Package Release Info

qemu-8.2.6-150600.3.15.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3413
Available in Package Hub : 15 SP6 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

qemu-accel-qtest
qemu-accel-tcg-x86
qemu-arm
qemu-audio-alsa
qemu-audio-jack
qemu-audio-oss
qemu-audio-pa
qemu-audio-spice
qemu-block-dmg
qemu-block-gluster
qemu-block-nfs
qemu-chardev-spice
qemu-extra
qemu-hw-display-qxl
qemu-hw-display-virtio-gpu
qemu-hw-display-virtio-gpu-pci
qemu-hw-display-virtio-vga
qemu-hw-s390x-virtio-gpu-ccw
qemu-hw-usb-redirect
qemu-hw-usb-smartcard
qemu-ivshmem-tools
qemu-microvm
qemu-ppc
qemu-s390x
qemu-seabios
qemu-skiboot
qemu-SLOF
qemu-ui-gtk
qemu-ui-opengl
qemu-ui-spice-app
qemu-ui-spice-core
qemu-vgabios
qemu-vhost-user-gpu
qemu-x86

Change Logs

Version: 8.2.6-150600.3.12.1
* Tue Aug 27 2024 dfaggioli@suse.com
- Fix bsc#1221812:
  * [openSUSE] block: Reschedule query-block during qcow2 invalidation (bsc#1221812)
- Fixup old patches and infra issues:
  * [openSUSE] fixup patch "pc: q35: Allow 1024 cpus for old machine types"
  * [openSUSE] Point submodule branches to gitlab
Version: 7.1.0-150500.49.24.1
* Tue Oct 29 2024 dfaggioli@suse.com
- Fix bsc#1229007 (CVE-2024-7409) and bsc#1230834 (CVE-2024-8354):
  * nbd/server: CVE-2024-7409: Close stray clients at server-stop (bsc#1229007, CVE-2024-7409)
  * nbd/server: CVE-2024-7409: Drop non-negotiating clients (bsc#1229007, CVE-2024-7409)
  * nbd/server: CVE-2024-7409: Cap default max-connections to 100 (bsc#1229007, CVE-2024-7409)
  * nbd/server: Plumb in new args to nbd_client_add() (bsc#1229007, CVE-2024-7409)
  * nbd: Minor style and typo fixes (bsc#1229007, CVE-2024-7409)
  * aio-wait.h: introduce AIO_WAIT_WHILE_UNLOCKED (bsc#1229007, CVE-2024-7409)
  * hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or OUT (bsc#1230834, CVE-2024-8354)
* Mon Oct 28 2024 dfaggioli@suse.com
- Fix bsc#1230915, CVE-2024-8612:
  * softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612)
  * system/physmem: Per-AddressSpace bounce buffering (bsc#1230915, CVE-2024-8612)
  * system/physmem: Propagate AddressSpace to MapClient helpers (bsc#1230915, CVE-2024-8612)
  * system/physmem: Replace qemu_mutex_lock() calls with QEMU_LOCK_GUARD (bsc#1230915, CVE-2024-8612)
Version: 7.1.0-150500.49.21.1
* Tue Sep 17 2024 dfaggioli@suse.com
- Fix bsc#1229929, bsc#1230140 (patch already submitted upstream):
  * [openSUSE] target/ppc: Fix lxvx/stxvx facility check (bsc#1229929)
* Wed Sep 11 2024 dfaggioli@suse.com
- Fix bsc#1230140 (and bsc#1229814 & bsc#1230008):
  * target/ppc: Fix lxv/stxv MSR facility check (bsc#1230140, bsc#1229814, bsc#1230008)
- Fix a build issue of ipxe with newer binutils:
  * [openSUSE] roms/ipxe: Backport patches to fix the build with binutils 2.41
- Misc:
  * [openSUSE] Update hash of the sgabios submodule
Version: 7.1.0-150500.49.18.1
* Tue Aug 13 2024 dfaggioli@suse.com
- Fix bsc#1229007, CVE-2024-7409:
  * nbd/server: CVE-2024-7409: Close stray clients at server-stop (bsc#1229007)
  * nbd/server: CVE-2024-7409: Drop non-negotiating clients (bsc#1229007)
  * nbd/server: CVE-2024-7409: Cap default max-connections to 100 (bsc#1229007)
  * nbd/server: Plumb in new args to nbd_client_add() (bsc#1229007, CVE-2024-7409)
  * nbd: Minor style and typo fixes (bsc#1229007, CVE-2024-7409)
Version: 8.2.5-150600.3.6.1
* Fri Jun 28 2024 dfaggioli@suse.com
- Update to version 8.2.5:
  Full backport lists (from the various releases) here:
  https://lore.kernel.org/qemu-devel/1718081047.648425.1238605.nullmailer@tls.msk.ru/
  Some of the upstream backports are:
  target/loongarch: fix a wrong print in cpu dump
  ui/sdl2: Allow host to power down screen
  target/i386: fix SSE and SSE2 feature check
  target/i386: fix xsave.flat from kvm-unit-tests
  disas/riscv: Decode all of the pmpcfg and pmpaddr CSRs
  target/riscv/kvm.c: Fix the hart bit setting of AIA
  target/riscv: rvzicbo: Fixup CBO extension register calculation
  target/riscv: do not set mtval2 for non guest-page faults
  target/riscv: prioritize pmp errors in raise_mmu_exception()
  target/riscv: rvv: Remove redudant SEW checking for vector fp narrow/widen instructions
  target/riscv: rvv: Check single width operator for vfncvt.rod.f.f.w
  target/riscv: rvv: Check single width operator for vector fp widen instructions
  target/riscv: rvv: Fix Zvfhmin checking for vfwcvt.f.f.v and vfncvt.f.f.w instructions
  target/riscv/cpu.c: fix Zvkb extension config
  target/riscv: Fix the element agnostic function problem
  target/riscv/kvm: tolerate KVM disable ext errors
  hw/intc/riscv_aplic: APLICs should add child earlier than realize
  iotests: test NBD+TLS+iothread
  qio: Inherit follow_coroutine_ctx across TLS
  target/arm: Disable SVE extensions when SVE is disabled
  hw/intc/arm_gic: Fix handling of NS view of GICC_APR<n>
  hvf: arm: Fix encodings for ID_AA64PFR1_EL1 and debug System registers
  gitlab: use 'setarch -R' to workaround tsan bug
  gitlab: use $MAKE instead of 'make'
  dockerfiles: add 'MAKE' env variable to remaining containers
  gitlab: Update msys2-64bit runner tags
  target/i386: no single-step exception after MOV or POP SS
  ...
Version: 8.2.4-150600.3.3.1
* Thu May 16 2024 dfaggioli@suse.com
- Update to version 8.2.4. Full changelog/backports here:
  https://lore.kernel.org/qemu-devel/1715632914.382233.1013785.nullmailer@tls.msk.ru/
  Some of the upstream backports are:
  target/sh4: Fix SUBV opcode
  target/sh4: Fix ADDV opcode
  hw/arm/npcm7xx: Store derivative OTP fuse key in little endian
  hw/dmax/xlnx_dpdma: fix handling of address_extension descriptor fields
  hw/ufs: Fix buffer overflow bug
  tests/avocado: update sunxi kernel from armbian to 6.6.16
  target/loongarch/cpu.c: typo fix: expection
  backends/cryptodev-builtin: Fix local_error leaks
  nbd/server: Mark negotiation functions as coroutine_fn
  nbd/server: do not poll within a coroutine context
  linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY
  target/riscv/kvm: change timer regs size to u64
  target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64
  target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32
  ...
* Wed May 08 2024 dfaggioli@suse.com
- Fixes:
  * [openSUSE][RPM] Prioritize PA over PipeWire in SLE (bsc#1222218)
  * [openSUSE][RPM] Hostname normalization (for repr. build ) done properly (boo#1084909)
* Tue Apr 30 2024 dfaggioli@suse.com
- Fix a build issue on riscv:
  * target/riscv/kvm: rename riscv_reg_id() to riscv_reg_id_ulong()
  * target/riscv/kvm: add RISCV_CONFIG_REG()
  * target/riscv/kvm: change timer regs size to u64
  * target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64
  * target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32
- Update to version 8.2.3. Full changelog/backports here:
  https://lore.kernel.org/qemu-devel/1713980341.971368.1218343.nullmailer@tls.msk.ru/
  Some of the upstream backports are:
  * Update version for 8.2.3 release
  * ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS.
  * ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs.
  * hw/pci-host/ppc440_pcix: Do not expose a bridge device on PCI bus
  * hw/isa/vt82c686: Keep track of PIRQ/PINT pins separately
  * virtio-pci: fix use of a released vector
  * linux-user/x86_64: Handle the vsyscall page in open_self_maps_{2,4}
  * hw/audio/virtio-snd: Remove unused assignment
  * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()
  * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set
  * hw/net/lan9118: Fix overflow in MIL TX FIFO
  * hw/net/lan9118: Replace magic '2048' value by MIL_TXFIFO_SIZE definition
  * backends/cryptodev: Do not abort for invalid session ID
  * hw/misc/applesmc: Fix memory leak in reset() handler
  * hw/block/nand: Fix out-of-bound access in NAND block buffer
  * hw/block/nand: Have blk_load() take unsigned offset and return boolean
  * hw/block/nand: Factor nand_load_iolen() method out
  * qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo
  * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs
  * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs
  * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs
  * mirror: Don't call job_pause_point() under graph lock (bsc#1224179)
  * ...and many more...
* Fri Mar 15 2024 dfaggioli@suse.com
- Update to version 8.2.2. Full changelog here:
  https://lore.kernel.org/qemu-devel/1709577077.783602.1474596.nullmailer@tls.msk.ru/
  Some upstream backports:
  * chardev/char-socket: Fix TLS io channels sending too much data to the backend
  * tests/unit/test-util-sockets: Remove temporary file after test
  * hw/usb/bus.c: PCAP adding 0xA in Windows version
  * hw/intc/Kconfig: Fix GIC settings when using "--without-default-devices"
  * gitlab: force allow use of pip in Cirrus jobs
  * tests/vm: avoid re-building the VM images all the time
  * tests/vm: update openbsd image to 7.4
  * target/i386: leave the A20 bit set in the final NPT walk
  * target/i386: remove unnecessary/wrong application of the A20 mask
  * target/i386: Fix physical address truncation
  * target/i386: check validity of VMCB addresses
  * target/i386: mask high bits of CR3 in 32-bit mode
  * pl031: Update last RTCLR value on write in case it's read back
  * hw/nvme: fix invalid endian conversion
  * update edk2 binaries to edk2-stable202402
  * update edk2 submodule to edk2-stable202402
  * target/ppc: Fix crash on machine check caused by ifetch
  * target/ppc: Fix lxv/stxv MSR facility check
  * .gitlab-ci.d/windows.yml: Drop msys2-32bit job
  * system/vl: Update description for input grab key
  * docs/system: Update description for input grab key
  * hw/hppa/Kconfig: Fix building with "configure --without-default-devices"
  * tests/qtest: Depend on dbus_display1_dep
  * meson: Explicitly specify dbus-display1.h dependency
  * audio: Depend on dbus_display1_dep
  * ui/console: Fix console resize with placeholder surface
  * ui/clipboard: add asserts for update and request
  * ui/clipboard: mark type as not available when there is no data
  * ui: reject extended clipboard message if not activated
  * target/i386: Generate an illegal opcode exception on cmp instructions with lock prefix
  * i386/cpuid: Move leaf 7 to correct group
  * i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
  * i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and FEAT_XSAVE_XSS_HI leafs
  * i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not available
  * .gitlab-ci/windows.yml: Don't install libusb or spice packages on 32-bit
  * iotests: Make 144 deterministic again
  * target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
  * target/arm: Fix SVE/SME gross MTE suppression checks
  * target/arm: Handle mte in do_ldrq, do_ldro
- Address bsc#1220310. Backported upstream commits:
  * ppc/spapr: Initialize max_cpus limit to SPAPR_IRQ_NR_IPIS
  * ppc/spapr: Introduce SPAPR_IRQ_NR_IPIS to refer IRQ range for CPU IPIs.
* Mon Mar 04 2024 dfaggioli@suse.com
- Fix bsc#1220799. Amended commit:
  * [openSUSE]: Increase default phys bits to 42, if host supports that
    (bsc#1205978, bsc#1219977, bsc#1220799)
* Thu Feb 29 2024 dfaggioli@suse.com
- Backports and bugfixes:
  * [openSUSE]: Increase default phys bits to 42, if host supports that
    (bsc#1205978, bsc#1219977)
  * vfio/pci: Clear MSI-X IRQ index always (bsc#1220275)
* Wed Feb 21 2024 dfaggioli@suse.com
- Just "prettify" the spec files a little:
  * [openSUSE][RPM] Cosmetic fixes to spec files (copyright, sorting, etc)
* Wed Feb 21 2024 dfaggioli@suse.com
- Patchqueue shrinking and  bugfixing (actually, more of a temporary
  workaround, until a proper solution is found upstream):
  * [openSUSE] roms/seabios: revert some upstream commits that
    break a lot of use-cases
  * [openSUSE] roms/seabios: Drop an old (and no longer necessary)
    downstream patch (bsc#1219977)
* Mon Feb 19 2024 dfaggioli@suse.com
Update to latest stable version (8.2.1)
- Downstream changes:
  * [openSUSE][RPM]: Install the VGA module "more often" (bsc#1219164)
  * [openSUSE][RPM] Fix handling of qemu-kvm legacy package for RISCV
  * [openSUSE][RPM] factor common definitions between qemu and qemu-linux-user spec files
- Upstream backports:
  * target/arm: Fix incorrect aa64_tidcp1 feature check
  * target/arm: Fix A64 scalar SQSHRN and SQRSHRN
  * target/xtensa: fix OOB TLB entry access
  * qtest: bump aspeed_smc-test timeout to 6 minutes
  * monitor: only run coroutine commands in qemu_aio_context
  * iotests: port 141 to Python for reliable QMP testing
  * iotests: add filter_qmp_generated_node_ids()
  * block/blklogwrites: Fix a bug when logging "write zeroes" operations.
  * virtio-net: correctly copy vnet header when flushing TX (bsc#1218484, CVE-2023-6693)
  * tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct
  * linux-user/riscv: Adjust vdso signal frame cfa offsets
  * linux-user: Fixed cpu restore with pc 0 on SIGBUS
  * block/io: clear BDRV_BLOCK_RECURSE flag after recursing in bdrv_co_block_status
  * coroutine-ucontext: Save fake stack for pooled coroutine
  * tcg/s390x: Fix encoding of VRIc, VRSa, VRSc insns
  * accel/tcg: Revert mapping of PCREL translation block to multiple virtual addresses
  * acpi/tests/avocado/bits: wait for 200 seconds for SHUTDOWN event from bits VM
  * s390x/pci: drive ISM reset from subsystem reset
  * s390x/pci: refresh fh before disabling aif
  * s390x/pci: avoid double enable/disable of aif
  * hw/scsi/esp-pci: set DMA_STAT_BCMBLT when BLAST command issued
  * hw/scsi/esp-pci: synchronise setting of DMA_STAT_DONE with ESP completion interrupt
  * hw/scsi/esp-pci: generate PCI interrupt from separate ESP and PCI sources
  * hw/scsi/esp-pci: use correct address register for PCI DMA transfers
  * migration/rdma: define htonll/ntohll only if not predefined
  * hw/pflash: implement update buffer for block writes
  * hw/pflash: use ldn_{be,le}_p and stn_{be,le}_p
  * hw/pflash: refactor pflash_data_write()
  * backends/cryptodev: Do not ignore throttle/backends Errors
  * target/i386: pcrel: store low bits of physical address in data[0]
  * target/i386: fix incorrect EIP in PC-relative translation blocks
  * target/i386: Do not re-compute new pc with CF_PCREL
  * load_elf: fix iterator's type for elf file processing
  * target/hppa: Update SeaBIOS-hppa to version 15
  * target/hppa: Fix IOR and ISR on error in probe
  * target/hppa: Fix IOR and ISR on unaligned access trap
  * target/hppa: Export function hppa_set_ior_and_isr()
  * target/hppa: Avoid accessing %gr0 when raising exception
  * hw/hppa: Move software power button address back into PDC
  * target/hppa: Fix PDC address translation on PA2.0 with PSW.W=0
  * hw/pci-host/astro: Add missing astro & elroy registers for NetBSD
  * hw/hppa/machine: Disable default devices with --nodefaults option
  * hw/hppa/machine: Allow up to 3840 MB total memory
  * readthodocs: fully specify a build environment
  * .gitlab-ci.d/buildtest.yml: Work around htags bug when environment is large
  * target/s390x: Fix LAE setting a wrong access register
  * tests/qtest/virtio-ccw: Fix device presence checking
  * tests/acpi: disallow tests/data/acpi/virt/SSDT.memhp changes
  * tests/acpi: update expected data files
  * edk2: update binaries to git snapshot
  * edk2: update build config, set PcdUninstallMemAttrProtocol = TRUE.
  * edk2: update to git snapshot
  * tests/acpi: allow tests/data/acpi/virt/SSDT.memhp changes
  * util: fix build with musl libc on ppc64le
  * tcg/ppc: Use new registers for LQ destination
  * hw/intc/arm_gicv3_cpuif: handle LPIs in in the list registers
  * hw/vfio: fix iteration over global VFIODevice list
  * vfio/container: Replace basename with g_path_get_basename
  * edu: fix DMA range upper bound check
  * hw/net: cadence_gem: Fix MDIO_OP_xxx values
  * audio/audio.c: remove trailing newline in error_setg
  * chardev/char.c: fix "abstract device type" error message
  * target/riscv: Fix mcycle/minstret increment behavior
  * hw/net/can/sja1000: fix bug for single acceptance filter and standard frame
  * target/i386: the sgx_epc_get_section stub is reachable
  * configure: use a native non-cross compiler for linux-user
  * include/ui/rect.h: fix qemu_rect_init() mis-assignment
  * target/riscv/kvm: do not use non-portable strerrorname_np()
  * iotests: Basic tests for internal snapshots
  * vl: Improve error message for conflicting -incoming and -loadvm
  * block: Fix crash when loading snapshot on inactive node
- Fixes:
  * bsc#1218484 (CVE-2023-6693)
* Sat Feb 17 2024 dfaggioli@suse.com
- Try to solve the qemu-kvm dependency issues on all arches
  (see, e.g., bsc#1218684)
  * [openSUSE][RPM] Create the legacy qemu-kvm symlink for all arches
* Fri Feb 16 2024 dfaggioli@suse.com
- Update the service file to use OBS-scm (by fvogt)
- Various fixes:
  * [openSUSE][RPM] Fix enabling features on non-x86_64 (bsc#1220011, bsc#1219818)
  * [openSUSE][RPM] Disable test-crypto-secret in linux-user build
  * [openSUSE] Update ipxe submodule reference (bsc#1219733, bsc#1219722)
  * [openSUSE][RPM] spec: allow building without spice
* Tue Feb 06 2024 dfaggioli@suse.com
- Fix a build issue of OVMF caused by
  https://gitlab.com/qemu-project/qemu/-/issues/2064:
  * target/i386: fix incorrect EIP in PC-relative translation blocks
  * target/i386: Do not re-compute new pc with CF_PCREL
* Fri Jan 12 2024 dfaggioli@suse.com
- Update to latest upstream release, 8.2.0:
  The full list of changes are available at: https://wiki.qemu.org/ChangeLog/8.2
  Highlights include:
  * New virtio-sound device emulation
  * New virtio-gpu rutabaga device emulation used by Android emulator
  * New hv-balloon for dynamic memory protocol device for Hyper-V guests
  * New Universal Flash Storage device emulation
  * Network Block Device (NBD) 64-bit offsets for improved performance
  * dump-guest-memory now supports the standard kdump format
  * ARM: Xilinx Versal board now models the CFU/CFI, and the TRNG device
  * ARM: CPU emulation support for cortex-a710 and neoverse-n2
  * ARM: architectural feature support for PACQARMA3, EPAC, Pauth2, FPAC,
    FPACCOMBINE, TIDCP1, MOPS, HBC, and HPMN0
  * HPPA: CPU emulation support for 64-bit PA-RISC 2.0
  * HPPA: machine emulation support for C3700, including Astro memory
    controller and four Elroy PCI bridges
  * LoongArch: ISA support for LASX extension and PRELDX instruction
  * LoongArch: CPU emulation support for la132
  * RISC-V: ISA/extension support for AIA virtualization support via KVM,
    and vector cryptographic instructions
  * RISC-V: Numerous extension/instruction cleanups, fixes, and reworks
  * s390x: support for vfio-ap passthrough of crypto adapter for
    protected
    virtualization guests
  * Tricore: support for TC37x CPU which implements ISA v1.6.2
  * Tricore: support for CRCN, FTOU, FTOHP, and HPTOF instructions
  * x86: Zen support for PV console and network devices
- Patch added (from upstream stable tree):
  * include/ui/rect.h: fix qemu_rect_init() mis-assignment
* Wed Jan 10 2024 dfaggioli@suse.com
- Some packaging and dependencies fixes:
  * [openSUSE] rpm: restrict canokey to openSUSE only
  * [openSUSE] rpm: fix virtiofsd dependency on 32 bit systems
  * [openSUSE] rpm: add support for canokeys (boo#1217520)
* Fri Dec 15 2023 dfaggioli@suse.com
- Rearrange dependencies and subpackages and filter features for ALP
  * [openSUSE] rpm: disable Xen support in ALP-based distros
  * [openSUSE] rpm: some more refinements of inter-subpackage dependencies
* Fri Dec 15 2023 dfaggioli@suse.com
- Fix boo#1084909 and create a new qemu-spice metapackage:
  * [openSUSE] rpm: normalize hostname, for reproducible builds (#44)
  * [openSUSE] rpm: new subpackage, for SPICE
* Wed Nov 22 2023 dfaggioli@suse.com
- Backports and bugfixes:
  * [openSUSE] Make Sphinx build reproducible (boo#1102408)
  * target/s390x/arch_dump: Add arch cleanup function for PV dumps (bsc#1217227)
  * dump: Add arch cleanup function (bsc#1217227)
  * target/s390x/dump: Remove unneeded dump info function pointer init (bsc#1217227)
* Wed Nov 15 2023 dfaggioli@suse.com
- Fix bsc#1216638:
  * target/s390x: Fix LAALG not updating cc_src
  * target/s390x: Fix CLC corrupting cc_src
Version: 7.1.0-150500.49.15.1
* Thu Apr 18 2024 dfaggioli@suse.com
- Backports and bugfixes:
  * hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum() (bsc#1222841, CVE-2024-3567)
  * hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
  * hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
  * hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (bsc#1222843, CVE-2024-3446)
  * hw/virtio: Introduce virtio_bh_new_guarded() helper (bsc#1222843, CVE-2024-3446)
  * hw/sd/sdhci: Do not update TRNMOD when Command Inhibit (DAT) is set (bsc#1222845, CVE-2024-3447)
  * hw/nvme: Use pcie_sriov_num_vfs() (bsc#1220065, CVE-2024-26328)
Version: 7.1.0-150500.49.12.1
* Mon Mar 18 2024 dfaggioli@suse.com
- Bugs and CVEs fixes:
  * hw/nvme: Use pcie_sriov_num_vfs() (bsc#1220065, CVE-2024-26328)
  * pcie: Introduce pcie_sriov_num_vfs (bsc#1220065, CVE-2024-26328)
  * virtio-net: correctly copy vnet header when flushing TX (bsc#1218484, CVE-2023-6693)
  * hw/pvrdma: Protect against buggy or malicious guest driver (bsc#1209554, CVE-2023-1544)
  * pcie_sriov: Validate NumVFs (bsc#1220062, CVE-2024-26327)
  * esp: restrict non-DMA transfer length to that of available data (bsc#1220134, CVE-2024-24474)
  * s390x/ap: Wire up the device request notifier interface (bsc#1205316)
  * linux-headers: update to v6.5-rc1 (bsc#1205316)
  * Update linux headers to v6.3rc5 (bsc#1205316)
  * linux-headers: Update to v6.2-rc8 (bsc#1205316)
  * linux-headers: Update to v6.1 (bsc#1205316)
- Backport of SapphireRapids CPU Models (jsc#PED-8113):
  * target/i386: add support for VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE
  * target/i386: Export MSR_ARCH_CAPABILITIES bits to guests
  * docs: re-generate x86_64 ABI compatibility CSV
  * target/i386: Add new CPU model GraniteRapids
  * target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model
  * target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES
  * target/i386: Allow MCDT_NO if host supports
  * target/i386: Add support for MCDT_NO in CPUID enumeration
  * target/i386: Adjust feature level according to FEAT_7_1_EDX
  * target/i386: Add support for PREFETCHIT0/1 in CPUID enumeration
  * target/i386: Add support for AVX-NE-CONVERT in CPUID enumeration
  * target/i386: Add support for AVX-VNNI-INT8 in CPUID enumeration
  * target/i386: Add support for AVX-IFMA in CPUID enumeration
  * target/i386: Add support for AMX-FP16 in CPUID enumeration
  * target/i386: Add support for CMPCCXADD in CPUID enumeration
  * target/i386: add support for FB_CLEAR feature
  * target/i386: add support for FLUSH_L1D feature
  * i386: Add new CPU model SapphireRapids
  * target/i386: KVM: allow fast string operations if host supports them
  * target/i386: add FZRM, FSRS, FSRC
  * target/i386: add FSRM to TCG
- Backport of EPYC-Genoa CPU Model (jsc#PED-7366):
  * target/i386: Add EPYC-Genoa model to support Zen 4 processor series
  * target/i386: Add VNMI and automatic IBRS feature bits
  * target/i386: Add missing feature bits in EPYC-Milan model
  * target/i386: Add feature bits for CPUID_Fn80000021_EAX
  * target/i386: Add a couple of feature bits in 8000_0008_EBX
  * target/i386: Add new EPYC CPU versions with updated cache_info
  * target/i386: allow versioned CPUs to specify new cache_info
Version: 7.1.0-150500.49.9.2
* Wed Nov 29 2023 dfaggioli@suse.com
- Align to upstream stable release. It includes many of the patches we had
  backported ourself, to fix bugs and issues, plus more. See here for details:
  * https://lore.kernel.org/qemu-devel/1700589639.257680.3420728.nullmailer@tls.msk.ru/
  * https://gitlab.com/qemu-project/qemu/-/commits/stable-8.1?ref_type=heads
  An (incomplete!) list of such backports is:
  * Update version for 8.1.3 release
  * hw/mips: LOONGSON3V depends on UNIMP device
  * target/arm: HVC at EL3 should go to EL3, not EL2
  * s390x/pci: only limit DMA aperture if vfio DMA limit reported
  * target/riscv/kvm: support KVM_GET_REG_LIST
  * target/riscv/kvm: improve 'init_multiext_cfg' error msg
  * tracetool: avoid invalid escape in Python string
  * tests/tcg/s390x: Test LAALG with negative cc_src
  * target/s390x: Fix LAALG not updating cc_src
  * tests/tcg/s390x: Test CLC with inaccessible second operand
  * target/s390x: Fix CLC corrupting cc_src
  * tests/qtest: ahci-test: add test exposing reset issue with pending callback
  * hw/ide: reset: cancel async DMA operation before resetting state
  * target/mips: Fix TX79 LQ/SQ opcodes
  * target/mips: Fix MSA BZ/BNZ opcodes displacement
  * ui/gtk-egl: apply scale factor when calculating window's dimension
  * ui/gtk: force realization of drawing area
  * ati-vga: Implement fallback for pixman routines
  * ...
* Thu Jul 27 2023 dfaggioli@suse.com
- Fix bsc#1213414, bsc#1207205, bsc#1212968, bsc#1179993,
  bsc#1181740, bsc#1213001
  * vhost-vdpa: do not cleanup the vdpa/vhost-net structures if peer nic is present (CVE-2023-3301)
  * hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller (CVE-2023-0330)
  * 9pfs: prevent opening special files (CVE-2023-2861)
  * hw/ide/piix: properly initialize the BMIBA register
  * ui/vnc-clipboard: fix infinite loop in inflate_buffer (CVE-2023-3255)
  * [openSUSE][OBS] Refine the OBS workflow for 15-SP5
* Thu Jun 01 2023 dfaggioli@suse.com
- Fix bsc#1211000
- Patches added:
  * Run fstat asynchronously inside coroutines (bsc#1211000)
  * Allow bdrv_get_allocated_file_size to run in bdrv context (bsc#1211000)
  * Convert query-named-block-nodes to coroutine (bsc#1211000)
  * Convert query-block/info_block to coroutine (bsc#1211000)
  * block: Convert bdrv_get_allocated_file_size() to co_wrapper (bsc#1211000)
  * block-coroutine-wrapper.py: support also basic return types (bsc#1211000)
  * [openSUSE][RPM] Backport some spec-file improvements from Factory
* Thu May 25 2023 dfaggioli@suse.com
- Fix bsc#bsc#1211697
  * Patches added:
  smbios: sanitize type from external type before checking have_fields_bitmap (bsc#1211697)
  hw/smbios: fix field corruption in type 4 table (bsc#1211697)
  linux-user: fill out task state in /proc/self/stat
  test-vmstate: fix bad GTree usage, use-after-free
  qemu/osdep: Switch position of "extern" and "G_NORETURN"
* Wed May 24 2023 dfaggioli@suse.com
- Switch the packaging workflow to git, like the one we have in place
  already for Factory.
  * Patches no longer present as patch files, but applied as commits:
  Disable-some-tests-that-have-problems-in.patch
  Make-char-muxer-more-robust-wrt-small-FI.patch
  Make-installed-scripts-explicitly-python.patch
  Makefile-fix-build-with-binutils-2.38.patch
  PPC-KVM-Disable-mmu-notifier-check.patch
  Raise-soft-address-space-limit-to-hard-l.patch
  Revert-linux-user-fix-compat-with-glibc-.patch
  Revert-roms-efirom-tests-uefi-test-tools.patch
  Revert-tests-qtest-enable-more-vhost-use.patch
  Update-linux-headers-to-v6.0-rc4.patch
  accel-abort-if-we-fail-to-load-the-accel.patch
  ath5k-Add-missing-AR5K_EEPROM_READ-in-at.patch
  bios-tables-test-add-test-for-number-of-.patch
  bios-tables-test-teach-test-to-use-smbio.patch
  block-Handle-curl-7.55.0-7.85.0-version-.patch
  block-io_uring-revert-Use-io_uring_regis.patch
  configure-Add-Wno-gnu-variable-sized-typ.patch
  dmg-warn-when-opening-dmg-images-contain.patch
  dump-Add-architecture-section-and-sectio.patch
  dump-Refactor-dump_iterate-and-introduce.patch
  dump-Reintroduce-memory_offset-and-secti.patch
  dump-Rename-write_elf-_phdr_note-to-prep.patch
  dump-Rename-write_elf_loads-to-write_elf.patch
  dump-Reorder-struct-DumpState.patch
  dump-Replace-opaque-DumpState-pointer-wi.patch
  dump-Rework-dump_calculate_size-function.patch
  dump-Rework-filter-area-variables.patch
  dump-Rework-get_start_block.patch
  dump-Split-elf-header-functions-into-pre.patch
  dump-Use-a-buffer-for-ELF-section-data-a.patch
  dump-Write-ELF-section-headers-right-aft.patch
  hw-acpi-erst.c-Fix-memory-handling-issue.patch
  hw-display-qxl-Avoid-buffer-overrun-in-q.patch
  hw-display-qxl-Document-qxl_phys2virt.patch
  hw-display-qxl-Have-qxl_log_command-Retu.patch
  hw-display-qxl-Pass-requested-buffer-siz.patch
  hw-pvrdma-Protect-against-buggy-or-malic.patch
  hw-scsi-megasas-check-for-NULL-frame-in-.patch
  hw-smbios-add-core_count2-to-smbios-tabl.patch
  hw-smbios-handle-both-file-formats-regar.patch
  hw-smbios-support-for-type-8-port-connec.patch
  include-elf.h-add-s390x-note-types.patch
  increase-x86_64-physical-bits-to-42.patch
  linux-user-Fake-proc-cpuinfo.patch
  linux-user-lseek-explicitly-cast-non-set.patch
  linux-user-remove-conditionals-for-many-.patch
  linux-user-use-max-as-default-CPU-model-.patch
  linux-user-use-target_ulong.patch
  meson-install-ivshmem-client-and-ivshmem.patch
  meson-remove-pkgversion-from-CONFIG_STAM.patch
  module-add-Error-arguments-to-module_loa.patch
  module-removed-unused-function-argument-.patch
  module-rename-module_load_one-to-module_.patch
  net-tulip-Restrict-DMA-engine-to-memorie.patch
  openSUSE-Basetools-Ignore-spurious-GCC-1.patch
  openSUSE-Makefile-Fix-csum8-to-be-built-.patch
  openSUSE-Makefile-define-endianess-for-c.patch
  openSUSE-Makefile-fix-issues-of-build-re.patch
  openSUSE-add-cross.ini-file-to-handle-aa.patch
  openSUSE-build-Makefile-fix-issues-of-bu.patch
  openSUSE-build-Silence-GCC-12-spurious-w.patch
  openSUSE-build-be-explicit-about-mx86-us.patch
  openSUSE-build-enable-cross-compilation-.patch
  openSUSE-pc-q35-Bump-max_cpus-to-1024.patch
  openSUSE-pcbios-stub-out-the-SAN-req-s-i.patch
  openSUSE-switch-to-python3-as-needed.patch
  openSUSE-test-help-compiler-out-by-initi.patch
  qemu-binfmt-conf-Modify-default-path.patch
  qemu-bridge-helper-reduce-security-profi.patch
  roms-Makefile-add-cross-file-to-qboot-me.patch
  roms-Makefile-pass-a-packaging-timestamp.patch
  roms-change-cross-compiler-naming-to-be-.patch
  s390x-Add-KVM-PV-dump-interface.patch
  s390x-Add-protected-dump-cap.patch
  s390x-Introduce-PV-query-interface.patch
  s390x-pci-add-routine-to-get-host-functi.patch
  s390x-pci-don-t-fence-interpreted-device.patch
  s390x-pci-enable-adapter-event-notificat.patch
  s390x-pci-enable-for-load-store-interpre.patch
  s390x-pci-let-intercept-devices-have-sep.patch
  s390x-pci-reflect-proper-maxstbl-for-gro.patch
  s390x-pci-reset-ISM-passthrough-devices-.patch
  s390x-pci-shrink-DMA-aperture-to-be-boun.patch
  s390x-pv-Add-dump-support.patch
  s390x-tod-kvm-don-t-save-restore-the-TOD.patch
  scsi-generic-check-for-additional-SG_IO-.patch
  scsi-generic-replace-logical-block-count.patch
  tests-acpi-allow-changes-for-core_count2.patch
  tests-acpi-update-tables-for-new-core-co.patch
  tests-change-error-message-in-test-162.patch
  tests-qemu-iotests-Triple-timeout-of-i-o.patch
  ui-vnc-clipboard-fix-integer-underflow-i.patch
  xen-add-block-resize-support-for-xen-dis.patch
  xen-ignore-live-parameter-from-xen-save-.patch
  xen_disk-Add-suse-specific-flush-disable.patch
* Thu Mar 09 2023 dfaggioli@suse.com
- Fix bsc#1209064
  * Patches added:
  s390x-pci-reset-ISM-passthrough-devices-.patch
  s390x-pci-shrink-DMA-aperture-to-be-boun.patch
* Fri Feb 24 2023 dfaggioli@suse.com
- Fix build issue with Linux 6.2's headers (bsc#1208657) by dropping
  linux-user-add-more-compat-ioctl-definit.patch and adding
  Revert-linux-user-fix-compat-with-glibc-.patch
- Patches meson-enforce-a-minimum-Linux-kernel-hea.patch and
  linux-user-drop-conditionals-for-obsolet.patch were added
  as downstream patches as they were part of a series, but
  they never made it upstream, so we don't want them here
  either
  * Patches dropped:
  linux-user-add-more-compat-ioctl-definit.patch
  linux-user-drop-conditionals-for-obsolet.patch
  meson-enforce-a-minimum-Linux-kernel-hea.patch
  * Patches added:
  Revert-linux-user-fix-compat-with-glibc-.patch
* Thu Feb 23 2023 dfaggioli@suse.com
- Fixes bsc#1197653, CVE-2022-1050
  * Patches added:
  block-Handle-curl-7.55.0-7.85.0-version-.patch
  hw-pvrdma-Protect-against-buggy-or-malic.patch
* Mon Feb 13 2023 li.zhang@suse.com
- Fixes: jsc#PED-1716  Add S390 features from IBM requirements
  * Patches added:
  dump-Add-architecture-section-and-sectio.patch
  dump-Refactor-dump_iterate-and-introduce.patch
  dump-Reintroduce-memory_offset-and-secti.patch
  dump-Rename-write_elf_loads-to-write_elf.patch
  dump-Rename-write_elf-_phdr_note-to-prep.patch
  dump-Reorder-struct-DumpState.patch
  dump-Replace-opaque-DumpState-pointer-wi.patch
  dump-Rework-dump_calculate_size-function.patch
  dump-Rework-filter-area-variables.patch
  dump-Rework-get_start_block.patch
  dump-Split-elf-header-functions-into-pre.patch
  dump-Use-a-buffer-for-ELF-section-data-a.patch
  dump-Write-ELF-section-headers-right-aft.patch
  include-elf.h-add-s390x-note-types.patch
  s390x-Add-KVM-PV-dump-interface.patch
  s390x-Add-protected-dump-cap.patch
  s390x-Introduce-PV-query-interface.patch
  s390x-pv-Add-dump-support.patch
* Fri Feb 10 2023 dfaggioli@suse.com
- Fixed: bsc#1205847 (CVE-2022-4172), bsc#1203788 (CVE-2022-3165),
  bsc#1205808 (CVE-2022-4144), bsc#1206527, bsc#1208139
- Improved handling of: bsc#1202282 (jsc#PED-2592)
  * Patches dropped:
  pc-q35-Bump-max_cpus-to-1024.patch
  * Patches added:
  accel-abort-if-we-fail-to-load-the-accel.patch
  bios-tables-test-add-test-for-number-of-.patch
  bios-tables-test-teach-test-to-use-smbio.patch
  dmg-warn-when-opening-dmg-images-contain.patch
  hw-acpi-erst.c-Fix-memory-handling-issue.patch
  hw-display-qxl-Avoid-buffer-overrun-in-q.patch
  hw-display-qxl-Document-qxl_phys2virt.patch
  hw-display-qxl-Have-qxl_log_command-Retu.patch
  hw-display-qxl-Pass-requested-buffer-siz.patch
  hw-smbios-add-core_count2-to-smbios-tabl.patch
  hw-smbios-support-for-type-8-port-connec.patch
  module-add-Error-arguments-to-module_loa.patch
  module-removed-unused-function-argument-.patch
  module-rename-module_load_one-to-module_.patch
  openSUSE-pc-q35-Bump-max_cpus-to-1024.patch
  s390x-tod-kvm-don-t-save-restore-the-TOD.patch
  tests-acpi-allow-changes-for-core_count2.patch
  tests-acpi-update-tables-for-new-core-co.patch
  ui-vnc-clipboard-fix-integer-underflow-i.patch
* Fri Jan 27 2023 dfaggioli@suse.com
- Refactor building and installing SeaBIOS docs
* Fri Jan 27 2023 dfaggioli@suse.com
- Rename submodule patches so that it's clear which ones
  are backports and which ones are downstream only fixes;
- No functional change intended.
  * Patches dropped:
  Ignore-spurious-GCC-12-warning.patch
  roms-sgabios-Fix-csum8-to-be-built-by-ho.patch
  Makefile-define-endianess-for-cross-buil.patch
  ipxe-Makefile-fix-issues-of-build-reprod.patch
  qboot-add-cross.ini-file-to-handle-aarch.patch
  sgabios-Makefile-fix-issues-of-build-rep.patch
  Silence-GCC-12-spurious-warnings.patch
  build-be-explicit-about-mx86-used-note-n.patch
  enable-cross-compilation-on-ARM.patch
  stub-out-the-SAN-req-s-in-int13.patch
  help-compiler-out-by-initializing-array.patch
  seabios-switch-to-python3-as-needed.patch
  * Patches added:
  openSUSE-Basetools-Ignore-spurious-GCC-1.patch
  openSUSE-Makefile-Fix-csum8-to-be-built-.patch
  openSUSE-Makefile-define-endianess-for-c.patch
  openSUSE-Makefile-fix-issues-of-build-re.patch
  openSUSE-add-cross.ini-file-to-handle-aa.patch
  openSUSE-build-Makefile-fix-issues-of-bu.patch
  openSUSE-build-Silence-GCC-12-spurious-w.patch
  openSUSE-build-be-explicit-about-mx86-us.patch
  openSUSE-build-enable-cross-compilation-.patch
  openSUSE-pcbios-stub-out-the-SAN-req-s-i.patch
  openSUSE-switch-to-python3-as-needed.patch
  openSUSE-test-help-compiler-out-by-initi.patch
* Wed Jan 11 2023 li.zhang@suse.com
- Fixes jsc#PED-1716
  * Patches added:
  configure-Add-Wno-gnu-variable-sized-typ.patch
  s390x-pci-add-routine-to-get-host-functi.patch
  s390x-pci-don-t-fence-interpreted-device.patch
  s390x-pci-enable-adapter-event-notificat.patch
  s390x-pci-enable-for-load-store-interpre.patch
  s390x-pci-let-intercept-devices-have-sep.patch
  s390x-pci-reflect-proper-maxstbl-for-gro.patch
  Update-linux-headers-to-v6.0-rc4.patch
* Thu Jan 05 2023 dmueller@suse.com
- install binfmt-misc handlers for systemd (bsc#1206838)
* Wed Nov 16 2022 dfaggioli@suse.com
- Raise the maximum number of vCPUs a VM can have to 1024 (jsc#PED-2592)
  * Patches added:
  pc-q35-Bump-max_cpus-to-1024.patch
* Wed Nov 09 2022 giecrilj@stegny.2a.pl
- install SeaBIOS documentation
* Thu Nov 03 2022 schwab@suse.de
- Enable KVM support on riscv64
* Wed Oct 26 2022 dfaggioli@suse.com
- qtests test are not realiable when run inside OBS builders, so
  let's disable that part of the testsuite for now. There is work
  ongoing to run it somewhere else (on dedicated hosts) to avoid
  loosing coverage. (bsc#1204566)
* Mon Oct 24 2022 dfaggioli@suse.com
- Improve dependency handling (e.g., what's recommended vs. what's
  required.
- Add a subpackage (qemu-headless) that brings in all the packages
  that are needed for creating VMs with tools like virt-install
  or VirtManager, run either locally or from a remote host.
  (bsc#1202166)
* Mon Oct 10 2022 hpj@urpla.net
- Build fails due to exceeding 10 GB disk limit (10430 MB):
  raise disk space contraint to 12 GB