Accepting request 159618 from Virtualization

Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/159618
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=115

25ea8e47-python-generator-fix2.patch

@@ -1,89 +0,0 @@
-commit 25ea8e47e74def560bf89cd94dd54b75ca5ff4d6
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Tue Feb 5 12:55:09 2013 +0000
-
-    Fix missing error constants in libvirt python module
-    
-    The previous change to the generator, changed too much - only
-    the functions are in 'virerror.c', the constants remained in
-    'virerror.h' which could not be renamed for API compat reasons.
-    
-    Add a test case to sanity check the generated python bindings
-    
-    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-
-Index: libvirt-1.0.2/python/Makefile.am
-===================================================================
---- libvirt-1.0.2.orig/python/Makefile.am
-+++ libvirt-1.0.2/python/Makefile.am
-@@ -119,6 +119,11 @@ $(libvirtmod_la_OBJECTS): $(GENERATED)
- $(libvirtmod_qemu_la_OBJECTS): $(QEMU_GENERATED)
- $(libvirtmod_lxc_la_OBJECTS): $(LXC_GENERATED)
- 
-+EXTRA_DIST += sanitytest.py
-+
-+check-local:
-+	$(AM_V_GEN)PYTHONPATH=$(abs_topbuilddir):$(abs_topbuilddir)/.libs $(PYTHON) $(srcdir)/sanitytest.py
-+
- install-data-local:
- 	$(mkinstalldirs) $(DESTDIR)$(pyexecdir)
- 	$(INSTALL) -m 0644 libvirt.py $(DESTDIR)$(pyexecdir)
-Index: libvirt-1.0.2/python/generator.py
-===================================================================
---- libvirt-1.0.2.orig/python/generator.py
-+++ libvirt-1.0.2/python/generator.py
-@@ -122,8 +122,9 @@ class docParser(xml.sax.handler.ContentH
-                 if attrs.has_key('field'):
-                     self.function_return_field = attrs['field']
-         elif tag == 'enum':
-+            # enums come from header files, hence virterror.h
-             if (attrs['file'] == "libvirt" or
--                attrs['file'] == "virerror"):
-+                attrs['file'] == "virterror"):
-                 enum(attrs['type'],attrs['name'],attrs['value'])
-             elif attrs['file'] == "libvirt-lxc":
-                 lxc_enum(attrs['type'],attrs['name'],attrs['value'])
-@@ -134,6 +135,7 @@ class docParser(xml.sax.handler.ContentH
-         if debug:
-             print "end %s" % tag
-         if tag == 'function':
-+            # fuctions come from source files, hence 'virerror.c'
-             if self.function != None:
-                 if (self.function_module == "libvirt" or
-                     self.function_module == "virevent" or
-Index: libvirt-1.0.2/python/sanitytest.py
-===================================================================
---- /dev/null
-+++ libvirt-1.0.2/python/sanitytest.py
-@@ -0,0 +1,31 @@
-+#!/usr/bin/python
-+
-+import libvirt
-+
-+globals = dir(libvirt)
-+
-+# Sanity test that the generator hasn't gone wrong
-+
-+# Look for core classes
-+assert("virConnect" in globals)
-+assert("virDomain" in globals)
-+assert("virDomainSnapshot" in globals)
-+assert("virInterface" in globals)
-+assert("virNWFilter" in globals)
-+assert("virNodeDevice" in globals)
-+assert("virNetwork" in globals)
-+assert("virSecret" in globals)
-+assert("virStoragePool" in globals)
-+assert("virStorageVol" in globals)
-+assert("virStream" in globals)
-+assert("VIR_CONNECT_RO" in globals)
-+
-+# Error related bits
-+assert("libvirtError" in globals)
-+assert("VIR_ERR_AUTH_FAILED" in globals)
-+assert("virGetLastError" in globals)
-+
-+# Some misc methods
-+assert("virInitialize" in globals)
-+assert("virEventAddHandle" in globals)
-+assert("virEventRegisterDefaultImpl" in globals)

567779e5-libxl-default-disk-backend.patch

@@ -1,38 +0,0 @@
-commit 567779e51a7727b021dee095c9d75cf0cde0bd43
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Wed Feb 20 13:02:28 2013 -0700
-
-    libxl: Fix setting of disk backend
-    
-    The libxl driver was setting the backend field of libxl_device_disk
-    structure to LIBXL_DISK_BACKEND_TAP when the driver element of disk
-    configuration was not specified.  This needlessly forces the use of
-    blktap driver, which may not be loaded in dom0
-    
-    https://bugzilla.redhat.com/show_bug.cgi?id=912488
-    
-    Ian Campbell suggested that LIBXL_DISK_BACKEND_UNKNOWN is a better
-    default in this case
-    
-    https://www.redhat.com/archives/libvir-list/2013-February/msg01126.html
-
-Index: libvirt-1.0.2/src/libxl/libxl_conf.c
-===================================================================
---- libvirt-1.0.2.orig/src/libxl/libxl_conf.c
-+++ libvirt-1.0.2/src/libxl/libxl_conf.c
-@@ -525,9 +525,13 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
-             return -1;
-         }
-     } else {
--        /* No driverName - default to raw/tap?? */
-+        /*
-+         * If driverName is not specified, default to raw as per
-+         * xl-disk-configuration.txt in the xen documentation and let
-+         * libxl pick a suitable backend.
-+         */
-         x_disk->format = LIBXL_DISK_FORMAT_RAW;
--        x_disk->backend = LIBXL_DISK_BACKEND_TAP;
-+        x_disk->backend = LIBXL_DISK_BACKEND_UNKNOWN;
-     }
- 
-     /* XXX is this right? */

AF_PACKET.patch

@@ -1,26 +0,0 @@
-Index: libvirt-1.0.2/src/util/virnetdev.c
-===================================================================
---- libvirt-1.0.2.orig/src/util/virnetdev.c
-+++ libvirt-1.0.2/src/util/virnetdev.c
-@@ -81,7 +81,7 @@ static int virNetDevSetupControlFull(con
- static int virNetDevSetupControl(const char *ifname,
-                                  struct ifreq *ifr)
- {
--    return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM);
-+    return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM);
- }
- #endif
- 
-Index: libvirt-1.0.2/src/util/virnetdevbridge.c
-===================================================================
---- libvirt-1.0.2.orig/src/util/virnetdevbridge.c
-+++ libvirt-1.0.2/src/util/virnetdevbridge.c
-@@ -85,7 +85,7 @@ static int virNetDevSetupControlFull(con
- static int virNetDevSetupControl(const char *ifname,
-                                  struct ifreq *ifr)
- {
--    return virNetDevSetupControlFull(ifname, ifr, AF_PACKET, SOCK_DGRAM);
-+    return virNetDevSetupControlFull(ifname, ifr, AF_INET, SOCK_STREAM);
- }
- #endif
- 

a6b8bae5-python-generator-fix1.patch

@@ -1,35 +0,0 @@
-commit a6b8bae5a6a4752926eba409202ec061d81c6c8a
-Author: Serge Hallyn <serge.hallyn@canonical.com>
-Date:   Wed Jan 30 21:05:45 2013 -0600
-
-    complete virterror->virerror name change
-    
-    Without these two string changes in generator.py, the
-    virGetLastError wrapper does not get created in
-    /usr/share/pyshared/libvirt.py.  Noticed when running
-    tests with virt-install.
-    
-    Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-
-Index: libvirt-1.0.2/python/generator.py
-===================================================================
---- libvirt-1.0.2.orig/python/generator.py
-+++ libvirt-1.0.2/python/generator.py
-@@ -123,7 +123,7 @@ class docParser(xml.sax.handler.ContentH
-                     self.function_return_field = attrs['field']
-         elif tag == 'enum':
-             if (attrs['file'] == "libvirt" or
--                attrs['file'] == "virterror"):
-+                attrs['file'] == "virerror"):
-                 enum(attrs['type'],attrs['name'],attrs['value'])
-             elif attrs['file'] == "libvirt-lxc":
-                 lxc_enum(attrs['type'],attrs['name'],attrs['value'])
-@@ -137,7 +137,7 @@ class docParser(xml.sax.handler.ContentH
-             if self.function != None:
-                 if (self.function_module == "libvirt" or
-                     self.function_module == "virevent" or
--                    self.function_module == "virterror"):
-+                    self.function_module == "virerror"):
-                     function(self.function, self.function_descr,
-                              self.function_return, self.function_args,
-                              self.function_file, self.function_module,

ce4557c3-apparmor-tapfd-label.patch

@@ -0,0 +1,68 @@
+commit ce4557c3ab3702639db73615dd144ddf036321ed
+Author: Guannan Ren <gren@redhat.com>
+Date:   Fri Mar 8 00:16:59 2013 +0800
+
+    apparmor: use AppArmorSetFDLabel for both imageFD and tapFD
+    
+    Rename AppArmorSetImageFDLabel to AppArmorSetFDLabel which could
+    be used as a common function for *ALL* fd relabelling in Linux.
+    
+    In apparmor profile for specific vm with uuid cdbebdfa-1d6d-65c3-be0f-fd74b978a773
+    Path: /etc/apparmor.d/libvirt/libvirt-cdbebdfa-1d6d-65c3-be0f-fd74b978a773.files
+    The last line is for the tapfd relabelling.
+    
+     # DO NOT EDIT THIS FILE DIRECTLY. IT IS MANAGED BY LIBVIRT.
+      "/var/log/libvirt/**/rhel6qcow2.log" w,
+      "/var/lib/libvirt/**/rhel6qcow2.monitor" rw,
+      "/var/run/libvirt/**/rhel6qcow2.pid" rwk,
+      "/run/libvirt/**/rhel6qcow2.pid" rwk,
+      "/var/run/libvirt/**/*.tunnelmigrate.dest.rhel6qcow2" rw,
+      "/run/libvirt/**/*.tunnelmigrate.dest.rhel6qcow2" rw,
+      "/var/lib/libvirt/images/rhel6u3qcow2.img" rw,
+      "/dev/tap45" rw,
+
+Index: libvirt-1.0.3/src/security/security_apparmor.c
+===================================================================
+--- libvirt-1.0.3.orig/src/security/security_apparmor.c
++++ libvirt-1.0.3/src/security/security_apparmor.c
+@@ -884,9 +884,9 @@ AppArmorRestoreSavedStateLabel(virSecuri
+ }
+ 
+ static int
+-AppArmorSetImageFDLabel(virSecurityManagerPtr mgr,
+-                        virDomainDefPtr def,
+-                        int fd)
++AppArmorSetFDLabel(virSecurityManagerPtr mgr,
++                   virDomainDefPtr def,
++                   int fd)
+ {
+     int rc = -1;
+     char *proc = NULL;
+@@ -915,16 +915,6 @@ AppArmorSetImageFDLabel(virSecurityManag
+     return reload_profile(mgr, def, fd_path, true);
+ }
+ 
+-/* TODO need code here */
+-static int
+-AppArmorSetTapFDLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+-                      virDomainDefPtr def ATTRIBUTE_UNUSED,
+-                      int fd ATTRIBUTE_UNUSED)
+-{
+-    return 0;
+-}
+-
+-
+ static char *
+ AppArmorGetMountOptions(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+                         virDomainDefPtr vm ATTRIBUTE_UNUSED)
+@@ -975,8 +965,8 @@ virSecurityDriver virAppArmorSecurityDri
+     .domainSetSavedStateLabel           = AppArmorSetSavedStateLabel,
+     .domainRestoreSavedStateLabel       = AppArmorRestoreSavedStateLabel,
+ 
+-    .domainSetSecurityImageFDLabel      = AppArmorSetImageFDLabel,
+-    .domainSetSecurityTapFDLabel        = AppArmorSetTapFDLabel,
++    .domainSetSecurityImageFDLabel      = AppArmorSetFDLabel,
++    .domainSetSecurityTapFDLabel        = AppArmorSetFDLabel,
+ 
+     .domainGetSecurityMountOptions      = AppArmorGetMountOptions,
+ };

fix-pci-attach-xen-driver.patch

@@ -0,0 +1,42 @@
+Fix PCI device attach in xend driver
+
+When attaching PCI device using the xend driver, the 'device_create'
+RPC is called, which is not sufficient to fully prepare/configure
+the device for attachment to a domain.  In the xen tools, xm pci-attach
+uses the 'device_configure' RPC.
+
+This patch changes the xend driver to always call 'device_configure' for
+PCI devices to be consistent with the usage in the xen tools.
+
+Index: libvirt-1.0.3/src/xen/xend_internal.c
+===================================================================
+--- libvirt-1.0.3.orig/src/xen/xend_internal.c
++++ libvirt-1.0.3/src/xen/xend_internal.c
+@@ -2473,6 +2473,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr
+     virBuffer buf = VIR_BUFFER_INITIALIZER;
+     char class[8], ref[80];
+     char *target = NULL;
++    int new_dev;
+ 
+     virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG, -1);
+ 
+@@ -2585,8 +2586,18 @@ xenDaemonAttachDeviceFlags(virDomainPtr
+     }
+ 
+     sexpr = virBufferContentAndReset(&buf);
++    new_dev = virDomainXMLDevID(domain, def, dev, class, ref, sizeof(ref));
+ 
+-    if (virDomainXMLDevID(domain, def, dev, class, ref, sizeof(ref))) {
++    /* always call 'device_configure' for pci device */
++    if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
++        dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
++        dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
++        ret = xend_op(domain->conn, domain->name, "op", "device_configure",
++                      "config", sexpr, "dev", ref, NULL);
++        goto cleanup;
++    }
++
++    if (new_dev) {
+         /* device doesn't exist, define it */
+         ret = xend_op(domain->conn, domain->name, "op", "device_create",
+                       "config", sexpr, NULL);

install-apparmor-profiles.patch

@@ -1,8 +1,8 @@
-Index: libvirt-1.0.2/examples/apparmor/Makefile.am
+Index: libvirt-1.0.3/examples/apparmor/Makefile.am
 ===================================================================
---- libvirt-1.0.2.orig/examples/apparmor/Makefile.am
-+++ libvirt-1.0.2/examples/apparmor/Makefile.am
-@@ -1,8 +1,39 @@
+--- libvirt-1.0.3.orig/examples/apparmor/Makefile.am
++++ libvirt-1.0.3/examples/apparmor/Makefile.am
+@@ -1,8 +1,45 @@
  ## Copyright (C) 2005-2011 Red Hat, Inc.
  ## See COPYING.LIB for the License of this software
  
@@ -13,12 +13,18 @@ Index: libvirt-1.0.2/examples/apparmor/Makefile.am
 -	usr.sbin.libvirtd
 +EXTRA_DIST=					\
 +	TEMPLATE				\
-+	libvirt-qemu				\
++	libvirt-qemu.in				\
 +	usr.lib.libvirt.virt-aa-helper.in	\
 +	usr.sbin.libvirtd.in
 +
 +if WITH_SECDRIVER_APPARMOR
 +
++libvirt-qemu: libvirt-qemu.in
++	sed                                     \
++	    -e 's![@]libdir[@]!$(libdir)!g'     \
++	    < $< > $@-t
++	mv $@-t $@
++
 +usr.lib.libvirt.virt-aa-helper: usr.lib.libvirt.virt-aa-helper.in
 +	sed                                     \
 +	    -e 's![@]libdir[@]!$(libdir)!g'     \
@@ -31,7 +37,7 @@ Index: libvirt-1.0.2/examples/apparmor/Makefile.am
 +	    < $< > $@-t
 +	mv $@-t $@
 +
-+install-data-local: usr.sbin.libvirtd usr.lib.libvirt.virt-aa-helper
++install-data-local: libvirt-qemu usr.sbin.libvirtd usr.lib.libvirt.virt-aa-helper
 +	mkdir -p $(DESTDIR)$(sysconfdir)/apparmor.d/
 +	$(INSTALL_DATA) usr.lib.libvirt.virt-aa-helper $(DESTDIR)$(sysconfdir)/apparmor.d/usr.lib.libvirt.virt-aa-helper
 +	$(INSTALL_DATA) usr.sbin.libvirtd $(DESTDIR)$(sysconfdir)/apparmor.d/usr.sbin.libvirtd
@@ -47,10 +53,10 @@ Index: libvirt-1.0.2/examples/apparmor/Makefile.am
 +	rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE
 +
 +endif
-Index: libvirt-1.0.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
+Index: libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 ===================================================================
 --- /dev/null
-+++ libvirt-1.0.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
++++ libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 @@ -0,0 +1,40 @@
 +# Last Modified: Fri Aug 19 11:21:48 2011
 +#include <tunables/global>
@@ -92,9 +98,9 @@ Index: libvirt-1.0.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in
 +  /var/lib/kvm/images/ r,
 +  /var/lib/kvm/images/** r,
 +}
-Index: libvirt-1.0.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+Index: libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper
 ===================================================================
---- libvirt-1.0.2.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
+--- libvirt-1.0.3.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper
 +++ /dev/null
 @@ -1,38 +0,0 @@
 -# Last Modified: Mon Apr  5 15:10:27 2010
@@ -135,9 +141,9 @@ Index: libvirt-1.0.2/examples/apparmor/usr.lib.libvirt.virt-aa-helper
 -  /var/lib/libvirt/images/ r,
 -  /var/lib/libvirt/images/** r,
 -}
-Index: libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd
+Index: libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd
 ===================================================================
---- libvirt-1.0.2.orig/examples/apparmor/usr.sbin.libvirtd
+--- libvirt-1.0.3.orig/examples/apparmor/usr.sbin.libvirtd
 +++ /dev/null
 @@ -1,52 +0,0 @@
 -# Last Modified: Mon Apr  5 15:03:58 2010
@@ -192,11 +198,11 @@ Index: libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd
 -  change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
 -
 -}
-Index: libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd.in
+Index: libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd.in
 ===================================================================
 --- /dev/null
-+++ libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd.in
-@@ -0,0 +1,57 @@
++++ libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd.in
+@@ -0,0 +1,58 @@
 +# Last Modified: Fri Aug 19 11:20:36 2011
 +#include <tunables/global>
 +@{LIBVIRT}="libvirt"
@@ -227,6 +233,7 @@ Index: libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd.in
 +  network inet dgram,
 +  network inet6 stream,
 +  network inet6 dgram,
++  network packet dgram,
 +
 +  # Very lenient profile for libvirtd since we want to first focus on confining
 +  # the guests. Guests will have a very restricted profile.
@@ -254,23 +261,274 @@ Index: libvirt-1.0.2/examples/apparmor/usr.sbin.libvirtd.in
 +  change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*,
 +
 +}
-Index: libvirt-1.0.2/examples/apparmor/libvirt-qemu
+Index: libvirt-1.0.3/examples/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-1.0.2.orig/examples/apparmor/libvirt-qemu
-+++ libvirt-1.0.2/examples/apparmor/libvirt-qemu
-@@ -52,6 +52,7 @@
-   # access to firmware's etc
-   /usr/share/kvm/** r,
-   /usr/share/qemu/** r,
+--- libvirt-1.0.3.orig/examples/apparmor/libvirt-qemu
++++ /dev/null
+@@ -1,129 +0,0 @@
+-# Last Modified: Fri Mar 9 14:43:22 2012
+-
+-  #include <abstractions/base>
+-  #include <abstractions/consoles>
+-  #include <abstractions/nameservice>
+-
+-  # required for reading disk images
+-  capability dac_override,
+-  capability dac_read_search,
+-  capability chown,
+-
+-  network inet stream,
+-  network inet6 stream,
+-
+-  /dev/net/tun rw,
+-  /dev/kvm rw,
+-  /dev/ptmx rw,
+-  /dev/kqemu rw,
+-  @{PROC}/*/status r,
+-
+-  # For hostdev access. The actual devices will be added dynamically
+-  /sys/bus/usb/devices/ r,
+-  /sys/devices/*/*/usb[0-9]*/** r,
+-
+-  # WARNING: this gives the guest direct access to host hardware and specific
+-  # portions of shared memory. This is required for sound using ALSA with kvm,
+-  # but may constitute a security risk. If your environment does not require
+-  # the use of sound in your VMs, feel free to comment out or prepend 'deny' to
+-  # the rules for files in /dev.
+-  /{dev,run}/shm r,
+-  /{dev,run}/shmpulse-shm* r,
+-  /{dev,run}/shmpulse-shm* rwk,
+-  /dev/snd/* rw,
+-  capability ipc_lock,
+-  # 'kill' is not required for sound and is a security risk. Do not enable
+-  # unless you absolutely need it.
+-  deny capability kill,
+-
+-  # Uncomment the following if you need access to /dev/fb*
+-  #/dev/fb* rw,
+-
+-  /etc/pulse/client.conf r,
+-  @{HOME}/.pulse-cookie rwk,
+-  owner /root/.pulse-cookie rwk,
+-  owner /root/.pulse/ rw,
+-  owner /root/.pulse/* rw,
+-  /usr/share/alsa/** r,
+-  owner /tmp/pulse-*/ rw,
+-  owner /tmp/pulse-*/* rw,
+-  /var/lib/dbus/machine-id r,
+-
+-  # access to firmware's etc
+-  /usr/share/kvm/** r,
+-  /usr/share/qemu/** r,
+-  /usr/share/bochs/** r,
+-  /usr/share/openbios/** r,
+-  /usr/share/openhackware/** r,
+-  /usr/share/proll/** r,
+-  /usr/share/vgabios/** r,
+-  /usr/share/seabios/** r,
+-
+-  # access PKI infrastructure
+-  /etc/pki/libvirt-vnc/** r,
+-
+-  # the various binaries
+-  /usr/bin/kvm rmix,
+-  /usr/bin/qemu rmix,
+-  /usr/bin/qemu-system-arm rmix,
+-  /usr/bin/qemu-system-cris rmix,
+-  /usr/bin/qemu-system-i386 rmix,
+-  /usr/bin/qemu-system-m68k rmix,
+-  /usr/bin/qemu-system-microblaze rmix,
+-  /usr/bin/qemu-system-microblazeel rmix,
+-  /usr/bin/qemu-system-mips rmix,
+-  /usr/bin/qemu-system-mips64 rmix,
+-  /usr/bin/qemu-system-mips64el rmix,
+-  /usr/bin/qemu-system-mipsel rmix,
+-  /usr/bin/qemu-system-ppc rmix,
+-  /usr/bin/qemu-system-ppc64 rmix,
+-  /usr/bin/qemu-system-ppcemb rmix,
+-  /usr/bin/qemu-system-sh4 rmix,
+-  /usr/bin/qemu-system-sh4eb rmix,
+-  /usr/bin/qemu-system-sparc rmix,
+-  /usr/bin/qemu-system-sparc64 rmix,
+-  /usr/bin/qemu-system-x86_64 rmix,
+-  /usr/bin/qemu-alpha rmix,
+-  /usr/bin/qemu-arm rmix,
+-  /usr/bin/qemu-armeb rmix,
+-  /usr/bin/qemu-cris rmix,
+-  /usr/bin/qemu-i386 rmix,
+-  /usr/bin/qemu-m68k rmix,
+-  /usr/bin/qemu-microblaze rmix,
+-  /usr/bin/qemu-microblazeel rmix,
+-  /usr/bin/qemu-mips rmix,
+-  /usr/bin/qemu-mipsel rmix,
+-  /usr/bin/qemu-ppc rmix,
+-  /usr/bin/qemu-ppc64 rmix,
+-  /usr/bin/qemu-ppc64abi32 rmix,
+-  /usr/bin/qemu-sh4 rmix,
+-  /usr/bin/qemu-sh4eb rmix,
+-  /usr/bin/qemu-sparc rmix,
+-  /usr/bin/qemu-sparc64 rmix,
+-  /usr/bin/qemu-sparc32plus rmix,
+-  /usr/bin/qemu-sparc64 rmix,
+-  /usr/bin/qemu-x86_64 rmix,
+-
+-  # for save and resume
+-  /bin/dash rmix,
+-  /bin/dd rmix,
+-  /bin/cat rmix,
+-
+-  /usr/libexec/qemu-bridge-helper Cx,
+-  # child profile for bridge helper process
+-  profile /usr/libexec/qemu-bridge-helper {
+-   #include <abstractions/base>
+-
+-   capability setuid,
+-   capability setgid,
+-   capability setpcap,
+-   capability net_admin,
+-
+-   network inet stream,
+-
+-   /dev/net/tun rw,
+-   /etc/qemu/** r,
+-   owner @{PROC}/*/status r,
+-
+-   /usr/libexec/qemu-bridge-helper rmix,
+-  }
+Index: libvirt-1.0.3/examples/apparmor/libvirt-qemu.in
+===================================================================
+--- /dev/null
++++ libvirt-1.0.3/examples/apparmor/libvirt-qemu.in
+@@ -0,0 +1,132 @@
++# Last Modified: Fri Mar 9 14:43:22 2012
++
++  #include <abstractions/base>
++  #include <abstractions/consoles>
++  #include <abstractions/nameservice>
++
++  # required for reading disk images
++  capability dac_override,
++  capability dac_read_search,
++  capability chown,
++  capability setgid,
++
++  network inet stream,
++  network inet6 stream,
++
++  /dev/net/tun rw,
++  /dev/kvm rw,
++  /dev/ptmx rw,
++  /dev/kqemu rw,
++  @{PROC}/*/status r,
++
++  # For hostdev access. The actual devices will be added dynamically
++  /sys/bus/usb/devices/ r,
++  /sys/devices/*/*/usb[0-9]*/** r,
++
++  # WARNING: this gives the guest direct access to host hardware and specific
++  # portions of shared memory. This is required for sound using ALSA with kvm,
++  # but may constitute a security risk. If your environment does not require
++  # the use of sound in your VMs, feel free to comment out or prepend 'deny' to
++  # the rules for files in /dev.
++  /{dev,run}/shm r,
++  /{dev,run}/shmpulse-shm* r,
++  /{dev,run}/shmpulse-shm* rwk,
++  /dev/snd/* rw,
++  capability ipc_lock,
++  # 'kill' is not required for sound and is a security risk. Do not enable
++  # unless you absolutely need it.
++  deny capability kill,
++
++  # Uncomment the following if you need access to /dev/fb*
++  #/dev/fb* rw,
++
++  /etc/pulse/client.conf r,
++  @{HOME}/.pulse-cookie rwk,
++  owner /root/.pulse-cookie rwk,
++  owner /root/.pulse/ rw,
++  owner /root/.pulse/* rw,
++  /usr/share/alsa/** r,
++  owner /tmp/pulse-*/ rw,
++  owner /tmp/pulse-*/* rw,
++  /var/lib/dbus/machine-id r,
++
++  # access to firmware's etc
++  /usr/share/kvm/** r,
++  /usr/share/qemu/** r,
 +  /usr/share/qemu-kvm/** r,
-   /usr/share/bochs/** r,
-   /usr/share/openbios/** r,
-   /usr/share/openhackware/** r,
-@@ -65,6 +66,7 @@
-   # the various binaries
-   /usr/bin/kvm rmix,
-   /usr/bin/qemu rmix,
++  /usr/share/bochs/** r,
++  /usr/share/openbios/** r,
++  /usr/share/openhackware/** r,
++  /usr/share/proll/** r,
++  /usr/share/vgabios/** r,
++  /usr/share/seabios/** r,
++
++  # access PKI infrastructure
++  /etc/pki/libvirt-vnc/** r,
++
++  # the various binaries
++  /usr/bin/kvm rmix,
++  /usr/bin/qemu rmix,
 +  /usr/bin/qemu-kvm rmix,
-   /usr/bin/qemu-system-arm rmix,
-   /usr/bin/qemu-system-cris rmix,
-   /usr/bin/qemu-system-i386 rmix,
++  /usr/bin/qemu-system-arm rmix,
++  /usr/bin/qemu-system-cris rmix,
++  /usr/bin/qemu-system-i386 rmix,
++  /usr/bin/qemu-system-m68k rmix,
++  /usr/bin/qemu-system-microblaze rmix,
++  /usr/bin/qemu-system-microblazeel rmix,
++  /usr/bin/qemu-system-mips rmix,
++  /usr/bin/qemu-system-mips64 rmix,
++  /usr/bin/qemu-system-mips64el rmix,
++  /usr/bin/qemu-system-mipsel rmix,
++  /usr/bin/qemu-system-ppc rmix,
++  /usr/bin/qemu-system-ppc64 rmix,
++  /usr/bin/qemu-system-ppcemb rmix,
++  /usr/bin/qemu-system-sh4 rmix,
++  /usr/bin/qemu-system-sh4eb rmix,
++  /usr/bin/qemu-system-sparc rmix,
++  /usr/bin/qemu-system-sparc64 rmix,
++  /usr/bin/qemu-system-x86_64 rmix,
++  /usr/bin/qemu-alpha rmix,
++  /usr/bin/qemu-arm rmix,
++  /usr/bin/qemu-armeb rmix,
++  /usr/bin/qemu-cris rmix,
++  /usr/bin/qemu-i386 rmix,
++  /usr/bin/qemu-m68k rmix,
++  /usr/bin/qemu-microblaze rmix,
++  /usr/bin/qemu-microblazeel rmix,
++  /usr/bin/qemu-mips rmix,
++  /usr/bin/qemu-mipsel rmix,
++  /usr/bin/qemu-ppc rmix,
++  /usr/bin/qemu-ppc64 rmix,
++  /usr/bin/qemu-ppc64abi32 rmix,
++  /usr/bin/qemu-sh4 rmix,
++  /usr/bin/qemu-sh4eb rmix,
++  /usr/bin/qemu-sparc rmix,
++  /usr/bin/qemu-sparc64 rmix,
++  /usr/bin/qemu-sparc32plus rmix,
++  /usr/bin/qemu-sparc64 rmix,
++  /usr/bin/qemu-x86_64 rmix,
++
++  # for save and resume
++  /bin/dash rmix,
++  /bin/dd rmix,
++  /bin/cat rmix,
++
++  @libdir@/qemu-bridge-helper Cx,
++  # child profile for bridge helper process
++  profile @libdir@/qemu-bridge-helper {
++   #include <abstractions/base>
++
++   capability setuid,
++   capability setgid,
++   capability setpcap,
++   capability net_admin,
++
++   network inet stream,
++
++   /dev/net/tun rw,
++   /etc/qemu/** r,
++   owner @{PROC}/*/status r,
++
++   @libdir@/qemu-bridge-helper rmix,
++  }

libvirt-1.0.2.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d8e8c9d18b7d105ee45342a7a5ac5fc1580057f8a6346b322ba3404888773fde
-size 16375455

libvirt-1.0.3.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8d085259072879ba1c9956dcfb4f016a7a6c938e0a06becf2a5817db4abe215a
+size 16567568

libvirt-guests-init-script.patch

@@ -1,9 +1,9 @@
 Adjust libvirt-guests init files to conform to SUSE standards
 
-Index: libvirt-1.0.2/tools/libvirt-guests.init.in
+Index: libvirt-1.0.3/tools/libvirt-guests.init.in
 ===================================================================
---- libvirt-1.0.2.orig/tools/libvirt-guests.init.in
-+++ libvirt-1.0.2/tools/libvirt-guests.init.in
+--- libvirt-1.0.3.orig/tools/libvirt-guests.init.in
++++ libvirt-1.0.3/tools/libvirt-guests.init.in
 @@ -3,15 +3,15 @@
  # the following is the LSB init header
  #
@@ -28,10 +28,10 @@ Index: libvirt-1.0.2/tools/libvirt-guests.init.in
  ### END INIT INFO
  
  # the following is chkconfig init header
-Index: libvirt-1.0.2/tools/libvirt-guests.sh.in
+Index: libvirt-1.0.3/tools/libvirt-guests.sh.in
 ===================================================================
---- libvirt-1.0.2.orig/tools/libvirt-guests.sh.in
-+++ libvirt-1.0.2/tools/libvirt-guests.sh.in
+--- libvirt-1.0.3.orig/tools/libvirt-guests.sh.in
++++ libvirt-1.0.3/tools/libvirt-guests.sh.in
 @@ -1,13 +1,12 @@
  #!/bin/sh
  
@@ -187,10 +187,10 @@ Index: libvirt-1.0.2/tools/libvirt-guests.sh.in
  esac
 -exit $RETVAL
 +rc_exit
-Index: libvirt-1.0.2/tools/libvirt-guests.sysconf
+Index: libvirt-1.0.3/tools/libvirt-guests.sysconf
 ===================================================================
---- libvirt-1.0.2.orig/tools/libvirt-guests.sysconf
-+++ libvirt-1.0.2/tools/libvirt-guests.sysconf
+--- libvirt-1.0.3.orig/tools/libvirt-guests.sysconf
++++ libvirt-1.0.3/tools/libvirt-guests.sysconf
 @@ -1,19 +1,29 @@
 +## Path: System/Virtualization/libvirt-guests
 +

libvirt-suse-netcontrol.patch

@@ -1,7 +1,7 @@
-Index: libvirt-1.0.2/configure.ac
+Index: libvirt-1.0.3/configure.ac
 ===================================================================
---- libvirt-1.0.2.orig/configure.ac
-+++ libvirt-1.0.2/configure.ac
+--- libvirt-1.0.3.orig/configure.ac
++++ libvirt-1.0.3/configure.ac
 @@ -153,6 +153,7 @@ LIBVIRT_CHECK_DBUS
  LIBVIRT_CHECK_FUSE
  LIBVIRT_CHECK_HAL
@@ -34,11 +34,11 @@ Index: libvirt-1.0.2/configure.ac
  LIBVIRT_RESULT_NUMACTL
  LIBVIRT_RESULT_OPENWSMAN
  LIBVIRT_RESULT_PCIACCESS
-Index: libvirt-1.0.2/src/Makefile.am
+Index: libvirt-1.0.3/src/Makefile.am
 ===================================================================
---- libvirt-1.0.2.orig/src/Makefile.am
-+++ libvirt-1.0.2/src/Makefile.am
-@@ -633,6 +633,10 @@ if WITH_NETCF
+--- libvirt-1.0.3.orig/src/Makefile.am
++++ libvirt-1.0.3/src/Makefile.am
+@@ -643,6 +643,10 @@ if WITH_NETCF
  INTERFACE_DRIVER_SOURCES +=					\
  		interface/interface_backend_netcf.c
  endif
@@ -49,7 +49,7 @@ Index: libvirt-1.0.2/src/Makefile.am
  if WITH_UDEV
  INTERFACE_DRIVER_SOURCES +=					\
  		interface/interface_backend_udev.c
-@@ -1121,11 +1125,16 @@ if WITH_NETCF
+@@ -1130,11 +1134,16 @@ if WITH_NETCF
  libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS)
  libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS)
  else
@@ -66,11 +66,11 @@ Index: libvirt-1.0.2/src/Makefile.am
  if WITH_DRIVER_MODULES
  libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la
  libvirt_driver_interface_la_LDFLAGS += -module -avoid-version
-Index: libvirt-1.0.2/tools/virsh.c
+Index: libvirt-1.0.3/tools/virsh.c
 ===================================================================
---- libvirt-1.0.2.orig/tools/virsh.c
-+++ libvirt-1.0.2/tools/virsh.c
-@@ -2741,6 +2741,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
+--- libvirt-1.0.3.orig/tools/virsh.c
++++ libvirt-1.0.3/tools/virsh.c
+@@ -2812,6 +2812,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE
      vshPrint(ctl, " Interface");
  # if defined(WITH_NETCF)
      vshPrint(ctl, " netcf");
@@ -79,10 +79,10 @@ Index: libvirt-1.0.2/tools/virsh.c
  # elif defined(WITH_UDEV)
      vshPrint(ctl, " udev");
  # endif
-Index: libvirt-1.0.2/src/interface/interface_backend_netcf.c
+Index: libvirt-1.0.3/src/interface/interface_backend_netcf.c
 ===================================================================
---- libvirt-1.0.2.orig/src/interface/interface_backend_netcf.c
-+++ libvirt-1.0.2/src/interface/interface_backend_netcf.c
+--- libvirt-1.0.3.orig/src/interface/interface_backend_netcf.c
++++ libvirt-1.0.3/src/interface/interface_backend_netcf.c
 @@ -23,7 +23,12 @@
  
  #include <config.h>
@@ -146,10 +146,10 @@ Index: libvirt-1.0.2/src/interface/interface_backend_netcf.c
      /* open netcf */
      if (ncf_init(&driverState->netcf, NULL) != 0)
      {
-Index: libvirt-1.0.2/src/interface/interface_driver.c
+Index: libvirt-1.0.3/src/interface/interface_driver.c
 ===================================================================
---- libvirt-1.0.2.orig/src/interface/interface_driver.c
-+++ libvirt-1.0.2/src/interface/interface_driver.c
+--- libvirt-1.0.3.orig/src/interface/interface_driver.c
++++ libvirt-1.0.3/src/interface/interface_driver.c
 @@ -28,8 +28,15 @@ interfaceRegister(void) {
      if (netcfIfaceRegister() == 0)
          return 0;
@@ -167,10 +167,10 @@ Index: libvirt-1.0.2/src/interface/interface_driver.c
      if (udevIfaceRegister() == 0)
          return 0;
  #endif /* WITH_UDEV */
-Index: libvirt-1.0.2/m4/virt-netcontrol.m4
+Index: libvirt-1.0.3/m4/virt-netcontrol.m4
 ===================================================================
 --- /dev/null
-+++ libvirt-1.0.2/m4/virt-netcontrol.m4
++++ libvirt-1.0.3/m4/virt-netcontrol.m4
 @@ -0,0 +1,35 @@
 +dnl The libnetcontrol library
 +dnl

libvirt.changes

@@ -1,3 +1,55 @@
+-------------------------------------------------------------------
+Fri Mar  8 12:00:39 MST 2013 - jfehlig@suse.com
+
+- Fix PCI device attach for xen HVM domains
+  fix-pci-attach-xen-driver.patch
+  FATE#313570
+
+-------------------------------------------------------------------
+Fri Mar  8 09:06:27 MST 2013 - jfehlig@suse.com
+
+- Apparmor security driver: Ensure tapfd's are labled when
+  generating the guest profile.
+  Modified install-apparmor-profiles.patch, added upstream patch
+  ce4557c3-apparmor-tapfd-label.patch
+  bnc#807940
+
+-------------------------------------------------------------------
+Thu Mar  7 09:10:33 MST 2013 - jfehlig@suse.com
+
+- Grant permission to use datagram packets in libvirtd apparmor
+  profile.
+  Remove AF_PACKET.patch, modify install-apparmor-profiles.patch
+  bnc#801145
+
+-------------------------------------------------------------------
+Wed Mar  6 09:14:25 MST 2013 - jfehlig@suse.com
+
+- Add 'managed' PCI passthrough support to legacy xen driver
+  support-managed-pci-xen-driver.patch
+  FATE#313570
+
+-------------------------------------------------------------------
+Tue Mar  5 08:50:33 MST 2013 - jfehlig@suse.com
+
+- Update to libvirt 1.0.3
+  - Introduce virDomainMigrate*CompressionCache APIs
+  - Introduce virDomainGetJobStats API
+  - Add basic support for VDI images
+  - Introduce API virNodeDeviceLookupSCSIHostByWWN
+  - Various locking improvements
+  - Many incremental improvements and bug fixes, see
+    http://libvirt.org/news.html
+  - Drop upstream patches: a6b8bae5-python-generator-fix1.patch,
+    25ea8e47-python-generator-fix2.patch,
+    567779e5-libxl-default-disk-backend.patch
+
+-------------------------------------------------------------------
+Thu Feb 28 17:18:17 MST 2013 - jfehlig@suse.com
+
+- Fix path to qemu-bridge-helper in libvirt-qemu apparmor profile
+  Modified install-apparmor-profiles.patch
+
 -------------------------------------------------------------------
 Mon Feb 25 12:30:24 MST 2013 - jfehlig@suse.com
 

libvirt.spec

@@ -337,7 +337,7 @@ BuildRequires:  systemd
 
 Name:           libvirt
 Url:            http://libvirt.org/
-Version:        1.0.2
+Version:        1.0.3
 Release:        0
 Summary:        A C toolkit to interact with the virtualization capabilities of Linux
 License:        LGPL-2.1+
@@ -417,14 +417,11 @@ Source1:        libvirtd.init
 Source2:        libvirtd-relocation-server.fw
 Source99:       baselibs.conf
 # Upstream patches
-Patch0:         a6b8bae5-python-generator-fix1.patch
-Patch1:         25ea8e47-python-generator-fix2.patch
-Patch2:         567779e5-libxl-default-disk-backend.patch
+Patch0:         ce4557c3-apparmor-tapfd-label.patch
 # Need to go upstream
 Patch100:       xen-name-for-devid.patch
 Patch101:       clone.patch
 Patch102:       xen-pv-cdrom.patch
-Patch103:       AF_PACKET.patch
 # Our patches
 Patch200:       libvirtd-defaults.patch
 Patch201:       libvirtd-init-script.patch
@@ -432,6 +429,8 @@ Patch202:       libvirt-guests-init-script.patch
 Patch203:       virtlockd-init-script.patch
 Patch204:       relax-qemu-usergroup-check.patch
 Patch205:       suse-qemu-conf.patch
+Patch206:       fix-pci-attach-xen-driver.patch
+Patch207:       support-managed-pci-xen-driver.patch
 %if %{with_apparmor}
 Patch250:       install-apparmor-profiles.patch
 %endif
@@ -560,18 +559,17 @@ Authors:
 %prep
 %setup -q
 %patch0 -p1
-%patch1 -p1
-%patch2 -p1
 %patch100 -p1
 %patch101
 %patch102 -p1
-%patch103 -p1
 %patch200 -p1
 %patch201 -p1
 %patch202 -p1
 %patch203 -p1
 %patch204 -p1
 %patch205 -p1
+%patch206 -p1
+%patch207 -p1
 %if %{with_apparmor}
 %patch250 -p1
 %endif

libvirtd-defaults.patch

@@ -1,7 +1,7 @@
-Index: libvirt-1.0.2/daemon/libvirtd.conf
+Index: libvirt-1.0.3/daemon/libvirtd.conf
 ===================================================================
---- libvirt-1.0.2.orig/daemon/libvirtd.conf
-+++ libvirt-1.0.2/daemon/libvirtd.conf
+--- libvirt-1.0.3.orig/daemon/libvirtd.conf
++++ libvirt-1.0.3/daemon/libvirtd.conf
 @@ -18,8 +18,8 @@
  # It is necessary to setup a CA and issue server certificates before
  # using this capability.
@@ -13,10 +13,10 @@ Index: libvirt-1.0.2/daemon/libvirtd.conf
  
  # Listen for unencrypted TCP connections on the public TCP/IP port.
  # NB, must pass the --listen flag to the libvirtd process for this to
-Index: libvirt-1.0.2/daemon/libvirtd-config.c
+Index: libvirt-1.0.3/daemon/libvirtd-config.c
 ===================================================================
---- libvirt-1.0.2.orig/daemon/libvirtd-config.c
-+++ libvirt-1.0.2/daemon/libvirtd-config.c
+--- libvirt-1.0.3.orig/daemon/libvirtd-config.c
++++ libvirt-1.0.3/daemon/libvirtd-config.c
 @@ -233,7 +233,7 @@ daemonConfigNew(bool privileged ATTRIBUT
          return NULL;
      }

libvirtd-init-script.patch

@@ -1,9 +1,9 @@
 Adjust libvirtd sysconfig file to conform to SUSE standards
 
-Index: libvirt-1.0.2/daemon/libvirtd.sysconf
+Index: libvirt-1.0.3/daemon/libvirtd.sysconf
 ===================================================================
---- libvirt-1.0.2.orig/daemon/libvirtd.sysconf
-+++ libvirt-1.0.2/daemon/libvirtd.sysconf
+--- libvirt-1.0.3.orig/daemon/libvirtd.sysconf
++++ libvirt-1.0.3/daemon/libvirtd.sysconf
 @@ -1,16 +1,25 @@
 +## Path: System/Virtualization/libvirt
 +

relax-qemu-usergroup-check.patch

@@ -7,25 +7,29 @@ drivers as loadable modules instead of built-in to the
 daemon.  Then the qemu driver would only be loaded when needed,
 which would never be the case on a xen-only configuration.
 
-Index: libvirt-1.0.2/src/qemu/qemu_conf.c
+Index: libvirt-1.0.3/src/qemu/qemu_conf.c
 ===================================================================
---- libvirt-1.0.2.orig/src/qemu/qemu_conf.c
-+++ libvirt-1.0.2/src/qemu/qemu_conf.c
-@@ -247,7 +247,7 @@ int qemuLoadDriverConfig(virQEMUDriverPt
-         goto no_memory;
+--- libvirt-1.0.3.orig/src/qemu/qemu_conf.c
++++ libvirt-1.0.3/src/qemu/qemu_conf.c
+@@ -439,15 +439,15 @@ int virQEMUDriverConfigLoadFile(virQEMUD
  
-     if (virGetUserID(user, &driver->user) < 0)
+     p = virConfGetValue(conf, "user");
+     CHECK_TYPE("user", VIR_CONF_STRING);
+-    if (p && p->str &&
+-        virGetUserID(p->str, &cfg->user) < 0)
 -        goto cleanup;
-+        VIR_WARN("User %s does not exist! Continuing...", user);
++    if (p && p->str)
++        if (virGetUserID(p->str, &cfg->user) < 0)
++            VIR_WARN("User %s does not exist! Continuing...", p->str);
  
      p = virConfGetValue(conf, "group");
      CHECK_TYPE("group", VIR_CONF_STRING);
-@@ -255,7 +255,7 @@ int qemuLoadDriverConfig(virQEMUDriverPt
-         goto no_memory;
- 
-     if (virGetGroupID(group, &driver->group) < 0)
+-    if (p && p->str &&
+-        virGetGroupID(p->str, &cfg->group) < 0)
 -        goto cleanup;
-+        VIR_WARN("Group %s does not exist! Continuing...", group);
++    if (p && p->str)
++        if (virGetGroupID(p->str, &cfg->group) < 0)
++            VIR_WARN("Group %s does not exist! Continuing...", p->str);
  
-     GET_VALUE_LONG("dynamic_ownership", driver->dynamicOwnership);
+     GET_VALUE_BOOL("dynamic_ownership", cfg->dynamicOwnership);
  

support-managed-pci-xen-driver.patch

@@ -0,0 +1,136 @@
+>From 5aeda96eafd230af55343e7ef835e081ded484aa Mon Sep 17 00:00:00 2001
+From: Chunyan Liu <cyliu@suse.com>
+Date: Fri, 25 Jan 2013 17:37:14 +0800
+Subject: [PATCH] support managed pci devices in xen driver
+
+---
+ src/xenxs/xen_sxpr.c |   22 ++++++++--------------
+ src/xenxs/xen_xm.c   |   28 +++++++++++++++++++++++++++-
+ 2 files changed, 35 insertions(+), 15 deletions(-)
+
+Index: libvirt-1.0.3/src/xenxs/xen_sxpr.c
+===================================================================
+--- libvirt-1.0.3.orig/src/xenxs/xen_sxpr.c
++++ libvirt-1.0.3/src/xenxs/xen_sxpr.c
+@@ -1035,6 +1035,7 @@ xenParseSxprPCI(virDomainDefPtr def,
+         int busID;
+         int slotID;
+         int funcID;
++        int managed;
+ 
+         node = cur->u.s.car;
+         if (!sexpr_lookup(node, "dev"))
+@@ -1082,11 +1083,13 @@ xenParseSxprPCI(virDomainDefPtr def,
+             goto error;
+         }
+ 
++        managed = sexpr_int(node, "dev/opts/managed");
++
+         if (!(dev = virDomainHostdevDefAlloc()))
+            goto error;
+ 
+         dev->mode = VIR_DOMAIN_HOSTDEV_MODE_SUBSYS;
+-        dev->managed = 0;
++        dev->managed = managed;
+         dev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
+         dev->source.subsys.u.pci.domain = domainID;
+         dev->source.subsys.u.pci.bus = busID;
+@@ -2044,11 +2047,14 @@ static void
+ xenFormatSxprPCI(virDomainHostdevDefPtr def,
+                  virBufferPtr buf)
+ {
+-    virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x))",
++    virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x)",
+                       def->source.subsys.u.pci.domain,
+                       def->source.subsys.u.pci.bus,
+                       def->source.subsys.u.pci.slot,
+                       def->source.subsys.u.pci.function);
++    if (def->managed)
++        virBufferAddLit(buf, "(opts (managed 1))");
++    virBufferAddLit(buf, ")");
+ }
+ 
+ 
+@@ -2067,12 +2073,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP
+                     virBufferPtr buf,
+                     int detach)
+ {
+-    if (def->managed) {
+-        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+-                       _("managed PCI devices not supported with XenD"));
+-        return -1;
+-    }
+-
+     virBufferAddLit(buf, "(pci ");
+     xenFormatSxprPCI(def, buf);
+     if (detach)
+@@ -2127,12 +2127,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def,
+     for (i = 0 ; i < def->nhostdevs ; i++) {
+         if (def->hostdevs[i]->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
+             def->hostdevs[i]->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
+-            if (def->hostdevs[i]->managed) {
+-                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+-                               _("managed PCI devices not supported with XenD"));
+-                return -1;
+-            }
+-
+             xenFormatSxprPCI(def->hostdevs[i], buf);
+         }
+     }
+Index: libvirt-1.0.3/src/xenxs/xen_xm.c
+===================================================================
+--- libvirt-1.0.3.orig/src/xenxs/xen_xm.c
++++ libvirt-1.0.3/src/xenxs/xen_xm.c
+@@ -815,6 +815,8 @@ xenParseXM(virConfPtr conf, int xendConf
+             int busID;
+             int slotID;
+             int funcID;
++            char *opt;
++            int managed=0;
+ 
+             domain[0] = bus[0] = slot[0] = func[0] = '\0';
+ 
+@@ -824,6 +826,11 @@ xenParseXM(virConfPtr conf, int xendConf
+             /* pci=['0000:00:1b.0','0000:00:13.0'] */
+             if (!(key = list->str))
+                 goto skippci;
++
++            opt = strchr(key, ',');
++            if (opt)
++                opt++;
++
+             if (!(nextkey = strchr(key, ':')))
+                 goto skippci;
+ 
+@@ -872,10 +879,30 @@ xenParseXM(virConfPtr conf, int xendConf
+             if (virStrToLong_i(func, NULL, 16, &funcID) < 0)
+                 goto skippci;
+ 
++            if (opt) {
++                char opt_managed[2];
++                char *data;
++
++                opt_managed[0] = '\0';
++                data = strchr(opt, '=');
++                data++;
++
++                if (STRPREFIX(opt, "managed=")) {
++                    if (virStrncpy(opt_managed, data, 1, sizeof(opt_managed)) == NULL) {
++                        virReportError(VIR_ERR_INTERNAL_ERROR,
++                                       _("managed option %s too big for destination"),
++                                       data);
++                        goto skippci;
++                    }
++                }
++                if (virStrToLong_i(opt_managed, NULL, 10, &managed) < 0)
++                    goto skippci;
++            }
++
+             if (!(hostdev = virDomainHostdevDefAlloc()))
+                goto cleanup;
+ 
+-            hostdev->managed = 0;
++            hostdev->managed = managed;
+             hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
+             hostdev->source.subsys.u.pci.domain = domainID;
+             hostdev->source.subsys.u.pci.bus = busID;

suse-qemu-conf.patch

@@ -1,7 +1,7 @@
-Index: libvirt-1.0.2/src/qemu/qemu.conf
+Index: libvirt-1.0.3/src/qemu/qemu.conf
 ===================================================================
---- libvirt-1.0.2.orig/src/qemu/qemu.conf
-+++ libvirt-1.0.2/src/qemu/qemu.conf
+--- libvirt-1.0.3.orig/src/qemu/qemu.conf
++++ libvirt-1.0.3/src/qemu/qemu.conf
 @@ -169,7 +169,16 @@
  # a special value; security_driver can be set to that value in
  # isolation, but it cannot appear in a list of drivers.

virtlockd-init-script.patch

@@ -1,9 +1,9 @@
 Adjust virtlockd init files to conform to SUSE standards
 
-Index: libvirt-1.0.2/src/locking/virtlockd.sysconf
+Index: libvirt-1.0.3/src/locking/virtlockd.sysconf
 ===================================================================
---- libvirt-1.0.2.orig/src/locking/virtlockd.sysconf
-+++ libvirt-1.0.2/src/locking/virtlockd.sysconf
+--- libvirt-1.0.3.orig/src/locking/virtlockd.sysconf
++++ libvirt-1.0.3/src/locking/virtlockd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlockd
 +
@@ -12,10 +12,10 @@ Index: libvirt-1.0.2/src/locking/virtlockd.sysconf
  #
  # Pass extra arguments to virtlockd
  #VIRTLOCKD_ARGS=
-Index: libvirt-1.0.2/src/locking/virtlockd.init.in
+Index: libvirt-1.0.3/src/locking/virtlockd.init.in
 ===================================================================
---- libvirt-1.0.2.orig/src/locking/virtlockd.init.in
-+++ libvirt-1.0.2/src/locking/virtlockd.init.in
+--- libvirt-1.0.3.orig/src/locking/virtlockd.init.in
++++ libvirt-1.0.3/src/locking/virtlockd.init.in
 @@ -4,11 +4,13 @@
  # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV
  #

xen-name-for-devid.patch

@@ -14,19 +14,22 @@
     is inactive.  We obviously can't search xenstore when the domain is
     inactive.
 
-Index: libvirt-1.0.2/src/xen/xend_internal.c
+Index: libvirt-1.0.3/src/xen/xend_internal.c
 ===================================================================
---- libvirt-1.0.2.orig/src/xen/xend_internal.c
-+++ libvirt-1.0.2/src/xen/xend_internal.c
-@@ -61,6 +61,7 @@
+--- libvirt-1.0.3.orig/src/xen/xend_internal.c
++++ libvirt-1.0.3/src/xen/xend_internal.c
+@@ -60,8 +60,8 @@
+ #define XEND_RCV_BUF_MAX_LEN (256 * 1024)
  
  static int
- virDomainXMLDevID(virDomainPtr domain,
-+                  virDomainDefPtr domDef,
-                   virDomainDeviceDefPtr dev,
-                   char *class,
-                   char *ref,
-@@ -2760,7 +2761,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr
+-virDomainXMLDevID(virDomainPtr domain, virDomainDeviceDefPtr dev, char *class,
+-                  char *ref, int ref_len);
++virDomainXMLDevID(virDomainPtr domain, virDomainDefPtr domDef,
++                  virDomainDeviceDefPtr dev, char *class, char *ref, int ref_len);
+ 
+ /**
+  * do_connect:
+@@ -2586,7 +2586,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr
  
      sexpr = virBufferContentAndReset(&buf);
  
@@ -35,7 +38,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
          /* device doesn't exist, define it */
          ret = xend_op(domain->conn, domain->name, "op", "device_create",
                        "config", sexpr, NULL);
-@@ -2881,7 +2882,7 @@ xenDaemonUpdateDeviceFlags(virDomainPtr
+@@ -2701,7 +2701,7 @@ xenDaemonUpdateDeviceFlags(virDomainPtr
  
      sexpr = virBufferContentAndReset(&buf);
  
@@ -44,7 +47,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
          virReportError(VIR_ERR_OPERATION_INVALID, "%s",
                         _("requested device does not exist"));
          goto cleanup;
-@@ -2976,7 +2977,7 @@ xenDaemonDetachDeviceFlags(virDomainPtr
+@@ -2790,7 +2790,7 @@ xenDaemonDetachDeviceFlags(virDomainPtr
                                          def, xml, VIR_DOMAIN_XML_INACTIVE)))
          goto cleanup;
  
@@ -53,7 +56,11 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
          goto cleanup;
  
      if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV) {
-@@ -3912,18 +3913,18 @@ struct xenUnifiedDriver xenDaemonDriver
+@@ -3682,21 +3682,22 @@ struct xenUnifiedDriver xenDaemonDriver
+ /**
+  * virDomainXMLDevID:
+  * @domain: pointer to domain object
++ * @domDef: pointer to domain definition object
   * @dev: pointer to device config object
   * @class: Xen device class "vbd" or "vif" (OUT)
   * @ref: Xen device reference (OUT)
@@ -76,7 +83,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
                    virDomainDeviceDefPtr dev,
                    char *class,
                    char *ref,
-@@ -3931,9 +3932,11 @@ virDomainXMLDevID(virDomainPtr domain,
+@@ -3704,9 +3705,11 @@ virDomainXMLDevID(virDomainPtr domain,
  {
      xenUnifiedPrivatePtr priv = domain->conn->privateData;
      char *xref;
@@ -89,7 +96,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
          if (dev->data.disk->driverName &&
              STREQ(dev->data.disk->driverName, "tap"))
              strcpy(class, "tap");
-@@ -3943,19 +3946,17 @@ virDomainXMLDevID(virDomainPtr domain,
+@@ -3716,19 +3719,17 @@ virDomainXMLDevID(virDomainPtr domain,
          else
              strcpy(class, "vbd");
  
@@ -120,7 +127,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
      } else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
          char mac[30];
          virDomainNetDefPtr def = dev->data.net;
-@@ -3965,17 +3966,22 @@ virDomainXMLDevID(virDomainPtr domain,
+@@ -3738,17 +3739,22 @@ virDomainXMLDevID(virDomainPtr domain,
  
          strcpy(class, "vif");
  
@@ -154,7 +161,7 @@ Index: libvirt-1.0.2/src/xen/xend_internal.c
      } else if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
                 dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
                 dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) {
-@@ -3993,17 +3999,44 @@ virDomainXMLDevID(virDomainPtr domain,
+@@ -3766,17 +3772,44 @@ virDomainXMLDevID(virDomainPtr domain,
  
          strcpy(class, "pci");
  

xen-pv-cdrom.patch

@@ -1,7 +1,7 @@
-Index: libvirt-1.0.2/src/xenxs/xen_sxpr.c
+Index: libvirt-1.0.3/src/xenxs/xen_sxpr.c
 ===================================================================
---- libvirt-1.0.2.orig/src/xenxs/xen_sxpr.c
-+++ libvirt-1.0.2/src/xenxs/xen_sxpr.c
+--- libvirt-1.0.3.orig/src/xenxs/xen_sxpr.c
++++ libvirt-1.0.3/src/xenxs/xen_sxpr.c
 @@ -341,7 +341,7 @@ error:
  static int
  xenParseSxprDisks(virDomainDefPtr def,