From 2a5c5a1890c4923aed5ac58b17bf60933835e474 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 15 Nov 2022 01:27:18 -0500 Subject: [PATCH] import libguestfs-1.48.4-2.el9 --- .gitignore | 2 +- .libguestfs.metadata | 2 +- ...device_name-returning-the-drive-name.patch | 96 +++ ...s_unix-recognize-modern-Pardus-GNU-L.patch | 39 -- ...n-Add-support-for-Kylin-RHBZ-1995391.patch | 100 ---- ...rewrite-with-FileOut-transfer-to-lif.patch | 565 ++++++++++++++++++ ...pport-for-Rocky-Linux-CentOS-RHEL-li.patch | 209 ------- ...minimize-the-number-of-send_file_wri.patch | 108 ++++ ...lace-our-virtio-net-pci-device-in-sl.patch | 65 -- ...-direct-ignore-drive-iface-parameter.patch | 123 ++++ ...create_data-drive-remove-field-iface.patch | 245 ++++++++ ...ORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch | 70 --- ...dd-virtio-net-via-the-standard-inter.patch | 91 --- ...e-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch | 82 +++ ...L-Remove-libguestfs-live-RHBZ-798980.patch | 55 -- ...ions-remove-iface-based-restrictions.patch | 74 +++ ...Remove-9p-APIs-from-RHEL-RHBZ-921710.patch | 329 ---------- ...ize-invert-SELinux-relabeling-defaul.patch | 56 ++ ...ize-reintroduce-selinux-relabel-as-a.patch | 42 ++ ...pported-remote-drive-protocols-RHBZ.patch} | 48 +- ...-Remove-User-Mode-Linux-RHBZ-1144197.patch | 72 --- ...of-libguestfs-winsupport-features-ex.patch | 2 +- ...crypto-policies-back-ends-opensslcnf.patch | 4 +- ...Disable-signature-checking-in-librpm.patch | 47 -- ...0013-php-add-arginfo-to-php-bindings.patch | 90 +++ ...introduce-the-clevis_luks_unlock-API.patch | 252 ++++++++ ...level-page-tables-when-using-cpu-max.patch | 90 --- ...ount-enable-networking-for-key-ID-cl.patch | 69 +++ ...support-to-guestfs_file_architecture.patch | 182 ++++++ SOURCES/copy-patches.sh | 2 +- SOURCES/libguestfs-1.46.1.tar.gz.sig | 17 - SOURCES/libguestfs-1.48.4.tar.gz.sig | 17 + SPECS/libguestfs.spec | 102 ++-- 33 files changed, 2091 insertions(+), 1256 deletions(-) create mode 100644 SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch delete mode 100644 SOURCES/0001-daemon-inspect_fs_unix-recognize-modern-Pardus-GNU-L.patch delete mode 100644 SOURCES/0002-daemon-inspection-Add-support-for-Kylin-RHBZ-1995391.patch create mode 100644 SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch delete mode 100644 SOURCES/0003-Add-detection-support-for-Rocky-Linux-CentOS-RHEL-li.patch create mode 100644 SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch delete mode 100644 SOURCES/0004-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch create mode 100644 SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch create mode 100644 SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch delete mode 100644 SOURCES/0005-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch delete mode 100644 SOURCES/0006-launch-libvirt-add-virtio-net-via-the-standard-inter.patch create mode 100644 SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch delete mode 100644 SOURCES/0007-RHEL-Remove-libguestfs-live-RHBZ-798980.patch create mode 100644 SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch delete mode 100644 SOURCES/0008-RHEL-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch create mode 100644 SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch create mode 100644 SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch rename SOURCES/{0009-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch => 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch} (93%) delete mode 100644 SOURCES/0010-RHEL-Remove-User-Mode-Linux-RHBZ-1144197.patch delete mode 100644 SOURCES/0013-daemon-rpm-c.c-Disable-signature-checking-in-librpm.patch create mode 100644 SOURCES/0013-php-add-arginfo-to-php-bindings.patch create mode 100644 SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch delete mode 100644 SOURCES/0014-lib-Disable-5-level-page-tables-when-using-cpu-max.patch create mode 100644 SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch create mode 100644 SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch delete mode 100644 SOURCES/libguestfs-1.46.1.tar.gz.sig create mode 100644 SOURCES/libguestfs-1.48.4.tar.gz.sig diff --git a/.gitignore b/.gitignore index 59eecae..6a0624f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/libguestfs-1.46.1.tar.gz +SOURCES/libguestfs-1.48.4.tar.gz SOURCES/libguestfs.keyring diff --git a/.libguestfs.metadata b/.libguestfs.metadata index 10b4851..e6fbe70 100644 --- a/.libguestfs.metadata +++ b/.libguestfs.metadata @@ -1,2 +1,2 @@ -156b8a427d03ddfa956fedb69ec00221e891e4c2 SOURCES/libguestfs-1.46.1.tar.gz +a8754a62256ac488eec3e18bed20f570f785d069 SOURCES/libguestfs-1.48.4.tar.gz 1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring diff --git a/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch b/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch new file mode 100644 index 0000000..fe4b696 --- /dev/null +++ b/SOURCES/0001-New-API-guestfs_device_name-returning-the-drive-name.patch @@ -0,0 +1,96 @@ +From e3ebd50abde3b05db86c8965868c866152cd3287 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 28 Apr 2022 13:16:54 +0100 +Subject: [PATCH] New API: guestfs_device_name returning the drive name + +For each drive added, return the name. For example calling this with +index 0 will return the string "/dev/sda". I called it +guestfs_device_name (not drive_name) for consistency with the existing +guestfs_device_index function. + +You don't really need to call this function. You can follow the +advice here: +https://libguestfs.org/guestfs.3.html#block-device-naming +and assume that drives are added with predictable names like +"/dev/sda", "/dev/sdb", etc. + +However it's useful to expose the internal guestfs_int_drive_name +function since especially handling names beyond index 26 is tricky +(https://rwmj.wordpress.com/2011/01/09/how-are-linux-drives-named-beyond-drive-26-devsdz/) + +Fixes: https://github.com/libguestfs/libguestfs/issues/80 +Reviewed-by: Laszlo Ersek +(cherry picked from commit ac00e603f83802634f1d53b1629aee4670eaf31c) +--- + generator/actions_core.ml | 24 +++++++++++++++++++++++- + lib/drives.c | 15 +++++++++++++++ + 2 files changed, 38 insertions(+), 1 deletion(-) + +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index ce9ee39cc..dc12fdc33 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -737,7 +737,29 @@ returns the index of the device in the list of devices. + Index numbers start from 0. The named device must exist, + for example as a string returned from C. + +-See also C, C." }; ++See also C, C, ++C." }; ++ ++ { defaults with ++ name = "device_name"; added = (1, 49, 1); ++ style = RString (RPlainString, "name"), [Int "index"], []; ++ tests = [ ++ InitEmpty, Always, TestResult ( ++ [["device_name"; "0"]], "STREQ (ret, \"/dev/sda\")"), []; ++ InitEmpty, Always, TestResult ( ++ [["device_name"; "1"]], "STREQ (ret, \"/dev/sdb\")"), []; ++ InitEmpty, Always, TestLastFail ( ++ [["device_name"; "99"]]), [] ++ ]; ++ shortdesc = "convert device index to name"; ++ longdesc = "\ ++This function takes a device index and returns the device ++name. For example index C<0> will return the string C. ++ ++The drive index must have been added to the handle. ++ ++See also C, C, ++C." }; + + { defaults with + name = "shutdown"; added = (1, 19, 16); +diff --git a/lib/drives.c b/lib/drives.c +index fd95308d2..a6179fc36 100644 +--- a/lib/drives.c ++++ b/lib/drives.c +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + #include + + #include "c-ctype.h" +@@ -1084,3 +1085,17 @@ guestfs_impl_device_index (guestfs_h *g, const char *device) + error (g, _("%s: device not found"), device); + return r; + } ++ ++char * ++guestfs_impl_device_name (guestfs_h *g, int index) ++{ ++ char drive_name[64]; ++ ++ if (index < 0 || index >= g->nr_drives) { ++ guestfs_int_error_errno (g, EINVAL, _("drive index out of range")); ++ return NULL; ++ } ++ ++ guestfs_int_drive_name (index, drive_name); ++ return safe_asprintf (g, "/dev/sd%s", drive_name); ++} +-- +2.31.1 + diff --git a/SOURCES/0001-daemon-inspect_fs_unix-recognize-modern-Pardus-GNU-L.patch b/SOURCES/0001-daemon-inspect_fs_unix-recognize-modern-Pardus-GNU-L.patch deleted file mode 100644 index 3611c98..0000000 --- a/SOURCES/0001-daemon-inspect_fs_unix-recognize-modern-Pardus-GNU-L.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 336ecfab3bb1e14deea9ade891fb772e0698f8d8 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Fri, 1 Oct 2021 14:53:38 +0200 -Subject: [PATCH] daemon/inspect_fs_unix: recognize modern Pardus GNU/Linux - releases - -Recent Pardus releases seem to have abandoned the original -"/etc/pardus-release" file, which the current Pardus detection, from -commit 233530d3541d ("inspect: Add detection of Pardus.", 2010-10-29), is -based upon. - -Instead, Pardus apparently adopted the "/etc/os-release" specification -, with -"ID=pardus". Extend the "distro_of_os_release_id" function accordingly. -Keep the original method for recognizing earlier releases. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1993842 -Signed-off-by: Laszlo Ersek -Message-Id: <20211001125338.8956-1-lersek@redhat.com> -Acked-by: Richard W.M. Jones ---- - daemon/inspect_fs_unix.ml | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 557f32833..652bacc0f 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -151,6 +151,7 @@ and distro_of_os_release_id = function - | "openmandriva" -> Some DISTRO_OPENMANDRIVA - | "opensuse" -> Some DISTRO_OPENSUSE - | s when String.is_prefix s "opensuse-" -> Some DISTRO_OPENSUSE -+ | "pardus" -> Some DISTRO_PARDUS - | "pld" -> Some DISTRO_PLD_LINUX - | "rhel" -> Some DISTRO_RHEL - | "sles" | "sled" -> Some DISTRO_SLES --- -2.31.1 - diff --git a/SOURCES/0002-daemon-inspection-Add-support-for-Kylin-RHBZ-1995391.patch b/SOURCES/0002-daemon-inspection-Add-support-for-Kylin-RHBZ-1995391.patch deleted file mode 100644 index 653afc7..0000000 --- a/SOURCES/0002-daemon-inspection-Add-support-for-Kylin-RHBZ-1995391.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 3db4dd1804b72575789a67f22a86d6085a141310 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Wed, 13 Oct 2021 18:30:23 +0200 -Subject: [PATCH] daemon: inspection: Add support for Kylin (RHBZ#1995391). - -Similar-to: cd08039d2427b584237265237c713d8cf46536a0 -Signed-off-by: Laszlo Ersek -Message-Id: <20211013163023.21786-1-lersek@redhat.com> -Acked-by: Richard W.M. Jones -(cherry picked from commit 305b02e7e74afc3777b2291783cd7634fb76ecaf) ---- - daemon/inspect_fs.ml | 2 ++ - daemon/inspect_fs_unix.ml | 1 + - daemon/inspect_types.ml | 2 ++ - daemon/inspect_types.mli | 1 + - generator/actions_inspection.ml | 4 ++++ - 5 files changed, 10 insertions(+) - -diff --git a/daemon/inspect_fs.ml b/daemon/inspect_fs.ml -index 02b5a0470..77f0f6aea 100644 ---- a/daemon/inspect_fs.ml -+++ b/daemon/inspect_fs.ml -@@ -275,6 +275,7 @@ and check_package_format { distro } = - Some PACKAGE_FORMAT_RPM - | Some DISTRO_DEBIAN - | Some DISTRO_KALI_LINUX -+ | Some DISTRO_KYLIN (* supposedly another Ubuntu derivative *) - | Some DISTRO_LINUX_MINT - | Some DISTRO_UBUNTU -> - Some PACKAGE_FORMAT_DEB -@@ -345,6 +346,7 @@ and check_package_management { distro; version } = - | Some DISTRO_ALTLINUX - | Some DISTRO_DEBIAN - | Some DISTRO_KALI_LINUX -+ | Some DISTRO_KYLIN (* supposedly another Ubuntu derivative *) - | Some DISTRO_LINUX_MINT - | Some DISTRO_UBUNTU -> - Some PACKAGE_MANAGEMENT_APT -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 652bacc0f..7f6eb92e9 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -146,6 +146,7 @@ and distro_of_os_release_id = function - | "frugalware" -> Some DISTRO_FRUGALWARE - | "gentoo" -> Some DISTRO_GENTOO - | "kali" -> Some DISTRO_KALI_LINUX -+ | "kylin" -> Some DISTRO_KYLIN - | "mageia" -> Some DISTRO_MAGEIA - | "neokylin" -> Some DISTRO_NEOKYLIN - | "openmandriva" -> Some DISTRO_OPENMANDRIVA -diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml -index 18e410ce0..e2bc7165c 100644 ---- a/daemon/inspect_types.ml -+++ b/daemon/inspect_types.ml -@@ -79,6 +79,7 @@ and distro = - | DISTRO_FRUGALWARE - | DISTRO_GENTOO - | DISTRO_KALI_LINUX -+ | DISTRO_KYLIN - | DISTRO_LINUX_MINT - | DISTRO_MAGEIA - | DISTRO_MANDRIVA -@@ -211,6 +212,7 @@ and string_of_distro = function - | DISTRO_FRUGALWARE -> "frugalware" - | DISTRO_GENTOO -> "gentoo" - | DISTRO_KALI_LINUX -> "kalilinux" -+ | DISTRO_KYLIN -> "kylin" - | DISTRO_LINUX_MINT -> "linuxmint" - | DISTRO_MAGEIA -> "mageia" - | DISTRO_MANDRIVA -> "mandriva" -diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli -index d12f7a61a..43c79818f 100644 ---- a/daemon/inspect_types.mli -+++ b/daemon/inspect_types.mli -@@ -86,6 +86,7 @@ and distro = - | DISTRO_FRUGALWARE - | DISTRO_GENTOO - | DISTRO_KALI_LINUX -+ | DISTRO_KYLIN - | DISTRO_LINUX_MINT - | DISTRO_MAGEIA - | DISTRO_MANDRIVA -diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml -index 690afd460..0c6d39b43 100644 ---- a/generator/actions_inspection.ml -+++ b/generator/actions_inspection.ml -@@ -214,6 +214,10 @@ Gentoo. - - Kali Linux. - -+=item \"kylin\" -+ -+Kylin. -+ - =item \"linuxmint\" - - Linux Mint. --- -2.31.1 - diff --git a/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch b/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch new file mode 100644 index 0000000..1c7e841 --- /dev/null +++ b/SOURCES/0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch @@ -0,0 +1,565 @@ +From b97b90779d5ea261d5e737f073bb4ec5dc546511 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Mon, 2 May 2022 10:56:00 +0200 +Subject: [PATCH] guestfs_readdir(): rewrite with FileOut transfer, to lift + protocol limit + +Currently the guestfs_readdir() API can not list long directories, due to +it sending back the whole directory listing in a single guestfs protocol +response, which is limited to GUESTFS_MESSAGE_MAX (approx. 4MB) in size. + +Introduce the "internal_readdir" action, for transferring the directory +listing from the daemon to the library through a FileOut parameter. +Rewrite guestfs_readdir() on top of this new internal function: + +- The new "internal_readdir" action is a daemon action. Do not repurpose + the "readdir" proc_nr (138) for "internal_readdir", as some distros ship + the binary appliance to their users, and reusing the proc_nr could + create a mismatch between library & appliance with obscure symptoms. + Replace the old proc_nr (138) with a new proc_nr (511) instead; a + mismatch would then produce a clear error message. Assume the new action + will first be released in libguestfs-1.48.2. + +- Turn "readdir" from a daemon action into a non-daemon one. Call the + daemon action guestfs_internal_readdir() manually, receive the FileOut + parameter into a temp file, then deserialize the dirents array from the + temp file. + +This patch sneakily fixes an independent bug, too. In the pre-patch +do_readdir() function [daemon/readdir.c], when readdir() returns NULL, we +don't distinguish "end of directory stream" from "readdir() failed". This +rewrite fixes this problem -- I didn't see much value separating out the +fix for the original do_readdir(). + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 +Signed-off-by: Laszlo Ersek +Message-Id: <20220502085601.15012-2-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 45b7f1736b64e9f0741e21e5a9d83a837bd863bf) +--- + TODO | 8 --- + daemon/readdir.c | 132 +++++++++++++++++++------------------- + generator/actions_core.ml | 127 +++++++++++++++++++----------------- + generator/proc_nr.ml | 2 +- + lib/MAX_PROC_NR | 2 +- + lib/Makefile.am | 1 + + lib/readdir.c | 131 +++++++++++++++++++++++++++++++++++++ + 7 files changed, 267 insertions(+), 136 deletions(-) + create mode 100644 lib/readdir.c + +diff --git a/TODO b/TODO +index a50f7d73c..513e55f92 100644 +--- a/TODO ++++ b/TODO +@@ -484,14 +484,6 @@ this approach works, it doesn't solve the MBR problem, so likely we'd + have to write a library for that (or perhaps go back to sfdisk but + using a very abstracted interface over sfdisk). + +-Reimplement some APIs to avoid protocol limits +----------------------------------------------- +- +-Mostly this item was done (eg. commits a69f44f56f and before). The +-most notable API with a protocol limit remaining is: +- +- - guestfs_readdir +- + hivex + ----- + +diff --git a/daemon/readdir.c b/daemon/readdir.c +index e488f93e7..9ab0b0aec 100644 +--- a/daemon/readdir.c ++++ b/daemon/readdir.c +@@ -16,77 +16,67 @@ + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +-#include ++#include /* HAVE_STRUCT_DIRENT_D_TYPE */ + +-#include +-#include +-#include +-#include +-#include ++#include /* readdir() */ ++#include /* errno */ ++#include /* xdrmem_create() */ ++#include /* perror() */ ++#include /* malloc() */ ++#include /* opendir() */ + +-#include "daemon.h" +-#include "actions.h" ++#include "daemon.h" /* reply_with_perror() */ + +-static void +-free_int_dirent_list (guestfs_int_dirent *p, size_t len) ++/* Has one FileOut parameter. */ ++int ++do_internal_readdir (const char *dir) + { +- size_t i; ++ int ret; ++ DIR *dirstream; ++ void *xdr_buf; ++ XDR xdr; + +- for (i = 0; i < len; ++i) { +- free (p[i].name); +- } +- free (p); +-} +- +-guestfs_int_dirent_list * +-do_readdir (const char *path) +-{ +- guestfs_int_dirent_list *ret; +- guestfs_int_dirent v; +- DIR *dir; +- struct dirent *d; +- size_t i; +- +- ret = malloc (sizeof *ret); +- if (ret == NULL) { +- reply_with_perror ("malloc"); +- return NULL; +- } +- +- ret->guestfs_int_dirent_list_len = 0; +- ret->guestfs_int_dirent_list_val = NULL; ++ /* Prepare to fail. */ ++ ret = -1; + + CHROOT_IN; +- dir = opendir (path); ++ dirstream = opendir (dir); + CHROOT_OUT; + +- if (dir == NULL) { +- reply_with_perror ("opendir: %s", path); +- free (ret); +- return NULL; ++ if (dirstream == NULL) { ++ reply_with_perror ("opendir: %s", dir); ++ return ret; + } + +- i = 0; +- while ((d = readdir (dir)) != NULL) { +- guestfs_int_dirent *p; ++ xdr_buf = malloc (GUESTFS_MAX_CHUNK_SIZE); ++ if (xdr_buf == NULL) { ++ reply_with_perror ("malloc"); ++ goto close_dir; ++ } ++ xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); ++ ++ /* Send an "OK" reply, before starting the file transfer. */ ++ reply (NULL, NULL); ++ ++ /* From this point on, we can only report errors by canceling the file ++ * transfer. ++ */ ++ for (;;) { ++ struct dirent *d; ++ guestfs_int_dirent v; ++ ++ errno = 0; ++ d = readdir (dirstream); ++ if (d == NULL) { ++ if (errno == 0) ++ ret = 0; ++ else ++ perror ("readdir"); + +- p = realloc (ret->guestfs_int_dirent_list_val, +- sizeof (guestfs_int_dirent) * (i+1)); +- v.name = strdup (d->d_name); +- if (!p || !v.name) { +- reply_with_perror ("allocate"); +- if (p) { +- free_int_dirent_list (p, i); +- } else { +- free_int_dirent_list (ret->guestfs_int_dirent_list_val, i); +- } +- free (v.name); +- free (ret); +- closedir (dir); +- return NULL; ++ break; + } +- ret->guestfs_int_dirent_list_val = p; + ++ v.name = d->d_name; + v.ino = d->d_ino; + #ifdef HAVE_STRUCT_DIRENT_D_TYPE + switch (d->d_type) { +@@ -104,19 +94,29 @@ do_readdir (const char *path) + v.ftyp = 'u'; + #endif + +- ret->guestfs_int_dirent_list_val[i] = v; ++ if (!xdr_guestfs_int_dirent (&xdr, &v)) { ++ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); ++ break; ++ } + +- i++; ++ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) ++ break; ++ ++ xdr_setpos (&xdr, 0); + } + +- ret->guestfs_int_dirent_list_len = i; ++ /* Finish or cancel the transfer. Note that if (ret == -1) because the library ++ * canceled, we still need to cancel back! ++ */ ++ send_file_end (ret == -1); + +- if (closedir (dir) == -1) { +- reply_with_perror ("closedir"); +- free (ret->guestfs_int_dirent_list_val); +- free (ret); +- return NULL; +- } ++ xdr_destroy (&xdr); ++ free (xdr_buf); ++ ++close_dir: ++ if (closedir (dirstream) == -1) ++ /* Best we can do here is log an error. */ ++ perror ("closedir"); + + return ret; + } +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index dc12fdc33..807150615 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -141,6 +141,66 @@ only useful for printing debug and internal error messages. + + For more information on states, see L." }; + ++ { defaults with ++ name = "readdir"; added = (1, 0, 55); ++ style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; ++ progress = true; cancellable = true; ++ shortdesc = "read directories entries"; ++ longdesc = "\ ++This returns the list of directory entries in directory C. ++ ++All entries in the directory are returned, including C<.> and ++C<..>. The entries are I sorted, but returned in the same ++order as the underlying filesystem. ++ ++Also this call returns basic file type information about each ++file. The C field will contain one of the following characters: ++ ++=over 4 ++ ++=item 'b' ++ ++Block special ++ ++=item 'c' ++ ++Char special ++ ++=item 'd' ++ ++Directory ++ ++=item 'f' ++ ++FIFO (named pipe) ++ ++=item 'l' ++ ++Symbolic link ++ ++=item 'r' ++ ++Regular file ++ ++=item 's' ++ ++Socket ++ ++=item 'u' ++ ++Unknown file type ++ ++=item '?' ++ ++The L call returned a C field with an ++unexpected value ++ ++=back ++ ++This function is primarily intended for use by programs. To ++get a simple list of names, use C. To get a printable ++directory for human consumption, use C." }; ++ + { defaults with + name = "version"; added = (1, 0, 58); + style = RStruct ("version", "version"), [], []; +@@ -3939,66 +3999,6 @@ L, C, C. + + This call returns the previous umask." }; + +- { defaults with +- name = "readdir"; added = (1, 0, 55); +- style = RStructList ("entries", "dirent"), [String (Pathname, "dir")], []; +- protocol_limit_warning = true; +- shortdesc = "read directories entries"; +- longdesc = "\ +-This returns the list of directory entries in directory C. +- +-All entries in the directory are returned, including C<.> and +-C<..>. The entries are I sorted, but returned in the same +-order as the underlying filesystem. +- +-Also this call returns basic file type information about each +-file. The C field will contain one of the following characters: +- +-=over 4 +- +-=item 'b' +- +-Block special +- +-=item 'c' +- +-Char special +- +-=item 'd' +- +-Directory +- +-=item 'f' +- +-FIFO (named pipe) +- +-=item 'l' +- +-Symbolic link +- +-=item 'r' +- +-Regular file +- +-=item 's' +- +-Socket +- +-=item 'u' +- +-Unknown file type +- +-=item '?' +- +-The L call returned a C field with an +-unexpected value +- +-=back +- +-This function is primarily intended for use by programs. To +-get a simple list of names, use C. To get a printable +-directory for human consumption, use C." }; +- + { defaults with + name = "getxattrs"; added = (1, 0, 59); + style = RStructList ("xattrs", "xattr"), [String (Pathname, "path")], []; +@@ -9713,4 +9713,11 @@ C. The C parameter must be + the name of the mapping device (ie. F) + and I the name of the underlying block device." }; + ++ { defaults with ++ name = "internal_readdir"; added = (1, 48, 2); ++ style = RErr, [String (Pathname, "dir"); String (FileOut, "filename")], []; ++ visibility = VInternal; ++ shortdesc = "read directories entries"; ++ longdesc = "Internal function for readdir." }; ++ + ] +diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml +index b20672ff0..bdced51c9 100644 +--- a/generator/proc_nr.ml ++++ b/generator/proc_nr.ml +@@ -152,7 +152,6 @@ let proc_nr = [ + 135, "mknod_b"; + 136, "mknod_c"; + 137, "umask"; +-138, "readdir"; + 139, "sfdiskM"; + 140, "zfile"; + 141, "getxattrs"; +@@ -514,6 +513,7 @@ let proc_nr = [ + 508, "cryptsetup_open"; + 509, "cryptsetup_close"; + 510, "internal_list_rpm_applications"; ++511, "internal_readdir"; + ] + + (* End of list. If adding a new entry, add it at the end of the list +diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR +index 2bc4cd64b..c0556fb20 100644 +--- a/lib/MAX_PROC_NR ++++ b/lib/MAX_PROC_NR +@@ -1 +1 @@ +-510 ++511 +diff --git a/lib/Makefile.am b/lib/Makefile.am +index 144c45588..212bcb94a 100644 +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -105,6 +105,7 @@ libguestfs_la_SOURCES = \ + private-data.c \ + proto.c \ + qemu.c \ ++ readdir.c \ + rescue.c \ + stringsbuf.c \ + structs-compare.c \ +diff --git a/lib/readdir.c b/lib/readdir.c +new file mode 100644 +index 000000000..9cb0d7cf6 +--- /dev/null ++++ b/lib/readdir.c +@@ -0,0 +1,131 @@ ++/* libguestfs ++ * Copyright (C) 2016-2022 Red Hat Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA ++ */ ++ ++#include /* UNIX_PATH_MAX, needed by "guestfs-internal.h" */ ++ ++#include /* xdrstdio_create() */ ++#include /* UINT32_MAX */ ++#include /* fopen() */ ++#include /* memset() */ ++ ++#include "guestfs.h" /* guestfs_internal_readdir() */ ++#include "guestfs_protocol.h" /* guestfs_int_dirent */ ++#include "guestfs-internal.h" /* guestfs_int_make_temp_path() */ ++#include "guestfs-internal-actions.h" /* guestfs_impl_readdir */ ++ ++struct guestfs_dirent_list * ++guestfs_impl_readdir (guestfs_h *g, const char *dir) ++{ ++ struct guestfs_dirent_list *ret; ++ char *tmpfn; ++ FILE *f; ++ off_t fsize; ++ XDR xdr; ++ struct guestfs_dirent_list *dirents; ++ uint32_t alloc_entries; ++ size_t alloc_bytes; ++ ++ /* Prepare to fail. */ ++ ret = NULL; ++ ++ tmpfn = guestfs_int_make_temp_path (g, "readdir", NULL); ++ if (tmpfn == NULL) ++ return ret; ++ ++ if (guestfs_internal_readdir (g, dir, tmpfn) == -1) ++ goto drop_tmpfile; ++ ++ f = fopen (tmpfn, "r"); ++ if (f == NULL) { ++ perrorf (g, "fopen: %s", tmpfn); ++ goto drop_tmpfile; ++ } ++ ++ if (fseeko (f, 0, SEEK_END) == -1) { ++ perrorf (g, "fseeko"); ++ goto close_tmpfile; ++ } ++ fsize = ftello (f); ++ if (fsize == -1) { ++ perrorf (g, "ftello"); ++ goto close_tmpfile; ++ } ++ if (fseeko (f, 0, SEEK_SET) == -1) { ++ perrorf (g, "fseeko"); ++ goto close_tmpfile; ++ } ++ ++ xdrstdio_create (&xdr, f, XDR_DECODE); ++ ++ dirents = safe_malloc (g, sizeof *dirents); ++ dirents->len = 0; ++ alloc_entries = 8; ++ alloc_bytes = alloc_entries * sizeof *dirents->val; ++ dirents->val = safe_malloc (g, alloc_bytes); ++ ++ while (xdr_getpos (&xdr) < fsize) { ++ guestfs_int_dirent v; ++ struct guestfs_dirent *d; ++ ++ if (dirents->len == alloc_entries) { ++ if (alloc_entries > UINT32_MAX / 2 || alloc_bytes > (size_t)-1 / 2) { ++ error (g, "integer overflow"); ++ goto free_dirents; ++ } ++ alloc_entries *= 2u; ++ alloc_bytes *= 2u; ++ dirents->val = safe_realloc (g, dirents->val, alloc_bytes); ++ } ++ ++ /* Decoding does not work unless the target buffer is zero-initialized. */ ++ memset (&v, 0, sizeof v); ++ if (!xdr_guestfs_int_dirent (&xdr, &v)) { ++ error (g, "xdr_guestfs_int_dirent failed"); ++ goto free_dirents; ++ } ++ ++ d = &dirents->val[dirents->len]; ++ d->ino = v.ino; ++ d->ftyp = v.ftyp; ++ d->name = v.name; /* transfer malloc'd string to "d" */ ++ ++ dirents->len++; ++ } ++ ++ /* Success; transfer "dirents" to "ret". */ ++ ret = dirents; ++ dirents = NULL; ++ ++ /* Clean up. */ ++ xdr_destroy (&xdr); ++ ++free_dirents: ++ guestfs_free_dirent_list (dirents); ++ ++close_tmpfile: ++ fclose (f); ++ ++drop_tmpfile: ++ /* In case guestfs_internal_readdir() failed, it may or may not have created ++ * the temporary file. ++ */ ++ unlink (tmpfn); ++ free (tmpfn); ++ ++ return ret; ++} +-- +2.31.1 + diff --git a/SOURCES/0003-Add-detection-support-for-Rocky-Linux-CentOS-RHEL-li.patch b/SOURCES/0003-Add-detection-support-for-Rocky-Linux-CentOS-RHEL-li.patch deleted file mode 100644 index c08b9f0..0000000 --- a/SOURCES/0003-Add-detection-support-for-Rocky-Linux-CentOS-RHEL-li.patch +++ /dev/null @@ -1,209 +0,0 @@ -From a98532ac7d6c79889703603d9f4ab008f0febd53 Mon Sep 17 00:00:00 2001 -From: Neil Hanlon -Date: Fri, 10 Dec 2021 08:50:48 +0000 -Subject: [PATCH] Add detection support for Rocky Linux (CentOS/RHEL-like) - -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2030709 -Thanks: label@rockylinux.org - ---- - -RWMJ notes: I fixed the original patch so it compiled. This patch -sets osinfo to "rocky8", which doesn't exist in the osinfo db yet. -Arguably we might want to set this to "centos8", but we can see what -libosinfo decides to do. Here is partial virt-inspector output on a -Rocky Linux disk image: - -$ ./run virt-inspector -a disk.img - - - - /dev/rl/root - linux - x86_64 - rocky - Rocky Linux 8.5 (Green Obsidian) - 8 - 5 - rpm - dnf - localhost.localdomain - rocky8 - - / - /boot - - - - xfs - fed8331f-9f25-40cd-883e-090cd640559d - - - swap - 6da2c121-ea7d-49ce-98a3-14a37fceaadd - - - xfs - 4efafe61-2d20-4d93-8055-537e09bfd033 - - -(cherry picked from commit 631962c0e88a321646846be91d0fbea1ba14e263) ---- - daemon/inspect_fs.ml | 2 ++ - daemon/inspect_fs_unix.ml | 13 ++++++++++++- - daemon/inspect_types.ml | 2 ++ - daemon/inspect_types.mli | 1 + - generator/actions_inspection.ml | 4 ++++ - lib/inspect-icon.c | 1 + - lib/inspect-osinfo.c | 4 ++++ - 7 files changed, 26 insertions(+), 1 deletion(-) - -diff --git a/daemon/inspect_fs.ml b/daemon/inspect_fs.ml -index 77f0f6aea..9c73d97ef 100644 ---- a/daemon/inspect_fs.ml -+++ b/daemon/inspect_fs.ml -@@ -259,6 +259,7 @@ and check_package_format { distro } = - | None -> None - | Some DISTRO_ALTLINUX - | Some DISTRO_CENTOS -+ | Some DISTRO_ROCKY - | Some DISTRO_FEDORA - | Some DISTRO_MAGEIA - | Some DISTRO_MANDRIVA -@@ -329,6 +330,7 @@ and check_package_management { distro; version } = - Some PACKAGE_MANAGEMENT_DNF - - | Some DISTRO_CENTOS -+ | Some DISTRO_ROCKY - | Some DISTRO_ORACLE_LINUX - | Some DISTRO_REDHAT_BASED - | Some DISTRO_RHEL -diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml -index 7f6eb92e9..63cb279d0 100644 ---- a/daemon/inspect_fs_unix.ml -+++ b/daemon/inspect_fs_unix.ml -@@ -32,6 +32,8 @@ let re_rhel_no_minor = PCRE.compile "Red Hat.*release (\\d+)" - let re_centos_old = PCRE.compile "CentOS.*release (\\d+).*Update (\\d+)" - let re_centos = PCRE.compile "CentOS.*release (\\d+)\\.(\\d+)" - let re_centos_no_minor = PCRE.compile "CentOS.*release (\\d+)" -+let re_rocky = PCRE.compile "Rocky Linux.*release (\\d+)\\.(\\d+)" -+let re_rocky_no_minor = PCRE.compile "Rocky Linux.*release (\\d+)" - let re_scientific_linux_old = - PCRE.compile "Scientific Linux.*release (\\d+).*Update (\\d+)" - let re_scientific_linux = -@@ -106,7 +108,7 @@ let rec parse_os_release release_file data = - * we detect that situation then bail out and use the release - * files instead. - *) -- | { distro = Some (DISTRO_DEBIAN|DISTRO_CENTOS); -+ | { distro = Some (DISTRO_DEBIAN|DISTRO_CENTOS|DISTRO_ROCKY); - version = Some (_, 0) } -> - false - -@@ -155,6 +157,7 @@ and distro_of_os_release_id = function - | "pardus" -> Some DISTRO_PARDUS - | "pld" -> Some DISTRO_PLD_LINUX - | "rhel" -> Some DISTRO_RHEL -+ | "rocky" -> Some DISTRO_ROCKY - | "sles" | "sled" -> Some DISTRO_SLES - | "ubuntu" -> Some DISTRO_UBUNTU - | "void" -> Some DISTRO_VOID_LINUX -@@ -405,6 +408,10 @@ let linux_root_tests : tests = [ - DISTRO_CENTOS; - "/etc/centos-release", parse_generic ~rex:re_centos_no_minor - DISTRO_CENTOS; -+ "/etc/rocky-release", parse_generic ~rex:re_rocky -+ DISTRO_ROCKY; -+ "/etc/rocky-release", parse_generic ~rex:re_rocky_no_minor -+ DISTRO_ROCKY; - "/etc/altlinux-release", parse_generic DISTRO_ALTLINUX; - "/etc/redhat-release", parse_generic ~rex:re_fedora - DISTRO_FEDORA; -@@ -420,6 +427,10 @@ let linux_root_tests : tests = [ - DISTRO_CENTOS; - "/etc/redhat-release", parse_generic ~rex:re_centos_no_minor - DISTRO_CENTOS; -+ "/etc/redhat-release", parse_generic ~rex:re_rocky -+ DISTRO_ROCKY; -+ "/etc/redhat-release", parse_generic ~rex:re_rocky_no_minor -+ DISTRO_ROCKY; - "/etc/redhat-release", parse_generic ~rex:re_scientific_linux_old - DISTRO_SCIENTIFIC_LINUX; - "/etc/redhat-release", parse_generic ~rex:re_scientific_linux -diff --git a/daemon/inspect_types.ml b/daemon/inspect_types.ml -index e2bc7165c..9395c51f9 100644 ---- a/daemon/inspect_types.ml -+++ b/daemon/inspect_types.ml -@@ -95,6 +95,7 @@ and distro = - | DISTRO_PLD_LINUX - | DISTRO_REDHAT_BASED - | DISTRO_RHEL -+ | DISTRO_ROCKY - | DISTRO_SCIENTIFIC_LINUX - | DISTRO_SLACKWARE - | DISTRO_SLES -@@ -228,6 +229,7 @@ and string_of_distro = function - | DISTRO_PLD_LINUX -> "pldlinux" - | DISTRO_REDHAT_BASED -> "redhat-based" - | DISTRO_RHEL -> "rhel" -+ | DISTRO_ROCKY -> "rocky" - | DISTRO_SCIENTIFIC_LINUX -> "scientificlinux" - | DISTRO_SLACKWARE -> "slackware" - | DISTRO_SLES -> "sles" -diff --git a/daemon/inspect_types.mli b/daemon/inspect_types.mli -index 43c79818f..29c76e8ab 100644 ---- a/daemon/inspect_types.mli -+++ b/daemon/inspect_types.mli -@@ -102,6 +102,7 @@ and distro = - | DISTRO_PLD_LINUX - | DISTRO_REDHAT_BASED - | DISTRO_RHEL -+ | DISTRO_ROCKY - | DISTRO_SCIENTIFIC_LINUX - | DISTRO_SLACKWARE - | DISTRO_SLES -diff --git a/generator/actions_inspection.ml b/generator/actions_inspection.ml -index 0c6d39b43..f8b744993 100644 ---- a/generator/actions_inspection.ml -+++ b/generator/actions_inspection.ml -@@ -278,6 +278,10 @@ Some Red Hat-derived distro. - - Red Hat Enterprise Linux. - -+=item \"rocky\" -+ -+Rocky Linux. -+ - =item \"scientificlinux\" - - Scientific Linux. -diff --git a/lib/inspect-icon.c b/lib/inspect-icon.c -index 725af574b..3bffa4f80 100644 ---- a/lib/inspect-icon.c -+++ b/lib/inspect-icon.c -@@ -138,6 +138,7 @@ guestfs_impl_inspect_get_icon (guestfs_h *g, const char *root, size_t *size_r, - else if (STREQ (distro, "rhel") || - STREQ (distro, "redhat-based") || - STREQ (distro, "centos") || -+ STREQ (distro, "rocky") || - STREQ (distro, "scientificlinux") || - STREQ (distro, "oraclelinux")) { - r = icon_rhel (g, guestfs_inspect_get_major_version (g, root), &size); -diff --git a/lib/inspect-osinfo.c b/lib/inspect-osinfo.c -index db38d87f7..90e57e6df 100644 ---- a/lib/inspect-osinfo.c -+++ b/lib/inspect-osinfo.c -@@ -47,6 +47,10 @@ guestfs_impl_inspect_get_osinfo (guestfs_h *g, const char *root) - else if (major == 6) - return safe_asprintf (g, "%s%d.%d", distro, major, minor); - } -+ else if (STREQ (distro, "rocky")) { -+ if (major >= 8) -+ return safe_asprintf (g, "%s%d", distro, major); -+ } - else if (STREQ (distro, "debian")) { - if (major >= 4) - return safe_asprintf (g, "%s%d", distro, major); --- -2.31.1 - diff --git a/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch b/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch new file mode 100644 index 0000000..6e060a5 --- /dev/null +++ b/SOURCES/0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch @@ -0,0 +1,108 @@ +From 62cd6c9d2dd62dd24cc04b16437bfb816a6f4357 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Mon, 2 May 2022 10:56:01 +0200 +Subject: [PATCH] guestfs_readdir(): minimize the number of send_file_write() + calls + +In guestfs_readdir(), the daemon currently sends each XDR-encoded +"guestfs_int_dirent" to the library with a separate send_file_write() +call. + +Determine the largest encoded size (from the longest filename that a +"guestfs_int_dirent" could carry, from readdir()'s "struct dirent"), and +batch up the XDR encodings until the next encoding might not fit in +GUESTFS_MAX_CHUNK_SIZE. Call send_file_write() only then. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1674392 +Signed-off-by: Laszlo Ersek +Message-Id: <20220502085601.15012-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 4864d21cb8eb991f0fc98d03a068173837cba50e) +--- + daemon/readdir.c | 38 ++++++++++++++++++++++++++++++++------ + 1 file changed, 32 insertions(+), 6 deletions(-) + +diff --git a/daemon/readdir.c b/daemon/readdir.c +index 9ab0b0aec..3084ba939 100644 +--- a/daemon/readdir.c ++++ b/daemon/readdir.c +@@ -35,6 +35,9 @@ do_internal_readdir (const char *dir) + DIR *dirstream; + void *xdr_buf; + XDR xdr; ++ struct dirent fill; ++ guestfs_int_dirent v; ++ unsigned max_encoded; + + /* Prepare to fail. */ + ret = -1; +@@ -55,6 +58,20 @@ do_internal_readdir (const char *dir) + } + xdrmem_create (&xdr, xdr_buf, GUESTFS_MAX_CHUNK_SIZE, XDR_ENCODE); + ++ /* Calculate the max number of bytes a "guestfs_int_dirent" can be encoded to. ++ */ ++ memset (fill.d_name, 'a', sizeof fill.d_name - 1); ++ fill.d_name[sizeof fill.d_name - 1] = '\0'; ++ v.ino = INT64_MAX; ++ v.ftyp = '?'; ++ v.name = fill.d_name; ++ if (!xdr_guestfs_int_dirent (&xdr, &v)) { ++ fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); ++ goto release_xdr; ++ } ++ max_encoded = xdr_getpos (&xdr); ++ xdr_setpos (&xdr, 0); ++ + /* Send an "OK" reply, before starting the file transfer. */ + reply (NULL, NULL); + +@@ -63,7 +80,6 @@ do_internal_readdir (const char *dir) + */ + for (;;) { + struct dirent *d; +- guestfs_int_dirent v; + + errno = 0; + d = readdir (dirstream); +@@ -94,22 +110,32 @@ do_internal_readdir (const char *dir) + v.ftyp = 'u'; + #endif + ++ /* Flush "xdr_buf" if we may not have enough room for encoding "v". */ ++ if (GUESTFS_MAX_CHUNK_SIZE - xdr_getpos (&xdr) < max_encoded) { ++ if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) ++ break; ++ ++ xdr_setpos (&xdr, 0); ++ } ++ + if (!xdr_guestfs_int_dirent (&xdr, &v)) { + fprintf (stderr, "xdr_guestfs_int_dirent failed\n"); + break; + } +- +- if (send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) +- break; +- +- xdr_setpos (&xdr, 0); + } + ++ /* Flush "xdr_buf" if the loop completed successfully and "xdr_buf" is not ++ * empty. */ ++ if (ret == 0 && xdr_getpos (&xdr) > 0 && ++ send_file_write (xdr_buf, xdr_getpos (&xdr)) != 0) ++ ret = -1; ++ + /* Finish or cancel the transfer. Note that if (ret == -1) because the library + * canceled, we still need to cancel back! + */ + send_file_end (ret == -1); + ++release_xdr: + xdr_destroy (&xdr); + free (xdr_buf); + +-- +2.31.1 + diff --git a/SOURCES/0004-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch b/SOURCES/0004-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch deleted file mode 100644 index 20bbb75..0000000 --- a/SOURCES/0004-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 43e0fdd6cb94370e74b1214c7550aa98b8307409 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 23 Dec 2021 11:36:59 +0100 -Subject: [PATCH] launch-libvirt: place our virtio-net-pci device in slot 0x1e - -The trick we use for adding our virtio-net-pci device -in the libvirt backend can conflict with libvirtd's and QEMU's PCI address -assignment. Try to mitigate that by placing our device in slot 0x1e on the -root bus. In practice this could only conflict with a "dmi-to-pci-bridge" -device model, which libvirtd itself places in slot 0x1e. However, given -the XMLs we generate, and modern QEMU versions, libvirtd has no reason to -auto-add "dmi-to-pci-bridge". Refer to -. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160 -Signed-off-by: Laszlo Ersek -Message-Id: <20211223103701.12702-2-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -Tested-by: Richard W.M. Jones -(cherry picked from commit 5ce5ef6a97a58c5e906083ad4e944545712b3f3f) ---- - lib/guestfs-internal.h | 11 +++++++++++ - lib/launch-libvirt.c | 4 +++- - 2 files changed, 14 insertions(+), 1 deletion(-) - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index 4097b33fd..8eb2dd3ad 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -172,6 +172,17 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) - #define VIRTIO_DEVICE_NAME(type) type "-pci" - #endif - -+/* Place the virtio-net controller in slot 0x1e on the root bus, on normal -+ * hardware with PCI. Refer to RHBZ#2034160. -+ */ -+#ifdef HAVE_LIBVIRT_BACKEND -+#if defined(__arm__) || defined(__s390x__) -+#define VIRTIO_NET_PCI_ADDR "" -+#else -+#define VIRTIO_NET_PCI_ADDR ",addr=1e.0" -+#endif -+#endif -+ - /* Guestfs handle and associated structures. */ - - /* State. */ -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index 194530c49..9e8336938 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1851,7 +1851,9 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g, - } end_element (); - - start_element ("qemu:arg") { -- attribute ("value", VIRTIO_DEVICE_NAME ("virtio-net") ",netdev=usernet"); -+ attribute ("value", (VIRTIO_DEVICE_NAME ("virtio-net") -+ ",netdev=usernet" -+ VIRTIO_NET_PCI_ADDR)); - } end_element (); - } - --- -2.31.1 - diff --git a/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch b/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch new file mode 100644 index 0000000..958b99f --- /dev/null +++ b/SOURCES/0004-lib-launch-direct-ignore-drive-iface-parameter.patch @@ -0,0 +1,123 @@ +From e4901a4e83f0ab59a525095d2fe1c7f1a38c0aac Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 4 May 2022 15:41:52 +0200 +Subject: [PATCH] lib: launch-direct: ignore drive "iface" parameter + +Rich said in : + +> The libvirt backend has never allowed the iface parameter. We should +> probably ignore it in the direct backend since it's never been possible +> to use this parameter correctly. + +Remove the handling of "iface" in the direct (QEMU) backend. Refresh the +documentation regarding both backends. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 +Signed-off-by: Laszlo Ersek +Message-Id: <20220504134155.11832-2-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 3eb830dbaee12c8dc4566cab226ed2af0e0f2d8c) +--- + generator/actions_core_deprecated.ml | 8 +++- + lib/launch-direct.c | 59 ++++++---------------------- + 2 files changed, 19 insertions(+), 48 deletions(-) + +diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml +index 00dde3d2a..f1040a0e9 100644 +--- a/generator/actions_core_deprecated.ml ++++ b/generator/actions_core_deprecated.ml +@@ -73,7 +73,9 @@ of C." }; + shortdesc = "add a drive specifying the QEMU block emulation to use"; + longdesc = "\ + This is the same as C but it allows you +-to specify the QEMU interface emulation to use at run time." }; ++to specify the QEMU interface emulation to use at run time. ++The libvirt backend rejects a non-empty C argument. ++The direct backend ignores C." }; + + { defaults with + name = "add_drive_ro_with_if"; added = (1, 0, 84); +@@ -83,7 +85,9 @@ to specify the QEMU interface emulation to use at run time." }; + shortdesc = "add a drive read-only specifying the QEMU block emulation to use"; + longdesc = "\ + This is the same as C but it allows you +-to specify the QEMU interface emulation to use at run time." }; ++to specify the QEMU interface emulation to use at run time. ++The libvirt backend rejects a non-empty C argument. ++The direct backend ignores C." }; + + { defaults with + name = "lstatlist"; added = (1, 0, 77); +diff --git a/lib/launch-direct.c b/lib/launch-direct.c +index b292b9c26..ff0eaeb62 100644 +--- a/lib/launch-direct.c ++++ b/lib/launch-direct.c +@@ -296,52 +296,19 @@ static int + add_drive (guestfs_h *g, struct backend_direct_data *data, + struct qemuopts *qopts, size_t i, struct drive *drv) + { +- /* If there's an explicit 'iface', use it. Otherwise default to +- * virtio-scsi. +- */ +- if (drv->iface && STREQ (drv->iface, "virtio")) { /* virtio-blk */ +- start_list ("-drive") { +- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) +- return -1; +- append_list ("if=none"); +- } end_list (); +- start_list ("-device") { +- append_list (VIRTIO_DEVICE_NAME ("virtio-blk")); +- append_list_format ("drive=hd%zu", i); +- if (drv->disk_label) +- append_list_format ("serial=%s", drv->disk_label); +- if (add_device_blocksize_params (g, qopts, drv) == -1) +- return -1; +- } end_list (); +- } +-#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) +- else if (drv->iface && STREQ (drv->iface, "ide")) { +- error (g, "'ide' interface does not work on ARM or PowerPC"); +- return -1; +- } +-#endif +- else if (drv->iface) { +- start_list ("-drive") { +- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) +- return -1; +- append_list_format ("if=%s", drv->iface); +- } end_list (); +- } +- else /* default case: virtio-scsi */ { +- start_list ("-drive") { +- if (add_drive_standard_params (g, data, qopts, i, drv) == -1) +- return -1; +- append_list ("if=none"); +- } end_list (); +- start_list ("-device") { +- append_list ("scsi-hd"); +- append_list_format ("drive=hd%zu", i); +- if (drv->disk_label) +- append_list_format ("serial=%s", drv->disk_label); +- if (add_device_blocksize_params (g, qopts, drv) == -1) +- return -1; +- } end_list (); +- } ++ start_list ("-drive") { ++ if (add_drive_standard_params (g, data, qopts, i, drv) == -1) ++ return -1; ++ append_list ("if=none"); ++ } end_list (); ++ start_list ("-device") { ++ append_list ("scsi-hd"); ++ append_list_format ("drive=hd%zu", i); ++ if (drv->disk_label) ++ append_list_format ("serial=%s", drv->disk_label); ++ if (add_device_blocksize_params (g, qopts, drv) == -1) ++ return -1; ++ } end_list (); + + return 0; + +-- +2.31.1 + diff --git a/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch b/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch new file mode 100644 index 0000000..3f01445 --- /dev/null +++ b/SOURCES/0005-lib-drive_create_data-drive-remove-field-iface.patch @@ -0,0 +1,245 @@ +From f13297315495144775f6249e9e24dc5f18f6f902 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 4 May 2022 15:41:53 +0200 +Subject: [PATCH] lib: drive_create_data, drive: remove field "iface" + +Representing "iface" in the "drive_create_data" and "drive" structures is +now useless; the direct backend ignores "iface", while the libvirt one +rejects it unless it is empty. Unify both backends -- make them both +ignore "iface". (Which only relaxes the libvirt backend, so it cannot +cause compatibility problems.) This lets us remove the fields. Update the +documentation as well. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 +Signed-off-by: Laszlo Ersek +Message-Id: <20220504134155.11832-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit f68eaee1d6c41f91e7dfd2aa9e7d238cca7b8a4c) +--- + generator/actions_core_deprecated.ml | 6 ++---- + lib/drives.c | 31 +++++----------------------- + lib/guestfs-internal.h | 1 - + lib/launch-libvirt.c | 6 ------ + lib/libvirt-domain.c | 15 -------------- + 5 files changed, 7 insertions(+), 52 deletions(-) + +diff --git a/generator/actions_core_deprecated.ml b/generator/actions_core_deprecated.ml +index f1040a0e9..c23f4a330 100644 +--- a/generator/actions_core_deprecated.ml ++++ b/generator/actions_core_deprecated.ml +@@ -74,8 +74,7 @@ of C." }; + longdesc = "\ + This is the same as C but it allows you + to specify the QEMU interface emulation to use at run time. +-The libvirt backend rejects a non-empty C argument. +-The direct backend ignores C." }; ++Both the direct and the libvirt backends ignore C." }; + + { defaults with + name = "add_drive_ro_with_if"; added = (1, 0, 84); +@@ -86,8 +85,7 @@ The direct backend ignores C." }; + longdesc = "\ + This is the same as C but it allows you + to specify the QEMU interface emulation to use at run time. +-The libvirt backend rejects a non-empty C argument. +-The direct backend ignores C." }; ++Both the direct and the libvirt backends ignore C." }; + + { defaults with + name = "lstatlist"; added = (1, 0, 77); +diff --git a/lib/drives.c b/lib/drives.c +index a6179fc36..8fe46a41c 100644 +--- a/lib/drives.c ++++ b/lib/drives.c +@@ -53,7 +53,6 @@ struct drive_create_data { + const char *secret; + bool readonly; + const char *format; +- const char *iface; + const char *name; + const char *disk_label; + const char *cachemode; +@@ -110,7 +109,6 @@ create_drive_file (guestfs_h *g, + drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; + + drv->readonly = data->readonly; +- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; + drv->name = data->name ? safe_strdup (g, data->name) : NULL; + drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; + drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; +@@ -147,7 +145,6 @@ create_drive_non_file (guestfs_h *g, + drv->src.format = data->format ? safe_strdup (g, data->format) : NULL; + + drv->readonly = data->readonly; +- drv->iface = data->iface ? safe_strdup (g, data->iface) : NULL; + drv->name = data->name ? safe_strdup (g, data->name) : NULL; + drv->disk_label = data->disk_label ? safe_strdup (g, data->disk_label) : NULL; + drv->cachemode = data->cachemode ? safe_strdup (g, data->cachemode) : NULL; +@@ -470,7 +467,6 @@ free_drive_struct (struct drive *drv) + { + free_drive_source (&drv->src); + free (drv->overlay); +- free (drv->iface); + free (drv->name); + free (drv->disk_label); + free (drv->cachemode); +@@ -511,14 +507,12 @@ drive_to_string (guestfs_h *g, const struct drive *drv) + s_blocksize = safe_asprintf (g, "%d", drv->blocksize); + + return safe_asprintf +- (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s%s%s", ++ (g, "%s%s%s%s protocol=%s%s%s%s%s%s%s%s%s%s%s", + drv->src.u.path, + drv->readonly ? " readonly" : "", + drv->src.format ? " format=" : "", + drv->src.format ? : "", + guestfs_int_drive_protocol_to_string (drv->src.protocol), +- drv->iface ? " iface=" : "", +- drv->iface ? : "", + drv->name ? " name=" : "", + drv->name ? : "", + drv->disk_label ? " label=" : "", +@@ -747,8 +741,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + ? optargs->readonly : false; + data.format = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_FORMAT_BITMASK + ? optargs->format : NULL; +- data.iface = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK +- ? optargs->iface : NULL; + data.name = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_NAME_BITMASK + ? optargs->name : NULL; + data.disk_label = optargs->bitmask & GUESTFS_ADD_DRIVE_OPTS_LABEL_BITMASK +@@ -804,12 +796,6 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + free_drive_servers (data.servers, data.nr_servers); + return -1; + } +- if (data.iface && !VALID_FORMAT_IFACE (data.iface)) { +- error (g, _("%s parameter is empty or contains disallowed characters"), +- "iface"); +- free_drive_servers (data.servers, data.nr_servers); +- return -1; +- } + if (data.disk_label && !VALID_DISK_LABEL (data.disk_label)) { + error (g, _("label parameter is empty, too long, or contains disallowed characters")); + free_drive_servers (data.servers, data.nr_servers); +@@ -935,24 +921,17 @@ guestfs_impl_add_drive_ro (guestfs_h *g, const char *filename) + + int + guestfs_impl_add_drive_with_if (guestfs_h *g, const char *filename, +- const char *iface) ++ const char *iface ATTRIBUTE_UNUSED) + { +- const struct guestfs_add_drive_opts_argv optargs = { +- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK, +- .iface = iface, +- }; +- +- return guestfs_add_drive_opts_argv (g, filename, &optargs); ++ return guestfs_add_drive_opts_argv (g, filename, NULL); + } + + int + guestfs_impl_add_drive_ro_with_if (guestfs_h *g, const char *filename, +- const char *iface) ++ const char *iface ATTRIBUTE_UNUSED) + { + const struct guestfs_add_drive_opts_argv optargs = { +- .bitmask = GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK +- | GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, +- .iface = iface, ++ .bitmask = GUESTFS_ADD_DRIVE_OPTS_READONLY_BITMASK, + .readonly = true, + }; + +diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h +index 5bb00bc10..16755cfb3 100644 +--- a/lib/guestfs-internal.h ++++ b/lib/guestfs-internal.h +@@ -298,7 +298,6 @@ struct drive { + + /* Various per-drive flags. */ + bool readonly; +- char *iface; + char *name; + char *disk_label; + char *cachemode; +diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c +index de342b425..03d69e027 100644 +--- a/lib/launch-libvirt.c ++++ b/lib/launch-libvirt.c +@@ -1472,12 +1472,6 @@ construct_libvirt_xml_disk (guestfs_h *g, + const char *type, *uuid; + int r; + +- /* XXX We probably could support this if we thought about it some more. */ +- if (drv->iface) { +- error (g, _("‘iface’ parameter is not supported by the libvirt backend")); +- return -1; +- } +- + start_element ("disk") { + attribute ("device", "disk"); + +diff --git a/lib/libvirt-domain.c b/lib/libvirt-domain.c +index 3050680fa..fafbf50ea 100644 +--- a/lib/libvirt-domain.c ++++ b/lib/libvirt-domain.c +@@ -68,7 +68,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, + int live; + int allowuuid; + const char *readonlydisk; +- const char *iface; + const char *cachemode; + const char *discard; + bool copyonread; +@@ -78,8 +77,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, + ? optargs->libvirturi : NULL; + readonly = optargs->bitmask & GUESTFS_ADD_DOMAIN_READONLY_BITMASK + ? optargs->readonly : 0; +- iface = optargs->bitmask & GUESTFS_ADD_DOMAIN_IFACE_BITMASK +- ? optargs->iface : NULL; + live = optargs->bitmask & GUESTFS_ADD_DOMAIN_LIVE_BITMASK + ? optargs->live : 0; + allowuuid = optargs->bitmask & GUESTFS_ADD_DOMAIN_ALLOWUUID_BITMASK +@@ -136,10 +133,6 @@ guestfs_impl_add_domain (guestfs_h *g, const char *domain_name, + optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK; + optargs2.readonly = readonly; + } +- if (iface) { +- optargs2.bitmask |= GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK; +- optargs2.iface = iface; +- } + if (live) { + error (g, _("libguestfs live support was removed in libguestfs 1.48")); + goto cleanup; +@@ -193,7 +186,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, + virDomainPtr dom = domvp; + ssize_t r; + int readonly; +- const char *iface; + const char *cachemode; + const char *discard; + bool copyonread; +@@ -208,9 +200,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, + readonly = + optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_READONLY_BITMASK + ? optargs->readonly : 0; +- iface = +- optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_IFACE_BITMASK +- ? optargs->iface : NULL; + live = + optargs->bitmask & GUESTFS_ADD_LIBVIRT_DOM_LIVE_BITMASK + ? optargs->live : 0; +@@ -289,10 +278,6 @@ guestfs_impl_add_libvirt_dom (guestfs_h *g, void *domvp, + data.optargs.bitmask = 0; + data.readonly = readonly; + data.readonlydisk = readonlydisk; +- if (iface) { +- data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_IFACE_BITMASK; +- data.optargs.iface = iface; +- } + if (cachemode) { + data.optargs.bitmask |= GUESTFS_ADD_DRIVE_OPTS_CACHEMODE_BITMASK; + data.optargs.cachemode = cachemode; +-- +2.31.1 + diff --git a/SOURCES/0005-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch b/SOURCES/0005-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch deleted file mode 100644 index 8ec3435..0000000 --- a/SOURCES/0005-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 80899629519139a7eb86842942a9471d05eb4112 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 23 Dec 2021 11:37:00 +0100 -Subject: [PATCH] lib: extract NETWORK_ADDRESS and NETWORK_PREFIX as macros - -The 169.254.0.0/16 network specification (for the appliance) is currently -duplicated between the direct backend and the libvirt backend. In a -subsequent patch, we're going to need the network specification in yet -another spot; extract it now to the NETWORK_ADDRESS and NETWORK_PREFIX -macros (simply as strings). - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160 -Signed-off-by: Laszlo Ersek -Message-Id: <20211223103701.12702-3-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -Tested-by: Richard W.M. Jones -(cherry picked from commit 216de164e091a5c36403f24901698044a43ae0d9) ---- - lib/guestfs-internal.h | 6 ++++++ - lib/launch-direct.c | 2 +- - lib/launch-libvirt.c | 3 ++- - 3 files changed, 9 insertions(+), 2 deletions(-) - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index 8eb2dd3ad..e24d570f5 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -183,6 +183,12 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) - #endif - #endif - -+/* Network address and network mask (expressed as address prefix) that the -+ * appliance will see (if networking is enabled). -+ */ -+#define NETWORK_ADDRESS "169.254.0.0" -+#define NETWORK_PREFIX "16" -+ - /* Guestfs handle and associated structures. */ - - /* State. */ -diff --git a/lib/launch-direct.c b/lib/launch-direct.c -index e5b9a5611..4f038f4f0 100644 ---- a/lib/launch-direct.c -+++ b/lib/launch-direct.c -@@ -689,7 +689,7 @@ launch_direct (guestfs_h *g, void *datav, const char *arg) - start_list ("-netdev") { - append_list ("user"); - append_list ("id=usernet"); -- append_list ("net=169.254.0.0/16"); -+ append_list ("net=" NETWORK_ADDRESS "/" NETWORK_PREFIX); - } end_list (); - start_list ("-device") { - append_list (VIRTIO_DEVICE_NAME ("virtio-net")); -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index 9e8336938..266d88824 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1843,7 +1843,8 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g, - } end_element (); - - start_element ("qemu:arg") { -- attribute ("value", "user,id=usernet,net=169.254.0.0/16"); -+ attribute ("value", -+ "user,id=usernet,net=" NETWORK_ADDRESS "/" NETWORK_PREFIX); - } end_element (); - - start_element ("qemu:arg") { --- -2.31.1 - diff --git a/SOURCES/0006-launch-libvirt-add-virtio-net-via-the-standard-inter.patch b/SOURCES/0006-launch-libvirt-add-virtio-net-via-the-standard-inter.patch deleted file mode 100644 index 0c829aa..0000000 --- a/SOURCES/0006-launch-libvirt-add-virtio-net-via-the-standard-inter.patch +++ /dev/null @@ -1,91 +0,0 @@ -From a18bc12081bcebf2d78883d1c6981c454149bb39 Mon Sep 17 00:00:00 2001 -From: Laszlo Ersek -Date: Thu, 23 Dec 2021 11:37:01 +0100 -Subject: [PATCH] launch-libvirt: add virtio-net via the standard - element - -Starting with version 3.8.0, libvirt allows us to specify the network -address and network mask (as prefix) for SLIRP directly via the - element in the domain XML: -. This means -we don't need the hack for virtio-net on such versions. - -Restrict the hack in construct_libvirt_xml_qemu_cmdline() to -libvirt<3.8.0, and generate the proper element in -construct_libvirt_xml_devices() on libvirt>=3.8.0. - -Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160 -Suggested-by: Richard W.M. Jones -Signed-off-by: Laszlo Ersek -Message-Id: <20211223103701.12702-4-lersek@redhat.com> -Reviewed-by: Richard W.M. Jones -Tested-by: Richard W.M. Jones -(cherry picked from commit 5858c2cf6c24b3776e3867eafd9d86a1f4912d9c) ---- - lib/guestfs-internal.h | 3 ++- - lib/launch-libvirt.c | 27 +++++++++++++++++++++++++-- - 2 files changed, 27 insertions(+), 3 deletions(-) - -diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h -index e24d570f5..4a19e5c6b 100644 ---- a/lib/guestfs-internal.h -+++ b/lib/guestfs-internal.h -@@ -173,7 +173,8 @@ cleanup_mutex_unlock (pthread_mutex_t **ptr) - #endif - - /* Place the virtio-net controller in slot 0x1e on the root bus, on normal -- * hardware with PCI. Refer to RHBZ#2034160. -+ * hardware with PCI. Necessary only before libvirt 3.8.0. Refer to -+ * RHBZ#2034160. - */ - #ifdef HAVE_LIBVIRT_BACKEND - #if defined(__arm__) || defined(__s390x__) -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index 266d88824..cc714c02e 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1413,6 +1413,28 @@ construct_libvirt_xml_devices (guestfs_h *g, - } end_element (); - } end_element (); - -+ /* Virtio-net NIC with SLIRP (= userspace) back-end, if networking is -+ * enabled. Starting with libvirt 3.8.0, we can specify the network address -+ * and prefix for SLIRP in the domain XML. Therefore, we can add the NIC -+ * via the standard element rather than , and -+ * so libvirt can manage the PCI address of the virtio-net NIC like the PCI -+ * addresses of all other devices. Refer to RHBZ#2034160. -+ */ -+ if (g->enable_network && -+ guestfs_int_version_ge (¶ms->data->libvirt_version, 3, 8, 0)) { -+ start_element ("interface") { -+ attribute ("type", "user"); -+ start_element ("model") { -+ attribute ("type", "virtio"); -+ } end_element (); -+ start_element ("ip") { -+ attribute ("family", "ipv4"); -+ attribute ("address", NETWORK_ADDRESS); -+ attribute ("prefix", NETWORK_PREFIX); -+ } end_element (); -+ } end_element (); -+ } -+ - /* Libvirt adds some devices by default. Indicate to libvirt - * that we don't want them. - */ -@@ -1835,9 +1857,10 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g, - } end_element (); - - /* Workaround because libvirt user networking cannot specify "net=" -- * parameter. -+ * parameter. Necessary only before libvirt 3.8.0; refer to RHBZ#2034160. - */ -- if (g->enable_network) { -+ if (g->enable_network && -+ !guestfs_int_version_ge (¶ms->data->libvirt_version, 3, 8, 0)) { - start_element ("qemu:arg") { - attribute ("value", "-netdev"); - } end_element (); --- -2.31.1 - diff --git a/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch b/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch new file mode 100644 index 0000000..9386a58 --- /dev/null +++ b/SOURCES/0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch @@ -0,0 +1,82 @@ +From f408b24d8d8f5b5f4e1a25c1046c3a18107c8d80 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 4 May 2022 15:41:54 +0200 +Subject: [PATCH] lib: rename VALID_FORMAT_IFACE to VALID_FORMAT + +We no longer use VALID_FORMAT_IFACE for validating "iface"; rename the +macro to reflect that we only check "format" with it. + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 +Signed-off-by: Laszlo Ersek +Message-Id: <20220504134155.11832-4-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit c8e3caf9e6000ea2f5cfbe30ffe1240317bb4578) +--- + lib/drives.c | 4 ++-- + lib/unit-tests.c | 16 ++++++++-------- + 2 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/lib/drives.c b/lib/drives.c +index 8fe46a41c..c5a208468 100644 +--- a/lib/drives.c ++++ b/lib/drives.c +@@ -593,7 +593,7 @@ guestfs_int_free_drives (guestfs_h *g) + * Check string parameter matches regular expression + * C<^[-_[:alnum:]]+$> (in C locale). + */ +-#define VALID_FORMAT_IFACE(str) \ ++#define VALID_FORMAT(str) \ + guestfs_int_string_is_valid ((str), 1, 0, \ + VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") + +@@ -790,7 +790,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, + return -1; + } + +- if (data.format && !VALID_FORMAT_IFACE (data.format)) { ++ if (data.format && !VALID_FORMAT (data.format)) { + error (g, _("%s parameter is empty or contains disallowed characters"), + "format"); + free_drive_servers (data.servers, data.nr_servers); +diff --git a/lib/unit-tests.c b/lib/unit-tests.c +index 62457ccba..0e550cb98 100644 +--- a/lib/unit-tests.c ++++ b/lib/unit-tests.c +@@ -434,7 +434,7 @@ test_stringsbuf (void) + } + + /* Use the same macros as in lib/drives.c */ +-#define VALID_FORMAT_IFACE(str) \ ++#define VALID_FORMAT(str) \ + guestfs_int_string_is_valid ((str), 1, 0, \ + VALID_FLAG_ALPHA|VALID_FLAG_DIGIT, "-_") + #define VALID_DISK_LABEL(str) \ +@@ -446,18 +446,18 @@ test_stringsbuf (void) + static void + test_valid (void) + { +- assert (!VALID_FORMAT_IFACE ("")); ++ assert (!VALID_FORMAT ("")); + assert (!VALID_DISK_LABEL ("")); + assert (!VALID_HOSTNAME ("")); + + assert (!VALID_DISK_LABEL ("012345678901234567890")); + +- assert (VALID_FORMAT_IFACE ("abc")); +- assert (VALID_FORMAT_IFACE ("ABC")); +- assert (VALID_FORMAT_IFACE ("abc123")); +- assert (VALID_FORMAT_IFACE ("abc123-")); +- assert (VALID_FORMAT_IFACE ("abc123_")); +- assert (!VALID_FORMAT_IFACE ("abc123.")); ++ assert (VALID_FORMAT ("abc")); ++ assert (VALID_FORMAT ("ABC")); ++ assert (VALID_FORMAT ("abc123")); ++ assert (VALID_FORMAT ("abc123-")); ++ assert (VALID_FORMAT ("abc123_")); ++ assert (!VALID_FORMAT ("abc123.")); + + assert (VALID_DISK_LABEL ("abc")); + assert (VALID_DISK_LABEL ("ABC")); +-- +2.31.1 + diff --git a/SOURCES/0007-RHEL-Remove-libguestfs-live-RHBZ-798980.patch b/SOURCES/0007-RHEL-Remove-libguestfs-live-RHBZ-798980.patch deleted file mode 100644 index 5b83340..0000000 --- a/SOURCES/0007-RHEL-Remove-libguestfs-live-RHBZ-798980.patch +++ /dev/null @@ -1,55 +0,0 @@ -From dabee87775ee919a8ae930ca5f03c7bb4b7616e6 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Fri, 21 Dec 2012 15:50:11 +0000 -Subject: [PATCH] RHEL: Remove libguestfs live (RHBZ#798980). - -This isn't supported in RHEL. - -Disable daemon tests that require the 'unix' backend. ---- - lib/launch-unix.c | 7 +++++++ - tests/Makefile.am | 3 --- - 2 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/lib/launch-unix.c b/lib/launch-unix.c -index 0d344f9df..74dd1bb4a 100644 ---- a/lib/launch-unix.c -+++ b/lib/launch-unix.c -@@ -37,6 +37,12 @@ - static int - launch_unix (guestfs_h *g, void *datav, const char *sockpath) - { -+ error (g, -+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n" -+ "In particular, \"libguestfs live\" is not supported."); -+ return -1; -+ -+#if 0 - int r, daemon_sock = -1; - struct sockaddr_un addr; - uint32_t size; -@@ -106,6 +112,7 @@ launch_unix (guestfs_h *g, void *datav, const char *sockpath) - g->conn = NULL; - } - return -1; -+#endif - } - - static int -diff --git a/tests/Makefile.am b/tests/Makefile.am -index 690e09b5e..919e2f248 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -328,9 +328,6 @@ EXTRA_DIST += create/test-disk-create.sh - - check_DATA = daemon/captive-daemon.pm - --TESTS += \ -- daemon/test-daemon-start.pl \ -- daemon/test-btrfs.pl - EXTRA_DIST += \ - daemon/test-daemon-start.pl \ - daemon/test-btrfs.pl --- -2.31.1 - diff --git a/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch b/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch new file mode 100644 index 0000000..5c8c1d0 --- /dev/null +++ b/SOURCES/0007-tests-regressions-remove-iface-based-restrictions.patch @@ -0,0 +1,74 @@ +From 431ca828e9f7d7a6c7e315b410f381304986ba44 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 4 May 2022 15:41:55 +0200 +Subject: [PATCH] tests/regressions: remove "iface"-based restrictions + +Now that "iface" is ignored by both backends, the regression tests for +RHBZ 690819 and 975797 can be enabled on all arches (regardless of +backend). + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1844341 +Signed-off-by: Laszlo Ersek +Message-Id: <20220504134155.11832-5-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit ddf276884c04418a32902689cf8fc3506be3ca4b) +--- + tests/regressions/rhbz690819.sh | 10 +++------- + tests/regressions/rhbz975797.sh | 10 +++------- + 2 files changed, 6 insertions(+), 14 deletions(-) + +diff --git a/tests/regressions/rhbz690819.sh b/tests/regressions/rhbz690819.sh +index e6f61d00d..9e1bcda84 100755 +--- a/tests/regressions/rhbz690819.sh ++++ b/tests/regressions/rhbz690819.sh +@@ -19,18 +19,14 @@ + # https://bugzilla.redhat.com/show_bug.cgi?id=690819 + # mkfs fails creating a filesytem on a disk device when using a disk + # with 'ide' interface ++# ++# The 'iface' parameter is now ignored: ++# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 + + set -e + + $TEST_FUNCTIONS + skip_if_skipped +-# These architectures don't support the 'ide' interface. +-skip_if_arch arm +-skip_if_arch aarch64 +-skip_if_arch ppc64 +-skip_if_arch ppc64le +-skip_if_arch s390x +-skip_if_backend libvirt + + rm -f rhbz690819.img + +diff --git a/tests/regressions/rhbz975797.sh b/tests/regressions/rhbz975797.sh +index c676abfa3..feecf1f2b 100755 +--- a/tests/regressions/rhbz975797.sh ++++ b/tests/regressions/rhbz975797.sh +@@ -19,18 +19,14 @@ + # Regression test for: + # https://bugzilla.redhat.com/show_bug.cgi?id=975797 + # Ensure the appliance doesn't hang when using the 'iface' parameter. ++# ++# The 'iface' parameter is now ignored: ++# https://bugzilla.redhat.com/show_bug.cgi?id=1844341 + + set -e + + $TEST_FUNCTIONS + skip_if_skipped +-# These architectures don't support the 'ide' interface. +-skip_if_arch arm +-skip_if_arch aarch64 +-skip_if_arch ppc64 +-skip_if_arch ppc64le +-skip_if_arch s390x +-skip_if_backend libvirt + + rm -f rhbz975797-*.img + +-- +2.31.1 + diff --git a/SOURCES/0008-RHEL-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch b/SOURCES/0008-RHEL-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch deleted file mode 100644 index 4a95522..0000000 --- a/SOURCES/0008-RHEL-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch +++ /dev/null @@ -1,329 +0,0 @@ -From 8d426264789f4b2ab5557087a39973e6fbc20983 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 18 Jul 2013 18:31:53 +0100 -Subject: [PATCH] RHEL: Remove 9p APIs from RHEL (RHBZ#921710). - ---- - daemon/9p.c | 182 -------------------------------------- - daemon/Makefile.am | 1 - - docs/C_SOURCE_FILES | 1 - - generator/actions_core.ml | 21 ----- - generator/proc_nr.ml | 2 - - gobject/Makefile.inc | 2 - - po/POTFILES | 2 - - tests/Makefile.am | 1 - - 8 files changed, 212 deletions(-) - delete mode 100644 daemon/9p.c - -diff --git a/daemon/9p.c b/daemon/9p.c -deleted file mode 100644 -index 9a3a5cfdf..000000000 ---- a/daemon/9p.c -+++ /dev/null -@@ -1,182 +0,0 @@ --/* libguestfs - the guestfsd daemon -- * Copyright (C) 2011 Red Hat Inc. -- * -- * This program is free software; you can redistribute it and/or modify -- * it under the terms of the GNU General Public License as published by -- * the Free Software Foundation; either version 2 of the License, or -- * (at your option) any later version. -- * -- * This program is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with this program; if not, write to the Free Software -- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -- */ -- --#include -- --#include --#include --#include --#include --#include --#include --#include --#include --#include --#include -- --#include "ignore-value.h" -- --#include "daemon.h" --#include "actions.h" -- --#define BUS_PATH "/sys/bus/virtio/drivers/9pnet_virtio" -- --static void --modprobe_9pnet_virtio (void) --{ -- /* Required with Linux 5.6 and maybe earlier kernels. For unclear -- * reasons the module is not an automatic dependency of the 9p -- * module so doesn't get loaded automatically. -- */ -- ignore_value (command (NULL, NULL, "modprobe", "9pnet_virtio", NULL)); --} -- --/* https://bugzilla.redhat.com/show_bug.cgi?id=714981#c1 */ --char ** --do_list_9p (void) --{ -- CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (r); -- DIR *dir; -- -- modprobe_9pnet_virtio (); -- -- dir = opendir (BUS_PATH); -- if (!dir) { -- perror ("opendir: " BUS_PATH); -- if (errno != ENOENT) { -- reply_with_perror ("opendir: " BUS_PATH); -- return NULL; -- } -- -- /* If this directory doesn't exist, it probably means that -- * the virtio driver isn't loaded. Don't return an error -- * in this case, but return an empty list. -- */ -- if (end_stringsbuf (&r) == -1) -- return NULL; -- -- return take_stringsbuf (&r); -- } -- -- while (1) { -- struct dirent *d; -- -- errno = 0; -- d = readdir (dir); -- if (d == NULL) break; -- -- if (STRPREFIX (d->d_name, "virtio")) { -- CLEANUP_FREE char *mount_tag_path = NULL; -- if (asprintf (&mount_tag_path, BUS_PATH "/%s/mount_tag", -- d->d_name) == -1) { -- reply_with_perror ("asprintf"); -- closedir (dir); -- return NULL; -- } -- -- /* A bit unclear, but it looks like the virtio transport allows -- * the mount tag length to be unlimited (or up to 65536 bytes). -- * See: linux/include/linux/virtio_9p.h -- */ -- CLEANUP_FREE char *mount_tag = read_whole_file (mount_tag_path, NULL); -- if (mount_tag == 0) -- continue; -- -- if (add_string (&r, mount_tag) == -1) { -- closedir (dir); -- return NULL; -- } -- } -- } -- -- /* Check readdir didn't fail */ -- if (errno != 0) { -- reply_with_perror ("readdir: " BUS_PATH); -- closedir (dir); -- return NULL; -- } -- -- /* Close the directory handle */ -- if (closedir (dir) == -1) { -- reply_with_perror ("closedir: " BUS_PATH); -- return NULL; -- } -- -- /* Sort the tags. */ -- if (r.size > 0) -- sort_strings (r.argv, r.size); -- -- /* NULL terminate the list */ -- if (end_stringsbuf (&r) == -1) -- return NULL; -- -- return take_stringsbuf (&r); --} -- --/* Takes optional arguments, consult optargs_bitmask. */ --int --do_mount_9p (const char *mount_tag, const char *mountpoint, const char *options) --{ -- CLEANUP_FREE char *mp = NULL, *opts = NULL, *err = NULL; -- struct stat statbuf; -- int r; -- -- ABS_PATH (mountpoint, 0, return -1); -- -- mp = sysroot_path (mountpoint); -- if (!mp) { -- reply_with_perror ("malloc"); -- return -1; -- } -- -- /* Check the mountpoint exists and is a directory. */ -- if (stat (mp, &statbuf) == -1) { -- reply_with_perror ("%s", mountpoint); -- return -1; -- } -- if (!S_ISDIR (statbuf.st_mode)) { -- reply_with_perror ("%s: mount point is not a directory", mountpoint); -- return -1; -- } -- -- /* Add trans=virtio to the options. */ -- if ((optargs_bitmask & GUESTFS_MOUNT_9P_OPTIONS_BITMASK) && -- STRNEQ (options, "")) { -- if (asprintf (&opts, "trans=virtio,%s", options) == -1) { -- reply_with_perror ("asprintf"); -- return -1; -- } -- } -- else { -- opts = strdup ("trans=virtio"); -- if (opts == NULL) { -- reply_with_perror ("strdup"); -- return -1; -- } -- } -- -- modprobe_9pnet_virtio (); -- r = command (NULL, &err, -- "mount", "-o", opts, "-t", "9p", mount_tag, mp, NULL); -- if (r == -1) { -- reply_with_error ("%s on %s: %s", mount_tag, mountpoint, err); -- return -1; -- } -- -- return 0; --} -diff --git a/daemon/Makefile.am b/daemon/Makefile.am -index 7322bfa5d..872eaa8bc 100644 ---- a/daemon/Makefile.am -+++ b/daemon/Makefile.am -@@ -84,7 +84,6 @@ guestfsd_SOURCES = \ - ../common/protocol/guestfs_protocol.h \ - ../common/utils/cleanups.h \ - ../common/utils/guestfs-utils.h \ -- 9p.c \ - acl.c \ - actions.h \ - available.c \ -diff --git a/docs/C_SOURCE_FILES b/docs/C_SOURCE_FILES -index 6a97d8b0e..896314e7e 100644 ---- a/docs/C_SOURCE_FILES -+++ b/docs/C_SOURCE_FILES -@@ -43,7 +43,6 @@ common/visit/visit.c - common/visit/visit.h - common/windows/windows.c - common/windows/windows.h --daemon/9p.c - daemon/acl.c - daemon/actions.h - daemon/augeas.c -diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 226fb860a..05320fcd3 100644 ---- a/generator/actions_core.ml -+++ b/generator/actions_core.ml -@@ -6157,27 +6157,6 @@ This returns true iff the device exists and contains all zero bytes. - - Note that for large devices this can take a long time to run." }; - -- { defaults with -- name = "list_9p"; added = (1, 11, 12); -- style = RStringList (RPlainString, "mounttags"), [], []; -- shortdesc = "list 9p filesystems"; -- longdesc = "\ --List all 9p filesystems attached to the guest. A list of --mount tags is returned." }; -- -- { defaults with -- name = "mount_9p"; added = (1, 11, 12); -- style = RErr, [String (PlainString, "mounttag"); String (PlainString, "mountpoint")], [OString "options"]; -- camel_name = "Mount9P"; -- shortdesc = "mount 9p filesystem"; -- longdesc = "\ --Mount the virtio-9p filesystem with the tag C on the --directory C. -- --If required, C will be automatically added to the options. --Any other options required can be passed in the optional C --parameter." }; -- - { defaults with - name = "list_dm_devices"; added = (1, 11, 15); - style = RStringList (RDevice, "devices"), [], []; -diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml -index 74b95baf7..6b6cb7353 100644 ---- a/generator/proc_nr.ml -+++ b/generator/proc_nr.ml -@@ -295,8 +295,6 @@ let proc_nr = [ - 282, "internal_autosync"; - 283, "is_zero"; - 284, "is_zero_device"; --285, "list_9p"; --286, "mount_9p"; - 287, "list_dm_devices"; - 288, "ntfsresize"; - 289, "btrfs_filesystem_resize"; -diff --git a/gobject/Makefile.inc b/gobject/Makefile.inc -index 650f8ddac..c4e735967 100644 ---- a/gobject/Makefile.inc -+++ b/gobject/Makefile.inc -@@ -94,7 +94,6 @@ guestfs_gobject_headers= \ - include/guestfs-gobject/optargs-mksquashfs.h \ - include/guestfs-gobject/optargs-mkswap.h \ - include/guestfs-gobject/optargs-mktemp.h \ -- include/guestfs-gobject/optargs-mount_9p.h \ - include/guestfs-gobject/optargs-mount_local.h \ - include/guestfs-gobject/optargs-ntfsclone_out.h \ - include/guestfs-gobject/optargs-ntfsfix.h \ -@@ -188,7 +187,6 @@ guestfs_gobject_sources= \ - src/optargs-mksquashfs.c \ - src/optargs-mkswap.c \ - src/optargs-mktemp.c \ -- src/optargs-mount_9p.c \ - src/optargs-mount_local.c \ - src/optargs-ntfsclone_out.c \ - src/optargs-ntfsfix.c \ -diff --git a/po/POTFILES b/po/POTFILES -index 29205b6a6..23afe619c 100644 ---- a/po/POTFILES -+++ b/po/POTFILES -@@ -26,7 +26,6 @@ common/utils/stringlists-utils.c - common/utils/utils.c - common/visit/visit.c - common/windows/windows.c --daemon/9p.c - daemon/acl.c - daemon/augeas.c - daemon/available.c -@@ -264,7 +263,6 @@ gobject/src/optargs-mkfs_btrfs.c - gobject/src/optargs-mksquashfs.c - gobject/src/optargs-mkswap.c - gobject/src/optargs-mktemp.c --gobject/src/optargs-mount_9p.c - gobject/src/optargs-mount_local.c - gobject/src/optargs-ntfsclone_out.c - gobject/src/optargs-ntfsfix.c -diff --git a/tests/Makefile.am b/tests/Makefile.am -index 919e2f248..e3613fec4 100644 ---- a/tests/Makefile.am -+++ b/tests/Makefile.am -@@ -43,7 +43,6 @@ check-slow: - check-valgrind: - $(MAKE) VG="@VG@" check - --TESTS += 9p/test-9p.sh - EXTRA_DIST += 9p/test-9p.sh - - SLOW_TESTS += bigdirs/test-big-dirs.pl --- -2.31.1 - diff --git a/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch b/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch new file mode 100644 index 0000000..b3aba8f --- /dev/null +++ b/SOURCES/0008-generator-customize-invert-SELinux-relabeling-defaul.patch @@ -0,0 +1,56 @@ +From 8f800b369ada05ea690cebb0bb5e0fed0ba1c548 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Tue, 10 May 2022 12:27:57 +0200 +Subject: [PATCH] generator/customize: invert SELinux relabeling default + +Replace the "--selinux-relabel" option with "--no-selinux-relabel", +inverting the default behavior (for guests with SELinux support, that is +-- relabeling is always skipped for guests that don't support SELinux.) + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1554735 +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2075718 +Signed-off-by: Laszlo Ersek +Message-Id: <20220510102757.14466-3-lersek@redhat.com> +Acked-by: Richard W.M. Jones +(cherry picked from commit 2f6a27f1077d32d1ab526427052fc88e188356f7) +--- + generator/customize.ml | 19 +++++++++++-------- + 1 file changed, 11 insertions(+), 8 deletions(-) + +diff --git a/generator/customize.ml b/generator/customize.ml +index 3b3eec6d2..9634dad85 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -564,18 +564,21 @@ to modify C (Fedora, RHEL) or + C (Debian, Ubuntu)."; + }; + +- { flag_name = "selinux-relabel"; ++ { flag_name = "no-selinux-relabel"; + flag_type = FlagBool false (* XXX - the default in virt-builder *); +- flag_ml_var = "selinux_relabel"; +- flag_shortdesc = "Relabel files with correct SELinux labels"; ++ flag_ml_var = "no_selinux_relabel"; ++ flag_shortdesc = "Do not relabel files with correct SELinux labels"; + flag_pod_longdesc = "\ +-Relabel files in the guest so that they have the correct SELinux label. ++Do not attempt to correct the SELinux labels of files in the guest. + +-This will attempt to relabel files immediately, but if the operation fails +-this will instead touch F on the image to schedule a +-relabel operation for the next time the image boots. ++In such guests that support SELinux, customization automatically ++relabels files so that they have the correct SELinux label. (The ++relabeling is performed immediately, but if the operation fails, ++customization will instead touch F on the image to ++schedule a relabel operation for the next time the image boots.) This ++option disables the automatic relabeling. + +-This option is a no-op for guests that do not support SELinux."; ++The option is a no-op for guests that do not support SELinux."; + }; + + { flag_name = "sm-credentials"; +-- +2.31.1 + diff --git a/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch b/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch new file mode 100644 index 0000000..4c8b115 --- /dev/null +++ b/SOURCES/0009-generator-customize-reintroduce-selinux-relabel-as-a.patch @@ -0,0 +1,42 @@ +From 4cfba19fa2b087c4b2c5a1b67aa70eb16e9d5a59 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Wed, 25 May 2022 09:19:58 +0200 +Subject: [PATCH] generator/customize: reintroduce "--selinux-relabel" as a + compat option + +Removing "--selinux-relabel" in commit 2f6a27f1077d ("generator/customize: +invert SELinux relabeling default", 2022-05-11) breaks existing scripts +that invoke virt-customize and/or virt-sysprep with that option. Restore +the option, with no functionality tied to it. + +Fixes: 2f6a27f1077d32d1ab526427052fc88e188356f7 +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2089748 +Signed-off-by: Laszlo Ersek +Message-Id: <20220525071958.9612-1-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 4b9ee1052a4396621485fdd56d6826714e7481b1) +--- + generator/customize.ml | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/generator/customize.ml b/generator/customize.ml +index 9634dad85..5abaf206f 100644 +--- a/generator/customize.ml ++++ b/generator/customize.ml +@@ -581,6 +581,13 @@ option disables the automatic relabeling. + The option is a no-op for guests that do not support SELinux."; + }; + ++ { flag_name = "selinux-relabel"; ++ flag_type = FlagBool false; ++ flag_ml_var = "selinux_relabel_ignored"; ++ flag_shortdesc = "Compatibility option doing nothing"; ++ flag_pod_longdesc = "This is a compatibility option that does nothing."; ++ }; ++ + { flag_name = "sm-credentials"; + flag_type = FlagSMCredentials "SELECTOR"; + flag_ml_var = "sm_credentials"; +-- +2.31.1 + diff --git a/SOURCES/0009-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch b/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch similarity index 93% rename from SOURCES/0009-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch rename to SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch index 8f7e83a..e558c88 100644 --- a/SOURCES/0009-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch +++ b/SOURCES/0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch @@ -1,4 +1,4 @@ -From cb18280888d6ab9e840b79ec93eeecf11127b6e6 Mon Sep 17 00:00:00 2001 +From 010cd5ff441166c01125fc588398a1fb8367a852 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 29 Jul 2013 14:47:56 +0100 Subject: [PATCH] RHEL: Disable unsupported remote drive protocols @@ -62,7 +62,7 @@ index f558964bf..8f264ed17 100644 Run L on guests or disk images: diff --git a/fish/guestfish.pod b/fish/guestfish.pod -index 9f086f110..bb4167b06 100644 +index ae2445571..46cba64ff 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -131,9 +131,9 @@ To list what is available do: @@ -77,7 +77,7 @@ index 9f086f110..bb4167b06 100644 =head2 Remote control -@@ -1134,12 +1134,12 @@ L>. +@@ -1129,12 +1129,12 @@ L>. On the command line, you can use the I<-a> option to add network block devices using a URI-style format, for example: @@ -92,7 +92,7 @@ index 9f086f110..bb4167b06 100644 The possible I<-a URI> formats are described below. -@@ -1149,40 +1149,6 @@ The possible I<-a URI> formats are described below. +@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below. Add the local disk image (or device) called F. @@ -133,7 +133,7 @@ index 9f086f110..bb4167b06 100644 =head2 B<-a nbd://example.com[:port]> =head2 B<-a nbd://example.com[:port]/exportname> -@@ -1217,35 +1183,13 @@ The equivalent API command would be: +@@ -1212,35 +1178,13 @@ The equivalent API command would be: > add pool/disk protocol:rbd server:tcp:example.com:port @@ -220,10 +220,10 @@ index 21d424984..ddabeb639 100755 rm test-add-uri.out rm test-add-uri.img diff --git a/generator/actions_core.ml b/generator/actions_core.ml -index 05320fcd3..155d739fe 100644 +index 807150615..6cd42a290 100644 --- a/generator/actions_core.ml +++ b/generator/actions_core.ml -@@ -297,29 +297,6 @@ F is interpreted as a local file or device. +@@ -350,29 +350,6 @@ F is interpreted as a local file or device. This is the default if the optional protocol parameter is omitted. @@ -253,7 +253,7 @@ index 05320fcd3..155d739fe 100644 =item C Connect to the Network Block Device server. -@@ -336,22 +313,6 @@ The C parameter may be supplied. See below. +@@ -389,22 +366,6 @@ The C parameter may be supplied. See below. See also: L. @@ -276,7 +276,7 @@ index 05320fcd3..155d739fe 100644 =back =item C -@@ -362,13 +323,8 @@ is a list of server(s). +@@ -415,13 +376,8 @@ is a list of server(s). Protocol Number of servers required -------- -------------------------- file List must be empty or param not used at all @@ -290,7 +290,7 @@ index 05320fcd3..155d739fe 100644 Each list element is a string specifying a server. The string must be in one of the following formats: -@@ -384,10 +340,10 @@ for the protocol is used (see F). +@@ -437,10 +393,10 @@ for the protocol is used (see F). =item C @@ -305,10 +305,10 @@ index 05320fcd3..155d739fe 100644 example if using the libvirt backend and if the libvirt backend is configured to start the qemu appliance as a special user such as C. If in doubt, diff --git a/lib/drives.c b/lib/drives.c -index 46af66db4..c81ded5d7 100644 +index c5a208468..efb289254 100644 --- a/lib/drives.c +++ b/lib/drives.c -@@ -168,6 +168,7 @@ create_drive_non_file (guestfs_h *g, +@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g, return drv; } @@ -316,7 +316,7 @@ index 46af66db4..c81ded5d7 100644 static struct drive * create_drive_curl (guestfs_h *g, const struct drive_create_data *data) -@@ -226,6 +227,7 @@ create_drive_gluster (guestfs_h *g, +@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g, return create_drive_non_file (g, data); } @@ -324,7 +324,7 @@ index 46af66db4..c81ded5d7 100644 static int nbd_port (void) -@@ -294,6 +296,7 @@ create_drive_rbd (guestfs_h *g, +@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g, return create_drive_non_file (g, data); } @@ -332,7 +332,7 @@ index 46af66db4..c81ded5d7 100644 static struct drive * create_drive_sheepdog (guestfs_h *g, const struct drive_create_data *data) -@@ -394,6 +397,7 @@ create_drive_iscsi (guestfs_h *g, +@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g, return create_drive_non_file (g, data); } @@ -340,7 +340,7 @@ index 46af66db4..c81ded5d7 100644 /** * Create the special F drive. -@@ -856,6 +860,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, +@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, drv = create_drive_file (g, &data); } } @@ -348,7 +348,7 @@ index 46af66db4..c81ded5d7 100644 else if (STREQ (protocol, "ftp")) { data.protocol = drive_protocol_ftp; drv = create_drive_curl (g, &data); -@@ -880,6 +885,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, +@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, data.protocol = drive_protocol_iscsi; drv = create_drive_iscsi (g, &data); } @@ -356,7 +356,7 @@ index 46af66db4..c81ded5d7 100644 else if (STREQ (protocol, "nbd")) { data.protocol = drive_protocol_nbd; drv = create_drive_nbd (g, &data); -@@ -888,6 +894,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, +@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, data.protocol = drive_protocol_rbd; drv = create_drive_rbd (g, &data); } @@ -364,7 +364,7 @@ index 46af66db4..c81ded5d7 100644 else if (STREQ (protocol, "sheepdog")) { data.protocol = drive_protocol_sheepdog; drv = create_drive_sheepdog (g, &data); -@@ -900,6 +907,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, +@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename, data.protocol = drive_protocol_tftp; drv = create_drive_curl (g, &data); } @@ -373,12 +373,12 @@ index 46af66db4..c81ded5d7 100644 error (g, _("unknown protocol ‘%s’"), protocol); drv = NULL; /*FALLTHROUGH*/ diff --git a/lib/guestfs.pod b/lib/guestfs.pod -index ff58aa0bb..1af00f1bb 100644 +index 1ad44e7c2..946ce2d36 100644 --- a/lib/guestfs.pod +++ b/lib/guestfs.pod -@@ -715,70 +715,6 @@ servers. The server string is documented in - L. The C and C parameters are - also optional, and if not given, then no authentication will be used. +@@ -712,70 +712,6 @@ a qcow2 backing file specification, libvirt does not construct an + ephemeral secret object from those, for Ceph authentication. Refer to + L. -=head3 FTP, HTTP AND TFTP - @@ -447,7 +447,7 @@ index ff58aa0bb..1af00f1bb 100644 =head3 NETWORK BLOCK DEVICE Libguestfs can access Network Block Device (NBD) disks remotely. -@@ -841,42 +777,6 @@ L +@@ -838,42 +774,6 @@ L =back diff --git a/SOURCES/0010-RHEL-Remove-User-Mode-Linux-RHBZ-1144197.patch b/SOURCES/0010-RHEL-Remove-User-Mode-Linux-RHBZ-1144197.patch deleted file mode 100644 index 958b7df..0000000 --- a/SOURCES/0010-RHEL-Remove-User-Mode-Linux-RHBZ-1144197.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 1bb653591b25ac31ef773e0020cd0b0e5715d5cf Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Fri, 19 Sep 2014 13:38:20 +0100 -Subject: [PATCH] RHEL: Remove User-Mode Linux (RHBZ#1144197). - -This isn't supported in RHEL. ---- - lib/launch-uml.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/lib/launch-uml.c b/lib/launch-uml.c -index 5aec50a57..8b9fcd770 100644 ---- a/lib/launch-uml.c -+++ b/lib/launch-uml.c -@@ -44,7 +44,9 @@ struct backend_uml_data { - char umid[UML_UMID_LEN+1]; /* umid=<...> unique ID. */ - }; - -+#if 0 - static void print_vmlinux_command_line (guestfs_h *g, char **argv); -+#endif - - /* Run uml_mkcow to create a COW overlay. */ - static char * -@@ -81,6 +83,7 @@ create_cow_overlay_uml (guestfs_h *g, void *datav, struct drive *drv) - return make_cow_overlay (g, drv->src.u.path); - } - -+#if 0 - /* Test for features which are not supported by the UML backend. - * Possibly some of these should just be warnings, not errors. - */ -@@ -133,10 +136,17 @@ uml_supported (guestfs_h *g) - - return true; - } -+#endif - - static int - launch_uml (guestfs_h *g, void *datav, const char *arg) - { -+ error (g, -+ "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n" -+ "In particular, User-Mode Linux (UML) is not supported."); -+ return -1; -+ -+#if 0 - struct backend_uml_data *data = datav; - CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (cmdline); - int console_sock = -1, daemon_sock = -1; -@@ -496,8 +506,10 @@ launch_uml (guestfs_h *g, void *datav, const char *arg) - } - g->state = CONFIG; - return -1; -+#endif - } - -+#if 0 - /* This is called from the forked subprocess just before vmlinux runs, - * so it can just print the message straight to stderr, where it will - * be picked up and funnelled through the usual appliance event API. -@@ -527,6 +539,7 @@ print_vmlinux_command_line (guestfs_h *g, char **argv) - - fputc ('\n', stderr); - } -+#endif - - static int - shutdown_uml (guestfs_h *g, void *datav, int check_for_errors) --- -2.31.1 - diff --git a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch b/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch index 18e9701..bae7529 100644 --- a/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch +++ b/SOURCES/0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch @@ -1,4 +1,4 @@ -From 6372b9cd8bb2d8a183fc6d2ca4688047a0474c2f Mon Sep 17 00:00:00 2001 +From d59942a7a3d1ca2248a94099d28f7555378d7993 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 7 Jul 2015 09:28:03 -0400 Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for diff --git a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch b/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch index ea0509a..5683472 100644 --- a/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch +++ b/SOURCES/0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch @@ -1,4 +1,4 @@ -From c50bb81e40b36a74c15f9bc515a2f04a1eb00673 Mon Sep 17 00:00:00 2001 +From c1ff450bcee1465f0eaca00a4d6c8c731f175488 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 29 Jun 2021 15:29:11 +0100 Subject: [PATCH] RHEL: Create /etc/crypto-policies/back-ends/opensslcnf.config @@ -9,7 +9,7 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1977214#c13 1 file changed, 8 insertions(+) diff --git a/appliance/init b/appliance/init -index 7076821d2..fe6497b4d 100755 +index 19aa151b7..e67d88280 100755 --- a/appliance/init +++ b/appliance/init @@ -76,6 +76,14 @@ if ! test -e /etc/mtab; then diff --git a/SOURCES/0013-daemon-rpm-c.c-Disable-signature-checking-in-librpm.patch b/SOURCES/0013-daemon-rpm-c.c-Disable-signature-checking-in-librpm.patch deleted file mode 100644 index f134d1a..0000000 --- a/SOURCES/0013-daemon-rpm-c.c-Disable-signature-checking-in-librpm.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 46c0694ce0b9a2fe357403c998d30ec807e07015 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 15 Mar 2022 10:22:49 +0000 -Subject: [PATCH] daemon/rpm-c.c: Disable signature checking in librpm - -Older distros (eg CentOS 6) used SHA-1 RPM package signatures which -some newer distros (eg RHEL 9.0) prevent us from verifying. - -This resulted in packages with SHA-1 signatures being skipped by -librpm (there is a warning in debug output, but if you're not looking -at that then the package is silently ignored). In some cases -essential packages like the kernel were skipped, which would be -visible as a failure of virt-v2v. In other cases (eg virt-inspector) -you'd just see fewer installed packages in the list. - -Since verifying package signatures is not essential for inspection, -disable this feature in librpm. - -Reported-by: Xiaodai Wang -Thanks: Panu Matilainen -Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2064182 -Signed-off-by: Richard W.M. Jones -(cherry picked from commit aa6f8038f826bfb37ddbbb575e6962e1e181c5e8) ---- - daemon/rpm-c.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/daemon/rpm-c.c b/daemon/rpm-c.c -index be0e81e22..020fc588e 100644 ---- a/daemon/rpm-c.c -+++ b/daemon/rpm-c.c -@@ -90,7 +90,12 @@ value - guestfs_int_daemon_rpm_start_iterator (value unitv) - { - CAMLparam1 (unitv); -+ - ts = rpmtsCreate (); -+ -+ /* Disable signature checking (RHBZ#2064182). */ -+ rpmtsSetVSFlags (ts, rpmtsVSFlags (ts) | RPMVSF_MASK_NOSIGNATURES); -+ - iter = rpmtsInitIterator (ts, RPMDBI_PACKAGES, NULL, 0); - CAMLreturn (Val_unit); - } --- -2.31.1 - diff --git a/SOURCES/0013-php-add-arginfo-to-php-bindings.patch b/SOURCES/0013-php-add-arginfo-to-php-bindings.patch new file mode 100644 index 0000000..7122e7c --- /dev/null +++ b/SOURCES/0013-php-add-arginfo-to-php-bindings.patch @@ -0,0 +1,90 @@ +From d451e0e42c75429279426e9eb5a7701cd4681d07 Mon Sep 17 00:00:00 2001 +From: Geoff Amey +Date: Wed, 15 Jun 2022 17:06:56 -0400 +Subject: [PATCH] php: add arginfo to php bindings + +Starting with PHP8, arginfo is mandatory for PHP extensions. This patch +updates the generator for the PHP bindings to generate the arginfo +structures, using the Zend API macros. Only basic arginfo is added, +without full documentation of argument and return types, in order to +ensure compatibility with as many versions of PHP as possible. + +(cherry picked from commit ec27979398b0871c1a3e0e244849f8435c9c9a8d) +--- + .gitignore | 1 + + generator/php.ml | 37 ++++++++++++++++++++++++++++++++++--- + 2 files changed, 35 insertions(+), 3 deletions(-) + +diff --git a/.gitignore b/.gitignore +index a36ccc86a..356c01fbd 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -325,6 +325,7 @@ Makefile.in + /php/extension/configure.in + /php/extension/env + /php/extension/guestfs_php.c ++/php/extension/guestfs_php.dep + /php/extension/install-sh + /php/extension/libtool + /php/extension/ltmain.sh +diff --git a/generator/php.ml b/generator/php.ml +index 5c7ef48e8..acdc7b877 100644 +--- a/generator/php.ml ++++ b/generator/php.ml +@@ -130,6 +130,37 @@ typedef size_t guestfs_string_length; + typedef int guestfs_string_length; + #endif + ++/* Declare argument info structures */ ++ZEND_BEGIN_ARG_INFO_EX(arginfo_create, 0, 0, 0) ++ZEND_END_ARG_INFO() ++ ++ZEND_BEGIN_ARG_INFO_EX(arginfo_last_error, 0, 0, 1) ++ ZEND_ARG_INFO(0, g) ++ZEND_END_ARG_INFO() ++ ++"; ++ List.iter ( ++ fun { name = shortname; style = ret, args, optargs; } -> ++ let len = List.length args in ++ pr "ZEND_BEGIN_ARG_INFO_EX(arginfo_%s, 0, 0, %d)\n" shortname (len + 1); ++ pr " ZEND_ARG_INFO(0, g)\n"; ++ List.iter ( ++ function ++ | BufferIn n | Bool n | Int n | Int64 n | OptString n ++ | Pointer(_, n) | String (_, n) | StringList (_, n) -> ++ pr " ZEND_ARG_INFO(0, %s)\n" n ++ ) args; ++ ++ List.iter ( ++ function ++ | OBool n | OInt n | OInt64 n | OString n | OStringList n -> ++ pr " ZEND_ARG_INFO(0, %s)\n" n ++ ) optargs; ++ pr "ZEND_END_ARG_INFO()\n\n"; ++ ) (actions |> external_functions |> sort); ++ ++ pr " ++ + /* Convert array to list of strings. + * http://marc.info/?l=pecl-dev&m=112205192100631&w=2 + */ +@@ -204,12 +235,12 @@ PHP_MINIT_FUNCTION (guestfs_php) + } + + static zend_function_entry guestfs_php_functions[] = { +- PHP_FE (guestfs_create, NULL) +- PHP_FE (guestfs_last_error, NULL) ++ PHP_FE (guestfs_create, arginfo_create) ++ PHP_FE (guestfs_last_error, arginfo_last_error) + "; + + List.iter ( +- fun { name } -> pr " PHP_FE (guestfs_%s, NULL)\n" name ++ fun { name } -> pr " PHP_FE (guestfs_%s, arginfo_%s)\n" name name + ) (actions |> external_functions |> sort); + + pr " { NULL, NULL, NULL } +-- +2.31.1 + diff --git a/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch b/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch new file mode 100644 index 0000000..10db265 --- /dev/null +++ b/SOURCES/0014-introduce-the-clevis_luks_unlock-API.patch @@ -0,0 +1,252 @@ +From 51ea2e3af9caa434e847ca74a86f5de5ade6058f Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Thu, 30 Jun 2022 14:20:47 +0200 +Subject: [PATCH] introduce the "clevis_luks_unlock" API + +Introduce a new guestfs API called "clevis_luks_unlock". At the libguestfs +level, it is quite simple; it wraps the "clevis luks unlock" guest command +(implemented by the "clevis-luks-unlock" executable, which is in fact a +shell script). + +The complexity is instead in the network-based disk encryption +(Clevis/Tang) scheme. Useful documentation: + +- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/security_hardening/index#configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_security-hardening +- https://github.com/latchset/clevis#clevis +- https://github.com/latchset/tang#tang + +The package providing "clevis-luks-unlock" is usually called +"clevis-luks", occasionally "clevis". Some distros don't package clevis at +all. Add the new API under a new option group (which may not be available) +called "clevisluks". + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 +Signed-off-by: Laszlo Ersek +Message-Id: <20220630122048.19335-3-lersek@redhat.com> +Reviewed-by: Richard W.M. Jones +(cherry picked from commit 9a3e9a6c03eaffe60196bc4c7ae4699beae01dc3) +--- + appliance/packagelist.in | 4 +++ + daemon/Makefile.am | 1 + + daemon/clevis-luks.c | 58 +++++++++++++++++++++++++++++++++++++++ + generator/actions_core.ml | 40 +++++++++++++++++++++++++++ + generator/proc_nr.ml | 1 + + lib/MAX_PROC_NR | 2 +- + lib/guestfs.pod | 19 ++++++++++--- + 7 files changed, 120 insertions(+), 5 deletions(-) + create mode 100644 daemon/clevis-luks.c + +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 77a07acc6..0b79edcdd 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -23,6 +23,7 @@ dnl Basically the same with a few minor tweaks. + ifelse(UBUNTU,1,`define(`DEBIAN',1)') + + ifelse(REDHAT,1, ++ clevis-luks + cryptsetup + cryptsetup-luks dnl old name used before Fedora 17 + dhclient +@@ -53,6 +54,7 @@ ifelse(DEBIAN,1, + bsdmainutils + dnl old name used in Jessie and earlier + btrfs-tools ++ clevis-luks + cryptsetup + dash + extlinux +@@ -92,6 +94,7 @@ dnl iproute has been renamed to iproute2 + ifelse(ARCHLINUX,1, + cdrkit + cdrtools ++ clevis + cryptsetup + dhclient + dhcpcd +@@ -119,6 +122,7 @@ ifelse(SUSE,1, + augeas-lenses + btrfsprogs + cdrkit-cdrtools-compat ++ clevis + cryptsetup + dhcpcd + dhcp-client +diff --git a/daemon/Makefile.am b/daemon/Makefile.am +index bbd49f9ea..f50faecd6 100644 +--- a/daemon/Makefile.am ++++ b/daemon/Makefile.am +@@ -98,6 +98,7 @@ guestfsd_SOURCES = \ + cap.c \ + checksum.c \ + cleanups.c \ ++ clevis-luks.c \ + cmp.c \ + command.c \ + command.h \ +diff --git a/daemon/clevis-luks.c b/daemon/clevis-luks.c +new file mode 100644 +index 000000000..d3d970d78 +--- /dev/null ++++ b/daemon/clevis-luks.c +@@ -0,0 +1,58 @@ ++/* libguestfs - the guestfsd daemon ++ * Copyright (C) 2009-2022 Red Hat Inc. ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. ++ */ ++ ++#include ++ ++#include "daemon.h" ++#include "actions.h" ++#include "optgroups.h" ++ ++#define MAX_ARGS 8 ++ ++int ++optgroup_clevisluks_available (void) ++{ ++ return prog_exists ("clevis-luks-unlock"); ++} ++ ++int ++do_clevis_luks_unlock (const char *device, const char *mapname) ++{ ++ const char *argv[MAX_ARGS]; ++ size_t i = 0; ++ int r; ++ CLEANUP_FREE char *err = NULL; ++ ++ ADD_ARG (argv, i, "clevis"); ++ ADD_ARG (argv, i, "luks"); ++ ADD_ARG (argv, i, "unlock"); ++ ADD_ARG (argv, i, "-d"); ++ ADD_ARG (argv, i, device); ++ ADD_ARG (argv, i, "-n"); ++ ADD_ARG (argv, i, mapname); ++ ADD_ARG (argv, i, NULL); ++ ++ r = commandv (NULL, &err, argv); ++ if (r == -1) { ++ reply_with_error ("%s: %s: %s", device, mapname, err); ++ return -1; ++ } ++ ++ udev_settle (); ++ return 0; ++} +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index 6cd42a290..3c9b0a9b2 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -9676,4 +9676,44 @@ and I the name of the underlying block device." }; + shortdesc = "read directories entries"; + longdesc = "Internal function for readdir." }; + ++ { defaults with ++ name = "clevis_luks_unlock"; added = (1, 49, 3); ++ style = RErr, ++ [String (Device, "device"); String (PlainString, "mapname")], ++ []; ++ optional = Some "clevisluks"; ++ test_excuse = "needs networking and a configured Tang server"; ++ shortdesc = "open an encrypted LUKS block device with Clevis and Tang"; ++ longdesc = "\ ++This command opens a block device that has been encrypted according to ++the Linux Unified Key Setup (LUKS) standard, using network-bound disk ++encryption (NBDE). ++ ++C is the encrypted block device. ++ ++The appliance will connect to the Tang servers noted in the tree of ++Clevis pins that is bound to a keyslot of the LUKS header. The Clevis ++pin tree may comprise C (redudancy) pins as internal nodes ++(optionally), and C pins as leaves. C pins are not ++supported. The appliance unlocks the encrypted block device by ++combining responses from the Tang servers with metadata from the LUKS ++header; there is no C parameter. ++ ++This command will fail if networking has not been enabled for the ++appliance. Refer to C. ++ ++The command creates a new block device called F. ++Reads and writes to this block device are decrypted from and encrypted ++to the underlying C respectively. Close the decrypted block ++device with C. ++ ++C cannot be C<\"control\"> because that name is reserved by ++device-mapper. ++ ++If this block device contains LVM volume groups, then calling ++C with the C parameter C will make ++them visible. ++ ++Use C to list all device mapper devices." }; ++ + ] +diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml +index bdced51c9..edd9bd99d 100644 +--- a/generator/proc_nr.ml ++++ b/generator/proc_nr.ml +@@ -514,6 +514,7 @@ let proc_nr = [ + 509, "cryptsetup_close"; + 510, "internal_list_rpm_applications"; + 511, "internal_readdir"; ++512, "clevis_luks_unlock" + ] + + (* End of list. If adding a new entry, add it at the end of the list +diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR +index c0556fb20..4d0e90cbc 100644 +--- a/lib/MAX_PROC_NR ++++ b/lib/MAX_PROC_NR +@@ -1 +1 @@ +-511 ++512 +diff --git a/lib/guestfs.pod b/lib/guestfs.pod +index 946ce2d36..0fbe114a5 100644 +--- a/lib/guestfs.pod ++++ b/lib/guestfs.pod +@@ -591,11 +591,22 @@ For Windows BitLocker it returns C. + Then open these devices by calling L. + Obviously you will require the passphrase! + ++Passphrase-less unlocking is supported for LUKS (not BitLocker) ++block devices that have been encrypted with network-bound disk ++encryption (NBDE), using Clevis on the Linux guest side, and ++Tang on a separate Linux server. Open such devices with ++L. The appliance will need ++networking enabled (refer to L) and actual ++connectivity to the Tang servers noted in the C Clevis ++pins that are bound to the LUKS header. (This includes the ++ability to resolve the names of the Tang servers.) ++ + Opening an encrypted device creates a new device mapper device +-called F (where C is the +-string you supply to L). +-Reads and writes to this mapper device are decrypted from and +-encrypted to the underlying block device respectively. ++called F (where C is the string ++you supply to L or ++L). Reads and writes to this mapper ++device are decrypted from and encrypted to the underlying block ++device respectively. + + LVM volume groups on the device can be made visible by calling + L followed by L. +-- +2.31.1 + diff --git a/SOURCES/0014-lib-Disable-5-level-page-tables-when-using-cpu-max.patch b/SOURCES/0014-lib-Disable-5-level-page-tables-when-using-cpu-max.patch deleted file mode 100644 index 7bd1dc8..0000000 --- a/SOURCES/0014-lib-Disable-5-level-page-tables-when-using-cpu-max.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 06cf41cdddfde07871a7f7033ba8c5ccc184a1fb Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Thu, 12 May 2022 08:36:37 +0100 -Subject: [PATCH] lib: Disable 5-level page tables when using -cpu max - -In https://bugzilla.redhat.com/show_bug.cgi?id=2082806 we've been -tracking an insidious qemu bug which intermittently prevents the -libguestfs appliance from starting. The symptoms are that SeaBIOS -starts and displays its messages, but the kernel isn't reached. We -found that the kernel does in fact start, but when it tries to set up -page tables and jump to protected mode it gets a triple fault which -causes the emulated CPU in qemu to reset (qemu exits). - -This seems to only affect TCG (not KVM). - -Yesterday I found that this is caused by using -cpu max which enables -the "la57" feature (5-level page tables[0]), and that we can make the -problem go away using -cpu max,la57=off. Note that I still don't -fully understand the qemu bug, so this is only a workaround. - -I chose to disable 5-level page tables for both TCG and KVM, partly to -make the patch simpler, and partly because I guess it's not a feature -(ie. 57 bit linear addresses) that is useful for the libguestfs -appliance case, where we have limited physical memory and no need to -run any programs with huge address spaces. - -I tested this by running both the direct & libvirt paths overnight. I -expect that this patch will fail with old qemu/libvirt which doesn't -understand the "la57" feature, but this is only intended as a -temporary workaround. - -[0] Article about 5-level page tables as background: -https://lwn.net/Articles/717293/ - -Thanks: Laszlo Ersek -Fixes: https://answers.launchpad.net/ubuntu/+source/libguestfs/+question/701625 -Acked-by: Laszlo Ersek -(cherry picked from commit 59d7e6e017b7de79bcb60e1180e15303f1e7dae8) ---- - lib/launch-direct.c | 15 +++++++++++++-- - lib/launch-libvirt.c | 7 +++++++ - 2 files changed, 20 insertions(+), 2 deletions(-) - -diff --git a/lib/launch-direct.c b/lib/launch-direct.c -index 4f038f4f0..e7c22fbef 100644 ---- a/lib/launch-direct.c -+++ b/lib/launch-direct.c -@@ -554,8 +554,19 @@ launch_direct (guestfs_h *g, void *datav, const char *arg) - } end_list (); - - cpu_model = guestfs_int_get_cpu_model (has_kvm && !force_tcg); -- if (cpu_model) -- arg ("-cpu", cpu_model); -+ if (cpu_model) { -+#if defined(__x86_64__) -+ /* Temporary workaround for RHBZ#2082806 */ -+ if (STREQ (cpu_model, "max")) { -+ start_list ("-cpu") { -+ append_list (cpu_model); -+ append_list ("la57=off"); -+ } end_list (); -+ } -+ else -+#endif -+ arg ("-cpu", cpu_model); -+ } - - if (g->smp > 1) - arg_format ("-smp", "%d", g->smp); -diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c -index cc714c02e..9e32c94cf 100644 ---- a/lib/launch-libvirt.c -+++ b/lib/launch-libvirt.c -@@ -1185,6 +1185,13 @@ construct_libvirt_xml_cpu (guestfs_h *g, - else if (STREQ (cpu_model, "max")) { - /* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */ - attribute ("mode", "maximum"); -+#if defined(__x86_64__) -+ /* Temporary workaround for RHBZ#2082806 */ -+ start_element ("feature") { -+ attribute ("policy", "disable"); -+ attribute ("name", "la57"); -+ } end_element (); -+#endif - } - else - single_element ("model", cpu_model); --- -2.31.1 - diff --git a/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch b/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch new file mode 100644 index 0000000..c4a406e --- /dev/null +++ b/SOURCES/0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch @@ -0,0 +1,69 @@ +From 5ae97d7d83d8cdb6e8428774282167dd774aaf70 Mon Sep 17 00:00:00 2001 +From: Laszlo Ersek +Date: Thu, 30 Jun 2022 14:20:48 +0200 +Subject: [PATCH] guestfish, guestmount: enable networking for "--key + ID:clevis" + +Call the C-language helper key_store_requires_network() in guestfish and +guestmount. + +(Short log for the "common" submodule, commit range +35467027f657..af6cb55bc58a: + +Laszlo Ersek (12): + options: fix UUID comparison logic bug in get_keys() + mltools/tools_utils: remove unused function "key_store_to_cli" + mltools/tools_utils: allow multiple "--key" options for OCaml tools too + options: replace NULL-termination with number-of-elements in get_keys() + options: wrap each passphrase from get_keys() into a struct + options: add back-end for LUKS decryption with Clevis+Tang + options: introduce selector type "key_clevis" + options: generalize "--key" selector parsing for C-language utilities + mltools/tools_utils-c: handle internal type error with abort() + mltools/tools_utils: generalize "--key" selector parsing for OCaml utils + options, mltools/tools_utils: parse "--key ID:clevis" options + options, mltools/tools_utils: add helper for network dependency +). + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 +Signed-off-by: Laszlo Ersek +Reviewed-by: Richard W.M. Jones +Message-Id: <20220630122048.19335-4-lersek@redhat.com> +(cherry picked from commit 6a5b44f538065a9f661510234a4235bf38348213) +--- + fish/fish.c | 3 +++ + fuse/guestmount.c | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/fish/fish.c b/fish/fish.c +index 23d9bb94f..19e3d2799 100644 +--- a/fish/fish.c ++++ b/fish/fish.c +@@ -476,6 +476,9 @@ main (int argc, char *argv[]) + /* If we've got drives to add, add them now. */ + add_drives (drvs); + ++ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) ++ exit (EXIT_FAILURE); ++ + /* If we've got mountpoints or prepared drives or -i option, we must + * launch the guest and mount them. + */ +diff --git a/fuse/guestmount.c b/fuse/guestmount.c +index 77c534828..3c6d57bde 100644 +--- a/fuse/guestmount.c ++++ b/fuse/guestmount.c +@@ -348,6 +348,10 @@ main (int argc, char *argv[]) + + /* Do the guest drives and mountpoints. */ + add_drives (drvs); ++ ++ if (key_store_requires_network (ks) && guestfs_set_network (g, 1) == -1) ++ exit (EXIT_FAILURE); ++ + if (guestfs_launch (g) == -1) + exit (EXIT_FAILURE); + if (inspector) +-- +2.31.1 + diff --git a/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch b/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch new file mode 100644 index 0000000..922609e --- /dev/null +++ b/SOURCES/0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch @@ -0,0 +1,182 @@ +From 4807dacb577167b89cb5ffb1fa1a68ddf30b9319 Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Tue, 9 Aug 2022 18:39:30 +0100 +Subject: [PATCH] daemon: Add zstd support to guestfs_file_architecture + +This is required so we can determine the file architecture of +zstd-compressed Linux kernel modules as used by OpenSUSE and maybe +other distros in future. + +Note that zstd becomes a required package, but it is widely available +in current Linux distros. + +The package names come from https://pkgs.org/download/zstd and my own +research. + +(cherry picked from commit 0e784824e82a88e522873fec5db1a11943d637ed) +--- + .gitignore | 1 + + appliance/packagelist.in | 6 ++++++ + daemon/filearch.ml | 1 + + docs/guestfs-building.pod | 4 ++++ + generator/actions_core.ml | 2 ++ + m4/guestfs-progs.m4 | 4 ++++ + test-data/Makefile.am | 1 + + test-data/files/Makefile.am | 6 ++++++ + 8 files changed, 25 insertions(+) + +diff --git a/.gitignore b/.gitignore +index 356c01fbd..ee5ea74dd 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -448,6 +448,7 @@ Makefile.in + /test-data/files/initrd-x86_64.img + /test-data/files/initrd-x86_64.img.gz + /test-data/files/lib-i586.so.xz ++/test-data/files/lib-i586.so.zst + /test-data/files/test-grep.txt.gz + /test-data/phony-guests/archlinux.img + /test-data/phony-guests/blank-*.img +diff --git a/appliance/packagelist.in b/appliance/packagelist.in +index 0b79edcdd..0fc11f6ae 100644 +--- a/appliance/packagelist.in ++++ b/appliance/packagelist.in +@@ -48,6 +48,7 @@ ifelse(REDHAT,1, + vim-minimal + xz + zfs-fuse ++ zstd + ) + + ifelse(DEBIAN,1, +@@ -88,6 +89,7 @@ dnl iproute has been renamed to iproute2 + vim-tiny + xz-utils + zfs-fuse ++ zstd + uuid-runtime + ) + +@@ -115,6 +117,7 @@ ifelse(ARCHLINUX,1, + systemd + vim + xz ++ zstd + ) + + ifelse(SUSE,1, +@@ -140,6 +143,7 @@ ifelse(SUSE,1, + systemd-sysvinit + vim + xz ++ zstd + ) + + ifelse(FRUGALWARE,1, +@@ -185,6 +189,7 @@ ifelse(MAGEIA,1, + systemd /* for /sbin/reboot and udevd */ + vim-minimal + xz ++ zstd + ) + + ifelse(OPENMANDRIVA,1, +@@ -203,6 +208,7 @@ ifelse(OPENMANDRIVA,1, + systemd /* for /sbin/reboot and udevd */ + vim-minimal + xz ++ zstd + ) + + include(guestfsd.deps) +diff --git a/daemon/filearch.ml b/daemon/filearch.ml +index 67a7339e0..4d7e912c0 100644 +--- a/daemon/filearch.ml ++++ b/daemon/filearch.ml +@@ -106,6 +106,7 @@ and cpio_arch magic orig_path path = + if String.find magic "gzip" >= 0 then "zcat" + else if String.find magic "bzip2" >= 0 then "bzcat" + else if String.find magic "XZ compressed" >= 0 then "xzcat" ++ else if String.find magic "Zstandard compressed" >= 0 then "zstdcat" + else "cat" in + + let tmpdir = Mkdtemp.temp_dir "filearch" in +diff --git a/docs/guestfs-building.pod b/docs/guestfs-building.pod +index b93a611a6..7a7240f78 100644 +--- a/docs/guestfs-building.pod ++++ b/docs/guestfs-building.pod +@@ -172,6 +172,10 @@ I. + + I. + ++=item zstd ++ ++I. ++ + =item Jansson E 2.7 + + I. +diff --git a/generator/actions_core.ml b/generator/actions_core.ml +index 3c9b0a9b2..553e4ec3b 100644 +--- a/generator/actions_core.ml ++++ b/generator/actions_core.ml +@@ -9373,6 +9373,8 @@ with large files, such as the resulting squashfs will be over 3GB big." }; + [["file_architecture"; "/bin-x86_64-dynamic.gz"]], "x86_64"), []; + InitISOFS, Always, TestResultString ( + [["file_architecture"; "/lib-i586.so.xz"]], "i386"), []; ++ InitISOFS, Always, TestResultString ( ++ [["file_architecture"; "/lib-i586.so.zst"]], "i386"), []; + ]; + shortdesc = "detect the architecture of a binary file"; + longdesc = "\ +diff --git a/m4/guestfs-progs.m4 b/m4/guestfs-progs.m4 +index cd8662e86..22fc61367 100644 +--- a/m4/guestfs-progs.m4 ++++ b/m4/guestfs-progs.m4 +@@ -95,6 +95,10 @@ AC_PATH_PROGS([XZCAT],[xzcat],[no]) + test "x$XZCAT" = "xno" && AC_MSG_ERROR([xzcat must be installed]) + AC_DEFINE_UNQUOTED([XZCAT],["$XZCAT"],[Name of xzcat program.]) + ++dnl Check for zstdcat (required). ++AC_PATH_PROGS([ZSTDCAT],[zstdcat],[no]) ++test "x$ZSTDCAT" = "xno" && AC_MSG_ERROR([zstdcat must be installed]) ++ + dnl (f)lex and bison for virt-builder (required). + dnl XXX Could be optional with some work. + AC_PROG_LEX +diff --git a/test-data/Makefile.am b/test-data/Makefile.am +index b603311a1..dbecd74b9 100644 +--- a/test-data/Makefile.am ++++ b/test-data/Makefile.am +@@ -85,6 +85,7 @@ image_files = \ + files/initrd-x86_64.img \ + files/initrd-x86_64.img.gz \ + files/lib-i586.so.xz \ ++ files/lib-i586.so.zst \ + files/test-grep.txt.gz + + noinst_DATA = test.iso +diff --git a/test-data/files/Makefile.am b/test-data/files/Makefile.am +index a3d7288f9..06b0c6585 100644 +--- a/test-data/files/Makefile.am ++++ b/test-data/files/Makefile.am +@@ -40,6 +40,7 @@ noinst_DATA = \ + initrd-x86_64.img \ + initrd-x86_64.img.gz \ + lib-i586.so.xz \ ++ lib-i586.so.zst \ + test-grep.txt.gz + + CLEANFILES += $(noinst_DATA) +@@ -116,3 +117,8 @@ lib-i586.so.xz: $(top_srcdir)/test-data/binaries/lib-i586.so + rm -f $@ $@-t + xz -c $< > $@-t + mv $@-t $@ ++ ++lib-i586.so.zst: $(top_srcdir)/test-data/binaries/lib-i586.so ++ rm -f $@ $@-t ++ zstd -c $< > $@-t ++ mv $@-t $@ +-- +2.31.1 + diff --git a/SOURCES/copy-patches.sh b/SOURCES/copy-patches.sh index 21830aa..835b332 100755 --- a/SOURCES/copy-patches.sh +++ b/SOURCES/copy-patches.sh @@ -8,7 +8,7 @@ set -e # ./copy-patches.sh project=libguestfs -rhel_version=9.0.0 +rhel_version=9.1 # Check we're in the right directory. if [ ! -f $project.spec ]; then diff --git a/SOURCES/libguestfs-1.46.1.tar.gz.sig b/SOURCES/libguestfs-1.46.1.tar.gz.sig deleted file mode 100644 index 6f2b2df..0000000 --- a/SOURCES/libguestfs-1.46.1.tar.gz.sig +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmGyO9wRHHJpY2hAYW5u -ZXhpYS5vcmcACgkQkXOPc+G3aKBl+RAAoxqpUWTEiXxwyWWhW0IotI5xyEdyrkL6 -+po1pqtEXzcFeCHX+lB86C9nkolmFEDfz1wnlNVbz1La35Zdkw1gCD96Fx3/s4xl -s7pZ9073FauSo4IjseWAPcFj3SF4aEeK8xvpOQaq+rcA3Zmg5vZJCqW0xnEGqeCO -UTgmKPgmg2NJaUnUq7TRI8AxNDElD+MetV+olywjJG2QETSFP65ZwdppT8fUZvl/ -W4s38gvHAGLQgKZL7MudQXTDUkGD7rThr3IKGQP8UJGr+IpR4MxxkkDAndeb37ps -6b+s3popuJRwXaSw7gPPGut5jfdJNBJ5KIYqxxWu+fmRTkXD+qoDR1AuJLZlCO7E -Yp9X9rTZh55wZk8NetG0XNDkyoBqJoBkoL3h5wvHOTOoYX4KfjL5YxHbjuhMJ3O1 -O0JiwtrqmkQ3c4HzmMJEBctj3ZuhdL5d+MJH7VtTjKy95FJlmEGPRa1DYoaeW6lv -tVE/zEv6dsy1dpzVgMM/lugTTs2NRwNhLo843OpVCQjZfDk0fEOcWo+0sW0tca05 -EdnocDI8bAW98dLAla6RJwMvBaD6Y/RtutMDO9AY7hVFDeIc1bYBHPtvDSYwd9ul -hB849Q3dtdEeVk3+5rsxZllXowltnfe4KxvkII4NHJVHp5uZZruHHF4pNvKmAFD1 -B9VPVX4vIgw= -=UAq6 ------END PGP SIGNATURE----- diff --git a/SOURCES/libguestfs-1.48.4.tar.gz.sig b/SOURCES/libguestfs-1.48.4.tar.gz.sig new file mode 100644 index 0000000..1490f9f --- /dev/null +++ b/SOURCES/libguestfs-1.48.4.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmLFql8RHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKAV2hAAzOcZseFTUFFoj4M5riqXqtBN3W+fr/O7 +v0wzJ9sY31Ftk8KFKKgpwOn4UFXYMPXY7Hm94GRAYjYBAtx9Viyyt7B6PbV7mVZ0 +WHLlZcg3ZsliF23s3EoHfgTGFfKLkjDwfPlmChC260Ffhq4KKvnwu/DobY/CDLHG +0cvrjb0OOYibBGbq58AHYR6QlVH/ScAuLSA1aRAd06bbpixufRR1oh1MtFA1iSvC +yjNH0joLFiu0uuD7KFH66YX2nFNrO24r0LxJkwT5G7GHlZJStJUpvs/QHa8Tw5Zt +Z1JMk9yB9EMPYimdVDm7m6eDBxTx8YbF7u6G8JdHRXgAPBt4O09XX7WGxxmh9Dc4 +M+QkpiubEOG6qwBythJJ6sTSRLKIAPeVfHEOauXg8n45Tbk5jYwthMKbnD9ETb3t +QKdMr5g+DZUO0LfbOvP0GtD+b1jK4iu4BcWDquQBXpDTbx7LUfSuTDrWItehEnBp +/K6FRbakNZEroLR5VA9WAa6sE+2B3gg1OG+KHypHuw4hfpmutvVA8wnPgyw3j+WK +xdcRp65NUMUkKRE/FTwp1MkY1Y2S9M9iAPX+CopdHPVoq9O2YE+K6Rv1EdJjmKZK +EwLzX08Xcj9T/U9GEfV+QdIzitCuxf7x9ULEDcFozFnuHXww+JLdR0EmIDkUwl7C +Z0KKsy18Eq8= +=WB1H +-----END PGP SIGNATURE----- diff --git a/SPECS/libguestfs.spec b/SPECS/libguestfs.spec index 9182105..ad035d6 100644 --- a/SPECS/libguestfs.spec +++ b/SPECS/libguestfs.spec @@ -1,3 +1,4 @@ +%undefine _package_note_flags # Architectures on which golang works. #% global golang_arches aarch64 % {arm} % {ix86} x86_64 # In theory the above, in practice golang is so often broken that @@ -10,18 +11,8 @@ # we only do a sanity check that kernel/qemu/libvirt/appliance is not # broken. To perform the full test suite, see instructions here: # https://www.redhat.com/archives/libguestfs/2015-September/msg00078.html -# -# Currently the basic sanity check is *broken* on: -# -# arm: times out when running the test -# aarch64: "MSI is not supported by interrupt controller" (RHBZ#1414081) -# ppc64: qemu doesn't work with TCG (RHBZ#1614948) -# ppc64le: kernel doesn't boot on qemu (RHBZ#1435873) -# s390x: qemu TCG cannot emulate enough to boot the kernel -# (however KVM would work if it was available in Koji, so this -# is not a bug) %if !0%{?rhel} -%global test_arches x86_64 +%global test_arches aarch64 %{power64} s390x x86_64 %else # RHEL 9 only: # x86-64: "/lib64/libc.so.6: CPU ISA level is lower than required" @@ -45,7 +36,7 @@ %endif # The source directory. -%global source_directory 1.46-stable +%global source_directory 1.48-stable # Filter perl provides. %{?perl_default_filter} @@ -56,8 +47,8 @@ Summary: Access and modify virtual machine disk images Name: libguestfs Epoch: 1 -Version: 1.46.1 -Release: 4%{?dist} +Version: 1.48.4 +Release: 2%{?dist} License: LGPLv2+ # Build only for architectures that have a kernel @@ -92,23 +83,25 @@ Source7: libguestfs.keyring Source8: copy-patches.sh # Patches are maintained in the following repository: -# https://github.com/libguestfs/libguestfs/commits/rhel-9.0.0 +# https://github.com/libguestfs/libguestfs/commits/rhel-9.1 # Patches. -Patch0001: 0001-daemon-inspect_fs_unix-recognize-modern-Pardus-GNU-L.patch -Patch0002: 0002-daemon-inspection-Add-support-for-Kylin-RHBZ-1995391.patch -Patch0003: 0003-Add-detection-support-for-Rocky-Linux-CentOS-RHEL-li.patch -Patch0004: 0004-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch -Patch0005: 0005-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch -Patch0006: 0006-launch-libvirt-add-virtio-net-via-the-standard-inter.patch -Patch0007: 0007-RHEL-Remove-libguestfs-live-RHBZ-798980.patch -Patch0008: 0008-RHEL-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch -Patch0009: 0009-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch -Patch0010: 0010-RHEL-Remove-User-Mode-Linux-RHBZ-1144197.patch +Patch0001: 0001-New-API-guestfs_device_name-returning-the-drive-name.patch +Patch0002: 0002-guestfs_readdir-rewrite-with-FileOut-transfer-to-lif.patch +Patch0003: 0003-guestfs_readdir-minimize-the-number-of-send_file_wri.patch +Patch0004: 0004-lib-launch-direct-ignore-drive-iface-parameter.patch +Patch0005: 0005-lib-drive_create_data-drive-remove-field-iface.patch +Patch0006: 0006-lib-rename-VALID_FORMAT_IFACE-to-VALID_FORMAT.patch +Patch0007: 0007-tests-regressions-remove-iface-based-restrictions.patch +Patch0008: 0008-generator-customize-invert-SELinux-relabeling-defaul.patch +Patch0009: 0009-generator-customize-reintroduce-selinux-relabel-as-a.patch +Patch0010: 0010-RHEL-Disable-unsupported-remote-drive-protocols-RHBZ.patch Patch0011: 0011-RHEL-Reject-use-of-libguestfs-winsupport-features-ex.patch Patch0012: 0012-RHEL-Create-etc-crypto-policies-back-ends-opensslcnf.patch -Patch0013: 0013-daemon-rpm-c.c-Disable-signature-checking-in-librpm.patch -Patch0014: 0014-lib-Disable-5-level-page-tables-when-using-cpu-max.patch +Patch0013: 0013-php-add-arginfo-to-php-bindings.patch +Patch0014: 0014-introduce-the-clevis_luks_unlock-API.patch +Patch0015: 0015-guestfish-guestmount-enable-networking-for-key-ID-cl.patch +Patch0016: 0016-daemon-Add-zstd-support-to-guestfs_file_architecture.patch %if 0%{patches_touch_autotools} BuildRequires: autoconf, automake, libtool, gettext-devel @@ -167,6 +160,7 @@ BuildRequires: bash-completion BuildRequires: /usr/bin/ping BuildRequires: /usr/bin/wget BuildRequires: xz +BuildRequires: zstd BuildRequires: /usr/bin/qemu-img %if 0%{verify_tarball_signature} @@ -201,9 +195,7 @@ BuildRequires: rubygem(json) BuildRequires: rubygem(rdoc) BuildRequires: rubygem(test-unit) BuildRequires: ruby-irb -%if !0%{?rhel} BuildRequires: php-devel -%endif BuildRequires: gobject-introspection-devel BuildRequires: gjs %if !0%{?rhel} @@ -229,6 +221,7 @@ BuildRequires: binutils BuildRequires: btrfs-progs %endif BuildRequires: bzip2 +BuildRequires: clevis-luks BuildRequires: coreutils BuildRequires: cpio BuildRequires: cryptsetup @@ -317,6 +310,7 @@ BuildRequires: zerofree BuildRequires: zfs-fuse %endif %endif +BuildRequires: zstd # Main package requires the appliance. This allows the appliance to # be replaced if there exists a package called @@ -341,8 +335,11 @@ Requires: yajl%{?_isa} # For core mount-local (FUSE) API. Requires: fuse -# For core disk-create API. +# For core APIs: Requires: /usr/bin/qemu-img +Requires: coreutils +Requires: grep +Requires: tar # For qemu direct and libvirt backends. Requires: qemu-kvm-core @@ -421,9 +418,7 @@ Language bindings: lua-guestfs Lua bindings ocaml-libguestfs-devel OCaml bindings perl-Sys-Guestfs Perl bindings -%if !0%{?rhel} php-libguestfs PHP bindings -%endif python3-libguestfs Python 3 bindings ruby-libguestfs Ruby bindings %if !0%{?rhel} @@ -507,6 +502,7 @@ disk images containing HFS+ / Mac OS Extended filesystems. %package rescue Summary: virt-rescue shell License: LGPLv2+ +Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} %description rescue This adds the virt-rescue shell which is a "rescue disk" for virtual @@ -644,7 +640,6 @@ Provides: ruby(guestfs) = %{version} ruby-%{name} contains Ruby bindings for %{name}. -%if !0%{?rhel} %package -n php-%{name} Summary: PHP bindings for %{name} Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} @@ -653,7 +648,6 @@ Requires: php(api) = %{php_core_api} %description -n php-%{name} php-%{name} contains PHP bindings for %{name}. -%endif %package -n lua-guestfs @@ -789,7 +783,6 @@ fi %endif %if 0%{?rhel} && !0%{?eln} --with-qemu="qemu-kvm qemu-system-%{_build_arch} qemu" \ - --disable-php \ %endif %ifnarch %{golang_arches} --disable-golang \ @@ -947,7 +940,7 @@ rm ocaml/html/.gitignore %{_mandir}/man1/guestfs-performance.1* %{_mandir}/man1/guestfs-recipes.1* %{_mandir}/man1/guestfs-release-notes-1*.1* -%{_mandir}/man1/guestfs-release-notes-historical.1* +%{_mandir}/man1/guestfs-release-notes.1* %{_mandir}/man1/guestfs-security.1* %{_mandir}/man1/guestmount.1* %{_mandir}/man1/guestunmount.1* @@ -1088,13 +1081,11 @@ rm ocaml/html/.gitignore %{_mandir}/man3/guestfs-ruby.3* -%if !0%{?rhel} %files -n php-%{name} %doc php/README-PHP %dir %{_sysconfdir}/php.d %{_sysconfdir}/php.d/guestfs_php.ini %{_libdir}/php/modules/guestfs_php.so -%endif %files -n lua-guestfs @@ -1148,13 +1139,40 @@ rm ocaml/html/.gitignore %changelog -* Sun May 15 2022 Richard W.M. Jones - 1:1.46.1-4 +* Wed Aug 10 2022 Richard W.M. Jones - 1:1.48.4-2 +- Rebase to new stable branch version 1.48.4 + resolves: rhbz#2059285 - Disable 5-level page tables when using -cpu max - resolves: rhbz#2085527 + resolves: rhbz#2084568 +- SELinux relabelling should not stop on ext4 immutable bits + resolves: rhbz#1794518 +- Ignore "iface" in add-drive variants + resolves: rhbz#1844341 +- Lift protocol limit on guestfs_readdir() + resolves: rhbz#1674392 +- Check return values from librpm calls (2089623) +- Document limitations of encrypted RBD disks + resolves: rhbz#2033247 +- Fix lvm-set-filter failed in guestfish with the latest lvm2 package + resolves: rhbz#1965941 +- Enable PHP bindings + resolves: rhbz#2097718 +- Add support for Clevis & Tang + resolves: rhbz#1809453 +- Fix CVE-2022-2211 Denial of Service in --key parameter + resolves: rhbz#2101281 +- Add clevis-luks to BRs, required for Clevis & Tang + related: rhbz#1809453 +- Add zstd support to guestfs_file_architecture + resolves: rhbz#2117004 -* Thu Mar 17 2022 Richard W.M. Jones - 1:1.46.1-3 +* Thu Mar 17 2022 Richard W.M. Jones - 1:1.48.0-2 - Disable signature checking in librpm - resolves: rhbz#2064182 + resolves: rhbz#2065172 + +* Mon Mar 14 2022 Richard W.M. Jones - 1:1.48.0-1 +- Rebase to new stable branch version 1.48.0 + resolves: rhbz#2059285 * Thu Dec 23 2021 Laszlo Ersek - 1:1.46.1-2 - Add detection support for Rocky Linux