diff --git a/apparmor-no-mount.patch b/apparmor-no-mount.patch new file mode 100644 index 0000000..670ed19 --- /dev/null +++ b/apparmor-no-mount.patch @@ -0,0 +1,46 @@ +Index: libvirt-1.2.8/examples/apparmor/libvirt-lxc +=================================================================== +--- libvirt-1.2.8.orig/examples/apparmor/libvirt-lxc ++++ libvirt-1.2.8/examples/apparmor/libvirt-lxc +@@ -2,39 +2,15 @@ + + #include + +- umount, +- +- # ignore DENIED message on / remount +- deny mount options=(ro, remount) -> /, +- +- # allow tmpfs mounts everywhere +- mount fstype=tmpfs, +- +- # allow mqueue mounts everywhere +- mount fstype=mqueue, +- +- # allow fuse mounts everywhere +- mount fstype=fuse.*, +- +- # deny writes in /proc/sys/fs but allow binfmt_misc to be mounted +- mount fstype=binfmt_misc -> /proc/sys/fs/binfmt_misc/, ++ # deny writes in /proc/sys/fs + deny @{PROC}/sys/fs/** wklx, + +- # allow efivars to be mounted, writing to it will be blocked though +- mount fstype=efivarfs -> /sys/firmware/efi/efivars/, +- + # block some other dangerous paths + deny @{PROC}/sysrq-trigger rwklx, + deny @{PROC}/mem rwklx, + deny @{PROC}/kmem rwklx, + +- # deny writes in /sys except for /sys/fs/cgroup, also allow +- # fusectl, securityfs and debugfs to be mounted there (read-only) +- mount fstype=fusectl -> /sys/fs/fuse/connections/, +- mount fstype=securityfs -> /sys/kernel/security/, +- mount fstype=debugfs -> /sys/kernel/debug/, +- mount fstype=proc -> /proc/, +- mount fstype=sysfs -> /sys/, ++ # deny writes in /sys + deny /sys/firmware/efi/efivars/** rwklx, + deny /sys/kernel/security/** rwklx, + diff --git a/blockcopy-check-dst-identical-device.patch b/blockcopy-check-dst-identical-device.patch index 7cdcca4..f392683 100644 --- a/blockcopy-check-dst-identical-device.patch +++ b/blockcopy-check-dst-identical-device.patch @@ -11,11 +11,11 @@ Signed-off-by: Chunyan Liu src/qemu/qemu_driver.c | 7 +++++++ 1 file changed, 7 insertions(+) -Index: libvirt-1.2.7/src/qemu/qemu_driver.c +Index: libvirt-1.2.8/src/qemu/qemu_driver.c =================================================================== ---- libvirt-1.2.7.orig/src/qemu/qemu_driver.c -+++ libvirt-1.2.7/src/qemu/qemu_driver.c -@@ -15330,6 +15330,13 @@ qemuDomainBlockCopy(virDomainObjPtr vm, +--- libvirt-1.2.8.orig/src/qemu/qemu_driver.c ++++ libvirt-1.2.8/src/qemu/qemu_driver.c +@@ -15357,6 +15357,13 @@ qemuDomainBlockCopy(virDomainObjPtr vm, } /* Prepare the destination file. */ diff --git a/disable-virCgroupGetPercpuStats-test.patch b/disable-virCgroupGetPercpuStats-test.patch index 65ff2c3..fb42f9e 100644 --- a/disable-virCgroupGetPercpuStats-test.patch +++ b/disable-virCgroupGetPercpuStats-test.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/tests/vircgrouptest.c +Index: libvirt-1.2.8/tests/vircgrouptest.c =================================================================== ---- libvirt-1.2.7.orig/tests/vircgrouptest.c -+++ libvirt-1.2.7/tests/vircgrouptest.c +--- libvirt-1.2.8.orig/tests/vircgrouptest.c ++++ libvirt-1.2.8/tests/vircgrouptest.c @@ -33,7 +33,6 @@ # include "virlog.h" # include "virfile.h" diff --git a/fix-pci-attach-xen-driver.patch b/fix-pci-attach-xen-driver.patch index 4ebcdc4..12751f2 100644 --- a/fix-pci-attach-xen-driver.patch +++ b/fix-pci-attach-xen-driver.patch @@ -8,10 +8,10 @@ uses the 'device_configure' RPC. This patch changes the xend driver to always call 'device_configure' for PCI devices to be consistent with the usage in the xen tools. -Index: libvirt-1.2.7/src/xen/xend_internal.c +Index: libvirt-1.2.8/src/xen/xend_internal.c =================================================================== ---- libvirt-1.2.7.orig/src/xen/xend_internal.c -+++ libvirt-1.2.7/src/xen/xend_internal.c +--- libvirt-1.2.8.orig/src/xen/xend_internal.c ++++ libvirt-1.2.8/src/xen/xend_internal.c @@ -2221,6 +2221,7 @@ xenDaemonAttachDeviceFlags(virConnectPtr virBuffer buf = VIR_BUFFER_INITIALIZER; char class[8], ref[80]; diff --git a/install-apparmor-profiles.patch b/install-apparmor-profiles.patch index 469653b..292ca95 100644 --- a/install-apparmor-profiles.patch +++ b/install-apparmor-profiles.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/examples/apparmor/Makefile.am +Index: libvirt-1.2.8/examples/apparmor/Makefile.am =================================================================== ---- libvirt-1.2.7.orig/examples/apparmor/Makefile.am -+++ libvirt-1.2.7/examples/apparmor/Makefile.am +--- libvirt-1.2.8.orig/examples/apparmor/Makefile.am ++++ libvirt-1.2.8/examples/apparmor/Makefile.am @@ -19,10 +19,22 @@ EXTRA_DIST= \ TEMPLATE.lxc \ libvirt-qemu \ @@ -27,10 +27,10 @@ Index: libvirt-1.2.7/examples/apparmor/Makefile.am apparmordir = $(sysconfdir)/apparmor.d/ apparmor_DATA = \ usr.lib.libvirt.virt-aa-helper \ -Index: libvirt-1.2.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in +Index: libvirt-1.2.8/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in =================================================================== --- /dev/null -+++ libvirt-1.2.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in ++++ libvirt-1.2.8/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in @@ -0,0 +1,48 @@ +# Last Modified: Mon Apr 5 15:10:27 2010 +#include @@ -80,11 +80,11 @@ Index: libvirt-1.2.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in + /**.[iI][sS][oO] r, + /**/disk{,.*} r, +} -Index: libvirt-1.2.7/examples/apparmor/usr.sbin.libvirtd.in +Index: libvirt-1.2.8/examples/apparmor/usr.sbin.libvirtd.in =================================================================== --- /dev/null -+++ libvirt-1.2.7/examples/apparmor/usr.sbin.libvirtd.in -@@ -0,0 +1,67 @@ ++++ libvirt-1.2.8/examples/apparmor/usr.sbin.libvirtd.in +@@ -0,0 +1,68 @@ +# Last Modified: Mon Apr 5 15:03:58 2010 +#include +@{LIBVIRT}="libvirt" @@ -120,6 +120,7 @@ Index: libvirt-1.2.7/examples/apparmor/usr.sbin.libvirtd.in + network inet6 stream, + network inet6 dgram, + network packet dgram, ++ network packet raw, + + # Very lenient profile for libvirtd since we want to first focus on confining + # the guests. Guests will have a very restricted profile. @@ -152,9 +153,9 @@ Index: libvirt-1.2.7/examples/apparmor/usr.sbin.libvirtd.in + change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, + +} -Index: libvirt-1.2.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper +Index: libvirt-1.2.8/examples/apparmor/usr.lib.libvirt.virt-aa-helper =================================================================== ---- libvirt-1.2.7.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +--- libvirt-1.2.8.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ /dev/null @@ -1,48 +0,0 @@ -# Last Modified: Mon Apr 5 15:10:27 2010 @@ -205,9 +206,9 @@ Index: libvirt-1.2.7/examples/apparmor/usr.lib.libvirt.virt-aa-helper - /**.[iI][sS][oO] r, - /**/disk{,.*} r, -} -Index: libvirt-1.2.7/examples/apparmor/usr.sbin.libvirtd +Index: libvirt-1.2.8/examples/apparmor/usr.sbin.libvirtd =================================================================== ---- libvirt-1.2.7.orig/examples/apparmor/usr.sbin.libvirtd +--- libvirt-1.2.8.orig/examples/apparmor/usr.sbin.libvirtd +++ /dev/null @@ -1,63 +0,0 @@ -# Last Modified: Mon Apr 5 15:03:58 2010 diff --git a/libvirt-1.2.7.tar.bz2 b/libvirt-1.2.7.tar.bz2 deleted file mode 100644 index f21d884..0000000 --- a/libvirt-1.2.7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:89e36179a2e235ad4eed1b07829875c15c73b68a3132f19ba9ca64355fdaceef -size 21382962 diff --git a/libvirt-1.2.8.tar.bz2 b/libvirt-1.2.8.tar.bz2 new file mode 100644 index 0000000..831fe2a --- /dev/null +++ b/libvirt-1.2.8.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3adc681cf4477a0f4ee4ff3e5ce08c0d50c17d63dd0a460587e90db482fcc05b +size 21498750 diff --git a/libvirt-guests-init-script.patch b/libvirt-guests-init-script.patch index 6a42f4f..7190140 100644 --- a/libvirt-guests-init-script.patch +++ b/libvirt-guests-init-script.patch @@ -1,9 +1,9 @@ Adjust libvirt-guests init files to conform to SUSE standards -Index: libvirt-1.2.7/tools/libvirt-guests.init.in +Index: libvirt-1.2.8/tools/libvirt-guests.init.in =================================================================== ---- libvirt-1.2.7.orig/tools/libvirt-guests.init.in -+++ libvirt-1.2.7/tools/libvirt-guests.init.in +--- libvirt-1.2.8.orig/tools/libvirt-guests.init.in ++++ libvirt-1.2.8/tools/libvirt-guests.init.in @@ -3,15 +3,15 @@ # the following is the LSB init header # @@ -28,10 +28,10 @@ Index: libvirt-1.2.7/tools/libvirt-guests.init.in ### END INIT INFO # the following is chkconfig init header -Index: libvirt-1.2.7/tools/libvirt-guests.sh.in +Index: libvirt-1.2.8/tools/libvirt-guests.sh.in =================================================================== ---- libvirt-1.2.7.orig/tools/libvirt-guests.sh.in -+++ libvirt-1.2.7/tools/libvirt-guests.sh.in +--- libvirt-1.2.8.orig/tools/libvirt-guests.sh.in ++++ libvirt-1.2.8/tools/libvirt-guests.sh.in @@ -16,14 +16,13 @@ # License along with this library. If not, see # . @@ -189,10 +189,10 @@ Index: libvirt-1.2.7/tools/libvirt-guests.sh.in esac -exit $RETVAL +rc_exit -Index: libvirt-1.2.7/tools/libvirt-guests.sysconf +Index: libvirt-1.2.8/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-1.2.7.orig/tools/libvirt-guests.sysconf -+++ libvirt-1.2.7/tools/libvirt-guests.sysconf +--- libvirt-1.2.8.orig/tools/libvirt-guests.sysconf ++++ libvirt-1.2.8/tools/libvirt-guests.sysconf @@ -1,19 +1,29 @@ +## Path: System/Virtualization/libvirt-guests + diff --git a/libvirt-power8-models.patch b/libvirt-power8-models.patch index 893e420..26ecf3c 100644 --- a/libvirt-power8-models.patch +++ b/libvirt-power8-models.patch @@ -1,6 +1,8 @@ ---- a/src/cpu/cpu_map.xml 2014/08/19 16:05:34 1.1 -+++ b/src/cpu/cpu_map.xml 2014/08/19 16:06:53 -@@ -614,5 +614,15 @@ +Index: libvirt-1.2.8/src/cpu/cpu_map.xml +=================================================================== +--- libvirt-1.2.8.orig/src/cpu/cpu_map.xml ++++ libvirt-1.2.8/src/cpu/cpu_map.xml +@@ -627,5 +627,15 @@ diff --git a/libvirt-ppc64le-support.patch b/libvirt-ppc64le-support.patch index d9d7ac0..3662d5d 100644 --- a/libvirt-ppc64le-support.patch +++ b/libvirt-ppc64le-support.patch @@ -1,6 +1,8 @@ ---- a/src/conf/domain_conf.c -+++ b/src/conf/domain_conf.c -@@ -9515,7 +9515,8 @@ +Index: libvirt-1.2.8/src/conf/domain_conf.c +=================================================================== +--- libvirt-1.2.8.orig/src/conf/domain_conf.c ++++ libvirt-1.2.8/src/conf/domain_conf.c +@@ -9690,7 +9690,8 @@ virDomainVideoDefaultType(const virDomai (STREQ(def->os.type, "xen") || STREQ(def->os.type, "linux"))) return VIR_DOMAIN_VIDEO_TYPE_XEN; @@ -10,8 +12,10 @@ return VIR_DOMAIN_VIDEO_TYPE_VGA; else return VIR_DOMAIN_VIDEO_TYPE_CIRRUS; ---- a/src/cpu/cpu_powerpc.c -+++ b/src/cpu/cpu_powerpc.c +Index: libvirt-1.2.8/src/cpu/cpu_powerpc.c +=================================================================== +--- libvirt-1.2.8.orig/src/cpu/cpu_powerpc.c ++++ libvirt-1.2.8/src/cpu/cpu_powerpc.c @@ -38,7 +38,7 @@ VIR_LOG_INIT("cpu.cpu_powerpc"); @@ -21,9 +25,11 @@ struct ppc_vendor { char *name; ---- a/src/qemu/qemu_capabilities.c -+++ b/src/qemu/qemu_capabilities.c -@@ -624,7 +624,8 @@ +Index: libvirt-1.2.8/src/qemu/qemu_capabilities.c +=================================================================== +--- libvirt-1.2.8.orig/src/qemu/qemu_capabilities.c ++++ libvirt-1.2.8/src/qemu/qemu_capabilities.c +@@ -631,7 +631,8 @@ virQEMUCapsProbeCPUModels(virQEMUCapsPtr if (qemuCaps->arch == VIR_ARCH_I686 || qemuCaps->arch == VIR_ARCH_X86_64) parse = virQEMUCapsParseX86Models; @@ -33,7 +39,7 @@ parse = virQEMUCapsParsePPCModels; else { VIR_DEBUG("don't know how to parse %s CPU models", -@@ -1984,7 +1985,8 @@ +@@ -1996,7 +1997,8 @@ bool virQEMUCapsHasPCIMultiBus(virQEMUCa return true; if (def->os.arch == VIR_ARCH_PPC || @@ -43,7 +49,7 @@ /* * Usage of pci.0 naming: * -@@ -3551,7 +3553,9 @@ +@@ -3567,7 +3569,9 @@ virQEMUCapsSupportsChardev(virDomainDefP !virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) return false; @@ -54,9 +60,11 @@ /* only pseries need -device spapr-vty with -chardev */ return (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL && chr->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO); ---- a/src/qemu/qemu_command.c -+++ b/src/qemu/qemu_command.c -@@ -722,7 +722,8 @@ +Index: libvirt-1.2.8/src/qemu/qemu_command.c +=================================================================== +--- libvirt-1.2.8.orig/src/qemu/qemu_command.c ++++ libvirt-1.2.8/src/qemu/qemu_command.c +@@ -703,7 +703,8 @@ qemuSetSCSIControllerModel(virDomainDefP return -1; } } else { @@ -66,7 +74,7 @@ STREQ(def->os.machine, "pseries")) { *model = VIR_DOMAIN_CONTROLLER_MODEL_SCSI_IBMVSCSI; } else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SCSI_LSI)) { -@@ -1269,7 +1270,8 @@ +@@ -1250,7 +1251,8 @@ int qemuDomainAssignSpaprVIOAddresses(vi for (i = 0; i < def->nserials; i++) { if (def->serials[i]->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL && @@ -76,7 +84,7 @@ STREQ(def->os.machine, "pseries")) def->serials[i]->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO; if (qemuAssignSpaprVIOAddress(def, &def->serials[i]->info, -@@ -1278,7 +1280,8 @@ +@@ -1259,7 +1261,8 @@ int qemuDomainAssignSpaprVIOAddresses(vi } if (def->nvram) { @@ -86,7 +94,7 @@ STREQ(def->os.machine, "pseries")) def->nvram->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO; if (qemuAssignSpaprVIOAddress(def, &def->nvram->info, -@@ -4097,7 +4100,8 @@ +@@ -4147,7 +4150,8 @@ qemuBuildUSBControllerDevStr(virDomainDe model = def->model; if (model == -1) { @@ -96,7 +104,7 @@ model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PCI_OHCI; else model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PIIX3_UHCI; -@@ -8066,7 +8070,8 @@ +@@ -8176,7 +8180,8 @@ qemuBuildCommandLine(virConnectPtr conn, !qemuDomainMachineIsQ35(def) && (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_PIIX3_USB_UHCI) || (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_PCI_OHCI) && @@ -106,7 +114,7 @@ if (usblegacy) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Multiple legacy USB controllers are " -@@ -9256,7 +9261,8 @@ +@@ -9366,7 +9371,8 @@ qemuBuildCommandLine(virConnectPtr conn, } if (def->nvram) { @@ -116,7 +124,7 @@ STREQ(def->os.machine, "pseries")) { if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_NVRAM)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", -@@ -9368,7 +9374,8 @@ +@@ -9478,7 +9484,8 @@ qemuBuildSerialChrDeviceStr(char **devic { virBuffer cmd = VIR_BUFFER_INITIALIZER; @@ -126,7 +134,7 @@ if (serial->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL && serial->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO) { virBufferAsprintf(&cmd, "spapr-vty,chardev=char%s", -@@ -9791,7 +9798,8 @@ +@@ -9900,7 +9907,8 @@ qemuParseCommandLineDisk(virDomainXMLOpt if (VIR_ALLOC(def->src) < 0) goto error; @@ -136,7 +144,7 @@ dom->os.machine && STREQ(dom->os.machine, "pseries"))) def->bus = VIR_DOMAIN_DISK_BUS_SCSI; else -@@ -9883,7 +9891,8 @@ +@@ -9992,7 +10000,8 @@ qemuParseCommandLineDisk(virDomainXMLOpt } else if (STREQ(keywords[i], "if")) { if (STREQ(values[i], "ide")) { def->bus = VIR_DOMAIN_DISK_BUS_IDE; @@ -146,7 +154,7 @@ dom->os.machine && STREQ(dom->os.machine, "pseries"))) { virReportError(VIR_ERR_INTERNAL_ERROR, _("pseries systems do not support ide devices '%s'"), val); -@@ -11121,7 +11130,8 @@ +@@ -11233,7 +11242,8 @@ qemuParseCommandLine(virCapsPtr qemuCaps disk->src->type = VIR_STORAGE_TYPE_FILE; if (STREQ(arg, "-cdrom")) { disk->device = VIR_DOMAIN_DISK_DEVICE_CDROM; @@ -156,7 +164,7 @@ def->os.machine && STREQ(def->os.machine, "pseries"))) disk->bus = VIR_DOMAIN_DISK_BUS_SCSI; if (VIR_STRDUP(disk->dst, "hdc") < 0) -@@ -11137,7 +11147,8 @@ +@@ -11249,7 +11259,8 @@ qemuParseCommandLine(virCapsPtr qemuCaps disk->bus = VIR_DOMAIN_DISK_BUS_IDE; else disk->bus = VIR_DOMAIN_DISK_BUS_SCSI; @@ -166,9 +174,11 @@ def->os.machine && STREQ(def->os.machine, "pseries"))) disk->bus = VIR_DOMAIN_DISK_BUS_SCSI; } ---- a/src/qemu/qemu_domain.c -+++ b/src/qemu/qemu_domain.c -@@ -754,6 +754,7 @@ +Index: libvirt-1.2.8/src/qemu/qemu_domain.c +=================================================================== +--- libvirt-1.2.8.orig/src/qemu/qemu_domain.c ++++ libvirt-1.2.8/src/qemu/qemu_domain.c +@@ -754,6 +754,7 @@ qemuDomainDefPostParse(virDomainDefPtr d break; case VIR_ARCH_PPC64: diff --git a/libvirt-suse-netcontrol.patch b/libvirt-suse-netcontrol.patch index 2446b09..742eddb 100644 --- a/libvirt-suse-netcontrol.patch +++ b/libvirt-suse-netcontrol.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/configure.ac +Index: libvirt-1.2.8/configure.ac =================================================================== ---- libvirt-1.2.7.orig/configure.ac -+++ libvirt-1.2.7/configure.ac +--- libvirt-1.2.8.orig/configure.ac ++++ libvirt-1.2.8/configure.ac @@ -237,6 +237,7 @@ LIBVIRT_CHECK_FUSE LIBVIRT_CHECK_GLUSTER LIBVIRT_CHECK_HAL @@ -10,7 +10,7 @@ Index: libvirt-1.2.7/configure.ac LIBVIRT_CHECK_NUMACTL LIBVIRT_CHECK_OPENWSMAN LIBVIRT_CHECK_PCIACCESS -@@ -2409,11 +2410,12 @@ if test "$with_libvirtd" = "no" ; then +@@ -2454,11 +2455,12 @@ if test "$with_libvirtd" = "no" ; then with_interface=no fi @@ -26,7 +26,7 @@ Index: libvirt-1.2.7/configure.ac esac if test "$with_interface" = "yes" ; then -@@ -2834,6 +2836,7 @@ LIBVIRT_RESULT_FUSE +@@ -2880,6 +2882,7 @@ LIBVIRT_RESULT_FUSE LIBVIRT_RESULT_GLUSTER LIBVIRT_RESULT_HAL LIBVIRT_RESULT_NETCF @@ -34,11 +34,11 @@ Index: libvirt-1.2.7/configure.ac LIBVIRT_RESULT_NUMACTL LIBVIRT_RESULT_OPENWSMAN LIBVIRT_RESULT_PCIACCESS -Index: libvirt-1.2.7/src/Makefile.am +Index: libvirt-1.2.8/src/Makefile.am =================================================================== ---- libvirt-1.2.7.orig/src/Makefile.am -+++ libvirt-1.2.7/src/Makefile.am -@@ -820,6 +820,10 @@ if WITH_NETCF +--- libvirt-1.2.8.orig/src/Makefile.am ++++ libvirt-1.2.8/src/Makefile.am +@@ -823,6 +823,10 @@ if WITH_NETCF INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_netcf.c endif WITH_NETCF @@ -49,7 +49,7 @@ Index: libvirt-1.2.7/src/Makefile.am if WITH_UDEV INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_udev.c -@@ -1416,10 +1420,15 @@ if WITH_NETCF +@@ -1458,10 +1462,15 @@ if WITH_NETCF libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS) libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS) else ! WITH_NETCF @@ -65,10 +65,10 @@ Index: libvirt-1.2.7/src/Makefile.am endif ! WITH_NETCF if WITH_DRIVER_MODULES libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la -Index: libvirt-1.2.7/tools/virsh.c +Index: libvirt-1.2.8/tools/virsh.c =================================================================== ---- libvirt-1.2.7.orig/tools/virsh.c -+++ libvirt-1.2.7/tools/virsh.c +--- libvirt-1.2.8.orig/tools/virsh.c ++++ libvirt-1.2.8/tools/virsh.c @@ -3320,6 +3320,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE vshPrint(ctl, " Interface"); # if defined(WITH_NETCF) @@ -78,10 +78,10 @@ Index: libvirt-1.2.7/tools/virsh.c # elif defined(WITH_UDEV) vshPrint(ctl, " udev"); # endif -Index: libvirt-1.2.7/src/interface/interface_backend_netcf.c +Index: libvirt-1.2.8/src/interface/interface_backend_netcf.c =================================================================== ---- libvirt-1.2.7.orig/src/interface/interface_backend_netcf.c -+++ libvirt-1.2.7/src/interface/interface_backend_netcf.c +--- libvirt-1.2.8.orig/src/interface/interface_backend_netcf.c ++++ libvirt-1.2.8/src/interface/interface_backend_netcf.c @@ -23,7 +23,12 @@ #include @@ -165,10 +165,10 @@ Index: libvirt-1.2.7/src/interface/interface_backend_netcf.c return 0; } -Index: libvirt-1.2.7/src/interface/interface_driver.c +Index: libvirt-1.2.8/src/interface/interface_driver.c =================================================================== ---- libvirt-1.2.7.orig/src/interface/interface_driver.c -+++ libvirt-1.2.7/src/interface/interface_driver.c +--- libvirt-1.2.8.orig/src/interface/interface_driver.c ++++ libvirt-1.2.8/src/interface/interface_driver.c @@ -30,8 +30,15 @@ interfaceRegister(void) if (netcfIfaceRegister() == 0) return 0; @@ -186,10 +186,10 @@ Index: libvirt-1.2.7/src/interface/interface_driver.c if (udevIfaceRegister() == 0) return 0; #endif /* WITH_UDEV */ -Index: libvirt-1.2.7/m4/virt-netcontrol.m4 +Index: libvirt-1.2.8/m4/virt-netcontrol.m4 =================================================================== --- /dev/null -+++ libvirt-1.2.7/m4/virt-netcontrol.m4 ++++ libvirt-1.2.8/m4/virt-netcontrol.m4 @@ -0,0 +1,35 @@ +dnl The libnetcontrol library +dnl diff --git a/libvirt.changes b/libvirt.changes index 876677c..38e329e 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Tue Sep 2 09:17:06 MDT 2014 - jfehlig@suse.com + +- Update to libvirt 1.2.8 + - virDomainBlockCopy with XML destination, typed params + - Introduce API for retrieving bulk domain stats + - Introduce virDomainOpenGraphicsFD API + - Many incremental improvements and bug fixes, see + http://libvirt.org/news.html + +------------------------------------------------------------------- +Mon Sep 1 14:48:26 UTC 2014 - cbosdonnat@suse.com + +- bnc#893999: remove mount rules from libvirt-lxc apparmor + abstraction file as those aren't handled by our kernel. + apparmor-no-mount.patch + +------------------------------------------------------------------- +Fri Aug 29 16:12:28 UTC 2014 - mlatimer@suse.com + +- bnc#894232 - Update apparmor profile to allow raw packets + install-apparmor-profiles.patch + ------------------------------------------------------------------- Thu Aug 21 01:29:21 CEST 2014 - ro@suse.de diff --git a/libvirt.spec b/libvirt.spec index 08d011f..fd510a5 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -235,7 +235,7 @@ Name: libvirt Url: http://libvirt.org/ -Version: 1.2.7 +Version: 1.2.8 Release: 0 Summary: Library providing a simple virtualization API License: LGPL-2.1+ @@ -307,6 +307,7 @@ BuildRequires: libtasn1-devel BuildRequires: libxml2-devel BuildRequires: libxslt BuildRequires: ncurses-devel +BuildRequires: perl BuildRequires: python BuildRequires: python-xml BuildRequires: readline-devel @@ -447,6 +448,7 @@ Patch207: systemd-service-xen.patch Patch208: disable-virCgroupGetPercpuStats-test.patch %if %{with_apparmor} Patch250: install-apparmor-profiles.patch +Patch251: apparmor-no-mount.patch %endif %if %{with_netcontrol} Patch300: libvirt-suse-netcontrol.patch @@ -961,6 +963,7 @@ namespaces. %patch208 -p1 %if %{with_apparmor} %patch250 -p1 +%patch251 -p1 %endif %if %{with_netcontrol} %patch300 -p1 @@ -1356,7 +1359,7 @@ fi %post daemon /sbin/ldconfig %if %{with_systemd} -%service_add_post libvirtd.service +%service_add_post libvirtd.service libvirtd.socket %service_add_post virtlockd.service virtlockd.socket %endif %{fillup_only -n libvirtd} @@ -1364,7 +1367,7 @@ fi %preun daemon %if %{with_systemd} -%service_del_preun libvirtd.service +%service_del_preun libvirtd.service libvirtd.socket %service_del_preun virtlockd.service virtlockd.socket %else %stop_on_removal libvirtd @@ -1436,6 +1439,7 @@ fi %{_localstatedir}/adm/fillup-templates/sysconfig.virtlockd %if %{with_systemd} %{_unitdir}/libvirtd.service +%{_unitdir}/libvirtd.socket %{_unitdir}/virtlockd.service %{_unitdir}/virtlockd.socket %else @@ -1684,6 +1688,8 @@ fi %files daemon-driver-vbox %defattr(-, root, root) %{_libdir}/%{name}/connection-driver/libvirt_driver_vbox.so +%{_libdir}/%{name}/connection-driver/libvirt_driver_vbox_network.so +%{_libdir}/%{name}/connection-driver/libvirt_driver_vbox_storage.so %endif %endif # with_driver_modules diff --git a/libvirtd-defaults.patch b/libvirtd-defaults.patch index 212fabe..0d57397 100644 --- a/libvirtd-defaults.patch +++ b/libvirtd-defaults.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/daemon/libvirtd.conf +Index: libvirt-1.2.8/daemon/libvirtd.conf =================================================================== ---- libvirt-1.2.7.orig/daemon/libvirtd.conf -+++ libvirt-1.2.7/daemon/libvirtd.conf +--- libvirt-1.2.8.orig/daemon/libvirtd.conf ++++ libvirt-1.2.8/daemon/libvirtd.conf @@ -18,8 +18,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. @@ -13,10 +13,10 @@ Index: libvirt-1.2.7/daemon/libvirtd.conf # Listen for unencrypted TCP connections on the public TCP/IP port. # NB, must pass the --listen flag to the libvirtd process for this to -Index: libvirt-1.2.7/daemon/libvirtd-config.c +Index: libvirt-1.2.8/daemon/libvirtd-config.c =================================================================== ---- libvirt-1.2.7.orig/daemon/libvirtd-config.c -+++ libvirt-1.2.7/daemon/libvirtd-config.c +--- libvirt-1.2.8.orig/daemon/libvirtd-config.c ++++ libvirt-1.2.8/daemon/libvirtd-config.c @@ -229,7 +229,7 @@ daemonConfigNew(bool privileged ATTRIBUT if (VIR_ALLOC(data) < 0) return NULL; @@ -26,10 +26,10 @@ Index: libvirt-1.2.7/daemon/libvirtd-config.c data->listen_tcp = 0; if (VIR_STRDUP(data->tls_port, LIBVIRTD_TLS_PORT) < 0 || -Index: libvirt-1.2.7/daemon/test_libvirtd.aug.in +Index: libvirt-1.2.8/daemon/test_libvirtd.aug.in =================================================================== ---- libvirt-1.2.7.orig/daemon/test_libvirtd.aug.in -+++ libvirt-1.2.7/daemon/test_libvirtd.aug.in +--- libvirt-1.2.8.orig/daemon/test_libvirtd.aug.in ++++ libvirt-1.2.8/daemon/test_libvirtd.aug.in @@ -2,7 +2,7 @@ module Test_libvirtd = ::CONFIG:: diff --git a/libvirtd-init-script.patch b/libvirtd-init-script.patch index 904d5c7..4d7f41e 100644 --- a/libvirtd-init-script.patch +++ b/libvirtd-init-script.patch @@ -1,9 +1,9 @@ Adjust libvirtd sysconfig file to conform to SUSE standards -Index: libvirt-1.2.7/daemon/libvirtd.sysconf +Index: libvirt-1.2.8/daemon/libvirtd.sysconf =================================================================== ---- libvirt-1.2.7.orig/daemon/libvirtd.sysconf -+++ libvirt-1.2.7/daemon/libvirtd.sysconf +--- libvirt-1.2.8.orig/daemon/libvirtd.sysconf ++++ libvirt-1.2.8/daemon/libvirtd.sysconf @@ -1,16 +1,25 @@ +## Path: System/Virtualization/libvirt + diff --git a/support-managed-pci-xen-driver.patch b/support-managed-pci-xen-driver.patch index 0103a5e..2fd5ae6 100644 --- a/support-managed-pci-xen-driver.patch +++ b/support-managed-pci-xen-driver.patch @@ -8,10 +8,68 @@ Subject: [PATCH] support managed pci devices in xen driver src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 15 deletions(-) -Index: libvirt-1.2.7/src/xenxs/xen_sxpr.c +Index: libvirt-1.2.8/src/xenconfig/xen_common.c =================================================================== ---- libvirt-1.2.7.orig/src/xenxs/xen_sxpr.c -+++ libvirt-1.2.7/src/xenxs/xen_sxpr.c +--- libvirt-1.2.8.orig/src/xenconfig/xen_common.c ++++ libvirt-1.2.8/src/xenconfig/xen_common.c +@@ -401,6 +401,8 @@ xenParsePCI(virConfPtr conf, virDomainDe + { + virConfValuePtr list = virConfGetValue(conf, "pci"); + virDomainHostdevDefPtr hostdev = NULL; ++ char *opt; ++ int managed = 0; + + if (list && list->type == VIR_CONF_LIST) { + list = list->list; +@@ -422,6 +424,11 @@ xenParsePCI(virConfPtr conf, virDomainDe + /* pci=['0000:00:1b.0','0000:00:13.0'] */ + if (!(key = list->str)) + goto skippci; ++ ++ opt = strchr(key, ','); ++ if (opt) ++ opt++; ++ + if (!(nextkey = strchr(key, ':'))) + goto skippci; + if (virStrncpy(domain, key, (nextkey - key), sizeof(domain)) == NULL) { +@@ -465,10 +472,31 @@ xenParsePCI(virConfPtr conf, virDomainDe + goto skippci; + if (virStrToLong_i(func, NULL, 16, &funcID) < 0) + goto skippci; ++ ++ if (opt) { ++ char opt_managed[2]; ++ char *data; ++ ++ opt_managed[0] = '\0'; ++ data = strchr(opt, '='); ++ data++; ++ ++ if (STRPREFIX(opt, "managed=")) { ++ if (virStrncpy(opt_managed, data, 1, sizeof(opt_managed)) == NULL) { ++ virReportError(VIR_ERR_INTERNAL_ERROR, ++ _("managed option %s too big for destination"), ++ data); ++ goto skippci; ++ } ++ } ++ if (virStrToLong_i(opt_managed, NULL, 10, &managed) < 0) ++ goto skippci; ++ } ++ + if (!(hostdev = virDomainHostdevDefAlloc())) + return -1; + +- hostdev->managed = false; ++ hostdev->managed = managed ? true : false; + hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; + hostdev->source.subsys.u.pci.addr.domain = domainID; + hostdev->source.subsys.u.pci.addr.bus = busID; +Index: libvirt-1.2.8/src/xenconfig/xen_sxpr.c +=================================================================== +--- libvirt-1.2.8.orig/src/xenconfig/xen_sxpr.c ++++ libvirt-1.2.8/src/xenconfig/xen_sxpr.c @@ -997,6 +997,7 @@ xenParseSxprPCI(virDomainDefPtr def, int busID; int slotID; @@ -78,60 +136,3 @@ Index: libvirt-1.2.7/src/xenxs/xen_sxpr.c xenFormatSxprPCI(def->hostdevs[i], buf); } } -Index: libvirt-1.2.7/src/xenxs/xen_xm.c -=================================================================== ---- libvirt-1.2.7.orig/src/xenxs/xen_xm.c -+++ libvirt-1.2.7/src/xenxs/xen_xm.c -@@ -815,6 +815,8 @@ xenParseXM(virConfPtr conf, int xendConf - int busID; - int slotID; - int funcID; -+ char *opt; -+ int managed = 0; - - domain[0] = bus[0] = slot[0] = func[0] = '\0'; - -@@ -824,6 +826,11 @@ xenParseXM(virConfPtr conf, int xendConf - /* pci=['0000:00:1b.0','0000:00:13.0'] */ - if (!(key = list->str)) - goto skippci; -+ -+ opt = strchr(key, ','); -+ if (opt) -+ opt++; -+ - if (!(nextkey = strchr(key, ':'))) - goto skippci; - -@@ -872,10 +879,30 @@ xenParseXM(virConfPtr conf, int xendConf - if (virStrToLong_i(func, NULL, 16, &funcID) < 0) - goto skippci; - -+ if (opt) { -+ char opt_managed[2]; -+ char *data; -+ -+ opt_managed[0] = '\0'; -+ data = strchr(opt, '='); -+ data++; -+ -+ if (STRPREFIX(opt, "managed=")) { -+ if (virStrncpy(opt_managed, data, 1, sizeof(opt_managed)) == NULL) { -+ virReportError(VIR_ERR_INTERNAL_ERROR, -+ _("managed option %s too big for destination"), -+ data); -+ goto skippci; -+ } -+ } -+ if (virStrToLong_i(opt_managed, NULL, 10, &managed) < 0) -+ goto skippci; -+ } -+ - if (!(hostdev = virDomainHostdevDefAlloc())) - goto cleanup; - -- hostdev->managed = false; -+ hostdev->managed = managed ? true : false; - hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; - hostdev->source.subsys.u.pci.addr.domain = domainID; - hostdev->source.subsys.u.pci.addr.bus = busID; diff --git a/suse-qemu-conf.patch b/suse-qemu-conf.patch index b14e98a..cb5ed03 100644 --- a/suse-qemu-conf.patch +++ b/suse-qemu-conf.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/src/qemu/qemu.conf +Index: libvirt-1.2.8/src/qemu/qemu.conf =================================================================== ---- libvirt-1.2.7.orig/src/qemu/qemu.conf -+++ libvirt-1.2.7/src/qemu/qemu.conf +--- libvirt-1.2.8.orig/src/qemu/qemu.conf ++++ libvirt-1.2.8/src/qemu/qemu.conf @@ -200,7 +200,16 @@ # a special value; security_driver can be set to that value in # isolation, but it cannot appear in a list of drivers. diff --git a/systemd-service-xen.patch b/systemd-service-xen.patch index c79f2a9..33aaa21 100644 --- a/systemd-service-xen.patch +++ b/systemd-service-xen.patch @@ -1,8 +1,8 @@ -Index: libvirt-1.2.7/daemon/libvirtd.service.in +Index: libvirt-1.2.8/daemon/libvirtd.service.in =================================================================== ---- libvirt-1.2.7.orig/daemon/libvirtd.service.in -+++ libvirt-1.2.7/daemon/libvirtd.service.in -@@ -10,6 +10,8 @@ After=network.target +--- libvirt-1.2.8.orig/daemon/libvirtd.service.in ++++ libvirt-1.2.8/daemon/libvirtd.service.in +@@ -5,6 +5,8 @@ After=network.target After=dbus.service After=iscsid.service After=apparmor.service diff --git a/virtlockd-init-script.patch b/virtlockd-init-script.patch index cef7d56..886a510 100644 --- a/virtlockd-init-script.patch +++ b/virtlockd-init-script.patch @@ -1,9 +1,9 @@ Adjust virtlockd init files to conform to SUSE standards -Index: libvirt-1.2.7/src/locking/virtlockd.sysconf +Index: libvirt-1.2.8/src/locking/virtlockd.sysconf =================================================================== ---- libvirt-1.2.7.orig/src/locking/virtlockd.sysconf -+++ libvirt-1.2.7/src/locking/virtlockd.sysconf +--- libvirt-1.2.8.orig/src/locking/virtlockd.sysconf ++++ libvirt-1.2.8/src/locking/virtlockd.sysconf @@ -1,3 +1,7 @@ +## Path: System/Virtualization/virtlockd + @@ -12,10 +12,10 @@ Index: libvirt-1.2.7/src/locking/virtlockd.sysconf # # Pass extra arguments to virtlockd #VIRTLOCKD_ARGS= -Index: libvirt-1.2.7/src/locking/virtlockd.init.in +Index: libvirt-1.2.8/src/locking/virtlockd.init.in =================================================================== ---- libvirt-1.2.7.orig/src/locking/virtlockd.init.in -+++ libvirt-1.2.7/src/locking/virtlockd.init.in +--- libvirt-1.2.8.orig/src/locking/virtlockd.init.in ++++ libvirt-1.2.8/src/locking/virtlockd.init.in @@ -4,12 +4,14 @@ # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV # diff --git a/xen-name-for-devid.patch b/xen-name-for-devid.patch index 99b4303..ef2b2ea 100644 --- a/xen-name-for-devid.patch +++ b/xen-name-for-devid.patch @@ -14,10 +14,10 @@ is inactive. We obviously can't search xenstore when the domain is inactive. -Index: libvirt-1.2.7/src/xen/xend_internal.c +Index: libvirt-1.2.8/src/xen/xend_internal.c =================================================================== ---- libvirt-1.2.7.orig/src/xen/xend_internal.c -+++ libvirt-1.2.7/src/xen/xend_internal.c +--- libvirt-1.2.8.orig/src/xen/xend_internal.c ++++ libvirt-1.2.8/src/xen/xend_internal.c @@ -72,7 +72,7 @@ VIR_LOG_INIT("xen.xend_internal"); #define XEND_RCV_BUF_MAX_LEN (256 * 1024) diff --git a/xen-pv-cdrom.patch b/xen-pv-cdrom.patch index 5ba7fc7..0fc0cf9 100644 --- a/xen-pv-cdrom.patch +++ b/xen-pv-cdrom.patch @@ -1,7 +1,7 @@ -Index: libvirt-1.2.7/src/xenxs/xen_sxpr.c +Index: libvirt-1.2.8/src/xenconfig/xen_sxpr.c =================================================================== ---- libvirt-1.2.7.orig/src/xenxs/xen_sxpr.c -+++ libvirt-1.2.7/src/xenxs/xen_sxpr.c +--- libvirt-1.2.8.orig/src/xenconfig/xen_sxpr.c ++++ libvirt-1.2.8/src/xenconfig/xen_sxpr.c @@ -332,7 +332,7 @@ xenParseSxprChar(const char *value, static int xenParseSxprDisks(virDomainDefPtr def,