Accepting request 561423 from Virtualization

- Fix apparmor rules for virt-aa-helper (bsc#1074265)
  fix-virt-aa-helper-profile.patch
- Lift VirtualBox dependency version to include 5.2.x
- Update upstreamed patches
  Removed patches:
  * daemon-close-crasher.patch
  * lxc-hostname.patch
  Added patches:
  * 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
  * b475a91b-add-virStringFilterChars-string-utility.patch
  * faec1958-lxc-set-hostname-based-on-container-name.patch

OBS-URL: https://build.opensuse.org/request/show/561423
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=246
This commit is contained in:
Dominique Leuenberger 2018-01-06 17:46:31 +00:00 committed by Git OBS Bridge
commit 59d29a0839
7 changed files with 185 additions and 84 deletions

View File

@ -0,0 +1,45 @@
From 2089ab2112e763d6de5888e498afc4fbdc3376db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Wed, 20 Dec 2017 17:36:10 +0100
Subject: [PATCH] netserver: close clients before stopping all drivers
So far clients were closed when disposing the daemon, after the state
driver cleanup. This was leading to libvirtd crashing at shutdown due
to missing driver.
Moving the client close in virNetServerClose() fixes the problem.
Reviewed-by: Erik Skultety <eskultet@redhat.com>
---
src/rpc/virnetserver.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/rpc/virnetserver.c b/src/rpc/virnetserver.c
index 2b76daab5..43f889e2a 100644
--- a/src/rpc/virnetserver.c
+++ b/src/rpc/virnetserver.c
@@ -774,10 +774,8 @@ void virNetServerDispose(void *obj)
virObjectUnref(srv->programs[i]);
VIR_FREE(srv->programs);
- for (i = 0; i < srv->nclients; i++) {
- virNetServerClientClose(srv->clients[i]);
+ for (i = 0; i < srv->nclients; i++)
virObjectUnref(srv->clients[i]);
- }
VIR_FREE(srv->clients);
VIR_FREE(srv->mdnsGroupName);
@@ -796,6 +794,9 @@ void virNetServerClose(virNetServerPtr srv)
for (i = 0; i < srv->nservices; i++)
virNetServerServiceClose(srv->services[i]);
+ for (i = 0; i < srv->nclients; i++)
+ virNetServerClientClose(srv->clients[i]);
+
virObjectUnlock(srv);
}
--
2.15.1

View File

@ -1,8 +1,21 @@
From b475a91b7753281eb60b87f75b0055fe3c139276 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Mon, 18 Dec 2017 15:46:53 +0100
Subject: [PATCH 1/2] Add virStringFilterChars() string utility
Add a function to filter a string based on a list of valid characters.
---
src/libvirt_private.syms | 1 +
src/util/virstring.c | 24 ++++++++++++++++++++++++
src/util/virstring.h | 1 +
tests/virstringtest.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 72 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index de4ec4d44..43971db67 100644
index 18d0f2adf..6662c8dac 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2751,6 +2751,7 @@ virStrcpy;
@@ -2755,6 +2755,7 @@ virStrcpy;
virStrdup;
virStringBufferIsPrintable;
virStringEncodeBase64;
@ -10,61 +23,8 @@ index de4ec4d44..43971db67 100644
virStringHasChars;
virStringHasControlChars;
virStringIsEmpty;
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index b7216d6ee..246145fcd 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -2159,6 +2159,37 @@ static int lxcContainerSetUserGroup(virCommandPtr cmd,
return 0;
}
+static const char hostname_validchars[] =
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789-";
+
+static int lxcContainerSetHostname(virDomainDefPtr def)
+{
+ int ret = -1;
+ char *name = NULL;
+ char *hostname = NULL;
+
+ /* Filter the VM name to get a valid hostname */
+ if (VIR_STRDUP(name, def->name) < 0)
+ goto cleanup;
+
+ /* RFC 1123 allows 0-9 digits as a first character in hostname */
+ virStringFilterChars(name, hostname_validchars);
+ hostname = name;
+ if (strlen(name) > 0 && name[0] == '-')
+ hostname = name + 1;
+
+ if (sethostname(hostname, strlen(hostname)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to set hostname"));
+ goto cleanup;
+ }
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(name);
+ return ret;
+}
/**
* lxcContainerChild:
@@ -2269,6 +2300,10 @@ static int lxcContainerChild(void *data)
goto cleanup;
}
+ if (lxcContainerSetHostname(vmDef) < 0)
+ goto cleanup;
+
+
/* drop a set of root capabilities */
if (lxcContainerDropCapabilities(vmDef, !!hasReboot) < 0)
goto cleanup;
diff --git a/src/util/virstring.c b/src/util/virstring.c
index b2ebce27f..b808aff2c 100644
index 0cb06bdc9..1c58df915 100644
--- a/src/util/virstring.c
+++ b/src/util/virstring.c
@@ -1293,6 +1293,30 @@ virStringStripControlChars(char *str)
@ -174,3 +134,6 @@ index 320f7a398..e8518ede1 100644
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}
--
2.15.1

View File

@ -1,22 +0,0 @@
Index: libvirt-3.10.0/src/rpc/virnetserver.c
===================================================================
--- libvirt-3.10.0.orig/src/rpc/virnetserver.c
+++ libvirt-3.10.0/src/rpc/virnetserver.c
@@ -775,7 +775,6 @@ void virNetServerDispose(void *obj)
VIR_FREE(srv->programs);
for (i = 0; i < srv->nclients; i++) {
- virNetServerClientClose(srv->clients[i]);
virObjectUnref(srv->clients[i]);
}
VIR_FREE(srv->clients);
@@ -796,6 +795,9 @@ void virNetServerClose(virNetServerPtr s
for (i = 0; i < srv->nservices; i++)
virNetServerServiceClose(srv->services[i]);
+ for (i = 0; i < srv->nclients; i++)
+ virNetServerClientClose(srv->clients[i]);
+
virObjectUnlock(srv);
}

View File

@ -0,0 +1,69 @@
From faec1958614bfcdb535b1bcc0ddac8cde4516e1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Mon, 18 Dec 2017 15:48:33 +0100
Subject: [PATCH 2/2] lxc: set a hostname based on the container name
Set a transient hostname on containers. The hostname is computed from
the container name, only keeping the valid characters [a-zA-Z0-9-] in it.
This filtering is based on RFC 1123 and allows a digit to start the
hostname.
---
src/lxc/lxc_container.c | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index b7216d6ee..96fceaf1b 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -2159,6 +2159,37 @@ static int lxcContainerSetUserGroup(virCommandPtr cmd,
return 0;
}
+static const char hostname_validchars[] =
+ "abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "0123456789-";
+
+static int lxcContainerSetHostname(virDomainDefPtr def)
+{
+ int ret = -1;
+ char *name = NULL;
+ char *hostname = NULL;
+
+ /* Filter the VM name to get a valid hostname */
+ if (VIR_STRDUP(name, def->name) < 0)
+ goto cleanup;
+
+ /* RFC 1123 allows 0-9 digits as a first character in hostname */
+ virStringFilterChars(name, hostname_validchars);
+ hostname = name;
+ if (strlen(name) > 0 && name[0] == '-')
+ hostname = name + 1;
+
+ if (sethostname(hostname, strlen(hostname)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to set hostname"));
+ goto cleanup;
+ }
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(name);
+ return ret;
+}
/**
* lxcContainerChild:
@@ -2269,6 +2300,10 @@ static int lxcContainerChild(void *data)
goto cleanup;
}
+ if (lxcContainerSetHostname(vmDef) < 0)
+ goto cleanup;
+
+
/* drop a set of root capabilities */
if (lxcContainerDropCapabilities(vmDef, !!hasReboot) < 0)
goto cleanup;
--
2.15.1

View File

@ -0,0 +1,28 @@
From 29eed5ffb8776f4e4ecf6dc6b3ee7f320f679e7e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Tue, 2 Jan 2018 09:54:46 +0100
Subject: [PATCH] apparmor: fix virt-aa-helper profile
Fix rule introduced by commit 0f33025a:
* to handle /var/run not being a symlink to /run
* to be properly parsed: missing comma at the end.
---
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/examples/apparmor/usr.lib.libvirt.virt-aa-helper b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
index 9c822b644..105f09e43 100644
--- a/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+++ b/examples/apparmor/usr.lib.libvirt.virt-aa-helper
@@ -51,7 +51,7 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
/var/lib/libvirt/images/** r,
/{media,mnt,opt,srv}/** r,
# For virt-sandbox
- /run/libvirt/**/[sv]d[a-z] r
+ /{,var/}run/libvirt/**/[sv]d[a-z] r,
/**.img r,
/**.raw r,
--
2.15.1

View File

@ -1,4 +1,18 @@
-------------------------------------------------------------------
Wed Jan 3 10:46:26 UTC 2018 - cbosdonnat@suse.com
- Fix apparmor rules for virt-aa-helper (bsc#1074265)
fix-virt-aa-helper-profile.patch
- Lift VirtualBox dependency version to include 5.2.x
- Update upstreamed patches
Removed patches:
* daemon-close-crasher.patch
* lxc-hostname.patch
Added patches:
* 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
* b475a91b-add-virStringFilterChars-string-utility.patch
* faec1958-lxc-set-hostname-based-on-container-name.patch
-------------------------------------------------------------------
Wed Dec 20 16:58:50 UTC 2017 - cbosdonnat@suse.com
- Close clients before drivers are cleaned up to avoid crash at

View File

@ -1,7 +1,7 @@
#
# spec file for package libvirt
#
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -312,9 +312,13 @@ Patch0: 2d07f1f0-fix-storage-crash.patch
Patch1: 69ed99c7-dom0-persistent.patch
Patch2: 8599aedd-libvirt-guests-dom0-filter.patch
Patch3: 0f33025a-virt-aa-helper-handle-more-disk-images.patch
Patch4: b475a91b-add-virStringFilterChars-string-utility.patch
Patch5: faec1958-lxc-set-hostname-based-on-container-name.patch
Patch6: 2089ab21-netserver-close-clients-before-stopping-all-drivers.patch
# Patches pending upstream review
Patch100: libxl-dom-reset.patch
Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch
Patch102: fix-virt-aa-helper-profile.patch
# Need to go upstream
Patch150: xen-pv-cdrom.patch
Patch151: blockcopy-check-dst-identical-device.patch
@ -322,8 +326,6 @@ Patch152: libvirt-power8-models.patch
Patch153: ppc64le-canonical-name.patch
Patch154: libxl-set-migration-constraints.patch
Patch155: libxl-set-cach-mode.patch
Patch156: lxc-hostname.patch
Patch157: daemon-close-crasher.patch
# Our patches
Patch200: suse-libvirtd-disable-tls.patch
Patch201: suse-libvirtd-sysconfig-settings.patch
@ -796,7 +798,7 @@ Requires: %{name}-daemon-driver-storage = %{version}-%{release}
Requires: %{name}-daemon-driver-vbox = %{version}-%{release}
# Specify supported virtualbox API explicitly. See ./src/vbox
# Reference bsc#1017189
Requires: virtualbox < 5.2
Requires: virtualbox < 5.3
%description daemon-vbox
Server side daemon and driver required to manage the virtualization
@ -893,16 +895,18 @@ libvirt plugin for NSS for translating domain names into IP addresses.
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch100 -p1
%patch101 -p1
%patch102 -p1
%patch150 -p1
%patch151 -p1
%patch152 -p1
%patch153 -p1
%patch154 -p1
%patch155 -p1
%patch156 -p1
%patch157 -p1
%patch200 -p1
%patch201 -p1
%patch202 -p1