- Added CoDA feature support in the context of CVM. When virtcca cvm is enabled, the iommu is tagged as secure.
- hw/block: fix uint32 overflow
- hw/ufs: add basic info of query response upiu
- crypto: avoid leak of ctx when bad cipher mode is given Fixes: Coverity CID 1546884
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- hw/loongarch/virt: Fix FDT memory node address width
- hw/loongarch: Fix fdt memory node wrong 'reg'
- load_elf: fix iterator's type for elf file processing
- migration/colo: Fix bdrv_graph_rdlock_main_loop: Assertion `!qemu_in_…
- target/i386: no single-step exception after MOV or POP SS
- char-stdio: Restore blocking mode of stdout on exit
- backends/cryptodev-builtin: Fix local_error leaks
- target/loongarch: fix a wrong print in cpu dump
- virtio-pci: fix use of a released vector
- target/arm: Disable SVE extensions when SVE is disabled
- hw/misc/bcm2835_property: Fix handling of FRAMEBUFFER_SET_PALETTE
- target/i386: Introduce SapphireRapids-v3 to add missing features
- virtio-net: Ensure queue index fits with RSS (CVE-2024-6505)
- nbd/server: CVE-2024-7409: Avoid use-after-free when closing server
- update io/trace-events. Parameters should remain consistent.
- update docs/tools/virtfs-proxy-helper.rst. This place is spelled wrong.
- kvm: Add support for CSV2 reboot
- target/i386/kvm: Fix the resettable info when emulate Hygon CSV2 guest
- target/i386: get/set/migrate GHCB state
- target/i386: csv: Add support for migrate VMSA for CSV2 guest
- migration/ram: Accelerate the loading of CSV guest's encrypted pages
- migration/ram: Accelerate the transmission of CSV guest's encrypted pages
- target/i386: csv: add support to load incoming encrypted pages queued in the CMD list
- target/i386: csv: add support to queue the incoming page into a list
- target/i386: csv: add support to encrypt the outgoing pages in the list queued before.
- target/i386: csv: add support to queue the outgoing page into a list
- target/i386: csv: Read cert chain from file when prepared for CSV live migration
- target/i386: Introduce header file csv.h
- migration/ram: Fix calculation of gfn correpond to a page in ramblock
- target/i386: sev: Clear shared_regions_list when reboot CSV Guest
- migration/ram: Force encrypted status for VGA vram
- target/i386: sev: Return 0 if sev_send_get_packet_len() fails
- kvm: Add support for userspace MSR filtering and handling of MSR_KVM_MIGRATION_CONTROL.
- migration/ram: Force encrypted status for flash0 & flash1 devices.
- migration/ram: add support to send encrypted pages
- migration: add support to migrate shared regions list
- kvm: Add support for SEV shared regions list and KVM_EXIT_HYPERCALL.
- target/i386: sev: add support to load incoming encrypted page
- target/i386: sev: add support to encrypt the outgoing page
- target/i386: sev: do not create launch context for an incoming guest
- target/i386: sev: provide callback to setup outgoing context
- confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs
- migration.json: add AMD SEV specific migration parameters
- doc: update AMD SEV to include Live migration flow
- crypto/tlscredspsk: Free username on finalize
- hw/nvme: fix leak of uninitialized memory in io_mgmt_recv
- hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read()
- cvm : Implement command blacklist for cvm security enhancement
- crypto: Introduce SM3 hash hmac pbkdf algorithm
- virtio-net: Use virtual time for RSC timers
- vvfat: Fix bug in writing to middle of file
- hw/core/ptimer: fix timer zero period condition for freq > 1GHz
- hw/misc: support vpsp
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- cvm : bug fix for undefined reference to 'virtcca_cvm_allowed' while compiling
- cvm : bug-fix for incorrect device name check for vhost-user-fs
- target/i386: add control bits support for LAM
- target/i386: add support for LAM in CPUID enumeration
- Add support for the virtcca cvm feature.
- target/sparc: use signed denominator in sdiv helper
- crypto: Introduce SM4 symmetric cipher algorithm
- ppc/vof: Fix unaligned FDT property access
- vl: fix "type is NULL" in -vga help
- hw/display/bcm2835_fb: fix fb_use_offsets condition
- aspeed/smc: Fix possible integer overflow
- hw/nvme: fix number of PIDs for FDP RUH update
- hw/nvme: fix memory leak in nvme_dsm
- hvf: arm: Do not advance PC when raising an exception
- physmem: Bail out qemu_ram_block_from_host() for invalid ram addrs
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- nbd/server: CVE-2024-7409: Close stray clients at server-stop
- nbd/server: CVE-2024-7409: Drop non-negotiating clients
- nbd/server: CVE-2024-7409: Cap default max-connections to 100
- nbd/server: Plumb in new args to nbd_client_add()
- nbd: Minor style and typo fixes
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- block: Parse filenames only when explicitly requested (CVE-2024-4467)
- iotests/270: Don't store data-file with json: prefix in image (CVE-2024-4467)
- iotests/244: Don't store data-file with protocol in image (CVE-2024-4467)
- qcow2: Don't open data_file with BDRV_O_NO_IO (CVE-2024-4467)
- migration/dirtyrate: Fix segmentation fault
- target/hexagon: idef-parser fix leak of init_list
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- target/riscv/cpu.c: fix Zvkb extension config
- target/i386: Add new Hygon 'Dharma' CPU model
- target/i386: Add Hygon Dhyana-v3 CPU model
- ui/gtk: Fix mouse/motion event scaling issue with GTK display backend
- hw/ufs: Fix buffer overflow bug
- arm/virt: Set vcpus_count of CPU as 1 to compatible with libvirt
- ppc/pnv: I2C controller is not user creatablei
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- target/i386: Export RFDS bit to guests
- target/i386: Add new CPU model SierraForest
- target/i386: Introduce Icelake-Server-v7 to enable TSX
- hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately
- kvm/arm: Fix compatibility of cold-plug CPU with SVE
- arm/virt/acpi: Extend cpufreq to support max_cpus
- kvm/arm: Fix SVE related logic for vcpu hotplug feature
- arm/virt: Don't modify smp.max_cpus when vcpu hotplug disabled
- acpi/cpu: Fix detection of present cpu
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set(CVE-2024-3447)
- hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/display/virtio-gpu: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/virtio: Introduce virtio_bh_new_guarded() helper
- hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
- hw/nvme: fix -Werror=maybe-uninitialized
- block/virtio-blk: Fix memory leak from virtio_blk_zone_report
- hw/net/virtio-net: fix qemu set used ring flag even vhost started
- hw/scsi/scsi-generic: Fix io_timeout property not applying
- tests: bios-tables-test: Rename smbios type 4 related test functions
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
arm/virt: Use max_cpus to calculate redist1_count
arm/virt: Use separate filed to identify cpu-hotplug enable
Signed-off-by: Keqian Zhu <zhukeqian1@huawei.com>
- coro: support live patch for libcare
- tests/acpi: Update expected ACPI tables for vcpu hotplug(update BinDir)
- arm/virt: Require mc->has_hotpluggable_cpus for cold-plugged vcpu
- arm/virt: Consider has_ged when set mc->has_hotpluggable_cpus
- arm/virt-acpi: Require possible_cpu_arch_ids for build_cpus_aml()
- acpi/ged: Remove cpuhp field of ged
- acpi/ged: Init cpu hotplug only when machine support it
- intc/gicv3: Fixes for vcpu hotplug
- arm/kvm: Set psci smccc filter only with vcpu hotplug
- accel/kvm: Use correct id for parked vcpu
- arm/virt: Fix adjudgement of core_id for vcpu hotplugged
- arm/virt.c: Convey local_err when set psci-conduit
- system/cpus: Fix resume_all_vcpus() under vCPU hotplug condition
- system/cpus: Fix pause_all_vcpus() under concurrent environment
- acpi/cpu: Fix cpu_hotplug_hw_init()
- arm/cpu: Some fixes for arm_cpu_unrealizefn()
- system/physmem: Fix possible double free when destroy cpu as
- hw/arm/virt: Expose cold-booted CPUs as MADT GICC Enabled
- tcg/mttcg: enable threads to unregister in tcg_ctxs[]
- hw/arm: Support hotplug capability check using _OSC method
- target/arm/kvm,tcg: Register/Handle SMCCC hypercall exits to VMM/Qemu
- target/arm/kvm: Write CPU state back to KVM on reset
- target/arm: Add support of *unrealize* ARMCPU during vCPU Hot-unplug
- physmem,gdbstub: Common helping funcs/changes to *unrealize* vCPU
- hw/arm: Changes required for reset and to support next boot
- arm/virt: Update the guest(via GED) about CPU hot-(un)plug events
- hw/intc/arm-gicv3*: Changes required to (re)init the vCPU register info
- hw/arm,gicv3: Changes to update GIC with vCPU hot-plug notification
- arm/virt: Changes to (un)wire GICC<->vCPU IRQs during hot-(un)plug
- arm/virt: Add/update basic hot-(un)plug framework
- hw/acpi: Update ACPI GED framework to support vCPU Hotplug
- arm/virt: Release objects for *disabled* possible vCPUs after init
- hw/acpi: Make _MAT method optional
- hw/arm: MADT Tbl change to size the guest with possible vCPUs
- hw/acpi: Update GED _EVT method AML with cpu scan
- hw/acpi: ACPI/AML Changes to reflect the correct _STA.{PRES,ENA} Bits to Guest
- arm/virt: Make ARM vCPU *present* status ACPI *persistent*
- arm/virt/acpi: Build CPUs AML with CPU Hotplug support
- tests/acpi/bios-tables-test: Allow changes to virt/DSDT file
- acpi/cpu: Add cpu_cppc building support
- arm/virt/acpi: Factor out CPPC building from DSDT CPU aml
- hw/acpi: Update CPUs AML with cpu-(ctrl)dev change
- arm/virt: Create GED dev before *disabled* CPU Objs are destroyed
- arm/virt: Add cpu hotplug events to GED during creation
- hw/acpi: Init GED framework with cpu hotplug events
- hw/acpi: Use qemu_present_cpu() API in ACPI CPU hotplug init
- hw/acpi: Add ACPI CPU hotplug init stub
- arm/acpi: Enable ACPI support for vcpu hotplug
- hw/acpi: Move CPU ctrl-dev MMIO region len macro to common header file
- arm/virt: Init PMU at host for all possible vcpus
- arm/virt,gicv3: Changes to pre-size GIC with possible vcpus @machine init
- arm/virt,kvm: Pre-create disabled possible vCPUs @machine init
- accel/kvm: Extract common KVM vCPU {creation,parking} code
- arm/virt,target/arm: Machine init time change common to vCPU {cold|hot}-plug
- hw/arm/virt: Move setting of common CPU properties in a function
- cpus-common: Add common CPU utility for possible vCPUs
- arm/virt,target/arm: Add new ARMCPU {socket,cluster,core,thread}-id property
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- vfio/migration: Add support for manual clear vfio dirty log
- vfio: Maintain DMA mapping range for the container
- linux-headers: update against 5.10 and manual clear vfio dirty log series
- arm/acpi: Fix when make qemu-system-aarch64 at x86_64 host bios_tables_test fail reason: __aarch64__ macro let build_pptt at x86_64 and aarch64 host build different function that let bios_tables_test fail.
- pl031: support rtc-timer property for pl031
- feature: Add logs for vm start and destroy
- feature: Add log for each modules
- log: Add log at boot & cpu init for aarch64
- bugfix: irq: Avoid covering object refcount of qemu_irq
- i386: cache passthrough: Update AMD 8000_001D.EAX[25:14] based on vCPU topo
- freeclock: set rtc_date_diff for X86
- freeclock: set rtc_date_diff for arm
- freeclock: add qmp command to get time offset of vm in seconds
- tests: Disable filemonitor testcase
- shadow_dev: introduce shadow dev for virtio-net device
- pl011: reset read FIFO when UARTTIMSC=0 & UARTICR=0xffff
- tests: virt: Update expected ACPI tables for virt test(update BinDir)
- arm64: Add the cpufreq device to show cpufreq info to guest
- hw/arm64: add vcpu cache info support
- tests: virt: Allow changes to PPTT test table
- cpu: add Cortex-A72 processor kvm target support
- cpu: add Kunpeng-920 cpu support
- net: eepro100: validate various address valuesi(CVE-2021-20255)
- ide: ahci: add check to avoid null dereference (CVE-2019-12067)
- vdpa: set vring enable only if the vring address has already been set
- docs: Add generic vhost-vdpa device documentation
- vdpa: don't suspend/resume device when vdpa device not started
- vdpa: correct param passed in when unregister save
- vdpa: suspend function return 0 when the vdpa device is stopped
- vdpa: support vdpa device suspend/resume
- vdpa: move memory listener to the realize stage
- vdpa: implement vdpa device migration
- vhost: implement migration state notifier for vdpa device
- vhost: implement post resume bh
- vhost: implement savevm_handler for vdpa device
- vhost: implement vhost_vdpa_device_suspend/resume
- vhost: implement vhost-vdpa suspend/resume
- vhost: add vhost_dev_suspend/resume_op
- vhost: introduce bytemap for vhost backend logging
- vhost-vdpa: add migration log ops for VhostOps
- vhost-vdpa: add VHOST_BACKEND_F_BYTEMAPLOG
- hw/usb: reduce the vpcu cost of UHCI when VNC disconnect
- virtio-net: update the default and max of rx/tx_queue_size
- virtio-net: set the max of queue size to 4096
- virtio-net: fix max vring buf size when set ring num
- virtio-net: bugfix: do not delete netdev before virtio net
- monitor: Discard BLOCK_IO_ERROR event when VM rebooted
- vhost-user: add unregister_savevm when vhost-user cleanup
- vhost-user: add vhost_set_mem_table when vm load_setup at destination
- vhost-user: quit infinite loop while used memslots is more than the backend limit
- fix qemu-core when vhost-user-net config with server mode
- vhost-user: Add support reconnect vhost-user socket
- vhost-user: Set the acked_features to vm's featrue
- i6300esb watchdog: bugfix: Add a runstate transition
- hw/net/rocker_of_dpa: fix double free bug of rocker device
- net/dump.c: Suppress spurious compiler warning
- pcie: Add pcie-root-port fast plug/unplug feature
- pcie: Compat with devices which do not support Link Width, such as ioh3420
- qdev/monitors: Fix reundant error_setg of qdev_add_device
- qemu-nbd: set timeout to qemu-nbd socket
- qemu-nbd: make native as the default aio mode
- nbd/server.c: fix invalid read after client was already free
- virtio-scsi: bugfix: fix qemu crash for hotplug scsi disk with dataplane
- virtio: bugfix: check the value of caches before accessing it
- virtio: print the guest virtio_net features that host does not support
- virtio: bugfix: add rcu_read_lock when vring_avail_idx is called
- virtio: check descriptor numbers
- migration: report multiFd related thread pid to libvirt
- migration: report migration related thread pid to libvirt
- cpu/features: fix bug for memory leakage
- doc: Update multi-thread compression doc
- migration: Add compress_level sanity check
- migration: Add zstd support in multi-thread compression
- migration: Add multi-thread compress ops
- migration: Refactoring multi-thread compress migration
- migration: Add multi-thread compress method
- migration: skip cache_drop for bios bootloader and nvram template
- oslib-posix: optimise vm startup time for 1G hugepage
- monitor/qmp: drop inflight rsp if qmp client broken
- ps2: fix oob in ps2 kbd
- Currently, while kvm and qemu can not handle some kvm exit, qemu will do vm_stop, which will make vm in pause state. This action make vm unrecoverable, so send guest panic to libvirt instead.
- vhost: cancel migration when vhost-user restarted during migraiton
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- migration: Skip only empty block devicesi
- iotests: adapt to output change for recently introduced 'detached hea…
- travis-ci: Rename SOFTMMU -> SYSTEM
- block: disallow block jobs when there is a BDRV_O_INACTIVE flag
- [backup] memory: bakcup hugepages: hugepages files maybe leftover
- memory: [backup] Modify the VM's physical bits value set policy.
- ui/clipboard: mark type as not available when there is no data (CVE-2023-6683)
- virtio-net: correctly copy vnet header when flushing TX (CVE-2023-6693)
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- disable keyring option
- loongarch: Change the UEFI loading mode to loongarch
- target/loongarch: Fix qtest test-hmp error when KVM-only build
- target/loongarch/kvm: Enable LSX/LASX extension
- target/loongarch: Set cpuid CSR register only once with kvm mode
- configure: Add linux header compile support for LoongArch
- hw/intc/loongarch_extioi: Add vmstate post_load support
- hw/intc/loongarch_extioi: Add dynamic cpu number support
- hw/loongarch/virt: Set iocsr address space per-board rather than percpu
- hw/intc/loongarch_ipi: Use MemTxAttrs interface for ipi ops
- target/loongarch: Add loongarch kvm into meson build
- target/loongarch: Implement set vcpu intr for kvm
- target/loongarch: Restrict TCG-specific code
- target/loongarch: Implement kvm_arch_handle_exit
- target/loongarch: Implement kvm_arch_init_vcpu
- target/loongarch: Implement kvm_arch_init function
- target/loongarch: Implement kvm get/set registers
- target/loongarch: Supplement vcpu env initial when vcpu reset
- target/loongarch: Define some kvm_arch interfaces
- linux-headers: Synchronize linux headers from linux v6.7.0-rc8
- linux-headers: Update to Linux v6.7-rc5
- target/loongarch: move translate modules to tcg/
- target/loongarch/meson: move gdbstub.c to loongarch.ss
- target/loongarch: Add timer information dump support
- hw/loongarch/virt: Align high memory base address with super page size
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit b2263e41ffa3428f1d9f9ff6e214c8e3a19e06e8)
- block: bugfix: Don't pause vm when NOSPACE EIO happened
- block: enable cache mode of empty cdrom
- block/mirror: fix file-system went to read-only after block-mirror
- scsi-bus: fix incorrect call for blk_error_retry_reset_timeout()
- scsi-bus: fix unmatched object_unref()
- block: Add sanity check when setting retry parameters
- block-backend: Stop retrying when draining
- scsi-disk: Add support for retry on errors
- scsi-bus: Refactor the code that retries requests
- virtio_blk: Add support for retry on errors
- block: Add error retry param setting
- block-backend: Add timeout support for retry
- block-backend: Enable retry action on errors
- block-backend: Add device specific retry callback
- block-backend: Introduce retry timer
- qapi/block-core: Add retry option for error action
- scsi: bugfix: fix division by zero
- scsi: cdrom: Fix crash after remote cdrom detached
- qemu-pr: fixed ioctl failed for multipath disk
- scsi-disk: define props in scsi_block_disk to avoid memleaks
- bugfix: fix possible memory leak
- bugfix: fix some illegal memory access and memory leak
- util/log: add CONFIG_DISABLE_QEMU_LOG macro
- log: Add some logs on VM runtime path
- bugfix: fix eventfds may double free when vm_id reused in ivshmem
- hw/display/macfb: Fix missing ERRP_GUARD() in macfb_nubus_realize()
- hw/cxl/cxl-host: Fix missing ERRP_GUARD() in cxl_fixed_memory_window_config()
- qemu-img create: 'cache' paramter only use for reg file image
- qemu-img: add qemu-img direct create
- qemu-img block: set zero flags only when discard_zeros of the block supported
- Revert "file-posix: Remove unused s->discard_zeroes"
- pcie_sriov: Validate NumVFs (CVE-2024-26327)
- hw/nvme: Use pcie_sriov_num_vfs() (CVE-2024-26328)
- hw/acpi/cpu: Use CPUState typedef
- target/i386/sev: Fix missing ERRP_GUARD() for error_prepend()
- virtio-gpu: remove needless condition
- hw/i2c/smbus_slave: Add object path on error prints
- vfio/pci: Ascend710 change to bar2 quirk
- vfio/pci: Ascend910 need 4Bytes quirk in bar0
- vfio/pci: Ascend710 need 4Bytes quirk in bar0
- vfio/pci: Ascend310 need 4Bytes quirk in bar4
- chardev/char-socket: Fix TLS io channels sending too much data to the backend
- i386/cpuid: Move leaf 7 to correct group
- i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
- i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs
- i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available
- blkio: Respect memory-alignment for bounce buffer allocations
- virtio-gpu: Correct virgl_renderer_resource_get_info() error check
- hw/usb: Style cleanup
- tests/qemu-iotests: resolved the problem that the 108 test cases in
the container fail
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 404d45bf9147058a475a8031c454a6c8e0acc123)
- vdpa: suspend function return 0 when the vdpa device is stopped
- vdpa: don't suspend/resume device when vdpa device not started
- vdpa: support vdpa device suspend/resume
- vdpa: correct param passed in when unregister save
- vdpa: set vring enable only if the vring address has already been set
- shadow_dev: introduce shadow dev for virtio-net device
- revert "tcg/loongarch64: Fix tcg_out_mov() Aborted"
- migration: Set downtime_start even for postcopy
- gdb-xml: fix duplicate register in arm-neon.xml
- iotests: fix default machine type detection
- migration: fix RAMBlock add NULL check
- s390x: Fix spelling errors
- ppc: spelling fixes
- hw/scsi/vhost-scsi: don't double close vhostfd on error
- virtio/vhost-vsock: don't double close vhostfd, remove redundant cleanup
- hw/scsi/vhost-scsi: don't leak vqs on error
- hw/i386/pc: Add missing property descriptions
- pcie_aer: Don't trigger a LSI if none are defined
- pci: Export the pci_intx() function
- hw/qdev: Cosmetic around documentation
- tests/unit: fix a -Wformat-truncation warning
- tests/avocado: mark ReplayKernelNormal.test_mips64el_malta as flaky
- i386/sev: Avoid SEV-ES crash due to missing MSR_EFER_LMA bit
- ui/vnc-clipboard: fix inflate_buffer
- hw/usb/hcd-xhci.c: spelling: tranfer
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 68fee7dc06a6beb5f69d951e22a7f16091f269ff)
