Update to latest stable release (9.2.3)
Full backport list here:
https://lore.kernel.org/qemu-devel/44124379-3349-45cf-9238-8a847d8b2770@tls.msk.ru/
Fixes: bsc#1236329
A selection of them is reported here below:
hw/intc/aspeed: Fix IRQ handler mask check
hw/misc/aspeed_hace: Fix buffer overflow in has_padding function
target/riscv: fix handling of nop for vstart >= vl in some vector instruction
target/riscv: refactor VSTART_CHECK_EARLY_EXIT() to accept vl as a parameter
Makefile: "make dist" generates a .xz, not .bz2
target/ppc: Fix e200 duplicate SPRs
target/ppc: Fix facility interrupt checks for VSX
ppc/spapr: fix default cpu for pre-9.0 machines.
host/include/loongarch64: Fix inline assembly compatibility with Clang
linux-user/riscv: Fix handling of cpu mask in riscv_hwprobe syscall
target/riscv: fixes a bug against `ssamoswap` behavior in M-mode
target/riscv: fix access permission checks for CSR_SSP
docs/about/emulation: Fix broken link
vdpa: Allow vDPA to work on big-endian machine
vdpa: Fix endian bugs in shadow virtqueue
target/loongarch: Fix vldi inst
target/arm: Simplify pstate_sm check in sve_access_check
target/arm: Make DisasContext.{fp, sve}_access_checked tristate
util/cacheflush: Make first DSB unconditional on aarch64
docs: Rename default-configs to configs
block: Zero block driver state before reopening
hw/xen/hvm: Fix Aarch64 typo
hw/net/smc91c111: Don't allow data register access to overrun buffer
hw/net/smc91c111: Sanitize packet length on tx
hw/net/smc91c111: Sanitize packet numbers
ppc/pnv/occ: Fix common area sensor offsets
xen: No need to flush the mapcache for grants (bsc#1236329)
net: move backend cleanup to NIC cleanup
net: parameterize the removing client from nc list
util/qemu-timer.c: Don't warp timer from timerlist_rearm()
target/arm: Correct STRD atomicity
target/arm: Correct LDRD atomicity and fault behaviour
hw/arm: enable secure EL2 timers for sbsa machine
hw/arm: enable secure EL2 timers for virt machine
target/arm: Implement SEL2 physical and virtual timers
...
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.2.2)
Full backport list here:
https://lore.kernel.org/qemu-devel/3e847ae0-8dfc-440e-92f7-6eaa89818837@tls.msk.ru/
A selection of them is reported here below:
net/slirp: libslirp 4.9.0 compatibility
target/sparc: Fix gdbstub incorrectly handling registers f32-f62
target/sparc: Fix register selection for all F*TOx and FxTO* instructions
elfload: Fix alignment when unmapping excess reservation
hw/net/smc91c111: Ignore attempt to pop from empty RX fifo
make-release: don't rely on $CWD when excluding subproject directories
ui/sdl2: reenable the SDL2 Windows keyboard hook procedure
vfio/iommufd: Fix SIGSEV in iommufd_cdev_attach()
gitlab-ci.d/cirrus: Update the FreeBSD job to v14.2
qmp: update vhost-user protocol feature maps
linux-user: Do not define struct sched_attr if libc headers do
block-backend: Fix argument order when calling 'qapi_event_send_block_io_error()'
block: Fix leak in send_qmp_error_event
rust: add --rust-target option for bindgen
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.2.1)
Full backport list here:
https://lore.kernel.org/qemu-devel/qemu-stable-9.2.1-20250207102656@cover.tls.msk.ru/
A selection of them is reported here below:
9pfs: fix regression regarding CVE-2023-2861
tcg: Reset free_temps before tcg_optimize
tcg/riscv: Fix StoreStore barrier generation
x86/loader: only patch linux kernels
roms: re-add edk2-basetools target
pc-bios: add missing riscv64 descriptor
hw/intc/arm_gicv3_its: Zero initialize local DTEntry etc structs
meson.build: Disallow libnfs v6 to fix the broken macOS build
target/i386: Reset TSCs of parked vCPUs too on VM reset
hw/intc/riscv_aplic: Fix APLIC in_clrip and clripnum write emulation
s390x/s390-virtio-ccw: don't crash on weird RAM sizes
target/loongarch: Use actual operand size with vbsrl check
docs: Correct '-runas' and '-fsdev/-virtfs proxy' indentation
docs: Correct release of TCG trace-events removal
target/i386/cpu: Fix notes for CPU models
migration/multifd: Fix compile error caused by page_size usage
migration/multifd: Fix compat with QEMU < 9.0
migration: Add more error handling to analyze-migration.py
migration: Remove unused argument in vmsd_desc_field_end
migration: Fix parsing of s390 stream
s390x: Fix CSS migration
migration: Rename vmstate_info_nullptr
...
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest upstream release 9.0.0.
Full changelog at:
https://wiki.qemu.org/ChangeLog/9.2
Highlights include:
* virtio-gpu: support for 3D acceleration of Vulkan applications via
Venus Vulkan driver in the guest and virglrenderer host library
* crypto: GLib crypto backend now supports SHA-384 hashes
* migration: QATzip-accelerated compression support while using multiple
migration streams
* Rust: experimental support for device models written in Rust (for
development use only)
* ARM: emulation support for FEAT_EBF16, FEAT_CMOW architecture features
* ARM: support for two-stage SMMU translation for sbsa-ref and virt boards
* ARM: support for CPU Security Extensions for xilinx-zynq-a9 board
* ARM: 64GB+ memory support when using HVF acceleration on newer Macs
* HPPA: SeaBIOS-hppa v17 firmware with various fixes and enhancements
* RISC-V: IOMMU support for virt machine
* RISC-V: support for control flow integrity and Svvptc extensions, and
support for Bit-Manipulation extension on OpenTitan boards
* RISC-V: improved performance for vector unit-stride/whole register
ld/st instructions
* s390x: support for booting from other devices if the previous ones fail
* x86: support for new nitro-enclave machine type that can emulate
AWS Nitro Enclave and can boot from Enclave Image Format files.
* x86: KVM support for enabling AVX10, as well as enabling specific
AVX10 versions via command-line
* and lots more...
Other changes:
- Removed deprecated 'cris' support
- Removed deprecated virtfs-proxy-helper
- `--enable-rust` not addressed yet
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.1.2).
Full list of backports here:
https://lore.kernel.org/qemu-devel/21ba2773-11a6-45ad-bf98-9b5c2cdccb9b@tls.msk.ru/
A selection of them is listed here too:
usb-hub: Fix handling port power control messages
hw/audio/hda: fix memory leak on audio setup
Revert "hw/audio/hda: fix memory leak on audio setup" (bsc#1232728)
hw/misc/mos6522: Fix bad class definition of the MOS6522 device
vfio/container: Fix container object destruction
target/i386: fix hang when using slow path for ptw_setl
tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
linux-user/arm: Select vdso for be8 and be32 modes
linux-user/arm: Reduce vdso alignment to 4k
linux-user: Tolerate CONFIG_LSM_MMAP_MIN_ADDR
accel/tcg: Fix user-only probe_access_internal plugin check
target/arm: Drop user-only special case in sve_stN_r
linux-user: Fix setreuid and setregid to use direct syscalls
hw/i386/pc: Don't try to init PCI NICs if there is no PCI bus
target/i386: Fix legacy page table walk
9pfs: fix crash on 'Treaddir' request
hw/nvme: fix handling of over-committed queues
migration: Ensure vmstate_save() sets errp
target/arm: Fix SVE SDOT/UDOT/USDOT (4-way, indexed)
target/arm: Add new MMU indexes for AArch32 Secure PL1&0
Revert "target/arm: Fix usage of MMU indexes when EL3 is AArch32"
acpi/disassemle-aml.sh: fix up after dir reorg
hw/acpi: Fix ordering of BDF in Generic Initiator PCI Device Handle.
qemu-ga: Fix a SIGSEGV in ga_run_command() helper
hw/sd/sdcard: Fix calculation of size when using eMMC boot partitions
tests/tcg: Replace -mpower8-vector with -mcpu=power8
hw/ssi/pnv_spi: Fixes Coverity CID 1558831
hw/ssi/pnv_spi: Return early in transfer()
hw/ssi/pnv_spi: Match _xfer_buffer_free() with _xfer_buffer_new()
ppc/pnv: ADU fix possible buffer overrun with invalid size
target/ppc: Fix HFSCR facility checks
target/ppc: Fix mtDPDES targeting SMT siblings
ppc/pnv: Fix LPC POWER8 register sanity check
ppc/pnv: Fix LPC serirq routing calculation
target/ppc: Make divd[u] handler method decodetree compatible
target/ppc: Set ctx->opcode for decode_insn32()
target/riscv: Fix vcompress with rvv_ta_all_1s
target/riscv/kvm: clarify how 'riscv-aia' default works
target/riscv/kvm: set 'aia_mode' to default in error path
hw/intc/riscv_aplic: Check and update pending when write sourcecfg
target/riscv: Set vtype.vill on CPU reset
hw/intc: Don't clear pending bits on IRQ lowering
target/riscv: Correct SXL return value for RV32 in RV64 QEMU
target/riscv/csr.c: Fix an access to VXSAT
stubs: avoid duplicate symbols in libqemuutil.a
target/arm: Store FPSR cumulative exception bits in env->vfp.fpsr
target/arm: Fix arithmetic underflow in SETM instruction
hw/sd/omap_mmc: Don't use sd_cmd_type_t
target/arm: Don't assert in regime_is_user() for E10 mmuidx values
net/tap-win32: Fix gcc 14 format truncation errors
net: fix build when libbpf is disabled, but libxdp is enabled
Fix calculation of minimum in colo_compare_tcp
net: Check if nc is NULL in qemu_get_vnet_hdr_len()
plugins: fix qemu_plugin_reset
dockerfiles: fix default targets for debian-loongarch-cross
gitlab: make check-[dco|patch] a little more verbose
vfio/migration: Report only stop-copy size in
linux-user/riscv: Fix definition of RISCV_HWPROBE_EXT_ZVFHMIN
linux-user/ppc: Fix sigmask endianness issue in sigreturn
linux-user: Emulate /proc/self/maps under mmap_lock
target/i386: Use probe_access_full_mmu in ptw_translate
target/i386: Walk NPT in guest real mode
tcg: Reset data_gen_ptr correctly
raw-format: Fix error message for invalid offset/size
tests/qemu-iotests/211.out: Update to expect MapEntry 'compressed' field
Revert "hw/sh4/r2d: Realize IDE controller before accessing it"
tests: Wait for migration completion on destination QEMU to avoid failures
target/i386: Use only 16 and 32-bit operands for IN/OUT
accel/kvm: check for KVM_CAP_READONLY_MEM on VM
target/i386/tcg: Use DPL-level accesses for interrupts and call gates
KVM: Dynamic sized kvm memslots array
tcg/s390x: fix constraint for 32-bit TSTEQ/TSTNE
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.1.1).
Full list of backports here:
https://lore.kernel.org/qemu-devel/7f0561ec-3564-4860-bacf-a98071a5ce52@tls.msk.ru/
A selection of them is listed here too:
ui/dbus: fix filtering all update messages
ui/win32: fix potential use-after-free with dbus shared memory
ui/dbus: fix leak on message filtering
hw/audio/hda: fix memory leak on audio setup
hw/audio/hda: free timer on exit
hw/char/pl011: Use correct masks for IBRD and FBRD
hw/intc/arm_gicv3_cpuif: Add cast to match the documentation
hw/intc/arm_gicv3: Add cast to match the documentation
hw/intc/arm_gicv3: Add cast to match the documentation
meson: ensure -mcx16 is passed when detecting ATOMIC128
meson: define qemu_isa_flags
meson: fix machine option for x86_version
target/m68k: Always return a temporary from gen_lea_mode
tcg/ppc: Use TCG_REG_TMP2 for scratch index in prepare_host_addr
tcg/ppc: Use TCG_REG_TMP2 for scratch tcg_out_qemu_st
linux-user: Fix parse_elf_properties GNU0_MAGIC check
linux-user/flatload: Take mmap_lock in load_flt_binary()
vnc: fix crash when no console attached
testing: bump mips64el cross to bookworm and fix package list
hw/sd/sdcard: Fix handling of disabled boot partitions
target/arm: Avoid target_ulong for physical address lookups
block/reqlist: allow adding overlapping requests
util/timer: avoid deadlock when shutting down
hw/mips/jazz: fix typo in in-built NIC alias
target/ppc: Fix lxvx/stxvx facility check
tcg: Fix iteration step in 32-bit gvec operation
hw/loongarch/virt: Add description for virt machine type
migration/multifd: Fix p->iov leak in multifd-uadk.c
target/ppc: Fix migration of CPUs with TLB_EMB TLB type
target/hppa: Fix random 32-bit linux-user crashes
target/arm: Correct ID_AA64ISAR1_EL1 value for neoverse-v1
hw/char/stm32l4x5_usart.c: Enable USART ACK bit response
migration/multifd: Fix rb->receivedmap cleanup race
mac_dbdma: Remove leftover `dma_memory_unmap` calls
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
When running configure, first of all we disable everything, and then we
enable only the feature that we know we want (and, of course, system
and user emulation use different sets of such features).
Consolidate the first part in a macro, that can be share between the two
spec files, making everything simpler and prettier.
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
The nios2 emulation target has been removed upstream by commit
6c3014858c (target/nios2: Remove the deprecated Nios II target,
2024-03-27).
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
The avx512f, live-block-migration and pvrdma options no longer exist
in upstream configure because those features were removed. Make the
corresponding changes in the spec files.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest upstream major release, 9.1.0:
https://lore.kernel.org/qemu-devel/172549088090.3334224.10887376086844748499@amd.com/
Full changelog available here:
https://wiki.qemu.org/ChangeLog/9.1
Some of the most notable features/fixes:
* migration: compression offload support via Intel In-Memory Analytics
Accelerator (IAA) or User Space Accelerator Development Kit (UADK),
along with enhanced support for postcopy failure recovery
* virtio: support for VIRTIO_F_NOTIFICATION_DATA, allowing guest
drivers to provide additional data as part of sending device notifications
for performance/debug purposes
* guest-agent: support for guest-network-get-route command on linux,
guest-ssh-* commands on Windows, and enhanced CLI support for
configuring allowed/blocked commands
* block: security fixes for QEMU NBD server and NBD TLS encryption
* ARM: emulation support for FEAT_NMI, FEAT_CSV2_3, FEAT_ETS2,
FEAT_Spec_FPACC, FEAT_WFxT, FEAT_Debugv8p8 architecture features
* ARM: nested/two-stage page table support for emulated SMMUv3
* ARM: xilinx_zynq board support for cache controller and multiple
CPUs, and B-L475E-IOT01A board support for a DM163 display
* LoongArch: support for directly booting an ELF kernel and for running
up to 256 vCPUs via extioi virt extension
* LoongArch: enhanced debug/GDB support
* RISC-V: support for version 1.13 of privileged architecture specification
* RISC-V: support for Zve32x, Zve64x, Zimop, Zcmop, Zama16b, Zabha,
Zawrs, and Smcntrpmf extensions
* RISC-V: enhanced debug/GDB support and general fixes
* SPARC: emulation support for FMAF, IMA, VIS3, and VIS4 architecture
features
* x86: KVM support for running AMD SEV-SNP guests
* x86: CPU emulation support for Icelake-Server-v7, SapphireRapids-v3,
and SierraForest
The following bugs/CVEs were solved (in 9.0.x) with backports that are
now included in 9.1 upstream:
- CVE-2024-4467 (bsc#1227322)
- CVE-2024-7409 (bsc#1229007)
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.0.2).
Full list of backports here:
https://lore.kernel.org/qemu-devel/1721203819.679622.831479.nullmailer@tls.msk.ru/
A selection of them is listed here too:
hw/nvme: fix number of PIDs for FDP RUH update
sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
char-stdio: Restore blocking mode of stdout on exit
virtio: remove virtio_tswap16s() call in vring_packed_event_read()
virtio-pci: Fix the failure process in kvm_virtio_pci_vector_use_one()
tcg/optimize: Fix TCG_COND_TST* simplification of setcond2
block: Parse filenames only when explicitly requested
iotests/270: Don't store data-file with json: prefix in image
iotests/244: Don't store data-file with protocol in image
qcow2: Don't open data_file with BDRV_O_NO_IO
tests: add testing of parameter=3D1 for SMP topology (bsc#1228169)
hw/core: allow parameter=3D1 for SMP topology on any machine
target/arm: Fix FJCVTZS vs flush-to-zero
target/arm: Fix VCMLA Dd, Dn, Dm[idx]
i386/cpu: fixup number of addressable IDs for processor cores in the physical package
tests: Update our CI to use CentOS Stream 9 instead of 8
migration: Fix file migration with fdset
tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
target/sparc: use signed denominator in sdiv helper
linux-user: Make TARGET_NR_setgroups affect only the current thread
accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
stdvga: fix screen blanking
hw/audio/virtio-snd: Always use little endian audio format
Revert "monitor: use aio_co_reschedule_self()"
ui/gtk: Draw guest frame at refresh cycle
virtio-net: drop too short packets early
target/i386: fix size of EBP writeback in gen_enter()
References: bsc#1228169
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (9.0.1).
Full list of backports here:
https://lore.kernel.org/qemu-devel/1718081053.366429.1238758.nullmailer@tls.msk.ru/
A selection of them is reported here too:
Update version for 9.0.1 release
target/loongarch: fix a wrong print in cpu dump
ui/sdl2: Allow host to power down screen
virtio-gpu: fix v2 migration
target/i386: fix SSE and SSE2 feature check
target/i386: fix xsave.flat from kvm-unit-tests
disas/riscv: Decode all of the pmpcfg and pmpaddr CSRs
riscv, gdbstub.c: fix reg_width in ricsv_gen_dynamic_vector_feature()
target/riscv/kvm.c: Fix the hart bit setting of AIA
target/riscv: rvzicbo: Fixup CBO extension register calculation
target/riscv: do not set mtval2 for non guest-page faults
target/riscv: prioritize pmp errors in raise_mmu_exception()
target/riscv: rvv: Remove redudant SEW checking for vector fp narrow/widen instructions
target/riscv: rvv: Check single width operator for vfncvt.rod.f.f.w
target/riscv: rvv: Check single width operator for vector fp widen instructions
target/riscv: rvv: Fix Zvfhmin checking for vfwcvt.f.f.v and vfncvt.f.f.w instructions
target/riscv/cpu.c: fix Zvkb extension config
target/riscv: Fix the element agnostic function problem
target/riscv/kvm: tolerate KVM disable ext errors
target/riscv/kvm: Fix exposure of Zkr
hw/intc/riscv_aplic: APLICs should add child earlier than realize
iotests: test NBD+TLS+iothread
qio: Inherit follow_coroutine_ctx across TLS
target/arm: Disable SVE extensions when SVE is disabled
hw/intc/arm_gic: Fix handling of NS view of GICC_APR<n>
hvf: arm: Fix encodings for ID_AA64PFR1_EL1 and debug System registers
gitlab: use 'setarch -R' to workaround tsan bug
gitlab: use $MAKE instead of 'make'
dockerfiles: add 'MAKE' env variable to remaining containers
gitlab: Update msys2-64bit runner tags
target/i386: no single-step exception after MOV or POP SS
target/i386: disable jmp_opt if EFLAGS.RF is 1
hw/loongarch/virt: Fix FDT memory node address width
hw/loongarch: Fix fdt memory node wrong 'reg'
target/loongarch/kvm: fpu save the vreg registers high 192bit
hw/core/machine: move compatibility flags for VirtIO-net USO to machine 8.1
target-i386: hyper-v: Correct kvm_hv_handle_exit return value
hw/pflash: fix block write start
tcg/loongarch64: Fill out tcg_out_{ld,st} for vector regs
ui/gtk: Check if fence_fd is equal to or greater than 0
ui/gtk: Fix mouse/motion event scaling issue with GTK display backend
configure: Fix error message when C compiler is not working
configure: quote -D options that are passed through to meson
target/i386: fix feature dependency for WAITPKG
target/i386: rdpkru/wrpkru are no-prefix instructions
target/i386: fix operand size for DATA16 REX.W POPCNT
hw/remote/vfio-user: Fix config space access byte order
hw/loongarch/virt: Fix memory leak
target/sh4: Update DisasContextBase.insn_start
target/sparc: Fix FPMERGE
target/sparc: Fix FMULD8*X16
target/sparc: Fix FMUL8x16A{U,L}
target/sparc: Fix FMUL8x16
target/sparc: Fix FEXPAND
target/i386: Give IRQs a chance when resetting HF_INHIBIT_IRQ_MASK
plugins: Update stale comment
target/sh4: Fix SUBV opcode
target/sh4: Fix ADDV opcode
hw/arm/npcm7xx: Store derivative OTP fuse key in little endian
hw/dmax/xlnx_dpdma: fix handling of address_extension descriptor fields
hw/ufs: Fix buffer overflow bug
.gitlab-ci.d/cirrus.yml: Shorten the runtime of the macOS and FreeBSD jobs
tests/avocado: update sunxi kernel from armbian to 6.6.16
target/arm: Restrict translation disabled alignment check to VMSA
target/riscv/kvm: remove sneaky strerrorname_np() instance
target/loongarch/cpu.c: typo fix: expection
backends/cryptodev-builtin: Fix local_error leaks
nbd/server: Mark negotiation functions as coroutine_fn
nbd/server: do not poll within a coroutine context
docs: i386: pc: Update maximum CPU numbers for PC Q35
linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY
migration/colo: Fix bdrv_graph_rdlock_main_loop: Assertion `!qemu_in_coroutine()' failed.
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest upstream release 9.0.0.
Full changelog at:
https://wiki.qemu.org/ChangeLog/9.0
Highlights include:
* block: virtio-blk now supports multiqueue where different queues of a
single disk can be processed by different I/O threads
* gdbstub: various improvements such as catching syscalls in user-mode,
support for fork-follow modes, and support for siginfo:read
* memory: preallocation of memory backends can now be handled
concurrently using multiple threads in some cases
* migration: support for "mapped-ram" capability allowing for more
efficient VM snapshots, improved support for zero-page detection, and
checkpoint-restart support for VFIO
* ARM: architectural feature support for ECV (Enhanced Counter Virtualization),
NV (Nested Virtualization), and NV2 (Enhanced Nested
Virtualization)
* ARM: board support for B-L475E-IOT01A IoT node, mp3-an536 (MPS3 dev board
+ AN536 firmware), and raspi4b (Raspberry Pi 4 Model B)
* ARM: additional IO/disk/USB/SPI/ethernet controller and timer support for
Freescale i.MX6, Allwinner R40, Banana Pi, npcm7xxx, and virt boards
* HPPA: numerous bug fixes and SeaBIOS-hppa firmware updated to version 16
* LoongArch: KVM acceleration support, including LSX/LASX vector
extensions
* RISC-V: ISA/extension support for Zacas, amocas, RVA22 profiles,
Zaamo, Zalrsc, Ztso, and more
* RISC-V: SMBIOS support for RISC-V virt machine, ACPI support for
SRAT, SLIT, AIA, PLIC and updated RHCT table support, and numerous fixes
* s390x: Emulation support for CVDG, CVB, CVBY and CVBG instructions,
and fixes for LAE (Load Address Extended) emulation
* and lots more...
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (8.2.3).
Full changelog/backports here:
https://lore.kernel.org/qemu-devel/1713980341.971368.1218343.nullmailer@tls.msk.ru/
Some of the upstream backports are:
Update version for 8.2.3 release
ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS.
ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs.
hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus
hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately
virtio-pci: fix use of a released vector
linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4}
hw/audio/virtio-snd: Remove unused assignment
hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set
hw/net/lan9118: Fix overflow in MIL TX FIFO
hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition
backends/cryptodev: Do not abort for invalid session ID
hw/misc/applesmc: Fix memory leak in reset() handler
hw/block/nand: Fix out-of-bound access in NAND block buffer
hw/block/nand: Have blk_load() take unsigned offset and return boolean
hw/block/nand: Factor nand_load_iolen() method out
qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo
hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs
hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs
hw/display/virtio-gpu: Protect from DMA re-entrancy bugs
mirror: Don't call job_pause_point() under graph lock (bsc#1224179)
...and many more...
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest stable release (8.2.2).
Full changelog here:
https://lore.kernel.org/qemu-devel/1709577077.783602.1474596.nullmailer@tls.msk.ru/
Upstream backports:
chardev/char-socket: Fix TLS io channels sending too much data to the backend
tests/unit/test-util-sockets: Remove temporary file after test
hw/usb/bus.c: PCAP adding 0xA in Windows version
hw/intc/Kconfig: Fix GIC settings when using "--without-default-devices"
gitlab: force allow use of pip in Cirrus jobs
tests/vm: avoid re-building the VM images all the time
tests/vm: update openbsd image to 7.4
target/i386: leave the A20 bit set in the final NPT walk
target/i386: remove unnecessary/wrong application of the A20 mask
target/i386: Fix physical address truncation
target/i386: check validity of VMCB addresses
target/i386: mask high bits of CR3 in 32-bit mode
pl031: Update last RTCLR value on write in case it's read back
hw/nvme: fix invalid endian conversion
update edk2 binaries to edk2-stable202402
update edk2 submodule to edk2-stable202402
target/ppc: Fix crash on machine check caused by ifetch
target/ppc: Fix lxv/stxv MSR facility check
.gitlab-ci.d/windows.yml: Drop msys2-32bit job
system/vl: Update description for input grab key
docs/system: Update description for input grab key
hw/hppa/Kconfig: Fix building with "configure --without-default-devices"
tests/qtest: Depend on dbus_display1_dep
meson: Explicitly specify dbus-display1.h dependency
audio: Depend on dbus_display1_dep
ui/console: Fix console resize with placeholder surface
ui/clipboard: add asserts for update and request
ui/clipboard: mark type as not available when there is no data
ui: reject extended clipboard message if not activated
target/i386: Generate an illegal opcode exception on cmp instructions with lock prefix
i386/cpuid: Move leaf 7 to correct group
i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs
i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available
.gitlab-ci/windows.yml: Don't install libusb or spice packages on 32-bit
iotests: Make 144 deterministic again
target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
target/arm: Fix SVE/SME gross MTE suppression checks
target/arm: Handle mte in do_ldrq, do_ldro
target/arm: Split out make_svemte_desc
target/arm: Adjust and validate mtedesc sizem1
target/arm: Fix nregs computation in do_{ld,st}_zpa
linux-user/aarch64: Choose SYNC as the preferred MTE mode
tests/acpi: Update DSDT.cxl to reflect change _STA return value.
hw/i386: Fix _STA return value for ACPI0017
tests/acpi: Allow update of DSDT.cxl
smmu: Clear SMMUPciBus pointer cache when system reset
virtio_iommu: Clear IOMMUPciBus pointer cache when system reset
virtio-gpu: Correct virgl_renderer_resource_get_info() error check
hw/cxl: Pass CXLComponentState to cache_mem_ops
hw/cxl/device: read from register values in mdev_reg_read()
cxl/cdat: Fix header sum value in CDAT checksum
cxl/cdat: Handle cdat table build errors
vhost-user.rst: Fix vring address description
tcg/arm: Fix goto_tb for large translation blocks
tcg: Increase width of temp_subindex
hw/net/tulip: add chip status register values
hw/smbios: Fix port connector option validation
hw/smbios: Fix OEM strings table option validation
configure: run plugin TCG tests again
tests/docker: Add sqlite3 module to openSUSE Leap container
hw/riscv/virt-acpi-build.c: fix leak in build_rhct()
migration: Fix logic of channels and transport compatibility check
virtio-blk: avoid using ioeventfd state in irqfd conditional
virtio: Re-enable notifications after drain
virtio-scsi: Attach event vq notifier with no_poll
iotests: give tempdir an identifying name
iotests: fix leak of tmpdir in dry-run mode
hw/scsi/lsi53c895a: add missing decrement of reentrancy counter
linux-user/aarch64: Add padding before __kernel_rt_sigreturn
tcg/loongarch64: Set vector registers call clobbered
pci-host: designware: Limit value range of iATU viewport register
target/arm: Reinstate "vfp" property on AArch32 CPUs
qemu-options.hx: Improve -serial option documentation
system/vl.c: Fix handling of '-serial none -serial something'
target/arm: fix exception syndrome for AArch32 bkpt insn
block/blkio: Make s->mem_region_alignment be 64 bits
qemu-docs: Update options for graphical frontends
Make 'uri' optional for migrate QAPI
vfio/pci: Clear MSI-X IRQ index always
migration: Fix use-after-free of migration state object
migration: Plug memory leak on HMP migrate error path
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update the copyright year to 2024, sort dependencies etc.
This way, 'osc' does not have to do these changes all the times (they're
automatic, so no big deal, but it's annoying to see them in the diffs of
all the requests).
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Backported commits:
* Update version for 8.2.1 release
* target/arm: Fix incorrect aa64_tidcp1 feature check
* target/arm: Fix A64 scalar SQSHRN and SQRSHRN
* target/xtensa: fix OOB TLB entry access
* qtest: bump aspeed_smc-test timeout to 6 minutes
* monitor: only run coroutine commands in qemu_aio_context
* iotests: port 141 to Python for reliable QMP testing
* iotests: add filter_qmp_generated_node_ids()
* block/blklogwrites: Fix a bug when logging "write zeroes" operations.
* virtio-net: correctly copy vnet header when flushing TX (bsc#1218484, CVE-2023-6693)
* tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct
* linux-user/riscv: Adjust vdso signal frame cfa offsets
* linux-user: Fixed cpu restore with pc 0 on SIGBUS
* block/io: clear BDRV_BLOCK_RECURSE flag after recursing in bdrv_co_block_status
* coroutine-ucontext: Save fake stack for pooled coroutine
* tcg/s390x: Fix encoding of VRIc, VRSa, VRSc insns
* accel/tcg: Revert mapping of PCREL translation block to multiple virtual addresses
* acpi/tests/avocado/bits: wait for 200 seconds for SHUTDOWN event from bits VM
* s390x/pci: drive ISM reset from subsystem reset
* s390x/pci: refresh fh before disabling aif
* s390x/pci: avoid double enable/disable of aif
* hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued
* hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP completion interrupt
* hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources
* hw/scsi/esp-pci: use correct address register for PCI DMA transfers
* migration/rdma: define htonll/ntohll only if not predefined
* hw/pflash: implement update buffer for block writes
* hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
* hw/pflash: refactor pflash_data_write()
* backends/cryptodev: Do not ignore throttle/backends Errors
* target/i386: pcrel: store low bits of physical address in data[0]
* target/i386: fix incorrect EIP in PC-relative translation blocks
* target/i386: Do not re-compute new pc with CF_PCREL
* load_elf: fix iterator's type for elf file processing
* target/hppa: Update SeaBIOS-hppa to version 15
* target/hppa: Fix IOR and ISR on error in probe
* target/hppa: Fix IOR and ISR on unaligned access trap
* target/hppa: Export function hppa_set_ior_and_isr()
* target/hppa: Avoid accessing %gr0 when raising exception
* hw/hppa: Move software power button address back into PDC
* target/hppa: Fix PDC address translation on PA2.0 with PSW.W=0
* hw/pci-host/astro: Add missing astro & elroy registers for NetBSD
* hw/hppa/machine: Disable default devices with --nodefaults option
* hw/hppa/machine: Allow up to 3840 MB total memory
* readthodocs: fully specify a build environment
* .gitlab-ci.d/buildtest.yml: Work around htags bug when environment is large
* target/s390x: Fix LAE setting a wrong access register
* tests/qtest/virtio-ccw: Fix device presence checking
* tests/acpi: disallow tests/data/acpi/virt/SSDT.memhp changes
* tests/acpi: update expected data files
* edk2: update binaries to git snapshot
* edk2: update build config, set PcdUninstallMemAttrProtocol = TRUE.
* edk2: update to git snapshot
* tests/acpi: allow tests/data/acpi/virt/SSDT.memhp changes
* util: fix build with musl libc on ppc64le
* tcg/ppc: Use new registers for LQ destination
* hw/intc/arm_gicv3_cpuif: handle LPIs in in the list registers
* hw/vfio: fix iteration over global VFIODevice list
* vfio/container: Replace basename with g_path_get_basename
* edu: fix DMA range upper bound check
* hw/net: cadence_gem: Fix MDIO_OP_xxx values
* audio/audio.c: remove trailing newline in error_setg
* chardev/char.c: fix "abstract device type" error message
* target/riscv: Fix mcycle/minstret increment behavior
* hw/net/can/sja1000: fix bug for single acceptance filter and standard frame
* target/i386: the sgx_epc_get_section stub is reachable
* configure: use a native non-cross compiler for linux-user
* include/ui/rect.h: fix qemu_rect_init() mis-assignment
* target/riscv/kvm: do not use non-portable strerrorname_np()
* iotests: Basic tests for internal snapshots
* vl: Improve error message for conflicting -incoming and -loadvm
* block: Fix crash when loading snapshot on inactive node
References: bsc#1218484 (CVE-2023-6693)
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Update to latest upstream release.
The full list of changes are available at:
https://wiki.qemu.org/ChangeLog/8.2
Highlights include:
* New virtio-sound device emulation
* New virtio-gpu rutabaga device emulation used by Android emulator
* New hv-balloon for dynamic memory protocol device for Hyper-V guests
* New Universal Flash Storage device emulation
* Network Block Device (NBD) 64-bit offsets for improved performance
* dump-guest-memory now supports the standard kdump format
* ARM: Xilinx Versal board now models the CFU/CFI, and the TRNG device
* ARM: CPU emulation support for cortex-a710 and neoverse-n2
* ARM: architectural feature support for PACQARMA3, EPAC, Pauth2, FPAC,
FPACCOMBINE, TIDCP1, MOPS, HBC, and HPMN0
* HPPA: CPU emulation support for 64-bit PA-RISC 2.0
* HPPA: machine emulation support for C3700, including Astro memory
controller and four Elroy PCI bridges
* LoongArch: ISA support for LASX extension and PRELDX instruction
* LoongArch: CPU emulation support for la132
* RISC-V: ISA/extension support for AIA virtualization support via KVM,
and vector cryptographic instructions
* RISC-V: Numerous extension/instruction cleanups, fixes, and reworks
* s390x: support for vfio-ap passthrough of crypto adapter for
protected
virtualization guests
* Tricore: support for TC37x CPU which implements ISA v1.6.2
* Tricore: support for CRCN, FTOU, FTOHP, and HPTOF instructions
* x86: Zen support for PV console and network devices
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Align to upstream stable release. It includes many of the patches we had
backported ourself, to fix bugs and issues, plus more.
See here for details:
- https://lore.kernel.org/qemu-devel/1700589639.257680.3420728.nullmailer@tls.msk.ru/
- https://gitlab.com/qemu-project/qemu/-/commits/stable-8.1?ref_type=heads
An (incomplete!) list of such backports is:
* Update version for 8.1.3 release
* hw/mips: LOONGSON3V depends on UNIMP device
* target/arm: HVC at EL3 should go to EL3, not EL2
* s390x/pci: only limit DMA aperture if vfio DMA limit reported
* target/riscv/kvm: support KVM_GET_REG_LIST
* target/riscv/kvm: improve 'init_multiext_cfg' error msg
* tracetool: avoid invalid escape in Python string
* tests/tcg/s390x: Test LAALG with negative cc_src
* target/s390x: Fix LAALG not updating cc_src
* tests/tcg/s390x: Test CLC with inaccessible second operand
* target/s390x: Fix CLC corrupting cc_src
* tests/qtest: ahci-test: add test exposing reset issue with pending callback
* hw/ide: reset: cancel async DMA operation before resetting state
* target/mips: Fix TX79 LQ/SQ opcodes
* target/mips: Fix MSA BZ/BNZ opcodes displacement
* ui/gtk-egl: apply scale factor when calculating window's dimension
* ui/gtk: force realization of drawing area
* ati-vga: Implement fallback for pixman routines
* ...
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Our workflow does not include patches in the spec files. Still, it could
be useful to add some there, during development and/or debugging issues.
Make sure that they are applied properly, by adding -p1 to the
%autosetup directive (it's a nop if there are no patches, so both cases
are ok).
Suggested-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
This fixes the following upstream issues:
* https://gitlab.com/qemu-project/qemu/-/issues/1826
* https://gitlab.com/qemu-project/qemu/-/issues/1834
* https://gitlab.com/qemu-project/qemu/-/issues/1846
It also contains a fix for:
* CVE-2023-42467 (bsc#1215192)
As well as several upstream backports:
* target/riscv: Fix vfwmaccbf16.vf
* disas/riscv: Fix the typo of inverted order of pmpaddr13 and pmpaddr14
* roms: use PYTHON to invoke python
* hw/audio/es1370: reset current sample counter
* migration/qmp: Fix crash on setting tls-authz with null
* util/log: re-allow switching away from stderr log file
* vfio/display: Fix missing update to set backing fields
* amd_iommu: Fix APIC address check
* vdpa net: follow VirtIO initialization properly at cvq isolation probing
* vdpa net: stop probing if cannot set features
* vdpa net: fix error message setting virtio status
* vdpa net: zero vhost_vdpa iova_tree pointer at cleanup
* linux-user/hppa: Fix struct target_sigcontext layout
* chardev/char-pty: Avoid losing bytes when the other side just (re-)connected
* hw/display/ramfb: plug slight guest-triggerable leak on mode setting
* win32: avoid discarding the exception handler
* target/i386: fix memory operand size for CVTPS2PD
* target/i386: generalize operand size "ph" for use in CVTPS2PD
* subprojects/berkeley-testfloat-3: Update to fix a problem with compiler warnings
* scsi-disk: ensure that FORMAT UNIT commands are terminated
* esp: restrict non-DMA transfer length to that of available data
* esp: use correct type for esp_dma_enable() in sysbus_esp_gpio_demux()
* optionrom: Remove build-id section
* target/tricore: Fix RCPW/RRPW_INSERT insns for width = 0
* accel/tcg: Always require can_do_io
* accel/tcg: Always set CF_LAST_IO with CF_NOIRQ
* accel/tcg: Improve setting of can_do_io at start of TB
* accel/tcg: Track current value of can_do_io in the TB
* accel/tcg: Hoist CF_MEMI_ONLY check outside translation loop
* accel/tcg: Avoid load of icount_decr if unused
* softmmu: Use async_run_on_cpu in tcg_commit
* migration: Move return path cleanup to main migration thread
* migration: Replace the return path retry logic
* migration: Consolidate return path closing code
* migration: Remove redundant cleanup of postcopy_qemufile_src
* migration: Fix possible race when shutting down to_dst_file
* migration: Fix possible races when shutting down the return path
* migration: Fix possible race when setting rp_state.error
* migration: Fix race that dest preempt thread close too early
* ui/vnc: fix handling of VNC_FEATURE_XVP
* ui/vnc: fix debug output for invalid audio message
* hw/scsi/scsi-disk: Disallow block sizes smaller than 512 [CVE-2023-42467]
* accel/tcg: mttcg remove false-negative halted assertion
* meson.build: Make keyutils independent from keyring
* target/arm: Don't skip MTE checks for LDRT/STRT at EL0
* hw/arm/boot: Set SCR_EL3.FGTEn when booting kernel
* include/exec: Widen tlb_hit/tlb_hit_page()
* tests/file-io-error: New test
* file-posix: Simplify raw_co_prw's 'out' zone code
* file-posix: Fix zone update in I/O error path
* file-posix: Check bs->bl.zoned for zone info
* file-posix: Clear bs->bl.zoned on error
* hw/cxl: Fix out of bound array access
* hw/cxl: Fix CFMW config memory leak
* linux-user/hppa: lock both words of function descriptor
* linux-user/hppa: clear the PSW 'N' bit when delivering signals
* hw/ppc: Read time only once to perform decrementer write
* hw/ppc: Reset timebase facilities on machine reset
* hw/ppc: Always store the decrementer value
* target/ppc: Sign-extend large decrementer to 64-bits
* hw/ppc: Avoid decrementer rounding errors
* hw/ppc: Round up the decrementer interval when converting to ns
* host-utils: Add muldiv64_round_up
Signed-of-by: Dario Faggioli <dfaggioli@suse.com>
OBS SCM bridge can handle git submodule, while it can't handle (yet?)
meson subprojects. The (ugly, I know!) solution, for now, is to turn
the latter into the former, with commands like the followings:
git submodule add -f https://gitlab.com/qemu-project/berkeley-testfloat-3 subprojects/berkeley-testfloat-3
git -C subprojects/berkeley-testfloat-3 reset --hard 40619cbb3bf32872df8c53cc457039229428a263
(the hash used comes from the subprojects/berkeley-testfloat-3.wrap file)
It's also necessary to manually apply the layering of the packagefiles,
and that is done in the specfile.
Longer term and better solutions could be:
- Make SCM support meson subprojects
- Create standalone packages for the subprojects (and instruct
QEMU to pick stuff from there)
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
Full list of changes are available at:
https://wiki.qemu.org/ChangeLog/8.1
Highlights:
* VFIO: improved live migration support, no longer an experimental feature
* GTK GUI now supports multi-touch events
* ARM, PowerPC, and RISC-V can now use AES acceleration on host processor
* PCIe: new QMP commands to inject CXL General Media events, DRAM
events and Memory Module events
* ARM: KVM VMs on a host which supports MTE (the Memory Tagging Extension)
can now use MTE in the guest
* ARM: emulation support for bpim2u (Banana Pi BPI-M2 Ultra) board and
neoverse-v1 (Cortex Neoverse-V1) CPU
* ARM: new architectural feature support for: FEAT_PAN3 (SCTLR_ELx.EPAN),
FEAT_LSE2 (Large System Extensions v2), and experimental support for
FEAT_RME (Realm Management Extensions)
* Hexagon: new instruction support for v68/v73 scalar, and v68/v69 HVX
* Hexagon: gdbstub support for HVX
* MIPS: emulation support for Ingenic XBurstR1/XBurstR2 CPUs, and MXU
instructions
* PowerPC: TCG SMT support, allowing pseries and powernv to run with up
to 8 threads per core
* PowerPC: emulation support for Power9 DD2.2 CPU model, and perf
sampling support for POWER CPUs
* RISC-V: ISA extension support for BF16/Zfa, and disassembly support
for Zcm*/Z*inx/XVentanaCondOps/Xthead
* RISC-V: CPU emulation support for Veyron V1
* RISC-V: numerous KVM/emulation fixes and enhancements
* s390: instruction emulation fixes for LDER, LCBB, LOCFHR, MXDB, MXDBR,
EPSW, MDEB, MDEBR, MVCRL, LRA, CKSM, CLM, ICM, MC, STIDP, EXECUTE, and
CLGEBR(A)
* SPARC: updated target/sparc to use tcg_gen_lookup_and_goto_ptr() for
improved performance
* Tricore: emulation support for TC37x CPU that supports ISA v1.6.2
instructions
* Tricore: instruction emulation of POPCNT.W, LHA, CRC32L.W, CRC32.B,
SHUFFLE, SYSCALL, and DISABLE
* x86: CPU model support for GraniteRapids
* and lots more...
This also (automatically) fixes:
- bsc#1212850 (CVE-2023-3354)
- bsc#1213001 (CVE-2023-3255)
- bsc#1213925 (CVE-2023-3180)
- bsc#1213414 (CVE-2023-3301)
- bsc#1207205 (CVE-2023-0330)
- bsc#1212968 (CVE-2023-2861)
- bsc#1179993, bsc#1181740, bsc#1211697
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
By default try to preserve argv[0].
Original report is boo#1197298, which also became relevant recently again in bsc#1212768.
Signed-off-by: Fabian Vogt <fabian@ritter-vogt.de>
References: boo#1197298
References: bsc#1212768
Signed-off-by: Fabian Vogt <fabian@ritter-vogt.de>
The sgabios submodule is no longer there, so let's get rid of any
reference to it from our spec files.
Remove no longer supported './configure' options.
We're also not set yet for using the set_version service, so we need to
update the following manually:
- the Version: tags in the spec files
- the rpm/seabios_version and rpm/skiboot_version files (see qemu.spec
for instructions on how to do that)
- the %{sbver} variable in rpm/common.inc
A better solution for handling this aspect is being worked on.
Signed-off-by: Dario Faggioli <dfaggioli@suse.com>
