diff --git a/441d3eb6-qemu-tls-client-verify-server-cert.patch b/441d3eb6-qemu-tls-client-verify-server-cert.patch
deleted file mode 100644
index 35f8254..0000000
--- a/441d3eb6-qemu-tls-client-verify-server-cert.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-commit 441d3eb6d1be940a67ce45a286602a967601b157
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Thu Oct 5 17:54:28 2017 +0100
-
-    qemu: ensure TLS clients always verify the server certificate
-    
-    The default_tls_x509_verify (and related) parameters in qemu.conf
-    control whether the QEMU TLS servers request & verify certificates
-    from clients. This works as a simple access control system for
-    servers by requiring the CA to issue certs to permitted clients.
-    This use of client certificates is disabled by default, since it
-    requires extra work to issue client certificates.
-    
-    Unfortunately the code was using this configuration parameter when
-    setting up both TLS clients and servers in QEMU. The result was that
-    TLS clients for character devices and disk devices had verification
-    turned off, meaning they would ignore errors while validating the
-    server certificate.
-    
-    This allows for trivial MITM attacks between client and server,
-    as any certificate returned by the attacker will be accepted by
-    the client.
-    
-    This is assigned CVE-2017-1000256  / LSN-2017-0002
-    
-    Reviewed-by: Eric Blake <eblake@redhat.com>
-    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-
-Index: libvirt-3.8.0/src/qemu/qemu_command.c
-===================================================================
---- libvirt-3.8.0.orig/src/qemu/qemu_command.c
-+++ libvirt-3.8.0/src/qemu/qemu_command.c
-@@ -721,7 +721,7 @@ qemuBuildTLSx509BackendProps(const char
-     if (virJSONValueObjectCreate(propsret,
-                                  "s:dir", path,
-                                  "s:endpoint", (isListen ? "server": "client"),
--                                 "b:verify-peer", verifypeer,
-+                                 "b:verify-peer", (isListen ? verifypeer : true),
-                                  NULL) < 0)
-         goto cleanup;
- 
-Index: libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
-===================================================================
---- libvirt-3.8.0.orig/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
-+++ libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
-@@ -26,7 +26,7 @@ server,nowait \
- localport=1111 \
- -device isa-serial,chardev=charserial0,id=serial0 \
- -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
--endpoint=client,verify-peer=no \
-+endpoint=client,verify-peer=yes \
- -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
- tls-creds=objcharserial1_tls0 \
- -device isa-serial,chardev=charserial1,id=serial1 \
-Index: libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
-===================================================================
---- libvirt-3.8.0.orig/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
-+++ libvirt-3.8.0/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
-@@ -31,7 +31,7 @@ localport=1111 \
- data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
- keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
- -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
--endpoint=client,verify-peer=no,passwordid=charserial1-secret0 \
-+endpoint=client,verify-peer=yes,passwordid=charserial1-secret0 \
- -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
- tls-creds=objcharserial1_tls0 \
- -device isa-serial,chardev=charserial1,id=serial1 \
diff --git a/apparmor-fine-grained-mount-rules.patch b/apparmor-fine-grained-mount-rules.patch
new file mode 100644
index 0000000..43eb46d
--- /dev/null
+++ b/apparmor-fine-grained-mount-rules.patch
@@ -0,0 +1,35 @@
+commit 97853972e6e5a92b56e1ec0841aa27043ac1301b
+Author: intrigeri <intrigeri+libvirt@boum.org>
+Date:   Sun Nov 5 15:29:58 2017 +0000
+
+    AppArmor: use fine-grained mount rules instead of a blanket catch-all one
+    
+    This set of rules was proposed by Christian Boltz <apparmor@cboltz.de>
+    on https://bugzilla.opensuse.org/show_bug.cgi?id=1065123.
+
+Index: libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
+===================================================================
+--- libvirt-3.9.0.orig/examples/apparmor/usr.sbin.libvirtd
++++ libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
+@@ -30,7 +30,20 @@
+   # Needed for vfio
+   capability sys_resource,
+ 
+-  mount,
++  mount options=(rw,rslave)  -> /,
++  mount options=(rw, nosuid) -> /{var/,}run/libvirt/qemu/*.dev/,
++
++  mount options=(rw, move) /dev/           -> /{var/,}run/libvirt/qemu/*.dev/,
++  mount options=(rw, move) /dev/hugepages/ -> /{var/,}run/libvirt/qemu/*.hugepages/,
++  mount options=(rw, move) /dev/mqueue/    -> /{var/,}run/libvirt/qemu/*.mqueue/,
++  mount options=(rw, move) /dev/pts/       -> /{var/,}run/libvirt/qemu/*.pts/,
++  mount options=(rw, move) /dev/shm/       -> /{var/,}run/libvirt/qemu/*.shm/,
++
++  mount options=(rw, move) /{var/,}run/libvirt/qemu/*.dev/       -> /dev/,
++  mount options=(rw, move) /{var/,}run/libvirt/qemu/*.hugepages/ -> /dev/hugepages/,
++  mount options=(rw, move) /{var/,}run/libvirt/qemu/*.mqueue/    -> /dev/mqueue/,
++  mount options=(rw, move) /{var/,}run/libvirt/qemu/*.pts/       -> /dev/pts/,
++  mount options=(rw, move) /{var/,}run/libvirt/qemu/*.shm/       -> /dev/shm/,
+ 
+   network inet stream,
+   network inet dgram,
diff --git a/apparmor-no-mount.patch b/apparmor-no-mount.patch
index 0a0c9cc..a395547 100644
--- a/apparmor-no-mount.patch
+++ b/apparmor-no-mount.patch
@@ -1,7 +1,7 @@
-Index: libvirt-3.8.0/examples/apparmor/libvirt-lxc
+Index: libvirt-3.9.0/examples/apparmor/libvirt-lxc
 ===================================================================
---- libvirt-3.8.0.orig/examples/apparmor/libvirt-lxc
-+++ libvirt-3.8.0/examples/apparmor/libvirt-lxc
+--- libvirt-3.9.0.orig/examples/apparmor/libvirt-lxc
++++ libvirt-3.9.0/examples/apparmor/libvirt-lxc
 @@ -2,39 +2,15 @@
  
    #include <abstractions/base>
diff --git a/apparmor-rules-for-new-mediation-features.patch b/apparmor-rules-for-new-mediation-features.patch
new file mode 100644
index 0000000..fcc99ec
--- /dev/null
+++ b/apparmor-rules-for-new-mediation-features.patch
@@ -0,0 +1,49 @@
+commit 141103378a74c68cbd775a306cdfd641119debbd
+Author: intrigeri <intrigeri+libvirt@boum.org>
+Date:   Sun Nov 5 15:29:57 2017 +0000
+
+    AppArmor: add rules needed with additional mediation features brought by Linux 4.14.
+
+Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
+===================================================================
+--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
++++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
+@@ -16,6 +16,10 @@
+   network inet stream,
+   network inet6 stream,
+ 
++  ptrace (readby, tracedby) peer=/usr/sbin/libvirtd,
++
++  signal (receive) peer=/usr/sbin/libvirtd,
++
+   /dev/net/tun rw,
+   /dev/kvm rw,
+   /dev/ptmx rw,
+Index: libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
+===================================================================
+--- libvirt-3.9.0.orig/examples/apparmor/usr.sbin.libvirtd
++++ libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd
+@@ -30,10 +30,13 @@
+   # Needed for vfio
+   capability sys_resource,
+ 
++  mount,
++
+   network inet stream,
+   network inet dgram,
+   network inet6 stream,
+   network inet6 dgram,
++  network netlink raw,
+   network packet dgram,
+   network packet raw,
+ 
+@@ -42,6 +45,9 @@
+   ptrace (trace) peer=/usr/sbin/dnsmasq,
+   ptrace (trace) peer=libvirt-*,
+ 
++  signal (send) peer=/usr/sbin/dnsmasq,
++  signal (read, send) peer=libvirt-*,
++
+   # Very lenient profile for libvirtd since we want to first focus on confining
+   # the guests. Guests will have a very restricted profile.
+   / r,
diff --git a/blockcopy-check-dst-identical-device.patch b/blockcopy-check-dst-identical-device.patch
index 5ddbdda..43d24cb 100644
--- a/blockcopy-check-dst-identical-device.patch
+++ b/blockcopy-check-dst-identical-device.patch
@@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
  src/qemu/qemu_driver.c | 7 +++++++
  1 file changed, 7 insertions(+)
 
-Index: libvirt-3.8.0/src/qemu/qemu_driver.c
+Index: libvirt-3.9.0/src/qemu/qemu_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-3.8.0/src/qemu/qemu_driver.c
-@@ -17046,6 +17046,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
+--- libvirt-3.9.0.orig/src/qemu/qemu_driver.c
++++ libvirt-3.9.0/src/qemu/qemu_driver.c
+@@ -17112,6 +17112,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
          goto endjob;
      }
  
diff --git a/c44b29aa-apparmor-dnsmasq-ptrace.patch b/c44b29aa-apparmor-dnsmasq-ptrace.patch
deleted file mode 100644
index 125077a..0000000
--- a/c44b29aa-apparmor-dnsmasq-ptrace.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-commit c44b29aacb6a3f445ab06d61899a0308b9d6d0d3
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Fri Oct 6 14:20:36 2017 -0600
-
-    apparmor: add dnsmasq ptrace rule to libvirtd profile
-    
-    Commit b482925c added ptrace rule for the apparmor profiles,
-    but one was missed in the libvirtd profile for dnsmasq. It was
-    overlooked since the test machine did not have an active libvirt
-    network requiring dnsmasq that was also set to autostart. With
-    one active and set to autostart, the following denial is observed
-    in audit.log when restarting libvirtd
-    
-    type=AVC msg=audit(1507320136.306:298): apparmor="DENIED" \
-    operation="ptrace" profile="/usr/sbin/libvirtd" pid=5472 \
-    comm="libvirtd" requested_mask="trace" denied_mask="trace" \
-    peer="/usr/sbin/dnsmasq"
-    
-    With an active network, I suspect a libvirtd restart causes access
-    to /proc/<dnsmasq-pid>/*, hence the resulting denial. As a nasty
-    side affect of the denial, libvirtd thinks it needs to spawn a
-    dnsmasq process even though one is already running for the network.
-    E.g. after two libvirtd restarts
-    
-    dnsmasq   1683  0.0  0.0  51188  2612 ?        S    12:03   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    root      1684  0.0  0.0  51160   576 ?        S    12:03   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    dnsmasq   4706  0.0  0.0  51188  2572 ?        S    13:54   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    root      4707  0.0  0.0  51160   572 ?        S    13:54   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    dnsmasq   4791  0.0  0.0  51188  2580 ?        S    13:56   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    root      4792  0.0  0.0  51160   572 ?        S    13:56   0:00 \
-     /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf \
-     --leasefile-ro --dhcp-script=/usr/lib64/libvirt/libvirt_leaseshelper
-    
-    A simple fix is to add a ptrace rule for dnsmasq.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Reviewed-By: Guido Günther <agx@sigxcpu.org>
-
-Index: libvirt-3.8.0/examples/apparmor/usr.sbin.libvirtd
-===================================================================
---- libvirt-3.8.0.orig/examples/apparmor/usr.sbin.libvirtd
-+++ libvirt-3.8.0/examples/apparmor/usr.sbin.libvirtd
-@@ -39,6 +39,7 @@
- 
-   ptrace (trace) peer=unconfined,
-   ptrace (trace) peer=/usr/sbin/libvirtd,
-+  ptrace (trace) peer=/usr/sbin/dnsmasq,
-   ptrace (trace) peer=libvirt-*,
- 
-   # Very lenient profile for libvirtd since we want to first focus on confining
diff --git a/libvirt-3.8.0.tar.xz b/libvirt-3.8.0.tar.xz
deleted file mode 100644
index 120972a..0000000
--- a/libvirt-3.8.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:73eba834089ed0ce74e3183a7f12cf0c6f7de08e9a700b5456c62fb124f903f9
-size 14868712
diff --git a/libvirt-3.8.0.tar.xz.asc b/libvirt-3.8.0.tar.xz.asc
deleted file mode 100644
index 4fd1292..0000000
--- a/libvirt-3.8.0.tar.xz.asc
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEcBAABAgAGBQJZ1JrdAAoJEBVYiyZZa+pdmBcIAMQQTuvHXX0T4A5CJrgyj4c+
-iiYyOubSk5v4QGrbIcVtEt4TF1CyYTB65EM5ZCuB47KeiVzbkSl+6a3AQshWmn2V
-7rLjXwJpM64xNc+ErEN+JrXD2ADA0lSZ50J4Eq7bE5GLxVSOuRn4QicAs5kG7bSn
-h+AE3iRg45ImmE7wLC9Blu0ecQrR5yi4ensdYegLzbAumhZqrlDhWGZ9KfS7UDlE
-ZN+PQipLhzv9fbRaZzRFbn194SBZQbMEcwkdrgLiXZ91U7/KjvcnnFPrVNh/xe6x
-P/07JdTRBh/mwSFjEtGaYDBU9+sy8My1lRZL16YRqRIYX3OIuuXZyMiJj8+oGgE=
-=2t5y
------END PGP SIGNATURE-----
diff --git a/libvirt-3.9.0.tar.xz b/libvirt-3.9.0.tar.xz
new file mode 100644
index 0000000..f5d9f71
--- /dev/null
+++ b/libvirt-3.9.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:89fc63213291d329d537ea96e363fd609160da080322973bd1126d431ff63424
+size 15010344
diff --git a/libvirt-3.9.0.tar.xz.asc b/libvirt-3.9.0.tar.xz.asc
new file mode 100644
index 0000000..0659adb
--- /dev/null
+++ b/libvirt-3.9.0.tar.xz.asc
@@ -0,0 +1,10 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEcBAABAgAGBQJZ+1FGAAoJEBVYiyZZa+pdIt0H/j6P8c3DObAleafFE9BOev03
+24GQzGP8/Fh5Yr8mRPITg1nhFQ7MQdznDh80zhhExC8iBIG8/Ne4yuM27R+yVEZ7
+YEyxOCe0lwyGkzWe7jaRwBnr4iweYRI2wY+i49TJUxSGOD12j7eCAiv/OdsGCVVg
++FlfxqXNMy6c49i49NNoECS/rP8q854hEjT0WjFFtnYSs32AtfN31vKbLBbuMCQz
+uaXYTtmtCbe+ugNkzkhfUZlJ8sn2LdJo4NrjRS0VVlooDM/QDaWKpnj+uf0GrZtr
+oO872FrdsVRqw19HTJyu+SL6xbZoMGXGfqVfWCIuk5bRbVVPHfhbUPkySSbY5oA=
+=1FsG
+-----END PGP SIGNATURE-----
diff --git a/libvirt-power8-models.patch b/libvirt-power8-models.patch
index 17e8e25..1370a27 100644
--- a/libvirt-power8-models.patch
+++ b/libvirt-power8-models.patch
@@ -2,10 +2,10 @@ Add POWER8 v2.0 and v2.1 to cpu map XML
 
 From: <ro@suse.de>
 
-Index: libvirt-3.8.0/src/cpu/cpu_map.xml
+Index: libvirt-3.9.0/src/cpu/cpu_map.xml
 ===================================================================
---- libvirt-3.8.0.orig/src/cpu/cpu_map.xml
-+++ libvirt-3.8.0/src/cpu/cpu_map.xml
+--- libvirt-3.9.0.orig/src/cpu/cpu_map.xml
++++ libvirt-3.9.0/src/cpu/cpu_map.xml
 @@ -1724,6 +1724,8 @@
        <pvr value='0x004b0000' mask='0xffff0000'/>
        <pvr value='0x004c0000' mask='0xffff0000'/>
diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch
index c4e5bb5..e448afc 100644
--- a/libvirt-suse-netcontrol.patch
+++ b/libvirt-suse-netcontrol.patch
@@ -1,7 +1,7 @@
-Index: libvirt-3.8.0/configure.ac
+Index: libvirt-3.9.0/configure.ac
 ===================================================================
---- libvirt-3.8.0.orig/configure.ac
-+++ libvirt-3.8.0/configure.ac
+--- libvirt-3.9.0.orig/configure.ac
++++ libvirt-3.9.0/configure.ac
 @@ -256,6 +256,7 @@ LIBVIRT_ARG_LIBSSH
  LIBVIRT_ARG_LIBXML
  LIBVIRT_ARG_MACVTAP
@@ -26,10 +26,10 @@ Index: libvirt-3.8.0/configure.ac
  LIBVIRT_RESULT_NSS
  LIBVIRT_RESULT_NUMACTL
  LIBVIRT_RESULT_OPENWSMAN
-Index: libvirt-3.8.0/src/Makefile.am
+Index: libvirt-3.9.0/src/Makefile.am
 ===================================================================
---- libvirt-3.8.0.orig/src/Makefile.am
-+++ libvirt-3.8.0/src/Makefile.am
+--- libvirt-3.9.0.orig/src/Makefile.am
++++ libvirt-3.9.0/src/Makefile.am
 @@ -1037,6 +1037,10 @@ if WITH_NETCF
  INTERFACE_DRIVER_SOURCES +=					\
  		interface/interface_backend_netcf.c
@@ -41,7 +41,7 @@ Index: libvirt-3.8.0/src/Makefile.am
  if WITH_UDEV
  INTERFACE_DRIVER_SOURCES +=					\
  		interface/interface_backend_udev.c
-@@ -1649,6 +1653,10 @@ if WITH_NETCF
+@@ -1657,6 +1661,10 @@ if WITH_NETCF
  libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
  libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
  endif WITH_NETCF
@@ -52,10 +52,10 @@ Index: libvirt-3.8.0/src/Makefile.am
  if WITH_UDEV
  libvirt_driver_interface_la_CFLAGS += $(UDEV_CFLAGS)
  libvirt_driver_interface_la_LIBADD += $(UDEV_LIBS)
-Index: libvirt-3.8.0/tools/virsh.c
+Index: libvirt-3.9.0/tools/virsh.c
 ===================================================================
---- libvirt-3.8.0.orig/tools/virsh.c
-+++ libvirt-3.8.0/tools/virsh.c
+--- libvirt-3.9.0.orig/tools/virsh.c
++++ libvirt-3.9.0/tools/virsh.c
 @@ -576,6 +576,8 @@ virshShowVersion(vshControl *ctl ATTRIBU
      vshPrint(ctl, " Interface");
  # if defined(WITH_NETCF)
@@ -65,10 +65,10 @@ Index: libvirt-3.8.0/tools/virsh.c
  # elif defined(WITH_UDEV)
      vshPrint(ctl, " udev");
  # endif
-Index: libvirt-3.8.0/src/interface/interface_backend_netcf.c
+Index: libvirt-3.9.0/src/interface/interface_backend_netcf.c
 ===================================================================
---- libvirt-3.8.0.orig/src/interface/interface_backend_netcf.c
-+++ libvirt-3.8.0/src/interface/interface_backend_netcf.c
+--- libvirt-3.9.0.orig/src/interface/interface_backend_netcf.c
++++ libvirt-3.9.0/src/interface/interface_backend_netcf.c
 @@ -23,7 +23,12 @@
  
  #include <config.h>
@@ -152,10 +152,10 @@ Index: libvirt-3.8.0/src/interface/interface_backend_netcf.c
      if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
          return -1;
      if (virRegisterStateDriver(&interfaceStateDriver) < 0)
-Index: libvirt-3.8.0/src/interface/interface_driver.c
+Index: libvirt-3.9.0/src/interface/interface_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/interface/interface_driver.c
-+++ libvirt-3.8.0/src/interface/interface_driver.c
+--- libvirt-3.9.0.orig/src/interface/interface_driver.c
++++ libvirt-3.9.0/src/interface/interface_driver.c
 @@ -30,8 +30,15 @@ interfaceRegister(void)
      if (netcfIfaceRegister() == 0)
          return 0;
@@ -173,10 +173,10 @@ Index: libvirt-3.8.0/src/interface/interface_driver.c
      if (udevIfaceRegister() == 0)
          return 0;
  #endif /* WITH_UDEV */
-Index: libvirt-3.8.0/m4/virt-netcontrol.m4
+Index: libvirt-3.9.0/m4/virt-netcontrol.m4
 ===================================================================
 --- /dev/null
-+++ libvirt-3.8.0/m4/virt-netcontrol.m4
++++ libvirt-3.9.0/m4/virt-netcontrol.m4
 @@ -0,0 +1,39 @@
 +dnl The libnetcontrol library
 +dnl
diff --git a/libvirt.changes b/libvirt.changes
index d8e8fc8..b49b5ee 100644
--- a/libvirt.changes
+++ b/libvirt.changes
@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Wed Nov  8 21:10:34 UTC 2017 - jfehlig@suse.com
+
+- apparmor: add rules for new mediation features
+  apparmor-rules-for-new-mediation-features.patch,
+  apparmor-fine-grained-mount-rules.patch
+  bsc#1066124, boo#1065123
+- spec: unconditionally enable the wireshark dissector
+
+-------------------------------------------------------------------
+Wed Nov  8 11:04:04 UTC 2017 - cbosdonnat@suse.com
+
+- Replace %{with_sle_build} by ! 0%{?is_opensuse}
+  bsc#940315
+
+-------------------------------------------------------------------
+Thu Nov  2 20:44:57 UTC 2017 - jfehlig@suse.com
+
+- Update to libvirt 3.9.0
+  - Many incremental improvements and bug fixes, see
+    http://libvirt.org/news.html
+  - Dropped patches:
+    c44b29aa-apparmor-dnsmasq-ptrace.patch,
+    441d3eb6-qemu-tls-client-verify-server-cert.patch
+
 -------------------------------------------------------------------
 Mon Oct 16 22:02:16 UTC 2017 - jfehlig@suse.com
 
@@ -312,7 +337,6 @@ Wed Mar 22 08:30:55 UTC 2017 - cbosdonnat@suse.com
     5dd607059-add-virNetDevGetName.patch
     754515b7d-add-virNetlinkDumpCommand.patch
     d68cb4f55-extract-the-request-sending-code-from-virNetlin.patch
-  
 
 -------------------------------------------------------------------
 Thu Mar 16 14:23:16 UTC 2017 - jfehlig@suse.com
diff --git a/libvirt.spec b/libvirt.spec
index c3e7e17..5b49e4c 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -16,9 +16,6 @@
 #
 
 
-# The configuration of libvirt is modified slightly for SLE
-%define with_sle_build     %{?is_opensuse:0}%{!?is_opensuse:1}
-
 # The hypervisor drivers that run in libvirtd
 %define with_xen           0%{!?_without_xen:1}
 %define with_qemu          0%{!?_without_qemu:1}
@@ -43,13 +40,13 @@
 # Optional bits on by default
 %define with_sanlock       0%{!?_without_sanlock:1}
 %define with_polkit_rules  1
+%define with_wireshark     0%{!?_without_wireshark:1}
 
 # A few optional bits off by default, we enable later
 %define with_cgconfig      0%{!?_without_cgconfig:0}
 %define with_numactl       0%{!?_without_numactl:0}
 %define with_numad         0%{!?_without_numad:0}
 %define with_firewalld     0%{!?_without_firewalld:0}
-%define with_wireshark     0%{!?_without_wireshark:0}
 %define with_libssh        0%{!?_without_libssh:0}
 
 # Xen no longer contains xm/xend so disable building the legacy Xen driver
@@ -64,7 +61,7 @@
 %endif
 
 # For SLE, further restrict Xen support to x86_64 only
-%if %{with_sle_build}
+%if ! 0%{?is_opensuse}
     %ifarch %arm aarch64
         %define with_xen   0
         %define with_libxl 0
@@ -90,7 +87,7 @@
 %endif
 
 # Disable hypervisor drivers not supported in SLE
-%if %{with_sle_build}
+%if ! 0%{?is_opensuse}
     %define with_openvz    0
     %define with_vbox      0
     %define with_uml       0
@@ -134,13 +131,6 @@
     %endif
 %endif
 
-# libvirt commit 37397320 changed the configure check for wireshark to use
-# pkgconfig. Currently only the Leap 42.2 and Factory wireshark-devel packages
-# provide wireshark.pc. Disable the dissector for SLE and Leap <= 42.1
-%if 0%{?sle_version} < 120200 && %{with_sle_build}
-    %define with_wireshark     0
-%endif
-
 # numad is used to manage the CPU and memory placement dynamically for
 # qemu, lxc, and uml drivers
 %if %{with_qemu} || %{with_lxc} || %{with_uml}
@@ -170,7 +160,7 @@
 
 Name:           libvirt
 Url:            http://libvirt.org/
-Version:        3.8.0
+Version:        3.9.0
 Release:        0
 Summary:        Library providing a simple virtualization API
 License:        LGPL-2.1+
@@ -296,7 +286,7 @@ BuildRequires:  systemtap-sdt-devel
 BuildRequires:  numad
 %endif
 %if %{with_wireshark}
-BuildRequires:  wireshark-devel >= 1.12.1
+BuildRequires:  wireshark-devel >= 2.1.0
 %endif
 %if %{with_libssh}
 BuildRequires:  libssh-devel >= 0.7.0
@@ -310,11 +300,11 @@ Source4:        libvirt-supportconfig
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
-Patch0:         c44b29aa-apparmor-dnsmasq-ptrace.patch
-Patch1:         441d3eb6-qemu-tls-client-verify-server-cert.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch
+Patch102:       apparmor-rules-for-new-mediation-features.patch
+Patch103:       apparmor-fine-grained-mount-rules.patch
 # Need to go upstream
 Patch150:       xen-pv-cdrom.patch
 Patch151:       blockcopy-check-dst-identical-device.patch
@@ -341,7 +331,7 @@ Patch214:       libvirt-suse-netcontrol.patch
 Patch215:       lxc-wait-after-eth-del.patch
 Patch216:       libxl-qemu-emulator-caps.patch
 # SLES-Only patches
-%if %{with_sle_build}
+%if ! 0%{?is_opensuse}
 Patch400:       virt-create-rootfs.patch
 %endif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -886,10 +876,10 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
 %patch100 -p1
 %patch101 -p1
+%patch102 -p1
+%patch103 -p1
 %patch150 -p1
 %patch151 -p1
 %patch152 -p1
@@ -913,7 +903,7 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 %patch214 -p1
 %patch215 -p1
 %patch216 -p1
-%if %{with_sle_build}
+%if ! 0%{?is_opensuse}
 %patch400 -p1
 %endif
 
@@ -1112,7 +1102,7 @@ make %{?_smp_mflags} -C examples distclean
 cp examples/lxcconvert/virt-lxc-convert %{buildroot}/%{_bindir}
 rm -f %{buildroot}/%{_libdir}/*.la
 %if %{with_wireshark}
-rm -f %{buildroot}/%{_libdir}/wireshark/plugins/libvirt.la
+rm -f %{buildroot}/%{_libdir}/wireshark/plugins/*/libvirt.la
 %endif
 rm -f %{buildroot}/%{_libdir}/*.a
 rm -f %{buildroot}/%{_libdir}/%{name}/lock-driver/*.la
@@ -1518,7 +1508,7 @@ fi
 %dir %{_libdir}/%{name}/connection-driver
 %{_libdir}/%{name}/connection-driver/libvirt_driver_lxc.so
 %attr(0755, root, root) %{_bindir}/virt-lxc-convert
-    %if %{with_sle_build}
+    %if ! 0%{?is_opensuse}
 %{_bindir}/virt-create-rootfs
 %doc %{_mandir}/man1/virt-create-rootfs.1*
     %endif
@@ -1607,7 +1597,7 @@ fi
 %{_sbindir}/rclibvirt-guests
 
 %files libs -f %{name}.lang
-%doc AUTHORS ChangeLog.gz NEWS README COPYING COPYING.LESSER TODO
+%doc AUTHORS ChangeLog.gz NEWS README README.md COPYING COPYING.LESSER 
 %config(noreplace) %{_sysconfdir}/%{name}/libvirt.conf
 %config(noreplace) %{_sysconfdir}/%{name}/libvirt-admin.conf
 %{_libdir}/libvirt.so.*
@@ -1701,7 +1691,7 @@ fi
 %if %{with_wireshark}
 
 %files -n wireshark-plugin-libvirt
-%{_libdir}/wireshark/plugins/libvirt.so
+%{_libdir}/wireshark/plugins/*/libvirt.so
 %endif
 
 %files nss
diff --git a/libxl-dom-reset.patch b/libxl-dom-reset.patch
index eedf7d7..0ae039a 100644
--- a/libxl-dom-reset.patch
+++ b/libxl-dom-reset.patch
@@ -8,10 +8,10 @@ Date:   Mon Jun 23 15:51:20 2014 -0600
     option, but domainReset can be implemented in the libxl driver by
     forcibly destroying the domain and starting it again.
 
-Index: libvirt-3.8.0/src/libxl/libxl_driver.c
+Index: libvirt-3.9.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-3.8.0/src/libxl/libxl_driver.c
+--- libvirt-3.9.0.orig/src/libxl/libxl_driver.c
++++ libvirt-3.9.0/src/libxl/libxl_driver.c
 @@ -1381,6 +1381,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
  }
  
@@ -74,7 +74,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
  libxlDomainDestroyFlags(virDomainPtr dom,
                          unsigned int flags)
  {
-@@ -6503,6 +6558,7 @@ static virHypervisorDriver libxlHypervis
+@@ -6497,6 +6552,7 @@ static virHypervisorDriver libxlHypervis
      .domainShutdown = libxlDomainShutdown, /* 0.9.0 */
      .domainShutdownFlags = libxlDomainShutdownFlags, /* 0.9.10 */
      .domainReboot = libxlDomainReboot, /* 0.9.0 */
diff --git a/libxl-qemu-emulator-caps.patch b/libxl-qemu-emulator-caps.patch
index b811a81..791c1bc 100644
--- a/libxl-qemu-emulator-caps.patch
+++ b/libxl-qemu-emulator-caps.patch
@@ -8,10 +8,10 @@ as the default <emulator>, instead of the qemu-xen one.
 
 See FATE#320638 for details.
 
-Index: libvirt-3.8.0/src/libxl/libxl_capabilities.c
+Index: libvirt-3.9.0/src/libxl/libxl_capabilities.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_capabilities.c
-+++ libvirt-3.8.0/src/libxl/libxl_capabilities.c
+--- libvirt-3.9.0.orig/src/libxl/libxl_capabilities.c
++++ libvirt-3.9.0/src/libxl/libxl_capabilities.c
 @@ -38,6 +38,7 @@
  #include "libxl_capabilities.h"
  #include "cpu/cpu_x86.h"
diff --git a/libxl-set-cach-mode.patch b/libxl-set-cach-mode.patch
index a34d6f1..7312854 100644
--- a/libxl-set-cach-mode.patch
+++ b/libxl-set-cach-mode.patch
@@ -3,11 +3,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425
  src/libxl/libxl_conf.c |   25 +++++++++++++++++++++++++
  1 file changed, 25 insertions(+)
 
-Index: libvirt-3.8.0/src/libxl/libxl_conf.c
+Index: libvirt-3.9.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-3.8.0/src/libxl/libxl_conf.c
-@@ -646,6 +646,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
+--- libvirt-3.9.0.orig/src/libxl/libxl_conf.c
++++ libvirt-3.9.0/src/libxl/libxl_conf.c
+@@ -621,6 +621,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }
  
@@ -38,7 +38,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
  static char *
  libxlMakeNetworkDiskSrcStr(virStorageSourcePtr src,
                             const char *username,
-@@ -894,6 +918,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -869,6 +893,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
      x_disk->is_cdrom = l_disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM ? 1 : 0;
      if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
          return -1;
diff --git a/libxl-set-migration-constraints.patch b/libxl-set-migration-constraints.patch
index 15042bc..a2824b0 100644
--- a/libxl-set-migration-constraints.patch
+++ b/libxl-set-migration-constraints.patch
@@ -16,10 +16,10 @@ Signed-off-by: Jim Fehlig <jfehlig@suse.com>
  tools/virsh.pod                  |    8 ++++++++
  6 files changed, 125 insertions(+), 6 deletions(-)
 
-Index: libvirt-3.8.0/include/libvirt/libvirt-domain.h
+Index: libvirt-3.9.0/include/libvirt/libvirt-domain.h
 ===================================================================
---- libvirt-3.8.0.orig/include/libvirt/libvirt-domain.h
-+++ libvirt-3.8.0/include/libvirt/libvirt-domain.h
+--- libvirt-3.9.0.orig/include/libvirt/libvirt-domain.h
++++ libvirt-3.9.0/include/libvirt/libvirt-domain.h
 @@ -1008,6 +1008,31 @@ typedef enum {
   */
  # define VIR_MIGRATE_PARAM_AUTO_CONVERGE_INCREMENT  "auto_converge.increment"
@@ -52,11 +52,11 @@ Index: libvirt-3.8.0/include/libvirt/libvirt-domain.h
  /* Domain migration. */
  virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn,
                                 unsigned long flags, const char *dname,
-Index: libvirt-3.8.0/src/libxl/libxl_driver.c
+Index: libvirt-3.9.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-3.8.0/src/libxl/libxl_driver.c
-@@ -6105,6 +6105,9 @@ libxlDomainMigratePerform3Params(virDoma
+--- libvirt-3.9.0.orig/src/libxl/libxl_driver.c
++++ libvirt-3.9.0/src/libxl/libxl_driver.c
+@@ -6099,6 +6099,9 @@ libxlDomainMigratePerform3Params(virDoma
      const char *dname = NULL;
      const char *uri = NULL;
      int ret = -1;
@@ -66,7 +66,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
  
  #ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
      virReportUnsupportedError();
-@@ -6121,6 +6124,18 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6115,6 +6118,18 @@ libxlDomainMigratePerform3Params(virDoma
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_DEST_NAME,
                                  &dname) < 0 ||
@@ -85,7 +85,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_URI,
                                  &uri) < 0)
-@@ -6135,11 +6150,11 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6129,11 +6144,11 @@ libxlDomainMigratePerform3Params(virDoma
  
      if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
          if (libxlDomainMigrationPerformP2P(driver, vm, dom->conn, dom_xml,
@@ -99,10 +99,10 @@ Index: libvirt-3.8.0/src/libxl/libxl_driver.c
              goto cleanup;
      }
  
-Index: libvirt-3.8.0/src/libxl/libxl_migration.c
+Index: libvirt-3.9.0/src/libxl/libxl_migration.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_migration.c
-+++ libvirt-3.8.0/src/libxl/libxl_migration.c
+--- libvirt-3.9.0.orig/src/libxl/libxl_migration.c
++++ libvirt-3.9.0/src/libxl/libxl_migration.c
 @@ -359,18 +359,39 @@ libxlMigrateReceive(virNetSocketPtr sock
  static int
  libxlDoMigrateSend(libxlDriverPrivatePtr driver,
@@ -263,10 +263,10 @@ Index: libvirt-3.8.0/src/libxl/libxl_migration.c
      virObjectLock(vm);
  
   cleanup:
-Index: libvirt-3.8.0/src/libxl/libxl_migration.h
+Index: libvirt-3.9.0/src/libxl/libxl_migration.h
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_migration.h
-+++ libvirt-3.8.0/src/libxl/libxl_migration.h
+--- libvirt-3.9.0.orig/src/libxl/libxl_migration.h
++++ libvirt-3.9.0/src/libxl/libxl_migration.h
 @@ -39,6 +39,10 @@
      VIR_MIGRATE_PARAM_URI,              VIR_TYPED_PARAM_STRING, \
      VIR_MIGRATE_PARAM_DEST_NAME,        VIR_TYPED_PARAM_STRING, \
@@ -311,11 +311,11 @@ Index: libvirt-3.8.0/src/libxl/libxl_migration.h
  
  virDomainPtr
  libxlDomainMigrationFinish(virConnectPtr dconn,
-Index: libvirt-3.8.0/tools/virsh-domain.c
+Index: libvirt-3.9.0/tools/virsh-domain.c
 ===================================================================
---- libvirt-3.8.0.orig/tools/virsh-domain.c
-+++ libvirt-3.8.0/tools/virsh-domain.c
-@@ -10432,6 +10432,22 @@ static const vshCmdOptDef opts_migrate[]
+--- libvirt-3.9.0.orig/tools/virsh-domain.c
++++ libvirt-3.9.0/tools/virsh-domain.c
+@@ -10536,6 +10536,22 @@ static const vshCmdOptDef opts_migrate[]
       .type = VSH_OT_BOOL,
       .help = N_("use TLS for migration")
      },
@@ -338,7 +338,7 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
      {.name = NULL}
  };
  
-@@ -10455,6 +10471,7 @@ doMigrate(void *opaque)
+@@ -10559,6 +10575,7 @@ doMigrate(void *opaque)
      unsigned long long ullOpt = 0;
      int rv;
      virConnectPtr dconn = data->dconn;
@@ -346,7 +346,7 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
  
      sigemptyset(&sigmask);
      sigaddset(&sigmask, SIGINT);
-@@ -10574,6 +10591,27 @@ doMigrate(void *opaque)
+@@ -10678,6 +10695,27 @@ doMigrate(void *opaque)
              goto save_error;
      }
  
@@ -374,11 +374,11 @@ Index: libvirt-3.8.0/tools/virsh-domain.c
      if (vshCommandOptStringReq(ctl, cmd, "xml", &opt) < 0)
          goto out;
      if (opt) {
-Index: libvirt-3.8.0/tools/virsh.pod
+Index: libvirt-3.9.0/tools/virsh.pod
 ===================================================================
---- libvirt-3.8.0.orig/tools/virsh.pod
-+++ libvirt-3.8.0/tools/virsh.pod
-@@ -1840,6 +1840,14 @@ Providing I<--tls> causes the migration
+--- libvirt-3.9.0.orig/tools/virsh.pod
++++ libvirt-3.9.0/tools/virsh.pod
+@@ -1849,6 +1849,14 @@ Providing I<--tls> causes the migration
  the migration of the domain. Usage requires proper TLS setup for both source
  and target.
  
diff --git a/libxl-support-block-script.patch b/libxl-support-block-script.patch
index 4478a6b..6c80d2c 100644
--- a/libxl-support-block-script.patch
+++ b/libxl-support-block-script.patch
@@ -7,11 +7,11 @@ and npiv.
 
 For more details, see bsc#954872 and FATE#319810
 
-Index: libvirt-3.8.0/src/libxl/libxl_conf.c
+Index: libvirt-3.9.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-3.8.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-3.8.0/src/libxl/libxl_conf.c
-@@ -646,6 +646,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
+--- libvirt-3.9.0.orig/src/libxl/libxl_conf.c
++++ libvirt-3.9.0/src/libxl/libxl_conf.c
+@@ -621,6 +621,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }
  
@@ -37,7 +37,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
  static void
  libxlDiskSetCacheMode(libxl_device_disk *x_disk, int cachemode)
  {
-@@ -791,6 +810,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
+@@ -766,6 +785,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
  int
  libxlMakeDisk(virDomainDiskDefPtr l_disk, libxl_device_disk *x_disk)
  {
@@ -45,7 +45,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
      const char *driver = virDomainDiskGetDriver(l_disk);
      int format = virDomainDiskGetFormat(l_disk);
      int actual_type = virStorageSourceGetActualType(l_disk->src);
-@@ -806,7 +826,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -781,7 +801,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
          if (libxlMakeNetworkDiskSrc(l_disk->src, &x_disk->pdev_path) < 0)
              return -1;
      } else {
@@ -54,7 +54,7 @@ Index: libvirt-3.8.0/src/libxl/libxl_conf.c
          return -1;
      }
  
-@@ -919,6 +939,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -894,6 +914,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
      if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
          return -1;
      libxlDiskSetCacheMode(x_disk, l_disk->cachemode);
diff --git a/lxc-wait-after-eth-del.patch b/lxc-wait-after-eth-del.patch
index 84cd743..f003d47 100644
--- a/lxc-wait-after-eth-del.patch
+++ b/lxc-wait-after-eth-del.patch
@@ -13,10 +13,10 @@ device with the same name that is being created.
  src/lxc/lxc_process.c    | 1 +
  3 files changed, 4 insertions(+)
 
-Index: libvirt-3.8.0/src/lxc/lxc_controller.c
+Index: libvirt-3.9.0/src/lxc/lxc_controller.c
 ===================================================================
---- libvirt-3.8.0.orig/src/lxc/lxc_controller.c
-+++ libvirt-3.8.0/src/lxc/lxc_controller.c
+--- libvirt-3.9.0.orig/src/lxc/lxc_controller.c
++++ libvirt-3.9.0/src/lxc/lxc_controller.c
 @@ -73,6 +73,7 @@
  #include "rpc/virnetdaemon.h"
  #include "virstring.h"
@@ -33,10 +33,10 @@ Index: libvirt-3.8.0/src/lxc/lxc_controller.c
  
      return ret;
  }
-Index: libvirt-3.8.0/src/lxc/lxc_driver.c
+Index: libvirt-3.9.0/src/lxc/lxc_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/lxc/lxc_driver.c
-+++ libvirt-3.8.0/src/lxc/lxc_driver.c
+--- libvirt-3.9.0.orig/src/lxc/lxc_driver.c
++++ libvirt-3.9.0/src/lxc/lxc_driver.c
 @@ -76,6 +76,7 @@
  #include "virtime.h"
  #include "virtypedparam.h"
@@ -45,7 +45,7 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
  #include "virstring.h"
  #include "viraccessapicheck.h"
  #include "viraccessapichecklxc.h"
-@@ -4021,6 +4022,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
+@@ -4006,6 +4007,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
          case VIR_DOMAIN_NET_TYPE_NETWORK:
          case VIR_DOMAIN_NET_TYPE_ETHERNET:
              ignore_value(virNetDevVethDelete(veth));
@@ -53,7 +53,7 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
              break;
  
          case VIR_DOMAIN_NET_TYPE_DIRECT:
-@@ -4455,6 +4457,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
+@@ -4440,6 +4442,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
              virDomainAuditNet(vm, detach, NULL, "detach", false);
              goto cleanup;
          }
@@ -61,10 +61,10 @@ Index: libvirt-3.8.0/src/lxc/lxc_driver.c
          break;
  
          /* It'd be nice to support this, but with macvlan
-Index: libvirt-3.8.0/src/lxc/lxc_process.c
+Index: libvirt-3.9.0/src/lxc/lxc_process.c
 ===================================================================
---- libvirt-3.8.0.orig/src/lxc/lxc_process.c
-+++ libvirt-3.8.0/src/lxc/lxc_process.c
+--- libvirt-3.9.0.orig/src/lxc/lxc_process.c
++++ libvirt-3.9.0/src/lxc/lxc_process.c
 @@ -52,6 +52,7 @@
  #include "viratomic.h"
  #include "virprocess.h"
diff --git a/network-don-t-use-dhcp-authoritative-on-static-netwo.patch b/network-don-t-use-dhcp-authoritative-on-static-netwo.patch
index 59ea31a..48e9d07 100644
--- a/network-don-t-use-dhcp-authoritative-on-static-netwo.patch
+++ b/network-don-t-use-dhcp-authoritative-on-static-netwo.patch
@@ -17,10 +17,10 @@ Signed-off-by: Martin Wilck <mwilck@suse.com>
  tests/networkxml2confdata/dhcp6host-routed-network.conf | 1 -
  2 files changed, 8 insertions(+), 2 deletions(-)
 
-Index: libvirt-3.8.0/src/network/bridge_driver.c
+Index: libvirt-3.9.0/src/network/bridge_driver.c
 ===================================================================
---- libvirt-3.8.0.orig/src/network/bridge_driver.c
-+++ libvirt-3.8.0/src/network/bridge_driver.c
+--- libvirt-3.9.0.orig/src/network/bridge_driver.c
++++ libvirt-3.9.0/src/network/bridge_driver.c
 @@ -1393,7 +1393,14 @@ networkDnsmasqConfContents(virNetworkObj
          if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET)) {
              if (ipdef->nranges || ipdef->nhosts) {
@@ -37,10 +37,10 @@ Index: libvirt-3.8.0/src/network/bridge_driver.c
              }
  
              if (ipdef->tftproot) {
-Index: libvirt-3.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+Index: libvirt-3.9.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 ===================================================================
---- libvirt-3.8.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
-+++ libvirt-3.8.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+--- libvirt-3.9.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
++++ libvirt-3.9.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 @@ -10,7 +10,6 @@ bind-dynamic
  interface=virbr1
  dhcp-range=192.168.122.1,static
diff --git a/ppc64le-canonical-name.patch b/ppc64le-canonical-name.patch
index 1521474..99128c9 100644
--- a/ppc64le-canonical-name.patch
+++ b/ppc64le-canonical-name.patch
@@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64
 
 See bnc#894956
 
-Index: libvirt-3.8.0/src/util/virarch.c
+Index: libvirt-3.9.0/src/util/virarch.c
 ===================================================================
---- libvirt-3.8.0.orig/src/util/virarch.c
-+++ libvirt-3.8.0/src/util/virarch.c
+--- libvirt-3.9.0.orig/src/util/virarch.c
++++ libvirt-3.9.0/src/util/virarch.c
 @@ -169,6 +169,8 @@ virArch virArchFromHost(void)
          arch = VIR_ARCH_I686;
      } else if (STREQ(ut.machine, "amd64")) {
diff --git a/qemu-apparmor-screenshot.patch b/qemu-apparmor-screenshot.patch
index bcb0ac6..7436b56 100644
--- a/qemu-apparmor-screenshot.patch
+++ b/qemu-apparmor-screenshot.patch
@@ -1,8 +1,8 @@
-Index: libvirt-3.8.0/examples/apparmor/libvirt-qemu
+Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-3.8.0.orig/examples/apparmor/libvirt-qemu
-+++ libvirt-3.8.0/examples/apparmor/libvirt-qemu
-@@ -176,3 +176,6 @@
+--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
++++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
+@@ -184,3 +184,6 @@
    /sys/devices/system/node/ r,
    /sys/devices/system/node/node[0-9]*/meminfo r,
    /sys/module/vhost/parameters/max_mem_regions r,
diff --git a/support-managed-pci-xen-driver.patch b/support-managed-pci-xen-driver.patch
index 89070b9..1b83d2f 100644
--- a/support-managed-pci-xen-driver.patch
+++ b/support-managed-pci-xen-driver.patch
@@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
  src/xenxs/xen_xm.c   |   28 +++++++++++++++++++++++++++-
  2 files changed, 35 insertions(+), 15 deletions(-)
 
-Index: libvirt-3.8.0/src/xenconfig/xen_common.c
+Index: libvirt-3.9.0/src/xenconfig/xen_common.c
 ===================================================================
---- libvirt-3.8.0.orig/src/xenconfig/xen_common.c
-+++ libvirt-3.8.0/src/xenconfig/xen_common.c
+--- libvirt-3.9.0.orig/src/xenconfig/xen_common.c
++++ libvirt-3.9.0/src/xenconfig/xen_common.c
 @@ -394,6 +394,8 @@ xenParsePCI(virConfPtr conf, virDomainDe
  {
      virConfValuePtr list = virConfGetValue(conf, "pci");
@@ -66,11 +66,11 @@ Index: libvirt-3.8.0/src/xenconfig/xen_common.c
              hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
              hostdev->source.subsys.u.pci.addr.domain = domainID;
              hostdev->source.subsys.u.pci.addr.bus = busID;
-Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
-@@ -1062,6 +1062,7 @@ xenParseSxprPCI(virDomainDefPtr def,
+--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
+@@ -1057,6 +1057,7 @@ xenParseSxprPCI(virDomainDefPtr def,
          int busID;
          int slotID;
          int funcID;
@@ -78,7 +78,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
  
          node = cur->u.s.car;
          if (!sexpr_lookup(node, "dev"))
-@@ -1109,11 +1110,13 @@ xenParseSxprPCI(virDomainDefPtr def,
+@@ -1104,11 +1105,13 @@ xenParseSxprPCI(virDomainDefPtr def,
              goto error;
          }
  
@@ -93,7 +93,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
          dev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
          dev->source.subsys.u.pci.addr.domain = domainID;
          dev->source.subsys.u.pci.addr.bus = busID;
-@@ -1977,11 +1980,15 @@ static void
+@@ -1972,11 +1975,15 @@ static void
  xenFormatSxprPCI(virDomainHostdevDefPtr def,
                   virBufferPtr buf)
  {
@@ -110,7 +110,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
  }
  
  
-@@ -2000,12 +2007,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
+@@ -1995,12 +2002,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
                      virBufferPtr buf,
                      int detach)
  {
@@ -123,7 +123,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
      virBufferAddLit(buf, "(pci ");
      xenFormatSxprPCI(def, buf);
      if (detach)
-@@ -2060,12 +2061,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
+@@ -2055,12 +2056,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
      for (i = 0; i < def->nhostdevs; i++) {
          if (def->hostdevs[i]->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
              def->hostdevs[i]->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
diff --git a/suse-apparmor-libnl-paths.patch b/suse-apparmor-libnl-paths.patch
index dfaab25..2845283 100644
--- a/suse-apparmor-libnl-paths.patch
+++ b/suse-apparmor-libnl-paths.patch
@@ -8,10 +8,10 @@ It was also noticed that the per-domain profiles need a libnl rule
 to squelch a denial when starting confined domains.
 
 Found while investigating bsc#1058847
-Index: libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+Index: libvirt-3.9.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
 ===================================================================
---- libvirt-3.8.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
-+++ libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+--- libvirt-3.9.0.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
++++ libvirt-3.9.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
 @@ -16,7 +16,7 @@ profile virt-aa-helper /usr/{lib,lib64}/
    owner @{PROC}/[0-9]*/status r,
    @{PROC}/filesystems r,
@@ -21,11 +21,11 @@ Index: libvirt-3.8.0/examples/apparmor/usr.lib.libvirt.virt-aa-helper
  
    # for hostdev
    /sys/devices/ r,
-Index: libvirt-3.8.0/examples/apparmor/libvirt-qemu
+Index: libvirt-3.9.0/examples/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-3.8.0.orig/examples/apparmor/libvirt-qemu
-+++ libvirt-3.8.0/examples/apparmor/libvirt-qemu
-@@ -50,6 +50,7 @@
+--- libvirt-3.9.0.orig/examples/apparmor/libvirt-qemu
++++ libvirt-3.9.0/examples/apparmor/libvirt-qemu
+@@ -58,6 +58,7 @@
    #/dev/fb* rw,
  
    /etc/pulse/client.conf r,
diff --git a/suse-libvirt-guests-service.patch b/suse-libvirt-guests-service.patch
index f52e9d9..053a6d4 100644
--- a/suse-libvirt-guests-service.patch
+++ b/suse-libvirt-guests-service.patch
@@ -1,9 +1,9 @@
 Adjust libvirt-guests service to conform to SUSE standards
 
-Index: libvirt-3.8.0/tools/libvirt-guests.init.in
+Index: libvirt-3.9.0/tools/libvirt-guests.init.in
 ===================================================================
---- libvirt-3.8.0.orig/tools/libvirt-guests.init.in
-+++ libvirt-3.8.0/tools/libvirt-guests.init.in
+--- libvirt-3.9.0.orig/tools/libvirt-guests.init.in
++++ libvirt-3.9.0/tools/libvirt-guests.init.in
 @@ -4,27 +4,27 @@
  # http://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/initscrcomconv.html
  #
@@ -23,32 +23,33 @@ Index: libvirt-3.8.0/tools/libvirt-guests.init.in
  # Short-Description: suspend/resume libvirt guests on shutdown/boot
 -# Description: This is a script for suspending active libvirt guests
 -#              on shutdown and resuming them on next boot
--#              See http://libvirt.org
+-#              See https://libvirt.org
 +# Description:       This is a script for suspending active libvirt guests
 +#                    on shutdown and resuming them on next boot
-+#                    See http://libvirt.org
++#                    See https://libvirt.org
  ### END INIT INFO
  
  # the following is chkconfig init header
  #
 -# libvirt-guests:   suspend/resume libvirt guests on shutdown/boot
-+# libvirt-guests:    suspend/resume libvirt guests on shutdown/boot
- #
+-#
 -# chkconfig: 345 99 01
 -# description:  This is a script for suspending active libvirt guests \
 -#               on shutdown and resuming them on next boot \
--#               See http://libvirt.org
+-#               See https://libvirt.org
++# libvirt-guests:    suspend/resume libvirt guests on shutdown/boot
+ #
 +# chkconfig:         345 99 01
 +# description:       This is a script for suspending active libvirt guests \
 +#                    on shutdown and resuming them on next boot \
-+#                    See http://libvirt.org
- #
++#                    See https://libvirt.org
++
  
  exec @libexecdir@/libvirt-guests.sh "$@"
-Index: libvirt-3.8.0/tools/libvirt-guests.sh.in
+Index: libvirt-3.9.0/tools/libvirt-guests.sh.in
 ===================================================================
---- libvirt-3.8.0.orig/tools/libvirt-guests.sh.in
-+++ libvirt-3.8.0/tools/libvirt-guests.sh.in
+--- libvirt-3.9.0.orig/tools/libvirt-guests.sh.in
++++ libvirt-3.9.0/tools/libvirt-guests.sh.in
 @@ -16,14 +16,13 @@
  # License along with this library.  If not, see
  # <http://www.gnu.org/licenses/>.
@@ -208,10 +209,10 @@ Index: libvirt-3.8.0/tools/libvirt-guests.sh.in
  esac
 -exit $RETVAL
 +rc_exit
-Index: libvirt-3.8.0/tools/libvirt-guests.sysconf
+Index: libvirt-3.9.0/tools/libvirt-guests.sysconf
 ===================================================================
---- libvirt-3.8.0.orig/tools/libvirt-guests.sysconf
-+++ libvirt-3.8.0/tools/libvirt-guests.sysconf
+--- libvirt-3.9.0.orig/tools/libvirt-guests.sysconf
++++ libvirt-3.9.0/tools/libvirt-guests.sysconf
 @@ -1,19 +1,29 @@
 +## Path: System/Virtualization/libvirt-guests
 +
diff --git a/suse-libvirtd-disable-tls.patch b/suse-libvirtd-disable-tls.patch
index 74c438b..38021b4 100644
--- a/suse-libvirtd-disable-tls.patch
+++ b/suse-libvirtd-disable-tls.patch
@@ -3,10 +3,10 @@ Disable TLS by default
 On SUSE distros, the default is for libvirtd to listen only on the
 Unix Domain Socket. The libvirt client still provides remote access
 via a SSH tunnel.
-Index: libvirt-3.8.0/daemon/libvirtd.conf
+Index: libvirt-3.9.0/daemon/libvirtd.conf
 ===================================================================
---- libvirt-3.8.0.orig/daemon/libvirtd.conf
-+++ libvirt-3.8.0/daemon/libvirtd.conf
+--- libvirt-3.9.0.orig/daemon/libvirtd.conf
++++ libvirt-3.9.0/daemon/libvirtd.conf
 @@ -18,8 +18,8 @@
  # It is necessary to setup a CA and issue server certificates before
  # using this capability.
@@ -18,10 +18,10 @@ Index: libvirt-3.8.0/daemon/libvirtd.conf
  
  # Listen for unencrypted TCP connections on the public TCP/IP port.
  # NB, must pass the --listen flag to the libvirtd process for this to
-Index: libvirt-3.8.0/daemon/libvirtd-config.c
+Index: libvirt-3.9.0/daemon/libvirtd-config.c
 ===================================================================
---- libvirt-3.8.0.orig/daemon/libvirtd-config.c
-+++ libvirt-3.8.0/daemon/libvirtd-config.c
+--- libvirt-3.9.0.orig/daemon/libvirtd-config.c
++++ libvirt-3.9.0/daemon/libvirtd-config.c
 @@ -110,7 +110,7 @@ daemonConfigNew(bool privileged ATTRIBUT
      if (VIR_ALLOC(data) < 0)
          return NULL;
@@ -31,10 +31,10 @@ Index: libvirt-3.8.0/daemon/libvirtd-config.c
      data->listen_tcp = 0;
  
      if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
-Index: libvirt-3.8.0/daemon/test_libvirtd.aug.in
+Index: libvirt-3.9.0/daemon/test_libvirtd.aug.in
 ===================================================================
---- libvirt-3.8.0.orig/daemon/test_libvirtd.aug.in
-+++ libvirt-3.8.0/daemon/test_libvirtd.aug.in
+--- libvirt-3.9.0.orig/daemon/test_libvirtd.aug.in
++++ libvirt-3.9.0/daemon/test_libvirtd.aug.in
 @@ -2,7 +2,7 @@ module Test_libvirtd =
     ::CONFIG::
  
diff --git a/suse-libvirtd-service-xen.patch b/suse-libvirtd-service-xen.patch
index 6ae9f5a..292a38d 100644
--- a/suse-libvirtd-service-xen.patch
+++ b/suse-libvirtd-service-xen.patch
@@ -7,10 +7,10 @@ On SUSE distros, we promote libvirt and all the libvirt-based
 tools. If a user installs libvirt on their SUSE Xen host, then
 libvirt should be king and override xendomains. See bsc#1015348
 
-Index: libvirt-3.8.0/daemon/libvirtd.service.in
+Index: libvirt-3.9.0/daemon/libvirtd.service.in
 ===================================================================
---- libvirt-3.8.0.orig/daemon/libvirtd.service.in
-+++ libvirt-3.8.0/daemon/libvirtd.service.in
+--- libvirt-3.9.0.orig/daemon/libvirtd.service.in
++++ libvirt-3.9.0/daemon/libvirtd.service.in
 @@ -14,6 +14,8 @@ After=iscsid.service
  After=apparmor.service
  After=local-fs.target
@@ -18,5 +18,5 @@ Index: libvirt-3.8.0/daemon/libvirtd.service.in
 +After=xencommons.service
 +Conflicts=xendomains.service
  Documentation=man:libvirtd(8)
- Documentation=http://libvirt.org
+ Documentation=https://libvirt.org
  
diff --git a/suse-libvirtd-sysconfig-settings.patch b/suse-libvirtd-sysconfig-settings.patch
index 5cacea0..b24dd41 100644
--- a/suse-libvirtd-sysconfig-settings.patch
+++ b/suse-libvirtd-sysconfig-settings.patch
@@ -1,9 +1,9 @@
 Adjust libvirtd sysconfig file to conform to SUSE standards
 
-Index: libvirt-3.8.0/daemon/libvirtd.sysconf
+Index: libvirt-3.9.0/daemon/libvirtd.sysconf
 ===================================================================
---- libvirt-3.8.0.orig/daemon/libvirtd.sysconf
-+++ libvirt-3.8.0/daemon/libvirtd.sysconf
+--- libvirt-3.9.0.orig/daemon/libvirtd.sysconf
++++ libvirt-3.9.0/daemon/libvirtd.sysconf
 @@ -1,16 +1,25 @@
 +## Path: System/Virtualization/libvirt
 +
diff --git a/suse-ovmf-paths.patch b/suse-ovmf-paths.patch
index 0eb4758..8410629 100644
--- a/suse-ovmf-paths.patch
+++ b/suse-ovmf-paths.patch
@@ -1,10 +1,10 @@
 Adjust paths of OVMF firmwares on SUSE distros
 
-Index: libvirt-3.8.0/src/qemu/qemu.conf
+Index: libvirt-3.9.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-3.8.0.orig/src/qemu/qemu.conf
-+++ libvirt-3.8.0/src/qemu/qemu.conf
-@@ -737,10 +737,9 @@ security_default_confined = 0
+--- libvirt-3.9.0.orig/src/qemu/qemu.conf
++++ libvirt-3.9.0/src/qemu/qemu.conf
+@@ -743,10 +743,9 @@ security_default_confined = 0
  # for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
  # follows this scheme.
  #nvram = [
@@ -18,10 +18,10 @@ Index: libvirt-3.8.0/src/qemu/qemu.conf
  #]
  
  # The backend to use for handling stdout/stderr output from
-Index: libvirt-3.8.0/src/qemu/qemu_conf.c
+Index: libvirt-3.9.0/src/qemu/qemu_conf.c
 ===================================================================
---- libvirt-3.8.0.orig/src/qemu/qemu_conf.c
-+++ libvirt-3.8.0/src/qemu/qemu_conf.c
+--- libvirt-3.9.0.orig/src/qemu/qemu_conf.c
++++ libvirt-3.9.0/src/qemu/qemu_conf.c
 @@ -127,10 +127,9 @@ void qemuDomainCmdlineDefFree(qemuDomain
  
  #ifndef DEFAULT_LOADER_NVRAM
diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch
index ee3f8a1..ebec744 100644
--- a/suse-qemu-conf.patch
+++ b/suse-qemu-conf.patch
@@ -7,11 +7,11 @@ suse-qemu-conf-secdriver.patch, suse-qemu-conf-lockmgr.patch,
 etc.), but for now they are all lumped together in this
 single patch.
 
-Index: libvirt-3.8.0/src/qemu/qemu.conf
+Index: libvirt-3.9.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-3.8.0.orig/src/qemu/qemu.conf
-+++ libvirt-3.8.0/src/qemu/qemu.conf
-@@ -374,11 +374,20 @@
+--- libvirt-3.9.0.orig/src/qemu/qemu.conf
++++ libvirt-3.9.0/src/qemu/qemu.conf
+@@ -380,11 +380,20 @@
  # isolation, but it cannot appear in a list of drivers.
  #
  #security_driver = "selinux"
@@ -34,7 +34,7 @@ Index: libvirt-3.8.0/src/qemu/qemu.conf
  
  # If set to non-zero, then attempts to create unconfined
  # guests will be blocked. Defaults to 0.
-@@ -622,11 +631,22 @@
+@@ -628,11 +637,22 @@
  #allow_disk_format_probing = 1
  
  
diff --git a/suse-virtlockd-sysconfig-settings.patch b/suse-virtlockd-sysconfig-settings.patch
index e2ce5ae..09c26f6 100644
--- a/suse-virtlockd-sysconfig-settings.patch
+++ b/suse-virtlockd-sysconfig-settings.patch
@@ -1,9 +1,9 @@
 Adjust virtlockd sysconfig file to conform to SUSE standards
 
-Index: libvirt-3.8.0/src/locking/virtlockd.sysconf
+Index: libvirt-3.9.0/src/locking/virtlockd.sysconf
 ===================================================================
---- libvirt-3.8.0.orig/src/locking/virtlockd.sysconf
-+++ libvirt-3.8.0/src/locking/virtlockd.sysconf
+--- libvirt-3.9.0.orig/src/locking/virtlockd.sysconf
++++ libvirt-3.9.0/src/locking/virtlockd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlockd
 +
diff --git a/suse-virtlogd-sysconfig-settings.patch b/suse-virtlogd-sysconfig-settings.patch
index 7866903..3fd5ac2 100644
--- a/suse-virtlogd-sysconfig-settings.patch
+++ b/suse-virtlogd-sysconfig-settings.patch
@@ -1,9 +1,9 @@
 Adjust virtlogd sysconfig file to conform to SUSE standards
 
-Index: libvirt-3.8.0/src/logging/virtlogd.sysconf
+Index: libvirt-3.9.0/src/logging/virtlogd.sysconf
 ===================================================================
---- libvirt-3.8.0.orig/src/logging/virtlogd.sysconf
-+++ libvirt-3.8.0/src/logging/virtlogd.sysconf
+--- libvirt-3.9.0.orig/src/logging/virtlogd.sysconf
++++ libvirt-3.9.0/src/logging/virtlogd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlogd
 +
diff --git a/xen-pv-cdrom.patch b/xen-pv-cdrom.patch
index e3362c3..880490b 100644
--- a/xen-pv-cdrom.patch
+++ b/xen-pv-cdrom.patch
@@ -1,8 +1,8 @@
-Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
-@@ -392,7 +392,7 @@ xenParseSxprVifRate(const char *rate, un
+--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
+@@ -387,7 +387,7 @@ xenParseSxprVifRate(const char *rate, un
  static int
  xenParseSxprDisks(virDomainDefPtr def,
                    const struct sexpr *root,
@@ -11,7 +11,7 @@ Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
  {
      const struct sexpr *cur, *node;
      virDomainDiskDefPtr disk = NULL;
-@@ -442,7 +442,6 @@ xenParseSxprDisks(virDomainDefPtr def,
+@@ -437,7 +437,6 @@ xenParseSxprDisks(virDomainDefPtr def,
                  /* There is a case without the uname to the CD-ROM device */
                  offset = strchr(dst, ':');
                  if (!offset ||
diff --git a/xen-sxpr-disk-type.patch b/xen-sxpr-disk-type.patch
index 71ff411..f58f6c7 100644
--- a/xen-sxpr-disk-type.patch
+++ b/xen-sxpr-disk-type.patch
@@ -6,11 +6,11 @@ and 'file'. This was implicitly done prior to commit 9673418c.
 
 https://bugzilla.suse.com/show_bug.cgi?id=938228
 
-Index: libvirt-3.8.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-3.9.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-3.8.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-3.8.0/src/xenconfig/xen_sxpr.c
-@@ -506,10 +506,11 @@ xenParseSxprDisks(virDomainDefPtr def,
+--- libvirt-3.9.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-3.9.0/src/xenconfig/xen_sxpr.c
+@@ -501,10 +501,11 @@ xenParseSxprDisks(virDomainDefPtr def,
                         omnipotent, we can revisit this, perhaps stat()'ing
                         the src file in question */
                      virDomainDiskSetType(disk, VIR_STORAGE_TYPE_FILE);