Accepting request 718303 from home:jfehlig:branches:Virtualization

- Update to libvirt 5.5.0
  - CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    aed6a032-CVE-2019-10161.patch,
    db0b7845-CVE-2019-10166.patch,
    8afa68ba-CVE-2019-10167.patch,
    bf6c2830-CVE-2019-10168.patch

OBS-URL: https://build.opensuse.org/request/show/718303
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=768

0001-Extract-stats-functions-from-the-qemu-driver.patch

@@ -18,10 +18,10 @@ them.
  create mode 100644 src/conf/domain_stats.c
  create mode 100644 src/conf/domain_stats.h
 
-Index: libvirt-5.4.0/src/conf/domain_stats.c
+Index: libvirt-5.5.0/src/conf/domain_stats.c
 ===================================================================
 --- /dev/null
-+++ libvirt-5.4.0/src/conf/domain_stats.c
++++ libvirt-5.5.0/src/conf/domain_stats.c
 @@ -0,0 +1,139 @@
 +/*
 + * domain_stats.c: domain stats extraction helpers
@@ -162,10 +162,10 @@ Index: libvirt-5.4.0/src/conf/domain_stats.c
 +}
 +
 +#undef STATS_ADD_NET_PARAM
-Index: libvirt-5.4.0/src/conf/domain_stats.h
+Index: libvirt-5.5.0/src/conf/domain_stats.h
 ===================================================================
 --- /dev/null
-+++ libvirt-5.4.0/src/conf/domain_stats.h
++++ libvirt-5.5.0/src/conf/domain_stats.h
 @@ -0,0 +1,64 @@
 +/*
 + * domain_stats.h: domain stats extraction helpers
@@ -231,11 +231,11 @@ Index: libvirt-5.4.0/src/conf/domain_stats.h
 +                               int *maxparams);
 +
 +#endif /* __DOMAIN_STATS_H */
-Index: libvirt-5.4.0/src/libvirt_private.syms
+Index: libvirt-5.5.0/src/libvirt_private.syms
 ===================================================================
---- libvirt-5.4.0.orig/src/libvirt_private.syms
-+++ libvirt-5.4.0/src/libvirt_private.syms
-@@ -678,6 +678,9 @@ virDomainConfNWFilterInstantiate;
+--- libvirt-5.5.0.orig/src/libvirt_private.syms
++++ libvirt-5.5.0/src/libvirt_private.syms
+@@ -680,6 +680,9 @@ virDomainConfNWFilterInstantiate;
  virDomainConfNWFilterTeardown;
  virDomainConfVMNWFilterTeardown;
  
@@ -245,7 +245,7 @@ Index: libvirt-5.4.0/src/libvirt_private.syms
  
  # conf/interface_conf.h
  virInterfaceDefFormat;
-@@ -1591,6 +1594,7 @@ virCgroupGetMemoryUsage;
+@@ -1613,6 +1616,7 @@ virCgroupGetMemoryUsage;
  virCgroupGetMemSwapHardLimit;
  virCgroupGetMemSwapUsage;
  virCgroupGetPercpuStats;
@@ -253,11 +253,11 @@ Index: libvirt-5.4.0/src/libvirt_private.syms
  virCgroupHasController;
  virCgroupHasEmptyTasks;
  virCgroupKillPainfully;
-Index: libvirt-5.4.0/src/qemu/qemu_driver.c
+Index: libvirt-5.5.0/src/qemu/qemu_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-5.4.0/src/qemu/qemu_driver.c
-@@ -67,6 +67,7 @@
+--- libvirt-5.5.0.orig/src/qemu/qemu_driver.c
++++ libvirt-5.5.0/src/qemu/qemu_driver.c
+@@ -66,6 +66,7 @@
  #include "virarptable.h"
  #include "viruuid.h"
  #include "domain_conf.h"
@@ -265,7 +265,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  #include "domain_audit.h"
  #include "node_device_conf.h"
  #include "virpci.h"
-@@ -19943,21 +19944,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr
+@@ -19780,21 +19781,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr
                          int *maxparams,
                          unsigned int privflags ATTRIBUTE_UNUSED)
  {
@@ -288,7 +288,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  }
  
  
-@@ -20147,37 +20134,7 @@ qemuDomainGetStatsCpuCgroup(virDomainObj
+@@ -19984,37 +19971,7 @@ qemuDomainGetStatsCpuCgroup(virDomainObj
                              int *maxparams)
  {
      qemuDomainObjPrivatePtr priv = dom->privateData;
@@ -327,7 +327,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  }
  
  
-@@ -20373,44 +20330,6 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr
+@@ -20210,44 +20167,6 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr
      return ret;
  }
  
@@ -372,7 +372,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  static int
  qemuDomainGetStatsInterface(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
                              virDomainObjPtr dom,
-@@ -20418,68 +20337,9 @@ qemuDomainGetStatsInterface(virQEMUDrive
+@@ -20255,68 +20174,9 @@ qemuDomainGetStatsInterface(virQEMUDrive
                              int *maxparams,
                              unsigned int privflags ATTRIBUTE_UNUSED)
  {
@@ -442,7 +442,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  #define QEMU_ADD_BLOCK_PARAM_UI(record, maxparams, num, name, value) \
      do { \
          char param_name[VIR_TYPED_PARAM_FIELD_LENGTH]; \
-@@ -20712,10 +20572,10 @@ qemuDomainGetStatsBlockExportHeader(virD
+@@ -20549,10 +20409,10 @@ qemuDomainGetStatsBlockExportHeader(virD
  {
      int ret = -1;
  
@@ -455,7 +455,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
      if (src->id)
          QEMU_ADD_BLOCK_PARAM_UI(records, nrecords, recordnr, "backingIndex",
                                  src->id);
-@@ -20869,7 +20729,7 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
+@@ -20706,7 +20566,7 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
       * after the iteration than it is to iterate twice; but we still
       * want count listed first.  */
      count_index = record->nparams;
@@ -464,7 +464,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  
      for (i = 0; i < dom->def->ndisks; i++) {
          if (qemuDomainGetStatsBlockExportDisk(dom->def->disks[i], stats, nodestats,
-@@ -20894,8 +20754,6 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
+@@ -20731,8 +20591,6 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
  
  #undef QEMU_ADD_BLOCK_PARAM_ULL
  
@@ -473,7 +473,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  #define QEMU_ADD_IOTHREAD_PARAM_UI(record, maxparams, id, name, value) \
      do { \
          char param_name[VIR_TYPED_PARAM_FIELD_LENGTH]; \
-@@ -20947,7 +20805,7 @@ qemuDomainGetStatsIOThread(virQEMUDriver
+@@ -20784,7 +20642,7 @@ qemuDomainGetStatsIOThread(virQEMUDriver
      if (niothreads == 0)
          return 0;
  
@@ -482,7 +482,7 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  
      for (i = 0; i < niothreads; i++) {
          if (iothreads[i]->poll_valid) {
-@@ -20980,8 +20838,6 @@ qemuDomainGetStatsIOThread(virQEMUDriver
+@@ -20817,8 +20675,6 @@ qemuDomainGetStatsIOThread(virQEMUDriver
  
  #undef QEMU_ADD_IOTHREAD_PARAM_ULL
  
@@ -491,11 +491,11 @@ Index: libvirt-5.4.0/src/qemu/qemu_driver.c
  static int
  qemuDomainGetStatsPerfOneEvent(virPerfPtr perf,
                                 virPerfEventType type,
-Index: libvirt-5.4.0/src/util/vircgroup.c
+Index: libvirt-5.5.0/src/util/vircgroup.c
 ===================================================================
---- libvirt-5.4.0.orig/src/util/vircgroup.c
-+++ libvirt-5.4.0/src/util/vircgroup.c
-@@ -2774,6 +2774,44 @@ virCgroupControllerAvailable(int control
+--- libvirt-5.5.0.orig/src/util/vircgroup.c
++++ libvirt-5.5.0/src/util/vircgroup.c
+@@ -2786,6 +2786,44 @@ virCgroupControllerAvailable(int control
      return ret;
  }
  
@@ -540,7 +540,7 @@ Index: libvirt-5.4.0/src/util/vircgroup.c
  #else /* !__linux__ */
  
  bool
-@@ -2783,6 +2821,15 @@ virCgroupAvailable(void)
+@@ -2795,6 +2833,15 @@ virCgroupAvailable(void)
  }
  
  
@@ -556,11 +556,11 @@ Index: libvirt-5.4.0/src/util/vircgroup.c
  int
  virCgroupNewPartition(const char *path ATTRIBUTE_UNUSED,
                        bool create ATTRIBUTE_UNUSED,
-Index: libvirt-5.4.0/src/util/vircgroup.h
+Index: libvirt-5.5.0/src/util/vircgroup.h
 ===================================================================
---- libvirt-5.4.0.orig/src/util/vircgroup.h
-+++ libvirt-5.4.0/src/util/vircgroup.h
-@@ -285,4 +285,9 @@ int virCgroupSetOwner(virCgroupPtr cgrou
+--- libvirt-5.5.0.orig/src/util/vircgroup.h
++++ libvirt-5.5.0/src/util/vircgroup.h
+@@ -284,3 +284,7 @@ int virCgroupSetOwner(virCgroupPtr cgrou
  int virCgroupHasEmptyTasks(virCgroupPtr cgroup, int controller);
  
  bool virCgroupControllerAvailable(int controller);
@@ -568,13 +568,11 @@ Index: libvirt-5.4.0/src/util/vircgroup.h
 +int virCgroupGetStatsCpu(virCgroupPtr cgroup,
 +                         virDomainStatsRecordPtr record,
 +                         int *maxparams);
-+
- #endif /* LIBVIRT_VIRCGROUP_H */
-Index: libvirt-5.4.0/src/conf/Makefile.inc.am
+Index: libvirt-5.5.0/src/conf/Makefile.inc.am
 ===================================================================
---- libvirt-5.4.0.orig/src/conf/Makefile.inc.am
-+++ libvirt-5.4.0/src/conf/Makefile.inc.am
-@@ -22,6 +22,8 @@ DOMAIN_CONF_SOURCES = \
+--- libvirt-5.5.0.orig/src/conf/Makefile.inc.am
++++ libvirt-5.5.0/src/conf/Makefile.inc.am
+@@ -24,6 +24,8 @@ DOMAIN_CONF_SOURCES = \
  	conf/domain_audit.h \
  	conf/domain_nwfilter.c \
  	conf/domain_nwfilter.h \

0001-libxl-add-support-for-BlockResize-API.patch

@@ -19,11 +19,11 @@ reworking this patch and submitting it to upstream libvirt.
  src/libxl/libxl_driver.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++
  1 file changed, 91 insertions(+)
 
-Index: libvirt-5.4.0/src/libxl/libxl_driver.c
+Index: libvirt-5.5.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.4.0/src/libxl/libxl_driver.c
-@@ -5266,6 +5266,97 @@ libxlDomainMemoryStats(virDomainPtr dom,
+--- libvirt-5.5.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.5.0/src/libxl/libxl_driver.c
+@@ -5299,6 +5299,97 @@ libxlDomainMemoryStats(virDomainPtr dom,
  
  #undef LIBXL_SET_MEMSTAT
  
@@ -121,7 +121,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_driver.c
  static int
  libxlDomainGetJobInfo(virDomainPtr dom,
                        virDomainJobInfoPtr info)
-@@ -6650,6 +6741,7 @@ static virHypervisorDriver libxlHypervis
+@@ -6683,6 +6774,7 @@ static virHypervisorDriver libxlHypervis
  #endif
      .nodeGetFreeMemory = libxlNodeGetFreeMemory, /* 0.9.0 */
      .nodeGetCellsFreeMemory = libxlNodeGetCellsFreeMemory, /* 1.1.1 */

0002-lxc-implement-connectGetAllDomainStats.patch

@@ -9,10 +9,10 @@ them using the existing API.
  src/lxc/lxc_driver.c | 138 +++++++++++++++++++++++++++++++++++++++++++++++++++
  1 file changed, 138 insertions(+)
 
-Index: libvirt-5.4.0/src/lxc/lxc_driver.c
+Index: libvirt-5.5.0/src/lxc/lxc_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/lxc/lxc_driver.c
-+++ libvirt-5.4.0/src/lxc/lxc_driver.c
+--- libvirt-5.5.0.orig/src/lxc/lxc_driver.c
++++ libvirt-5.5.0/src/lxc/lxc_driver.c
 @@ -75,6 +75,7 @@
  #include "viraccessapichecklxc.h"
  #include "virhostdev.h"

8afa68ba-CVE-2019-10167.patch

@@ -1,25 +0,0 @@
-commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26
-Author: Ján Tomko <jtomko@redhat.com>
-Date:   Fri Jun 14 09:16:14 2019 +0200
-
-    api: disallow virConnectGetDomainCapabilities on read-only connections
-    
-    This API can be used to execute arbitrary emulators.
-    Forbid it on read-only connections.
-    
-    Fixes: CVE-2019-10167
-    Signed-off-by: Ján Tomko <jtomko@redhat.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.4.0/src/libvirt-domain.c
-===================================================================
---- libvirt-5.4.0.orig/src/libvirt-domain.c
-+++ libvirt-5.4.0/src/libvirt-domain.c
-@@ -11360,6 +11360,7 @@ virConnectGetDomainCapabilities(virConne
-     virResetLastError();
- 
-     virCheckConnectReturn(conn, NULL);
-+    virCheckReadOnlyGoto(conn->flags, error);
- 
-     if (conn->driver->connectGetDomainCapabilities) {
-         char *ret;

aed6a032-CVE-2019-10161.patch

@@ -1,73 +0,0 @@
-commit aed6a032cead4386472afb24b16196579e239580
-Author: Ján Tomko <jtomko@redhat.com>
-Date:   Fri Jun 14 08:47:42 2019 +0200
-
-    api: disallow virDomainSaveImageGetXMLDesc on read-only connections
-    
-    The virDomainSaveImageGetXMLDesc API is taking a path parameter,
-    which can point to any path on the system. This file will then be
-    read and parsed by libvirtd running with root privileges.
-    
-    Forbid it on read-only connections.
-    
-    Fixes: CVE-2019-10161
-    Reported-by: Matthias Gerstner <mgerstner@suse.de>
-    Signed-off-by: Ján Tomko <jtomko@redhat.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.4.0/src/libvirt-domain.c
-===================================================================
---- libvirt-5.4.0.orig/src/libvirt-domain.c
-+++ libvirt-5.4.0/src/libvirt-domain.c
-@@ -1073,8 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn
-  * previously by virDomainSave() or virDomainSaveFlags().
-  *
-  * No security-sensitive data will be included unless @flags contains
-- * VIR_DOMAIN_SAVE_IMAGE_XML_SECURE; this flag is rejected on read-only
-- * connections.
-+ * VIR_DOMAIN_SAVE_IMAGE_XML_SECURE.
-  *
-  * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of
-  * error.  The caller must free() the returned value.
-@@ -1090,13 +1089,7 @@ virDomainSaveImageGetXMLDesc(virConnectP
- 
-     virCheckConnectReturn(conn, NULL);
-     virCheckNonNullArgGoto(file, error);
--
--    if ((conn->flags & VIR_CONNECT_RO) &&
--        (flags & VIR_DOMAIN_SAVE_IMAGE_XML_SECURE)) {
--        virReportError(VIR_ERR_OPERATION_DENIED, "%s",
--                       _("virDomainSaveImageGetXMLDesc with secure flag"));
--        goto error;
--    }
-+    virCheckReadOnlyGoto(conn->flags, error);
- 
-     if (conn->driver->domainSaveImageGetXMLDesc) {
-         char *ret;
-Index: libvirt-5.4.0/src/qemu/qemu_driver.c
-===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-5.4.0/src/qemu/qemu_driver.c
-@@ -7038,7 +7038,7 @@ qemuDomainSaveImageGetXMLDesc(virConnect
-     if (fd < 0)
-         goto cleanup;
- 
--    if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0)
-+    if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
-         goto cleanup;
- 
-     ret = qemuDomainDefFormatXML(driver, def, flags);
-Index: libvirt-5.4.0/src/remote/remote_protocol.x
-===================================================================
---- libvirt-5.4.0.orig/src/remote/remote_protocol.x
-+++ libvirt-5.4.0/src/remote/remote_protocol.x
-@@ -5242,8 +5242,7 @@ enum remote_procedure {
-     /**
-      * @generate: both
-      * @priority: high
--     * @acl: domain:read
--     * @acl: domain:read_secure:VIR_DOMAIN_SAVE_IMAGE_XML_SECURE
-+     * @acl: domain:write
-      */
-     REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235,
- 

bf6c2830-CVE-2019-10168.patch

@@ -1,33 +0,0 @@
-commit bf6c2830b6c338b1f5699b095df36f374777b291
-Author: Ján Tomko <jtomko@redhat.com>
-Date:   Fri Jun 14 09:17:39 2019 +0200
-
-    api: disallow virConnect*HypervisorCPU on read-only connections
-    
-    These APIs can be used to execute arbitrary emulators.
-    Forbid them on read-only connections.
-    
-    Fixes: CVE-2019-10168
-    Signed-off-by: Ján Tomko <jtomko@redhat.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.4.0/src/libvirt-host.c
-===================================================================
---- libvirt-5.4.0.orig/src/libvirt-host.c
-+++ libvirt-5.4.0/src/libvirt-host.c
-@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnec
- 
-     virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR);
-     virCheckNonNullArgGoto(xmlCPU, error);
-+    virCheckReadOnlyGoto(conn->flags, error);
- 
-     if (conn->driver->connectCompareHypervisorCPU) {
-         int ret;
-@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConne
- 
-     virCheckConnectReturn(conn, NULL);
-     virCheckNonNullArgGoto(xmlCPUs, error);
-+    virCheckReadOnlyGoto(conn->flags, error);
- 
-     if (conn->driver->connectBaselineHypervisorCPU) {
-         char *cpu;

blockcopy-check-dst-identical-device.patch

@@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
  src/qemu/qemu_driver.c | 7 +++++++
  1 file changed, 7 insertions(+)
 
-Index: libvirt-5.4.0/src/qemu/qemu_driver.c
+Index: libvirt-5.5.0/src/qemu/qemu_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-5.4.0/src/qemu/qemu_driver.c
-@@ -17719,6 +17719,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
+--- libvirt-5.5.0.orig/src/qemu/qemu_driver.c
++++ libvirt-5.5.0/src/qemu/qemu_driver.c
+@@ -17556,6 +17556,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
          goto endjob;
      }
  

db0b7845-CVE-2019-10166.patch

@@ -1,27 +0,0 @@
-commit db0b78457f183e4c7ac45bc94de86044a1e2056a
-Author: Ján Tomko <jtomko@redhat.com>
-Date:   Fri Jun 14 09:14:53 2019 +0200
-
-    api: disallow virDomainManagedSaveDefineXML on read-only connections
-    
-    The virDomainManagedSaveDefineXML can be used to alter the domain's
-    config used for managedsave or even execute arbitrary emulator binaries.
-    Forbid it on read-only connections.
-    
-    Fixes: CVE-2019-10166
-    Reported-by: Matthias Gerstner <mgerstner@suse.de>
-    Signed-off-by: Ján Tomko <jtomko@redhat.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.4.0/src/libvirt-domain.c
-===================================================================
---- libvirt-5.4.0.orig/src/libvirt-domain.c
-+++ libvirt-5.4.0/src/libvirt-domain.c
-@@ -9563,6 +9563,7 @@ virDomainManagedSaveDefineXML(virDomainP
- 
-     virCheckDomainReturn(domain, -1);
-     conn = domain->conn;
-+    virCheckReadOnlyGoto(conn->flags, error);
- 
-     if (conn->driver->domainManagedSaveDefineXML) {
-         int ret;

libvirt-5.4.0.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1cfa802081bee09fd0ddfa97bd491e6554e25fa59f7a7758b41d8aef53458e7b
-size 12346896

libvirt-5.4.0.tar.xz.asc

@@ -1,10 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEcBAABAgAGBQJc9TFvAAoJEBVYiyZZa+pdxuEH/3y3Xl0gwzvHMLPcDa27ZgCW
-GMDRrZjifnRPWyr+VIM2JrW16vquM2iSayRR2UHHJxK0nDHReyZlbVmShEmQk32P
-HAmOZB8P4aITe+CGso93OgbeBNOYpNfIConZxnYUYVXgMnzlZcKsL7AiN8FjdAwm
-24RoUv4gokk+17RDmo6WgfFkT7FiUG/VbggE7TmS63v+HKaszAQsgCsIiceAFynA
-Qwz3ziVHt3yEEWy+hReM+Hyc8A1NUgZG6ph2+xZYhXh0n1Bs3SWlVQOkU5EtEKbI
-x51Wvkifpe6ziGWTCPtvV7Fq4wmkKeigZirUlSVYKGsU5WFDN93y/CPnvG4e4+U=
-=ZbeC
------END PGP SIGNATURE-----

libvirt-5.5.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2306ef0947a594f91ec9da4b8b0307bdb54b897f17de19f48e8ecdca08ff35e8
+size 12930224

libvirt-5.5.0.tar.xz.asc

@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEE20ZoG7ka3OoXD6LUFViLJllr6l0FAl0bu28ACgkQFViLJllr
+6l1TGwgAjmHjsmQ4Yu1JlKBiYWADvMf2pGS9LnrZMO9W8fC6veMmPvrk8ooePhgg
+ccOn990Me4bVPmscA+pOQ89OgbXP4NziJCz8Rg/baZHQnQn4u8wML/rSupYXgI3V
+Xypbluq5lBXPj7364P3k4mjhmdYhCVU3WbCkcMeBHJICV3p/RCON08kdDM6aUThf
+PE3nQAWYWs1N5wTENnhb2omiMOKOa/C1vUUuXw1TxFFS4m1dzGsAQlPep0kN+uwU
+mhJFUE9LgO7GgMFNhvntNE2++GFANFa3gjHzXgu0OnAhlEuu/xMfcSHYTV5/h5Se
+CoYCiF7qdSjly29lu5MwJThF6MjraQ==
+=VZ8+
+-----END PGP SIGNATURE-----

libvirt-power8-models.patch

@@ -2,10 +2,10 @@ Add POWER8 v2.0 and v2.1 to cpu map XML
 
 From: <ro@suse.de>
 
-Index: libvirt-5.4.0/src/cpu_map/ppc64_POWER8.xml
+Index: libvirt-5.5.0/src/cpu_map/ppc64_POWER8.xml
 ===================================================================
---- libvirt-5.4.0.orig/src/cpu_map/ppc64_POWER8.xml
-+++ libvirt-5.4.0/src/cpu_map/ppc64_POWER8.xml
+--- libvirt-5.5.0.orig/src/cpu_map/ppc64_POWER8.xml
++++ libvirt-5.5.0/src/cpu_map/ppc64_POWER8.xml
 @@ -4,5 +4,7 @@
      <pvr value='0x004b0000' mask='0xffff0000'/>
      <pvr value='0x004c0000' mask='0xffff0000'/>

libvirt-suse-netcontrol.patch

@@ -1,8 +1,8 @@
-Index: libvirt-5.4.0/configure.ac
+Index: libvirt-5.5.0/configure.ac
 ===================================================================
---- libvirt-5.4.0.orig/configure.ac
-+++ libvirt-5.4.0/configure.ac
-@@ -262,6 +262,7 @@ LIBVIRT_ARG_LIBSSH
+--- libvirt-5.5.0.orig/configure.ac
++++ libvirt-5.5.0/configure.ac
+@@ -261,6 +261,7 @@ LIBVIRT_ARG_LIBSSH
  LIBVIRT_ARG_LIBXML
  LIBVIRT_ARG_MACVTAP
  LIBVIRT_ARG_NETCF
@@ -10,7 +10,7 @@ Index: libvirt-5.4.0/configure.ac
  LIBVIRT_ARG_NLS
  LIBVIRT_ARG_NSS
  LIBVIRT_ARG_NUMACTL
-@@ -306,6 +307,7 @@ LIBVIRT_CHECK_LIBSSH
+@@ -304,6 +305,7 @@ LIBVIRT_CHECK_LIBSSH
  LIBVIRT_CHECK_LIBXML
  LIBVIRT_CHECK_MACVTAP
  LIBVIRT_CHECK_NETCF
@@ -18,7 +18,7 @@ Index: libvirt-5.4.0/configure.ac
  LIBVIRT_CHECK_NLS
  LIBVIRT_CHECK_NUMACTL
  LIBVIRT_CHECK_NWFILTER
-@@ -991,6 +993,7 @@ LIBVIRT_RESULT_LIBXL
+@@ -988,6 +990,7 @@ LIBVIRT_RESULT_LIBXL
  LIBVIRT_RESULT_LIBXML
  LIBVIRT_RESULT_MACVTAP
  LIBVIRT_RESULT_NETCF
@@ -26,10 +26,10 @@ Index: libvirt-5.4.0/configure.ac
  LIBVIRT_RESULT_NLS
  LIBVIRT_RESULT_NSS
  LIBVIRT_RESULT_NUMACTL
-Index: libvirt-5.4.0/tools/virsh.c
+Index: libvirt-5.5.0/tools/virsh.c
 ===================================================================
---- libvirt-5.4.0.orig/tools/virsh.c
-+++ libvirt-5.4.0/tools/virsh.c
+--- libvirt-5.5.0.orig/tools/virsh.c
++++ libvirt-5.5.0/tools/virsh.c
 @@ -563,6 +563,8 @@ virshShowVersion(vshControl *ctl ATTRIBU
      vshPrint(ctl, " Interface");
  # if defined(WITH_NETCF)
@@ -39,10 +39,10 @@ Index: libvirt-5.4.0/tools/virsh.c
  # elif defined(WITH_UDEV)
      vshPrint(ctl, " udev");
  # endif
-Index: libvirt-5.4.0/src/interface/interface_backend_netcf.c
+Index: libvirt-5.5.0/src/interface/interface_backend_netcf.c
 ===================================================================
---- libvirt-5.4.0.orig/src/interface/interface_backend_netcf.c
-+++ libvirt-5.4.0/src/interface/interface_backend_netcf.c
+--- libvirt-5.5.0.orig/src/interface/interface_backend_netcf.c
++++ libvirt-5.5.0/src/interface/interface_backend_netcf.c
 @@ -21,7 +21,12 @@
  
  #include <config.h>
@@ -126,10 +126,10 @@ Index: libvirt-5.4.0/src/interface/interface_backend_netcf.c
      if (virRegisterConnectDriver(&interfaceConnectDriver, false) < 0)
          return -1;
      if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
-Index: libvirt-5.4.0/src/interface/interface_driver.c
+Index: libvirt-5.5.0/src/interface/interface_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/interface/interface_driver.c
-+++ libvirt-5.4.0/src/interface/interface_driver.c
+--- libvirt-5.5.0.orig/src/interface/interface_driver.c
++++ libvirt-5.5.0/src/interface/interface_driver.c
 @@ -30,8 +30,15 @@ interfaceRegister(void)
      if (netcfIfaceRegister() == 0)
          return 0;
@@ -147,10 +147,10 @@ Index: libvirt-5.4.0/src/interface/interface_driver.c
      if (udevIfaceRegister() == 0)
          return 0;
  #endif /* WITH_UDEV */
-Index: libvirt-5.4.0/m4/virt-netcontrol.m4
+Index: libvirt-5.5.0/m4/virt-netcontrol.m4
 ===================================================================
 --- /dev/null
-+++ libvirt-5.4.0/m4/virt-netcontrol.m4
++++ libvirt-5.5.0/m4/virt-netcontrol.m4
 @@ -0,0 +1,39 @@
 +dnl The libnetcontrol library
 +dnl
@@ -191,10 +191,10 @@ Index: libvirt-5.4.0/m4/virt-netcontrol.m4
 +AC_DEFUN([LIBVIRT_RESULT_NETCONTROL],[
 +  LIBVIRT_RESULT_LIB([NETCONTROL])
 +])
-Index: libvirt-5.4.0/src/interface/Makefile.inc.am
+Index: libvirt-5.5.0/src/interface/Makefile.inc.am
 ===================================================================
---- libvirt-5.4.0.orig/src/interface/Makefile.inc.am
-+++ libvirt-5.4.0/src/interface/Makefile.inc.am
+--- libvirt-5.5.0.orig/src/interface/Makefile.inc.am
++++ libvirt-5.5.0/src/interface/Makefile.inc.am
 @@ -6,6 +6,7 @@ INTERFACE_DRIVER_SOURCES = \
  	$(NULL)
  

libvirt.changes

@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Tue Jul  2 21:24:26 UTC 2019 - James Fehlig <jfehlig@suse.com>
+
+- Update to libvirt 5.5.0
+  - CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168
+  - Many incremental improvements and bug fixes, see
+    http://libvirt.org/news.html
+  - Dropped patches:
+    aed6a032-CVE-2019-10161.patch,
+    db0b7845-CVE-2019-10166.patch,
+    8afa68ba-CVE-2019-10167.patch,
+    bf6c2830-CVE-2019-10168.patch
+
 -------------------------------------------------------------------
 Thu Jun 20 14:55:04 UTC 2019 - Jim Fehlig <jfehlig@suse.com>
 

libvirt.spec

@@ -183,7 +183,7 @@
 
 Name:           libvirt
 Url:            http://libvirt.org/
-Version:        5.4.0
+Version:        5.5.0
 Release:        0
 Summary:        Library providing a virtualization API
 License:        LGPL-2.1-or-later
@@ -255,7 +255,6 @@ BuildRequires:  libyajl-devel
 %if %{with_sanlock}
 BuildRequires:  sanlock-devel >= 2.4
 %endif
-BuildRequires:  libavahi-devel
 BuildRequires:  libnl3-devel
 BuildRequires:  libpcap-devel
 BuildRequires:  libselinux-devel
@@ -272,6 +271,8 @@ BuildRequires:  ebtables
 BuildRequires:  iptables
 BuildRequires:  polkit >= 0.112
 BuildRequires:  radvd
+# Communication with the firewall and polkit daemons use DBus
+BuildRequires:  dbus-1-devel
 # For mount/umount in FS driver
 BuildRequires:  util-linux
 # For LVM drivers
@@ -336,10 +337,6 @@ Source6:        libvirtd-relocation-server.xml
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
-Patch0:         aed6a032-CVE-2019-10161.patch
-Patch1:         db0b7845-CVE-2019-10166.patch
-Patch2:         8afa68ba-CVE-2019-10167.patch
-Patch3:         bf6c2830-CVE-2019-10168.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch
@@ -418,6 +415,8 @@ Requires:       dmidecode
 %if %{with_numad}
 Requires:       numad
 %endif
+# libvirtd depends on 'messagebus' service
+Requires:       dbus-1
 
 # libvirt is configured with paths to UEFI firmwares in %build,
 # hence add a dependency to the firmware packages
@@ -872,10 +871,6 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
 %patch100 -p1
 %patch101 -p1
 %patch150 -p1
@@ -1037,7 +1032,6 @@ export PYTHON=%{_bindir}/python3
            %{?arg_vbox} \
            %{?arg_libxl} \
            --with-sasl \
-           --with-avahi \
            --with-polkit \
            --with-libvirtd \
            %{?arg_phyp} \
@@ -1099,7 +1093,7 @@ gzip -9 ChangeLog
 
 %install
 %make_install SYSTEMD_UNIT_DIR=%{_unitdir} HTML_DIR=%{_docdir}/%{name}
-cp examples/lxcconvert/virt-lxc-convert %{buildroot}/%{_bindir}
+cp examples/sh/virt-lxc-convert %{buildroot}/%{_bindir}
 rm -f %{buildroot}/%{_libdir}/*.la
 %if %{with_wireshark}
 rm -f %{buildroot}/%{wireshark_plugindir}/libvirt.la
@@ -1628,6 +1622,7 @@ fi
 %{_datadir}/%{name}/schemas/interface.rng
 %{_datadir}/%{name}/schemas/network.rng
 %{_datadir}/%{name}/schemas/networkcommon.rng
+%{_datadir}/%{name}/schemas/networkport.rng
 %{_datadir}/%{name}/schemas/nodedev.rng
 %{_datadir}/%{name}/schemas/nwfilter.rng
 %{_datadir}/%{name}/schemas/nwfilter_params.rng

libxl-dom-reset.patch

@@ -8,11 +8,11 @@ Date:   Mon Jun 23 15:51:20 2014 -0600
     option, but domainReset can be implemented in the libxl driver by
     forcibly destroying the domain and starting it again.
 
-Index: libvirt-5.4.0/src/libxl/libxl_driver.c
+Index: libvirt-5.5.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.4.0/src/libxl/libxl_driver.c
-@@ -1343,6 +1343,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
+--- libvirt-5.5.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.5.0/src/libxl/libxl_driver.c
+@@ -1376,6 +1376,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
  }
  
  static int
@@ -74,7 +74,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_driver.c
  libxlDomainDestroyFlags(virDomainPtr dom,
                          unsigned int flags)
  {
-@@ -6525,6 +6580,7 @@ static virHypervisorDriver libxlHypervis
+@@ -6558,6 +6613,7 @@ static virHypervisorDriver libxlHypervis
      .domainShutdown = libxlDomainShutdown, /* 0.9.0 */
      .domainShutdownFlags = libxlDomainShutdownFlags, /* 0.9.10 */
      .domainReboot = libxlDomainReboot, /* 0.9.0 */

libxl-set-cach-mode.patch

@@ -3,10 +3,10 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425
  src/libxl/libxl_conf.c |   25 +++++++++++++++++++++++++
  1 file changed, 25 insertions(+)
 
-Index: libvirt-5.4.0/src/libxl/libxl_conf.c
+Index: libvirt-5.5.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.4.0/src/libxl/libxl_conf.c
+--- libvirt-5.5.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.5.0/src/libxl/libxl_conf.c
 @@ -897,6 +897,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }

libxl-set-migration-constraints.patch

@@ -16,10 +16,10 @@ Signed-off-by: Jim Fehlig <jfehlig@suse.com>
  tools/virsh.pod                  |    8 ++++++++
  6 files changed, 125 insertions(+), 6 deletions(-)
 
-Index: libvirt-5.4.0/include/libvirt/libvirt-domain.h
+Index: libvirt-5.5.0/include/libvirt/libvirt-domain.h
 ===================================================================
---- libvirt-5.4.0.orig/include/libvirt/libvirt-domain.h
-+++ libvirt-5.4.0/include/libvirt/libvirt-domain.h
+--- libvirt-5.5.0.orig/include/libvirt/libvirt-domain.h
++++ libvirt-5.5.0/include/libvirt/libvirt-domain.h
 @@ -1051,6 +1051,31 @@ typedef enum {
   */
  # define VIR_MIGRATE_PARAM_PARALLEL_CONNECTIONS     "parallel.connections"
@@ -52,11 +52,11 @@ Index: libvirt-5.4.0/include/libvirt/libvirt-domain.h
  /* Domain migration. */
  virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn,
                                 unsigned long flags, const char *dname,
-Index: libvirt-5.4.0/src/libxl/libxl_driver.c
+Index: libvirt-5.5.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.4.0/src/libxl/libxl_driver.c
-@@ -6132,6 +6132,9 @@ libxlDomainMigratePerform3Params(virDoma
+--- libvirt-5.5.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.5.0/src/libxl/libxl_driver.c
+@@ -6165,6 +6165,9 @@ libxlDomainMigratePerform3Params(virDoma
      const char *dname = NULL;
      const char *uri = NULL;
      int ret = -1;
@@ -66,7 +66,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_driver.c
  
  #ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
      virReportUnsupportedError();
-@@ -6148,6 +6151,18 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6181,6 +6184,18 @@ libxlDomainMigratePerform3Params(virDoma
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_DEST_NAME,
                                  &dname) < 0 ||
@@ -85,7 +85,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_driver.c
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_URI,
                                  &uri) < 0)
-@@ -6162,11 +6177,11 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6195,11 +6210,11 @@ libxlDomainMigratePerform3Params(virDoma
  
      if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
          if (libxlDomainMigrationSrcPerformP2P(driver, vm, dom->conn, dom_xml,
@@ -99,10 +99,10 @@ Index: libvirt-5.4.0/src/libxl/libxl_driver.c
              goto cleanup;
      }
  
-Index: libvirt-5.4.0/src/libxl/libxl_migration.c
+Index: libvirt-5.5.0/src/libxl/libxl_migration.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_migration.c
-+++ libvirt-5.4.0/src/libxl/libxl_migration.c
+--- libvirt-5.5.0.orig/src/libxl/libxl_migration.c
++++ libvirt-5.5.0/src/libxl/libxl_migration.c
 @@ -342,18 +342,39 @@ libxlMigrateDstReceive(virNetSocketPtr s
  static int
  libxlDoMigrateSrcSend(libxlDriverPrivatePtr driver,
@@ -264,11 +264,11 @@ Index: libvirt-5.4.0/src/libxl/libxl_migration.c
      virObjectLock(vm);
  
      if (ret < 0) {
-Index: libvirt-5.4.0/src/libxl/libxl_migration.h
+Index: libvirt-5.5.0/src/libxl/libxl_migration.h
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_migration.h
-+++ libvirt-5.4.0/src/libxl/libxl_migration.h
-@@ -36,6 +36,10 @@
+--- libvirt-5.5.0.orig/src/libxl/libxl_migration.h
++++ libvirt-5.5.0/src/libxl/libxl_migration.h
+@@ -35,6 +35,10 @@
      VIR_MIGRATE_PARAM_URI,              VIR_TYPED_PARAM_STRING, \
      VIR_MIGRATE_PARAM_DEST_NAME,        VIR_TYPED_PARAM_STRING, \
      VIR_MIGRATE_PARAM_DEST_XML,         VIR_TYPED_PARAM_STRING, \
@@ -279,7 +279,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_migration.h
      NULL
  
  char *
-@@ -67,6 +71,14 @@ libxlDomainMigrationDstPrepare(virConnec
+@@ -66,6 +70,14 @@ libxlDomainMigrationDstPrepare(virConnec
                                 int cookieinlen,
                                 unsigned int flags);
  
@@ -294,7 +294,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_migration.h
  int
  libxlDomainMigrationSrcPerformP2P(libxlDriverPrivatePtr driver,
                                    virDomainObjPtr vm,
-@@ -75,7 +87,7 @@ libxlDomainMigrationSrcPerformP2P(libxlD
+@@ -74,7 +86,7 @@ libxlDomainMigrationSrcPerformP2P(libxlD
                                    const char *dconnuri,
                                    const char *uri_str,
                                    const char *dname,
@@ -303,7 +303,7 @@ Index: libvirt-5.4.0/src/libxl/libxl_migration.h
  
  int
  libxlDomainMigrationSrcPerform(libxlDriverPrivatePtr driver,
-@@ -84,7 +96,7 @@ libxlDomainMigrationSrcPerform(libxlDriv
+@@ -83,7 +95,7 @@ libxlDomainMigrationSrcPerform(libxlDriv
                                 const char *dconnuri,
                                 const char *uri_str,
                                 const char *dname,
@@ -312,11 +312,11 @@ Index: libvirt-5.4.0/src/libxl/libxl_migration.h
  
  virDomainPtr
  libxlDomainMigrationDstFinish(virConnectPtr dconn,
-Index: libvirt-5.4.0/tools/virsh-domain.c
+Index: libvirt-5.5.0/tools/virsh-domain.c
 ===================================================================
---- libvirt-5.4.0.orig/tools/virsh-domain.c
-+++ libvirt-5.4.0/tools/virsh-domain.c
-@@ -10576,6 +10576,22 @@ static const vshCmdOptDef opts_migrate[]
+--- libvirt-5.5.0.orig/tools/virsh-domain.c
++++ libvirt-5.5.0/tools/virsh-domain.c
+@@ -10580,6 +10580,22 @@ static const vshCmdOptDef opts_migrate[]
       .type = VSH_OT_INT,
       .help = N_("number of connections for parallel migration")
      },
@@ -339,7 +339,7 @@ Index: libvirt-5.4.0/tools/virsh-domain.c
      {.name = NULL}
  };
  
-@@ -10599,6 +10615,7 @@ doMigrate(void *opaque)
+@@ -10603,6 +10619,7 @@ doMigrate(void *opaque)
      unsigned long long ullOpt = 0;
      int rv;
      virConnectPtr dconn = data->dconn;
@@ -347,7 +347,7 @@ Index: libvirt-5.4.0/tools/virsh-domain.c
  
      sigemptyset(&sigmask);
      sigaddset(&sigmask, SIGINT);
-@@ -10718,6 +10735,27 @@ doMigrate(void *opaque)
+@@ -10722,6 +10739,27 @@ doMigrate(void *opaque)
              goto save_error;
      }
  
@@ -375,10 +375,10 @@ Index: libvirt-5.4.0/tools/virsh-domain.c
      if (vshCommandOptStringReq(ctl, cmd, "xml", &opt) < 0)
          goto out;
      if (opt) {
-Index: libvirt-5.4.0/tools/virsh.pod
+Index: libvirt-5.5.0/tools/virsh.pod
 ===================================================================
---- libvirt-5.4.0.orig/tools/virsh.pod
-+++ libvirt-5.4.0/tools/virsh.pod
+--- libvirt-5.5.0.orig/tools/virsh.pod
++++ libvirt-5.5.0/tools/virsh.pod
 @@ -2019,6 +2019,14 @@ I<--parallel-connections>. Parallel conn
  network link between the source and the target and thus speeding up the
  migration.

libxl-support-block-script.patch

@@ -7,10 +7,10 @@ and npiv.
 
 For more details, see bsc#954872 and FATE#319810
 
-Index: libvirt-5.4.0/src/libxl/libxl_conf.c
+Index: libvirt-5.5.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.4.0/src/libxl/libxl_conf.c
+--- libvirt-5.5.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.5.0/src/libxl/libxl_conf.c
 @@ -897,6 +897,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }

lxc-wait-after-eth-del.patch

@@ -13,10 +13,10 @@ device with the same name that is being created.
  src/lxc/lxc_process.c    | 1 +
  3 files changed, 4 insertions(+)
 
-Index: libvirt-5.4.0/src/lxc/lxc_controller.c
+Index: libvirt-5.5.0/src/lxc/lxc_controller.c
 ===================================================================
---- libvirt-5.4.0.orig/src/lxc/lxc_controller.c
-+++ libvirt-5.4.0/src/lxc/lxc_controller.c
+--- libvirt-5.5.0.orig/src/lxc/lxc_controller.c
++++ libvirt-5.5.0/src/lxc/lxc_controller.c
 @@ -69,6 +69,7 @@
  #include "rpc/virnetdaemon.h"
  #include "virstring.h"
@@ -25,7 +25,7 @@ Index: libvirt-5.4.0/src/lxc/lxc_controller.c
  
  #define VIR_FROM_THIS VIR_FROM_LXC
  
-@@ -2017,6 +2018,7 @@ static int virLXCControllerDeleteInterfa
+@@ -2016,6 +2017,7 @@ static int virLXCControllerDeleteInterfa
          if (virNetDevVethDelete(ctrl->veths[i]) < 0)
              ret = -1;
      }
@@ -33,10 +33,10 @@ Index: libvirt-5.4.0/src/lxc/lxc_controller.c
  
      return ret;
  }
-Index: libvirt-5.4.0/src/lxc/lxc_driver.c
+Index: libvirt-5.5.0/src/lxc/lxc_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/lxc/lxc_driver.c
-+++ libvirt-5.4.0/src/lxc/lxc_driver.c
+--- libvirt-5.5.0.orig/src/lxc/lxc_driver.c
++++ libvirt-5.5.0/src/lxc/lxc_driver.c
 @@ -70,6 +70,7 @@
  #include "virtime.h"
  #include "virtypedparam.h"
@@ -61,10 +61,10 @@ Index: libvirt-5.4.0/src/lxc/lxc_driver.c
          break;
  
          /* It'd be nice to support this, but with macvlan
-Index: libvirt-5.4.0/src/lxc/lxc_process.c
+Index: libvirt-5.5.0/src/lxc/lxc_process.c
 ===================================================================
---- libvirt-5.4.0.orig/src/lxc/lxc_process.c
-+++ libvirt-5.4.0/src/lxc/lxc_process.c
+--- libvirt-5.5.0.orig/src/lxc/lxc_process.c
++++ libvirt-5.5.0/src/lxc/lxc_process.c
 @@ -51,6 +51,7 @@
  #include "viratomic.h"
  #include "virprocess.h"

network-don-t-use-dhcp-authoritative-on-static-netwo.patch

@@ -17,11 +17,11 @@ Signed-off-by: Martin Wilck <mwilck@suse.com>
  tests/networkxml2confdata/dhcp6host-routed-network.conf | 1 -
  2 files changed, 8 insertions(+), 2 deletions(-)
 
-Index: libvirt-5.4.0/src/network/bridge_driver.c
+Index: libvirt-5.5.0/src/network/bridge_driver.c
 ===================================================================
---- libvirt-5.4.0.orig/src/network/bridge_driver.c
-+++ libvirt-5.4.0/src/network/bridge_driver.c
-@@ -1388,7 +1388,14 @@ networkDnsmasqConfContents(virNetworkObj
+--- libvirt-5.5.0.orig/src/network/bridge_driver.c
++++ libvirt-5.5.0/src/network/bridge_driver.c
+@@ -1384,7 +1384,14 @@ networkDnsmasqConfContents(virNetworkObj
          if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET)) {
              if (ipdef->nranges || ipdef->nhosts) {
                  virBufferAddLit(&configbuf, "dhcp-no-override\n");
@@ -37,10 +37,10 @@ Index: libvirt-5.4.0/src/network/bridge_driver.c
              }
  
              if (ipdef->tftproot) {
-Index: libvirt-5.4.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+Index: libvirt-5.5.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 ===================================================================
---- libvirt-5.4.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
-+++ libvirt-5.4.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+--- libvirt-5.5.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
++++ libvirt-5.5.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 @@ -10,7 +10,6 @@ bind-dynamic
  interface=virbr1
  dhcp-range=192.168.122.1,static

ppc64le-canonical-name.patch

@@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64
 
 See bnc#894956
 
-Index: libvirt-5.4.0/src/util/virarch.c
+Index: libvirt-5.5.0/src/util/virarch.c
 ===================================================================
---- libvirt-5.4.0.orig/src/util/virarch.c
-+++ libvirt-5.4.0/src/util/virarch.c
+--- libvirt-5.5.0.orig/src/util/virarch.c
++++ libvirt-5.5.0/src/util/virarch.c
 @@ -172,6 +172,8 @@ virArch virArchFromHost(void)
          arch = VIR_ARCH_I686;
      } else if (STREQ(ut.machine, "amd64")) {

qemu-apparmor-screenshot.patch

@@ -1,8 +1,8 @@
-Index: libvirt-5.4.0/src/security/apparmor/libvirt-qemu
+Index: libvirt-5.5.0/src/security/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-5.4.0.orig/src/security/apparmor/libvirt-qemu
-+++ libvirt-5.4.0/src/security/apparmor/libvirt-qemu
-@@ -227,3 +227,6 @@
+--- libvirt-5.5.0.orig/src/security/apparmor/libvirt-qemu
++++ libvirt-5.5.0/src/security/apparmor/libvirt-qemu
+@@ -228,3 +228,6 @@
    # required for sasl GSSAPI plugin
    /etc/gss/mech.d/ r,
    /etc/gss/mech.d/* r,

support-managed-pci-xen-driver.patch

@@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
  src/xenxs/xen_xm.c   |   28 +++++++++++++++++++++++++++-
  2 files changed, 35 insertions(+), 15 deletions(-)
 
-Index: libvirt-5.4.0/src/xenconfig/xen_common.c
+Index: libvirt-5.5.0/src/xenconfig/xen_common.c
 ===================================================================
---- libvirt-5.4.0.orig/src/xenconfig/xen_common.c
-+++ libvirt-5.4.0/src/xenconfig/xen_common.c
+--- libvirt-5.5.0.orig/src/xenconfig/xen_common.c
++++ libvirt-5.5.0/src/xenconfig/xen_common.c
 @@ -386,12 +386,19 @@ xenParsePCI(char *entry)
      int busID;
      int slotID;
@@ -64,10 +64,10 @@ Index: libvirt-5.4.0/src/xenconfig/xen_common.c
      hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
      hostdev->source.subsys.u.pci.addr.domain = domainID;
      hostdev->source.subsys.u.pci.addr.bus = busID;
-Index: libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.4.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.5.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 @@ -1054,6 +1054,7 @@ xenParseSxprPCI(virDomainDefPtr def,
          int busID;
          int slotID;

suse-apparmor-libnl-paths.patch

@@ -8,10 +8,10 @@ It was also noticed that the per-domain profiles need a libnl rule
 to squelch a denial when starting confined domains.
 
 Found while investigating bsc#1058847
-Index: libvirt-5.4.0/src/security/apparmor/libvirt-qemu
+Index: libvirt-5.5.0/src/security/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-5.4.0.orig/src/security/apparmor/libvirt-qemu
-+++ libvirt-5.4.0/src/security/apparmor/libvirt-qemu
+--- libvirt-5.5.0.orig/src/security/apparmor/libvirt-qemu
++++ libvirt-5.5.0/src/security/apparmor/libvirt-qemu
 @@ -63,6 +63,7 @@
    #/dev/fb* rw,
  
@@ -20,10 +20,10 @@ Index: libvirt-5.4.0/src/security/apparmor/libvirt-qemu
    @{HOME}/.pulse-cookie rwk,
    owner /root/.pulse-cookie rwk,
    owner /root/.pulse/ rw,
-Index: libvirt-5.4.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+Index: libvirt-5.5.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
 ===================================================================
---- libvirt-5.4.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
-+++ libvirt-5.4.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+--- libvirt-5.5.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
++++ libvirt-5.5.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
 @@ -17,7 +17,7 @@ profile virt-aa-helper /usr/{lib,lib64}/
    owner @{PROC}/[0-9]*/status r,
    @{PROC}/filesystems r,

suse-libvirt-guests-service.patch

@@ -1,9 +1,9 @@
 Adjust libvirt-guests service to conform to SUSE standards
 
-Index: libvirt-5.4.0/tools/libvirt-guests.sh.in
+Index: libvirt-5.5.0/tools/libvirt-guests.sh.in
 ===================================================================
---- libvirt-5.4.0.orig/tools/libvirt-guests.sh.in
-+++ libvirt-5.4.0/tools/libvirt-guests.sh.in
+--- libvirt-5.5.0.orig/tools/libvirt-guests.sh.in
++++ libvirt-5.5.0/tools/libvirt-guests.sh.in
 @@ -16,14 +16,13 @@
  # License along with this library.  If not, see
  # <http://www.gnu.org/licenses/>.
@@ -163,10 +163,10 @@ Index: libvirt-5.4.0/tools/libvirt-guests.sh.in
  esac
 -exit $RETVAL
 +rc_exit
-Index: libvirt-5.4.0/tools/libvirt-guests.sysconf
+Index: libvirt-5.5.0/tools/libvirt-guests.sysconf
 ===================================================================
---- libvirt-5.4.0.orig/tools/libvirt-guests.sysconf
-+++ libvirt-5.4.0/tools/libvirt-guests.sysconf
+--- libvirt-5.5.0.orig/tools/libvirt-guests.sysconf
++++ libvirt-5.5.0/tools/libvirt-guests.sysconf
 @@ -1,19 +1,29 @@
 +## Path: System/Virtualization/libvirt-guests
 +

suse-libvirtd-disable-tls.patch

@@ -3,11 +3,11 @@ Disable TLS by default
 On SUSE distros, the default is for libvirtd to listen only on the
 Unix Domain Socket. The libvirt client still provides remote access
 via a SSH tunnel.
-Index: libvirt-5.4.0/src/remote/libvirtd.conf
+Index: libvirt-5.5.0/src/remote/libvirtd.conf
 ===================================================================
---- libvirt-5.4.0.orig/src/remote/libvirtd.conf
-+++ libvirt-5.4.0/src/remote/libvirtd.conf
-@@ -18,8 +18,8 @@
+--- libvirt-5.5.0.orig/src/remote/libvirtd.conf
++++ libvirt-5.5.0/src/remote/libvirtd.conf
+@@ -13,8 +13,8 @@
  # It is necessary to setup a CA and issue server certificates before
  # using this capability.
  #
@@ -18,11 +18,11 @@ Index: libvirt-5.4.0/src/remote/libvirtd.conf
  
  # Listen for unencrypted TCP connections on the public TCP/IP port.
  # NB, must pass the --listen flag to the libvirtd process for this to
-Index: libvirt-5.4.0/src/remote/remote_daemon_config.c
+Index: libvirt-5.5.0/src/remote/remote_daemon_config.c
 ===================================================================
---- libvirt-5.4.0.orig/src/remote/remote_daemon_config.c
-+++ libvirt-5.4.0/src/remote/remote_daemon_config.c
-@@ -108,7 +108,7 @@ daemonConfigNew(bool privileged ATTRIBUT
+--- libvirt-5.5.0.orig/src/remote/remote_daemon_config.c
++++ libvirt-5.5.0/src/remote/remote_daemon_config.c
+@@ -106,7 +106,7 @@ daemonConfigNew(bool privileged ATTRIBUT
      if (VIR_ALLOC(data) < 0)
          return NULL;
  
@@ -31,10 +31,10 @@ Index: libvirt-5.4.0/src/remote/remote_daemon_config.c
      data->listen_tcp = 0;
  
      if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
-Index: libvirt-5.4.0/src/remote/test_libvirtd.aug.in
+Index: libvirt-5.5.0/src/remote/test_libvirtd.aug.in
 ===================================================================
---- libvirt-5.4.0.orig/src/remote/test_libvirtd.aug.in
-+++ libvirt-5.4.0/src/remote/test_libvirtd.aug.in
+--- libvirt-5.5.0.orig/src/remote/test_libvirtd.aug.in
++++ libvirt-5.5.0/src/remote/test_libvirtd.aug.in
 @@ -2,7 +2,7 @@ module Test_libvirtd =
     ::CONFIG::
  

suse-libvirtd-service-xen.patch

@@ -7,10 +7,10 @@ On SUSE distros, we promote libvirt and all the libvirt-based
 tools. If a user installs libvirt on their SUSE Xen host, then
 libvirt should be king and override xendomains. See bsc#1015348
 
-Index: libvirt-5.4.0/src/remote/libvirtd.service.in
+Index: libvirt-5.5.0/src/remote/libvirtd.service.in
 ===================================================================
---- libvirt-5.4.0.orig/src/remote/libvirtd.service.in
-+++ libvirt-5.4.0/src/remote/libvirtd.service.in
+--- libvirt-5.5.0.orig/src/remote/libvirtd.service.in
++++ libvirt-5.5.0/src/remote/libvirtd.service.in
 @@ -17,6 +17,8 @@ After=local-fs.target
  After=remote-fs.target
  After=systemd-logind.service

suse-libvirtd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust libvirtd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.4.0/src/remote/libvirtd.sysconf
+Index: libvirt-5.5.0/src/remote/libvirtd.sysconf
 ===================================================================
---- libvirt-5.4.0.orig/src/remote/libvirtd.sysconf
-+++ libvirt-5.4.0/src/remote/libvirtd.sysconf
+--- libvirt-5.5.0.orig/src/remote/libvirtd.sysconf
++++ libvirt-5.5.0/src/remote/libvirtd.sysconf
 @@ -1,16 +1,25 @@
 +## Path: System/Virtualization/libvirt
 +

suse-libxl-disable-autoballoon.patch

@@ -6,10 +6,10 @@ autoballooning. This patch changes libvirt to also disable autoballooning
 by default. It can only be enabled with the 'autoballoon' setting in
 libxl.conf. See jsc#SLE-3059 for more details.
 
-Index: libvirt-5.4.0/src/libxl/libxl.conf
+Index: libvirt-5.5.0/src/libxl/libxl.conf
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl.conf
-+++ libvirt-5.4.0/src/libxl/libxl.conf
+--- libvirt-5.5.0.orig/src/libxl/libxl.conf
++++ libvirt-5.5.0/src/libxl/libxl.conf
 @@ -4,12 +4,11 @@
  
  # Enable autoballooning of domain0
@@ -27,10 +27,10 @@ Index: libvirt-5.4.0/src/libxl/libxl.conf
  
  
  # In order to prevent accidentally starting two domains that
-Index: libvirt-5.4.0/src/libxl/libxl_conf.c
+Index: libvirt-5.5.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.4.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.4.0/src/libxl/libxl_conf.c
+--- libvirt-5.5.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.5.0/src/libxl/libxl_conf.c
 @@ -22,7 +22,6 @@
  
  #include <config.h>

suse-ovmf-paths.patch

@@ -1,9 +1,9 @@
 Adjust paths of OVMF firmwares on SUSE distros
 
-Index: libvirt-5.4.0/src/qemu/qemu.conf
+Index: libvirt-5.5.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu.conf
-+++ libvirt-5.4.0/src/qemu/qemu.conf
+--- libvirt-5.5.0.orig/src/qemu/qemu.conf
++++ libvirt-5.5.0/src/qemu/qemu.conf
 @@ -781,10 +781,9 @@ security_default_confined = 0
  # for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
  # follows this scheme.
@@ -18,11 +18,11 @@ Index: libvirt-5.4.0/src/qemu/qemu.conf
  #]
  
  # The backend to use for handling stdout/stderr output from
-Index: libvirt-5.4.0/src/qemu/qemu_conf.c
+Index: libvirt-5.5.0/src/qemu/qemu_conf.c
 ===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu_conf.c
-+++ libvirt-5.4.0/src/qemu/qemu_conf.c
-@@ -116,10 +116,9 @@ void qemuDomainCmdlineDefFree(qemuDomain
+--- libvirt-5.5.0.orig/src/qemu/qemu_conf.c
++++ libvirt-5.5.0/src/qemu/qemu_conf.c
+@@ -96,10 +96,9 @@ qemuDriverUnlock(virQEMUDriverPtr driver
  
  #ifndef DEFAULT_LOADER_NVRAM
  # define DEFAULT_LOADER_NVRAM \
@@ -36,10 +36,10 @@ Index: libvirt-5.4.0/src/qemu/qemu_conf.c
  #endif
  
  
-Index: libvirt-5.4.0/src/security/virt-aa-helper.c
+Index: libvirt-5.5.0/src/security/virt-aa-helper.c
 ===================================================================
---- libvirt-5.4.0.orig/src/security/virt-aa-helper.c
-+++ libvirt-5.4.0/src/security/virt-aa-helper.c
+--- libvirt-5.5.0.orig/src/security/virt-aa-helper.c
++++ libvirt-5.5.0/src/security/virt-aa-helper.c
 @@ -506,7 +506,8 @@ valid_path(const char *path, const bool
          "/usr/share/ovmf/",              /* for OVMF images */
          "/usr/share/AAVMF/",             /* for AAVMF images */

suse-qemu-conf.patch

@@ -7,10 +7,10 @@ suse-qemu-conf-secdriver.patch, suse-qemu-conf-lockmgr.patch,
 etc.), but for now they are all lumped together in this
 single patch.
 
-Index: libvirt-5.4.0/src/qemu/qemu.conf
+Index: libvirt-5.5.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-5.4.0.orig/src/qemu/qemu.conf
-+++ libvirt-5.4.0/src/qemu/qemu.conf
+--- libvirt-5.5.0.orig/src/qemu/qemu.conf
++++ libvirt-5.5.0/src/qemu/qemu.conf
 @@ -420,11 +420,20 @@
  # isolation, but it cannot appear in a list of drivers.
  #

suse-virtlockd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust virtlockd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.4.0/src/locking/virtlockd.sysconf
+Index: libvirt-5.5.0/src/locking/virtlockd.sysconf
 ===================================================================
---- libvirt-5.4.0.orig/src/locking/virtlockd.sysconf
-+++ libvirt-5.4.0/src/locking/virtlockd.sysconf
+--- libvirt-5.5.0.orig/src/locking/virtlockd.sysconf
++++ libvirt-5.5.0/src/locking/virtlockd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlockd
 +

suse-virtlogd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust virtlogd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.4.0/src/logging/virtlogd.sysconf
+Index: libvirt-5.5.0/src/logging/virtlogd.sysconf
 ===================================================================
---- libvirt-5.4.0.orig/src/logging/virtlogd.sysconf
-+++ libvirt-5.4.0/src/logging/virtlogd.sysconf
+--- libvirt-5.5.0.orig/src/logging/virtlogd.sysconf
++++ libvirt-5.5.0/src/logging/virtlogd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlogd
 +

xen-pv-cdrom.patch

@@ -1,7 +1,7 @@
-Index: libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.4.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.5.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 @@ -383,7 +383,7 @@ xenParseSxprVifRate(const char *rate, un
  static int
  xenParseSxprDisks(virDomainDefPtr def,

xen-sxpr-disk-type.patch

@@ -6,10 +6,10 @@ and 'file'. This was implicitly done prior to commit 9673418c.
 
 https://bugzilla.suse.com/show_bug.cgi?id=938228
 
-Index: libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.4.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.4.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.5.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.5.0/src/xenconfig/xen_sxpr.c
 @@ -497,10 +497,11 @@ xenParseSxprDisks(virDomainDefPtr def,
                         omnipotent, we can revisit this, perhaps stat()'ing
                         the src file in question */