Hello Anthony and Justin, As announced last year, SUSE is shipping a patched qemu-kvm 0.15.1 with our recently released SLES 11 SP2. We are therefore very interested in cutting 0.15.2 releases for QEMU and later on qemu-kvm.
This series contains only bugfix cherry-picks from qemu.git master, conflict resolutions or bug numbers are annotated. I started with recent CVEs and bugs that I had worked on and then worked through a list of candidates supplied by Bruce, who has been maintaining our downstream patch queue, with me inserting two prerequisite patches to avoid manual conflict resolution. In addition to this series there's one candidate patch that might not be a cherry-pick as well as two cherry-picks against KVM-only pci-assign that we'll submit separately. Please let me know how we are supposed to handle applying this batch to qemu-stable-0.15.git. Thanks! Regards, Andreas Cc: Anthony Liguori <anth...@codemonkey.ws> Cc: Justin M. Forbes <jmfor...@linuxtx.org> Cc: Bruce Rogers <brog...@suse.com> Cc: Bo Yang <boy...@suse.com> Cc: Alexander Graf <ag...@suse.de> Cc: Charles Arnold <carn...@suse.com> Cc: Avi Kivity <a...@redhat.com> Cc: Marcelo Tosatti <mtosa...@redhat.com> Alex Williamson (1): Error check find_ram_offset Anthony Liguori (3): e1000: bounds packet size against buffer size pc: add pc-0.15 pc: fix event_idx compatibility for virtio devices Anthony PERARD (1): cpu-common: Have a ram_addr_t of uint64 with Xen. Avi Kivity (2): kvm: avoid reentring kvm_flush_coalesced_mmio_buffer() qemu_vmalloc: align properly for transparent hugepages and KVM Bharata B Rao (1): Fix X86 CPU topology in KVM mode Bjørn Mork (1): e1000: use MII status register for link up/down Charles Arnold (1): block: Fix vpc initialization of the Dynamic Disk Header Eric Sunshine (1): Teach block/vdi about "discarded" (no longer allocated) blocks Gerd Hoffmann (4): migration: flush migration data to disk. ac97: don't override the pci subsystem id vns/tls: don't use depricated gnutls functions qxl: stride fixup Jan Kiszka (1): qdev: Reset hot-plugged devices Jes Sorensen (1): Add missing trace call to oslib-posix.c:qemu_vmalloc() Kevin Wolf (7): block: Fix bdrv_open use after free ide: Fix off-by-one error in array index check vvfat: Fix potential buffer overflow vmdk: Improve error handling qcow: Fix bdrv_write_compressed error handling vmdk: Fix possible segfaults pc: Fix floppy drives with if=none Marc-André Lureau (2): hda: do not mix output and input streams, RHBZ #740493 hda: do not mix output and input stream states, RHBZ #740493 Markus Armbruster (3): ccid: Fix buffer overrun in handling of VSC_ATR message acl: Fix use after free in qemu_acl_reset() console: Fix rendering of VGA underline Nick Thomas (1): block/curl: Implement a flush function on the fd handlers Pavel Borzenkov (1): vmdk: vmdk_read_cid returns garbage if p_name is NULL Peter Maydell (2): compatfd.c: Don't pass NULL pointer to SYS_signalfd hw/lan9118.c: Add missing 'break' to fix buffer overrun Stefan Hajnoczi (2): block: set bs->read_only before .bdrv_open() block: reinitialize across bdrv_close()/bdrv_open() dann frazier (1): e1000: Don't set the Capabilities List bit acl.c | 4 +- block.c | 12 ++++--- block/curl.c | 26 +++++++++++++-- block/qcow.c | 30 +++++++++++------ block/vdi.c | 23 ++++++++----- block/vmdk.c | 30 +++++++++++++----- block/vpc.c | 6 +++- block/vvfat.c | 2 +- compatfd.c | 12 ++++++- console.c | 6 ++-- cpu-common.h | 8 +++++ exec.c | 18 ++++++++--- hw/ac97.c | 16 ++++++--- hw/ccid-card-passthru.c | 1 + hw/e1000.c | 12 +++++-- hw/e1000_hw.h | 17 ++++++++++ hw/fdc.c | 12 +++++++ hw/fdc.h | 9 ++++- hw/hda-audio.c | 26 +++++++++++---- hw/ide/core.c | 2 +- hw/intel-hda.c | 18 ++++++----- hw/intel-hda.h | 2 +- hw/lan9118.c | 1 + hw/pc.c | 26 ++++++++------- hw/pc.h | 3 +- hw/pc_piix.c | 79 ++++++++++++++++++++++++++++++++++++++++++++--- hw/qdev.c | 3 ++ hw/qxl-render.c | 23 +++++++------ hw/qxl.h | 3 +- kvm-all.c | 10 ++++++ migration-fd.c | 23 +++++++++++++- oslib-posix.c | 17 +++++++++- target-i386/helper.c | 1 + ui/vnc-tls.c | 68 +++++++++++++++++++++++++++++----------- xen-all.c | 2 +- 35 files changed, 420 insertions(+), 131 deletions(-) -- 1.7.7
