Accepting request 692393 from home:jfehlig:branches:Virtualization

- CVE-2019-3886: disallow virDomainGetHostname and virDomainGetTime
  for read-only connections and users
  CVE-2019-3886-api.patch, CVE-2019-3886-remote.patch
  bsc#1131595
- spec: BuildRequires rpcgen since CVE-2019-3886-remote.patch
  touches remote_protocol.x

- Update to libvirt 5.2.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    4ec3cf9a-apparmor-rules.patch,
    f38ef0fa-no-RDMA-check.patch,
    411cdaf8-apparmor-check-profile-name.patch,
    696239ba-qemu-fix-query-cpus-fast.patch,
    09eb1ae0-conf-add-xenbus-controller.patch,
    fb059757-libxl-add-xenbus-controller.patch,
    ec5a1191-libxl-support-max-grant-frames.patch,
    5a64c202-xenconfig-support-max-grant-frames.patch
  - Added patches:
    ff376c62-tests-fix-mocking-stat-lstat.patch,
    mprivozn-test-fix-proposal.patch

OBS-URL: https://build.opensuse.org/request/show/692393
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=745

0001-Extract-stats-functions-from-the-qemu-driver.patch

@@ -18,10 +18,10 @@ them.
  create mode 100644 src/conf/domain_stats.c
  create mode 100644 src/conf/domain_stats.h
 
-Index: libvirt-5.1.0/src/conf/domain_stats.c
+Index: libvirt-5.2.0/src/conf/domain_stats.c
 ===================================================================
 --- /dev/null
-+++ libvirt-5.1.0/src/conf/domain_stats.c
++++ libvirt-5.2.0/src/conf/domain_stats.c
 @@ -0,0 +1,139 @@
 +/*
 + * domain_stats.c: domain stats extraction helpers
@@ -162,10 +162,10 @@ Index: libvirt-5.1.0/src/conf/domain_stats.c
 +}
 +
 +#undef STATS_ADD_NET_PARAM
-Index: libvirt-5.1.0/src/conf/domain_stats.h
+Index: libvirt-5.2.0/src/conf/domain_stats.h
 ===================================================================
 --- /dev/null
-+++ libvirt-5.1.0/src/conf/domain_stats.h
++++ libvirt-5.2.0/src/conf/domain_stats.h
 @@ -0,0 +1,64 @@
 +/*
 + * domain_stats.h: domain stats extraction helpers
@@ -231,11 +231,11 @@ Index: libvirt-5.1.0/src/conf/domain_stats.h
 +                               int *maxparams);
 +
 +#endif /* __DOMAIN_STATS_H */
-Index: libvirt-5.1.0/src/libvirt_private.syms
+Index: libvirt-5.2.0/src/libvirt_private.syms
 ===================================================================
---- libvirt-5.1.0.orig/src/libvirt_private.syms
-+++ libvirt-5.1.0/src/libvirt_private.syms
-@@ -662,6 +662,9 @@ virDomainConfNWFilterInstantiate;
+--- libvirt-5.2.0.orig/src/libvirt_private.syms
++++ libvirt-5.2.0/src/libvirt_private.syms
+@@ -671,6 +671,9 @@ virDomainConfNWFilterInstantiate;
  virDomainConfNWFilterTeardown;
  virDomainConfVMNWFilterTeardown;
  
@@ -245,7 +245,7 @@ Index: libvirt-5.1.0/src/libvirt_private.syms
  
  # conf/interface_conf.h
  virInterfaceDefFormat;
-@@ -1547,6 +1550,7 @@ virCgroupGetMemoryUsage;
+@@ -1583,6 +1586,7 @@ virCgroupGetMemoryUsage;
  virCgroupGetMemSwapHardLimit;
  virCgroupGetMemSwapUsage;
  virCgroupGetPercpuStats;
@@ -253,10 +253,10 @@ Index: libvirt-5.1.0/src/libvirt_private.syms
  virCgroupHasController;
  virCgroupHasEmptyTasks;
  virCgroupKillPainfully;
-Index: libvirt-5.1.0/src/qemu/qemu_driver.c
+Index: libvirt-5.2.0/src/qemu/qemu_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-5.1.0/src/qemu/qemu_driver.c
+--- libvirt-5.2.0.orig/src/qemu/qemu_driver.c
++++ libvirt-5.2.0/src/qemu/qemu_driver.c
 @@ -67,6 +67,7 @@
  #include "virarptable.h"
  #include "viruuid.h"
@@ -265,7 +265,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  #include "domain_audit.h"
  #include "node_device_conf.h"
  #include "virpci.h"
-@@ -20042,21 +20043,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr
+@@ -19941,21 +19942,7 @@ qemuDomainGetStatsState(virQEMUDriverPtr
                          int *maxparams,
                          unsigned int privflags ATTRIBUTE_UNUSED)
  {
@@ -288,7 +288,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  }
  
  
-@@ -20246,37 +20233,7 @@ qemuDomainGetStatsCpuCgroup(virDomainObj
+@@ -20145,37 +20132,7 @@ qemuDomainGetStatsCpuCgroup(virDomainObj
                              int *maxparams)
  {
      qemuDomainObjPrivatePtr priv = dom->privateData;
@@ -327,7 +327,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  }
  
  
-@@ -20470,44 +20427,6 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr
+@@ -20369,44 +20326,6 @@ qemuDomainGetStatsVcpu(virQEMUDriverPtr
      return ret;
  }
  
@@ -372,7 +372,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  static int
  qemuDomainGetStatsInterface(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
                              virDomainObjPtr dom,
-@@ -20515,68 +20434,9 @@ qemuDomainGetStatsInterface(virQEMUDrive
+@@ -20414,68 +20333,9 @@ qemuDomainGetStatsInterface(virQEMUDrive
                              int *maxparams,
                              unsigned int privflags ATTRIBUTE_UNUSED)
  {
@@ -442,7 +442,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  #define QEMU_ADD_BLOCK_PARAM_UI(record, maxparams, num, name, value) \
      do { \
          char param_name[VIR_TYPED_PARAM_FIELD_LENGTH]; \
-@@ -20809,10 +20669,10 @@ qemuDomainGetStatsBlockExportHeader(virD
+@@ -20708,10 +20568,10 @@ qemuDomainGetStatsBlockExportHeader(virD
  {
      int ret = -1;
  
@@ -455,7 +455,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
      if (src->id)
          QEMU_ADD_BLOCK_PARAM_UI(records, nrecords, recordnr, "backingIndex",
                                  src->id);
-@@ -20966,7 +20826,7 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
+@@ -20865,7 +20725,7 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
       * after the iteration than it is to iterate twice; but we still
       * want count listed first.  */
      count_index = record->nparams;
@@ -464,7 +464,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  
      for (i = 0; i < dom->def->ndisks; i++) {
          if (qemuDomainGetStatsBlockExportDisk(dom->def->disks[i], stats, nodestats,
-@@ -20991,8 +20851,6 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
+@@ -20890,8 +20750,6 @@ qemuDomainGetStatsBlock(virQEMUDriverPtr
  
  #undef QEMU_ADD_BLOCK_PARAM_ULL
  
@@ -473,7 +473,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  #define QEMU_ADD_IOTHREAD_PARAM_UI(record, maxparams, id, name, value) \
      do { \
          char param_name[VIR_TYPED_PARAM_FIELD_LENGTH]; \
-@@ -21044,7 +20902,7 @@ qemuDomainGetStatsIOThread(virQEMUDriver
+@@ -20943,7 +20801,7 @@ qemuDomainGetStatsIOThread(virQEMUDriver
      if (niothreads == 0)
          return 0;
  
@@ -482,7 +482,7 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  
      for (i = 0; i < niothreads; i++) {
          if (iothreads[i]->poll_valid) {
-@@ -21077,8 +20935,6 @@ qemuDomainGetStatsIOThread(virQEMUDriver
+@@ -20976,8 +20834,6 @@ qemuDomainGetStatsIOThread(virQEMUDriver
  
  #undef QEMU_ADD_IOTHREAD_PARAM_ULL
  
@@ -491,10 +491,10 @@ Index: libvirt-5.1.0/src/qemu/qemu_driver.c
  static int
  qemuDomainGetStatsPerfOneEvent(virPerfPtr perf,
                                 virPerfEventType type,
-Index: libvirt-5.1.0/src/util/vircgroup.c
+Index: libvirt-5.2.0/src/util/vircgroup.c
 ===================================================================
---- libvirt-5.1.0.orig/src/util/vircgroup.c
-+++ libvirt-5.1.0/src/util/vircgroup.c
+--- libvirt-5.2.0.orig/src/util/vircgroup.c
++++ libvirt-5.2.0/src/util/vircgroup.c
 @@ -2800,6 +2800,44 @@ virCgroupControllerAvailable(int control
      return ret;
  }
@@ -556,10 +556,10 @@ Index: libvirt-5.1.0/src/util/vircgroup.c
  int
  virCgroupNewPartition(const char *path ATTRIBUTE_UNUSED,
                        bool create ATTRIBUTE_UNUSED,
-Index: libvirt-5.1.0/src/util/vircgroup.h
+Index: libvirt-5.2.0/src/util/vircgroup.h
 ===================================================================
---- libvirt-5.1.0.orig/src/util/vircgroup.h
-+++ libvirt-5.1.0/src/util/vircgroup.h
+--- libvirt-5.2.0.orig/src/util/vircgroup.h
++++ libvirt-5.2.0/src/util/vircgroup.h
 @@ -284,4 +284,9 @@ int virCgroupSetOwner(virCgroupPtr cgrou
  int virCgroupHasEmptyTasks(virCgroupPtr cgroup, int controller);
  
@@ -570,10 +570,10 @@ Index: libvirt-5.1.0/src/util/vircgroup.h
 +                         int *maxparams);
 +
  #endif /* LIBVIRT_VIRCGROUP_H */
-Index: libvirt-5.1.0/src/conf/Makefile.inc.am
+Index: libvirt-5.2.0/src/conf/Makefile.inc.am
 ===================================================================
---- libvirt-5.1.0.orig/src/conf/Makefile.inc.am
-+++ libvirt-5.1.0/src/conf/Makefile.inc.am
+--- libvirt-5.2.0.orig/src/conf/Makefile.inc.am
++++ libvirt-5.2.0/src/conf/Makefile.inc.am
 @@ -20,6 +20,8 @@ DOMAIN_CONF_SOURCES = \
  	conf/domain_audit.h \
  	conf/domain_nwfilter.c \
@@ -582,4 +582,4 @@ Index: libvirt-5.1.0/src/conf/Makefile.inc.am
 +	conf/domain_stats.h \
  	conf/virsavecookie.c \
  	conf/virsavecookie.h \
- 	conf/snapshot_conf.c \
+ 	conf/moment_conf.c \

0001-libxl-add-support-for-BlockResize-API.patch

@@ -19,11 +19,11 @@ reworking this patch and submitting it to upstream libvirt.
  src/libxl/libxl_driver.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++
  1 file changed, 91 insertions(+)
 
-Index: libvirt-5.1.0/src/libxl/libxl_driver.c
+Index: libvirt-5.2.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.1.0/src/libxl/libxl_driver.c
-@@ -5252,6 +5252,97 @@ libxlDomainMemoryStats(virDomainPtr dom,
+--- libvirt-5.2.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.2.0/src/libxl/libxl_driver.c
+@@ -5245,6 +5245,97 @@ libxlDomainMemoryStats(virDomainPtr dom,
  
  #undef LIBXL_SET_MEMSTAT
  
@@ -121,7 +121,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_driver.c
  static int
  libxlDomainGetJobInfo(virDomainPtr dom,
                        virDomainJobInfoPtr info)
-@@ -6636,6 +6727,7 @@ static virHypervisorDriver libxlHypervis
+@@ -6629,6 +6720,7 @@ static virHypervisorDriver libxlHypervis
  #endif
      .nodeGetFreeMemory = libxlNodeGetFreeMemory, /* 0.9.0 */
      .nodeGetCellsFreeMemory = libxlNodeGetCellsFreeMemory, /* 1.1.1 */

0002-lxc-implement-connectGetAllDomainStats.patch

@@ -9,10 +9,10 @@ them using the existing API.
  src/lxc/lxc_driver.c | 138 +++++++++++++++++++++++++++++++++++++++++++++++++++
  1 file changed, 138 insertions(+)
 
-Index: libvirt-5.1.0/src/lxc/lxc_driver.c
+Index: libvirt-5.2.0/src/lxc/lxc_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/lxc/lxc_driver.c
-+++ libvirt-5.1.0/src/lxc/lxc_driver.c
+--- libvirt-5.2.0.orig/src/lxc/lxc_driver.c
++++ libvirt-5.2.0/src/lxc/lxc_driver.c
 @@ -75,6 +75,7 @@
  #include "viraccessapichecklxc.h"
  #include "virhostdev.h"
@@ -21,7 +21,7 @@ Index: libvirt-5.1.0/src/lxc/lxc_driver.c
  
  #define VIR_FROM_THIS VIR_FROM_LXC
  
-@@ -5396,6 +5397,142 @@ lxcDomainHasManagedSaveImage(virDomainPt
+@@ -5374,6 +5375,142 @@ lxcDomainHasManagedSaveImage(virDomainPt
      return ret;
  }
  
@@ -164,7 +164,7 @@ Index: libvirt-5.1.0/src/lxc/lxc_driver.c
  
  /* Function Tables */
  static virHypervisorDriver lxcHypervisorDriver = {
-@@ -5491,6 +5628,7 @@ static virHypervisorDriver lxcHypervisor
+@@ -5469,6 +5606,7 @@ static virHypervisorDriver lxcHypervisor
      .nodeGetFreePages = lxcNodeGetFreePages, /* 1.2.6 */
      .nodeAllocPages = lxcNodeAllocPages, /* 1.2.9 */
      .domainHasManagedSaveImage = lxcDomainHasManagedSaveImage, /* 1.2.13 */

09eb1ae0-conf-add-xenbus-controller.patch

@@ -1,201 +0,0 @@
-commit 09eb1ae0ec7e592133eb98f4a0fe2f6daa5ba2d9
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Wed Mar 6 15:59:29 2019 -0700
-
-    conf: Add a new 'xenbus' controller type
-    
-    xenbus is virtual controller (akin to virtio controllers) for Xen
-    paravirtual devices. Although all Xen VMs have a xenbus, it has
-    never been modeled in libvirt, or in Xen native VM config format
-    for that matter.
-    
-    Recently there have been requests to support Xen's max_grant_frames
-    setting in libvirt. max_grant_frames is best modeled as an attribute
-    of xenbus. It describes the maximum IO buffer space (or DMA space)
-    available in xenbus for use by connected paravirtual devices. This
-    patch introduces a new xenbus controller type that includes a
-    maxGrantFrames attribute.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.1.0/docs/formatdomain.html.in
-===================================================================
---- libvirt-5.1.0.orig/docs/formatdomain.html.in
-+++ libvirt-5.1.0/docs/formatdomain.html.in
-@@ -4108,6 +4108,7 @@
-     &lt;driver iothread='4'/&gt;
-     &lt;address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/&gt;
-   &lt;/controller&gt;
-+  &lt;controller type='xenbus' maxGrantFrames='64'/&gt;
-   ...
- &lt;/devices&gt;
- ...</pre>
-@@ -4155,6 +4156,11 @@
-         <dd><span class="since">Since 3.10.0</span> for the vbox driver, the
-         <code>ide</code> controller has an optional attribute
-         <code>model</code>, which is one of "piix3", "piix4" or "ich6".</dd>
-+        <dt><code>xenbus</code></dt>
-+        <dd><span class="since">Since 5.2.0</span>, the <code>xenbus</code>
-+        controller has an optional attribute <code>maxGrantFrames</code>,
-+        which specifies the maximum number of grant frames the controller
-+        makes available for connected devices.</dd>
-       </dl>
- 
-     <p>
-Index: libvirt-5.1.0/docs/schemas/domaincommon.rng
-===================================================================
---- libvirt-5.1.0.orig/docs/schemas/domaincommon.rng
-+++ libvirt-5.1.0/docs/schemas/domaincommon.rng
-@@ -2315,6 +2315,17 @@
-               </attribute>
-             </optional>
-           </group>
-+          <!-- xenbus has an optional attribute "maxGrantFrames" -->
-+          <group>
-+            <attribute name="type">
-+              <value>xenbus</value>
-+            </attribute>
-+            <optional>
-+              <attribute name="maxGrantFrames">
-+                <ref name="unsignedInt"/>
-+              </attribute>
-+            </optional>
-+          </group>
-         </choice>
-         <optional>
-           <element name="driver">
-Index: libvirt-5.1.0/src/conf/domain_conf.c
-===================================================================
---- libvirt-5.1.0.orig/src/conf/domain_conf.c
-+++ libvirt-5.1.0/src/conf/domain_conf.c
-@@ -347,6 +347,7 @@ VIR_ENUM_IMPL(virDomainController, VIR_D
-               "ccid",
-               "usb",
-               "pci",
-+              "xenbus",
- );
- 
- VIR_ENUM_IMPL(virDomainControllerModelPCI, VIR_DOMAIN_CONTROLLER_MODEL_PCI_LAST,
-@@ -2041,6 +2042,9 @@ virDomainControllerDefNew(virDomainContr
-         def->opts.pciopts.targetIndex = -1;
-         def->opts.pciopts.numaNode = -1;
-         break;
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-+        def->opts.xenbusopts.maxGrantFrames = -1;
-+        break;
-     case VIR_DOMAIN_CONTROLLER_TYPE_IDE:
-     case VIR_DOMAIN_CONTROLLER_TYPE_FDC:
-     case VIR_DOMAIN_CONTROLLER_TYPE_SCSI:
-@@ -10791,6 +10795,20 @@ virDomainControllerDefParseXML(virDomain
-             def->opts.pciopts.numaNode = numaNode;
-         }
-         break;
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS: {
-+        VIR_AUTOFREE(char *) gntframes = virXMLPropString(node, "maxGrantFrames");
-+
-+        if (gntframes) {
-+            int r = virStrToLong_i(gntframes, NULL, 10,
-+                                   &def->opts.xenbusopts.maxGrantFrames);
-+            if (r != 0 || def->opts.xenbusopts.maxGrantFrames < 0) {
-+                virReportError(VIR_ERR_INTERNAL_ERROR,
-+                               _("Invalid maxGrantFrames: %s"), gntframes);
-+                goto error;
-+            }
-+        }
-+        break;
-+    }
- 
-     default:
-         break;
-@@ -24752,6 +24770,13 @@ virDomainControllerDefFormat(virBufferPt
-         }
-         break;
- 
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-+        if (def->opts.xenbusopts.maxGrantFrames != -1) {
-+            virBufferAsprintf(buf, " maxGrantFrames='%d'",
-+                              def->opts.xenbusopts.maxGrantFrames);
-+        }
-+        break;
-+
-     default:
-         break;
-     }
-Index: libvirt-5.1.0/src/conf/domain_conf.h
-===================================================================
---- libvirt-5.1.0.orig/src/conf/domain_conf.h
-+++ libvirt-5.1.0/src/conf/domain_conf.h
-@@ -687,6 +687,7 @@ typedef enum {
-     VIR_DOMAIN_CONTROLLER_TYPE_CCID,
-     VIR_DOMAIN_CONTROLLER_TYPE_USB,
-     VIR_DOMAIN_CONTROLLER_TYPE_PCI,
-+    VIR_DOMAIN_CONTROLLER_TYPE_XENBUS,
- 
-     VIR_DOMAIN_CONTROLLER_TYPE_LAST
- } virDomainControllerType;
-@@ -819,6 +820,12 @@ struct _virDomainUSBControllerOpts {
-     int ports;   /* -1 == undef */
- };
- 
-+typedef struct _virDomainXenbusControllerOpts virDomainXenbusControllerOpts;
-+typedef virDomainXenbusControllerOpts *virDomainXenbusControllerOptsPtr;
-+struct _virDomainXenbusControllerOpts {
-+    int maxGrantFrames;   /* -1 == undef */
-+};
-+
- /* Stores the virtual disk controller configuration */
- struct _virDomainControllerDef {
-     int type;
-@@ -833,6 +840,7 @@ struct _virDomainControllerDef {
-         virDomainVirtioSerialOpts vioserial;
-         virDomainPCIControllerOpts pciopts;
-         virDomainUSBControllerOpts usbopts;
-+        virDomainXenbusControllerOpts xenbusopts;
-     } opts;
-     virDomainDeviceInfo info;
-     virDomainVirtioOptionsPtr virtio;
-Index: libvirt-5.1.0/src/qemu/qemu_command.c
-===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_command.c
-+++ libvirt-5.1.0/src/qemu/qemu_command.c
-@@ -3024,6 +3024,7 @@ qemuBuildControllerDevStr(const virDomai
- 
-     case VIR_DOMAIN_CONTROLLER_TYPE_IDE:
-     case VIR_DOMAIN_CONTROLLER_TYPE_FDC:
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-     case VIR_DOMAIN_CONTROLLER_TYPE_LAST:
-         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                        _("Unsupported controller type: %s"),
-Index: libvirt-5.1.0/src/qemu/qemu_domain.c
-===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_domain.c
-+++ libvirt-5.1.0/src/qemu/qemu_domain.c
-@@ -5841,6 +5841,7 @@ qemuDomainDeviceDefValidateController(co
-     case VIR_DOMAIN_CONTROLLER_TYPE_VIRTIO_SERIAL:
-     case VIR_DOMAIN_CONTROLLER_TYPE_CCID:
-     case VIR_DOMAIN_CONTROLLER_TYPE_USB:
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-     case VIR_DOMAIN_CONTROLLER_TYPE_LAST:
-         break;
-     }
-@@ -6459,6 +6460,7 @@ qemuDomainControllerDefPostParse(virDoma
-     case VIR_DOMAIN_CONTROLLER_TYPE_CCID:
-     case VIR_DOMAIN_CONTROLLER_TYPE_IDE:
-     case VIR_DOMAIN_CONTROLLER_TYPE_FDC:
-+    case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-     case VIR_DOMAIN_CONTROLLER_TYPE_LAST:
-         break;
-     }
-Index: libvirt-5.1.0/src/qemu/qemu_domain_address.c
-===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_domain_address.c
-+++ libvirt-5.1.0/src/qemu/qemu_domain_address.c
-@@ -669,6 +669,7 @@ qemuDomainDeviceCalculatePCIConnectFlags
- 
-         case VIR_DOMAIN_CONTROLLER_TYPE_FDC:
-         case VIR_DOMAIN_CONTROLLER_TYPE_CCID:
-+        case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
-         case VIR_DOMAIN_CONTROLLER_TYPE_LAST:
-             /* should be 0 */
-             return pciFlags;

411cdaf8-apparmor-check-profile-name.patch

@@ -1,45 +0,0 @@
-commit 411cdaf884f35b8dac2be17fcc24e052e11b7d60
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Fri Mar 1 14:34:17 2019 -0700
-
-    apparmor: Check libvirtd profile status by name
-    
-    Commit a3ab6d42 changed the libvirtd profile to a named profile,
-    breaking the apparmor driver's ability to detect if the profile is
-    active. When the apparmor driver loads it checks the status of the
-    libvirtd profile using the full binary path, which fails since the
-    profile is now referenced by name. If the apparmor driver is
-    explicitly requested in /etc/libvirt/qemu.conf, then libvirtd fails
-    to load too.
-    
-    Instead of only checking the profile status by full binary path,
-    also check by profile name. The full path check is retained in case
-    users have a customized libvirtd profile with full path.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Acked-by: Jamie Strandboge <jamie@canonical.com>
-
-Index: libvirt-5.1.0/src/security/security_apparmor.c
-===================================================================
---- libvirt-5.1.0.orig/src/security/security_apparmor.c
-+++ libvirt-5.1.0/src/security/security_apparmor.c
-@@ -257,10 +257,16 @@ use_apparmor(void)
-     if (access(APPARMOR_PROFILES_PATH, R_OK) != 0)
-         goto cleanup;
- 
-+    /* First check profile status using full binary path. If that fails
-+     * check using profile name.
-+     */
-     rc = profile_status(libvirt_daemon, 1);
--    /* Error or unconfined should all result in -1*/
--    if (rc < 0)
--        rc = -1;
-+    if (rc < 0) {
-+        rc = profile_status("libvirtd", 1);
-+        /* Error or unconfined should all result in -1*/
-+        if (rc < 0)
-+            rc = -1;
-+    }
- 
-  cleanup:
-     VIR_FREE(libvirt_daemon);

4ec3cf9a-apparmor-rules.patch

@@ -1,33 +0,0 @@
-commit 4ec3cf9a0fc3d76058ea363a6c35df19e67e6261
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Fri Mar 1 15:05:36 2019 -0700
-
-    apparmor: Add ptrace and signal rules for named profile
-    
-    Commit a3ab6d42 changed the libvirtd profile to a named profile
-    but neglected to accommodate the change in the qemu profile
-    ptrace and signal rules. As a result, libvirtd is unable to
-    signal confined qemu processes and hence unable to shutdown
-    or destroy VMs.
-    
-    Add ptrace and signal rules that reference the libvirtd profile
-    by name in addition to full binary path.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Acked-by: Jamie Strandboge <jamie@canonical.com>
-
-Index: libvirt-5.1.0/src/security/apparmor/libvirt-qemu
-===================================================================
---- libvirt-5.1.0.orig/src/security/apparmor/libvirt-qemu
-+++ libvirt-5.1.0/src/security/apparmor/libvirt-qemu
-@@ -16,8 +16,10 @@
-   network inet stream,
-   network inet6 stream,
- 
-+  ptrace (readby, tracedby) peer=libvirtd,
-   ptrace (readby, tracedby) peer=/usr/sbin/libvirtd,
- 
-+  signal (receive) peer=libvirtd,
-   signal (receive) peer=/usr/sbin/libvirtd,
- 
-   /dev/net/tun rw,

5a64c202-xenconfig-support-max-grant-frames.patch

@@ -1,170 +0,0 @@
-commit 5a64c202ccdac82f5868e638e5619e2b48c0444b
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Fri Mar 8 11:51:57 2019 -0700
-
-    xenconfig: Add support for max_grant_frames
-    
-    Add support in the domXML<->native config converter for
-    max_grant_frames. Include a test for the conversion.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.1.0/src/xenconfig/xen_xl.c
-===================================================================
---- libvirt-5.1.0.orig/src/xenconfig/xen_xl.c
-+++ libvirt-5.1.0/src/xenconfig/xen_xl.c
-@@ -607,6 +607,34 @@ xenParseXLVnuma(virConfPtr conf,
- }
- #endif
- 
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+static int
-+xenParseXLGntLimits(virConfPtr conf, virDomainDefPtr def)
-+{
-+    unsigned long max_gntframes;
-+    int ctlr_idx;
-+    virDomainControllerDefPtr xenbus_ctlr;
-+
-+    if (xenConfigGetULong(conf, "max_grant_frames", &max_gntframes, 0) < 0)
-+        return -1;
-+
-+    if (max_gntframes <= 0)
-+        return 0;
-+
-+    ctlr_idx = virDomainControllerFindByType(def, VIR_DOMAIN_CONTROLLER_TYPE_XENBUS);
-+    if (ctlr_idx == -1)
-+        xenbus_ctlr = virDomainDefAddController(def, VIR_DOMAIN_CONTROLLER_TYPE_XENBUS, -1, -1);
-+    else
-+        xenbus_ctlr = def->controllers[ctlr_idx];
-+
-+    if (xenbus_ctlr == NULL)
-+        return -1;
-+
-+    xenbus_ctlr->opts.xenbusopts.maxGrantFrames = max_gntframes;
-+    return 0;
-+}
-+#endif
-+
- static int
- xenParseXLDiskSrc(virDomainDiskDefPtr disk, char *srcstr)
- {
-@@ -1165,6 +1193,11 @@ xenParseXL(virConfPtr conf,
-         goto cleanup;
- #endif
- 
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+    if (xenParseXLGntLimits(conf, def) < 0)
-+        goto cleanup;
-+#endif
-+
-     if (xenParseXLCPUID(conf, def) < 0)
-         goto cleanup;
- 
-@@ -1517,6 +1550,24 @@ xenFormatXLDomainVnuma(virConfPtr conf,
- }
- #endif
- 
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+static int
-+xenFormatXLGntLimits(virConfPtr conf, virDomainDefPtr def)
-+{
-+    size_t i;
-+
-+    for (i = 0; i < def->ncontrollers; i++) {
-+        if (def->controllers[i]->type == VIR_DOMAIN_CONTROLLER_TYPE_XENBUS &&
-+            def->controllers[i]->opts.xenbusopts.maxGrantFrames > 0) {
-+            if (xenConfigSetInt(conf, "max_grant_frames",
-+                                def->controllers[i]->opts.xenbusopts.maxGrantFrames) < 0)
-+                return -1;
-+        }
-+    }
-+    return 0;
-+}
-+#endif
-+
- static char *
- xenFormatXLDiskSrcNet(virStorageSourcePtr src)
- {
-@@ -2166,6 +2217,11 @@ xenFormatXL(virDomainDefPtr def, virConn
-         goto cleanup;
- #endif
- 
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+    if (xenFormatXLGntLimits(conf, def) < 0)
-+        goto cleanup;
-+#endif
-+
-     if (xenFormatXLDomainDisks(conf, def) < 0)
-         goto cleanup;
- 
-Index: libvirt-5.1.0/tests/xlconfigdata/test-max-gntframes.cfg
-===================================================================
---- /dev/null
-+++ libvirt-5.1.0/tests/xlconfigdata/test-max-gntframes.cfg
-@@ -0,0 +1,13 @@
-+name = "XenGuest1"
-+uuid = "45b60f51-88a9-47a8-a3b3-5e66d71b2283"
-+maxmem = 512
-+memory = 512
-+vcpus = 1
-+localtime = 0
-+on_poweroff = "preserve"
-+on_reboot = "restart"
-+on_crash = "preserve"
-+vif = [ "mac=5a:36:0e:be:00:09" ]
-+bootloader = "/usr/bin/pygrub"
-+max_grant_frames = 64
-+disk = [ "format=qcow2,vdev=xvda,access=rw,backendtype=qdisk,target=/var/lib/xen/images/debian/disk.qcow2" ]
-Index: libvirt-5.1.0/tests/xlconfigdata/test-max-gntframes.xml
-===================================================================
---- /dev/null
-+++ libvirt-5.1.0/tests/xlconfigdata/test-max-gntframes.xml
-@@ -0,0 +1,32 @@
-+<domain type='xen'>
-+  <name>XenGuest1</name>
-+  <uuid>45b60f51-88a9-47a8-a3b3-5e66d71b2283</uuid>
-+  <memory unit='KiB'>524288</memory>
-+  <currentMemory unit='KiB'>524288</currentMemory>
-+  <vcpu placement='static'>1</vcpu>
-+  <bootloader>/usr/bin/pygrub</bootloader>
-+  <os>
-+    <type arch='x86_64' machine='xenpv'>linux</type>
-+  </os>
-+  <clock offset='utc' adjustment='reset'/>
-+  <on_poweroff>preserve</on_poweroff>
-+  <on_reboot>restart</on_reboot>
-+  <on_crash>preserve</on_crash>
-+  <devices>
-+    <disk type='file' device='disk'>
-+      <driver name='qemu' type='qcow2'/>
-+      <source file='/var/lib/xen/images/debian/disk.qcow2'/>
-+      <target dev='xvda' bus='xen'/>
-+    </disk>
-+    <controller type='xenbus' index='0' maxGrantFrames='64'/>
-+    <interface type='ethernet'>
-+      <mac address='5a:36:0e:be:00:09'/>
-+    </interface>
-+    <console type='pty'>
-+      <target type='xen' port='0'/>
-+    </console>
-+    <input type='mouse' bus='xen'/>
-+    <input type='keyboard' bus='xen'/>
-+    <memballoon model='xen'/>
-+  </devices>
-+</domain>
-Index: libvirt-5.1.0/tests/xlconfigtest.c
-===================================================================
---- libvirt-5.1.0.orig/tests/xlconfigtest.c
-+++ libvirt-5.1.0/tests/xlconfigtest.c
-@@ -299,6 +299,10 @@ mymain(void)
-     DO_TEST_FORMAT("fullvirt-direct-kernel-boot-extra", false);
-     DO_TEST_FORMAT("fullvirt-direct-kernel-boot-bogus-extra", false);
- #endif
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+    DO_TEST("max-gntframes");
-+#endif
-+
-     DO_TEST("vif-typename");
-     DO_TEST("vif-multi-ip");
-     DO_TEST("usb");

696239ba-qemu-fix-query-cpus-fast.patch

@@ -1,38 +0,0 @@
-commit 696239ba6f83c65ded476e87d3ba77b424e16fd1
-Author: Viktor Mihajlovski <mihajlov@linux.ibm.com>
-Date:   Fri Mar 1 11:29:51 2019 +0100
-
-    qemu: Fix query-cpus-fast target architecture detection
-    
-    Since qemu 2.13 reports the target architecture in a property called
-    'target' additionally to the property 'arch', that has been used in
-    qemu 2.12 in the response data of 'query-cpus-fast'.
-    Libvirts monitor code prefers the 'target' property over 'arch'.
-    
-    At least for s390(x), target is reported as 's390x' while arch is 's390'.
-    In a later step a comparison is performed against 's390' which fails for
-    qemu 2.13 and later.
-    
-    In consequence the architecture specific data for s390 won't be extracted
-    from the returned data, leading to incorrect values being reported by
-    virsh domstats --vcpu.
-    
-    Changing to check explicitly for 's390' and 's390x'.
-    
-    Signed-off-by: Viktor Mihajlovski <mihajlov@linux.ibm.com>
-    Reviewed-by: Bjoern Walk <bwalk@linux.ibm.com>
-    Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
-
-Index: libvirt-5.1.0/src/qemu/qemu_monitor_json.c
-===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_monitor_json.c
-+++ libvirt-5.1.0/src/qemu/qemu_monitor_json.c
-@@ -1772,7 +1772,7 @@ qemuMonitorJSONExtractCPUInfo(virJSONVal
-             goto cleanup;
- 
-         /* process optional architecture-specific data */
--        if (STREQ_NULLABLE(arch, "s390"))
-+        if (STREQ_NULLABLE(arch, "s390") || STREQ_NULLABLE(arch, "s390x"))
-             qemuMonitorJSONExtractCPUS390Info(entry, cpus + i);
-     }
- 

CVE-2019-3886-api.patch

@@ -0,0 +1,26 @@
+commit 69f94df6afe2ea8e2034903d6423c783e0c535e8
+Author: Daniel P. Berrangé <berrange@redhat.com>
+Date:   Wed Apr 3 15:00:49 2019 +0100
+
+    api: disallow virDomainGetHostname for read-only connections
+    
+    The virDomainGetHostname API is fetching guest information and this may
+    involve use of an untrusted guest agent. As such its use must be
+    forbidden on a read-only connection to libvirt.
+    
+    Fixes CVE-2019-3886
+    Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+
+Index: libvirt-5.2.0/src/libvirt-domain.c
+===================================================================
+--- libvirt-5.2.0.orig/src/libvirt-domain.c
++++ libvirt-5.2.0/src/libvirt-domain.c
+@@ -11031,6 +11031,8 @@ virDomainGetHostname(virDomainPtr domain
+     virCheckDomainReturn(domain, NULL);
+     conn = domain->conn;
+ 
++    virCheckReadOnlyGoto(domain->conn->flags, error);
++
+     if (conn->driver->domainGetHostname) {
+         char *ret;
+         ret = conn->driver->domainGetHostname(domain, flags);

CVE-2019-3886-remote.patch

@@ -0,0 +1,35 @@
+commit 9737baf530d80eff19d46a5feb130d3064d47d64
+Author: Daniel P. Berrangé <berrange@redhat.com>
+Date:   Wed Apr 3 15:00:50 2019 +0100
+
+    remote: enforce ACL write permission for getting guest time & hostname
+    
+    Getting the guest time and hostname both require use of guest agent
+    commands. These must not be allowed for read-only users, so the
+    permissions check must validate "write" permission not "read".
+    
+    Fixes CVE-2019-3886
+    Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+
+Index: libvirt-5.2.0/src/remote/remote_protocol.x
+===================================================================
+--- libvirt-5.2.0.orig/src/remote/remote_protocol.x
++++ libvirt-5.2.0/src/remote/remote_protocol.x
+@@ -5513,7 +5513,7 @@ enum remote_procedure {
+ 
+     /**
+      * @generate: both
+-     * @acl: domain:read
++     * @acl: domain:write
+      */
+     REMOTE_PROC_DOMAIN_GET_HOSTNAME = 277,
+ 
+@@ -5908,7 +5908,7 @@ enum remote_procedure {
+ 
+     /**
+      * @generate: none
+-     * @acl: domain:read
++     * @acl: domain:write
+      */
+     REMOTE_PROC_DOMAIN_GET_TIME = 337,
+ 

blockcopy-check-dst-identical-device.patch

@@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu <cyliu@suse.com>
  src/qemu/qemu_driver.c | 7 +++++++
  1 file changed, 7 insertions(+)
 
-Index: libvirt-5.1.0/src/qemu/qemu_driver.c
+Index: libvirt-5.2.0/src/qemu/qemu_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_driver.c
-+++ libvirt-5.1.0/src/qemu/qemu_driver.c
-@@ -17836,6 +17836,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
+--- libvirt-5.2.0.orig/src/qemu/qemu_driver.c
++++ libvirt-5.2.0/src/qemu/qemu_driver.c
+@@ -17735,6 +17735,14 @@ qemuDomainBlockCopyCommon(virDomainObjPt
          goto endjob;
      }
  

ec5a1191-libxl-support-max-grant-frames.patch

@@ -1,184 +0,0 @@
-commit ec5a11910d12f80e26f5d9905840c109e74939db
-Author: Jim Fehlig <jfehlig@suse.com>
-Date:   Thu Mar 7 15:16:09 2019 -0700
-
-    libxl: Add support for max_grant_frames
-    
-    Add support for setting max_grant_frames in libxl domain config
-    object and include a test to check that it is properly converted
-    from XML to libxl domain config.
-    
-    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-
-Index: libvirt-5.1.0/src/libxl/libxl_conf.c
-===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.1.0/src/libxl/libxl_conf.c
-@@ -393,6 +393,15 @@ libxlMakeDomBuildInfo(virDomainDefPtr de
-     def->mem.cur_balloon = VIR_ROUND_UP(def->mem.cur_balloon, 1024);
-     b_info->max_memkb = virDomainDefGetMemoryInitial(def);
-     b_info->target_memkb = def->mem.cur_balloon;
-+
-+#ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+    for (i = 0; i < def->ncontrollers; i++) {
-+        if (def->controllers[i]->type == VIR_DOMAIN_CONTROLLER_TYPE_XENBUS &&
-+            def->controllers[i]->opts.xenbusopts.maxGrantFrames > 0)
-+            b_info->max_grant_frames = def->controllers[i]->opts.xenbusopts.maxGrantFrames;
-+    }
-+#endif
-+
-     if (hvm || pvh) {
-         if (caps &&
-             def->cpu && def->cpu->mode == (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
-Index: libvirt-5.1.0/tests/libxlxml2domconfigdata/max-gntframes-hvm.json
-===================================================================
---- /dev/null
-+++ libvirt-5.1.0/tests/libxlxml2domconfigdata/max-gntframes-hvm.json
-@@ -0,0 +1,90 @@
-+{
-+    "c_info": {
-+        "type": "hvm",
-+        "name": "test-hvm",
-+        "uuid": "2147d599-9cc6-c0dc-92ab-4064b5446e9b"
-+    },
-+    "b_info": {
-+        "max_vcpus": 4,
-+        "avail_vcpus": [
-+            0,
-+            1,
-+            2,
-+            3
-+        ],
-+        "max_memkb": 1048576,
-+        "target_memkb": 1048576,
-+        "video_memkb": 8192,
-+        "shadow_memkb": 12288,
-+        "max_grant_frames": 64,
-+        "device_model_version": "qemu_xen",
-+        "device_model": "/bin/true",
-+        "sched_params": {
-+
-+        },
-+        "type.hvm": {
-+            "pae": "True",
-+            "apic": "True",
-+            "acpi": "True",
-+            "vga": {
-+                "kind": "cirrus"
-+            },
-+            "vnc": {
-+                "enable": "True",
-+                "listen": "0.0.0.0",
-+                "findunused": "False"
-+            },
-+            "sdl": {
-+                "enable": "False"
-+            },
-+            "spice": {
-+
-+            },
-+            "boot": "c",
-+            "rdm": {
-+
-+            }
-+        },
-+        "arch_arm": {
-+
-+        }
-+    },
-+    "disks": [
-+        {
-+            "pdev_path": "/var/lib/xen/images/test-hvm.img",
-+            "vdev": "hda",
-+            "backend": "qdisk",
-+            "format": "raw",
-+            "removable": 1,
-+            "readwrite": 1
-+        }
-+    ],
-+    "nics": [
-+        {
-+            "devid": 0,
-+            "mac": "00:16:3e:66:12:b4",
-+            "bridge": "br0",
-+            "script": "/etc/xen/scripts/vif-bridge",
-+            "nictype": "vif_ioemu"
-+        }
-+    ],
-+    "vfbs": [
-+        {
-+	    "devid": -1,
-+            "vnc": {
-+                "enable": "True",
-+                "listen": "0.0.0.0",
-+                "findunused": "False"
-+            },
-+            "sdl": {
-+                "enable": "False"
-+            }
-+        }
-+    ],
-+    "vkbs": [
-+        {
-+            "devid": -1
-+        }
-+    ],
-+    "on_reboot": "restart"
-+}
-Index: libvirt-5.1.0/tests/libxlxml2domconfigdata/max-gntframes-hvm.xml
-===================================================================
---- /dev/null
-+++ libvirt-5.1.0/tests/libxlxml2domconfigdata/max-gntframes-hvm.xml
-@@ -0,0 +1,37 @@
-+<domain type='xen'>
-+  <name>test-hvm</name>
-+  <description>None</description>
-+  <uuid>2147d599-9cc6-c0dc-92ab-4064b5446e9b</uuid>
-+  <memory>1048576</memory>
-+  <currentMemory>1048576</currentMemory>
-+  <vcpu>4</vcpu>
-+  <on_poweroff>destroy</on_poweroff>
-+  <on_reboot>restart</on_reboot>
-+  <on_crash>destroy</on_crash>
-+  <clock offset='utc'/>
-+  <os>
-+    <type>hvm</type>
-+    <loader>/usr/lib/xen/boot/hvmloader</loader>
-+    <boot dev='hd'/>
-+  </os>
-+  <features>
-+    <apic/>
-+    <acpi/>
-+    <pae/>
-+  </features>
-+  <devices>
-+    <emulator>/bin/true</emulator>
-+    <disk type='file' device='disk'>
-+      <driver name='qemu'/>
-+      <source file='/var/lib/xen/images/test-hvm.img'/>
-+      <target dev='hda'/>
-+    </disk>
-+    <controller type='xenbus' maxGrantFrames='64'/>
-+    <interface type='bridge'>
-+      <source bridge='br0'/>
-+      <mac address='00:16:3e:66:12:b4'/>
-+      <script path='/etc/xen/scripts/vif-bridge'/>
-+    </interface>
-+    <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'/>
-+  </devices>
-+</domain>
-Index: libvirt-5.1.0/tests/libxlxml2domconfigtest.c
-===================================================================
---- libvirt-5.1.0.orig/tests/libxlxml2domconfigtest.c
-+++ libvirt-5.1.0/tests/libxlxml2domconfigtest.c
-@@ -217,6 +217,9 @@ mymain(void)
-     DO_TEST("fullvirt-cpuid-legacy-nest");
- # endif
- 
-+# ifdef LIBXL_HAVE_BUILDINFO_GRANT_LIMITS
-+    DO_TEST("max-gntframes-hvm");
-+# endif
- 
-     unlink("libxl-driver.log");
- 

f38ef0fa-no-RDMA-check.patch

@@ -1,38 +0,0 @@
-commit f38ef0fac0582ac0cbb749af9d3f8ba515a6084a
-Author: Pavel Hrdina <phrdina@redhat.com>
-Date:   Thu Mar 7 17:52:55 2019 +0100
-
-    util: skip RDMA detection for non-PCI network devices
-    
-    Only PCI devices have '/sys/class/net/<ifname>/device/resource' so we
-    need to skip this check for all other network devices.
-    
-    Without this patch and RDMA enabled libvirt will not detect any network
-    device that doesn't have the path above which includes 'lo', 'virbr',
-    'tun', etc.
-    
-    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1639258
-    
-    Reviewed-by: Andrea Bolognani <abologna@redhat.com>
-    Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
-
-Index: libvirt-5.1.0/src/util/virnetdev.c
-===================================================================
---- libvirt-5.1.0.orig/src/util/virnetdev.c
-+++ libvirt-5.1.0/src/util/virnetdev.c
-@@ -2914,8 +2914,14 @@ virNetDevRDMAFeature(const char *ifname,
- 
-     if (virAsprintf(&eth_devpath, SYSFS_NET_DIR "%s/device/resource", ifname) < 0)
-         goto cleanup;
--    if (!virFileExists(eth_devpath))
-+
-+    /* If /sys/class/net/<ifname>/device/resource doesn't exist it is not a PCI
-+     * device and therefore it will not have RDMA. */
-+    if (!virFileExists(eth_devpath)) {
-+        ret = 0;
-         goto cleanup;
-+    }
-+
-     if (virFileReadAll(eth_devpath, RESOURCE_FILE_LEN, &eth_res_buf) < 0)
-         goto cleanup;
- 

libvirt-5.1.0.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:26f97a53d3172f07f8b63884d845ed71307c4675dc4e1b281c59d253e1e323ab
-size 14893608

libvirt-5.1.0.tar.xz.asc

@@ -1,10 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQEcBAABAgAGBQJcfPYaAAoJEBVYiyZZa+pdr5QH/iyjpJYjAebt3UM8JO6b83gu
-ybcvvYyQEWQGK7afPYXdhOhgCA99Wn7oJc/+IcUufFVhzOrcJyLRgb+M7FRgtOrt
-BiUswGkYFOUIwBUDnT6Ynxtdl6ESAJJGhzXPFpUShyhxrHPh0Jr77sRJfgz93U/9
-t1IZ133EVm+Eynqejb5BDponPc28/1CsI37UL7ogCCFKNN0QTGBjkkXfGlD3FAtk
-zVYdl88e4MTW73d7EmK3I/zum0Wojp8HTD+RH69TjHt3ozoSFYvQHwlKxafNC6Mo
-1hR7QbpSAO2cA27waINUbtRHnEabiNgv9MlrJ54kDiFoUlJWeH7frzR6uNIRHjc=
-=13hI
------END PGP SIGNATURE-----

libvirt-5.2.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e51cfb41afe629ce0d46fb93182a4f4ae0c151490db97c49f722756e1154e63f
+size 14992888

libvirt-5.2.0.tar.xz.asc

@@ -0,0 +1,10 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEcBAABAgAGBQJcpGGWAAoJEBVYiyZZa+pd7PsH/1dyb1XN36aF9mugMQcB5h7g
+IiC0zfP+4pjrckaxEqDnLICEk/fPz97RPR4Rb/RmDJAPCSyvYE+UdM1Bj6LBgGa0
+3v/4pPIdkXTxL/My/FN9KloWtln85Z6XYYhHN8lfkTTflnWEpleiBk19M79etHOs
+UyAUDezv2eIhZmerhZZSMNlU08ZGL5c9YKyKl9P3ZP5HrntQFHW+yhvEFpQxu449
+RogZWidY2XWuUpjO79WrUrLiL4xSk4i+RUNydOB6rHK9aprSg0mscQfEimTjJR83
+ThNf2xV26GyBeCkkOqcKbj34sroKMIbZC0QzMgO4ZEjfFF6jVUUq5CD9LTJ0AeI=
+=dDMF
+-----END PGP SIGNATURE-----

libvirt-power8-models.patch

@@ -2,10 +2,10 @@ Add POWER8 v2.0 and v2.1 to cpu map XML
 
 From: <ro@suse.de>
 
-Index: libvirt-5.1.0/src/cpu_map/ppc64_POWER8.xml
+Index: libvirt-5.2.0/src/cpu_map/ppc64_POWER8.xml
 ===================================================================
---- libvirt-5.1.0.orig/src/cpu_map/ppc64_POWER8.xml
-+++ libvirt-5.1.0/src/cpu_map/ppc64_POWER8.xml
+--- libvirt-5.2.0.orig/src/cpu_map/ppc64_POWER8.xml
++++ libvirt-5.2.0/src/cpu_map/ppc64_POWER8.xml
 @@ -4,5 +4,7 @@
      <pvr value='0x004b0000' mask='0xffff0000'/>
      <pvr value='0x004c0000' mask='0xffff0000'/>

libvirt-suse-netcontrol.patch

@@ -1,7 +1,7 @@
-Index: libvirt-5.1.0/configure.ac
+Index: libvirt-5.2.0/configure.ac
 ===================================================================
---- libvirt-5.1.0.orig/configure.ac
-+++ libvirt-5.1.0/configure.ac
+--- libvirt-5.2.0.orig/configure.ac
++++ libvirt-5.2.0/configure.ac
 @@ -256,6 +256,7 @@ LIBVIRT_ARG_LIBSSH
  LIBVIRT_ARG_LIBXML
  LIBVIRT_ARG_MACVTAP
@@ -18,7 +18,7 @@ Index: libvirt-5.1.0/configure.ac
  LIBVIRT_CHECK_NLS
  LIBVIRT_CHECK_NUMACTL
  LIBVIRT_CHECK_NWFILTER
-@@ -1015,6 +1017,7 @@ LIBVIRT_RESULT_LIBXL
+@@ -998,6 +1000,7 @@ LIBVIRT_RESULT_LIBXL
  LIBVIRT_RESULT_LIBXML
  LIBVIRT_RESULT_MACVTAP
  LIBVIRT_RESULT_NETCF
@@ -26,10 +26,10 @@ Index: libvirt-5.1.0/configure.ac
  LIBVIRT_RESULT_NLS
  LIBVIRT_RESULT_NSS
  LIBVIRT_RESULT_NUMACTL
-Index: libvirt-5.1.0/tools/virsh.c
+Index: libvirt-5.2.0/tools/virsh.c
 ===================================================================
---- libvirt-5.1.0.orig/tools/virsh.c
-+++ libvirt-5.1.0/tools/virsh.c
+--- libvirt-5.2.0.orig/tools/virsh.c
++++ libvirt-5.2.0/tools/virsh.c
 @@ -563,6 +563,8 @@ virshShowVersion(vshControl *ctl ATTRIBU
      vshPrint(ctl, " Interface");
  # if defined(WITH_NETCF)
@@ -39,10 +39,10 @@ Index: libvirt-5.1.0/tools/virsh.c
  # elif defined(WITH_UDEV)
      vshPrint(ctl, " udev");
  # endif
-Index: libvirt-5.1.0/src/interface/interface_backend_netcf.c
+Index: libvirt-5.2.0/src/interface/interface_backend_netcf.c
 ===================================================================
---- libvirt-5.1.0.orig/src/interface/interface_backend_netcf.c
-+++ libvirt-5.1.0/src/interface/interface_backend_netcf.c
+--- libvirt-5.2.0.orig/src/interface/interface_backend_netcf.c
++++ libvirt-5.2.0/src/interface/interface_backend_netcf.c
 @@ -21,7 +21,12 @@
  
  #include <config.h>
@@ -126,10 +126,10 @@ Index: libvirt-5.1.0/src/interface/interface_backend_netcf.c
      if (virRegisterConnectDriver(&interfaceConnectDriver, false) < 0)
          return -1;
      if (virSetSharedInterfaceDriver(&interfaceDriver) < 0)
-Index: libvirt-5.1.0/src/interface/interface_driver.c
+Index: libvirt-5.2.0/src/interface/interface_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/interface/interface_driver.c
-+++ libvirt-5.1.0/src/interface/interface_driver.c
+--- libvirt-5.2.0.orig/src/interface/interface_driver.c
++++ libvirt-5.2.0/src/interface/interface_driver.c
 @@ -30,8 +30,15 @@ interfaceRegister(void)
      if (netcfIfaceRegister() == 0)
          return 0;
@@ -147,10 +147,10 @@ Index: libvirt-5.1.0/src/interface/interface_driver.c
      if (udevIfaceRegister() == 0)
          return 0;
  #endif /* WITH_UDEV */
-Index: libvirt-5.1.0/m4/virt-netcontrol.m4
+Index: libvirt-5.2.0/m4/virt-netcontrol.m4
 ===================================================================
 --- /dev/null
-+++ libvirt-5.1.0/m4/virt-netcontrol.m4
++++ libvirt-5.2.0/m4/virt-netcontrol.m4
 @@ -0,0 +1,39 @@
 +dnl The libnetcontrol library
 +dnl
@@ -191,10 +191,10 @@ Index: libvirt-5.1.0/m4/virt-netcontrol.m4
 +AC_DEFUN([LIBVIRT_RESULT_NETCONTROL],[
 +  LIBVIRT_RESULT_LIB([NETCONTROL])
 +])
-Index: libvirt-5.1.0/src/interface/Makefile.inc.am
+Index: libvirt-5.2.0/src/interface/Makefile.inc.am
 ===================================================================
---- libvirt-5.1.0.orig/src/interface/Makefile.inc.am
-+++ libvirt-5.1.0/src/interface/Makefile.inc.am
+--- libvirt-5.2.0.orig/src/interface/Makefile.inc.am
++++ libvirt-5.2.0/src/interface/Makefile.inc.am
 @@ -4,6 +4,7 @@ INTERFACE_DRIVER_SOURCES = \
  	$(NULL)
  

libvirt.changes

@@ -1,3 +1,32 @@
+-------------------------------------------------------------------
+Fri Apr  5 19:58:10 UTC 2019 - James Fehlig <jfehlig@suse.com>
+
+- CVE-2019-3886: disallow virDomainGetHostname and virDomainGetTime
+  for read-only connections and users
+  CVE-2019-3886-api.patch, CVE-2019-3886-remote.patch
+  bsc#1131595
+- spec: BuildRequires rpcgen since CVE-2019-3886-remote.patch
+  touches remote_protocol.x
+
+-------------------------------------------------------------------
+Wed Apr  3 18:08:00 UTC 2019 - Jim Fehlig <jfehlig@suse.com>
+
+- Update to libvirt 5.2.0
+  - Many incremental improvements and bug fixes, see
+    http://libvirt.org/news.html
+  - Dropped patches:
+    4ec3cf9a-apparmor-rules.patch,
+    f38ef0fa-no-RDMA-check.patch,
+    411cdaf8-apparmor-check-profile-name.patch,
+    696239ba-qemu-fix-query-cpus-fast.patch,
+    09eb1ae0-conf-add-xenbus-controller.patch,
+    fb059757-libxl-add-xenbus-controller.patch,
+    ec5a1191-libxl-support-max-grant-frames.patch,
+    5a64c202-xenconfig-support-max-grant-frames.patch
+  - Added patches:
+    ff376c62-tests-fix-mocking-stat-lstat.patch,
+    mprivozn-test-fix-proposal.patch
+
 -------------------------------------------------------------------
 Thu Mar 21 21:40:06 UTC 2019 - James Fehlig <jfehlig@suse.com>
 

libvirt.spec

@@ -183,7 +183,7 @@
 
 Name:           libvirt
 Url:            http://libvirt.org/
-Version:        5.1.0
+Version:        5.2.0
 Release:        0
 Summary:        Library providing a virtualization API
 License:        LGPL-2.1-or-later
@@ -246,6 +246,8 @@ BuildRequires:  readline-devel
 # perl XPath is needed since we have a patch touching files that cause
 # hvsupport.html to be regenerated
 BuildRequires:  perl(XML::XPath)
+# rpcgen is needed since we have a patch touching remote_protocol.x
+BuildRequires:  rpcgen
 # For pool-build probing for existing pools
 BuildRequires:  libblkid-devel >= 2.17
 BuildRequires:  libpciaccess0-devel >= 0.10.9
@@ -285,6 +287,8 @@ BuildRequires:  libiscsi-devel
 BuildRequires:  parted-devel
 # For Multipath support
 BuildRequires:  device-mapper-devel
+# For XFS reflink clone support
+BuildRequires:  xfsprogs-devel
 %if %{with_storage_rbd}
 BuildRequires:  %{with_rbd_lib}
 %endif
@@ -333,17 +337,13 @@ Source6:        libvirtd-relocation-server.xml
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
-Patch0:         4ec3cf9a-apparmor-rules.patch
-Patch1:         f38ef0fa-no-RDMA-check.patch
-Patch2:         411cdaf8-apparmor-check-profile-name.patch
-Patch3:         696239ba-qemu-fix-query-cpus-fast.patch
-Patch4:         09eb1ae0-conf-add-xenbus-controller.patch
-Patch5:         fb059757-libxl-add-xenbus-controller.patch
-Patch6:         ec5a1191-libxl-support-max-grant-frames.patch
-Patch7:         5a64c202-xenconfig-support-max-grant-frames.patch
+Patch0:         ff376c62-tests-fix-mocking-stat-lstat.patch
+Patch1:         CVE-2019-3886-api.patch
+Patch2:         CVE-2019-3886-remote.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch
+Patch102:       mprivozn-test-fix-proposal.patch
 # Need to go upstream
 Patch150:       xen-pv-cdrom.patch
 Patch151:       blockcopy-check-dst-identical-device.patch
@@ -877,13 +877,9 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
 %patch100 -p1
 %patch101 -p1
+%patch102 -p1
 %patch150 -p1
 %patch151 -p1
 %patch152 -p1
@@ -1231,19 +1227,32 @@ mv %{buildroot}/%{_datadir}/systemtap/tapset/libvirt_qemu_probes.stp \
 
 %check
 cd tests
-SKIP_TESTS=""
+SKIP_C_TESTS=""
+SKIP_SCRIPT_TESTS=""
 # These tests don't current work in a mock build root
 # virnetsockettest: needs unsupported linux-user syscalls
-SKIP_TESTS="$SKIP_TESTS virnetsockettest"
+SKIP_C_TESTS="$SKIP_TESTS virnetsockettest"
 # virportallocatortest fails on aarch64 due to unsupported IPV6_V6ONLY flag
 %ifarch aarch64
-SKIP_TESTS="$SKIP_TESTS virportallocatortest"
+SKIP_C_TESTS="$SKIP_TESTS virportallocatortest"
 %endif
-for i in $SKIP_TESTS
+# Temporarily remove the snapshot tests until they stabilize
+SKIP_SCRIPT_TESTS="$SKIP_SCRIPT_TESTS virsh-snapshot"
+# Remove tests that dont work on 32-bit arch
+#%ifarch %{ix86} armv7l
+#SKIP_C_TESTS="$SKIP_C_TESTS qemufirmwaretest"
+#%endif
+for i in $SKIP_C_TESTS
 do
   rm -f $i
   printf 'int main(void) { return 0; }' > $i.c
 done
+for i in $SKIP_SCRIPT_TESTS
+do
+  rm -f $i
+  printf '#!/bin/sh\n exit 0\n' > $i
+  chmod +x $i
+done
 make %{?_smp_mflags}
 
 if ! make %{?_smp_mflags} check VIR_TEST_DEBUG=1
@@ -1640,6 +1649,7 @@ fi
 %{_datadir}/%{name}/schemas/secret.rng
 %{_datadir}/%{name}/schemas/storagecommon.rng
 %{_datadir}/%{name}/schemas/storagepool.rng
+%{_datadir}/%{name}/schemas/storagepoolcaps.rng
 %{_datadir}/%{name}/schemas/storagevol.rng
 %{_datadir}/%{name}/cpu_map/*.xml
 %{_datadir}/%{name}/test-screenshot.png

libxl-dom-reset.patch

@@ -8,11 +8,11 @@ Date:   Mon Jun 23 15:51:20 2014 -0600
     option, but domainReset can be implemented in the libxl driver by
     forcibly destroying the domain and starting it again.
 
-Index: libvirt-5.1.0/src/libxl/libxl_driver.c
+Index: libvirt-5.2.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.1.0/src/libxl/libxl_driver.c
-@@ -1350,6 +1350,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
+--- libvirt-5.2.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.2.0/src/libxl/libxl_driver.c
+@@ -1343,6 +1343,61 @@ libxlDomainReboot(virDomainPtr dom, unsi
  }
  
  static int
@@ -74,7 +74,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_driver.c
  libxlDomainDestroyFlags(virDomainPtr dom,
                          unsigned int flags)
  {
-@@ -6511,6 +6566,7 @@ static virHypervisorDriver libxlHypervis
+@@ -6504,6 +6559,7 @@ static virHypervisorDriver libxlHypervis
      .domainShutdown = libxlDomainShutdown, /* 0.9.0 */
      .domainShutdownFlags = libxlDomainShutdownFlags, /* 0.9.10 */
      .domainReboot = libxlDomainReboot, /* 0.9.0 */

libxl-set-cach-mode.patch

@@ -3,11 +3,11 @@ https://bugzilla.novell.com/show_bug.cgi?id=879425
  src/libxl/libxl_conf.c |   25 +++++++++++++++++++++++++
  1 file changed, 25 insertions(+)
 
-Index: libvirt-5.1.0/src/libxl/libxl_conf.c
+Index: libvirt-5.2.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.1.0/src/libxl/libxl_conf.c
-@@ -893,6 +893,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
+--- libvirt-5.2.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.2.0/src/libxl/libxl_conf.c
+@@ -895,6 +895,30 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }
  
@@ -38,7 +38,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
  static char *
  libxlMakeNetworkDiskSrcStr(virStorageSourcePtr src,
                             const char *username,
-@@ -1141,6 +1165,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -1143,6 +1167,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
      x_disk->is_cdrom = l_disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM ? 1 : 0;
      if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
          return -1;

libxl-set-migration-constraints.patch

@@ -16,13 +16,13 @@ Signed-off-by: Jim Fehlig <jfehlig@suse.com>
  tools/virsh.pod                  |    8 ++++++++
  6 files changed, 125 insertions(+), 6 deletions(-)
 
-Index: libvirt-5.1.0/include/libvirt/libvirt-domain.h
+Index: libvirt-5.2.0/include/libvirt/libvirt-domain.h
 ===================================================================
---- libvirt-5.1.0.orig/include/libvirt/libvirt-domain.h
-+++ libvirt-5.1.0/include/libvirt/libvirt-domain.h
-@@ -1025,6 +1025,31 @@ typedef enum {
+--- libvirt-5.2.0.orig/include/libvirt/libvirt-domain.h
++++ libvirt-5.2.0/include/libvirt/libvirt-domain.h
+@@ -1039,6 +1039,31 @@ typedef enum {
   */
- # define VIR_MIGRATE_PARAM_AUTO_CONVERGE_INCREMENT  "auto_converge.increment"
+ # define VIR_MIGRATE_PARAM_PARALLEL_CONNECTIONS     "parallel.connections"
  
 +/**
 + * VIR_MIGRATE_PARAM_SUSE_MAX_ITERS:
@@ -52,11 +52,11 @@ Index: libvirt-5.1.0/include/libvirt/libvirt-domain.h
  /* Domain migration. */
  virDomainPtr virDomainMigrate (virDomainPtr domain, virConnectPtr dconn,
                                 unsigned long flags, const char *dname,
-Index: libvirt-5.1.0/src/libxl/libxl_driver.c
+Index: libvirt-5.2.0/src/libxl/libxl_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_driver.c
-+++ libvirt-5.1.0/src/libxl/libxl_driver.c
-@@ -6118,6 +6118,9 @@ libxlDomainMigratePerform3Params(virDoma
+--- libvirt-5.2.0.orig/src/libxl/libxl_driver.c
++++ libvirt-5.2.0/src/libxl/libxl_driver.c
+@@ -6111,6 +6111,9 @@ libxlDomainMigratePerform3Params(virDoma
      const char *dname = NULL;
      const char *uri = NULL;
      int ret = -1;
@@ -66,7 +66,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_driver.c
  
  #ifdef LIBXL_HAVE_NO_SUSPEND_RESUME
      virReportUnsupportedError();
-@@ -6134,6 +6137,18 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6127,6 +6130,18 @@ libxlDomainMigratePerform3Params(virDoma
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_DEST_NAME,
                                  &dname) < 0 ||
@@ -85,7 +85,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_driver.c
          virTypedParamsGetString(params, nparams,
                                  VIR_MIGRATE_PARAM_URI,
                                  &uri) < 0)
-@@ -6148,11 +6163,11 @@ libxlDomainMigratePerform3Params(virDoma
+@@ -6141,11 +6156,11 @@ libxlDomainMigratePerform3Params(virDoma
  
      if ((flags & (VIR_MIGRATE_TUNNELLED | VIR_MIGRATE_PEER2PEER))) {
          if (libxlDomainMigrationSrcPerformP2P(driver, vm, dom->conn, dom_xml,
@@ -99,10 +99,10 @@ Index: libvirt-5.1.0/src/libxl/libxl_driver.c
              goto cleanup;
      }
  
-Index: libvirt-5.1.0/src/libxl/libxl_migration.c
+Index: libvirt-5.2.0/src/libxl/libxl_migration.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_migration.c
-+++ libvirt-5.1.0/src/libxl/libxl_migration.c
+--- libvirt-5.2.0.orig/src/libxl/libxl_migration.c
++++ libvirt-5.2.0/src/libxl/libxl_migration.c
 @@ -342,18 +342,39 @@ libxlMigrateDstReceive(virNetSocketPtr s
  static int
  libxlDoMigrateSrcSend(libxlDriverPrivatePtr driver,
@@ -264,10 +264,10 @@ Index: libvirt-5.1.0/src/libxl/libxl_migration.c
      virObjectLock(vm);
  
      if (ret < 0) {
-Index: libvirt-5.1.0/src/libxl/libxl_migration.h
+Index: libvirt-5.2.0/src/libxl/libxl_migration.h
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_migration.h
-+++ libvirt-5.1.0/src/libxl/libxl_migration.h
+--- libvirt-5.2.0.orig/src/libxl/libxl_migration.h
++++ libvirt-5.2.0/src/libxl/libxl_migration.h
 @@ -36,6 +36,10 @@
      VIR_MIGRATE_PARAM_URI,              VIR_TYPED_PARAM_STRING, \
      VIR_MIGRATE_PARAM_DEST_NAME,        VIR_TYPED_PARAM_STRING, \
@@ -312,13 +312,13 @@ Index: libvirt-5.1.0/src/libxl/libxl_migration.h
  
  virDomainPtr
  libxlDomainMigrationDstFinish(virConnectPtr dconn,
-Index: libvirt-5.1.0/tools/virsh-domain.c
+Index: libvirt-5.2.0/tools/virsh-domain.c
 ===================================================================
---- libvirt-5.1.0.orig/tools/virsh-domain.c
-+++ libvirt-5.1.0/tools/virsh-domain.c
-@@ -10562,6 +10562,22 @@ static const vshCmdOptDef opts_migrate[]
+--- libvirt-5.2.0.orig/tools/virsh-domain.c
++++ libvirt-5.2.0/tools/virsh-domain.c
+@@ -10570,6 +10570,22 @@ static const vshCmdOptDef opts_migrate[]
       .type = VSH_OT_INT,
-      .help = N_("post-copy migration bandwidth limit in MiB/s")
+      .help = N_("number of connections for parallel migration")
      },
 +    {.name = "max_iters",
 +     .type = VSH_OT_INT,
@@ -339,7 +339,7 @@ Index: libvirt-5.1.0/tools/virsh-domain.c
      {.name = NULL}
  };
  
-@@ -10585,6 +10601,7 @@ doMigrate(void *opaque)
+@@ -10593,6 +10609,7 @@ doMigrate(void *opaque)
      unsigned long long ullOpt = 0;
      int rv;
      virConnectPtr dconn = data->dconn;
@@ -347,7 +347,7 @@ Index: libvirt-5.1.0/tools/virsh-domain.c
  
      sigemptyset(&sigmask);
      sigaddset(&sigmask, SIGINT);
-@@ -10704,6 +10721,27 @@ doMigrate(void *opaque)
+@@ -10712,6 +10729,27 @@ doMigrate(void *opaque)
              goto save_error;
      }
  
@@ -375,13 +375,13 @@ Index: libvirt-5.1.0/tools/virsh-domain.c
      if (vshCommandOptStringReq(ctl, cmd, "xml", &opt) < 0)
          goto out;
      if (opt) {
-Index: libvirt-5.1.0/tools/virsh.pod
+Index: libvirt-5.2.0/tools/virsh.pod
 ===================================================================
---- libvirt-5.1.0.orig/tools/virsh.pod
-+++ libvirt-5.1.0/tools/virsh.pod
-@@ -1998,6 +1998,14 @@ Providing I<--tls> causes the migration
- the migration of the domain. Usage requires proper TLS setup for both source
- and target.
+--- libvirt-5.2.0.orig/tools/virsh.pod
++++ libvirt-5.2.0/tools/virsh.pod
+@@ -2019,6 +2019,14 @@ I<--parallel-connections>. Parallel conn
+ network link between the source and the target and thus speeding up the
+ migration.
  
 +SUSE-specific options for Xen: I<--max_iters> B<num> allows specifying the maximum
 +number of iterations before final suspend. Default is 30. I<--max_factor> B<num>

libxl-support-block-script.patch

@@ -7,11 +7,11 @@ and npiv.
 
 For more details, see bsc#954872 and FATE#319810
 
-Index: libvirt-5.1.0/src/libxl/libxl_conf.c
+Index: libvirt-5.2.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.1.0/src/libxl/libxl_conf.c
-@@ -893,6 +893,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
+--- libvirt-5.2.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.2.0/src/libxl/libxl_conf.c
+@@ -895,6 +895,25 @@ libxlDiskSetDiscard(libxl_device_disk *x
  #endif
  }
  
@@ -37,7 +37,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
  static void
  libxlDiskSetCacheMode(libxl_device_disk *x_disk, int cachemode)
  {
-@@ -1038,6 +1057,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
+@@ -1040,6 +1059,7 @@ libxlMakeNetworkDiskSrc(virStorageSource
  int
  libxlMakeDisk(virDomainDiskDefPtr l_disk, libxl_device_disk *x_disk)
  {
@@ -45,7 +45,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
      const char *driver = virDomainDiskGetDriver(l_disk);
      int format = virDomainDiskGetFormat(l_disk);
      int actual_type = virStorageSourceGetActualType(l_disk->src);
-@@ -1053,7 +1073,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -1055,7 +1075,7 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
          if (libxlMakeNetworkDiskSrc(l_disk->src, &x_disk->pdev_path) < 0)
              return -1;
      } else {
@@ -54,7 +54,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
          return -1;
      }
  
-@@ -1166,6 +1186,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
+@@ -1168,6 +1188,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk
      if (libxlDiskSetDiscard(x_disk, l_disk->discard) < 0)
          return -1;
      libxlDiskSetCacheMode(x_disk, l_disk->cachemode);

lxc-wait-after-eth-del.patch

@@ -13,10 +13,10 @@ device with the same name that is being created.
  src/lxc/lxc_process.c    | 1 +
  3 files changed, 4 insertions(+)
 
-Index: libvirt-5.1.0/src/lxc/lxc_controller.c
+Index: libvirt-5.2.0/src/lxc/lxc_controller.c
 ===================================================================
---- libvirt-5.1.0.orig/src/lxc/lxc_controller.c
-+++ libvirt-5.1.0/src/lxc/lxc_controller.c
+--- libvirt-5.2.0.orig/src/lxc/lxc_controller.c
++++ libvirt-5.2.0/src/lxc/lxc_controller.c
 @@ -69,6 +69,7 @@
  #include "rpc/virnetdaemon.h"
  #include "virstring.h"
@@ -33,10 +33,10 @@ Index: libvirt-5.1.0/src/lxc/lxc_controller.c
  
      return ret;
  }
-Index: libvirt-5.1.0/src/lxc/lxc_driver.c
+Index: libvirt-5.2.0/src/lxc/lxc_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/lxc/lxc_driver.c
-+++ libvirt-5.1.0/src/lxc/lxc_driver.c
+--- libvirt-5.2.0.orig/src/lxc/lxc_driver.c
++++ libvirt-5.2.0/src/lxc/lxc_driver.c
 @@ -70,6 +70,7 @@
  #include "virtime.h"
  #include "virtypedparam.h"
@@ -45,7 +45,7 @@ Index: libvirt-5.1.0/src/lxc/lxc_driver.c
  #include "virstring.h"
  #include "viraccessapicheck.h"
  #include "viraccessapichecklxc.h"
-@@ -3930,6 +3931,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
+@@ -3908,6 +3909,7 @@ lxcDomainAttachDeviceNetLive(virConnectP
          case VIR_DOMAIN_NET_TYPE_NETWORK:
          case VIR_DOMAIN_NET_TYPE_ETHERNET:
              ignore_value(virNetDevVethDelete(veth));
@@ -53,7 +53,7 @@ Index: libvirt-5.1.0/src/lxc/lxc_driver.c
              break;
  
          case VIR_DOMAIN_NET_TYPE_DIRECT:
-@@ -4373,6 +4375,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
+@@ -4351,6 +4353,7 @@ lxcDomainDetachDeviceNetLive(virDomainOb
              virDomainAuditNet(vm, detach, NULL, "detach", false);
              goto cleanup;
          }
@@ -61,10 +61,10 @@ Index: libvirt-5.1.0/src/lxc/lxc_driver.c
          break;
  
          /* It'd be nice to support this, but with macvlan
-Index: libvirt-5.1.0/src/lxc/lxc_process.c
+Index: libvirt-5.2.0/src/lxc/lxc_process.c
 ===================================================================
---- libvirt-5.1.0.orig/src/lxc/lxc_process.c
-+++ libvirt-5.1.0/src/lxc/lxc_process.c
+--- libvirt-5.2.0.orig/src/lxc/lxc_process.c
++++ libvirt-5.2.0/src/lxc/lxc_process.c
 @@ -51,6 +51,7 @@
  #include "viratomic.h"
  #include "virprocess.h"

mprivozn-test-fix-proposal.patch

@@ -0,0 +1,33 @@
+Patch proposed by Michal on libvirt list
+
+This patch fixes firmware test failures.
+
+https://www.redhat.com/archives/libvir-list/2019-April/msg00156.html
+
+Index: libvirt-5.2.0/src/qemu/qemu_firmware.c
+===================================================================
+--- libvirt-5.2.0.orig/src/qemu/qemu_firmware.c
++++ libvirt-5.2.0/src/qemu/qemu_firmware.c
+@@ -924,8 +924,9 @@ qemuFirmwareBuildFileList(virHashTablePt
+     while ((rc = virDirRead(dirp, &ent, dir)) > 0) {
+         VIR_AUTOFREE(char *) filename = NULL;
+         VIR_AUTOFREE(char *) path = NULL;
++        struct stat sb;
+ 
+-        if (ent->d_type != DT_REG && ent->d_type != DT_LNK)
++        if (ent->d_type != DT_REG && ent->d_type != DT_LNK && ent->d_type != DT_UNKNOWN)
+             continue;
+ 
+         if (STRPREFIX(ent->d_name, "."))
+@@ -937,6 +938,11 @@ qemuFirmwareBuildFileList(virHashTablePt
+         if (virAsprintf(&path, "%s/%s", dir, filename) < 0)
+             goto cleanup;
+ 
++        if (ent->d_type == DT_UNKNOWN &&
++            stat(path, &sb) >= 0 &&
++            ((sb.st_mode & S_IFMT) != S_IFREG && (sb.st_mode & S_IFMT) != S_IFLNK))
++            continue;
++
+         if (virHashUpdateEntry(files, filename, path) < 0)
+             goto cleanup;
+ 

network-don-t-use-dhcp-authoritative-on-static-netwo.patch

@@ -17,11 +17,11 @@ Signed-off-by: Martin Wilck <mwilck@suse.com>
  tests/networkxml2confdata/dhcp6host-routed-network.conf | 1 -
  2 files changed, 8 insertions(+), 2 deletions(-)
 
-Index: libvirt-5.1.0/src/network/bridge_driver.c
+Index: libvirt-5.2.0/src/network/bridge_driver.c
 ===================================================================
---- libvirt-5.1.0.orig/src/network/bridge_driver.c
-+++ libvirt-5.1.0/src/network/bridge_driver.c
-@@ -1378,7 +1378,14 @@ networkDnsmasqConfContents(virNetworkObj
+--- libvirt-5.2.0.orig/src/network/bridge_driver.c
++++ libvirt-5.2.0/src/network/bridge_driver.c
+@@ -1365,7 +1365,14 @@ networkDnsmasqConfContents(virNetworkObj
          if (VIR_SOCKET_ADDR_IS_FAMILY(&ipdef->address, AF_INET)) {
              if (ipdef->nranges || ipdef->nhosts) {
                  virBufferAddLit(&configbuf, "dhcp-no-override\n");
@@ -37,10 +37,10 @@ Index: libvirt-5.1.0/src/network/bridge_driver.c
              }
  
              if (ipdef->tftproot) {
-Index: libvirt-5.1.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+Index: libvirt-5.2.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 ===================================================================
---- libvirt-5.1.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
-+++ libvirt-5.1.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
+--- libvirt-5.2.0.orig/tests/networkxml2confdata/dhcp6host-routed-network.conf
++++ libvirt-5.2.0/tests/networkxml2confdata/dhcp6host-routed-network.conf
 @@ -10,7 +10,6 @@ bind-dynamic
  interface=virbr1
  dhcp-range=192.168.122.1,static

ppc64le-canonical-name.patch

@@ -2,10 +2,10 @@ Canonicalize hostarch name ppc64le to ppc64
 
 See bnc#894956
 
-Index: libvirt-5.1.0/src/util/virarch.c
+Index: libvirt-5.2.0/src/util/virarch.c
 ===================================================================
---- libvirt-5.1.0.orig/src/util/virarch.c
-+++ libvirt-5.1.0/src/util/virarch.c
+--- libvirt-5.2.0.orig/src/util/virarch.c
++++ libvirt-5.2.0/src/util/virarch.c
 @@ -172,6 +172,8 @@ virArch virArchFromHost(void)
          arch = VIR_ARCH_I686;
      } else if (STREQ(ut.machine, "amd64")) {

qemu-apparmor-screenshot.patch

@@ -1,8 +1,8 @@
-Index: libvirt-5.1.0/src/security/apparmor/libvirt-qemu
+Index: libvirt-5.2.0/src/security/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-5.1.0.orig/src/security/apparmor/libvirt-qemu
-+++ libvirt-5.1.0/src/security/apparmor/libvirt-qemu
-@@ -222,3 +222,6 @@
+--- libvirt-5.2.0.orig/src/security/apparmor/libvirt-qemu
++++ libvirt-5.2.0/src/security/apparmor/libvirt-qemu
+@@ -227,3 +227,6 @@
    # required for sasl GSSAPI plugin
    /etc/gss/mech.d/ r,
    /etc/gss/mech.d/* r,

support-managed-pci-xen-driver.patch

@@ -8,10 +8,10 @@ Subject: [PATCH] support managed pci devices in xen driver
  src/xenxs/xen_xm.c   |   28 +++++++++++++++++++++++++++-
  2 files changed, 35 insertions(+), 15 deletions(-)
 
-Index: libvirt-5.1.0/src/xenconfig/xen_common.c
+Index: libvirt-5.2.0/src/xenconfig/xen_common.c
 ===================================================================
---- libvirt-5.1.0.orig/src/xenconfig/xen_common.c
-+++ libvirt-5.1.0/src/xenconfig/xen_common.c
+--- libvirt-5.2.0.orig/src/xenconfig/xen_common.c
++++ libvirt-5.2.0/src/xenconfig/xen_common.c
 @@ -386,12 +386,19 @@ xenParsePCI(char *entry)
      int busID;
      int slotID;
@@ -64,10 +64,10 @@ Index: libvirt-5.1.0/src/xenconfig/xen_common.c
      hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI;
      hostdev->source.subsys.u.pci.addr.domain = domainID;
      hostdev->source.subsys.u.pci.addr.bus = busID;
-Index: libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.1.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.2.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 @@ -1053,6 +1053,7 @@ xenParseSxprPCI(virDomainDefPtr def,
          int busID;
          int slotID;

suse-apparmor-libnl-paths.patch

@@ -8,10 +8,10 @@ It was also noticed that the per-domain profiles need a libnl rule
 to squelch a denial when starting confined domains.
 
 Found while investigating bsc#1058847
-Index: libvirt-5.1.0/src/security/apparmor/libvirt-qemu
+Index: libvirt-5.2.0/src/security/apparmor/libvirt-qemu
 ===================================================================
---- libvirt-5.1.0.orig/src/security/apparmor/libvirt-qemu
-+++ libvirt-5.1.0/src/security/apparmor/libvirt-qemu
+--- libvirt-5.2.0.orig/src/security/apparmor/libvirt-qemu
++++ libvirt-5.2.0/src/security/apparmor/libvirt-qemu
 @@ -63,6 +63,7 @@
    #/dev/fb* rw,
  
@@ -20,10 +20,10 @@ Index: libvirt-5.1.0/src/security/apparmor/libvirt-qemu
    @{HOME}/.pulse-cookie rwk,
    owner /root/.pulse-cookie rwk,
    owner /root/.pulse/ rw,
-Index: libvirt-5.1.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+Index: libvirt-5.2.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
 ===================================================================
---- libvirt-5.1.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
-+++ libvirt-5.1.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
+--- libvirt-5.2.0.orig/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
++++ libvirt-5.2.0/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
 @@ -17,7 +17,7 @@ profile virt-aa-helper /usr/{lib,lib64}/
    owner @{PROC}/[0-9]*/status r,
    @{PROC}/filesystems r,

suse-libvirt-guests-service.patch

@@ -1,55 +1,9 @@
 Adjust libvirt-guests service to conform to SUSE standards
 
-Index: libvirt-5.1.0/tools/libvirt-guests.init.in
+Index: libvirt-5.2.0/tools/libvirt-guests.sh.in
 ===================================================================
---- libvirt-5.1.0.orig/tools/libvirt-guests.init.in
-+++ libvirt-5.1.0/tools/libvirt-guests.init.in
-@@ -4,27 +4,27 @@
- # http://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/initscrcomconv.html
- #
- ### BEGIN INIT INFO
--# Provides: libvirt-guests
--# Default-Start: 3 4 5
--# Default-Stop: 0 1 2 6
--# Required-Start: libvirtd
--# Required-Stop: libvirtd
-+# Provides:          libvirt-guests
-+# Required-Start:    $network $remote_fs libvirtd
-+# Required-Stop:     $network $remote_fs libvirtd
-+# Default-Start:     3 5
-+# Default-Stop:      0 1 2 4 6
- # Should-Start:
- # Should-Stop:
- # Short-Description: suspend/resume libvirt guests on shutdown/boot
--# Description: This is a script for suspending active libvirt guests
--#              on shutdown and resuming them on next boot
--#              See https://libvirt.org
-+# Description:       This is a script for suspending active libvirt guests
-+#                    on shutdown and resuming them on next boot
-+#                    See https://libvirt.org
- ### END INIT INFO
- 
- # the following is chkconfig init header
- #
--# libvirt-guests:   suspend/resume libvirt guests on shutdown/boot
--#
--# chkconfig: 345 99 01
--# description:  This is a script for suspending active libvirt guests \
--#               on shutdown and resuming them on next boot \
--#               See https://libvirt.org
-+# libvirt-guests:    suspend/resume libvirt guests on shutdown/boot
- #
-+# chkconfig:         345 99 01
-+# description:       This is a script for suspending active libvirt guests \
-+#                    on shutdown and resuming them on next boot \
-+#                    See https://libvirt.org
-+
- 
- exec @libexecdir@/libvirt-guests.sh "$@"
-Index: libvirt-5.1.0/tools/libvirt-guests.sh.in
-===================================================================
---- libvirt-5.1.0.orig/tools/libvirt-guests.sh.in
-+++ libvirt-5.1.0/tools/libvirt-guests.sh.in
+--- libvirt-5.2.0.orig/tools/libvirt-guests.sh.in
++++ libvirt-5.2.0/tools/libvirt-guests.sh.in
 @@ -16,14 +16,13 @@
  # License along with this library.  If not, see
  # <http://www.gnu.org/licenses/>.
@@ -209,10 +163,10 @@ Index: libvirt-5.1.0/tools/libvirt-guests.sh.in
  esac
 -exit $RETVAL
 +rc_exit
-Index: libvirt-5.1.0/tools/libvirt-guests.sysconf
+Index: libvirt-5.2.0/tools/libvirt-guests.sysconf
 ===================================================================
---- libvirt-5.1.0.orig/tools/libvirt-guests.sysconf
-+++ libvirt-5.1.0/tools/libvirt-guests.sysconf
+--- libvirt-5.2.0.orig/tools/libvirt-guests.sysconf
++++ libvirt-5.2.0/tools/libvirt-guests.sysconf
 @@ -1,19 +1,29 @@
 +## Path: System/Virtualization/libvirt-guests
 +

suse-libvirtd-disable-tls.patch

@@ -3,10 +3,10 @@ Disable TLS by default
 On SUSE distros, the default is for libvirtd to listen only on the
 Unix Domain Socket. The libvirt client still provides remote access
 via a SSH tunnel.
-Index: libvirt-5.1.0/src/remote/libvirtd.conf
+Index: libvirt-5.2.0/src/remote/libvirtd.conf
 ===================================================================
---- libvirt-5.1.0.orig/src/remote/libvirtd.conf
-+++ libvirt-5.1.0/src/remote/libvirtd.conf
+--- libvirt-5.2.0.orig/src/remote/libvirtd.conf
++++ libvirt-5.2.0/src/remote/libvirtd.conf
 @@ -18,8 +18,8 @@
  # It is necessary to setup a CA and issue server certificates before
  # using this capability.
@@ -18,10 +18,10 @@ Index: libvirt-5.1.0/src/remote/libvirtd.conf
  
  # Listen for unencrypted TCP connections on the public TCP/IP port.
  # NB, must pass the --listen flag to the libvirtd process for this to
-Index: libvirt-5.1.0/src/remote/remote_daemon_config.c
+Index: libvirt-5.2.0/src/remote/remote_daemon_config.c
 ===================================================================
---- libvirt-5.1.0.orig/src/remote/remote_daemon_config.c
-+++ libvirt-5.1.0/src/remote/remote_daemon_config.c
+--- libvirt-5.2.0.orig/src/remote/remote_daemon_config.c
++++ libvirt-5.2.0/src/remote/remote_daemon_config.c
 @@ -108,7 +108,7 @@ daemonConfigNew(bool privileged ATTRIBUT
      if (VIR_ALLOC(data) < 0)
          return NULL;
@@ -31,10 +31,10 @@ Index: libvirt-5.1.0/src/remote/remote_daemon_config.c
      data->listen_tcp = 0;
  
      if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 ||
-Index: libvirt-5.1.0/src/remote/test_libvirtd.aug.in
+Index: libvirt-5.2.0/src/remote/test_libvirtd.aug.in
 ===================================================================
---- libvirt-5.1.0.orig/src/remote/test_libvirtd.aug.in
-+++ libvirt-5.1.0/src/remote/test_libvirtd.aug.in
+--- libvirt-5.2.0.orig/src/remote/test_libvirtd.aug.in
++++ libvirt-5.2.0/src/remote/test_libvirtd.aug.in
 @@ -2,7 +2,7 @@ module Test_libvirtd =
     ::CONFIG::
  

suse-libvirtd-service-xen.patch

@@ -7,10 +7,10 @@ On SUSE distros, we promote libvirt and all the libvirt-based
 tools. If a user installs libvirt on their SUSE Xen host, then
 libvirt should be king and override xendomains. See bsc#1015348
 
-Index: libvirt-5.1.0/src/remote/libvirtd.service.in
+Index: libvirt-5.2.0/src/remote/libvirtd.service.in
 ===================================================================
---- libvirt-5.1.0.orig/src/remote/libvirtd.service.in
-+++ libvirt-5.1.0/src/remote/libvirtd.service.in
+--- libvirt-5.2.0.orig/src/remote/libvirtd.service.in
++++ libvirt-5.2.0/src/remote/libvirtd.service.in
 @@ -17,6 +17,8 @@ After=local-fs.target
  After=remote-fs.target
  After=systemd-logind.service

suse-libvirtd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust libvirtd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.1.0/src/remote/libvirtd.sysconf
+Index: libvirt-5.2.0/src/remote/libvirtd.sysconf
 ===================================================================
---- libvirt-5.1.0.orig/src/remote/libvirtd.sysconf
-+++ libvirt-5.1.0/src/remote/libvirtd.sysconf
+--- libvirt-5.2.0.orig/src/remote/libvirtd.sysconf
++++ libvirt-5.2.0/src/remote/libvirtd.sysconf
 @@ -1,16 +1,25 @@
 +## Path: System/Virtualization/libvirt
 +

suse-libxl-disable-autoballoon.patch

@@ -6,10 +6,10 @@ autoballooning. This patch changes libvirt to also disable autoballooning
 by default. It can only be enabled with the 'autoballoon' setting in
 libxl.conf. See jsc#SLE-3059 for more details.
 
-Index: libvirt-5.1.0/src/libxl/libxl.conf
+Index: libvirt-5.2.0/src/libxl/libxl.conf
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl.conf
-+++ libvirt-5.1.0/src/libxl/libxl.conf
+--- libvirt-5.2.0.orig/src/libxl/libxl.conf
++++ libvirt-5.2.0/src/libxl/libxl.conf
 @@ -4,12 +4,11 @@
  
  # Enable autoballooning of domain0
@@ -27,10 +27,10 @@ Index: libvirt-5.1.0/src/libxl/libxl.conf
  
  
  # In order to prevent accidentally starting two domains that
-Index: libvirt-5.1.0/src/libxl/libxl_conf.c
+Index: libvirt-5.2.0/src/libxl/libxl_conf.c
 ===================================================================
---- libvirt-5.1.0.orig/src/libxl/libxl_conf.c
-+++ libvirt-5.1.0/src/libxl/libxl_conf.c
+--- libvirt-5.2.0.orig/src/libxl/libxl_conf.c
++++ libvirt-5.2.0/src/libxl/libxl_conf.c
 @@ -22,7 +22,6 @@
  
  #include <config.h>
@@ -39,7 +39,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
  #include <libxl.h>
  #include <sys/types.h>
  #include <sys/socket.h>
-@@ -1760,14 +1759,12 @@ libxlMakeBuildInfoVfb(virPortAllocatorRa
+@@ -1762,14 +1761,12 @@ libxlMakeBuildInfoVfb(virPortAllocatorRa
  /*
   * Get domain0 autoballoon configuration.  Honor user-specified
   * setting in libxl.conf first.  If not specified, autoballooning
@@ -55,7 +55,7 @@ Index: libvirt-5.1.0/src/libxl/libxl_conf.c
      int res;
  
      res = virConfGetValueBool(conf, "autoballoon", &cfg->autoballoon);
-@@ -1776,21 +1773,8 @@ libxlGetAutoballoonConf(libxlDriverConfi
+@@ -1778,21 +1775,8 @@ libxlGetAutoballoonConf(libxlDriverConfi
      else if (res == 1)
          return 0;
  

suse-ovmf-paths.patch

@@ -1,9 +1,9 @@
 Adjust paths of OVMF firmwares on SUSE distros
 
-Index: libvirt-5.1.0/src/qemu/qemu.conf
+Index: libvirt-5.2.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu.conf
-+++ libvirt-5.1.0/src/qemu/qemu.conf
+--- libvirt-5.2.0.orig/src/qemu/qemu.conf
++++ libvirt-5.2.0/src/qemu/qemu.conf
 @@ -773,10 +773,9 @@ security_default_confined = 0
  # for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
  # follows this scheme.
@@ -18,10 +18,10 @@ Index: libvirt-5.1.0/src/qemu/qemu.conf
  #]
  
  # The backend to use for handling stdout/stderr output from
-Index: libvirt-5.1.0/src/qemu/qemu_conf.c
+Index: libvirt-5.2.0/src/qemu/qemu_conf.c
 ===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu_conf.c
-+++ libvirt-5.1.0/src/qemu/qemu_conf.c
+--- libvirt-5.2.0.orig/src/qemu/qemu_conf.c
++++ libvirt-5.2.0/src/qemu/qemu_conf.c
 @@ -116,10 +116,9 @@ void qemuDomainCmdlineDefFree(qemuDomain
  
  #ifndef DEFAULT_LOADER_NVRAM
@@ -36,10 +36,10 @@ Index: libvirt-5.1.0/src/qemu/qemu_conf.c
  #endif
  
  
-Index: libvirt-5.1.0/src/security/virt-aa-helper.c
+Index: libvirt-5.2.0/src/security/virt-aa-helper.c
 ===================================================================
---- libvirt-5.1.0.orig/src/security/virt-aa-helper.c
-+++ libvirt-5.1.0/src/security/virt-aa-helper.c
+--- libvirt-5.2.0.orig/src/security/virt-aa-helper.c
++++ libvirt-5.2.0/src/security/virt-aa-helper.c
 @@ -506,7 +506,8 @@ valid_path(const char *path, const bool
          "/usr/share/ovmf/",              /* for OVMF images */
          "/usr/share/AAVMF/",             /* for AAVMF images */

suse-qemu-conf.patch

@@ -7,10 +7,10 @@ suse-qemu-conf-secdriver.patch, suse-qemu-conf-lockmgr.patch,
 etc.), but for now they are all lumped together in this
 single patch.
 
-Index: libvirt-5.1.0/src/qemu/qemu.conf
+Index: libvirt-5.2.0/src/qemu/qemu.conf
 ===================================================================
---- libvirt-5.1.0.orig/src/qemu/qemu.conf
-+++ libvirt-5.1.0/src/qemu/qemu.conf
+--- libvirt-5.2.0.orig/src/qemu/qemu.conf
++++ libvirt-5.2.0/src/qemu/qemu.conf
 @@ -420,11 +420,20 @@
  # isolation, but it cannot appear in a list of drivers.
  #

suse-virtlockd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust virtlockd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.1.0/src/locking/virtlockd.sysconf
+Index: libvirt-5.2.0/src/locking/virtlockd.sysconf
 ===================================================================
---- libvirt-5.1.0.orig/src/locking/virtlockd.sysconf
-+++ libvirt-5.1.0/src/locking/virtlockd.sysconf
+--- libvirt-5.2.0.orig/src/locking/virtlockd.sysconf
++++ libvirt-5.2.0/src/locking/virtlockd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlockd
 +

suse-virtlogd-sysconfig-settings.patch

@@ -1,9 +1,9 @@
 Adjust virtlogd sysconfig file to conform to SUSE standards
 
-Index: libvirt-5.1.0/src/logging/virtlogd.sysconf
+Index: libvirt-5.2.0/src/logging/virtlogd.sysconf
 ===================================================================
---- libvirt-5.1.0.orig/src/logging/virtlogd.sysconf
-+++ libvirt-5.1.0/src/logging/virtlogd.sysconf
+--- libvirt-5.2.0.orig/src/logging/virtlogd.sysconf
++++ libvirt-5.2.0/src/logging/virtlogd.sysconf
 @@ -1,3 +1,7 @@
 +## Path: System/Virtualization/virtlogd
 +

xen-pv-cdrom.patch

@@ -1,7 +1,7 @@
-Index: libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.1.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.2.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 @@ -383,7 +383,7 @@ xenParseSxprVifRate(const char *rate, un
  static int
  xenParseSxprDisks(virDomainDefPtr def,

xen-sxpr-disk-type.patch

@@ -6,10 +6,10 @@ and 'file'. This was implicitly done prior to commit 9673418c.
 
 https://bugzilla.suse.com/show_bug.cgi?id=938228
 
-Index: libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+Index: libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 ===================================================================
---- libvirt-5.1.0.orig/src/xenconfig/xen_sxpr.c
-+++ libvirt-5.1.0/src/xenconfig/xen_sxpr.c
+--- libvirt-5.2.0.orig/src/xenconfig/xen_sxpr.c
++++ libvirt-5.2.0/src/xenconfig/xen_sxpr.c
 @@ -497,10 +497,11 @@ xenParseSxprDisks(virDomainDefPtr def,
                         omnipotent, we can revisit this, perhaps stat()'ing
                         the src file in question */