mbox series

[00/64] Patch Round-up for stable 6.0.1, freeze on 2021-10-26

Message ID 20211019140944.152419-1-michael.roth@amd.com (mailing list archive)
Headers show
Series Patch Round-up for stable 6.0.1, freeze on 2021-10-26 | expand

Message

Michael Roth Oct. 19, 2021, 2:08 p.m. UTC
Hi everyone,

The following new patches are queued for QEMU stable v6.0.1:

  https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/

Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:

  https://wiki.qemu.org/Planning/6.0

Please respond here or CC qemu-stable@nongnu.org on any additional patches
you think should (or shouldn't) be included in the release.

Thanks!

----------------------------------------------------------------
David Hildenbrand (2):
      virtio-balloon: don't start free page hinting if postcopy is possible
      virtio-mem-pci: Fix memory leak when creating MEMORY_DEVICE_SIZE_CHANGE event

Dr. David Alan Gilbert (1):
      audio: Never send migration section

Gerd Hoffmann (3):
      uas: add stream number sanity checks.
      usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
      usb: limit combined packets to 1 MiB (CVE-2021-3527)

Giuseppe Musacchio (1):
      target/ppc: Fix load endianness for lxvwsx/lxvdsx

Gollu Appalanaidu (1):
      hw/block/nvme: align with existing style

Greg Kurz (1):
      docs/system: Document the removal of "compat" property for POWER CPUs

Igor Mammedov (3):
      tests: acpi: prepare for changing DSDT tables
      acpi: pc: revert back to v5.2 PCI slot enumeration
      tests: acpi: pc: update expected DSDT blobs

Jason Wang (2):
      vhost-vdpa: don't initialize backend_features
      virtio-net: fix use after unmap/free for sg

Kevin Wolf (1):
      hmp: Fix loadvm to resume the VM on success instead of failure

Klaus Jensen (2):
      hw/nvme: fix missing check for PMR capability
      hw/nvme: fix pin-based interrupt behavior (again)

Kunkun Jiang (1):
      vfio: Fix unregister SaveVMHandler in vfio_migration_finalize

Leonardo Bras (1):
      yank: Unregister function when using TLS migration

Li Qiang (7):
      vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545)
      vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
      vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)
      vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544)
      vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544)
      vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544)
      vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546)

Li Zhijian (1):
      migration/rdma: Fix cm_event used before being initialized

Marcel Apfelbaum (3):
      hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
      pvrdma: Ensure correct input on ring init (CVE-2021-3607)
      pvrdma: Fix the ring init error flow (CVE-2021-3608)

Mark Cave-Ayland (2):
      esp: only assert INTR_DC interrupt flag if selection fails
      esp: only set ESP_RSEQ at the start of the select sequence

Markus Armbruster (1):
      hmp: Unbreak "change vnc"

Max Filippov (1):
      target/xtensa: fix access ring in l32ex

Nir Soffer (1):
      qemu-nbd: Change default cache mode to writeback

Paolo Bonzini (7):
      vl: allow not specifying size in -m when using -M memory-backend
      qemu-option: support accept-any QemuOptsList in qemu_opts_absorb_qdict
      qemu-config: load modules when instantiating option groups
      qemu-config: parse configuration files to a QDict
      vl: plumb keyval-based options into -readconfig
      vl: plug -object back into -readconfig
      configure: fix detection of gdbus-codegen

Pavel Pisa (1):
      hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is out of std CAN 8 bytes

Peng Liang (1):
      runstate: Initialize Error * to NULL

Peter Maydell (1):
      target/arm: Don't skip M-profile reset entirely in user mode

Philippe Mathieu-Daudé (11):
      hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field
      block/nvme: Fix VFIO_MAP_DMA failed: No space left on device
      crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper
      block/nbd: Use qcrypto_tls_creds_check_endpoint()
      qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
      chardev/socket: Use qcrypto_tls_creds_check_endpoint()
      migration/tls: Use qcrypto_tls_creds_check_endpoint()
      ui/vnc: Use qcrypto_tls_creds_check_endpoint()
      crypto: Make QCryptoTLSCreds* structures private
      hw/sd/sdcard: Document out-of-range addresses for SEND_WRITE_PROT
      hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30

Richard Henderson (4):
      linux-user/aarch64: Enable hwcap for RND, BTI, and MTE
      target/i386: Exit tb after wrmsr
      tcg/sparc: Fix temp_allocate_frame vs sparc stack bias
      tcg: Allocate sufficient storage in temp_allocate_frame

Stefan Hajnoczi (1):
      sockets: update SOCKET_ADDRESS_TYPE_FD listen(2) backlog

Stefan Reiter (1):
      monitor/qmp: fix race on CHR_EVENT_CLOSED without OOB

Zenghui Yu (1):
      multi-process: Initialize variables declared with g_auto*

Zhenzhong Duan (1):
      vl: Fix an assert failure in error path

 audio/audio.c                           |  10 +++
 block/nbd.c                             |   6 +-
 block/nvme.c                            |  22 ++++++
 blockdev-nbd.c                          |   6 +-
 chardev/char-socket.c                   |  18 ++---
 configure                               |   4 +-
 contrib/vhost-user-gpu/vhost-user-gpu.c |   7 ++
 contrib/vhost-user-gpu/virgl.c          |  17 ++++-
 crypto/tls-cipher-suites.c              |   7 ++
 crypto/tlscreds.c                       |  12 +++
 crypto/tlscredsanon.c                   |   2 +
 crypto/tlscredspriv.h                   |  45 +++++++++++
 crypto/tlscredspsk.c                    |   2 +
 crypto/tlscredsx509.c                   |   1 +
 crypto/tlssession.c                     |   1 +
 docs/system/removed-features.rst        |   6 ++
 docs/tools/qemu-nbd.rst                 |   6 +-
 hw/block/nvme-ns.c                      |   2 +-
 hw/block/nvme.c                         |  89 ++++++++++++++--------
 hw/block/nvme.h                         |   1 +
 hw/i386/acpi-build.c                    |   9 ++-
 hw/net/can/can_sja1000.c                |   8 ++
 hw/net/virtio-net.c                     |  39 ++++++++--
 hw/pci-host/q35.c                       |   3 +
 hw/rdma/vmw/pvrdma_cmd.c                |   7 ++
 hw/rdma/vmw/pvrdma_dev_ring.c           |   2 +-
 hw/rdma/vmw/pvrdma_main.c               |   5 ++
 hw/remote/memory.c                      |   5 +-
 hw/remote/proxy.c                       |   3 +-
 hw/scsi/esp.c                           |  13 +++-
 hw/sd/sd.c                              |   9 ++-
 hw/usb/combined-packet.c                |   4 +-
 hw/usb/dev-uas.c                        |  11 +++
 hw/usb/redirect.c                       |   6 +-
 hw/vfio/migration.c                     |   1 +
 hw/virtio/vhost-vdpa.c                  |   3 -
 hw/virtio/virtio-balloon.c              |  13 ++++
 hw/virtio/virtio-mem-pci.c              |   7 +-
 include/block/nvme.h                    |  10 +--
 include/block/qdict.h                   |   2 -
 include/crypto/tls-cipher-suites.h      |   6 --
 include/crypto/tlscreds.h               |  30 ++++----
 include/crypto/tlscredsanon.h           |  12 ---
 include/crypto/tlscredspsk.h            |  12 ---
 include/crypto/tlscredsx509.h           |  10 ---
 include/qapi/qmp/qdict.h                |   3 +
 include/qemu/config-file.h              |   7 +-
 linux-user/elfload.c                    |  13 ++++
 migration/channel.c                     |  26 ++++---
 migration/multifd.c                     |   3 +-
 migration/qemu-file-channel.c           |   4 +-
 migration/rdma.c                        |   1 -
 migration/tls.c                         |   6 +-
 monitor/hmp-cmds.c                      |   4 +-
 monitor/qmp.c                           |  40 +++++-----
 qemu-nbd.c                              |  25 +++---
 softmmu/runstate.c                      |   2 +-
 softmmu/vl.c                            | 130 +++++++++++++++++++++++---------
 stubs/meson.build                       |   1 +
 stubs/module-opts.c                     |   6 ++
 target/arm/cpu.c                        |  19 +++++
 target/i386/tcg/translate.c             |   2 +
 target/ppc/translate/vsx-impl.c.inc     |   4 +-
 target/xtensa/translate.c               |   2 +-
 tcg/sparc/tcg-target.c.inc              |  16 ++--
 tcg/tcg.c                               |  40 +++++++---
 tests/data/acpi/pc/DSDT                 | Bin 6002 -> 6002 bytes
 tests/data/acpi/pc/DSDT.acpihmat        | Bin 7327 -> 7327 bytes
 tests/data/acpi/pc/DSDT.bridge          | Bin 8668 -> 8668 bytes
 tests/data/acpi/pc/DSDT.cphp            | Bin 6466 -> 6466 bytes
 tests/data/acpi/pc/DSDT.dimmpxm         | Bin 7656 -> 7656 bytes
 tests/data/acpi/pc/DSDT.hpbridge        | Bin 5969 -> 5969 bytes
 tests/data/acpi/pc/DSDT.ipmikcs         | Bin 6074 -> 6074 bytes
 tests/data/acpi/pc/DSDT.memhp           | Bin 7361 -> 7361 bytes
 tests/data/acpi/pc/DSDT.nohpet          | Bin 5860 -> 5860 bytes
 tests/data/acpi/pc/DSDT.numamem         | Bin 6008 -> 6008 bytes
 ui/vnc.c                                |   7 +-
 util/qemu-config.c                      |  99 ++++++++++++++++--------
 util/qemu-option.c                      |   3 +-
 util/qemu-sockets.c                     |  29 +++++--
 80 files changed, 685 insertions(+), 301 deletions(-)
 create mode 100644 stubs/module-opts.c

Comments

Ani Sinha Oct. 19, 2021, 2:43 p.m. UTC | #1
On Tue, 19 Oct 2021, Michael Roth wrote:

> Hi everyone,
>
> The following new patches are queued for QEMU stable v6.0.1:
>
>   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
>
> Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
>
>   https://wiki.qemu.org/Planning/6.0
>
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should (or shouldn't) be included in the release.

I believe we should also include this patch:
https://lore.kernel.org/qemu-devel/20210916132838.3469580-2-ani@anisinha.ca/T/

It is also CC'd to qemu-stable@ but the patch itself was not tagged so (my
apologies for that).



>
> Thanks!
>
> ----------------------------------------------------------------
> David Hildenbrand (2):
>       virtio-balloon: don't start free page hinting if postcopy is possible
>       virtio-mem-pci: Fix memory leak when creating MEMORY_DEVICE_SIZE_CHANGE event
>
> Dr. David Alan Gilbert (1):
>       audio: Never send migration section
>
> Gerd Hoffmann (3):
>       uas: add stream number sanity checks.
>       usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
>       usb: limit combined packets to 1 MiB (CVE-2021-3527)
>
> Giuseppe Musacchio (1):
>       target/ppc: Fix load endianness for lxvwsx/lxvdsx
>
> Gollu Appalanaidu (1):
>       hw/block/nvme: align with existing style
>
> Greg Kurz (1):
>       docs/system: Document the removal of "compat" property for POWER CPUs
>
> Igor Mammedov (3):
>       tests: acpi: prepare for changing DSDT tables
>       acpi: pc: revert back to v5.2 PCI slot enumeration
>       tests: acpi: pc: update expected DSDT blobs
>
> Jason Wang (2):
>       vhost-vdpa: don't initialize backend_features
>       virtio-net: fix use after unmap/free for sg
>
> Kevin Wolf (1):
>       hmp: Fix loadvm to resume the VM on success instead of failure
>
> Klaus Jensen (2):
>       hw/nvme: fix missing check for PMR capability
>       hw/nvme: fix pin-based interrupt behavior (again)
>
> Kunkun Jiang (1):
>       vfio: Fix unregister SaveVMHandler in vfio_migration_finalize
>
> Leonardo Bras (1):
>       yank: Unregister function when using TLS migration
>
> Li Qiang (7):
>       vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545)
>       vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
>       vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)
>       vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544)
>       vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544)
>       vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544)
>       vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546)
>
> Li Zhijian (1):
>       migration/rdma: Fix cm_event used before being initialized
>
> Marcel Apfelbaum (3):
>       hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
>       pvrdma: Ensure correct input on ring init (CVE-2021-3607)
>       pvrdma: Fix the ring init error flow (CVE-2021-3608)
>
> Mark Cave-Ayland (2):
>       esp: only assert INTR_DC interrupt flag if selection fails
>       esp: only set ESP_RSEQ at the start of the select sequence
>
> Markus Armbruster (1):
>       hmp: Unbreak "change vnc"
>
> Max Filippov (1):
>       target/xtensa: fix access ring in l32ex
>
> Nir Soffer (1):
>       qemu-nbd: Change default cache mode to writeback
>
> Paolo Bonzini (7):
>       vl: allow not specifying size in -m when using -M memory-backend
>       qemu-option: support accept-any QemuOptsList in qemu_opts_absorb_qdict
>       qemu-config: load modules when instantiating option groups
>       qemu-config: parse configuration files to a QDict
>       vl: plumb keyval-based options into -readconfig
>       vl: plug -object back into -readconfig
>       configure: fix detection of gdbus-codegen
>
> Pavel Pisa (1):
>       hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is out of std CAN 8 bytes
>
> Peng Liang (1):
>       runstate: Initialize Error * to NULL
>
> Peter Maydell (1):
>       target/arm: Don't skip M-profile reset entirely in user mode
>
> Philippe Mathieu-Daudé (11):
>       hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field
>       block/nvme: Fix VFIO_MAP_DMA failed: No space left on device
>       crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper
>       block/nbd: Use qcrypto_tls_creds_check_endpoint()
>       qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
>       chardev/socket: Use qcrypto_tls_creds_check_endpoint()
>       migration/tls: Use qcrypto_tls_creds_check_endpoint()
>       ui/vnc: Use qcrypto_tls_creds_check_endpoint()
>       crypto: Make QCryptoTLSCreds* structures private
>       hw/sd/sdcard: Document out-of-range addresses for SEND_WRITE_PROT
>       hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30
>
> Richard Henderson (4):
>       linux-user/aarch64: Enable hwcap for RND, BTI, and MTE
>       target/i386: Exit tb after wrmsr
>       tcg/sparc: Fix temp_allocate_frame vs sparc stack bias
>       tcg: Allocate sufficient storage in temp_allocate_frame
>
> Stefan Hajnoczi (1):
>       sockets: update SOCKET_ADDRESS_TYPE_FD listen(2) backlog
>
> Stefan Reiter (1):
>       monitor/qmp: fix race on CHR_EVENT_CLOSED without OOB
>
> Zenghui Yu (1):
>       multi-process: Initialize variables declared with g_auto*
>
> Zhenzhong Duan (1):
>       vl: Fix an assert failure in error path
>
>  audio/audio.c                           |  10 +++
>  block/nbd.c                             |   6 +-
>  block/nvme.c                            |  22 ++++++
>  blockdev-nbd.c                          |   6 +-
>  chardev/char-socket.c                   |  18 ++---
>  configure                               |   4 +-
>  contrib/vhost-user-gpu/vhost-user-gpu.c |   7 ++
>  contrib/vhost-user-gpu/virgl.c          |  17 ++++-
>  crypto/tls-cipher-suites.c              |   7 ++
>  crypto/tlscreds.c                       |  12 +++
>  crypto/tlscredsanon.c                   |   2 +
>  crypto/tlscredspriv.h                   |  45 +++++++++++
>  crypto/tlscredspsk.c                    |   2 +
>  crypto/tlscredsx509.c                   |   1 +
>  crypto/tlssession.c                     |   1 +
>  docs/system/removed-features.rst        |   6 ++
>  docs/tools/qemu-nbd.rst                 |   6 +-
>  hw/block/nvme-ns.c                      |   2 +-
>  hw/block/nvme.c                         |  89 ++++++++++++++--------
>  hw/block/nvme.h                         |   1 +
>  hw/i386/acpi-build.c                    |   9 ++-
>  hw/net/can/can_sja1000.c                |   8 ++
>  hw/net/virtio-net.c                     |  39 ++++++++--
>  hw/pci-host/q35.c                       |   3 +
>  hw/rdma/vmw/pvrdma_cmd.c                |   7 ++
>  hw/rdma/vmw/pvrdma_dev_ring.c           |   2 +-
>  hw/rdma/vmw/pvrdma_main.c               |   5 ++
>  hw/remote/memory.c                      |   5 +-
>  hw/remote/proxy.c                       |   3 +-
>  hw/scsi/esp.c                           |  13 +++-
>  hw/sd/sd.c                              |   9 ++-
>  hw/usb/combined-packet.c                |   4 +-
>  hw/usb/dev-uas.c                        |  11 +++
>  hw/usb/redirect.c                       |   6 +-
>  hw/vfio/migration.c                     |   1 +
>  hw/virtio/vhost-vdpa.c                  |   3 -
>  hw/virtio/virtio-balloon.c              |  13 ++++
>  hw/virtio/virtio-mem-pci.c              |   7 +-
>  include/block/nvme.h                    |  10 +--
>  include/block/qdict.h                   |   2 -
>  include/crypto/tls-cipher-suites.h      |   6 --
>  include/crypto/tlscreds.h               |  30 ++++----
>  include/crypto/tlscredsanon.h           |  12 ---
>  include/crypto/tlscredspsk.h            |  12 ---
>  include/crypto/tlscredsx509.h           |  10 ---
>  include/qapi/qmp/qdict.h                |   3 +
>  include/qemu/config-file.h              |   7 +-
>  linux-user/elfload.c                    |  13 ++++
>  migration/channel.c                     |  26 ++++---
>  migration/multifd.c                     |   3 +-
>  migration/qemu-file-channel.c           |   4 +-
>  migration/rdma.c                        |   1 -
>  migration/tls.c                         |   6 +-
>  monitor/hmp-cmds.c                      |   4 +-
>  monitor/qmp.c                           |  40 +++++-----
>  qemu-nbd.c                              |  25 +++---
>  softmmu/runstate.c                      |   2 +-
>  softmmu/vl.c                            | 130 +++++++++++++++++++++++---------
>  stubs/meson.build                       |   1 +
>  stubs/module-opts.c                     |   6 ++
>  target/arm/cpu.c                        |  19 +++++
>  target/i386/tcg/translate.c             |   2 +
>  target/ppc/translate/vsx-impl.c.inc     |   4 +-
>  target/xtensa/translate.c               |   2 +-
>  tcg/sparc/tcg-target.c.inc              |  16 ++--
>  tcg/tcg.c                               |  40 +++++++---
>  tests/data/acpi/pc/DSDT                 | Bin 6002 -> 6002 bytes
>  tests/data/acpi/pc/DSDT.acpihmat        | Bin 7327 -> 7327 bytes
>  tests/data/acpi/pc/DSDT.bridge          | Bin 8668 -> 8668 bytes
>  tests/data/acpi/pc/DSDT.cphp            | Bin 6466 -> 6466 bytes
>  tests/data/acpi/pc/DSDT.dimmpxm         | Bin 7656 -> 7656 bytes
>  tests/data/acpi/pc/DSDT.hpbridge        | Bin 5969 -> 5969 bytes
>  tests/data/acpi/pc/DSDT.ipmikcs         | Bin 6074 -> 6074 bytes
>  tests/data/acpi/pc/DSDT.memhp           | Bin 7361 -> 7361 bytes
>  tests/data/acpi/pc/DSDT.nohpet          | Bin 5860 -> 5860 bytes
>  tests/data/acpi/pc/DSDT.numamem         | Bin 6008 -> 6008 bytes
>  ui/vnc.c                                |   7 +-
>  util/qemu-config.c                      |  99 ++++++++++++++++--------
>  util/qemu-option.c                      |   3 +-
>  util/qemu-sockets.c                     |  29 +++++--
>  80 files changed, 685 insertions(+), 301 deletions(-)
>  create mode 100644 stubs/module-opts.c
>
>
>
>
Michael S. Tsirkin Oct. 19, 2021, 2:45 p.m. UTC | #2
On Tue, Oct 19, 2021 at 08:13:52PM +0530, Ani Sinha wrote:
> 
> 
> On Tue, 19 Oct 2021, Michael Roth wrote:
> 
> > Hi everyone,
> >
> > The following new patches are queued for QEMU stable v6.0.1:
> >
> >   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> >
> > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> >
> >   https://wiki.qemu.org/Planning/6.0
> >
> > Please respond here or CC qemu-stable@nongnu.org on any additional patches
> > you think should (or shouldn't) be included in the release.
> 
> I believe we should also include this patch:
> https://lore.kernel.org/qemu-devel/20210916132838.3469580-2-ani@anisinha.ca/T/
> 
> It is also CC'd to qemu-stable@ but the patch itself was not tagged so (my
> apologies for that).


I concur.


> 
> 
> >
> > Thanks!
> >
> > ----------------------------------------------------------------
> > David Hildenbrand (2):
> >       virtio-balloon: don't start free page hinting if postcopy is possible
> >       virtio-mem-pci: Fix memory leak when creating MEMORY_DEVICE_SIZE_CHANGE event
> >
> > Dr. David Alan Gilbert (1):
> >       audio: Never send migration section
> >
> > Gerd Hoffmann (3):
> >       uas: add stream number sanity checks.
> >       usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
> >       usb: limit combined packets to 1 MiB (CVE-2021-3527)
> >
> > Giuseppe Musacchio (1):
> >       target/ppc: Fix load endianness for lxvwsx/lxvdsx
> >
> > Gollu Appalanaidu (1):
> >       hw/block/nvme: align with existing style
> >
> > Greg Kurz (1):
> >       docs/system: Document the removal of "compat" property for POWER CPUs
> >
> > Igor Mammedov (3):
> >       tests: acpi: prepare for changing DSDT tables
> >       acpi: pc: revert back to v5.2 PCI slot enumeration
> >       tests: acpi: pc: update expected DSDT blobs
> >
> > Jason Wang (2):
> >       vhost-vdpa: don't initialize backend_features
> >       virtio-net: fix use after unmap/free for sg
> >
> > Kevin Wolf (1):
> >       hmp: Fix loadvm to resume the VM on success instead of failure
> >
> > Klaus Jensen (2):
> >       hw/nvme: fix missing check for PMR capability
> >       hw/nvme: fix pin-based interrupt behavior (again)
> >
> > Kunkun Jiang (1):
> >       vfio: Fix unregister SaveVMHandler in vfio_migration_finalize
> >
> > Leonardo Bras (1):
> >       yank: Unregister function when using TLS migration
> >
> > Li Qiang (7):
> >       vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545)
> >       vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
> >       vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)
> >       vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544)
> >       vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544)
> >       vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544)
> >       vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546)
> >
> > Li Zhijian (1):
> >       migration/rdma: Fix cm_event used before being initialized
> >
> > Marcel Apfelbaum (3):
> >       hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
> >       pvrdma: Ensure correct input on ring init (CVE-2021-3607)
> >       pvrdma: Fix the ring init error flow (CVE-2021-3608)
> >
> > Mark Cave-Ayland (2):
> >       esp: only assert INTR_DC interrupt flag if selection fails
> >       esp: only set ESP_RSEQ at the start of the select sequence
> >
> > Markus Armbruster (1):
> >       hmp: Unbreak "change vnc"
> >
> > Max Filippov (1):
> >       target/xtensa: fix access ring in l32ex
> >
> > Nir Soffer (1):
> >       qemu-nbd: Change default cache mode to writeback
> >
> > Paolo Bonzini (7):
> >       vl: allow not specifying size in -m when using -M memory-backend
> >       qemu-option: support accept-any QemuOptsList in qemu_opts_absorb_qdict
> >       qemu-config: load modules when instantiating option groups
> >       qemu-config: parse configuration files to a QDict
> >       vl: plumb keyval-based options into -readconfig
> >       vl: plug -object back into -readconfig
> >       configure: fix detection of gdbus-codegen
> >
> > Pavel Pisa (1):
> >       hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is out of std CAN 8 bytes
> >
> > Peng Liang (1):
> >       runstate: Initialize Error * to NULL
> >
> > Peter Maydell (1):
> >       target/arm: Don't skip M-profile reset entirely in user mode
> >
> > Philippe Mathieu-Daudé (11):
> >       hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field
> >       block/nvme: Fix VFIO_MAP_DMA failed: No space left on device
> >       crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper
> >       block/nbd: Use qcrypto_tls_creds_check_endpoint()
> >       qemu-nbd: Use qcrypto_tls_creds_check_endpoint()
> >       chardev/socket: Use qcrypto_tls_creds_check_endpoint()
> >       migration/tls: Use qcrypto_tls_creds_check_endpoint()
> >       ui/vnc: Use qcrypto_tls_creds_check_endpoint()
> >       crypto: Make QCryptoTLSCreds* structures private
> >       hw/sd/sdcard: Document out-of-range addresses for SEND_WRITE_PROT
> >       hw/sd/sdcard: Fix assertion accessing out-of-range addresses with CMD30
> >
> > Richard Henderson (4):
> >       linux-user/aarch64: Enable hwcap for RND, BTI, and MTE
> >       target/i386: Exit tb after wrmsr
> >       tcg/sparc: Fix temp_allocate_frame vs sparc stack bias
> >       tcg: Allocate sufficient storage in temp_allocate_frame
> >
> > Stefan Hajnoczi (1):
> >       sockets: update SOCKET_ADDRESS_TYPE_FD listen(2) backlog
> >
> > Stefan Reiter (1):
> >       monitor/qmp: fix race on CHR_EVENT_CLOSED without OOB
> >
> > Zenghui Yu (1):
> >       multi-process: Initialize variables declared with g_auto*
> >
> > Zhenzhong Duan (1):
> >       vl: Fix an assert failure in error path
> >
> >  audio/audio.c                           |  10 +++
> >  block/nbd.c                             |   6 +-
> >  block/nvme.c                            |  22 ++++++
> >  blockdev-nbd.c                          |   6 +-
> >  chardev/char-socket.c                   |  18 ++---
> >  configure                               |   4 +-
> >  contrib/vhost-user-gpu/vhost-user-gpu.c |   7 ++
> >  contrib/vhost-user-gpu/virgl.c          |  17 ++++-
> >  crypto/tls-cipher-suites.c              |   7 ++
> >  crypto/tlscreds.c                       |  12 +++
> >  crypto/tlscredsanon.c                   |   2 +
> >  crypto/tlscredspriv.h                   |  45 +++++++++++
> >  crypto/tlscredspsk.c                    |   2 +
> >  crypto/tlscredsx509.c                   |   1 +
> >  crypto/tlssession.c                     |   1 +
> >  docs/system/removed-features.rst        |   6 ++
> >  docs/tools/qemu-nbd.rst                 |   6 +-
> >  hw/block/nvme-ns.c                      |   2 +-
> >  hw/block/nvme.c                         |  89 ++++++++++++++--------
> >  hw/block/nvme.h                         |   1 +
> >  hw/i386/acpi-build.c                    |   9 ++-
> >  hw/net/can/can_sja1000.c                |   8 ++
> >  hw/net/virtio-net.c                     |  39 ++++++++--
> >  hw/pci-host/q35.c                       |   3 +
> >  hw/rdma/vmw/pvrdma_cmd.c                |   7 ++
> >  hw/rdma/vmw/pvrdma_dev_ring.c           |   2 +-
> >  hw/rdma/vmw/pvrdma_main.c               |   5 ++
> >  hw/remote/memory.c                      |   5 +-
> >  hw/remote/proxy.c                       |   3 +-
> >  hw/scsi/esp.c                           |  13 +++-
> >  hw/sd/sd.c                              |   9 ++-
> >  hw/usb/combined-packet.c                |   4 +-
> >  hw/usb/dev-uas.c                        |  11 +++
> >  hw/usb/redirect.c                       |   6 +-
> >  hw/vfio/migration.c                     |   1 +
> >  hw/virtio/vhost-vdpa.c                  |   3 -
> >  hw/virtio/virtio-balloon.c              |  13 ++++
> >  hw/virtio/virtio-mem-pci.c              |   7 +-
> >  include/block/nvme.h                    |  10 +--
> >  include/block/qdict.h                   |   2 -
> >  include/crypto/tls-cipher-suites.h      |   6 --
> >  include/crypto/tlscreds.h               |  30 ++++----
> >  include/crypto/tlscredsanon.h           |  12 ---
> >  include/crypto/tlscredspsk.h            |  12 ---
> >  include/crypto/tlscredsx509.h           |  10 ---
> >  include/qapi/qmp/qdict.h                |   3 +
> >  include/qemu/config-file.h              |   7 +-
> >  linux-user/elfload.c                    |  13 ++++
> >  migration/channel.c                     |  26 ++++---
> >  migration/multifd.c                     |   3 +-
> >  migration/qemu-file-channel.c           |   4 +-
> >  migration/rdma.c                        |   1 -
> >  migration/tls.c                         |   6 +-
> >  monitor/hmp-cmds.c                      |   4 +-
> >  monitor/qmp.c                           |  40 +++++-----
> >  qemu-nbd.c                              |  25 +++---
> >  softmmu/runstate.c                      |   2 +-
> >  softmmu/vl.c                            | 130 +++++++++++++++++++++++---------
> >  stubs/meson.build                       |   1 +
> >  stubs/module-opts.c                     |   6 ++
> >  target/arm/cpu.c                        |  19 +++++
> >  target/i386/tcg/translate.c             |   2 +
> >  target/ppc/translate/vsx-impl.c.inc     |   4 +-
> >  target/xtensa/translate.c               |   2 +-
> >  tcg/sparc/tcg-target.c.inc              |  16 ++--
> >  tcg/tcg.c                               |  40 +++++++---
> >  tests/data/acpi/pc/DSDT                 | Bin 6002 -> 6002 bytes
> >  tests/data/acpi/pc/DSDT.acpihmat        | Bin 7327 -> 7327 bytes
> >  tests/data/acpi/pc/DSDT.bridge          | Bin 8668 -> 8668 bytes
> >  tests/data/acpi/pc/DSDT.cphp            | Bin 6466 -> 6466 bytes
> >  tests/data/acpi/pc/DSDT.dimmpxm         | Bin 7656 -> 7656 bytes
> >  tests/data/acpi/pc/DSDT.hpbridge        | Bin 5969 -> 5969 bytes
> >  tests/data/acpi/pc/DSDT.ipmikcs         | Bin 6074 -> 6074 bytes
> >  tests/data/acpi/pc/DSDT.memhp           | Bin 7361 -> 7361 bytes
> >  tests/data/acpi/pc/DSDT.nohpet          | Bin 5860 -> 5860 bytes
> >  tests/data/acpi/pc/DSDT.numamem         | Bin 6008 -> 6008 bytes
> >  ui/vnc.c                                |   7 +-
> >  util/qemu-config.c                      |  99 ++++++++++++++++--------
> >  util/qemu-option.c                      |   3 +-
> >  util/qemu-sockets.c                     |  29 +++++--
> >  80 files changed, 685 insertions(+), 301 deletions(-)
> >  create mode 100644 stubs/module-opts.c
> >
> >
> >
> >
Christian Schoenebeck Oct. 19, 2021, 2:52 p.m. UTC | #3
On Dienstag, 19. Oktober 2021 16:08:40 CEST Michael Roth wrote:
> Hi everyone,
> 
> The following new patches are queued for QEMU stable v6.0.1:
> 
>   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> 
> Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> 
>   https://wiki.qemu.org/Planning/6.0
> 
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should (or shouldn't) be included in the release.
> 
> Thanks!

Hi Micheal,

I think the following 9p fix is yet missing:

f83df00900816476cca41bb536e4d532b297d76e 9pfs: fix crash in v9fs_walk()

Best regards,
Christian Schoenebeck
Greg Kurz Oct. 19, 2021, 3:26 p.m. UTC | #4
On Tue, 19 Oct 2021 16:52:37 +0200
Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:

> On Dienstag, 19. Oktober 2021 16:08:40 CEST Michael Roth wrote:
> > Hi everyone,
> > 
> > The following new patches are queued for QEMU stable v6.0.1:
> > 
> >   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> > 
> > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> > 
> >   https://wiki.qemu.org/Planning/6.0
> > 
> > Please respond here or CC qemu-stable@nongnu.org on any additional patches
> > you think should (or shouldn't) be included in the release.
> > 
> > Thanks!
> 
> Hi Micheal,
> 
> I think the following 9p fix is yet missing:
> 
> f83df00900816476cca41bb536e4d532b297d76e 9pfs: fix crash in v9fs_walk()
> 

No, this commit fixes 8d6cb100731c ("9pfs: reduce latency of Twalk")
which was merged in QEMU 6.1. This is a good candidate for the upcoming
QEMU 6.1.1 though :-)

> Best regards,
> Christian Schoenebeck
> 
>
Christian Schoenebeck Oct. 19, 2021, 3:37 p.m. UTC | #5
On Dienstag, 19. Oktober 2021 17:26:38 CEST Greg Kurz wrote:
> On Tue, 19 Oct 2021 16:52:37 +0200
> 
> Christian Schoenebeck <qemu_oss@crudebyte.com> wrote:
> > On Dienstag, 19. Oktober 2021 16:08:40 CEST Michael Roth wrote:
> > > Hi everyone,
> > > 
> > > The following new patches are queued for QEMU stable v6.0.1:
> > >   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> > > 
> > > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> > >   https://wiki.qemu.org/Planning/6.0
> > > 
> > > Please respond here or CC qemu-stable@nongnu.org on any additional
> > > patches
> > > you think should (or shouldn't) be included in the release.
> > > 
> > > Thanks!
> > 
> > Hi Micheal,
> > 
> > I think the following 9p fix is yet missing:
> > 
> > f83df00900816476cca41bb536e4d532b297d76e 9pfs: fix crash in v9fs_walk()
> 
> No, this commit fixes 8d6cb100731c ("9pfs: reduce latency of Twalk")
> which was merged in QEMU 6.1. This is a good candidate for the upcoming
> QEMU 6.1.1 though :-)

Aah, right! Yeah, sorry for the noise! :)

Best regards,
Christian Schoenebeck
Michael Roth Oct. 19, 2021, 6:22 p.m. UTC | #6
Quoting Ani Sinha (2021-10-19 09:43:52)
> 
> 
> On Tue, 19 Oct 2021, Michael Roth wrote:
> 
> > Hi everyone,
> >
> > The following new patches are queued for QEMU stable v6.0.1:
> >
> >   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> >
> > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> >
> >   https://wiki.qemu.org/Planning/6.0
> >
> > Please respond here or CC qemu-stable@nongnu.org on any additional patches
> > you think should (or shouldn't) be included in the release.
> 
> I believe we should also include this patch:
> https://lore.kernel.org/qemu-devel/20210916132838.3469580-2-ani@anisinha.ca/T/
> 
> It is also CC'd to qemu-stable@ but the patch itself was not tagged so (my
> apologies for that).

It looks like this patch is a fix for:

  commit caf108bc587908f7608729f39639dccdfa53010b
  Author: Julia Suvorova <jusual@redhat.com>
  Date:   Tue Jul 13 02:42:00 2021 +0200
  
      hw/i386/acpi-build: Add ACPI PCI hot-plug methods to Q35

which is in 6.1.0, but not 6.0.0, so it didn't seem like it was needed
for 6.0.1. Let me know if that's incorrect.

Will definitely pull it in for 6.1.1 though.
Ani Sinha Oct. 19, 2021, 11:05 p.m. UTC | #7
On Tue, Oct 19, 2021 at 23:53 Michael Roth <michael.roth@amd.com> wrote:

> Quoting Ani Sinha (2021-10-19 09:43:52)
> >
> >
> > On Tue, 19 Oct 2021, Michael Roth wrote:
> >
> > > Hi everyone,
> > >
> > > The following new patches are queued for QEMU stable v6.0.1:
> > >
> > >   https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/
> > >
> > > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28:
> > >
> > >   https://wiki.qemu.org/Planning/6.0
> > >
> > > Please respond here or CC qemu-stable@nongnu.org on any additional
> patches
> > > you think should (or shouldn't) be included in the release.
> >
> > I believe we should also include this patch:
> >
> https://lore.kernel.org/qemu-devel/20210916132838.3469580-2-ani@anisinha.ca/T/
> >
> > It is also CC'd to qemu-stable@ but the patch itself was not tagged so
> (my
> > apologies for that).
>
> It looks like this patch is a fix for:
>
>   commit caf108bc587908f7608729f39639dccdfa53010b
>   Author: Julia Suvorova <jusual@redhat.com>
>   Date:   Tue Jul 13 02:42:00 2021 +0200
>
>       hw/i386/acpi-build: Add ACPI PCI hot-plug methods to Q35
>
> which is in 6.1.0, but not 6.0.0, so it didn't seem like it was needed
> for 6.0.1. Let me know if that's incorrect.
>
> Will definitely pull it in for 6.1.1 though.


Yes you are correct. This should be pulled in for 6.1.1 and not 6.0.1. In
fact for 6.0.1 there will likely be a conflict and the patch won’t apply.
Apologies for the noise.

>
>