rpms/libguestfs
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Rebase to new stable branch version 1.48.3

Browse Source 
resolves: rhbz#2059285

Check return values from librpm calls (2089623)
Document limitations of encrypted RBD disks
resolves: rhbz#2033247
This commit is contained in:
Richard W.M. Jones 2022-05-26 13:30:35 +01:00
parent d4ba013a56
commit 0b7021a86c
17 changed files with 120 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
0001-New-API-guestfs_device_name-returning-the-drive-name.patch
View File

@ -1,4 +1,4 @@
From 135a1767a9cfee6501b39821e4cfbf8310096b70 Mon Sep 17 00:00:00 2001
From 18472273bb58eff008a0c1aacfe7c21dec6705a1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 28 Apr 2022 13:16:54 +0100
Subject: [PATCH] New API: guestfs_device_name returning the drive name

2
0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch
View File

@ -1,4 +1,4 @@
From 21cf5aadf26305ccbd4de25462648344602643e9 Mon Sep 17 00:00:00 2001
From e77853fd91466181e9963392fbc97d0bf97b8492 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 2 May 2022 10:56:00 +0200
Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift

2
0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch
View File

@ -1,4 +1,4 @@
From e5d1521137dd824b53531299118197eced338673 Mon Sep 17 00:00:00 2001
From ba6c7a9a609d650c07d26ee4777f18a6730f4028 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Mon, 2 May 2022 10:56:01 +0200
Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write()

4
0004-lib-launch-direct-ignore-drive-iface-parameter.patch
View File

@ -1,4 +1,4 @@
From fd9a584f39b6fdab3588715597bdd2d7677f70e9 Mon Sep 17 00:00:00 2001
From 0279a052dcb859f0c421d2efb92cf3b3d549dcd7 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:52 +0200
Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter
@ -49,7 +49,7 @@ index 00dde3d2a..f1040a0e9 100644
{ defaults with
name = "lstatlist"; added = (1, 0, 77);
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
index 5c91822fb..c07a8d78f 100644
index b292b9c26..ff0eaeb62 100644
--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
@@ -296,52 +296,19 @@ static int

6
0005-lib-drive_create_data-drive-remove-field-iface.patch
View File

@ -1,4 +1,4 @@
From cb6b7ce718cb33567a06746208dc4d4e7cab8be6 Mon Sep 17 00:00:00 2001
From 3db215d52abd929364fe65da74e2f393ee196818 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:53 +0200
Subject: [PATCH] lib: drive_create_data, drive: remove field "iface"
@ -163,10 +163,10 @@ index 5bb00bc10..16755cfb3 100644
char *disk_label;
char *cachemode;
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index 44764f3cc..87da2f40e 100644
index de342b425..03d69e027 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1465,12 +1465,6 @@ construct_libvirt_xml_disk (guestfs_h *g,
@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g,
const char *type, *uuid;
int r;

2
0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch
View File

@ -1,4 +1,4 @@
From 1eba1113850c4e5b6b6f89d26bd11d8685b25a26 Mon Sep 17 00:00:00 2001
From 2fba4170207b5fef8887ef7003725f7f2deea85b Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:54 +0200
Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT

2
0007-tests-regressions-remove-iface-based-restrictions.patch
View File

@ -1,4 +1,4 @@
From b436e306ecf93450651e023763bda3fd954e428e Mon Sep 17 00:00:00 2001
From 052163a725b8eb430b1f56ee86825cf35c5012d7 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 4 May 2022 15:41:55 +0200
Subject: [PATCH] tests/regressions: remove "iface"-based restrictions

2
0008-generator-customize-invert-SELinux-relabeling-defaul.patch
View File

@ -1,4 +1,4 @@
From 16043bb219a5fb4e121550513779af074f2ce0ca Mon Sep 17 00:00:00 2001
From decf2b497b47e8a49b2384144b198979df2be8eb Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Tue, 10 May 2022 12:27:57 +0200
Subject: [PATCH] generator/customize: invert SELinux relabeling default

2
0009-update-common-submodule.patch
View File

@ -1,4 +1,4 @@
From 6a2a4adfefd9c80884c6a5a565d2d781ba7227fb Mon Sep 17 00:00:00 2001
From ec3fcb5bf880ce25dc98047903e9d0a090c151f0 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 11 May 2022 05:26:48 +0200
Subject: [PATCH] update common submodule

42
0010-generator-customize-reintroduce-selinux-relabel-as-a.patch Normal file
View File

@ -0,0 +1,42 @@
From d09099b1da8da93c11aaf51c94e7e456256d6fe9 Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Wed, 25 May 2022 09:19:58 +0200
Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a
compat option
Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize:
invert SELinux relabeling default", 2022-05-11) breaks existing scripts
that invoke virt-customize and/or virt-sysprep with that option. Restore
the option, with no functionality tied to it.
Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20220525071958.9612-1-lersek@redhat.com>
Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1)
---
generator/customize.ml | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/generator/customize.ml b/generator/customize.ml
index 9634dad85..5abaf206f 100644
--- a/generator/customize.ml
+++ b/generator/customize.ml
@@ -581,6 +581,13 @@ option disables the automatic relabeling.
The option is a no-op for guests that do not support SELinux.";
};
+ { flag_name = "selinux-relabel";
+ flag_type = FlagBool false;
+ flag_ml_var = "selinux_relabel_ignored";
+ flag_shortdesc = "Compatibility option doing nothing";
+ flag_pod_longdesc = "This is a compatibility option that does nothing.";
+ };
+
{ flag_name = "sm-credentials";
flag_type = FlagSMCredentials "SELECTOR";
flag_ml_var = "sm_credentials";
--
2.31.1

12
0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch → 0012-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
View File

@ -1,4 +1,4 @@
From fc738cbe77b4f058c3d3367512cb64aeb0248a98 Mon Sep 17 00:00:00 2001
From 0bba553b311f448c50ba6b3dd934b88387302d01 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 29 Jul 2013 14:47:56 +0100
Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
@ -373,12 +373,12 @@ index c5a208468..efb289254 100644
error (g, _("unknown protocol %s"), protocol);
drv = NULL; /*FALLTHROUGH*/
diff --git a/lib/guestfs.pod b/lib/guestfs.pod
index b04c28d62..a334a4b65 100644
index 1ad44e7c2..946ce2d36 100644
--- a/lib/guestfs.pod
+++ b/lib/guestfs.pod
@@ -679,70 +679,6 @@ servers. The server string is documented in
L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are
also optional, and if not given, then no authentication will be used.
@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an
ephemeral secret object from those, for Ceph authentication. Refer to
L<https://bugzilla.redhat.com/2033247>.
-=head3 FTP, HTTP AND TFTP
-
@ -447,7 +447,7 @@ index b04c28d62..a334a4b65 100644
=head3 NETWORK BLOCK DEVICE
Libguestfs can access Network Block Device (NBD) disks remotely.
@@ -805,42 +741,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
@@ -838,42 +774,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
=back

2
0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch → 0013-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
View File

@ -1,4 +1,4 @@
From a026536353871472bddfb6e39c13149e09243b8c Mon Sep 17 00:00:00 2001
From 046e64463e958fb0d2abb6ef6330a6757803a759 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 7 Jul 2015 09:28:03 -0400
Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for

88
0013-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
View File

@ -1,88 +0,0 @@
From 6005efab3539eee16c131afe57f1b15237a4db77 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 12 May 2022 08:36:37 +0100
Subject: [PATCH] lib: Disable 5-level page tables when using -cpu max
In https://bugzilla.redhat.com/show_bug.cgi?id=2082806 we've been
tracking an insidious qemu bug which intermittently prevents the
libguestfs appliance from starting. The symptoms are that SeaBIOS
starts and displays its messages, but the kernel isn't reached. We
found that the kernel does in fact start, but when it tries to set up
page tables and jump to protected mode it gets a triple fault which
causes the emulated CPU in qemu to reset (qemu exits).
This seems to only affect TCG (not KVM).
Yesterday I found that this is caused by using -cpu max which enables
the "la57" feature (5-level page tables[0]), and that we can make the
problem go away using -cpu max,la57=off. Note that I still don't
fully understand the qemu bug, so this is only a workaround.
I chose to disable 5-level page tables for both TCG and KVM, partly to
make the patch simpler, and partly because I guess it's not a feature
(ie. 57 bit linear addresses) that is useful for the libguestfs
appliance case, where we have limited physical memory and no need to
run any programs with huge address spaces.
I tested this by running both the direct & libvirt paths overnight. I
expect that this patch will fail with old qemu/libvirt which doesn't
understand the "la57" feature, but this is only intended as a
temporary workaround.
[0] Article about 5-level page tables as background:
https://lwn.net/Articles/717293/
Thanks: Laszlo Ersek
Fixes: https://answers.launchpad.net/ubuntu/+source/libguestfs/+question/701625
---
lib/launch-direct.c | 15 +++++++++++++--
lib/launch-libvirt.c | 7 +++++++
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/lib/launch-direct.c b/lib/launch-direct.c
index c07a8d78f..ff0eaeb62 100644
--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
@@ -518,8 +518,19 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
} end_list ();
cpu_model = guestfs_int_get_cpu_model (has_kvm && !force_tcg);
- if (cpu_model)
- arg ("-cpu", cpu_model);
+ if (cpu_model) {
+#if defined(__x86_64__)
+ /* Temporary workaround for RHBZ#2082806 */
+ if (STREQ (cpu_model, "max")) {
+ start_list ("-cpu") {
+ append_list (cpu_model);
+ append_list ("la57=off");
+ } end_list ();
+ }
+ else
+#endif
+ arg ("-cpu", cpu_model);
+ }
if (g->smp > 1)
arg_format ("-smp", "%d", g->smp);
diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
index 87da2f40e..03d69e027 100644
--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
@@ -1185,6 +1185,13 @@ construct_libvirt_xml_cpu (guestfs_h *g,
else if (STREQ (cpu_model, "max")) {
/* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
attribute ("mode", "maximum");
+#if defined(__x86_64__)
+ /* Temporary workaround for RHBZ#2082806 */
+ start_element ("feature") {
+ attribute ("policy", "disable");
+ attribute ("name", "la57");
+ } end_element ();
+#endif
}
else
single_element ("model", cpu_model);
--
2.31.1

2
0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch → 0014-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch
View File

@ -1,4 +1,4 @@
From 4ce969732bb8424237e26c5dd3b56507025aae82 Mon Sep 17 00:00:00 2001
From 0598660ad71cce8c55e6af3b6f0c9afda6d70bcb Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 29 Jun 2021 15:29:11 +0100
Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config

42
0015-build-Pick-first-field-in-ID_LIKE.patch Normal file
View File

@ -0,0 +1,42 @@
From ad24b9f4d6950dd681e65ea9d1de334119ec9ec7 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 26 May 2022 14:02:58 +0100
Subject: [PATCH] build: Pick first field in ID_LIKE
CentOS Stream has:
ID_LIKE="rhel fedora"
which confused the existing script. If there are multiple "likes"
arbitrarily pick the first one in the list.
Fixes: commit 63b722b6c094f3a35a5e72f0ae3236a58ddda110
(cherry picked from commit 7afbf5ee4415f6fa2553898d3af238e794062096)
---
m4/guestfs-appliance.m4 | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/m4/guestfs-appliance.m4 b/m4/guestfs-appliance.m4
index 4e63ef435..19db4fc7e 100644
--- a/m4/guestfs-appliance.m4
+++ b/m4/guestfs-appliance.m4
@@ -106,11 +106,11 @@ AC_ARG_WITH([distro],
cat /etc/os-release >&AS_MESSAGE_LOG_FD
DISTRO="$(
. /etc/os-release
- if test -n "$ID_LIKE"; then
- echo $ID_LIKE | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
- else
- echo $ID | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
- fi
+ ( if test -n "$ID_LIKE"; then
+ echo $ID_LIKE | $AWK '{print $1}'
+ else
+ echo $ID
+ fi ) | tr '@<:@:lower:@:>@' '@<:@:upper:@:>@'
)"
AS_CASE([$DISTRO],
[FEDORA | RHEL | CENTOS | ALMALINUX | CLOUDLINUX | ROCKY],
--
2.31.1

22
libguestfs.spec
View File

@ -47,8 +47,8 @@
Summary: Access and modify virtual machine disk images
Name: libguestfs
Epoch: 1
Version: 1.48.2
Release: 2%{?dist}
Version: 1.48.3
Release: 1%{?dist}
License: LGPLv2+
# Build only for architectures that have a kernel
@ -98,10 +98,13 @@ Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch
# files in common/mlcustomize. This directory is not included
# in the libguestfs tarball.
Patch0009: 0009-update-common-submodule.patch
Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch
Patch0013: 0013-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
Patch0010: 0010-generator-customize-reintroduce-selinux-relabel-as-a.patch
# *NB* This patch only references common/mlcustomize, so it is removed.
#Patch0011: 0011-update-common-submodule.patch
Patch0012: 0012-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch
Patch0013: 0013-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch
Patch0014: 0014-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch
Patch0015: 0015-build-Pick-first-field-in-ID_LIKE.patch
%if 0%{patches_touch_autotools}
BuildRequires: autoconf, automake, libtool, gettext-devel
@ -1144,8 +1147,8 @@ rm ocaml/html/.gitignore
%changelog
* Thu May 12 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.2-2
- Rebase to new stable branch version 1.48.2
* Thu May 26 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.3-1
- Rebase to new stable branch version 1.48.3
resolves: rhbz#2059285
- Disable 5-level page tables when using -cpu max
resolves: rhbz#2084568
@ -1155,6 +1158,9 @@ rm ocaml/html/.gitignore
resolves: rhbz#1844341
- Lift protocol limit on guestfs_readdir()
resolves: rhbz#1674392
- Check return values from librpm calls (2089623)
- Document limitations of encrypted RBD disks
resolves: rhbz#2033247
* Thu Mar 17 2022 Richard W.M. Jones <rjones@redhat.com> - 1:1.48.0-2
- Disable signature checking in librpm

4
sources
View File

@ -1,2 +1,2 @@
SHA512 (libguestfs-1.48.2.tar.gz) = 3cbec961fbed3bfdb2ba6ab240756ffd61fed76be1e754b0286a87e298ba95dae6d7435aa5f5cff84dd2f42aa7576a2f197df83f987f0e44ed4d268f76be5e19
SHA512 (libguestfs-1.48.2.tar.gz.sig) = 1554d1a911c06fb59cea2e56b845272d1e33056e36b74f9e6507d5cff433340ba3e90b8957dbd706f0f2ea32e45d1dc11f394212a314c5b954677faa66c4c8de
SHA512 (libguestfs-1.48.3.tar.gz) = d88b7869e6098af1f7748dc2e8163b245ea251fcdf962a71e3735f5a1748c9e87a17be259802da3e0bb13569d7f7233b2c5a554b20a2a7758e1974a30a70b786
SHA512 (libguestfs-1.48.3.tar.gz.sig) = f372cddfb661727c7e33505b9f038828e8341a229098c089b0b9f2167fc6308045e402cbfea653dfc0bd5343e2c9f9e2757af7923515615ac38430c132620de7