-
Tue Aug 22 2023 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-28.el8
- virtio-crypto: verify src&dst buffer length for sym request (zhenwei pi) [Orabug: 35724113] {CVE-2023-3180}
- hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330) (Thomas Huth) [Orabug: 35724112] {CVE-2023-0330}
- kvm: Atomic memslot updates (David Hildenbrand) [Orabug: 35719844]
- KVM: keep track of running ioctls (Emanuele Giuseppe Esposito) [Orabug: 35719844]
- accel: introduce accelerator blocker API (Emanuele Giuseppe Esposito) [Orabug: 35719844]
- KVM: Use a big lock to replace per-kml slots_lock (Peter Xu) [Orabug: 35719844]
- pcie: don't set link state active if the slot is empty (Laurent Vivier) [Orabug: 35707933]
- vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present (Ani Sinha) [Orabug: 35662850] {CVE-2023-3301}
-
Fri Jun 16 2023 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-27.el8
- hw/arm/virt: Add nvdimm hotplug support (Shameer Kolothum) [Orabug: 35505663]
- hw/arm/virt: Add nvdimm hot-plug infrastructure (Kwangwoo Lee) [Orabug: 35505663]
- nvdimm: Use configurable ACPI IO base and size (Kwangwoo Lee) [Orabug: 35505663]
- target/i386: define a new MSR based feature word - FEAT_PERF_CAPABILITIES (Like Xu) [Orabug: 35370615]
-
Thu Apr 20 2023 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-26.el8
- migration: check magic value for deciding the mapping of channels (Manish Mishra) [Orabug: 34735462]
- io: Add support for MSG_PEEK for socket channel (Manish Mishra) [Orabug: 34735462]
- migration: Move channel setup out of postcopy_try_recover() (Peter Xu) [Orabug: 34735462]
- vdpa: commit all host notifier MRs in a single MR transaction (Mike Longpeng) [Orabug: 35252234]
- vhost: configure all host notifiers in a single MR transaction (Mike Longpeng) [Orabug: 35252234]
- vhost: simplify vhost_dev_enable_notifiers (Mike Longpeng) [Orabug: 35252234]
- pcie: Do not update hotplugged device power in RUN_STATE_INMIGRATE state (Annie Li) [Orabug: 35055290]
- qga/win32: Use rundll for VSS installation (Konstantin Kostiuk) [Orabug: 35206108] {CVE-2023-0664}
- qga/win32: Remove change action from MSI installer (Konstantin Kostiuk) [Orabug: 35206108] {CVE-2023-0664}
- hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion (Philippe Mathieu-Daudé) [Orabug: 34846087]
- hw/display/qxl: Avoid buffer overrun in qxl_phys2virt (CVE-2022-4144) (Philippe Mathieu-Daudé) [Orabug: 34846087] {CVE-2022-4144}
- hw/display/qxl: Pass requested buffer size to qxl_phys2virt() (Philippe Mathieu-Daudé) [Orabug: 34846087]
- hw/display/qxl: Document qxl_phys2virt() (Philippe Mathieu-Daudé) [Orabug: 34846087]
- hw/display/qxl: Have qxl_log_command Return early if no log_cmd handler (Philippe Mathieu-Daudé) [Orabug: 34846087]
- virtio-blk: On restart, process queued requests in the proper context (Sergio Lopez) [Orabug: 35060530]
- virtio-blk: Refactor the code that processes queued requests (Sergio Lopez) [Orabug: 35060530]
- hw/intc/ioapic: Update KVM routes before redelivering IRQ, on RTE update (David Woodhouse) [Orabug: 35219223]
- modules: load modules from /var/run/qemu/ directory firstly (Siddhi Katage) [Orabug: 34867783]
- qemu.spec: Add post-install script for block storage modules (Siddhi Katage) [Orabug: 34867783]
- qemu.spec: Enable '-module-upgrades' for OL7 (Siddhi Katage) [Orabug: 34867783]
- module: increase dirs array size by one (Bruce Rogers) [Orabug: 34867783]
- modules: load modules from versioned /var/run dir (Christian Ehrhardt) [Orabug: 34867783]
- blockjob: Fix crash with IOthread when block commit after snapshot (Michael Qiu) [Orabug: 35118668]
-
Fri Feb 10 2023 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-25.el8
- target/i386/kvm: get and put AMD pmu registers (Dongli Zhang) [Orabug: 34641255]
- i386/kvm: fix a use-after-free when vcpu plug/unplug (Pan Nengyuan) [Orabug: 34859902]
- memory: batch allocate ioeventfds[] in address_space_update_ioeventfds() (Stefan Hajnoczi) [Orabug: 34538900]
- virtio-blk: Fix clean up of host notifiers for single MR transaction (Mark Mielke) [Orabug: 34538900]
- virtio-scsi: Configure all host notifiers in a single MR transaction (Greg Kurz) [Orabug: 34538900]
- virtio-scsi: Set host notifiers and callbacks separately (Greg Kurz) [Orabug: 34538900]
- virtio-blk: Configure all host notifiers in a single MR transaction (Greg Kurz) [Orabug: 34538900]
- virtio-blk: Fix rollback path in virtio_blk_data_plane_start() (Greg Kurz) [Orabug: 34538900]
- event_notifier: Set ->initialized earlier in event_notifier_init() (Greg Kurz) [Orabug: 34538900]
- virtio-scsi: don't process IO on fenced dataplane (Maxim Levitsky) [Orabug: 34538900]
- virtio-scsi: don't uninitialize queues that we didn't initialize (Maxim Levitsky) [Orabug: 34538900]
- hw/arm/virt: build SMBIOS 19 table (Mihai Carabas)
-
Thu Jan 05 2023 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-24.el8
- hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (CVE-2021-3638) (Philippe Mathieu-Daudé) [Orabug: 33930374] {CVE-2021-3638}
- tests/acpi: virt: update ACPI MADT and FADT binaries (Miguel Luis)
- acpi: arm/virt: madt: bump to revision 4 accordingly to ACPI 6.0 Errata A (Miguel Luis)
- acpi: arm/virt: madt: use build_append_int_noprefix() API to compose MADT table (Igor Mammedov)
- acpi: madt: arm/x86: use acpi_table_begin()/acpi_table_end() instead of build_header() (Igor Mammedov)
- hw/arm/virt-acpi-build:Remove dead assignment in build_madt() (Chen Qun)
- acpi: build_fadt: adapt FADT table names (Miguel Luis)
- acpi: fadt: support revision 6.0 of the ACPI specification (Miguel Luis)
- tests/acpi: virt: allow acpi MADT and FADT changes (Miguel Luis)
- Document CVE-2022-3165 as not applicable (Mark Kanda) [Orabug: 34713999] {CVE-2022-3165}
- Document CVE-2022-1050 as not applicable (Mark Kanda) [Orabug: 34132133] {CVE-2022-1050}
- hw/acpi/erst.c: Fix memory handling issues (Christian A. Ehrhardt) [Orabug: 34779472] {CVE-2022-4172}
- vhost-vdpa: fix assert !virtio_net_get_subqueue(nc)->async_tx.elem in virtio_net_reset (Si-Wei Liu)
- net/vhost-vdpa.c: Fix clang compilation failure (Peter Maydell)
- vhost-vdpa: allow passing opened vhostfd to vhost-vdpa (Si-Wei Liu)
- hw/acpi/aml-build: Improve scalability of PPTT generation (Yanan Wang)
- tests/data/acpi/virt: update empty file for PPTT (Miguel Luis)
- hw/arm/virt-acpi-build: Generate PPTT table (Yanan Wang)
- tests/data/acpi/virt: Add an empty expected file for PPTT (Yanan Wang)
- hw/acpi/aml-build: Add PPTT table (Andrew Jones)
- hw/acpi/aml-build: Add Processor hierarchy node structure (Yanan Wang)
- machine: Add SMP Sockets in CpuTopology (Babu Moger)
- bios-tables-test: generate table for virt/DBG2 (Miguel Luis)
- hw/arm/virt_acpi_build: Generate DBG2 table (Eric Auger)
- tests/acpi: Add void table for virt/DBG2 bios-tables-test (Eric Auger)
- tests/acpi: virt: update ACPI GTDT binaries (Miguel Luis) [Orabug: 34711916]
- acpi: arm/virt: build_gtdt: fix invalid 64-bit physical addresses (Miguel Luis) [Orabug: 34711916]
- tests/acpi: virt: allow acpi GTDT changes (Miguel Luis) [Orabug: 34711916]
- acpi: fix OEM ID/OEM Table ID padding (Igor Mammedov) [Orabug: 34711916]
- acpi: arm/virt: build_gtdt: use acpi_table_begin()/acpi_table_end() instead of build_header() (Igor Mammedov) [Orabug: 34711916]
- acpi: add helper routines to initialize ACPI tables (Igor Mammedov) [Orabug: 34711916]
- acpi: declare the default assignable value for the ACPI table header (Miguel Luis) [Orabug: 34711916]
-
Tue Nov 29 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-22.el8
- Revert "block: Set the name of BlockBackend if possible" (Joe Jin) [Orabug: 34841102]
- Revert "iotests: Adjust 186.out to account for 'null' node-name" (Joe Jin) [Orabug: 34841102]
-
Mon Oct 10 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-21.el8
- qemu-kvm.spec: Fix the qemu-regdump sos report plugin path (Mark Kanda) [Orabug: 34680062]
- qmp-regdump: Require python3 on OL8 (Mark Kanda) [Orabug: 34672256]
- iotests: Adjust 186.out to account for 'null' node-name (Mark Kanda) [Orabug: 34447388]
- block: Set the name of BlockBackend if possible (Annie Li) [Orabug: 34447388]
- acpi: Update _DSM method in expected files (Mark Kanda) [Orabug: 34616322]
- acpi/gpex: Fix cca attribute check for pxb device (Xingang Wang) [Orabug: 34616322]
- acpi: Enable pxb unit-test for ARM virt machine (Jiahui Cen) [Orabug: 34616322]
- Kconfig: Compile PXB for ARM_VIRT (Jiahui Cen) [Orabug: 34616322]
- acpi/gpex: Exclude pxb's resources from PCI0 (Jiahui Cen) [Orabug: 34616322]
- acpi/gpex: Inform os to keep firmware resource map (Jiahui Cen) [Orabug: 34616322]
- acpi: Add addr offset in build_crs (Jiahui Cen) [Orabug: 34616322]
- unit-test: Add testcase for pxb (Yubo Miao) [Orabug: 34616322]
- acpi: Align the size to 128k (Yubo Miao) [Orabug: 34616322]
- acpi/gpex: Build tables for pxb (Yubo Miao) [Orabug: 34616322]
- acpi: Extract crs build form acpi_build.c (Yubo Miao) [Orabug: 34616322]
- hw/arm/virt: Write extra pci roots into fw_cfg (Jiahui Cen) [Orabug: 34616322]
- fw_cfg: Refactor extra pci roots addition (Jiahui Cen) [Orabug: 34616322]
- acpi/gpex: Extract two APIs from acpi_dsdt_add_pci (Yubo Miao) [Orabug: 34616322]
- arm: use acpi_dsdt_add_gpex (Gerd Hoffman) [Orabug: 34616322]
- acpi: add acpi_dsdt_add_gpex (Gerd Hoffman) [Orabug: 34616322]
- acpi: Allow DSDT acpi table changes (Jiahui Cen) [Orabug: 34616322]
- move MemMapEntry (Gerd Hoffman) [Orabug: 34616322]
- scsi/lsi53c895a: really fix use-after-free in lsi_do_msgout (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug: 34353672] {CVE-2022-0216}
- scsi/lsi53c895a: fix use-after-free in lsi_do_msgout (CVE-2022-0216) (Mauro Matteo Cascella) [Orabug: 34353672] {CVE-2022-0216}
- tests/qtest: Add fuzz-lsi53c895a-test (Philippe Mathieu-Daudé) [Orabug: 34353672] {CVE-2022-0216}
- hw/scsi/lsi53c895a: Do not abort when DMA requested and no data queued (Philippe Mathieu-Daudé) [Orabug: 34353672] {CVE-2022-0216}
- vfio: defer to commit kvm irq routing when enable msi/msix (Mike Longpeng) [Orabug: 34419422]
- vfio: simplify the failure path in vfio_msi_enable (Mike Longpeng) [Orabug: 34419422]
- vfio: move re-enabling INTX out of the common helper (Mike Longpeng) [Orabug: 34419422]
- vfio: simplify the conditional statements in vfio_msi_enable (Mike Longpeng) [Orabug: 34419422]
- kvm/msi: do explicit commit when adding msi routes (Mike Longpeng) [Orabug: 34419422]
- kvm-irqchip: introduce new API to support route change (Mike Longpeng) [Orabug: 34419422]
- event_notifier: handle initialization failure better (Maxim Levitsky) [Orabug: 34419422]
- qmp-regdump: use QMP command 'query-cpus-fast' (Mark Kanda) [Orabug: 34510460]
-
Wed Aug 31 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-20.el8
- vl: Add an -action option to override MCE handling (Mark Kanda) [Orabug: 34538907]
- vl: Add an -action option specifying response to guest events (Alejandro Jimenez) [Orabug: 34538907]
- qmp: generalize watchdog-set-action to -no-reboot/-no-shutdown (Alejandro Jimenez) [Orabug: 34538907]
-
Thu Aug 18 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-19.el8
- virtio-net: handle zero mac for a vdpa peer (Cindy Lu) [Orabug: 34137522]
- virtio-net: don't handle mq request in userspace handler for vhost-vdpa (Si-Wei Liu) [Orabug: 34137522]
- vhost-vdpa: change name and polarity for vhost_vdpa_one_time_request() (Si-Wei Liu) [Orabug: 34137522]
- vhost-vdpa: backend feature should set only once (Si-Wei Liu) [Orabug: 34137522]
- vhost-net: fix improper cleanup in vhost_net_start (Si-Wei Liu) [Orabug: 34137522]
- vhost-vdpa: fix improper cleanup in net_init_vhost_vdpa (Si-Wei Liu) [Orabug: 34137522]
- virtio-net: align ctrl_vq index for non-mq guest for vhost_vdpa (Si-Wei Liu) [Orabug: 34137522]
- virtio-net: setup vhost_dev and notifiers for cvq only when feature is negotiated (Si-Wei Liu) [Orabug: 34137522]
- virtio: fix the condition for iommu_platform not supported (Halil Pasic) [Orabug: 34137522]
- vdpa: Make ncs autofree (Eugenio Pérez) [Orabug: 34137522]
- vhost-vdpa: make notifiers _init()/_uninit() symmetric (Laurent Vivier) [Orabug: 34137522]
- hw/virtio: vdpa: Fix leak of host-notifier memory-region (Laurent Vivier) [Orabug: 34137522]
- vhost-vdpa: stick to -errno error return convention (Roman Kagan) [Orabug: 34137522]
- vdpa: Add dummy receive callback (Eugenio Pérez) [Orabug: 34137522]
- vdpa: Check for existence of opts.vhostdev (Eugenio Pérez) [Orabug: 34137522]
- vhost: Fix last vq queue index of devices with no cvq (Eugenio Pérez) [Orabug: 34137522]
- vhost: Rename last_index to vq_index_end (Eugenio Pérez) [Orabug: 34137522]
- net/vhost-vdpa: fix memory leak in vhost_vdpa_get_max_queue_pairs() (Stefano Garzarella) [Orabug: 34137522]
- vhost-vdpa: multiqueue support (Jason Wang) [Orabug: 34137522]
- virtio-net: vhost control virtqueue support (Jason Wang) [Orabug: 34137522]
- vhost: record the last virtqueue index for the virtio device (Jason Wang) [Orabug: 34137522]
- virtio-net: use "queue_pairs" instead of "queues" when possible (Jason Wang) [Orabug: 34137522]
- vhost-net: control virtqueue support (Jason Wang) [Orabug: 34137522]
- net: introduce control client (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: let net_vhost_vdpa_init() returns NetClientState * (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: prepare for the multiqueue support (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: classify one time request (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: open device fd in net_init_vhost_vdpa() (Jason Wang) [Orabug: 34137522]
- vdpa: Check for iova range at mappings changes (Eugenio Pérez) [Orabug: 34137522]
- vdpa: Add vhost_vdpa_section_end (Eugenio Pérez) [Orabug: 34137522]
- net/vhost-vdpa: Fix device compatibility check (Kevin Wolf) [Orabug: 34137522]
- net/vhost-user: Fix device compatibility check (Kevin Wolf) [Orabug: 34137522]
- net: Introduce NetClientInfo.check_peer_type() (Kevin Wolf) [Orabug: 34137522]
- vhost-vdpa: remove the unncessary queue_index assignment (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: fix the wrong assertion in vhost_vdpa_init() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: tweak the error label in vhost_vdpa_add() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: fix leaking of vhost_net in vhost_vdpa_add() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: don't cleanup twice in vhost_vdpa_add() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: remove the unnecessary check in vhost_vdpa_add() (Jason Wang) [Orabug: 34137522]
- vhost_net: do not assume nvqs is always 2 (Jason Wang) [Orabug: 34137522]
- vhost: use unsigned int for nvqs (Jason Wang) [Orabug: 34137522]
- vhost_net: remove the meaningless assignment in vhost_net_start_one() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: correctly return err in vhost_vdpa_set_backend_cap() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: remove unused variable "acked_features" (Jason Wang) [Orabug: 34137522]
- vhost: correctly detect the enabling IOMMU (Jason Wang) [Orabug: 34137522]
- virtio-pci: implement iommu_enabled() (Jason Wang) [Orabug: 34137522]
- virtio-bus: introduce iommu_enabled() (Jason Wang) [Orabug: 34137522]
- hw/virtio: Fix leak of host-notifier memory-region (Yajun Wu) [Orabug: 34137522]
- vhost-vdpa: Do not send empty IOTLB update batches (Eugenio Pérez) [Orabug: 34137522]
- vhost-vdpa: remove the unused vhost_vdpa_get_acked_features() (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: don't initialize backend_features (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: map virtqueue notification area if possible (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: skip ram device from the IOTLB mapping (Jason Wang) [Orabug: 34137522]
- vhost-vdpa: Remove redundant declaration of address_space_memory (Xie Yongji) [Orabug: 34137522]
- virtio: Fail if iommu_platform is requested, but unsupported (Kevin Wolf) [Orabug: 34137522]
- vhost-vdpa: Make vhost_vdpa_get_device_id() static (Zenghui Yu) [Orabug: 34137522]
- Update linux headers to 5.11-rc2 (Eric Farman) [Orabug: 34137522]
- linux-headers: update against 5.10-rc1 (Matthew Rosato) [Orabug: 34137522]
- linux headers: sync to 5.9-rc7 (Andrew Jones) [Orabug: 34137522]
-
Thu Jun 30 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-18.el8
- block: introduce max_hw_iov for use in scsi-generic (Paolo Bonzini) [Orabug: 33785156]
- file-posix: try BLKSECTGET on block devices too, do not round to power of 2 (Paolo Bonzini) [Orabug: 33785156]
- block: add max_hw_transfer to BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- block-backend: align max_transfer to request alignment (Paolo Bonzini) [Orabug: 33785156]
- osdep: provide ROUND_DOWN macro (Paolo Bonzini) [Orabug: 33785156]
- scsi-generic: pass max_segments via max_iov field in BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- file-posix: fix max_iov for /dev/sg devices (Paolo Bonzini) [Orabug: 33785156]
- display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug: 34049511] {CVE-2021-4207}
- ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug: 34049509] {CVE-2021-4206}
- hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) (Philippe Mathieu-Daudé) [Orabug: 32860387] {CVE-2021-3507}
- pc: q35: Bump max_cpus to 512 (Suravee Suthikulpanit) [Orabug: 34314249]
- tests/qtest: fix pvpanic-pci-test (Mark Kanda) [Orabug: 34284763]
- libqos: pci-pc: use 32-bit write for EJ register (Paolo Bonzini) [Orabug: 34284758]
- libqos: usb-hcd-ehci: use 32-bit write for config register (Paolo Bonzini) [Orabug: 34284768]
- target/i386/kvm: Fix disabling MPX on "-cpu host" with MPX-capable host (Maciej S. Szmigiero) [Orabug: 33528615]
- i386: Mask SVM features if nested SVM is disabled (Eduardo Habkost) [Orabug: 33860224]
- ide: Cap LBA28 capacity announcement to 2^28-1 (Samuel Thibault) [Orabug: 25327652]
- tests/acpi: update expected arm/virt tables (Mark Kanda) [Orabug: 34132842]