Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On 29 August 2017 at 01:13, Michael Rothwrote: > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > The release is planned for 2017-09-07: > > http://wiki.qemu.org/Planning/2.9 > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > think should be included in the release. > > Testing/feedback is greatly appreciated. If it's not too late for this stable release, you might consider 3e4d91b94ce400326fae0850578d9e9f30a71adb (which just hit master). This is a pretty long-standing bug, so it's not the end of the world if it doesn't get in, but it does fix a bug which was causing real-world FreeBSD AArch64 guest binaries to segfault: https://bugs.launchpad.net/qemu/+bug/1711316 https://bugs.launchpad.net/qemu/+bug/1713066 thanks -- PMM
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
Quoting Michael Roth (2017-08-31 13:00:00) > Quoting Michael Roth (2017-08-28 19:13:35) > > Hi everyone, > > > > The following new patches are queued for QEMU stable v2.9.1: > > > > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_mdroth_qemu_commits_stable-2D2.9-2Dstaging=DwIFaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=hoyg_NnavbPJKZEF_zct-EdpBD-Nb3rhYLms_7k54A4=dc2xpZH9f2d88cyYQblkq-w_a99BSN8i6ypQkAYf5Pw= > > > > Thank you for the recommendations. Branch updated with the following > additional patches: > > s390-ccw: Fix alignment for CCW1 > vnc: Set default kbd delay to 10ms > qemu-nbd: Ignore SIGPIPE > usb-redir: fix stack overflow in usbredir_log_data > megasas: do not read SCSI req parameters more than once from frame > megasas: do not read command more than once from frame > megasas: do not read DCMD opcode more than once from frame > megasas: do not read iovec count more than once from frame > megasas: do not read sense length more than once from frame > 9pfs: local: forbid client access to metadata (CVE-2017-7493) > scsi: avoid an off-by-one error in megasas_mmio_write > audio: release capture buffers > vmw_pvscsi: check message ring page count at initialisation > hw/ppc/spapr_iommu: Fix crash when removing the "spapr-tce-table" device > hw/ppc/spapr_rtc: Mark the RTC device with user_creatable = false > qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatable > fix qemu-system-unicore32 crashing when calling without -kernel > hw/s390x/ipl: Fix crash with virtio-scsi-pci device > slirp: fix clearing ifq_so from pending packets > slirp: tftp, copy sockaddr_size > monitor: Check whether TCG is enabled before running the "info jit" code > target-s390x: Mask the SIGP order_code to 8bit. > Branch updated with the following additional patches: exec: Add lock parameter to qemu_ram_ptr_length xen/mapcache: store dma information in revmapcache entries for debugging exec: use qemu_ram_ptr_length to access guest ram xhci: only update dequeue ptr on completed transfers vl.c/exit: pause cpus before closing block devices PPC: E500: update u-boot to match shipped binary >
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
Quoting Michael Roth (2017-08-28 19:13:35) > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging Thank you for the recommendations. Branch updated with the following additional patches: s390-ccw: Fix alignment for CCW1 vnc: Set default kbd delay to 10ms qemu-nbd: Ignore SIGPIPE usb-redir: fix stack overflow in usbredir_log_data megasas: do not read SCSI req parameters more than once from frame megasas: do not read command more than once from frame megasas: do not read DCMD opcode more than once from frame megasas: do not read iovec count more than once from frame megasas: do not read sense length more than once from frame 9pfs: local: forbid client access to metadata (CVE-2017-7493) scsi: avoid an off-by-one error in megasas_mmio_write audio: release capture buffers vmw_pvscsi: check message ring page count at initialisation hw/ppc/spapr_iommu: Fix crash when removing the "spapr-tce-table" device hw/ppc/spapr_rtc: Mark the RTC device with user_creatable = false qdev: Replace cannot_instantiate_with_device_add_yet with !user_creatable fix qemu-system-unicore32 crashing when calling without -kernel hw/s390x/ipl: Fix crash with virtio-scsi-pci device slirp: fix clearing ifq_so from pending packets slirp: tftp, copy sockaddr_size monitor: Check whether TCG is enabled before running the "info jit" code target-s390x: Mask the SIGP order_code to 8bit.
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
Quoting Peter Maydell (2017-08-31 12:07:08) > On 31 August 2017 at 17:42, Michael Rothwrote: > > Quoting Thomas Huth (2017-08-28 21:18:20) > >> Not sure, but maybe the following patch should be included, too, since > >> there were some bogus files in the old version of the U-Boot sources: > >> > >> 73663d71ef2bab201475d58e - PPC: E500: Update u-boot to v2017.07 > > > > Do you have more background on any issues caused by these bogus files? > > As it stands I think I would opt not to update unless there are specific > > user-visible bugs we're trying to address which warrant the risk of any > > regressions which might get pulled in in the process. > > These are the relevant threads: > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.gnu.org_archive_html_qemu-2Ddiscuss_2017-2D07_msg5.html=DwIBaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=QzqXTgvEiqKKSlIJgVfNCEiYXPQ5oVFxHFdUcgtf_L8=4BVFXlpHawdLmHljZCHMSNEVaj8JzUuNJw6HgKZzvn0= > > and > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.gnu.org_archive_html_qemu-2Ddevel_2017-2D07_msg02956.html=DwIBaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=QzqXTgvEiqKKSlIJgVfNCEiYXPQ5oVFxHFdUcgtf_L8=iO72EaulRM4jy_9QBnIcqH5K_hIWtAmBOMqy6QORs2M= > > > The summary is > (1) one of the u-boot source files which is distributed as part > of the QEMU tarball has a comment which makes it a bit unclear > whether it's something that's redistributable (the source file > isn't actually used in the u-boot target we care about) > (2) the u-boot binary blob we were shipping doesn't correspond > to the sources we were shipping > > and we fixed those in master by updating the blob and the > submodule to the most recent u-boot. > > I guess the low-risk fix for the stable branch would be to > update the u-boot submodule to 79c884d7e4 as suggested in > https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.gnu.org_archive_html_qemu-2Ddevel_2017-2D07_msg03174.html=DwIBaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=QzqXTgvEiqKKSlIJgVfNCEiYXPQ5oVFxHFdUcgtf_L8=WY3VTHQGDP63Rw7hykVtVSbAqb8db-of8rkUG3hrlUg= > > which would bring the distributed sources into line with > the binary blob in stable, so no need to change the > blob we're distributing. I think it makes sense to do that > for stable. Thanks for the background/suggestion, I think I'll take this approach. > > thanks > -- PMM >
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On 31 August 2017 at 17:42, Michael Rothwrote: > Quoting Thomas Huth (2017-08-28 21:18:20) >> Not sure, but maybe the following patch should be included, too, since >> there were some bogus files in the old version of the U-Boot sources: >> >> 73663d71ef2bab201475d58e - PPC: E500: Update u-boot to v2017.07 > > Do you have more background on any issues caused by these bogus files? > As it stands I think I would opt not to update unless there are specific > user-visible bugs we're trying to address which warrant the risk of any > regressions which might get pulled in in the process. These are the relevant threads: https://lists.gnu.org/archive/html/qemu-discuss/2017-07/msg5.html and https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg02956.html The summary is (1) one of the u-boot source files which is distributed as part of the QEMU tarball has a comment which makes it a bit unclear whether it's something that's redistributable (the source file isn't actually used in the u-boot target we care about) (2) the u-boot binary blob we were shipping doesn't correspond to the sources we were shipping and we fixed those in master by updating the blob and the submodule to the most recent u-boot. I guess the low-risk fix for the stable branch would be to update the u-boot submodule to 79c884d7e4 as suggested in https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03174.html which would bring the distributed sources into line with the binary blob in stable, so no need to change the blob we're distributing. I think it makes sense to do that for stable. thanks -- PMM
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
Quoting Thomas Huth (2017-08-28 21:18:20) > On 29.08.2017 02:13, Michael Roth wrote: > > Hi everyone, > > > > The following new patches are queued for QEMU stable v2.9.1: > > > > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_mdroth_qemu_commits_stable-2D2.9-2Dstaging=DwIDaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=Id5ItcTzhCqn35tC8JynLtLuRcfupmsTlJGwTYEDdIg=fqHIfooeKQPNEWX7AqyC93OMzAs-U-UwZ6Yu0trfn0Y= > > > > > > The release is planned for 2017-09-07: > > > > > > https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.qemu.org_Planning_2.9=DwIDaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=Id5ItcTzhCqn35tC8JynLtLuRcfupmsTlJGwTYEDdIg=RVxHUyHJDN1hk2AsMfiZmguXpEhz0pFHGijG75NIReY= > > > > > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > > think should be included in the release. > > I'd like to suggest the following patches: > > 601b9a9008c5a612d76073bb - target-s390x: Mask the SIGP order_code ... > b7da97eef74bf834be244de0 - monitor: Check whether TCG is enabled ... > 17eb587aeb492fe68f8130b0 - slirp: tftp, copy sockaddr_size > 99efaa2696caaf6182958e27 - hw/s390x/ipl: Fix crash with ... > 36bed541ca886da735bef1e8 - fix qemu-system-unicore32 crashing ... > b190f477e29c7cd03a8fee49 - qemu-system-tricore: segfault when ... > 8ff9dd7ba24c7a788611 - hw/ppc/spapr_rtc: Mark the RTC device ... > 1f98e55385d11da1dc0de644 - hw/ppc/spapr_iommu: Fix crash when ... > > Not sure, but maybe the following patch should be included, too, since > there were some bogus files in the old version of the U-Boot sources: > > 73663d71ef2bab201475d58e - PPC: E500: Update u-boot to v2017.07 Do you have more background on any issues caused by these bogus files? As it stands I think I would opt not to update unless there are specific user-visible bugs we're trying to address which warrant the risk of any regressions which might get pulled in in the process. > > Thomas >
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On 29 August 2017 at 01:13, Michael Rothwrote: > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > The release is planned for 2017-09-07: > > http://wiki.qemu.org/Planning/2.9 > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > think should be included in the release. I would suggest also commit 1201d308519f1e915866d7583d5136d03cc1d384 ("slirp: fix clearing ifq_so from pending packets") which I've just applied to master, as it fixes a use-after-free if the guest sends suitable bogus packets and the VM is using slirp networking. thanks -- PMM
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On 08/28/2017 08:13 PM, Michael Roth wrote: > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > The release is planned for 2017-09-07: > > http://wiki.qemu.org/Planning/2.9 > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > think should be included in the release. > Here's extra patches we are carrying for Fedora 26: Applying: vmw_pvscsi: check message ring page count at initialisation Applying: audio: release capture buffers Applying: scsi: avoid an off-by-one error in megasas_mmio_write Applying: 9pfs: local: forbid client access to metadata (CVE-2017-7493) Applying: megasas: do not read sense length more than once from frame Applying: megasas: do not read iovec count more than once from frame Applying: megasas: do not read DCMD opcode more than once from frame Applying: megasas: do not read command more than once from frame Applying: megasas: do not read SCSI req parameters more than once from frame Applying: megasas: always store SCSIRequest* into MegasasCmd Applying: usb-redir: fix stack overflow in usbredir_log_data Applying: qemu-nbd: Ignore SIGPIPE Applying: vnc: Set default kbd delay to 10ms The last one was part of agraf's input fixes, not sure if it's strictly required to fix the root issue but when all 3 patches were applied it fixed fedora's automated QA system. The rest of the patches are for CVEs but not sure about the severity Thanks, Cole
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On Tue, 29 Aug 2017 04:18:20 +0200 Thomas Huthwrote: > On 29.08.2017 02:13, Michael Roth wrote: > > Hi everyone, > > > > The following new patches are queued for QEMU stable v2.9.1: > > > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > > > The release is planned for 2017-09-07: > > > > http://wiki.qemu.org/Planning/2.9 > > > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > > think should be included in the release. > > I'd like to suggest the following patches: > > 601b9a9008c5a612d76073bb - target-s390x: Mask the SIGP order_code ... > 99efaa2696caaf6182958e27 - hw/s390x/ipl: Fix crash with ... Agreed on the s390x patches.
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
On 29.08.2017 02:13, Michael Roth wrote: > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > https://github.com/mdroth/qemu/commits/stable-2.9-staging > > The release is planned for 2017-09-07: > > http://wiki.qemu.org/Planning/2.9 > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > think should be included in the release. I'd like to suggest the following patches: 601b9a9008c5a612d76073bb - target-s390x: Mask the SIGP order_code ... b7da97eef74bf834be244de0 - monitor: Check whether TCG is enabled ... 17eb587aeb492fe68f8130b0 - slirp: tftp, copy sockaddr_size 99efaa2696caaf6182958e27 - hw/s390x/ipl: Fix crash with ... 36bed541ca886da735bef1e8 - fix qemu-system-unicore32 crashing ... b190f477e29c7cd03a8fee49 - qemu-system-tricore: segfault when ... 8ff9dd7ba24c7a788611 - hw/ppc/spapr_rtc: Mark the RTC device ... 1f98e55385d11da1dc0de644 - hw/ppc/spapr_iommu: Fix crash when ... Not sure, but maybe the following patch should be included, too, since there were some bogus files in the old version of the U-Boot sources: 73663d71ef2bab201475d58e - PPC: E500: Update u-boot to v2017.07 Thomas
Re: [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04
Quoting Michael Roth (2017-08-28 19:13:35) > Hi everyone, > > The following new patches are queued for QEMU stable v2.9.1: > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_mdroth_qemu_commits_stable-2D2.9-2Dstaging=DwIFaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=Mw1bU8iEiV5THnZe_RluoHefJMDFgKus3DOUY40AbVA=wB11-59-V11-yisUGoowZ4UvmSBfZNqhjDdEk9QwqAk= > > > The release is planned for 2017-09-07: > > > https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.qemu.org_Planning_2.9=DwIFaQ=jf_iaSHvJObTbx-siA1ZOg=sThPI1c0u5x-3sg5Nw8wNqjg_5Z5xLzfPGC18E94zn8=Mw1bU8iEiV5THnZe_RluoHefJMDFgKus3DOUY40AbVA=aKWE0XkaM9D2OJvn5Etwst9lR3FUDED9C_m5ue7HB6w= > Sorry for this. I've sent some other emails to see if this behavior continued from my SMTP relay, and it seems to have been some sort of temporary issue. The original URLs were (assuming I don't get bit by this again): https://github.com/mdroth/qemu/commits/stable-2.9-staging and http://wiki.qemu.org/Planning/2.9 > > Please respond here or CC qemu-sta...@nongnu.org on any patches you > think should be included in the release. > > Testing/feedback is greatly appreciated. > > Thanks! > > > Alberto Garcia (1): > stream: fix crash in stream_start() when block_job_create() fails > > Aleksandr Bezzubikov (1): > hw/i386: allow SHPC for Q35 machine > > Alexander Graf (2): > hid: Reset kbd modifiers on reset > input: Decrement queue count on kbd delay > > Anton Nefedov (1): > qemu-img: wait for convert coroutines to complete > > Bruce Rogers (2): > ACPI: don't call acpi_pcihp_device_plug_cb on xen > 9pfs: local: remove: use correct path component > > Daniel P. Berrange (1): > migration: setup bi-directional I/O channel for exec: protocol > > Eduardo Habkost (1): > pc: Use "min-[x]level" on compat_props > > Eric Blake (16): > dirty-bitmap: Report BlockDirtyInfo.count in bytes, as documented > coccinelle: Add script to remove useless QObject casts > qobject: Drop useless QObject casts > qobject: Add helper macros for common scalar insertions > s390x: Drop useless casts > qobject: Use simpler QDict/QList scalar insertion macros > blkdebug: Sanity check block layer guarantees > blkdebug: Refactor error injection > blkdebug: Add pass-through write_zero and discard support > blkdebug: Simplify override logic > blkdebug: Add ability to override unmap geometries > tests: Add coverage for recent block geometry fixes > block: Simplify BDRV_BLOCK_RAW recursion > block: Guarantee that *file is set on bdrv_get_block_status() > nbd: Fully initialize client in case of failed negotiation > nbd: Fix regression on resiliency to port scan > > Fam Zheng (2): > block: Reuse bs as backing hd for drive-backup sync=none > virtio-scsi: Unset hotplug handler when unrealize > > Gerd Hoffmann (1): > input: limit kbd queue depth > > Greg Kurz (7): > 9pfs: local: fix unlink of alien files in mapped-file mode > virtio: allow broken device to notify guest > target/ppc: pass const string to kvmppc_is_mem_backend_page_size_ok() > target/ppc: fix memory leak in kvmppc_is_mem_backend_page_size_ok() > spapr: fix memory leak in spapr_memory_pre_plug() > spapr: fix memory leak in spapr_core_pre_plug() > 9pfs: local: fix fchmodat_nofollow() limitations > > Halil Pasic (1): > s390x/css: catch section mismatch on load > > Herongguang (Stephen) (1): > pci: deassert intx when pci device unrealize > > Hervé Poussineau (1): > vvfat: fix qemu-img map and qemu-img convert > > Jason Wang (2): > virtio-scsi: finalize IOMMU support > virtio-net: fix offload ctrl endian > > Jeff Cody (1): > block/nfs: fix mutex assertion in nfs_file_close() > > John Snow (1): > blockdev: use drained_begin/end for qmp_block_resize > > Kevin Wolf (6): > mirror: Drop permissions on s->target on completion > commit: Fix use after free in completion > commit: Fix completion with extra reference > commit: Add NULL check for overlay_bs > qemu-iotests: Test automatic commit job cancel on hot unplug > block: Skip implicit nodes in query-block/blockstats > > Ladi Prosek (1): > virtio-serial-bus: Unset hotplug handler when unrealize > > Laurent Vivier (3): > spapr: add pre_plug function for memory > spapr: fix migration to pseries machine < 2.8 > cpu: don't allow negative core id > > Markus Armbruster (1): > replication: Make --disable-replication compile again > > Max Filippov (3): > target/xtensa: fix mapping direction in read/write simcalls > target/xtensa: fix return value of read/write simcalls > target/xtensa: handle unknown registers in gdbstub > > Max Reitz (11):