scripts/kernel-doc: Avoid new Perl precedence warning

Newer versions of Perl (5.41.x and up) emit a warning for code in
kernel-doc:
Possible precedence problem between ! and pattern match (m//) at

scripts/kernel-doc: Avoid new Perl precedence warning

Newer versions of Perl (5.41.x and up) emit a warning for code in
kernel-doc:
Possible precedence problem between ! and pattern match (m//) at /scripts/kernel-doc line 1597.

This is because the code does:
if (!$param =~ /\w\.\.\.$/) {

In Perl, the ! operator has higher precedence than the =~
pattern-match binding, so the effect of this condition is to first
logically-negate the string $param into a true-or-false value and
then try to pattern match it against the regex, which in this case
will always fail. This is almost certainly not what the author
intended.

In the new Python version of kernel-doc in the Linux kernel,
the equivalent code is written:

if KernRe(r'\w\.\.\.$').search(param):
# For named variable parameters of the form `x...`,
# remove the dots
param = param[:-3]
else:
# Handles unnamed variable parameters
param = "..."

which is a more sensible way of writing the behaviour you would
get if you put in brackets to make the regex match first and
then negate the result.

Take this as the intended behaviour, and update the Perl to match.

For QEMU, this produces no change in output, presumably because we
never used the "unnamed variable parameters" syntax.

Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Message-id: 20250819115648.2125709-1-peter.maydell@linaro.org
(cherry picked from commit 5ffd387e9e0f787744fadaad35e1bf92224b0642)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

show more ...

Merge tag 'migration-20250805-pull-request' of https://gitlab.com/farosas/qemu into staging

Migration pull request

- Disable GNUTLS bug workaround

# -----BEGIN PGP SIGNATURE-----
#
# iQJEBAABCAAuF

Merge tag 'migration-20250805-pull-request' of https://gitlab.com/farosas/qemu into staging

Migration pull request

- Disable GNUTLS bug workaround

# -----BEGIN PGP SIGNATURE-----
#
# iQJEBAABCAAuFiEEqhtIsKIjJqWkw2TPx5jcdBvsMZ0FAmiSaOQQHGZhcm9zYXNA
# c3VzZS5kZQAKCRDHmNx0G+wxnakhD/4tpM3NvFiz0h+nDfkTU0ha5wzWz0eWAw1+
# utmaxuqta6hvKN34ZvfrAYXpnUhbvaGb5KT1sSo9+v81kSom2lnAjBxZl/jIQzPp
# zKnJaR8pnqBg9z9Gx22bZ68lekcnyez3gMRHOm8xtT7knwde9/7dEXl1dsWpE7Jw
# xewuJQg3YR3uuHBH7FWXY/6i8htOlw+kSmlkFEVMcH7qXqj5+QVaELo8M0SH4UNO
# eohmJv5nK9Z2B3lBUm0hj45EmjGWyuGUMdcVIVceNvsBDkdfmut3V8+h3qb2vPcn
# YJOaLZFu5JJevE+sy9fgVfgNVbIBxWF3Va4Sm3z7dBisZtsHmQl46If2ehXGJPN0
# n1qYDwW8QPepNfpnHmxh9lEXoBljLU2XfjLYdq0t5U0fIrYuI7R4a+c8Cs6h2oCn
# IdKXMMjGFMbw7uDPwTzUhgYqhwwaJ+RWA8h08Hv6/QwRrpF4dmaUi6b7uU6aFwQr
# OgtSM6S+0+/fKaLzHAZ3WypnrwhZXOlGodRDfYJFp5Q+84+R34nx0CRO9nZh5OYn
# 5wvQIMfUwZ6NbprG/4qwjzYhtAqZrE/yBV38XzFe3ajJI46LbHnNkMcbb70hviZH
# PiLTQX66u4ZWWeZZLJCrnaZW2NBr2STDzp0gqfVwPcZEdjP7drthoPCNkf85zF87
# zcRW1yzDYQ==
# =UPOe
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 05 Aug 2025 16:26:12 EDT
# gpg: using RSA key AA1B48B0A22326A5A4C364CFC798DC741BEC319D
# gpg: issuer "farosas@suse.de"
# gpg: Good signature from "Fabiano Rosas <farosas@suse.de>" [unknown]
# gpg: aka "Fabiano Almeida Rosas <fabiano.rosas@suse.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: AA1B 48B0 A223 26A5 A4C3 64CF C798 DC74 1BEC 319D

* tag 'migration-20250805-pull-request' of https://gitlab.com/farosas/qemu:
meson: remove 'gnutls-bug1717-workaround' for migration TLS crashes

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

meson: remove 'gnutls-bug1717-workaround' for migration TLS crashes

The implementation of this workaround does not currently work, so
remove the option entirely to avoid exposing it to users. The co

meson: remove 'gnutls-bug1717-workaround' for migration TLS crashes

The implementation of this workaround does not currently work, so
remove the option entirely to avoid exposing it to users. The code
will remain (temporarily dormant) to be fixed in the next release
cycle.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Link: https://lore.kernel.org/qemu-devel/20250805182431.504158-1-berrange@redhat.com
Signed-off-by: Fabiano Rosas <farosas@suse.de>

show more ...

scripts/make-release: Go back to cloning all the EDK2 submodules

In commit bd0da3a3d4f we changed make-release so that instead of
cloning every git submodule of EDK2 we only cloned a fixed list.
The

scripts/make-release: Go back to cloning all the EDK2 submodules

In commit bd0da3a3d4f we changed make-release so that instead of
cloning every git submodule of EDK2 we only cloned a fixed list.
The original motivation for this was that one of the submodules:
* was from a non-github repo
* that repo had a "SSL certificate expired" failure
* wasn't actually needed for the set of EDK2 binaries we build
and at the time we were trying to build the EDK2 binaries in one of
our CI jobs.

Unfortunately this change meant that we were exposed to bugs where
EDK2 adds a new submodule and the sources we ship in the release
tarball won't build any more. In particular, in EDK2 commit
c6bb7d54beb05 the MipiSysTLib submodule was added, causing failure of
the ROM build in our tarball starting from QEMU release 8.2.0:

/tmp/qemu-10.0.0/roms/edk2/MdePkg/MdePkg.dec(32): error 000E: File/directory not found in workspace
Library/MipiSysTLib/mipisyst/library/include is not found in packages path:
/tmp/qemu-10.0.0/roms/.
/tmp/qemu-10.0.0/roms/edk2

(Building from a QEMU git checkout works fine.)

In the intervening time EDK2 moved the submodule that had a problem
to be one they mirrored themselves (and at time of writing all their
submodules are hosted on github), and we stopped trying to build
EDK2 binaries in our own CI jobs with commit 690ceb71936f9037f6.

Go back to cloning every EDK2 submodule, so we don't have an
untested explicit list of submodules which will break without
our noticing it.

This increases the size of the QEMU tarball .tar.xz file from
133M to 139M in my testing.

Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3041
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-ID: <20250721153341.2910800-1-peter.maydell@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

show more ...

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* rust: small cleanups + script to update packages
* target/i386: AVX bugfix

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgA

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* rust: small cleanups + script to update packages
* target/i386: AVX bugfix

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmiDfdIUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroO94Af7BJomIpZfOvtE/NJFXNfjdMrVQMhc
# A1BzFahs0MY0Zg3SzVu+wQa6yG2m4sHlqFVQBBCoUCL8Fu7UQoCJesMkCvI6KQly
# rZ/5Pp6zZWs4CXR+3mBsw0YqPGG/+rjPxsJf32Z04yrCFPZha7+V9Y+ABDCHv3cZ
# IIRQwzIPNu0kv8qeBeXZ5ZfBghsmRiQTJTCv0agezp+5jMH1mtATLUqnKiOMLlLh
# ERcw6n74bY7MXqIfFlYRfNmJ+v2jHZQbP3MhEk8ReXfhx2yC9axpppfm6a/bDjhU
# iCSSgAi7+Kj/7GPp6TdDmvQTvg3tKRdiEcvnxF95EIvcsu8L8wEPNJAzFA==
# =H4e7
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 25 Jul 2025 08:51:30 EDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
target/i386: fix width of third operand of VINSERTx128
scripts: add script to help distros use global Rust packages
rust/pl011: merge device_class.rs into device.rs
rust: devices are not staticlibs

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

scripts: add script to help distros use global Rust packages

Some distros prefer to avoid vendored crate sources, and instead use
local sources from e.g. ``/usr/share/cargo/registry``. Add a
script

scripts: add script to help distros use global Rust packages

Some distros prefer to avoid vendored crate sources, and instead use
local sources from e.g. ``/usr/share/cargo/registry``. Add a
script, inspired by the Mesa spec file(*), that automatically
performs this task. The script is meant to be invoked after unpacking
the QEMU tarball.

(*) This is the hack that Mesa uses:

export MESON_PACKAGE_CACHE_DIR="%{cargo_registry}/"
%define inst_crate_nameversion() %(basename %{cargo_registry}/%{1}-*)
%define rewrite_wrap_file() sed -e "/source.*/d" -e "s/%{1}-.*/%{inst_crate_nameversion %{1}}/" -i subprojects/%{1}.wrap
%rewrite_wrap_file proc-macro2
... more %rewrite_wrap_file invocations follow ...

Reviewed-by: Neal Gompa <ngompa@fedoraproject.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge tag 'pull-target-arm-20250725' of https://gitlab.com/pm215/qemu into staging

target-arm queue:
* Fix various bugs in SMEp/SVE2p1 load/store handling
* hw/arm/smmu-common: Avoid using inlined

Merge tag 'pull-target-arm-20250725' of https://gitlab.com/pm215/qemu into staging

target-arm queue:
* Fix various bugs in SMEp/SVE2p1 load/store handling
* hw/arm/smmu-common: Avoid using inlined functions with external linkage
* target/arm: hvf: stubbing reads to LORC_EL1

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmiDbRIZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3sifD/9uJRrZ0o/PQfRVIYl7vIFE
# MjUl6sncznX1zk/B7xNuiJ5KDoziQm/L3KPcb0JPoqhO3nLeqvLIvfmB6W85cV/w
# OD0PFnL1inuxWf1rKdeheGtyZ0R9Ep3BFzB6NJMDxVJC9aP0eqfGxVo2BCdydv/9
# m3v7gCkp/lj5LcpJ+8w0bEzuqT3xzcbibFdFi4eKBiG5P3OvwGv3Kt+FhOISXcBe
# cU+RpXEkd0MBusOWq1OXLgWS+IPx/e67l1ehxAfVztxFUI3gwej7JgLCnIIoxRsw
# EWGQYhSSg6QE8h2TknxDKj9jmMcqnjluRjaefPQS8BxbYc6s6dsSBCxbeZJ/zNyJ
# gD/ymK/nayTBfoP+S7eWGDaldNv/AnKSWa28GEpi3dmDDfKlwRB77arGU2zXirjo
# dG/0tcg+G7mmkSH5BbPJfFJgjUqEu+D2wq1wm53SSb/AqK8BL4ODF3LE6r6+65ft
# fg5nalDbn2uTa90M7BHfaGEJj0hdP8xM9wmRHCoJ1LEDieSsjInZWwIbSwQBL6Rc
# Rr2PmnTWdMKuyr9WgOBzFfCAzmFDwJmqlIqRIRHPKo21xAiGYh8oTp31MhgZWdaj
# yK+V9t5Mznp1PVfL5xYwe/xG1CmKE6FKOwuvF3RkTF5lBU88x9fIcPOjaWZymW4n
# iqkUZmp+nS9K3V4WWjGxnQ==
# =quq9
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 25 Jul 2025 07:40:02 EDT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE

* tag 'pull-target-arm-20250725' of https://gitlab.com/pm215/qemu:
target/arm: hvf: stubbing reads to LORC_EL1
hw/arm/smmu-common: Avoid using inlined functions with external linkage
target/arm: Fix LD1W, LD1D to 128-bit elements
target/arm: Pass correct esize to sve_st1_z() for LD1Q, ST1Q
target/arm: LD1Q, ST1Q are vector + scalar, not scalar + vector
decodetree: Infer argument set before inferring format
target/arm: Pack mtedesc into upper 32 bits of descriptor
target/arm: Expand the descriptor for SME/SVE memory ops to i64

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

Merge tag 'tracing-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

This commit is still worth having in QEMU 10.1 for the all-round improvements
made (consistent timesta

Merge tag 'tracing-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

This commit is still worth having in QEMU 10.1 for the all-round improvements
made (consistent timestamping, binary size reduction, header pollution cleanup)
even if it's debatable whether this is a bug fix.

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmiCR0UACgkQnKSrs4Gr
# c8g4AggAyBo1oNAVSMQIC6JRRcLrVBCWGPWVyU1/3AaayKLy8egs1pImmT09DcdQ
# D2CHCjEp0xbTzFlN3YiBymAOeq/a73G7NPzWdCi/PY1qBmB4td8Eli/tBoQUYvmE
# k0a0r6DrOo6vGddCqv6fAKnvamcs/IB2ogzpqLVLCC4oAP6TVG0LeHsaqTAtO8bv
# yZb+1YQxFZtum2yp9I4+mk8c1R04cCdDL17TRCrv4hTkpGRYfaDs8LRy5yJ4Nw6V
# AID3fkLTaxOcQpb2EItfcoGalF/JcCdZoOlJ/91clJ1MWFAnV9Y9gBZtlSF4dx+k
# c2rTlcBw9j402imuotLOP7Cl8mLNeg==
# =lXaI
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 24 Jul 2025 10:46:29 EDT
# gpg: using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [ultimate]
# gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" [ultimate]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8

* tag 'tracing-pull-request' of https://gitlab.com/stefanha/qemu:
log: make '-msg timestamp=on' apply to all qemu_log usage

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

decodetree: Infer argument set before inferring format

Failure to confirm an argument set first may result in
the selection of a format which leaves extra arguments
to be filled in by the pattern.

decodetree: Infer argument set before inferring format

Failure to confirm an argument set first may result in
the selection of a format which leaves extra arguments
to be filled in by the pattern.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250723165458.3509150-4-peter.maydell@linaro.org
Message-id: 20250722183343.273533-1-richard.henderson@linaro.org
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

log: make '-msg timestamp=on' apply to all qemu_log usage

Currently the tracing 'log' back emits special code to add timestamps
to trace points sent via qemu_log(). This current impl is a bad design

log: make '-msg timestamp=on' apply to all qemu_log usage

Currently the tracing 'log' back emits special code to add timestamps
to trace points sent via qemu_log(). This current impl is a bad design
for a number of reasons.

* It changes the QEMU headers, such that 'error-report.h' content
is visible to all files using tracing, but only when the 'log'
backend is enabled. This has led to build failure bugs as devs
rarely test without the (default) 'log' backend enabled, and
CI can't cover every scenario for every trace backend.

* It bloats the trace points definitions which are inlined into
every probe location due to repeated inlining of timestamp
formatting code, adding MBs of overhead to QEMU.

* The tracing subsystem should not be treated any differently
from other users of qemu_log. They all would benefit from
having timestamps present.

* The timestamp emitted with the tracepoints is in a needlessly
different format to that used by error_report() in response
to '-msg timestamp=on'.

This fixes all these issues simply by moving timestamp formatting
into qemu_log, using the same approach as for error_report.

The code before:

static inline void _nocheck__trace_qcrypto_tls_creds_get_path(void * creds, const char * filename, const char * path)
{
if (trace_event_get_state(TRACE_QCRYPTO_TLS_CREDS_GET_PATH) && qemu_loglevel_mask(LOG_TRACE)) {
if (message_with_timestamp) {
struct timeval _now;
gettimeofday(&_now, NULL);
qemu_log("%d@%zu.%06zu:qcrypto_tls_creds_get_path " "TLS creds path creds=%p filename=%s path=%s" "\n",
qemu_get_thread_id(),
(size_t)_now.tv_sec, (size_t)_now.tv_usec
, creds, filename, path);
} else {
qemu_log("qcrypto_tls_creds_get_path " "TLS creds path creds=%p filename=%s path=%s" "\n", creds, filename, path);
}
}
}

and after:

static inline void _nocheck__trace_qcrypto_tls_creds_get_path(void * creds, const char * filename, const char * path)
{
if (trace_event_get_state(TRACE_QCRYPTO_TLS_CREDS_GET_PATH) && qemu_loglevel_mask(LOG_TRACE)) {
qemu_log("qcrypto_tls_creds_get_path " "TLS creds path creds=%p filename=%s path=%s" "\n", creds, filename, path);
}
}

The log and error messages before:

$ qemu-system-x86_64 -trace qcrypto* -object tls-creds-x509,id=tls0,dir=$HOME/tls -msg timestamp=on
2986097@1753122905.917608:qcrypto_tls_creds_x509_load TLS creds x509 load creds=0x55d925bd9490 dir=/var/home/berrange/tls
2986097@1753122905.917621:qcrypto_tls_creds_get_path TLS creds path creds=0x55d925bd9490 filename=ca-cert.pem path=<none>
2025-07-21T18:35:05.917626Z qemu-system-x86_64: Unable to access credentials /var/home/berrange/tls/ca-cert.pem: No such file or directory

and after:

$ qemu-system-x86_64 -trace qcrypto* -object tls-creds-x509,id=tls0,dir=$HOME/tls -msg timestamp=on
2025-07-21T18:43:28.089797Z qcrypto_tls_creds_x509_load TLS creds x509 load creds=0x55bf5bf12380 dir=/var/home/berrange/tls
2025-07-21T18:43:28.089815Z qcrypto_tls_creds_get_path TLS creds path creds=0x55bf5bf12380 filename=ca-cert.pem path=<none>
2025-07-21T18:43:28.089819Z qemu-system-x86_64: Unable to access credentials /var/home/berrange/tls/ca-cert.pem: No such file or directory

The binary size before:

$ ls -alh qemu-system-x86_64
-rwxr-xr-x. 1 berrange berrange 87M Jul 21 19:39 qemu-system-x86_64
$ strip qemu-system-x86_64
$ ls -alh qemu-system-x86_64
-rwxr-xr-x. 1 berrange berrange 30M Jul 21 19:39 qemu-system-x86_64

and after:

$ ls -alh qemu-system-x86_64
-rwxr-xr-x. 1 berrange berrange 85M Jul 21 19:41 qemu-system-x86_64
$ strip qemu-system-x86_64
$ ls -alh qemu-system-x86_64
-rwxr-xr-x. 1 berrange berrange 29M Jul 21 19:41 qemu-system-x86_64

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-id: 20250721185452.3016488-1-berrange@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

crypto: implement workaround for GNUTLS thread safety problems

When TLS 1.3 is negotiated on a TLS session, GNUTLS will perform
automatic rekeying of the session after 16 million records. This
is do

crypto: implement workaround for GNUTLS thread safety problems

When TLS 1.3 is negotiated on a TLS session, GNUTLS will perform
automatic rekeying of the session after 16 million records. This
is done for all algorithms except CHACHA20_POLY1305 which does
not require rekeying.

Unfortunately the rekeying breaks GNUTLS' promise that it is safe
to use a gnutls_session_t object concurrently from multiple threads
if they are exclusively calling gnutls_record_send/recv.

This patch implements a workaround for QEMU that adds a mutex lock
around any gnutls_record_send/recv call to serialize execution
within GNUTLS code. When GNUTLS calls into the push/pull functions
we can release the lock so the OS level I/O calls can at least
have some parallelism.

The big downside of this is that the actual encryption/decryption
code is fully serialized, which will halve performance of that
cipher operations if two threads are contending.

The workaround is not enabled by default, since most use of GNUTLS
in QEMU does not tickle the problem, only non-multifd migration
with a return path open is affected. Fortunately the migration
code also won't trigger the halving of performance, since only
the outbound channel diretion needs to sustain high data rates,
the inbound direction is low volume.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Link: https://lore.kernel.org/qemu-devel/20250718150514.2635338-2-berrange@redhat.com
[add stub for qcrypto_tls_session_require_thread_safety; fix unused var]
Signed-off-by: Fabiano Rosas <farosas@suse.de>

show more ...

tracetool: removed the unused vcpu property

The vcpu property is no longer used in these backends. Removing it avoids
unnecessary checks and simplifies the code generation for these trace
backends.

tracetool: removed the unused vcpu property

The vcpu property is no longer used in these backends. Removing it avoids
unnecessary checks and simplifies the code generation for these trace
backends.

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Tanish Desai <tanishdesai37@gmail.com>
Message-id: 20250722114352.3624-1-tanishdesai37@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

linux-headers: Remove the 32-bit arm headers

KVM support for 32-bit arm has been dropped a while ago, so we don't
need these headers in QEMU anymore.

Fixes: 82bf7ae84ce ("target/arm: Remove KVM sup

linux-headers: Remove the 32-bit arm headers

KVM support for 32-bit arm has been dropped a while ago, so we don't
need these headers in QEMU anymore.

Fixes: 82bf7ae84ce ("target/arm: Remove KVM support for 32-bit Arm hosts")
Acked-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250710120035.169376-1-thuth@redhat.com>

show more ...

meson: re-generate scripts/meson-buildoptions.sh to fix IGVM entry

Commit 84fe49d94a ("meson: Add optional dependency on IGVM library")
was inconsistent with the contents of meson_options.txt and th

meson: re-generate scripts/meson-buildoptions.sh to fix IGVM entry

Commit 84fe49d94a ("meson: Add optional dependency on IGVM library")
was inconsistent with the contents of meson_options.txt and the one
generated in scripts/meson-buildoptions.sh

Let's regenerate the file in this way to keep them consistent and prevent
future changes from including the spurious diff:

touch meson_options.txt
make update-buildoptions

Fixes: 84fe49d94a ("meson: Add optional dependency on IGVM library")
Cc: roy.hopkins@randomman.co.uk
Reported-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Link: https://lore.kernel.org/r/20250717131256.157383-1-sgarzare@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge tag 'pull-qapi-2025-07-14-v2' of https://repo.or.cz/qemu/armbru into staging

QAPI patches patches for 2025-07-14

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhl

Merge tag 'pull-qapi-2025-07-14-v2' of https://repo.or.cz/qemu/armbru into staging

QAPI patches patches for 2025-07-14

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmh19QoSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZThVIP/2v9M9C9k7q3bAku38gO6LqU/TJINKEt
# ZlJt7L3LWRC51rpTmhTs6ZchdErs0wnNs2gCH/HjANDofa8lz9u7mpqUo+hVIW2r
# eUi7uEURIBqsfMgantrQu1uhJg3rbtd9gWtxwTJm3qoFKjwxrWlxhEqOFlNSoqkv
# DpoBD6X7zhUtEq6Z5IIsOBI2zqaXNleSsYWdgxJou8cvHMZkgdcvEyE36nRFsl2k
# JSbnRLzFxsxuxd0bIBSrA3+I1pC9pWYS9ZY1qTnyPIX7MxeVvYupaWdOYlpELxi5
# 4zz7stS5wcvUJ+X7+HuobOofBjHljcHVxE06ACr38sQ2Ajqn3jhijQrDrtYdxG5P
# 3kCnP+AY+qFa2CN/Ik7q2be5jz6Ws/3kxZrv/4/LrHa5ez1xB/orooQVZId0eKke
# 5iQOyA9gNXAdJ2JJYdIAZduBg2b8tY892qtMufBA+XDNA3vGek2OixWC0QY5hZKW
# y3AKjVHP/sProyCvbyT7Fta8sIRLcIVD0IHjzr7pLVd/lp/WzKAJpg6y8J2wvn6z
# cnEUC5CceiYa8SbGOVfswR1yy06IIpJkw6cxoCzB3a2blfkvxGv4mCY6QiZh8K3W
# 6xj6u1J539NWRGVkvnQWJ4/7MdFAOEqih4AqRpRLnRXJ+hzDVUkgCeZwtr+v6AVi
# mNVLttTKPpvy
# =2BHn
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 15 Jul 2025 02:28:26 EDT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653

* tag 'pull-qapi-2025-07-14-v2' of https://repo.or.cz/qemu/armbru: (29 commits)
qapi: add cross-references to misc modules
qapi: add cross-references to yank.json
qapi: add cross-references to virtio.json
qapi: add cross-references to ui.json
qapi: add cross-references to sockets.json
qapi: add cross-references to run-state.json
qapi: add cross-references to replay.json
qapi: add cross-references to QOM
qapi: add cross-references to pci.json
qapi: add cross-references to net.json
qapi: add cross-references to migration.json
qapi: add cross-references to Machine core
qapi: add cross-references to job.json
qapi: add cross-references to dump.json
qapi: add cross-references to crypto.json
qapi: add cross-references to block layer
qapi: add cross-references to authz.json
qapi: add cross-references to acpi.json
qapi: rephrase return docs to avoid type name
qapi: remove trivial "Returns:" sections
...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* rust: miscellaneous fixes
* rust: qemu-api-macros: cleanup and add unit tests for TryInto
* rust: log: implement io::Write,

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* rust: miscellaneous fixes
* rust: qemu-api-macros: cleanup and add unit tests for TryInto
* rust: log: implement io::Write, avoid memory allocations
when logging constant strings
* target/i386: fix usage of properties whenever accelerators
change the default (e.g. vendor)
* target/i386: add support for TDVMCALL_SETUP_EVENT_NOTIFY_INTERRUPT
* target/i386: add support for booting an SEV VM from an IGVM file
* target/i386: unify cache model descriptions between CPUID 2,
CPUID 4 and AMD specific CPUID 0x80000006
* target/i386: introduce cache models for recent Intel CPU models
* target/i386: mark some 0x80000000-0x80000008 bits as reserved on Intel
* target/i386: cleanups

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmh0v+sUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroOQUQf8CTsCnl2xYrnrkVfSVj6kuAE+JYD6
# oLSXsOEG4yrVknuhwIfVsqNScmleJCdz85ej7CZxy3vzzgjLfmy7nwifKEIKku7E
# XO/Q3HbB898MnzqceQRmwe1AzELoj1Lave215CPhUBo60LCRPwaIZsiHprnNZgXi
# TyHlmywDVRjyFLtKkx3El0dnLAhFqPWeGh81CD5lPLZZJ+Wt2FuAw2zqSOGB2ztM
# FkJmunFJiaTItjyCN/uNvBSbDKecAHgCXvSCVNG3+I4U2R0gK1lcwm3TRo7yKia+
# HUHGa3UEXoIqlRfXdX6zuc8tW1/u6SPv+8WX53t204PAeSWDUrtIe9jZ4A==
# =y4/a
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 14 Jul 2025 04:29:31 EDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (77 commits)
i386/cpu: Honor maximum value for CPUID.8000001DH.EAX[25:14]
i386/cpu: Fix overflow of cache topology fields in CPUID.04H
i386/cpu: Fix cpu number overflow in CPUID.01H.EBX[23:16]
i386/cpu: Fix number of addressable IDs field for CPUID.01H.EBX[23:16]
i386/cpu: Reorder CPUID leaves in cpu_x86_cpuid()
tests/vm: bump FreeBSD image to 14.3
tests/functional: test_x86_cpu_model_versions: remove dead tests
i386/cpu: Mark CPUID 0x80000008 ECX bits[0:7] & [12:15] as reserved for Intel/Zhaoxin
i386/cpu: Mark CPUID 0x80000007[EBX] as reserved for Intel
i386/cpu: Mark EBX/ECX/EDX in CPUID 0x80000000 leaf as reserved for Intel
i386/cpu: Enable 0x1f leaf for YongFeng by default
i386/cpu: Enable 0x1f leaf for SapphireRapids by default
i386/cpu: Enable 0x1f leaf for GraniteRapids by default
i386/cpu: Enable 0x1f leaf for SierraForest by default
i386/cpu: Enable 0x1f leaf for SierraForest by default
i386/cpu: Add a "x-force-cpuid-0x1f" property
i386/cpu: Introduce cache model for YongFeng
i386/cpu: Introduce cache model for SapphireRapids
i386/cpu: Introduce cache model for GraniteRapids
i386/cpu: Introduce cache model for SierraForest
...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

qapi: Fix undocumented return values by generating something

Generated command documentation lacks information on return value in
several cases, e.g. query-tpm.

The obvious fix would be to require

qapi: Fix undocumented return values by generating something

Generated command documentation lacks information on return value in
several cases, e.g. query-tpm.

The obvious fix would be to require a Returns: section when a command
returns something.

However, note that many existing Returns: sections are pretty useless:
the description is basically the return type, which then gets rendered
like "Return: <Type> – <basically the return type>". This suggests
that a description is often not really necessary, and requiring one
isn't useful.

Instead, generate the obvious minimal thing when Returns: is absent:
"Return: <Type>".

This auto-generated Return documentation is placed is as follows:

1. If we have arguments, return goes right after them.
2. Else if we have errors, return goes right before them.
3. Else if we have features, return goes right before them.
4. Else return goes right after the intro

To facilitate this algorithm, a "TODO:" hack line is used to separate
the intro from the remainder of the documentation block in cases where
there are no other sections to separate the intro from e.g. examples and
additional detail meant to appear below the key sections of interest.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-ID: <20250711051045.51110-3-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[_insert_near_kind() code replaced by something simpler, commit
message amended to explain why we're doing this]
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

qapi: lift restriction on using '=' in doc blocks

We reject lines starting with '=' in definition documentation. This
made sense when such lines were headings in free-form documentation,
but not in

qapi: lift restriction on using '=' in doc blocks

We reject lines starting with '=' in definition documentation. This
made sense when such lines were headings in free-form documentation,
but not in definition documentation.

Before the previous commit, lines starting with '=' were headings in
free-form documentation, and rejected in definition documentation,
where such headings could not work.

The previous commit dropped the headings feature from free-form
documentation, because we can simply use plain rST headings.
Rejecting them in definition documentation no longer makes sense, so
drop that, too.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-ID: <20250618165353.1980365-6-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Amend commit message to explain why]
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

docs/sphinx: remove special parsing for freeform sections

Remove the QAPI doc section heading syntax, use plain rST section
headings instead.

Tests and documentation are updated to match.

Interest

docs/sphinx: remove special parsing for freeform sections

Remove the QAPI doc section heading syntax, use plain rST section
headings instead.

Tests and documentation are updated to match.

Interestingly, Plain rST headings work fine before this patch, except
for over- and underlining with '=', which the doc parser rejected as
invalid QAPI doc section heading in free-form comments.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-ID: <20250618165353.1980365-5-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Add more detail to commit message]
Signed-off-by: Markus Armbruster <armbru@redhat.com>

show more ...

net: Add passt network backend

This commit introduces support for passt as a new network backend.
passt is an unprivileged, user-mode networking solution that provides
connectivity for virtual machi

net: Add passt network backend

This commit introduces support for passt as a new network backend.
passt is an unprivileged, user-mode networking solution that provides
connectivity for virtual machines by launching an external helper process.

The implementation reuses the generic stream data handling logic. It
launches the passt binary using GSubprocess, passing it a file
descriptor from a socketpair() for communication. QEMU connects to
the other end of the socket pair to establish the network data stream.

The PID of the passt daemon is tracked via a temporary file to
ensure it is terminated when QEMU exits.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>

show more ...

meson: Add optional dependency on IGVM library

The IGVM library allows Independent Guest Virtual Machine files to be
parsed and processed. IGVM files are used to configure guest memory
layout, initi

meson: Add optional dependency on IGVM library

The IGVM library allows Independent Guest Virtual Machine files to be
parsed and processed. IGVM files are used to configure guest memory
layout, initial processor state and other configuration pertaining to
secure virtual machines.

This adds the --enable-igvm configure option, enabled by default, which
attempts to locate and link against the IGVM library via pkgconfig and
sets CONFIG_IGVM if found.

The library is added to the system_ss target in backends/meson.build
where the IGVM parsing will be performed by the ConfidentialGuestSupport
object.

Signed-off-by: Roy Hopkins <roy.hopkins@randomman.co.uk>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Gerd Hoffman <kraxel@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Ani Sinha <anisinha@redhat.com>
Link: https://lore.kernel.org/r/45945a83a638c3f08e68c025f378e7b7f4f6d593.1751554099.git.roy.hopkins@randomman.co.uk
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

scripts: replace FSF postal address with licenses URL

The GPLv2 boiler-plate in scripts/device-crash-test still
contained the obsolete "51 Franklin Street" postal address.

Replace it with the canon

scripts: replace FSF postal address with licenses URL

The GPLv2 boiler-plate in scripts/device-crash-test still
contained the obsolete "51 Franklin Street" postal address.

Replace it with the canonical GNU licenses URL recommended by the FSF:
https://www.gnu.org/licenses/

Signed-off-by: Sean Wei <me@sean.taipei>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-ID: <20250613.qemu.patch.09@sean.taipei>
Signed-off-by: Thomas Huth <thuth@redhat.com>

show more ...

meson: fix Windows build

The build fails on Windows. Replace calls to Unix programs like ´cat´,
´sed´ and ´true´ with calls to ´python´ and wrap calls to
´os.path.relpath´ in try-except because it c

meson: fix Windows build

The build fails on Windows. Replace calls to Unix programs like ´cat´,
´sed´ and ´true´ with calls to ´python´ and wrap calls to
´os.path.relpath´ in try-except because it can fail when the two paths
are on different drives. Make sure to convert the Windows paths to Unix
paths to prevent warnings in generated files.

Signed-off-by: oltolm <oleg.tolmatcev@gmail.com>
Message-id: 20250612221521.1109-2-oleg.tolmatcev@gmail.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

scripts/meson-buildoptions: Sort coroutine_backend choices lexicographically

When changing meson_options.txt, this script gets updated automatically
by QEMU tooling which sorts the choices lexicogra

scripts/meson-buildoptions: Sort coroutine_backend choices lexicographically

When changing meson_options.txt, this script gets updated automatically
by QEMU tooling which sorts the choices lexicographically.

Fixes: ccc403ed5844 ("meson: Add wasm build in build scripts")
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Message-ID: <20250610204131.2862-4-shentey@gmail.com>
Tested-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

show more ...

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* futex: support Windows
* qemu-thread: Avoid futex abstraction for non-Linux
* migration, hw/display/apple-gfx: replace Qemu

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* futex: support Windows
* qemu-thread: Avoid futex abstraction for non-Linux
* migration, hw/display/apple-gfx: replace QemuSemaphore with QemuEvent
* rust: bindings for Error
* hpet, rust/hpet: return errors from realize if properties are incorrect
* rust/hpet: Drop BqlCell wrapper for num_timers
* target/i386: Emulate ftz and denormal flag bits correctly
* i386/kvm: Prefault memory on page state change

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmhC4AgUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroP09wf+K9e0TaaZRxTsw7WU9pXsDoYPzTLd
# F5CkBZPY770X1JW75f8Xw5qKczI0t6s26eFK1NUZxYiDVWzW/lZT6hreCUQSwzoS
# b0wlAgPW+bV5dKlKI2wvnadrgDvroj4p560TS+bmRftiu2P0ugkHHtIJNIQ+byUQ
# sWdhKlUqdOXakMrC4H4wDyIgRbK4CLsRMbnBHBUENwNJYJm39bwlicybbagpUxzt
# w4mgjbMab0jbAd2hVq8n+A+1sKjrroqOtrhQLzEuMZ0VAwocwuP2Adm6gBu9kdHV
# tpa8RLopninax3pWVUHnypHX780jkZ8E7zk9ohaaK36NnWTF4W/Z41EOLw==
# =Vs6V
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 06 Jun 2025 08:33:12 EDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (31 commits)
tests/tcg/x86_64/fma: add test for exact-denormal output
target/i386: Wire up MXCSR.DE and FPUS.DE correctly
target/i386: Use correct type for get_float_exception_flags() values
target/i386: Detect flush-to-zero after rounding
hw/display/apple-gfx: Replace QemuSemaphore with QemuEvent
migration/postcopy: Replace QemuSemaphore with QemuEvent
migration/colo: Replace QemuSemaphore with QemuEvent
migration: Replace QemuSemaphore with QemuEvent
qemu-thread: Document QemuEvent
qemu-thread: Use futex if available for QemuLockCnt
qemu-thread: Use futex for QemuEvent on Windows
qemu-thread: Avoid futex abstraction for non-Linux
qemu-thread: Replace __linux__ with CONFIG_LINUX
futex: Support Windows
futex: Check value after qemu_futex_wait()
i386/kvm: Prefault memory on page state change
rust: make TryFrom macro more resilient
docs: update Rust module status
rust/hpet: Drop BqlCell wrapper for num_timers
rust/hpet: return errors from realize if properties are incorrect
...

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...