Most relevant are some fixes for VirtIO and for ARM and i386
emulation. There also is a fix for VGA display to fix screen blanking,
which fixes: https://bugzilla.proxmox.com/show_bug.cgi?id=4786
Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
---
...d-support-for-sync-bitmap-mode-never.patch | 10 +-
...race-with-clients-disconnecting-earl.patch | 4 +-
...io-pci-fix-use-of-a-released-vector.patch} | 8 +-
.../0006-virtio-gpu-fix-v2-migration.patch | 98 -------
...0007-hw-pflash-fix-block-write-start.patch | 59 -----
...operand-size-for-DATA16-REX.W-POPCNT.patch | 51 ----
...ru-wrpkru-are-no-prefix-instructions.patch | 40 ---
...6-fix-feature-dependency-for-WAITPKG.patch | 33 ---
...move-compatibility-flags-for-VirtIO-.patch | 57 -----
...t-monitor-use-aio_co_reschedule_self.patch | 53 ----
...ict-translation-disabled-alignment-c.patch | 51 ----
...-IRQs-a-chance-when-resetting-HF_INH.patch | 80 ------
...r-v-Correct-kvm_hv_handle_exit-retur.patch | 60 -----
...86-disable-jmp_opt-if-EFLAGS.RF-is-1.patch | 31 ---
...ingle-step-exception-after-MOV-or-PO.patch | 30 ---
...n-t-open-data_file-with-BDRV_O_NO_IO.patch | 107 --------
...names-only-when-explicitly-requested.patch | 241 ------------------
...le-posix-make-locking-optiono-on-cre.patch | 6 +-
...ckup-Proxmox-backup-patches-for-QEMU.patch | 2 +-
...k-driver-to-map-backup-archives-into.patch | 8 +-
...igrate-dirty-bitmap-state-via-savevm.patch | 2 +-
...-backup-add-discard-source-parameter.patch | 2 +-
...e-allow-specifying-minimum-cluster-s.patch | 4 +-
...um-cluster-size-to-performance-optio.patch | 2 +-
.../0050-PVE-backup-add-fleecing-option.patch | 2 +-
debian/patches/series | 16 +-
26 files changed, 26 insertions(+), 1031 deletions(-)
rename
debian/patches/extra/{0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
=> 0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch} (93%)
delete mode 100644 debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
delete mode 100644
debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
delete mode 100644
debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
delete mode 100644
debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
delete mode 100644
debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
delete mode 100644
debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
delete mode 100644
debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
delete mode 100644
debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
delete mode 100644
debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
delete mode 100644
debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
delete mode 100644
debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
delete mode 100644
debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
delete mode 100644
debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
delete mode 100644
debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
diff --git
a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
index 6789ac5..392b8a2 100644
---
a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
+++
b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
@@ -364,10 +364,10 @@ index d2201e27f4..cc1387ae02 100644
BlockdevOnError on_source_error,
BlockdevOnError on_target_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 746d1694c2..45ab548dfe 100644
+index 4b18e01b85..0902b0a024 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -2174,6 +2174,15 @@
+@@ -2170,6 +2170,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -383,7 +383,7 @@ index 746d1694c2..45ab548dfe 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2216,7 +2225,9 @@
+@@ -2212,7 +2221,9 @@
{ 'struct': 'DriveMirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*format': 'str', '*node-name': 'str', '*replaces': 'str',
@@ -394,7 +394,7 @@ index 746d1694c2..45ab548dfe 100644
'*speed': 'int', '*granularity': 'uint32',
'*buf-size': 'int', '*on-source-error': 'BlockdevOnError',
'*on-target-error': 'BlockdevOnError',
-@@ -2496,6 +2507,15 @@
+@@ -2492,6 +2503,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -410,7 +410,7 @@ index 746d1694c2..45ab548dfe 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2544,7 +2564,8 @@
+@@ -2540,7 +2560,8 @@
{ 'command': 'blockdev-mirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*replaces': 'str',
diff --git
a/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
b/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
index 54f0631..45e7f87 100644
---
a/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
+++
b/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
@@ -144,7 +144,7 @@ index a239945e8d..589c9524f8 100644
monitor_qmp_caps_reset(mon);
data = qmp_greeting(mon);
diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c
-index f3488afeef..2624eb3470 100644
+index 176b549473..790bb7d1da 100644
--- a/qapi/qmp-dispatch.c
+++ b/qapi/qmp-dispatch.c
@@ -117,16 +117,28 @@ typedef struct QmpDispatchBH {
@@ -180,7 +180,7 @@ index f3488afeef..2624eb3470 100644
aio_co_wake(data->co);
}
-@@ -250,6 +262,7 @@ QDict *coroutine_mixed_fn qmp_dispatch(const
QmpCommandList *cmds, QObject *requ
+@@ -253,6 +265,7 @@ QDict *coroutine_mixed_fn qmp_dispatch(const
QmpCommandList *cmds, QObject *requ
.ret = &ret,
.errp = &err,
.co = qemu_coroutine_self(),
diff --git
a/debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
b/debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
similarity index 93%
rename from
debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
rename to
debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
index 2826b9b..d2de6d1 100644
---
a/debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
+++
b/debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
@@ -24,10 +24,10 @@ Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
1 file changed, 2 insertions(+), 35 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
-index cb159fd078..cb6940fc0e 100644
+index e04218a9fb..fd66713848 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
-@@ -1424,38 +1424,6 @@ static int virtio_pci_add_mem_cap(VirtIOPCIProxy *proxy,
+@@ -1410,38 +1410,6 @@ static int virtio_pci_add_mem_cap(VirtIOPCIProxy *proxy,
return offset;
}
@@ -66,7 +66,7 @@ index cb159fd078..cb6940fc0e 100644
int virtio_pci_add_shm_cap(VirtIOPCIProxy *proxy,
uint8_t bar, uint64_t offset, uint64_t length,
uint8_t id)
-@@ -1602,8 +1570,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr
addr,
+@@ -1588,8 +1556,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr
addr,
} else {
val = VIRTIO_NO_VECTOR;
}
@@ -76,7 +76,7 @@ index cb159fd078..cb6940fc0e 100644
break;
case VIRTIO_PCI_COMMON_STATUS:
if (!(val & VIRTIO_CONFIG_S_DRIVER_OK)) {
-@@ -1643,7 +1610,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr
addr,
+@@ -1629,7 +1596,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr
addr,
} else {
val = VIRTIO_NO_VECTOR;
}
diff --git a/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
b/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
deleted file mode 100644
index 132baed..0000000
--- a/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lur...@redhat.com>
-Date: Thu, 16 May 2024 12:40:22 +0400
-Subject: [PATCH] virtio-gpu: fix v2 migration
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Commit dfcf74fa ("virtio-gpu: fix scanout migration post-load") broke
-forward/backward version migration. Versioning of nested VMSD structures
-is not straightforward, as the wire format doesn't have nested
-structures versions. Introduce x-scanout-vmstate-version and a field
-test to save/load appropriately according to the machine version.
-
-Fixes: dfcf74fa ("virtio-gpu: fix scanout migration post-load")
-Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com>
-Signed-off-by: Peter Xu <pet...@redhat.com>
----
- hw/core/machine.c | 1 +
- hw/display/virtio-gpu.c | 24 ++++++++++++++++--------
- include/hw/virtio/virtio-gpu.h | 1 +
- 3 files changed, 18 insertions(+), 8 deletions(-)
-
-diff --git a/hw/core/machine.c b/hw/core/machine.c
-index 37ede0e7d4..d33a37a6f6 100644
---- a/hw/core/machine.c
-+++ b/hw/core/machine.c
-@@ -37,6 +37,7 @@ GlobalProperty hw_compat_8_2[] = {
- { "migration", "zero-page-detection", "legacy"},
- { TYPE_VIRTIO_IOMMU_PCI, "granule", "4k" },
- { TYPE_VIRTIO_IOMMU_PCI, "aw-bits", "64" },
-+ { "virtio-gpu-device", "x-scanout-vmstate-version", "1" },
- };
- const size_t hw_compat_8_2_len = G_N_ELEMENTS(hw_compat_8_2);
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index ae831b6b3e..85323daf99 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -1166,10 +1166,17 @@ static void virtio_gpu_cursor_bh(void *opaque)
- virtio_gpu_handle_cursor(&g->parent_obj.parent_obj, g->cursor_vq);
- }
-
-+static bool scanout_vmstate_after_v2(void *opaque, int version)
-+{
-+ struct VirtIOGPUBase *base = container_of(opaque, VirtIOGPUBase, scanout);
-+ struct VirtIOGPU *gpu = container_of(base, VirtIOGPU, parent_obj);
-+
-+ return gpu->scanout_vmstate_version >= 2;
-+}
-+
- static const VMStateDescription vmstate_virtio_gpu_scanout = {
- .name = "virtio-gpu-one-scanout",
-- .version_id = 2,
-- .minimum_version_id = 1,
-+ .version_id = 1,
- .fields = (const VMStateField[]) {
- VMSTATE_UINT32(resource_id, struct virtio_gpu_scanout),
- VMSTATE_UINT32(width, struct virtio_gpu_scanout),
-@@ -1181,12 +1188,12 @@ static const VMStateDescription
vmstate_virtio_gpu_scanout = {
- VMSTATE_UINT32(cursor.hot_y, struct virtio_gpu_scanout),
- VMSTATE_UINT32(cursor.pos.x, struct virtio_gpu_scanout),
- VMSTATE_UINT32(cursor.pos.y, struct virtio_gpu_scanout),
-- VMSTATE_UINT32_V(fb.format, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.bytes_pp, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.width, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.height, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.stride, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.offset, struct virtio_gpu_scanout, 2),
-+ VMSTATE_UINT32_TEST(fb.format, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.bytes_pp, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.width, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.height, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.stride, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.offset, struct virtio_gpu_scanout,
scanout_vmstate_after_v2),
- VMSTATE_END_OF_LIST()
- },
- };
-@@ -1659,6 +1666,7 @@ static Property virtio_gpu_properties[] = {
- DEFINE_PROP_BIT("blob", VirtIOGPU, parent_obj.conf.flags,
- VIRTIO_GPU_FLAG_BLOB_ENABLED, false),
- DEFINE_PROP_SIZE("hostmem", VirtIOGPU, parent_obj.conf.hostmem, 0),
-+ DEFINE_PROP_UINT8("x-scanout-vmstate-version", VirtIOGPU,
scanout_vmstate_version, 2),
- DEFINE_PROP_END_OF_LIST(),
- };
-
-diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h
-index ed44cdad6b..842315d51d 100644
---- a/include/hw/virtio/virtio-gpu.h
-+++ b/include/hw/virtio/virtio-gpu.h
-@@ -177,6 +177,7 @@ typedef struct VGPUDMABuf {
- struct VirtIOGPU {
- VirtIOGPUBase parent_obj;
-
-+ uint8_t scanout_vmstate_version;
- uint64_t conf_max_hostmem;
-
- VirtQueue *ctrl_vq;
diff --git a/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
b/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
deleted file mode 100644
index b53570b..0000000
--- a/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kra...@redhat.com>
-Date: Thu, 16 May 2024 10:46:34 +0200
-Subject: [PATCH] hw/pflash: fix block write start
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Move the pflash_blk_write_start() call. We need the offset of the
-first data write, not the offset for the setup (number-of-bytes)
-write. Without this fix u-boot can do block writes to the first
-flash block only.
-
-While being at it drop a leftover FIXME.
-
-Cc: qemu-sta...@nongnu.org
-Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2343
-Fixes: fcc79f2e0955 ("hw/pflash: implement update buffer for block writes")
-Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
-Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
-(picked up from
https://lists.nongnu.org/archive/html/qemu-stable/2024-05/msg00091.html)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- hw/block/pflash_cfi01.c | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c
-index 1bda8424b9..c8f1cf5a87 100644
---- a/hw/block/pflash_cfi01.c
-+++ b/hw/block/pflash_cfi01.c
-@@ -518,10 +518,6 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- break;
- case 0xe8: /* Write to buffer */
- trace_pflash_write(pfl->name, "write to buffer");
-- /* FIXME should save @offset, @width for case 1+ */
-- qemu_log_mask(LOG_UNIMP,
-- "%s: Write to buffer emulation is flawed\n",
-- __func__);
- pfl->status |= 0x80; /* Ready! */
- break;
- case 0xf0: /* Probe for AMD flash */
-@@ -574,7 +570,6 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- }
- pfl->counter = value;
- pfl->wcycle++;
-- pflash_blk_write_start(pfl, offset);
- break;
- case 0x60:
- if (cmd == 0xd0) {
-@@ -605,6 +600,9 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- switch (pfl->cmd) {
- case 0xe8: /* Block write */
- /* FIXME check @offset, @width */
-+ if (pfl->blk_offset == -1 && pfl->counter) {
-+ pflash_blk_write_start(pfl, offset);
-+ }
- if (!pfl->ro && (pfl->blk_offset != -1)) {
- pflash_data_write(pfl, offset, value, width, be);
- } else {
diff --git
a/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
b/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
deleted file mode 100644
index d10cbbc..0000000
---
a/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonz...@redhat.com>
-Date: Thu, 9 May 2024 12:38:10 +0200
-Subject: [PATCH] target/i386: fix operand size for DATA16 REX.W POPCNT
-
-According to the manual, 32-bit vs 64-bit is governed by REX.W
-and REX ignores the 0x66 prefix. This can be confirmed with this
-program:
-
- #include <stdio.h>
- int main()
- {
- int x = 0x12340000;
- int y;
- asm("popcntl %1, %0" : "=r" (y) : "r" (x)); printf("%x\n", y);
- asm("mov $-1, %0; .byte 0x66; popcntl %1, %0" : "+r" (y) : "r" (x));
printf("%x\n", y);
- asm("mov $-1, %0; .byte 0x66; popcntq %q1, %q0" : "+r" (y) : "r" (x));
printf("%x\n", y);
- }
-
-which prints 5/ffff0000/5 on real hardware and 5/ffff0000/ffff0000
-on QEMU.
-
-Cc: qemu-sta...@nongnu.org
-Reviewed-by: Zhao Liu <zhao1....@intel.com>
-Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit 41c685dc59bb611096f3bb6a663cfa82e4cba97b)
-[FE: keep mo_64_32 helper which still has other users in 9.0.0]
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/tcg/translate.c | 7 +------
- 1 file changed, 1 insertion(+), 6 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index 76a42c679c..b60f3bd642 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6799,12 +6799,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
-
-- if (s->prefix & PREFIX_DATA) {
-- ot = MO_16;
-- } else {
-- ot = mo_64_32(dflag);
-- }
--
-+ ot = dflag;
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_extu(ot, s->T0);
- tcg_gen_mov_tl(cpu_cc_src, s->T0);
diff --git
a/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
b/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
deleted file mode 100644
index eb42f84..0000000
---
a/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonz...@redhat.com>
-Date: Thu, 9 May 2024 15:55:47 +0200
-Subject: [PATCH] target/i386: rdpkru/wrpkru are no-prefix instructions
-
-Reject 0x66/0xf3/0xf2 in front of them.
-
-Cc: qemu-sta...@nongnu.org
-Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit 40a3ec7b5ffde500789d016660a171057d6b467c)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/tcg/translate.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index b60f3bd642..3e949fe964 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6083,7 +6083,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
- break;
- case 0xee: /* rdpkru */
-- if (prefixes & PREFIX_LOCK) {
-+ if (s->prefix & (PREFIX_LOCK | PREFIX_DATA
-+ | PREFIX_REPZ | PREFIX_REPNZ)) {
- goto illegal_op;
- }
- tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_ECX]);
-@@ -6091,7 +6092,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- tcg_gen_extr_i64_tl(cpu_regs[R_EAX], cpu_regs[R_EDX],
s->tmp1_i64);
- break;
- case 0xef: /* wrpkru */
-- if (prefixes & PREFIX_LOCK) {
-+ if (s->prefix & (PREFIX_LOCK | PREFIX_DATA
-+ | PREFIX_REPZ | PREFIX_REPNZ)) {
- goto illegal_op;
- }
- tcg_gen_concat_tl_i64(s->tmp1_i64, cpu_regs[R_EAX],
diff --git
a/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
b/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
deleted file mode 100644
index ed1d6d7..0000000
---
a/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonz...@redhat.com>
-Date: Wed, 8 May 2024 11:10:54 +0200
-Subject: [PATCH] target/i386: fix feature dependency for WAITPKG
-
-The VMX feature bit depends on general availability of WAITPKG,
-not the other way round.
-
-Fixes: 33cc88261c3 ("target/i386: add support for
VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE", 2023-08-28)
-Cc: qemu-sta...@nongnu.org
-Reviewed-by: Zhao Liu <zhao1....@intel.com>
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit fe01af5d47d4cf7fdf90c54d43f784e5068c8d72)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/cpu.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/target/i386/cpu.c b/target/i386/cpu.c
-index 33760a2ee1..e693f8ca9a 100644
---- a/target/i386/cpu.c
-+++ b/target/i386/cpu.c
-@@ -1550,8 +1550,8 @@ static FeatureDep feature_dependencies[] = {
- .to = { FEAT_SVM, ~0ull },
- },
- {
-- .from = { FEAT_VMX_SECONDARY_CTLS,
VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
-- .to = { FEAT_7_0_ECX, CPUID_7_0_ECX_WAITPKG },
-+ .from = { FEAT_7_0_ECX, CPUID_7_0_ECX_WAITPKG },
-+ .to = { FEAT_VMX_SECONDARY_CTLS,
VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
- },
- };
-
diff --git
a/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
b/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
deleted file mode 100644
index afe7d5a..0000000
---
a/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Fiona Ebner <f.eb...@proxmox.com>
-Date: Thu, 16 May 2024 15:21:07 +0200
-Subject: [PATCH] hw/core/machine: move compatibility flags for VirtIO-net USO
- to machine 8.1
-
-Migration from an 8.2 or 9.0 binary to an 8.1 binary with machine
-version 8.1 can fail with:
-
-> kvm: Features 0x1c0010130afffa7 unsupported. Allowed features: 0x10179bfffe7
-> kvm: Failed to load virtio-net:virtio
-> kvm: error while loading state for instance 0x0 of device
'0000:00:12.0/virtio-net'
-> kvm: load of migration failed: Operation not permitted
-
-The series
-
-53da8b5a99 virtio-net: Add support for USO features
-9da1684954 virtio-net: Add USO flags to vhost support.
-f03e0cf63b tap: Add check for USO features
-2ab0ec3121 tap: Add USO support to tap device.
-
-only landed in QEMU 8.2, so the compatibility flags should be part of
-machine version 8.1.
-
-Moving the flags unfortunately breaks forward migration with machine
-version 8.1 from a binary without this patch to a binary with this
-patch when the feature is enabled by the guest.
-
-Fixes: 53da8b5a99 ("virtio-net: Add support for USO features")
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- hw/core/machine.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/hw/core/machine.c b/hw/core/machine.c
-index d33a37a6f6..4273de16a0 100644
---- a/hw/core/machine.c
-+++ b/hw/core/machine.c
-@@ -46,15 +46,15 @@ GlobalProperty hw_compat_8_1[] = {
- { "ramfb", "x-migrate", "off" },
- { "vfio-pci-nohotplug", "x-ramfb-migrate", "off" },
- { "igb", "x-pcie-flr-init", "off" },
-+ { TYPE_VIRTIO_NET, "host_uso", "off"},
-+ { TYPE_VIRTIO_NET, "guest_uso4", "off"},
-+ { TYPE_VIRTIO_NET, "guest_uso6", "off"},
- };
- const size_t hw_compat_8_1_len = G_N_ELEMENTS(hw_compat_8_1);
-
- GlobalProperty hw_compat_8_0[] = {
- { "migration", "multifd-flush-after-each-section", "on"},
- { TYPE_PCI_DEVICE, "x-pcie-ari-nextfn-1", "on" },
-- { TYPE_VIRTIO_NET, "host_uso", "off"},
-- { TYPE_VIRTIO_NET, "guest_uso4", "off"},
-- { TYPE_VIRTIO_NET, "guest_uso6", "off"},
- };
- const size_t hw_compat_8_0_len = G_N_ELEMENTS(hw_compat_8_0);
-
diff --git
a/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
b/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
deleted file mode 100644
index def305c..0000000
--- a/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Stefan Hajnoczi <stefa...@redhat.com>
-Date: Mon, 6 May 2024 15:06:21 -0400
-Subject: [PATCH] Revert "monitor: use aio_co_reschedule_self()"
-
-Commit 1f25c172f837 ("monitor: use aio_co_reschedule_self()") was a code
-cleanup that uses aio_co_reschedule_self() instead of open coding
-coroutine rescheduling.
-
-Bug RHEL-34618 was reported and Kevin Wolf <kw...@redhat.com> identified
-the root cause. I missed that aio_co_reschedule_self() ->
-qemu_get_current_aio_context() only knows about
-qemu_aio_context/IOThread AioContexts and not about iohandler_ctx. It
-does not function correctly when going back from the iohandler_ctx to
-qemu_aio_context.
-
-Go back to open coding the AioContext transitions to avoid this bug.
-
-This reverts commit 1f25c172f83704e350c0829438d832384084a74d.
-
-Buglink: https://issues.redhat.com/browse/RHEL-34618
-Signed-off-by: Stefan Hajnoczi <stefa...@redhat.com>
-(picked from:
https://lists.nongnu.org/archive/html/qemu-devel/2024-05/msg01090.html)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- qapi/qmp-dispatch.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c
-index 2624eb3470..790bb7d1da 100644
---- a/qapi/qmp-dispatch.c
-+++ b/qapi/qmp-dispatch.c
-@@ -224,7 +224,8 @@ QDict *coroutine_mixed_fn qmp_dispatch(const
QmpCommandList *cmds, QObject *requ
- * executing the command handler so that it can make progress if
it
- * involves an AIO_WAIT_WHILE().
- */
-- aio_co_reschedule_self(qemu_get_aio_context());
-+ aio_co_schedule(qemu_get_aio_context(), qemu_coroutine_self());
-+ qemu_coroutine_yield();
- }
-
- monitor_set_cur(qemu_coroutine_self(), cur_mon);
-@@ -238,7 +239,9 @@ QDict *coroutine_mixed_fn qmp_dispatch(const
QmpCommandList *cmds, QObject *requ
- * Move back to iohandler_ctx so that nested event loops for
- * qemu_aio_context don't start new monitor commands.
- */
-- aio_co_reschedule_self(iohandler_get_aio_context());
-+ aio_co_schedule(iohandler_get_aio_context(),
-+ qemu_coroutine_self());
-+ qemu_coroutine_yield();
- }
- } else {
- /*
diff --git
a/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
b/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
deleted file mode 100644
index 2475d34..0000000
---
a/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.hender...@linaro.org>
-Date: Mon, 22 Apr 2024 10:07:22 -0700
-Subject: [PATCH] target/arm: Restrict translation disabled alignment check to
- VMSA
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-For cpus using PMSA, when the MPU is disabled, the default memory
-type is Normal, Non-cachable. This means that it should not
-have alignment restrictions enforced.
-
-Cc: qemu-sta...@nongnu.org
-Fixes: 59754f85ed3 ("target/arm: Do memory type alignment check when
translation disabled")
-Reported-by: Clément Chigot <chi...@adacore.com>
-Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
-Tested-by: Clément Chigot <chi...@adacore.com>
-Message-id: 20240422170722.117409-1-richard.hender...@linaro.org
-[PMM: trivial comment, commit message tweaks]
-Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
-(cherry picked from commit 7b19a3554d2df22d29c75319a1dac17615d1b20e)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/arm/tcg/hflags.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/target/arm/tcg/hflags.c b/target/arm/tcg/hflags.c
-index 5da1b0fc1d..f03977b4b0 100644
---- a/target/arm/tcg/hflags.c
-+++ b/target/arm/tcg/hflags.c
-@@ -38,8 +38,16 @@ static bool aprofile_require_alignment(CPUARMState *env,
int el, uint64_t sctlr)
- }
-
- /*
-- * If translation is disabled, then the default memory type is
-- * Device(-nGnRnE) instead of Normal, which requires that alignment
-+ * With PMSA, when the MPU is disabled, all memory types in the
-+ * default map are Normal, so don't need aligment enforcing.
-+ */
-+ if (arm_feature(env, ARM_FEATURE_PMSA)) {
-+ return false;
-+ }
-+
-+ /*
-+ * With VMSA, if translation is disabled, then the default memory type
-+ * is Device(-nGnRnE) instead of Normal, which requires that alignment
- * be enforced. Since this affects all ram, it is most efficient
- * to handle this during translation.
- */
diff --git
a/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
b/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
deleted file mode 100644
index 97501f5..0000000
---
a/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Ruihan Li <lrh2...@pku.edu.cn>
-Date: Mon, 15 Apr 2024 14:45:21 +0800
-Subject: [PATCH] target/i386: Give IRQs a chance when resetting
- HF_INHIBIT_IRQ_MASK
-
-When emulated with QEMU, interrupts will never come in the following
-loop. However, if the NOP instruction is uncommented, interrupts will
-fire as normal.
-
- loop:
- cli
- call do_sti
- jmp loop
-
- do_sti:
- sti
- # nop
- ret
-
-This behavior is different from that of a real processor. For example,
-if KVM is enabled, interrupts will always fire regardless of whether the
-NOP instruction is commented or not. Also, the Intel Software Developer
-Manual states that after the STI instruction is executed, the interrupt
-inhibit should end as soon as the next instruction (e.g., the RET
-instruction if the NOP instruction is commented) is executed.
-
-This problem is caused because the previous code may choose not to end
-the TB even if the HF_INHIBIT_IRQ_MASK has just been reset (e.g., in the
-case where the STI instruction is immediately followed by the RET
-instruction), so that IRQs may not have a change to trigger. This commit
-fixes the problem by always terminating the current TB to give IRQs a
-chance to trigger when HF_INHIBIT_IRQ_MASK is reset.
-
-Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
-Signed-off-by: Ruihan Li <lrh2...@pku.edu.cn>
-Message-ID: <20240415064518.4951-4-lrh2...@pku.edu.cn>
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit 6a5a63f74ba5c5355b7a8468d3d814bfffe928fb)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/tcg/translate.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index 3e949fe964..b5ebff2c89 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -2798,13 +2798,17 @@ static void gen_bnd_jmp(DisasContext *s)
- static void
- do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
- {
-+ bool inhibit_reset;
-+
- gen_update_cc_op(s);
-
- /* If several instructions disable interrupts, only the first does it. */
-- if (inhibit && !(s->flags & HF_INHIBIT_IRQ_MASK)) {
-- gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
-- } else {
-+ inhibit_reset = false;
-+ if (s->flags & HF_INHIBIT_IRQ_MASK) {
- gen_reset_hflag(s, HF_INHIBIT_IRQ_MASK);
-+ inhibit_reset = true;
-+ } else if (inhibit) {
-+ gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
- }
-
- if (s->base.tb->flags & HF_RF_MASK) {
-@@ -2815,7 +2819,9 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool
recheck_tf, bool jr)
- tcg_gen_exit_tb(NULL, 0);
- } else if (s->flags & HF_TF_MASK) {
- gen_helper_single_step(tcg_env);
-- } else if (jr) {
-+ } else if (jr &&
-+ /* give irqs a chance to happen */
-+ !inhibit_reset) {
- tcg_gen_lookup_and_goto_ptr();
- } else {
- tcg_gen_exit_tb(NULL, 0);
diff --git
a/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
b/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
deleted file mode 100644
index 337c74c..0000000
---
a/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: donsheng <dongsheng.x.zh...@intel.com>
-Date: Wed, 22 May 2024 04:01:14 +0800
-Subject: [PATCH] target-i386: hyper-v: Correct kvm_hv_handle_exit return value
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This bug fix addresses the incorrect return value of kvm_hv_handle_exit for
-KVM_EXIT_HYPERV_SYNIC, which should be EXCP_INTERRUPT.
-
-Handling of KVM_EXIT_HYPERV_SYNIC in QEMU needs to be synchronous.
-This means that async_synic_update should run in the current QEMU vCPU
-thread before returning to KVM, returning EXCP_INTERRUPT to guarantee this.
-Returning 0 can cause async_synic_update to run asynchronously.
-
-One problem (kvm-unit-tests's hyperv_synic test fails with timeout error)
-caused by this bug:
-
-When a guest VM writes to the HV_X64_MSR_SCONTROL MSR to enable Hyper-V SynIC,
-a VM exit is triggered and processed by the kvm_hv_handle_exit function of the
-QEMU vCPU. This function then calls the async_synic_update function to set
-synic->sctl_enabled to true. A true value of synic->sctl_enabled is required
-before creating SINT routes using the hyperv_sint_route_new() function.
-
-If kvm_hv_handle_exit returns 0 for KVM_EXIT_HYPERV_SYNIC, the current QEMU
-vCPU thread may return to KVM and enter the guest VM before running
-async_synic_update. In such case, the hyperv_synic test’s subsequent call to
-synic_ctl(HV_TEST_DEV_SINT_ROUTE_CREATE, ...) immediately after writing to
-HV_X64_MSR_SCONTROL can cause QEMU’s hyperv_sint_route_new() function to return
-prematurely (because synic->sctl_enabled is false).
-
-If the SINT route is not created successfully, the SINT interrupt will not be
-fired, resulting in a timeout error in the hyperv_synic test.
-
-Fixes: 267e071bd6d6 (“hyperv: make overlay pages for SynIC”)
-Suggested-by: Chao Gao <chao....@intel.com>
-Signed-off-by: Dongsheng Zhang <dongsheng.x.zh...@intel.com>
-Message-ID: <20240521200114.11588-1-dongsheng.x.zh...@intel.com>
-Cc: qemu-sta...@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit 84d4b72854869821eb89813c195927fdd3078c12)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/kvm/hyperv.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/kvm/hyperv.c b/target/i386/kvm/hyperv.c
-index f2a3fe650a..b94f12acc2 100644
---- a/target/i386/kvm/hyperv.c
-+++ b/target/i386/kvm/hyperv.c
-@@ -81,7 +81,7 @@ int kvm_hv_handle_exit(X86CPU *cpu, struct kvm_hyperv_exit
*exit)
- */
- async_safe_run_on_cpu(CPU(cpu), async_synic_update, RUN_ON_CPU_NULL);
-
-- return 0;
-+ return EXCP_INTERRUPT;
- case KVM_EXIT_HYPERV_HCALL: {
- uint16_t code = exit->u.hcall.input & 0xffff;
- bool fast = exit->u.hcall.input & HV_HYPERCALL_FAST;
diff --git
a/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
b/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
deleted file mode 100644
index 42ed9cd..0000000
---
a/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonz...@redhat.com>
-Date: Fri, 24 May 2024 17:17:47 +0200
-Subject: [PATCH] target/i386: disable jmp_opt if EFLAGS.RF is 1
-
-If EFLAGS.RF is 1, special processing in gen_eob_worker() is needed and
-therefore goto_tb cannot be used.
-
-Suggested-by: Richard Henderson <richard.hender...@linaro.org>
-Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
-Cc: qemu-sta...@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit 8225bff7c5db504f50e54ef66b079854635dba70)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/tcg/translate.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index b5ebff2c89..c2c5e73b3f 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6971,7 +6971,7 @@ static void i386_tr_init_disas_context(DisasContextBase
*dcbase, CPUState *cpu)
- dc->cpuid_7_1_eax_features = env->features[FEAT_7_1_EAX];
- dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
- dc->jmp_opt = !((cflags & CF_NO_GOTO_TB) ||
-- (flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
-+ (flags & (HF_RF_MASK | HF_TF_MASK |
HF_INHIBIT_IRQ_MASK)));
- /*
- * If jmp_opt, we want to handle each string instruction individually.
- * For icount also disable repz optimization so that each iteration
diff --git
a/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
b/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
deleted file mode 100644
index 0de3f4a..0000000
---
a/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonz...@redhat.com>
-Date: Sat, 25 May 2024 10:03:22 +0200
-Subject: [PATCH] target/i386: no single-step exception after MOV or POP SS
-
-Intel SDM 18.3.1.4 "If an occurrence of the MOV or POP instruction
-loads the SS register executes with EFLAGS.TF = 1, no single-step debug
-exception occurs following the MOV or POP instruction."
-
-Cc: qemu-sta...@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
-(cherry picked from commit f0f0136abba688a6516647a79cc91e03fad6d5d7)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- target/i386/tcg/translate.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index c2c5e73b3f..a55df176c6 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -2817,7 +2817,7 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool
recheck_tf, bool jr)
- if (recheck_tf) {
- gen_helper_rechecking_single_step(tcg_env);
- tcg_gen_exit_tb(NULL, 0);
-- } else if (s->flags & HF_TF_MASK) {
-+ } else if ((s->flags & HF_TF_MASK) && !inhibit) {
- gen_helper_single_step(tcg_env);
- } else if (jr &&
- /* give irqs a chance to happen */
diff --git
a/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
b/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
deleted file mode 100644
index 0f57b2f..0000000
---
a/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Kevin Wolf <kw...@redhat.com>
-Date: Tue, 2 Jul 2024 18:39:40 +0200
-Subject: [PATCH] qcow2: Don't open data_file with BDRV_O_NO_IO
-
-One use case for 'qemu-img info' is verifying that untrusted images
-don't reference an unwanted external file, be it as a backing file or an
-external data file. To make sure that calling 'qemu-img info' can't
-already have undesired side effects with a malicious image, just don't
-open the data file at all with BDRV_O_NO_IO. If nothing ever tries to do
-I/O, we don't need to have it open.
-
-This changes the output of iotests case 061, which used 'qemu-img info'
-to show that opening an image with an invalid data file fails. After
-this patch, it succeeds. Replace this part of the test with a qemu-io
-call, but keep the final 'qemu-img info' to show that the invalid data
-file is correctly displayed in the output.
-
-Fixes: CVE-2024-4467
-Cc: qemu-sta...@nongnu.org
-Signed-off-by: Kevin Wolf <kw...@redhat.com>
-Reviewed-by: Eric Blake <ebl...@redhat.com>
-Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
-Reviewed-by: Hanna Czenczek <hre...@redhat.com>
-(picked from
https://lore.kernel.org/qemu-devel/20240702163943.276618-2-kw...@redhat.com/)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- block/qcow2.c | 17 ++++++++++++++++-
- tests/qemu-iotests/061 | 6 ++++--
- tests/qemu-iotests/061.out | 8 ++++++--
- 3 files changed, 26 insertions(+), 5 deletions(-)
-
-diff --git a/block/qcow2.c b/block/qcow2.c
-index 956128b409..4c78665bcb 100644
---- a/block/qcow2.c
-+++ b/block/qcow2.c
-@@ -1636,7 +1636,22 @@ qcow2_do_open(BlockDriverState *bs, QDict *options, int
flags,
- goto fail;
- }
-
-- if (open_data_file) {
-+ if (open_data_file && (flags & BDRV_O_NO_IO)) {
-+ /*
-+ * Don't open the data file for 'qemu-img info' so that it can be used
-+ * to verify that an untrusted qcow2 image doesn't refer to external
-+ * files.
-+ *
-+ * Note: This still makes has_data_file() return true.
-+ */
-+ if (s->incompatible_features & QCOW2_INCOMPAT_DATA_FILE) {
-+ s->data_file = NULL;
-+ } else {
-+ s->data_file = bs->file;
-+ }
-+ qdict_extract_subqdict(options, NULL, "data-file.");
-+ qdict_del(options, "data-file");
-+ } else if (open_data_file) {
- /* Open external data file */
- bdrv_graph_co_rdunlock();
- s->data_file = bdrv_co_open_child(NULL, options, "data-file", bs,
-diff --git a/tests/qemu-iotests/061 b/tests/qemu-iotests/061
-index 53c7d428e3..b71ac097d1 100755
---- a/tests/qemu-iotests/061
-+++ b/tests/qemu-iotests/061
-@@ -326,12 +326,14 @@ $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG"
- echo
- _make_test_img -o "compat=1.1,data_file=$TEST_IMG.data" 64M
- $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG"
--_img_info --format-specific
-+$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
-+$QEMU_IO -c "open -o
data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" |
_filter_qemu_io
- TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG"
_img_info --format-specific --image-opts
-
- echo
- $QEMU_IMG amend -o "data_file=" --image-opts
"data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG"
--_img_info --format-specific
-+$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
-+$QEMU_IO -c "open -o
data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" |
_filter_qemu_io
- TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG"
_img_info --format-specific --image-opts
-
- echo
-diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out
-index 139fc68177..24c33add7c 100644
---- a/tests/qemu-iotests/061.out
-+++ b/tests/qemu-iotests/061.out
-@@ -545,7 +545,9 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
- qemu-img: data-file can only be set for images that use an external data file
-
- Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
data_file=TEST_DIR/t.IMGFMT.data
--qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'foo': No such
file or directory
-+qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'foo': No such
file or directory
-+read 4096/4096 bytes at offset 0
-+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
- image: TEST_DIR/t.IMGFMT
- file format: IMGFMT
- virtual size: 64 MiB (67108864 bytes)
-@@ -560,7 +562,9 @@ Format specific information:
- corrupt: false
- extended l2: false
-
--qemu-img: Could not open 'TEST_DIR/t.IMGFMT': 'data-file' is required for
this image
-+qemu-io: can't open device TEST_DIR/t.IMGFMT: 'data-file' is required for
this image
-+read 4096/4096 bytes at offset 0
-+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
- image: TEST_DIR/t.IMGFMT
- file format: IMGFMT
- virtual size: 64 MiB (67108864 bytes)
diff --git
a/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
b/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
deleted file mode 100644
index 49f18a1..0000000
---
a/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
+++ /dev/null
@@ -1,241 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Kevin Wolf <kw...@redhat.com>
-Date: Tue, 2 Jul 2024 18:39:43 +0200
-Subject: [PATCH] block: Parse filenames only when explicitly requested
-
-When handling image filenames from legacy options such as -drive or from
-tools, these filenames are parsed for protocol prefixes, including for
-the json:{} pseudo-protocol.
-
-This behaviour is intended for filenames that come directly from the
-command line and for backing files, which may come from the image file
-itself. Higher level management tools generally take care to verify that
-untrusted images don't contain a bad (or any) backing file reference;
-'qemu-img info' is a suitable tool for this.
-
-However, for other files that can be referenced in images, such as
-qcow2 data files or VMDK extents, the string from the image file is
-usually not verified by management tools - and 'qemu-img info' wouldn't
-be suitable because in contrast to backing files, it already opens these
-other referenced files. So here the string should be interpreted as a
-literal local filename. More complex configurations need to be specified
-explicitly on the command line or in QMP.
-
-This patch changes bdrv_open_inherit() so that it only parses filenames
-if a new parameter parse_filename is true. It is set for the top level
-in bdrv_open(), for the file child and for the backing file child. All
-other callers pass false and disable filename parsing this way.
-
-Cc: qemu-sta...@nongnu.org
-Signed-off-by: Kevin Wolf <kw...@redhat.com>
-Reviewed-by: Eric Blake <ebl...@redhat.com>
-Reviewed-by: Stefan Hajnoczi <stefa...@redhat.com>
-Reviewed-by: Hanna Czenczek <hre...@redhat.com>
-(picked from
https://lore.kernel.org/qemu-devel/20240702163943.276618-5-kw...@redhat.com/)
-Signed-off-by: Fiona Ebner <f.eb...@proxmox.com>
----
- block.c | 90 ++++++++++++++++++++++++++++++++++++---------------------
- 1 file changed, 57 insertions(+), 33 deletions(-)
-
-diff --git a/block.c b/block.c
-index 468cf5e67d..50bdd197b7 100644
---- a/block.c
-+++ b/block.c
-@@ -86,6 +86,7 @@ static BlockDriverState *bdrv_open_inherit(const char
*filename,
- BlockDriverState *parent,
- const BdrvChildClass *child_class,
- BdrvChildRole child_role,
-+ bool parse_filename,
- Error **errp);
-
- static bool bdrv_recurse_has_child(BlockDriverState *bs,
-@@ -2058,7 +2059,8 @@ static void parse_json_protocol(QDict *options, const
char **pfilename,
- * block driver has been specified explicitly.
- */
- static int bdrv_fill_options(QDict **options, const char *filename,
-- int *flags, Error **errp)
-+ int *flags, bool allow_parse_filename,
-+ Error **errp)
- {
- const char *drvname;
- bool protocol = *flags & BDRV_O_PROTOCOL;
-@@ -2100,7 +2102,7 @@ static int bdrv_fill_options(QDict **options, const char
*filename,
- if (protocol && filename) {
- if (!qdict_haskey(*options, "filename")) {
- qdict_put_str(*options, "filename", filename);
-- parse_filename = true;
-+ parse_filename = allow_parse_filename;
- } else {
- error_setg(errp, "Can't specify 'file' and 'filename' options at "
- "the same time");
-@@ -3663,7 +3665,8 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict
*parent_options,
- }
-
- backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0,
bs,
-- &child_of_bds, bdrv_backing_role(bs),
errp);
-+ &child_of_bds, bdrv_backing_role(bs), true,
-+ errp);
- if (!backing_hd) {
- bs->open_flags |= BDRV_O_NO_BACKING;
- error_prepend(errp, "Could not open backing file: ");
-@@ -3697,7 +3700,8 @@ free_exit:
- static BlockDriverState *
- bdrv_open_child_bs(const char *filename, QDict *options, const char
*bdref_key,
- BlockDriverState *parent, const BdrvChildClass
*child_class,
-- BdrvChildRole child_role, bool allow_none, Error **errp)
-+ BdrvChildRole child_role, bool allow_none,
-+ bool parse_filename, Error **errp)
- {
- BlockDriverState *bs = NULL;
- QDict *image_options;
-@@ -3728,7 +3732,8 @@ bdrv_open_child_bs(const char *filename, QDict *options,
const char *bdref_key,
- }
-
- bs = bdrv_open_inherit(filename, reference, image_options, 0,
-- parent, child_class, child_role, errp);
-+ parent, child_class, child_role, parse_filename,
-+ errp);
- if (!bs) {
- goto done;
- }
-@@ -3738,6 +3743,33 @@ done:
- return bs;
- }
-
-+static BdrvChild *bdrv_open_child_common(const char *filename,
-+ QDict *options, const char
*bdref_key,
-+ BlockDriverState *parent,
-+ const BdrvChildClass *child_class,
-+ BdrvChildRole child_role,
-+ bool allow_none, bool parse_filename,
-+ Error **errp)
-+{
-+ BlockDriverState *bs;
-+ BdrvChild *child;
-+
-+ GLOBAL_STATE_CODE();
-+
-+ bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_class,
-+ child_role, allow_none, parse_filename, errp);
-+ if (bs == NULL) {
-+ return NULL;
-+ }
-+
-+ bdrv_graph_wrlock();
-+ child = bdrv_attach_child(parent, bs, bdref_key, child_class, child_role,
-+ errp);
-+ bdrv_graph_wrunlock();
-+
-+ return child;
-+}
-+
- /*
- * Opens a disk image whose options are given as BlockdevRef in another block
- * device's options.
-@@ -3761,27 +3793,15 @@ BdrvChild *bdrv_open_child(const char *filename,
- BdrvChildRole child_role,
- bool allow_none, Error **errp)
- {
-- BlockDriverState *bs;
-- BdrvChild *child;
--
-- GLOBAL_STATE_CODE();
--
-- bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_class,
-- child_role, allow_none, errp);
-- if (bs == NULL) {
-- return NULL;
-- }
--
-- bdrv_graph_wrlock();
-- child = bdrv_attach_child(parent, bs, bdref_key, child_class, child_role,
-- errp);
-- bdrv_graph_wrunlock();
--
-- return child;
-+ return bdrv_open_child_common(filename, options, bdref_key, parent,
-+ child_class, child_role, allow_none, false,
-+ errp);
- }
-
- /*
-- * Wrapper on bdrv_open_child() for most popular case: open primary child of
bs.
-+ * This does mostly the same as bdrv_open_child(), but for opening the primary
-+ * child of a node. A notable difference from bdrv_open_child() is that it
-+ * enables filename parsing for protocol names (including json:).
- *
- * @parent can move to a different AioContext in this function.
- */
-@@ -3796,8 +3816,8 @@ int bdrv_open_file_child(const char *filename,
- role = parent->drv->is_filter ?
- (BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY) : BDRV_CHILD_IMAGE;
-
-- if (!bdrv_open_child(filename, options, bdref_key, parent,
-- &child_of_bds, role, false, errp))
-+ if (!bdrv_open_child_common(filename, options, bdref_key, parent,
-+ &child_of_bds, role, false, true, errp))
- {
- return -EINVAL;
- }
-@@ -3842,7 +3862,8 @@ BlockDriverState *bdrv_open_blockdev_ref(BlockdevRef
*ref, Error **errp)
-
- }
-
-- bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, 0, errp);
-+ bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, 0, false,
-+ errp);
- obj = NULL;
- qobject_unref(obj);
- visit_free(v);
-@@ -3932,7 +3953,7 @@ static BlockDriverState * no_coroutine_fn
- bdrv_open_inherit(const char *filename, const char *reference, QDict *options,
- int flags, BlockDriverState *parent,
- const BdrvChildClass *child_class, BdrvChildRole child_role,
-- Error **errp)
-+ bool parse_filename, Error **errp)
- {
- int ret;
- BlockBackend *file = NULL;
-@@ -3980,9 +4001,11 @@ bdrv_open_inherit(const char *filename, const char
*reference, QDict *options,
- }
-
- /* json: syntax counts as explicit options, as if in the QDict */
-- parse_json_protocol(options, &filename, &local_err);
-- if (local_err) {
-- goto fail;
-+ if (parse_filename) {
-+ parse_json_protocol(options, &filename, &local_err);
-+ if (local_err) {
-+ goto fail;
-+ }
- }
-
- bs->explicit_options = qdict_clone_shallow(options);
-@@ -4007,7 +4030,8 @@ bdrv_open_inherit(const char *filename, const char
*reference, QDict *options,
- parent->open_flags, parent->options);
- }
-
-- ret = bdrv_fill_options(&options, filename, &flags, &local_err);
-+ ret = bdrv_fill_options(&options, filename, &flags, parse_filename,
-+ &local_err);
- if (ret < 0) {
- goto fail;
- }
-@@ -4076,7 +4100,7 @@ bdrv_open_inherit(const char *filename, const char
*reference, QDict *options,
-
- file_bs = bdrv_open_child_bs(filename, options, "file", bs,
- &child_of_bds, BDRV_CHILD_IMAGE,
-- true, &local_err);
-+ true, true, &local_err);
- if (local_err) {
- goto fail;
- }
-@@ -4225,7 +4249,7 @@ BlockDriverState *bdrv_open(const char *filename, const
char *reference,
- GLOBAL_STATE_CODE();
-
- return bdrv_open_inherit(filename, reference, options, flags, NULL,
-- NULL, 0, errp);
-+ NULL, 0, true, errp);
- }
-
- /* Return true if the NULL-terminated @list contains @str */
diff --git
a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
index 9230b01..fce068c 100644
---
a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
+++
b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
@@ -119,10 +119,10 @@ index 43bc0bd520..60e98c87f1 100644
};
return raw_co_create(&options, errp);
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 45ab548dfe..f7c2b63c5d 100644
+index 0902b0a024..0653c244cf 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -4956,6 +4956,10 @@
+@@ -4952,6 +4952,10 @@
# @extent-size-hint: Extent size hint to add to the image file; 0 for
# not adding an extent size hint (default: 1 MB, since 5.1)
#
@@ -133,7 +133,7 @@ index 45ab548dfe..f7c2b63c5d 100644
# Since: 2.12
##
{ 'struct': 'BlockdevCreateOptionsFile',
-@@ -4963,7 +4967,8 @@
+@@ -4959,7 +4963,8 @@
'size': 'size',
'*preallocation': 'PreallocMode',
'*nocow': 'bool',
diff --git
a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
index af4565f..7e09f68 100644
--- a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
+++ b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
@@ -1683,7 +1683,7 @@ index 0000000000..c755bf302b
+ return ret;
+}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index f7c2b63c5d..e49c7b5bc9 100644
+index 0653c244cf..dbd5d9b993 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -851,6 +851,239 @@
diff --git
a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
index 82ec94f..859ac77 100644
---
a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
+++
b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
@@ -368,10 +368,10 @@ index 6de51c34cb..3bc039f60f 100644
summary_info += {'libdaxctl support': libdaxctl}
summary_info += {'libudev': libudev}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index e49c7b5bc9..fc32ff9957 100644
+index dbd5d9b993..e79775656c 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -3457,6 +3457,7 @@
+@@ -3453,6 +3453,7 @@
'parallels', 'preallocate', 'qcow', 'qcow2', 'qed', 'quorum',
'raw', 'rbd',
{ 'name': 'replication', 'if': 'CONFIG_REPLICATION' },
@@ -379,7 +379,7 @@ index e49c7b5bc9..fc32ff9957 100644
'ssh', 'throttle', 'vdi', 'vhdx',
{ 'name': 'virtio-blk-vfio-pci', 'if': 'CONFIG_BLKIO' },
{ 'name': 'virtio-blk-vhost-user', 'if': 'CONFIG_BLKIO' },
-@@ -3543,6 +3544,33 @@
+@@ -3539,6 +3540,33 @@
{ 'struct': 'BlockdevOptionsNull',
'data': { '*size': 'int', '*latency-ns': 'uint64', '*read-zeroes': 'bool' }
}
@@ -413,7 +413,7 @@ index e49c7b5bc9..fc32ff9957 100644
##
# @BlockdevOptionsNVMe:
#
-@@ -4977,6 +5005,7 @@
+@@ -4973,6 +5001,7 @@
'nfs': 'BlockdevOptionsNfs',
'null-aio': 'BlockdevOptionsNull',
'null-co': 'BlockdevOptionsNull',
diff --git
a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
index aab05b8..6ba8425 100644
--- a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
+++ b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
@@ -186,7 +186,7 @@ index c755bf302b..5ebb6a3947 100644
ret->pbs_masterkey = true;
ret->backup_max_workers = true;
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index fc32ff9957..f516d8e95a 100644
+index e79775656c..cb58a664ef 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1004,6 +1004,11 @@
diff --git
a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
b/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
index ef44f42..5bf9efc 100644
---
a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
+++
b/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
@@ -254,7 +254,7 @@ index cc1387ae02..f0c642b194 100644
BackupPerf *perf,
BlockdevOnError on_source_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index f516d8e95a..d796d49abb 100644
+index cb58a664ef..282e2e8a8c 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1849,6 +1849,9 @@
diff --git
a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
b/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
index 50a8cd2..26bbdd0 100644
---
a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
+++
b/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
@@ -108,10 +108,10 @@ index bdc703bacd..77857c6c68 100644
/* Function should be called prior any actual copy request */
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index d796d49abb..edbf6e78b9 100644
+index 282e2e8a8c..9caf04cbe9 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -4930,12 +4930,18 @@
+@@ -4926,12 +4926,18 @@
# @on-cbw-error parameter will decide how this failure is handled.
# Default 0. (Since 7.1)
#
diff --git
a/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
b/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
index fe3ff95..42c5ec5 100644
---
a/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
+++
b/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
@@ -82,7 +82,7 @@ index 1054a69279..cbe224387b 100644
if ((backup->sync == MIRROR_SYNC_MODE_BITMAP) ||
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index edbf6e78b9..6e7ee87633 100644
+index 9caf04cbe9..df934647ed 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1790,11 +1790,16 @@
diff --git a/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
b/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
index dbb2883..1af3e04 100644
--- a/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
+++ b/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
@@ -294,7 +294,7 @@ index 5ebb6a3947..a747d12d3d 100644
return ret;
}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 6e7ee87633..dc5f75cd39 100644
+index df934647ed..ff441d4258 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -948,6 +948,10 @@
diff --git a/debian/patches/series b/debian/patches/series
index 5341391..763dfc1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,21 +3,7 @@ extra/0002-scsi-megasas-Internal-cdbs-have-16-byte-length.patch
extra/0003-ide-avoid-potential-deadlock-when-draining-during-tr.patch
extra/0004-Revert-x86-acpi-workaround-Windows-not-handling-name.patch
extra/0005-block-copy-before-write-use-uint64_t-for-timeout-in-.patch
-extra/0006-virtio-gpu-fix-v2-migration.patch
-extra/0007-hw-pflash-fix-block-write-start.patch
-extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
-extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
-extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
-extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
-extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
-extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
-extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
-extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
-extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
-extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
-extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
-extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
-extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
+extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
bitmap-mirror/0002-drive-mirror-add-support-for-conditional-and-always-.patch
bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
--
2.39.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
