38 changed files with 9189 additions and 3653 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
-libguestfs-1.52.2.tar.gz
-libguestfs.keyring
+SOURCES/libguestfs-1.44.0.tar.gz
+SOURCES/libguestfs.keyring
--- a/.libguestfs.metadata
+++ b/.libguestfs.metadata
@ -0,0 +1,2 @@
+99d241dc4a5ba0dc6111954ed7a872e0b0bb6944 SOURCES/libguestfs-1.44.0.tar.gz
+1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring
--- a/0001-daemon-Reimplement-partition-GPT-functions-using-sfd.patch
+++ b/0001-daemon-Reimplement-partition-GPT-functions-using-sfd.patch
@ -1,657 +0,0 @@
-From 1638cd9e58161147bd2f440b6e28bf7365fc5688 Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Fri, 10 May 2024 13:27:22 +0100
-Subject: [PATCH] daemon: Reimplement partition GPT functions using sfdisk
-
-sfdisk can now do everything with GPT that sgdisk was needed for
-before.  In particular we are able to reimplement the following
-functions using sfdisk:
-
- part_set_disk_guid   (replace with sfdisk --disk-id)
- part_get_disk_guid
- part_set_disk_guid_random
- part_set_gpt_attributes           (sfdisk --part-attrs)
- part_get_gpt_attributes
- part_set_gpt_guid                 (sfdisk --part-uuid)
- part_get_gpt_guid
- part_set_gpt_type                 (sfdisk --part-type)
- part_get_gpt_type
-
-This allows us to drop the requirement for gdisk in many cases.
-
-There is only one API remaining which requires gdisk, part_expand_gpt,
-which we do not use in our tools.  In a prior commit I already moved
-this solitary function to a new source file (daemon/gdisk.c).
-
-Fixes: https://issues.redhat.com/browse/RHEL-35998
-(cherry picked from commit c6c266a85d76dc2db90460202415790c585ac625)
---
- .gitignore                   |   1 +
- daemon/Makefile.am           |   3 +
- daemon/inspect_fs_windows.ml |   2 +-
- daemon/listfs.ml             |   2 +-
- daemon/parted.c              | 144 -----------------------------
- daemon/parted.ml             |  92 +------------------
- daemon/sfdisk.ml             | 172 +++++++++++++++++++++++++++++++++++
- generator/actions_core.ml    |  24 ++---
- 8 files changed, 189 insertions(+), 251 deletions(-)
- create mode 100644 daemon/sfdisk.ml
-
-diff --git a/.gitignore b/.gitignore
-index 00e59fb37..2fc52e843 100644
--- a/.gitignore
-+++ b/.gitignore
-@@ -108,6 +108,7 @@ Makefile.in
- /daemon/parted.mli
- /daemon/realpath.mli
- /daemon/rpm.mli
-+/daemon/sfdisk.mli
- /daemon/stamp-guestfsd.pod
- /daemon/statvfs.mli
- /daemon/structs-cleanups.c
-diff --git a/daemon/Makefile.am b/daemon/Makefile.am
-index 04370b7cd..bc74b6ef7 100644
--- a/daemon/Makefile.am
-+++ b/daemon/Makefile.am
-@@ -59,6 +59,7 @@ generator_built = \
- 	parted.mli \
- 	realpath.mli \
- 	rpm.mli \
-+	sfdisk.mli \
- 	statvfs.mli \
- 	structs.ml \
- 	structs.mli
-@@ -306,6 +307,7 @@ SOURCES_MLI = \
- 	parted.mli \
- 	realpath.mli \
- 	rpm.mli \
-+	sfdisk.mli \
- 	statvfs.mli \
- 	structs.mli \
- 	sysroot.mli \
-@@ -337,6 +339,7 @@ SOURCES_ML = \
- 	md.ml \
- 	mount.ml \
- 	mount_utils.ml \
-+	sfdisk.ml \
- 	parted.ml \
- 	listfs.ml \
- 	realpath.ml \
-diff --git a/daemon/inspect_fs_windows.ml b/daemon/inspect_fs_windows.ml
-index 5d29c3a46..6537481e1 100644
--- a/daemon/inspect_fs_windows.ml
-+++ b/daemon/inspect_fs_windows.ml
-@@ -419,7 +419,7 @@ and map_registry_disk_blob_gpt partitions blob =
-           let typ = Parted.part_get_parttype device in
-           if typ <> "gpt" then false
-           else (
-            let guid = Parted.part_get_gpt_guid device partnum in
-+            let guid = Sfdisk.part_get_gpt_guid device partnum in
-             String.lowercase_ascii guid = blob_guid
-           )
-       ) partitions in
-diff --git a/daemon/listfs.ml b/daemon/listfs.ml
-index 4cc3c437a..93c1e7145 100644
--- a/daemon/listfs.ml
-+++ b/daemon/listfs.ml
-@@ -114,7 +114,7 @@ and is_partition_can_hold_filesystem partition =
-     else if is_mbr then
-       true
-     else (
-      let gpt_type = Parted.part_get_gpt_type device partnum in
-+      let gpt_type = Sfdisk.part_get_gpt_type device partnum in
-       match gpt_type with
-       (* Windows Logical Disk Manager metadata partition. *)
-       | "5808C8AA-7E8F-42E0-85D2-E1E90434CFB3"
-diff --git a/daemon/parted.c b/daemon/parted.c
-index 9af5556c9..0f19baae5 100644
--- a/daemon/parted.c
-+++ b/daemon/parted.c
-@@ -456,58 +456,6 @@ do_part_set_mbr_id (const char *device, int partnum, int idbyte)
-   return 0;
- }
- 
-int
-do_part_set_gpt_type (const char *device, int partnum, const char *guid)
-{
-  if (partnum <= 0) {
-    reply_with_error ("partition number must be >= 1");
-    return -1;
-  }
-
-  CLEANUP_FREE char *typecode = NULL;
-  if (asprintf (&typecode, "%i:%s", partnum, guid) == -1) {
-    reply_with_perror ("asprintf");
-    return -1;
-  }
-
-  CLEANUP_FREE char *err = NULL;
-  int r = commandf (NULL, &err, COMMAND_FLAG_FOLD_STDOUT_ON_STDERR,
-                    "sgdisk", device, "-t", typecode, NULL);
-
-  if (r == -1) {
-    reply_with_error ("%s %s -t %s: %s", "sgdisk", device, typecode, err);
-    return -1;
-  }
-
-  return 0;
-}
-
-int
-do_part_set_gpt_guid (const char *device, int partnum, const char *guid)
-{
-  if (partnum <= 0) {
-    reply_with_error ("partition number must be >= 1");
-    return -1;
-  }
-
-  CLEANUP_FREE char *typecode = NULL;
-  if (asprintf (&typecode, "%i:%s", partnum, guid) == -1) {
-    reply_with_perror ("asprintf");
-    return -1;
-  }
-
-  CLEANUP_FREE char *err = NULL;
-  int r = commandf (NULL, &err, COMMAND_FLAG_FOLD_STDOUT_ON_STDERR,
-                    "sgdisk", device, "-u", typecode, NULL);
-
-  if (r == -1) {
-    reply_with_error ("%s %s -u %s: %s", "sgdisk", device, typecode, err);
-    return -1;
-  }
-
-  return 0;
-}
-
- char *
- do_part_get_name (const char *device, int partnum)
- {
-@@ -564,95 +512,3 @@ do_part_get_name (const char *device, int partnum)
-     return NULL;
-   }
- }
-
-static char *
-extract_uuid (const char *value)
-{
-  /* The value contains only valid GUID characters */
-  const size_t value_len = strspn (value, "-0123456789ABCDEF");
-
-  char *ret = malloc (value_len + 1);
-  if (ret == NULL) {
-    reply_with_perror ("malloc");
-    return NULL;
-  }
-
-  memcpy (ret, value, value_len);
-  ret[value_len] = '\0';
-  return ret;
-}
-
-char *
-do_part_get_disk_guid (const char *device)
-{
-  const char *pattern = "Disk identifier (GUID):";
-  size_t i;
-
-  CLEANUP_FREE char *err = NULL;
-  int r = commandf (NULL, &err, COMMAND_FLAG_FOLD_STDOUT_ON_STDERR,
-                    "sgdisk", device, "-p", NULL);
-  if (r == -1) {
-    reply_with_error ("%s %s -p: %s", "sgdisk", device, err);
-    return NULL;
-  }
-
-  CLEANUP_FREE_STRING_LIST char **lines = split_lines (err);
-  if (lines == NULL) {
-    reply_with_error ("'%s %s -p' returned no output",
-                      "sgdisk", device);
-    return NULL;
-  }
-
-  for (i = 0; lines[i] != NULL; ++i) {
-    if (STRPREFIX (lines[i], pattern)) {
-      char *value = lines[i] + strlen (pattern);
-
-      /* Skip any leading whitespace */
-      value += strspn (value, " \t");
-
-      /* Extract the actual information from the field. */
-      char *ret = extract_uuid (value);
-      if (ret == NULL) {
-        /* The extraction function already sends the error. */
-        return NULL;
-      }
-
-      return ret;
-    }
-  }
-
-  /* If we got here it means we didn't find the field */
-  reply_with_error ("sgdisk output did not contain disk GUID. "
-                    "See LIBGUESTFS_DEBUG output for more details");
-  return NULL;
-}
-
-int
-do_part_set_disk_guid (const char *device, const char *guid)
-{
-  CLEANUP_FREE char *err = NULL;
-  int r = commandf (NULL, &err, COMMAND_FLAG_FOLD_STDOUT_ON_STDERR,
-                    "sgdisk", device, "-U", guid, NULL);
-
-  if (r == -1) {
-    reply_with_error ("%s %s -U %s: %s", "sgdisk", device, guid, err);
-    return -1;
-  }
-
-  return 0;
-}
-
-int
-do_part_set_disk_guid_random (const char *device)
-{
-  CLEANUP_FREE char *err = NULL;
-  int r = commandf (NULL, &err, COMMAND_FLAG_FOLD_STDOUT_ON_STDERR,
-                    "sgdisk", device, "-U", "R", NULL);
-
-  if (r == -1) {
-    reply_with_error ("%s %s -U R: %s", "sgdisk", device, err);
-    return -1;
-  }
-
-  return 0;
-}
-diff --git a/daemon/parted.ml b/daemon/parted.ml
-index c9e55890b..f8f142bc5 100644
--- a/daemon/parted.ml
-+++ b/daemon/parted.ml
-@@ -25,18 +25,6 @@ open Utils
- 
- include Structs
- 
-let part_get_mbr_id device partnum =
-  if partnum <= 0 then
-    failwith "partition number must be >= 1";
-
-  udev_settle ();
-  let out =
-    command "sfdisk" ["--part-type"; device; string_of_int partnum] in
-  udev_settle ();
-
-  (* It's printed in hex, possibly with a leading space. *)
-  sscanf out " %x" identity
-
- (* This is almost equivalent to print_partition_table in the C code. The
-  * difference is that here we enforce the "BYT;" header internally.
-  *)
-@@ -110,7 +98,7 @@ let part_get_parttype device =
- 
- let part_get_mbr_part_type device partnum =
-   let parttype = part_get_parttype device in
-  let mbr_id = part_get_mbr_id device partnum in
-+  let mbr_id = Sfdisk.part_get_mbr_id device partnum in
- 
-   (* 0x05 - extended partition.
-    * 0x0f - extended partition using BIOS INT 13h extensions.
-@@ -120,81 +108,3 @@ let part_get_mbr_part_type device partnum =
-   | "msdos", (1|2|3|4), _ -> "primary"
-   | "msdos", _, _ -> "logical"
-   | _, _, _ -> "primary"
-
-let part_set_gpt_attributes device partnum attributes =
-  if partnum <= 0 then failwith "partition number must be >= 1";
-
-  udev_settle ();
-
-  let arg = sprintf "%d:=:%LX" partnum attributes in
-  let r, _, err =
-    commandr ~fold_stdout_on_stderr:true
-             "sgdisk" [ device; "-A"; arg ] in
-  if r <> 0 then
-    failwithf "sgdisk: %s" err;
-
-  udev_settle ()
-
-let extract_guid value =
-  (* The value contains only valid GUID characters. *)
-  String.sub value 0 (String.span value "-0123456789ABCDEF")
-
-let extract_hex value =
-  (* The value contains only valid numeric characters. *)
-  let str = String.sub value 0 (String.span value "0123456789ABCDEF") in
-  Int64.of_string ("0x" ^ str)
-
-let sgdisk_info_extract_field device partnum field extractor =
-  if partnum <= 0 then failwith "partition number must be >= 1";
-
-  udev_settle ();
-
-  let r, _, err =
-    commandr ~fold_stdout_on_stderr:true
-             "sgdisk" [ device; "-i"; string_of_int partnum ] in
-  if r <> 0 then
-    failwithf "getting %S: sgdisk: %s" field err;
-
-  udev_settle ();
-
-  let err = String.trim err in
-  let lines = String.nsplit "\n" err in
-
-  (* Parse the output of sgdisk -i:
-   * Partition GUID code: 21686148-6449-6E6F-744E-656564454649 (BIOS boot partition)
-   * Partition unique GUID: 19AEC5FE-D63A-4A15-9D37-6FCBFB873DC0
-   * First sector: 2048 (at 1024.0 KiB)
-   * Last sector: 411647 (at 201.0 MiB)
-   * Partition size: 409600 sectors (200.0 MiB)
-   * Attribute flags: 0000000000000000
-   * Partition name: 'EFI System Partition'
-   *)
-  let field_len = String.length field in
-  let rec loop = function
-    | [] ->
-       failwithf "%s: sgdisk output did not contain '%s'" device field
-    | line :: _ when String.is_prefix line field &&
-                     String.length line >= field_len + 2 &&
-                     line.[field_len] = ':' ->
-       let value =
-         String.sub line (field_len+1) (String.length line - field_len - 1) in
-
-       (* Skip any whitespace after the colon. *)
-       let value = String.triml value in
-
-       (* Extract the value. *)
-       extractor value
-
-    | _ :: lines -> loop lines
-  in
-  loop lines
-
-let rec part_get_gpt_type device partnum =
-  sgdisk_info_extract_field device partnum "Partition GUID code"
-                            extract_guid
-and part_get_gpt_guid device partnum =
-  sgdisk_info_extract_field device partnum "Partition unique GUID"
-                            extract_guid
-and part_get_gpt_attributes device partnum =
-  sgdisk_info_extract_field device partnum "Attribute flags"
-                            extract_hex
-diff --git a/daemon/sfdisk.ml b/daemon/sfdisk.ml
-new file mode 100644
-index 000000000..2aea399aa
--- /dev/null
-+++ b/daemon/sfdisk.ml
-@@ -0,0 +1,172 @@
-+(* guestfs-inspection
-+ * Copyright (C) 2009-2023 Red Hat Inc.
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or
-+ * (at your option) any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+ * GNU General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU General Public License along
-+ * with this program; if not, write to the Free Software Foundation, Inc.,
-+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-+ *)
-+
-+open Scanf
-+open Printf
-+
-+open Std_utils
-+
-+open Utils
-+
-+include Structs
-+
-+let part_get_mbr_id device partnum =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let out =
-+    command "sfdisk" ["--part-type"; device; string_of_int partnum] in
-+  udev_settle ();
-+
-+  (* It's printed in hex, possibly with a leading space. *)
-+  sscanf out " %x" identity
-+
-+let part_get_gpt_type device partnum =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let out =
-+    command "sfdisk" ["--part-type"; device; string_of_int partnum] in
-+  udev_settle ();
-+
-+  String.trimr out
-+
-+let part_set_gpt_type device partnum typ =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let cmd =
-+    sprintf "sfdisk --part-type %s %d %s"
-+      (quote device) partnum (quote typ) in
-+  if verbose () then eprintf "%s\n%!" cmd;
-+  if Sys.command cmd <> 0 then failwith "sfdisk --part-type failed";
-+  udev_settle ()
-+
-+let part_get_gpt_guid device partnum =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let out =
-+    command "sfdisk" ["--part-uuid"; device; string_of_int partnum] in
-+  udev_settle ();
-+
-+  String.trimr out
-+
-+let part_set_gpt_guid device partnum guid =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let cmd =
-+    sprintf "sfdisk --part-uuid %s %d %s"
-+      (quote device) partnum (quote guid) in
-+  if verbose () then eprintf "%s\n%!" cmd;
-+  if Sys.command cmd <> 0 then failwith "sfdisk --part-uuid failed";
-+  udev_settle ()
-+
-+let part_get_disk_guid device =
-+  udev_settle ();
-+  let out =
-+    command "sfdisk" ["--disk-id"; device] in
-+  udev_settle ();
-+
-+  String.trimr out
-+
-+let part_set_disk_guid device guid =
-+  udev_settle ();
-+  let cmd =
-+    sprintf "sfdisk --disk-id %s %s"
-+      (quote device) (quote guid) in
-+  if verbose () then eprintf "%s\n%!" cmd;
-+  if Sys.command cmd <> 0 then failwith "sfdisk --disk-id failed";
-+  udev_settle ()
-+
-+let part_set_disk_guid_random device =
-+  let random_uuid = Utils.get_random_uuid () in
-+  let random_uuid = String.trimr random_uuid in
-+  part_set_disk_guid device random_uuid
-+
-+let part_get_gpt_attributes device partnum =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  udev_settle ();
-+  let out =
-+    command "sfdisk" ["--part-attrs"; device; string_of_int partnum] in
-+  udev_settle ();
-+
-+  (* The output is a whitespace-separated list of:
-+   * "RequiredPartition" (equivalent to bit 0)
-+   * "NoBlockIOProtocol" (equivalent to bit 1)
-+   * "LegacyBIOSBootable" (equivalent to bit 2)
-+   * "48", "49", ..., "63"
-+   *)
-+  let out = String.trimr out in
-+  let attrs = String.nsplit " " out in
-+  List.fold_left (
-+    fun bits attr ->
-+      let bit =
-+        match attr with
-+        | "" -> -1
-+        | "RequiredPartition" -> 0
-+        | "NoBlockIOProtocol" -> 1
-+        | "LegacyBIOSBootable" -> 2
-+        | n -> int_of_string n in
-+      if bit >= 0 then
-+        Int64.logor bits (Int64.shift_left 1_L bit)
-+      else
-+        bits
-+  ) 0_L attrs
-+
-+let part_set_gpt_attributes device partnum attrs =
-+  if partnum <= 0 then
-+    failwith "partition number must be >= 1";
-+
-+  (* The input to sfdisk --part-attrs is a comma-separated list of
-+   * attribute names or bit positions.  Note you have to use the
-+   * names, you can't use "0", "1" or "2".
-+   *)
-+  let s = ref [] in
-+  let rec loop i =
-+    let b = Int64.logand attrs (Int64.shift_left 1_L i) <> Int64.zero in
-+    (match i with
-+     | 0 -> if b then List.push_front "RequiredPartition" s
-+     | 1 -> if b then List.push_front "NoBlockIOProtocol" s
-+     | 2 -> if b then List.push_front "LegacyBIOSBootable" s
-+     | i when i >= 3 && i <= 47 ->
-+        if b then
-+          failwith "bits 3..47 are reserved and cannot be set"
-+     | i when i >= 48 && i <= 63 ->
-+        if b then List.push_front (string_of_int i) s
-+     | _ -> assert false
-+    );
-+    if i < 63 then loop (i+1)
-+  in
-+  loop 0;
-+
-+  udev_settle ();
-+  let cmd =
-+    sprintf "sfdisk --part-attrs %s %d %s"
-+      (quote device) partnum (quote (String.concat "," !s)) in
-+  if verbose () then eprintf "%s\n%!" cmd;
-+  if Sys.command cmd <> 0 then failwith "sfdisk --part-attrs failed";
-+  udev_settle ()
-diff --git a/generator/actions_core.ml b/generator/actions_core.ml
-index 68627078f..46ef1422f 100644
--- a/generator/actions_core.ml
-+++ b/generator/actions_core.ml
-@@ -5302,7 +5302,7 @@ See also C<guestfs_part_set_bootable>." };
-   { defaults with
-     name = "part_get_mbr_id"; added = (1, 3, 2);
-     style = RInt "idbyte", [String (Device, "device"); Int "partnum"], [];
-    impl = OCaml "Parted.part_get_mbr_id";
-+    impl = OCaml "Sfdisk.part_get_mbr_id";
-     fish_output = Some FishOutputHexadecimal;
-     tests = [
-       InitEmpty, Always, TestResult (
-@@ -8128,7 +8128,7 @@ group with GUID C<diskgroup>." };
-   { defaults with
-     name = "part_set_gpt_type"; added = (1, 21, 1);
-     style = RErr, [String (Device, "device"); Int "partnum"; String (GUID, "guid")], [];
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_set_gpt_type";
-     tests = [
-       InitGPT, Always, TestLastFail (
-         [["part_set_gpt_type"; "/dev/sda"; "1"; "f"]]), [];
-@@ -8150,8 +8150,7 @@ for a useful list of type GUIDs." };
-   { defaults with
-     name = "part_get_gpt_type"; added = (1, 21, 1);
-     style = RString (RPlainString, "guid"), [String (Device, "device"); Int "partnum"], [];
-    impl = OCaml "Parted.part_get_gpt_type";
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_get_gpt_type";
-     tests = [
-       InitGPT, Always, TestResultString (
-         [["part_set_gpt_type"; "/dev/sda"; "1";
-@@ -8166,8 +8165,7 @@ Return the type GUID of numbered GPT partition C<partnum>." };
-   { defaults with
-     name = "part_set_gpt_attributes"; added = (1, 21, 1);
-     style = RErr, [String (Device, "device"); Int "partnum"; Int64 "attributes"], [];
-    impl = OCaml "Parted.part_set_gpt_attributes";
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_set_gpt_attributes";
-     tests = [
-       InitGPT, Always, TestResult (
-         [["part_set_gpt_attributes"; "/dev/sda"; "1";
-@@ -8186,8 +8184,7 @@ for a useful list of partition attributes." };
-   { defaults with
-     name = "part_get_gpt_attributes"; added = (1, 21, 1);
-     style = RInt64 "attributes", [String (Device, "device"); Int "partnum"], [];
-    impl = OCaml "Parted.part_get_gpt_attributes";
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_get_gpt_attributes";
-     tests = [
-       InitGPT, Always, TestResult (
-         [["part_set_gpt_attributes"; "/dev/sda"; "1";
-@@ -8987,7 +8984,7 @@ Recover bad superblocks from good copies." };
-   { defaults with
-     name = "part_set_gpt_guid"; added = (1, 29, 25);
-     style = RErr, [String (Device, "device"); Int "partnum"; String (GUID, "guid")], [];
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_set_gpt_guid";
-     tests = [
-       InitGPT, Always, TestLastFail (
-         [["part_set_gpt_guid"; "/dev/sda"; "1"; "f"]]), [];
-@@ -9006,8 +9003,7 @@ valid GUID." };
-   { defaults with
-     name = "part_get_gpt_guid"; added = (1, 29, 25);
-     style = RString (RPlainString, "guid"), [String (Device, "device"); Int "partnum"], [];
-    impl = OCaml "Parted.part_get_gpt_guid";
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_get_gpt_guid";
-     tests = [
-       InitGPT, Always, TestResultString (
-         [["part_set_gpt_guid"; "/dev/sda"; "1";
-@@ -9206,7 +9202,7 @@ This is the internal call which implements C<guestfs_feature_available>." };
-   { defaults with
-     name = "part_set_disk_guid"; added = (1, 33, 2);
-     style = RErr, [String (Device, "device"); String (GUID, "guid")], [];
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_set_disk_guid";
-     tests = [
-       InitGPT, Always, TestLastFail (
-         [["part_set_disk_guid"; "/dev/sda"; "f"]]), [];
-@@ -9225,7 +9221,7 @@ or if C<guid> is not a valid GUID." };
-   { defaults with
-     name = "part_get_disk_guid"; added = (1, 33, 2);
-     style = RString (RPlainString, "guid"), [String (Device, "device")], [];
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_get_disk_guid";
-     tests = [
-       InitGPT, Always, TestResultString (
-         [["part_set_disk_guid"; "/dev/sda";
-@@ -9241,7 +9237,7 @@ Behaviour is undefined for other partition types." };
-   { defaults with
-     name = "part_set_disk_guid_random"; added = (1, 33, 2);
-     style = RErr, [String (Device, "device")], [];
-    optional = Some "gdisk";
-+    impl = OCaml "Sfdisk.part_set_disk_guid_random";
-     tests = [
-       InitGPT, Always, TestRun (
-         [["part_set_disk_guid_random"; "/dev/sda"]]), [];
-- 
-2.43.0
-
--- a/0002-daemon-Fix-parsing-in-part_get_gpt_attributes.patch
+++ b/0002-daemon-Fix-parsing-in-part_get_gpt_attributes.patch
@ -1,134 +0,0 @@
-From 8539b763639cbe80e4b248455c0c28bd8ced9cbe Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Fri, 28 Jun 2024 09:42:20 +0100
-Subject: [PATCH] daemon: Fix parsing in part_get_gpt_attributes
-
-The actual output of sfdisk --part-attrs is bizarre and doesn't match
-the documentation.  After looking at the source from util-linux, fix
-the parsing to match what sfdisk produces.
-
-Reported-by: Yongkui Guo
-Fixes: commit c6c266a85d76dc2db90460202415790c585ac625
-Fixes: https://issues.redhat.com/browse/RHEL-35998
-(cherry picked from commit 24c1f7b03aab6343e6c826250269e98a6060d762)
---
- daemon/sfdisk.ml          | 80 +++++++++++++++++++++++++++++++--------
- generator/actions_core.ml |  4 +-
- 2 files changed, 66 insertions(+), 18 deletions(-)
-
-diff --git a/daemon/sfdisk.ml b/daemon/sfdisk.ml
-index 2aea399aa..8c8ed2305 100644
--- a/daemon/sfdisk.ml
-+++ b/daemon/sfdisk.ml
-@@ -114,28 +114,76 @@ let part_get_gpt_attributes device partnum =
-     command "sfdisk" ["--part-attrs"; device; string_of_int partnum] in
-   udev_settle ();
- 
-+  let out = String.trimr out in
-+
-   (* The output is a whitespace-separated list of:
-+   *
-    * "RequiredPartition" (equivalent to bit 0)
-    * "NoBlockIOProtocol" (equivalent to bit 1)
-    * "LegacyBIOSBootable" (equivalent to bit 2)
-   * "48", "49", ..., "63"
-+   * "GUID:" followed by a comma-separated list of bit numbers
-+   *
-+   * eg: "LegacyBIOSBootable RequiredPartition GUID:48,49"
-+   *
-+   * So this is a massive PITA to parse.
-    *)
-  let out = String.trimr out in
-  let attrs = String.nsplit " " out in
-  List.fold_left (
-    fun bits attr ->
-+  let rec loop out acc =
-+    let len = String.length out in
-+    eprintf "part_get_gpt_attributes: %S [%s]\n%!"
-+      out (String.concat "," (List.map string_of_int acc));
-+    if len = 0 then (
-+      acc
-+    )
-+    else if Char.isspace out.[0] then (
-+      let out = String.triml out in
-+      loop out acc
-+    )
-+    else if out.[0] = ',' then (
-+      let out = String.sub out 1 (len-1) in
-+      loop out acc
-+    )
-+    else if String.is_prefix out "RequiredPartition" then (
-+      let acc = 0 :: acc in
-+      let out = String.sub out 17 (len-17) in
-+      loop out acc
-+    )
-+    else if String.is_prefix out "NoBlockIOProtocol" then (
-+      let acc = 1 :: acc in
-+      let out = String.sub out 17 (len-17) in
-+      loop out acc
-+    )
-+    else if String.is_prefix out "LegacyBIOSBootable" then (
-+      let acc = 2 :: acc in
-+      let out = String.sub out 18 (len-18) in
-+      loop out acc
-+    )
-+    else if String.is_prefix out "GUID:" then (
-+      let out = String.sub out 5 (len-5) in
-+      loop out acc
-+    )
-+    else if Char.isdigit out.[0] then (
-+      let n = String.span out "0123456789" in
-+      let num, out = String.break n out in
-       let bit =
-        match attr with
-        | "" -> -1
-        | "RequiredPartition" -> 0
-        | "NoBlockIOProtocol" -> 1
-        | "LegacyBIOSBootable" -> 2
-        | n -> int_of_string n in
-      if bit >= 0 then
-        Int64.logor bits (Int64.shift_left 1_L bit)
-      else
-        bits
-  ) 0_L attrs
-+        try int_of_string num
-+        with Failure _ ->
-+          failwithf "part_get_gpt_attributes: cannot parse number %S" num in
-+      let acc = bit :: acc in
-+      loop out acc
-+    )
-+    else (
-+      failwithf "part_get_gpt_attributes: cannot parse %S" out
-+    )
-+  in
-+  let attrs = loop out [] in
-+
-+  let bits =
-+    List.fold_left (
-+      fun bits bit -> Int64.logor bits (Int64.shift_left 1_L bit)
-+    ) 0_L attrs in
-+  eprintf "part_get_gpt_attributes: [%s] -> %Ld\n%!"
-+    (String.concat "," (List.map string_of_int attrs)) bits;
-+  bits
- 
- let part_set_gpt_attributes device partnum attrs =
-   if partnum <= 0 then
-diff --git a/generator/actions_core.ml b/generator/actions_core.ml
-index 46ef1422f..ef9096772 100644
--- a/generator/actions_core.ml
-+++ b/generator/actions_core.ml
-@@ -8188,9 +8188,9 @@ for a useful list of partition attributes." };
-     tests = [
-       InitGPT, Always, TestResult (
-         [["part_set_gpt_attributes"; "/dev/sda"; "1";
-          "0"];
-+          (* bits 0, 2, 48 and 49 set *) "844424930131973"];
-          ["part_get_gpt_attributes"; "/dev/sda"; "1"]],
-        "ret == 0"), [];
-+        "ret == 844424930131973"), [];
-     ];
-     shortdesc = "get the attribute flags of a GPT partition";
-     longdesc = "\
-- 
-2.43.0
-
--- a/0005-New-APIs-findfs_partuuid-and-findfs_partlabel.patch
+++ b/0005-New-APIs-findfs_partuuid-and-findfs_partlabel.patch
@ -1,90 +0,0 @@
-From 8aa0958faabcf6d1755a8dcda3bcbb3bc63f6c1f Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Mon, 8 Jul 2024 14:37:22 +0100
-Subject: [PATCH] New APIs: findfs_partuuid and findfs_partlabel
-
-These search for partitions by UUID or label (name).  They only work
-for GPT.
-
-(cherry picked from commit 1816651f3c138600ad2e5ba0d6437b4753333818)
-(cherry picked from commit 04a45af93d21880e54a386386313100a04b91ca7)
---
- daemon/findfs.ml          |  4 ++++
- generator/actions_core.ml | 24 ++++++++++++++++++++++++
- generator/proc_nr.ml      |  2 ++
- lib/MAX_PROC_NR           |  2 +-
- 4 files changed, 31 insertions(+), 1 deletion(-)
-
-diff --git a/daemon/findfs.ml b/daemon/findfs.ml
-index cf2ba4a84..a94e0ce7b 100644
--- a/daemon/findfs.ml
-+++ b/daemon/findfs.ml
-@@ -27,6 +27,10 @@ let rec findfs_uuid uuid =
-   findfs "UUID" uuid
- and findfs_label label =
-   findfs "LABEL" label
-+and findfs_partuuid uuid =
-+  findfs "PARTUUID" uuid
-+and findfs_partlabel label =
-+  findfs "PARTLABEL" label
- 
- and findfs tag str =
-   (* Kill the cache file, forcing blkid to reread values from the
-diff --git a/generator/actions_core.ml b/generator/actions_core.ml
-index 4a4a8e4c9..15cdd09ff 100644
--- a/generator/actions_core.ml
-+++ b/generator/actions_core.ml
-@@ -5688,6 +5688,30 @@ filesystem can be found.
- 
- To find the label of a filesystem, use C<guestfs_vfs_label>." };
- 
-+  { defaults with
-+    name = "findfs_partuuid"; added = (1, 5, 3);
-+    style = RString (RDevice, "device"), [String (PlainString, "uuid")], [];
-+    impl = OCaml "Findfs.findfs_partuuid";
-+    shortdesc = "find a partition by UUID";
-+    longdesc = "\
-+This command searches the partitions and returns the one
-+which has the given partition UUID.  An error is returned if no such
-+partition can be found.
-+
-+To find the UUID of a partition, use C<guestfs_blkid> (C<PART_ENTRY_UUID>)." };
-+
-+  { defaults with
-+    name = "findfs_partlabel"; added = (1, 5, 3);
-+    style = RString (RDevice, "device"), [String (PlainString, "label")], [];
-+    impl = OCaml "Findfs.findfs_partlabel";
-+    shortdesc = "find a partition by label";
-+    longdesc = "\
-+This command searches the partitions and returns the one
-+which has the given label.  An error is returned if no such
-+partition can be found.
-+
-+To find the label of a partition, use C<guestfs_blkid> (C<PART_ENTRY_NAME>)." };
-+
-   { defaults with
-     name = "is_chardev"; added = (1, 5, 10);
-     style = RBool "flag", [String (Pathname, "path")], [OBool "followsymlinks"];
-diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
-index f71a849c9..56cd97a9f 100644
--- a/generator/proc_nr.ml
-+++ b/generator/proc_nr.ml
-@@ -516,6 +516,8 @@ let proc_nr = [
- 511, "internal_readdir";
- 512, "clevis_luks_unlock";
- 513, "inspect_get_build_id";
-+514, "findfs_partuuid";
-+515, "findfs_partlabel";
- ]
- 
- (* End of list.  If adding a new entry, add it at the end of the list
-diff --git a/lib/MAX_PROC_NR b/lib/MAX_PROC_NR
-index 31cf34b8d..3cda32fc2 100644
--- a/lib/MAX_PROC_NR
-+++ b/lib/MAX_PROC_NR
-@@ -1 +1 @@
-513
-+515
-- 
-2.43.0
-
--- a/0006-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch
+++ b/0006-inspection-Resolve-PARTUUID-and-PARTLABEL-in-etc-fst.patch
@ -1,45 +0,0 @@
-From 5733e5268fe0b7a99f20b23ea30ab13632cc9d95 Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Mon, 8 Jul 2024 14:39:16 +0100
-Subject: [PATCH] inspection: Resolve PARTUUID= and PARTLABEL= in /etc/fstab
-
-Fixes: https://issues.redhat.com/browse/RHEL-46596
-(cherry picked from commit e616c8f286ddacf401d7c356724ae874ed883262)
-(cherry picked from commit ebce03824a3ce75823037003ca2311d7b8d61565)
---
- daemon/inspect_fs_unix_fstab.ml | 19 +++++++++++++++++++
- 1 file changed, 19 insertions(+)
-
-diff --git a/daemon/inspect_fs_unix_fstab.ml b/daemon/inspect_fs_unix_fstab.ml
-index 837c8c620..f5817a318 100644
--- a/daemon/inspect_fs_unix_fstab.ml
-+++ b/daemon/inspect_fs_unix_fstab.ml
-@@ -131,6 +131,25 @@ and check_fstab_entry md_map root_mountable os_type aug entry =
-         with
-           Failure _ -> return None
-       )
-+      (* EFI partition UUIDs and labels. *)
-+      else if String.is_prefix spec "PARTUUID=" then (
-+        let uuid = String.sub spec 9 (String.length spec - 9) in
-+        let uuid = shell_unquote uuid in
-+        (* Just ignore the device if the UUID cannot be resolved. *)
-+        try
-+          Mountable.of_device (Findfs.findfs_partuuid uuid)
-+        with
-+          Failure _ -> return None
-+      )
-+      else if String.is_prefix spec "PARTLABEL=" then (
-+        let label = String.sub spec 10 (String.length spec - 10) in
-+        let label = shell_unquote label in
-+        (* Just ignore the device if the label cannot be resolved. *)
-+        try
-+          Mountable.of_device (Findfs.findfs_partlabel label)
-+        with
-+          Failure _ -> return None
-+      )
-       (* Resolve /dev/root to the current device.
-        * Do the same for the / partition of the *BSD
-        * systems, since the BSD -> Linux device
-- 
-2.43.0
-
--- a/0007-appliance-init-Don-t-set-impossible-noop-disk-schedu.patch
+++ b/0007-appliance-init-Don-t-set-impossible-noop-disk-schedu.patch
@ -1,109 +0,0 @@
-From 533d39a6862638f587b231ecf541ab1f5c8e85f9 Mon Sep 17 00:00:00 2001
-From: "Richard W.M. Jones" <rjones@redhat.com>
-Date: Fri, 16 Aug 2024 08:26:34 +0100
-Subject: [PATCH] appliance/init: Don't set impossible "noop" disk scheduler
-
-Since RHEL 7.4, the noop scheduler is no longer a thing.  Trying to
-set it results in the error:
-
-  + echo noop
-  /init: line 108: echo: write error: Invalid argument
-
-The current recommendation (https://access.redhat.com/solutions/5427)
-is to use mq-deadline, but that's also the default so we don't have to
-do anything.
-
-A bigger reason to remove these lines is that kernel 6.11.0 has
-introduced a hang where -- rarely -- the ext4 filesystem hangs if you
-try to change the scheduler while handing a page fault, even if you're
-setting a scheduler that doesn't exist.  I couldn't get much detail
-except for a couple of stack traces from different VMs:
-
-  crash> set 234
-      PID: 234
-  COMMAND: "modprobe"
-     TASK: ffff9f5ec3a22f40  [THREAD_INFO: ffff9f5ec3a22f40]
-      CPU: 0
-    STATE: TASK_UNINTERRUPTIBLE
-  crash> bt
-  PID: 234      TASK: ffff9f5ec3a22f40  CPU: 0    COMMAND: "modprobe"
-   #0 [ffffb21e002e7840] __schedule at ffffffffa718f6d0
-   #1 [ffffb21e002e78f8] schedule at ffffffffa7190a27
-   #2 [ffffb21e002e7908] __bio_queue_enter at ffffffffa67e121c
-   #3 [ffffb21e002e7968] blk_mq_submit_bio at ffffffffa67f358c
-   #4 [ffffb21e002e79f0] __submit_bio at ffffffffa67e1e3c
-   #5 [ffffb21e002e7a58] submit_bio_noacct_nocheck at ffffffffa67e2326
-   #6 [ffffb21e002e7ac0] ext4_mpage_readpages at ffffffffa65ceafc
-   #7 [ffffb21e002e7be0] read_pages at ffffffffa6381d17
-   #8 [ffffb21e002e7c40] page_cache_ra_unbounded at ffffffffa6381ff5
-   #9 [ffffb21e002e7ca8] filemap_fault at ffffffffa63761b5
-  #10 [ffffb21e002e7d48] __do_fault at ffffffffa63d1892
-  #11 [ffffb21e002e7d70] do_fault at ffffffffa63d2425
-  #12 [ffffb21e002e7da0] __handle_mm_fault at ffffffffa63d8c6b
-  #13 [ffffb21e002e7e88] handle_mm_fault at ffffffffa63d95c2
-  #14 [ffffb21e002e7ec8] do_user_addr_fault at ffffffffa60b34ea
-  #15 [ffffb21e002e7f28] exc_page_fault at ffffffffa7186e4e
-  #16 [ffffb21e002e7f50] asm_exc_page_fault at ffffffffa72012a6
-      RIP: 000055d16159f8d8  RSP: 00007ffdd4c1f340  RFLAGS: 00010206
-      RAX: 00000000000bec82  RBX: 00007ff2fd00dc82  RCX: 000055d1615b492a
-      RDX: 00007ffdd4c216b0  RSI: 00000000200bec82  RDI: 000055d185725960
-      RBP: 00007ffdd4c1f5a0   R8: 0000000000000000   R9: 0000000000000000
-      R10: 0000000000000000  R11: 0000000000000202  R12: 00000000200bec82
-      R13: 000055d185725960  R14: 00007ffdd4c216b0  R15: 000055d1615b9708
-      ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b
-
-  crash> set 230
-      PID: 230
-  COMMAND: "modprobe"
-     TASK: ffff98ce03ca3040  [THREAD_INFO: ffff98ce03ca3040]
-      CPU: 0
-    STATE: TASK_UNINTERRUPTIBLE
-  crash> bt
-  PID: 230      TASK: ffff98ce03ca3040  CPU: 0    COMMAND: "modprobe"
-   #0 [ffffaf9940307840] __schedule at ffffffff9618f6d0
-   #1 [ffffaf99403078f8] schedule at ffffffff96190a27
-   #2 [ffffaf9940307908] __bio_queue_enter at ffffffff957e121c
-   #3 [ffffaf9940307968] blk_mq_submit_bio at ffffffff957f358c
-   #4 [ffffaf99403079f0] __submit_bio at ffffffff957e1e3c
-   #5 [ffffaf9940307a58] submit_bio_noacct_nocheck at ffffffff957e2326
-   #6 [ffffaf9940307ac0] ext4_mpage_readpages at ffffffff955ceafc
-   #7 [ffffaf9940307be0] read_pages at ffffffff95381d1a
-   #8 [ffffaf9940307c40] page_cache_ra_unbounded at ffffffff95381ff5
-   #9 [ffffaf9940307ca8] filemap_fault at ffffffff953761b5
-  #10 [ffffaf9940307d48] __do_fault at ffffffff953d1895
-  #11 [ffffaf9940307d70] do_fault at ffffffff953d2425
-  #12 [ffffaf9940307da0] __handle_mm_fault at ffffffff953d8c6b
-  #13 [ffffaf9940307e88] handle_mm_fault at ffffffff953d95c2
-  #14 [ffffaf9940307ec8] do_user_addr_fault at ffffffff950b34ea
-  #15 [ffffaf9940307f28] exc_page_fault at ffffffff96186e4e
-  #16 [ffffaf9940307f50] asm_exc_page_fault at ffffffff962012a6
-      RIP: 0000556b7a7468d8  RSP: 00007ffde2ffb560  RFLAGS: 00000206
-      RAX: 00000000000bec82  RBX: 00007f5331a0dc82  RCX: 0000556b7a75b92a
-      RDX: 00007ffde2ffd8d0  RSI: 00000000200bec82  RDI: 0000556ba8edf960
-      RBP: 00007ffde2ffb7c0   R8: 0000000000000000   R9: 0000000000000000
-      R10: 0000000000000000  R11: 0000000000000202  R12: 00000000200bec82
-      R13: 0000556ba8edf960  R14: 00007ffde2ffd8d0  R15: 0000556b7a760708
-      ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b
-
-Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2303267
-(cherry picked from commit b2d682a4730ead8b4ae07e5aaf6fa230c5eec305)
---
- appliance/init | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/appliance/init b/appliance/init
-index 128a3c20e..dae06dbbe 100755
--- a/appliance/init
-+++ b/appliance/init
-@@ -104,8 +104,6 @@ udevadm settle --timeout=600
- # Increase the SCSI timeout so we can read remote images.
- shopt -s nullglob
- for f in /sys/block/sd*/device/timeout; do echo 300 > $f; done
-# https://access.redhat.com/site/solutions/5427
-for f in /sys/block/{h,s,ub,v}d*/queue/scheduler; do echo noop > $f; done
- shopt -u nullglob
- 
- # Set up the network.
-- 
-2.43.0
-
--- a/SOURCES/0001-RHEL-8-Remove-libguestfs-live-RHBZ-798980.patch
+++ b/SOURCES/0001-RHEL-8-Remove-libguestfs-live-RHBZ-798980.patch
@ -0,0 +1,56 @@
+From 5b6d2b05fe0c4035b9791a751e3133d26c7baa2d Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Fri, 21 Dec 2012 15:50:11 +0000
+Subject: [PATCH] RHEL 8: Remove libguestfs live (RHBZ#798980).
+
+This isn't supported in RHEL 8.
+
+Disable daemon tests that require the 'unix' backend.
+---
+ lib/launch-unix.c        | 7 +++++++
+ tests/daemon/Makefile.am | 4 +---
+ 2 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/lib/launch-unix.c b/lib/launch-unix.c
+index 0d344f9df..74dd1bb4a 100644
+--- a/lib/launch-unix.c
+++ b/lib/launch-unix.c
+@@ -37,6 +37,12 @@
+ static int
+ launch_unix (guestfs_h *g, void *datav, const char *sockpath)
+ {
+  error (g,
+	 "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+	 "In particular, \"libguestfs live\" is not supported.");
+  return -1;
+
+#if 0
+   int r, daemon_sock = -1;
+   struct sockaddr_un addr;
+   uint32_t size;
+@@ -106,6 +112,7 @@ launch_unix (guestfs_h *g, void *datav, const char *sockpath)
+     g->conn = NULL;
+   }
+   return -1;
+#endif
+ }
+ 
+ static int
+diff --git a/tests/daemon/Makefile.am b/tests/daemon/Makefile.am
+index 921e6d1df..8b2887247 100644
+--- a/tests/daemon/Makefile.am
+++ b/tests/daemon/Makefile.am
+@@ -23,9 +23,7 @@ include $(top_srcdir)/subdir-rules.mk
+ 
+ check_DATA = captive-daemon.pm
+ 
+-TESTS = \
+-	test-daemon-start.pl \
+-	test-btrfs.pl
+TESTS =
+ 
+ TESTS_ENVIRONMENT = $(top_builddir)/run --test
+ 
+-- 
+2.31.1
+
--- a/SOURCES/0002-RHEL-8-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch
+++ b/SOURCES/0002-RHEL-8-Remove-9p-APIs-from-RHEL-RHBZ-921710.patch
@ -0,0 +1,330 @@
+From 91b2a6e50211c58ea31a36351ec63c358f708bf9 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 18 Jul 2013 18:31:53 +0100
+Subject: [PATCH] RHEL 8: Remove 9p APIs from RHEL (RHBZ#921710).
+
+---
+ Makefile.am               |   2 +-
+ daemon/9p.c               | 182 --------------------------------------
+ daemon/Makefile.am        |   1 -
+ docs/C_SOURCE_FILES       |   1 -
+ generator/actions_core.ml |  21 -----
+ generator/proc_nr.ml      |   2 -
+ gobject/Makefile.inc      |   2 -
+ po/POTFILES               |   2 -
+ 8 files changed, 1 insertion(+), 212 deletions(-)
+ delete mode 100644 daemon/9p.c
+
+diff --git a/Makefile.am b/Makefile.am
+index 3df1b6a7a..36e44dfd5 100644
+--- a/Makefile.am
+++ b/Makefile.am
+@@ -78,7 +78,7 @@ SUBDIRS += tests/xfs
+ SUBDIRS += tests/charsets
+ SUBDIRS += tests/xml
+ SUBDIRS += tests/mount-local
+-SUBDIRS += tests/9p
+#SUBDIRS += tests/9p
+ SUBDIRS += tests/rsync
+ SUBDIRS += tests/bigdirs
+ SUBDIRS += tests/disk-labels
+diff --git a/daemon/9p.c b/daemon/9p.c
+deleted file mode 100644
+index 743a96abd..000000000
+--- a/daemon/9p.c
+++ /dev/null
+@@ -1,182 +0,0 @@
+-/* libguestfs - the guestfsd daemon
+- * Copyright (C) 2011 Red Hat Inc.
+- *
+- * This program is free software; you can redistribute it and/or modify
+- * it under the terms of the GNU General Public License as published by
+- * the Free Software Foundation; either version 2 of the License, or
+- * (at your option) any later version.
+- *
+- * This program is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+- * GNU General Public License for more details.
+- *
+- * You should have received a copy of the GNU General Public License
+- * along with this program; if not, write to the Free Software
+- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+- */
+-
+-#include <config.h>
+-
+-#include <stdio.h>
+-#include <stdlib.h>
+-#include <string.h>
+-#include <unistd.h>
+-#include <limits.h>
+-#include <errno.h>
+-#include <sys/types.h>
+-#include <sys/stat.h>
+-#include <dirent.h>
+-#include <fcntl.h>
+-
+-#include "ignore-value.h"
+-
+-#include "daemon.h"
+-#include "actions.h"
+-
+-#define BUS_PATH "/sys/bus/virtio/drivers/9pnet_virtio"
+-
+-static void
+-modprobe_9pnet_virtio (void)
+-{
+-  /* Required with Linux 5.6 and maybe earlier kernels.  For unclear
+-   * reasons the module is not an automatic dependency of the 9p
+-   * module so doesn't get loaded automatically.
+-   */
+-  ignore_value (command (NULL, NULL, "modprobe", "9pnet_virtio", NULL));
+-}
+-
+-/* https://bugzilla.redhat.com/show_bug.cgi?id=714981#c1 */
+-char **
+-do_list_9p (void)
+-{
+-  CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (r);
+-  DIR *dir;
+-
+-  modprobe_9pnet_virtio ();
+-
+-  dir = opendir (BUS_PATH);
+-  if (!dir) {
+-    perror ("opendir: " BUS_PATH);
+-    if (errno != ENOENT) {
+-      reply_with_perror ("opendir: " BUS_PATH);
+-      return NULL;
+-    }
+-
+-    /* If this directory doesn't exist, it probably means that
+-     * the virtio driver isn't loaded.  Don't return an error
+-     * in this case, but return an empty list.
+-     */
+-    if (end_stringsbuf (&r) == -1)
+-      return NULL;
+-
+-    return take_stringsbuf (&r);
+-  }
+-
+-  while (1) {
+-    struct dirent *d;
+-
+-    errno = 0;
+-    d = readdir (dir);
+-    if (d == NULL) break;
+-
+-    if (STRPREFIX (d->d_name, "virtio")) {
+-      CLEANUP_FREE char *mount_tag_path = NULL;
+-      if (asprintf (&mount_tag_path, BUS_PATH "/%s/mount_tag",
+-                    d->d_name) == -1) {
+-        reply_with_perror ("asprintf");
+-        closedir (dir);
+-        return NULL;
+-      }
+-
+-      /* A bit unclear, but it looks like the virtio transport allows
+-       * the mount tag length to be unlimited (or up to 65536 bytes).
+-       * See: linux/include/linux/virtio_9p.h
+-       */
+-      CLEANUP_FREE char *mount_tag = read_whole_file (mount_tag_path, NULL);
+-      if (mount_tag == 0)
+-        continue;
+-
+-      if (add_string (&r, mount_tag) == -1) {
+-        closedir (dir);
+-        return NULL;
+-      }
+-    }
+-  }
+-
+-  /* Check readdir didn't fail */
+-  if (errno != 0) {
+-    reply_with_perror ("readdir: /sys/block");
+-    closedir (dir);
+-    return NULL;
+-  }
+-
+-  /* Close the directory handle */
+-  if (closedir (dir) == -1) {
+-    reply_with_perror ("closedir: /sys/block");
+-    return NULL;
+-  }
+-
+-  /* Sort the tags. */
+-  if (r.size > 0)
+-    sort_strings (r.argv, r.size);
+-
+-  /* NULL terminate the list */
+-  if (end_stringsbuf (&r) == -1)
+-    return NULL;
+-
+-  return take_stringsbuf (&r);
+-}
+-
+-/* Takes optional arguments, consult optargs_bitmask. */
+-int
+-do_mount_9p (const char *mount_tag, const char *mountpoint, const char *options)
+-{
+-  CLEANUP_FREE char *mp = NULL, *opts = NULL, *err = NULL;
+-  struct stat statbuf;
+-  int r;
+-
+-  ABS_PATH (mountpoint, 0, return -1);
+-
+-  mp = sysroot_path (mountpoint);
+-  if (!mp) {
+-    reply_with_perror ("malloc");
+-    return -1;
+-  }
+-
+-  /* Check the mountpoint exists and is a directory. */
+-  if (stat (mp, &statbuf) == -1) {
+-    reply_with_perror ("%s", mountpoint);
+-    return -1;
+-  }
+-  if (!S_ISDIR (statbuf.st_mode)) {
+-    reply_with_perror ("%s: mount point is not a directory", mountpoint);
+-    return -1;
+-  }
+-
+-  /* Add trans=virtio to the options. */
+-  if ((optargs_bitmask & GUESTFS_MOUNT_9P_OPTIONS_BITMASK) &&
+-      STRNEQ (options, "")) {
+-    if (asprintf (&opts, "trans=virtio,%s", options) == -1) {
+-      reply_with_perror ("asprintf");
+-      return -1;
+-    }
+-  }
+-  else {
+-    opts = strdup ("trans=virtio");
+-    if (opts == NULL) {
+-      reply_with_perror ("strdup");
+-      return -1;
+-    }
+-  }
+-
+-  modprobe_9pnet_virtio ();
+-  r = command (NULL, &err,
+-               "mount", "-o", opts, "-t", "9p", mount_tag, mp, NULL);
+-  if (r == -1) {
+-    reply_with_error ("%s on %s: %s", mount_tag, mountpoint, err);
+-    return -1;
+-  }
+-
+-  return 0;
+-}
+diff --git a/daemon/Makefile.am b/daemon/Makefile.am
+index 038be592c..df9dcc4ee 100644
+--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
+@@ -82,7 +82,6 @@ guestfsd_SOURCES = \
+ 	../common/protocol/guestfs_protocol.h \
+ 	../common/utils/cleanups.h \
+ 	../common/utils/guestfs-utils.h \
+-	9p.c \
+ 	acl.c \
+ 	actions.h \
+ 	available.c \
+diff --git a/docs/C_SOURCE_FILES b/docs/C_SOURCE_FILES
+index cd5bd2924..831b7e25a 100644
+--- a/docs/C_SOURCE_FILES
+++ b/docs/C_SOURCE_FILES
+@@ -63,7 +63,6 @@ common/windows/windows.c
+ common/windows/windows.h
+ customize/crypt-c.c
+ customize/perl_edit-c.c
+-daemon/9p.c
+ daemon/acl.c
+ daemon/actions.h
+ daemon/augeas.c
+diff --git a/generator/actions_core.ml b/generator/actions_core.ml
+index 806565b19..37476c93e 100644
+--- a/generator/actions_core.ml
+++ b/generator/actions_core.ml
+@@ -6157,27 +6157,6 @@ This returns true iff the device exists and contains all zero bytes.
+ 
+ Note that for large devices this can take a long time to run." };
+ 
+-  { defaults with
+-    name = "list_9p"; added = (1, 11, 12);
+-    style = RStringList (RPlainString, "mounttags"), [], [];
+-    shortdesc = "list 9p filesystems";
+-    longdesc = "\
+-List all 9p filesystems attached to the guest.  A list of
+-mount tags is returned." };
+-
+-  { defaults with
+-    name = "mount_9p"; added = (1, 11, 12);
+-    style = RErr, [String (PlainString, "mounttag"); String (PlainString, "mountpoint")], [OString "options"];
+-    camel_name = "Mount9P";
+-    shortdesc = "mount 9p filesystem";
+-    longdesc = "\
+-Mount the virtio-9p filesystem with the tag C<mounttag> on the
+-directory C<mountpoint>.
+-
+-If required, C<trans=virtio> will be automatically added to the options.
+-Any other options required can be passed in the optional C<options>
+-parameter." };
+-
+   { defaults with
+     name = "list_dm_devices"; added = (1, 11, 15);
+     style = RStringList (RDevice, "devices"), [], [];
+diff --git a/generator/proc_nr.ml b/generator/proc_nr.ml
+index 30e42864f..57976be36 100644
+--- a/generator/proc_nr.ml
+++ b/generator/proc_nr.ml
+@@ -295,8 +295,6 @@ let proc_nr = [
+ 282, "internal_autosync";
+ 283, "is_zero";
+ 284, "is_zero_device";
+-285, "list_9p";
+-286, "mount_9p";
+ 287, "list_dm_devices";
+ 288, "ntfsresize";
+ 289, "btrfs_filesystem_resize";
+diff --git a/gobject/Makefile.inc b/gobject/Makefile.inc
+index 650f8ddac..c4e735967 100644
+--- a/gobject/Makefile.inc
+++ b/gobject/Makefile.inc
+@@ -94,7 +94,6 @@ guestfs_gobject_headers= \
+   include/guestfs-gobject/optargs-mksquashfs.h \
+   include/guestfs-gobject/optargs-mkswap.h \
+   include/guestfs-gobject/optargs-mktemp.h \
+-  include/guestfs-gobject/optargs-mount_9p.h \
+   include/guestfs-gobject/optargs-mount_local.h \
+   include/guestfs-gobject/optargs-ntfsclone_out.h \
+   include/guestfs-gobject/optargs-ntfsfix.h \
+@@ -188,7 +187,6 @@ guestfs_gobject_sources= \
+   src/optargs-mksquashfs.c \
+   src/optargs-mkswap.c \
+   src/optargs-mktemp.c \
+-  src/optargs-mount_9p.c \
+   src/optargs-mount_local.c \
+   src/optargs-ntfsclone_out.c \
+   src/optargs-ntfsfix.c \
+diff --git a/po/POTFILES b/po/POTFILES
+index 69ea7134a..0782e8ceb 100644
+--- a/po/POTFILES
+++ b/po/POTFILES
+@@ -47,7 +47,6 @@ common/visit/visit.c
+ common/windows/windows.c
+ customize/crypt-c.c
+ customize/perl_edit-c.c
+-daemon/9p.c
+ daemon/acl.c
+ daemon/augeas.c
+ daemon/available.c
+@@ -277,7 +276,6 @@ gobject/src/optargs-mkfs_btrfs.c
+ gobject/src/optargs-mksquashfs.c
+ gobject/src/optargs-mkswap.c
+ gobject/src/optargs-mktemp.c
+-gobject/src/optargs-mount_9p.c
+ gobject/src/optargs-mount_local.c
+ gobject/src/optargs-ntfsclone_out.c
+ gobject/src/optargs-ntfsfix.c
+-- 
+2.31.1
+
--- a/SOURCES/0003-RHEL-8-Disable-unsupported-remote-drive-protocols-RH.patch
+++ b/SOURCES/0003-RHEL-8-Disable-unsupported-remote-drive-protocols-RH.patch
@ -1,7 +1,7 @@
-From 75cdb13260f79a34a8b65059feb098f32738c8a4 Mon Sep 17 00:00:00 2001
+From 4dd2f3f56a39411a255ad0a8f38081d46620dbd8 Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Mon, 29 Jul 2013 14:47:56 +0100
-Subject: [PATCH] RHEL: Disable unsupported remote drive protocols
+Subject: [PATCH] RHEL 8: Disable unsupported remote drive protocols
 (RHBZ#962113).

 This disables support for unsupported remote drive protocols:
@ -18,9 +18,7 @@ This disables support for unsupported remote drive protocols:

 Note 'nbd' is not disabled, and of course 'file' works.

-We hope to gradually add some of these back over the lifetime of RHEL.
-
-(cherry picked from commit 66b9338e3d786db28fbd853d397741c3ceb19352)
+We hope to gradually add some of these back over the lifetime of RHEL 8.
 ---
 docs/guestfs-testing.pod               |  20 -----
 fish/guestfish.pod                     |  66 ++--------------
@ -33,7 +31,7 @@ We hope to gradually add some of these back over the lifetime of RHEL.
 8 files changed, 16 insertions(+), 348 deletions(-)

 diff --git a/docs/guestfs-testing.pod b/docs/guestfs-testing.pod
-index f5c09df6e..ee4b26d6b 100644
+index f558964bf..8f264ed17 100644
 --- a/docs/guestfs-testing.pod
 +++ b/docs/guestfs-testing.pod
@@ -109,26 +109,6 @@ image.  To exit, type C<exit>.
@ -64,7 +62,7 @@ index f5c09df6e..ee4b26d6b 100644
 
 Run L<virt-alignment-scan(1)> on guests or disk images:
 diff --git a/fish/guestfish.pod b/fish/guestfish.pod
-index 492aa7163..33fc8b2c8 100644
+index 9f086f110..bb4167b06 100644
 --- a/fish/guestfish.pod
 +++ b/fish/guestfish.pod
@@ -131,9 +131,9 @@ To list what is available do:
@ -79,7 +77,7 @@ index 492aa7163..33fc8b2c8 100644
 
 =head2 Remote control
 
-@@ -1129,12 +1129,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
+@@ -1134,12 +1134,12 @@ L<guestfs(3)/REMOTE STORAGE>>.
 On the command line, you can use the I<-a> option to add network
 block devices using a URI-style format, for example:
 
@ -94,7 +92,7 @@ index 492aa7163..33fc8b2c8 100644
 
 The possible I<-a URI> formats are described below.
 
-@@ -1144,40 +1144,6 @@ The possible I<-a URI> formats are described below.
+@@ -1149,40 +1149,6 @@ The possible I<-a URI> formats are described below.
 
 Add the local disk image (or device) called F<disk.img>.
 
@ -135,7 +133,7 @@ index 492aa7163..33fc8b2c8 100644
 =head2 B<-a nbd://example.com[:port]>
 
 =head2 B<-a nbd://example.com[:port]/exportname>
-@@ -1212,35 +1178,13 @@ The equivalent API command would be:
+@@ -1217,35 +1183,13 @@ The equivalent API command would be:
 
  ><fs> add pool/disk protocol:rbd server:tcp:example.com:port
 
@ -222,10 +220,10 @@ index 21d424984..ddabeb639 100755
 rm test-add-uri.out
 rm test-add-uri.img
 diff --git a/generator/actions_core.ml b/generator/actions_core.ml
-index ef9096772..4a4a8e4c9 100644
+index 37476c93e..9f0402510 100644
 --- a/generator/actions_core.ml
 +++ b/generator/actions_core.ml
-@@ -350,29 +350,6 @@ F<filename> is interpreted as a local file or device.
+@@ -297,29 +297,6 @@ F<filename> is interpreted as a local file or device.
 This is the default if the optional protocol parameter
 is omitted.
 
@ -255,7 +253,7 @@ index ef9096772..4a4a8e4c9 100644
 =item C<protocol = \"nbd\">
 
 Connect to the Network Block Device server.
-@@ -389,22 +366,6 @@ The C<secret> parameter may be supplied.  See below.
+@@ -336,22 +313,6 @@ The C<secret> parameter may be supplied.  See below.
 
 See also: L<guestfs(3)/CEPH>.
 
@ -278,7 +276,7 @@ index ef9096772..4a4a8e4c9 100644
 =back
 
 =item C<server>
-@@ -415,13 +376,8 @@ is a list of server(s).
+@@ -362,13 +323,8 @@ is a list of server(s).
  Protocol       Number of servers required
  --------       --------------------------
  file           List must be empty or param not used at all
@ -292,7 +290,7 @@ index ef9096772..4a4a8e4c9 100644
 
 Each list element is a string specifying a server.  The string must be
 in one of the following formats:
-@@ -437,10 +393,10 @@ for the protocol is used (see F</etc/services>).
+@@ -384,10 +340,10 @@ for the protocol is used (see F</etc/services>).
 
 =item C<username>
 
@ -307,10 +305,10 @@ index ef9096772..4a4a8e4c9 100644
 example if using the libvirt backend and if the libvirt backend is configured to
 start the qemu appliance as a special user such as C<qemu.qemu>.  If in doubt,
 diff --git a/lib/drives.c b/lib/drives.c
-index c5a208468..efb289254 100644
+index 46af66db4..c81ded5d7 100644
 --- a/lib/drives.c
 +++ b/lib/drives.c
-@@ -166,6 +166,7 @@ create_drive_non_file (guestfs_h *g,
+@@ -168,6 +168,7 @@ create_drive_non_file (guestfs_h *g,
   return drv;
 }
 
@ -318,7 +316,7 @@ index c5a208468..efb289254 100644
 static struct drive *
 create_drive_curl (guestfs_h *g,
                    const struct drive_create_data *data)
-@@ -224,6 +225,7 @@ create_drive_gluster (guestfs_h *g,
+@@ -226,6 +227,7 @@ create_drive_gluster (guestfs_h *g,
 
   return create_drive_non_file (g, data);
 }
@ -326,7 +324,7 @@ index c5a208468..efb289254 100644
 
 static int
 nbd_port (void)
-@@ -292,6 +294,7 @@ create_drive_rbd (guestfs_h *g,
+@@ -294,6 +296,7 @@ create_drive_rbd (guestfs_h *g,
   return create_drive_non_file (g, data);
 }
 
@ -334,7 +332,7 @@ index c5a208468..efb289254 100644
 static struct drive *
 create_drive_sheepdog (guestfs_h *g,
                        const struct drive_create_data *data)
-@@ -392,6 +395,7 @@ create_drive_iscsi (guestfs_h *g,
+@@ -394,6 +397,7 @@ create_drive_iscsi (guestfs_h *g,
 
   return create_drive_non_file (g, data);
 }
@ -342,7 +340,7 @@ index c5a208468..efb289254 100644
 
 /**
  * Create the special F</dev/null> drive.
-@@ -842,6 +846,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
+@@ -856,6 +860,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
       drv = create_drive_file (g, &data);
     }
   }
@ -350,7 +348,7 @@ index c5a208468..efb289254 100644
   else if (STREQ (protocol, "ftp")) {
     data.protocol = drive_protocol_ftp;
     drv = create_drive_curl (g, &data);
-@@ -866,6 +871,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
+@@ -880,6 +885,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
     data.protocol = drive_protocol_iscsi;
     drv = create_drive_iscsi (g, &data);
   }
@ -358,7 +356,7 @@ index c5a208468..efb289254 100644
   else if (STREQ (protocol, "nbd")) {
     data.protocol = drive_protocol_nbd;
     drv = create_drive_nbd (g, &data);
-@@ -874,6 +880,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
+@@ -888,6 +894,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
     data.protocol = drive_protocol_rbd;
     drv = create_drive_rbd (g, &data);
   }
@ -366,7 +364,7 @@ index c5a208468..efb289254 100644
   else if (STREQ (protocol, "sheepdog")) {
     data.protocol = drive_protocol_sheepdog;
     drv = create_drive_sheepdog (g, &data);
-@@ -886,6 +893,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
+@@ -900,6 +907,7 @@ guestfs_impl_add_drive_opts (guestfs_h *g, const char *filename,
     data.protocol = drive_protocol_tftp;
     drv = create_drive_curl (g, &data);
   }
@ -375,12 +373,12 @@ index c5a208468..efb289254 100644
     error (g, _("unknown protocol ‘%s’"), protocol);
     drv = NULL; /*FALLTHROUGH*/
 diff --git a/lib/guestfs.pod b/lib/guestfs.pod
-index e46dd81f9..dff32cc9e 100644
+index bce9eb79f..2bb13b875 100644
 --- a/lib/guestfs.pod
 +++ b/lib/guestfs.pod
-@@ -723,70 +723,6 @@ a qcow2 backing file specification, libvirt does not construct an
- ephemeral secret object from those, for Ceph authentication.  Refer to
- L<https://bugzilla.redhat.com/2033247>.
+@@ -715,70 +715,6 @@ servers.  The server string is documented in
+ L</guestfs_add_drive_opts>. The C<username> and C<secret> parameters are
+ also optional, and if not given, then no authentication will be used.
 
 -=head3 FTP, HTTP AND TFTP
 -
@ -449,7 +447,7 @@ index e46dd81f9..dff32cc9e 100644
 =head3 NETWORK BLOCK DEVICE
 
 Libguestfs can access Network Block Device (NBD) disks remotely.
-@@ -849,42 +785,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
+@@ -841,42 +777,6 @@ L<https://bugs.launchpad.net/qemu/+bug/1155677>
 
 =back
 
@ -493,10 +491,10 @@ index e46dd81f9..dff32cc9e 100644
 
 Libguestfs has APIs for inspecting an unknown disk image to find out
 diff --git a/tests/disks/test-qemu-drive-libvirt.sh b/tests/disks/test-qemu-drive-libvirt.sh
-index d86a1ecd0..cf7d2a0c9 100755
+index 3c5aa592e..f73827bd6 100755
 --- a/tests/disks/test-qemu-drive-libvirt.sh
 +++ b/tests/disks/test-qemu-drive-libvirt.sh
-@@ -65,34 +65,6 @@ check_output
+@@ -64,34 +64,6 @@ check_output
 grep -sq -- '-drive file=rbd:abc-def/ghi-jkl:auth_supported=none,' "$DEBUG_QEMU_FILE" || fail ceph2
 rm "$DEBUG_QEMU_FILE"
 
@ -532,7 +530,7 @@ index d86a1ecd0..cf7d2a0c9 100755
 
 $guestfish -d pool1 run ||:
 diff --git a/tests/disks/test-qemu-drive.sh b/tests/disks/test-qemu-drive.sh
-index 12937fb30..b3e4f9903 100755
+index 19dd60a2f..583e031bd 100755
 --- a/tests/disks/test-qemu-drive.sh
 +++ b/tests/disks/test-qemu-drive.sh
@@ -62,45 +62,6 @@ check_output
@ -607,5 +605,5 @@ index 12937fb30..b3e4f9903 100755
 -grep -sq -- '-drive file=ssh://rich@example.com/disk.img,' "$DEBUG_QEMU_FILE" || fail
 -rm "$DEBUG_QEMU_FILE"
 -- 
-2.43.0
+2.31.1

--- a/SOURCES/0004-RHEL-8-Remove-User-Mode-Linux-RHBZ-1144197.patch
+++ b/SOURCES/0004-RHEL-8-Remove-User-Mode-Linux-RHBZ-1144197.patch
@ -0,0 +1,72 @@
+From 34f8c6a5eb0eabfba4ab1831b45e2baa73a4b501 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Fri, 19 Sep 2014 13:38:20 +0100
+Subject: [PATCH] RHEL 8: Remove User-Mode Linux (RHBZ#1144197).
+
+This isn't supported in RHEL 8.
+---
+ lib/launch-uml.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/lib/launch-uml.c b/lib/launch-uml.c
+index 5aec50a57..8b9fcd770 100644
+--- a/lib/launch-uml.c
+++ b/lib/launch-uml.c
+@@ -44,7 +44,9 @@ struct backend_uml_data {
+   char umid[UML_UMID_LEN+1];    /* umid=<...> unique ID. */
+ };
+ 
+#if 0
+ static void print_vmlinux_command_line (guestfs_h *g, char **argv);
+#endif
+ 
+ /* Run uml_mkcow to create a COW overlay. */
+ static char *
+@@ -81,6 +83,7 @@ create_cow_overlay_uml (guestfs_h *g, void *datav, struct drive *drv)
+   return make_cow_overlay (g, drv->src.u.path);
+ }
+ 
+#if 0
+ /* Test for features which are not supported by the UML backend.
+  * Possibly some of these should just be warnings, not errors.
+  */
+@@ -133,10 +136,17 @@ uml_supported (guestfs_h *g)
+ 
+   return true;
+ }
+#endif
+ 
+ static int
+ launch_uml (guestfs_h *g, void *datav, const char *arg)
+ {
+  error (g,
+	 "launch: In RHEL, only the 'libvirt' or 'direct' method is supported.\n"
+	 "In particular, User-Mode Linux (UML) is not supported.");
+  return -1;
+
+#if 0
+   struct backend_uml_data *data = datav;
+   CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (cmdline);
+   int console_sock = -1, daemon_sock = -1;
+@@ -496,8 +506,10 @@ launch_uml (guestfs_h *g, void *datav, const char *arg)
+   }
+   g->state = CONFIG;
+   return -1;
+#endif
+ }
+ 
+#if 0
+ /* This is called from the forked subprocess just before vmlinux runs,
+  * so it can just print the message straight to stderr, where it will
+  * be picked up and funnelled through the usual appliance event API.
+@@ -527,6 +539,7 @@ print_vmlinux_command_line (guestfs_h *g, char **argv)
+ 
+   fputc ('\n', stderr);
+ }
+#endif
+ 
+ static int
+ shutdown_uml (guestfs_h *g, void *datav, int check_for_errors)
+-- 
+2.31.1
+
--- a/SOURCES/0005-RHEL-8-Reject-use-of-libguestfs-winsupport-features-.patch
+++ b/SOURCES/0005-RHEL-8-Reject-use-of-libguestfs-winsupport-features-.patch
@ -1,13 +1,11 @@
-From 25ff96e2c465766960cbc5ca3918026442dfcc32 Mon Sep 17 00:00:00 2001
+From cb2ac63562447e2780bd7103ed060fd6013b9054 Mon Sep 17 00:00:00 2001
 From: "Richard W.M. Jones" <rjones@redhat.com>
 Date: Tue, 7 Jul 2015 09:28:03 -0400
-Subject: [PATCH] RHEL: Reject use of libguestfs-winsupport features except for
- virt-* tools (RHBZ#1240276).
+Subject: [PATCH] RHEL 8: Reject use of libguestfs-winsupport features except
+ for virt-* tools (RHBZ#1240276).

 Fix the tests: it doesn't let us use guestfish for arbitrary Windows
 edits.
-
-(cherry picked from commit b875668bfa9f596aba2e84999c7c9921f8dcb55e)
 ---
 generator/c.ml                             | 16 ++++++++++++++++
 test-data/phony-guests/make-windows-img.sh |  1 +
@ -15,7 +13,7 @@ edits.
 3 files changed, 19 insertions(+)

 diff --git a/generator/c.ml b/generator/c.ml
-index 447059b8a..0391dd3dd 100644
+index 86d3b26f8..a625361a9 100644
 --- a/generator/c.ml
 +++ b/generator/c.ml
@@ -1846,6 +1846,22 @@ and generate_client_actions actions () =
@ -42,7 +40,7 @@ index 447059b8a..0391dd3dd 100644
      * as a progress bar hint.
      *)
 diff --git a/test-data/phony-guests/make-windows-img.sh b/test-data/phony-guests/make-windows-img.sh
-index 16debd129..1c13ddac3 100755
+index 30908a918..73cf5144e 100755
 --- a/test-data/phony-guests/make-windows-img.sh
 +++ b/test-data/phony-guests/make-windows-img.sh
@@ -37,6 +37,7 @@ fi
@ -54,10 +52,10 @@ index 16debd129..1c13ddac3 100755
 run
 
 diff --git a/tests/charsets/test-charset-fidelity.c b/tests/charsets/test-charset-fidelity.c
-index 105291dc3..5ca4f3b6d 100644
+index 39ccc2068..2b2e2d8a9 100644
 --- a/tests/charsets/test-charset-fidelity.c
 +++ b/tests/charsets/test-charset-fidelity.c
-@@ -96,6 +96,8 @@ main (int argc, char *argv[])
+@@ -94,6 +94,8 @@ main (int argc, char *argv[])
   if (g == NULL)
     error (EXIT_FAILURE, 0, "failed to create handle");
 
@ -67,5 +65,5 @@ index 105291dc3..5ca4f3b6d 100644
     exit (EXIT_FAILURE);
 
 -- 
-2.43.0
+2.31.1

--- a/SOURCES/0006-build-Avoid-warnings-about-unknown-pragmas.patch
+++ b/SOURCES/0006-build-Avoid-warnings-about-unknown-pragmas.patch
@ -0,0 +1,37 @@
+From dbd1eaab6a478cf0c3ea093a56b3d04c29278615 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Tue, 12 Jan 2021 10:23:11 +0000
+Subject: [PATCH] build: Avoid warnings about unknown pragmas.
+
+In commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe we started to
+ignore bogus GCC 11 warnings.  Unfortunately earlier versions of GCC
+don't know about those pragmas so give warnings [hence errors in
+developer builds] like:
+
+tsk.c:75:32: error: unknown option after '#pragma GCC diagnostic' kind [-Werror=pragmas]
+
+Turn off these warnings.
+
+Updates: commit 4bbbf03b8bc266ed2b63c461cd0945250bb134fe
+(cherry picked from commit 812f837c97f48ce0c26a0e02286fb9180c282923)
+---
+ m4/guestfs-c.m4 | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/m4/guestfs-c.m4 b/m4/guestfs-c.m4
+index 25ffea0d9..bbb4db464 100644
+--- a/m4/guestfs-c.m4
+++ b/m4/guestfs-c.m4
+@@ -108,6 +108,9 @@ gl_WARN_ADD([-Wformat-truncation=1])
+ dnl GCC 9 at level 2 gives apparently bogus errors when %.*s is used.
+ gl_WARN_ADD([-Wformat-overflow=1])
+ 
+dnl GCC < 11 gives warnings when disabling GCC 11 warnings.
+gl_WARN_ADD([-Wno-pragmas])
+
+ AC_SUBST([WARN_CFLAGS])
+ 
+ NO_SNV_CFLAGS=
+-- 
+2.31.1
+
--- a/SOURCES/0007-daemon-lvm-Use-lvcreate-yes-to-avoid-interactive-pro.patch
+++ b/SOURCES/0007-daemon-lvm-Use-lvcreate-yes-to-avoid-interactive-pro.patch
@ -0,0 +1,94 @@
+From 22416a2329ec531b9608c21b11ff3d53275fe7a0 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Mon, 22 Feb 2021 10:18:45 +0000
+Subject: [PATCH] daemon: lvm: Use lvcreate --yes to avoid interactive prompts.
+
+See https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930996
+(cherry picked from commit 21cd97732c4973db835b8b6540c8ad582ebd2bda)
+---
+ daemon/lvm.c                     |  2 +-
+ tests/regressions/Makefile.am    |  2 ++
+ tests/regressions/rhbz1930996.sh | 36 ++++++++++++++++++++++++++++++++
+ 3 files changed, 39 insertions(+), 1 deletion(-)
+ create mode 100755 tests/regressions/rhbz1930996.sh
+
+diff --git a/daemon/lvm.c b/daemon/lvm.c
+index 841dc4b6b..72c59c3a1 100644
+--- a/daemon/lvm.c
+++ b/daemon/lvm.c
+@@ -219,7 +219,7 @@ do_lvcreate (const char *logvol, const char *volgroup, int mbytes)
+   snprintf (size, sizeof size, "%d", mbytes);
+ 
+   r = command (NULL, &err,
+-               "lvm", "lvcreate",
+               "lvm", "lvcreate", "--yes",
+                "-L", size, "-n", logvol, volgroup, NULL);
+   if (r == -1) {
+     reply_with_error ("%s", err);
+diff --git a/tests/regressions/Makefile.am b/tests/regressions/Makefile.am
+index ecb0d68a7..c1e0ee8a9 100644
+--- a/tests/regressions/Makefile.am
+++ b/tests/regressions/Makefile.am
+@@ -49,6 +49,7 @@ EXTRA_DIST = \
+ 	rhbz1370424.sh \
+ 	rhbz1370424.xml \
+ 	rhbz1477623.sh \
+	rhbz1930996.sh \
+ 	test-noexec-stack.pl
+ 
+ TESTS = \
+@@ -79,6 +80,7 @@ TESTS = \
+ 	rhbz1285847.sh \
+ 	rhbz1370424.sh \
+ 	rhbz1477623.sh \
+	rhbz1930996.sh \
+ 	test-big-heap \
+ 	test-noexec-stack.pl \
+ 	$(SLOW_TESTS)
+diff --git a/tests/regressions/rhbz1930996.sh b/tests/regressions/rhbz1930996.sh
+new file mode 100755
+index 000000000..27089beaa
+--- /dev/null
+++ b/tests/regressions/rhbz1930996.sh
+@@ -0,0 +1,36 @@
+#!/bin/bash -
+# libguestfs
+# Copyright (C) 2017-2021 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+# Regression test for:
+# https://bugzilla.redhat.com/show_bug.cgi?id=1930996#c1
+#
+# Actually a bug/change in LVM, previously we failed to create an LV
+# if the underlying disk contained a filesystem signature.
+
+set -e
+
+$TEST_FUNCTIONS
+skip_if_skipped
+skip_unless_phony_guest fedora.img
+
+f=rhbz1930996.img
+rm -f $f
+
+guestfish -N $f=lvfs vgremove VG : vgcreate VG /dev/sda1 : lvcreate LV2 VG 100
+
+rm $f
+-- 
+2.31.1
+
--- a/SOURCES/0008-inspection-More-reliable-detection-of-Linux-split-us.patch
+++ b/SOURCES/0008-inspection-More-reliable-detection-of-Linux-split-us.patch
@ -0,0 +1,113 @@
+From e1b339688e5f8f2a14fe0c7e9d02ad68004e4655 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 15 Apr 2021 09:18:22 +0100
+Subject: [PATCH] inspection: More reliable detection of Linux split /usr
+ configurations
+
+In RHEL 8+, /usr/etc no longer exists.  Since we were looking for this
+directory in order to detect a separate /usr partition, those were no
+longer detected, so the merging of /usr data into the root was not
+being done.  The result was incomplete inspection data and failure of
+virt-v2v.
+
+All Linux systems since forever have had /usr/src but not /src, so
+detect this instead.
+
+Furthermore the merging code didn't work, because we expected that the
+root filesystem had a distro assigned, but in this configuration we
+may need to look for that information in /usr/lib/os-release (not on
+the root filesystem).  This change makes the merging work even if we
+have incomplete information about the root filesystem, so long as we
+have an /etc/fstab entry pointing to the /usr mountpoint.
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1949683
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1930133
+Fixes: commit 394d11be49121884295e61964ed47f5a8488c252
+(cherry picked from commit 26427b9ecc64e7e5e53a1d577cef9dc080d08877)
+---
+ daemon/inspect.ml    | 33 +++++++++++++++------------------
+ daemon/inspect_fs.ml |  6 +++---
+ 2 files changed, 18 insertions(+), 21 deletions(-)
+
+diff --git a/daemon/inspect.ml b/daemon/inspect.ml
+index 945a476f6..fb75b4a6c 100644
+--- a/daemon/inspect.ml
+++ b/daemon/inspect.ml
+@@ -182,11 +182,9 @@ and check_for_duplicated_bsd_root fses =
+ and collect_linux_inspection_info fses =
+   List.map (
+     function
+-    | { role = RoleRoot { distro = Some d } } as root ->
+-       if d <> DISTRO_COREOS then
+-         collect_linux_inspection_info_for fses root
+-       else
+-         root
+    | { role = RoleRoot { distro = Some DISTRO_COREOS } } as root -> root
+    | { role = RoleRoot _ } as root ->
+       collect_linux_inspection_info_for fses root
+     | fs -> fs
+   ) fses
+ 
+@@ -196,29 +194,28 @@ and collect_linux_inspection_info fses =
+  * or other ways to identify the OS).
+  *)
+ and collect_linux_inspection_info_for fses root =
+-  let root_distro, root_fstab =
+  let root_fstab =
+     match root with
+-    | { role = RoleRoot { distro = Some d; fstab = f } } -> d, f
+    | { role = RoleRoot { fstab = f } } -> f
+     | _ -> assert false in
+ 
+   try
+     let usr =
+       List.find (
+         function
+-        | { role = RoleUsr { distro = d } }
+-             when d = Some root_distro || d = None -> true
+        | { role = RoleUsr _; fs_location = usr_mp } ->
+           (* This checks that this usr is found in the fstab of
+            * the root filesystem.
+            *)
+           List.exists (
+             fun (mountable, _) ->
+               usr_mp.mountable = mountable
+           ) root_fstab
+         | _ -> false
+       ) fses in
+ 
+-    let usr_mountable = usr.fs_location.mountable in
+-
+-    (* This checks that [usr] is found in the fstab of the root
+-     * filesystem.  If not, [Not_found] is thrown.
+-     *)
+-    ignore (
+-      List.find (fun (mountable, _) -> usr_mountable = mountable) root_fstab
+-    );
+-
+    eprintf "collect_linux_inspection_info_for: merging:\n%sinto:\n%s"
+      (string_of_fs usr) (string_of_fs root);
+     merge usr root;
+     root
+   with
+diff --git a/daemon/inspect_fs.ml b/daemon/inspect_fs.ml
+index 6e00c7083..02b5a0470 100644
+--- a/daemon/inspect_fs.ml
+++ b/daemon/inspect_fs.ml
+@@ -164,10 +164,10 @@ and check_filesystem mountable =
+     ()
+   )
+   (* Linux /usr? *)
+-  else if Is.is_dir "/etc" &&
+-          Is.is_dir "/bin" &&
+-          Is.is_dir "/share" &&
+  else if Is.is_dir "/bin" &&
+           Is.is_dir "/local" &&
+          Is.is_dir "/share" &&
+          Is.is_dir "/src" &&
+           not (Is.is_file "/etc/fstab") then (
+     debug_matching "Linux /usr";
+     role := `Usr;
+-- 
+2.31.1
+
--- a/SOURCES/0009-lib-Autodetect-backing-format-for-qemu-img-create-b.patch
+++ b/SOURCES/0009-lib-Autodetect-backing-format-for-qemu-img-create-b.patch
@ -0,0 +1,49 @@
+From 791a16b049ea1ce2c450acd367fce774d9aab5b1 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Tue, 31 Aug 2021 08:27:15 +0100
+Subject: [PATCH] lib: Autodetect backing format for qemu-img create -b
+
+qemu 6.1 has decided to change qemu-img create so that a backing
+format (-F) is required if a backing file (-b) is specified.  Since we
+don't want to change the libguestfs API to force callers to specify
+this because that would be an API break, autodetect it.
+
+This is similar to commit c8c181e8d9 ("launch: libvirt: Autodetect
+backing format for readonly drive overlays").
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1998820
+(cherry picked from commit 45de287447bb18d59749fbfc1ec5072413090109)
+---
+ lib/create.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/lib/create.c b/lib/create.c
+index 44a7df25f..75a4d3a28 100644
+--- a/lib/create.c
+++ b/lib/create.c
+@@ -255,6 +255,7 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
+                    const struct guestfs_disk_create_argv *optargs)
+ {
+   const char *backingformat = NULL;
+  CLEANUP_FREE char *backingformat_free = NULL;
+   const char *preallocation = NULL;
+   const char *compat = NULL;
+   int clustersize = -1;
+@@ -270,6 +271,14 @@ disk_create_qcow2 (guestfs_h *g, const char *filename, int64_t size,
+       return -1;
+     }
+   }
+  else if (backingfile) {
+    /* Since qemu 6.1, qemu-img create has requires a backing format (-F)
+     * parameter if backing file (-b) is used (RHBZ#1998820).
+     */
+    backingformat = backingformat_free = guestfs_disk_format (g, backingfile);
+    if (!backingformat)
+      return -1;
+  }
+   if (optargs->bitmask & GUESTFS_DISK_CREATE_PREALLOCATION_BITMASK) {
+     if (STREQ (optargs->preallocation, "off") ||
+         STREQ (optargs->preallocation, "sparse"))
+-- 
+2.31.1
+
--- a/SOURCES/0010-daemon-chroot-Fix-long-standing-possible-deadlock.patch
+++ b/SOURCES/0010-daemon-chroot-Fix-long-standing-possible-deadlock.patch
@ -0,0 +1,44 @@
+From 3435938f43ca3737ec1d73da4d8cad756b5c9508 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Fri, 26 Mar 2021 16:04:43 +0000
+Subject: [PATCH] daemon: chroot: Fix long-standing possible deadlock.
+
+The child (chrooted) process wrote its answer on the pipe and then
+exited.  Meanwhile the parent waiting for the child to exit before
+reading from the pipe.  Thus if the output was larger than a Linux
+pipebuffer then the whole thing would deadlock.
+
+(cherry picked from commit 94e64b28bee3b8dc7ed354a366d6a8f7ba5f245c)
+---
+ daemon/chroot.ml | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/daemon/chroot.ml b/daemon/chroot.ml
+index 5e856c91f..7da8ae29e 100644
+--- a/daemon/chroot.ml
+++ b/daemon/chroot.ml
+@@ -62,6 +62,10 @@ let f t func arg =
+   (* Parent. *)
+   close wfd;
+ 
+  let chan = in_channel_of_descr rfd in
+  let ret = input_value chan in
+  close_in chan;
+
+   let _, status = waitpid [] pid in
+   (match status with
+    | WEXITED 0 -> ()
+@@ -76,10 +80,6 @@ let f t func arg =
+       failwithf "chroot ‘%s’ stopped by signal %d" t.name i
+   );
+ 
+-  let chan = in_channel_of_descr rfd in
+-  let ret = input_value chan in
+-  close_in chan;
+-
+   match ret with
+   | Either ret -> ret
+   | Or exn -> raise exn
+-- 
+2.31.1
+
--- a/SOURCES/0011-inspection-Fix-inspection-of-recent-RPM-guests-using.patch
+++ b/SOURCES/0011-inspection-Fix-inspection-of-recent-RPM-guests-using.patch
--- a/SOURCES/0012-inspection-Return-RPM-epoch.patch
+++ b/SOURCES/0012-inspection-Return-RPM-epoch.patch
@ -0,0 +1,36 @@
+From 3ce392c9870a589cc50d2270fcf07b4d129c3dc3 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Sat, 27 Mar 2021 09:31:00 +0000
+Subject: [PATCH] inspection: Return RPM epoch.
+
+Fixes: commit c9ee831affed55abe0f928134cbbd2ed83b2f510
+(cherry picked from commit fef73bce7eec0ce0753a2e150e4e088020d38643)
+---
+ daemon/rpm-c.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/daemon/rpm-c.c b/daemon/rpm-c.c
+index 92a3abf58..be0e81e22 100644
+--- a/daemon/rpm-c.c
+++ b/daemon/rpm-c.c
+@@ -108,13 +108,16 @@ guestfs_int_daemon_rpm_next_application (value unitv)
+ 
+   h = headerLink (h);
+   app.app2_name = headerFormat (h, "%{NAME}", NULL);
+-  // XXXapp.app2_epoch = headerFormat (h, "%{NAME}", NULL);
+   app.app2_version = headerFormat (h, "%{VERSION}", NULL);
+   app.app2_release = headerFormat (h, "%{RELEASE}", NULL);
+   app.app2_arch = headerFormat (h, "%{ARCH}", NULL);
+   app.app2_url = headerFormat (h, "%{URL}", NULL);
+   app.app2_summary = headerFormat (h, "%{SUMMARY}", NULL);
+   app.app2_description = headerFormat (h, "%{DESCRIPTION}", NULL);
+
+  /* epoch is special as the only int field. */
+  app.app2_epoch = headerGetNumber (h, RPMTAG_EPOCH);
+
+   headerFree (h);
+ 
+   /* Convert this to an OCaml struct.  Any NULL fields must be turned
+-- 
+2.31.1
+
--- a/SOURCES/0013-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
+++ b/SOURCES/0013-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
--- a/SOURCES/0014-po-POTFILES-Fix-list-of-files-for-translation.patch
+++ b/SOURCES/0014-po-POTFILES-Fix-list-of-files-for-translation.patch
@ -0,0 +1,34 @@
+From 9664527c107d04aab416be87cc4fcd76dcbe5927 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Mon, 29 Mar 2021 18:25:13 +0100
+Subject: [PATCH] po/POTFILES: Fix list of files for translation.
+
+Fixes: commit c9ee831affed55abe0f928134cbbd2ed83b2f510
+(cherry picked from commit df983200d76bac37c811fbd2fb67e7ebe830e759)
+---
+ po/POTFILES | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/po/POTFILES b/po/POTFILES
+index 0782e8ceb..fdc6e8062 100644
+--- a/po/POTFILES
+++ b/po/POTFILES
+@@ -128,6 +128,7 @@ daemon/pingdaemon.c
+ daemon/proto.c
+ daemon/readdir.c
+ daemon/rename.c
+daemon/rpm-c.c
+ daemon/rsync.c
+ daemon/scrub.c
+ daemon/selinux-relabel.c
+@@ -353,7 +354,6 @@ lib/command.c
+ lib/conn-socket.c
+ lib/copy-in-out.c
+ lib/create.c
+-lib/dbdump.c
+ lib/drives.c
+ lib/errors.c
+ lib/event-string.c
+-- 
+2.31.1
+
--- a/SOURCES/0015-m4-guestfs-find-db-tool.m4-Remove-unused-file.patch
+++ b/SOURCES/0015-m4-guestfs-find-db-tool.m4-Remove-unused-file.patch
@ -0,0 +1,64 @@
+From 083856d9f9c8fccc629bf0f3a5237d26434c8940 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Mon, 29 Mar 2021 18:35:48 +0100
+Subject: [PATCH] m4/guestfs-find-db-tool.m4: Remove unused file.
+
+Fixes: commit 42e5e7cfdbca01b2e9bd50c63a9fc65b6da9192f
+(cherry picked from commit 8317279c3539562ebad9de13c7ac515dded74e4d)
+---
+ m4/guestfs-find-db-tool.m4 | 43 --------------------------------------
+ 1 file changed, 43 deletions(-)
+ delete mode 100644 m4/guestfs-find-db-tool.m4
+
+diff --git a/m4/guestfs-find-db-tool.m4 b/m4/guestfs-find-db-tool.m4
+deleted file mode 100644
+index b404148c6..000000000
+--- a/m4/guestfs-find-db-tool.m4
+++ /dev/null
+@@ -1,43 +0,0 @@
+-# libguestfs
+-# Copyright (C) 2014 Red Hat Inc.
+-#
+-# This program is free software; you can redistribute it and/or modify
+-# it under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2 of the License, or
+-# (at your option) any later version.
+-#
+-# This program is distributed in the hope that it will be useful,
+-# but WITHOUT ANY WARRANTY; without even the implied warranty of
+-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-# GNU General Public License for more details.
+-#
+-# You should have received a copy of the GNU General Public License
+-# along with this program; if not, write to the Free Software
+-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+-
+-AC_DEFUN([GUESTFS_FIND_DB_TOOL],[
+-    pushdef([VARIABLE],$1)
+-    TOOL=$2
+-
+-    db_tool_name="db_$TOOL"
+-    db_versions="53 5.3 5.2 5.1 4.8 4.7 4.6"
+-    db_tool_patterns="dbX_$TOOL dbX.Y_$TOOL"
+-    db_tool_patterns="dbX_$TOOL db_$TOOL-X dbX.Y_$TOOL db_$TOOL-X.Y"
+-
+-    AC_ARG_VAR(VARIABLE, [Absolute path to $db_tool_name executable])
+-
+-    AS_IF(test -z "$VARIABLE", [
+-        exe_list="db_$TOOL"
+-        for ver in $db_versions ; do
+-            ver_maj=`echo $ver | cut -d. -f1`
+-            ver_min=`echo $ver | cut -d. -f2`
+-            for pattern in $db_tool_patterns ; do
+-                exe=`echo "$pattern" | sed -e "s/X/$ver_maj/g;s/Y/$ver_min/g"`
+-                exe_list="$exe_list $exe"
+-            done
+-        done
+-        AC_PATH_PROGS([]VARIABLE[], [$exe_list], [no])
+-    ])
+-
+-    popdef([VARIABLE])
+-])
+-- 
+2.31.1
+
--- a/SOURCES/0016-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
+++ b/SOURCES/0016-test-data-phony-guests-Fix-phony-RPM-database-fix-vi.patch
@ -0,0 +1,474 @@
+From f8ccce2c7a0c1323e0721f503322df525dd5b139 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Mon, 29 Mar 2021 12:22:12 +0100
+Subject: [PATCH] test-data/phony-guests: Fix phony RPM database, fix
+ virt-inspector test.
+
+libguestfs 1.45.3 now reads the RPM database using librpm, which means
+our old phony database created by db_dump can no longer work.  Instead
+provide a real (but very minimal) sqlite database.
+
+This commit also fixes the virt-inspector test since the RPM database
+contents are now different.
+
+(cherry picked from commit 46bf6fb473889ed28bd7220476120edcda47ae07)
+---
+ inspector/expected-fedora-luks.img.xml | 208 +++++++++++++++++++++++--
+ inspector/expected-fedora.img.xml      | 208 +++++++++++++++++++++++--
+ 2 files changed, 398 insertions(+), 18 deletions(-)
+
+diff --git a/inspector/expected-fedora-luks.img.xml b/inspector/expected-fedora-luks.img.xml
+index df6060a73..72cddaf88 100644
+--- a/inspector/expected-fedora-luks.img.xml
+++ b/inspector/expected-fedora-luks.img.xml
+@@ -30,22 +30,212 @@
+     </filesystems>
+     <applications>
+       <application>
+-        <name>test1</name>
+-        <version>1.0</version>
+-        <release>1.fc14</release>
+        <name>basesystem</name>
+        <version>11</version>
+        <release>10.fc33</release>
+        <arch>noarch</arch>
+        <url>(none)</url>
+        <summary>The skeleton package which defines a simple Fedora system</summary>
+        <description>Basesystem defines the components of a basic Fedora system
+(for example, the package installation order to use during bootstrapping).
+Basesystem should be in every installation of a system, and it
+should never be removed.</description>
+      </application>
+      <application>
+        <name>bash</name>
+        <version>5.0.17</version>
+        <release>2.fc33</release>
+        <arch>x86_64</arch>
+        <url>https://www.gnu.org/software/bash</url>
+        <summary>The GNU Bourne Again shell</summary>
+        <description>The GNU Bourne Again shell (Bash) is a shell or command language
+interpreter that is compatible with the Bourne shell (sh). Bash
+incorporates useful features from the Korn shell (ksh) and the C shell
+(csh). Most sh scripts can be run by bash without modification.</description>
+      </application>
+      <application>
+        <name>fedora-gpg-keys</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora RPM keys</summary>
+        <description>This package provides the RPM signature keys.</description>
+      </application>
+      <application>
+        <name>fedora-release</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora release files</summary>
+        <description>Fedora release files such as various /etc/ files that define the release
+and systemd preset files that determine which services are enabled by default.</description>
+      </application>
+      <application>
+        <name>fedora-release-common</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora release files</summary>
+        <description>Release files common to all Editions and Spins of Fedora</description>
+      </application>
+      <application>
+        <name>fedora-release-identity-basic</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Package providing the basic Fedora identity</summary>
+        <description>Provides the necessary files for a Fedora installation that is not identifying
+itself as a particular Edition or Spin.</description>
+      </application>
+      <application>
+        <name>fedora-repos</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora package repositories</summary>
+        <description>Fedora package repository files for yum and dnf along with gpg public keys.</description>
+      </application>
+      <application>
+        <name>filesystem</name>
+        <version>3.14</version>
+        <release>3.fc33</release>
+        <arch>x86_64</arch>
+        <url>https://pagure.io/filesystem</url>
+        <summary>The basic directory layout for a Linux system</summary>
+        <description>The filesystem package is one of the basic packages that is installed
+on a Linux system. Filesystem contains the basic directory layout
+for a Linux operating system, including the correct permissions for
+the directories.</description>
+      </application>
+      <application>
+        <name>glibc</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+        <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>The GNU libc libraries</summary>
+        <description>The glibc package contains standard libraries which are used by
+multiple programs on the system. In order to save disk space and
+memory, as well as to make upgrading easier, common system code is
+kept in one place and shared between programs. This particular package
+contains the most important sets of shared libraries: the standard C
+library and the standard math library. Without these two libraries, a
+Linux system will not function.</description>
+      </application>
+      <application>
+        <name>glibc-all-langpacks</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+        <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>All language packs for glibc.</summary>
+      </application>
+      <application>
+        <name>glibc-common</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+         <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>Common binaries and locale data for glibc</summary>
+        <description>The glibc-common package includes common binaries for the GNU libc
+libraries, as well as national language (locale) support.</description>
+       </application>
+       <application>
+-        <name>test2</name>
+-        <version>2.0</version>
+-        <release>2.fc14</release>
+        <name>gpg-pubkey</name>
+        <version>9570ff31</version>
+        <release>5e3006fb</release>
+        <arch>(none)</arch>
+        <url>(none)</url>
+        <summary>Fedora (33) &lt;fedora-33-primary@fedoraproject.org&gt; public key</summary>
+        <description>-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: rpm-4.16.1.2 (NSS-3)
+
+mQINBF4wBvsBEADQmcGbVUbDRUoXADReRmOOEMeydHghtKC9uRs9YNpGYZIB+bie
+bGYZmflQayfh/wEpO2W/IZfGpHPL42V7SbyvqMjwNls/fnXsCtf4LRofNK8Qd9fN
+kYargc9R7BEz/mwXKMiRQVx+DzkmqGWy2gq4iD0/mCyf5FdJCE40fOWoIGJXaOI1
+Tz1vWqKwLS5T0dfmi9U4Tp/XsKOZGvN8oi5h0KmqFk7LEZr1MXarhi2Va86sgxsF
+QcZEKfu5tgD0r00vXzikoSjn3qA5JW5FW07F1pGP4bF5f9J3CZbQyOjTSWMmmfTm
+2d2BURWzaDiJN9twY2yjzkoOMuPdXXvovg7KxLcQerKT+FbKbq8DySJX2rnOA77k
+UG4c9BGf/L1uBkAT8dpHLk6Uf5BfmypxUkydSWT1xfTDnw1MqxO0MsLlAHOR3J7c
+oW9kLcOLuCQn1hBEwfZv7VSWBkGXSmKfp0LLIxAFgRtv+Dh+rcMMRdJgKr1V3FU+
+rZ1+ZAfYiBpQJFPjv70vx+rGEgS801D3PJxBZUEy4Ic4ZYaKNhK9x9PRQuWcIBuW
+6eTe/6lKWZeyxCumLLdiS75mF2oTcBaWeoc3QxrPRV15eDKeYJMbhnUai/7lSrhs
+EWCkKR1RivgF4slYmtNE5ZPGZ/d61zjwn2xi4xNJVs8q9WRPMpHp0vCyMwARAQAB
+tDFGZWRvcmEgKDMzKSA8ZmVkb3JhLTMzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQI4BBMBAgAiBQJeMAb7AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
+CRBJ/XdJlXD/MZm2D/9kriL43vd3+0DNMeA82n2v9mSR2PQqKny39xNlYPyy/1yZ
+P/KXoa4NYSCA971LSd7lv4n/h5bEKgGHxZfttfOzOnWMVSSTfjRyM/df/NNzTUEV
+7ORA5GW18g8PEtS7uRxVBf3cLvWu5q+8jmqES5HqTAdGVcuIFQeBXFN8Gy1Jinuz
+AH8rJSdkUeZ0cehWbERq80BWM9dhad5dW+/+Gv0foFBvP15viwhWqajr8V0B8es+
+2/tHI0k86FAujV5i0rrXl5UOoLilO57QQNDZH/qW9GsHwVI+2yecLstpUNLq+EZC
+GqTZCYoxYRpl0gAMbDLztSL/8Bc0tJrCRG3tavJotFYlgUK60XnXlQzRkh9rgsfT
+EXbQifWdQMMogzjCJr0hzJ+V1d0iozdUxB2ZEgTjukOvatkB77DY1FPZRkSFIQs+
+fdcjazDIBLIxwJu5QwvTNW8lOLnJ46g4sf1WJoUdNTbR0BaC7HHj1inVWi0p7IuN
+66EPGzJOSjLK+vW+J0ncPDEgLCV74RF/0nR5fVTdrmiopPrzFuguHf9S9gYI3Zun
+Yl8FJUu4kRO6JPPTicUXWX+8XZmE94aK14RCJL23nOSi8T1eW8JLW43dCBRO8QUE
+Aso1t2pypm/1zZexJdOV8yGME3g5l2W6PLgpz58DBECgqc/kda+VWgEAp7rO2A==
+=EPL3
+-----END PGP PUBLIC KEY BLOCK-----
+</description>
+      </application>
+      <application>
+        <name>libgcc</name>
+        <version>10.2.1</version>
+        <release>9.fc33</release>
+         <arch>x86_64</arch>
+        <url>http://gcc.gnu.org</url>
+        <summary>GCC version 10 shared support library</summary>
+        <description>This package contains GCC shared support library which is needed
+e.g. for exception handling support.</description>
+      </application>
+      <application>
+        <name>ncurses-base</name>
+        <version>6.2</version>
+        <release>3.20200222.fc33</release>
+        <arch>noarch</arch>
+        <url>https://invisible-island.net/ncurses/ncurses.html</url>
+        <summary>Descriptions of common terminals</summary>
+        <description>This package contains descriptions of common terminals. Other terminal
+descriptions are included in the ncurses-term package.</description>
+       </application>
+       <application>
+-        <name>test3</name>
+-        <version>3.0</version>
+-        <release>3.fc14</release>
+        <name>ncurses-libs</name>
+        <version>6.2</version>
+        <release>3.20200222.fc33</release>
+         <arch>x86_64</arch>
+        <url>https://invisible-island.net/ncurses/ncurses.html</url>
+        <summary>Ncurses libraries</summary>
+        <description>The curses library routines are a terminal-independent method of
+updating character screens with reasonable optimization.  The ncurses
+(new curses) library is a freely distributable replacement for the
+discontinued 4.4 BSD classic curses library.
+
+This package contains the ncurses libraries.</description>
+      </application>
+      <application>
+        <name>setup</name>
+        <version>2.13.7</version>
+        <release>2.fc33</release>
+        <arch>noarch</arch>
+        <url>https://pagure.io/setup/</url>
+        <summary>A set of system configuration and setup files</summary>
+        <description>The setup package contains a set of important system configuration and
+setup files, such as passwd, group, and profile.</description>
+      </application>
+      <application>
+        <name>tzdata</name>
+        <version>2021a</version>
+        <release>1.fc33</release>
+        <arch>noarch</arch>
+        <url>https://www.iana.org/time-zones</url>
+        <summary>Timezone data</summary>
+        <description>This package contains data files with rules for various timezones around
+the world.</description>
+       </application>
+     </applications>
+   </operatingsystem>
+diff --git a/inspector/expected-fedora.img.xml b/inspector/expected-fedora.img.xml
+index df6060a73..72cddaf88 100644
+--- a/inspector/expected-fedora.img.xml
+++ b/inspector/expected-fedora.img.xml
+@@ -30,22 +30,212 @@
+     </filesystems>
+     <applications>
+       <application>
+-        <name>test1</name>
+-        <version>1.0</version>
+-        <release>1.fc14</release>
+        <name>basesystem</name>
+        <version>11</version>
+        <release>10.fc33</release>
+        <arch>noarch</arch>
+        <url>(none)</url>
+        <summary>The skeleton package which defines a simple Fedora system</summary>
+        <description>Basesystem defines the components of a basic Fedora system
+(for example, the package installation order to use during bootstrapping).
+Basesystem should be in every installation of a system, and it
+should never be removed.</description>
+      </application>
+      <application>
+        <name>bash</name>
+        <version>5.0.17</version>
+        <release>2.fc33</release>
+        <arch>x86_64</arch>
+        <url>https://www.gnu.org/software/bash</url>
+        <summary>The GNU Bourne Again shell</summary>
+        <description>The GNU Bourne Again shell (Bash) is a shell or command language
+interpreter that is compatible with the Bourne shell (sh). Bash
+incorporates useful features from the Korn shell (ksh) and the C shell
+(csh). Most sh scripts can be run by bash without modification.</description>
+      </application>
+      <application>
+        <name>fedora-gpg-keys</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora RPM keys</summary>
+        <description>This package provides the RPM signature keys.</description>
+      </application>
+      <application>
+        <name>fedora-release</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora release files</summary>
+        <description>Fedora release files such as various /etc/ files that define the release
+and systemd preset files that determine which services are enabled by default.</description>
+      </application>
+      <application>
+        <name>fedora-release-common</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora release files</summary>
+        <description>Release files common to all Editions and Spins of Fedora</description>
+      </application>
+      <application>
+        <name>fedora-release-identity-basic</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Package providing the basic Fedora identity</summary>
+        <description>Provides the necessary files for a Fedora installation that is not identifying
+itself as a particular Edition or Spin.</description>
+      </application>
+      <application>
+        <name>fedora-repos</name>
+        <version>33</version>
+        <release>3</release>
+        <arch>noarch</arch>
+        <url>https://fedoraproject.org/</url>
+        <summary>Fedora package repositories</summary>
+        <description>Fedora package repository files for yum and dnf along with gpg public keys.</description>
+      </application>
+      <application>
+        <name>filesystem</name>
+        <version>3.14</version>
+        <release>3.fc33</release>
+        <arch>x86_64</arch>
+        <url>https://pagure.io/filesystem</url>
+        <summary>The basic directory layout for a Linux system</summary>
+        <description>The filesystem package is one of the basic packages that is installed
+on a Linux system. Filesystem contains the basic directory layout
+for a Linux operating system, including the correct permissions for
+the directories.</description>
+      </application>
+      <application>
+        <name>glibc</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+        <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>The GNU libc libraries</summary>
+        <description>The glibc package contains standard libraries which are used by
+multiple programs on the system. In order to save disk space and
+memory, as well as to make upgrading easier, common system code is
+kept in one place and shared between programs. This particular package
+contains the most important sets of shared libraries: the standard C
+library and the standard math library. Without these two libraries, a
+Linux system will not function.</description>
+      </application>
+      <application>
+        <name>glibc-all-langpacks</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+        <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>All language packs for glibc.</summary>
+      </application>
+      <application>
+        <name>glibc-common</name>
+        <version>2.32</version>
+        <release>4.fc33</release>
+         <arch>x86_64</arch>
+        <url>http://www.gnu.org/software/glibc/</url>
+        <summary>Common binaries and locale data for glibc</summary>
+        <description>The glibc-common package includes common binaries for the GNU libc
+libraries, as well as national language (locale) support.</description>
+       </application>
+       <application>
+-        <name>test2</name>
+-        <version>2.0</version>
+-        <release>2.fc14</release>
+        <name>gpg-pubkey</name>
+        <version>9570ff31</version>
+        <release>5e3006fb</release>
+        <arch>(none)</arch>
+        <url>(none)</url>
+        <summary>Fedora (33) &lt;fedora-33-primary@fedoraproject.org&gt; public key</summary>
+        <description>-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: rpm-4.16.1.2 (NSS-3)
+
+mQINBF4wBvsBEADQmcGbVUbDRUoXADReRmOOEMeydHghtKC9uRs9YNpGYZIB+bie
+bGYZmflQayfh/wEpO2W/IZfGpHPL42V7SbyvqMjwNls/fnXsCtf4LRofNK8Qd9fN
+kYargc9R7BEz/mwXKMiRQVx+DzkmqGWy2gq4iD0/mCyf5FdJCE40fOWoIGJXaOI1
+Tz1vWqKwLS5T0dfmi9U4Tp/XsKOZGvN8oi5h0KmqFk7LEZr1MXarhi2Va86sgxsF
+QcZEKfu5tgD0r00vXzikoSjn3qA5JW5FW07F1pGP4bF5f9J3CZbQyOjTSWMmmfTm
+2d2BURWzaDiJN9twY2yjzkoOMuPdXXvovg7KxLcQerKT+FbKbq8DySJX2rnOA77k
+UG4c9BGf/L1uBkAT8dpHLk6Uf5BfmypxUkydSWT1xfTDnw1MqxO0MsLlAHOR3J7c
+oW9kLcOLuCQn1hBEwfZv7VSWBkGXSmKfp0LLIxAFgRtv+Dh+rcMMRdJgKr1V3FU+
+rZ1+ZAfYiBpQJFPjv70vx+rGEgS801D3PJxBZUEy4Ic4ZYaKNhK9x9PRQuWcIBuW
+6eTe/6lKWZeyxCumLLdiS75mF2oTcBaWeoc3QxrPRV15eDKeYJMbhnUai/7lSrhs
+EWCkKR1RivgF4slYmtNE5ZPGZ/d61zjwn2xi4xNJVs8q9WRPMpHp0vCyMwARAQAB
+tDFGZWRvcmEgKDMzKSA8ZmVkb3JhLTMzLXByaW1hcnlAZmVkb3JhcHJvamVjdC5v
+cmc+iQI4BBMBAgAiBQJeMAb7AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK
+CRBJ/XdJlXD/MZm2D/9kriL43vd3+0DNMeA82n2v9mSR2PQqKny39xNlYPyy/1yZ
+P/KXoa4NYSCA971LSd7lv4n/h5bEKgGHxZfttfOzOnWMVSSTfjRyM/df/NNzTUEV
+7ORA5GW18g8PEtS7uRxVBf3cLvWu5q+8jmqES5HqTAdGVcuIFQeBXFN8Gy1Jinuz
+AH8rJSdkUeZ0cehWbERq80BWM9dhad5dW+/+Gv0foFBvP15viwhWqajr8V0B8es+
+2/tHI0k86FAujV5i0rrXl5UOoLilO57QQNDZH/qW9GsHwVI+2yecLstpUNLq+EZC
+GqTZCYoxYRpl0gAMbDLztSL/8Bc0tJrCRG3tavJotFYlgUK60XnXlQzRkh9rgsfT
+EXbQifWdQMMogzjCJr0hzJ+V1d0iozdUxB2ZEgTjukOvatkB77DY1FPZRkSFIQs+
+fdcjazDIBLIxwJu5QwvTNW8lOLnJ46g4sf1WJoUdNTbR0BaC7HHj1inVWi0p7IuN
+66EPGzJOSjLK+vW+J0ncPDEgLCV74RF/0nR5fVTdrmiopPrzFuguHf9S9gYI3Zun
+Yl8FJUu4kRO6JPPTicUXWX+8XZmE94aK14RCJL23nOSi8T1eW8JLW43dCBRO8QUE
+Aso1t2pypm/1zZexJdOV8yGME3g5l2W6PLgpz58DBECgqc/kda+VWgEAp7rO2A==
+=EPL3
+-----END PGP PUBLIC KEY BLOCK-----
+</description>
+      </application>
+      <application>
+        <name>libgcc</name>
+        <version>10.2.1</version>
+        <release>9.fc33</release>
+         <arch>x86_64</arch>
+        <url>http://gcc.gnu.org</url>
+        <summary>GCC version 10 shared support library</summary>
+        <description>This package contains GCC shared support library which is needed
+e.g. for exception handling support.</description>
+      </application>
+      <application>
+        <name>ncurses-base</name>
+        <version>6.2</version>
+        <release>3.20200222.fc33</release>
+        <arch>noarch</arch>
+        <url>https://invisible-island.net/ncurses/ncurses.html</url>
+        <summary>Descriptions of common terminals</summary>
+        <description>This package contains descriptions of common terminals. Other terminal
+descriptions are included in the ncurses-term package.</description>
+       </application>
+       <application>
+-        <name>test3</name>
+-        <version>3.0</version>
+-        <release>3.fc14</release>
+        <name>ncurses-libs</name>
+        <version>6.2</version>
+        <release>3.20200222.fc33</release>
+         <arch>x86_64</arch>
+        <url>https://invisible-island.net/ncurses/ncurses.html</url>
+        <summary>Ncurses libraries</summary>
+        <description>The curses library routines are a terminal-independent method of
+updating character screens with reasonable optimization.  The ncurses
+(new curses) library is a freely distributable replacement for the
+discontinued 4.4 BSD classic curses library.
+
+This package contains the ncurses libraries.</description>
+      </application>
+      <application>
+        <name>setup</name>
+        <version>2.13.7</version>
+        <release>2.fc33</release>
+        <arch>noarch</arch>
+        <url>https://pagure.io/setup/</url>
+        <summary>A set of system configuration and setup files</summary>
+        <description>The setup package contains a set of important system configuration and
+setup files, such as passwd, group, and profile.</description>
+      </application>
+      <application>
+        <name>tzdata</name>
+        <version>2021a</version>
+        <release>1.fc33</release>
+        <arch>noarch</arch>
+        <url>https://www.iana.org/time-zones</url>
+        <summary>Timezone data</summary>
+        <description>This package contains data files with rules for various timezones around
+the world.</description>
+       </application>
+     </applications>
+   </operatingsystem>
+-- 
+2.31.1
+
--- a/SOURCES/0017-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch
+++ b/SOURCES/0017-launch-libvirt-place-our-virtio-net-pci-device-in-sl.patch
@ -0,0 +1,65 @@
+From 6657d0c1018ab44ae680376463ac3f0421548fb4 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Thu, 23 Dec 2021 11:36:59 +0100
+Subject: [PATCH] launch-libvirt: place our virtio-net-pci device in slot 0x1e
+
+The <qemu:commandline> trick we use for adding our virtio-net-pci device
+in the libvirt backend can conflict with libvirtd's and QEMU's PCI address
+assignment. Try to mitigate that by placing our device in slot 0x1e on the
+root bus. In practice this could only conflict with a "dmi-to-pci-bridge"
+device model, which libvirtd itself places in slot 0x1e. However, given
+the XMLs we generate, and modern QEMU versions, libvirtd has no reason to
+auto-add "dmi-to-pci-bridge". Refer to
+<https://libvirt.org/formatdomain.html#controllers>.
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Message-Id: <20211223103701.12702-2-lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+Tested-by: Richard W.M. Jones <rjones@redhat.com>
+(cherry picked from commit 5ce5ef6a97a58c5e906083ad4e944545712b3f3f)
+---
+ lib/guestfs-internal.h | 11 +++++++++++
+ lib/launch-libvirt.c   |  4 +++-
+ 2 files changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
+index 4799ee0a1..0b46f0070 100644
+--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
+@@ -147,6 +147,17 @@
+ #define VIRTIO_DEVICE_NAME(type) type "-pci"
+ #endif
+ 
+/* Place the virtio-net controller in slot 0x1e on the root bus, on normal
+ * hardware with PCI. Refer to RHBZ#2034160.
+ */
+#ifdef HAVE_LIBVIRT_BACKEND
+#if defined(__arm__) || defined(__s390x__)
+#define VIRTIO_NET_PCI_ADDR ""
+#else
+#define VIRTIO_NET_PCI_ADDR ",addr=1e.0"
+#endif
+#endif
+
+ /* Guestfs handle and associated structures. */
+ 
+ /* State. */
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index 026dc6b26..5842319df 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1834,7 +1834,9 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
+       } end_element ();
+ 
+       start_element ("qemu:arg") {
+-        attribute ("value", VIRTIO_DEVICE_NAME ("virtio-net") ",netdev=usernet");
+        attribute ("value", (VIRTIO_DEVICE_NAME ("virtio-net")
+                             ",netdev=usernet"
+                             VIRTIO_NET_PCI_ADDR));
+       } end_element ();
+     }
+ 
+-- 
+2.31.1
+
--- a/SOURCES/0018-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch
+++ b/SOURCES/0018-lib-extract-NETWORK_ADDRESS-and-NETWORK_PREFIX-as-ma.patch
@ -0,0 +1,70 @@
+From 4b9eac11db3e2cc9ace397ed4c804356a7d9adbf Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Thu, 23 Dec 2021 11:37:00 +0100
+Subject: [PATCH] lib: extract NETWORK_ADDRESS and NETWORK_PREFIX as macros
+
+The 169.254.0.0/16 network specification (for the appliance) is currently
+duplicated between the direct backend and the libvirt backend. In a
+subsequent patch, we're going to need the network specification in yet
+another spot; extract it now to the NETWORK_ADDRESS and NETWORK_PREFIX
+macros (simply as strings).
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Message-Id: <20211223103701.12702-3-lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+Tested-by: Richard W.M. Jones <rjones@redhat.com>
+(cherry picked from commit 216de164e091a5c36403f24901698044a43ae0d9)
+---
+ lib/guestfs-internal.h | 6 ++++++
+ lib/launch-direct.c    | 2 +-
+ lib/launch-libvirt.c   | 3 ++-
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
+index 0b46f0070..97a13ff2c 100644
+--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
+@@ -158,6 +158,12 @@
+ #endif
+ #endif
+ 
+/* Network address and network mask (expressed as address prefix) that the
+ * appliance will see (if networking is enabled).
+ */
+#define NETWORK_ADDRESS "169.254.0.0"
+#define NETWORK_PREFIX  "16"
+
+ /* Guestfs handle and associated structures. */
+ 
+ /* State. */
+diff --git a/lib/launch-direct.c b/lib/launch-direct.c
+index b6ed9766f..de17d2167 100644
+--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
+@@ -681,7 +681,7 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
+     start_list ("-netdev") {
+       append_list ("user");
+       append_list ("id=usernet");
+-      append_list ("net=169.254.0.0/16");
+      append_list ("net=" NETWORK_ADDRESS "/" NETWORK_PREFIX);
+     } end_list ();
+     start_list ("-device") {
+       append_list (VIRTIO_DEVICE_NAME ("virtio-net"));
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index 5842319df..0f38f0aec 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1826,7 +1826,8 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
+       } end_element ();
+ 
+       start_element ("qemu:arg") {
+-        attribute ("value", "user,id=usernet,net=169.254.0.0/16");
+        attribute ("value",
+                   "user,id=usernet,net=" NETWORK_ADDRESS "/" NETWORK_PREFIX);
+       } end_element ();
+ 
+       start_element ("qemu:arg") {
+-- 
+2.31.1
+
--- a/SOURCES/0019-launch-libvirt-add-virtio-net-via-the-standard-inter.patch
+++ b/SOURCES/0019-launch-libvirt-add-virtio-net-via-the-standard-inter.patch
@ -0,0 +1,91 @@
+From 8570de6e766297e4c9feab1c54ae05037f33edeb Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Thu, 23 Dec 2021 11:37:01 +0100
+Subject: [PATCH] launch-libvirt: add virtio-net via the standard <interface>
+ element
+
+Starting with version 3.8.0, libvirt allows us to specify the network
+address and network mask (as prefix) for SLIRP directly via the
+<interface> element in the domain XML:
+<https://libvirt.org/formatdomain.html#userspace-slirp-stack>. This means
+we don't need the <qemu:commandline> hack for virtio-net on such versions.
+
+Restrict the hack in construct_libvirt_xml_qemu_cmdline() to
+libvirt<3.8.0, and generate the proper <interface> element in
+construct_libvirt_xml_devices() on libvirt>=3.8.0.
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2034160
+Suggested-by: Richard W.M. Jones <rjones@redhat.com>
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Message-Id: <20211223103701.12702-4-lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+Tested-by: Richard W.M. Jones <rjones@redhat.com>
+(cherry picked from commit 5858c2cf6c24b3776e3867eafd9d86a1f4912d9c)
+---
+ lib/guestfs-internal.h |  3 ++-
+ lib/launch-libvirt.c   | 27 +++++++++++++++++++++++++--
+ 2 files changed, 27 insertions(+), 3 deletions(-)
+
+diff --git a/lib/guestfs-internal.h b/lib/guestfs-internal.h
+index 97a13ff2c..b11c945e9 100644
+--- a/lib/guestfs-internal.h
+++ b/lib/guestfs-internal.h
+@@ -148,7 +148,8 @@
+ #endif
+ 
+ /* Place the virtio-net controller in slot 0x1e on the root bus, on normal
+- * hardware with PCI. Refer to RHBZ#2034160.
+ * hardware with PCI. Necessary only before libvirt 3.8.0. Refer to
+ * RHBZ#2034160.
+  */
+ #ifdef HAVE_LIBVIRT_BACKEND
+ #if defined(__arm__) || defined(__s390x__)
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index 0f38f0aec..f6bb39d99 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1396,6 +1396,28 @@ construct_libvirt_xml_devices (guestfs_h *g,
+       } end_element ();
+     } end_element ();
+ 
+    /* Virtio-net NIC with SLIRP (= userspace) back-end, if networking is
+     * enabled. Starting with libvirt 3.8.0, we can specify the network address
+     * and prefix for SLIRP in the domain XML. Therefore, we can add the NIC
+     * via the standard <interface> element rather than <qemu:commandline>, and
+     * so libvirt can manage the PCI address of the virtio-net NIC like the PCI
+     * addresses of all other devices. Refer to RHBZ#2034160.
+     */
+    if (g->enable_network &&
+        guestfs_int_version_ge (&params->data->libvirt_version, 3, 8, 0)) {
+      start_element ("interface") {
+        attribute ("type", "user");
+        start_element ("model") {
+          attribute ("type", "virtio");
+        } end_element ();
+        start_element ("ip") {
+          attribute ("family", "ipv4");
+          attribute ("address", NETWORK_ADDRESS);
+          attribute ("prefix", NETWORK_PREFIX);
+        } end_element ();
+      } end_element ();
+    }
+
+     /* Libvirt adds some devices by default.  Indicate to libvirt
+      * that we don't want them.
+      */
+@@ -1818,9 +1840,10 @@ construct_libvirt_xml_qemu_cmdline (guestfs_h *g,
+     } end_element ();
+ 
+     /* Workaround because libvirt user networking cannot specify "net="
+-     * parameter.
+     * parameter. Necessary only before libvirt 3.8.0; refer to RHBZ#2034160.
+      */
+-    if (g->enable_network) {
+    if (g->enable_network &&
+        !guestfs_int_version_ge (&params->data->libvirt_version, 3, 8, 0)) {
+       start_element ("qemu:arg") {
+         attribute ("value", "-netdev");
+       } end_element ();
+-- 
+2.31.1
+
--- a/SOURCES/0020-appliance-Use-cpu-max.patch
+++ b/SOURCES/0020-appliance-Use-cpu-max.patch
@ -0,0 +1,86 @@
+From fbb053fc71c0c072acb3fbf6e5fbbfc3b0667fd2 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 28 Jan 2021 12:20:49 +0000
+Subject: [PATCH] appliance: Use -cpu max.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+QEMU has a newish feature (from about 2017 / qemu 2.9) called -cpu max
+which is supposed to select the best CPU, ideal for libguestfs.
+
+After this change, on x86-64:
+
+               KVM                          TCG
+
+Direct         -cpu max                     -cpu max
+(non-libvirt)
+
+Libvirt   <cpu mode="host-passthrough">     <cpu mode="host-model">
+            <model fallback="allow"/>         <model fallback="allow"/>
+          </cpu>                            </cpu>
+
+Thanks: Daniel Berrangé
+(cherry picked from commit 30f74f38bd6e42e783ba80895f4d6826abddd417)
+---
+ lib/appliance-cpu.c  | 16 ++++++++--------
+ lib/launch-libvirt.c |  9 +++++++++
+ 2 files changed, 17 insertions(+), 8 deletions(-)
+
+diff --git a/lib/appliance-cpu.c b/lib/appliance-cpu.c
+index 5ef9f5c72..54ac6e2e3 100644
+--- a/lib/appliance-cpu.c
+++ b/lib/appliance-cpu.c
+@@ -38,6 +38,11 @@
+  *
+  * The literal string C<"host"> means use C<-cpu host>.
+  *
+ * =item C<"max">
+ *
+ * The literal string C<"max"> means use C<-cpu max> (the best
+ * possible).  This requires awkward translation for libvirt.
+ *
+  * =item some string
+  *
+  * Some string such as C<"cortex-a57"> means use C<-cpu cortex-a57>.
+@@ -80,14 +85,9 @@ guestfs_int_get_cpu_model (int kvm)
+   /* See discussion in https://bugzilla.redhat.com/show_bug.cgi?id=1605071 */
+   return NULL;
+ #else
+-  /* On most architectures, it is faster to pass the CPU host model to
+-   * the appliance, allowing maximum speed for things like checksums
+-   * and encryption.  Only do this with KVM.  It is broken in subtle
+-   * ways on TCG, and fairly pointless when you're emulating anyway.
+  /* On most architectures we can use "max" to get the best possible CPU.
+   * For recent qemu this should work even on TCG.
+    */
+-  if (kvm)
+-    return "host";
+-  else
+-    return NULL;
+  return "max";
+ #endif
+ }
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index f6bb39d99..e3ff1ffe0 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1169,6 +1169,15 @@ construct_libvirt_xml_cpu (guestfs_h *g,
+           attribute ("fallback", "allow");
+         } end_element ();
+       }
+      else if (STREQ (cpu_model, "max")) {
+        if (params->data->is_kvm)
+          attribute ("mode", "host-passthrough");
+        else
+          attribute ("mode", "host-model");
+        start_element ("model") {
+          attribute ("fallback", "allow");
+        } end_element ();
+      }
+       else
+         single_element ("model", cpu_model);
+     } end_element ();
+-- 
+2.31.1
+
--- a/SOURCES/0021-appliance-Use-cpu-mode-maximum-for-cpu-max-on-libvir.patch
+++ b/SOURCES/0021-appliance-Use-cpu-mode-maximum-for-cpu-max-on-libvir.patch
@ -0,0 +1,48 @@
+From 7dde1007525ec235e769351be15ca5de34eeda4a Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 18 Mar 2021 12:32:26 +0000
+Subject: [PATCH] appliance: Use <cpu mode="maximum"/> for -cpu max on libvirt.
+
+Note this requires libvirt >= 7.1.0 which was only released in March 2021.
+
+With an older libvirt you will see this error:
+
+  Original error from libvirt: unsupported configuration: Invalid mode attribute 'maximum' [code=67 int1=-1]
+
+In theory we could check if this is supported by looking at the
+libvirt capabilities and fall back, but this commit does not do that,
+in the expectation that most people will be using the default backend
+(direct) and on Fedora/RHEL we will add an explicit minimum version
+dependency to the package.
+
+qemu support has been around quite a bit longer (at least since 2017).
+
+Fixes: commit 30f74f38bd6e42e783ba80895f4d6826abddd417
+(cherry picked from commit 13ceb6a87b2869909a6a0e3c8caa962b72e4cb0e)
+---
+ lib/launch-libvirt.c | 9 ++-------
+ 1 file changed, 2 insertions(+), 7 deletions(-)
+
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index e3ff1ffe0..db619910f 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1170,13 +1170,8 @@ construct_libvirt_xml_cpu (guestfs_h *g,
+         } end_element ();
+       }
+       else if (STREQ (cpu_model, "max")) {
+-        if (params->data->is_kvm)
+-          attribute ("mode", "host-passthrough");
+-        else
+-          attribute ("mode", "host-model");
+-        start_element ("model") {
+-          attribute ("fallback", "allow");
+-        } end_element ();
+        /* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
+        attribute ("mode", "maximum");
+       }
+       else
+         single_element ("model", cpu_model);
+-- 
+2.31.1
+
--- a/SOURCES/0022-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
+++ b/SOURCES/0022-lib-Disable-5-level-page-tables-when-using-cpu-max.patch
@ -0,0 +1,92 @@
+From bb19cc0cdd43619ccf830e1e608f79e46f8ddf86 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Thu, 12 May 2022 08:36:37 +0100
+Subject: [PATCH] lib: Disable 5-level page tables when using -cpu max
+
+In https://bugzilla.redhat.com/show_bug.cgi?id=2082806 we've been
+tracking an insidious qemu bug which intermittently prevents the
+libguestfs appliance from starting.  The symptoms are that SeaBIOS
+starts and displays its messages, but the kernel isn't reached.  We
+found that the kernel does in fact start, but when it tries to set up
+page tables and jump to protected mode it gets a triple fault which
+causes the emulated CPU in qemu to reset (qemu exits).
+
+This seems to only affect TCG (not KVM).
+
+Yesterday I found that this is caused by using -cpu max which enables
+the "la57" feature (5-level page tables[0]), and that we can make the
+problem go away using -cpu max,la57=off.  Note that I still don't
+fully understand the qemu bug, so this is only a workaround.
+
+I chose to disable 5-level page tables for both TCG and KVM, partly to
+make the patch simpler, and partly because I guess it's not a feature
+(ie. 57 bit linear addresses) that is useful for the libguestfs
+appliance case, where we have limited physical memory and no need to
+run any programs with huge address spaces.
+
+I tested this by running both the direct & libvirt paths overnight.  I
+expect that this patch will fail with old qemu/libvirt which doesn't
+understand the "la57" feature, but this is only intended as a
+temporary workaround.
+
+[0] Article about 5-level page tables as background:
+https://lwn.net/Articles/717293/
+
+Thanks: Laszlo Ersek
+Fixes: https://answers.launchpad.net/ubuntu/+source/libguestfs/+question/701625
+
+[RHEL 8.7: Patch is not upstream.  This is the initial patch as posted
+to the mailing list here:
+https://listman.redhat.com/archives/libguestfs/2022-May/028853.html]
+---
+ lib/launch-direct.c  | 15 +++++++++++++--
+ lib/launch-libvirt.c |  7 +++++++
+ 2 files changed, 20 insertions(+), 2 deletions(-)
+
+diff --git a/lib/launch-direct.c b/lib/launch-direct.c
+index de17d2167..6b28e4724 100644
+--- a/lib/launch-direct.c
+++ b/lib/launch-direct.c
+@@ -534,8 +534,19 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
+   } end_list ();
+ 
+   cpu_model = guestfs_int_get_cpu_model (has_kvm && !force_tcg);
+-  if (cpu_model)
+-    arg ("-cpu", cpu_model);
+  if (cpu_model) {
+#if defined(__x86_64__)
+    /* Temporary workaround for RHBZ#2082806 */
+    if (STREQ (cpu_model, "max")) {
+      start_list ("-cpu") {
+        append_list (cpu_model);
+        append_list ("la57=off");
+      } end_list ();
+    }
+    else
+#endif
+      arg ("-cpu", cpu_model);
+  }
+ 
+   if (g->smp > 1)
+     arg_format ("-smp", "%d", g->smp);
+diff --git a/lib/launch-libvirt.c b/lib/launch-libvirt.c
+index db619910f..bad4a54ea 100644
+--- a/lib/launch-libvirt.c
+++ b/lib/launch-libvirt.c
+@@ -1172,6 +1172,13 @@ construct_libvirt_xml_cpu (guestfs_h *g,
+       else if (STREQ (cpu_model, "max")) {
+         /* https://bugzilla.redhat.com/show_bug.cgi?id=1935572#c11 */
+         attribute ("mode", "maximum");
+#if defined(__x86_64__)
+        /* Temporary workaround for RHBZ#2082806 */
+        start_element ("feature") {
+          attribute ("policy", "disable");
+          attribute ("name", "la57");
+        } end_element ();
+#endif
+       }
+       else
+         single_element ("model", cpu_model);
+-- 
+2.31.1
+
--- a/SOURCES/0023-docs-guestfs-security-document-CVE-2022-2211.patch
+++ b/SOURCES/0023-docs-guestfs-security-document-CVE-2022-2211.patch
@ -0,0 +1,103 @@
+From 22d779d5982dc82d629710d41973ed6545707bd9 Mon Sep 17 00:00:00 2001
+From: Laszlo Ersek <lersek@redhat.com>
+Date: Tue, 28 Jun 2022 13:54:16 +0200
+Subject: [PATCH] docs/guestfs-security: document CVE-2022-2211
+
+Short log for the common submodule, commit range
+f8de5508fe75..35467027f657:
+
+Laszlo Ersek (2):
+      mlcustomize: factor out pkg install/update/uninstall from guestfs-tools
+      options: fix buffer overflow in get_keys() [CVE-2022-2211]
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2100862
+Signed-off-by: Laszlo Ersek <lersek@redhat.com>
+Message-Id: <20220628115418.5376-2-lersek@redhat.com>
+Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
+
+Cherry picked from commit 99844660b48ed809e37378262c65d63df6ce4a53.
+For the cherry pick I only added one submodule commit:
+
+options: fix buffer overflow in get_keys() [CVE-2022-2211]
+---
+ common                    |  2 +-
+ docs/guestfs-security.pod | 28 ++++++++++++++++++++++++++++
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+
+Submodule common be09523d6..1174b443a:
+diff --git a/common/options/keys.c b/common/options/keys.c
+index 798315c..d27a712 100644
+--- a/common/options/keys.c
+++ b/common/options/keys.c
+@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
+ char **
+ get_keys (struct key_store *ks, const char *device, const char *uuid)
+ {
+-  size_t i, j, len;
+  size_t i, j, nmemb;
+   char **r;
+   char *s;
+ 
+   /* We know the returned list must have at least one element and not
+    * more than ks->nr_keys.
+    */
+-  len = 1;
+-  if (ks)
+-    len = MIN (1, ks->nr_keys);
+-  r = calloc (len+1, sizeof (char *));
+  nmemb = 1;
+  if (ks && ks->nr_keys > nmemb)
+    nmemb = ks->nr_keys;
+
+  /* make room for the terminating NULL */
+  if (nmemb == (size_t)-1)
+    error (EXIT_FAILURE, 0, _("size_t overflow"));
+  nmemb++;
+
+  r = calloc (nmemb, sizeof (char *));
+   if (r == NULL)
+     error (EXIT_FAILURE, errno, "calloc");
+ 
+diff --git a/docs/guestfs-security.pod b/docs/guestfs-security.pod
+index 9ceef5623..efa35b29d 100644
+--- a/docs/guestfs-security.pod
+++ b/docs/guestfs-security.pod
+@@ -406,6 +406,34 @@ The libvirt backend is not affected.
+ The solution is to update qemu to a version containing the fix (see
+ L<https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01012.html>).
+ 
+=head2 CVE-2022-2211
+
+L<https://bugzilla.redhat.com/CVE-2022-2211>
+
+The C<get_keys> function in F<libguestfs-common/options/keys.c> collects
+those I<--key> options from the command line into a new array that match
+a particular block device that's being decrypted for inspection. The
+function intends to size the result array such that potentially all
+I<--key> options, plus a terminating C<NULL> element, fit into it. The
+code mistakenly uses the C<MIN> macro instead of C<MAX>, and therefore
+only one element is allocated before the C<NULL> terminator.
+
+Passing precisely two I<--key ID:...> options on the command line for
+the encrypted block device C<ID> causes C<get_keys> to overwrite the
+terminating C<NULL>, leading to an out-of-bounds read in
+C<decrypt_mountables>, file F<libguestfs-common/options/decrypt.c>.
+
+Passing more than two I<--key ID:...> options on the command line for
+the encrypted block device C<ID> causes C<get_keys> itself to perform
+out-of-bounds writes. The most common symptom is a crash with C<SIGSEGV>
+later on.
+
+This issue affects -- broadly speaking -- all libguestfs-based utilities
+that accept I<--key>, namely: C<guestfish>, C<guestmount>, C<virt-cat>,
+C<virt-customize>, C<virt-diff>, C<virt-edit>, C<virt-get-kernel>,
+C<virt-inspector>, C<virt-log>, C<virt-ls>, C<virt-sparsify>,
+C<virt-sysprep>, C<virt-tail>, C<virt-v2v>.
+
+ =head1 SEE ALSO
+ 
+ L<guestfs(3)>,
+-- 
+2.31.1
+
--- a/SOURCES/README-replacement.in
+++ b/SOURCES/README-replacement.in
@ -8,7 +8,8 @@ list:

  http://www.redhat.com/mailman/listinfo/libguestfs

-This package comes with a lot of help and examples to get you started.
+This Red Hat Enterprise Linux package comes with a lot of help and
+examples to get you started.

 The first place to start are the manual pages.  Type:

@ -19,19 +20,19 @@ The first place to start are the manual pages.  Type:
  man virt-cat   # and other virt-* tools

 If you install the libguestfs-devel package, then in the
-/usr/share/doc/libguestfs-devel/ directory you will find other
-documentation including:
+/usr/share/doc/libguestfs-devel/ directory you will also
+find:

 - BUGS: list of open bugs in this version

- - ChangeLog.gz: the detailed list of changes in this version
+ - ChangeLog: the detailed list of changes in this version

- - HACKING: how to extend libguestfs
+ - ROADMAP: the roadmap for future versions

 - TODO: ideas for extending libguestfs

 - *.c: example C programs using the API

- - *.xml.gz: example virt-inspector output (compressed)
+ - *.xml: example virt-inspector output

- - virt-inspector.rng: virt-inspector RelaxNG schema
+ - *.rng: virt-inspector RelaxNG schema
--- a/SOURCES/copy-patches.sh
+++ b/SOURCES/copy-patches.sh
@ -3,11 +3,10 @@
 set -e

 # Maintainer script to copy patches from the git repo to the current
-# directory.  It's normally only used downstream (ie. in RHEL).  Use
-# it like this:
+# directory.  Use it like this:
 #   ./copy-patches.sh

-rhel_version=10.0
+rhel_version=8.7.0

 # Check we're in the right directory.
 if [ ! -f libguestfs.spec ]; then
--- a/SOURCES/guestfish.sh
+++ b/SOURCES/guestfish.sh
--- a/SOURCES/libguestfs-1.44.0.tar.gz.sig
+++ b/SOURCES/libguestfs-1.44.0.tar.gz.sig
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAl/1jrcRHHJpY2hAYW5u
+ZXhpYS5vcmcACgkQkXOPc+G3aKCBcQ/+JwE8JTm3PdTPGoKxCqSgAOirbqE4ZvMY
+p/3y5mexagcWXx6X2Y+u6dlybS06jFR8TkbjdE3VAhhJo0C8l1vfvUTWKVDZoBhG
+3jZ6e+exff3VEUY4nFIVvYPNP+/J1BCiexMO0/2f1MDKwnJ73je9GlzwPEpdqPj/
+jSxaAy1G/rA5qV5rWQd4n5S9m8zRnf1lnM7YI7I0PunC2Wt/U6BZidL/FVVWVBxV
+DGKTIy7GgWnfGWdqJ+Wi9o9QCJH/9FGTP35xonyQEM/7GI+jLz+a9g2xgvv584Ni
+FF0Gqywrp5QFd13Nj3MPM7MXjGjUY5vB964k3mgE4fH91CnVvisRWfUCCo+c/9wG
+odS0YTrveWJpm0oYU2tL3AjahRclskAxXEIxx9kbnWMUTrpXG0r8G4+vE+estCjb
+mbyK5FQh2KASqNgmeopjK9DAEwD7SfPyHmPQ07Q76Pgl8X+FfBX2uyXBjaR5IJJJ
+qVVamdVtPilqwWqQ8hGkKE0qVKqZHGCOJ8+AkQjHjUtSVegT6zHmCG/bM4im1dGV
+r9fv6oQ7kWViz8mBluoETWr5sd2AfLOdLS8A42JaOnU7ASJUX/9eN0Y9u4BYC9P3
+l+QXikyq6T/4iC+tADOYGBr9uNitksLwSSUYScpnN+4AY+M+qjXTBq38MEHmwcgK
+5mwscgQefcY=
+=UrAA
+-----END PGP SIGNATURE-----
--- a/SOURCES/yum.conf.in
+++ b/SOURCES/yum.conf.in
--- a/SPECS/libguestfs.spec
+++ b/SPECS/libguestfs.spec
--- a/libguestfs-1.52.2.tar.gz.sig
+++ b/libguestfs-1.52.2.tar.gz.sig
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmaMBYQRHHJpY2hAYW5u
-ZXhpYS5vcmcACgkQkXOPc+G3aKCgAA//Y3vipD+s/fdnFSNPkCxE7lPkBW+HPHKM
-ESFfm4hMaR1m9IgNftcFfdQuiApLOsiKN5eGOqyINsrZCWPDkz7mww911GO4V7Oz
-mbC2bqvpfLu7OhpxZew+ZrX0NY/hyGngGfSdlc8R0iF4uB76I+ghxllxEfGG1brG
-mbvbzFbVIsTj7REPWe5HudQHXgqQFtiSxWmB65/uEQo85W/Wbc7BsPZPps99Uyxm
-Mjt6QsiMxHipA2IZWXVCC9UgOewj7dcnXpmgxmWZxRn8e1C/mPNTYZo7z9AeB1YT
-W6VX0RRg9TFppi4fCclsWaHyWtaFeasooPzpV9dXn6rezB8K5IzJXeV1Ial154mn
-w2ofL1qkhtl8wMabBTC7zP+zb1pNu8iajrKgCmY10/Bgia/wRArIK5qS7dIxGDT9
-jJ5gfP9h5zi01tnNIKbZaoRKSrU+r2+efxvad+8uvQt4JFn1OAL+EVjzePi47aOx
-h06kt2uktjtWsKBnLmY91FOwSDPL0aDd8zKp6Ddm84TIQ4tXy4caQ9vQCON7cuNy
-5NhvHHs3VNAFOVUW5/e/E9RdmYMnSJaYRpdvpKOuHNcWzPmYR32BMI4LjtYABtkz
-Cn0WKnCASUa2W3CzD7V5bHtdT4fnQNbZvcgPGouB/+SlIpABqyfyIQnUta8Tsn2u
-msgD9HFR9kk=
-=yVGZ
-----END PGP SIGNATURE-----
--- a/2
+++ b/2
@ -1,2 +0,0 @@
-SHA512 (libguestfs-1.52.2.tar.gz) = 5eb4fbcc8e8879932a212c38c515598cd229e0e10b3e86d5655a10f30f5cc8c3df4e6f4b60095ccdaddbd493114ea84d9c0cdb9db7496dc83283fc4d369ece71
-SHA512 (libguestfs.keyring) = 297a15edc7c220222b9f650e0a9361ae132d3f0fed04aeb2237a1d9c3f6dac6f336846434f66480faed72635a33f659e849b052e74b88d1508aeff03f8c9a2ac