* [pve-devel] [PATCH qemu 1/2] update submodule and patches to QEMU 9.0.2
@ 2024-07-25 9:45 Fiona Ebner
2024-07-25 9:45 ` [pve-devel] [PATCH qemu 2/2] some more stable fixes for " Fiona Ebner
2024-07-29 17:12 ` [pve-devel] applied: [PATCH qemu 1/2] update submodule and patches to " Thomas Lamprecht
0 siblings, 2 replies; 3+ messages in thread
From: Fiona Ebner @ 2024-07-25 9:45 UTC (permalink / raw)
To: pve-devel
Most relevant are some fixes for VirtIO and for ARM and i386
emulation. There also is a fix for VGA display to fix screen blanking,
which fixes: https://bugzilla.proxmox.com/show_bug.cgi?id=4786
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
...d-support-for-sync-bitmap-mode-never.patch | 10 +-
...race-with-clients-disconnecting-earl.patch | 4 +-
...io-pci-fix-use-of-a-released-vector.patch} | 8 +-
.../0006-virtio-gpu-fix-v2-migration.patch | 98 -------
...0007-hw-pflash-fix-block-write-start.patch | 59 -----
...operand-size-for-DATA16-REX.W-POPCNT.patch | 51 ----
...ru-wrpkru-are-no-prefix-instructions.patch | 40 ---
...6-fix-feature-dependency-for-WAITPKG.patch | 33 ---
...move-compatibility-flags-for-VirtIO-.patch | 57 -----
...t-monitor-use-aio_co_reschedule_self.patch | 53 ----
...ict-translation-disabled-alignment-c.patch | 51 ----
...-IRQs-a-chance-when-resetting-HF_INH.patch | 80 ------
...r-v-Correct-kvm_hv_handle_exit-retur.patch | 60 -----
...86-disable-jmp_opt-if-EFLAGS.RF-is-1.patch | 31 ---
...ingle-step-exception-after-MOV-or-PO.patch | 30 ---
...n-t-open-data_file-with-BDRV_O_NO_IO.patch | 107 --------
...names-only-when-explicitly-requested.patch | 241 ------------------
...le-posix-make-locking-optiono-on-cre.patch | 6 +-
...ckup-Proxmox-backup-patches-for-QEMU.patch | 2 +-
...k-driver-to-map-backup-archives-into.patch | 8 +-
...igrate-dirty-bitmap-state-via-savevm.patch | 2 +-
...-backup-add-discard-source-parameter.patch | 2 +-
...e-allow-specifying-minimum-cluster-s.patch | 4 +-
...um-cluster-size-to-performance-optio.patch | 2 +-
.../0050-PVE-backup-add-fleecing-option.patch | 2 +-
debian/patches/series | 16 +-
26 files changed, 26 insertions(+), 1031 deletions(-)
rename debian/patches/extra/{0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch => 0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch} (93%)
delete mode 100644 debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
delete mode 100644 debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
delete mode 100644 debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
delete mode 100644 debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
delete mode 100644 debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
delete mode 100644 debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
delete mode 100644 debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
delete mode 100644 debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
delete mode 100644 debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
delete mode 100644 debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
delete mode 100644 debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
delete mode 100644 debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
delete mode 100644 debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
delete mode 100644 debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
diff --git a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
index 6789ac5..392b8a2 100644
--- a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
+++ b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
@@ -364,10 +364,10 @@ index d2201e27f4..cc1387ae02 100644
BlockdevOnError on_source_error,
BlockdevOnError on_target_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 746d1694c2..45ab548dfe 100644
+index 4b18e01b85..0902b0a024 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -2174,6 +2174,15 @@
+@@ -2170,6 +2170,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -383,7 +383,7 @@ index 746d1694c2..45ab548dfe 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2216,7 +2225,9 @@
+@@ -2212,7 +2221,9 @@
{ 'struct': 'DriveMirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*format': 'str', '*node-name': 'str', '*replaces': 'str',
@@ -394,7 +394,7 @@ index 746d1694c2..45ab548dfe 100644
'*speed': 'int', '*granularity': 'uint32',
'*buf-size': 'int', '*on-source-error': 'BlockdevOnError',
'*on-target-error': 'BlockdevOnError',
-@@ -2496,6 +2507,15 @@
+@@ -2492,6 +2503,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -410,7 +410,7 @@ index 746d1694c2..45ab548dfe 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2544,7 +2564,8 @@
+@@ -2540,7 +2560,8 @@
{ 'command': 'blockdev-mirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*replaces': 'str',
diff --git a/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch b/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
index 54f0631..45e7f87 100644
--- a/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
+++ b/debian/patches/extra/0001-monitor-qmp-fix-race-with-clients-disconnecting-earl.patch
@@ -144,7 +144,7 @@ index a239945e8d..589c9524f8 100644
monitor_qmp_caps_reset(mon);
data = qmp_greeting(mon);
diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c
-index f3488afeef..2624eb3470 100644
+index 176b549473..790bb7d1da 100644
--- a/qapi/qmp-dispatch.c
+++ b/qapi/qmp-dispatch.c
@@ -117,16 +117,28 @@ typedef struct QmpDispatchBH {
@@ -180,7 +180,7 @@ index f3488afeef..2624eb3470 100644
aio_co_wake(data->co);
}
-@@ -250,6 +262,7 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ
+@@ -253,6 +265,7 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ
.ret = &ret,
.errp = &err,
.co = qemu_coroutine_self(),
diff --git a/debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch b/debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
similarity index 93%
rename from debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
rename to debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
index 2826b9b..d2de6d1 100644
--- a/debian/patches/extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
+++ b/debian/patches/extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
@@ -24,10 +24,10 @@ Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
1 file changed, 2 insertions(+), 35 deletions(-)
diff --git a/hw/virtio/virtio-pci.c b/hw/virtio/virtio-pci.c
-index cb159fd078..cb6940fc0e 100644
+index e04218a9fb..fd66713848 100644
--- a/hw/virtio/virtio-pci.c
+++ b/hw/virtio/virtio-pci.c
-@@ -1424,38 +1424,6 @@ static int virtio_pci_add_mem_cap(VirtIOPCIProxy *proxy,
+@@ -1410,38 +1410,6 @@ static int virtio_pci_add_mem_cap(VirtIOPCIProxy *proxy,
return offset;
}
@@ -66,7 +66,7 @@ index cb159fd078..cb6940fc0e 100644
int virtio_pci_add_shm_cap(VirtIOPCIProxy *proxy,
uint8_t bar, uint64_t offset, uint64_t length,
uint8_t id)
-@@ -1602,8 +1570,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr addr,
+@@ -1588,8 +1556,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr addr,
} else {
val = VIRTIO_NO_VECTOR;
}
@@ -76,7 +76,7 @@ index cb159fd078..cb6940fc0e 100644
break;
case VIRTIO_PCI_COMMON_STATUS:
if (!(val & VIRTIO_CONFIG_S_DRIVER_OK)) {
-@@ -1643,7 +1610,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr addr,
+@@ -1629,7 +1596,7 @@ static void virtio_pci_common_write(void *opaque, hwaddr addr,
} else {
val = VIRTIO_NO_VECTOR;
}
diff --git a/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch b/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
deleted file mode 100644
index 132baed..0000000
--- a/debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
-Date: Thu, 16 May 2024 12:40:22 +0400
-Subject: [PATCH] virtio-gpu: fix v2 migration
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Commit dfcf74fa ("virtio-gpu: fix scanout migration post-load") broke
-forward/backward version migration. Versioning of nested VMSD structures
-is not straightforward, as the wire format doesn't have nested
-structures versions. Introduce x-scanout-vmstate-version and a field
-test to save/load appropriately according to the machine version.
-
-Fixes: dfcf74fa ("virtio-gpu: fix scanout migration post-load")
-Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
-Signed-off-by: Peter Xu <peterx@redhat.com>
----
- hw/core/machine.c | 1 +
- hw/display/virtio-gpu.c | 24 ++++++++++++++++--------
- include/hw/virtio/virtio-gpu.h | 1 +
- 3 files changed, 18 insertions(+), 8 deletions(-)
-
-diff --git a/hw/core/machine.c b/hw/core/machine.c
-index 37ede0e7d4..d33a37a6f6 100644
---- a/hw/core/machine.c
-+++ b/hw/core/machine.c
-@@ -37,6 +37,7 @@ GlobalProperty hw_compat_8_2[] = {
- { "migration", "zero-page-detection", "legacy"},
- { TYPE_VIRTIO_IOMMU_PCI, "granule", "4k" },
- { TYPE_VIRTIO_IOMMU_PCI, "aw-bits", "64" },
-+ { "virtio-gpu-device", "x-scanout-vmstate-version", "1" },
- };
- const size_t hw_compat_8_2_len = G_N_ELEMENTS(hw_compat_8_2);
-
-diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c
-index ae831b6b3e..85323daf99 100644
---- a/hw/display/virtio-gpu.c
-+++ b/hw/display/virtio-gpu.c
-@@ -1166,10 +1166,17 @@ static void virtio_gpu_cursor_bh(void *opaque)
- virtio_gpu_handle_cursor(&g->parent_obj.parent_obj, g->cursor_vq);
- }
-
-+static bool scanout_vmstate_after_v2(void *opaque, int version)
-+{
-+ struct VirtIOGPUBase *base = container_of(opaque, VirtIOGPUBase, scanout);
-+ struct VirtIOGPU *gpu = container_of(base, VirtIOGPU, parent_obj);
-+
-+ return gpu->scanout_vmstate_version >= 2;
-+}
-+
- static const VMStateDescription vmstate_virtio_gpu_scanout = {
- .name = "virtio-gpu-one-scanout",
-- .version_id = 2,
-- .minimum_version_id = 1,
-+ .version_id = 1,
- .fields = (const VMStateField[]) {
- VMSTATE_UINT32(resource_id, struct virtio_gpu_scanout),
- VMSTATE_UINT32(width, struct virtio_gpu_scanout),
-@@ -1181,12 +1188,12 @@ static const VMStateDescription vmstate_virtio_gpu_scanout = {
- VMSTATE_UINT32(cursor.hot_y, struct virtio_gpu_scanout),
- VMSTATE_UINT32(cursor.pos.x, struct virtio_gpu_scanout),
- VMSTATE_UINT32(cursor.pos.y, struct virtio_gpu_scanout),
-- VMSTATE_UINT32_V(fb.format, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.bytes_pp, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.width, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.height, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.stride, struct virtio_gpu_scanout, 2),
-- VMSTATE_UINT32_V(fb.offset, struct virtio_gpu_scanout, 2),
-+ VMSTATE_UINT32_TEST(fb.format, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.bytes_pp, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.width, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.height, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.stride, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
-+ VMSTATE_UINT32_TEST(fb.offset, struct virtio_gpu_scanout, scanout_vmstate_after_v2),
- VMSTATE_END_OF_LIST()
- },
- };
-@@ -1659,6 +1666,7 @@ static Property virtio_gpu_properties[] = {
- DEFINE_PROP_BIT("blob", VirtIOGPU, parent_obj.conf.flags,
- VIRTIO_GPU_FLAG_BLOB_ENABLED, false),
- DEFINE_PROP_SIZE("hostmem", VirtIOGPU, parent_obj.conf.hostmem, 0),
-+ DEFINE_PROP_UINT8("x-scanout-vmstate-version", VirtIOGPU, scanout_vmstate_version, 2),
- DEFINE_PROP_END_OF_LIST(),
- };
-
-diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h
-index ed44cdad6b..842315d51d 100644
---- a/include/hw/virtio/virtio-gpu.h
-+++ b/include/hw/virtio/virtio-gpu.h
-@@ -177,6 +177,7 @@ typedef struct VGPUDMABuf {
- struct VirtIOGPU {
- VirtIOGPUBase parent_obj;
-
-+ uint8_t scanout_vmstate_version;
- uint64_t conf_max_hostmem;
-
- VirtQueue *ctrl_vq;
diff --git a/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch b/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
deleted file mode 100644
index b53570b..0000000
--- a/debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Thu, 16 May 2024 10:46:34 +0200
-Subject: [PATCH] hw/pflash: fix block write start
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Move the pflash_blk_write_start() call. We need the offset of the
-first data write, not the offset for the setup (number-of-bytes)
-write. Without this fix u-boot can do block writes to the first
-flash block only.
-
-While being at it drop a leftover FIXME.
-
-Cc: qemu-stable@nongnu.org
-Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2343
-Fixes: fcc79f2e0955 ("hw/pflash: implement update buffer for block writes")
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-(picked up from https://lists.nongnu.org/archive/html/qemu-stable/2024-05/msg00091.html)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- hw/block/pflash_cfi01.c | 8 +++-----
- 1 file changed, 3 insertions(+), 5 deletions(-)
-
-diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c
-index 1bda8424b9..c8f1cf5a87 100644
---- a/hw/block/pflash_cfi01.c
-+++ b/hw/block/pflash_cfi01.c
-@@ -518,10 +518,6 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- break;
- case 0xe8: /* Write to buffer */
- trace_pflash_write(pfl->name, "write to buffer");
-- /* FIXME should save @offset, @width for case 1+ */
-- qemu_log_mask(LOG_UNIMP,
-- "%s: Write to buffer emulation is flawed\n",
-- __func__);
- pfl->status |= 0x80; /* Ready! */
- break;
- case 0xf0: /* Probe for AMD flash */
-@@ -574,7 +570,6 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- }
- pfl->counter = value;
- pfl->wcycle++;
-- pflash_blk_write_start(pfl, offset);
- break;
- case 0x60:
- if (cmd == 0xd0) {
-@@ -605,6 +600,9 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
- switch (pfl->cmd) {
- case 0xe8: /* Block write */
- /* FIXME check @offset, @width */
-+ if (pfl->blk_offset == -1 && pfl->counter) {
-+ pflash_blk_write_start(pfl, offset);
-+ }
- if (!pfl->ro && (pfl->blk_offset != -1)) {
- pflash_data_write(pfl, offset, value, width, be);
- } else {
diff --git a/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch b/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
deleted file mode 100644
index d10cbbc..0000000
--- a/debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Thu, 9 May 2024 12:38:10 +0200
-Subject: [PATCH] target/i386: fix operand size for DATA16 REX.W POPCNT
-
-According to the manual, 32-bit vs 64-bit is governed by REX.W
-and REX ignores the 0x66 prefix. This can be confirmed with this
-program:
-
- #include <stdio.h>
- int main()
- {
- int x = 0x12340000;
- int y;
- asm("popcntl %1, %0" : "=r" (y) : "r" (x)); printf("%x\n", y);
- asm("mov $-1, %0; .byte 0x66; popcntl %1, %0" : "+r" (y) : "r" (x)); printf("%x\n", y);
- asm("mov $-1, %0; .byte 0x66; popcntq %q1, %q0" : "+r" (y) : "r" (x)); printf("%x\n", y);
- }
-
-which prints 5/ffff0000/5 on real hardware and 5/ffff0000/ffff0000
-on QEMU.
-
-Cc: qemu-stable@nongnu.org
-Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit 41c685dc59bb611096f3bb6a663cfa82e4cba97b)
-[FE: keep mo_64_32 helper which still has other users in 9.0.0]
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/tcg/translate.c | 7 +------
- 1 file changed, 1 insertion(+), 6 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index 76a42c679c..b60f3bd642 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6799,12 +6799,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
-
-- if (s->prefix & PREFIX_DATA) {
-- ot = MO_16;
-- } else {
-- ot = mo_64_32(dflag);
-- }
--
-+ ot = dflag;
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_extu(ot, s->T0);
- tcg_gen_mov_tl(cpu_cc_src, s->T0);
diff --git a/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch b/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
deleted file mode 100644
index eb42f84..0000000
--- a/debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Thu, 9 May 2024 15:55:47 +0200
-Subject: [PATCH] target/i386: rdpkru/wrpkru are no-prefix instructions
-
-Reject 0x66/0xf3/0xf2 in front of them.
-
-Cc: qemu-stable@nongnu.org
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit 40a3ec7b5ffde500789d016660a171057d6b467c)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/tcg/translate.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index b60f3bd642..3e949fe964 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6083,7 +6083,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
- break;
- case 0xee: /* rdpkru */
-- if (prefixes & PREFIX_LOCK) {
-+ if (s->prefix & (PREFIX_LOCK | PREFIX_DATA
-+ | PREFIX_REPZ | PREFIX_REPNZ)) {
- goto illegal_op;
- }
- tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_ECX]);
-@@ -6091,7 +6092,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
- tcg_gen_extr_i64_tl(cpu_regs[R_EAX], cpu_regs[R_EDX], s->tmp1_i64);
- break;
- case 0xef: /* wrpkru */
-- if (prefixes & PREFIX_LOCK) {
-+ if (s->prefix & (PREFIX_LOCK | PREFIX_DATA
-+ | PREFIX_REPZ | PREFIX_REPNZ)) {
- goto illegal_op;
- }
- tcg_gen_concat_tl_i64(s->tmp1_i64, cpu_regs[R_EAX],
diff --git a/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch b/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
deleted file mode 100644
index ed1d6d7..0000000
--- a/debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Wed, 8 May 2024 11:10:54 +0200
-Subject: [PATCH] target/i386: fix feature dependency for WAITPKG
-
-The VMX feature bit depends on general availability of WAITPKG,
-not the other way round.
-
-Fixes: 33cc88261c3 ("target/i386: add support for VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE", 2023-08-28)
-Cc: qemu-stable@nongnu.org
-Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit fe01af5d47d4cf7fdf90c54d43f784e5068c8d72)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/cpu.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/target/i386/cpu.c b/target/i386/cpu.c
-index 33760a2ee1..e693f8ca9a 100644
---- a/target/i386/cpu.c
-+++ b/target/i386/cpu.c
-@@ -1550,8 +1550,8 @@ static FeatureDep feature_dependencies[] = {
- .to = { FEAT_SVM, ~0ull },
- },
- {
-- .from = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
-- .to = { FEAT_7_0_ECX, CPUID_7_0_ECX_WAITPKG },
-+ .from = { FEAT_7_0_ECX, CPUID_7_0_ECX_WAITPKG },
-+ .to = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE },
- },
- };
-
diff --git a/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch b/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
deleted file mode 100644
index afe7d5a..0000000
--- a/debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Fiona Ebner <f.ebner@proxmox.com>
-Date: Thu, 16 May 2024 15:21:07 +0200
-Subject: [PATCH] hw/core/machine: move compatibility flags for VirtIO-net USO
- to machine 8.1
-
-Migration from an 8.2 or 9.0 binary to an 8.1 binary with machine
-version 8.1 can fail with:
-
-> kvm: Features 0x1c0010130afffa7 unsupported. Allowed features: 0x10179bfffe7
-> kvm: Failed to load virtio-net:virtio
-> kvm: error while loading state for instance 0x0 of device '0000:00:12.0/virtio-net'
-> kvm: load of migration failed: Operation not permitted
-
-The series
-
-53da8b5a99 virtio-net: Add support for USO features
-9da1684954 virtio-net: Add USO flags to vhost support.
-f03e0cf63b tap: Add check for USO features
-2ab0ec3121 tap: Add USO support to tap device.
-
-only landed in QEMU 8.2, so the compatibility flags should be part of
-machine version 8.1.
-
-Moving the flags unfortunately breaks forward migration with machine
-version 8.1 from a binary without this patch to a binary with this
-patch when the feature is enabled by the guest.
-
-Fixes: 53da8b5a99 ("virtio-net: Add support for USO features")
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- hw/core/machine.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/hw/core/machine.c b/hw/core/machine.c
-index d33a37a6f6..4273de16a0 100644
---- a/hw/core/machine.c
-+++ b/hw/core/machine.c
-@@ -46,15 +46,15 @@ GlobalProperty hw_compat_8_1[] = {
- { "ramfb", "x-migrate", "off" },
- { "vfio-pci-nohotplug", "x-ramfb-migrate", "off" },
- { "igb", "x-pcie-flr-init", "off" },
-+ { TYPE_VIRTIO_NET, "host_uso", "off"},
-+ { TYPE_VIRTIO_NET, "guest_uso4", "off"},
-+ { TYPE_VIRTIO_NET, "guest_uso6", "off"},
- };
- const size_t hw_compat_8_1_len = G_N_ELEMENTS(hw_compat_8_1);
-
- GlobalProperty hw_compat_8_0[] = {
- { "migration", "multifd-flush-after-each-section", "on"},
- { TYPE_PCI_DEVICE, "x-pcie-ari-nextfn-1", "on" },
-- { TYPE_VIRTIO_NET, "host_uso", "off"},
-- { TYPE_VIRTIO_NET, "guest_uso4", "off"},
-- { TYPE_VIRTIO_NET, "guest_uso6", "off"},
- };
- const size_t hw_compat_8_0_len = G_N_ELEMENTS(hw_compat_8_0);
-
diff --git a/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch b/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
deleted file mode 100644
index def305c..0000000
--- a/debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Stefan Hajnoczi <stefanha@redhat.com>
-Date: Mon, 6 May 2024 15:06:21 -0400
-Subject: [PATCH] Revert "monitor: use aio_co_reschedule_self()"
-
-Commit 1f25c172f837 ("monitor: use aio_co_reschedule_self()") was a code
-cleanup that uses aio_co_reschedule_self() instead of open coding
-coroutine rescheduling.
-
-Bug RHEL-34618 was reported and Kevin Wolf <kwolf@redhat.com> identified
-the root cause. I missed that aio_co_reschedule_self() ->
-qemu_get_current_aio_context() only knows about
-qemu_aio_context/IOThread AioContexts and not about iohandler_ctx. It
-does not function correctly when going back from the iohandler_ctx to
-qemu_aio_context.
-
-Go back to open coding the AioContext transitions to avoid this bug.
-
-This reverts commit 1f25c172f83704e350c0829438d832384084a74d.
-
-Buglink: https://issues.redhat.com/browse/RHEL-34618
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-(picked from: https://lists.nongnu.org/archive/html/qemu-devel/2024-05/msg01090.html)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- qapi/qmp-dispatch.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/qapi/qmp-dispatch.c b/qapi/qmp-dispatch.c
-index 2624eb3470..790bb7d1da 100644
---- a/qapi/qmp-dispatch.c
-+++ b/qapi/qmp-dispatch.c
-@@ -224,7 +224,8 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ
- * executing the command handler so that it can make progress if it
- * involves an AIO_WAIT_WHILE().
- */
-- aio_co_reschedule_self(qemu_get_aio_context());
-+ aio_co_schedule(qemu_get_aio_context(), qemu_coroutine_self());
-+ qemu_coroutine_yield();
- }
-
- monitor_set_cur(qemu_coroutine_self(), cur_mon);
-@@ -238,7 +239,9 @@ QDict *coroutine_mixed_fn qmp_dispatch(const QmpCommandList *cmds, QObject *requ
- * Move back to iohandler_ctx so that nested event loops for
- * qemu_aio_context don't start new monitor commands.
- */
-- aio_co_reschedule_self(iohandler_get_aio_context());
-+ aio_co_schedule(iohandler_get_aio_context(),
-+ qemu_coroutine_self());
-+ qemu_coroutine_yield();
- }
- } else {
- /*
diff --git a/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch b/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
deleted file mode 100644
index 2475d34..0000000
--- a/debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Richard Henderson <richard.henderson@linaro.org>
-Date: Mon, 22 Apr 2024 10:07:22 -0700
-Subject: [PATCH] target/arm: Restrict translation disabled alignment check to
- VMSA
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-For cpus using PMSA, when the MPU is disabled, the default memory
-type is Normal, Non-cachable. This means that it should not
-have alignment restrictions enforced.
-
-Cc: qemu-stable@nongnu.org
-Fixes: 59754f85ed3 ("target/arm: Do memory type alignment check when translation disabled")
-Reported-by: Clément Chigot <chigot@adacore.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-Tested-by: Clément Chigot <chigot@adacore.com>
-Message-id: 20240422170722.117409-1-richard.henderson@linaro.org
-[PMM: trivial comment, commit message tweaks]
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-(cherry picked from commit 7b19a3554d2df22d29c75319a1dac17615d1b20e)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/arm/tcg/hflags.c | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/target/arm/tcg/hflags.c b/target/arm/tcg/hflags.c
-index 5da1b0fc1d..f03977b4b0 100644
---- a/target/arm/tcg/hflags.c
-+++ b/target/arm/tcg/hflags.c
-@@ -38,8 +38,16 @@ static bool aprofile_require_alignment(CPUARMState *env, int el, uint64_t sctlr)
- }
-
- /*
-- * If translation is disabled, then the default memory type is
-- * Device(-nGnRnE) instead of Normal, which requires that alignment
-+ * With PMSA, when the MPU is disabled, all memory types in the
-+ * default map are Normal, so don't need aligment enforcing.
-+ */
-+ if (arm_feature(env, ARM_FEATURE_PMSA)) {
-+ return false;
-+ }
-+
-+ /*
-+ * With VMSA, if translation is disabled, then the default memory type
-+ * is Device(-nGnRnE) instead of Normal, which requires that alignment
- * be enforced. Since this affects all ram, it is most efficient
- * to handle this during translation.
- */
diff --git a/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch b/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
deleted file mode 100644
index 97501f5..0000000
--- a/debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Ruihan Li <lrh2000@pku.edu.cn>
-Date: Mon, 15 Apr 2024 14:45:21 +0800
-Subject: [PATCH] target/i386: Give IRQs a chance when resetting
- HF_INHIBIT_IRQ_MASK
-
-When emulated with QEMU, interrupts will never come in the following
-loop. However, if the NOP instruction is uncommented, interrupts will
-fire as normal.
-
- loop:
- cli
- call do_sti
- jmp loop
-
- do_sti:
- sti
- # nop
- ret
-
-This behavior is different from that of a real processor. For example,
-if KVM is enabled, interrupts will always fire regardless of whether the
-NOP instruction is commented or not. Also, the Intel Software Developer
-Manual states that after the STI instruction is executed, the interrupt
-inhibit should end as soon as the next instruction (e.g., the RET
-instruction if the NOP instruction is commented) is executed.
-
-This problem is caused because the previous code may choose not to end
-the TB even if the HF_INHIBIT_IRQ_MASK has just been reset (e.g., in the
-case where the STI instruction is immediately followed by the RET
-instruction), so that IRQs may not have a change to trigger. This commit
-fixes the problem by always terminating the current TB to give IRQs a
-chance to trigger when HF_INHIBIT_IRQ_MASK is reset.
-
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Ruihan Li <lrh2000@pku.edu.cn>
-Message-ID: <20240415064518.4951-4-lrh2000@pku.edu.cn>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit 6a5a63f74ba5c5355b7a8468d3d814bfffe928fb)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/tcg/translate.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index 3e949fe964..b5ebff2c89 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -2798,13 +2798,17 @@ static void gen_bnd_jmp(DisasContext *s)
- static void
- do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
- {
-+ bool inhibit_reset;
-+
- gen_update_cc_op(s);
-
- /* If several instructions disable interrupts, only the first does it. */
-- if (inhibit && !(s->flags & HF_INHIBIT_IRQ_MASK)) {
-- gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
-- } else {
-+ inhibit_reset = false;
-+ if (s->flags & HF_INHIBIT_IRQ_MASK) {
- gen_reset_hflag(s, HF_INHIBIT_IRQ_MASK);
-+ inhibit_reset = true;
-+ } else if (inhibit) {
-+ gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
- }
-
- if (s->base.tb->flags & HF_RF_MASK) {
-@@ -2815,7 +2819,9 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
- tcg_gen_exit_tb(NULL, 0);
- } else if (s->flags & HF_TF_MASK) {
- gen_helper_single_step(tcg_env);
-- } else if (jr) {
-+ } else if (jr &&
-+ /* give irqs a chance to happen */
-+ !inhibit_reset) {
- tcg_gen_lookup_and_goto_ptr();
- } else {
- tcg_gen_exit_tb(NULL, 0);
diff --git a/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch b/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
deleted file mode 100644
index 337c74c..0000000
--- a/debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: donsheng <dongsheng.x.zhang@intel.com>
-Date: Wed, 22 May 2024 04:01:14 +0800
-Subject: [PATCH] target-i386: hyper-v: Correct kvm_hv_handle_exit return value
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This bug fix addresses the incorrect return value of kvm_hv_handle_exit for
-KVM_EXIT_HYPERV_SYNIC, which should be EXCP_INTERRUPT.
-
-Handling of KVM_EXIT_HYPERV_SYNIC in QEMU needs to be synchronous.
-This means that async_synic_update should run in the current QEMU vCPU
-thread before returning to KVM, returning EXCP_INTERRUPT to guarantee this.
-Returning 0 can cause async_synic_update to run asynchronously.
-
-One problem (kvm-unit-tests's hyperv_synic test fails with timeout error)
-caused by this bug:
-
-When a guest VM writes to the HV_X64_MSR_SCONTROL MSR to enable Hyper-V SynIC,
-a VM exit is triggered and processed by the kvm_hv_handle_exit function of the
-QEMU vCPU. This function then calls the async_synic_update function to set
-synic->sctl_enabled to true. A true value of synic->sctl_enabled is required
-before creating SINT routes using the hyperv_sint_route_new() function.
-
-If kvm_hv_handle_exit returns 0 for KVM_EXIT_HYPERV_SYNIC, the current QEMU
-vCPU thread may return to KVM and enter the guest VM before running
-async_synic_update. In such case, the hyperv_synic test’s subsequent call to
-synic_ctl(HV_TEST_DEV_SINT_ROUTE_CREATE, ...) immediately after writing to
-HV_X64_MSR_SCONTROL can cause QEMU’s hyperv_sint_route_new() function to return
-prematurely (because synic->sctl_enabled is false).
-
-If the SINT route is not created successfully, the SINT interrupt will not be
-fired, resulting in a timeout error in the hyperv_synic test.
-
-Fixes: 267e071bd6d6 (“hyperv: make overlay pages for SynIC”)
-Suggested-by: Chao Gao <chao.gao@intel.com>
-Signed-off-by: Dongsheng Zhang <dongsheng.x.zhang@intel.com>
-Message-ID: <20240521200114.11588-1-dongsheng.x.zhang@intel.com>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit 84d4b72854869821eb89813c195927fdd3078c12)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/kvm/hyperv.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/kvm/hyperv.c b/target/i386/kvm/hyperv.c
-index f2a3fe650a..b94f12acc2 100644
---- a/target/i386/kvm/hyperv.c
-+++ b/target/i386/kvm/hyperv.c
-@@ -81,7 +81,7 @@ int kvm_hv_handle_exit(X86CPU *cpu, struct kvm_hyperv_exit *exit)
- */
- async_safe_run_on_cpu(CPU(cpu), async_synic_update, RUN_ON_CPU_NULL);
-
-- return 0;
-+ return EXCP_INTERRUPT;
- case KVM_EXIT_HYPERV_HCALL: {
- uint16_t code = exit->u.hcall.input & 0xffff;
- bool fast = exit->u.hcall.input & HV_HYPERCALL_FAST;
diff --git a/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch b/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
deleted file mode 100644
index 42ed9cd..0000000
--- a/debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Fri, 24 May 2024 17:17:47 +0200
-Subject: [PATCH] target/i386: disable jmp_opt if EFLAGS.RF is 1
-
-If EFLAGS.RF is 1, special processing in gen_eob_worker() is needed and
-therefore goto_tb cannot be used.
-
-Suggested-by: Richard Henderson <richard.henderson@linaro.org>
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit 8225bff7c5db504f50e54ef66b079854635dba70)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/tcg/translate.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index b5ebff2c89..c2c5e73b3f 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -6971,7 +6971,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
- dc->cpuid_7_1_eax_features = env->features[FEAT_7_1_EAX];
- dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
- dc->jmp_opt = !((cflags & CF_NO_GOTO_TB) ||
-- (flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
-+ (flags & (HF_RF_MASK | HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
- /*
- * If jmp_opt, we want to handle each string instruction individually.
- * For icount also disable repz optimization so that each iteration
diff --git a/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch b/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
deleted file mode 100644
index 0de3f4a..0000000
--- a/debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Paolo Bonzini <pbonzini@redhat.com>
-Date: Sat, 25 May 2024 10:03:22 +0200
-Subject: [PATCH] target/i386: no single-step exception after MOV or POP SS
-
-Intel SDM 18.3.1.4 "If an occurrence of the MOV or POP instruction
-loads the SS register executes with EFLAGS.TF = 1, no single-step debug
-exception occurs following the MOV or POP instruction."
-
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-(cherry picked from commit f0f0136abba688a6516647a79cc91e03fad6d5d7)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- target/i386/tcg/translate.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
-index c2c5e73b3f..a55df176c6 100644
---- a/target/i386/tcg/translate.c
-+++ b/target/i386/tcg/translate.c
-@@ -2817,7 +2817,7 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
- if (recheck_tf) {
- gen_helper_rechecking_single_step(tcg_env);
- tcg_gen_exit_tb(NULL, 0);
-- } else if (s->flags & HF_TF_MASK) {
-+ } else if ((s->flags & HF_TF_MASK) && !inhibit) {
- gen_helper_single_step(tcg_env);
- } else if (jr &&
- /* give irqs a chance to happen */
diff --git a/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch b/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
deleted file mode 100644
index 0f57b2f..0000000
--- a/debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Kevin Wolf <kwolf@redhat.com>
-Date: Tue, 2 Jul 2024 18:39:40 +0200
-Subject: [PATCH] qcow2: Don't open data_file with BDRV_O_NO_IO
-
-One use case for 'qemu-img info' is verifying that untrusted images
-don't reference an unwanted external file, be it as a backing file or an
-external data file. To make sure that calling 'qemu-img info' can't
-already have undesired side effects with a malicious image, just don't
-open the data file at all with BDRV_O_NO_IO. If nothing ever tries to do
-I/O, we don't need to have it open.
-
-This changes the output of iotests case 061, which used 'qemu-img info'
-to show that opening an image with an invalid data file fails. After
-this patch, it succeeds. Replace this part of the test with a qemu-io
-call, but keep the final 'qemu-img info' to show that the invalid data
-file is correctly displayed in the output.
-
-Fixes: CVE-2024-4467
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-Reviewed-by: Eric Blake <eblake@redhat.com>
-Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
-Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
-(picked from https://lore.kernel.org/qemu-devel/20240702163943.276618-2-kwolf@redhat.com/)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- block/qcow2.c | 17 ++++++++++++++++-
- tests/qemu-iotests/061 | 6 ++++--
- tests/qemu-iotests/061.out | 8 ++++++--
- 3 files changed, 26 insertions(+), 5 deletions(-)
-
-diff --git a/block/qcow2.c b/block/qcow2.c
-index 956128b409..4c78665bcb 100644
---- a/block/qcow2.c
-+++ b/block/qcow2.c
-@@ -1636,7 +1636,22 @@ qcow2_do_open(BlockDriverState *bs, QDict *options, int flags,
- goto fail;
- }
-
-- if (open_data_file) {
-+ if (open_data_file && (flags & BDRV_O_NO_IO)) {
-+ /*
-+ * Don't open the data file for 'qemu-img info' so that it can be used
-+ * to verify that an untrusted qcow2 image doesn't refer to external
-+ * files.
-+ *
-+ * Note: This still makes has_data_file() return true.
-+ */
-+ if (s->incompatible_features & QCOW2_INCOMPAT_DATA_FILE) {
-+ s->data_file = NULL;
-+ } else {
-+ s->data_file = bs->file;
-+ }
-+ qdict_extract_subqdict(options, NULL, "data-file.");
-+ qdict_del(options, "data-file");
-+ } else if (open_data_file) {
- /* Open external data file */
- bdrv_graph_co_rdunlock();
- s->data_file = bdrv_co_open_child(NULL, options, "data-file", bs,
-diff --git a/tests/qemu-iotests/061 b/tests/qemu-iotests/061
-index 53c7d428e3..b71ac097d1 100755
---- a/tests/qemu-iotests/061
-+++ b/tests/qemu-iotests/061
-@@ -326,12 +326,14 @@ $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG"
- echo
- _make_test_img -o "compat=1.1,data_file=$TEST_IMG.data" 64M
- $QEMU_IMG amend -o "data_file=foo" "$TEST_IMG"
--_img_info --format-specific
-+$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
-+$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io
- TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts
-
- echo
- $QEMU_IMG amend -o "data_file=" --image-opts "data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG"
--_img_info --format-specific
-+$QEMU_IO -c "read 0 4k" "$TEST_IMG" 2>&1 | _filter_testdir | _filter_imgfmt
-+$QEMU_IO -c "open -o data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" -c "read 0 4k" | _filter_qemu_io
- TEST_IMG="data-file.filename=$TEST_IMG.data,file.filename=$TEST_IMG" _img_info --format-specific --image-opts
-
- echo
-diff --git a/tests/qemu-iotests/061.out b/tests/qemu-iotests/061.out
-index 139fc68177..24c33add7c 100644
---- a/tests/qemu-iotests/061.out
-+++ b/tests/qemu-iotests/061.out
-@@ -545,7 +545,9 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
- qemu-img: data-file can only be set for images that use an external data file
-
- Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 data_file=TEST_DIR/t.IMGFMT.data
--qemu-img: Could not open 'TEST_DIR/t.IMGFMT': Could not open 'foo': No such file or directory
-+qemu-io: can't open device TEST_DIR/t.IMGFMT: Could not open 'foo': No such file or directory
-+read 4096/4096 bytes at offset 0
-+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
- image: TEST_DIR/t.IMGFMT
- file format: IMGFMT
- virtual size: 64 MiB (67108864 bytes)
-@@ -560,7 +562,9 @@ Format specific information:
- corrupt: false
- extended l2: false
-
--qemu-img: Could not open 'TEST_DIR/t.IMGFMT': 'data-file' is required for this image
-+qemu-io: can't open device TEST_DIR/t.IMGFMT: 'data-file' is required for this image
-+read 4096/4096 bytes at offset 0
-+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
- image: TEST_DIR/t.IMGFMT
- file format: IMGFMT
- virtual size: 64 MiB (67108864 bytes)
diff --git a/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch b/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
deleted file mode 100644
index 49f18a1..0000000
--- a/debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
+++ /dev/null
@@ -1,241 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Kevin Wolf <kwolf@redhat.com>
-Date: Tue, 2 Jul 2024 18:39:43 +0200
-Subject: [PATCH] block: Parse filenames only when explicitly requested
-
-When handling image filenames from legacy options such as -drive or from
-tools, these filenames are parsed for protocol prefixes, including for
-the json:{} pseudo-protocol.
-
-This behaviour is intended for filenames that come directly from the
-command line and for backing files, which may come from the image file
-itself. Higher level management tools generally take care to verify that
-untrusted images don't contain a bad (or any) backing file reference;
-'qemu-img info' is a suitable tool for this.
-
-However, for other files that can be referenced in images, such as
-qcow2 data files or VMDK extents, the string from the image file is
-usually not verified by management tools - and 'qemu-img info' wouldn't
-be suitable because in contrast to backing files, it already opens these
-other referenced files. So here the string should be interpreted as a
-literal local filename. More complex configurations need to be specified
-explicitly on the command line or in QMP.
-
-This patch changes bdrv_open_inherit() so that it only parses filenames
-if a new parameter parse_filename is true. It is set for the top level
-in bdrv_open(), for the file child and for the backing file child. All
-other callers pass false and disable filename parsing this way.
-
-Cc: qemu-stable@nongnu.org
-Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-Reviewed-by: Eric Blake <eblake@redhat.com>
-Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
-Reviewed-by: Hanna Czenczek <hreitz@redhat.com>
-(picked from https://lore.kernel.org/qemu-devel/20240702163943.276618-5-kwolf@redhat.com/)
-Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
----
- block.c | 90 ++++++++++++++++++++++++++++++++++++---------------------
- 1 file changed, 57 insertions(+), 33 deletions(-)
-
-diff --git a/block.c b/block.c
-index 468cf5e67d..50bdd197b7 100644
---- a/block.c
-+++ b/block.c
-@@ -86,6 +86,7 @@ static BlockDriverState *bdrv_open_inherit(const char *filename,
- BlockDriverState *parent,
- const BdrvChildClass *child_class,
- BdrvChildRole child_role,
-+ bool parse_filename,
- Error **errp);
-
- static bool bdrv_recurse_has_child(BlockDriverState *bs,
-@@ -2058,7 +2059,8 @@ static void parse_json_protocol(QDict *options, const char **pfilename,
- * block driver has been specified explicitly.
- */
- static int bdrv_fill_options(QDict **options, const char *filename,
-- int *flags, Error **errp)
-+ int *flags, bool allow_parse_filename,
-+ Error **errp)
- {
- const char *drvname;
- bool protocol = *flags & BDRV_O_PROTOCOL;
-@@ -2100,7 +2102,7 @@ static int bdrv_fill_options(QDict **options, const char *filename,
- if (protocol && filename) {
- if (!qdict_haskey(*options, "filename")) {
- qdict_put_str(*options, "filename", filename);
-- parse_filename = true;
-+ parse_filename = allow_parse_filename;
- } else {
- error_setg(errp, "Can't specify 'file' and 'filename' options at "
- "the same time");
-@@ -3663,7 +3665,8 @@ int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options,
- }
-
- backing_hd = bdrv_open_inherit(backing_filename, reference, options, 0, bs,
-- &child_of_bds, bdrv_backing_role(bs), errp);
-+ &child_of_bds, bdrv_backing_role(bs), true,
-+ errp);
- if (!backing_hd) {
- bs->open_flags |= BDRV_O_NO_BACKING;
- error_prepend(errp, "Could not open backing file: ");
-@@ -3697,7 +3700,8 @@ free_exit:
- static BlockDriverState *
- bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key,
- BlockDriverState *parent, const BdrvChildClass *child_class,
-- BdrvChildRole child_role, bool allow_none, Error **errp)
-+ BdrvChildRole child_role, bool allow_none,
-+ bool parse_filename, Error **errp)
- {
- BlockDriverState *bs = NULL;
- QDict *image_options;
-@@ -3728,7 +3732,8 @@ bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key,
- }
-
- bs = bdrv_open_inherit(filename, reference, image_options, 0,
-- parent, child_class, child_role, errp);
-+ parent, child_class, child_role, parse_filename,
-+ errp);
- if (!bs) {
- goto done;
- }
-@@ -3738,6 +3743,33 @@ done:
- return bs;
- }
-
-+static BdrvChild *bdrv_open_child_common(const char *filename,
-+ QDict *options, const char *bdref_key,
-+ BlockDriverState *parent,
-+ const BdrvChildClass *child_class,
-+ BdrvChildRole child_role,
-+ bool allow_none, bool parse_filename,
-+ Error **errp)
-+{
-+ BlockDriverState *bs;
-+ BdrvChild *child;
-+
-+ GLOBAL_STATE_CODE();
-+
-+ bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_class,
-+ child_role, allow_none, parse_filename, errp);
-+ if (bs == NULL) {
-+ return NULL;
-+ }
-+
-+ bdrv_graph_wrlock();
-+ child = bdrv_attach_child(parent, bs, bdref_key, child_class, child_role,
-+ errp);
-+ bdrv_graph_wrunlock();
-+
-+ return child;
-+}
-+
- /*
- * Opens a disk image whose options are given as BlockdevRef in another block
- * device's options.
-@@ -3761,27 +3793,15 @@ BdrvChild *bdrv_open_child(const char *filename,
- BdrvChildRole child_role,
- bool allow_none, Error **errp)
- {
-- BlockDriverState *bs;
-- BdrvChild *child;
--
-- GLOBAL_STATE_CODE();
--
-- bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_class,
-- child_role, allow_none, errp);
-- if (bs == NULL) {
-- return NULL;
-- }
--
-- bdrv_graph_wrlock();
-- child = bdrv_attach_child(parent, bs, bdref_key, child_class, child_role,
-- errp);
-- bdrv_graph_wrunlock();
--
-- return child;
-+ return bdrv_open_child_common(filename, options, bdref_key, parent,
-+ child_class, child_role, allow_none, false,
-+ errp);
- }
-
- /*
-- * Wrapper on bdrv_open_child() for most popular case: open primary child of bs.
-+ * This does mostly the same as bdrv_open_child(), but for opening the primary
-+ * child of a node. A notable difference from bdrv_open_child() is that it
-+ * enables filename parsing for protocol names (including json:).
- *
- * @parent can move to a different AioContext in this function.
- */
-@@ -3796,8 +3816,8 @@ int bdrv_open_file_child(const char *filename,
- role = parent->drv->is_filter ?
- (BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY) : BDRV_CHILD_IMAGE;
-
-- if (!bdrv_open_child(filename, options, bdref_key, parent,
-- &child_of_bds, role, false, errp))
-+ if (!bdrv_open_child_common(filename, options, bdref_key, parent,
-+ &child_of_bds, role, false, true, errp))
- {
- return -EINVAL;
- }
-@@ -3842,7 +3862,8 @@ BlockDriverState *bdrv_open_blockdev_ref(BlockdevRef *ref, Error **errp)
-
- }
-
-- bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, 0, errp);
-+ bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, 0, false,
-+ errp);
- obj = NULL;
- qobject_unref(obj);
- visit_free(v);
-@@ -3932,7 +3953,7 @@ static BlockDriverState * no_coroutine_fn
- bdrv_open_inherit(const char *filename, const char *reference, QDict *options,
- int flags, BlockDriverState *parent,
- const BdrvChildClass *child_class, BdrvChildRole child_role,
-- Error **errp)
-+ bool parse_filename, Error **errp)
- {
- int ret;
- BlockBackend *file = NULL;
-@@ -3980,9 +4001,11 @@ bdrv_open_inherit(const char *filename, const char *reference, QDict *options,
- }
-
- /* json: syntax counts as explicit options, as if in the QDict */
-- parse_json_protocol(options, &filename, &local_err);
-- if (local_err) {
-- goto fail;
-+ if (parse_filename) {
-+ parse_json_protocol(options, &filename, &local_err);
-+ if (local_err) {
-+ goto fail;
-+ }
- }
-
- bs->explicit_options = qdict_clone_shallow(options);
-@@ -4007,7 +4030,8 @@ bdrv_open_inherit(const char *filename, const char *reference, QDict *options,
- parent->open_flags, parent->options);
- }
-
-- ret = bdrv_fill_options(&options, filename, &flags, &local_err);
-+ ret = bdrv_fill_options(&options, filename, &flags, parse_filename,
-+ &local_err);
- if (ret < 0) {
- goto fail;
- }
-@@ -4076,7 +4100,7 @@ bdrv_open_inherit(const char *filename, const char *reference, QDict *options,
-
- file_bs = bdrv_open_child_bs(filename, options, "file", bs,
- &child_of_bds, BDRV_CHILD_IMAGE,
-- true, &local_err);
-+ true, true, &local_err);
- if (local_err) {
- goto fail;
- }
-@@ -4225,7 +4249,7 @@ BlockDriverState *bdrv_open(const char *filename, const char *reference,
- GLOBAL_STATE_CODE();
-
- return bdrv_open_inherit(filename, reference, options, flags, NULL,
-- NULL, 0, errp);
-+ NULL, 0, true, errp);
- }
-
- /* Return true if the NULL-terminated @list contains @str */
diff --git a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
index 9230b01..fce068c 100644
--- a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
+++ b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
@@ -119,10 +119,10 @@ index 43bc0bd520..60e98c87f1 100644
};
return raw_co_create(&options, errp);
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 45ab548dfe..f7c2b63c5d 100644
+index 0902b0a024..0653c244cf 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -4956,6 +4956,10 @@
+@@ -4952,6 +4952,10 @@
# @extent-size-hint: Extent size hint to add to the image file; 0 for
# not adding an extent size hint (default: 1 MB, since 5.1)
#
@@ -133,7 +133,7 @@ index 45ab548dfe..f7c2b63c5d 100644
# Since: 2.12
##
{ 'struct': 'BlockdevCreateOptionsFile',
-@@ -4963,7 +4967,8 @@
+@@ -4959,7 +4963,8 @@
'size': 'size',
'*preallocation': 'PreallocMode',
'*nocow': 'bool',
diff --git a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
index af4565f..7e09f68 100644
--- a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
+++ b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
@@ -1683,7 +1683,7 @@ index 0000000000..c755bf302b
+ return ret;
+}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index f7c2b63c5d..e49c7b5bc9 100644
+index 0653c244cf..dbd5d9b993 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -851,6 +851,239 @@
diff --git a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
index 82ec94f..859ac77 100644
--- a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
+++ b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
@@ -368,10 +368,10 @@ index 6de51c34cb..3bc039f60f 100644
summary_info += {'libdaxctl support': libdaxctl}
summary_info += {'libudev': libudev}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index e49c7b5bc9..fc32ff9957 100644
+index dbd5d9b993..e79775656c 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -3457,6 +3457,7 @@
+@@ -3453,6 +3453,7 @@
'parallels', 'preallocate', 'qcow', 'qcow2', 'qed', 'quorum',
'raw', 'rbd',
{ 'name': 'replication', 'if': 'CONFIG_REPLICATION' },
@@ -379,7 +379,7 @@ index e49c7b5bc9..fc32ff9957 100644
'ssh', 'throttle', 'vdi', 'vhdx',
{ 'name': 'virtio-blk-vfio-pci', 'if': 'CONFIG_BLKIO' },
{ 'name': 'virtio-blk-vhost-user', 'if': 'CONFIG_BLKIO' },
-@@ -3543,6 +3544,33 @@
+@@ -3539,6 +3540,33 @@
{ 'struct': 'BlockdevOptionsNull',
'data': { '*size': 'int', '*latency-ns': 'uint64', '*read-zeroes': 'bool' } }
@@ -413,7 +413,7 @@ index e49c7b5bc9..fc32ff9957 100644
##
# @BlockdevOptionsNVMe:
#
-@@ -4977,6 +5005,7 @@
+@@ -4973,6 +5001,7 @@
'nfs': 'BlockdevOptionsNfs',
'null-aio': 'BlockdevOptionsNull',
'null-co': 'BlockdevOptionsNull',
diff --git a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
index aab05b8..6ba8425 100644
--- a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
+++ b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
@@ -186,7 +186,7 @@ index c755bf302b..5ebb6a3947 100644
ret->pbs_masterkey = true;
ret->backup_max_workers = true;
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index fc32ff9957..f516d8e95a 100644
+index e79775656c..cb58a664ef 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1004,6 +1004,11 @@
diff --git a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch b/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
index ef44f42..5bf9efc 100644
--- a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
+++ b/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
@@ -254,7 +254,7 @@ index cc1387ae02..f0c642b194 100644
BackupPerf *perf,
BlockdevOnError on_source_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index f516d8e95a..d796d49abb 100644
+index cb58a664ef..282e2e8a8c 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1849,6 +1849,9 @@
diff --git a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch b/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
index 50a8cd2..26bbdd0 100644
--- a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
+++ b/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
@@ -108,10 +108,10 @@ index bdc703bacd..77857c6c68 100644
/* Function should be called prior any actual copy request */
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index d796d49abb..edbf6e78b9 100644
+index 282e2e8a8c..9caf04cbe9 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -4930,12 +4930,18 @@
+@@ -4926,12 +4926,18 @@
# @on-cbw-error parameter will decide how this failure is handled.
# Default 0. (Since 7.1)
#
diff --git a/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch b/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
index fe3ff95..42c5ec5 100644
--- a/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
+++ b/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
@@ -82,7 +82,7 @@ index 1054a69279..cbe224387b 100644
if ((backup->sync == MIRROR_SYNC_MODE_BITMAP) ||
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index edbf6e78b9..6e7ee87633 100644
+index 9caf04cbe9..df934647ed 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1790,11 +1790,16 @@
diff --git a/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch b/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
index dbb2883..1af3e04 100644
--- a/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
+++ b/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
@@ -294,7 +294,7 @@ index 5ebb6a3947..a747d12d3d 100644
return ret;
}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 6e7ee87633..dc5f75cd39 100644
+index df934647ed..ff441d4258 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -948,6 +948,10 @@
diff --git a/debian/patches/series b/debian/patches/series
index 5341391..763dfc1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,21 +3,7 @@ extra/0002-scsi-megasas-Internal-cdbs-have-16-byte-length.patch
extra/0003-ide-avoid-potential-deadlock-when-draining-during-tr.patch
extra/0004-Revert-x86-acpi-workaround-Windows-not-handling-name.patch
extra/0005-block-copy-before-write-use-uint64_t-for-timeout-in-.patch
-extra/0006-virtio-gpu-fix-v2-migration.patch
-extra/0007-hw-pflash-fix-block-write-start.patch
-extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
-extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
-extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
-extra/0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch
-extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
-extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
-extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
-extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
-extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
-extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
-extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
-extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
-extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
+extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
bitmap-mirror/0002-drive-mirror-add-support-for-conditional-and-always-.patch
bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
--
2.39.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* [pve-devel] [PATCH qemu 2/2] some more stable fixes for QEMU 9.0.2
2024-07-25 9:45 [pve-devel] [PATCH qemu 1/2] update submodule and patches to QEMU 9.0.2 Fiona Ebner
@ 2024-07-25 9:45 ` Fiona Ebner
2024-07-29 17:12 ` [pve-devel] applied: [PATCH qemu 1/2] update submodule and patches to " Thomas Lamprecht
1 sibling, 0 replies; 3+ messages in thread
From: Fiona Ebner @ 2024-07-25 9:45 UTC (permalink / raw)
To: pve-devel
Fix the two issues reported in the community forum[0][1], i.e.
regression in LSI-53c895a controller and ignored boot order for USB
storage (only possible via custom arguments in Proxmox VE), both
causing boot failures, and pick up fixes for VirtIO, ARM emulation,
char IO device and a graph lock fix for the block layer.
The block-copy patches that serve as a preparation for fleecing are
moved to the extra folder, because the graph lock fix requires them
to be present first. They have been applied upstream in the meantime
and should drop out with the rebase on 9.1.
[0]: https://forum.proxmox.com/threads/149772/post-679433
[1]: https://forum.proxmox.com/threads/149772/post-683459
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
...d-support-for-sync-bitmap-mode-never.patch | 14 +--
...check-for-bitmap-mode-without-bitmap.patch | 2 +-
.../0006-mirror-move-some-checks-to-qmp.patch | 2 +-
...ck-copy-before-write-fix-permission.patch} | 0
...-write-support-unligned-snapshot-di.patch} | 0
...-write-create-block_copy-bitmap-in-.patch} | 0
...backup-add-discard-source-parameter.patch} | 20 ++--
...e-de-initialization-of-vhost-user-de.patch | 92 ++++++++++++++++++
...Use-float_status-copy-in-sme_fmopa_s.patch | 43 +++++++++
...-Use-FPST_F16-for-SME-FMOPA-widening.patch | 62 +++++++++++++
...ion-and-honor-bootindex-again-for-le.patch | 60 ++++++++++++
...5a-bump-instruction-limit-in-scripts.patch | 48 ++++++++++
...16-block-copy-Fix-missing-graph-lock.patch | 38 ++++++++
...-do-not-operate-on-sources-from-fina.patch | 93 +++++++++++++++++++
...le-posix-make-locking-optiono-on-cre.patch | 6 +-
...e-bcs-bitmap-initialization-to-job-c.patch | 4 +-
...-Backup-add-backup-dump-block-driver.patch | 4 +-
...ckup-Proxmox-backup-patches-for-QEMU.patch | 4 +-
...k-driver-to-map-backup-archives-into.patch | 8 +-
...igrate-dirty-bitmap-state-via-savevm.patch | 2 +-
...-allow-specifying-minimum-cluster-s.patch} | 2 +-
...m-cluster-size-to-performance-optio.patch} | 0
...0046-PVE-backup-add-fleecing-option.patch} | 0
...e-error-when-copy-before-write-fail.patch} | 0
debian/patches/series | 23 +++--
25 files changed, 485 insertions(+), 42 deletions(-)
rename debian/patches/{pve/0044-block-copy-before-write-fix-permission.patch => extra/0007-block-copy-before-write-fix-permission.patch} (100%)
rename debian/patches/{pve/0045-block-copy-before-write-support-unligned-snapshot-di.patch => extra/0008-block-copy-before-write-support-unligned-snapshot-di.patch} (100%)
rename debian/patches/{pve/0046-block-copy-before-write-create-block_copy-bitmap-in-.patch => extra/0009-block-copy-before-write-create-block_copy-bitmap-in-.patch} (100%)
rename debian/patches/{pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch => extra/0010-qapi-blockdev-backup-add-discard-source-parameter.patch} (96%)
create mode 100644 debian/patches/extra/0011-hw-virtio-Fix-the-de-initialization-of-vhost-user-de.patch
create mode 100644 debian/patches/extra/0012-target-arm-Use-float_status-copy-in-sme_fmopa_s.patch
create mode 100644 debian/patches/extra/0013-target-arm-Use-FPST_F16-for-SME-FMOPA-widening.patch
create mode 100644 debian/patches/extra/0014-scsi-fix-regression-and-honor-bootindex-again-for-le.patch
create mode 100644 debian/patches/extra/0015-hw-scsi-lsi53c895a-bump-instruction-limit-in-scripts.patch
create mode 100644 debian/patches/extra/0016-block-copy-Fix-missing-graph-lock.patch
create mode 100644 debian/patches/extra/0017-Revert-qemu-char-do-not-operate-on-sources-from-fina.patch
rename debian/patches/pve/{0048-copy-before-write-allow-specifying-minimum-cluster-s.patch => 0044-copy-before-write-allow-specifying-minimum-cluster-s.patch} (99%)
rename debian/patches/pve/{0049-backup-add-minimum-cluster-size-to-performance-optio.patch => 0045-backup-add-minimum-cluster-size-to-performance-optio.patch} (100%)
rename debian/patches/pve/{0050-PVE-backup-add-fleecing-option.patch => 0046-PVE-backup-add-fleecing-option.patch} (100%)
rename debian/patches/pve/{0051-PVE-backup-improve-error-when-copy-before-write-fail.patch => 0047-PVE-backup-improve-error-when-copy-before-write-fail.patch} (100%)
diff --git a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
index 392b8a2..0532896 100644
--- a/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
+++ b/debian/patches/bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
@@ -258,7 +258,7 @@ index 1bdce3b657..0c5c72df2e 100644
errp);
if (!job) {
diff --git a/blockdev.c b/blockdev.c
-index 057601dcf0..8682814a7a 100644
+index 4c33c3f5f0..f3e508a6a7 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2776,6 +2776,9 @@ static void blockdev_mirror_common(const char *job_id, BlockDriverState *bs,
@@ -349,7 +349,7 @@ index 057601dcf0..8682814a7a 100644
has_granularity, granularity,
has_buf_size, buf_size,
diff --git a/include/block/block_int-global-state.h b/include/block/block_int-global-state.h
-index d2201e27f4..cc1387ae02 100644
+index eb2d92a226..f0c642b194 100644
--- a/include/block/block_int-global-state.h
+++ b/include/block/block_int-global-state.h
@@ -158,7 +158,9 @@ void mirror_start(const char *job_id, BlockDriverState *bs,
@@ -364,10 +364,10 @@ index d2201e27f4..cc1387ae02 100644
BlockdevOnError on_source_error,
BlockdevOnError on_target_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 4b18e01b85..0902b0a024 100644
+index b179d65520..905da8be72 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -2170,6 +2170,15 @@
+@@ -2174,6 +2174,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -383,7 +383,7 @@ index 4b18e01b85..0902b0a024 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2212,7 +2221,9 @@
+@@ -2216,7 +2225,9 @@
{ 'struct': 'DriveMirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*format': 'str', '*node-name': 'str', '*replaces': 'str',
@@ -394,7 +394,7 @@ index 4b18e01b85..0902b0a024 100644
'*speed': 'int', '*granularity': 'uint32',
'*buf-size': 'int', '*on-source-error': 'BlockdevOnError',
'*on-target-error': 'BlockdevOnError',
-@@ -2492,6 +2503,15 @@
+@@ -2496,6 +2507,15 @@
# destination (all the disk, only the sectors allocated in the
# topmost image, or only new I/O).
#
@@ -410,7 +410,7 @@ index 4b18e01b85..0902b0a024 100644
# @granularity: granularity of the dirty bitmap, default is 64K if the
# image format doesn't have clusters, 4K if the clusters are
# smaller than that, else the cluster size. Must be a power of 2
-@@ -2540,7 +2560,8 @@
+@@ -2544,7 +2564,8 @@
{ 'command': 'blockdev-mirror',
'data': { '*job-id': 'str', 'device': 'str', 'target': 'str',
'*replaces': 'str',
diff --git a/debian/patches/bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch b/debian/patches/bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
index ddaf702..d1e0fb0 100644
--- a/debian/patches/bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
+++ b/debian/patches/bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
@@ -16,7 +16,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
1 file changed, 3 insertions(+)
diff --git a/blockdev.c b/blockdev.c
-index 8682814a7a..5b75a085ee 100644
+index f3e508a6a7..37b8437f3e 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2873,6 +2873,9 @@ static void blockdev_mirror_common(const char *job_id, BlockDriverState *bs,
diff --git a/debian/patches/bitmap-mirror/0006-mirror-move-some-checks-to-qmp.patch b/debian/patches/bitmap-mirror/0006-mirror-move-some-checks-to-qmp.patch
index 05a73d1..9f68e4f 100644
--- a/debian/patches/bitmap-mirror/0006-mirror-move-some-checks-to-qmp.patch
+++ b/debian/patches/bitmap-mirror/0006-mirror-move-some-checks-to-qmp.patch
@@ -62,7 +62,7 @@ index 6b3cce1007..2f1223852b 100644
if (bitmap_mode != BITMAP_SYNC_MODE_NEVER) {
diff --git a/blockdev.c b/blockdev.c
-index 5b75a085ee..d27d8c38ec 100644
+index 37b8437f3e..ed8198f351 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -2852,7 +2852,36 @@ static void blockdev_mirror_common(const char *job_id, BlockDriverState *bs,
diff --git a/debian/patches/pve/0044-block-copy-before-write-fix-permission.patch b/debian/patches/extra/0007-block-copy-before-write-fix-permission.patch
similarity index 100%
rename from debian/patches/pve/0044-block-copy-before-write-fix-permission.patch
rename to debian/patches/extra/0007-block-copy-before-write-fix-permission.patch
diff --git a/debian/patches/pve/0045-block-copy-before-write-support-unligned-snapshot-di.patch b/debian/patches/extra/0008-block-copy-before-write-support-unligned-snapshot-di.patch
similarity index 100%
rename from debian/patches/pve/0045-block-copy-before-write-support-unligned-snapshot-di.patch
rename to debian/patches/extra/0008-block-copy-before-write-support-unligned-snapshot-di.patch
diff --git a/debian/patches/pve/0046-block-copy-before-write-create-block_copy-bitmap-in-.patch b/debian/patches/extra/0009-block-copy-before-write-create-block_copy-bitmap-in-.patch
similarity index 100%
rename from debian/patches/pve/0046-block-copy-before-write-create-block_copy-bitmap-in-.patch
rename to debian/patches/extra/0009-block-copy-before-write-create-block_copy-bitmap-in-.patch
diff --git a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch b/debian/patches/extra/0010-qapi-blockdev-backup-add-discard-source-parameter.patch
similarity index 96%
rename from debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
rename to debian/patches/extra/0010-qapi-blockdev-backup-add-discard-source-parameter.patch
index 5bf9efc..e11a37d 100644
--- a/debian/patches/pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
+++ b/debian/patches/extra/0010-qapi-blockdev-backup-add-discard-source-parameter.patch
@@ -45,10 +45,10 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
10 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/block/backup.c b/block/backup.c
-index 16d611c4ca..1963e47ab9 100644
+index ec29d6b810..3dd2e229d2 100644
--- a/block/backup.c
+++ b/block/backup.c
-@@ -332,7 +332,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
+@@ -356,7 +356,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
BlockDriverState *target, int64_t speed,
MirrorSyncMode sync_mode, BdrvDirtyBitmap *sync_bitmap,
BitmapSyncMode bitmap_mode,
@@ -57,7 +57,7 @@ index 16d611c4ca..1963e47ab9 100644
const char *filter_node_name,
BackupPerf *perf,
BlockdevOnError on_source_error,
-@@ -433,7 +433,8 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
+@@ -457,7 +457,8 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
goto error;
}
@@ -203,10 +203,10 @@ index ca6bd0a720..0415a5e8b7 100644
BLOCKDEV_ON_ERROR_REPORT, JOB_INTERNAL,
backup_job_completed, bs, NULL, &local_err);
diff --git a/blockdev.c b/blockdev.c
-index 5e5dbc1da9..1054a69279 100644
+index 057601dcf0..4c33c3f5f0 100644
--- a/blockdev.c
+++ b/blockdev.c
-@@ -2727,7 +2727,7 @@ static BlockJob *do_backup_common(BackupCommon *backup,
+@@ -2726,7 +2726,7 @@ static BlockJob *do_backup_common(BackupCommon *backup,
job = backup_job_create(backup->job_id, bs, target_bs, backup->speed,
backup->sync, bmap, backup->bitmap_mode,
@@ -241,10 +241,10 @@ index 8b41643bfa..bdc703bacd 100644
/* Function should be called prior any actual copy request */
diff --git a/include/block/block_int-global-state.h b/include/block/block_int-global-state.h
-index cc1387ae02..f0c642b194 100644
+index d2201e27f4..eb2d92a226 100644
--- a/include/block/block_int-global-state.h
+++ b/include/block/block_int-global-state.h
-@@ -195,7 +195,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
+@@ -193,7 +193,7 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
MirrorSyncMode sync_mode,
BdrvDirtyBitmap *sync_bitmap,
BitmapSyncMode bitmap_mode,
@@ -254,10 +254,10 @@ index cc1387ae02..f0c642b194 100644
BackupPerf *perf,
BlockdevOnError on_source_error,
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index cb58a664ef..282e2e8a8c 100644
+index 4b18e01b85..b179d65520 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -1849,6 +1849,9 @@
+@@ -1610,6 +1610,9 @@
# node specified by @drive. If this option is not given, a node
# name is autogenerated. (Since: 4.2)
#
@@ -267,7 +267,7 @@ index cb58a664ef..282e2e8a8c 100644
# @x-perf: Performance options. (Since 6.0)
#
# Features:
-@@ -1870,6 +1873,7 @@
+@@ -1631,6 +1634,7 @@
'*on-target-error': 'BlockdevOnError',
'*auto-finalize': 'bool', '*auto-dismiss': 'bool',
'*filter-node-name': 'str',
diff --git a/debian/patches/extra/0011-hw-virtio-Fix-the-de-initialization-of-vhost-user-de.patch b/debian/patches/extra/0011-hw-virtio-Fix-the-de-initialization-of-vhost-user-de.patch
new file mode 100644
index 0000000..c5a3e92
--- /dev/null
+++ b/debian/patches/extra/0011-hw-virtio-Fix-the-de-initialization-of-vhost-user-de.patch
@@ -0,0 +1,92 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thomas Huth <thuth@redhat.com>
+Date: Tue, 18 Jun 2024 14:19:58 +0200
+Subject: [PATCH] hw/virtio: Fix the de-initialization of vhost-user devices
+
+The unrealize functions of the various vhost-user devices are
+calling the corresponding vhost_*_set_status() functions with a
+status of 0 to shut down the device correctly.
+
+Now these vhost_*_set_status() functions all follow this scheme:
+
+ bool should_start = virtio_device_should_start(vdev, status);
+
+ if (vhost_dev_is_started(&vvc->vhost_dev) == should_start) {
+ return;
+ }
+
+ if (should_start) {
+ /* ... do the initialization stuff ... */
+ } else {
+ /* ... do the cleanup stuff ... */
+ }
+
+The problem here is virtio_device_should_start(vdev, 0) currently
+always returns "true" since it internally only looks at vdev->started
+instead of looking at the "status" parameter. Thus once the device
+got started once, virtio_device_should_start() always returns true
+and thus the vhost_*_set_status() functions return early, without
+ever doing any clean-up when being called with status == 0. This
+causes e.g. problems when trying to hot-plug and hot-unplug a vhost
+user devices multiple times since the de-initialization step is
+completely skipped during the unplug operation.
+
+This bug has been introduced in commit 9f6bcfd99f ("hw/virtio: move
+vm_running check to virtio_device_started") which replaced
+
+ should_start = status & VIRTIO_CONFIG_S_DRIVER_OK;
+
+with
+
+ should_start = virtio_device_started(vdev, status);
+
+which later got replaced by virtio_device_should_start(). This blocked
+the possibility to set should_start to false in case the status flag
+VIRTIO_CONFIG_S_DRIVER_OK was not set.
+
+Fix it by adjusting the virtio_device_should_start() function to
+only consider the status flag instead of vdev->started. Since this
+function is only used in the various vhost_*_set_status() functions
+for exactly the same purpose, it should be fine to fix it in this
+central place there without any risk to change the behavior of other
+code.
+
+Fixes: 9f6bcfd99f ("hw/virtio: move vm_running check to virtio_device_started")
+Buglink: https://issues.redhat.com/browse/RHEL-40708
+Signed-off-by: Thomas Huth <thuth@redhat.com>
+Message-Id: <20240618121958.88673-1-thuth@redhat.com>
+Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
+(cherry picked from commit d72479b11797c28893e1e3fc565497a9cae5ca16)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ include/hw/virtio/virtio.h | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
+index 7d5ffdc145..2eafad17b8 100644
+--- a/include/hw/virtio/virtio.h
++++ b/include/hw/virtio/virtio.h
+@@ -470,9 +470,9 @@ static inline bool virtio_device_started(VirtIODevice *vdev, uint8_t status)
+ * @vdev - the VirtIO device
+ * @status - the devices status bits
+ *
+- * This is similar to virtio_device_started() but also encapsulates a
+- * check on the VM status which would prevent a device starting
+- * anyway.
++ * This is similar to virtio_device_started() but ignores vdev->started
++ * and also encapsulates a check on the VM status which would prevent a
++ * device from starting anyway.
+ */
+ static inline bool virtio_device_should_start(VirtIODevice *vdev, uint8_t status)
+ {
+@@ -480,7 +480,7 @@ static inline bool virtio_device_should_start(VirtIODevice *vdev, uint8_t status
+ return false;
+ }
+
+- return virtio_device_started(vdev, status);
++ return status & VIRTIO_CONFIG_S_DRIVER_OK;
+ }
+
+ static inline void virtio_set_started(VirtIODevice *vdev, bool started)
diff --git a/debian/patches/extra/0012-target-arm-Use-float_status-copy-in-sme_fmopa_s.patch b/debian/patches/extra/0012-target-arm-Use-float_status-copy-in-sme_fmopa_s.patch
new file mode 100644
index 0000000..3ca2147
--- /dev/null
+++ b/debian/patches/extra/0012-target-arm-Use-float_status-copy-in-sme_fmopa_s.patch
@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniyal Khan <danikhan632@gmail.com>
+Date: Wed, 17 Jul 2024 16:01:47 +1000
+Subject: [PATCH] target/arm: Use float_status copy in sme_fmopa_s
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+We made a copy above because the fp exception flags
+are not propagated back to the FPST register, but
+then failed to use the copy.
+
+Cc: qemu-stable@nongnu.org
+Fixes: 558e956c719 ("target/arm: Implement FMOPA, FMOPS (non-widening)")
+Signed-off-by: Daniyal Khan <danikhan632@gmail.com>
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Message-id: 20240717060149.204788-2-richard.henderson@linaro.org
+[rth: Split from a larger patch]
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+(cherry picked from commit 31d93fedf41c24b0badb38cd9317590d1ef74e37)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ target/arm/tcg/sme_helper.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/target/arm/tcg/sme_helper.c b/target/arm/tcg/sme_helper.c
+index e2e0575039..5a6dd76489 100644
+--- a/target/arm/tcg/sme_helper.c
++++ b/target/arm/tcg/sme_helper.c
+@@ -916,7 +916,7 @@ void HELPER(sme_fmopa_s)(void *vza, void *vzn, void *vzm, void *vpn,
+ if (pb & 1) {
+ uint32_t *a = vza_row + H1_4(col);
+ uint32_t *m = vzm + H1_4(col);
+- *a = float32_muladd(n, *m, *a, 0, vst);
++ *a = float32_muladd(n, *m, *a, 0, &fpst);
+ }
+ col += 4;
+ pb >>= 4;
diff --git a/debian/patches/extra/0013-target-arm-Use-FPST_F16-for-SME-FMOPA-widening.patch b/debian/patches/extra/0013-target-arm-Use-FPST_F16-for-SME-FMOPA-widening.patch
new file mode 100644
index 0000000..56f24fc
--- /dev/null
+++ b/debian/patches/extra/0013-target-arm-Use-FPST_F16-for-SME-FMOPA-widening.patch
@@ -0,0 +1,62 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Richard Henderson <richard.henderson@linaro.org>
+Date: Wed, 17 Jul 2024 16:01:48 +1000
+Subject: [PATCH] target/arm: Use FPST_F16 for SME FMOPA (widening)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This operation has float16 inputs and thus must use
+the FZ16 control not the FZ control.
+
+Cc: qemu-stable@nongnu.org
+Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)")
+Reported-by: Daniyal Khan <danikhan632@gmail.com>
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Message-id: 20240717060149.204788-3-richard.henderson@linaro.org
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2374
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+(cherry picked from commit 207d30b5fdb5b45a36f26eefcf52fe2c1714dd4f)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ target/arm/tcg/translate-sme.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/target/arm/tcg/translate-sme.c b/target/arm/tcg/translate-sme.c
+index 46c7fce8b4..185a8a917b 100644
+--- a/target/arm/tcg/translate-sme.c
++++ b/target/arm/tcg/translate-sme.c
+@@ -304,6 +304,7 @@ static bool do_outprod(DisasContext *s, arg_op *a, MemOp esz,
+ }
+
+ static bool do_outprod_fpst(DisasContext *s, arg_op *a, MemOp esz,
++ ARMFPStatusFlavour e_fpst,
+ gen_helper_gvec_5_ptr *fn)
+ {
+ int svl = streaming_vec_reg_size(s);
+@@ -319,15 +320,18 @@ static bool do_outprod_fpst(DisasContext *s, arg_op *a, MemOp esz,
+ zm = vec_full_reg_ptr(s, a->zm);
+ pn = pred_full_reg_ptr(s, a->pn);
+ pm = pred_full_reg_ptr(s, a->pm);
+- fpst = fpstatus_ptr(FPST_FPCR);
++ fpst = fpstatus_ptr(e_fpst);
+
+ fn(za, zn, zm, pn, pm, fpst, tcg_constant_i32(desc));
+ return true;
+ }
+
+-TRANS_FEAT(FMOPA_h, aa64_sme, do_outprod_fpst, a, MO_32, gen_helper_sme_fmopa_h)
+-TRANS_FEAT(FMOPA_s, aa64_sme, do_outprod_fpst, a, MO_32, gen_helper_sme_fmopa_s)
+-TRANS_FEAT(FMOPA_d, aa64_sme_f64f64, do_outprod_fpst, a, MO_64, gen_helper_sme_fmopa_d)
++TRANS_FEAT(FMOPA_h, aa64_sme, do_outprod_fpst, a,
++ MO_32, FPST_FPCR_F16, gen_helper_sme_fmopa_h)
++TRANS_FEAT(FMOPA_s, aa64_sme, do_outprod_fpst, a,
++ MO_32, FPST_FPCR, gen_helper_sme_fmopa_s)
++TRANS_FEAT(FMOPA_d, aa64_sme_f64f64, do_outprod_fpst, a,
++ MO_64, FPST_FPCR, gen_helper_sme_fmopa_d)
+
+ /* TODO: FEAT_EBF16 */
+ TRANS_FEAT(BFMOPA, aa64_sme, do_outprod, a, MO_32, gen_helper_sme_bfmopa)
diff --git a/debian/patches/extra/0014-scsi-fix-regression-and-honor-bootindex-again-for-le.patch b/debian/patches/extra/0014-scsi-fix-regression-and-honor-bootindex-again-for-le.patch
new file mode 100644
index 0000000..6fad4dc
--- /dev/null
+++ b/debian/patches/extra/0014-scsi-fix-regression-and-honor-bootindex-again-for-le.patch
@@ -0,0 +1,60 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Fiona Ebner <f.ebner@proxmox.com>
+Date: Wed, 10 Jul 2024 17:25:29 +0200
+Subject: [PATCH] scsi: fix regression and honor bootindex again for legacy
+ drives
+
+Commit 3089637461 ("scsi: Don't ignore most usb-storage properties")
+removed the call to object_property_set_int() and thus the 'set'
+method for the bootindex property was also not called anymore. Here
+that method is device_set_bootindex() (as configured by
+scsi_dev_instance_init() -> device_add_bootindex_property()) which as
+a side effect registers the device via add_boot_device_path().
+
+As reported by a downstream user [0], the bootindex property did not
+have the desired effect anymore for legacy drives. Fix the regression
+by explicitly calling the add_boot_device_path() function after
+checking that the bootindex is not yet used (to avoid
+add_boot_device_path() calling exit()).
+
+[0]: https://forum.proxmox.com/threads/149772/post-679433
+
+Cc: qemu-stable@nongnu.org
+Fixes: 3089637461 ("scsi: Don't ignore most usb-storage properties")
+Suggested-by: Kevin Wolf <kwolf@redhat.com>
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+Link: https://lore.kernel.org/r/20240710152529.1737407-1-f.ebner@proxmox.com
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+(cherry picked from commit 57a8a80d1a5b28797b21d30bfc60601945820e51)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ hw/scsi/scsi-bus.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/hw/scsi/scsi-bus.c b/hw/scsi/scsi-bus.c
+index 9e40b0c920..53eff5dd3d 100644
+--- a/hw/scsi/scsi-bus.c
++++ b/hw/scsi/scsi-bus.c
+@@ -384,6 +384,7 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockBackend *blk,
+ DeviceState *dev;
+ SCSIDevice *s;
+ DriveInfo *dinfo;
++ Error *local_err = NULL;
+
+ if (blk_is_sg(blk)) {
+ driver = "scsi-generic";
+@@ -403,6 +404,14 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockBackend *blk,
+ s = SCSI_DEVICE(dev);
+ s->conf = *conf;
+
++ check_boot_index(conf->bootindex, &local_err);
++ if (local_err) {
++ object_unparent(OBJECT(dev));
++ error_propagate(errp, local_err);
++ return NULL;
++ }
++ add_boot_device_path(conf->bootindex, dev, NULL);
++
+ qdev_prop_set_uint32(dev, "scsi-id", unit);
+ if (object_property_find(OBJECT(dev), "removable")) {
+ qdev_prop_set_bit(dev, "removable", removable);
diff --git a/debian/patches/extra/0015-hw-scsi-lsi53c895a-bump-instruction-limit-in-scripts.patch b/debian/patches/extra/0015-hw-scsi-lsi53c895a-bump-instruction-limit-in-scripts.patch
new file mode 100644
index 0000000..e118289
--- /dev/null
+++ b/debian/patches/extra/0015-hw-scsi-lsi53c895a-bump-instruction-limit-in-scripts.patch
@@ -0,0 +1,48 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Fiona Ebner <f.ebner@proxmox.com>
+Date: Mon, 15 Jul 2024 15:14:03 +0200
+Subject: [PATCH] hw/scsi/lsi53c895a: bump instruction limit in scripts
+ processing to fix regression
+
+Commit 9876359990 ("hw/scsi/lsi53c895a: add timer to scripts
+processing") reduced the maximum allowed instruction count by
+a factor of 100 all the way down to 100.
+
+This causes the "Check Point R81.20 Gaia" appliance [0] to fail to
+boot after fully finishing the installation via the appliance's web
+interface (there is already one reboot before that).
+
+With a limit of 150, the appliance still fails to boot, while with a
+limit of 200, it works. Bump to 500 to fix the regression and be on
+the safe side.
+
+Originally reported in the Proxmox community forum[1].
+
+[0]: https://support.checkpoint.com/results/download/124397
+[1]: https://forum.proxmox.com/threads/149772/post-683459
+
+Cc: qemu-stable@nongnu.org
+Fixes: 9876359990 ("hw/scsi/lsi53c895a: add timer to scripts processing")
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+Acked-by: Sven Schnelle <svens@stackframe.org>
+Link: https://lore.kernel.org/r/20240715131403.223239-1-f.ebner@proxmox.com
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+(cherry picked from commit a4975023fb13cf229bd59c9ceec1b8cbdc5b9a20)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ hw/scsi/lsi53c895a.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
+index eb9828dd5e..f1935e5328 100644
+--- a/hw/scsi/lsi53c895a.c
++++ b/hw/scsi/lsi53c895a.c
+@@ -188,7 +188,7 @@ static const char *names[] = {
+ #define LSI_TAG_VALID (1 << 16)
+
+ /* Maximum instructions to process. */
+-#define LSI_MAX_INSN 100
++#define LSI_MAX_INSN 500
+
+ typedef struct lsi_request {
+ SCSIRequest *req;
diff --git a/debian/patches/extra/0016-block-copy-Fix-missing-graph-lock.patch b/debian/patches/extra/0016-block-copy-Fix-missing-graph-lock.patch
new file mode 100644
index 0000000..dc1d2c1
--- /dev/null
+++ b/debian/patches/extra/0016-block-copy-Fix-missing-graph-lock.patch
@@ -0,0 +1,38 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Kevin Wolf <kwolf@redhat.com>
+Date: Thu, 27 Jun 2024 20:12:44 +0200
+Subject: [PATCH] block-copy: Fix missing graph lock
+
+The graph lock needs to be held when calling bdrv_co_pdiscard(). Fix
+block_copy_task_entry() to take it for the call.
+
+WITH_GRAPH_RDLOCK_GUARD() was implemented in a weak way because of
+limitations in clang's Thread Safety Analysis at the time, so that it
+only asserts that the lock is held (which allows calling functions that
+require the lock), but we never deal with the unlocking (so even after
+the scope of the guard, the compiler assumes that the lock is still
+held). This is why the compiler didn't catch this locking error.
+
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
+(picked from https://lore.kernel.org/qemu-devel/20240627181245.281403-2-kwolf@redhat.com/)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ block/block-copy.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/block/block-copy.c b/block/block-copy.c
+index 7e3b378528..cc618e4561 100644
+--- a/block/block-copy.c
++++ b/block/block-copy.c
+@@ -595,7 +595,9 @@ static coroutine_fn int block_copy_task_entry(AioTask *task)
+ if (s->discard_source && ret == 0) {
+ int64_t nbytes =
+ MIN(t->req.offset + t->req.bytes, s->len) - t->req.offset;
+- bdrv_co_pdiscard(s->source, t->req.offset, nbytes);
++ WITH_GRAPH_RDLOCK_GUARD() {
++ bdrv_co_pdiscard(s->source, t->req.offset, nbytes);
++ }
+ }
+
+ return ret;
diff --git a/debian/patches/extra/0017-Revert-qemu-char-do-not-operate-on-sources-from-fina.patch b/debian/patches/extra/0017-Revert-qemu-char-do-not-operate-on-sources-from-fina.patch
new file mode 100644
index 0000000..088af84
--- /dev/null
+++ b/debian/patches/extra/0017-Revert-qemu-char-do-not-operate-on-sources-from-fina.patch
@@ -0,0 +1,93 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sergey Dyasli <sergey.dyasli@nutanix.com>
+Date: Fri, 12 Jul 2024 09:26:59 +0000
+Subject: [PATCH] Revert "qemu-char: do not operate on sources from finalize
+ callbacks"
+
+This reverts commit 2b316774f60291f57ca9ecb6a9f0712c532cae34.
+
+After 038b4217884c ("Revert "chardev: use a child source for qio input
+source"") we've been observing the "iwp->src == NULL" assertion
+triggering periodically during the initial capabilities querying by
+libvirtd. One of possible backtraces:
+
+Thread 1 (Thread 0x7f16cd4f0700 (LWP 43858)):
+0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
+1 0x00007f16c6c21e65 in __GI_abort () at abort.c:79
+2 0x00007f16c6c21d39 in __assert_fail_base at assert.c:92
+3 0x00007f16c6c46e86 in __GI___assert_fail (assertion=assertion@entry=0x562e9bcdaadd "iwp->src == NULL", file=file@entry=0x562e9bcdaac8 "../chardev/char-io.c", line=line@entry=99, function=function@entry=0x562e9bcdab10 <__PRETTY_FUNCTION__.20549> "io_watch_poll_finalize") at assert.c:101
+4 0x0000562e9ba20c2c in io_watch_poll_finalize (source=<optimized out>) at ../chardev/char-io.c:99
+5 io_watch_poll_finalize (source=<optimized out>) at ../chardev/char-io.c:88
+6 0x00007f16c904aae0 in g_source_unref_internal () from /lib64/libglib-2.0.so.0
+7 0x00007f16c904baf9 in g_source_destroy_internal () from /lib64/libglib-2.0.so.0
+8 0x0000562e9ba20db0 in io_remove_watch_poll (source=0x562e9d6720b0) at ../chardev/char-io.c:147
+9 remove_fd_in_watch (chr=chr@entry=0x562e9d5f3800) at ../chardev/char-io.c:153
+10 0x0000562e9ba23ffb in update_ioc_handlers (s=0x562e9d5f3800) at ../chardev/char-socket.c:592
+11 0x0000562e9ba2072f in qemu_chr_fe_set_handlers_full at ../chardev/char-fe.c:279
+12 0x0000562e9ba207a9 in qemu_chr_fe_set_handlers at ../chardev/char-fe.c:304
+13 0x0000562e9ba2ca75 in monitor_qmp_setup_handlers_bh (opaque=0x562e9d4c2c60) at ../monitor/qmp.c:509
+14 0x0000562e9bb6222e in aio_bh_poll (ctx=ctx@entry=0x562e9d4c2f20) at ../util/async.c:216
+15 0x0000562e9bb4de0a in aio_poll (ctx=0x562e9d4c2f20, blocking=blocking@entry=true) at ../util/aio-posix.c:722
+16 0x0000562e9b99dfaa in iothread_run (opaque=0x562e9d4c26f0) at ../iothread.c:63
+17 0x0000562e9bb505a4 in qemu_thread_start (args=0x562e9d4c7ea0) at ../util/qemu-thread-posix.c:543
+18 0x00007f16c70081ca in start_thread (arg=<optimized out>) at pthread_create.c:479
+19 0x00007f16c6c398d3 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
+
+io_remove_watch_poll(), which makes sure that iwp->src is NULL, calls
+g_source_destroy() which finds that iwp->src is not NULL in the finalize
+callback. This can only happen if another thread has managed to trigger
+io_watch_poll_prepare() callback in the meantime.
+
+Move iwp->src destruction back to the finalize callback to prevent the
+described race, and also remove the stale comment. The deadlock glib bug
+was fixed back in 2010 by b35820285668 ("gmain: move finalization of
+GSource outside of context lock").
+
+Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Sergey Dyasli <sergey.dyasli@nutanix.com>
+Link: https://lore.kernel.org/r/20240712092659.216206-1-sergey.dyasli@nutanix.com
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+(cherry picked from commit e0bf95443ee9326d44031373420cf9f3513ee255)
+Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
+---
+ chardev/char-io.c | 19 +++++--------------
+ 1 file changed, 5 insertions(+), 14 deletions(-)
+
+diff --git a/chardev/char-io.c b/chardev/char-io.c
+index dab77b112e..3be17b51ca 100644
+--- a/chardev/char-io.c
++++ b/chardev/char-io.c
+@@ -87,16 +87,12 @@ static gboolean io_watch_poll_dispatch(GSource *source, GSourceFunc callback,
+
+ static void io_watch_poll_finalize(GSource *source)
+ {
+- /*
+- * Due to a glib bug, removing the last reference to a source
+- * inside a finalize callback causes recursive locking (and a
+- * deadlock). This is not a problem inside other callbacks,
+- * including dispatch callbacks, so we call io_remove_watch_poll
+- * to remove this source. At this point, iwp->src must
+- * be NULL, or we would leak it.
+- */
+ IOWatchPoll *iwp = io_watch_poll_from_source(source);
+- assert(iwp->src == NULL);
++ if (iwp->src) {
++ g_source_destroy(iwp->src);
++ g_source_unref(iwp->src);
++ iwp->src = NULL;
++ }
+ }
+
+ static GSourceFuncs io_watch_poll_funcs = {
+@@ -139,11 +135,6 @@ static void io_remove_watch_poll(GSource *source)
+ IOWatchPoll *iwp;
+
+ iwp = io_watch_poll_from_source(source);
+- if (iwp->src) {
+- g_source_destroy(iwp->src);
+- g_source_unref(iwp->src);
+- iwp->src = NULL;
+- }
+ g_source_destroy(&iwp->parent);
+ }
+
diff --git a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
index fce068c..8b7439c 100644
--- a/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
+++ b/debian/patches/pve/0022-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch
@@ -119,10 +119,10 @@ index 43bc0bd520..60e98c87f1 100644
};
return raw_co_create(&options, errp);
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 0902b0a024..0653c244cf 100644
+index 905da8be72..3db587a6e4 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -4952,6 +4952,10 @@
+@@ -4956,6 +4956,10 @@
# @extent-size-hint: Extent size hint to add to the image file; 0 for
# not adding an extent size hint (default: 1 MB, since 5.1)
#
@@ -133,7 +133,7 @@ index 0902b0a024..0653c244cf 100644
# Since: 2.12
##
{ 'struct': 'BlockdevCreateOptionsFile',
-@@ -4959,7 +4963,8 @@
+@@ -4963,7 +4967,8 @@
'size': 'size',
'*preallocation': 'PreallocMode',
'*nocow': 'bool',
diff --git a/debian/patches/pve/0026-block-backup-move-bcs-bitmap-initialization-to-job-c.patch b/debian/patches/pve/0026-block-backup-move-bcs-bitmap-initialization-to-job-c.patch
index 8bff4f3..df0672f 100644
--- a/debian/patches/pve/0026-block-backup-move-bcs-bitmap-initialization-to-job-c.patch
+++ b/debian/patches/pve/0026-block-backup-move-bcs-bitmap-initialization-to-job-c.patch
@@ -25,7 +25,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/block/backup.c b/block/backup.c
-index ec29d6b810..270957c0cd 100644
+index 3dd2e229d2..eba5b11493 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -237,8 +237,8 @@ static void backup_init_bcs_bitmap(BackupBlockJob *job)
@@ -48,7 +48,7 @@ index ec29d6b810..270957c0cd 100644
if (s->sync_mode == MIRROR_SYNC_MODE_TOP) {
int64_t offset = 0;
int64_t count;
-@@ -501,6 +499,8 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
+@@ -502,6 +500,8 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
&error_abort);
bdrv_graph_wrunlock();
diff --git a/debian/patches/pve/0028-PVE-Backup-add-backup-dump-block-driver.patch b/debian/patches/pve/0028-PVE-Backup-add-backup-dump-block-driver.patch
index 357f9d6..722a22f 100644
--- a/debian/patches/pve/0028-PVE-Backup-add-backup-dump-block-driver.patch
+++ b/debian/patches/pve/0028-PVE-Backup-add-backup-dump-block-driver.patch
@@ -199,7 +199,7 @@ index 0000000000..e46abf1070
+ return bs;
+}
diff --git a/block/backup.c b/block/backup.c
-index 270957c0cd..16d611c4ca 100644
+index eba5b11493..1963e47ab9 100644
--- a/block/backup.c
+++ b/block/backup.c
@@ -29,28 +29,6 @@
@@ -231,7 +231,7 @@ index 270957c0cd..16d611c4ca 100644
static const BlockJobDriver backup_job_driver;
static void backup_cleanup_sync_bitmap(BackupBlockJob *job, int ret)
-@@ -461,6 +439,14 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
+@@ -462,6 +440,14 @@ BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
}
cluster_size = block_copy_cluster_size(bcs);
diff --git a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
index 7e09f68..fee57fa 100644
--- a/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
+++ b/debian/patches/pve/0030-PVE-Backup-Proxmox-backup-patches-for-QEMU.patch
@@ -167,7 +167,7 @@ index d954bec6f1..5000c084c5 100644
+ hmp_handle_error(mon, error);
+}
diff --git a/blockdev.c b/blockdev.c
-index d27d8c38ec..5e5dbc1da9 100644
+index ed8198f351..1054a69279 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -37,6 +37,7 @@
@@ -1683,7 +1683,7 @@ index 0000000000..c755bf302b
+ return ret;
+}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index 0653c244cf..dbd5d9b993 100644
+index 3db587a6e4..d05fffce1d 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -851,6 +851,239 @@
diff --git a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
index 859ac77..02efb58 100644
--- a/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
+++ b/debian/patches/pve/0032-PVE-Add-PBS-block-driver-to-map-backup-archives-into.patch
@@ -368,10 +368,10 @@ index 6de51c34cb..3bc039f60f 100644
summary_info += {'libdaxctl support': libdaxctl}
summary_info += {'libudev': libudev}
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index dbd5d9b993..e79775656c 100644
+index d05fffce1d..e7cf3d94f3 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
-@@ -3453,6 +3453,7 @@
+@@ -3457,6 +3457,7 @@
'parallels', 'preallocate', 'qcow', 'qcow2', 'qed', 'quorum',
'raw', 'rbd',
{ 'name': 'replication', 'if': 'CONFIG_REPLICATION' },
@@ -379,7 +379,7 @@ index dbd5d9b993..e79775656c 100644
'ssh', 'throttle', 'vdi', 'vhdx',
{ 'name': 'virtio-blk-vfio-pci', 'if': 'CONFIG_BLKIO' },
{ 'name': 'virtio-blk-vhost-user', 'if': 'CONFIG_BLKIO' },
-@@ -3539,6 +3540,33 @@
+@@ -3543,6 +3544,33 @@
{ 'struct': 'BlockdevOptionsNull',
'data': { '*size': 'int', '*latency-ns': 'uint64', '*read-zeroes': 'bool' } }
@@ -413,7 +413,7 @@ index dbd5d9b993..e79775656c 100644
##
# @BlockdevOptionsNVMe:
#
-@@ -4973,6 +5001,7 @@
+@@ -4977,6 +5005,7 @@
'nfs': 'BlockdevOptionsNfs',
'null-aio': 'BlockdevOptionsNull',
'null-co': 'BlockdevOptionsNull',
diff --git a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
index 6ba8425..388bd04 100644
--- a/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
+++ b/debian/patches/pve/0034-PVE-Migrate-dirty-bitmap-state-via-savevm.patch
@@ -186,7 +186,7 @@ index c755bf302b..5ebb6a3947 100644
ret->pbs_masterkey = true;
ret->backup_max_workers = true;
diff --git a/qapi/block-core.json b/qapi/block-core.json
-index e79775656c..cb58a664ef 100644
+index e7cf3d94f3..282e2e8a8c 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -1004,6 +1004,11 @@
diff --git a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch b/debian/patches/pve/0044-copy-before-write-allow-specifying-minimum-cluster-s.patch
similarity index 99%
rename from debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
rename to debian/patches/pve/0044-copy-before-write-allow-specifying-minimum-cluster-s.patch
index 26bbdd0..0282e71 100644
--- a/debian/patches/pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
+++ b/debian/patches/pve/0044-copy-before-write-allow-specifying-minimum-cluster-s.patch
@@ -25,7 +25,7 @@ Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/block/block-copy.c b/block/block-copy.c
-index 7e3b378528..adb1cbb440 100644
+index cc618e4561..12d662e9d4 100644
--- a/block/block-copy.c
+++ b/block/block-copy.c
@@ -310,6 +310,7 @@ void block_copy_set_copy_opts(BlockCopyState *s, bool use_copy_range,
diff --git a/debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch b/debian/patches/pve/0045-backup-add-minimum-cluster-size-to-performance-optio.patch
similarity index 100%
rename from debian/patches/pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
rename to debian/patches/pve/0045-backup-add-minimum-cluster-size-to-performance-optio.patch
diff --git a/debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch b/debian/patches/pve/0046-PVE-backup-add-fleecing-option.patch
similarity index 100%
rename from debian/patches/pve/0050-PVE-backup-add-fleecing-option.patch
rename to debian/patches/pve/0046-PVE-backup-add-fleecing-option.patch
diff --git a/debian/patches/pve/0051-PVE-backup-improve-error-when-copy-before-write-fail.patch b/debian/patches/pve/0047-PVE-backup-improve-error-when-copy-before-write-fail.patch
similarity index 100%
rename from debian/patches/pve/0051-PVE-backup-improve-error-when-copy-before-write-fail.patch
rename to debian/patches/pve/0047-PVE-backup-improve-error-when-copy-before-write-fail.patch
diff --git a/debian/patches/series b/debian/patches/series
index 763dfc1..c3b3117 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,6 +4,17 @@ extra/0003-ide-avoid-potential-deadlock-when-draining-during-tr.patch
extra/0004-Revert-x86-acpi-workaround-Windows-not-handling-name.patch
extra/0005-block-copy-before-write-use-uint64_t-for-timeout-in-.patch
extra/0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch
+extra/0007-block-copy-before-write-fix-permission.patch
+extra/0008-block-copy-before-write-support-unligned-snapshot-di.patch
+extra/0009-block-copy-before-write-create-block_copy-bitmap-in-.patch
+extra/0010-qapi-blockdev-backup-add-discard-source-parameter.patch
+extra/0011-hw-virtio-Fix-the-de-initialization-of-vhost-user-de.patch
+extra/0012-target-arm-Use-float_status-copy-in-sme_fmopa_s.patch
+extra/0013-target-arm-Use-FPST_F16-for-SME-FMOPA-widening.patch
+extra/0014-scsi-fix-regression-and-honor-bootindex-again-for-le.patch
+extra/0015-hw-scsi-lsi53c895a-bump-instruction-limit-in-scripts.patch
+extra/0016-block-copy-Fix-missing-graph-lock.patch
+extra/0017-Revert-qemu-char-do-not-operate-on-sources-from-fina.patch
bitmap-mirror/0001-drive-mirror-add-support-for-sync-bitmap-mode-never.patch
bitmap-mirror/0002-drive-mirror-add-support-for-conditional-and-always-.patch
bitmap-mirror/0003-mirror-add-check-for-bitmap-mode-without-bitmap.patch
@@ -53,11 +64,7 @@ pve/0040-Revert-block-rbd-fix-handling-of-holes-in-.bdrv_co_b.patch
pve/0041-Revert-block-rbd-implement-bdrv_co_block_status.patch
pve/0042-alloc-track-error-out-when-auto-remove-is-not-set.patch
pve/0043-alloc-track-avoid-seemingly-superfluous-child-permis.patch
-pve/0044-block-copy-before-write-fix-permission.patch
-pve/0045-block-copy-before-write-support-unligned-snapshot-di.patch
-pve/0046-block-copy-before-write-create-block_copy-bitmap-in-.patch
-pve/0047-qapi-blockdev-backup-add-discard-source-parameter.patch
-pve/0048-copy-before-write-allow-specifying-minimum-cluster-s.patch
-pve/0049-backup-add-minimum-cluster-size-to-performance-optio.patch
-pve/0050-PVE-backup-add-fleecing-option.patch
-pve/0051-PVE-backup-improve-error-when-copy-before-write-fail.patch
+pve/0044-copy-before-write-allow-specifying-minimum-cluster-s.patch
+pve/0045-backup-add-minimum-cluster-size-to-performance-optio.patch
+pve/0046-PVE-backup-add-fleecing-option.patch
+pve/0047-PVE-backup-improve-error-when-copy-before-write-fail.patch
--
2.39.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* [pve-devel] applied: [PATCH qemu 1/2] update submodule and patches to QEMU 9.0.2
2024-07-25 9:45 [pve-devel] [PATCH qemu 1/2] update submodule and patches to QEMU 9.0.2 Fiona Ebner
2024-07-25 9:45 ` [pve-devel] [PATCH qemu 2/2] some more stable fixes for " Fiona Ebner
@ 2024-07-29 17:12 ` Thomas Lamprecht
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Lamprecht @ 2024-07-29 17:12 UTC (permalink / raw)
To: Proxmox VE development discussion, Fiona Ebner
Am 25/07/2024 um 11:45 schrieb Fiona Ebner:
> Most relevant are some fixes for VirtIO and for ARM and i386
> emulation. There also is a fix for VGA display to fix screen blanking,
> which fixes: https://bugzilla.proxmox.com/show_bug.cgi?id=4786
>
> Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
> ...d-support-for-sync-bitmap-mode-never.patch | 10 +-
> ...race-with-clients-disconnecting-earl.patch | 4 +-
> ...io-pci-fix-use-of-a-released-vector.patch} | 8 +-
> .../0006-virtio-gpu-fix-v2-migration.patch | 98 -------
> ...0007-hw-pflash-fix-block-write-start.patch | 59 -----
> ...operand-size-for-DATA16-REX.W-POPCNT.patch | 51 ----
> ...ru-wrpkru-are-no-prefix-instructions.patch | 40 ---
> ...6-fix-feature-dependency-for-WAITPKG.patch | 33 ---
> ...move-compatibility-flags-for-VirtIO-.patch | 57 -----
> ...t-monitor-use-aio_co_reschedule_self.patch | 53 ----
> ...ict-translation-disabled-alignment-c.patch | 51 ----
> ...-IRQs-a-chance-when-resetting-HF_INH.patch | 80 ------
> ...r-v-Correct-kvm_hv_handle_exit-retur.patch | 60 -----
> ...86-disable-jmp_opt-if-EFLAGS.RF-is-1.patch | 31 ---
> ...ingle-step-exception-after-MOV-or-PO.patch | 30 ---
> ...n-t-open-data_file-with-BDRV_O_NO_IO.patch | 107 --------
> ...names-only-when-explicitly-requested.patch | 241 ------------------
> ...le-posix-make-locking-optiono-on-cre.patch | 6 +-
> ...ckup-Proxmox-backup-patches-for-QEMU.patch | 2 +-
> ...k-driver-to-map-backup-archives-into.patch | 8 +-
> ...igrate-dirty-bitmap-state-via-savevm.patch | 2 +-
> ...-backup-add-discard-source-parameter.patch | 2 +-
> ...e-allow-specifying-minimum-cluster-s.patch | 4 +-
> ...um-cluster-size-to-performance-optio.patch | 2 +-
> .../0050-PVE-backup-add-fleecing-option.patch | 2 +-
> debian/patches/series | 16 +-
> 26 files changed, 26 insertions(+), 1031 deletions(-)
> rename debian/patches/extra/{0011-Revert-virtio-pci-fix-use-of-a-released-vector.patch => 0006-Revert-virtio-pci-fix-use-of-a-released-vector.patch} (93%)
> delete mode 100644 debian/patches/extra/0006-virtio-gpu-fix-v2-migration.patch
> delete mode 100644 debian/patches/extra/0007-hw-pflash-fix-block-write-start.patch
> delete mode 100644 debian/patches/extra/0008-target-i386-fix-operand-size-for-DATA16-REX.W-POPCNT.patch
> delete mode 100644 debian/patches/extra/0009-target-i386-rdpkru-wrpkru-are-no-prefix-instructions.patch
> delete mode 100644 debian/patches/extra/0010-target-i386-fix-feature-dependency-for-WAITPKG.patch
> delete mode 100644 debian/patches/extra/0012-hw-core-machine-move-compatibility-flags-for-VirtIO-.patch
> delete mode 100644 debian/patches/extra/0013-Revert-monitor-use-aio_co_reschedule_self.patch
> delete mode 100644 debian/patches/extra/0014-target-arm-Restrict-translation-disabled-alignment-c.patch
> delete mode 100644 debian/patches/extra/0015-target-i386-Give-IRQs-a-chance-when-resetting-HF_INH.patch
> delete mode 100644 debian/patches/extra/0016-target-i386-hyper-v-Correct-kvm_hv_handle_exit-retur.patch
> delete mode 100644 debian/patches/extra/0017-target-i386-disable-jmp_opt-if-EFLAGS.RF-is-1.patch
> delete mode 100644 debian/patches/extra/0018-target-i386-no-single-step-exception-after-MOV-or-PO.patch
> delete mode 100644 debian/patches/extra/0019-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch
> delete mode 100644 debian/patches/extra/0020-block-Parse-filenames-only-when-explicitly-requested.patch
>
>
applied both patches, thanks!
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-07-29 17:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-07-25 9:45 [pve-devel] [PATCH qemu 1/2] update submodule and patches to QEMU 9.0.2 Fiona Ebner
2024-07-25 9:45 ` [pve-devel] [PATCH qemu 2/2] some more stable fixes for " Fiona Ebner
2024-07-29 17:12 ` [pve-devel] applied: [PATCH qemu 1/2] update submodule and patches to " Thomas Lamprecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox