On Tue, Oct 19, 2021 at 08:13:52PM +0530, Ani Sinha wrote: > > > On Tue, 19 Oct 2021, Michael Roth wrote: > > > Hi everyone, > > > > The following new patches are queued for QEMU stable v6.0.1: > > > > https://gitlab.com/qemu-project/qemu/-/commits/stable-6.0-staging/ > > > > Patch freeze is 2021-10-26, and the release is planned for 2021-10-28: > > > > https://wiki.qemu.org/Planning/6.0 > > > > Please respond here or CC qemu-sta...@nongnu.org on any additional patches > > you think should (or shouldn't) be included in the release. > > I believe we should also include this patch: > https://lore.kernel.org/qemu-devel/20210916132838.3469580-2-...@anisinha.ca/T/ > > It is also CC'd to qemu-stable@ but the patch itself was not tagged so (my > apologies for that).
I concur. > > > > > > Thanks! > > > > ---------------------------------------------------------------- > > David Hildenbrand (2): > > virtio-balloon: don't start free page hinting if postcopy is possible > > virtio-mem-pci: Fix memory leak when creating > > MEMORY_DEVICE_SIZE_CHANGE event > > > > Dr. David Alan Gilbert (1): > > audio: Never send migration section > > > > Gerd Hoffmann (3): > > uas: add stream number sanity checks. > > usb/redir: avoid dynamic stack allocation (CVE-2021-3527) > > usb: limit combined packets to 1 MiB (CVE-2021-3527) > > > > Giuseppe Musacchio (1): > > target/ppc: Fix load endianness for lxvwsx/lxvdsx > > > > Gollu Appalanaidu (1): > > hw/block/nvme: align with existing style > > > > Greg Kurz (1): > > docs/system: Document the removal of "compat" property for POWER CPUs > > > > Igor Mammedov (3): > > tests: acpi: prepare for changing DSDT tables > > acpi: pc: revert back to v5.2 PCI slot enumeration > > tests: acpi: pc: update expected DSDT blobs > > > > Jason Wang (2): > > vhost-vdpa: don't initialize backend_features > > virtio-net: fix use after unmap/free for sg > > > > Kevin Wolf (1): > > hmp: Fix loadvm to resume the VM on success instead of failure > > > > Klaus Jensen (2): > > hw/nvme: fix missing check for PMR capability > > hw/nvme: fix pin-based interrupt behavior (again) > > > > Kunkun Jiang (1): > > vfio: Fix unregister SaveVMHandler in vfio_migration_finalize > > > > Leonardo Bras (1): > > yank: Unregister function when using TLS migration > > > > Li Qiang (7): > > vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info > > (CVE-2021-3545) > > vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' > > (CVE-2021-3544) > > vhost-user-gpu: fix memory leak in vg_resource_attach_backing > > (CVE-2021-3544) > > vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' > > (CVE-2021-3544) > > vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' > > (CVE-2021-3544) > > vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' > > (CVE-2021-3544) > > vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' > > (CVE-2021-3546) > > > > Li Zhijian (1): > > migration/rdma: Fix cm_event used before being initialized > > > > Marcel Apfelbaum (3): > > hw/rdma: Fix possible mremap overflow in the pvrdma device > > (CVE-2021-3582) > > pvrdma: Ensure correct input on ring init (CVE-2021-3607) > > pvrdma: Fix the ring init error flow (CVE-2021-3608) > > > > Mark Cave-Ayland (2): > > esp: only assert INTR_DC interrupt flag if selection fails > > esp: only set ESP_RSEQ at the start of the select sequence > > > > Markus Armbruster (1): > > hmp: Unbreak "change vnc" > > > > Max Filippov (1): > > target/xtensa: fix access ring in l32ex > > > > Nir Soffer (1): > > qemu-nbd: Change default cache mode to writeback > > > > Paolo Bonzini (7): > > vl: allow not specifying size in -m when using -M memory-backend > > qemu-option: support accept-any QemuOptsList in qemu_opts_absorb_qdict > > qemu-config: load modules when instantiating option groups > > qemu-config: parse configuration files to a QDict > > vl: plumb keyval-based options into -readconfig > > vl: plug -object back into -readconfig > > configure: fix detection of gdbus-codegen > > > > Pavel Pisa (1): > > hw/net/can: sja1000 fix buff2frame_bas and buff2frame_pel when dlc is > > out of std CAN 8 bytes > > > > Peng Liang (1): > > runstate: Initialize Error * to NULL > > > > Peter Maydell (1): > > target/arm: Don't skip M-profile reset entirely in user mode > > > > Philippe Mathieu-Daudé (11): > > hw/pci-host/q35: Ignore write of reserved PCIEXBAR LENGTH field > > block/nvme: Fix VFIO_MAP_DMA failed: No space left on device > > crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helper > > block/nbd: Use qcrypto_tls_creds_check_endpoint() > > qemu-nbd: Use qcrypto_tls_creds_check_endpoint() > > chardev/socket: Use qcrypto_tls_creds_check_endpoint() > > migration/tls: Use qcrypto_tls_creds_check_endpoint() > > ui/vnc: Use qcrypto_tls_creds_check_endpoint() > > crypto: Make QCryptoTLSCreds* structures private > > hw/sd/sdcard: Document out-of-range addresses for SEND_WRITE_PROT > > hw/sd/sdcard: Fix assertion accessing out-of-range addresses with > > CMD30 > > > > Richard Henderson (4): > > linux-user/aarch64: Enable hwcap for RND, BTI, and MTE > > target/i386: Exit tb after wrmsr > > tcg/sparc: Fix temp_allocate_frame vs sparc stack bias > > tcg: Allocate sufficient storage in temp_allocate_frame > > > > Stefan Hajnoczi (1): > > sockets: update SOCKET_ADDRESS_TYPE_FD listen(2) backlog > > > > Stefan Reiter (1): > > monitor/qmp: fix race on CHR_EVENT_CLOSED without OOB > > > > Zenghui Yu (1): > > multi-process: Initialize variables declared with g_auto* > > > > Zhenzhong Duan (1): > > vl: Fix an assert failure in error path > > > > audio/audio.c | 10 +++ > > block/nbd.c | 6 +- > > block/nvme.c | 22 ++++++ > > blockdev-nbd.c | 6 +- > > chardev/char-socket.c | 18 ++--- > > configure | 4 +- > > contrib/vhost-user-gpu/vhost-user-gpu.c | 7 ++ > > contrib/vhost-user-gpu/virgl.c | 17 ++++- > > crypto/tls-cipher-suites.c | 7 ++ > > crypto/tlscreds.c | 12 +++ > > crypto/tlscredsanon.c | 2 + > > crypto/tlscredspriv.h | 45 +++++++++++ > > crypto/tlscredspsk.c | 2 + > > crypto/tlscredsx509.c | 1 + > > crypto/tlssession.c | 1 + > > docs/system/removed-features.rst | 6 ++ > > docs/tools/qemu-nbd.rst | 6 +- > > hw/block/nvme-ns.c | 2 +- > > hw/block/nvme.c | 89 ++++++++++++++-------- > > hw/block/nvme.h | 1 + > > hw/i386/acpi-build.c | 9 ++- > > hw/net/can/can_sja1000.c | 8 ++ > > hw/net/virtio-net.c | 39 ++++++++-- > > hw/pci-host/q35.c | 3 + > > hw/rdma/vmw/pvrdma_cmd.c | 7 ++ > > hw/rdma/vmw/pvrdma_dev_ring.c | 2 +- > > hw/rdma/vmw/pvrdma_main.c | 5 ++ > > hw/remote/memory.c | 5 +- > > hw/remote/proxy.c | 3 +- > > hw/scsi/esp.c | 13 +++- > > hw/sd/sd.c | 9 ++- > > hw/usb/combined-packet.c | 4 +- > > hw/usb/dev-uas.c | 11 +++ > > hw/usb/redirect.c | 6 +- > > hw/vfio/migration.c | 1 + > > hw/virtio/vhost-vdpa.c | 3 - > > hw/virtio/virtio-balloon.c | 13 ++++ > > hw/virtio/virtio-mem-pci.c | 7 +- > > include/block/nvme.h | 10 +-- > > include/block/qdict.h | 2 - > > include/crypto/tls-cipher-suites.h | 6 -- > > include/crypto/tlscreds.h | 30 ++++---- > > include/crypto/tlscredsanon.h | 12 --- > > include/crypto/tlscredspsk.h | 12 --- > > include/crypto/tlscredsx509.h | 10 --- > > include/qapi/qmp/qdict.h | 3 + > > include/qemu/config-file.h | 7 +- > > linux-user/elfload.c | 13 ++++ > > migration/channel.c | 26 ++++--- > > migration/multifd.c | 3 +- > > migration/qemu-file-channel.c | 4 +- > > migration/rdma.c | 1 - > > migration/tls.c | 6 +- > > monitor/hmp-cmds.c | 4 +- > > monitor/qmp.c | 40 +++++----- > > qemu-nbd.c | 25 +++--- > > softmmu/runstate.c | 2 +- > > softmmu/vl.c | 130 > > +++++++++++++++++++++++--------- > > stubs/meson.build | 1 + > > stubs/module-opts.c | 6 ++ > > target/arm/cpu.c | 19 +++++ > > target/i386/tcg/translate.c | 2 + > > target/ppc/translate/vsx-impl.c.inc | 4 +- > > target/xtensa/translate.c | 2 +- > > tcg/sparc/tcg-target.c.inc | 16 ++-- > > tcg/tcg.c | 40 +++++++--- > > tests/data/acpi/pc/DSDT | Bin 6002 -> 6002 bytes > > tests/data/acpi/pc/DSDT.acpihmat | Bin 7327 -> 7327 bytes > > tests/data/acpi/pc/DSDT.bridge | Bin 8668 -> 8668 bytes > > tests/data/acpi/pc/DSDT.cphp | Bin 6466 -> 6466 bytes > > tests/data/acpi/pc/DSDT.dimmpxm | Bin 7656 -> 7656 bytes > > tests/data/acpi/pc/DSDT.hpbridge | Bin 5969 -> 5969 bytes > > tests/data/acpi/pc/DSDT.ipmikcs | Bin 6074 -> 6074 bytes > > tests/data/acpi/pc/DSDT.memhp | Bin 7361 -> 7361 bytes > > tests/data/acpi/pc/DSDT.nohpet | Bin 5860 -> 5860 bytes > > tests/data/acpi/pc/DSDT.numamem | Bin 6008 -> 6008 bytes > > ui/vnc.c | 7 +- > > util/qemu-config.c | 99 ++++++++++++++++-------- > > util/qemu-option.c | 3 +- > > util/qemu-sockets.c | 29 +++++-- > > 80 files changed, 685 insertions(+), 301 deletions(-) > > create mode 100644 stubs/module-opts.c > > > > > > > >
