Accepting request 182783 from home:jfehlig:branches:Virtualization
- CVE-2013-2230: Fix crash when multiple event callbacks were registered f38c8185-CVE-2013-2230.patch bnc#827801 - Update to libvirt 1.1.0 - Extensible migration APIs - Add a policy kit access control driver - various improvements in the Xen and libxl drivers - improve networking support on BSD - agent based vCPU hotplug support - Many incremental improvements and bug fixes, see http://libvirt.org/news.html - Drop upstream patches: 244e0b8c-CVE-2013-2218.patch OBS-URL: https://build.opensuse.org/request/show/182783 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=282
This commit is contained in:
parent
78ac454f8b
commit
5674459f46
@ -1,54 +0,0 @@
|
||||
commit 244e0b8cf15ca2ef48d82058e728656e6c4bad11
|
||||
Author: Daniel P. Berrange <berrange@redhat.com>
|
||||
Date: Fri Jun 28 13:21:33 2013 +0100
|
||||
|
||||
Crash of libvirtd by unprivileged user in virConnectListAllInterfaces
|
||||
|
||||
On Thu, Jun 27, 2013 at 03:56:42PM +0100, Daniel P. Berrange wrote:
|
||||
> Hi Security Team,
|
||||
>
|
||||
> I've discovered a way for an unprivileged user with a readonly connection
|
||||
> to libvirtd, to crash the daemon.
|
||||
|
||||
Ok, the final patch for this is issue will be the simpler variant that
|
||||
Eric suggested
|
||||
|
||||
The embargo can be considered to be lifted on Monday July 1st, at
|
||||
0900 UTC
|
||||
|
||||
The following is the GIT change that DV or myself will apply to libvirt
|
||||
GIT master immediately before the 1.1.0 release:
|
||||
|
||||
>From 177b4165c531a4b3ba7f6ab6aa41dca9ceb0b8cf Mon Sep 17 00:00:00 2001
|
||||
From: "Daniel P. Berrange" <berrange@redhat.com>
|
||||
Date: Fri, 28 Jun 2013 10:48:37 +0100
|
||||
Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with
|
||||
filters
|
||||
|
||||
The virConnectListAllInterfaces method has a double-free of the
|
||||
'struct netcf_if' object when any of the filtering flags cause
|
||||
an interface to be skipped over. For example when running the
|
||||
command 'virsh iface-list --inactive'
|
||||
|
||||
This is a regression introduced in release 1.0.6 by
|
||||
|
||||
commit 7ac2c4fe624f30f2c8270116513fa2ddab07631f
|
||||
Author: Guannan Ren <gren@redhat.com>
|
||||
Date: Tue May 21 21:29:38 2013 +0800
|
||||
|
||||
interface: list all interfaces with flags == 0
|
||||
|
||||
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
||||
|
||||
Index: libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
@@ -365,6 +365,7 @@ netcfConnectListAllInterfaces(virConnect
|
||||
(MATCH(VIR_CONNECT_LIST_INTERFACES_INACTIVE) &&
|
||||
(status & NETCF_IFACE_INACTIVE)))) {
|
||||
ncf_if_free(iface);
|
||||
+ iface = NULL;
|
||||
continue;
|
||||
}
|
||||
|
@ -34,7 +34,7 @@ Index: src/lxc/lxc_container.c
|
||||
VIR_FREE(stack);
|
||||
if (cpid < 0) {
|
||||
virReportSystemError(errno, "%s",
|
||||
@@ -2108,6 +2116,9 @@ int lxcContainerStart(virDomainDefPtr de
|
||||
@@ -2097,6 +2105,9 @@ int lxcContainerStart(virDomainDefPtr de
|
||||
ttyPaths, nttyPaths, handshakefd};
|
||||
|
||||
/* allocate a stack for the container */
|
||||
@ -44,7 +44,7 @@ Index: src/lxc/lxc_container.c
|
||||
if (VIR_ALLOC_N(stack, stacksize) < 0) {
|
||||
virReportOOMError();
|
||||
return -1;
|
||||
@@ -2126,7 +2137,11 @@ int lxcContainerStart(virDomainDefPtr de
|
||||
@@ -2115,7 +2126,11 @@ int lxcContainerStart(virDomainDefPtr de
|
||||
cflags |= CLONE_NEWNET;
|
||||
}
|
||||
|
||||
@ -56,7 +56,7 @@ Index: src/lxc/lxc_container.c
|
||||
VIR_FREE(stack);
|
||||
VIR_DEBUG("clone() completed, new container PID is %d", pid);
|
||||
|
||||
@@ -2152,6 +2167,7 @@ int lxcContainerAvailable(int features)
|
||||
@@ -2141,6 +2156,7 @@ int lxcContainerAvailable(int features)
|
||||
int cpid;
|
||||
char *childStack;
|
||||
char *stack;
|
||||
@ -64,7 +64,7 @@ Index: src/lxc/lxc_container.c
|
||||
|
||||
if (features & LXC_CONTAINER_FEATURE_USER)
|
||||
flags |= CLONE_NEWUSER;
|
||||
@@ -2159,14 +2175,21 @@ int lxcContainerAvailable(int features)
|
||||
@@ -2148,14 +2164,21 @@ int lxcContainerAvailable(int features)
|
||||
if (features & LXC_CONTAINER_FEATURE_NET)
|
||||
flags |= CLONE_NEWNET;
|
||||
|
||||
|
28
f38c8185-CVE-2013-2230.patch
Normal file
28
f38c8185-CVE-2013-2230.patch
Normal file
@ -0,0 +1,28 @@
|
||||
commit f38c8185f97720ecae7ef2291fbaa5d6b0209e17
|
||||
Author: Ján Tomko <jtomko@redhat.com>
|
||||
Date: Tue Jul 2 15:17:09 2013 +0200
|
||||
|
||||
Fix crash when multiple event callbacks were registered
|
||||
|
||||
CVE-2013-2230
|
||||
|
||||
Don't overwrite the callback ID returned by
|
||||
virDomainEventStateRegisterID in ret by 0.
|
||||
|
||||
Introduced by abf75aea.
|
||||
|
||||
Index: libvirt-1.1.0/src/qemu/qemu_driver.c
|
||||
===================================================================
|
||||
--- libvirt-1.1.0.orig/src/qemu/qemu_driver.c
|
||||
+++ libvirt-1.1.0/src/qemu/qemu_driver.c
|
||||
@@ -9914,9 +9914,7 @@ qemuConnectDomainEventRegisterAny(virCon
|
||||
driver->domainEventState,
|
||||
dom, eventID,
|
||||
callback, opaque, freecb, &ret) < 0)
|
||||
- goto cleanup;
|
||||
-
|
||||
- ret = 0;
|
||||
+ ret = -1;
|
||||
|
||||
cleanup:
|
||||
return ret;
|
@ -8,10 +8,10 @@ uses the 'device_configure' RPC.
|
||||
This patch changes the xend driver to always call 'device_configure' for
|
||||
PCI devices to be consistent with the usage in the xen tools.
|
||||
|
||||
Index: libvirt-1.0.6/src/xen/xend_internal.c
|
||||
Index: libvirt-1.1.0/src/xen/xend_internal.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/xen/xend_internal.c
|
||||
+++ libvirt-1.0.6/src/xen/xend_internal.c
|
||||
--- libvirt-1.1.0.orig/src/xen/xend_internal.c
|
||||
+++ libvirt-1.1.0/src/xen/xend_internal.c
|
||||
@@ -2220,6 +2220,7 @@ xenDaemonAttachDeviceFlags(virConnectPtr
|
||||
virBuffer buf = VIR_BUFFER_INITIALIZER;
|
||||
char class[8], ref[80];
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/examples/apparmor/Makefile.am
|
||||
Index: libvirt-1.1.0/examples/apparmor/Makefile.am
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/examples/apparmor/Makefile.am
|
||||
+++ libvirt-1.0.6/examples/apparmor/Makefile.am
|
||||
--- libvirt-1.1.0.orig/examples/apparmor/Makefile.am
|
||||
+++ libvirt-1.1.0/examples/apparmor/Makefile.am
|
||||
@@ -14,8 +14,45 @@
|
||||
## License along with this library. If not, see
|
||||
## <http://www.gnu.org/licenses/>.
|
||||
@ -53,10 +53,10 @@ Index: libvirt-1.0.6/examples/apparmor/Makefile.am
|
||||
+ rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
|
||||
+
|
||||
+endif
|
||||
Index: libvirt-1.0.6/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
|
||||
Index: libvirt-1.1.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ libvirt-1.0.6/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
|
||||
+++ libvirt-1.1.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
|
||||
@@ -0,0 +1,40 @@
|
||||
+# Last Modified: Fri Aug 19 11:21:48 2011
|
||||
+#include <tunables/global>
|
||||
@ -98,9 +98,9 @@ Index: libvirt-1.0.6/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
|
||||
+ /var/lib/kvm/images/ r,
|
||||
+ /var/lib/kvm/images/** r,
|
||||
+}
|
||||
Index: libvirt-1.0.6/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
Index: libvirt-1.1.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
--- libvirt-1.1.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
+++ /dev/null
|
||||
@@ -1,38 +0,0 @@
|
||||
-# Last Modified: Mon Apr 5 15:10:27 2010
|
||||
@ -141,9 +141,9 @@ Index: libvirt-1.0.6/examples/apparmor/usr.lib.libvirt.virt-aa-helper
|
||||
- /var/lib/libvirt/images/ r,
|
||||
- /var/lib/libvirt/images/** r,
|
||||
-}
|
||||
Index: libvirt-1.0.6/examples/apparmor/usr.sbin.libvirtd
|
||||
Index: libvirt-1.1.0/examples/apparmor/usr.sbin.libvirtd
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/examples/apparmor/usr.sbin.libvirtd
|
||||
--- libvirt-1.1.0.orig/examples/apparmor/usr.sbin.libvirtd
|
||||
+++ /dev/null
|
||||
@@ -1,52 +0,0 @@
|
||||
-# Last Modified: Mon Apr 5 15:03:58 2010
|
||||
@ -198,10 +198,10 @@ Index: libvirt-1.0.6/examples/apparmor/usr.sbin.libvirtd
|
||||
- change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
|
||||
-
|
||||
-}
|
||||
Index: libvirt-1.0.6/examples/apparmor/usr.sbin.libvirtd.in
|
||||
Index: libvirt-1.1.0/examples/apparmor/usr.sbin.libvirtd.in
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ libvirt-1.0.6/examples/apparmor/usr.sbin.libvirtd.in
|
||||
+++ libvirt-1.1.0/examples/apparmor/usr.sbin.libvirtd.in
|
||||
@@ -0,0 +1,58 @@
|
||||
+# Last Modified: Fri Aug 19 11:20:36 2011
|
||||
+#include <tunables/global>
|
||||
@ -261,9 +261,9 @@ Index: libvirt-1.0.6/examples/apparmor/usr.sbin.libvirtd.in
|
||||
+ change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
|
||||
+
|
||||
+}
|
||||
Index: libvirt-1.0.6/examples/apparmor/libvirt-qemu
|
||||
Index: libvirt-1.1.0/examples/apparmor/libvirt-qemu
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/examples/apparmor/libvirt-qemu
|
||||
--- libvirt-1.1.0.orig/examples/apparmor/libvirt-qemu
|
||||
+++ /dev/null
|
||||
@@ -1,129 +0,0 @@
|
||||
-# Last Modified: Fri Mar 9 14:43:22 2012
|
||||
@ -395,10 +395,10 @@ Index: libvirt-1.0.6/examples/apparmor/libvirt-qemu
|
||||
-
|
||||
- /usr/libexec/qemu-bridge-helper rmix,
|
||||
- }
|
||||
Index: libvirt-1.0.6/examples/apparmor/libvirt-qemu.in
|
||||
Index: libvirt-1.1.0/examples/apparmor/libvirt-qemu.in
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ libvirt-1.0.6/examples/apparmor/libvirt-qemu.in
|
||||
+++ libvirt-1.1.0/examples/apparmor/libvirt-qemu.in
|
||||
@@ -0,0 +1,132 @@
|
||||
+# Last Modified: Fri Mar 9 14:43:22 2012
|
||||
+
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:254926d680dde3aa41e69eacc8dd72d346fa9d15dde66fa5a5883b0fac5f5475
|
||||
size 17229166
|
3
libvirt-1.1.0.tar.bz2
Normal file
3
libvirt-1.1.0.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b99f431db5ef31e9e6d1acca2a8d1985db67cb89c4d97052e34ee66effa6b715
|
||||
size 17500172
|
@ -1,9 +1,9 @@
|
||||
Adjust libvirt-guests init files to conform to SUSE standards
|
||||
|
||||
Index: libvirt-1.0.6/tools/libvirt-guests.init.in
|
||||
Index: libvirt-1.1.0/tools/libvirt-guests.init.in
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/tools/libvirt-guests.init.in
|
||||
+++ libvirt-1.0.6/tools/libvirt-guests.init.in
|
||||
--- libvirt-1.1.0.orig/tools/libvirt-guests.init.in
|
||||
+++ libvirt-1.1.0/tools/libvirt-guests.init.in
|
||||
@@ -3,15 +3,15 @@
|
||||
# the following is the LSB init header
|
||||
#
|
||||
@ -28,10 +28,10 @@ Index: libvirt-1.0.6/tools/libvirt-guests.init.in
|
||||
### END INIT INFO
|
||||
|
||||
# the following is chkconfig init header
|
||||
Index: libvirt-1.0.6/tools/libvirt-guests.sh.in
|
||||
Index: libvirt-1.1.0/tools/libvirt-guests.sh.in
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/tools/libvirt-guests.sh.in
|
||||
+++ libvirt-1.0.6/tools/libvirt-guests.sh.in
|
||||
--- libvirt-1.1.0.orig/tools/libvirt-guests.sh.in
|
||||
+++ libvirt-1.1.0/tools/libvirt-guests.sh.in
|
||||
@@ -16,14 +16,13 @@
|
||||
# License along with this library. If not, see
|
||||
# <http://www.gnu.org/licenses/>.
|
||||
@ -189,10 +189,10 @@ Index: libvirt-1.0.6/tools/libvirt-guests.sh.in
|
||||
esac
|
||||
-exit $RETVAL
|
||||
+rc_exit
|
||||
Index: libvirt-1.0.6/tools/libvirt-guests.sysconf
|
||||
Index: libvirt-1.1.0/tools/libvirt-guests.sysconf
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/tools/libvirt-guests.sysconf
|
||||
+++ libvirt-1.0.6/tools/libvirt-guests.sysconf
|
||||
--- libvirt-1.1.0.orig/tools/libvirt-guests.sysconf
|
||||
+++ libvirt-1.1.0/tools/libvirt-guests.sysconf
|
||||
@@ -1,19 +1,29 @@
|
||||
+## Path: System/Virtualization/libvirt-guests
|
||||
+
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/configure.ac
|
||||
Index: libvirt-1.1.0/configure.ac
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/configure.ac
|
||||
+++ libvirt-1.0.6/configure.ac
|
||||
--- libvirt-1.1.0.orig/configure.ac
|
||||
+++ libvirt-1.1.0/configure.ac
|
||||
@@ -172,6 +172,7 @@ LIBVIRT_CHECK_DBUS
|
||||
LIBVIRT_CHECK_FUSE
|
||||
LIBVIRT_CHECK_HAL
|
||||
@ -10,7 +10,7 @@ Index: libvirt-1.0.6/configure.ac
|
||||
LIBVIRT_CHECK_NUMACTL
|
||||
LIBVIRT_CHECK_OPENWSMAN
|
||||
LIBVIRT_CHECK_PCIACCESS
|
||||
@@ -2227,11 +2228,12 @@ if test "$with_libvirtd" = "no" ; then
|
||||
@@ -2225,11 +2226,12 @@ if test "$with_libvirtd" = "no" ; then
|
||||
with_interface=no
|
||||
fi
|
||||
|
||||
@ -26,7 +26,7 @@ Index: libvirt-1.0.6/configure.ac
|
||||
esac
|
||||
|
||||
if test "$with_interface" = "yes" ; then
|
||||
@@ -2510,6 +2512,7 @@ LIBVIRT_RESULT_DBUS
|
||||
@@ -2519,6 +2521,7 @@ LIBVIRT_RESULT_DBUS
|
||||
LIBVIRT_RESULT_FUSE
|
||||
LIBVIRT_RESULT_HAL
|
||||
LIBVIRT_RESULT_NETCF
|
||||
@ -34,11 +34,11 @@ Index: libvirt-1.0.6/configure.ac
|
||||
LIBVIRT_RESULT_NUMACTL
|
||||
LIBVIRT_RESULT_OPENWSMAN
|
||||
LIBVIRT_RESULT_PCIACCESS
|
||||
Index: libvirt-1.0.6/src/Makefile.am
|
||||
Index: libvirt-1.1.0/src/Makefile.am
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/Makefile.am
|
||||
+++ libvirt-1.0.6/src/Makefile.am
|
||||
@@ -716,6 +716,10 @@ if WITH_NETCF
|
||||
--- libvirt-1.1.0.orig/src/Makefile.am
|
||||
+++ libvirt-1.1.0/src/Makefile.am
|
||||
@@ -735,6 +735,10 @@ if WITH_NETCF
|
||||
INTERFACE_DRIVER_SOURCES += \
|
||||
interface/interface_backend_netcf.c
|
||||
endif
|
||||
@ -49,7 +49,7 @@ Index: libvirt-1.0.6/src/Makefile.am
|
||||
if WITH_UDEV
|
||||
INTERFACE_DRIVER_SOURCES += \
|
||||
interface/interface_backend_udev.c
|
||||
@@ -1215,11 +1219,16 @@ if WITH_NETCF
|
||||
@@ -1276,11 +1280,16 @@ if WITH_NETCF
|
||||
libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
|
||||
libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
|
||||
else
|
||||
@ -66,11 +66,11 @@ Index: libvirt-1.0.6/src/Makefile.am
|
||||
if WITH_DRIVER_MODULES
|
||||
libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la
|
||||
libvirt_driver_interface_la_LDFLAGS += -module -avoid-version
|
||||
Index: libvirt-1.0.6/tools/virsh.c
|
||||
Index: libvirt-1.1.0/tools/virsh.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/tools/virsh.c
|
||||
+++ libvirt-1.0.6/tools/virsh.c
|
||||
@@ -2886,6 +2886,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
|
||||
--- libvirt-1.1.0.orig/tools/virsh.c
|
||||
+++ libvirt-1.1.0/tools/virsh.c
|
||||
@@ -2883,6 +2883,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
|
||||
vshPrint(ctl, " Interface");
|
||||
# if defined(WITH_NETCF)
|
||||
vshPrint(ctl, " netcf");
|
||||
@ -79,10 +79,10 @@ Index: libvirt-1.0.6/tools/virsh.c
|
||||
# elif defined(WITH_UDEV)
|
||||
vshPrint(ctl, " udev");
|
||||
# endif
|
||||
Index: libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
Index: libvirt-1.1.0/src/interface/interface_backend_netcf.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
--- libvirt-1.1.0.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-1.1.0/src/interface/interface_backend_netcf.c
|
||||
@@ -23,7 +23,12 @@
|
||||
|
||||
#include <config.h>
|
||||
@ -97,45 +97,46 @@ Index: libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
|
||||
#include "virerror.h"
|
||||
#include "datatypes.h"
|
||||
@@ -52,6 +57,37 @@ static void interfaceDriverUnlock(struct
|
||||
@@ -54,6 +59,38 @@ static void interfaceDriverUnlock(struct
|
||||
virMutexUnlock(&driver->lock);
|
||||
}
|
||||
|
||||
+#ifdef WITH_NETCONTROL
|
||||
+static void interface_nc_log_driver(const char *category,
|
||||
+ int priority,
|
||||
+ const char *func,
|
||||
+ const char *file,
|
||||
+ long long line,
|
||||
+ const char *msg,
|
||||
+ size_t len ATTRIBUTE_UNUSED)
|
||||
+static void
|
||||
+interface_nc_log_driver(const char *category,
|
||||
+ int priority,
|
||||
+ const char *func,
|
||||
+ const char *file,
|
||||
+ long long line,
|
||||
+ const char *msg,
|
||||
+ size_t len ATTRIBUTE_UNUSED)
|
||||
+{
|
||||
+ int vp;
|
||||
+ int vp;
|
||||
+
|
||||
+ switch(priority) {
|
||||
+ case NC_LOG_FATAL:
|
||||
+ case NC_LOG_ERROR:
|
||||
+ vp = VIR_LOG_ERROR;
|
||||
+ break;
|
||||
+ break;
|
||||
+ case NC_LOG_WARN:
|
||||
+ vp = VIR_LOG_WARN;
|
||||
+ break;
|
||||
+ break;
|
||||
+ case NC_LOG_INFO:
|
||||
+ vp = VIR_LOG_INFO;
|
||||
+ break;
|
||||
+ break;
|
||||
+ case NC_LOG_DEBUG:
|
||||
+ default:
|
||||
+ vp = VIR_LOG_DEBUG;
|
||||
+ break;
|
||||
+ break;
|
||||
+ }
|
||||
+ virLogMessage(VIR_LOG_FROM_FILE, vp, file, line, func, 0, "%s", msg);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
static int netcf_to_vir_err(int netcf_errcode)
|
||||
{
|
||||
switch (netcf_errcode)
|
||||
@@ -137,6 +173,10 @@ static virDrvOpenStatus netcfInterfaceOp
|
||||
/*
|
||||
* Get a minimal virInterfaceDef containing enough metadata
|
||||
* for access control checks to be performed. Currently
|
||||
@@ -169,6 +206,10 @@ static virDrvOpenStatus netcfInterfaceOp
|
||||
goto mutex_error;
|
||||
}
|
||||
|
||||
@ -146,10 +147,10 @@ Index: libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
/* open netcf */
|
||||
if (ncf_init(&driverState->netcf, NULL) != 0)
|
||||
{
|
||||
Index: libvirt-1.0.6/src/interface/interface_driver.c
|
||||
Index: libvirt-1.1.0/src/interface/interface_driver.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/interface/interface_driver.c
|
||||
+++ libvirt-1.0.6/src/interface/interface_driver.c
|
||||
--- libvirt-1.1.0.orig/src/interface/interface_driver.c
|
||||
+++ libvirt-1.1.0/src/interface/interface_driver.c
|
||||
@@ -28,8 +28,15 @@ interfaceRegister(void) {
|
||||
if (netcfIfaceRegister() == 0)
|
||||
return 0;
|
||||
@ -167,10 +168,10 @@ Index: libvirt-1.0.6/src/interface/interface_driver.c
|
||||
if (udevIfaceRegister() == 0)
|
||||
return 0;
|
||||
#endif /* WITH_UDEV */
|
||||
Index: libvirt-1.0.6/m4/virt-netcontrol.m4
|
||||
Index: libvirt-1.1.0/m4/virt-netcontrol.m4
|
||||
===================================================================
|
||||
--- /dev/null
|
||||
+++ libvirt-1.0.6/m4/virt-netcontrol.m4
|
||||
+++ libvirt-1.1.0/m4/virt-netcontrol.m4
|
||||
@@ -0,0 +1,35 @@
|
||||
+dnl The libnetcontrol library
|
||||
+dnl
|
||||
|
@ -1,3 +1,24 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 10 15:38:44 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
- CVE-2013-2230: Fix crash when multiple event callbacks were
|
||||
registered
|
||||
f38c8185-CVE-2013-2230.patch
|
||||
bnc#827801
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 10 13:53:08 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
- Update to libvirt 1.1.0
|
||||
- Extensible migration APIs
|
||||
- Add a policy kit access control driver
|
||||
- various improvements in the Xen and libxl drivers
|
||||
- improve networking support on BSD
|
||||
- agent based vCPU hotplug support
|
||||
- Many incremental improvements and bug fixes, see
|
||||
http://libvirt.org/news.html
|
||||
- Drop upstream patches: 244e0b8c-CVE-2013-2218.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 8 12:43:45 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
|
@ -225,7 +225,7 @@
|
||||
|
||||
Name: libvirt
|
||||
Url: http://libvirt.org/
|
||||
Version: 1.0.6
|
||||
Version: 1.1.0
|
||||
Release: 0
|
||||
Summary: Library providing a simple virtualization API
|
||||
License: LGPL-2.1+
|
||||
@ -404,7 +404,7 @@ Source1: libvirtd.init
|
||||
Source2: libvirtd-relocation-server.fw
|
||||
Source99: baselibs.conf
|
||||
# Upstream patches
|
||||
Patch0: 244e0b8c-CVE-2013-2218.patch
|
||||
Patch0: f38c8185-CVE-2013-2230.patch
|
||||
# Need to go upstream
|
||||
Patch100: xen-name-for-devid.patch
|
||||
Patch101: clone.patch
|
||||
@ -1126,13 +1126,15 @@ rm -rf $RPM_BUILD_ROOT/usr/share/locale/sr@latin
|
||||
%if 0%{?suse_version} < 1130
|
||||
rm -rf $RPM_BUILD_ROOT/usr/share/locale/vi_VN
|
||||
%endif
|
||||
# temporarily remove polkit ACL policiy configuration - bnc#827644
|
||||
rm -f $RPM_BUILD_ROOT/%{_datadir}/polkit-1/actions/org.libvirt.api.policy
|
||||
mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/lib/libvirt
|
||||
%find_lang %{name}
|
||||
# Add a README to the libvirt package with a note about the empty
|
||||
# file list
|
||||
cat > $RPM_BUILD_ROOT%{_docdir}/libvirt/libvirt.README << 'EOF'
|
||||
The libvirt package no longer contains any files. It exists now
|
||||
only to fulfill it's 'Provides' contract.
|
||||
only to fulfill its 'Provides' contract.
|
||||
EOF
|
||||
%if %{with_network}
|
||||
install -d -m 0755 $RPM_BUILD_ROOT%{_localstatedir}/lib/libvirt/dnsmasq/
|
||||
@ -1569,6 +1571,7 @@ fi
|
||||
%{_datadir}/libvirt/schemas/nwfilter.rng
|
||||
%{_datadir}/libvirt/schemas/secret.rng
|
||||
%{_datadir}/libvirt/schemas/storageencryption.rng
|
||||
%{_datadir}/libvirt/schemas/storagefilefeatures.rng
|
||||
%{_datadir}/libvirt/schemas/storagepool.rng
|
||||
%{_datadir}/libvirt/schemas/storagevol.rng
|
||||
%{_datadir}/libvirt/cpu_map.xml
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/daemon/libvirtd.conf
|
||||
Index: libvirt-1.1.0/daemon/libvirtd.conf
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/daemon/libvirtd.conf
|
||||
+++ libvirt-1.0.6/daemon/libvirtd.conf
|
||||
--- libvirt-1.1.0.orig/daemon/libvirtd.conf
|
||||
+++ libvirt-1.1.0/daemon/libvirtd.conf
|
||||
@@ -18,8 +18,8 @@
|
||||
# It is necessary to setup a CA and issue server certificates before
|
||||
# using this capability.
|
||||
@ -13,10 +13,10 @@ Index: libvirt-1.0.6/daemon/libvirtd.conf
|
||||
|
||||
# Listen for unencrypted TCP connections on the public TCP/IP port.
|
||||
# NB, must pass the --listen flag to the libvirtd process for this to
|
||||
Index: libvirt-1.0.6/daemon/libvirtd-config.c
|
||||
Index: libvirt-1.1.0/daemon/libvirtd-config.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/daemon/libvirtd-config.c
|
||||
+++ libvirt-1.0.6/daemon/libvirtd-config.c
|
||||
--- libvirt-1.1.0.orig/daemon/libvirtd-config.c
|
||||
+++ libvirt-1.1.0/daemon/libvirtd-config.c
|
||||
@@ -225,7 +225,7 @@ daemonConfigNew(bool privileged ATTRIBUT
|
||||
return NULL;
|
||||
}
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust libvirtd sysconfig file to conform to SUSE standards
|
||||
|
||||
Index: libvirt-1.0.6/daemon/libvirtd.sysconf
|
||||
Index: libvirt-1.1.0/daemon/libvirtd.sysconf
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/daemon/libvirtd.sysconf
|
||||
+++ libvirt-1.0.6/daemon/libvirtd.sysconf
|
||||
--- libvirt-1.1.0.orig/daemon/libvirtd.sysconf
|
||||
+++ libvirt-1.1.0/daemon/libvirtd.sysconf
|
||||
@@ -1,16 +1,25 @@
|
||||
+## Path: System/Virtualization/libvirt
|
||||
+
|
||||
|
@ -7,10 +7,10 @@ drivers as loadable modules instead of built-in to the
|
||||
daemon. Then the qemu driver would only be loaded when needed,
|
||||
which would never be the case on a xen-only configuration.
|
||||
|
||||
Index: libvirt-1.0.6/src/qemu/qemu_conf.c
|
||||
Index: libvirt-1.1.0/src/qemu/qemu_conf.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/qemu/qemu_conf.c
|
||||
+++ libvirt-1.0.6/src/qemu/qemu_conf.c
|
||||
--- libvirt-1.1.0.orig/src/qemu/qemu_conf.c
|
||||
+++ libvirt-1.1.0/src/qemu/qemu_conf.c
|
||||
@@ -465,15 +465,15 @@ int virQEMUDriverConfigLoadFile(virQEMUD
|
||||
|
||||
p = virConfGetValue(conf, "user");
|
||||
|
@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
|
||||
src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++-
|
||||
2 files changed, 35 insertions(+), 15 deletions(-)
|
||||
|
||||
Index: libvirt-1.0.6/src/xenxs/xen_sxpr.c
|
||||
Index: libvirt-1.1.0/src/xenxs/xen_sxpr.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/xenxs/xen_sxpr.c
|
||||
+++ libvirt-1.0.6/src/xenxs/xen_sxpr.c
|
||||
--- libvirt-1.1.0.orig/src/xenxs/xen_sxpr.c
|
||||
+++ libvirt-1.1.0/src/xenxs/xen_sxpr.c
|
||||
@@ -1006,6 +1006,7 @@ xenParseSxprPCI(virDomainDefPtr def,
|
||||
int busID;
|
||||
int slotID;
|
||||
@ -78,10 +78,10 @@ Index: libvirt-1.0.6/src/xenxs/xen_sxpr.c
|
||||
xenFormatSxprPCI(def->hostdevs[i], buf);
|
||||
}
|
||||
}
|
||||
Index: libvirt-1.0.6/src/xenxs/xen_xm.c
|
||||
Index: libvirt-1.1.0/src/xenxs/xen_xm.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/xenxs/xen_xm.c
|
||||
+++ libvirt-1.0.6/src/xenxs/xen_xm.c
|
||||
--- libvirt-1.1.0.orig/src/xenxs/xen_xm.c
|
||||
+++ libvirt-1.1.0/src/xenxs/xen_xm.c
|
||||
@@ -806,6 +806,8 @@ xenParseXM(virConfPtr conf, int xendConf
|
||||
int busID;
|
||||
int slotID;
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/src/qemu/qemu.conf
|
||||
Index: libvirt-1.1.0/src/qemu/qemu.conf
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-1.0.6/src/qemu/qemu.conf
|
||||
--- libvirt-1.1.0.orig/src/qemu/qemu.conf
|
||||
+++ libvirt-1.1.0/src/qemu/qemu.conf
|
||||
@@ -175,7 +175,16 @@
|
||||
# a special value; security_driver can be set to that value in
|
||||
# isolation, but it cannot appear in a list of drivers.
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/daemon/libvirtd.service.in
|
||||
Index: libvirt-1.1.0/daemon/libvirtd.service.in
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/daemon/libvirtd.service.in
|
||||
+++ libvirt-1.0.6/daemon/libvirtd.service.in
|
||||
--- libvirt-1.1.0.orig/daemon/libvirtd.service.in
|
||||
+++ libvirt-1.1.0/daemon/libvirtd.service.in
|
||||
@@ -9,6 +9,8 @@ Before=libvirt-guests.service
|
||||
After=network.target
|
||||
After=dbus.service
|
||||
|
@ -1,9 +1,9 @@
|
||||
Adjust virtlockd init files to conform to SUSE standards
|
||||
|
||||
Index: libvirt-1.0.6/src/locking/virtlockd.sysconf
|
||||
Index: libvirt-1.1.0/src/locking/virtlockd.sysconf
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/locking/virtlockd.sysconf
|
||||
+++ libvirt-1.0.6/src/locking/virtlockd.sysconf
|
||||
--- libvirt-1.1.0.orig/src/locking/virtlockd.sysconf
|
||||
+++ libvirt-1.1.0/src/locking/virtlockd.sysconf
|
||||
@@ -1,3 +1,7 @@
|
||||
+## Path: System/Virtualization/virtlockd
|
||||
+
|
||||
@ -12,10 +12,10 @@ Index: libvirt-1.0.6/src/locking/virtlockd.sysconf
|
||||
#
|
||||
# Pass extra arguments to virtlockd
|
||||
#VIRTLOCKD_ARGS=
|
||||
Index: libvirt-1.0.6/src/locking/virtlockd.init.in
|
||||
Index: libvirt-1.1.0/src/locking/virtlockd.init.in
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/locking/virtlockd.init.in
|
||||
+++ libvirt-1.0.6/src/locking/virtlockd.init.in
|
||||
--- libvirt-1.1.0.orig/src/locking/virtlockd.init.in
|
||||
+++ libvirt-1.1.0/src/locking/virtlockd.init.in
|
||||
@@ -4,11 +4,13 @@
|
||||
# http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV
|
||||
#
|
||||
|
@ -14,10 +14,10 @@
|
||||
is inactive. We obviously can't search xenstore when the domain is
|
||||
inactive.
|
||||
|
||||
Index: libvirt-1.0.6/src/xen/xend_internal.c
|
||||
Index: libvirt-1.1.0/src/xen/xend_internal.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/xen/xend_internal.c
|
||||
+++ libvirt-1.0.6/src/xen/xend_internal.c
|
||||
--- libvirt-1.1.0.orig/src/xen/xend_internal.c
|
||||
+++ libvirt-1.1.0/src/xen/xend_internal.c
|
||||
@@ -70,7 +70,7 @@
|
||||
#define XEND_RCV_BUF_MAX_LEN (256 * 1024)
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
Index: libvirt-1.0.6/src/xenxs/xen_sxpr.c
|
||||
Index: libvirt-1.1.0/src/xenxs/xen_sxpr.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/xenxs/xen_sxpr.c
|
||||
+++ libvirt-1.0.6/src/xenxs/xen_sxpr.c
|
||||
--- libvirt-1.1.0.orig/src/xenxs/xen_sxpr.c
|
||||
+++ libvirt-1.1.0/src/xenxs/xen_sxpr.c
|
||||
@@ -328,7 +328,7 @@ error:
|
||||
static int
|
||||
xenParseSxprDisks(virDomainDefPtr def,
|
||||
|
Loading…
Reference in New Issue
Block a user