pool/libvirt
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 327806 from Virtualization

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/327806
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=186
This commit is contained in:
Stephan Kulow 2015-08-29 18:05:15 +00:00 committed by Git OBS Bridge
commit 66496e6725
11 changed files with 404 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
0004-libxl-don-t-attempt-to-resume-domain-when-suspend-fa.patch → 15120b8c-libxl-no-resume-on-suspend-fail.patch
View File

@ -1,16 +1,14 @@
From 13d53b7763d3d93339cc33a19845bdd623524b81 Mon Sep 17 00:00:00 2001 commit 15120b8c61014a9263cb53314076da9a44e39621
From: Jim Fehlig <jfehlig@suse.com> Author: Jim Fehlig <jfehlig@suse.com>
Date: Thu, 16 Jul 2015 14:51:31 -0600 Date: Wed Jul 15 17:29:15 2015 -0600
Subject: libxl: don't attempt to resume domain when suspend fails
Failure of libxl_domain_suspend() does not leave the domain in libxl: don't attempt to resume domain when suspend fails
a suspended state, so no need to call libxl_domain_resume(),
which btw will fail with "domain not suspended". Failure of libxl_domain_suspend() does not leave the domain in
a suspended state, so no need to call libxl_domain_resume(),
Signed-off-by: Jim Fehlig <jfehlig@suse.com> which btw will fail with "domain not suspended".
---
src/libxl/libxl_migration.c | 14 -------------- Signed-off-by: Jim Fehlig <jfehlig@suse.com>
1 file changed, 14 deletions(-)
Index: libvirt-1.2.18/src/libxl/libxl_migration.c Index: libvirt-1.2.18/src/libxl/libxl_migration.c
=================================================================== ===================================================================

28
26c5fa3a-virt-aa-helper-missing-doc.patch Normal file
View File

@ -0,0 +1,28 @@
From 26c5fa3a9bd37624ddd1509daf7d6a84268f089e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
Date: Fri, 21 Aug 2015 12:29:25 +0200
Subject: [PATCH 1/4] virt-aa-helper: document --probing and --dry-run
---
src/security/virt-aa-helper.c | 2 ++
1 file changed, 2 insertions(+)
Index: libvirt-1.2.18/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.18.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.18/src/security/virt-aa-helper.c
@@ -107,12 +107,14 @@ vah_usage(void)
" Options:\n"
" -a | --add load profile\n"
" -c | --create create profile from template\n"
+ " -d | --dry-run dry run\n"
" -D | --delete unload and delete profile\n"
" -f | --add-file <file> add file to profile\n"
" -F | --append-file <file> append file to profile\n"
" -r | --replace reload profile\n"
" -R | --remove unload profile\n"
" -h | --help this help\n"
+ " -p | --probing [0|1] allow disk format probing\n"
" -u | --uuid <uuid> uuid (profile name)\n"
"\n"), progname);

30
2f01cfdf-virt-aa-helper-allow-ovmf.patch Normal file
View File

@ -0,0 +1,30 @@
From 2f01cfdf05448513d150ff1914d3444161c531b9 Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@debian.org>
Date: Fri, 21 Aug 2015 10:52:52 +0200
Subject: [PATCH 3/4] virt-aa-helper: allow access to /usr/share/ovmf/
We forbid access to /usr/share/, but (at least on Debian-based systems)
the Open Virtual Machine Firmware files needed for booting UEFI virtual
machines in QEMU live in /usr/share/ovmf/. Therefore, we need to add
that directory to the list of read only paths.
A similar patch was suggested by Jamie Strandboge <jamie@canonical.com>
on https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1483071.
---
src/security/virt-aa-helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Index: libvirt-1.2.18/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.18.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.18/src/security/virt-aa-helper.c
@@ -572,7 +572,8 @@ valid_path(const char *path, const bool
"/boot/",
"/vmlinuz",
"/initrd",
- "/initrd.img"
+ "/initrd.img",
+ "/usr/share/ovmf/" /* for OVMF images */
};
/* override the above with these */
const char * const override[] = {

77
0003-libxl-fix-ref-counting-of-libxlMigrationDstArgs.patch → 44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch
View File

@ -1,49 +1,50 @@
From 68ccc0077c7f5af07ccf6992192bfc924d0fdd83 Mon Sep 17 00:00:00 2001 commit 44a54eb073d2ae52ebf1661ae73bb1f0f98599f9
From: Jim Fehlig <jfehlig@suse.com> Author: Jim Fehlig <jfehlig@suse.com>
Date: Thu, 16 Jul 2015 14:51:30 -0600 Date: Wed Jul 15 16:35:50 2015 -0600
Subject: libxl: fix ref counting of libxlMigrationDstArgs
This patch fixes some flawed logic around ref counting the libxl: fix ref counting of libxlMigrationDstArgs
libxlMigrationDstArgs object.
This patch fixes some flawed logic around ref counting the
First, when adding sockets to the event loop with libxlMigrationDstArgs object.
virNetSocketAddIOCallback(), the generic virObjectFreeCallback()
was registered as a free function, with libxlMigrationDstArgs as First, when adding sockets to the event loop with
its parameter. A reference was also taken on virNetSocketAddIOCallback(), the generic virObjectFreeCallback()
libxlMigrationDstArgs for each successful call to was registered as a free function, with libxlMigrationDstArgs as
virNetSocketAddIOCallback(). The rational behind this logic was its parameter. A reference was also taken on
that the libxlMigrationDstArgs object had to out-live the socket libxlMigrationDstArgs for each successful call to
objects. But virNetSocketAddIOCallback() already takes a virNetSocketAddIOCallback(). The rational behind this logic was
reference on socket objects, ensuring their life until removed that the libxlMigrationDstArgs object had to out-live the socket
from the event loop and unref'ed in virNetSocketEventFree(). We objects. But virNetSocketAddIOCallback() already takes a
only need to ensure libxlMigrationDstArgs lives until reference on socket objects, ensuring their life until removed
libxlDoMigrateReceive() finishes, which can be done by simply from the event loop and unref'ed in virNetSocketEventFree(). We
unref'ing libxlMigrationDstArgs at the end of only need to ensure libxlMigrationDstArgs lives until
libxlDoMigrateReceive(). libxlDoMigrateReceive() finishes, which can be done by simply
unref'ing libxlMigrationDstArgs at the end of
The second flaw was unref'ing the sockets in the failure path of libxlDoMigrateReceive().
libxlMigrateReceive() and at the end of libxlDoMigrateReceive().
As mentioned above, the sockets are already unref'ed by The second flaw was unref'ing the sockets in the failure path of
virNetSocketEventFree() when removed from the event loop. libxlMigrateReceive() and at the end of libxlDoMigrateReceive().
Attempting to unref the socket a second time resulted in a As mentioned above, the sockets are already unref'ed by
libvirtd crash since the socket was previously unref'ed and virNetSocketEventFree() when removed from the event loop.
disposed. Attempting to unref the socket a second time resulted in a
libvirtd crash since the socket was previously unref'ed and
Signed-off-by: Jim Fehlig <jfehlig@suse.com> disposed.
---
src/libxl/libxl_migration.c | 18 +++++------------- Signed-off-by: Jim Fehlig <jfehlig@suse.com>
1 file changed, 5 insertions(+), 13 deletions(-)
Index: libvirt-1.2.18/src/libxl/libxl_migration.c Index: libvirt-1.2.18/src/libxl/libxl_migration.c
=================================================================== ===================================================================
--- libvirt-1.2.18.orig/src/libxl/libxl_migration.c --- libvirt-1.2.18.orig/src/libxl/libxl_migration.c
+++ libvirt-1.2.18/src/libxl/libxl_migration.c +++ libvirt-1.2.18/src/libxl/libxl_migration.c
@@ -112,11 +112,11 @@ libxlDoMigrateReceive(void *opaque) @@ -109,7 +109,6 @@ libxlDoMigrateReceive(void *opaque)
virNetSocketUpdateIOCallback(socks[i], 0);
/* Remove all listen socks from event handler, and close them. */
for (i = 0; i < nsocks; i++) {
- virNetSocketUpdateIOCallback(socks[i], 0);
virNetSocketRemoveIOCallback(socks[i]); virNetSocketRemoveIOCallback(socks[i]);
virNetSocketClose(socks[i]); virNetSocketClose(socks[i]);
- virObjectUnref(socks[i]); virObjectUnref(socks[i]);
socks[i] = NULL; @@ -117,6 +116,7 @@ libxlDoMigrateReceive(void *opaque)
} }
args->nsocks = 0; args->nsocks = 0;
VIR_FORCE_CLOSE(recvfd); VIR_FORCE_CLOSE(recvfd);

85
52970dec-virt-aa-helper-improve-valid-path.patch Normal file
View File

@ -0,0 +1,85 @@
commit 52970dec5b4d0fd1a9baa593b46a33bd7eeaf6b8
Author: Michal Privoznik <mprivozn@redhat.com>
Date: Thu Aug 27 02:50:21 2015 +0200
virt-aa-helper: Improve valid_path
So, after some movement in virt-aa-helper, I've noticed the
virt-aa-helper-test failing. I've ran gdb (it took me a while to
realize how to do that) and this showed up immediately:
Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:106
106 ../sysdeps/x86_64/strlen.S: No such file or directory.
(gdb) bt
#0 strlen () at ../sysdeps/x86_64/strlen.S:106
#1 0x0000555555561a13 in array_starts_with (str=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", arr=0x7fffffffd160, size=-1540438016) at security/virt-aa-helper.c:525
#2 0x0000555555561d49 in valid_path (path=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", readonly=false) at security/virt-aa-helper.c:617
#3 0x0000555555562506 in vah_add_path (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw", recursive=false) at security/virt-aa-helper.c:823
#4 0x0000555555562693 in vah_add_file (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw") at security/virt-aa-helper.c:854
#5 0x0000555555562918 in add_file_path (disk=0x5555557d4440, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", depth=0, opaque=0x7fffffffd3e0) at security/virt-aa-helper.c:931
#6 0x00007ffff78f18b1 in virDomainDiskDefForeachPath (disk=0x5555557d4440, ignoreOpenFailure=true, iter=0x5555555628a6 <add_file_path>, opaque=0x7fffffffd3e0) at conf/domain_conf.c:23286
#7 0x0000555555562b5f in get_files (ctl=0x7fffffffd670) at security/virt-aa-helper.c:982
#8 0x0000555555564100 in vahParseArgv (ctl=0x7fffffffd670, argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1277
#9 0x00005555555643d6 in main (argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1332
So I've taken look at valid_path() because it is obviously
calling array_starts_with() with malformed @size. And here's the
result: there are two variables to hold the size of three arrays
and their value is recalculated before each call of
array_starts_with(). What if we just use three variables,
initialize them and do not touch them afterwards?
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Index: libvirt-1.2.18/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.18.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.18/src/security/virt-aa-helper.c
@@ -546,9 +546,6 @@ array_starts_with(const char *str, const
static int
valid_path(const char *path, const bool readonly)
{
- int npaths;
- int nropaths;
-
const char * const restricted[] = {
"/bin/",
"/etc/",
@@ -581,6 +578,10 @@ valid_path(const char *path, const bool
"/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */
};
+ const int nropaths = ARRAY_CARDINALITY(restricted);
+ const int nrwpaths = ARRAY_CARDINALITY(restricted_rw);
+ const int nopaths = ARRAY_CARDINALITY(override);
+
if (path == NULL) {
vah_error(NULL, 0, _("bad pathname"));
return -1;
@@ -600,21 +601,18 @@ valid_path(const char *path, const bool
vah_warning(_("path does not exist, skipping file type checks"));
/* overrides are always allowed */
- npaths = sizeof(override)/sizeof(*(override));
- if (array_starts_with(path, override, npaths) == 0)
+ if (array_starts_with(path, override, nopaths) == 0)
return 0;
/* allow read only paths upfront */
if (readonly) {
- nropaths = sizeof(restricted_rw)/sizeof(*(restricted_rw));
- if (array_starts_with(path, restricted_rw, nropaths) == 0)
+ if (array_starts_with(path, restricted_rw, nrwpaths) == 0)
return 0;
}
/* disallow RW acess to all paths in restricted and restriced_rw */
- npaths = sizeof(restricted)/sizeof(*(restricted));
- if ((array_starts_with(path, restricted, npaths) == 0
- || array_starts_with(path, restricted_rw, nropaths) == 0))
+ if ((array_starts_with(path, restricted, nropaths) == 0 ||
+ array_starts_with(path, restricted_rw, nrwpaths) == 0))
return 1;
return 0;

53
60acb38-revert-curmem-inactive-dom.patch Normal file
View File

@ -0,0 +1,53 @@
commit 60acb38abbee1636a9cddf8d296f700d115c8f77
Author: Jim Fehlig <jfehlig@suse.com>
Date: Mon Aug 10 12:49:55 2015 -0600
Revert "LXC: show used memory as 0 when domain is not active"
This reverts commit 1ce7c1d20cfd5afb26d2dbc88201085d52415d0e,
which introduced a significant semantic change to the
virDomainGetInfo() API. Additionally, the change was only
made to 2 of the 15 virt drivers.
Conflicts:
src/qemu/qemu_driver.c
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Index: libvirt-1.2.18/src/lxc/lxc_driver.c
===================================================================
--- libvirt-1.2.18.orig/src/lxc/lxc_driver.c
+++ libvirt-1.2.18/src/lxc/lxc_driver.c
@@ -597,7 +597,7 @@ static int lxcDomainGetInfo(virDomainPtr
if (!virDomainObjIsActive(vm)) {
info->cpuTime = 0;
- info->memory = 0;
+ info->memory = vm->def->mem.cur_balloon;
} else {
if (virCgroupGetCpuacctUsage(priv->cgroup, &(info->cpuTime)) < 0) {
virReportError(VIR_ERR_OPERATION_FAILED,
Index: libvirt-1.2.18/src/qemu/qemu_driver.c
===================================================================
--- libvirt-1.2.18.orig/src/qemu/qemu_driver.c
+++ libvirt-1.2.18/src/qemu/qemu_driver.c
@@ -2641,13 +2641,13 @@ qemuDomainGetInfo(virDomainPtr dom,
goto cleanup;
}
- if (virDomainObjIsActive(vm)) {
- if (VIR_ASSIGN_IS_OVERFLOW(info->memory, vm->def->mem.cur_balloon)) {
- virReportError(VIR_ERR_OVERFLOW, "%s",
- _("Current memory size too large"));
- goto cleanup;
- }
+ if (VIR_ASSIGN_IS_OVERFLOW(info->memory, vm->def->mem.cur_balloon)) {
+ virReportError(VIR_ERR_OVERFLOW, "%s",
+ _("Current memory size too large"));
+ goto cleanup;
+ }
+ if (virDomainObjIsActive(vm)) {
if (qemuGetProcessInfo(&(info->cpuTime), NULL, NULL, vm->pid, 0) < 0) {
virReportError(VIR_ERR_OPERATION_FAILED, "%s",
_("cannot read cputime for domain"));

35
91fdcefa-virt-aa-helper-allow-nvram.patch Normal file
View File

@ -0,0 +1,35 @@
From 91fdcefa7f145c1c39acc8e9a44fbfbf11568e54 Mon Sep 17 00:00:00 2001
From: Peter Kieser <peter@kieser.ca>
Date: Thu, 20 Aug 2015 10:58:59 -0700
Subject: [PATCH 4/4] virt-aa-helper: add NVRAM store file for read/write
This is a cryptographically signed message in MIME format.
Some UEFI firmwares may want to use a non-volatile memory to store some
variables.
If AppArmor is enabled, and NVRAM store file is set currently
virt-aa-helper does
not add the NVRAM store file to the template. Add this file for
read/write when
this functionality is defined in domain XML.
Signed-off-by: Peter Kieser <peter@kieser.ca>
---
src/security/virt-aa-helper.c | 4 ++++
1 file changed, 4 insertions(+)
Index: libvirt-1.2.18/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.18.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.18/src/security/virt-aa-helper.c
@@ -1057,6 +1057,10 @@ get_files(vahControl * ctl)
if (vah_add_file(&buf, ctl->def->os.loader->path, "r") != 0)
goto cleanup;
+ if (ctl->def->os.loader && ctl->def->os.loader->nvram)
+ if (vah_add_file(&buf, ctl->def->os.loader->nvram, "rw") != 0)
+ goto cleanup;
+
for (i = 0; i < ctl->def->ngraphics; i++) {
if (ctl->def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
ctl->def->graphics[i]->data.vnc.socket &&

65
d25a5e08-virt-aa-helper-simplify-restriction-logic.patch Normal file
View File

@ -0,0 +1,65 @@
From d25a5e087ae10142d3d533ed193146736526b2ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
Date: Fri, 21 Aug 2015 10:49:15 +0200
Subject: [PATCH 2/4] virt-aa-helper: Simplify restriction logic
First check overrides, then read only files then restricted access
itself.
This allows us to mark files for read only access whose parents were
already restricted for read write.
Based on a proposal by Martin Kletzander
---
src/security/virt-aa-helper.c | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)
Index: libvirt-1.2.18/src/security/virt-aa-helper.c
===================================================================
--- libvirt-1.2.18.orig/src/security/virt-aa-helper.c
+++ libvirt-1.2.18/src/security/virt-aa-helper.c
@@ -546,7 +546,9 @@ array_starts_with(const char *str, const
static int
valid_path(const char *path, const bool readonly)
{
- int npaths, opaths;
+ int npaths;
+ int nropaths;
+
const char * const restricted[] = {
"/bin/",
"/etc/",
@@ -596,18 +598,23 @@ valid_path(const char *path, const bool
if (!virFileExists(path))
vah_warning(_("path does not exist, skipping file type checks"));
- opaths = sizeof(override)/sizeof(*(override));
+ /* overrides are always allowed */
+ npaths = sizeof(override)/sizeof(*(override));
+ if (array_starts_with(path, override, npaths) == 0)
+ return 0;
+
+ /* allow read only paths upfront */
+ if (readonly) {
+ nropaths = sizeof(restricted_rw)/sizeof(*(restricted_rw));
+ if (array_starts_with(path, restricted_rw, nropaths) == 0)
+ return 0;
+ }
+ /* disallow RW acess to all paths in restricted and restriced_rw */
npaths = sizeof(restricted)/sizeof(*(restricted));
- if (array_starts_with(path, restricted, npaths) == 0 &&
- array_starts_with(path, override, opaths) != 0)
- return 1;
-
- npaths = sizeof(restricted_rw)/sizeof(*(restricted_rw));
- if (!readonly) {
- if (array_starts_with(path, restricted_rw, npaths) == 0)
- return 1;
- }
+ if ((array_starts_with(path, restricted, npaths) == 0
+ || array_starts_with(path, restricted_rw, nropaths) == 0))
+ return 1;
return 0;
}

24
0005-libxl-acquire-a-job-when-receiving-a-migrating-domai.patch → e80b84a7-libxl-acquire-job-on-migrate.patch
View File

@ -1,17 +1,15 @@
From 710088061fb3caaf3d56888b05ad2d331a740d07 Mon Sep 17 00:00:00 2001 commit e80b84a74324cd535ec7232c4e1653805af2103a
From: Jim Fehlig <jfehlig@suse.com> Author: Jim Fehlig <jfehlig@suse.com>
Date: Thu, 16 Jul 2015 14:51:32 -0600 Date: Thu Jul 16 12:24:32 2015 -0600
Subject: libxl: acquire a job when receiving a migrating domain
Commit f86ae403 moved acquiring a job from libxlDomainStart() libxl: acquire a job when receiving a migrating domain
to its callers. One spot missed was in libxlDoMigrateReceive().
Acquire a job in libxlDoMigrateReceive() before calling Commit f86ae403 moved acquiring a job from libxlDomainStart()
libxlDomainStart(). to its callers. One spot missed was in libxlDoMigrateReceive().
Acquire a job in libxlDoMigrateReceive() before calling
Signed-off-by: Jim Fehlig <jfehlig@suse.com> libxlDomainStart().
---
src/libxl/libxl_migration.c | 20 +++++++++++++++++--- Signed-off-by: Jim Fehlig <jfehlig@suse.com>
1 file changed, 17 insertions(+), 3 deletions(-)
Index: libvirt-1.2.18/src/libxl/libxl_migration.c Index: libvirt-1.2.18/src/libxl/libxl_migration.c
=================================================================== ===================================================================

30
libvirt.changes
View File

@ -1,3 +1,33 @@
-------------------------------------------------------------------
Fri Aug 28 17:41:30 UTC 2015 - jfehlig@suse.com
- Replace local libxl patches with upstream variants
Dropped:
0003-libxl-fix-ref-counting-of-libxlMigrationDstArgs.patch
0004-libxl-don-t-attempt-to-resume-domain-when-suspend-fa.patch
0005-libxl-acquire-a-job-when-receiving-a-migrating-domai.patch
Added:
44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch
15120b8c-libxl-no-resume-on-suspend-fail.patch
e80b84a7-libxl-acquire-job-on-migrate.patch
bsc#936185
- Added another virt-aa-helper upstream patch
52970dec-virt-aa-helper-improve-valid-path.patch
lp#1483071
- Added upstream patch to fix libvirt-tck memory balloon test
failure on Xen
60acb38-revert-curmem-inactive-dom.patch
-------------------------------------------------------------------
Wed Aug 26 14:38:40 UTC 2015 - cbosdonnat@suse.com
- Fix generated apparmor profile to allow access to ovmf and nvram.
26c5fa3a-virt-aa-helper-missing-doc.patch
2f01cfdf-virt-aa-helper-allow-ovmf.patch
91fdcefa-virt-aa-helper-allow-nvram.patch
d25a5e08-virt-aa-helper-simplify-restriction-logic.patch
lp#1483071
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 24 16:18:10 UTC 2015 - jfehlig@suse.com Mon Aug 24 16:18:10 UTC 2015 - jfehlig@suse.com

24
libvirt.spec
View File

@ -447,10 +447,16 @@ Source4: libvirtd-relocation-server.fw
Source99: baselibs.conf Source99: baselibs.conf
# Upstream patches # Upstream patches
Patch0: 269d39af-storage-allocation-fix.patch Patch0: 269d39af-storage-allocation-fix.patch
Patch1: 26c5fa3a-virt-aa-helper-missing-doc.patch
Patch2: d25a5e08-virt-aa-helper-simplify-restriction-logic.patch
Patch3: 2f01cfdf-virt-aa-helper-allow-ovmf.patch
Patch4: 91fdcefa-virt-aa-helper-allow-nvram.patch
Patch5: 52970dec-virt-aa-helper-improve-valid-path.patch
Patch6: 44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch
Patch7: 15120b8c-libxl-no-resume-on-suspend-fail.patch
Patch8: e80b84a7-libxl-acquire-job-on-migrate.patch
Patch9: 60acb38-revert-curmem-inactive-dom.patch
# Patches pending upstream review # Patches pending upstream review
Patch100: 0003-libxl-fix-ref-counting-of-libxlMigrationDstArgs.patch
Patch101: 0004-libxl-don-t-attempt-to-resume-domain-when-suspend-fa.patch
Patch102: 0005-libxl-acquire-a-job-when-receiving-a-migrating-domai.patch
# Need to go upstream # Need to go upstream
Patch150: xen-pv-cdrom.patch Patch150: xen-pv-cdrom.patch
Patch151: blockcopy-check-dst-identical-device.patch Patch151: blockcopy-check-dst-identical-device.patch
@ -981,9 +987,15 @@ Provides a dissector for the libvirt RPC protocol to help debugging it.
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch100 -p1 %patch1 -p1
%patch101 -p1 %patch2 -p1
%patch102 -p1 %patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch150 -p1 %patch150 -p1
%patch151 -p1 %patch151 -p1
%patch152 -p1 %patch152 -p1