37 2019 +0800 riscv/sifive_u: fix a memory leak in soc_realize() commit a37f21c27d3e2342c2080aafd4cfe7e949612428 Author: Yiting Wang Date: Fri Jan 3 11:53:42 2020 +0800 riscv: Set xPIE to 1 after xRET commit 613fa160e19abe8e1fe44423fcfa8ec73d3d48e5 Author: ShihPo Hung Date: Tue Jan 14 22:17:31 2020 -0800 target/riscv: Fix tb->flags FS status commit a59796eb6d59bbd74ce28ddbddb1b83e60674e96 Author: ShihPo Hung Date: Tue Jan 14 22:17:32 2020 -0800 target/riscv: fsd/fsw doesn't dirty FP state commit 82f014671cf057de51c4a577c9e2ad637dcec6f9 Author: ShihPo Hung Date: Tue Jan 14 22:17:33 2020 -0800 target/riscv: update mstatus.SD when FS is set dirty Thanks, Cole
[PATCH 00/78] Patch Round-up for stable 4.2.1, freeze on 2020-06-22
Hi everyone,
The following new patches are queued for QEMU stable v4.2.1:
https://github.com/mdroth/qemu/commits/stable-4.2-staging
The release is planned for 2020-06-25:
https://wiki.qemu.org/Planning/4.2
Due to delays on my part this release is going out beyond the normal
~4 month support window. v5.0.1 is scheduled to be released as normal.
Please respond here or CC qemu-sta...@nongnu.org on any additional patches
you think should be included in the release.
Thanks!
Alex Bennée (2):
target/arm: ensure we use current exception state after SCR update
tcg: save vaddr temp for plugin usage
Alexander Popov (2):
tests/ide-test: Create a single unit-test covering more PRDT cases
ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
Anthony PERARD (1):
xen-block: Fix double qlist remove and request leak
Basil Salman (2):
qga: Installer: Wait for installation to finish
qga-win: prevent crash when executing guest-file-read with large count
Christian Borntraeger (1):
s390/sclp: improve special wait psw logic
Christophe de Dinechin (1):
scsi/qemu-pr-helper: Fix out-of-bounds access to trnptid_list[]
Cornelia Huck (1):
compat: disable edid on correct virtio-gpu device
Daniel P. Berrangé (1):
qapi: better document NVMe blockdev @device parameter
David Hildenbrand (3):
virtio-balloon: fix free page hinting without an iothread
virtio-balloon: fix free page hinting check on unrealize
virtio-balloon: unref the iothread when unrealizing
Denis Plotnikov (1):
virtio-mmio: update queue size on guest write
Eduardo Habkost (1):
i386: Resolve CPU models to v1 by default
Emilio G. Cota (1):
plugins/core: add missing break in cb_to_tcg_flags
Eric Blake (3):
qga: Fix undefined C behavior
nbd/server: Avoid long error message assertions CVE-2020-10761
block: Call attention to truncation of long NBD exports
Finn Thain (14):
dp8393x: Mask EOL bit from descriptor addresses
dp8393x: Always use 32-bit accesses
dp8393x: Clean up endianness hacks
dp8393x: Have dp8393x_receive() return the packet size
dp8393x: Update LLFA and CRDA registers from rx descriptor
dp8393x: Clear RRRA command register bit only when appropriate
dp8393x: Implement packet size limit and RBAE interrupt
dp8393x: Don't clobber packet checksum
dp8393x: Use long-word-aligned RRA pointers in 32-bit mode
dp8393x: Pad frames to word or long word boundary
dp8393x: Clear descriptor in_use field to release packet
dp8393x: Always update RRA pointers and sequence numbers
dp8393x: Don't reset Silicon Revision register
dp8393x: Don't stop reception upon RBE interrupt assertion
Greg Kurz (1):
9p: Lock directory streams with a CoMutex
Igor Mammedov (3):
numa: remove not needed check
numa: properly check if numa is supported
hostmem: don't use mbind() if host-nodes is empty
Kevin Wolf (4):
block: Activate recursively even for already active nodes
qcow2: update_refcount(): Reset old_table_index after qcow2_cache_put()
qcow2: Fix qcow2_alloc_cluster_abort() for external data file
iotests: Test copy offloading with external data file
Li Hangjing (1):
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
Liu Yi L (2):
intel_iommu: a fix to vtd_find_as_from_bus_num()
intel_iommu: add present bit check for pasid table entries
Max Reitz (4):
backup-top: Begin drain earlier
qcow2: Fix alloc_cluster_abort() for pre-existing clusters
iotests/026: Test EIO on preallocated zero cluster
iotests/026: Test EIO on allocation in a data-file
Michael S. Tsirkin (3):
virtio: update queue size on guest write
virtio: add ability to delete vq through a pointer
virtio: make virtio_delete_queue idempotent
Nicholas Piggin (1):
target/ppc: Fix mtmsr(d) L=1 variant that loses interrupts
Niek Linnenbank (2):
arm/arm-powerctl: set NSACR.{CP11, CP10} bits in arm_set_cpu_on()
arm/arm-powerctl: rebuild hflags after setting CP15 bits in
arm_set_cpu_on()
Pan Nengyuan (2):
block/nbd: extract the common cleanup code
block/nbd: fix memory leak in nbd_open()
Peter Maydell (2):
hw/i386/amd_iommu.c: Fix corruption of log events passed to guest
dump: Fix writing of ELF section
Peter Wu (1):
hw/i386/pc: fix regression in parsing vga cmdline parameter
Peter Xu (1):
vfio/pci: Don't remove irqchip notifier if not registered
Philippe Mathieu-Daudé (1):
vhost-user-gpu: Release memory returned by vu_queue_pop() with free()
Raphael Pour (1):
qemu-nbd: Close inherited stderr
Richard Henderson (3):
target/arm: Set ISSIs16Bit in make_issinfo
tcg/i386: Fix INDEX_op_dup2_vec
target/arm: Clear tail in gvec_fmul_idx_*,
