Hello community, here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2013-05-27 09:52:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libvirt (Old) and /work/SRC/openSUSE:Factory/.libvirt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt" Changes: -------- --- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2013-03-25 20:40:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2013-05-27 09:52:26.000000000 +0200 @@ -1,0 +2,57 @@ +Sat May 18 09:15:00 MDT 2013 - jfeh...@suse.com + +- fix leak after listing all volumes - CVE-2013-1962 + ca697e90-CVE-2013-1962.patch + bnc#820397 +- Fix iohelper usage with streams opened for read + a2214c52-iohelper.patch +- Cope with missing swap cgroup controls + f493d83f-cgroup-swap-control.patch + bnc#819976 +- Fix cgroup handling when setting VCPU BW + 0471637d-cgroups-vcpu-bw.patch + rhb#963592 +- Escape a leading '.' with '_' in the cgroup names + 0ced83dc-cgroup-escape-dot.patch +- Add missing documentation on new cgroup layout + 486a86eb-cgroups-docs.patch +- Another fix related to systems with no cgroups + c2cf5f1c-no-cgroups-fix.patch + bnc#819963 + +------------------------------------------------------------------- +Thu May 16 16:25:13 MDT 2013 - jfeh...@suse.com + +- Fix botched backport of commit bbe97ae9 + +------------------------------------------------------------------- +Mon May 13 09:32:56 MDT 2013 - jfeh...@suse.com + +- Fix starting domains when kernel has no cgroups support + bbe97ae9-no-cgroups.patch + +------------------------------------------------------------------- +Thu May 2 13:14:00 MDT 2013 - jfeh...@suse.com + +- Update to libvirt 1.0.5 + - PPC64: Add NVRAM device + - Add XML config for resource partitions + - Add support for TPM + - NPIV storage migration support + - Many incremental improvements and bug fixes, see + http://libvirt.org/news.html + +------------------------------------------------------------------- +Tue Apr 2 15:26:18 MDT 2013 - jfeh...@suse.com + +- Update to libvirt 1.0.4 + - qemu: support passthrough for iscsi disks + - various S390 improvements + - various LXC bugs fixes and improvements + - add API for thread cancellation + - Many incremental improvements and bug fixes, see + http://libvirt.org/news.html + - Drop upstream patches: ce4557c3-apparmor-tapfd-label.patch + libvirt-iptables-1.4.18.diff + +------------------------------------------------------------------- Old: ---- ce4557c3-apparmor-tapfd-label.patch libvirt-1.0.3.tar.bz2 libvirt-iptables-1.4.18.diff New: ---- 0471637d-cgroups-vcpu-bw.patch 0ced83dc-cgroup-escape-dot.patch 486a86eb-cgroups-docs.patch a2214c52-iohelper.patch bbe97ae9-no-cgroups.patch c2cf5f1c-no-cgroups-fix.patch ca697e90-CVE-2013-1962.patch f493d83f-cgroup-swap-control.patch libvirt-1.0.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -334,10 +334,16 @@ %if %{with_systemd} BuildRequires: systemd %endif +%if %{with_libvirtd} +%if 0%{?suse_version} >= 1210 +# For pool-build probing for existing pools +BuildRequires: libblkid-devel >= 2.17 +%endif +%endif Name: libvirt Url: http://libvirt.org/ -Version: 1.0.3 +Version: 1.0.5 Release: 0 Summary: A C toolkit to interact with the virtualization capabilities of Linux License: LGPL-2.1+ @@ -417,12 +423,18 @@ Source2: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches -Patch0: ce4557c3-apparmor-tapfd-label.patch +Patch0: f493d83f-cgroup-swap-control.patch +Patch1: 486a86eb-cgroups-docs.patch +Patch2: 0ced83dc-cgroup-escape-dot.patch +Patch3: bbe97ae9-no-cgroups.patch +Patch4: 0471637d-cgroups-vcpu-bw.patch +Patch5: c2cf5f1c-no-cgroups-fix.patch +Patch6: a2214c52-iohelper.patch +Patch7: ca697e90-CVE-2013-1962.patch # Need to go upstream Patch100: xen-name-for-devid.patch Patch101: clone.patch Patch102: xen-pv-cdrom.patch -Patch103: libvirt-iptables-1.4.18.diff # Our patches Patch200: libvirtd-defaults.patch Patch201: libvirtd-init-script.patch @@ -560,10 +572,16 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 %patch100 -p1 %patch101 %patch102 -p1 -%patch103 -p1 %patch200 -p1 %patch201 -p1 %patch202 -p1 @@ -1070,6 +1088,7 @@ %{_datadir}/libvirt/schemas/storagepool.rng %{_datadir}/libvirt/schemas/storagevol.rng %{_datadir}/libvirt/cpu_map.xml +%{_datadir}/libvirt/libvirtLogo.png %if %{with_sasl} %config(noreplace) %{_sysconfdir}/sasl2/libvirt.conf %endif ++++++ 0471637d-cgroups-vcpu-bw.patch ++++++ commit 0471637d5628106d058f0eb5516ffa7d5285cc6f Author: Martin Kletzander <mklet...@redhat.com> Date: Thu May 16 14:37:54 2013 +0200 qemu: Fix cgroup handling when setting VCPU BW Commit 632f78c introduced a regression which causes schedinfo being unable to set some parameters. When migrating to priv->cgroup there was missing variable left out and due to passed NULL to underlying function, the setting failed. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=963592 Index: libvirt-1.0.5/src/qemu/qemu_driver.c =================================================================== --- libvirt-1.0.5.orig/src/qemu/qemu_driver.c +++ libvirt-1.0.5/src/qemu/qemu_driver.c @@ -7721,7 +7721,6 @@ qemuDomainSetSchedulerParametersFlags(vi { virQEMUDriverPtr driver = dom->conn->privateData; int i; - virCgroupPtr group = NULL; virDomainObjPtr vm = NULL; virDomainDefPtr vmdef = NULL; unsigned long long value_ul; @@ -7799,7 +7798,7 @@ qemuDomainSetSchedulerParametersFlags(vi QEMU_SCHED_MIN_PERIOD, QEMU_SCHED_MAX_PERIOD); if (flags & VIR_DOMAIN_AFFECT_LIVE && value_ul) { - if ((rc = qemuSetVcpusBWLive(vm, group, value_ul, 0))) + if ((rc = qemuSetVcpusBWLive(vm, priv->cgroup, value_ul, 0))) goto cleanup; vm->def->cputune.period = value_ul; @@ -7813,7 +7812,7 @@ qemuDomainSetSchedulerParametersFlags(vi QEMU_SCHED_MIN_QUOTA, QEMU_SCHED_MAX_QUOTA); if (flags & VIR_DOMAIN_AFFECT_LIVE && value_l) { - if ((rc = qemuSetVcpusBWLive(vm, group, 0, value_l))) + if ((rc = qemuSetVcpusBWLive(vm, priv->cgroup, 0, value_l))) goto cleanup; vm->def->cputune.quota = value_l; @@ -7827,7 +7826,8 @@ qemuDomainSetSchedulerParametersFlags(vi QEMU_SCHED_MIN_PERIOD, QEMU_SCHED_MAX_PERIOD); if (flags & VIR_DOMAIN_AFFECT_LIVE && value_ul) { - if ((rc = qemuSetEmulatorBandwidthLive(vm, group, value_ul, 0))) + if ((rc = qemuSetEmulatorBandwidthLive(vm, priv->cgroup, + value_ul, 0))) goto cleanup; vm->def->cputune.emulator_period = value_ul; @@ -7841,7 +7841,8 @@ qemuDomainSetSchedulerParametersFlags(vi QEMU_SCHED_MIN_QUOTA, QEMU_SCHED_MAX_QUOTA); if (flags & VIR_DOMAIN_AFFECT_LIVE && value_l) { - if ((rc = qemuSetEmulatorBandwidthLive(vm, group, 0, value_l))) + if ((rc = qemuSetEmulatorBandwidthLive(vm, priv->cgroup, + 0, value_l))) goto cleanup; vm->def->cputune.emulator_quota = value_l; ++++++ 0ced83dc-cgroup-escape-dot.patch ++++++ commit 0ced83dcfbb19af1201202e1af0a7073c338aabd Author: Daniel P. Berrange <berra...@redhat.com> Date: Fri May 3 20:56:50 2013 +0100 Escaping leading '.' in cgroup names Escaping a leading '.' with '_' in the cgroup names Signed-off-by: Daniel P. Berrange <berra...@redhat.com> Index: libvirt-1.0.5/src/util/vircgroup.c =================================================================== --- libvirt-1.0.5.orig/src/util/vircgroup.c +++ libvirt-1.0.5/src/util/vircgroup.c @@ -1106,7 +1106,8 @@ static int virCgroupPartitionNeedsEscapi if (STRPREFIX(path, "cgroup.")) return 1; - if (path[0] == '_') + if (path[0] == '_' || + path[0] == '.') return 1; if (!(fp = fopen("/proc/cgroups", "r"))) ++++++ 486a86eb-cgroups-docs.patch ++++++ commit 486a86eb184c008c5957fb68c63f163289f3344b Author: Daniel P. Berrange <berra...@redhat.com> Date: Fri May 3 16:58:26 2013 +0100 Add docs about cgroups layout and usage Describe the new cgroups layout, how to customize placement of guests and what virsh commands are used to access the parameters. Signed-off-by: Daniel P. Berrange <berra...@redhat.com> Index: libvirt-1.0.5/docs/cgroups.html.in =================================================================== --- /dev/null +++ libvirt-1.0.5/docs/cgroups.html.in @@ -0,0 +1,285 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> + <body> + <h1>Control Groups Resource Management</h1> + + <ul id="toc"></ul> + + <p> + The QEMU and LXC drivers make use of the Linux "Control Groups" facility + for applying resource management to their virtual machines and containers. + </p> + + <h2><a name="requiredControllers">Required controllers</a></h2> + + <p> + The control groups filesystem supports multiple "controllers". By default + the init system (such as systemd) should mount all controllers compiled + into the kernel at <code>/sys/fs/cgroup/$CONTROLLER-NAME</code>. Libvirt + will never attempt to mount any controllers itself, merely detect where + they are mounted. + </p> + + <p> + The QEMU driver is capable of using the <code>cpuset</code>, + <code>cpu</code>, <code>memory</code>, <code>blkio</code> and + <code>devices</code> controllers. None of them are compulsory. + If any controller is not mounted, the resource management APIs + which use it will cease to operate. It is possible to explicitly + turn off use of a controller, even when mounted, via the + <code>/etc/libvirt/qemu.conf</code> configuration file. + </p> + + <p> + The LXC driver is capable of using the <code>cpuset</code>, + <code>cpu</code>, <code>cpuset</code>, <code>freezer</code>, + <code>memory</code>, <code>blkio</code> and <code>devices</code> + controllers. The <code>cpuset</code>, <code>devices</code> + and <code>memory</code> controllers are compulsory. Without + them mounted, no containers can be started. If any of the + other controllers are not mounted, the resource management APIs + which use them will cease to operate. + </p> + + <h2><a name="currentLayout">Current cgroups layout</a></h2> + + <p> + As of libvirt 1.0.5 or later, the cgroups layout created by libvirt has been + simplified, in order to facilitate the setup of resource control policies by + administrators / management applications. The layout is based on the concepts of + "partitions" and "consumers". Each virtual machine or container is a consumer, + and has a corresponding cgroup named <code>$VMNAME.libvirt-{qemu,lxc}</code>. + Each consumer is associated with exactly one partition, which also have a + corresponding cgroup usually named <code>$PARTNAME.partition</code>. The + exceptions to this naming rule are the three top level default partitions, + named <code>/system</code> (for system services), <code>/user</code> (for + user login sessions) and <code>/machine</code> (for virtual machines and + containers). By default every consumer will of course be associated with + the <code>/machine</code> partition. This leads to a hierarchy that looks + like + </p> + + <pre> +$ROOT + | + +- system + | | + | +- libvirtd.service + | + +- machine + | + +- vm1.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- vm2.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- vm3.libvirt-qemu + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- container1.libvirt-lxc + | + +- container2.libvirt-lxc + | + +- container3.libvirt-lxc + </pre> + + <p> + The default cgroups layout ensures that, when there is contention for + CPU time, it is shared equally between system services, user sessions + and virtual machines / containers. This prevents virtual machines from + locking the administrator out of the host, or impacting execution of + system services. Conversely, when there is no contention from + system services / user sessions, it is possible for virtual machines + to fully utilize the host CPUs. + </p> + + <h2><a name="customPartiton">Using custom partitions</a></h2> + + <p> + If there is a need to apply resource constraints to groups of + virtual machines or containers, then the single default + partition <code>/machine</code> may not be sufficiently + flexible. The administrator may wish to sub-divide the + default partition, for example into "testing" and "production" + partitions, and then assign each guest to a specific + sub-partition. This is achieved via a small element addition + to the guest domain XML config, just below the main <code>domain</code> + element + </p> + + <pre> + ... + <resource> + <partition>/machine/production</partition> + </resource> + ... + </pre> + + <p> + Libvirt will not auto-create the cgroups directory to back + this partition. In the future, libvirt / virsh will provide + APIs / commands to create custom partitions, but currently + this is left as an exercise for the administrator. For + example, given the XML config above, the admin would need + to create a cgroup named '/machine/production.partition' + </p> + + <pre> +# cd /sys/fs/cgroup +# for i in blkio cpu,cpuacct cpuset devices freezer memory net_cls perf_event + do + mkdir $i/machine/production.partition + done +# for i in cpuset.cpus cpuset.mems + do + cat cpuset/machine/$i > cpuset/machine/production.partition/$i + done +</pre> + + <p> + <strong>Note:</strong> the cgroups directory created as a ".partition" + suffix, but the XML config does not require this suffix. + </p> + + <p> + <strong>Note:</strong> the ability to place guests in custom + partitions is only available with libvirt >= 1.0.5, using + the new cgroup layout. The legacy cgroups layout described + later did not support customization per guest. + </p> + + <h2><a name="resourceAPIs">Resource management APIs/commands</a></h2> + + <p> + Since libvirt aims to provide an API which is portable across + hypervisors, the concept of cgroups is not exposed directly + in the API or XML configuration. It is considered to be an + internal implementation detail. Instead libvirt provides a + set of APIs for applying resource controls, which are then + mapped to corresponding cgroup tunables + </p> + + <h3>Scheduler tuning</h3> + + <p> + Parameters from the "cpu" controller are exposed via the + <code>schedinfo</code> command in virsh. + </p> + + <pre> +# virsh schedinfo demo +Scheduler : posix +cpu_shares : 1024 +vcpu_period : 100000 +vcpu_quota : -1 +emulator_period: 100000 +emulator_quota : -1</pre> + + + <h3>Block I/O tuning</h3> + + <p> + Parameters from the "blkio" controller are exposed via the + <code>bkliotune</code> command in virsh. + </p> + + + <pre> +# virsh blkiotune demo +weight : 500 +device_weight : </pre> + + <h3>Memory tuning</h3> + + <p> + Parameters from the "memory" controller are exposed via the + <code>memtune</code> command in virsh. + </p> + + <pre> +# virsh memtune demo +hard_limit : 580192 +soft_limit : unlimited +swap_hard_limit: unlimited + </pre> + + <h3>Network tuning</h3> + + <p> + The <code>net_cls</code> is not currently used. Instead traffic + filter policies are set directly against individual virtual + network interfaces. + </p> + + <h2><a name="legacyLayout">Legacy cgroups layout</a></h2> + + <p> + Prior to libvirt 1.0.5, the cgroups layout created by libvirt was different + from that described above, and did not allow for administrator customization. + Libvirt used a fixed, 3-level hierarchy <code>libvirt/{qemu,lxc}/$VMNAME</code> + which was rooted at the point in the hierarchy where libvirtd itself was + located. So if libvirtd was placed at <code>/system/libvirtd.service</code> + by systemd, the groups for each virtual machine / container would be located + at <code>/system/libvirtd.service/libvirt/{qemu,lxc}/$VMNAME</code>. In addition + to this, the QEMU drivers further child groups for each vCPU thread and the + emulator thread(s). This leads to a hierarchy that looked like + </p> + + + <pre> +$ROOT + | + +- system + | + +- libvirtd.service + | + +- libvirt + | + +- qemu + | | + | +- vm1 + | | | + | | +- emulator + | | +- vcpu0 + | | +- vcpu1 + | | + | +- vm2 + | | | + | | +- emulator + | | +- vcpu0 + | | +- vcpu1 + | | + | +- vm3 + | | + | +- emulator + | +- vcpu0 + | +- vcpu1 + | + +- lxc + | + +- container1 + | + +- container2 + | + +- container3 + </pre> + + <p> + Although current releases are much improved, historically the use of deep + hierarchies has had a significant negative impact on the kernel scalability. + The legacy libvirt cgroups layout highlighted these problems, to the detriment + of the performance of virtual machines and containers. + </p> + </body> +</html> Index: libvirt-1.0.5/docs/sitemap.html.in =================================================================== --- libvirt-1.0.5.orig/docs/sitemap.html.in +++ libvirt-1.0.5/docs/sitemap.html.in @@ -87,6 +87,10 @@ <span>Ensuring exclusive guest access to disks</span> </li> <li> + <a href="cgroups.html">CGroups</a> + <span>Control groups integration</span> + </li> + <li> <a href="hooks.html">Hooks</a> <span>Hooks for system specific management</span> </li> ++++++ a2214c52-iohelper.patch ++++++ commit a2214c5257d3bd7b086ce04aca1648e8ff05ee96 Author: Daniel P. Berrange <berra...@redhat.com> Date: Fri May 10 14:45:05 2013 +0100 Fix iohelper usage with streams opened for read In b2878ed860ceceec3cd6481424fed0b543b687cd we added the O_NOCTTY flag when opening files in the stream code. Unfortunately a later piece of code was comparing the flags == O_RDONLY, without masking out the non-access mode flags. This broke the iohelper when used with streams for read, since it caused us to attach the stream output pipe to the stream input FD instead of output FD :-( Signed-off-by: Daniel P. Berrange <berra...@redhat.com> Index: libvirt-1.0.5/src/fdstream.c =================================================================== --- libvirt-1.0.5.orig/src/fdstream.c +++ libvirt-1.0.5/src/fdstream.c @@ -640,7 +640,7 @@ virFDStreamOpenFileInternal(virStreamPtr virCommandTransferFD(cmd, fd); virCommandAddArgFormat(cmd, "%d", fd); - if (oflags == O_RDONLY) { + if ((oflags & O_ACCMODE) == O_RDONLY) { childfd = fds[1]; fd = fds[0]; virCommandSetOutputFD(cmd, &childfd); ++++++ bbe97ae9-no-cgroups.patch ++++++ commit bbe97ae968eba60b71e0066d49f9fc909966d9d6 Author: Jim Fehlig <jfeh...@suse.com> Date: Fri May 10 12:05:00 2013 -0600 Fix starting domains when kernel has no cgroups support Found that I was unable to start existing domains after updating to a kernel with no cgroups support # zgrep CGROUP /proc/config.gz # CONFIG_CGROUPS is not set # virsh start test error: Failed to start domain test error: Unable to initialize /machine cgroup: Cannot allocate memory virCgroupPartitionNeedsEscaping() correctly returns errno (ENOENT) when attempting to open /proc/cgroups on such a system, but it was being dropped in virCgroupSetPartitionSuffix(). Change virCgroupSetPartitionSuffix() to propagate errors returned by its callees. Also check for ENOENT in qemuInitCgroup() when determining if cgroups support is available. Index: libvirt-1.0.5/src/qemu/qemu_cgroup.c =================================================================== --- libvirt-1.0.5.orig/src/qemu/qemu_cgroup.c +++ libvirt-1.0.5/src/qemu/qemu_cgroup.c @@ -415,7 +415,8 @@ int qemuInitCgroup(virQEMUDriverPtr driv if (rc != 0) { if (rc == -ENXIO || rc == -EPERM || - rc == -EACCES) { /* No cgroups mounts == success */ + rc == -EACCES || + rc == -ENOENT) { /* No cgroups mounts == success */ VIR_DEBUG("No cgroups present/configured/accessible, ignoring error"); goto done; } Index: libvirt-1.0.5/src/util/vircgroup.c =================================================================== --- libvirt-1.0.5.orig/src/util/vircgroup.c +++ libvirt-1.0.5/src/util/vircgroup.c @@ -1168,14 +1168,14 @@ static int virCgroupPartitionEscape(char return 0; } -static char *virCgroupSetPartitionSuffix(const char *path) +static int virCgroupSetPartitionSuffix(const char *path, char **res) { char **tokens = virStringSplit(path, "/", 0); size_t i; - char *ret = NULL; + int ret = -1; if (!tokens) - return NULL; + return ret; for (i = 0 ; tokens[i] != NULL ; i++) { /* Whitelist the 3 top level fixed dirs @@ -1194,20 +1194,27 @@ static char *virCgroupSetPartitionSuffix !strchr(tokens[i], '.')) { if (VIR_REALLOC_N(tokens[i], strlen(tokens[i]) + strlen(".partition") + 1) < 0) { + ret = -ENOMEM; virReportOOMError(); goto cleanup; } strcat(tokens[i], ".partition"); } - if (virCgroupPartitionEscape(&(tokens[i])) < 0) { - virReportOOMError(); + ret = virCgroupPartitionEscape(&(tokens[i])); + if (ret < 0) { + if (ret == -ENOMEM) + virReportOOMError(); goto cleanup; } } - if (!(ret = virStringJoin((const char **)tokens, "/"))) + if (!(*res = virStringJoin((const char **)tokens, "/"))) { + ret = -ENOMEM; goto cleanup; + } + + ret = 0; cleanup: virStringFreeList(tokens); @@ -1242,9 +1249,9 @@ int virCgroupNewPartition(const char *pa /* XXX convert all cgroups APIs to use error report * APIs instead of returning errno */ - if (!(newpath = virCgroupSetPartitionSuffix(path))) { + rc = virCgroupSetPartitionSuffix(path, &newpath); + if (rc < 0) { virResetLastError(); - rc = -ENOMEM; goto cleanup; } ++++++ c2cf5f1c-no-cgroups-fix.patch ++++++ commit c2cf5f1c2abc81d607abe34bf5dc4c615a9b8b4d Author: Daniel P. Berrange <berra...@redhat.com> Date: Thu May 16 18:47:07 2013 +0100 Fix failure to detect missing cgroup partitions Change bbe97ae968eba60b71e0066d49f9fc909966d9d6 caused the QEMU driver to ignore ENOENT errors from cgroups, in order to cope with missing /proc/cgroups. This is not good though because many other things can cause ENOENT and should not be ignored. The callers expect to see ENXIO when cgroups are not present, so adjust the code to report that errno when /proc/cgroups is missing Signed-off-by: Daniel P. Berrange <berra...@redhat.com> Index: libvirt-1.0.5/src/qemu/qemu_cgroup.c =================================================================== --- libvirt-1.0.5.orig/src/qemu/qemu_cgroup.c +++ libvirt-1.0.5/src/qemu/qemu_cgroup.c @@ -415,8 +415,7 @@ int qemuInitCgroup(virQEMUDriverPtr driv if (rc != 0) { if (rc == -ENXIO || rc == -EPERM || - rc == -EACCES || - rc == -ENOENT) { /* No cgroups mounts == success */ + rc == -EACCES) { /* No cgroups mounts == success */ VIR_DEBUG("No cgroups present/configured/accessible, ignoring error"); goto done; } Index: libvirt-1.0.5/src/util/vircgroup.c =================================================================== --- libvirt-1.0.5.orig/src/util/vircgroup.c +++ libvirt-1.0.5/src/util/vircgroup.c @@ -1110,8 +1110,13 @@ static int virCgroupPartitionNeedsEscapi path[0] == '.') return 1; - if (!(fp = fopen("/proc/cgroups", "r"))) + if (!(fp = fopen("/proc/cgroups", "r"))) { + /* The API contract is that we return ENXIO + * if cgroups are not available on a host */ + if (errno == ENOENT) + errno = ENXIO; return -errno; + } /* * Data looks like this: ++++++ ca697e90-CVE-2013-1962.patch ++++++ commit ca697e90d5bd6a6dfb94bfb6d4438bdf9a44b739 Author: Ján Tomko <jto...@redhat.com> Date: Fri Apr 12 17:30:56 2013 +0200 daemon: fix leak after listing all volumes CVE-2013-1962 remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool. The pool also held a reference to the connection, preventing it from getting freed and closing the netcf interface driver, which held two sockets open. Index: libvirt-1.0.5/daemon/remote.c =================================================================== --- libvirt-1.0.5.orig/daemon/remote.c +++ libvirt-1.0.5/daemon/remote.c @@ -4226,6 +4226,8 @@ cleanup: virStorageVolFree(vols[i]); VIR_FREE(vols); } + if (pool) + virStoragePoolFree(pool); return rv; } ++++++ clone.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -2,7 +2,7 @@ =================================================================== --- src/lxc/lxc_container.c.orig +++ src/lxc/lxc_container.c -@@ -136,6 +136,7 @@ int lxcContainerHasReboot(void) +@@ -138,6 +138,7 @@ int lxcContainerHasReboot(void) int cmd, v; int status; char *tmp; @@ -10,7 +10,7 @@ if (virFileReadAll("/proc/sys/kernel/ctrl-alt-del", 10, &buf) < 0) return -1; -@@ -152,14 +153,21 @@ int lxcContainerHasReboot(void) +@@ -154,14 +155,21 @@ int lxcContainerHasReboot(void) VIR_FREE(buf); cmd = v ? LINUX_REBOOT_CMD_CAD_ON : LINUX_REBOOT_CMD_CAD_OFF; @@ -34,7 +34,7 @@ VIR_FREE(stack); if (cpid < 0) { virReportSystemError(errno, "%s", -@@ -2358,6 +2366,9 @@ int lxcContainerStart(virDomainDefPtr de +@@ -2116,6 +2124,9 @@ int lxcContainerStart(virDomainDefPtr de ttyPaths, nttyPaths, handshakefd}; /* allocate a stack for the container */ @@ -44,7 +44,7 @@ if (VIR_ALLOC_N(stack, stacksize) < 0) { virReportOOMError(); return -1; -@@ -2377,7 +2388,11 @@ int lxcContainerStart(virDomainDefPtr de +@@ -2134,7 +2145,11 @@ int lxcContainerStart(virDomainDefPtr de cflags |= CLONE_NEWNET; } @@ -56,7 +56,7 @@ VIR_FREE(stack); VIR_DEBUG("clone() completed, new container PID is %d", pid); -@@ -2403,6 +2418,7 @@ int lxcContainerAvailable(int features) +@@ -2160,6 +2175,7 @@ int lxcContainerAvailable(int features) int cpid; char *childStack; char *stack; @@ -64,7 +64,7 @@ if (features & LXC_CONTAINER_FEATURE_USER) flags |= CLONE_NEWUSER; -@@ -2410,14 +2426,21 @@ int lxcContainerAvailable(int features) +@@ -2167,14 +2183,21 @@ int lxcContainerAvailable(int features) if (features & LXC_CONTAINER_FEATURE_NET) flags |= CLONE_NEWNET; ++++++ f493d83f-cgroup-swap-control.patch ++++++ commit f493d83fbd3257453e63f2f32ee90a216fd531c1 Author: Daniel P. Berrange <berra...@redhat.com> Date: Thu May 9 13:53:39 2013 +0100 Cope with missing swap cgroup controls It is possible to build a kernel without swap cgroup controls present. This causes a fatal error when querying memory parameters. Treat missing swap controls as meaning "unlimited". The fatal error remains if the user tries to actually change the limit. Signed-off-by: Daniel P. Berrange <berra...@redhat.com> Index: libvirt-1.0.5/src/qemu/qemu_driver.c =================================================================== --- libvirt-1.0.5.orig/src/qemu/qemu_driver.c +++ libvirt-1.0.5/src/qemu/qemu_driver.c @@ -7351,9 +7351,12 @@ qemuDomainGetMemoryParameters(virDomainP case 2: /* fill swap hard limit here */ rc = virCgroupGetMemSwapHardLimit(priv->cgroup, &val); if (rc != 0) { - virReportSystemError(-rc, "%s", - _("unable to get swap hard limit")); - goto cleanup; + if (rc != -ENOENT) { + virReportSystemError(-rc, "%s", + _("unable to get swap hard limit")); + goto cleanup; + } + val = VIR_DOMAIN_MEMORY_PARAM_UNLIMITED; } if (virTypedParameterAssign(param, VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT, ++++++ fix-pci-attach-xen-driver.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -8,10 +8,10 @@ This patch changes the xend driver to always call 'device_configure' for PCI devices to be consistent with the usage in the xen tools. -Index: libvirt-1.0.3/src/xen/xend_internal.c +Index: libvirt-1.0.5/src/xen/xend_internal.c =================================================================== ---- libvirt-1.0.3.orig/src/xen/xend_internal.c -+++ libvirt-1.0.3/src/xen/xend_internal.c +--- libvirt-1.0.5.orig/src/xen/xend_internal.c ++++ libvirt-1.0.5/src/xen/xend_internal.c @@ -2473,6 +2473,7 @@ xenDaemonAttachDeviceFlags(virDomainPtr virBuffer buf = VIR_BUFFER_INITIALIZER; char class[8], ref[80]; ++++++ install-apparmor-profiles.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,7 +1,7 @@ -Index: libvirt-1.0.3/examples/apparmor/Makefile.am +Index: libvirt-1.0.5/examples/apparmor/Makefile.am =================================================================== ---- libvirt-1.0.3.orig/examples/apparmor/Makefile.am -+++ libvirt-1.0.3/examples/apparmor/Makefile.am +--- libvirt-1.0.5.orig/examples/apparmor/Makefile.am ++++ libvirt-1.0.5/examples/apparmor/Makefile.am @@ -1,8 +1,45 @@ ## Copyright (C) 2005-2011 Red Hat, Inc. ## See COPYING.LIB for the License of this software @@ -53,10 +53,10 @@ + rm -f $(DESTDIR)$(sysconfdir)/apparmor.d/libvirt/TEMPLATE + +endif -Index: libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in +Index: libvirt-1.0.5/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in =================================================================== --- /dev/null -+++ libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in ++++ libvirt-1.0.5/examples/apparmor/usr.lib.libvirt.virt-aa-helper.in @@ -0,0 +1,40 @@ +# Last Modified: Fri Aug 19 11:21:48 2011 +#include <tunables/global> @@ -98,9 +98,9 @@ + /var/lib/kvm/images/ r, + /var/lib/kvm/images/** r, +} -Index: libvirt-1.0.3/examples/apparmor/usr.lib.libvirt.virt-aa-helper +Index: libvirt-1.0.5/examples/apparmor/usr.lib.libvirt.virt-aa-helper =================================================================== ---- libvirt-1.0.3.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +--- libvirt-1.0.5.orig/examples/apparmor/usr.lib.libvirt.virt-aa-helper +++ /dev/null @@ -1,38 +0,0 @@ -# Last Modified: Mon Apr 5 15:10:27 2010 @@ -141,9 +141,9 @@ - /var/lib/libvirt/images/ r, - /var/lib/libvirt/images/** r, -} -Index: libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd +Index: libvirt-1.0.5/examples/apparmor/usr.sbin.libvirtd =================================================================== ---- libvirt-1.0.3.orig/examples/apparmor/usr.sbin.libvirtd +--- libvirt-1.0.5.orig/examples/apparmor/usr.sbin.libvirtd +++ /dev/null @@ -1,52 +0,0 @@ -# Last Modified: Mon Apr 5 15:03:58 2010 @@ -198,10 +198,10 @@ - change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, - -} -Index: libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd.in +Index: libvirt-1.0.5/examples/apparmor/usr.sbin.libvirtd.in =================================================================== --- /dev/null -+++ libvirt-1.0.3/examples/apparmor/usr.sbin.libvirtd.in ++++ libvirt-1.0.5/examples/apparmor/usr.sbin.libvirtd.in @@ -0,0 +1,58 @@ +# Last Modified: Fri Aug 19 11:20:36 2011 +#include <tunables/global> @@ -261,9 +261,9 @@ + change_profile -> @{LIBVIRT}-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*, + +} -Index: libvirt-1.0.3/examples/apparmor/libvirt-qemu +Index: libvirt-1.0.5/examples/apparmor/libvirt-qemu =================================================================== ---- libvirt-1.0.3.orig/examples/apparmor/libvirt-qemu +--- libvirt-1.0.5.orig/examples/apparmor/libvirt-qemu +++ /dev/null @@ -1,129 +0,0 @@ -# Last Modified: Fri Mar 9 14:43:22 2012 @@ -395,10 +395,10 @@ - - /usr/libexec/qemu-bridge-helper rmix, - } -Index: libvirt-1.0.3/examples/apparmor/libvirt-qemu.in +Index: libvirt-1.0.5/examples/apparmor/libvirt-qemu.in =================================================================== --- /dev/null -+++ libvirt-1.0.3/examples/apparmor/libvirt-qemu.in ++++ libvirt-1.0.5/examples/apparmor/libvirt-qemu.in @@ -0,0 +1,132 @@ +# Last Modified: Fri Mar 9 14:43:22 2012 + ++++++ libvirt-1.0.3.tar.bz2 -> libvirt-1.0.5.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/libvirt/libvirt-1.0.3.tar.bz2 /work/SRC/openSUSE:Factory/.libvirt.new/libvirt-1.0.5.tar.bz2 differ: char 11, line 1 ++++++ libvirt-guests-init-script.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,9 +1,9 @@ Adjust libvirt-guests init files to conform to SUSE standards -Index: libvirt-1.0.3/tools/libvirt-guests.init.in +Index: libvirt-1.0.5/tools/libvirt-guests.init.in =================================================================== ---- libvirt-1.0.3.orig/tools/libvirt-guests.init.in -+++ libvirt-1.0.3/tools/libvirt-guests.init.in +--- libvirt-1.0.5.orig/tools/libvirt-guests.init.in ++++ libvirt-1.0.5/tools/libvirt-guests.init.in @@ -3,15 +3,15 @@ # the following is the LSB init header # @@ -28,10 +28,10 @@ ### END INIT INFO # the following is chkconfig init header -Index: libvirt-1.0.3/tools/libvirt-guests.sh.in +Index: libvirt-1.0.5/tools/libvirt-guests.sh.in =================================================================== ---- libvirt-1.0.3.orig/tools/libvirt-guests.sh.in -+++ libvirt-1.0.3/tools/libvirt-guests.sh.in +--- libvirt-1.0.5.orig/tools/libvirt-guests.sh.in ++++ libvirt-1.0.5/tools/libvirt-guests.sh.in @@ -1,13 +1,12 @@ #!/bin/sh @@ -130,7 +130,7 @@ eval_gettext "Resuming guests on \$uri URI..."; echo for guest in $list; do name=$(guest_name "$uri" "$guest") -@@ -377,7 +403,7 @@ shutdown_guests_parallel() +@@ -378,7 +404,7 @@ shutdown_guests_parallel() timeout=$(($timeout - 1)) if [ $timeout -le 0 ]; then eval_gettext "Timeout expired while shutting down domains"; echo @@ -139,7 +139,7 @@ return fi else -@@ -405,7 +431,7 @@ stop() { +@@ -406,7 +432,7 @@ stop() { if [ $SHUTDOWN_TIMEOUT -lt 0 ]; then gettext "SHUTDOWN_TIMEOUT must be equal or greater than 0" echo @@ -148,7 +148,7 @@ return fi fi -@@ -453,14 +479,14 @@ stop() { +@@ -454,14 +480,14 @@ stop() { if [ $? -ne 0 ]; then eval_gettext "Failed to list persistent guests on \$uri" echo @@ -165,7 +165,7 @@ set +f return fi -@@ -519,14 +545,13 @@ gueststatus() { +@@ -520,14 +546,13 @@ gueststatus() { rh_status() { if [ -f "$LISTFILE" ]; then gettext "stopped, with saved guests"; echo @@ -174,23 +174,24 @@ else if [ -f "$VAR_SUBSYS_LIBVIRT_GUESTS" ]; then gettext "started"; echo +- RETVAL=0 else gettext "stopped, with no saved guests"; echo +- RETVAL=3 ++ rc_failed 3 fi -- RETVAL=0 fi } - -@@ -570,4 +595,4 @@ case "$1" in +@@ -572,4 +597,4 @@ case "$1" in usage ;; esac -exit $RETVAL +rc_exit -Index: libvirt-1.0.3/tools/libvirt-guests.sysconf +Index: libvirt-1.0.5/tools/libvirt-guests.sysconf =================================================================== ---- libvirt-1.0.3.orig/tools/libvirt-guests.sysconf -+++ libvirt-1.0.3/tools/libvirt-guests.sysconf +--- libvirt-1.0.5.orig/tools/libvirt-guests.sysconf ++++ libvirt-1.0.5/tools/libvirt-guests.sysconf @@ -1,19 +1,29 @@ +## Path: System/Virtualization/libvirt-guests + ++++++ libvirt-suse-netcontrol.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,8 +1,8 @@ -Index: libvirt-1.0.3/configure.ac +Index: libvirt-1.0.5/configure.ac =================================================================== ---- libvirt-1.0.3.orig/configure.ac -+++ libvirt-1.0.3/configure.ac -@@ -153,6 +153,7 @@ LIBVIRT_CHECK_DBUS +--- libvirt-1.0.5.orig/configure.ac ++++ libvirt-1.0.5/configure.ac +@@ -159,6 +159,7 @@ LIBVIRT_CHECK_DBUS LIBVIRT_CHECK_FUSE LIBVIRT_CHECK_HAL LIBVIRT_CHECK_NETCF @@ -10,7 +10,7 @@ LIBVIRT_CHECK_NUMACTL LIBVIRT_CHECK_OPENWSMAN LIBVIRT_CHECK_PCIACCESS -@@ -2199,11 +2200,12 @@ if test "$with_libvirtd" = "no" ; then +@@ -2205,11 +2206,12 @@ if test "$with_libvirtd" = "no" ; then with_interface=no fi @@ -26,7 +26,7 @@ esac if test "$with_interface" = "yes" ; then -@@ -2473,6 +2475,7 @@ LIBVIRT_RESULT_DBUS +@@ -2488,6 +2490,7 @@ LIBVIRT_RESULT_DBUS LIBVIRT_RESULT_FUSE LIBVIRT_RESULT_HAL LIBVIRT_RESULT_NETCF @@ -34,11 +34,11 @@ LIBVIRT_RESULT_NUMACTL LIBVIRT_RESULT_OPENWSMAN LIBVIRT_RESULT_PCIACCESS -Index: libvirt-1.0.3/src/Makefile.am +Index: libvirt-1.0.5/src/Makefile.am =================================================================== ---- libvirt-1.0.3.orig/src/Makefile.am -+++ libvirt-1.0.3/src/Makefile.am -@@ -643,6 +643,10 @@ if WITH_NETCF +--- libvirt-1.0.5.orig/src/Makefile.am ++++ libvirt-1.0.5/src/Makefile.am +@@ -715,6 +715,10 @@ if WITH_NETCF INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_netcf.c endif @@ -49,7 +49,7 @@ if WITH_UDEV INTERFACE_DRIVER_SOURCES += \ interface/interface_backend_udev.c -@@ -1130,11 +1134,16 @@ if WITH_NETCF +@@ -1200,11 +1204,16 @@ if WITH_NETCF libvirt_driver_interface_la_CFLAGS += $(NETCF_CFLAGS) libvirt_driver_interface_la_LIBADD += $(NETCF_LIBS) else @@ -66,11 +66,11 @@ if WITH_DRIVER_MODULES libvirt_driver_interface_la_LIBADD += ../gnulib/lib/libgnu.la libvirt_driver_interface_la_LDFLAGS += -module -avoid-version -Index: libvirt-1.0.3/tools/virsh.c +Index: libvirt-1.0.5/tools/virsh.c =================================================================== ---- libvirt-1.0.3.orig/tools/virsh.c -+++ libvirt-1.0.3/tools/virsh.c -@@ -2812,6 +2812,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE +--- libvirt-1.0.5.orig/tools/virsh.c ++++ libvirt-1.0.5/tools/virsh.c +@@ -2888,6 +2888,8 @@ vshShowVersion(vshControl *ctl ATTRIBUTE vshPrint(ctl, " Interface"); # if defined(WITH_NETCF) vshPrint(ctl, " netcf"); @@ -79,10 +79,10 @@ # elif defined(WITH_UDEV) vshPrint(ctl, " udev"); # endif -Index: libvirt-1.0.3/src/interface/interface_backend_netcf.c +Index: libvirt-1.0.5/src/interface/interface_backend_netcf.c =================================================================== ---- libvirt-1.0.3.orig/src/interface/interface_backend_netcf.c -+++ libvirt-1.0.3/src/interface/interface_backend_netcf.c +--- libvirt-1.0.5.orig/src/interface/interface_backend_netcf.c ++++ libvirt-1.0.5/src/interface/interface_backend_netcf.c @@ -23,7 +23,12 @@ #include <config.h> @@ -135,7 +135,7 @@ static int netcf_to_vir_err(int netcf_errcode) { switch (netcf_errcode) -@@ -137,6 +173,10 @@ static virDrvOpenStatus interfaceOpenInt +@@ -137,6 +173,10 @@ static virDrvOpenStatus netcfInterfaceOp goto mutex_error; } @@ -146,10 +146,10 @@ /* open netcf */ if (ncf_init(&driverState->netcf, NULL) != 0) { -Index: libvirt-1.0.3/src/interface/interface_driver.c +Index: libvirt-1.0.5/src/interface/interface_driver.c =================================================================== ---- libvirt-1.0.3.orig/src/interface/interface_driver.c -+++ libvirt-1.0.3/src/interface/interface_driver.c +--- libvirt-1.0.5.orig/src/interface/interface_driver.c ++++ libvirt-1.0.5/src/interface/interface_driver.c @@ -28,8 +28,15 @@ interfaceRegister(void) { if (netcfIfaceRegister() == 0) return 0; @@ -167,10 +167,10 @@ if (udevIfaceRegister() == 0) return 0; #endif /* WITH_UDEV */ -Index: libvirt-1.0.3/m4/virt-netcontrol.m4 +Index: libvirt-1.0.5/m4/virt-netcontrol.m4 =================================================================== --- /dev/null -+++ libvirt-1.0.3/m4/virt-netcontrol.m4 ++++ libvirt-1.0.5/m4/virt-netcontrol.m4 @@ -0,0 +1,35 @@ +dnl The libnetcontrol library +dnl ++++++ libvirtd-defaults.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,7 +1,7 @@ -Index: libvirt-1.0.3/daemon/libvirtd.conf +Index: libvirt-1.0.5/daemon/libvirtd.conf =================================================================== ---- libvirt-1.0.3.orig/daemon/libvirtd.conf -+++ libvirt-1.0.3/daemon/libvirtd.conf +--- libvirt-1.0.5.orig/daemon/libvirtd.conf ++++ libvirt-1.0.5/daemon/libvirtd.conf @@ -18,8 +18,8 @@ # It is necessary to setup a CA and issue server certificates before # using this capability. @@ -13,10 +13,10 @@ # Listen for unencrypted TCP connections on the public TCP/IP port. # NB, must pass the --listen flag to the libvirtd process for this to -Index: libvirt-1.0.3/daemon/libvirtd-config.c +Index: libvirt-1.0.5/daemon/libvirtd-config.c =================================================================== ---- libvirt-1.0.3.orig/daemon/libvirtd-config.c -+++ libvirt-1.0.3/daemon/libvirtd-config.c +--- libvirt-1.0.5.orig/daemon/libvirtd-config.c ++++ libvirt-1.0.5/daemon/libvirtd-config.c @@ -233,7 +233,7 @@ daemonConfigNew(bool privileged ATTRIBUT return NULL; } ++++++ libvirtd-init-script.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,9 +1,9 @@ Adjust libvirtd sysconfig file to conform to SUSE standards -Index: libvirt-1.0.3/daemon/libvirtd.sysconf +Index: libvirt-1.0.5/daemon/libvirtd.sysconf =================================================================== ---- libvirt-1.0.3.orig/daemon/libvirtd.sysconf -+++ libvirt-1.0.3/daemon/libvirtd.sysconf +--- libvirt-1.0.5.orig/daemon/libvirtd.sysconf ++++ libvirt-1.0.5/daemon/libvirtd.sysconf @@ -1,16 +1,25 @@ +## Path: System/Virtualization/libvirt + ++++++ relax-qemu-usergroup-check.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -7,11 +7,11 @@ daemon. Then the qemu driver would only be loaded when needed, which would never be the case on a xen-only configuration. -Index: libvirt-1.0.3/src/qemu/qemu_conf.c +Index: libvirt-1.0.5/src/qemu/qemu_conf.c =================================================================== ---- libvirt-1.0.3.orig/src/qemu/qemu_conf.c -+++ libvirt-1.0.3/src/qemu/qemu_conf.c -@@ -439,15 +439,15 @@ int virQEMUDriverConfigLoadFile(virQEMUD +--- libvirt-1.0.5.orig/src/qemu/qemu_conf.c ++++ libvirt-1.0.5/src/qemu/qemu_conf.c +@@ -435,15 +435,15 @@ int virQEMUDriverConfigLoadFile(virQEMUD p = virConfGetValue(conf, "user"); CHECK_TYPE("user", VIR_CONF_STRING); ++++++ support-managed-pci-xen-driver.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -8,15 +8,15 @@ src/xenxs/xen_xm.c | 28 +++++++++++++++++++++++++++- 2 files changed, 35 insertions(+), 15 deletions(-) -Index: libvirt-1.0.3/src/xenxs/xen_sxpr.c +Index: libvirt-1.0.5/src/xenxs/xen_sxpr.c =================================================================== ---- libvirt-1.0.3.orig/src/xenxs/xen_sxpr.c -+++ libvirt-1.0.3/src/xenxs/xen_sxpr.c +--- libvirt-1.0.5.orig/src/xenxs/xen_sxpr.c ++++ libvirt-1.0.5/src/xenxs/xen_sxpr.c @@ -1035,6 +1035,7 @@ xenParseSxprPCI(virDomainDefPtr def, int busID; int slotID; int funcID; -+ int managed; ++ bool managed; node = cur->u.s.car; if (!sexpr_lookup(node, "dev")) @@ -30,28 +30,29 @@ goto error; dev->mode = VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; -- dev->managed = 0; -+ dev->managed = managed; +- dev->managed = false; ++ dev->managed = managed ? true : false; dev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; - dev->source.subsys.u.pci.domain = domainID; - dev->source.subsys.u.pci.bus = busID; -@@ -2044,11 +2047,14 @@ static void + dev->source.subsys.u.pci.addr.domain = domainID; + dev->source.subsys.u.pci.addr.bus = busID; +@@ -2042,11 +2045,15 @@ static void xenFormatSxprPCI(virDomainHostdevDefPtr def, virBufferPtr buf) { - virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x))", + virBufferAsprintf(buf, "(dev (domain 0x%04x)(bus 0x%02x)(slot 0x%02x)(func 0x%x)", - def->source.subsys.u.pci.domain, - def->source.subsys.u.pci.bus, - def->source.subsys.u.pci.slot, - def->source.subsys.u.pci.function); + def->source.subsys.u.pci.addr.domain, + def->source.subsys.u.pci.addr.bus, + def->source.subsys.u.pci.addr.slot, + def->source.subsys.u.pci.addr.function); ++ + if (def->managed) + virBufferAddLit(buf, "(opts (managed 1))"); + virBufferAddLit(buf, ")"); } -@@ -2067,12 +2073,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP +@@ -2065,12 +2072,6 @@ xenFormatSxprOnePCI(virDomainHostdevDefP virBufferPtr buf, int detach) { @@ -64,7 +65,7 @@ virBufferAddLit(buf, "(pci "); xenFormatSxprPCI(def, buf); if (detach) -@@ -2127,12 +2127,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def, +@@ -2125,12 +2126,6 @@ xenFormatSxprAllPCI(virDomainDefPtr def, for (i = 0 ; i < def->nhostdevs ; i++) { if (def->hostdevs[i]->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && def->hostdevs[i]->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) { @@ -77,16 +78,16 @@ xenFormatSxprPCI(def->hostdevs[i], buf); } } -Index: libvirt-1.0.3/src/xenxs/xen_xm.c +Index: libvirt-1.0.5/src/xenxs/xen_xm.c =================================================================== ---- libvirt-1.0.3.orig/src/xenxs/xen_xm.c -+++ libvirt-1.0.3/src/xenxs/xen_xm.c +--- libvirt-1.0.5.orig/src/xenxs/xen_xm.c ++++ libvirt-1.0.5/src/xenxs/xen_xm.c @@ -815,6 +815,8 @@ xenParseXM(virConfPtr conf, int xendConf int busID; int slotID; int funcID; + char *opt; -+ int managed=0; ++ int managed = 0; domain[0] = bus[0] = slot[0] = func[0] = '\0'; @@ -129,8 +130,8 @@ if (!(hostdev = virDomainHostdevDefAlloc())) goto cleanup; -- hostdev->managed = 0; -+ hostdev->managed = managed; +- hostdev->managed = false; ++ hostdev->managed = managed ? true : false; hostdev->source.subsys.type = VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; - hostdev->source.subsys.u.pci.domain = domainID; - hostdev->source.subsys.u.pci.bus = busID; + hostdev->source.subsys.u.pci.addr.domain = domainID; + hostdev->source.subsys.u.pci.addr.bus = busID; ++++++ suse-qemu-conf.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,7 +1,7 @@ -Index: libvirt-1.0.3/src/qemu/qemu.conf +Index: libvirt-1.0.5/src/qemu/qemu.conf =================================================================== ---- libvirt-1.0.3.orig/src/qemu/qemu.conf -+++ libvirt-1.0.3/src/qemu/qemu.conf +--- libvirt-1.0.5.orig/src/qemu/qemu.conf ++++ libvirt-1.0.5/src/qemu/qemu.conf @@ -169,7 +169,16 @@ # a special value; security_driver can be set to that value in # isolation, but it cannot appear in a list of drivers. @@ -19,7 +19,7 @@ # If set to non-zero, then the default security labeling # will make guests confined. If set to zero, then guests -@@ -357,6 +366,15 @@ +@@ -365,6 +374,15 @@ #allow_disk_format_probing = 1 ++++++ virtlockd-init-script.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,9 +1,9 @@ Adjust virtlockd init files to conform to SUSE standards -Index: libvirt-1.0.3/src/locking/virtlockd.sysconf +Index: libvirt-1.0.5/src/locking/virtlockd.sysconf =================================================================== ---- libvirt-1.0.3.orig/src/locking/virtlockd.sysconf -+++ libvirt-1.0.3/src/locking/virtlockd.sysconf +--- libvirt-1.0.5.orig/src/locking/virtlockd.sysconf ++++ libvirt-1.0.5/src/locking/virtlockd.sysconf @@ -1,3 +1,7 @@ +## Path: System/Virtualization/virtlockd + @@ -12,10 +12,10 @@ # # Pass extra arguments to virtlockd #VIRTLOCKD_ARGS= -Index: libvirt-1.0.3/src/locking/virtlockd.init.in +Index: libvirt-1.0.5/src/locking/virtlockd.init.in =================================================================== ---- libvirt-1.0.3.orig/src/locking/virtlockd.init.in -+++ libvirt-1.0.3/src/locking/virtlockd.init.in +--- libvirt-1.0.5.orig/src/locking/virtlockd.init.in ++++ libvirt-1.0.5/src/locking/virtlockd.init.in @@ -4,11 +4,13 @@ # http://www.linux-foundation.org/spec//booksets/LSB-Core-generic/LSB-Core-generic.html#INITSCRCOMCONV # ++++++ xen-name-for-devid.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -14,10 +14,10 @@ is inactive. We obviously can't search xenstore when the domain is inactive. -Index: libvirt-1.0.3/src/xen/xend_internal.c +Index: libvirt-1.0.5/src/xen/xend_internal.c =================================================================== ---- libvirt-1.0.3.orig/src/xen/xend_internal.c -+++ libvirt-1.0.3/src/xen/xend_internal.c +--- libvirt-1.0.5.orig/src/xen/xend_internal.c ++++ libvirt-1.0.5/src/xen/xend_internal.c @@ -60,8 +60,8 @@ #define XEND_RCV_BUF_MAX_LEN (256 * 1024) @@ -48,7 +48,7 @@ _("requested device does not exist")); goto cleanup; @@ -2790,7 +2790,7 @@ xenDaemonDetachDeviceFlags(virDomainPtr - def, xml, VIR_DOMAIN_XML_INACTIVE))) + VIR_DOMAIN_XML_INACTIVE))) goto cleanup; - if (virDomainXMLDevID(domain, dev, class, ref, sizeof(ref))) @@ -56,7 +56,7 @@ goto cleanup; if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV) { -@@ -3682,21 +3682,22 @@ struct xenUnifiedDriver xenDaemonDriver +@@ -3682,31 +3682,32 @@ struct xenUnifiedDriver xenDaemonDriver /** * virDomainXMLDevID: * @domain: pointer to domain object @@ -83,10 +83,10 @@ virDomainDeviceDefPtr dev, char *class, char *ref, -@@ -3704,9 +3705,11 @@ virDomainXMLDevID(virDomainPtr domain, + int ref_len) { - xenUnifiedPrivatePtr priv = domain->conn->privateData; - char *xref; +- xenUnifiedPrivatePtr priv = domain->conn->privateData; +- char *xref; - char *tmp; + unsigned int i; @@ -96,7 +96,7 @@ if (dev->data.disk->driverName && STREQ(dev->data.disk->driverName, "tap")) strcpy(class, "tap"); -@@ -3716,19 +3719,17 @@ virDomainXMLDevID(virDomainPtr domain, +@@ -3716,19 +3717,17 @@ virDomainXMLDevID(virDomainPtr domain, else strcpy(class, "vbd"); @@ -125,15 +125,14 @@ + } + return -1; } else if (dev->type == VIR_DOMAIN_DEVICE_NET) { - char mac[30]; + char mac[VIR_MAC_STRING_BUFLEN]; virDomainNetDefPtr def = dev->data.net; -@@ -3738,17 +3739,22 @@ virDomainXMLDevID(virDomainPtr domain, +@@ -3736,16 +3735,22 @@ virDomainXMLDevID(virDomainPtr domain, strcpy(class, "vif"); - xenUnifiedLock(priv); -- xref = xenStoreDomainGetNetworkID(domain->conn, domain->id, -- mac); +- xref = xenStoreDomainGetNetworkID(domain->conn, domain->id, mac); - xenUnifiedUnlock(priv); - if (xref == NULL) - return -1; @@ -161,7 +160,7 @@ } else if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV && dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && dev->data.hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) { -@@ -3766,17 +3772,44 @@ virDomainXMLDevID(virDomainPtr domain, +@@ -3763,17 +3768,44 @@ virDomainXMLDevID(virDomainPtr domain, strcpy(class, "pci"); @@ -182,10 +181,10 @@ + continue; + + if (virAsprintf(&dst_bdf, "%04x:%02x:%02x.%0x", -+ hostdev->source.subsys.u.pci.domain, -+ hostdev->source.subsys.u.pci.bus, -+ hostdev->source.subsys.u.pci.slot, -+ hostdev->source.subsys.u.pci.function) < 0) { ++ hostdev->source.subsys.u.pci.addr.domain, ++ hostdev->source.subsys.u.pci.addr.bus, ++ hostdev->source.subsys.u.pci.addr.slot, ++ hostdev->source.subsys.u.pci.addr.function) < 0) { + virReportOOMError(); + VIR_FREE(bdf); + return -1; ++++++ xen-pv-cdrom.patch ++++++ --- /var/tmp/diff_new_pack.yVpb19/_old 2013-05-27 09:52:28.000000000 +0200 +++ /var/tmp/diff_new_pack.yVpb19/_new 2013-05-27 09:52:28.000000000 +0200 @@ -1,7 +1,7 @@ -Index: libvirt-1.0.3/src/xenxs/xen_sxpr.c +Index: libvirt-1.0.5/src/xenxs/xen_sxpr.c =================================================================== ---- libvirt-1.0.3.orig/src/xenxs/xen_sxpr.c -+++ libvirt-1.0.3/src/xenxs/xen_sxpr.c +--- libvirt-1.0.5.orig/src/xenxs/xen_sxpr.c ++++ libvirt-1.0.5/src/xenxs/xen_sxpr.c @@ -341,7 +341,7 @@ error: static int xenParseSxprDisks(virDomainDefPtr def, -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org