- target/i386: csv: Release CSV3 shared pages after unmapping DMA
- target/i386: Add new CPU model ClearwaterForest
- target/i386: add sha512, sm3, sm4 feature bits
- docs: Add GNR, SRF and CWF CPU models
- target/i386: Export BHI_NO bit to guests
- target/i386: Introduce SierraForest-v2 model
- vdpa/iommufd:Implement DMA mapping through the iommufd interface
- vdpa/iommufd:Introduce vdpa-iommufd module
- vdpa/iommufd:support associating iommufd backend for vDPA devices
- Kconfig/iommufd/VDPA: Update IOMMUFD module configuration dependencies The vDPA module can also use IOMMUFD like the VFIO module.
- backends/iommufd: Get rid of qemu_open_old()
- backends/iommufd: Make iommufd_backend_*() return bool
- backends/iommufd: Fix missing ERRP_GUARD() for error_prepend()
- backends/iommufd: Remove mutex
- backends/iommufd: Remove check on number of backend users
- hw/intc: Add extioi ability of 256 vcpu interrupt routing
- hw/rtc: Fixed loongson rtc emulation errors
- hw/loongarch/boot: Adjust the loading position of the initrd
- target/loongarch: Fix the cpu unplug resource leak
- target/loongarch: fix vcpu reset command word issue
- vdpa:Fix dirty page bitmap synchronization not done after suspend for vdpa devices
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit a5212066e7516ff2a316e1b2feaa75dd5ee4d17a)
- Revert "linux-user: Print tid not pid with strace"
- gpex-acpi: Remove duplicate DSM #5
- smmuv3: Use default bus for arm-smmuv3-accel
- smmuv3: Change arm-smmuv3-nested name to arm-smmuv3-accel
- smmu-common: Return sysmem address space only for vfio-pci
- smmuv3: realize get_pasid_cap and set ssidsize with pasid
- vfio: Synthesize vPASID capability to VM
- backend/iommufd: Report PASID capability
- pci: Get pasid capability from vIOMMU
- smmuv3: Add support for page fault handling
- kvm: Translate MSI doorbell address only if it is valid
- hw/arm/smmuv3: Enable sva/stall IDR features
- iommufd.h: Updated to openeuler olk-6.6 kernel
- tests/data/acpi/virt: Update IORT acpi table
- hw/arm/virt-acpi-build: Add IORT RMR regions to handle MSI nested binding
- tests/qtest: Allow IORT acpi table to change
- hw/arm/virt-acpi-build: Build IORT with multiple SMMU nodes
- hw/arm/smmuv3: Associate a pci bus with a SMMUv3 Nested device
- hw/arm/smmuv3: Add initial support for SMMUv3 Nested device
- hw/arm/virt: Add an SMMU_IO_LEN macro
- hw/pci-host/gpex: [needs kernel fix] Allow to generate preserve boot config DSM #5
- tests/data/acpi: Update DSDT acpi tables
- acpi/gpex: Fix PCI Express Slot Information function 0 returned value
- tests/qtest: Allow DSDT acpi tables to change
- hw/arm/smmuv3: Forward cache invalidate commands via iommufd
- hw/arm/smmu-common: Replace smmu_iommu_mr with smmu_find_sdev
- hw/arm/smmuv3: Add missing STE invalidation
- hw/arm/smmuv3: Add smmu_dev_install_nested_ste() for CFGI_STE
- hw/arm/smmuv3: Check idr registers for STE_S1CDMAX and STE_S1STALLD
- hw/arm/smmuv3: Read host SMMU device info
- hw/arm/smmuv3: Ignore IOMMU_NOTIFIER_MAP for nested-smmuv3
- hw/arm/smmu-common: Return sysmem if stage-1 is bypassed
- hw/arm/smmu-common: Add iommufd helpers
- hw/arm/smmu-common: Add set/unset_iommu_device callback
- hw/arm/smmu-common: Extract smmu_get_sbus and smmu_get_sdev helpers
- hw/arm/smmu-common: Bypass emulated IOTLB for a nested SMMU
- hw/arm/smmu-common: Add a nested flag to SMMUState
- backends/iommufd: Introduce iommufd_viommu_invalidate_cache
- backends/iommufd: Introduce iommufd_vdev_alloc
- backends/iommufd: Introduce iommufd_backend_alloc_viommu
- vfio/iommufd: Implement [at|de]tach_hwpt handlers
- vfio/iommufd: Implement HostIOMMUDeviceClass::realize_late() handler
- HostIOMMUDevice: Introduce realize_late callback
- vfio/iommufd: Add properties and handlers to TYPE_HOST_IOMMU_DEVICE_IOMMUFD
- backends/iommufd: Add helpers for invalidating user-managed HWPT
- Update iommufd.h header for vSVA
- vfio/common: Allow disabling device dirty page tracking
- vfio/migration: Don't block migration device dirty tracking is unsupported
- vfio/iommufd: Implement VFIOIOMMUClass::query_dirty_bitmap support
- vfio/iommufd: Implement VFIOIOMMUClass::set_dirty_tracking support
- vfio/iommufd: Probe and request hwpt dirty tracking capability
- vfio/{iommufd, container}: Invoke HostIOMMUDevice::realize() during attach_device()
- vfio/iommufd: Add hw_caps field to HostIOMMUDeviceCaps
- vfio/{iommufd,container}: Remove caps::aw_bits
- HostIOMMUDevice: Store the VFIO/VDPA agent
- vfio/iommufd: Introduce auto domain creation
- vfio/ccw: Don't initialize HOST_IOMMU_DEVICE with mdev
- vfio/ap: Don't initialize HOST_IOMMU_DEVICE with mdev
- vfio/iommufd: Return errno in iommufd_cdev_attach_ioas_hwpt()
- backends/iommufd: Extend iommufd_backend_get_device_info() to fetch HW capabilities
- vfio/iommufd: Don't initialize nor set a HOST_IOMMU_DEVICE with mdev
- vfio/pci: Extract mdev check into an helper
- intel_iommu: Check compatibility with host IOMMU capabilities
- intel_iommu: Implement [set|unset]_iommu_device() callbacks
- intel_iommu: Extract out vtd_cap_init() to initialize cap/ecap
- vfio/pci: Pass HostIOMMUDevice to vIOMMU
- hw/pci: Introduce pci_device_[set|unset]_iommu_device()
- hw/pci: Introduce helper function pci_device_get_iommu_bus_devfn()
- vfio: Create host IOMMU device instance
- backends/iommufd: Implement HostIOMMUDeviceClass::get_cap() handler
- vfio/container: Implement HostIOMMUDeviceClass::get_cap() handler
- vfio/iommufd: Implement HostIOMMUDeviceClass::realize() handler
- backends/iommufd: Introduce helper function iommufd_backend_get_device_info()
- vfio/container: Implement HostIOMMUDeviceClass::realize() handler
- range: Introduce range_get_last_bit()
- backends/iommufd: Introduce TYPE_HOST_IOMMU_DEVICE_IOMMUFD[_VFIO] devices
- vfio/container: Introduce TYPE_HOST_IOMMU_DEVICE_LEGACY_VFIO device
- backends/host_iommu_device: Introduce HostIOMMUDeviceCaps
- backends: Introduce HostIOMMUDevice abstract
- vfio/iommufd: Remove CONFIG_IOMMUFD usage
- vfio/spapr: Extend VFIOIOMMUOps with a release handler
- vfio/spapr: Only compile sPAPR IOMMU support when needed
- vfio/iommufd: Introduce a VFIOIOMMU iommufd QOM interface
- vfio/spapr: Introduce a sPAPR VFIOIOMMU QOM interface
- vfio/container: Intoduce a new VFIOIOMMUClass::setup handler
- vfio/container: Introduce a VFIOIOMMU legacy QOM interface
- vfio/container: Introduce a VFIOIOMMU QOM interface
- vfio/container: Initialize VFIOIOMMUOps under vfio_init_container()
- vfio/container: Introduce vfio_legacy_setup() for further cleanups
- docs/devel: Add VFIO iommufd backend documentation
- vfio: Introduce a helper function to initialize VFIODevice
- vfio/ccw: Move VFIODevice initializations in vfio_ccw_instance_init
- vfio/ap: Move VFIODevice initializations in vfio_ap_instance_init
- vfio/platform: Move VFIODevice initializations in vfio_platform_instance_init
- vfio/pci: Move VFIODevice initializations in vfio_instance_init
- hw/i386: Activate IOMMUFD for q35 machines
- kconfig: Activate IOMMUFD for s390x machines
- hw/arm: Activate IOMMUFD for virt machines
- vfio: Make VFIOContainerBase poiner parameter const in VFIOIOMMUOps callbacks
- vfio/ccw: Make vfio cdev pre-openable by passing a file handle
- vfio/ccw: Allow the selection of a given iommu backend
- vfio/ap: Make vfio cdev pre-openable by passing a file handle
- vfio/ap: Allow the selection of a given iommu backend
- vfio/platform: Make vfio cdev pre-openable by passing a file handle
- vfio/platform: Allow the selection of a given iommu backend
- vfio/pci: Make vfio cdev pre-openable by passing a file handle
- vfio/pci: Allow the selection of a given iommu backend
- vfio/iommufd: Enable pci hot reset through iommufd cdev interface
- vfio/pci: Introduce a vfio pci hot reset interface
- vfio/pci: Extract out a helper vfio_pci_get_pci_hot_reset_info
- vfio/iommufd: Add support for iova_ranges and pgsizes
- vfio/iommufd: Relax assert check for iommufd backend
- vfio/iommufd: Implement the iommufd backend
- vfio/common: return early if space isn't empty
- util/char_dev: Add open_cdev()
- backends/iommufd: Introduce the iommufd object
- vfio/spapr: Move hostwin_list into spapr container
- vfio/spapr: Move prereg_listener into spapr container
- vfio/spapr: switch to spapr IOMMU BE add/del_section_window
- vfio/spapr: Introduce spapr backend and target interface
- vfio/container: Implement attach/detach_device
- vfio/container: Move iova_ranges to base container
- vfio/container: Move dirty_pgsizes and max_dirty_bitmap_size to base container
- vfio/container: Move listener to base container
- vfio/container: Move vrdl_list to base container
- vfio/container: Move pgsizes and dma_max_mappings to base container
- vfio/container: Convert functions to base container
- vfio/container: Move per container device list in base container
- vfio/container: Switch to IOMMU BE set_dirty_page_tracking/query_dirty_bitmap API
- vfio/container: Move space field to base container
- vfio/common: Move giommu_list in base container
- vfio/common: Introduce vfio_container_init/destroy helper
- vfio/container: Switch to dma_map|unmap API
- vfio/container: Introduce a empty VFIOIOMMUOps
- vfio: Introduce base object for VFIOContainer and targeted interface
- cryptodev: Fix error handling in cryptodev_lkcf_execute_task()
- hw/xen: Fix xen_bus_realize() error handling
- hw/misc/aspeed_hace: Fix buffer overflow in has_padding function
- target/s390x: Fix a typo in s390_cpu_class_init()
- hw/sd/sdhci: free irq on exit
- hw/ufs: free irq on exit
- hw/pci-host/designware: Fix ATU_UPPER_TARGET register access
- target/i386: Make invtsc migratable when user sets tsc-khz explicitly
- target/i386: Construct CPUID 2 as stateful iff times > 1
- target/i386: Enable fdp-excptn-only and zero-fcs-fds
- target/i386: Don't construct a all-zero entry for CPUID[0xD 0x3f]
- i386/cpuid: Remove subleaf constraint on CPUID leaf 1F
- target/i386: pass X86CPU to x86_cpu_get_supported_feature_word
- target/i386: Raise the highest index value used for any VMCS encoding
- target/i386: Add VMX control bits for nested FRED support
- target/i386: Delete duplicated macro definition CR4_FRED_MASK
- target/i386: Add get/set/migrate support for FRED MSRs
- target/i386: enumerate VMX nested-exception support
- vmxcap: add support for VMX FRED controls
- target/i386: mark CR4.FRED not reserved
- target/i386: add support for FRED in CPUID enumeration
- target/i386: fix feature dependency for WAITPKG
- target/i386: Add more features enumerated by CPUID.7.2.EDX
- net: fix build when libbpf is disabled, but libxdp is enabled
- hw/nvme: fix invalid endian conversion
- hw/nvme: fix invalid check on mcl
- backends/cryptodev: Do not ignore throttle/backends Errors
- backends/cryptodev: Do not abort for invalid session ID
- virtcca: add kvm isolation when get tmi version.
- qga: Don't daemonize before channel is initialized
- qga: Add log to guest-fsfreeze-thaw command
- backends: VirtCCA: cvm_gpa_start supports both 1GB and 3GB
- BUGFIX: Enforce isolation for virtcca_shared_hugepage
- arm: VirtCCA: qemu CoDA support UEFI boot
- arm: VirtCCA: Compatibility with older versions of TMM and the kernel
- arm: VirtCCA: qemu uefi boot support kae
- arm: VirtCCA: CVM support UEFI boot
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 85fd7a435d8203dde56fedc4c8f500e41faf132c)
- target/i386: csv: Support inject secret for CSV3 guest only if the extension is enabled
- target/i386: csv: Support load kernel hashes for CSV3 guest only if the extension is enabled
- target/i386: csv: Request to set private memory of CSV3 guest if the extension is enabled
- target/i386: kvm: Support to get and enable extensions for Hygon CoCo guest
- qapi/qom,target/i386: csv-guest: Introduce secret-header-file=str and secret-file=str options
- bakcend: VirtCCA:resolve hugepage memory waste issue in vhost-user scenario
- parallels: fix ext_off assertion failure due to overflow
- backends/cryptodev-vhost-user: Fix local_error leaks
- hw/usb/hcd-ehci: Fix debug printf format string
- target/riscv/vector_helper.c: fix 'vmvr_v' memcpy endianess
- target/riscv/vector_helper.c: optimize loops in ldst helpers
- target/riscv/vector_helper.c: set vstart = 0 in GEN_VEXT_VSLIDEUP_VX()
- target/hexagon: don't look for static glib
- virtio-net: Fix network stall at the host side waiting for kick
- Add if condition to avoid assertion failed error in blockdev_init
- target/arm: Use float_status copy in sme_fmopa_s
- target/arm: take HSTR traps of cp15 accesses to EL2, not EL1
- target/arm: Reinstate "vfp" property on AArch32 CPUs
- target/i386/cpu: Fix notes for CPU models
- target/arm: LDAPR should honour SCTLR_ELx.nAA
- target/riscv: Avoid bad shift in riscv_cpu_do_interrupt()
- hvf: remove unused but set variable
- hw/misc/nrf51_rng: Don't use BIT_MASK() when we mean BIT()
- Avoid taking address of out-of-bounds array index
- target/arm: Fix VCMLA Dd, Dn, Dm[idx]
- target/arm: Fix UMOPA/UMOPS of 16-bit values
- target/arm: Fix SVE/SME gross MTE suppression checks
- target/arm: Fix nregs computation in do_{ld,st}_zpa
- crypto: fix error check on gcry_md_open
- Change vmstate_cpuhp_sts vmstateDescription version_id
- hw/pci: Remove unused pci_irq_pulse() method
- hw/intc: Don't clear pending bits on IRQ lowering
- target/arm: Drop user-only special case in sve_stN_r
- migration: Ensure vmstate_save() sets errp
- target/i386: fix hang when using slow path for ptw_setl
- contrib/plugins: add compat for g_memdup2
- hw/audio/hda: fix memory leak on audio setup
- crypto: perform runtime check for hash/hmac support in gcrypt
- target/arm: Fix incorrect aa64_tidcp1 feature check
- target/arm: fix exception syndrome for AArch32 bkpt insn
- target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
- linux-user: Print tid not pid with strace
- target/arm: Fix A64 scalar SQSHRN and SQRSHRN
- target/arm: Don't assert for 128-bit tile accesses when SVL is 128
- hw/timer/exynos4210_mct: fix possible int overflow
- target/arm: Avoid shifts by -1 in tszimm_shr() and tszimm_shl()
- hw/audio/virtio-snd: Always use little endian audio format
- target/riscv: Fix vcompress with rvv_ta_all_1s
- usb-hub: Fix handling port power control messages
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit d4a20b24ff377fd07fcbf2b72eecaf07a3ac4cc0)
- hw/misc/mos6522: Fix bad class definition of the MOS6522 device
- target/i386: Fix minor typo in NO_NESTED_DATA_BP feature bit
- cpu: ensure we don't call start_exclusive from cpu_exec
- Avoid unaligned fetch in ladr_match()
- audio/audio.c: remove trailing newline in error_setg
- acpi/tests/avocado/bits: wait for 200 seconds for SHUTDOWN event from bits VM
- linux-user: Tolerate CONFIG_LSM_MMAP_MIN_ADDR
- accel/tcg: Fix user-only probe_access_internal plugin
- linux-user: Honor elf alignment when placing images
- Reserve address for MSI mapping in the CVM scenario.
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 3ab56c27fe6b593be9a24f27b52b2730efa05304)
- vdpa-dev: Fix initialisation order to restore VDUSE compatibility
- tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc()
- migration: fix-possible-int-overflow
- target/m68k: Map FPU exceptions to FPSR register
- qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo
- hvf: arm: Fix encodings for ID_AA64PFR1_EL1 and debug System registers
- hw/intc/arm_gic: Fix handling of NS view of GICC_APR<n>
- qio: Inherit follow_coroutine_ctx across TLS
- target/riscv: Fix the element agnostic function problem
- accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded
- tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers
- migration: Fix file migration with fdset
- ui/vnc: don't return an empty SASL mechlist to the client
- target/arm: Fix FJCVTZS vs flush-to-zero
- hw/ppc/e500: Prefer QOM cast
- sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
- hw/ppc/e500: Remove unused "irqs" parameter
- hw/ppc/e500: Add missing device tree properties to i2c controller node
- hw/i386/amd_iommu: Don't leak memory in amdvi_update_iotlb()
- hw/arm/mps2-tz.c: fix RX/TX interrupts order
- target/i386: csv: Add support to migrate the incoming context for CSV3 guest
- target/i386: csv: Add support to migrate the outgoing context for CSV3 guest
- target/i386: csv: Add support to migrate the incoming page for CSV3 guest
- target/i386: csv: Add support to migrate the outgoing page for CSV3 guest
- linux-headers: update kernel headers to include CSV3 migration cmds
- vfio: Only map shared region for CSV3 virtual machine
- vga: Force full update for CSV3 guest
- target/i386: csv: Load initial image to private memory for CSV3 guest
- target/i386: csv: Do not register/unregister guest secure memory for CSV3 guest
- target/i386: cpu: Populate CPUID 0x8000_001F when CSV3 is active
- target/i386: csv: Add command to load vmcb to CSV3 guest memory
- target/i386: csv: Add command to load data to CSV3 guest memory
- target/i386: csv: Add command to initialize CSV3 context
- target/i386: csv: Add CSV3 context
- next-kbd: convert to use qemu_input_handler_register()
- qemu/bswap: Undefine CPU_CONVERT() once done
- exec/memop: Remove unused memop_big_endian() helper
- hw/nvme: fix handling of over-committed queues
- 9pfs: fix crash on 'Treaddir' request
- hw/misc/psp: Pin the hugepage memory specified by mem2 during use for psp
- hw/misc: support tkm use mem2 memory
- hw/i386: add mem2 option for qemu
- kvm: add support for guest physical bits
- target/i386: add guest-phys-bits cpu property
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit f45f35e88509a4ffa9f62332ee9601e9fe1f8d09)
- hw/arm/virt:Keep Guest L1 cache type consistent with KVM
- cvm : Add support for TEE-based national encryption acceleration.
- Add virtCCA Coda annotation Adjust the position of the security device
- target/i386: sev: Add support for reuse ASID for different CSV guests
- target/i386: sev: Fix incompatibility between SEV and CSV on the GET_ID API
- hw/cxl: Ensure there is enough data for the header in cmd_ccls_set_lsa()
- hw/pci: Add parenthesis to PCI_BUILD_BDF macro
- hw/audio/hda: free timer on exit
- meson.build: Remove ncurses workaround for OpenBSD
- ui/console-vc: Silence warning about sprintf() on OpenBSD
- ui: remove break after g_assert_not_reached()
- s390x/sclp: Simplify get_sclp_device()
- hw/vfio/hct: qemu startup terminate once error happened in hct
- hw/vfio/hct: fix ccp_index error caused by uninitialized buf
- hw/vfio/hct: update support ccp count to 48.
- hw/vfio: add device hct based on vfio.
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit 702a9cc4e262a50f7aa6f7c9549fbc13d4cd0770)
- ppc/xive: Fix ESB length overflow on 32-bit hosts
- target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64
- target/ppc: Fix migration of CPUs with TLB_EMB TLB type
- target/arm: Clear high SVE elements in handle_vec_simd_wshli
- module: Prevent crash by resetting local_err in module_load_qom_all()
- tests/docker: update debian i686 and mipsel images to bookworm
- target/arm: Fix SVE SDOT/UDOT/USDOT (4-way, indexed)
- docs/sphinx/depfile.py: Handle env.doc2path() returning a Path not a str
- block/blkio: use FUA flag on write zeroes only if supported
- virtio-pci: Fix the use of an uninitialized irqfd
- hw/cxl: Ensure there is enough data to read the input header in cmd_get_physical_port_state()
- intel_iommu: Send IQE event when setting reserved bit in IQT_TAIL
- virtio-net: Avoid indirection_table_mask overflow
- Fix calculation of minimum in colo_compare_tcp
- target/riscv/csr.c: Fix an access to VXSAT
- linux-user: Clean up unused header
- raw-format: Fix error message for invalid offset/size
- hw/loongarch/virt: Remove unnecessary 'cpu.h' inclusion
- tests: Wait for migration completion on destination QEMU to avoid failures
- acpi: ged: Add macro for acpi sleep control register
- hw/intc/openpic: Improve errors for out of bounds property values
- hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge
- docs/tools/qemu-img.rst: fix typo (sumarizes)
- audio/pw: Report more accurate error when connecting to PipeWire fails
- audio/pw: Report more accurate error when connecting to PipeWire fails
- dma: Fix function names in documentation Ensure the function names match.
- edu: fix DMA range upper bound check
- platform-bus: fix refcount leak
- hw/net/can/sja1000: fix bug for single acceptance filter and standard frame
- tests/avocado: fix typo in replay_linux
- util/userfaultfd: Remove unused uffd_poll_events
- Consider discard option when writing zeros
- crypto: factor out conversion of QAPI to gcrypt constants
- crypto: drop gnutls debug logging support
- crypto: use consistent error reporting pattern for unsupported cipher modes
- hw/gpio/aspeed_gpio: Avoid shift into sign bit
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
(cherry picked from commit b6e04df301d30895427ab41a1edff0f40149bdd9)
- Added CoDA feature support in the context of CVM. When virtcca cvm is enabled, the iommu is tagged as secure.
- hw/block: fix uint32 overflow
- hw/ufs: add basic info of query response upiu
- crypto: avoid leak of ctx when bad cipher mode is given Fixes: Coverity CID 1546884
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- hw/loongarch/virt: Fix FDT memory node address width
- hw/loongarch: Fix fdt memory node wrong 'reg'
- load_elf: fix iterator's type for elf file processing
- migration/colo: Fix bdrv_graph_rdlock_main_loop: Assertion `!qemu_in_…
- target/i386: no single-step exception after MOV or POP SS
- char-stdio: Restore blocking mode of stdout on exit
- backends/cryptodev-builtin: Fix local_error leaks
- target/loongarch: fix a wrong print in cpu dump
- virtio-pci: fix use of a released vector
- target/arm: Disable SVE extensions when SVE is disabled
- hw/misc/bcm2835_property: Fix handling of FRAMEBUFFER_SET_PALETTE
- target/i386: Introduce SapphireRapids-v3 to add missing features
- virtio-net: Ensure queue index fits with RSS (CVE-2024-6505)
- nbd/server: CVE-2024-7409: Avoid use-after-free when closing server
- update io/trace-events. Parameters should remain consistent.
- update docs/tools/virtfs-proxy-helper.rst. This place is spelled wrong.
- kvm: Add support for CSV2 reboot
- target/i386/kvm: Fix the resettable info when emulate Hygon CSV2 guest
- target/i386: get/set/migrate GHCB state
- target/i386: csv: Add support for migrate VMSA for CSV2 guest
- migration/ram: Accelerate the loading of CSV guest's encrypted pages
- migration/ram: Accelerate the transmission of CSV guest's encrypted pages
- target/i386: csv: add support to load incoming encrypted pages queued in the CMD list
- target/i386: csv: add support to queue the incoming page into a list
- target/i386: csv: add support to encrypt the outgoing pages in the list queued before.
- target/i386: csv: add support to queue the outgoing page into a list
- target/i386: csv: Read cert chain from file when prepared for CSV live migration
- target/i386: Introduce header file csv.h
- migration/ram: Fix calculation of gfn correpond to a page in ramblock
- target/i386: sev: Clear shared_regions_list when reboot CSV Guest
- migration/ram: Force encrypted status for VGA vram
- target/i386: sev: Return 0 if sev_send_get_packet_len() fails
- kvm: Add support for userspace MSR filtering and handling of MSR_KVM_MIGRATION_CONTROL.
- migration/ram: Force encrypted status for flash0 & flash1 devices.
- migration/ram: add support to send encrypted pages
- migration: add support to migrate shared regions list
- kvm: Add support for SEV shared regions list and KVM_EXIT_HYPERCALL.
- target/i386: sev: add support to load incoming encrypted page
- target/i386: sev: add support to encrypt the outgoing page
- target/i386: sev: do not create launch context for an incoming guest
- target/i386: sev: provide callback to setup outgoing context
- confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs
- migration.json: add AMD SEV specific migration parameters
- doc: update AMD SEV to include Live migration flow
- crypto/tlscredspsk: Free username on finalize
- hw/nvme: fix leak of uninitialized memory in io_mgmt_recv
- hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read()
- cvm : Implement command blacklist for cvm security enhancement
- crypto: Introduce SM3 hash hmac pbkdf algorithm
- virtio-net: Use virtual time for RSC timers
- vvfat: Fix bug in writing to middle of file
- hw/core/ptimer: fix timer zero period condition for freq > 1GHz
- hw/misc: support vpsp
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- cvm : bug fix for undefined reference to 'virtcca_cvm_allowed' while compiling
- cvm : bug-fix for incorrect device name check for vhost-user-fs
- target/i386: add control bits support for LAM
- target/i386: add support for LAM in CPUID enumeration
- Add support for the virtcca cvm feature.
- target/sparc: use signed denominator in sdiv helper
- crypto: Introduce SM4 symmetric cipher algorithm
- ppc/vof: Fix unaligned FDT property access
- vl: fix "type is NULL" in -vga help
- hw/display/bcm2835_fb: fix fb_use_offsets condition
- aspeed/smc: Fix possible integer overflow
- hw/nvme: fix number of PIDs for FDP RUH update
- hw/nvme: fix memory leak in nvme_dsm
- hvf: arm: Do not advance PC when raising an exception
- physmem: Bail out qemu_ram_block_from_host() for invalid ram addrs
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- nbd/server: CVE-2024-7409: Close stray clients at server-stop
- nbd/server: CVE-2024-7409: Drop non-negotiating clients
- nbd/server: CVE-2024-7409: Cap default max-connections to 100
- nbd/server: Plumb in new args to nbd_client_add()
- nbd: Minor style and typo fixes
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- block: Parse filenames only when explicitly requested (CVE-2024-4467)
- iotests/270: Don't store data-file with json: prefix in image (CVE-2024-4467)
- iotests/244: Don't store data-file with protocol in image (CVE-2024-4467)
- qcow2: Don't open data_file with BDRV_O_NO_IO (CVE-2024-4467)
- migration/dirtyrate: Fix segmentation fault
- target/hexagon: idef-parser fix leak of init_list
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- target/riscv/cpu.c: fix Zvkb extension config
- target/i386: Add new Hygon 'Dharma' CPU model
- target/i386: Add Hygon Dhyana-v3 CPU model
- ui/gtk: Fix mouse/motion event scaling issue with GTK display backend
- hw/ufs: Fix buffer overflow bug
- arm/virt: Set vcpus_count of CPU as 1 to compatible with libvirt
- ppc/pnv: I2C controller is not user creatablei
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- target/i386: Export RFDS bit to guests
- target/i386: Add new CPU model SierraForest
- target/i386: Introduce Icelake-Server-v7 to enable TSX
- hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately
- kvm/arm: Fix compatibility of cold-plug CPU with SVE
- arm/virt/acpi: Extend cpufreq to support max_cpus
- kvm/arm: Fix SVE related logic for vcpu hotplug feature
- arm/virt: Don't modify smp.max_cpus when vcpu hotplug disabled
- acpi/cpu: Fix detection of present cpu
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
- hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set(CVE-2024-3447)
- hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/display/virtio-gpu: Protect from DMA re-entrancy bugs(CVE-2024-3446)
- hw/virtio: Introduce virtio_bh_new_guarded() helper
- hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
- hw/nvme: fix -Werror=maybe-uninitialized
- block/virtio-blk: Fix memory leak from virtio_blk_zone_report
- hw/net/virtio-net: fix qemu set used ring flag even vhost started
- hw/scsi/scsi-generic: Fix io_timeout property not applying
- tests: bios-tables-test: Rename smbios type 4 related test functions
Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com>
