Hello!

This is my first attempt to perform a stable qemu release.
Doing it in a way similar to how Michael Roth did it before :)
But since this is my first attempt, this is an RFC for now.

The following new patches are queued for QEMU stable v7.2.1:

  https://gitlab.com/mjt0k/qemu/-/commits/stable-7.2-staging/

Please respond here or CC qemu-stable@nongnu.org on any additional patches
you think should (or shouldn't) be included in the release.

About some of the patches.

I picked up a few more than minimally necessary so that some of the CI
tests are fixed. These are the curl forward compat change, two changes
for tests/, and also "build-sys: fix crlf-ending C code" (fixes build
failure on msys-win32). The same failures exists on 7.2.0 now, while
the proposed 7.2.1 passes all tests I've tried so far (will try avocado
tests too once additional hdd will arrive).

Two patches ("vdpa: stop all svq on device deletion" and "Revert "hw/i386:
pass RNG seed via setup_data entry"") required conflict resolution when
cherry-picking.

2 virtio-rng-pci migration fixes makes certain v7.2.0 VMs non-migratable
to v7.2.1.

-----------------------------------------------------------------------

Akihiko Odaki (4):
  vhost-user-gpio: Configure vhost_dev when connecting
  vhost-user-i2c: Back up vqs before cleaning up vhost_dev
  vhost-user-rng: Back up vqs before cleaning up vhost_dev
  hw/timer/hpet: Fix expiration time overflow

Alex Bennée (2):
  target/arm: fix handling of HLT semihosting in system mode
  tests/tcg: fix unused variable in linux-test

Anton Johansson (1):
  block: Handle curl 7.55.0, 7.85.0 version changes

Carlos López (2):
  vhost: avoid a potential use of an uninitialized variable in
    vhost_svq_poll()
  libvhost-user: check for NULL when allocating a virtqueue element

Chenyi Qiang (2):
  virtio-mem: Fix the bitmap index of the section offset
  virtio-mem: Fix the iterator variable in a vmem->rdl_list loop

David Hildenbrand (2):
  migration/ram: Fix error handling in ram_write_tracking_start()
  migration/ram: Fix populate_read_range()

Dr. David Alan Gilbert (2):
  virtio-rng-pci: fix migration compat for vectors
  virtio-rng-pci: fix transitional migration compat for vectors

Eugenio Pérez (1):
  vdpa: stop all svq on device deletion

Evgeny Iakovlev (1):
  target/arm: allow writes to SCR_EL3.HXEn bit when FEAT_HCX is enabled

Guenter Roeck (1):
  target/sh4: Mask restore of env->flags from tb->flags

Jason Wang (3):
  vhost: fix vq dirty bitmap syncing when vIOMMU is enabled
  intel-iommu: fail MAP notifier without caching mode
  intel-iommu: fail DEVIOTLB_UNMAP without dt mode

Julia Suvorova (1):
  hw/smbios: fix field corruption in type 4 table

Kevin Wolf (1):
  qcow2: Fix theoretical corruption in store_bitmap() error path

Klaus Jensen (2):
  hw/nvme: fix missing endian conversions for doorbell buffers
  hw/nvme: fix missing cq eventidx update

Laszlo Ersek (1):
  acpi: cpuhp: fix guest-visible maximum access size to the legacy reg
    block

Marc-André Lureau (1):
  build-sys: fix crlf-ending C code

Michael S. Tsirkin (6):
  Revert "x86: do not re-randomize RNG seed on snapshot load"
  Revert "x86: re-initialize RNG seed when selecting kernel"
  Revert "x86: reinitialize RNG seed on system reboot"
  Revert "x86: use typedef for SetupData struct"
  Revert "x86: return modified setup_data only if read as memory, not as
    file"
  Revert "hw/i386: pass RNG seed via setup_data entry"

Paolo Bonzini (4):
  meson: accept relative symlinks in "meson introspect --installed" data
  configure: fix GLIB_VERSION for cross-compilation
  target/i386: fix ADOX followed by ADCX
  block/iscsi: fix double-free on BUSY or similar statuses

Richard Henderson (8):
  target/riscv: Set pc_succ_insn for !rvc illegal insn
  target/arm: Fix sve_probe_page
  target/arm: Fix in_debug path in S1_ptw_translate
  target/arm: Fix physical address resolution for Stage2
  tests/tcg/i386: Introduce and use reg_t consistently
  target/i386: Fix BEXTR instruction
  target/i386: Fix C flag for BLSI, BLSMSK, BLSR
  target/i386: Fix BZHI instruction

Stefan Hajnoczi (1):
  block: fix detect-zeroes= with BDRV_REQ_REGISTERED_BUF

Yajun Wu (1):
  chardev/char-socket: set s->listener = NULL in char_socket_finalize

 block/curl.c                              |  44 ++++-
 block/io.c                                |   3 +
 block/iscsi.c                             |   1 +
 block/qcow2-bitmap.c                      |   5 +-
 chardev/char-socket.c                     |   1 +
 configure                                 |   2 +-
 hw/acpi/cpu_hotplug.c                     |   3 +
 hw/core/machine.c                         |   3 +
 hw/i386/intel_iommu.c                     |  15 ++
 hw/i386/microvm.c                         |   2 +-
 hw/i386/pc.c                              |   4 +-
 hw/i386/pc_piix.c                         |   2 -
 hw/i386/pc_q35.c                          |   2 -
 hw/i386/x86.c                             |  88 ++--------
 hw/nvme/ctrl.c                            |  32 +++-
 hw/nvram/fw_cfg.c                         |  12 +-
 hw/smbios/smbios.c                        |   8 +-
 hw/timer/hpet.c                           |  19 ++-
 hw/virtio/vhost-shadow-virtqueue.c        |   2 +-
 hw/virtio/vhost-user-gpio.c               |  10 +-
 hw/virtio/vhost-user-i2c.c                |   5 +-
 hw/virtio/vhost-user-rng.c                |   5 +-
 hw/virtio/vhost-vdpa.c                    |  17 +-
 hw/virtio/vhost.c                         |  84 ++++++---
 hw/virtio/virtio-mem.c                    |   6 +-
 include/hw/i386/pc.h                      |   3 -
 include/hw/i386/x86.h                     |   3 +-
 include/hw/nvram/fw_cfg.h                 |  22 ---
 include/hw/virtio/vhost-user-gpio.h       |   2 +-
 meson.build                               |   2 +-
 migration/ram.c                           |   9 +-
 scripts/shaderinclude.pl                  |  16 --
 scripts/shaderinclude.py                  |  26 +++
 scripts/symlink-install-tree.py           |   1 -
 subprojects/libvhost-user/libvhost-user.c |   7 +
 target/arm/helper.c                       |   3 +
 target/arm/ptw.c                          |   6 +-
 target/arm/sve_helper.c                   |  14 +-
 target/arm/translate.c                    |   2 +-
 target/i386/tcg/emit.c.inc                |  59 ++++---
 target/riscv/translate.c                  |  12 +-
 target/sh4/cpu.c                          |   2 +-
 tests/tcg/Makefile.target                 |   2 +
 tests/tcg/i386/Makefile.target            |   6 +-
 tests/tcg/i386/test-i386-adcox.c          |  75 ++++++++
 tests/tcg/i386/test-i386-bmi2.c           | 197 ++++++++++++----------
 tests/tcg/multiarch/linux/linux-test.c    |   6 +-
 tests/tcg/riscv64/Makefile.target         |   6 +
 tests/tcg/riscv64/test-noc.S              |  32 ++++
 49 files changed, 547 insertions(+), 341 deletions(-)
 delete mode 100644 scripts/shaderinclude.pl
 create mode 100644 scripts/shaderinclude.py
 create mode 100644 tests/tcg/i386/test-i386-adcox.c
 create mode 100644 tests/tcg/riscv64/test-noc.S

-- 
2.30.2

On 08/03/2023 17.57, Michael Tokarev wrote:
> Hello!
> 
> This is my first attempt to perform a stable qemu release.
> Doing it in a way similar to how Michael Roth did it before :)
> But since this is my first attempt, this is an RFC for now.
> 
> The following new patches are queued for QEMU stable v7.2.1:
> 
>    https://gitlab.com/mjt0k/qemu/-/commits/stable-7.2-staging/
> 
> Please respond here or CC qemu-stable@nongnu.org on any additional patches
> you think should (or shouldn't) be included in the release.
> 
> About some of the patches.
> 
> I picked up a few more than minimally necessary so that some of the CI
> tests are fixed. These are the curl forward compat change, two changes
> for tests/, and also "build-sys: fix crlf-ending C code" (fixes build
> failure on msys-win32). The same failures exists on 7.2.0 now, while
> the proposed 7.2.1 passes all tests I've tried so far (will try avocado
> tests too once additional hdd will arrive).
> 
> Two patches ("vdpa: stop all svq on device deletion" and "Revert "hw/i386:
> pass RNG seed via setup_data entry"") required conflict resolution when
> cherry-picking.
> 
> 2 virtio-rng-pci migration fixes makes certain v7.2.0 VMs non-migratable
> to v7.2.1.
> 
> -----------------------------------------------------------------------
> 
> Akihiko Odaki (4):
>    vhost-user-gpio: Configure vhost_dev when connecting
>    vhost-user-i2c: Back up vqs before cleaning up vhost_dev
>    vhost-user-rng: Back up vqs before cleaning up vhost_dev
>    hw/timer/hpet: Fix expiration time overflow
> 
> Alex Bennée (2):
>    target/arm: fix handling of HLT semihosting in system mode
>    tests/tcg: fix unused variable in linux-test
> 
> Anton Johansson (1):
>    block: Handle curl 7.55.0, 7.85.0 version changes
> 
> Carlos López (2):
>    vhost: avoid a potential use of an uninitialized variable in
>      vhost_svq_poll()
>    libvhost-user: check for NULL when allocating a virtqueue element
> 
> Chenyi Qiang (2):
>    virtio-mem: Fix the bitmap index of the section offset
>    virtio-mem: Fix the iterator variable in a vmem->rdl_list loop
> 
> David Hildenbrand (2):
>    migration/ram: Fix error handling in ram_write_tracking_start()
>    migration/ram: Fix populate_read_range()
> 
> Dr. David Alan Gilbert (2):
>    virtio-rng-pci: fix migration compat for vectors
>    virtio-rng-pci: fix transitional migration compat for vectors
> 
> Eugenio Pérez (1):
>    vdpa: stop all svq on device deletion
> 
> Evgeny Iakovlev (1):
>    target/arm: allow writes to SCR_EL3.HXEn bit when FEAT_HCX is enabled
> 
> Guenter Roeck (1):
>    target/sh4: Mask restore of env->flags from tb->flags
> 
> Jason Wang (3):
>    vhost: fix vq dirty bitmap syncing when vIOMMU is enabled
>    intel-iommu: fail MAP notifier without caching mode
>    intel-iommu: fail DEVIOTLB_UNMAP without dt mode
> 
> Julia Suvorova (1):
>    hw/smbios: fix field corruption in type 4 table
> 
> Kevin Wolf (1):
>    qcow2: Fix theoretical corruption in store_bitmap() error path
> 
> Klaus Jensen (2):
>    hw/nvme: fix missing endian conversions for doorbell buffers
>    hw/nvme: fix missing cq eventidx update
> 
> Laszlo Ersek (1):
>    acpi: cpuhp: fix guest-visible maximum access size to the legacy reg
>      block
> 
> Marc-André Lureau (1):
>    build-sys: fix crlf-ending C code
> 
> Michael S. Tsirkin (6):
>    Revert "x86: do not re-randomize RNG seed on snapshot load"
>    Revert "x86: re-initialize RNG seed when selecting kernel"
>    Revert "x86: reinitialize RNG seed on system reboot"
>    Revert "x86: use typedef for SetupData struct"
>    Revert "x86: return modified setup_data only if read as memory, not as
>      file"
>    Revert "hw/i386: pass RNG seed via setup_data entry"
> 
> Paolo Bonzini (4):
>    meson: accept relative symlinks in "meson introspect --installed" data
>    configure: fix GLIB_VERSION for cross-compilation
>    target/i386: fix ADOX followed by ADCX
>    block/iscsi: fix double-free on BUSY or similar statuses
> 
> Richard Henderson (8):
>    target/riscv: Set pc_succ_insn for !rvc illegal insn
>    target/arm: Fix sve_probe_page
>    target/arm: Fix in_debug path in S1_ptw_translate
>    target/arm: Fix physical address resolution for Stage2
>    tests/tcg/i386: Introduce and use reg_t consistently
>    target/i386: Fix BEXTR instruction
>    target/i386: Fix C flag for BLSI, BLSMSK, BLSR
>    target/i386: Fix BZHI instruction
> 
> Stefan Hajnoczi (1):
>    block: fix detect-zeroes= with BDRV_REQ_REGISTERED_BUF
> 
> Yajun Wu (1):
>    chardev/char-socket: set s->listener = NULL in char_socket_finalize

Maybe pick also these patches that mention "CVE" in the description:

  qga/win32: Remove change action from MSI installer
  qga/win32: Use rundll for VSS installation
  hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value
  hw/pvrdma: Protect against buggy or malicious guest driver

 From my s390x perspective, I'd like to suggest the following
patches (if they can be applied cleanly):

  target/s390x/arch_dump: Fix memory corruption in s390x_write_elf64_notes()
  target/s390x: Fix emulation of C(G)HRL
  target/s390x: Fix R[NOX]SBG with T=1
  target/s390x: Fix EXECUTE of relative long instructions

  Thanks,
   Thomas

22.03.2023 12:09, Thomas Huth пишет:
...> Maybe pick also these patches that mention "CVE" in the description:
> 
>   qga/win32: Remove change action from MSI installer
>   qga/win32: Use rundll for VSS installation

Yes, that one is a good idea.

>   hw/net/vmxnet3: allow VMXNET3_MAX_MTU itself as a value

Simple, picked up.

>   hw/pvrdma: Protect against buggy or malicious guest driver

This one has been in debian for quite a long time, it is finally
applied upstream, which is very good.

>  From my s390x perspective, I'd like to suggest the following
> patches (if they can be applied cleanly):
> 
>   target/s390x/arch_dump: Fix memory corruption in s390x_write_elf64_notes()
>   target/s390x: Fix emulation of C(G)HRL

Ok.

>   target/s390x: Fix R[NOX]SBG with T=1

9701596d821 says, in the commit message:

     Exposed by commit e2e641fa3d5 ("tcg: Change default temp lifetime to
     TEMP_TB").

Without this commit (e2e641fa3d5), commit 9701596d821 makes little sense
I think. Also, commit 9701596d821 applies after dd161de75f3
"target/s390x: Remove g_out, g_out2, g_in1, g_in2 from DisasContext".

>   target/s390x: Fix EXECUTE of relative long instructions

This one needs "target/s390x: Split out gen_ri2" first, it looks
like it's harmless to have.

Thank you very much for the suggestions, Thomas!

/mjt