diff --git a/15120b8c-libxl-no-resume-on-suspend-fail.patch b/15120b8c-libxl-no-resume-on-suspend-fail.patch deleted file mode 100644 index e79b9ff..0000000 --- a/15120b8c-libxl-no-resume-on-suspend-fail.patch +++ /dev/null @@ -1,49 +0,0 @@ -commit 15120b8c61014a9263cb53314076da9a44e39621 -Author: Jim Fehlig -Date: Wed Jul 15 17:29:15 2015 -0600 - - libxl: don't attempt to resume domain when suspend fails - - Failure of libxl_domain_suspend() does not leave the domain in - a suspended state, so no need to call libxl_domain_resume(), - which btw will fail with "domain not suspended". - - Signed-off-by: Jim Fehlig - -Index: libvirt-1.2.18/src/libxl/libxl_migration.c -=================================================================== ---- libvirt-1.2.18.orig/src/libxl/libxl_migration.c -+++ libvirt-1.2.18/src/libxl/libxl_migration.c -@@ -178,7 +178,6 @@ libxlDoMigrateSend(libxlDriverPrivatePtr - int sockfd) - { - libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); -- virObjectEventPtr event = NULL; - int xl_flags = 0; - int ret; - -@@ -188,24 +187,11 @@ libxlDoMigrateSend(libxlDriverPrivatePtr - ret = libxl_domain_suspend(cfg->ctx, vm->def->id, sockfd, - xl_flags, NULL); - if (ret != 0) { -- /* attempt to resume the domain on failure */ -- if (libxl_domain_resume(cfg->ctx, vm->def->id, 1, 0) != 0) { -- VIR_DEBUG("Failed to resume domain following failed migration"); -- virDomainObjSetState(vm, VIR_DOMAIN_PAUSED, -- VIR_DOMAIN_PAUSED_MIGRATION); -- event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_SUSPENDED, -- VIR_DOMAIN_EVENT_SUSPENDED_MIGRATED); -- ignore_value(virDomainSaveStatus(driver->xmlopt, cfg->stateDir, vm)); -- } - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("Failed to send migration data to destination host")); - ret = -1; -- goto cleanup; - } - -- cleanup: -- if (event) -- libxlDomainEventQueue(driver, event); - virObjectUnref(cfg); - return ret; - } diff --git a/269d39af-storage-allocation-fix.patch b/269d39af-storage-allocation-fix.patch deleted file mode 100644 index 5ff079f..0000000 --- a/269d39af-storage-allocation-fix.patch +++ /dev/null @@ -1,35 +0,0 @@ -commit 269d39afe5c59ecb3d3d64dba52f8cfa8d63d197 -Author: Guido Günther -Date: Sun Aug 23 22:03:54 2015 +0200 - - storage: only run safezero if allocation is > 0 - - While a zero allocation in safezero should be fine it isn't when we use - posix_fallocate which returns EINVAL on a zero allocation. - - While we could skip the zero allocation in safezero_posix_fallocate it's - an optimization to do it for all allocations. - - This fixes vm installation via virtinst for me which otherwise aborts - like: - - Starting install... - Retrieving file linux... | 5.9 MB 00:01 ... - Retrieving file initrd.gz... | 29 MB 00:07 ... - ERROR Couldn't create storage volume 'virtinst-linux.sBgds4': 'cannot fill file '/var/lib/libvirt/boot/virtinst-linux.sBgds4': Invalid argument' - - The error was introduced by e30297b0 as spotted by Chunyan Liu - -Index: libvirt-1.2.18/src/storage/storage_backend.c -=================================================================== ---- libvirt-1.2.18.orig/src/storage/storage_backend.c -+++ libvirt-1.2.18/src/storage/storage_backend.c -@@ -455,7 +455,7 @@ createRawFile(int fd, virStorageVolDefPt - pos = inputvol->target.capacity - remain; - } - -- if (need_alloc) { -+ if (need_alloc && (vol->target.allocation - pos > 0)) { - if (safezero(fd, pos, vol->target.allocation - pos) < 0) { - ret = -errno; - virReportSystemError(errno, _("cannot fill file '%s'"), diff --git a/26c5fa3a-virt-aa-helper-missing-doc.patch b/26c5fa3a-virt-aa-helper-missing-doc.patch deleted file mode 100644 index cb50130..0000000 --- a/26c5fa3a-virt-aa-helper-missing-doc.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 26c5fa3a9bd37624ddd1509daf7d6a84268f089e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Guido=20G=C3=BCnther?= -Date: Fri, 21 Aug 2015 12:29:25 +0200 -Subject: [PATCH 1/4] virt-aa-helper: document --probing and --dry-run - ---- - src/security/virt-aa-helper.c | 2 ++ - 1 file changed, 2 insertions(+) - -Index: libvirt-1.2.18/src/security/virt-aa-helper.c -=================================================================== ---- libvirt-1.2.18.orig/src/security/virt-aa-helper.c -+++ libvirt-1.2.18/src/security/virt-aa-helper.c -@@ -107,12 +107,14 @@ vah_usage(void) - " Options:\n" - " -a | --add load profile\n" - " -c | --create create profile from template\n" -+ " -d | --dry-run dry run\n" - " -D | --delete unload and delete profile\n" - " -f | --add-file add file to profile\n" - " -F | --append-file append file to profile\n" - " -r | --replace reload profile\n" - " -R | --remove unload profile\n" - " -h | --help this help\n" -+ " -p | --probing [0|1] allow disk format probing\n" - " -u | --uuid uuid (profile name)\n" - "\n"), progname); - diff --git a/2f01cfdf-virt-aa-helper-allow-ovmf.patch b/2f01cfdf-virt-aa-helper-allow-ovmf.patch deleted file mode 100644 index 3f94432..0000000 --- a/2f01cfdf-virt-aa-helper-allow-ovmf.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 2f01cfdf05448513d150ff1914d3444161c531b9 Mon Sep 17 00:00:00 2001 -From: intrigeri -Date: Fri, 21 Aug 2015 10:52:52 +0200 -Subject: [PATCH 3/4] virt-aa-helper: allow access to /usr/share/ovmf/ - -We forbid access to /usr/share/, but (at least on Debian-based systems) -the Open Virtual Machine Firmware files needed for booting UEFI virtual -machines in QEMU live in /usr/share/ovmf/. Therefore, we need to add -that directory to the list of read only paths. - -A similar patch was suggested by Jamie Strandboge -on https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1483071. ---- - src/security/virt-aa-helper.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: libvirt-1.2.18/src/security/virt-aa-helper.c -=================================================================== ---- libvirt-1.2.18.orig/src/security/virt-aa-helper.c -+++ libvirt-1.2.18/src/security/virt-aa-helper.c -@@ -572,7 +572,8 @@ valid_path(const char *path, const bool - "/boot/", - "/vmlinuz", - "/initrd", -- "/initrd.img" -+ "/initrd.img", -+ "/usr/share/ovmf/" /* for OVMF images */ - }; - /* override the above with these */ - const char * const override[] = { diff --git a/44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch b/44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch deleted file mode 100644 index 0e497d7..0000000 --- a/44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch +++ /dev/null @@ -1,109 +0,0 @@ -commit 44a54eb073d2ae52ebf1661ae73bb1f0f98599f9 -Author: Jim Fehlig -Date: Wed Jul 15 16:35:50 2015 -0600 - - libxl: fix ref counting of libxlMigrationDstArgs - - This patch fixes some flawed logic around ref counting the - libxlMigrationDstArgs object. - - First, when adding sockets to the event loop with - virNetSocketAddIOCallback(), the generic virObjectFreeCallback() - was registered as a free function, with libxlMigrationDstArgs as - its parameter. A reference was also taken on - libxlMigrationDstArgs for each successful call to - virNetSocketAddIOCallback(). The rational behind this logic was - that the libxlMigrationDstArgs object had to out-live the socket - objects. But virNetSocketAddIOCallback() already takes a - reference on socket objects, ensuring their life until removed - from the event loop and unref'ed in virNetSocketEventFree(). We - only need to ensure libxlMigrationDstArgs lives until - libxlDoMigrateReceive() finishes, which can be done by simply - unref'ing libxlMigrationDstArgs at the end of - libxlDoMigrateReceive(). - - The second flaw was unref'ing the sockets in the failure path of - libxlMigrateReceive() and at the end of libxlDoMigrateReceive(). - As mentioned above, the sockets are already unref'ed by - virNetSocketEventFree() when removed from the event loop. - Attempting to unref the socket a second time resulted in a - libvirtd crash since the socket was previously unref'ed and - disposed. - - Signed-off-by: Jim Fehlig - -Index: libvirt-1.2.18/src/libxl/libxl_migration.c -=================================================================== ---- libvirt-1.2.18.orig/src/libxl/libxl_migration.c -+++ libvirt-1.2.18/src/libxl/libxl_migration.c -@@ -109,7 +109,6 @@ libxlDoMigrateReceive(void *opaque) - - /* Remove all listen socks from event handler, and close them. */ - for (i = 0; i < nsocks; i++) { -- virNetSocketUpdateIOCallback(socks[i], 0); - virNetSocketRemoveIOCallback(socks[i]); - virNetSocketClose(socks[i]); - virObjectUnref(socks[i]); -@@ -117,6 +116,7 @@ libxlDoMigrateReceive(void *opaque) - } - args->nsocks = 0; - VIR_FORCE_CLOSE(recvfd); -+ virObjectUnref(args); - } - - -@@ -164,11 +164,11 @@ libxlMigrateReceive(virNetSocketPtr sock - virNetSocketUpdateIOCallback(socks[i], 0); - virNetSocketRemoveIOCallback(socks[i]); - virNetSocketClose(socks[i]); -- virObjectUnref(socks[i]); - socks[i] = NULL; - } - args->nsocks = 0; - VIR_FORCE_CLOSE(recvfd); -+ virObjectUnref(args); - } - - static int -@@ -318,7 +318,7 @@ libxlDomainMigrationPrepare(virConnectPt - virNetSocketPtr *socks = NULL; - size_t nsocks = 0; - int nsocks_listen = 0; -- libxlMigrationDstArgs *args; -+ libxlMigrationDstArgs *args = NULL; - size_t i; - int ret = -1; - -@@ -420,22 +420,12 @@ libxlDomainMigrationPrepare(virConnectPt - VIR_EVENT_HANDLE_READABLE, - libxlMigrateReceive, - args, -- virObjectFreeCallback) < 0) -+ NULL) < 0) - continue; - -- /* -- * Successfully added sock to event loop. Take a ref on args to -- * ensure it is not freed until sock is removed from the event loop. -- * Ref is dropped in virObjectFreeCallback after being removed -- * from the event loop. -- */ -- virObjectRef(args); - nsocks_listen++; - } - -- /* Done with args in this function, drop reference */ -- virObjectUnref(args); -- - if (!nsocks_listen) - goto error; - -@@ -448,6 +438,8 @@ libxlDomainMigrationPrepare(virConnectPt - virObjectUnref(socks[i]); - } - VIR_FREE(socks); -+ virObjectUnref(args); -+ - /* Remove virDomainObj from domain list */ - if (vm) { - virDomainObjListRemove(driver->domains, vm); diff --git a/52970dec-virt-aa-helper-improve-valid-path.patch b/52970dec-virt-aa-helper-improve-valid-path.patch deleted file mode 100644 index d9cacf2..0000000 --- a/52970dec-virt-aa-helper-improve-valid-path.patch +++ /dev/null @@ -1,85 +0,0 @@ -commit 52970dec5b4d0fd1a9baa593b46a33bd7eeaf6b8 -Author: Michal Privoznik -Date: Thu Aug 27 02:50:21 2015 +0200 - - virt-aa-helper: Improve valid_path - - So, after some movement in virt-aa-helper, I've noticed the - virt-aa-helper-test failing. I've ran gdb (it took me a while to - realize how to do that) and this showed up immediately: - - Program received signal SIGSEGV, Segmentation fault. - strlen () at ../sysdeps/x86_64/strlen.S:106 - 106 ../sysdeps/x86_64/strlen.S: No such file or directory. - (gdb) bt - #0 strlen () at ../sysdeps/x86_64/strlen.S:106 - #1 0x0000555555561a13 in array_starts_with (str=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", arr=0x7fffffffd160, size=-1540438016) at security/virt-aa-helper.c:525 - #2 0x0000555555561d49 in valid_path (path=0x5555557ce910 "/tmp/tmp.6nI2Fkv0KL/1.img", readonly=false) at security/virt-aa-helper.c:617 - #3 0x0000555555562506 in vah_add_path (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw", recursive=false) at security/virt-aa-helper.c:823 - #4 0x0000555555562693 in vah_add_file (buf=0x7fffffffd3e0, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", perms=0x555555581585 "rw") at security/virt-aa-helper.c:854 - #5 0x0000555555562918 in add_file_path (disk=0x5555557d4440, path=0x5555557cb910 "/tmp/tmp.6nI2Fkv0KL/1.img", depth=0, opaque=0x7fffffffd3e0) at security/virt-aa-helper.c:931 - #6 0x00007ffff78f18b1 in virDomainDiskDefForeachPath (disk=0x5555557d4440, ignoreOpenFailure=true, iter=0x5555555628a6 , opaque=0x7fffffffd3e0) at conf/domain_conf.c:23286 - #7 0x0000555555562b5f in get_files (ctl=0x7fffffffd670) at security/virt-aa-helper.c:982 - #8 0x0000555555564100 in vahParseArgv (ctl=0x7fffffffd670, argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1277 - #9 0x00005555555643d6 in main (argc=5, argv=0x7fffffffd7e8) at security/virt-aa-helper.c:1332 - - So I've taken look at valid_path() because it is obviously - calling array_starts_with() with malformed @size. And here's the - result: there are two variables to hold the size of three arrays - and their value is recalculated before each call of - array_starts_with(). What if we just use three variables, - initialize them and do not touch them afterwards? - - Signed-off-by: Michal Privoznik - -Index: libvirt-1.2.18/src/security/virt-aa-helper.c -=================================================================== ---- libvirt-1.2.18.orig/src/security/virt-aa-helper.c -+++ libvirt-1.2.18/src/security/virt-aa-helper.c -@@ -546,9 +546,6 @@ array_starts_with(const char *str, const - static int - valid_path(const char *path, const bool readonly) - { -- int npaths; -- int nropaths; -- - const char * const restricted[] = { - "/bin/", - "/etc/", -@@ -581,6 +578,10 @@ valid_path(const char *path, const bool - "/etc/libvirt-sandbox/services/" /* for virt-sandbox service config */ - }; - -+ const int nropaths = ARRAY_CARDINALITY(restricted); -+ const int nrwpaths = ARRAY_CARDINALITY(restricted_rw); -+ const int nopaths = ARRAY_CARDINALITY(override); -+ - if (path == NULL) { - vah_error(NULL, 0, _("bad pathname")); - return -1; -@@ -600,21 +601,18 @@ valid_path(const char *path, const bool - vah_warning(_("path does not exist, skipping file type checks")); - - /* overrides are always allowed */ -- npaths = sizeof(override)/sizeof(*(override)); -- if (array_starts_with(path, override, npaths) == 0) -+ if (array_starts_with(path, override, nopaths) == 0) - return 0; - - /* allow read only paths upfront */ - if (readonly) { -- nropaths = sizeof(restricted_rw)/sizeof(*(restricted_rw)); -- if (array_starts_with(path, restricted_rw, nropaths) == 0) -+ if (array_starts_with(path, restricted_rw, nrwpaths) == 0) - return 0; - } - - /* disallow RW acess to all paths in restricted and restriced_rw */ -- npaths = sizeof(restricted)/sizeof(*(restricted)); -- if ((array_starts_with(path, restricted, npaths) == 0 -- || array_starts_with(path, restricted_rw, nropaths) == 0)) -+ if ((array_starts_with(path, restricted, nropaths) == 0 || -+ array_starts_with(path, restricted_rw, nrwpaths) == 0)) - return 1; - - return 0; diff --git a/60acb38-revert-curmem-inactive-dom.patch b/60acb38-revert-curmem-inactive-dom.patch deleted file mode 100644 index 99ba50e..0000000 --- a/60acb38-revert-curmem-inactive-dom.patch +++ /dev/null @@ -1,53 +0,0 @@ -commit 60acb38abbee1636a9cddf8d296f700d115c8f77 -Author: Jim Fehlig -Date: Mon Aug 10 12:49:55 2015 -0600 - - Revert "LXC: show used memory as 0 when domain is not active" - - This reverts commit 1ce7c1d20cfd5afb26d2dbc88201085d52415d0e, - which introduced a significant semantic change to the - virDomainGetInfo() API. Additionally, the change was only - made to 2 of the 15 virt drivers. - - Conflicts: - src/qemu/qemu_driver.c - - Signed-off-by: Jim Fehlig - -Index: libvirt-1.2.18/src/lxc/lxc_driver.c -=================================================================== ---- libvirt-1.2.18.orig/src/lxc/lxc_driver.c -+++ libvirt-1.2.18/src/lxc/lxc_driver.c -@@ -597,7 +597,7 @@ static int lxcDomainGetInfo(virDomainPtr - - if (!virDomainObjIsActive(vm)) { - info->cpuTime = 0; -- info->memory = 0; -+ info->memory = vm->def->mem.cur_balloon; - } else { - if (virCgroupGetCpuacctUsage(priv->cgroup, &(info->cpuTime)) < 0) { - virReportError(VIR_ERR_OPERATION_FAILED, -Index: libvirt-1.2.18/src/qemu/qemu_driver.c -=================================================================== ---- libvirt-1.2.18.orig/src/qemu/qemu_driver.c -+++ libvirt-1.2.18/src/qemu/qemu_driver.c -@@ -2641,13 +2641,13 @@ qemuDomainGetInfo(virDomainPtr dom, - goto cleanup; - } - -- if (virDomainObjIsActive(vm)) { -- if (VIR_ASSIGN_IS_OVERFLOW(info->memory, vm->def->mem.cur_balloon)) { -- virReportError(VIR_ERR_OVERFLOW, "%s", -- _("Current memory size too large")); -- goto cleanup; -- } -+ if (VIR_ASSIGN_IS_OVERFLOW(info->memory, vm->def->mem.cur_balloon)) { -+ virReportError(VIR_ERR_OVERFLOW, "%s", -+ _("Current memory size too large")); -+ goto cleanup; -+ } - -+ if (virDomainObjIsActive(vm)) { - if (qemuGetProcessInfo(&(info->cpuTime), NULL, NULL, vm->pid, 0) < 0) { - virReportError(VIR_ERR_OPERATION_FAILED, "%s", - _("cannot read cputime for domain")); diff --git a/91fdcefa-virt-aa-helper-allow-nvram.patch b/91fdcefa-virt-aa-helper-allow-nvram.patch deleted file mode 100644 index a3b028b..0000000 --- a/91fdcefa-virt-aa-helper-allow-nvram.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 91fdcefa7f145c1c39acc8e9a44fbfbf11568e54 Mon Sep 17 00:00:00 2001 -From: Peter Kieser -Date: Thu, 20 Aug 2015 10:58:59 -0700 -Subject: [PATCH 4/4] virt-aa-helper: add NVRAM store file for read/write - -This is a cryptographically signed message in MIME format. - -Some UEFI firmwares may want to use a non-volatile memory to store some -variables. -If AppArmor is enabled, and NVRAM store file is set currently -virt-aa-helper does -not add the NVRAM store file to the template. Add this file for -read/write when -this functionality is defined in domain XML. - -Signed-off-by: Peter Kieser ---- - src/security/virt-aa-helper.c | 4 ++++ - 1 file changed, 4 insertions(+) - -Index: libvirt-1.2.18/src/security/virt-aa-helper.c -=================================================================== ---- libvirt-1.2.18.orig/src/security/virt-aa-helper.c -+++ libvirt-1.2.18/src/security/virt-aa-helper.c -@@ -1057,6 +1057,10 @@ get_files(vahControl * ctl) - if (vah_add_file(&buf, ctl->def->os.loader->path, "r") != 0) - goto cleanup; - -+ if (ctl->def->os.loader && ctl->def->os.loader->nvram) -+ if (vah_add_file(&buf, ctl->def->os.loader->nvram, "rw") != 0) -+ goto cleanup; -+ - for (i = 0; i < ctl->def->ngraphics; i++) { - if (ctl->def->graphics[i]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC && - ctl->def->graphics[i]->data.vnc.socket && diff --git a/apparmor-fixes.patch b/apparmor-fixes.patch index b5279b6..a3dfa41 100644 --- a/apparmor-fixes.patch +++ b/apparmor-fixes.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/examples/apparmor/libvirt-qemu +Index: libvirt-1.2.19/examples/apparmor/libvirt-qemu =================================================================== ---- libvirt-1.2.18.orig/examples/apparmor/libvirt-qemu -+++ libvirt-1.2.18/examples/apparmor/libvirt-qemu +--- libvirt-1.2.19.orig/examples/apparmor/libvirt-qemu ++++ libvirt-1.2.19/examples/apparmor/libvirt-qemu @@ -124,6 +124,9 @@ # for restore /bin/bash rmix, diff --git a/apparmor-no-mount.patch b/apparmor-no-mount.patch index d84f861..321cf0e 100644 --- a/apparmor-no-mount.patch +++ b/apparmor-no-mount.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/examples/apparmor/libvirt-lxc +Index: libvirt-1.2.19/examples/apparmor/libvirt-lxc =================================================================== ---- libvirt-1.2.18.orig/examples/apparmor/libvirt-lxc -+++ libvirt-1.2.18/examples/apparmor/libvirt-lxc +--- libvirt-1.2.19.orig/examples/apparmor/libvirt-lxc ++++ libvirt-1.2.19/examples/apparmor/libvirt-lxc @@ -2,39 +2,15 @@ #include diff --git a/blockcopy-check-dst-identical-device.patch b/blockcopy-check-dst-identical-device.patch index 4eb74ce..dd7e203 100644 --- a/blockcopy-check-dst-identical-device.patch +++ b/blockcopy-check-dst-identical-device.patch @@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu src/qemu/qemu_driver.c | 7 +++++++ 1 file changed, 7 insertions(+) -Index: libvirt-1.2.18/src/qemu/qemu_driver.c +Index: libvirt-1.2.19/src/qemu/qemu_driver.c =================================================================== ---- libvirt-1.2.18.orig/src/qemu/qemu_driver.c -+++ libvirt-1.2.18/src/qemu/qemu_driver.c -@@ -16662,6 +16662,15 @@ qemuDomainBlockCopyCommon(virDomainObjPt +--- libvirt-1.2.19.orig/src/qemu/qemu_driver.c ++++ libvirt-1.2.19/src/qemu/qemu_driver.c +@@ -16725,6 +16725,15 @@ qemuDomainBlockCopyCommon(virDomainObjPt _("non-file destination not supported yet")); goto endjob; } diff --git a/d25a5e08-virt-aa-helper-simplify-restriction-logic.patch b/d25a5e08-virt-aa-helper-simplify-restriction-logic.patch deleted file mode 100644 index a374e84..0000000 --- a/d25a5e08-virt-aa-helper-simplify-restriction-logic.patch +++ /dev/null @@ -1,65 +0,0 @@ -From d25a5e087ae10142d3d533ed193146736526b2ae Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Guido=20G=C3=BCnther?= -Date: Fri, 21 Aug 2015 10:49:15 +0200 -Subject: [PATCH 2/4] virt-aa-helper: Simplify restriction logic - -First check overrides, then read only files then restricted access -itself. - -This allows us to mark files for read only access whose parents were -already restricted for read write. - -Based on a proposal by Martin Kletzander ---- - src/security/virt-aa-helper.c | 29 ++++++++++++++++++----------- - 1 file changed, 18 insertions(+), 11 deletions(-) - -Index: libvirt-1.2.18/src/security/virt-aa-helper.c -=================================================================== ---- libvirt-1.2.18.orig/src/security/virt-aa-helper.c -+++ libvirt-1.2.18/src/security/virt-aa-helper.c -@@ -546,7 +546,9 @@ array_starts_with(const char *str, const - static int - valid_path(const char *path, const bool readonly) - { -- int npaths, opaths; -+ int npaths; -+ int nropaths; -+ - const char * const restricted[] = { - "/bin/", - "/etc/", -@@ -596,18 +598,23 @@ valid_path(const char *path, const bool - if (!virFileExists(path)) - vah_warning(_("path does not exist, skipping file type checks")); - -- opaths = sizeof(override)/sizeof(*(override)); -+ /* overrides are always allowed */ -+ npaths = sizeof(override)/sizeof(*(override)); -+ if (array_starts_with(path, override, npaths) == 0) -+ return 0; -+ -+ /* allow read only paths upfront */ -+ if (readonly) { -+ nropaths = sizeof(restricted_rw)/sizeof(*(restricted_rw)); -+ if (array_starts_with(path, restricted_rw, nropaths) == 0) -+ return 0; -+ } - -+ /* disallow RW acess to all paths in restricted and restriced_rw */ - npaths = sizeof(restricted)/sizeof(*(restricted)); -- if (array_starts_with(path, restricted, npaths) == 0 && -- array_starts_with(path, override, opaths) != 0) -- return 1; -- -- npaths = sizeof(restricted_rw)/sizeof(*(restricted_rw)); -- if (!readonly) { -- if (array_starts_with(path, restricted_rw, npaths) == 0) -- return 1; -- } -+ if ((array_starts_with(path, restricted, npaths) == 0 -+ || array_starts_with(path, restricted_rw, nropaths) == 0)) -+ return 1; - - return 0; - } diff --git a/disable-virCgroupGetPercpuStats-test.patch b/disable-virCgroupGetPercpuStats-test.patch index 5392999..6d0ed97 100644 --- a/disable-virCgroupGetPercpuStats-test.patch +++ b/disable-virCgroupGetPercpuStats-test.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/tests/vircgrouptest.c +Index: libvirt-1.2.19/tests/vircgrouptest.c =================================================================== ---- libvirt-1.2.18.orig/tests/vircgrouptest.c -+++ libvirt-1.2.18/tests/vircgrouptest.c +--- libvirt-1.2.19.orig/tests/vircgrouptest.c ++++ libvirt-1.2.19/tests/vircgrouptest.c @@ -34,7 +34,6 @@ # include "virfile.h" # include "virbuffer.h" diff --git a/e80b84a7-libxl-acquire-job-on-migrate.patch b/e80b84a7-libxl-acquire-job-on-migrate.patch deleted file mode 100644 index a95d3b7..0000000 --- a/e80b84a7-libxl-acquire-job-on-migrate.patch +++ /dev/null @@ -1,59 +0,0 @@ -commit e80b84a74324cd535ec7232c4e1653805af2103a -Author: Jim Fehlig -Date: Thu Jul 16 12:24:32 2015 -0600 - - libxl: acquire a job when receiving a migrating domain - - Commit f86ae403 moved acquiring a job from libxlDomainStart() - to its callers. One spot missed was in libxlDoMigrateReceive(). - Acquire a job in libxlDoMigrateReceive() before calling - libxlDomainStart(). - - Signed-off-by: Jim Fehlig - -Index: libvirt-1.2.18/src/libxl/libxl_migration.c -=================================================================== ---- libvirt-1.2.18.orig/src/libxl/libxl_migration.c -+++ libvirt-1.2.18/src/libxl/libxl_migration.c -@@ -95,17 +95,20 @@ libxlDoMigrateReceive(void *opaque) - int recvfd = args->recvfd; - size_t i; - int ret; -+ bool remove_dom = 0; -+ -+ virObjectLock(vm); -+ if (libxlDomainObjBeginJob(driver, vm, LIBXL_JOB_MODIFY) < 0) -+ goto cleanup; - - /* - * Always start the domain paused. If needed, unpause in the - * finish phase, after transfer of the domain is complete. - */ -- virObjectLock(vm); - ret = libxlDomainStart(driver, vm, true, recvfd); -- virObjectUnlock(vm); - - if (ret < 0 && !vm->persistent) -- virDomainObjListRemove(driver->domains, vm); -+ remove_dom = true; - - /* Remove all listen socks from event handler, and close them. */ - for (i = 0; i < nsocks; i++) { -@@ -117,6 +120,17 @@ libxlDoMigrateReceive(void *opaque) - args->nsocks = 0; - VIR_FORCE_CLOSE(recvfd); - virObjectUnref(args); -+ -+ if (!libxlDomainObjEndJob(driver, vm)) -+ vm = NULL; -+ -+ cleanup: -+ if (remove_dom && vm) { -+ virDomainObjListRemove(driver->domains, vm); -+ vm = NULL; -+ } -+ if (vm) -+ virObjectUnlock(vm); - } - - diff --git a/libvirt-1.2.18.tar.gz b/libvirt-1.2.18.tar.gz deleted file mode 100644 index ac7d3e4..0000000 --- a/libvirt-1.2.18.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d5a5ff18af4cced21fed986d28fa0a21b782d256920326bf0ff1c7731eeb6ade -size 29412554 diff --git a/libvirt-1.2.18.tar.gz.asc b/libvirt-1.2.18.tar.gz.asc deleted file mode 100644 index bb8388d..0000000 --- a/libvirt-1.2.18.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlW/M8wACgkQRga4pd6VvB9S0ACfV3OG4q+aGh9oXodFnMy4PcBn -c0gAnjmMTEA/O8vIczW1a99qpM/QphO+ -=jw1y ------END PGP SIGNATURE----- diff --git a/libvirt-1.2.19.tar.gz b/libvirt-1.2.19.tar.gz new file mode 100644 index 0000000..9bedbdf --- /dev/null +++ b/libvirt-1.2.19.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:282c141f03331d640020c15f81464b27400e0ee307ef4c5190393b021caedd6e +size 29644247 diff --git a/libvirt-1.2.19.tar.gz.asc b/libvirt-1.2.19.tar.gz.asc new file mode 100644 index 0000000..1e9ec73 --- /dev/null +++ b/libvirt-1.2.19.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlXmXeUACgkQRga4pd6VvB8MvACeIqDMC1ZMGFeKSiUw6xTC0Akl +cusAniPTkksLFvJoW6fOT0Ugj+qweZhH +=a6x0 +-----END PGP SIGNATURE----- diff --git a/libvirt-guests-init-script.patch b/libvirt-guests-init-script.patch index 1ae3c8a..9657287 100644 --- a/libvirt-guests-init-script.patch +++ b/libvirt-guests-init-script.patch @@ -1,9 +1,9 @@ Adjust libvirt-guests init files to conform to SUSE standards -Index: libvirt-1.2.18/tools/libvirt-guests.init.in +Index: libvirt-1.2.19/tools/libvirt-guests.init.in =================================================================== ---- libvirt-1.2.18.orig/tools/libvirt-guests.init.in -+++ libvirt-1.2.18/tools/libvirt-guests.init.in +--- libvirt-1.2.19.orig/tools/libvirt-guests.init.in ++++ libvirt-1.2.19/tools/libvirt-guests.init.in @@ -3,15 +3,15 @@ # the following is the LSB init header # @@ -28,10 +28,10 @@ Index: libvirt-1.2.18/tools/libvirt-guests.init.in ### END INIT INFO # the following is chkconfig init header -Index: libvirt-1.2.18/tools/libvirt-guests.sh.in +Index: libvirt-1.2.19/tools/libvirt-guests.sh.in =================================================================== ---- libvirt-1.2.18.orig/tools/libvirt-guests.sh.in -+++ libvirt-1.2.18/tools/libvirt-guests.sh.in +--- libvirt-1.2.19.orig/tools/libvirt-guests.sh.in ++++ libvirt-1.2.19/tools/libvirt-guests.sh.in @@ -16,14 +16,13 @@ # License along with this library. If not, see # . @@ -191,10 +191,10 @@ Index: libvirt-1.2.18/tools/libvirt-guests.sh.in esac -exit $RETVAL +rc_exit -Index: libvirt-1.2.18/tools/libvirt-guests.sysconf +Index: libvirt-1.2.19/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-1.2.18.orig/tools/libvirt-guests.sysconf -+++ libvirt-1.2.18/tools/libvirt-guests.sysconf +--- libvirt-1.2.19.orig/tools/libvirt-guests.sysconf ++++ libvirt-1.2.19/tools/libvirt-guests.sysconf @@ -1,19 +1,29 @@ +## Path: System/Virtualization/libvirt-guests + diff --git a/libvirt-power8-models.patch b/libvirt-power8-models.patch index 2c57fd7..e970169 100644 --- a/libvirt-power8-models.patch +++ b/libvirt-power8-models.patch @@ -1,9 +1,9 @@ -Index: libvirt-1.2.18/src/cpu/cpu_map.xml +Index: libvirt-1.2.19/src/cpu/cpu_map.xml =================================================================== ---- libvirt-1.2.18.orig/src/cpu/cpu_map.xml -+++ libvirt-1.2.18/src/cpu/cpu_map.xml -@@ -1413,6 +1413,16 @@ - +--- libvirt-1.2.19.orig/src/cpu/cpu_map.xml ++++ libvirt-1.2.19/src/cpu/cpu_map.xml +@@ -1376,6 +1376,16 @@ + + diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch index 10ad151..b5f2cf4 100644 --- a/libvirt-suse-netcontrol.patch +++ b/libvirt-suse-netcontrol.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/configure.ac +Index: libvirt-1.2.19/configure.ac =================================================================== ---- libvirt-1.2.18.orig/configure.ac -+++ libvirt-1.2.18/configure.ac +--- libvirt-1.2.19.orig/configure.ac ++++ libvirt-1.2.19/configure.ac @@ -242,6 +242,7 @@ LIBVIRT_CHECK_FUSE LIBVIRT_CHECK_GLUSTER LIBVIRT_CHECK_HAL @@ -26,7 +26,7 @@ Index: libvirt-1.2.18/configure.ac esac if test "$with_interface" = "yes" ; then -@@ -2879,6 +2881,7 @@ LIBVIRT_RESULT_FUSE +@@ -2883,6 +2885,7 @@ LIBVIRT_RESULT_FUSE LIBVIRT_RESULT_GLUSTER LIBVIRT_RESULT_HAL LIBVIRT_RESULT_NETCF @@ -34,11 +34,11 @@ Index: libvirt-1.2.18/configure.ac LIBVIRT_RESULT_NUMACTL LIBVIRT_RESULT_OPENWSMAN LIBVIRT_RESULT_PCIACCESS -Index: libvirt-1.2.18/src/Makefile.am +Index: libvirt-1.2.19/src/Makefile.am =================================================================== ---- libvirt-1.2.18.orig/src/Makefile.am -+++ libvirt-1.2.18/src/Makefile.am -@@ -872,6 +872,10 @@ if WITH_NETCF +--- libvirt-1.2.19.orig/src/Makefile.am ++++ libvirt-1.2.19/src/Makefile.am +@@ -879,6 +879,10 @@ if WITH_NETCF INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_netcf.c endif WITH_NETCF @@ -49,7 +49,7 @@ Index: libvirt-1.2.18/src/Makefile.am if WITH_UDEV INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_udev.c -@@ -1491,6 +1495,10 @@ if WITH_NETCF +@@ -1504,6 +1508,10 @@ if WITH_NETCF libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS) libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS) endif WITH_NETCF @@ -60,11 +60,11 @@ Index: libvirt-1.2.18/src/Makefile.am if WITH_UDEV libvirt_driver_interface_la_CFLAGS += $(UDEV_CFLAGS) libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS) -Index: libvirt-1.2.18/tools/virsh.c +Index: libvirt-1.2.19/tools/virsh.c =================================================================== ---- libvirt-1.2.18.orig/tools/virsh.c -+++ libvirt-1.2.18/tools/virsh.c -@@ -3383,6 +3383,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE +--- libvirt-1.2.19.orig/tools/virsh.c ++++ libvirt-1.2.19/tools/virsh.c +@@ -557,6 +557,8 @@ virshShowVersion(vshControl *ctl ATTRIBU vshPrint(ctl, " Interface"); # if defined(WITH_NETCF) vshPrint(ctl, " netcf"); @@ -73,10 +73,10 @@ Index: libvirt-1.2.18/tools/virsh.c # elif defined(WITH_UDEV) vshPrint(ctl, " udev"); # endif -Index: libvirt-1.2.18/src/interface/interface_backend_netcf.c +Index: libvirt-1.2.19/src/interface/interface_backend_netcf.c =================================================================== ---- libvirt-1.2.18.orig/src/interface/interface_backend_netcf.c -+++ libvirt-1.2.18/src/interface/interface_backend_netcf.c +--- libvirt-1.2.19.orig/src/interface/interface_backend_netcf.c ++++ libvirt-1.2.19/src/interface/interface_backend_netcf.c @@ -23,7 +23,12 @@ #include @@ -160,10 +160,10 @@ Index: libvirt-1.2.18/src/interface/interface_backend_netcf.c if (virSetSharedInterfaceDriver(&interfaceDriver) < 0) return -1; if (virRegisterStateDriver(&interfaceStateDriver) < 0) -Index: libvirt-1.2.18/src/interface/interface_driver.c +Index: libvirt-1.2.19/src/interface/interface_driver.c =================================================================== ---- libvirt-1.2.18.orig/src/interface/interface_driver.c -+++ libvirt-1.2.18/src/interface/interface_driver.c +--- libvirt-1.2.19.orig/src/interface/interface_driver.c ++++ libvirt-1.2.19/src/interface/interface_driver.c @@ -30,8 +30,15 @@ interfaceRegister(void) if (netcfIfaceRegister() == 0) return 0; @@ -181,10 +181,10 @@ Index: libvirt-1.2.18/src/interface/interface_driver.c if (udevIfaceRegister() == 0) return 0; #endif /* WITH_UDEV */ -Index: libvirt-1.2.18/m4/virt-netcontrol.m4 +Index: libvirt-1.2.19/m4/virt-netcontrol.m4 =================================================================== --- /dev/null -+++ libvirt-1.2.18/m4/virt-netcontrol.m4 ++++ libvirt-1.2.19/m4/virt-netcontrol.m4 @@ -0,0 +1,35 @@ +dnl The libnetcontrol library +dnl diff --git a/libvirt.changes b/libvirt.changes index b49ac4a..33511d8 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Wed Sep 2 06:14:17 UTC 2015 - jfehlig@suse.com + +- Update to libvirt 1.2.19 + - Improved ppc64 support + - New virDomainRename API + - Support for PCI Express controllers in QEMU + - Many incremental improvements and bug fixes, see + http://libvirt.org/news.html + - Dropped upstream patches: + 269d39af-storage-allocation-fix.patch, + 26c5fa3a-virt-aa-helper-missing-doc.patch, + d25a5e08-virt-aa-helper-simplify-restriction-logic.patch, + 2f01cfdf-virt-aa-helper-allow-ovmf.patch, + 91fdcefa-virt-aa-helper-allow-nvram.patch, + 52970dec-virt-aa-helper-improve-valid-path.patch, + 44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch, + 15120b8c-libxl-no-resume-on-suspend-fail.patch, + e80b84a7-libxl-acquire-job-on-migrate.patch, + 60acb38-revert-curmem-inactive-dom.patch + ------------------------------------------------------------------- Fri Aug 28 17:41:30 UTC 2015 - jfehlig@suse.com diff --git a/libvirt.spec b/libvirt.spec index 9544bdd..527a63e 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -240,7 +240,7 @@ Name: libvirt Url: http://libvirt.org/ -Version: 1.2.18 +Version: 1.2.19 Release: 0 Summary: Library providing a simple virtualization API License: LGPL-2.1+ @@ -446,16 +446,6 @@ Source3: libvirtd.init Source4: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches -Patch0: 269d39af-storage-allocation-fix.patch -Patch1: 26c5fa3a-virt-aa-helper-missing-doc.patch -Patch2: d25a5e08-virt-aa-helper-simplify-restriction-logic.patch -Patch3: 2f01cfdf-virt-aa-helper-allow-ovmf.patch -Patch4: 91fdcefa-virt-aa-helper-allow-nvram.patch -Patch5: 52970dec-virt-aa-helper-improve-valid-path.patch -Patch6: 44a54eb0-libxl-fix-refcnt-MigrationDstArgs.patch -Patch7: 15120b8c-libxl-no-resume-on-suspend-fail.patch -Patch8: e80b84a7-libxl-acquire-job-on-migrate.patch -Patch9: 60acb38-revert-curmem-inactive-dom.patch # Patches pending upstream review # Need to go upstream Patch150: xen-pv-cdrom.patch @@ -986,16 +976,6 @@ Provides a dissector for the libvirt RPC protocol to help debugging it. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 %patch150 -p1 %patch151 -p1 %patch152 -p1 diff --git a/libvirtd-defaults.patch b/libvirtd-defaults.patch index b6b639d..2724e40 100644 --- a/libvirtd-defaults.patch +++ b/libvirtd-defaults.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/daemon/libvirtd.conf +Index: libvirt-1.2.19/daemon/libvirtd.conf =================================================================== ---- libvirt-1.2.18.orig/daemon/libvirtd.conf -+++ libvirt-1.2.18/daemon/libvirtd.conf +--- libvirt-1.2.19.orig/daemon/libvirtd.conf ++++ libvirt-1.2.19/daemon/libvirtd.conf @@ -18,8 +18,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. @@ -13,10 +13,10 @@ Index: libvirt-1.2.18/daemon/libvirtd.conf # Listen for unencrypted TCP connections on the public TCP/IP port. # NB, must pass the --listen flag to the libvirtd process for this to -Index: libvirt-1.2.18/daemon/libvirtd-config.c +Index: libvirt-1.2.19/daemon/libvirtd-config.c =================================================================== ---- libvirt-1.2.18.orig/daemon/libvirtd-config.c -+++ libvirt-1.2.18/daemon/libvirtd-config.c +--- libvirt-1.2.19.orig/daemon/libvirtd-config.c ++++ libvirt-1.2.19/daemon/libvirtd-config.c @@ -242,7 +242,7 @@ daemonConfigNew(bool privileged ATTRIBUT if (VIR_ALLOC(data) < 0) return NULL; @@ -26,10 +26,10 @@ Index: libvirt-1.2.18/daemon/libvirtd-config.c data->listen_tcp = 0; if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || -Index: libvirt-1.2.18/daemon/test_libvirtd.aug.in +Index: libvirt-1.2.19/daemon/test_libvirtd.aug.in =================================================================== ---- libvirt-1.2.18.orig/daemon/test_libvirtd.aug.in -+++ libvirt-1.2.18/daemon/test_libvirtd.aug.in +--- libvirt-1.2.19.orig/daemon/test_libvirtd.aug.in ++++ libvirt-1.2.19/daemon/test_libvirtd.aug.in @@ -2,7 +2,7 @@ module Test_libvirtd = ::CONFIG:: diff --git a/libvirtd-init-script.patch b/libvirtd-init-script.patch index 547e292..cfb94f8 100644 --- a/libvirtd-init-script.patch +++ b/libvirtd-init-script.patch @@ -1,9 +1,9 @@ Adjust libvirtd sysconfig file to conform to SUSE standards -Index: libvirt-1.2.18/daemon/libvirtd.sysconf +Index: libvirt-1.2.19/daemon/libvirtd.sysconf =================================================================== ---- libvirt-1.2.18.orig/daemon/libvirtd.sysconf -+++ libvirt-1.2.18/daemon/libvirtd.sysconf +--- libvirt-1.2.19.orig/daemon/libvirtd.sysconf ++++ libvirt-1.2.19/daemon/libvirtd.sysconf @@ -1,16 +1,25 @@ +## Path: System/Virtualization/libvirt + diff --git a/libvirtd-systemd-socket.patch b/libvirtd-systemd-socket.patch index 5dcc962..c31c365 100644 --- a/libvirtd-systemd-socket.patch +++ b/libvirtd-systemd-socket.patch @@ -9,10 +9,10 @@ as See bsc#933043 -Index: libvirt-1.2.18/daemon/libvirtd.socket.in +Index: libvirt-1.2.19/daemon/libvirtd.socket.in =================================================================== ---- libvirt-1.2.18.orig/daemon/libvirtd.socket.in -+++ libvirt-1.2.18/daemon/libvirtd.socket.in +--- libvirt-1.2.19.orig/daemon/libvirtd.socket.in ++++ libvirt-1.2.19/daemon/libvirtd.socket.in @@ -2,10 +2,8 @@ ListenStream=@runstatedir@/libvirt/libvirt-sock ListenStream=@runstatedir@/libvirt/libvirt-sock-ro diff --git a/ppc64le-canonical-name.patch b/ppc64le-canonical-name.patch index 66089ea..cbcb48c 100644 --- a/ppc64le-canonical-name.patch +++ b/ppc64le-canonical-name.patch @@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64 See bnc#894956 -Index: libvirt-1.2.18/src/util/virarch.c +Index: libvirt-1.2.19/src/util/virarch.c =================================================================== ---- libvirt-1.2.18.orig/src/util/virarch.c -+++ libvirt-1.2.18/src/util/virarch.c +--- libvirt-1.2.19.orig/src/util/virarch.c ++++ libvirt-1.2.19/src/util/virarch.c @@ -169,6 +169,8 @@ virArch virArchFromHost(void) arch = VIR_ARCH_I686; } else if (STREQ(ut.machine, "amd64")) { diff --git a/qemu-apparmor-screenshot.patch b/qemu-apparmor-screenshot.patch index 3bbef58..b01ebfc 100644 --- a/qemu-apparmor-screenshot.patch +++ b/qemu-apparmor-screenshot.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/examples/apparmor/libvirt-qemu +Index: libvirt-1.2.19/examples/apparmor/libvirt-qemu =================================================================== ---- libvirt-1.2.18.orig/examples/apparmor/libvirt-qemu -+++ libvirt-1.2.18/examples/apparmor/libvirt-qemu +--- libvirt-1.2.19.orig/examples/apparmor/libvirt-qemu ++++ libvirt-1.2.19/examples/apparmor/libvirt-qemu @@ -133,6 +133,9 @@ /sys/bus/ r, /sys/class/ r, diff --git a/support-managed-pci-xen-driver.patch b/support-managed-pci-xen-driver.patch index 63b1db5..9932423 100644 --- a/support-managed-pci-xen-driver.patch +++ b/support-managed-pci-xen-driver.patch @@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 15 deletions(-) -Index: libvirt-1.2.18/src/xenconfig/xen_common.c +Index: libvirt-1.2.19/src/xenconfig/xen_common.c =================================================================== ---- libvirt-1.2.18.orig/src/xenconfig/xen_common.c -+++ libvirt-1.2.18/src/xenconfig/xen_common.c +--- libvirt-1.2.19.orig/src/xenconfig/xen_common.c ++++ libvirt-1.2.19/src/xenconfig/xen_common.c @@ -403,6 +403,8 @@ xenParsePCI(virConfPtr conf, virDomainDe { virConfValuePtr list = virConfGetValue(conf, "pci"); @@ -66,10 +66,10 @@ Index: libvirt-1.2.18/src/xenconfig/xen_common.c hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; hostdev->source.subsys.u.pci.addr.domain = domainID; hostdev->source.subsys.u.pci.addr.bus = busID; -Index: libvirt-1.2.18/src/xenconfig/xen_sxpr.c +Index: libvirt-1.2.19/src/xenconfig/xen_sxpr.c =================================================================== ---- libvirt-1.2.18.orig/src/xenconfig/xen_sxpr.c -+++ libvirt-1.2.18/src/xenconfig/xen_sxpr.c +--- libvirt-1.2.19.orig/src/xenconfig/xen_sxpr.c ++++ libvirt-1.2.19/src/xenconfig/xen_sxpr.c @@ -999,6 +999,7 @@ xenParseSxprPCI(virDomainDefPtr def, int busID; int slotID; diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index d57facc..0436a99 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/src/qemu/qemu.conf +Index: libvirt-1.2.19/src/qemu/qemu.conf =================================================================== ---- libvirt-1.2.18.orig/src/qemu/qemu.conf -+++ libvirt-1.2.18/src/qemu/qemu.conf +--- libvirt-1.2.19.orig/src/qemu/qemu.conf ++++ libvirt-1.2.19/src/qemu/qemu.conf @@ -201,11 +201,20 @@ # isolation, but it cannot appear in a list of drivers. # diff --git a/systemd-service-xen.patch b/systemd-service-xen.patch index ceaddc9..a264d20 100644 --- a/systemd-service-xen.patch +++ b/systemd-service-xen.patch @@ -1,11 +1,11 @@ -Index: libvirt-1.2.18/daemon/libvirtd.service.in +Index: libvirt-1.2.19/daemon/libvirtd.service.in =================================================================== ---- libvirt-1.2.18.orig/daemon/libvirtd.service.in -+++ libvirt-1.2.18/daemon/libvirtd.service.in -@@ -5,6 +5,8 @@ After=network.target - After=dbus.service - After=iscsid.service +--- libvirt-1.2.19.orig/daemon/libvirtd.service.in ++++ libvirt-1.2.19/daemon/libvirtd.service.in +@@ -7,6 +7,8 @@ After=iscsid.service After=apparmor.service + After=local-fs.target + After=remote-fs.target +Wants=xencommons.service +After=xencommons.service Documentation=man:libvirtd(8) diff --git a/virtlockd-init-script.patch b/virtlockd-init-script.patch index aff30a2..d9cd6f9 100644 --- a/virtlockd-init-script.patch +++ b/virtlockd-init-script.patch @@ -1,9 +1,9 @@ Adjust virtlockd init files to conform to SUSE standards -Index: libvirt-1.2.18/src/locking/virtlockd.sysconf +Index: libvirt-1.2.19/src/locking/virtlockd.sysconf =================================================================== ---- libvirt-1.2.18.orig/src/locking/virtlockd.sysconf -+++ libvirt-1.2.18/src/locking/virtlockd.sysconf +--- libvirt-1.2.19.orig/src/locking/virtlockd.sysconf ++++ libvirt-1.2.19/src/locking/virtlockd.sysconf @@ -1,3 +1,7 @@ +## Path: System/Virtualization/virtlockd + @@ -12,10 +12,10 @@ Index: libvirt-1.2.18/src/locking/virtlockd.sysconf # # Pass extra arguments to virtlockd #VIRTLOCKD_ARGS= -Index: libvirt-1.2.18/src/locking/virtlockd.init.in +Index: libvirt-1.2.19/src/locking/virtlockd.init.in =================================================================== ---- libvirt-1.2.18.orig/src/locking/virtlockd.init.in -+++ libvirt-1.2.18/src/locking/virtlockd.init.in +--- libvirt-1.2.19.orig/src/locking/virtlockd.init.in ++++ libvirt-1.2.19/src/locking/virtlockd.init.in @@ -4,12 +4,14 @@ # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV # diff --git a/xen-pv-cdrom.patch b/xen-pv-cdrom.patch index 30daad8..cd9b283 100644 --- a/xen-pv-cdrom.patch +++ b/xen-pv-cdrom.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.18/src/xenconfig/xen_sxpr.c +Index: libvirt-1.2.19/src/xenconfig/xen_sxpr.c =================================================================== ---- libvirt-1.2.18.orig/src/xenconfig/xen_sxpr.c -+++ libvirt-1.2.18/src/xenconfig/xen_sxpr.c +--- libvirt-1.2.19.orig/src/xenconfig/xen_sxpr.c ++++ libvirt-1.2.19/src/xenconfig/xen_sxpr.c @@ -334,7 +334,7 @@ xenParseSxprChar(const char *value, static int xenParseSxprDisks(virDomainDefPtr def,