Accepting request 748739 from Virtualization

OBS-URL: https://build.opensuse.org/request/show/748739
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=292

2552752f-libxl-fix-lock-manager-lock-ordering.patch

@@ -0,0 +1,87 @@
+commit 2552752f0b6504a80f6306e5aae2c7063d24f1ab
+Author: Jim Fehlig <jfehlig@suse.com>
+Date:   Mon Oct 14 14:01:00 2019 -0600
+
+    libxl: Fix lock manager lock ordering
+    
+    The ordering of lock manager locks in the libxl driver has a flaw that was
+    uncovered by a migration error path. In the perform phase of migration, the
+    source host calls virDomainLockProcessPause to release the lock before
+    sending the VM to the destination host. If the send fails an attempt is made
+    to reacquire the lock with virDomainLockProcessResume, but that too can fail
+    if the destination host has not finished cleaning up the failed VM and
+    releasing the lock it acquired when starting to receive the VM.
+    
+    This change delays calling virDomainLockProcessResume in libxlDomainStart
+    until the VM is successfully created, but before it is unpaused. A similar
+    approach is used by the qemu driver, avoiding the need to release the lock
+    if VM creation fails. In the migration perform phase, releasing the lock
+    with virDomainLockProcessPause is delayed until the VM is successfully
+    sent to the destination, which avoids reacquiring the lock if the send
+    fails.
+    
+    Signed-off-by: Jim Fehlig <jfehlig@suse.com>
+    Reviewed-by: Cole Robinson <crobinso@redhat.com>
+
+Index: libvirt-5.9.0/src/libxl/libxl_domain.c
+===================================================================
+--- libvirt-5.9.0.orig/src/libxl/libxl_domain.c
++++ libvirt-5.9.0/src/libxl/libxl_domain.c
+@@ -1347,13 +1347,6 @@ libxlDomainStart(libxlDriverPrivatePtr d
+                                   NULL) < 0)
+         goto cleanup;
+ 
+-    if (virDomainLockProcessResume(driver->lockManager,
+-                                  "xen:///system",
+-                                  vm,
+-                                  priv->lockState) < 0)
+-        goto cleanup;
+-    VIR_FREE(priv->lockState);
+-
+     if (libxlNetworkPrepareDevices(vm->def) < 0)
+         goto cleanup_dom;
+ 
+@@ -1436,6 +1429,13 @@ libxlDomainStart(libxlDriverPrivatePtr d
+ 
+     libxlLoggerOpenFile(cfg->logger, domid, vm->def->name, config_json);
+ 
++    if (virDomainLockProcessResume(driver->lockManager,
++                                  "xen:///system",
++                                  vm,
++                                  priv->lockState) < 0)
++        goto destroy_dom;
++    VIR_FREE(priv->lockState);
++
+     /* Always enable domain death events */
+     if (libxl_evenable_domain_death(cfg->ctx, vm->def->id, 0, &priv->deathW))
+         goto destroy_dom;
+Index: libvirt-5.9.0/src/libxl/libxl_migration.c
+===================================================================
+--- libvirt-5.9.0.orig/src/libxl/libxl_migration.c
++++ libvirt-5.9.0/src/libxl/libxl_migration.c
+@@ -1240,20 +1240,16 @@ libxlDomainMigrationSrcPerform(libxlDriv
+     sockfd = virNetSocketDupFD(sock, true);
+     virObjectUnref(sock);
+ 
+-    if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0)
+-        VIR_WARN("Unable to release lease on %s", vm->def->name);
+-    VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState));
+-
+     /* suspend vm and send saved data to dst through socket fd */
+     virObjectUnlock(vm);
+     ret = libxlDoMigrateSrcSend(driver, vm, flags, sockfd);
+     virObjectLock(vm);
+ 
+-    if (ret < 0) {
+-        virDomainLockProcessResume(driver->lockManager,
+-                                   "xen:///system",
+-                                   vm,
+-                                   priv->lockState);
++    if (ret == 0) {
++        if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0)
++            VIR_WARN("Unable to release lease on %s", vm->def->name);
++        VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState));
++    } else {
+         /*
+          * Confirm phase will not be executed if perform fails. End the
+          * job started in begin phase.

libvirt.changes

@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Thu Nov 14 17:31:35 UTC 2019 - James Fehlig <jfehlig@suse.com>
+
+- libxl: Fix lock manager lock ordering
+  2552752f-libxl-fix-lock-manager-lock-ordering.patch
+  bsc#1145774
+
+-------------------------------------------------------------------
+Tue Nov 12 22:51:54 UTC 2019 - James Fehlig <jfehlig@suse.com>
+
+- spec: Forcibly remove '--listen' option from LIBVIRTD_ARGS in
+  /etc/sysconfig/libvirtd since it is incompatible with socket
+  activation. Also add '--timeout' option for consistency with
+  upstream.
+  boo#1156161
+
+-------------------------------------------------------------------
+Mon Nov 11 23:32:43 UTC 2019 - James Fehlig <jfehlig@suse.com>
+
+- Enable automatic firmware seletction and add the new smm
+  flavor to the build-time firmware list
+  jsc#SLE-6997
+
 -------------------------------------------------------------------
 Wed Nov  6 14:55:39 UTC 2019 - James Fehlig <jfehlig@suse.com>
 

libvirt.spec

@@ -338,6 +338,7 @@ Source6:        libvirtd-relocation-server.xml
 Source99:       baselibs.conf
 Source100:      %{name}-rpmlintrc
 # Upstream patches
+Patch0:         2552752f-libxl-fix-lock-manager-lock-ordering.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch
@@ -871,6 +872,7 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 
 %prep
 %setup -q
+%patch0 -p1
 %patch100 -p1
 %patch101 -p1
 %patch150 -p1
@@ -1003,20 +1005,25 @@ libvirt plugin for NSS for translating domain names into IP addresses.
 
 %define arg_selinux_mount --with-selinux-mount="/selinux"
 
-# x86_64 UEFI firmwares
-# To more closely resemble actual hardware, we use the firmwares with
-# embedded Microsoft keys
-#
-# The Windows HCK test requires a bigger variable store, so 4MB firmware
-# images have been introduced. They are advertised first and will be
-# used by default for new VM installations. The 2MB images are still
-# available for existing VMs, and can be selected for new installations
-# as well.
-LOADERS="/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin"
-LOADERS="$LOADERS:/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin"
-# aarch64 UEFI firmwares
-LOADERS="$LOADERS:/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin"
-%define arg_loader_nvram --with-loader-nvram="$LOADERS"
+# UEFI firmwares
+# For SLE15 SP2 (Leap 15.2) and newer, use firmware descriptor files from the
+# firmware packages, otherwise define firmwares via configure option
+%if ! (0%{?suse_version} > 1500 || 0%{?sle_version} > 150100)
+    # x86_64 UEFI firmwares
+    # To more closely resemble actual hardware, we use the firmwares with
+    # embedded Microsoft keys
+    #
+    # The Windows HCK test requires a bigger variable store, so 4MB firmware
+    # images have been introduced. They are advertised first and will be
+    # used by default for new VM installations. The 2MB images are still
+    # available for existing VMs, and can be selected for new installations
+    # as well.
+    LOADERS="/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin"
+    LOADERS="$LOADERS:/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin"
+    # aarch64 UEFI firmwares
+    LOADERS="$LOADERS:/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin"
+    %define arg_loader_nvram --with-loader-nvram="$LOADERS"
+%endif
 
 autoreconf -f -i
 export CFLAGS="%{optflags}"
@@ -1252,6 +1259,14 @@ fi
 %{fillup_only -n libvirtd}
 %{fillup_only -n virtlockd}
 %{fillup_only -n virtlogd}
+# The '--listen' option is incompatible with socket activation.
+# We need to forcibly remove it from /etc/sysconfig/libvirtd.
+# Also add the --timeout option to be consistent with upstream.
+# See boo#1156161 for details
+sed -i -e '/^\s*LIBVIRTD_ARGS=/s/--listen//g' %{_sysconfdir}/sysconfig/libvirtd
+if ! grep -q -E '^\s*LIBVIRTD_ARGS=.*--timeout' %{_sysconfdir}/sysconfig/libvirtd ; then
+    sed -i 's/^\s*LIBVIRTD_ARGS="\(.*\)"/LIBVIRTD_ARGS="\1 --timeout 120"/' %{_sysconfdir}/sysconfig/libvirtd
+fi
 
 %preun daemon
 %service_del_preun libvirtd.service libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket libvirtd-tcp.socket libvirtd-tls.socket virtlockd.service virtlockd.socket virtlogd.service virtlogd.socket virtlockd-admin.socket virtlogd-admin.socket
@@ -1271,7 +1286,7 @@ fi
 # All connection drivers should be installed post transaction.
 # Time to restart libvirtd. With new socket activation we need to be a bit
 # smarter on update. Old libvirtd owns the sockets and will delete them on
-# shutdown. We can't use try-restart as libvirtd will one the sockets again
+# shutdown. We can't use try-restart as libvirtd will own the sockets again
 # after restart. So we must instead shutdown libvirtd, start the sockets,
 # then start libvirtd.
 if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_RESTART_ON_UPDATE" != yes ; then

libxl-set-migration-constraints.patch

@@ -255,7 +255,7 @@ Index: libvirt-5.9.0/src/libxl/libxl_migration.c
  {
      libxlDomainObjPrivatePtr priv = vm->privateData;
      char *hostname = NULL;
-@@ -1246,7 +1267,7 @@ libxlDomainMigrationSrcPerform(libxlDriv
+@@ -1242,7 +1263,7 @@ libxlDomainMigrationSrcPerform(libxlDriv
  
      /* suspend vm and send saved data to dst through socket fd */
      virObjectUnlock(vm);
@@ -263,7 +263,7 @@ Index: libvirt-5.9.0/src/libxl/libxl_migration.c
 +    ret = libxlDoMigrateSrcSend(driver, vm, props, sockfd);
      virObjectLock(vm);
  
-     if (ret < 0) {
+     if (ret == 0) {
 Index: libvirt-5.9.0/src/libxl/libxl_migration.h
 ===================================================================
 --- libvirt-5.9.0.orig/src/libxl/libxl_migration.h