-
Wed Aug 06 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-26.el9
- accel/kvm: Enable Dirty bit tracking if hash cache is used (Joao Martins) [Orabug: 37699414]
- migration/page_cache: Add nettle sha256 function (Elena Ufimtseva) [Orabug: 37699414]
- migration/page_cache: Add libgcrypt sha256 function (Elena Ufimtseva) [Orabug: 37699414]
- migration/page_cache: Add gnutls sha256 function (Joao Martins) [Orabug: 37699414]
- migration: Add a parameter to select sha256 library (Joao Martins) [Orabug: 37699414]
- migration: Export cache statistics to QMP (Joao Martins) [Orabug: 37699414]
- migration/ram: Adjust estimate/exact to time-to-hash dirty data (Joao Martins) [Orabug: 37699414]
- migration: Sync dirty bitmap in exact() considering factor (Joao Martins) [Orabug: 37699414]
- migration: Time cache hit/miss operations (Joao Martins) [Orabug: 37699414]
- migration/ram: Calculate real dirty pages based on hash cache stats (Elena Ufimtseva) [Orabug: 37699414]
- migration: Add hash cache for dirty page tracking (Elena Ufimtseva) [Orabug: 37699414]
- migration/page-cache: Differentiate page size from cache data size (Joao Martins) [Orabug: 37699414]
- target/i386: do not expose ARCH_CAPABILITIES on AMD CPU (Paolo Bonzini) [Orabug: 38225280]
-
Tue Jul 08 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-24.el9
- Revert "migration: Temporarily re-enable our custom switchover event by default" (Mark Kanda)
- target/i386: Enumerate verw-clear CPUID feature (Boris Ostrovsky) [Orabug: 38118557] {CVE-2024-36350} {CVE-2024-36357}
-
Wed Jun 25 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-23.el9
- vhost-scsi: support VIRTIO_SCSI_F_HOTPLUG (Dongli Zhang) [Orabug: 38113473]
-
Fri Jun 13 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-22.el9
- migration/multifd: Don't send device state packets with zerocopy flag (Maciej S. Szmigiero) [Orabug: 37372623]
- migration/dirtyrate: skip kvm_log_start/kvm_log_stop for non-KVM (Dongli Zhang) [Orabug: 37939813]
-
Fri May 16 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-21.el9
- migration: Temporarily re-enable our custom switchover event by default (Maciej S. Szmigiero)
-
Wed May 07 2025 Mark Kanda <mark.kanda@oracle.com> - 7.2.0-20.el9
- Document CVEs as not applicable to QEMU 7.2.0 (Mark Kanda) [Orabug: 36869706] [Orabug: 36620547] [Orabug: 37043479] {CVE-2024-3567} {CVE-2024-4693} {CVE-2024-7730}
- target/i386: Remove rtm, hle and taa-no from the Sapphire Rapids CPU model (Mark Kanda) [Orabug: 37867203]
- target/i386: Reset parked vCPUs together with the online ones (Maciej S. Szmigiero)
- migration: Add capability for our custom switchover event (Maciej S. Szmigiero)
- iotests: Disable ones that hang (Maciej S. Szmigiero)
- vfio/migration: Use BE byte order for device state wire packets (Maciej S. Szmigiero)
- vfio/migration: Make x-migration-multifd-transfer VFIO property mutable (Maciej S. Szmigiero)
- vfio/migration: Add x-migration-multifd-transfer VFIO property (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - send side (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - config loading support (Maciej S. Szmigiero)
- migration/qemu-file: Define g_autoptr() cleanup function for QEMUFile (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - load thread (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - received buffers queuing (Maciej S. Szmigiero)
- vfio/migration: Setup and cleanup multifd transfer in these general methods (Maciej S. Szmigiero)
- vfio/migration: Multifd setup/cleanup functions and associated VFIOMultifd (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer - add support checking function (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - basic types (Maciej S. Szmigiero)
- vfio/migration: Move migration channel flags to vfio-common.h header file (Maciej S. Szmigiero)
- vfio/migration: Add vfio_add_bytes_transferred() (Maciej S. Szmigiero)
- vfio/migration: Convert bytes_transferred counter to atomic (Maciej S. Szmigiero)
- vfio/migration: Add load_device_config_state_start trace event (Maciej S. Szmigiero)
- migration: Add save_live_complete_precopy_thread handler (Maciej S. Szmigiero)
- migration/multifd: Add multifd_device_state_supported() (Maciej S. Szmigiero)
- migration/multifd: Make MultiFDSendData a struct (Peter Xu)
- migration/multifd: Device state transfer support - send side (Maciej S. Szmigiero)
- migration/multifd: Add an explicit MultiFDSendData destructor (Maciej S. Szmigiero)
- migration/multifd: Make multifd_send() thread safe (Maciej S. Szmigiero)
- migration/multifd: Device state transfer support - receive side (Maciej S. Szmigiero)
- migration/multifd: Split packet into header and RAM data (Maciej S. Szmigiero)
- migration: Add thread pool of optional load threads (Maciej S. Szmigiero)
- error: define g_autoptr() cleanup function for the Error type (Maciej S. Szmigiero)
- migration: Always take BQL for migration_incoming_state_destroy() (Maciej S. Szmigiero)
- migration: Add qemu_loadvm_load_state_buffer() and its handler (Maciej S. Szmigiero)
- migration: Add MIG_CMD_SWITCHOVER_START and its load handler (Maciej S. Szmigiero)
- thread-pool: Implement generic (non-AIO) pool support (Maciej S. Szmigiero)
- thread-pool: Rename AIO pool functions to *_aio() and data types to *Aio (Maciej S. Szmigiero)
- thread-pool: Remove thread_pool_submit() function (Maciej S. Szmigiero)
- migration: Check migration error after loadvm (Fabiano Rosas)
- migration/multifd: Add a compat property for TLS termination (Fabiano Rosas)
- migration/multifd: Terminate the TLS connection (Fabiano Rosas)
- io: Add a read flag for relaxed EOF (Fabiano Rosas)
- io: Add flags argument to qio_channel_readv_full_all_eof (Fabiano Rosas)
- crypto: Remove qcrypto_tls_session_get_handshake_status (Fabiano Rosas)
- io: tls: Add qio_channel_tls_bye (Fabiano Rosas)
- crypto: Allow gracefully ending the TLS session (Fabiano Rosas)
- migration/multifd: Fix compat with QEMU < 9.0 (Fabiano Rosas)
- vfio/migration: Add vfio_save_block_precopy_empty_hit trace event (Maciej S. Szmigiero)
- vfio/migration: Add save_{iterate, complete_precopy}_start trace events (Maciej S. Szmigiero)
- migration/ram: Add load start trace event (Maciej S. Szmigiero)
- migration/multifd: Stop changing the packet on recv side (Fabiano Rosas)
- migration/multifd: Replace multifd_send_state->pages with client data (Fabiano Rosas)
- migration/multifd: Don't send ram data during SYNC (Fabiano Rosas)
- migration/multifd: Isolate ram pages packet data (Fabiano Rosas)
- migration/multifd: Remove total pages tracing (Fabiano Rosas)
- migration/multifd: Move pages accounting into multifd_send_zero_page_detect() (Fabiano Rosas)
- migration/multifd: Replace p->pages with an union pointer (Fabiano Rosas)
- migration/multifd: Make MultiFDPages_t:offset a flexible array member (Fabiano Rosas)
- migration/multifd: Introduce MultiFDSendData (Fabiano Rosas)
- migration/multifd: Remove pages->allocated (Fabiano Rosas)
- migration/multifd: Inline page_size and page_count (Fabiano Rosas)
- migration/multifd: Reduce access to p->pages (Fabiano Rosas)
- migration/multifd: Decouple recv method from pages (Fabiano Rosas)
- migration/multifd: Rename MultiFDSend|RecvParams::data to compress_data (Fabiano Rosas)
- migration/multifd: Change multifd_pages_init argument (Fabiano Rosas)
- migration: Introduce migrate_has_error() (Peter Xu)
- test-vmstate: fix bad GTree usage, use-after-free (Eric Auger)
- Revert "vfio/migration: Add save_{iterate,complete_precopy}_started trace events" (Maciej S. Szmigiero)
- Revert "migration/ram: Add load start trace event" (Maciej S. Szmigiero)
- Revert "migration: Add save_live_complete_precopy_{begin,end} handlers" (Maciej S. Szmigiero)
- Revert "migration: Add qemu_loadvm_load_state_buffer() and its handler" (Maciej S. Szmigiero)
- Revert "migration: Add load_finish handler and associated functions" (Maciej S. Szmigiero)
- Revert "migration/multifd: Device state transfer support - receive side" (Maciej S. Szmigiero)
- Revert "migration/multifd: Convert multifd_send_pages::next_channel to atomic" (Maciej S. Szmigiero)
- Revert "migration/multifd: Device state transfer support - send side" (Maciej S. Szmigiero)
- Revert "migration/multifd: Add migration_has_device_state_support()" (Maciej S. Szmigiero)
- Revert "vfio/migration: Multifd device state transfer support - receive side" (Maciej S. Szmigiero)
- Revert "vfio/migration: Add x-orcl-migration-multifd-transfer VFIO property" (Maciej S. Szmigiero)
- Revert "vfio/migration: Multifd device state transfer support - send side" (Maciej S. Szmigiero)
- target/i386: fix feature dependency for WAITPKG (Paolo Bonzini) [Orabug: 35941551]
- target/i386: add support for VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE (Ake Koomsin) [Orabug: 35941551]
- vhost-scsi: Add support for a worker thread per virtqueue (Mike Christie) [Orabug: 37723795]
- vhost: Add worker backend callouts (Mike Christie) [Orabug: 37723795]
- linux-headers: update vhost related headers to v6.5-rc1 (Mark Kanda) [Orabug: 37723795]
- system/physmem: poisoned memory discard on reboot (William Roche) [Orabug: 34545034]
- system/physmem: handle hugetlb correctly in qemu_ram_remap() (William Roche) [Orabug: 34545034]
- qemu-kvm.spec: Ship multiboot_dma.bin (Liam Merwick) [Orabug: 37593199]
- target/i386: Change unavail from u32 to u64 (Xiong Zhang) [Orabug: 37560962]
- vfio/pci: Add x-device-dirty-page-tracking param (Joao Martins)
-
Mon Jan 13 2025 Karl Heubaum <karl.heubaum@oracle.com> - 7.2.0-18.el9
- tests: acpi: update expected blobs (Igor Mammedov) [Orabug: 37274182]
- cpuhp: make sure that remove events are handled within the same SCI (Igor Mammedov) [Orabug: 37274182]
- tests: acpi: whitelist expected blobs (Igor Mammedov) [Orabug: 37274182]
- target/i386: Reset TSCs of parked vCPUs too on VM reset (Maciej S. Szmigiero) [Orabug: 37318424]
- 9pfs: fix regression regarding CVE-2023-2861 (Christian Schoenebeck) [Orabug: 37409273]
- virtio-net: Ensure queue index fits with RSS (Akihiko Odaki) [Orabug: 36943011] {CVE-2024-6505}
- qemu-kvm.spec: pack elf2dmp tool (Annie Li)
- test: bios-tables-test: add IVRS changed binary (Bui Quang Minh) [Orabug: 35710551]
- amd_iommu: Fix kvm_enable_x2apic link error with clang in non-KVM builds (Sairaj Kodilkar) [Orabug: 35710551]
- amd_iommu: Check APIC ID > 255 for XTSup (Suravee Suthikulpanit) [Orabug: 35710551]
- amd_iommu: Send notification when invalidate interrupt entry cache (Suravee Suthikulpanit) [Orabug: 35710551]
- amd_iommu: Use shared memory region for Interrupt Remapping (Suravee Suthikulpanit) [Orabug: 35710551]
- amd_iommu: Add support for pass though mode (Suravee Suthikulpanit) [Orabug: 35710551]
- amd_iommu: Rename variable mmio to mr_mmio (Suravee Suthikulpanit) [Orabug: 35710551]
- hw/i386/amd_iommu: Don't leak memory in amdvi_update_iotlb() (Peter Maydell) [Orabug: 35710551]
- amd_iommu: report x2APIC support to the operating system (Bui Quang Minh) [Orabug: 35710551]
- hw/i386/amd_iommu: Do not use SysBus API to map local MMIO region (Philippe Mathieu-Daudé) [Orabug: 35710551]
- amd_iommu: Fix APIC address check (Akihiko Odaki) [Orabug: 35710551]
- hw/i386/amd_iommu: Factor amdvi_pci_realize out of amdvi_sysbus_realize (Philippe Mathieu-Daudé) [Orabug: 35710551]
- hw/i386/amd_iommu: Set PCI static/const fields via PCIDeviceClass (Philippe Mathieu-Daudé) [Orabug: 35710551]
- hw/i386/amd_iommu: Move capab_offset from AMDVIState to AMDVIPCIState (Philippe Mathieu-Daudé) [Orabug: 35710551]
- hw/i386/amd_iommu: Remove intermediate AMDVIState::devid field (Philippe Mathieu-Daudé) [Orabug: 35710551]
- hw/i386/amd_iommu: Explicit use of AMDVI_BASE_ADDR in amdvi_init (Philippe Mathieu-Daudé) [Orabug: 35710551]
-
Wed Oct 16 2024 Karl Heubaum <karl.heubaum@oracle.com> - 7.2.0-17.el9
- target/i386: add feature bits for Inception/SRSO mitigations (Mark Kanda) [Orabug: 37170148]
- hw/vfio/pci-quirks: Sanitize capability pointer (Alex Williamson) [Orabug: 37176213]
- hw/vfio/pci-quirks: Support alternate offset for GPUDirect Cliques (Alex Williamson) [Orabug: 37176213]
- migration/dirtyrate: Add new mode to dirty track non KVM device separately (Joao Martins) [Orabug: 37097510]
- vfio/migration: Allow dirty tracking reports with MIGRATION_STATUS_NONE (Joao Martins) [Orabug: 37097510]
- migration: Emit event when source starts switchover (Joao Martins) [Orabug: 37097503]
-
Tue Oct 01 2024 Karl Heubaum <karl.heubaum@oracle.com> - 7.2.0-16.el9
- block: fix failing assert on paused VM migration (Andrey Drobyshev) [Orabug: 37106834]
- migration/multifd: Fix rb->receivedmap cleanup race (Fabiano Rosas) [Orabug: 36932320]
- migration/savevm: Remove extra load cleanup calls (Fabiano Rosas) [Orabug: 36932320]
- migration: fix switchover abort termination paths (Elena Ufimtseva) [Orabug: 36932320]
- nbd/server: CVE-2024-7409: Avoid use-after-free when closing server (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- nbd/server: CVE-2024-7409: Close stray clients at server-stop (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- nbd/server: CVE-2024-7409: Drop non-negotiating clients (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- nbd/server: CVE-2024-7409: Cap default max-connections to 100 (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- nbd/server: Plumb in new args to nbd_client_add() (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- nbd: Minor style and typo fixes (Eric Blake) [Orabug: 36921582] {CVE-2024-7409}
- scsi-disk: Always report RESERVATION_CONFLICT to guest (Kevin Wolf)
- scsi-disk: Add warning comments that host_status errors take a shortcut (Kevin Wolf)
- scsi-block: Don't skip callback for sgio error status/driver_status (Kevin Wolf)
- scsi-disk: Use positive return value for status in dma_readv/writev (Kevin Wolf)
- target/i386: Add new CPU model SierraForest (Tao Su)
- target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model (Lei Wang)
- target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES (Tao Su)
- target/i386: Allow MCDT_NO if host supports (Tao Su)
- target/i386: Add support for MCDT_NO in CPUID enumeration (Tao Su)
- target/i386: Adjust feature level according to FEAT_7_1_EDX (Tao Su)
- target/i386: Export MSR_ARCH_CAPABILITIES bits to guests (Pawan Gupta)
- target/i386: Add support for PREFETCHIT0/1 in CPUID enumeration (Jiaxi Chen)
- target/i386: Add support for AVX-NE-CONVERT in CPUID enumeration (Jiaxi Chen)
- target/i386: Add support for AVX-VNNI-INT8 in CPUID enumeration (Jiaxi Chen)
- target/i386: Add support for AVX-IFMA in CPUID enumeration (Jiaxi Chen)
- target/i386: Add support for AMX-FP16 in CPUID enumeration (Jiaxi Chen)
- target/i386: Add support for CMPCCXADD in CPUID enumeration (Jiaxi Chen)
- i386: Add new CPU model SapphireRapids (Wang, Lei)
- target/i386: KVM: allow fast string operations if host supports them (Paolo Bonzini)
- target/i386: add FZRM, FSRS, FSRC (Paolo Bonzini)
- spec: disable keyutils (Mark Kanda) [Orabug: 36903731]
- meson.build: Make keyutils independent from keyring (Thomas Huth) [Orabug: 36903731]
-
Wed Jul 31 2024 Karl Heubaum <karl.heubaum@oracle.com> - 7.2.0-15.el9
- migration: abort on destination if switchover limit exceeded (Elena Ufimtseva)
- migration: introduce strict switchover SLA (Elena Ufimtseva)
- migration: add error to MigrationIncomingState (Elena Ufimtseva)
- migration: Set migration status early in incoming side (Fabiano Rosas)
- tests/qtest: migration: Use migrate_incoming_qmp where appropriate (Fabiano Rosas)
- tests/qtest: migration: Add migrate_incoming_qmp helper (Fabiano Rosas)
- tests/qtest: migration: Expose migrate_set_capability (Fabiano Rosas)
- vfio/migration: Multifd device state transfer support - send side (Maciej S. Szmigiero)
- vfio/migration: Add x-orcl-migration-multifd-transfer VFIO property (Maciej S. Szmigiero)
- vfio/migration: Multifd device state transfer support - receive side (Maciej S. Szmigiero)
- migration/multifd: Add migration_has_device_state_support() (Maciej S. Szmigiero)
- migration/multifd: Device state transfer support - send side (Maciej S. Szmigiero)
- migration/multifd: Convert multifd_send_pages::next_channel to atomic (Maciej S. Szmigiero)
- migration/multifd: Device state transfer support - receive side (Maciej S. Szmigiero)
- migration: Add load_finish handler and associated functions (Maciej S. Szmigiero)
- migration: Add qemu_loadvm_load_state_buffer() and its handler (Maciej S. Szmigiero)
- migration: Add save_live_complete_precopy_{begin,end} handlers (Maciej S. Szmigiero)
- migration/multifd: Zero p->flags before starting filling a packet (Maciej S. Szmigiero)
- migration/ram: Add load start trace event (Maciej S. Szmigiero)
- vfio/migration: Add save_{iterate,complete_precopy}_started trace events (Maciej S. Szmigiero)
- hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daudé) [Orabug: 36869694] {CVE-2024-3446}
- hw/char/virtio-serial-bus: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daudé) [Orabug: 36869694] {CVE-2024-3446}
- hw/display/virtio-gpu: Protect from DMA re-entrancy bugs (Philippe Mathieu-Daudé) [Orabug: 36869694] {CVE-2024-3446}
- hw/virtio: Introduce virtio_bh_new_guarded() helper (Philippe Mathieu-Daudé) [Orabug: 36869694] {CVE-2024-3446}
- pcie_sriov: Validate NumVFs (Akihiko Odaki) [Orabug: 36314082] {CVE-2024-26327}
- hw/nvme: Use pcie_sriov_num_vfs() (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- pcie: Introduce pcie_sriov_num_vfs (Akihiko Odaki) [Orabug: 36314111] {CVE-2024-26328}
- qcow2: Don't open data_file with BDRV_O_NO_IO (Kevin Wolf) [Orabug: 36801853] {CVE-2024-4467}
- target/i386: drop AMD machine check bits from Intel CPUID (Paolo Bonzini) [Orabug: 36785079]
- target/i386: pass X86CPU to x86_cpu_get_supported_feature_word (Paolo Bonzini) [Orabug: 36785079]
- migration: prevent migration when VM has poisoned memory (William Roche) [Orabug: 35533097]
- i386: Add support for overflow recovery (John Allen) [Orabug: 34691766]
- i386: Add support for SUCCOR feature (John Allen) [Orabug: 34691766]
- i386: Fix MCE support for AMD hosts (John Allen) [Orabug: 34691766]