rpm/libvirt
SHA256
1
0
Fork 0
forked from pool/libvirt
Code Pull Requests Activity
7cc886a733
libvirt/suse-ovmf-paths.patch
James Fehlig da9af7a383 Accepting request 692393 from home:jfehlig:branches:Virtualization 
- CVE-2019-3886: disallow virDomainGetHostname and virDomainGetTime
  for read-only connections and users
  CVE-2019-3886-api.patch, CVE-2019-3886-remote.patch
  bsc#1131595
- spec: BuildRequires rpcgen since CVE-2019-3886-remote.patch
  touches remote_protocol.x

- Update to libvirt 5.2.0
  - Many incremental improvements and bug fixes, see
    http://libvirt.org/news.html
  - Dropped patches:
    4ec3cf9a-apparmor-rules.patch,
    f38ef0fa-no-RDMA-check.patch,
    411cdaf8-apparmor-check-profile-name.patch,
    696239ba-qemu-fix-query-cpus-fast.patch,
    09eb1ae0-conf-add-xenbus-controller.patch,
    fb059757-libxl-add-xenbus-controller.patch,
    ec5a1191-libxl-support-max-grant-frames.patch,
    5a64c202-xenconfig-support-max-grant-frames.patch
  - Added patches:
    ff376c62-tests-fix-mocking-stat-lstat.patch,
    mprivozn-test-fix-proposal.patch

OBS-URL: https://build.opensuse.org/request/show/692393
OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=745
2019-04-08 22:27:41 +00:00

53 lines
2.6 KiB
Diff
Raw Blame History

Adjust paths of OVMF firmwares on SUSE distros
Index: libvirt-5.2.0/src/qemu/qemu.conf
===================================================================
--- libvirt-5.2.0.orig/src/qemu/qemu.conf
+++ libvirt-5.2.0/src/qemu/qemu.conf
@@ -773,10 +773,9 @@ security_default_confined = 0
# for x86_64 and i686, but it's AAVMF for aarch64. The libvirt default
# follows this scheme.
#nvram = [
-# "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd",
-# "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd",
-# "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd",
-# "/usr/share/AAVMF/AAVMF32_CODE.fd:/usr/share/AAVMF/AAVMF32_VARS.fd"
+# "/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin",
+# "/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin",
+# "/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin"
#]
# The backend to use for handling stdout/stderr output from
Index: libvirt-5.2.0/src/qemu/qemu_conf.c
===================================================================
--- libvirt-5.2.0.orig/src/qemu/qemu_conf.c
+++ libvirt-5.2.0/src/qemu/qemu_conf.c
@@ -116,10 +116,9 @@ void qemuDomainCmdlineDefFree(qemuDomain
#ifndef DEFAULT_LOADER_NVRAM
# define DEFAULT_LOADER_NVRAM \
- "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd:" \
- "/usr/share/OVMF/OVMF_CODE.secboot.fd:/usr/share/OVMF/OVMF_VARS.fd:" \
- "/usr/share/AAVMF/AAVMF_CODE.fd:/usr/share/AAVMF/AAVMF_VARS.fd:" \
- "/usr/share/AAVMF/AAVMF32_CODE.fd:/usr/share/AAVMF/AAVMF32_VARS.fd"
+ "/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin:" \
+ "/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin:" \
+ "/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin"
#endif
Index: libvirt-5.2.0/src/security/virt-aa-helper.c
===================================================================
--- libvirt-5.2.0.orig/src/security/virt-aa-helper.c
+++ libvirt-5.2.0/src/security/virt-aa-helper.c
@@ -506,7 +506,8 @@ valid_path(const char *path, const bool
"/usr/share/ovmf/", /* for OVMF images */
"/usr/share/AAVMF/", /* for AAVMF images */
"/usr/share/qemu-efi/", /* for AAVMF images */
- "/usr/share/qemu-efi-aarch64/" /* for AAVMF images */
+ "/usr/share/qemu-efi-aarch64/", /* for AAVMF images */
+ "/usr/share/qemu/" /* SUSE path for OVMF and AAVMF images */
};
/* override the above with these */
const char * const override[] = {
View Git Blame Copy Permalink