[ol8_kvm_appstream] qemu-kvm-common-15:4.2.1-18.module+el8.6.0+20690+93de6acb.x86_64

Name:	qemu-kvm-common
Epoch:	15
Version:	4.2.1
Release:	18.module+el8.6.0+20690+93de6acb
Architecture:	x86_64
Module:	virt:kvm_utils:8060020220630123500:d63f516d
Group:	Development/Tools
Size:	1461581
License:	GPLv2+ and LGPLv2+ and BSD
RPM:	qemu-kvm-common-4.2.1-18.module+el8.6.0+20690+93de6acb.x86_64.rpm
Source RPM:	qemu-kvm-4.2.1-18.module+el8.6.0+20690+93de6acb.src.rpm
Build Date:	Thu Jun 30 2022
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.qemu.org/
Summary:	QEMU common files needed by all QEMU targets
Description:	qemu-kvm is an open source virtualizer that provides hardware emulation for the KVM hypervisor. This package provides documentation and auxiliary programs used with qemu-kvm.

Changelog (Show File list) (Show related packages)

Thu Jun 30 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-18.el8

- block: introduce max_hw_iov for use in scsi-generic (Paolo Bonzini) [Orabug: 33785156]
- file-posix: try BLKSECTGET on block devices too, do not round to power of 2 (Paolo Bonzini) [Orabug: 33785156]
- block: add max_hw_transfer to BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- block-backend: align max_transfer to request alignment (Paolo Bonzini) [Orabug: 33785156]
- osdep: provide ROUND_DOWN macro (Paolo Bonzini) [Orabug: 33785156]
- scsi-generic: pass max_segments via max_iov field in BlockLimits (Paolo Bonzini) [Orabug: 33785156]
- file-posix: fix max_iov for /dev/sg devices (Paolo Bonzini) [Orabug: 33785156]
- display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug: 34049511] {CVE-2021-4207}
- ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug: 34049509] {CVE-2021-4206}
- hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) (Philippe Mathieu-Daudé) [Orabug: 32860387] {CVE-2021-3507}
- pc: q35: Bump max_cpus to 512 (Suravee Suthikulpanit) [Orabug: 34314249]
- tests/qtest: fix pvpanic-pci-test (Mark Kanda) [Orabug: 34284763]
- libqos: pci-pc: use 32-bit write for EJ register (Paolo Bonzini) [Orabug: 34284758]
- libqos: usb-hcd-ehci: use 32-bit write for config register (Paolo Bonzini) [Orabug: 34284768]
- target/i386/kvm: Fix disabling MPX on "-cpu host" with MPX-capable host (Maciej S. Szmigiero) [Orabug: 33528615]
- i386: Mask SVM features if nested SVM is disabled (Eduardo Habkost) [Orabug: 33860224]
- ide: Cap LBA28 capacity announcement to 2^28-1 (Samuel Thibault) [Orabug: 25327652]
- tests/acpi: update expected arm/virt tables (Mark Kanda) [Orabug: 34132842]

Tue May 03 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-17.el8

- arm/acpi: fix an out of spec _UID for PCI root (Michael S. Tsirkin)
- arm/acpi: fix duplicated _UID of PCI interrupt link devices (Heyi Guo)
- arm/acpi: fix PCI _PRT definition (Heyi Guo)
- docs: fix references to docs/devel/atomics.rst (Stefano Garzarella) [Orabug: 33659123]
- rcu: do not mention atomic_mb_read/set in documentation (Paolo Bonzini) [Orabug: 33659123]
- atomics: update documentation (Paolo Bonzini) [Orabug: 33659123]
- atomics: convert to reStructuredText (Paolo Bonzini) [Orabug: 33659123]
- async: use explicit memory barriers (Paolo Bonzini) [Orabug: 33659123]
- aio-wait: delegate polling of main AioContext if BQL not held (Paolo Bonzini) [Orabug: 33659123]
- qapi: Add '@allow-write-only-overlay' feature for 'blockdev-snapshot' (Peter Krempa) [Orabug: 33888021]
- iotests: Add iothread cases to 155 (Kevin Wolf) [Orabug: 33888021]
- block: Fix cross-AioContext blockdev-snapshot (Kevin Wolf) [Orabug: 33888021]
- iotests: Test mirror with temporarily disabled target backing file (Kevin Wolf) [Orabug: 33888021]
- iotests: Fix run_job() with use_log=False (Kevin Wolf) [Orabug: 33888021]
- block: Relax restrictions for blockdev-snapshot (Kevin Wolf) [Orabug: 33888021]
- block: Make bdrv_get_cumulative_perm() public (Kevin Wolf) [Orabug: 33888021]
- iotests: Use complete_and_wait() in 155 (Max Reitz) [Orabug: 33888021]
- iotests: Support job-complete in run_job() (Kevin Wolf) [Orabug: 33888021]
- linux-headers: update again to 5.8 (Paolo Bonzini) [Orabug: 34022218]
- virtio-net: fix map leaking on error during receive (Jason Wang) [Orabug: 33941879] {CVE-2022-26353}
- vhost-vsock: detach the virqueue element in case of error (Stefano Garzarella) [Orabug: 33941844] {CVE-2022-26354}
- virtio-net: fix use after unmap/free for sg (Jason Wang) [Orabug: 33972912] {CVE-2021-3748}
- migration: Report the error returned when save_live_iterate fails (David Edmondson)

Tue Mar 08 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-16.el8

- Document CVE-2021-4145 as fixed (Mark Kanda) [Orabug: 33791496] {CVE-2021-4145}
- migration: Tally pre-copy, downtime and post-copy bytes independently (David Edmondson)
- migration: Introduce ram_transferred_add() (David Edmondson)
- ACPI ERST: specification for ERST support (Eric DeVolder)
- ACPI ERST: step 6 of bios-tables-test.c (Eric DeVolder)
- ACPI ERST: bios-tables-test testcase (Eric DeVolder)
- ACPI ERST: qtest for ERST (Eric DeVolder)
- ACPI ERST: create ACPI ERST table for pc/x86 machines (Eric DeVolder)
- ACPI ERST: build the ACPI ERST table (Eric DeVolder)
- ACPI ERST: support for ACPI ERST feature (Eric DeVolder)
- ACPI ERST: header file for ERST (Eric DeVolder)
- ACPI ERST: PCI device_id for ERST (Eric DeVolder)
- ACPI ERST: bios-tables-test.c steps 1 and 2 (Eric DeVolder)
- ACPI: cleanup bios-tables-test state (Eric DeVolder)
- KVM: x86: believe what KVM says about WAITPKG (Paolo Bonzini) [Orabug: 33832295]
- cputlb: destroy CPUTLB with tlb_destroy (Emilio G. Cota) [Orabug: 33428107]

Wed Jan 19 2022 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-15.el8

- qemu-kvm.spec: Add support for reading vmdk, vhdx, vpc, https, and ssh disk image formats from qemu-kvm (Karl Heubaum) [Orabug: 33741340]
- Document CVE-2021-4158 and CVE-2021-3947 as fixed (Mark Kanda) [Orabug: 33719302] [Orabug: 33754145] {CVE-2021-4158} {CVE-2021-3947}
- hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 (Philippe Mathieu-Daudé) [Orabug: 32439466] {CVE-2021-20196}
- hw/block/fdc: Extract blk_create_empty_drive() (Philippe Mathieu-Daudé) [Orabug: 32439466] {CVE-2021-20196}
- net: vmxnet3: validate configuration values during activate (CVE-2021-20203) (Prasad J Pandit) [Orabug: 32559476] {CVE-2021-20203}
- lan9118: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- pcnet: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- rtl8139: switch to use qemu_receive_packet() for loopback (Alexander Bulekov) [Orabug: 32560540] {CVE-2021-3416}
- tx_pkt: switch to use qemu_receive_packet_iov() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- sungem: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- dp8393x: switch to use qemu_receive_packet() for loopback packet (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- e1000: switch to use qemu_receive_packet() for loopback (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- net: introduce qemu_receive_packet() (Jason Wang) [Orabug: 32560540] {CVE-2021-3416}
- target/i386: Populate x86_ext_save_areas offsets using cpuid where possible (Paolo Bonzini)
- target/i386: Observe XSAVE state area offsets (Paolo Bonzini)
- target/i386: Make x86_ext_save_areas visible outside cpu.c (Paolo Bonzini)
- target/i386: Pass buffer and length to XSAVE helper (Paolo Bonzini)
- target/i386: Clarify the padding requirements of X86XSaveArea (Paolo Bonzini)
- target/i386: Consolidate the X86XSaveArea offset checks (Paolo Bonzini)
- target/i386: Declare constants for XSAVE offsets (Paolo Bonzini)

Wed Dec 22 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-14.el8

- scsi: fix sense code for EREMOTEIO (Paolo Bonzini) [Orabug: 33537443]
- scsi: move host_status handling into SCSI drivers (Hannes Reinecke) [Orabug: 33537443]
- scsi: inline sg_io_sense_from_errno() into the callers (Hannes Reinecke) [Orabug: 33537443]
- scsi-generic: do not snoop the output of failed commands (Paolo Bonzini) [Orabug: 33537443]
- scsi: Add mapping for generic SCSI_HOST status to sense codes (Hannes Reinecke) [Orabug: 33537443]
- scsi: Rename linux-specific SG_ERR codes to generic SCSI_HOST error codes (Hannes Reinecke) [Orabug: 33537443]
- scsi: drop 'result' argument from command_complete callback (Hannes Reinecke) [Orabug: 33537443]
- scsi-disk: pass guest recoverable errors through even for rerror=stop (Paolo Bonzini) [Orabug: 33537443]
- scsi-disk: pass SCSI status to scsi_handle_rw_error (Paolo Bonzini) [Orabug: 33537443]
- scsi: introduce scsi_sense_from_errno() (Paolo Bonzini) [Orabug: 33537443]
- scsi-disk: do not complete requests early for rerror/werror=ignore (Paolo Bonzini) [Orabug: 33537443]
- scsi-disk: move scsi_handle_rw_error earlier (Paolo Bonzini) [Orabug: 33537443]
- scsi-disk: convert more errno values back to SCSI statuses (Paolo Bonzini) [Orabug: 33537443]

Wed Dec 15 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-13.el8

- pcie: Do not set power state for some hot-plugged devices (Annie Li) [Orabug: 33642532]

Thu Dec 02 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-12.1.el8

- Update slirp to address various CVEs (Mark Kanda) [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595}
- hw/pflash_cfi01: Allow backing devices to be smaller than memory region (David Edmondson)
- pcie: expire pending delete (Gerd Hoffmann) [Orabug: 33450706]
- pcie: fast unplug when slot power is off (Gerd Hoffmann) [Orabug: 33450706]
- pcie: factor out pcie_cap_slot_unplug() (Gerd Hoffmann) [Orabug: 33450706]
- pcie: add power indicator blink check (Gerd Hoffmann) [Orabug: 33450706]
- pcie: implement slot power control for pcie root ports (Gerd Hoffmann) [Orabug: 33450706]
- pci: implement power state (Gerd Hoffmann) [Orabug: 33450706]
- hw/pci/pcie: Move hot plug capability check to pre_plug callback (Julia Suvorova) [Orabug: 33450706]
- hw/pci/pcie: Replace PCI_DEVICE() casts with existing variable (Julia Suvorova) [Orabug: 33450706]
- hw/pci/pcie: Forbid hot-plug if it's disabled on the slot (Julia Suvorova) [Orabug: 33450706]
- pcie_root_port: Add hotplug disabling option (Julia Suvorova) [Orabug: 33450706]
- qdev-monitor: Forbid repeated device_del (Julia Suvorova) [Orabug: 33450706]
- i386:acpi: Remove _HID from the SMBus ACPI entry (Corey Minyard)
- uas: add stream number sanity checks (Gerd Hoffmann) [Orabug: 33280793] {CVE-2021-3713}
- usbredir: fix free call (Gerd Hoffmann) [Orabug: 33198441] {CVE-2021-3682}
- hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands (Mauro Matteo Cascella) [Orabug: 33548490] {CVE-2021-3930}
- e1000: fix tx re-entrancy problem (Jon Maloy) [Orabug: 32560552] {CVE-2021-20257}
- virtio-net-pci: Don't use "efi-virtio.rom" on AArch64 (Mark Kanda) [Orabug: 33537594]
- MAINTAINERS: Add ACPI/HEST/GHES entries (Dongjiu Geng)
- target-arm: kvm64: handle SIGBUS signal from kernel or KVM (Dongjiu Geng)
- ACPI: Record Generic Error Status Block(GESB) table (Dongjiu Geng)
- KVM: Move hwpoison page related functions into kvm-all.c (Dongjiu Geng)
- ACPI: Record the Generic Error Status Block address (Dongjiu Geng)
- ACPI: Build Hardware Error Source Table (Dongjiu Geng)
- ACPI: Build related register address fields via hardware error fw_cfg blob (Dongjiu Geng)
- docs: APEI GHES generation and CPER record description (Dongjiu Geng)
- hw/arm/virt: Introduce a RAS machine option (Dongjiu Geng)
- acpi: nvdimm: change NVDIMM_UUID_LE to a common macro (Dongjiu Geng)
- block/curl: HTTP header field names are case insensitive (David Edmondson) [Orabug: 33287589]
- block/curl: HTTP header fields allow whitespace around values (David Edmondson) [Orabug: 33287589]

Sun Sep 12 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-11.el8

- trace: use STAP_SDT_V2 to work around symbol visibility (Stefan Hajnoczi) [Orabug: 33272428]

Tue Jul 27 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-11.el8

- pvrdma: Fix the ring init error flow (Marcel Apfelbaum) [Orabug: 33120142] {CVE-2021-3608}
- pvrdma: Ensure correct input on ring init (Marcel Apfelbaum) [Orabug: 33120146] {CVE-2021-3607}
- hw/rdma: Fix possible mremap overflow in the pvrdma device (Marcel Apfelbaum) [Orabug: 33120084] {CVE-2021-3582}
- vhost-user-gpu: reorder free calls (Gerd Hoffmann) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: abstract vg_cleanup_mapping_iov (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (Li Qiang) [Orabug: 32950716] {CVE-2021-3546}
- vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory leak in vg_resource_attach_backing (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (Li Qiang) [Orabug: 32950701] {CVE-2021-3544}
- vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (Li Qiang) [Orabug: 32950708] {CVE-2021-3545}
- usb: limit combined packets to 1 MiB (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- usb/redir: avoid dynamic stack allocation (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527}
- mptsas: Remove unused MPTSASState 'pending' field (Michael Tokarev) [Orabug: 32470463] {CVE-2021-3392}
- oslib-posix: initialize backend memory objects in parallel (Mark Kanda) [Orabug: 32555402]
- oslib-posix: refactor memory prealloc threads (Mark Kanda) [Orabug: 32555402]

Tue Jun 29 2021 Karl Heubaum <karl.heubaum@oracle.com> - 4.2.1-10.el8

- e1000: fail early for evil descriptor (Jason Wang) [Orabug: 32560552] {CVE-2021-20257}
- Document CVE-2020-27661 as fixed (Mark Kanda) [Orabug: 32960200] {CVE-2020-27661}
- block: Avoid stale pointer dereference in blk_get_aio_context() (Greg Kurz)
- block: Fix blk->in_flight during blk_wait_while_drained() (Kevin Wolf)
- block: Increase BB.in_flight for coroutine and sync interfaces (Kevin Wolf)
- block-backend: Reorder flush/pdiscard function definitions (Kevin Wolf)
- i386/pc: let iterator handle regions below 4G (Joao Martins)
- arm/virt: Add memory hot remove support (Shameer Kolothum) [Orabug: 32643506]
- i386/pc: consolidate usable iova iteration (Joao Martins)
- i386/acpi: fix SRAT ranges in accordance to usable IOVA (Joao Martins)
- migration: increase listening socket backlog (Elena Ufimtseva)
- multifd: Make multifd_save_setup() get an Error parameter (Juan Quintela)
- multifd: Make multifd_load_setup() get an Error parameter (Juan Quintela)
- migration: fix maybe-uninitialized warning (Marc-André Lureau)
- migration: Fix the re-run check of the migrate-incoming command (Yury Kotov)
- multifd: Initialize local variable (Juan Quintela)
- multifd: Be consistent about using uint64_t (Juan Quintela)
- Bug #1829242 correction. (Alexey Romko)
- migration/multifd: fix destroyed mutex access in terminating multifd threads (Jiahui Cen)
- migration/multifd: fix nullptr access in terminating multifd threads (Jiahui Cen)
- migration/multifd: not use multifd during postcopy (Wei Yang)
- migration/multifd: clean pages after filling packet (Wei Yang)
- migration: Make sure that we don't call write() in case of error (Juan Quintela)
- migration: fix multifd_send_pages() next channel (Laurent Vivier)
- migration/multifd: bypass uuid check for initial packet (Elena Ufimtseva) [Orabug: 32610480]
- migration/tls: add error handling in multifd_tls_handshake_thread (Hao Wang)
- migration/tls: fix inverted semantics in multifd_channel_connect (Hao Wang)
- migration/multifd: do not access uninitialized multifd_recv_state (Elena Ufimtseva) [Orabug: 32795384]
- io/channel-tls.c: make qio_channel_tls_shutdown thread-safe (Lukas Straub)
- qemu.spec: Enable qemu-guest-agent RPM for OL7 (Karl Heubaum) [Orabug: 32415543]
- virtio-net: Set mac address to hardware if the peer is vdpa (Cindy Lu)
- net: Add vhost-vdpa in show_netdevs() (Cindy Lu)
- vhost-vdpa: Add qemu_close in vhost_vdpa_cleanup (Cindy Lu)
- hw/virtio/vhost-vdpa: Fix Coverity CID 1432864 (Philippe Mathieu-Daudé)
- vhost-vdpa: negotiate VIRTIO_NET_F_STATUS with driver (Si-Wei Liu)
- configure: Fix build dependencies with vhost-vdpa. (Laurent Vivier)
- configure: simplify vhost condition with Kconfig (Marc-André Lureau)
- vhost-vdpa: add trace-events (Laurent Vivier)
- dma/pl330: Fix qemu_hexdump() usage in pl330.c (Mark Kanda)
- util/hexdump: introduce qemu_hexdump_line() (Laurent Vivier)
- util/hexdump: Reorder qemu_hexdump() arguments (Philippe Mathieu-Daudé)
- util/hexdump: Convert to take a void pointer argument (Philippe Mathieu-Daudé)
- net/colo-compare.c: Only hexdump packets if tracing is enabled (Lukas Straub)
- vhost-vdpa: batch updating IOTLB mappings (Jason Wang)
- vhost: switch to use IOTLB v2 format (Jason Wang)
- vhost-vdpa: remove useless variable (Laurent Vivier)
- virtio: vdpa: omit check return of g_malloc (Li Qiang)
- vhost-vdpa: fix indentation in vdpa_ops (Stefano Garzarella)
- virtio-net: check the existence of peer before accessing vDPA config (Jason Wang)
- virtio-pci: fix wrong index in virtio_pci_queue_enabled (Yuri Benditovich)
- virtio-pci: fix virtio_pci_queue_enabled() (Laurent Vivier)
- vhost-vdpa :Fix Coverity CID 1430270 / CID 1420267 (Cindy Lu)
- vhost-vdpa: fix the compile issue without kvm (Cindy Lu)
- vhost-vdpa: introduce vhost-vdpa net client (Cindy Lu)
- vhost-vdpa: introduce vhost-vdpa backend (Cindy Lu)
- linux headers: sync to 5.9-rc4 (Jason Wang)
- Linux headers: update (Cornelia Huck)
- virtio-net: fix rsc_ext compat handling (Cornelia Huck)
- linux-headers: update against Linux 5.7-rc3 (Cornelia Huck)
- linux-headers: update (Cornelia Huck)
- virtiofsd: Pull in kernel's fuse.h (Dr. David Alan Gilbert)
- linux-headers: Update (Bharata B Rao)
- linux-headers: Update (Greg Kurz)
- vhost_net: introduce set_config & get_config (Cindy Lu)
- vhost: implement vhost_force_iommu method (Cindy Lu)
- vhost: introduce new VhostOps vhost_force_iommu (Cindy Lu)
- vhost: implement vhost_vq_get_addr method (Cindy Lu)
- vhost: introduce new VhostOps vhost_vq_get_addr (Cindy Lu)
- vhost: implement vhost_dev_start method (Cindy Lu)
- vhost: introduce new VhostOps vhost_dev_start (Cindy Lu)
- vhost: check the existence of vhost_set_iotlb_callback (Jason Wang)
- virtio-pci: implement queue_enabled method (Jason Wang)
- virtio-bus: introduce queue_enabled method (Jason Wang)
- vhost_net: use the function qemu_get_peer (Cindy Lu)
- net: introduce qemu_get_peer (Cindy Lu)
- vhost: correctly turn on VIRTIO_F_IOMMU_PLATFORM (Jason Wang)
- imx7-ccm: add digprog mmio write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- tz-ppc: add dummy read/write methods (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- spapr_pci: add spapr msi read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- nvram: add nrf51_soc flash read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- prep: add ppc-parity write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- vfio: add quirk device write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- pci-host: designware: add pcie-msi read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- hw/pci-host: add pci-intack write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469}
- oslib-posix: take lock before qemu_cond_broadcast (Bauerchen) [Orabug: 32555402]
- oslib-posix: initialize mutex and condition variable (Paolo Bonzini) [Orabug: 32555402]
- mem-prealloc: optimize large guest startup (Bauerchen) [Orabug: 32555402]
- i386: Add the support for AMD EPYC 3rd generation processors (Babu Moger)
- acpi: cpuhp: document CPHP_GET_CPU_ID_CMD command (Igor Mammedov)
- acpi: cpuhp: add CPHP_GET_CPU_ID_CMD command (Igor Mammedov)
- acpi: cpuhp: spec: add typical usecases (Igor Mammedov)
- acpi: cpuhp: spec: clarify store into 'Command data' when 'Command field' == 0 (Igor Mammedov)
- acpi: cpuhp: spec: fix 'Command data' description (Igor Mammedov)
- acpi: cpuhp: spec: clarify 'CPU selector' register usage and endianness (Igor Mammedov)
- acpi: cpuhp: introduce 'Command data 2' field (Igor Mammedov)
- x86: ich9: let firmware negotiate 'CPU hot-unplug with SMI' feature (Igor Mammedov)
- x86: ich9: factor out "guest_cpu_hotplug_features" (Igor Mammedov)
- x86: acpi: let the firmware handle pending "CPU remove" events in SMM (Igor Mammedov)
- x86: acpi: introduce AcpiPmInfo::smi_on_cpu_unplug (Igor Mammedov)
- acpi: cpuhp: introduce 'firmware performs eject' status/control bits (Igor Mammedov)
- x68: acpi: trigger SMI before sending hotplug Notify event to OSPM (Igor Mammedov)
- x86: acpi: introduce the PCI0.SMI0 ACPI device (Igor Mammedov)
- x86: acpi: introduce AcpiPmInfo::smi_on_cpuhp (Igor Mammedov)
- x86: ich9: expose "smi_negotiated_features" as a QOM property (Igor Mammedov)
- tests: acpi: mark to be changed tables in bios-tables-test-allowed-diff (Igor Mammedov)
- acpi: add aml_land() and aml_break() primitives (Igor Mammedov)
- x86: cpuhp: refuse cpu hot-unplug request earlier if not supported (Igor Mammedov)
- x86: cpuhp: prevent guest crash on CPU hotplug when broadcast SMI is in use (Igor Mammedov)
- x86: lpc9: let firmware negotiate 'CPU hotplug with SMI' features (Igor Mammedov)
- q35: implement 128K SMRAM at default SMBASE address (Igor Mammedov)
- hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register (Philippe Mathieu-Daudé) [Orabug: 32470471] {CVE-2021-20221}
- memory: clamp cached translation in case it points to an MMIO region (Paolo Bonzini) [Orabug: 32252673] {CVE-2020-27821}
- hw/sd/sdhci: Fix DMA Transfer Block Size field (Philippe Mathieu-Daudé) [Orabug: 32613470] {CVE-2021-3409}