From 2cdc10fadb66b67002f012fc5c4ba28f6ea83fcd8be675f2880169d4be4b2d8d Mon Sep 17 00:00:00 2001 From: James Fehlig Date: Thu, 1 Oct 2020 16:43:17 +0000 Subject: [PATCH] Accepting request 839020 from home:jfehlig:branches:Virtualization - Update to libvirt 6.8.0 - jsc#SLE-12684, jsc#SLE-15861 - bsc#1174955 (CVE-2020-15708) - bsc#1177155 (CVE-2020-25637) - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 2ad009ea-qemu-check-modules-dir.patch, 8abd1ffe-qemu-tolerate-non-existent-files.patch, 4a72b76b-qemu-namespace-memleak-fix.patch OBS-URL: https://build.opensuse.org/request/show/839020 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=845 --- ...stats-functions-from-the-qemu-driver.patch | 48 +++---- ...ibxl-add-support-for-BlockResize-API.patch | 10 +- ...c-implement-connectGetAllDomainStats.patch | 6 +- 2ad009ea-qemu-check-modules-dir.patch | 124 ------------------ 4a72b76b-qemu-namespace-memleak-fix.patch | 118 ----------------- ...ffe-qemu-tolerate-non-existent-files.patch | 70 ---------- libvirt-6.7.0.tar.xz | 3 - libvirt-6.7.0.tar.xz.asc | 16 --- libvirt-6.8.0.tar.xz | 3 + libvirt-6.8.0.tar.xz.asc | 16 +++ libvirt-power8-models.patch | 6 +- libvirt-suse-netcontrol.patch | 46 +++---- libvirt.changes | 14 ++ libvirt.spec | 16 +-- libxl-dom-reset.patch | 10 +- libxl-set-cach-mode.patch | 10 +- libxl-set-migration-constraints.patch | 59 +++++---- libxl-support-block-script.patch | 14 +- lxc-wait-after-eth-del.patch | 18 +-- ...e-dhcp-authoritative-on-static-netwo.patch | 14 +- ppc64le-canonical-name.patch | 6 +- qemu-apparmor-screenshot.patch | 6 +- suse-apparmor-libnl-paths.patch | 12 +- suse-bump-xen-version.patch | 30 ++--- suse-libvirt-guests-service.patch | 12 +- suse-libvirtd-disable-tls.patch | 12 +- suse-libvirtd-sysconfig-settings.patch | 6 +- suse-libxl-disable-autoballoon.patch | 16 +-- suse-ovmf-paths.patch | 18 +-- suse-qemu-conf.patch | 12 +- suse-virtlockd-sysconfig-settings.patch | 6 +- suse-virtlogd-sysconfig-settings.patch | 6 +- suse-xen-ovmf-loaders.patch | 8 +- virt-create-rootfs.patch | 20 +-- 34 files changed, 242 insertions(+), 549 deletions(-) delete mode 100644 2ad009ea-qemu-check-modules-dir.patch delete mode 100644 4a72b76b-qemu-namespace-memleak-fix.patch delete mode 100644 8abd1ffe-qemu-tolerate-non-existent-files.patch delete mode 100644 libvirt-6.7.0.tar.xz delete mode 100644 libvirt-6.7.0.tar.xz.asc create mode 100644 libvirt-6.8.0.tar.xz create mode 100644 libvirt-6.8.0.tar.xz.asc diff --git a/0001-Extract-stats-functions-from-the-qemu-driver.patch b/0001-Extract-stats-functions-from-the-qemu-driver.patch index 63f32f7..250a567 100644 --- a/0001-Extract-stats-functions-from-the-qemu-driver.patch +++ b/0001-Extract-stats-functions-from-the-qemu-driver.patch @@ -18,10 +18,10 @@ them. create mode 100644 src/conf/domain_stats.c create mode 100644 src/conf/domain_stats.h -Index: libvirt-6.7.0/src/conf/domain_stats.c +Index: libvirt-6.8.0/src/conf/domain_stats.c =================================================================== --- /dev/null -+++ libvirt-6.7.0/src/conf/domain_stats.c ++++ libvirt-6.8.0/src/conf/domain_stats.c @@ -0,0 +1,119 @@ +/* + * domain_stats.c: domain stats extraction helpers @@ -142,10 +142,10 @@ Index: libvirt-6.7.0/src/conf/domain_stats.c +} + +#undef STATS_ADD_NET_PARAM -Index: libvirt-6.7.0/src/conf/domain_stats.h +Index: libvirt-6.8.0/src/conf/domain_stats.h =================================================================== --- /dev/null -+++ libvirt-6.7.0/src/conf/domain_stats.h ++++ libvirt-6.8.0/src/conf/domain_stats.h @@ -0,0 +1,62 @@ +/* + * domain_stats.h: domain stats extraction helpers @@ -209,11 +209,11 @@ Index: libvirt-6.7.0/src/conf/domain_stats.h + virTypedParamListPtr params); + +#endif /* __DOMAIN_STATS_H */ -Index: libvirt-6.7.0/src/libvirt_private.syms +Index: libvirt-6.8.0/src/libvirt_private.syms =================================================================== ---- libvirt-6.7.0.orig/src/libvirt_private.syms -+++ libvirt-6.7.0/src/libvirt_private.syms -@@ -737,6 +737,9 @@ virDomainConfNWFilterInstantiate; +--- libvirt-6.8.0.orig/src/libvirt_private.syms ++++ libvirt-6.8.0/src/libvirt_private.syms +@@ -741,6 +741,9 @@ virDomainConfNWFilterInstantiate; virDomainConfNWFilterTeardown; virDomainConfVMNWFilterTeardown; @@ -223,7 +223,7 @@ Index: libvirt-6.7.0/src/libvirt_private.syms # conf/interface_conf.h virInterfaceDefFormat; -@@ -1783,6 +1786,7 @@ virCgroupGetMemoryUsage; +@@ -1790,6 +1793,7 @@ virCgroupGetMemoryUsage; virCgroupGetMemSwapHardLimit; virCgroupGetMemSwapUsage; virCgroupGetPercpuStats; @@ -231,10 +231,10 @@ Index: libvirt-6.7.0/src/libvirt_private.syms virCgroupHasController; virCgroupHasEmptyTasks; virCgroupKillPainfully; -Index: libvirt-6.7.0/src/qemu/qemu_driver.c +Index: libvirt-6.8.0/src/qemu/qemu_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_driver.c -+++ libvirt-6.7.0/src/qemu/qemu_driver.c +--- libvirt-6.8.0.orig/src/qemu/qemu_driver.c ++++ libvirt-6.8.0/src/qemu/qemu_driver.c @@ -67,6 +67,7 @@ #include "virarptable.h" #include "viruuid.h" @@ -243,7 +243,7 @@ Index: libvirt-6.7.0/src/qemu/qemu_driver.c #include "domain_audit.h" #include "domain_cgroup.h" #include "domain_driver.h" -@@ -17528,13 +17529,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr +@@ -17611,13 +17612,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr virTypedParamListPtr params, unsigned int privflags G_GNUC_UNUSED) { @@ -258,7 +258,7 @@ Index: libvirt-6.7.0/src/qemu/qemu_driver.c } -@@ -17829,25 +17824,11 @@ qemuDomainGetStatsCpuCgroup(virDomainObj +@@ -17912,25 +17907,11 @@ qemuDomainGetStatsCpuCgroup(virDomainObj virTypedParamListPtr params) { qemuDomainObjPrivatePtr priv = dom->privateData; @@ -285,7 +285,7 @@ Index: libvirt-6.7.0/src/qemu/qemu_driver.c } -@@ -18015,76 +17996,15 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr +@@ -18098,76 +18079,15 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr return ret; } @@ -363,10 +363,10 @@ Index: libvirt-6.7.0/src/qemu/qemu_driver.c /* refresh information by opening images on the disk */ static int -Index: libvirt-6.7.0/src/util/vircgroup.c +Index: libvirt-6.8.0/src/util/vircgroup.c =================================================================== ---- libvirt-6.7.0.orig/src/util/vircgroup.c -+++ libvirt-6.7.0/src/util/vircgroup.c +--- libvirt-6.8.0.orig/src/util/vircgroup.c ++++ libvirt-6.8.0/src/util/vircgroup.c @@ -2776,6 +2776,31 @@ virCgroupControllerAvailable(int control return ret; } @@ -414,10 +414,10 @@ Index: libvirt-6.7.0/src/util/vircgroup.c int virCgroupNewPartition(const char *path G_GNUC_UNUSED, bool create G_GNUC_UNUSED, -Index: libvirt-6.7.0/src/util/vircgroup.h +Index: libvirt-6.8.0/src/util/vircgroup.h =================================================================== ---- libvirt-6.7.0.orig/src/util/vircgroup.h -+++ libvirt-6.7.0/src/util/vircgroup.h +--- libvirt-6.8.0.orig/src/util/vircgroup.h ++++ libvirt-6.8.0/src/util/vircgroup.h @@ -23,6 +23,7 @@ #include "virbitmap.h" @@ -433,10 +433,10 @@ Index: libvirt-6.7.0/src/util/vircgroup.h + +int virCgroupGetStatsCpu(virCgroupPtr cgroup, + virTypedParamListPtr params); -Index: libvirt-6.7.0/src/conf/meson.build +Index: libvirt-6.8.0/src/conf/meson.build =================================================================== ---- libvirt-6.7.0.orig/src/conf/meson.build -+++ libvirt-6.7.0/src/conf/meson.build +--- libvirt-6.8.0.orig/src/conf/meson.build ++++ libvirt-6.8.0/src/conf/meson.build @@ -14,6 +14,7 @@ domain_conf_sources = [ 'domain_capabilities.c', 'domain_conf.c', diff --git a/0001-libxl-add-support-for-BlockResize-API.patch b/0001-libxl-add-support-for-BlockResize-API.patch index 83212a5..30f5862 100644 --- a/0001-libxl-add-support-for-BlockResize-API.patch +++ b/0001-libxl-add-support-for-BlockResize-API.patch @@ -19,11 +19,11 @@ reworking this patch and submitting it to upstream libvirt. src/libxl/libxl_driver.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) -Index: libvirt-6.7.0/src/libxl/libxl_driver.c +Index: libvirt-6.8.0/src/libxl/libxl_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_driver.c -+++ libvirt-6.7.0/src/libxl/libxl_driver.c -@@ -5328,6 +5328,96 @@ libxlDomainMemoryStats(virDomainPtr dom, +--- libvirt-6.8.0.orig/src/libxl/libxl_driver.c ++++ libvirt-6.8.0/src/libxl/libxl_driver.c +@@ -5334,6 +5334,96 @@ libxlDomainMemoryStats(virDomainPtr dom, #undef LIBXL_SET_MEMSTAT @@ -120,7 +120,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_driver.c static int libxlDomainGetJobInfo(virDomainPtr dom, virDomainJobInfoPtr info) -@@ -6797,6 +6887,7 @@ static virHypervisorDriver libxlHypervis +@@ -6803,6 +6893,7 @@ static virHypervisorDriver libxlHypervis #endif .nodeGetFreeMemory = libxlNodeGetFreeMemory, /* 0.9.0 */ .nodeGetCellsFreeMemory = libxlNodeGetCellsFreeMemory, /* 1.1.1 */ diff --git a/0002-lxc-implement-connectGetAllDomainStats.patch b/0002-lxc-implement-connectGetAllDomainStats.patch index b1b147b..3ae8b2a 100644 --- a/0002-lxc-implement-connectGetAllDomainStats.patch +++ b/0002-lxc-implement-connectGetAllDomainStats.patch @@ -9,10 +9,10 @@ them using the existing API. src/lxc/lxc_driver.c | 138 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) -Index: libvirt-6.7.0/src/lxc/lxc_driver.c +Index: libvirt-6.8.0/src/lxc/lxc_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/lxc/lxc_driver.c -+++ libvirt-6.7.0/src/lxc/lxc_driver.c +--- libvirt-6.8.0.orig/src/lxc/lxc_driver.c ++++ libvirt-6.8.0/src/lxc/lxc_driver.c @@ -73,6 +73,8 @@ #include "netdev_bandwidth_conf.h" #include "virsocket.h" diff --git a/2ad009ea-qemu-check-modules-dir.patch b/2ad009ea-qemu-check-modules-dir.patch deleted file mode 100644 index 57fa4bb..0000000 --- a/2ad009ea-qemu-check-modules-dir.patch +++ /dev/null @@ -1,124 +0,0 @@ -commit 2ad009eadde27491ff4248f481560953776b2a87 -Author: Jim Fehlig -Date: Thu Aug 20 15:52:17 2020 -0600 - - qemu: Check for changes in qemu modules directory - - Add a configuration option for specifying location of the qemu modules - directory, defaulting to /usr/lib64/qemu. Then use this location to - check for changes in the directory, indicating that a qemu module has - changed and capabilities need to be reprobed. - - Signed-off-by: Jim Fehlig - Reviewed-by: Daniel P. Berrangé - -Index: libvirt-6.7.0/meson.build -=================================================================== ---- libvirt-6.7.0.orig/meson.build -+++ libvirt-6.7.0/meson.build -@@ -1758,6 +1758,12 @@ if not get_option('driver_qemu').disable - if use_qemu - conf.set('WITH_QEMU', 1) - -+ qemu_moddir = get_option('qemu_moddir') -+ if qemu_moddir == '' -+ qemu_moddir = '/usr' / libdir / 'qemu' -+ endif -+ conf.set_quoted('QEMU_MODDIR', qemu_moddir) -+ - if host_machine.system() in ['freebsd', 'darwin'] - default_qemu_user = 'root' - default_qemu_group = 'wheel' -Index: libvirt-6.7.0/meson_options.txt -=================================================================== ---- libvirt-6.7.0.orig/meson_options.txt -+++ libvirt-6.7.0/meson_options.txt -@@ -60,6 +60,7 @@ option('driver_openvz', type: 'feature', - option('driver_qemu', type: 'feature', value: 'auto', description: 'QEMU/KVM driver') - option('qemu_user', type: 'string', value: '', description: 'username to run QEMU system instance as') - option('qemu_group', type: 'string', value: '', description: 'groupname to run QEMU system instance as') -+option('qemu_moddir', type: 'string', value: '', description: 'set the directory where QEMU modules are located') - option('driver_remote', type: 'feature', value: 'enabled', description: 'remote driver') - option('remote_default_mode', type: 'combo', choices: ['legacy', 'direct'], value: 'legacy', description: 'remote driver default mode') - option('driver_secrets', type: 'feature', value: 'auto', description: 'local secrets management driver') -Index: libvirt-6.7.0/src/qemu/qemu_capabilities.c -=================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_capabilities.c -+++ libvirt-6.7.0/src/qemu/qemu_capabilities.c -@@ -677,6 +677,7 @@ struct _virQEMUCaps { - char *binary; - time_t ctime; - time_t libvirtCtime; -+ time_t modDirMtime; - bool invalidation; - - virBitmapPtr flags; -@@ -4194,6 +4195,7 @@ virQEMUCapsParseSEVInfo(virQEMUCapsPtr q - * - * /some/path - * 234235253 -+ * 234235253 - * 234235253 - * 1002016 - * -@@ -4283,6 +4285,9 @@ virQEMUCapsLoadCache(virArch hostArch, - } - qemuCaps->ctime = (time_t)l; - -+ if (virXPathLongLong("string(./qemumoddirmtime)", ctxt, &l) == 0) -+ qemuCaps->modDirMtime = (time_t)l; -+ - if ((n = virXPathNodeSet("./flag", ctxt, &nodes)) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("failed to parse qemu capabilities flags")); -@@ -4615,6 +4620,10 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qe - qemuCaps->binary); - virBufferAsprintf(&buf, "%llu\n", - (long long)qemuCaps->ctime); -+ if (qemuCaps->modDirMtime > 0) { -+ virBufferAsprintf(&buf, "%llu\n", -+ (long long)qemuCaps->modDirMtime); -+ } - virBufferAsprintf(&buf, "%llu\n", - (long long)qemuCaps->libvirtCtime); - virBufferAsprintf(&buf, "%lu\n", -@@ -4881,6 +4890,23 @@ virQEMUCapsIsValid(void *data, - if (!qemuCaps->binary) - return true; - -+ if (virFileExists(QEMU_MODDIR)) { -+ if (stat(QEMU_MODDIR, &sb) < 0) { -+ VIR_DEBUG("Failed to stat QEMU module directory '%s': %s", -+ QEMU_MODDIR, -+ g_strerror(errno)); -+ return false; -+ } -+ -+ if (sb.st_mtime != qemuCaps->modDirMtime) { -+ VIR_DEBUG("Outdated capabilities for '%s': QEMU modules " -+ "directory '%s' changed (%lld vs %lld)", -+ qemuCaps->binary, QEMU_MODDIR, -+ (long long)sb.st_mtime, (long long)qemuCaps->modDirMtime); -+ return false; -+ } -+ } -+ - if (qemuCaps->libvirtCtime != virGetSelfLastChanged() || - qemuCaps->libvirtVersion != LIBVIR_VERSION_NUMBER) { - VIR_DEBUG("Outdated capabilities for '%s': libvirt changed " -@@ -5463,6 +5489,15 @@ virQEMUCapsNewForBinaryInternal(virArch - goto error; - } - -+ if (virFileExists(QEMU_MODDIR)) { -+ if (stat(QEMU_MODDIR, &sb) < 0) { -+ virReportSystemError(errno, _("Cannot check QEMU module directory %s"), -+ QEMU_MODDIR); -+ goto error; -+ } -+ qemuCaps->modDirMtime = sb.st_mtime; -+ } -+ - if (virQEMUCapsInitQMP(qemuCaps, libDir, runUid, runGid) < 0) - goto error; - diff --git a/4a72b76b-qemu-namespace-memleak-fix.patch b/4a72b76b-qemu-namespace-memleak-fix.patch deleted file mode 100644 index 677e3e2..0000000 --- a/4a72b76b-qemu-namespace-memleak-fix.patch +++ /dev/null @@ -1,118 +0,0 @@ -commit 4a72b76b8a99ab6c33f468e767cb33cf1fcec843 -Author: Michal Prívozník -Date: Mon Sep 7 13:35:50 2020 +0200 - - qemu_namespace: Don't leak mknod items that are being skipped over - - When building and populating domain NS a couple of functions are - called that append paths to a string list. This string list is - then inspected, one item at the time by - qemuNamespacePrepareOneItem() which gathers all the info for - given path (stat buffer, possible link target, ACLs, SELinux - label) using qemuNamespaceMknodItemInit(). If the path needs to - be created in the domain's private /dev then it's added onto this - qemuNamespaceMknodData list which is freed later in the process. - But, if the path does not need to be created in the domain's - private /dev, then the memory allocated by - qemuNamespaceMknodItemInit() is not freed anywhere leading to a - leak. - - Signed-off-by: Michal Privoznik - Reviewed-by: Ján Tomko - -Index: libvirt-6.7.0/src/qemu/qemu_namespace.c -=================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_namespace.c -+++ libvirt-6.7.0/src/qemu/qemu_namespace.c -@@ -871,7 +871,7 @@ qemuDomainNamespaceAvailable(qemuDomainN - typedef struct _qemuNamespaceMknodItem qemuNamespaceMknodItem; - typedef qemuNamespaceMknodItem *qemuNamespaceMknodItemPtr; - struct _qemuNamespaceMknodItem { -- const char *file; -+ char *file; - char *target; - bool bindmounted; - GStatBuf sb; -@@ -892,6 +892,7 @@ struct _qemuNamespaceMknodData { - static void - qemuNamespaceMknodItemClear(qemuNamespaceMknodItemPtr item) - { -+ VIR_FREE(item->file); - VIR_FREE(item->target); - virFileFreeACLs(&item->acl); - #ifdef WITH_SELINUX -@@ -900,6 +901,8 @@ qemuNamespaceMknodItemClear(qemuNamespac - } - - -+G_DEFINE_AUTO_CLEANUP_CLEAR_FUNC(qemuNamespaceMknodItem, qemuNamespaceMknodItemClear); -+ - static void - qemuNamespaceMknodDataClear(qemuNamespaceMknodDataPtr data) - { -@@ -1091,7 +1094,7 @@ qemuNamespaceMknodItemInit(qemuNamespace - bool isLink; - bool needsBindMount; - -- item->file = file; -+ item->file = g_strdup(file); - - if (g_lstat(file, &item->sb) < 0) { - if (errno == ENOENT) -@@ -1166,11 +1169,13 @@ qemuNamespacePrepareOneItem(qemuNamespac - size_t ndevMountsPath) - { - long ttl = sysconf(_SC_SYMLOOP_MAX); -- const char *next = file; -+ g_autofree char *next = g_strdup(file); - size_t i; - - while (1) { -- qemuNamespaceMknodItem item = { 0 }; -+ g_auto(qemuNamespaceMknodItem) item = { 0 }; -+ bool isLink; -+ bool addToData = false; - int rc; - - rc = qemuNamespaceMknodItemInit(&item, cfg, vm, next); -@@ -1182,6 +1187,8 @@ qemuNamespacePrepareOneItem(qemuNamespac - return -1; - } - -+ isLink = S_ISLNK(item.sb.st_mode); -+ - if (STRPREFIX(next, QEMU_DEVPREFIX)) { - for (i = 0; i < ndevMountsPath; i++) { - if (STREQ(devMountsPath[i], "/dev")) -@@ -1190,12 +1197,18 @@ qemuNamespacePrepareOneItem(qemuNamespac - break; - } - -- if (i == ndevMountsPath && -- VIR_APPEND_ELEMENT_COPY(data->items, data->nitems, item) < 0) -- return -1; -+ if (i == ndevMountsPath) -+ addToData = true; - } - -- if (!S_ISLNK(item.sb.st_mode)) -+ g_free(next); -+ next = g_strdup(item.target); -+ -+ if (addToData && -+ VIR_APPEND_ELEMENT(data->items, data->nitems, item) < 0) -+ return -1; -+ -+ if (!isLink) - break; - - if (ttl-- == 0) { -@@ -1204,8 +1217,6 @@ qemuNamespacePrepareOneItem(qemuNamespac - next); - return -1; - } -- -- next = item.target; - } - - return 0; diff --git a/8abd1ffe-qemu-tolerate-non-existent-files.patch b/8abd1ffe-qemu-tolerate-non-existent-files.patch deleted file mode 100644 index f41f9f6..0000000 --- a/8abd1ffe-qemu-tolerate-non-existent-files.patch +++ /dev/null @@ -1,70 +0,0 @@ -commit 8abd1ffed18394a6212c469cb2c7b6cc28a122d2 -Author: Michal Prívozník -Date: Thu Sep 3 18:07:43 2020 +0200 - - qemu_namespace: Be tolerant to non-existent files when populating /dev - - In 6.7.0 release I've changed how domain namespace is built and - populated. Previously it used to be done from a pre-exec hook - (ran in the forked off child, just before dropping all privileges - and exec()-ing QEMU), which not only meant we had to have two - different code paths for creating a node in domain's namespace - (one for this pre-exec hook, the other for hotplug ran from the - daemon), it also proved problematic because it was leaking FDs - into QEMU process. - - To mitigate this problem, we've not only ditched libdevmapper - from the NS population process, I've also dropped the pre-exec - code and let the NS be populated from the daemon (using the - hotplug code). But, I was not careful when doing so, because the - pre-exec code was tolerant to files that doesn't exist, while - this new code isn't. For instance, the very first thing that is - done when the new NS is created is it's populated with - @defaultDeviceACL which contain files like /dev/null, /dev/zero, - /dev/random and /dev/kvm (and others). While the rest will - probably exist every time, /dev/kvm might not and thus the new - code I wrote has to be tolerant to that. - - Of course, users can override the @defaultDeviceACL (by setting - cgroup_device_acl in qemu.conf) and remove /dev/kvm (which is - acceptable workaround), but we definitely want libvirt to work - out of the box even on hosts without KVM. - - Fixes: 9048dc4e627ddf33996084167bece7b5fb83b0bc - Reported-by: Daniel P. Berrangé - Signed-off-by: Michal Privoznik - Reviewed-by: Daniel P. Berrangé - Reviewed-by: Ján Tomko - -Index: libvirt-6.7.0/src/qemu/qemu_namespace.c -=================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_namespace.c -+++ libvirt-6.7.0/src/qemu/qemu_namespace.c -@@ -1094,6 +1094,9 @@ qemuNamespaceMknodItemInit(qemuNamespace - item->file = file; - - if (g_lstat(file, &item->sb) < 0) { -+ if (errno == ENOENT) -+ return -2; -+ - virReportSystemError(errno, - _("Unable to access %s"), file); - return -1; -@@ -1168,9 +1171,16 @@ qemuNamespacePrepareOneItem(qemuNamespac - - while (1) { - qemuNamespaceMknodItem item = { 0 }; -+ int rc; - -- if (qemuNamespaceMknodItemInit(&item, cfg, vm, next) < 0) -+ rc = qemuNamespaceMknodItemInit(&item, cfg, vm, next); -+ if (rc == -2) { -+ /* @file doesn't exist. We can break here. */ -+ break; -+ } else if (rc < 0) { -+ /* Some other (critical) error. */ - return -1; -+ } - - if (STRPREFIX(next, QEMU_DEVPREFIX)) { - for (i = 0; i < ndevMountsPath; i++) { diff --git a/libvirt-6.7.0.tar.xz b/libvirt-6.7.0.tar.xz deleted file mode 100644 index f73dcf3..0000000 --- a/libvirt-6.7.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:655b9476c797cdd3bb12e2520acc37335e5299b2d56a5bb9ab3f55db40161342 -size 8362140 diff --git a/libvirt-6.7.0.tar.xz.asc b/libvirt-6.7.0.tar.xz.asc deleted file mode 100644 index 4724a98..0000000 --- a/libvirt-6.7.0.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEERTtlMQWVVihVRxGZymi+gBAITJwFAl9N8/gACgkQymi+gBAI -TJxc/g//byuzhYbB4+YF1nDWD7UN6pGz/N+23Rj1LX2qGlJkFrzW1quMiGTgviFV -V0y1D211WNkbJvZ2b4BtPY/rS0DDqlLAxT8Z8B5+2rmJeOfmbRkHUSobxBRrjDMP -jCRo2Vc1uh0YIQxde5/Su+fXkrRU5+kFzAwmtS8Q2EobiXRWBVcUwHtM3Ix2R+3y -gUMOqag3NhDc1rVyAcszOnxhYjVeoHmaOaBfLOYLLQsZoESofXgugx9ybWGFSPsW -CtKIkBZLG/w9cDDJperN4runDu9O1FNgaCFd/2lX51f75b9DxHQcOL7HW15E6H9l -ssu7djcrxS1DQefgTe1tpDfBl5nILKvlUSrVStBVOe41SM/in4AcS5PkQk2HDEiS -omVa5cs6DsezNSEkXGgKXMyGNq+I/MdF+F67lrL/a9qS2hr8euBs5EuZAi3ussZc -4pzMtW+nRsrnz4pPXb82NVWGbGrYyxBkbhYd148iaOCcp4/RRKtDpvICVaJAHKbN -TAHxy82SUGcdlI8RGu3nAT260ZEQ008pu+GF3cwJMqQoK9S/C4i+GiR+WmvE6MAd -KQtdKXyRkXqP8n+fTZSfEfZm2cWVCSvOW5fC3wzWiEIvy7fIG5pH1TOTFai9+ARv -Owmo7nFNH2cjy1EdVIBk1mR3ccc26TED/P3SE2KlH9z3saEQuRE= -=nU1U ------END PGP SIGNATURE----- diff --git a/libvirt-6.8.0.tar.xz b/libvirt-6.8.0.tar.xz new file mode 100644 index 0000000..038ae14 --- /dev/null +++ b/libvirt-6.8.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0c2d7f6ed8bc4956bf7f0c8ca2897c6c82ddb91e3118ab7a588b25eedd16ef69 +size 8412092 diff --git a/libvirt-6.8.0.tar.xz.asc b/libvirt-6.8.0.tar.xz.asc new file mode 100644 index 0000000..1e3473a --- /dev/null +++ b/libvirt-6.8.0.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEERTtlMQWVVihVRxGZymi+gBAITJwFAl91iyMACgkQymi+gBAI +TJyZ7RAAguxlYBvKkG6Q3PBrJc67pyQdB1hi+42CLcR0V2GdiPtoC1UL77wwDO6b +xkXn4D9QJQ70uVDJ/HivuA8uSVdj9qJsbFe5SsHTTeHz6HE+k+tbhWM1O0ALilfl +EaDQl5GF+00IwGyxLBABvg5dcqhLcPfdCAu+tuFDy8b7x8PkgN1XlMyucddYcCeY +YXX7JCJ/ckrCaC+OfGzurZOTLrz2k3u55ezSEsQ6VjxAegEz5kGb7sXKSgbRxd/L +xozHJcJwccRXirjNVtnSdn9zJwqzjys+yeyxVuNs2MM9Vd8urUW8TnE4L2DN9ojM +pMt/xmItZGoMMeamc9IfH/9AfMYy3Z/lYxHO7cu+xw7EOtAqHQOl2yWuE8ukKXVu +PYU6zfupfAYn7EgsNFVgeYQPpK6p0lG72+G+KiaJ3iHzTJXz7478rQTdSCrcdIYP +60JoLePSXt5+VsHVCR1zGS2e4NG8HfZ8JJ7fIfF4AsaHwbF3lfp+tT4db1zfeP+B +URQOebXHjLgh5ytZY5i2MSa4E31dHSpWx0RLYOfziPss8IqtE+OUKjHFLlzdwMq5 +eMVnrgnb5B1jN0dfpGHQcrkAb3uVQ0A0+A8TGIvVrksKO+Oie385lkbUGwak4s0k +2rv+77qK8cVLw6TZE6RXPhjHT3/8zMKuXRsIyhX6ofItG5x2BK4= +=eHB4 +-----END PGP SIGNATURE----- diff --git a/libvirt-power8-models.patch b/libvirt-power8-models.patch index 0bd3dda..d497901 100644 --- a/libvirt-power8-models.patch +++ b/libvirt-power8-models.patch @@ -2,10 +2,10 @@ Add POWER8 v2.0 and v2.1 to cpu map XML From: -Index: libvirt-6.7.0/src/cpu_map/ppc64_POWER8.xml +Index: libvirt-6.8.0/src/cpu_map/ppc64_POWER8.xml =================================================================== ---- libvirt-6.7.0.orig/src/cpu_map/ppc64_POWER8.xml -+++ libvirt-6.7.0/src/cpu_map/ppc64_POWER8.xml +--- libvirt-6.8.0.orig/src/cpu_map/ppc64_POWER8.xml ++++ libvirt-6.8.0/src/cpu_map/ppc64_POWER8.xml @@ -4,5 +4,7 @@ diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch index 95baa2b..ea839a5 100644 --- a/libvirt-suse-netcontrol.patch +++ b/libvirt-suse-netcontrol.patch @@ -1,8 +1,8 @@ -Index: libvirt-6.7.0/tools/virsh.c +Index: libvirt-6.8.0/tools/virsh.c =================================================================== ---- libvirt-6.7.0.orig/tools/virsh.c -+++ libvirt-6.7.0/tools/virsh.c -@@ -547,6 +547,8 @@ virshShowVersion(vshControl *ctl G_GNUC_ +--- libvirt-6.8.0.orig/tools/virsh.c ++++ libvirt-6.8.0/tools/virsh.c +@@ -542,6 +542,8 @@ virshShowVersion(vshControl *ctl G_GNUC_ vshPrint(ctl, " Interface"); # if defined(WITH_NETCF) vshPrint(ctl, " netcf"); @@ -11,10 +11,10 @@ Index: libvirt-6.7.0/tools/virsh.c # elif defined(WITH_UDEV) vshPrint(ctl, " udev"); # endif -Index: libvirt-6.7.0/src/interface/interface_backend_netcf.c +Index: libvirt-6.8.0/src/interface/interface_backend_netcf.c =================================================================== ---- libvirt-6.7.0.orig/src/interface/interface_backend_netcf.c -+++ libvirt-6.7.0/src/interface/interface_backend_netcf.c +--- libvirt-6.8.0.orig/src/interface/interface_backend_netcf.c ++++ libvirt-6.8.0/src/interface/interface_backend_netcf.c @@ -21,7 +21,12 @@ #include @@ -126,10 +126,10 @@ Index: libvirt-6.7.0/src/interface/interface_backend_netcf.c if (virRegisterConnectDriver(&interfaceConnectDriver, false) < 0) return -1; if (virSetSharedInterfaceDriver(&interfaceDriver) < 0) -Index: libvirt-6.7.0/src/interface/interface_driver.c +Index: libvirt-6.8.0/src/interface/interface_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/interface/interface_driver.c -+++ libvirt-6.7.0/src/interface/interface_driver.c +--- libvirt-6.8.0.orig/src/interface/interface_driver.c ++++ libvirt-6.8.0/src/interface/interface_driver.c @@ -30,8 +30,15 @@ interfaceRegister(void) if (netcfIfaceRegister() == 0) return 0; @@ -147,11 +147,11 @@ Index: libvirt-6.7.0/src/interface/interface_driver.c if (udevIfaceRegister() == 0) return 0; #endif /* WITH_UDEV */ -Index: libvirt-6.7.0/meson.build +Index: libvirt-6.8.0/meson.build =================================================================== ---- libvirt-6.7.0.orig/meson.build -+++ libvirt-6.7.0/meson.build -@@ -1201,6 +1201,12 @@ if netcf_dep.found() +--- libvirt-6.8.0.orig/meson.build ++++ libvirt-6.8.0/meson.build +@@ -1184,6 +1184,12 @@ if netcf_dep.found() conf.set('WITH_NETCF', 1) endif @@ -164,7 +164,7 @@ Index: libvirt-6.7.0/meson.build have_gnu_gettext_tools = false if not get_option('nls').disabled() have_gettext = cc.has_function('gettext') -@@ -1632,10 +1638,10 @@ elif get_option('driver_hyperv').enabled +@@ -1612,10 +1618,10 @@ elif get_option('driver_hyperv').enabled error('openwsman is required for the Hyper-V driver') endif @@ -177,7 +177,7 @@ Index: libvirt-6.7.0/meson.build endif if not get_option('driver_libxl').disabled() and conf.has('WITH_LIBVIRTD') -@@ -2442,6 +2448,7 @@ libs_summary = { +@@ -2420,6 +2426,7 @@ libs_summary = { 'libxml': libxml_dep.found(), 'macvtap': conf.has('WITH_MACVTAP'), 'netcf': netcf_dep.found(), @@ -185,10 +185,10 @@ Index: libvirt-6.7.0/meson.build 'NLS': have_gnu_gettext_tools, 'nss': conf.has('WITH_NSS'), 'numactl': numactl_dep.found(), -Index: libvirt-6.7.0/src/interface/meson.build +Index: libvirt-6.8.0/src/interface/meson.build =================================================================== ---- libvirt-6.7.0.orig/src/interface/meson.build -+++ libvirt-6.7.0/src/interface/meson.build +--- libvirt-6.8.0.orig/src/interface/meson.build ++++ libvirt-6.8.0/src/interface/meson.build @@ -2,7 +2,7 @@ interface_driver_sources = [ 'interface_driver.c', ] @@ -206,11 +206,11 @@ Index: libvirt-6.7.0/src/interface/meson.build udev_dep, ], 'link_args': [ -Index: libvirt-6.7.0/meson_options.txt +Index: libvirt-6.8.0/meson_options.txt =================================================================== ---- libvirt-6.7.0.orig/meson_options.txt -+++ libvirt-6.7.0/meson_options.txt -@@ -30,6 +30,7 @@ option('libssh', type: 'feature', value: +--- libvirt-6.8.0.orig/meson_options.txt ++++ libvirt-6.8.0/meson_options.txt +@@ -28,6 +28,7 @@ option('libssh', type: 'feature', value: option('libssh2', type: 'feature', value: 'auto', description: 'libssh2 support') option('macvtap', type: 'feature', value: 'auto', description: 'enable macvtap device') option('netcf', type: 'feature', value: 'auto', description: 'netcf support') diff --git a/libvirt.changes b/libvirt.changes index 0feb113..895e022 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Thu Oct 1 15:56:21 UTC 2020 - James Fehlig + +- Update to libvirt 6.8.0 + - jsc#SLE-12684, jsc#SLE-15861 + - bsc#1174955 (CVE-2020-15708) + - bsc#1177155 (CVE-2020-25637) + - Many incremental improvements and bug fixes, see + https://libvirt.org/news.html + - Dropped patches: + 2ad009ea-qemu-check-modules-dir.patch, + 8abd1ffe-qemu-tolerate-non-existent-files.patch, + 4a72b76b-qemu-namespace-memleak-fix.patch + ------------------------------------------------------------------- Thu Sep 10 17:49:45 UTC 2020 - James Fehlig diff --git a/libvirt.spec b/libvirt.spec index 85498e1..122a7c4 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -156,7 +156,7 @@ Name: libvirt URL: http://libvirt.org/ -Version: 6.7.0 +Version: 6.8.0 Release: 0 Summary: Library providing a virtualization API License: LGPL-2.1-or-later @@ -242,8 +242,6 @@ BuildRequires: ebtables BuildRequires: iptables BuildRequires: polkit >= 0.112 BuildRequires: radvd -# Communication with the firewall and polkit daemons use DBus -BuildRequires: dbus-1-devel # For mount/umount in FS driver BuildRequires: util-linux # For LVM drivers @@ -309,9 +307,6 @@ Source6: libvirtd-relocation-server.xml Source99: baselibs.conf Source100: %{name}-rpmlintrc # Upstream patches -Patch0: 2ad009ea-qemu-check-modules-dir.patch -Patch1: 8abd1ffe-qemu-tolerate-non-existent-files.patch -Patch2: 4a72b76b-qemu-namespace-memleak-fix.patch # Patches pending upstream review Patch100: libxl-dom-reset.patch Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch @@ -760,7 +755,6 @@ capabilities of VirtualBox Summary: Client side utilities of the libvirt library Group: System/Management Requires: %{name}-libs = %{version}-%{release} -Requires: readline # Needed by libvirt-guests init script. Requires: gettext-runtime # Needed by virt-pki-validate script. @@ -791,7 +785,6 @@ Shared libraries for accessing the libvirt daemon. Summary: Set of tools to control libvirt daemon Group: System/Management Requires: %{name}-libs = %{version}-%{release} -Requires: readline %if %{with_bash_completion} Recommends: %{name}-bash-completion = %{version}-%{release} %endif @@ -848,9 +841,6 @@ libvirt plugin for NSS for translating domain names into IP addresses. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 %patch100 -p1 %patch101 -p1 %patch150 -p1 @@ -1042,7 +1032,6 @@ libvirt plugin for NSS for translating domain names into IP addresses. %{?arg_selinux_mount} \ %{?arg_apparmor} \ %{?arg_apparmor_profiles} \ - -Dhal=disabled \ -Dudev=enabled \ -Dyajl=enabled \ %{?arg_sanlock} \ @@ -1486,6 +1475,7 @@ fi %{_datadir}/polkit-1/actions/org.libvirt.unix.policy %{_datadir}/polkit-1/actions/org.libvirt.api.policy %attr(0755, root, root) %{_libdir}/%{name}/libvirt_iohelper +%attr(0755, root, root) %{_bindir}/virt-ssh-helper %doc %{_mandir}/man8/libvirtd.8* %doc %{_mandir}/man8/virtlogd.8* %doc %{_mandir}/man8/virtlockd.8* @@ -1865,7 +1855,7 @@ fi %{_datadir}/%{name}/api/libvirt-lxc-api.xml %files doc -%doc AUTHORS NEWS.rst README.rst +%doc AUTHORS.rst NEWS.rst README.rst %license COPYING COPYING.LESSER %dir %{_datadir}/doc/%{name} %doc %{_datadir}/doc/%{name}/* diff --git a/libxl-dom-reset.patch b/libxl-dom-reset.patch index d0ae1ba..2c19673 100644 --- a/libxl-dom-reset.patch +++ b/libxl-dom-reset.patch @@ -8,11 +8,11 @@ Date: Mon Jun 23 15:51:20 2014 -0600 option, but domainReset can be implemented in the libxl driver by forcibly destroying the domain and starting it again. -Index: libvirt-6.7.0/src/libxl/libxl_driver.c +Index: libvirt-6.8.0/src/libxl/libxl_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_driver.c -+++ libvirt-6.7.0/src/libxl/libxl_driver.c -@@ -1371,6 +1371,61 @@ libxlDomainReboot(virDomainPtr dom, unsi +--- libvirt-6.8.0.orig/src/libxl/libxl_driver.c ++++ libvirt-6.8.0/src/libxl/libxl_driver.c +@@ -1377,6 +1377,61 @@ libxlDomainReboot(virDomainPtr dom, unsi } static int @@ -74,7 +74,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_driver.c libxlDomainDestroyFlags(virDomainPtr dom, unsigned int flags) { -@@ -6672,6 +6727,7 @@ static virHypervisorDriver libxlHypervis +@@ -6678,6 +6733,7 @@ static virHypervisorDriver libxlHypervis .domainShutdown = libxlDomainShutdown, /* 0.9.0 */ .domainShutdownFlags = libxlDomainShutdownFlags, /* 0.9.10 */ .domainReboot = libxlDomainReboot, /* 0.9.0 */ diff --git a/libxl-set-cach-mode.patch b/libxl-set-cach-mode.patch index e03c540..82a9d17 100644 --- a/libxl-set-cach-mode.patch +++ b/libxl-set-cach-mode.patch @@ -3,11 +3,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425 src/libxl/libxl_conf.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) -Index: libvirt-6.7.0/src/libxl/libxl_conf.c +Index: libvirt-6.8.0/src/libxl/libxl_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_conf.c -+++ libvirt-6.7.0/src/libxl/libxl_conf.c -@@ -912,6 +912,30 @@ libxlDiskSetDiscard(libxl_device_disk *x +--- libvirt-6.8.0.orig/src/libxl/libxl_conf.c ++++ libvirt-6.8.0/src/libxl/libxl_conf.c +@@ -925,6 +925,30 @@ libxlDiskSetDiscard(libxl_device_disk *x #endif } @@ -38,7 +38,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c static char * libxlMakeNetworkDiskSrcStr(virStorageSourcePtr src, const char *username, -@@ -1149,6 +1173,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk +@@ -1162,6 +1186,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk x_disk->is_cdrom = l_disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM ? 1 : 0; if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0) return -1; diff --git a/libxl-set-migration-constraints.patch b/libxl-set-migration-constraints.patch index d091df0..0d3bc6d 100644 --- a/libxl-set-migration-constraints.patch +++ b/libxl-set-migration-constraints.patch @@ -16,11 +16,11 @@ Signed-off-by: Jim Fehlig tools/virsh.pod | 8 ++++++++ 6 files changed, 125 insertions(+), 6 deletions(-) -Index: libvirt-6.7.0/include/libvirt/libvirt-domain.h +Index: libvirt-6.8.0/include/libvirt/libvirt-domain.h =================================================================== ---- libvirt-6.7.0.orig/include/libvirt/libvirt-domain.h -+++ libvirt-6.7.0/include/libvirt/libvirt-domain.h -@@ -1065,6 +1065,31 @@ typedef enum { +--- libvirt-6.8.0.orig/include/libvirt/libvirt-domain.h ++++ libvirt-6.8.0/include/libvirt/libvirt-domain.h +@@ -1078,6 +1078,31 @@ typedef enum { */ # define VIR_MIGRATE_PARAM_TLS_DESTINATION "tls.destination" @@ -52,11 +52,11 @@ Index: libvirt-6.7.0/include/libvirt/libvirt-domain.h /* Domain migration. */ virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn, unsigned long flags, const char *dname, -Index: libvirt-6.7.0/src/libxl/libxl_driver.c +Index: libvirt-6.8.0/src/libxl/libxl_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_driver.c -+++ libvirt-6.7.0/src/libxl/libxl_driver.c -@@ -6237,6 +6237,9 @@ libxlDomainMigratePerform3Params(virDoma +--- libvirt-6.8.0.orig/src/libxl/libxl_driver.c ++++ libvirt-6.8.0/src/libxl/libxl_driver.c +@@ -6243,6 +6243,9 @@ libxlDomainMigratePerform3Params(virDoma const char *dname = NULL; const char *uri = NULL; int ret = -1; @@ -66,7 +66,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_driver.c #ifdef LIBXL_HAVE_NO_SUSPEND_RESUME virReportUnsupportedError(); -@@ -6253,6 +6256,18 @@ libxlDomainMigratePerform3Params(virDoma +@@ -6259,6 +6262,18 @@ libxlDomainMigratePerform3Params(virDoma virTypedParamsGetString(params, nparams, VIR_MIGRATE_PARAM_DEST_NAME, &dname) < 0 || @@ -85,7 +85,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_driver.c virTypedParamsGetString(params, nparams, VIR_MIGRATE_PARAM_URI, &uri) < 0) -@@ -6267,11 +6282,11 @@ libxlDomainMigratePerform3Params(virDoma +@@ -6273,11 +6288,11 @@ libxlDomainMigratePerform3Params(virDoma if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) { if (libxlDomainMigrationSrcPerformP2P(driver, vm, dom->conn, dom_xml, @@ -99,10 +99,10 @@ Index: libvirt-6.7.0/src/libxl/libxl_driver.c goto cleanup; } -Index: libvirt-6.7.0/src/libxl/libxl_migration.c +Index: libvirt-6.8.0/src/libxl/libxl_migration.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_migration.c -+++ libvirt-6.7.0/src/libxl/libxl_migration.c +--- libvirt-6.8.0.orig/src/libxl/libxl_migration.c ++++ libvirt-6.8.0/src/libxl/libxl_migration.c @@ -345,18 +345,39 @@ libxlMigrateDstReceive(virNetSocketPtr s static int libxlDoMigrateSrcSend(libxlDriverPrivatePtr driver, @@ -264,10 +264,10 @@ Index: libvirt-6.7.0/src/libxl/libxl_migration.c virObjectLock(vm); if (ret == 0) { -Index: libvirt-6.7.0/src/libxl/libxl_migration.h +Index: libvirt-6.8.0/src/libxl/libxl_migration.h =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_migration.h -+++ libvirt-6.7.0/src/libxl/libxl_migration.h +--- libvirt-6.8.0.orig/src/libxl/libxl_migration.h ++++ libvirt-6.8.0/src/libxl/libxl_migration.h @@ -35,6 +35,10 @@ VIR_MIGRATE_PARAM_URI, VIR_TYPED_PARAM_STRING, \ VIR_MIGRATE_PARAM_DEST_NAME, VIR_TYPED_PARAM_STRING, \ @@ -312,11 +312,11 @@ Index: libvirt-6.7.0/src/libxl/libxl_migration.h virDomainPtr libxlDomainMigrationDstFinish(virConnectPtr dconn, -Index: libvirt-6.7.0/tools/virsh-domain.c +Index: libvirt-6.8.0/tools/virsh-domain.c =================================================================== ---- libvirt-6.7.0.orig/tools/virsh-domain.c -+++ libvirt-6.7.0/tools/virsh-domain.c -@@ -10699,6 +10699,22 @@ static const vshCmdOptDef opts_migrate[] +--- libvirt-6.8.0.orig/tools/virsh-domain.c ++++ libvirt-6.8.0/tools/virsh-domain.c +@@ -10722,6 +10722,22 @@ static const vshCmdOptDef opts_migrate[] .type = VSH_OT_STRING, .help = N_("override the destination host name used for TLS verification") }, @@ -339,7 +339,7 @@ Index: libvirt-6.7.0/tools/virsh-domain.c {.name = NULL} }; -@@ -10720,6 +10736,7 @@ doMigrate(void *opaque) +@@ -10742,6 +10758,7 @@ doMigrate(void *opaque) unsigned long long ullOpt = 0; int rv; virConnectPtr dconn = data->dconn; @@ -347,7 +347,7 @@ Index: libvirt-6.7.0/tools/virsh-domain.c #ifndef WIN32 sigset_t sigmask, oldsigmask; -@@ -10842,6 +10859,27 @@ doMigrate(void *opaque) +@@ -10872,6 +10889,27 @@ doMigrate(void *opaque) goto save_error; } @@ -375,20 +375,21 @@ Index: libvirt-6.7.0/tools/virsh-domain.c if (vshCommandOptStringReq(ctl, cmd, "xml", &opt) < 0) goto out; if (opt) { -Index: libvirt-6.7.0/docs/manpages/virsh.rst +Index: libvirt-6.8.0/docs/manpages/virsh.rst =================================================================== ---- libvirt-6.7.0.orig/docs/manpages/virsh.rst -+++ libvirt-6.7.0/docs/manpages/virsh.rst -@@ -3113,6 +3113,8 @@ migrate +--- libvirt-6.8.0.orig/docs/manpages/virsh.rst ++++ libvirt-6.8.0/docs/manpages/virsh.rst +@@ -3113,7 +3113,8 @@ migrate [--postcopy-bandwidth bandwidth] [--parallel [--parallel-connections connections]] [--bandwidth bandwidth] [--tls-destination hostname] -+ [--max_iters num] [--max_factor num] [--min_remaining num] -+ [--abort_if_busy] +- [--disks-uri URI] ++ [--disks-uri URI] [--max_iters num] [--max_factor num] ++ [--min_remaining num] [--abort_if_busy] Migrate domain to another host. Add *--live* for live migration; <--p2p> for peer-2-peer migration; *--direct* for direct migration; or *--tunnelled* -@@ -3218,6 +3220,14 @@ parallel connections. The number of such +@@ -3219,6 +3220,14 @@ parallel connections. The number of such network link between the source and the target and thus speeding up the migration. diff --git a/libxl-support-block-script.patch b/libxl-support-block-script.patch index 25cf92a..be8231c 100644 --- a/libxl-support-block-script.patch +++ b/libxl-support-block-script.patch @@ -7,11 +7,11 @@ and npiv. For more details, see bsc#954872 and FATE#319810 -Index: libvirt-6.7.0/src/libxl/libxl_conf.c +Index: libvirt-6.8.0/src/libxl/libxl_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_conf.c -+++ libvirt-6.7.0/src/libxl/libxl_conf.c -@@ -912,6 +912,22 @@ libxlDiskSetDiscard(libxl_device_disk *x +--- libvirt-6.8.0.orig/src/libxl/libxl_conf.c ++++ libvirt-6.8.0/src/libxl/libxl_conf.c +@@ -925,6 +925,22 @@ libxlDiskSetDiscard(libxl_device_disk *x #endif } @@ -34,7 +34,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c static void libxlDiskSetCacheMode(libxl_device_disk *x_disk, int cachemode) { -@@ -1048,6 +1064,7 @@ libxlMakeNetworkDiskSrc(virStorageSource +@@ -1061,6 +1077,7 @@ libxlMakeNetworkDiskSrc(virStorageSource int libxlMakeDisk(virDomainDiskDefPtr l_disk, libxl_device_disk *x_disk) { @@ -42,7 +42,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c const char *driver = virDomainDiskGetDriver(l_disk); int format = virDomainDiskGetFormat(l_disk); int actual_type = virStorageSourceGetActualType(l_disk->src); -@@ -1063,7 +1080,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk +@@ -1076,7 +1093,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk if (libxlMakeNetworkDiskSrc(l_disk->src, &x_disk->pdev_path) < 0) return -1; } else { @@ -51,7 +51,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c } x_disk->vdev = g_strdup(l_disk->dst); -@@ -1174,6 +1191,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk +@@ -1187,6 +1204,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0) return -1; libxlDiskSetCacheMode(x_disk, l_disk->cachemode); diff --git a/lxc-wait-after-eth-del.patch b/lxc-wait-after-eth-del.patch index 13caa02..dd29324 100644 --- a/lxc-wait-after-eth-del.patch +++ b/lxc-wait-after-eth-del.patch @@ -13,10 +13,10 @@ device with the same name that is being created. src/lxc/lxc_process.c | 1 + 3 files changed, 4 insertions(+) -Index: libvirt-6.7.0/src/lxc/lxc_controller.c +Index: libvirt-6.8.0/src/lxc/lxc_controller.c =================================================================== ---- libvirt-6.7.0.orig/src/lxc/lxc_controller.c -+++ libvirt-6.7.0/src/lxc/lxc_controller.c +--- libvirt-6.8.0.orig/src/lxc/lxc_controller.c ++++ libvirt-6.8.0/src/lxc/lxc_controller.c @@ -2026,6 +2026,7 @@ static int virLXCControllerDeleteInterfa if (virNetDevVethDelete(ctrl->veths[i]) < 0) ret = -1; @@ -25,10 +25,10 @@ Index: libvirt-6.7.0/src/lxc/lxc_controller.c return ret; } -Index: libvirt-6.7.0/src/lxc/lxc_driver.c +Index: libvirt-6.8.0/src/lxc/lxc_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/lxc/lxc_driver.c -+++ libvirt-6.7.0/src/lxc/lxc_driver.c +--- libvirt-6.8.0.orig/src/lxc/lxc_driver.c ++++ libvirt-6.8.0/src/lxc/lxc_driver.c @@ -66,6 +66,7 @@ #include "virtime.h" #include "virtypedparam.h" @@ -53,10 +53,10 @@ Index: libvirt-6.7.0/src/lxc/lxc_driver.c break; /* It'd be nice to support this, but with macvlan -Index: libvirt-6.7.0/src/lxc/lxc_process.c +Index: libvirt-6.8.0/src/lxc/lxc_process.c =================================================================== ---- libvirt-6.7.0.orig/src/lxc/lxc_process.c -+++ libvirt-6.7.0/src/lxc/lxc_process.c +--- libvirt-6.8.0.orig/src/lxc/lxc_process.c ++++ libvirt-6.8.0/src/lxc/lxc_process.c @@ -50,6 +50,7 @@ #include "virstring.h" #include "virprocess.h" diff --git a/network-don-t-use-dhcp-authoritative-on-static-netwo.patch b/network-don-t-use-dhcp-authoritative-on-static-netwo.patch index b9b3d26..af5adc7 100644 --- a/network-don-t-use-dhcp-authoritative-on-static-netwo.patch +++ b/network-don-t-use-dhcp-authoritative-on-static-netwo.patch @@ -17,11 +17,11 @@ Signed-off-by: Martin Wilck tests/networkxml2confdata/dhcp6host-routed-network.conf | 1 - 2 files changed, 8 insertions(+), 2 deletions(-) -Index: libvirt-6.7.0/src/network/bridge_driver.c +Index: libvirt-6.8.0/src/network/bridge_driver.c =================================================================== ---- libvirt-6.7.0.orig/src/network/bridge_driver.c -+++ libvirt-6.7.0/src/network/bridge_driver.c -@@ -1448,7 +1448,14 @@ networkDnsmasqConfContents(virNetworkObj +--- libvirt-6.8.0.orig/src/network/bridge_driver.c ++++ libvirt-6.8.0/src/network/bridge_driver.c +@@ -1445,7 +1445,14 @@ networkDnsmasqConfContents(virNetworkObj if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET)) { if (ipdef->nranges || ipdef->nhosts) { virBufferAddLit(&configbuf, "dhcp-no-override\n"); @@ -37,10 +37,10 @@ Index: libvirt-6.7.0/src/network/bridge_driver.c } if (ipdef->tftproot) { -Index: libvirt-6.7.0/tests/networkxml2confdata/dhcp6host-routed-network.conf +Index: libvirt-6.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf =================================================================== ---- libvirt-6.7.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf -+++ libvirt-6.7.0/tests/networkxml2confdata/dhcp6host-routed-network.conf +--- libvirt-6.8.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf ++++ libvirt-6.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf @@ -10,7 +10,6 @@ bind-dynamic interface=virbr1 dhcp-range=192.168.122.1,static diff --git a/ppc64le-canonical-name.patch b/ppc64le-canonical-name.patch index aecf91a..f7a1a4f 100644 --- a/ppc64le-canonical-name.patch +++ b/ppc64le-canonical-name.patch @@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64 See bnc#894956 -Index: libvirt-6.7.0/src/util/virarch.c +Index: libvirt-6.8.0/src/util/virarch.c =================================================================== ---- libvirt-6.7.0.orig/src/util/virarch.c -+++ libvirt-6.7.0/src/util/virarch.c +--- libvirt-6.8.0.orig/src/util/virarch.c ++++ libvirt-6.8.0/src/util/virarch.c @@ -220,6 +220,8 @@ virArch virArchFromHost(void) arch = VIR_ARCH_I686; } else if (STREQ(ut.machine, "amd64")) { diff --git a/qemu-apparmor-screenshot.patch b/qemu-apparmor-screenshot.patch index eec9243..f0aa81f 100644 --- a/qemu-apparmor-screenshot.patch +++ b/qemu-apparmor-screenshot.patch @@ -1,7 +1,7 @@ -Index: libvirt-6.7.0/src/security/apparmor/libvirt-qemu +Index: libvirt-6.8.0/src/security/apparmor/libvirt-qemu =================================================================== ---- libvirt-6.7.0.orig/src/security/apparmor/libvirt-qemu -+++ libvirt-6.7.0/src/security/apparmor/libvirt-qemu +--- libvirt-6.8.0.orig/src/security/apparmor/libvirt-qemu ++++ libvirt-6.8.0/src/security/apparmor/libvirt-qemu @@ -243,3 +243,6 @@ # /sys/bus/nd/devices / r, # harmless on any lsb compliant system diff --git a/suse-apparmor-libnl-paths.patch b/suse-apparmor-libnl-paths.patch index 4a356e1..c29f373 100644 --- a/suse-apparmor-libnl-paths.patch +++ b/suse-apparmor-libnl-paths.patch @@ -8,10 +8,10 @@ It was also noticed that the per-domain profiles need a libnl rule to squelch a denial when starting confined domains. Found while investigating bsc#1058847 -Index: libvirt-6.7.0/src/security/apparmor/libvirt-qemu +Index: libvirt-6.8.0/src/security/apparmor/libvirt-qemu =================================================================== ---- libvirt-6.7.0.orig/src/security/apparmor/libvirt-qemu -+++ libvirt-6.7.0/src/security/apparmor/libvirt-qemu +--- libvirt-6.8.0.orig/src/security/apparmor/libvirt-qemu ++++ libvirt-6.8.0/src/security/apparmor/libvirt-qemu @@ -64,6 +64,7 @@ #/dev/fb* rw, @@ -20,10 +20,10 @@ Index: libvirt-6.7.0/src/security/apparmor/libvirt-qemu @{HOME}/.pulse-cookie rwk, owner /root/.pulse-cookie rwk, owner /root/.pulse/ rw, -Index: libvirt-6.7.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in +Index: libvirt-6.8.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in =================================================================== ---- libvirt-6.7.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in -+++ libvirt-6.7.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in +--- libvirt-6.8.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in ++++ libvirt-6.8.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper.in @@ -19,7 +19,7 @@ profile virt-aa-helper @libexecdir@/virt # Used when internally running another command (namely apparmor_parser) @{PROC}/@{pid}/fd/ r, diff --git a/suse-bump-xen-version.patch b/suse-bump-xen-version.patch index 85e85ef..1d8bf94 100644 --- a/suse-bump-xen-version.patch +++ b/suse-bump-xen-version.patch @@ -9,11 +9,11 @@ need backporting to anything older. The dependency on xen.git commit c3999835df makes it hard to upstream this patch. See bsc#1157490 and bsc#1167007 for more details -Index: libvirt-6.7.0/src/libxl/libxl_conf.c +Index: libvirt-6.8.0/src/libxl/libxl_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_conf.c -+++ libvirt-6.7.0/src/libxl/libxl_conf.c -@@ -1825,7 +1825,7 @@ libxlDriverConfigNew(void) +--- libvirt-6.8.0.orig/src/libxl/libxl_conf.c ++++ libvirt-6.8.0/src/libxl/libxl_conf.c +@@ -1838,7 +1838,7 @@ libxlDriverConfigNew(void) int libxlDriverConfigInit(libxlDriverConfigPtr cfg) { @@ -22,10 +22,10 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c if (virFileMakePath(cfg->logDir) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, -Index: libvirt-6.7.0/src/libxl/libxl_domain.c +Index: libvirt-6.8.0/src/libxl/libxl_domain.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_domain.c -+++ libvirt-6.7.0/src/libxl/libxl_domain.c +--- libvirt-6.8.0.orig/src/libxl/libxl_domain.c ++++ libvirt-6.8.0/src/libxl/libxl_domain.c @@ -1020,8 +1020,8 @@ libxlDomainSetVcpuAffinities(libxlDriver static int libxlDomainFreeMem(libxl_ctx *ctx, libxl_domain_config *d_config) @@ -46,10 +46,10 @@ Index: libvirt-6.7.0/src/libxl/libxl_domain.c &aop_console_how); libxl_domain_restore_params_dispose(¶ms); } -Index: libvirt-6.7.0/tests/libxlmock.c +Index: libvirt-6.8.0/tests/libxlmock.c =================================================================== ---- libvirt-6.7.0.orig/tests/libxlmock.c -+++ libvirt-6.7.0/tests/libxlmock.c +--- libvirt-6.8.0.orig/tests/libxlmock.c ++++ libvirt-6.8.0/tests/libxlmock.c @@ -67,7 +67,7 @@ VIR_MOCK_IMPL_RET_ARGS(libxl_get_version VIR_MOCK_STUB_RET_ARGS(libxl_get_free_memory, int, 0, @@ -59,11 +59,11 @@ Index: libvirt-6.7.0/tests/libxlmock.c VIR_MOCK_STUB_RET_ARGS(xc_interface_close, int, 0, -Index: libvirt-6.7.0/meson.build +Index: libvirt-6.8.0/meson.build =================================================================== ---- libvirt-6.7.0.orig/meson.build -+++ libvirt-6.7.0/meson.build -@@ -1645,7 +1645,7 @@ elif get_option('driver_interface').enab +--- libvirt-6.8.0.orig/meson.build ++++ libvirt-6.8.0/meson.build +@@ -1625,7 +1625,7 @@ elif get_option('driver_interface').enab endif if not get_option('driver_libxl').disabled() and conf.has('WITH_LIBVIRTD') @@ -72,7 +72,7 @@ Index: libvirt-6.7.0/meson.build libxl_dep = dependency('xenlight', version: '>=' + libxl_version, required: get_option('driver_libxl')) if libxl_dep.found() -@@ -1675,7 +1675,7 @@ if not get_option('driver_libxl').disabl +@@ -1655,7 +1655,7 @@ if not get_option('driver_libxl').disabl endif libxl_dep = declare_dependency( diff --git a/suse-libvirt-guests-service.patch b/suse-libvirt-guests-service.patch index 24b24ae..54f53e9 100644 --- a/suse-libvirt-guests-service.patch +++ b/suse-libvirt-guests-service.patch @@ -1,9 +1,9 @@ Adjust libvirt-guests service to conform to SUSE standards -Index: libvirt-6.7.0/tools/libvirt-guests.sh.in +Index: libvirt-6.8.0/tools/libvirt-guests.sh.in =================================================================== ---- libvirt-6.7.0.orig/tools/libvirt-guests.sh.in -+++ libvirt-6.7.0/tools/libvirt-guests.sh.in +--- libvirt-6.8.0.orig/tools/libvirt-guests.sh.in ++++ libvirt-6.8.0/tools/libvirt-guests.sh.in @@ -16,14 +16,13 @@ # License along with this library. If not, see # . @@ -163,10 +163,10 @@ Index: libvirt-6.7.0/tools/libvirt-guests.sh.in esac -exit $RETVAL +rc_exit -Index: libvirt-6.7.0/tools/libvirt-guests.sysconf +Index: libvirt-6.8.0/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-6.7.0.orig/tools/libvirt-guests.sysconf -+++ libvirt-6.7.0/tools/libvirt-guests.sysconf +--- libvirt-6.8.0.orig/tools/libvirt-guests.sysconf ++++ libvirt-6.8.0/tools/libvirt-guests.sysconf @@ -1,9 +1,14 @@ +## Path: System/Virtualization/libvirt-guests # Customizations for the libvirt-guests.service systemd unit diff --git a/suse-libvirtd-disable-tls.patch b/suse-libvirtd-disable-tls.patch index 463e8cb..0c273aa 100644 --- a/suse-libvirtd-disable-tls.patch +++ b/suse-libvirtd-disable-tls.patch @@ -3,10 +3,10 @@ Disable TLS by default On SUSE distros, the default is for libvirtd to listen only on the Unix Domain Socket. The libvirt client still provides remote access via a SSH tunnel. -Index: libvirt-6.7.0/src/remote/remote_daemon_config.c +Index: libvirt-6.8.0/src/remote/remote_daemon_config.c =================================================================== ---- libvirt-6.7.0.orig/src/remote/remote_daemon_config.c -+++ libvirt-6.7.0/src/remote/remote_daemon_config.c +--- libvirt-6.8.0.orig/src/remote/remote_daemon_config.c ++++ libvirt-6.8.0/src/remote/remote_daemon_config.c @@ -99,7 +99,7 @@ daemonConfigNew(bool privileged G_GNUC_U #ifdef WITH_IP @@ -16,10 +16,10 @@ Index: libvirt-6.7.0/src/remote/remote_daemon_config.c # else /* ! LIBVIRTD */ data->listen_tls = false; /* Always honoured, --listen doesn't exist. */ # endif /* ! LIBVIRTD */ -Index: libvirt-6.7.0/src/remote/libvirtd.conf.in +Index: libvirt-6.8.0/src/remote/libvirtd.conf.in =================================================================== ---- libvirt-6.7.0.orig/src/remote/libvirtd.conf.in -+++ libvirt-6.7.0/src/remote/libvirtd.conf.in +--- libvirt-6.8.0.orig/src/remote/libvirtd.conf.in ++++ libvirt-6.8.0/src/remote/libvirtd.conf.in @@ -17,8 +17,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. diff --git a/suse-libvirtd-sysconfig-settings.patch b/suse-libvirtd-sysconfig-settings.patch index 550021a..58c135e 100644 --- a/suse-libvirtd-sysconfig-settings.patch +++ b/suse-libvirtd-sysconfig-settings.patch @@ -1,9 +1,9 @@ Adjust libvirtd sysconfig file to conform to SUSE standards -Index: libvirt-6.7.0/src/remote/libvirtd.sysconf +Index: libvirt-6.8.0/src/remote/libvirtd.sysconf =================================================================== ---- libvirt-6.7.0.orig/src/remote/libvirtd.sysconf -+++ libvirt-6.7.0/src/remote/libvirtd.sysconf +--- libvirt-6.8.0.orig/src/remote/libvirtd.sysconf ++++ libvirt-6.8.0/src/remote/libvirtd.sysconf @@ -1,5 +1,9 @@ +## Path: System/Virtualization/libvirt # Customizations for the libvirtd.service systemd unit diff --git a/suse-libxl-disable-autoballoon.patch b/suse-libxl-disable-autoballoon.patch index 3a6f501..c02ed72 100644 --- a/suse-libxl-disable-autoballoon.patch +++ b/suse-libxl-disable-autoballoon.patch @@ -6,10 +6,10 @@ autoballooning. This patch changes libvirt to also disable autoballooning by default. It can only be enabled with the 'autoballoon' setting in libxl.conf. See jsc#SLE-3059 for more details. -Index: libvirt-6.7.0/src/libxl/libxl.conf +Index: libvirt-6.8.0/src/libxl/libxl.conf =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl.conf -+++ libvirt-6.7.0/src/libxl/libxl.conf +--- libvirt-6.8.0.orig/src/libxl/libxl.conf ++++ libvirt-6.8.0/src/libxl/libxl.conf @@ -4,12 +4,11 @@ # Enable autoballooning of domain0 @@ -27,11 +27,11 @@ Index: libvirt-6.7.0/src/libxl/libxl.conf # In order to prevent accidentally starting two domains that -Index: libvirt-6.7.0/src/libxl/libxl_conf.c +Index: libvirt-6.8.0/src/libxl/libxl_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_conf.c -+++ libvirt-6.7.0/src/libxl/libxl_conf.c -@@ -1739,15 +1739,12 @@ libxlMakeBuildInfoVfb(virPortAllocatorRa +--- libvirt-6.8.0.orig/src/libxl/libxl_conf.c ++++ libvirt-6.8.0/src/libxl/libxl_conf.c +@@ -1752,15 +1752,12 @@ libxlMakeBuildInfoVfb(virPortAllocatorRa /* * Get domain0 autoballoon configuration. Honor user-specified * setting in libxl.conf first. If not specified, autoballooning @@ -48,7 +48,7 @@ Index: libvirt-6.7.0/src/libxl/libxl_conf.c int res; res = virConfGetValueBool(conf, "autoballoon", &cfg->autoballoon); -@@ -1756,15 +1753,8 @@ libxlGetAutoballoonConf(libxlDriverConfi +@@ -1769,15 +1766,8 @@ libxlGetAutoballoonConf(libxlDriverConfi else if (res == 1) return 0; diff --git a/suse-ovmf-paths.patch b/suse-ovmf-paths.patch index 1d2b72f..2117e34 100644 --- a/suse-ovmf-paths.patch +++ b/suse-ovmf-paths.patch @@ -1,9 +1,9 @@ Adjust paths of OVMF firmwares on SUSE distros -Index: libvirt-6.7.0/src/qemu/qemu.conf +Index: libvirt-6.8.0/src/qemu/qemu.conf =================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu.conf -+++ libvirt-6.7.0/src/qemu/qemu.conf +--- libvirt-6.8.0.orig/src/qemu/qemu.conf ++++ libvirt-6.8.0/src/qemu/qemu.conf @@ -844,10 +844,9 @@ # for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default # follows this scheme. @@ -18,10 +18,10 @@ Index: libvirt-6.7.0/src/qemu/qemu.conf #] # The backend to use for handling stdout/stderr output from -Index: libvirt-6.7.0/src/qemu/qemu_conf.c +Index: libvirt-6.8.0/src/qemu/qemu_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_conf.c -+++ libvirt-6.7.0/src/qemu/qemu_conf.c +--- libvirt-6.8.0.orig/src/qemu/qemu_conf.c ++++ libvirt-6.8.0/src/qemu/qemu_conf.c @@ -97,10 +97,9 @@ qemuDriverUnlock(virQEMUDriverPtr driver #ifndef DEFAULT_LOADER_NVRAM @@ -36,10 +36,10 @@ Index: libvirt-6.7.0/src/qemu/qemu_conf.c #endif -Index: libvirt-6.7.0/src/security/virt-aa-helper.c +Index: libvirt-6.8.0/src/security/virt-aa-helper.c =================================================================== ---- libvirt-6.7.0.orig/src/security/virt-aa-helper.c -+++ libvirt-6.7.0/src/security/virt-aa-helper.c +--- libvirt-6.8.0.orig/src/security/virt-aa-helper.c ++++ libvirt-6.8.0/src/security/virt-aa-helper.c @@ -479,7 +479,8 @@ valid_path(const char *path, const bool "/usr/share/ovmf/", /* for OVMF images */ "/usr/share/AAVMF/", /* for AAVMF images */ diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index 61a7483..6f5410a 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -7,10 +7,10 @@ suse-qemu-conf-secdriver.patch, suse-qemu-conf-lockmgr.patch, etc.), but for now they are all lumped together in this single patch. -Index: libvirt-6.7.0/src/qemu/qemu.conf +Index: libvirt-6.8.0/src/qemu/qemu.conf =================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu.conf -+++ libvirt-6.7.0/src/qemu/qemu.conf +--- libvirt-6.8.0.orig/src/qemu/qemu.conf ++++ libvirt-6.8.0/src/qemu/qemu.conf @@ -477,10 +477,19 @@ # isolation, but it cannot appear in a list of drivers. # @@ -60,10 +60,10 @@ Index: libvirt-6.7.0/src/qemu/qemu.conf # #lock_manager = "lockd" -Index: libvirt-6.7.0/src/qemu/qemu_conf.c +Index: libvirt-6.8.0/src/qemu/qemu_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/qemu/qemu_conf.c -+++ libvirt-6.7.0/src/qemu/qemu_conf.c +--- libvirt-6.8.0.orig/src/qemu/qemu_conf.c ++++ libvirt-6.8.0/src/qemu/qemu_conf.c @@ -267,7 +267,7 @@ virQEMUDriverConfigPtr virQEMUDriverConf cfg->slirpHelperName = g_strdup(QEMU_SLIRP_HELPER); cfg->dbusDaemonName = g_strdup(QEMU_DBUS_DAEMON); diff --git a/suse-virtlockd-sysconfig-settings.patch b/suse-virtlockd-sysconfig-settings.patch index 57a3c63..8fbb0e3 100644 --- a/suse-virtlockd-sysconfig-settings.patch +++ b/suse-virtlockd-sysconfig-settings.patch @@ -1,9 +1,9 @@ Adjust virtlockd sysconfig file to conform to SUSE standards -Index: libvirt-6.7.0/src/locking/virtlockd.sysconf +Index: libvirt-6.8.0/src/locking/virtlockd.sysconf =================================================================== ---- libvirt-6.7.0.orig/src/locking/virtlockd.sysconf -+++ libvirt-6.7.0/src/locking/virtlockd.sysconf +--- libvirt-6.8.0.orig/src/locking/virtlockd.sysconf ++++ libvirt-6.8.0/src/locking/virtlockd.sysconf @@ -1,3 +1,7 @@ +## Path: System/Virtualization/virtlockd + diff --git a/suse-virtlogd-sysconfig-settings.patch b/suse-virtlogd-sysconfig-settings.patch index 98765ae..bb92566 100644 --- a/suse-virtlogd-sysconfig-settings.patch +++ b/suse-virtlogd-sysconfig-settings.patch @@ -1,9 +1,9 @@ Adjust virtlogd sysconfig file to conform to SUSE standards -Index: libvirt-6.7.0/src/logging/virtlogd.sysconf +Index: libvirt-6.8.0/src/logging/virtlogd.sysconf =================================================================== ---- libvirt-6.7.0.orig/src/logging/virtlogd.sysconf -+++ libvirt-6.7.0/src/logging/virtlogd.sysconf +--- libvirt-6.8.0.orig/src/logging/virtlogd.sysconf ++++ libvirt-6.8.0/src/logging/virtlogd.sysconf @@ -1,3 +1,7 @@ +## Path: System/Virtualization/virtlogd + diff --git a/suse-xen-ovmf-loaders.patch b/suse-xen-ovmf-loaders.patch index 805bed4..77b96c5 100644 --- a/suse-xen-ovmf-loaders.patch +++ b/suse-xen-ovmf-loaders.patch @@ -5,11 +5,11 @@ upstream support for firmware autoselection in the xen driver. Sadly, the upstream efforts to improve firmware handling in the qemu driver broke the firmware handling in the xen driver. -Index: libvirt-6.7.0/src/libxl/libxl_conf.c +Index: libvirt-6.8.0/src/libxl/libxl_conf.c =================================================================== ---- libvirt-6.7.0.orig/src/libxl/libxl_conf.c -+++ libvirt-6.7.0/src/libxl/libxl_conf.c -@@ -1779,6 +1779,15 @@ libxlDriverConfigNew(void) +--- libvirt-6.8.0.orig/src/libxl/libxl_conf.c ++++ libvirt-6.8.0/src/libxl/libxl_conf.c +@@ -1792,6 +1792,15 @@ libxlDriverConfigNew(void) cfg->autoDumpDir = g_strdup(LIBXL_DUMP_DIR); cfg->channelDir = g_strdup(LIBXL_CHANNEL_DIR); diff --git a/virt-create-rootfs.patch b/virt-create-rootfs.patch index 2991456..fd76cf3 100644 --- a/virt-create-rootfs.patch +++ b/virt-create-rootfs.patch @@ -1,7 +1,7 @@ -Index: libvirt-6.7.0/tools/virt-create-rootfs +Index: libvirt-6.8.0/tools/virt-create-rootfs =================================================================== --- /dev/null -+++ libvirt-6.7.0/tools/virt-create-rootfs ++++ libvirt-6.8.0/tools/virt-create-rootfs @@ -0,0 +1,231 @@ +#!/bin/sh +set -e @@ -234,10 +234,10 @@ Index: libvirt-6.7.0/tools/virt-create-rootfs + echo "pts/0" >> "$ROOT/etc/securetty" + chroot "$ROOT" /usr/bin/passwd +fi -Index: libvirt-6.7.0/docs/manpages/virt-create-rootfs.rst +Index: libvirt-6.8.0/docs/manpages/virt-create-rootfs.rst =================================================================== --- /dev/null -+++ libvirt-6.7.0/docs/manpages/virt-create-rootfs.rst ++++ libvirt-6.8.0/docs/manpages/virt-create-rootfs.rst @@ -0,0 +1,88 @@ +================== +virt-create-rootfs @@ -327,10 +327,10 @@ Index: libvirt-6.7.0/docs/manpages/virt-create-rootfs.rst +======== + +virsh(1), `https://libvirt.org/ `_ -Index: libvirt-6.7.0/docs/manpages/meson.build +Index: libvirt-6.8.0/docs/manpages/meson.build =================================================================== ---- libvirt-6.7.0.orig/docs/manpages/meson.build -+++ libvirt-6.7.0/docs/manpages/meson.build +--- libvirt-6.8.0.orig/docs/manpages/meson.build ++++ libvirt-6.8.0/docs/manpages/meson.build @@ -15,6 +15,7 @@ docs_man_files = [ { 'name': 'virt-pki-validate', 'section': '1', 'install': true }, { 'name': 'virt-qemu-run', 'section': '1', 'install': conf.has('WITH_QEMU') }, @@ -339,10 +339,10 @@ Index: libvirt-6.7.0/docs/manpages/meson.build { 'name': 'libvirtd', 'section': '8', 'install': conf.has('WITH_LIBVIRTD') }, { 'name': 'virt-sanlock-cleanup', 'section': '8', 'install': conf.has('WITH_SANLOCK') }, -Index: libvirt-6.7.0/tools/meson.build +Index: libvirt-6.8.0/tools/meson.build =================================================================== ---- libvirt-6.7.0.orig/tools/meson.build -+++ libvirt-6.7.0/tools/meson.build +--- libvirt-6.8.0.orig/tools/meson.build ++++ libvirt-6.8.0/tools/meson.build @@ -149,6 +149,8 @@ else virsh_icon_res = [] endif