From 8d2ecaabb58675455151aef7560d20106ebb4c66 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 30 Apr 2026 12:26:31 +0200 Subject: [PATCH] versions: Bump QEMU to v11.0.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For more details see QEMU's release notes: https://www.qemu.org/2026/04/22/qemu-11-0-0/ GPU experimental variants are also using v11.0.0 plus one patch to solve issues related to NUMA mapping. Signed-off-by: Fabiano FidĂȘncio --- .../qemu/patches/11.0.x/no_patches.txt | 0 ...m_convert_memory-calls-crossing-memo.patch | 94 +++++++++++++++++++ ...m_convert_memory-calls-crossing-memo.patch | 94 +++++++++++++++++++ .../tag_patches/v11.0.0/no_patches.txt | 0 versions.yaml | 8 +- 5 files changed, 192 insertions(+), 4 deletions(-) create mode 100644 tools/packaging/qemu/patches/11.0.x/no_patches.txt create mode 100644 tools/packaging/qemu/patches/tag_patches/gpu-snp-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch create mode 100644 tools/packaging/qemu/patches/tag_patches/gpu-tdx-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch create mode 100644 tools/packaging/qemu/patches/tag_patches/v11.0.0/no_patches.txt diff --git a/tools/packaging/qemu/patches/11.0.x/no_patches.txt b/tools/packaging/qemu/patches/11.0.x/no_patches.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tools/packaging/qemu/patches/tag_patches/gpu-snp-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch b/tools/packaging/qemu/patches/tag_patches/gpu-snp-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch new file mode 100644 index 0000000000..b80adaa58f --- /dev/null +++ b/tools/packaging/qemu/patches/tag_patches/gpu-snp-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch @@ -0,0 +1,94 @@ +From 6b0eaa20aa91e9d82e0bf72b4ade6e83d18a4c9f Mon Sep 17 00:00:00 2001 +From: Ashish Kalra +Date: Thu, 18 Sep 2025 22:10:35 +0000 +Subject: [PATCH] accel/kvm: Fix kvm_convert_memory calls crossing memory + regions + +Page conversion call can span multiple memory regions, potentially +resulting in a conversion failure if the memory range being converted +extends beyond the boundaries of the referenced memory region. + +Handle the case of page conversion call straddling across memory +regions. + +Signed-off-by: Ashish Kalra +Signed-off-by: Michael Roth +--- + accel/kvm/kvm-all.c | 27 ++++++++++++++++++++------- + 1 file changed, 20 insertions(+), 7 deletions(-) + +diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c +index 63230743d0..a1b2c3e5f4 100644 +--- a/accel/kvm/kvm-all.c ++++ b/accel/kvm/kvm-all.c +@@ -3342,6 +3342,7 @@ static void kvm_eat_signals(CPUState *cpu) + int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + { + MemoryRegionSection section; ++ hwaddr convert_size; + ram_addr_t offset; + MemoryRegion *mr; + RAMBlock *rb; +@@ -3359,6 +3360,11 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + return ret; + } + ++ /* ++ * Page conversions can span multiple memory regions, for example, if two ++ * memory backends are added to support two different NUMA nodes/policies. ++ */ ++next_memory_region: + section = memory_region_find(get_system_memory(), start, size); + mr = section.mr; + if (!mr) { +@@ -3397,10 +3403,13 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + goto out_unref; + } + ++ convert_size = (section.offset_within_region + size > mr->size) ? ++ mr->size - section.offset_within_region : size; ++ + if (to_private) { +- ret = kvm_set_memory_attributes_private(start, size); ++ ret = kvm_set_memory_attributes_private(start, convert_size); + } else { +- ret = kvm_set_memory_attributes_shared(start, size); ++ ret = kvm_set_memory_attributes_shared(start, convert_size); + } + if (ret) { + goto out_unref; +@@ -3410,11 +3419,11 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + rb = qemu_ram_block_from_host(addr, false, &offset); + + ret = ram_block_attributes_state_change(rb->attributes, +- offset, size, to_private); ++ offset, convert_size, to_private); + if (ret) { + error_report("Failed to notify the listener the state change of " + "(0x%"HWADDR_PRIx" + 0x%"HWADDR_PRIx") to %s", +- start, size, to_private ? "private" : "shared"); ++ start, convert_size, to_private ? "private" : "shared"); + goto out_unref; + } + +@@ -3426,9 +3435,15 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + */ + goto out_unref; + } +- ret = ram_block_discard_range(rb, offset, size); ++ ret = ram_block_discard_range(rb, offset, convert_size); + } else { +- ret = ram_block_discard_guest_memfd_range(rb, offset, size); ++ ret = ram_block_discard_guest_memfd_range(rb, offset, convert_size); ++ } ++ ++ if (size - convert_size) { ++ start += convert_size; ++ size -= convert_size; ++ goto next_memory_region; + } + + out_unref: +-- +2.43.0 + diff --git a/tools/packaging/qemu/patches/tag_patches/gpu-tdx-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch b/tools/packaging/qemu/patches/tag_patches/gpu-tdx-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch new file mode 100644 index 0000000000..b80adaa58f --- /dev/null +++ b/tools/packaging/qemu/patches/tag_patches/gpu-tdx-20260430/0001-accel-kvm-Fix-kvm_convert_memory-calls-crossing-memo.patch @@ -0,0 +1,94 @@ +From 6b0eaa20aa91e9d82e0bf72b4ade6e83d18a4c9f Mon Sep 17 00:00:00 2001 +From: Ashish Kalra +Date: Thu, 18 Sep 2025 22:10:35 +0000 +Subject: [PATCH] accel/kvm: Fix kvm_convert_memory calls crossing memory + regions + +Page conversion call can span multiple memory regions, potentially +resulting in a conversion failure if the memory range being converted +extends beyond the boundaries of the referenced memory region. + +Handle the case of page conversion call straddling across memory +regions. + +Signed-off-by: Ashish Kalra +Signed-off-by: Michael Roth +--- + accel/kvm/kvm-all.c | 27 ++++++++++++++++++++------- + 1 file changed, 20 insertions(+), 7 deletions(-) + +diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c +index 63230743d0..a1b2c3e5f4 100644 +--- a/accel/kvm/kvm-all.c ++++ b/accel/kvm/kvm-all.c +@@ -3342,6 +3342,7 @@ static void kvm_eat_signals(CPUState *cpu) + int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + { + MemoryRegionSection section; ++ hwaddr convert_size; + ram_addr_t offset; + MemoryRegion *mr; + RAMBlock *rb; +@@ -3359,6 +3360,11 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + return ret; + } + ++ /* ++ * Page conversions can span multiple memory regions, for example, if two ++ * memory backends are added to support two different NUMA nodes/policies. ++ */ ++next_memory_region: + section = memory_region_find(get_system_memory(), start, size); + mr = section.mr; + if (!mr) { +@@ -3397,10 +3403,13 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + goto out_unref; + } + ++ convert_size = (section.offset_within_region + size > mr->size) ? ++ mr->size - section.offset_within_region : size; ++ + if (to_private) { +- ret = kvm_set_memory_attributes_private(start, size); ++ ret = kvm_set_memory_attributes_private(start, convert_size); + } else { +- ret = kvm_set_memory_attributes_shared(start, size); ++ ret = kvm_set_memory_attributes_shared(start, convert_size); + } + if (ret) { + goto out_unref; +@@ -3410,11 +3419,11 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + rb = qemu_ram_block_from_host(addr, false, &offset); + + ret = ram_block_attributes_state_change(rb->attributes, +- offset, size, to_private); ++ offset, convert_size, to_private); + if (ret) { + error_report("Failed to notify the listener the state change of " + "(0x%"HWADDR_PRIx" + 0x%"HWADDR_PRIx") to %s", +- start, size, to_private ? "private" : "shared"); ++ start, convert_size, to_private ? "private" : "shared"); + goto out_unref; + } + +@@ -3426,9 +3435,15 @@ int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private) + */ + goto out_unref; + } +- ret = ram_block_discard_range(rb, offset, size); ++ ret = ram_block_discard_range(rb, offset, convert_size); + } else { +- ret = ram_block_discard_guest_memfd_range(rb, offset, size); ++ ret = ram_block_discard_guest_memfd_range(rb, offset, convert_size); ++ } ++ ++ if (size - convert_size) { ++ start += convert_size; ++ size -= convert_size; ++ goto next_memory_region; + } + + out_unref: +-- +2.43.0 + diff --git a/tools/packaging/qemu/patches/tag_patches/v11.0.0/no_patches.txt b/tools/packaging/qemu/patches/tag_patches/v11.0.0/no_patches.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/versions.yaml b/versions.yaml index 93cad9e9f1..69fb34b0ba 100644 --- a/versions.yaml +++ b/versions.yaml @@ -88,8 +88,8 @@ assets: qemu: description: "VMM that uses KVM" url: "https://github.com/qemu/qemu" - version: "v10.2.1" - tag: "v10.2.1" + version: "v11.0.0" + tag: "v11.0.0" # Do not include any non-full release versions # Break the line *without CR or space being appended*, to appease # yamllint, and note the deliberate ' ' at the end of the expression. @@ -107,12 +107,12 @@ assets: qemu-snp-experimental: description: "QEMU with GPU+SNP support" url: "https://github.com/confidential-containers/qemu.git" - tag: "gpu-snp-20260107" + tag: "gpu-snp-20260430" qemu-tdx-experimental: description: "QEMU with GPU+TDX support" url: "https://github.com/confidential-containers/qemu.git" - tag: "gpu-tdx-20260107" + tag: "gpu-tdx-20260430" stratovirt: description: "StratoVirt is an lightweight opensource VMM"