From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org
Subject: Re: [Qemu-devel] Patch Round-up for stable 2.3.1, freeze on 2015-08-06
Date: Tue, 04 Aug 2015 12:41:24 -0500 [thread overview]
Message-ID: <20150804174124.17567.54795@loki> (raw)
In-Reply-To: <1438255988-10418-1-git-send-email-mdroth@linux.vnet.ibm.com>
Quoting Michael Roth (2015-07-30 06:32:15)
> Hi everyone,
>
> The following new patches are queued for QEMU stable v2.3.1:
>
> https://github.com/mdroth/qemu/commits/stable-2.3-staging
>
> The release is planned for 2015-08-11:
>
> http://wiki.qemu.org/Planning/2.3
>
> Please respond here or CC qemu-stable@nongnu.org on any patches you
> think should be included in the release.
Updated with the following:
rtl8139: check TCP Data Offset field (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: skip offload on short TCP header (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: check IP Total Length field (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: check IP Header Length field (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: skip offload on short Ethernet/IP header (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: drop tautologous if (ip) {...} statement (CVE-2015-5165) (Stefan Hajnoczi)
rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) (Stefan Hajnoczi)
tcg/mips: fix add2 (Aurelien Jarno)
tcg/mips: fix TLB loading for BE host with 32-bit guests (Aurelien Jarno)
Fix release_drive on unplugged devices (pci_piix3_xen_ide_unplug) (Stefano Stabellini)
>
> Testing/feedback is greatly appreciated.
>
> Thanks!
>
> ----------------------------------------------------------------
> Alberto Garcia (1):
> sdl2: fix crash in handle_windowevent() when restoring the screen size
>
> Alex Williamson (2):
> vfio/pci: Fix RTL8168 NIC quirks
> vfio/pci: Fix bootindex
>
> Bogdan Purcareata (1):
> nbd/trivial: fix type cast for ioctl
>
> Christian Borntraeger (1):
> s390x/ipl: Fix boot if no bootindex was specified
>
> Cornelia Huck (1):
> virtio-ccw: complete handling of guest-initiated resets
>
> David Gibson (1):
> spapr_vty: lookup should only return valid VTY objects
>
> Fam Zheng (14):
> vmdk: Fix next_cluster_sector for compressed write
> vmdk: Fix overflow if l1_size is 0x20000000
> block: Fix NULL deference for unaligned write if qiov is NULL
> qemu-iotests: Test unaligned sub-block zero write
> vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status
> vmdk: Use vmdk_find_index_in_cluster everywhere
> block: Add bdrv_get_block_status_above
> qmp: Add optional bool "unmap" to drive-mirror
> mirror: Do zero write on target if sectors not allocated
> block: Fix dirty bitmap in bdrv_co_discard
> qemu-iotests: Make block job methods common
> qemu-iotests: Add test case for mirror with unmap
> iotests: Use event_wait in wait_ready
> block: Initialize local_err in bdrv_append_temp_snapshot
>
> Gerd Hoffmann (3):
> kbd: add brazil kbd keys to qemu
> kbd: add brazil kbd keys to x11 evdev map
> spice-display: fix segfault in qemu_spice_create_update
>
> James Hogan (2):
> mips/kvm: Fix Big endian 32-bit register access
> mips/kvm: Sign extend registers written to KVM
>
> Jason Wang (3):
> virtio-net: fix the upper bound when trying to delete queues
> vhost: correctly pass error to caller in vhost_dev_enable_notifiers()
> virtio-net: unbreak any layout
>
> Jeff Cody (2):
> block: vpc - prevent overflow if max_table_entries >= 0x40000000
> block: qemu-iotests - add check for multiplication overflow in vpc
>
> John Snow (1):
> iotests: add QMP event waiting queue
>
> Justin Ossevoort (1):
> qga/commands-posix: Fix bug in guest-fstrim
>
> Ján Tomko (1):
> Strip brackets from vnc host
>
> Kevin Wolf (4):
> qcow2: Flush pending discards before allocating cluster
> ide: Check array bounds before writing to io_buffer (CVE-2015-5154)
> ide/atapi: Fix START STOP UNIT command completion
> ide: Clear DRQ after handling all expected accesses
>
> Laszlo Ersek (1):
> hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf()
>
> Max Reitz (2):
> qcow2: Set MIN_L2_CACHE_SIZE to 2
> iotests: qcow2 COW with minimal L2 cache size
>
> Michael Roth (2):
> Revert "block: Fix unaligned zero write"
> target-ppc: fix hugepage support when using memory-backend-file
>
> Michal Kazior (1):
> usb: fix usb-net segfault
>
> Paolo Bonzini (1):
> scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158)
>
> Peter Lieven (2):
> block/iscsi: do not forget to logout from target
> block/nfs: limit maximum readahead size to 1MB
>
> Peter Maydell (1):
> target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd
>
> Petr Matousek (2):
> fdc: force the fifo access to be in bounds of the allocated buffer
> i8254: fix out-of-bounds memory access in pit_ioport_read()
>
> Shannon Zhao (1):
> hw/acpi/aml-build: Fix memory leak
>
> Stefan Hajnoczi (1):
> bt-sdp: fix broken uuids power-of-2 calculation
>
> 马文霜 (1):
> Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES
>
> block.c | 215 +++++++++++++++++++++++++++++++++++++++++++-------------------
> block/iscsi.c | 6 ++
> block/mirror.c | 28 ++++++--
> block/nfs.c | 7 ++
> block/qcow2-refcount.c | 5 ++
> block/qcow2.h | 3 +-
> block/vmdk.c | 40 ++++++++----
> block/vpc.c | 18 ++++--
> blockdev.c | 5 ++
> hmp.c | 2 +-
> hw/acpi/aml-build.c | 1 +
> hw/block/fdc.c | 17 +++--
> hw/bt/sdp.c | 2 +-
> hw/char/spapr_vty.c | 4 ++
> hw/core/sysbus.c | 16 ++---
> hw/ide/atapi.c | 1 +
> hw/ide/core.c | 32 ++++++++--
> hw/net/virtio-net.c | 25 ++++++--
> hw/s390x/ipl.c | 4 +-
> hw/s390x/virtio-ccw.c | 39 +++++++-----
> hw/scsi/scsi-bus.c | 7 +-
> hw/timer/i8254.c | 6 ++
> hw/usb/dev-network.c | 4 ++
> hw/vfio/pci.c | 10 +--
> hw/virtio/vhost.c | 8 +--
> include/block/block.h | 4 ++
> include/block/block_int.h | 2 +
> include/hw/virtio/virtio-access.h | 9 +++
> kvm-all.c | 17 +++--
> nbd.c | 2 +-
> qapi-schema.json | 4 +-
> qapi/block-core.json | 8 ++-
> qga/commands-posix.c | 9 ++-
> qmp-commands.hx | 3 +
> scripts/qmp/qmp.py | 95 ++++++++++++++++++---------
> target-arm/translate.c | 56 +++++++++-------
> target-mips/kvm.c | 21 ++----
> target-ppc/kvm.c | 57 +++++++++++++++--
> tests/qemu-iotests/033 | 13 ++++
> tests/qemu-iotests/033.out | 30 +++++++++
> tests/qemu-iotests/041 | 66 +++++--------------
> tests/qemu-iotests/103 | 10 +++
> tests/qemu-iotests/103.out | 5 ++
> tests/qemu-iotests/132 | 59 +++++++++++++++++
> tests/qemu-iotests/132.out | 5 ++
> tests/qemu-iotests/135 | 54 ++++++++++++++++
> tests/qemu-iotests/135.out | 5 ++
> tests/qemu-iotests/group | 2 +
> tests/qemu-iotests/iotests.py | 61 ++++++++++++++++++
> tests/qemu-iotests/sample_images/afl5.img.bz2 | Bin 0 -> 175 bytes
> ui/input-keymap.c | 4 ++
> ui/sdl2.c | 4 ++
> ui/spice-display.c | 9 +--
> ui/vnc.c | 9 ++-
> ui/x_keymap.c | 4 +-
> 55 files changed, 839 insertions(+), 293 deletions(-)
> create mode 100644 tests/qemu-iotests/132
> create mode 100644 tests/qemu-iotests/132.out
> create mode 100755 tests/qemu-iotests/135
> create mode 100644 tests/qemu-iotests/135.out
> create mode 100644 tests/qemu-iotests/sample_images/afl5.img.bz2
>
>
prev parent reply other threads:[~2015-08-04 17:42 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-30 11:32 [Qemu-devel] Patch Round-up for stable 2.3.1, freeze on 2015-08-06 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 01/53] bt-sdp: fix broken uuids power-of-2 calculation Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 02/53] block/iscsi: do not forget to logout from target Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 03/53] Strip brackets from vnc host Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 04/53] nbd/trivial: fix type cast for ioctl Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 05/53] vmdk: Fix next_cluster_sector for compressed write Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 06/53] vmdk: Fix overflow if l1_size is 0x20000000 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 07/53] qcow2: Flush pending discards before allocating cluster Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 08/53] usb: fix usb-net segfault Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 09/53] virtio-net: fix the upper bound when trying to delete queues Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 10/53] target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 11/53] fdc: force the fifo access to be in bounds of the allocated buffer Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 12/53] Revert "block: Fix unaligned zero write" Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 13/53] block: Fix NULL deference for unaligned write if qiov is NULL Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 14/53] qemu-iotests: Test unaligned sub-block zero write Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 15/53] hw/acpi/aml-build: Fix memory leak Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 16/53] qga/commands-posix: Fix bug in guest-fstrim Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 17/53] kbd: add brazil kbd keys to qemu Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 18/53] kbd: add brazil kbd keys to x11 evdev map Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 19/53] qcow2: Set MIN_L2_CACHE_SIZE to 2 Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 20/53] iotests: qcow2 COW with minimal L2 cache size Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 21/53] vmdk: Fix index_in_cluster calculation in vmdk_co_get_block_status Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 22/53] vmdk: Use vmdk_find_index_in_cluster everywhere Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 23/53] sdl2: fix crash in handle_windowevent() when restoring the screen size Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 24/53] spice-display: fix segfault in qemu_spice_create_update Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 25/53] i8254: fix out-of-bounds memory access in pit_ioport_read() Michael Roth
2015-08-03 8:40 ` [Qemu-devel] 答复: " lidonglin
2015-08-03 11:46 ` Paolo Bonzini
2015-07-30 11:32 ` [Qemu-devel] [PATCH 26/53] hw/core: rebase sysbus_get_fw_dev_path() to g_strdup_printf() Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 27/53] vhost: correctly pass error to caller in vhost_dev_enable_notifiers() Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 28/53] virtio-ccw: complete handling of guest-initiated resets Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 29/53] block: Add bdrv_get_block_status_above Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 30/53] qmp: Add optional bool "unmap" to drive-mirror Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 31/53] mirror: Do zero write on target if sectors not allocated Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 32/53] block: Fix dirty bitmap in bdrv_co_discard Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 33/53] qemu-iotests: Make block job methods common Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 34/53] qemu-iotests: Add test case for mirror with unmap Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 35/53] iotests: Use event_wait in wait_ready Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 36/53] iotests: add QMP event waiting queue Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 37/53] block/nfs: limit maximum readahead size to 1MB Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 38/53] s390x/ipl: Fix boot if no bootindex was specified Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 39/53] spapr_vty: lookup should only return valid VTY objects Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 40/53] target-ppc: fix hugepage support when using memory-backend-file Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 41/53] Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 42/53] block: Initialize local_err in bdrv_append_temp_snapshot Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 43/53] mips/kvm: Fix Big endian 32-bit register access Michael Roth
2015-07-30 11:32 ` [Qemu-devel] [PATCH 44/53] mips/kvm: Sign extend registers written to KVM Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 45/53] vfio/pci: Fix RTL8168 NIC quirks Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 46/53] virtio-net: unbreak any layout Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 47/53] vfio/pci: Fix bootindex Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 48/53] scsi: fix buffer overflow in scsi_req_parse_cdb (CVE-2015-5158) Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 49/53] block: vpc - prevent overflow if max_table_entries >= 0x40000000 Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 50/53] block: qemu-iotests - add check for multiplication overflow in vpc Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 51/53] ide: Check array bounds before writing to io_buffer (CVE-2015-5154) Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 52/53] ide/atapi: Fix START STOP UNIT command completion Michael Roth
2015-07-30 11:33 ` [Qemu-devel] [PATCH 53/53] ide: Clear DRQ after handling all expected accesses Michael Roth
2015-08-04 17:41 ` Michael Roth [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150804174124.17567.54795@loki \
--to=mdroth@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).