rpms/libvirt
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Update to 1.2.9 release

Browse Source
This commit is contained in:
Daniel P. Berrange 2014-10-01 17:09:48 +01:00
parent 5b1a906ace
commit 1073e2447a
25 changed files with 5 additions and 5202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
0001-network-try-to-eliminate-default-network-conflict-du.patch
View File

@ -1,88 +0,0 @@
From 935cd0c56643d28a5c60ff6658b16bd4c2fd920c Mon Sep 17 00:00:00 2001
From: Laine Stump <laine@laine.org>
Date: Wed, 10 Sep 2014 13:10:45 -0400
Subject: [PATCH] network: try to eliminate default network conflict during
package install
Sometimes libvirt is installed on a host that is already using the
network 192.168.122.0/24. If the libvirt-daemon-config-network package
is installed, this creates a conflict, since that package has been
hard-coded to create a virtual network that also uses
192.168.122.0/24. In the past libvirt has attempted to warn of /
remediate this situation by checking for conflicting routes when the
network is started, but it turns out that isn't always useful (for
example in the case that the *other* interface/network creating the
conflict hasn't yet been started at the time libvirtd start its own
networks).
This patch attempts to catch the problem earlier - at install
time. During the %post install script for
libvirt-daemon-config-network, we use a case statement to look through
the output of "ip route show" for a route that exactly matches
192.168.122.0/24, and if found we search for a similar route that
*doesn't* match (e.g. 192.168.124.0/24) (note that the search starts
with "124" instead of 123 because of reports of people already
modifying their L1 host's network to 192.168.123.0/24 in an attempt to
solve exactly the problem we are also trying to solve). When we find
an available route, we just replace all occurrences of "122" in the
default.xml that is being created with the newly found 192.168
subnet. This could obviously be made more complicated - examine the
template defaul.xml to automatically determine the existing network
address and mask rather than hard coding it in the specfile, etc, but
this scripting is simpler and gets the job done as long as we continue
to use 192.168.122.0/24 in the template. (If anyone with mad bash
skillz wants to suggest something to do that, by all means please do).
This is intended to at least "further reduce" occurrence of the
problems detailed in:
https://bugzilla.redhat.com/show_bug.cgi?id=811967
(cherry picked from commit 5f71959667e4902d738a849e7c9391e794fccf22)
---
libvirt.spec.in | 31 ++++++++++++++++++++++++++++++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 4dc801b..75a91f5 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1732,8 +1732,37 @@ fi
%if %{with_network}
%post daemon-config-network
if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ; then
+ # see if the network used by default network creates a conflict,
+ # and try to resolve it
+ # NB: 192.168.122.0/24 is used in the default.xml template file;
+ # do not modify any of those values here without also modifying
+ # them in the template.
+ orig_sub=122
+ sub=${orig_sub}
+ nl='
+'
+ routes="${nl}$(ip route show | cut -d' ' -f1)"
+ case ${routes} in
+ *"${nl}192.168.${orig_sub}.0/24${nl}"*)
+ # there was a match, so we need to look for an unused subnet
+ for new_sub in $(seq 124 254); do
+ case ${routes} in
+ *"${nl}192.168.${new_sub}.0/24${nl}"*)
+ ;;
+ *)
+ sub=$new_sub
+ break;
+ ;;
+ esac
+ done
+ ;;
+ *)
+ ;;
+ esac
+
UUID=`/usr/bin/uuidgen`
- sed -e "s,</name>,</name>\n <uuid>$UUID</uuid>," \
+ sed -e "s/${orig_sub}/${sub}/g" \
+ -e "s,</name>,</name>\n <uuid>$UUID</uuid>," \
< %{_datadir}/libvirt/networks/default.xml \
> %{_sysconfdir}/libvirt/qemu/networks/default.xml
ln -s ../default.xml %{_sysconfdir}/libvirt/qemu/networks/autostart/default.xml

32
0002-network-detect-conflicting-route-even-if-it-is-the-f.patch
View File

@ -1,32 +0,0 @@
From ed1efa32c71ba195a16bb63da4ee532d8a6c8a99 Mon Sep 17 00:00:00 2001
From: Laine Stump <laine@laine.org>
Date: Mon, 15 Sep 2014 13:30:08 -0400
Subject: [PATCH] network: detect conflicting route even if it is the final
entry
This is a folloup to commit 5f719596, which checks for a route
conflicting with the standard libvirt default network subnet
(192.168.122.0/24). It turns out that $() strips the trailing newline
from the output of "ip route show", so there would be no match if the
route we were looking for was the final line of output. This can be
solved by adding ${nl} to the end of the output (just as we were
already adding it at the beginning of the output).
(cherry picked from commit 22048ae61dbb7876d17bcf7dbedf9e8d1cf98d4e)
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 75a91f5..0741c73 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1741,7 +1741,7 @@ if test $1 -eq 1 && test ! -f %{_sysconfdir}/libvirt/qemu/networks/default.xml ;
sub=${orig_sub}
nl='
'
- routes="${nl}$(ip route show | cut -d' ' -f1)"
+ routes="${nl}$(ip route show | cut -d' ' -f1)${nl}"
case ${routes} in
*"${nl}192.168.${orig_sub}.0/24${nl}"*)
# there was a match, so we need to look for an unused subnet

131
0003-rpc-reformat-the-flow-to-make-a-bit-more-sense.patch
View File

@ -1,131 +0,0 @@
From 00d63796318b065479eda661ab83503cc1cf8446 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Sun, 7 Sep 2014 17:08:57 +0200
Subject: [PATCH] rpc: reformat the flow to make a bit more sense
Just remove useless "else". Best viewed with '-w'.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit 3951d4a6d3d5867eadc82814e8dd9a61d19b68cf)
---
src/rpc/virnetsocket.c | 94 +++++++++++++++++++++++++-------------------------
1 file changed, 47 insertions(+), 47 deletions(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 9780e17..306c9ea 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -574,66 +574,66 @@ int virNetSocketNewConnectUNIX(const char *path,
retry:
if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ int status = 0;
+ pid_t pid = 0;
+
if (!spawnDaemon) {
virReportSystemError(errno, _("Failed to connect socket to '%s'"),
path);
goto error;
- } else {
- int status = 0;
- pid_t pid = 0;
-
- if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
- virReportSystemError(errno, "%s", _("Failed to create socket"));
- goto error;
- }
+ }
- /*
- * We have to fork() here, because umask() is set
- * per-process, chmod() is racy and fchmod() has undefined
- * behaviour on sockets according to POSIX, so it doesn't
- * work outside Linux.
- */
- if ((pid = virFork()) < 0)
- goto error;
+ if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
+ virReportSystemError(errno, "%s", _("Failed to create socket"));
+ goto error;
+ }
- if (pid == 0) {
- umask(0077);
- if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
- _exit(EXIT_FAILURE);
+ /*
+ * We have to fork() here, because umask() is set
+ * per-process, chmod() is racy and fchmod() has undefined
+ * behaviour on sockets according to POSIX, so it doesn't
+ * work outside Linux.
+ */
+ if ((pid = virFork()) < 0)
+ goto error;
- _exit(EXIT_SUCCESS);
- }
+ if (pid == 0) {
+ umask(0077);
+ if (bind(passfd, &remoteAddr.data.sa, remoteAddr.len) < 0)
+ _exit(EXIT_FAILURE);
- if (virProcessWait(pid, &status, false) < 0)
- goto error;
+ _exit(EXIT_SUCCESS);
+ }
- if (status != EXIT_SUCCESS) {
- /*
- * OK, so the subprocces failed to bind() the socket. This may mean
- * that another daemon was starting at the same time and succeeded
- * with its bind(). So we'll try connecting again, but this time
- * without spawning the daemon.
- */
- spawnDaemon = false;
- goto retry;
- }
+ if (virProcessWait(pid, &status, false) < 0)
+ goto error;
- if (listen(passfd, 0) < 0) {
- virReportSystemError(errno, "%s",
- _("Failed to listen on socket that's about "
- "to be passed to the daemon"));
- goto error;
- }
+ if (status != EXIT_SUCCESS) {
+ /*
+ * OK, so the subprocces failed to bind() the socket. This may mean
+ * that another daemon was starting at the same time and succeeded
+ * with its bind(). So we'll try connecting again, but this time
+ * without spawning the daemon.
+ */
+ spawnDaemon = false;
+ goto retry;
+ }
- if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
- virReportSystemError(errno, _("Failed to connect socket to '%s'"),
- path);
- goto error;
- }
+ if (listen(passfd, 0) < 0) {
+ virReportSystemError(errno, "%s",
+ _("Failed to listen on socket that's about "
+ "to be passed to the daemon"));
+ goto error;
+ }
- if (virNetSocketForkDaemon(binary, passfd) < 0)
- goto error;
+ if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
+ virReportSystemError(errno, _("Failed to connect socket to '%s'"),
+ path);
+ goto error;
}
+
+ if (virNetSocketForkDaemon(binary, passfd) < 0)
+ goto error;
}
localAddr.len = sizeof(localAddr.data);

233
0004-remove-redundant-pidfile-path-constructions.patch
View File

@ -1,233 +0,0 @@
From 5217124c8f276a9d35b60470a332d887af4cc446 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Sun, 7 Sep 2014 19:52:34 +0200
Subject: [PATCH] remove redundant pidfile path constructions
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit 8035f2e6f2db7fc0b74b639deb7eff64957692bc)
---
daemon/libvirtd.c | 41 ++++-----------------------------------
src/libvirt_private.syms | 1 +
src/locking/lock_daemon.c | 42 ++++------------------------------------
src/util/virpidfile.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++-
src/util/virpidfile.h | 7 ++++++-
5 files changed, 63 insertions(+), 77 deletions(-)
diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 0503cd0..61f5486 100644
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -251,41 +251,6 @@ static int daemonForkIntoBackground(const char *argv0)
static int
-daemonPidFilePath(bool privileged,
- char **pidfile)
-{
- if (privileged) {
- if (VIR_STRDUP(*pidfile, LOCALSTATEDIR "/run/libvirtd.pid") < 0)
- goto error;
- } else {
- char *rundir = NULL;
- mode_t old_umask;
-
- if (!(rundir = virGetUserRuntimeDirectory()))
- goto error;
-
- old_umask = umask(077);
- if (virFileMakePath(rundir) < 0) {
- umask(old_umask);
- goto error;
- }
- umask(old_umask);
-
- if (virAsprintf(pidfile, "%s/libvirtd.pid", rundir) < 0) {
- VIR_FREE(rundir);
- goto error;
- }
-
- VIR_FREE(rundir);
- }
-
- return 0;
-
- error:
- return -1;
-}
-
-static int
daemonUnixSocketPaths(struct daemonConfig *config,
bool privileged,
char **sockfile,
@@ -1313,8 +1278,10 @@ int main(int argc, char **argv) {
}
if (!pid_file &&
- daemonPidFilePath(privileged,
- &pid_file) < 0) {
+ virPidFileConstructPath(privileged,
+ LOCALSTATEDIR,
+ "libvirtd",
+ &pid_file) < 0) {
VIR_ERROR(_("Can't determine pid file path."));
exit(EXIT_FAILURE);
}
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 71fc063..f8d9b95 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1773,6 +1773,7 @@ virPCIIsVirtualFunction;
virPidFileAcquire;
virPidFileAcquirePath;
virPidFileBuildPath;
+virPidFileConstructPath;
virPidFileDelete;
virPidFileDeletePath;
virPidFileRead;
diff --git a/src/locking/lock_daemon.c b/src/locking/lock_daemon.c
index 02d77e3..fe7cfb8 100644
--- a/src/locking/lock_daemon.c
+++ b/src/locking/lock_daemon.c
@@ -366,42 +366,6 @@ virLockDaemonForkIntoBackground(const char *argv0)
static int
-virLockDaemonPidFilePath(bool privileged,
- char **pidfile)
-{
- if (privileged) {
- if (VIR_STRDUP(*pidfile, LOCALSTATEDIR "/run/virtlockd.pid") < 0)
- goto error;
- } else {
- char *rundir = NULL;
- mode_t old_umask;
-
- if (!(rundir = virGetUserRuntimeDirectory()))
- goto error;
-
- old_umask = umask(077);
- if (virFileMakePath(rundir) < 0) {
- umask(old_umask);
- goto error;
- }
- umask(old_umask);
-
- if (virAsprintf(pidfile, "%s/virtlockd.pid", rundir) < 0) {
- VIR_FREE(rundir);
- goto error;
- }
-
- VIR_FREE(rundir);
- }
-
- return 0;
-
- error:
- return -1;
-}
-
-
-static int
virLockDaemonUnixSocketPaths(bool privileged,
char **sockfile)
{
@@ -1283,8 +1247,10 @@ int main(int argc, char **argv) {
}
if (!pid_file &&
- virLockDaemonPidFilePath(privileged,
- &pid_file) < 0) {
+ virPidFileConstructPath(privileged,
+ LOCALSTATEDIR,
+ "virtlockd",
+ &pid_file) < 0) {
VIR_ERROR(_("Can't determine pid file path."));
exit(EXIT_FAILURE);
}
diff --git a/src/util/virpidfile.c b/src/util/virpidfile.c
index 1d9a1c5..19ec103 100644
--- a/src/util/virpidfile.c
+++ b/src/util/virpidfile.c
@@ -1,7 +1,7 @@
/*
* virpidfile.c: manipulation of pidfiles
*
- * Copyright (C) 2010-2012 Red Hat, Inc.
+ * Copyright (C) 2010-2012, 2014 Red Hat, Inc.
* Copyright (C) 2006, 2007 Binary Karma
* Copyright (C) 2006 Shuveb Hussain
*
@@ -521,3 +521,50 @@ int virPidFileRelease(const char *dir,
VIR_FREE(pidfile);
return rc;
}
+
+
+int
+virPidFileConstructPath(bool privileged,
+ const char *statedir,
+ const char *progname,
+ char **pidfile)
+{
+ if (privileged) {
+ /*
+ * This is here just to allow calling this function with
+ * statedir == NULL; of course only when !privileged.
+ */
+ if (!statedir) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("No statedir specified"));
+ goto cleanup;
+ }
+ if (virAsprintf(pidfile, "%s/run/%s.pid", statedir, progname) < 0)
+ goto cleanup;
+ } else {
+ char *rundir = NULL;
+ mode_t old_umask;
+
+ if (!(rundir = virGetUserRuntimeDirectory()))
+ goto error;
+
+ old_umask = umask(077);
+ if (virFileMakePath(rundir) < 0) {
+ umask(old_umask);
+ goto error;
+ }
+ umask(old_umask);
+
+ if (virAsprintf(pidfile, "%s/%s.pid", rundir, progname) < 0) {
+ VIR_FREE(rundir);
+ goto error;
+ }
+
+ VIR_FREE(rundir);
+ }
+
+ return 0;
+
+ error:
+ return -1;
+}
diff --git a/src/util/virpidfile.h b/src/util/virpidfile.h
index 2720206..ca1dbff 100644
--- a/src/util/virpidfile.h
+++ b/src/util/virpidfile.h
@@ -1,7 +1,7 @@
/*
* virpidfile.h: manipulation of pidfiles
*
- * Copyright (C) 2010-2011 Red Hat, Inc.
+ * Copyright (C) 2010-2011, 2014 Red Hat, Inc.
* Copyright (C) 2006, 2007 Binary Karma
* Copyright (C) 2006 Shuveb Hussain
*
@@ -69,4 +69,9 @@ int virPidFileRelease(const char *dir,
const char *name,
int fd);
+int virPidFileConstructPath(bool privileged,
+ const char *statedir,
+ const char *progname,
+ char **pidfile);
+
#endif /* __VIR_PIDFILE_H__ */

62
0005-util-fix-potential-leak-in-error-codepath.patch
View File

@ -1,62 +0,0 @@
From 0bf4b718fafa22c67f84ffd0b4434a5c7b1bce94 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Sun, 7 Sep 2014 20:07:49 +0200
Subject: [PATCH] util: fix potential leak in error codepath
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit aaaa2d56bd47556b6857ecca33e4b28ab36c8488)
---
src/util/virpidfile.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/src/util/virpidfile.c b/src/util/virpidfile.c
index 19ec103..dd29701 100644
--- a/src/util/virpidfile.c
+++ b/src/util/virpidfile.c
@@ -529,6 +529,9 @@ virPidFileConstructPath(bool privileged,
const char *progname,
char **pidfile)
{
+ int ret = -1;
+ char *rundir = NULL;
+
if (privileged) {
/*
* This is here just to allow calling this function with
@@ -542,29 +545,27 @@ virPidFileConstructPath(bool privileged,
if (virAsprintf(pidfile, "%s/run/%s.pid", statedir, progname) < 0)
goto cleanup;
} else {
- char *rundir = NULL;
mode_t old_umask;
if (!(rundir = virGetUserRuntimeDirectory()))
- goto error;
+ goto cleanup;
old_umask = umask(077);
if (virFileMakePath(rundir) < 0) {
umask(old_umask);
- goto error;
+ goto cleanup;
}
umask(old_umask);
if (virAsprintf(pidfile, "%s/%s.pid", rundir, progname) < 0) {
VIR_FREE(rundir);
- goto error;
+ goto cleanup;
}
- VIR_FREE(rundir);
}
- return 0;
-
- error:
- return -1;
+ ret = 0;
+ cleanup:
+ VIR_FREE(rundir);
+ return ret;
}

37
0006-util-get-rid-of-unnecessary-umask-call.patch
View File

@ -1,37 +0,0 @@
From 51ceb3ceaa2f192a0612b9a794d3282a059d2c9d Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Sun, 7 Sep 2014 20:09:36 +0200
Subject: [PATCH] util: get rid of unnecessary umask() call
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit d00c6fd25854bfd4822f6ce3d769a8ca132ec31b)
---
src/util/virpidfile.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/src/util/virpidfile.c b/src/util/virpidfile.c
index dd29701..a3b8846 100644
--- a/src/util/virpidfile.c
+++ b/src/util/virpidfile.c
@@ -545,17 +545,15 @@ virPidFileConstructPath(bool privileged,
if (virAsprintf(pidfile, "%s/run/%s.pid", statedir, progname) < 0)
goto cleanup;
} else {
- mode_t old_umask;
-
if (!(rundir = virGetUserRuntimeDirectory()))
goto cleanup;
- old_umask = umask(077);
- if (virFileMakePath(rundir) < 0) {
- umask(old_umask);
+ if (virFileMakePathWithMode(rundir, 0700) < 0) {
+ virReportSystemError(errno,
+ _("Cannot create user runtime directory '%s'"),
+ rundir);
goto cleanup;
}
- umask(old_umask);
if (virAsprintf(pidfile, "%s/%s.pid", rundir, progname) < 0) {
VIR_FREE(rundir);

147
0007-rpc-make-daemon-spawning-a-bit-more-intelligent.patch
View File

@ -1,147 +0,0 @@
From b2735463b886ac88027cec0ff1a4dbaa4f8be739 Mon Sep 17 00:00:00 2001
From: Martin Kletzander <mkletzan@redhat.com>
Date: Sun, 7 Sep 2014 20:41:11 +0200
Subject: [PATCH] rpc: make daemon spawning a bit more intelligent
This way it behaves more like the daemon itself does (acquiring a
pidfile, deleting the socket before binding, etc.).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1138604
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
(cherry picked from commit bd9ad91a4036649645fffb1598213339263478de)
---
src/rpc/virnetsocket.c | 67 ++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 59 insertions(+), 8 deletions(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index 306c9ea..5feccf6 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -51,9 +51,11 @@
#include "virlog.h"
#include "virfile.h"
#include "virthread.h"
+#include "virpidfile.h"
#include "virprobe.h"
#include "virprocess.h"
#include "virstring.h"
+#include "dirname.h"
#include "passfd.h"
#if WITH_SSH2
@@ -544,7 +546,10 @@ int virNetSocketNewConnectUNIX(const char *path,
const char *binary,
virNetSocketPtr *retsock)
{
+ char *binname = NULL;
+ char *pidpath = NULL;
int fd, passfd = -1;
+ int pidfd = -1;
virSocketAddr localAddr;
virSocketAddr remoteAddr;
@@ -583,16 +588,46 @@ int virNetSocketNewConnectUNIX(const char *path,
goto error;
}
+ if (!(binname = last_component(binary)) || binname[0] == '\0') {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Cannot determine basename for binary '%s'"),
+ binary);
+ goto error;
+ }
+
+ if (virPidFileConstructPath(false, NULL, binname, &pidpath) < 0)
+ goto error;
+
+ pidfd = virPidFileAcquirePath(pidpath, false, getpid());
+ if (pidfd < 0) {
+ /*
+ * This can happen in a very rare case of two clients spawning two
+ * daemons at the same time, and the error in the logs that gets
+ * reset here can be a clue to some future debugging.
+ */
+ virResetLastError();
+ spawnDaemon = false;
+ goto retry;
+ }
+
if ((passfd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
virReportSystemError(errno, "%s", _("Failed to create socket"));
goto error;
}
/*
- * We have to fork() here, because umask() is set
- * per-process, chmod() is racy and fchmod() has undefined
- * behaviour on sockets according to POSIX, so it doesn't
- * work outside Linux.
+ * We already even acquired the pidfile, so no one else should be using
+ * @path right now. So we're OK to unlink it and paying attention to
+ * the return value makes no real sense here. Only if it's not an
+ * abstract socket, of course.
+ */
+ if (path[0] != '@')
+ unlink(path);
+
+ /*
+ * We have to fork() here, because umask() is set per-process, chmod()
+ * is racy and fchmod() has undefined behaviour on sockets according to
+ * POSIX, so it doesn't work outside Linux.
*/
if ((pid = virFork()) < 0)
goto error;
@@ -610,12 +645,16 @@ int virNetSocketNewConnectUNIX(const char *path,
if (status != EXIT_SUCCESS) {
/*
- * OK, so the subprocces failed to bind() the socket. This may mean
- * that another daemon was starting at the same time and succeeded
- * with its bind(). So we'll try connecting again, but this time
- * without spawning the daemon.
+ * OK, so the child failed to bind() the socket. This may mean that
+ * another daemon was starting at the same time and succeeded with
+ * its bind() (even though it should not happen because we using a
+ * pidfile for the race). So we'll try connecting again, but this
+ * time without spawning the daemon.
*/
spawnDaemon = false;
+ virPidFileDeletePath(pidpath);
+ VIR_FORCE_CLOSE(pidfd);
+ VIR_FORCE_CLOSE(passfd);
goto retry;
}
@@ -632,6 +671,12 @@ int virNetSocketNewConnectUNIX(const char *path,
goto error;
}
+ /*
+ * Do we need to eliminate the super-rare race here any more? It would
+ * need incorporating the following VIR_FORCE_CLOSE() into a
+ * virCommandHook inside a virNetSocketForkDaemon().
+ */
+ VIR_FORCE_CLOSE(pidfd);
if (virNetSocketForkDaemon(binary, passfd) < 0)
goto error;
}
@@ -645,11 +690,17 @@ int virNetSocketNewConnectUNIX(const char *path,
if (!(*retsock = virNetSocketNew(&localAddr, &remoteAddr, true, fd, -1, 0)))
goto error;
+ VIR_FREE(pidpath);
+
return 0;
error:
+ if (pidfd >= 0)
+ virPidFileDeletePath(pidpath);
+ VIR_FREE(pidpath);
VIR_FORCE_CLOSE(fd);
VIR_FORCE_CLOSE(passfd);
+ VIR_FORCE_CLOSE(pidfd);
if (spawnDaemon)
unlink(path);
return -1;

32
0008-spec-Fix-preun-script-for-daemon.patch
View File

@ -1,32 +0,0 @@
From 3dfb3db2950f57f2a2e0330cd480d7880d314729 Mon Sep 17 00:00:00 2001
From: Jiri Denemark <jdenemar@redhat.com>
Date: Wed, 3 Sep 2014 10:51:14 +0200
Subject: [PATCH] spec: Fix preun script for daemon
%systemd_preun macro cannot be split into several lines.
https://bugzilla.redhat.com/show_bug.cgi?id=1136736
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
(cherry picked from commit 6209454d5b10c2d89faab8a56b250f1569d823fe)
---
libvirt.spec.in | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 0741c73..f408c64 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1677,11 +1677,7 @@ fi
%preun daemon
%if %{with_systemd}
%if %{with_systemd_macros}
- %systemd_preun \
- libvirtd.socket \
- libvirtd.service \
- virtlockd.socket \
- virtlockd.service
+ %systemd_preun libvirtd.socket libvirtd.service virtlockd.socket virtlockd.service
%else
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade

98
0009-virSecuritySELinuxSetTapFDLabel-Temporarily-revert-t.patch
View File

@ -1,98 +0,0 @@
From 3c75dc1ed9a32fff16c84f60536ee21ff8e9e19f Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 18 Sep 2014 15:17:29 +0200
Subject: [PATCH] virSecuritySELinuxSetTapFDLabel: Temporarily revert to old
behavior
https://bugzilla.redhat.com/show_bug.cgi?id=1141879
A long time ago I've implemented support for so called multiqueue
net. The idea was to let guest network traffic be processed by
multiple host CPUs and thus increasing performance. However, this
behavior is enabled by QEMU via special ioctl() iterated over the
all tap FDs passed in by libvirt. Unfortunately, SELinux comes in
and disallows the ioctl() call because the /dev/net/tun has label
system_u:object_r:tun_tap_device_t:s0 and 'attach_queue' ioctl()
is not allowed on tun_tap_device_t type. So after discussion with
a SELinux developer we've decided that the FDs passed to the QEMU
should be labelled with svirt_t type and SELinux policy will
allow the ioctl(). Therefore I've made a patch
(cf976d9dcf4e592261b14f03572) that does exactly this. The patch
was fixed then by a4431931393aeb1ac5893f121151fa3df4fde612 and
b635b7a1af0e64754016d758376f382470bc11e7. However, things are not
that easy - even though the API to label FD is called
(fsetfilecon_raw) the underlying file is labelled too! So
effectively we are mangling /dev/net/tun label. Yes, that broke
dozen of other application from openvpn, or boxes, to qemu
running other domains.
The best solution would be if SELinux provides a way to label an
FD only, which could be then labeled when passed to the qemu.
However that's a long path to go and we should fix this
regression AQAP. So I went to talk to the SELinux developer again
and we agreed on temporary solution that:
1) All the three patches are reverted
2) SELinux temporarily allows 'attach_queue' on the
tun_tap_device_t
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit ba7468dbb13f552a9177d01ea8bad155f9877bc3)
---
src/security/security_selinux.c | 34 ++++++++++++++++++++++++++++++++--
1 file changed, 32 insertions(+), 2 deletions(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index e8c13db..c078cab 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2330,17 +2330,47 @@ virSecuritySELinuxSetImageFDLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
}
static int
-virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr,
virDomainDefPtr def,
int fd)
{
+ struct stat buf;
+ security_context_t fcon = NULL;
virSecurityLabelDefPtr secdef;
+ char *str = NULL;
+ int rc = -1;
secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
if (!secdef || !secdef->label)
return 0;
- return virSecuritySELinuxFSetFilecon(fd, secdef->imagelabel);
+ if (fstat(fd, &buf) < 0) {
+ virReportSystemError(errno, _("cannot stat tap fd %d"), fd);
+ goto cleanup;
+ }
+
+ if ((buf.st_mode & S_IFMT) != S_IFCHR) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("tap fd %d is not character device"), fd);
+ goto cleanup;
+ }
+
+ if (getContext(mgr, "/dev/tap.*", buf.st_mode, &fcon) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot lookup default selinux label for tap fd %d"), fd);
+ goto cleanup;
+ }
+
+ if (!(str = virSecuritySELinuxContextAddRange(secdef->label, fcon))) {
+ goto cleanup;
+ } else {
+ rc = virSecuritySELinuxFSetFilecon(fd, str);
+ }
+
+ cleanup:
+ freecon(fcon);
+ VIR_FREE(str);
+ return rc;
}
static char *

1296
0010-conf-Extend-loader-and-introduce-nvram.patch
View File

File diff suppressed because it is too large Load Diff

222
0011-qemu-Implement-extended-loader-and-nvram.patch
View File

@ -1,222 +0,0 @@
From b1a7618b73c8463dba00e6afe252b6c05fa3d89c Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 7 Aug 2014 13:50:00 +0200
Subject: [PATCH] qemu: Implement extended loader and nvram
QEMU now supports UEFI with the following command line:
-drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \
-drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw,unit=1 \
where the first line reflects <loader> and the second one <nvram>.
Moreover, these two lines obsolete the -bios argument.
Note that UEFI is unusable without ACPI. This is handled properly now.
Among with this extension, the variable file is expected to be
writable and hence we need security drivers to label it.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 542899168c382610dbad9a597d27ef3d7c699f68)
---
src/qemu/qemu_command.c | 94 +++++++++++++++++++++-
src/security/security_dac.c | 8 ++
src/security/security_selinux.c | 8 ++
.../qemuxml2argvdata/qemuxml2argv-bios-nvram.args | 10 +++
tests/qemuxml2argvtest.c | 2 +
5 files changed, 118 insertions(+), 4 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.args
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 3cb2e0b..718533b 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7370,6 +7370,94 @@ qemuBuildChrDeviceCommandLine(virCommandPtr cmd,
return 0;
}
+static int
+qemuBuildDomainLoaderCommandLine(virCommandPtr cmd,
+ virDomainDefPtr def,
+ virQEMUCapsPtr qemuCaps)
+{
+ int ret = -1;
+ virDomainLoaderDefPtr loader = def->os.loader;
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+ int unit = 0;
+
+ if (!loader)
+ return 0;
+
+ switch ((virDomainLoader) loader->type) {
+ case VIR_DOMAIN_LOADER_TYPE_ROM:
+ virCommandAddArg(cmd, "-bios");
+ virCommandAddArg(cmd, loader->path);
+ break;
+
+ case VIR_DOMAIN_LOADER_TYPE_PFLASH:
+ /* UEFI is supported only for x86_64 currently */
+ if (def->os.arch != VIR_ARCH_X86_64) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("pflash is not supported for %s guest architecture"),
+ virArchToString(def->os.arch));
+ goto cleanup;
+ }
+
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("this QEMU binary doesn't support -drive"));
+ goto cleanup;
+ }
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE_FORMAT)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("this QEMU binary doesn't support passing "
+ "drive format"));
+ goto cleanup;
+ }
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_NO_ACPI) &&
+ def->features[VIR_DOMAIN_FEATURE_ACPI] != VIR_TRISTATE_SWITCH_ON) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("ACPI must be enabled in order to use UEFI"));
+ goto cleanup;
+ }
+
+ virBufferAsprintf(&buf,
+ "file=%s,if=pflash,format=raw,unit=%d",
+ loader->path, unit);
+ unit++;
+
+ if (loader->readonly) {
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE_READONLY)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("this qemu doesn't support passing "
+ "readonly attribute"));
+ goto cleanup;
+ }
+
+ virBufferAsprintf(&buf, ",readonly=%s",
+ virTristateSwitchTypeToString(loader->readonly));
+ }
+
+ virCommandAddArg(cmd, "-drive");
+ virCommandAddArgBuffer(cmd, &buf);
+
+ if (loader->nvram) {
+ virBufferFreeAndReset(&buf);
+ virBufferAsprintf(&buf,
+ "file=%s,if=pflash,format=raw,unit=%d",
+ loader->nvram, unit);
+
+ virCommandAddArg(cmd, "-drive");
+ virCommandAddArgBuffer(cmd, &buf);
+ }
+ break;
+
+ case VIR_DOMAIN_LOADER_TYPE_LAST:
+ /* nada */
+ break;
+ }
+
+ ret = 0;
+ cleanup:
+ virBufferFreeAndReset(&buf);
+ return ret;
+}
+
qemuBuildCommandLineCallbacks buildCommandLineCallbacks = {
.qemuGetSCSIDeviceSgName = virSCSIDeviceGetSgName,
};
@@ -7525,10 +7613,8 @@ qemuBuildCommandLine(virConnectPtr conn,
virCommandAddArg(cmd, "-enable-nesting");
}
- if (def->os.loader) {
- virCommandAddArg(cmd, "-bios");
- virCommandAddArg(cmd, def->os.loader->path);
- }
+ if (qemuBuildDomainLoaderCommandLine(cmd, def, qemuCaps) < 0)
+ goto error;
/* Set '-m MB' based on maxmem, because the lower 'memory' limit
* is set post-startup using the balloon driver. If balloon driver
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index e62828e..e398d2c 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -960,6 +960,10 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
rc = -1;
}
+ if (def->os.loader && def->os.loader->nvram &&
+ virSecurityDACRestoreSecurityFileLabel(def->os.loader->nvram) < 0)
+ rc = -1;
+
if (def->os.kernel &&
virSecurityDACRestoreSecurityFileLabel(def->os.kernel) < 0)
rc = -1;
@@ -1036,6 +1040,10 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr mgr,
if (virSecurityDACGetImageIds(secdef, priv, &user, &group))
return -1;
+ if (def->os.loader && def->os.loader->nvram &&
+ virSecurityDACSetOwnership(def->os.loader->nvram, user, group) < 0)
+ return -1;
+
if (def->os.kernel &&
virSecurityDACSetOwnership(def->os.kernel, user, group) < 0)
return -1;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index c078cab..a409c19 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1911,6 +1911,10 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
mgr) < 0)
rc = -1;
+ if (def->os.loader && def->os.loader->nvram &&
+ virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.loader->nvram) < 0)
+ rc = -1;
+
if (def->os.kernel &&
virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.kernel) < 0)
rc = -1;
@@ -2294,6 +2298,10 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
mgr) < 0)
return -1;
+ if (def->os.loader && def->os.loader->nvram &&
+ virSecuritySELinuxSetFilecon(def->os.loader->nvram, data->content_context) < 0)
+ return -1;
+
if (def->os.kernel &&
virSecuritySELinuxSetFilecon(def->os.kernel, data->content_context) < 0)
return -1;
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.args b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.args
new file mode 100644
index 0000000..b51e8f3
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-bios-nvram.args
@@ -0,0 +1,10 @@
+LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
+/usr/bin/qemu -S -M pc \
+-drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on \
+-drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw,unit=1 \
+-m 1024 -smp 1 -nographic -nodefaults \
+-monitor unix:/tmp/test-monitor,server,nowait -boot c -usb \
+-drive file=/dev/HostVG/QEMUGuest1,if=none,id=drive-ide0-0-0,format=raw \
+-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
+-serial pty -device usb-tablet,id=input0 \
+-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 3feb2fe..5c28253 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -642,6 +642,8 @@ mymain(void)
DO_TEST_FAILURE("reboot-timeout-enabled", NONE);
DO_TEST("bios", QEMU_CAPS_DEVICE, QEMU_CAPS_SGA);
+ DO_TEST("bios-nvram", QEMU_CAPS_DEVICE, QEMU_CAPS_DRIVE,
+ QEMU_CAPS_DRIVE_FORMAT, QEMU_CAPS_DRIVE_READONLY);
DO_TEST("clock-utc", QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_DEVICE);
DO_TEST("clock-localtime", NONE);
DO_TEST("clock-localtime-basis-localtime", QEMU_CAPS_RTC);

579
0012-qemu-Automatically-create-NVRAM-store.patch
View File

@ -1,579 +0,0 @@
From 97273d08a8a82137f627303cefaabcacdf2acc6b Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 7 Aug 2014 16:59:21 +0200
Subject: [PATCH] qemu: Automatically create NVRAM store
When using split UEFI image, it may come handy if libvirt manages per
domain _VARS file automatically. While the _CODE file is RO and can be
shared among multiple domains, you certainly don't want to do that on
the _VARS file. This latter one needs to be per domain. So at the
domain startup process, if it's determined that domain needs _VARS
file it's copied from this master _VARS file. The location of the
master file is configurable in qemu.conf.
Temporary, on per domain basis the location of master NVRAM file can
be overridden by this @template attribute I'm inventing to the
<nvram/> element. All it does is holding path to the master NVRAM file
from which local copy is created. If that's the case, the map in
qemu.conf is not consulted.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(cherry picked from commit 742b08e30fd503bc992e864828cbabd7e6a099ec)
---
docs/formatdomain.html.in | 11 +-
docs/schemas/domaincommon.rng | 9 +-
libvirt.spec.in | 2 +
src/Makefile.am | 1 +
src/conf/domain_conf.c | 11 +-
src/conf/domain_conf.h | 1 +
src/qemu/libvirtd_qemu.aug | 3 +
src/qemu/qemu.conf | 14 +++
src/qemu/qemu_conf.c | 94 ++++++++++++++
src/qemu/qemu_conf.h | 5 +
src/qemu/qemu_process.c | 137 +++++++++++++++++++++
src/qemu/test_libvirtd_qemu.aug.in | 3 +
tests/domainschemadata/domain-bios-nvram-empty.xml | 40 ++++++
13 files changed, 325 insertions(+), 6 deletions(-)
create mode 100644 tests/domainschemadata/domain-bios-nvram-empty.xml
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 757035a..a2ea758 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -103,7 +103,7 @@
&lt;os&gt;
&lt;type&gt;hvm&lt;/type&gt;
&lt;loader readonly='on' type='rom'&gt;/usr/lib/xen/boot/hvmloader&lt;/loader&gt;
- &lt;nvram&gt;/var/lib/libvirt/nvram/guest_VARS.fd&lt;/nvram&gt;
+ &lt;nvram template='/usr/share/OVMF/OVMF_VARS.fd'&gt;/var/lib/libvirt/nvram/guest_VARS.fd&lt;/nvram&gt;
&lt;boot dev='hd'/&gt;
&lt;boot dev='cdrom'/&gt;
&lt;bootmenu enable='yes' timeout='3000'/&gt;
@@ -142,9 +142,12 @@
<code>pflash</code>.</dd>
<dt><code>nvram</code></dt>
<dd>Some UEFI firmwares may want to use a non-volatile memory to store
- some variables. In the host, this is represented as a file and the
- path to the file is stored in this element. <span class="since">Since
- 1.2.8</span></dd>
+ some variables. In the host, this is represented as a file and the path
+ to the file is stored in this element. Moreover, when the domain is
+ started up libvirt copies so called master NVRAM store file defined
+ in <code>qemu.conf</code>. If needed, the <code>template</code>
+ attribute can be used to per domain override map of master NVRAM stores
+ from the config file. <span class="since">Since 1.2.8</span></dd>
<dt><code>boot</code></dt>
<dd>The <code>dev</code> attribute takes one of the values "fd", "hd",
"cdrom" or "network" and is used to specify the next boot device
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 5d9c21c..6ae940a 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -263,7 +263,14 @@
</optional>
<optional>
<element name="nvram">
- <ref name="absFilePath"/>
+ <optional>
+ <attribute name="template">
+ <ref name="absFilePath"/>
+ </attribute>
+ </optional>
+ <optional>
+ <ref name="absFilePath"/>
+ </optional>
</element>
</optional>
<optional>
diff --git a/libvirt.spec.in b/libvirt.spec.in
index f408c64..f99de39 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1967,6 +1967,7 @@ exit 0
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
+%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
@@ -2069,6 +2070,7 @@ exit 0
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
+%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
diff --git a/src/Makefile.am b/src/Makefile.am
index 46e411e..fa741a8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -2679,6 +2679,7 @@ endif WITH_SANLOCK
if WITH_QEMU
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/qemu"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/qemu/channel/target"
+ $(MKDIR_P) "$(DESTDIR)$(localstatedir)/lib/libvirt/qemu/nvram"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/run/libvirt/qemu"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/cache/libvirt/qemu"
$(MKDIR_P) "$(DESTDIR)$(localstatedir)/log/libvirt/qemu"
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6ee5c17..84f5f1d 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2023,6 +2023,7 @@ virDomainLoaderDefFree(virDomainLoaderDefPtr loader)
VIR_FREE(loader->path);
VIR_FREE(loader->nvram);
+ VIR_FREE(loader->templt);
VIR_FREE(loader);
}
@@ -12768,6 +12769,7 @@ virDomainDefParseXML(xmlDocPtr xml,
goto error;
def->os.loader->nvram = virXPathString("string(./os/nvram[1])", ctxt);
+ def->os.loader->templt = virXPathString("string(./os/nvram[1]/@template)", ctxt);
}
}
@@ -17866,7 +17868,14 @@ virDomainLoaderDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, " type='%s'>", type);
virBufferEscapeString(buf, "%s</loader>\n", loader->path);
- virBufferEscapeString(buf, "<nvram>%s</nvram>\n", loader->nvram);
+ if (loader->nvram || loader->templt) {
+ virBufferAddLit(buf, "<nvram");
+ virBufferEscapeString(buf, " template='%s'", loader->templt);
+ if (loader->nvram)
+ virBufferEscapeString(buf, ">%s</nvram>\n", loader->nvram);
+ else
+ virBufferAddLit(buf, "/>\n");
+ }
}
static bool
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index c97a10c..3316fb6 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1644,6 +1644,7 @@ struct _virDomainLoaderDef {
int readonly; /* enum virTristateBool */
virDomainLoader type;
char *nvram; /* path to non-volatile RAM */
+ char *templt; /* user override of path to master nvram */
};
void virDomainLoaderDefFree(virDomainLoaderDefPtr loader);
diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
index e7db7fe..62951da 100644
--- a/src/qemu/libvirtd_qemu.aug
+++ b/src/qemu/libvirtd_qemu.aug
@@ -88,6 +88,8 @@ module Libvirtd_qemu =
let log_entry = bool_entry "log_timestamp"
+ let nvram_entry = str_array_entry "nvram"
+
(* Each entry in the config is one of the following ... *)
let entry = vnc_entry
| spice_entry
@@ -100,6 +102,7 @@ module Libvirtd_qemu =
| rpc_entry
| network_entry
| log_entry
+ | nvram_entry
let comment = [ label "#comment" . del /#[ \t]*/ "# " . store /([^ \t\n][^\n]*)?/ . del /\n/ "\n" ]
let empty = [ label "#empty" . eol ]
diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index 7bbbe09..79bba36 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -487,3 +487,17 @@
# Defaults to 1.
#
#log_timestamp = 0
+
+
+# Location of master nvram file
+#
+# When a domain is configured to use UEFI instead of standard
+# BIOS it may use a separate storage for UEFI variables. If
+# that's the case libvirt creates the variable store per domain
+# using this master file as image. Each UEFI firmware can,
+# however, have different variables store. Therefore the nvram is
+# a list of strings when a single item is in form of:
+# ${PATH_TO_UEFI_FW}:${PATH_TO_UEFI_VARS}.
+# Later, when libvirt creates per domain variable store, this
+# list is searched for the master image.
+#nvram = [ "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd" ]
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index e2ec54f..ac10b64 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -107,6 +107,9 @@ void qemuDomainCmdlineDefFree(qemuDomainCmdlineDefPtr def)
VIR_FREE(def);
}
+#define VIR_QEMU_LOADER_FILE_PATH "/usr/share/OVMF/OVMF_CODE.fd"
+#define VIR_QEMU_NVRAM_FILE_PATH "/usr/share/OVMF/OVMF_VARS.fd"
+
virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
{
virQEMUDriverConfigPtr cfg;
@@ -255,6 +258,15 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
cfg->logTimestamp = true;
+ if (VIR_ALLOC_N(cfg->loader, 1) < 0 ||
+ VIR_ALLOC_N(cfg->nvram, 1) < 0)
+ goto error;
+ cfg->nloader = 1;
+
+ if (VIR_STRDUP(cfg->loader[0], VIR_QEMU_LOADER_FILE_PATH) < 0 ||
+ VIR_STRDUP(cfg->nvram[0], VIR_QEMU_NVRAM_FILE_PATH) < 0)
+ goto error;
+
return cfg;
error:
@@ -305,6 +317,14 @@ static void virQEMUDriverConfigDispose(void *obj)
virStringFreeList(cfg->securityDriverNames);
VIR_FREE(cfg->lockManagerName);
+
+ while (cfg->nloader) {
+ VIR_FREE(cfg->loader[cfg->nloader - 1]);
+ VIR_FREE(cfg->nvram[cfg->nloader - 1]);
+ cfg->nloader--;
+ }
+ VIR_FREE(cfg->loader);
+ VIR_FREE(cfg->nvram);
}
@@ -328,6 +348,43 @@ virQEMUDriverConfigHugeTLBFSInit(virHugeTLBFSPtr hugetlbfs,
}
+static int
+virQEMUDriverConfigNVRAMParse(const char *str,
+ char **loader,
+ char **nvram)
+{
+ int ret = -1;
+ char **token;
+
+ if (!(token = virStringSplit(str, ":", 0)))
+ goto cleanup;
+
+ if (token[0]) {
+ virSkipSpaces((const char **) &token[0]);
+ if (token[1])
+ virSkipSpaces((const char **) &token[1]);
+ }
+
+ /* Exactly two tokens are expected */
+ if (!token[0] || !token[1] || token[2] ||
+ STREQ(token[0], "") || STREQ(token[1], "")) {
+ virReportError(VIR_ERR_CONF_SYNTAX,
+ _("Invalid nvram format: '%s'"),
+ str);
+ goto cleanup;
+ }
+
+ if (VIR_STRDUP(*loader, token[0]) < 0 ||
+ VIR_STRDUP(*nvram, token[1]) < 0)
+ goto cleanup;
+
+ ret = 0;
+ cleanup:
+ virStringFreeList(token);
+ return ret;
+}
+
+
int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
const char *filename)
{
@@ -654,6 +711,43 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
GET_VALUE_BOOL("log_timestamp", cfg->logTimestamp);
+ if ((p = virConfGetValue(conf, "nvram"))) {
+ size_t len;
+ virConfValuePtr pp;
+
+ CHECK_TYPE("nvram", VIR_CONF_LIST);
+
+ while (cfg->nloader) {
+ VIR_FREE(cfg->loader[cfg->nloader - 1]);
+ VIR_FREE(cfg->nvram[cfg->nloader - 1]);
+ cfg->nloader--;
+ }
+ VIR_FREE(cfg->loader);
+ VIR_FREE(cfg->nvram);
+
+ /* Calc length and check items */
+ for (len = 0, pp = p->list; pp; len++, pp = pp->next) {
+ if (pp->type != VIR_CONF_STRING) {
+ virReportError(VIR_ERR_CONF_SYNTAX, "%s",
+ _("nvram must be a list of strings"));
+ goto cleanup;
+ }
+ }
+
+ if (len &&
+ (VIR_ALLOC_N(cfg->loader, len) < 0 ||
+ VIR_ALLOC_N(cfg->nvram, len) < 0))
+ goto cleanup;
+ cfg->nloader = len;
+
+ for (i = 0, pp = p->list; pp; i++, pp = pp->next) {
+ if (virQEMUDriverConfigNVRAMParse(pp->str,
+ &cfg->loader[i],
+ &cfg->nvram[i]) < 0)
+ goto cleanup;
+ }
+ }
+
ret = 0;
cleanup:
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index ae7ac56..1f521e5 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -172,6 +172,11 @@ struct _virQEMUDriverConfig {
int migrationPortMax;
bool logTimestamp;
+
+ /* Pairs of loader:nvram paths. The list is @nloader items long */
+ char **loader;
+ char **nvram;
+ size_t nloader;
};
/* Main driver state */
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index f68dfbe..5b120d4 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -67,6 +67,7 @@
#include "virstring.h"
#include "virhostdev.h"
#include "storage/storage_driver.h"
+#include "configmake.h"
#define VIR_FROM_THIS VIR_FROM_QEMU
@@ -3734,6 +3735,135 @@ qemuProcessVerifyGuestCPU(virQEMUDriverPtr driver,
}
+static int
+qemuPrepareNVRAM(virQEMUDriverConfigPtr cfg,
+ virDomainDefPtr def,
+ bool migrated)
+{
+ int ret = -1;
+ int srcFD = -1;
+ int dstFD = -1;
+ virDomainLoaderDefPtr loader = def->os.loader;
+ bool generated = false;
+ bool created = false;
+
+ /* Unless domain has RO loader of pflash type, we have
+ * nothing to do here. If the loader is RW then it's not
+ * using split code and vars feature, so no nvram file needs
+ * to be created. */
+ if (!loader || loader->type != VIR_DOMAIN_LOADER_TYPE_PFLASH ||
+ loader->readonly != VIR_TRISTATE_SWITCH_ON)
+ return 0;
+
+ /* If the nvram path is configured already, there's nothing
+ * we need to do. Unless we are starting the destination side
+ * of migration in which case nvram is configured in the
+ * domain XML but the file doesn't exist yet. Moreover, after
+ * the migration is completed, qemu will invoke a
+ * synchronization write into the nvram file so we don't have
+ * to take care about transmitting the real data on the other
+ * side. */
+ if (loader->nvram && !migrated)
+ return 0;
+
+ /* Autogenerate nvram path if needed.*/
+ if (!loader->nvram) {
+ if (virAsprintf(&loader->nvram,
+ "%s/lib/libvirt/qemu/nvram/%s_VARS.fd",
+ LOCALSTATEDIR, def->name) < 0)
+ goto cleanup;
+
+ generated = true;
+ }
+
+ if (!virFileExists(loader->nvram)) {
+ const char *master_nvram_path = loader->templt;
+ ssize_t r;
+
+ if (!loader->templt) {
+ size_t i;
+ for (i = 0; i < cfg->nloader; i++) {
+ if (STREQ(cfg->loader[i], loader->path)) {
+ master_nvram_path = cfg->nvram[i];
+ break;
+ }
+ }
+ }
+
+ if (!master_nvram_path) {
+ virReportError(VIR_ERR_OPERATION_FAILED,
+ _("unable to find any master var store for "
+ "loader: %s"), loader->path);
+ goto cleanup;
+ }
+
+ if ((srcFD = virFileOpenAs(master_nvram_path, O_RDONLY,
+ 0, -1, -1, 0)) < 0) {
+ virReportSystemError(-srcFD,
+ _("Failed to open file '%s'"),
+ master_nvram_path);
+ goto cleanup;
+ }
+ if ((dstFD = virFileOpenAs(loader->nvram,
+ O_WRONLY | O_CREAT | O_EXCL,
+ S_IRUSR | S_IWUSR,
+ cfg->user, cfg->group, 0)) < 0) {
+ virReportSystemError(-dstFD,
+ _("Failed to create file '%s'"),
+ loader->nvram);
+ goto cleanup;
+ }
+ created = true;
+
+ do {
+ char buf[1024];
+
+ if ((r = saferead(srcFD, buf, sizeof(buf))) < 0) {
+ virReportSystemError(errno,
+ _("Unable to read from file '%s'"),
+ master_nvram_path);
+ goto cleanup;
+ }
+
+ if (safewrite(dstFD, buf, r) < 0) {
+ virReportSystemError(errno,
+ _("Unable to write to file '%s'"),
+ loader->nvram);
+ goto cleanup;
+ }
+ } while (r);
+
+ if (VIR_CLOSE(srcFD) < 0) {
+ virReportSystemError(errno,
+ _("Unable to close file '%s'"),
+ master_nvram_path);
+ goto cleanup;
+ }
+ if (VIR_CLOSE(dstFD) < 0) {
+ virReportSystemError(errno,
+ _("Unable to close file '%s'"),
+ loader->nvram);
+ goto cleanup;
+ }
+ }
+
+ ret = 0;
+ cleanup:
+ /* We successfully generated the nvram path, but failed to
+ * copy the file content. Roll back. */
+ if (ret < 0) {
+ if (created)
+ unlink(loader->nvram);
+ if (generated)
+ VIR_FREE(loader->nvram);
+ }
+
+ VIR_FORCE_CLOSE(srcFD);
+ VIR_FORCE_CLOSE(dstFD);
+ return ret;
+}
+
+
int qemuProcessStart(virConnectPtr conn,
virQEMUDriverPtr driver,
virDomainObjPtr vm,
@@ -3802,6 +3932,13 @@ int qemuProcessStart(virConnectPtr conn,
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
+ /* Some things, paths, ... are generated here and we want them to persist.
+ * Fill them in prior to setting the domain def as transient. */
+ VIR_DEBUG("Generating paths");
+
+ if (qemuPrepareNVRAM(cfg, vm->def, migrateFrom) < 0)
+ goto cleanup;
+
/* Do this upfront, so any part of the startup process can add
* runtime state to vm->def that won't be persisted. This let's us
* report implicit runtime defaults in the XML, like vnc listen/socket
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in
index 7796acc..d2bc2c0 100644
--- a/src/qemu/test_libvirtd_qemu.aug.in
+++ b/src/qemu/test_libvirtd_qemu.aug.in
@@ -74,3 +74,6 @@ module Test_libvirtd_qemu =
{ "migration_port_min" = "49152" }
{ "migration_port_max" = "49215" }
{ "log_timestamp" = "0" }
+{ "nvram"
+ { "1" = "/usr/share/OVMF/OVMF_CODE.fd:/usr/share/OVMF/OVMF_VARS.fd" }
+}
diff --git a/tests/domainschemadata/domain-bios-nvram-empty.xml b/tests/domainschemadata/domain-bios-nvram-empty.xml
new file mode 100644
index 0000000..e7643f3
--- /dev/null
+++ b/tests/domainschemadata/domain-bios-nvram-empty.xml
@@ -0,0 +1,40 @@
+<domain type='qemu'>
+ <name>test-bios</name>
+ <uuid>362d1fc1-df7d-193e-5c18-49a71bd1da66</uuid>
+ <memory unit='KiB'>1048576</memory>
+ <currentMemory unit='KiB'>1048576</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
+ <nvram template='/usr/share/OVMF/OVMF_VARS.fd'/>
+ <boot dev='hd'/>
+ <bootmenu enable='yes'/>
+ </os>
+ <features>
+ <acpi/>
+ </features>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>restart</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu</emulator>
+ <disk type='block' device='disk'>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0'/>
+ <controller type='ide' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <serial type='pty'>
+ <target port='0'/>
+ </serial>
+ <console type='pty'>
+ <target type='serial' port='0'/>
+ </console>
+ <input type='tablet' bus='usb'/>
+ <memballoon model='virtio'/>
+ </devices>
+</domain>

53
0013-nvram-Fix-permissions.patch
View File

@ -1,53 +0,0 @@
From cbbccd865f4c3f630e89b4270a036bfb3f76041b Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 11 Sep 2014 12:09:04 +0200
Subject: [PATCH] nvram: Fix permissions
I've noticed two problem with the automatically created NVRAM varstore
file. The first, even though I run qemu as root:root for some reason I
get Permission denied when trying to open the _VARS.fd file. The
problem is, the upper directory misses execute permissions, which in
combination with us dropping some capabilities result in EPERM.
The next thing is, that if I switch SELinux to enforcing mode, I get
another EPERM because the vars file is not labeled correctly. It is
passed to qemu as disk and hence should be labelled as disk. QEMU may
write to it eventually, so this is different to kernel or initrd.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 37d8c75fad297891b80086b125046ed3990eaf59)
---
libvirt.spec.in | 2 +-
src/security/security_selinux.c | 5 ++++-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index f99de39..32e51f7 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1967,7 +1967,7 @@ exit 0
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
-%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
+%dir %attr(0711, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a409c19..b9efbc5 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -2298,8 +2298,11 @@ virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
mgr) < 0)
return -1;
+ /* This is different than kernel or initrd. The nvram store
+ * is really a disk, qemu can read and write to it. */
if (def->os.loader && def->os.loader->nvram &&
- virSecuritySELinuxSetFilecon(def->os.loader->nvram, data->content_context) < 0)
+ secdef && secdef->imagelabel &&
+ virSecuritySELinuxSetFilecon(def->os.loader->nvram, secdef->imagelabel) < 0)
return -1;
if (def->os.kernel &&

148
0014-virDomainUndefineFlags-Allow-NVRAM-unlinking.patch
View File

@ -1,148 +0,0 @@
From 7da89c42f92a7ce7430908ab08ea3b380306b603 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 11 Sep 2014 13:17:11 +0200
Subject: [PATCH] virDomainUndefineFlags: Allow NVRAM unlinking
When a domain is undefined, there are options to remove it's
managed save state or snapshots. However, there's another file
that libvirt creates per domain: the NVRAM variable store file.
Make sure that the file is not left behind if the domain is
undefined.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 273b6581ca8dae11e6ff40e3d13813fdbb37d41b)
---
include/libvirt/libvirt.h.in | 2 ++
src/qemu/qemu_driver.c | 20 +++++++++++++++++++-
tools/virsh-domain.c | 20 ++++++++++++++++----
tools/virsh.pod | 6 +++++-
4 files changed, 42 insertions(+), 6 deletions(-)
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
index a64f597..8996231 100644
--- a/include/libvirt/libvirt.h.in
+++ b/include/libvirt/libvirt.h.in
@@ -2257,6 +2257,8 @@ typedef enum {
VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA = (1 << 1), /* If last use of domain,
then also remove any
snapshot metadata */
+ VIR_DOMAIN_UNDEFINE_NVRAM = (1 << 2), /* Also remove any
+ nvram file */
/* Future undefine control flags should come here. */
} virDomainUndefineFlagsValues;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 239a300..588eba4 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6402,7 +6402,8 @@ qemuDomainUndefineFlags(virDomainPtr dom,
virQEMUDriverConfigPtr cfg = NULL;
virCheckFlags(VIR_DOMAIN_UNDEFINE_MANAGED_SAVE |
- VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA, -1);
+ VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA |
+ VIR_DOMAIN_UNDEFINE_NVRAM, -1);
if (!(vm = qemuDomObjFromDomain(dom)))
return -1;
@@ -6451,6 +6452,23 @@ qemuDomainUndefineFlags(virDomainPtr dom,
}
}
+ if (!virDomainObjIsActive(vm) &&
+ vm->def->os.loader && vm->def->os.loader->nvram &&
+ virFileExists(vm->def->os.loader->nvram)) {
+ if (!(flags & VIR_DOMAIN_UNDEFINE_NVRAM)) {
+ virReportError(VIR_ERR_OPERATION_INVALID, "%s",
+ _("cannot delete inactive domain with nvram"));
+ goto cleanup;
+ }
+
+ if (unlink(vm->def->os.loader->nvram) < 0) {
+ virReportSystemError(errno,
+ _("failed to remove nvram: %s"),
+ vm->def->os.loader->nvram);
+ goto cleanup;
+ }
+ }
+
if (virDomainDeleteConfig(cfg->configDir, cfg->autostartDir, vm) < 0)
goto cleanup;
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index c75cd73..d84db51 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -3038,6 +3038,10 @@ static const vshCmdOptDef opts_undefine[] = {
.type = VSH_OT_BOOL,
.help = N_("remove all domain snapshot metadata, if inactive")
},
+ {.name = "nvram",
+ .type = VSH_OT_BOOL,
+ .help = N_("remove nvram file, if inactive")
+ },
{.name = NULL}
};
@@ -3060,6 +3064,7 @@ cmdUndefine(vshControl *ctl, const vshCmd *cmd)
bool snapshots_metadata = vshCommandOptBool(cmd, "snapshots-metadata");
bool wipe_storage = vshCommandOptBool(cmd, "wipe-storage");
bool remove_all_storage = vshCommandOptBool(cmd, "remove-all-storage");
+ bool nvram = vshCommandOptBool(cmd, "nvram");
/* Positive if these items exist. */
int has_managed_save = 0;
int has_snapshots_metadata = 0;
@@ -3103,6 +3108,9 @@ cmdUndefine(vshControl *ctl, const vshCmd *cmd)
flags |= VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA;
snapshots_safe = true;
}
+ if (nvram) {
+ flags |= VIR_DOMAIN_UNDEFINE_NVRAM;
+ }
if (!(dom = vshCommandOptDomain(ctl, cmd, &name)))
return false;
@@ -3293,11 +3301,15 @@ cmdUndefine(vshControl *ctl, const vshCmd *cmd)
* VIR_DOMAIN_UNDEFINE_MANAGED_SAVE in 0.9.4, the
* VIR_DOMAIN_UNDEFINE_SNAPSHOTS_METADATA flag was not present
* until 0.9.5; skip to piecewise emulation if we couldn't prove
- * above that the new API is safe. */
- if (managed_save_safe && snapshots_safe) {
+ * above that the new API is safe.
+ * Moreover, only the newer UndefineFlags() API understands
+ * the VIR_DOMAIN_UNDEFINE_NVRAM flag. So if user has
+ * specified --nvram we must use the Flags() API. */
+ if ((managed_save_safe && snapshots_safe) || nvram) {
rc = virDomainUndefineFlags(dom, flags);
- if (rc == 0 || (last_error->code != VIR_ERR_NO_SUPPORT &&
- last_error->code != VIR_ERR_INVALID_ARG))
+ if (rc == 0 || nvram ||
+ (last_error->code != VIR_ERR_NO_SUPPORT &&
+ last_error->code != VIR_ERR_INVALID_ARG))
goto out;
vshResetLibvirtError();
}
diff --git a/tools/virsh.pod b/tools/virsh.pod
index ea9267e..a9fad73 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -2058,7 +2058,7 @@ Output the device used for the TTY console of the domain. If the information
is not available the processes will provide an exit code of 1.
=item B<undefine> I<domain> [I<--managed-save>] [I<--snapshots-metadata>]
-[ {I<--storage> B<volumes> | I<--remove-all-storage>} I<--wipe-storage>]
+[I<--nvram>] [ {I<--storage> B<volumes> | I<--remove-all-storage>} I<--wipe-storage>]
Undefine a domain. If the domain is running, this converts it to a
transient domain, without stopping it. If the domain is inactive,
@@ -2074,6 +2074,10 @@ domain. Without the flag, attempts to undefine an inactive domain with
snapshot metadata will fail. If the domain is active, this flag is
ignored.
+The I<--nvram> flag ensures no nvram (/domain/os/nvram/) file is
+left behind. If the domain has an nvram file and the flag is
+omitted, the undefine will fail.
+
The I<--storage> flag takes a parameter B<volumes>, which is a comma separated
list of volume target names or source paths of storage volumes to be removed
along with the undefined domain. Volumes can be undefined and thus removed only

32
0015-formatdomain-Update-loader-example-to-match-the-rest.patch
View File

@ -1,32 +0,0 @@
From ebc6db93895fdba68f53dc22308ada6d31f7b3b9 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Fri, 12 Sep 2014 13:18:32 +0200
Subject: [PATCH] formatdomain: Update <loader/> example to match the rest
At the beginning when I was inventing <loader/> attributes and
<nvram/> I've introduced this @readonly attribute to the loader
element. It accepted values 'on' and 'off'. However, later, during the
review process, that has changed to 'yes' and 'no', but the example
XML snippet wasn't updated, so while the description is correct, the
example isn't.
Reported-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit dcf7d0423c1ad79e45df4ddd1cb619603cf221e7)
---
docs/formatdomain.html.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index a2ea758..5081be3 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -102,7 +102,7 @@
...
&lt;os&gt;
&lt;type&gt;hvm&lt;/type&gt;
- &lt;loader readonly='on' type='rom'&gt;/usr/lib/xen/boot/hvmloader&lt;/loader&gt;
+ &lt;loader readonly='yes' type='rom'&gt;/usr/lib/xen/boot/hvmloader&lt;/loader&gt;
&lt;nvram template='/usr/share/OVMF/OVMF_VARS.fd'&gt;/var/lib/libvirt/nvram/guest_VARS.fd&lt;/nvram&gt;
&lt;boot dev='hd'/&gt;
&lt;boot dev='cdrom'/&gt;

338
0016-domaincaps-Expose-UEFI-capability.patch
View File

@ -1,338 +0,0 @@
From e26c0cd7a5519390374ccd05e4b2291c7094f837 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Tue, 16 Sep 2014 14:47:47 +0200
Subject: [PATCH] domaincaps: Expose UEFI capability
As of 542899168c38 we learned libvirt to use UEFI for domains.
However, management applications may firstly query if libvirt
supports it. And this is where virConnectGetDomainCapabilities()
API comes handy.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 4f76621c0edb895431a6fc30c026865dbf1c1316)
---
docs/formatdomaincaps.html.in | 40 ++++++++++++++++++++++
docs/schemas/domaincaps.rng | 21 ++++++++++++
src/conf/domain_capabilities.c | 28 +++++++++++++++
src/conf/domain_capabilities.h | 16 +++++++++
src/qemu/qemu_capabilities.c | 38 ++++++++++++++++++++
tests/domaincapsschemadata/domaincaps-basic.xml | 1 +
tests/domaincapsschemadata/domaincaps-full.xml | 13 +++++++
.../domaincaps-qemu_1.6.50-1.xml | 12 +++++++
tests/domaincapstest.c | 8 +++++
9 files changed, 177 insertions(+)
diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in
index 66b6017..34d746d 100644
--- a/docs/formatdomaincaps.html.in
+++ b/docs/formatdomaincaps.html.in
@@ -93,6 +93,46 @@
<dd>The maximum number of supported virtual CPUs</dd>
</dl>
+ <h3><a name="elementsOSBIOS">BIOS bootloader</a></h3>
+
+ <p>Sometimes users might want to tweak some BIOS knobs or use
+ UEFI. For cases like that, <a
+ href="formatdomain.html#elementsOSBIOS"><code>os</code></a>
+ element exposes what values can be passed to its children.</p>
+
+<pre>
+&lt;domainCapabilities&gt;
+ ...
+ &lt;os supported='yes'&gt;
+ &lt;loader supported='yes'&gt;
+ &lt;enum name='type'&gt;
+ &lt;value&gt;rom&lt;/value&gt;
+ &lt;value&gt;pflash&lt;/value&gt;
+ &lt;/enum&gt;
+ &lt;enum name='readonly'&gt;
+ &lt;value&gt;yes&lt;/value&gt;
+ &lt;value&gt;no&lt;/value&gt;
+ &lt;/enum&gt;
+ &lt;/loader&gt;
+ &lt;/os&gt;
+ ...
+&lt;domainCapabilities&gt;
+</pre>
+
+ <p>For the <code>loader</code> element, the following can occur:</p>
+
+ <dl>
+ <dt>type</dt>
+ <dd>Whether loader is a typical BIOS (<code>rom</code>) or
+ an UEFI binary (<code>pflash</code>). This refers to
+ <code>type</code> attribute of the &lt;loader/&gt;
+ element.</dd>
+
+ <dt>readonly</dt>
+ <dd>Options for the <code>readonly</code> attribute of the
+ &lt;loader/&gt; element.</dd>
+ </dl>
+
<h3><a name="elementsDevices">Devices</a></h3>
<p>
diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng
index 627b699..ad8d966 100644
--- a/docs/schemas/domaincaps.rng
+++ b/docs/schemas/domaincaps.rng
@@ -26,6 +26,9 @@
<ref name='vcpu'/>
</optional>
<optional>
+ <ref name='os'/>
+ </optional>
+ <optional>
<ref name='devices'/>
</optional>
</interleave>
@@ -41,6 +44,24 @@
</element>
</define>
+ <define name='loader'>
+ <element name='loader'>
+ <ref name='supported'/>
+ <ref name='enum'/>
+ </element>
+ </define>
+
+ <define name='os'>
+ <element name='os'>
+ <interleave>
+ <ref name='supported'/>
+ <optional>
+ <ref name='loader'/>
+ </optional>
+ </interleave>
+ </element>
+ </define>
+
<define name='devices'>
<element name='devices'>
<interleave>
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index df190eb..5a3c8e7 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -178,6 +178,32 @@ virDomainCapsEnumFormat(virBufferPtr buf,
#capsEnum, valToStr); \
} while (0)
+
+static void
+virDomainCapsLoaderFormat(virBufferPtr buf,
+ virDomainCapsLoaderPtr loader)
+{
+ FORMAT_PROLOGUE(loader);
+
+ ENUM_PROCESS(loader, type, virDomainLoaderTypeToString);
+ ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString);
+
+ FORMAT_EPILOGUE(loader);
+}
+
+static void
+virDomainCapsOSFormat(virBufferPtr buf,
+ virDomainCapsOSPtr os)
+{
+ virDomainCapsLoaderPtr loader = &os->loader;
+
+ FORMAT_PROLOGUE(os);
+
+ virDomainCapsLoaderFormat(buf, loader);
+
+ FORMAT_EPILOGUE(os);
+}
+
static void
virDomainCapsDeviceDiskFormat(virBufferPtr buf,
virDomainCapsDeviceDiskPtr const disk)
@@ -225,6 +251,8 @@ virDomainCapsFormatInternal(virBufferPtr buf,
if (caps->maxvcpus)
virBufferAsprintf(buf, "<vcpu max='%d'/>\n", caps->maxvcpus);
+ virDomainCapsOSFormat(buf, &caps->os);
+
virBufferAddLit(buf, "<devices>\n");
virBufferAdjustIndent(buf, 2);
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index 731e66f..768646b 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -43,6 +43,21 @@ struct _virDomainCapsDevice {
bool supported; /* true if <devtype> is supported by hypervisor */
};
+typedef struct _virDomainCapsLoader virDomainCapsLoader;
+typedef virDomainCapsLoader *virDomainCapsLoaderPtr;
+struct _virDomainCapsLoader {
+ virDomainCapsDevice device;
+ virDomainCapsEnum type; /* Info about virDomainLoader */
+ virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */
+};
+
+typedef struct _virDomainCapsOS virDomainCapsOS;
+typedef virDomainCapsOS *virDomainCapsOSPtr;
+struct _virDomainCapsOS {
+ virDomainCapsDevice device;
+ virDomainCapsLoader loader; /* Info about virDomainLoaderDef */
+};
+
typedef struct _virDomainCapsDeviceDisk virDomainCapsDeviceDisk;
typedef virDomainCapsDeviceDisk *virDomainCapsDeviceDiskPtr;
struct _virDomainCapsDeviceDisk {
@@ -75,6 +90,7 @@ struct _virDomainCaps {
/* Some machine specific info */
int maxvcpus;
+ virDomainCapsOS os;
virDomainCapsDeviceDisk disk;
virDomainCapsDeviceHostdev hostdev;
/* add new domain devices here */
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index c70a1a8..c999ee4 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -3609,6 +3609,42 @@ virQEMUCapsGetDefaultMachine(virQEMUCapsPtr qemuCaps)
static void
+virQEMUCapsFillDomainLoaderCaps(virQEMUCapsPtr qemuCaps,
+ virDomainCapsLoaderPtr loader,
+ virArch arch)
+{
+ loader->device.supported = true;
+
+ VIR_DOMAIN_CAPS_ENUM_SET(loader->type,
+ VIR_DOMAIN_LOADER_TYPE_ROM);
+
+ if (arch == VIR_ARCH_X86_64 &&
+ virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE) &&
+ virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE_FORMAT))
+ VIR_DOMAIN_CAPS_ENUM_SET(loader->type,
+ VIR_DOMAIN_LOADER_TYPE_PFLASH);
+
+
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DRIVE_READONLY))
+ VIR_DOMAIN_CAPS_ENUM_SET(loader->readonly,
+ VIR_TRISTATE_BOOL_YES,
+ VIR_TRISTATE_BOOL_NO);
+}
+
+
+static void
+virQEMUCapsFillDomainOSCaps(virQEMUCapsPtr qemuCaps,
+ virDomainCapsOSPtr os,
+ virArch arch)
+{
+ virDomainCapsLoaderPtr loader = &os->loader;
+
+ os->device.supported = true;
+ virQEMUCapsFillDomainLoaderCaps(qemuCaps, loader, arch);
+}
+
+
+static void
virQEMUCapsFillDomainDeviceDiskCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsDeviceDiskPtr disk)
{
@@ -3686,12 +3722,14 @@ void
virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps)
{
+ virDomainCapsOSPtr os = &domCaps->os;
virDomainCapsDeviceDiskPtr disk = &domCaps->disk;
virDomainCapsDeviceHostdevPtr hostdev = &domCaps->hostdev;
int maxvcpus = virQEMUCapsGetMachineMaxCpus(qemuCaps, domCaps->machine);
domCaps->maxvcpus = maxvcpus;
+ virQEMUCapsFillDomainOSCaps(qemuCaps, os, domCaps->arch);
virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, disk);
virQEMUCapsFillDomainDeviceHostdevCaps(qemuCaps, hostdev);
}
diff --git a/tests/domaincapsschemadata/domaincaps-basic.xml b/tests/domaincapsschemadata/domaincaps-basic.xml
index 9963519..6171393 100644
--- a/tests/domaincapsschemadata/domaincaps-basic.xml
+++ b/tests/domaincapsschemadata/domaincaps-basic.xml
@@ -3,6 +3,7 @@
<domain>uml</domain>
<machine>my-machine-type</machine>
<arch>x86_64</arch>
+ <os supported='no'/>
<devices>
<disk supported='no'/>
<hostdev supported='no'/>
diff --git a/tests/domaincapsschemadata/domaincaps-full.xml b/tests/domaincapsschemadata/domaincaps-full.xml
index 58dd4cb..9722772 100644
--- a/tests/domaincapsschemadata/domaincaps-full.xml
+++ b/tests/domaincapsschemadata/domaincaps-full.xml
@@ -4,6 +4,19 @@
<machine>my-machine-type</machine>
<arch>x86_64</arch>
<vcpu max='255'/>
+ <os supported='yes'>
+ <loader supported='yes'>
+ <enum name='type'>
+ <value>rom</value>
+ <value>pflash</value>
+ </enum>
+ <enum name='readonly'>
+ <value>default</value>
+ <value>yes</value>
+ <value>no</value>
+ </enum>
+ </loader>
+ </os>
<devices>
<disk supported='yes'>
<enum name='diskDevice'>
diff --git a/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml b/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
index 8b63993..568cecb 100644
--- a/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
+++ b/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
@@ -3,6 +3,18 @@
<domain>kvm</domain>
<machine>pc-1.2</machine>
<arch>x86_64</arch>
+ <os supported='yes'>
+ <loader supported='yes'>
+ <enum name='type'>
+ <value>rom</value>
+ <value>pflash</value>
+ </enum>
+ <enum name='readonly'>
+ <value>yes</value>
+ <value>no</value>
+ </enum>
+ </loader>
+ </os>
<devices>
<disk supported='yes'>
<enum name='diskDevice'>
diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c
index 78197e2..f240643 100644
--- a/tests/domaincapstest.c
+++ b/tests/domaincapstest.c
@@ -38,10 +38,18 @@ static void
fillAll(virDomainCapsPtr domCaps,
void *opaque ATTRIBUTE_UNUSED)
{
+ virDomainCapsOSPtr os = &domCaps->os;
+ virDomainCapsLoaderPtr loader = &os->loader;
virDomainCapsDeviceDiskPtr disk = &domCaps->disk;
virDomainCapsDeviceHostdevPtr hostdev = &domCaps->hostdev;
domCaps->maxvcpus = 255;
+ os->device.supported = true;
+
+ loader->device.supported = true;
+ SET_ALL_BITS(loader->type);
+ SET_ALL_BITS(loader->readonly);
+
disk->device.supported = true;
SET_ALL_BITS(disk->diskDevice);
SET_ALL_BITS(disk->bus);

192
0017-qemu_capabilities-Change-virQEMUCapsFillDomainCaps-s.patch
View File

@ -1,192 +0,0 @@
From b9471c6a4ad05bdd7d5a3e69da357fb5ced0d704 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 17 Sep 2014 11:33:35 +0200
Subject: [PATCH] qemu_capabilities: Change virQEMUCapsFillDomainCaps signature
Up till now the virQEMUCapsFillDomainCaps() was type of void as
there was no way for it to fail. This is, however, going to
change in the next commit.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 2b2e4a7acff5574dd82bfbd61a638270f6be54ef)
---
src/qemu/qemu_capabilities.c | 25 ++++++++++++++++---------
src/qemu/qemu_capabilities.h | 4 ++--
src/qemu/qemu_driver.c | 3 ++-
tests/domaincapstest.c | 19 ++++++++++++-------
4 files changed, 32 insertions(+), 19 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index c999ee4..d2e5f47 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -3608,7 +3608,7 @@ virQEMUCapsGetDefaultMachine(virQEMUCapsPtr qemuCaps)
}
-static void
+static int
virQEMUCapsFillDomainLoaderCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsLoaderPtr loader,
virArch arch)
@@ -3629,10 +3629,11 @@ virQEMUCapsFillDomainLoaderCaps(virQEMUCapsPtr qemuCaps,
VIR_DOMAIN_CAPS_ENUM_SET(loader->readonly,
VIR_TRISTATE_BOOL_YES,
VIR_TRISTATE_BOOL_NO);
+ return 0;
}
-static void
+static int
virQEMUCapsFillDomainOSCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsOSPtr os,
virArch arch)
@@ -3640,11 +3641,13 @@ virQEMUCapsFillDomainOSCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsLoaderPtr loader = &os->loader;
os->device.supported = true;
- virQEMUCapsFillDomainLoaderCaps(qemuCaps, loader, arch);
+ if (virQEMUCapsFillDomainLoaderCaps(qemuCaps, loader, arch) < 0)
+ return -1;
+ return 0;
}
-static void
+static int
virQEMUCapsFillDomainDeviceDiskCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsDeviceDiskPtr disk)
{
@@ -3667,10 +3670,11 @@ virQEMUCapsFillDomainDeviceDiskCaps(virQEMUCapsPtr qemuCaps,
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_USB_STORAGE))
VIR_DOMAIN_CAPS_ENUM_SET(disk->bus, VIR_DOMAIN_DISK_BUS_USB);
+ return 0;
}
-static void
+static int
virQEMUCapsFillDomainDeviceHostdevCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsDeviceHostdevPtr hostdev)
{
@@ -3715,10 +3719,11 @@ virQEMUCapsFillDomainDeviceHostdevCaps(virQEMUCapsPtr qemuCaps,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_KVM);
}
+ return 0;
}
-void
+int
virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
virQEMUCapsPtr qemuCaps)
{
@@ -3729,7 +3734,9 @@ virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
domCaps->maxvcpus = maxvcpus;
- virQEMUCapsFillDomainOSCaps(qemuCaps, os, domCaps->arch);
- virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, disk);
- virQEMUCapsFillDomainDeviceHostdevCaps(qemuCaps, hostdev);
+ if (virQEMUCapsFillDomainOSCaps(qemuCaps, os, domCaps->arch) < 0 ||
+ virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, disk) < 0 ||
+ virQEMUCapsFillDomainDeviceHostdevCaps(qemuCaps, hostdev) < 0)
+ return -1;
+ return 0;
}
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 0980c00..828bba3 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -324,7 +324,7 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
virQEMUCapsPtr kvmbinCaps,
virArch guestarch);
-void virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
- virQEMUCapsPtr qemuCaps);
+int virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
+ virQEMUCapsPtr qemuCaps);
#endif /* __QEMU_CAPABILITIES_H__*/
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 588eba4..9c1644c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -17205,7 +17205,8 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
if (!(domCaps = virDomainCapsNew(emulatorbin, machine, arch, virttype)))
goto cleanup;
- virQEMUCapsFillDomainCaps(domCaps, qemuCaps);
+ if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps) < 0)
+ goto cleanup;
ret = virDomainCapsFormat(domCaps);
cleanup:
diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c
index f240643..0c4b09f 100644
--- a/tests/domaincapstest.c
+++ b/tests/domaincapstest.c
@@ -28,13 +28,13 @@
#define VIR_FROM_THIS VIR_FROM_NONE
-typedef void (*virDomainCapsFill)(virDomainCapsPtr domCaps,
- void *opaque);
+typedef int (*virDomainCapsFill)(virDomainCapsPtr domCaps,
+ void *opaque);
#define SET_ALL_BITS(x) \
memset(&(x.values), 0xff, sizeof(x.values))
-static void
+static int
fillAll(virDomainCapsPtr domCaps,
void *opaque ATTRIBUTE_UNUSED)
{
@@ -60,18 +60,20 @@ fillAll(virDomainCapsPtr domCaps,
SET_ALL_BITS(hostdev->subsysType);
SET_ALL_BITS(hostdev->capsType);
SET_ALL_BITS(hostdev->pciBackend);
+ return 0;
}
#ifdef WITH_QEMU
# include "testutilsqemu.h"
-static void
+static int
fillQemuCaps(virDomainCapsPtr domCaps,
void *opaque)
{
virQEMUCapsPtr qemuCaps = (virQEMUCapsPtr) opaque;
- virQEMUCapsFillDomainCaps(domCaps, qemuCaps);
+ if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps) < 0)
+ return -1;
/* The function above tries to query host's KVM & VFIO capabilities by
* calling qemuHostdevHostSupportsPassthroughLegacy() and
@@ -82,6 +84,7 @@ fillQemuCaps(virDomainCapsPtr domCaps,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_KVM,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO);
+ return 0;
}
#endif /* WITH_QEMU */
@@ -99,8 +102,10 @@ buildVirDomainCaps(const char *emulatorbin,
if (!(domCaps = virDomainCapsNew(emulatorbin, machine, arch, type)))
goto cleanup;
- if (fillFunc)
- fillFunc(domCaps, opaque);
+ if (fillFunc && fillFunc(domCaps, opaque) < 0) {
+ virObjectUnref(domCaps);
+ domCaps = NULL;
+ }
cleanup:
return domCaps;

444
0018-domaincaps-Expose-UEFI-binary-path-if-it-exists.patch
View File

@ -1,444 +0,0 @@
From 38b252f86889ef48c5fbc4cc66abc03fce681ce5 Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Tue, 16 Sep 2014 19:52:54 -0400
Subject: [PATCH] domaincaps: Expose UEFI binary path, if it exists
Check to see if the UEFI binary mentioned in qemu.conf actually
exists, and if so expose it in domcapabilities like
<loader ...>
<value>/path/to/ovmf</value>
</loader>
We introduce some generic domcaps infrastructure for handling
a dynamic list of string values, it may be of use for future bits.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit f05b6a918e283929f5d837cd1668cdcdb3834b9a)
---
docs/formatdomaincaps.html.in | 6 +++
docs/schemas/domaincaps.rng | 17 +++++---
src/conf/domain_capabilities.c | 29 +++++++++++++
src/conf/domain_capabilities.h | 8 ++++
src/qemu/qemu_capabilities.c | 32 +++++++++++---
src/qemu/qemu_capabilities.h | 7 +++-
src/qemu/qemu_driver.c | 6 ++-
tests/domaincapsschemadata/domaincaps-full.xml | 2 +
.../domaincaps-qemu_1.6.50-1.xml | 1 +
tests/domaincapstest.c | 49 +++++++++++++++++++---
10 files changed, 140 insertions(+), 17 deletions(-)
diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in
index 34d746d..6959dfe 100644
--- a/docs/formatdomaincaps.html.in
+++ b/docs/formatdomaincaps.html.in
@@ -105,6 +105,7 @@
...
&lt;os supported='yes'&gt;
&lt;loader supported='yes'&gt;
+ &lt;value&gt;/usr/share/OVMF/OVMF_CODE.fd&lt;/value&gt;
&lt;enum name='type'&gt;
&lt;value&gt;rom&lt;/value&gt;
&lt;value&gt;pflash&lt;/value&gt;
@@ -122,6 +123,11 @@
<p>For the <code>loader</code> element, the following can occur:</p>
<dl>
+ <dt>value</dt>
+ <dd>List of known loader paths. Currently this is only used
+ to advertise known locations of OVMF binaries for qemu. Binaries
+ will only be listed if they actually exist on disk.</dd>
+
<dt>type</dt>
<dd>Whether loader is a typical BIOS (<code>rom</code>) or
an UEFI binary (<code>pflash</code>). This refers to
diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng
index ad8d966..f4a555f 100644
--- a/docs/schemas/domaincaps.rng
+++ b/docs/schemas/domaincaps.rng
@@ -47,6 +47,9 @@
<define name='loader'>
<element name='loader'>
<ref name='supported'/>
+ <optional>
+ <ref name='value'/>
+ </optional>
<ref name='enum'/>
</element>
</define>
@@ -85,6 +88,14 @@
</element>
</define>
+ <define name='value'>
+ <zeroOrMore>
+ <element name='value'>
+ <text/>
+ </element>
+ </zeroOrMore>
+ </define>
+
<define name='supported'>
<attribute name='supported'>
<choice>
@@ -100,11 +111,7 @@
<attribute name='name'>
<text/>
</attribute>
- <zeroOrMore>
- <element name='value'>
- <text/>
- </element>
- </zeroOrMore>
+ <ref name='value'/>
</element>
</zeroOrMore>
</define>
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 5a3c8e7..7c59912 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -48,12 +48,28 @@ VIR_ONCE_GLOBAL_INIT(virDomainCaps)
static void
+virDomainCapsStringValuesFree(virDomainCapsStringValuesPtr values)
+{
+ size_t i;
+
+ if (!values || !values->values)
+ return;
+
+ for (i = 0; i < values->nvalues; i++)
+ VIR_FREE(values->values[i]);
+ VIR_FREE(values->values);
+}
+
+
+static void
virDomainCapsDispose(void *obj)
{
virDomainCapsPtr caps = obj;
VIR_FREE(caps->path);
VIR_FREE(caps->machine);
+
+ virDomainCapsStringValuesFree(&caps->os.loader.values);
}
@@ -156,6 +172,18 @@ virDomainCapsEnumFormat(virBufferPtr buf,
return ret;
}
+
+static void
+virDomainCapsStringValuesFormat(virBufferPtr buf,
+ virDomainCapsStringValuesPtr values)
+{
+ size_t i;
+
+ for (i = 0; i < values->nvalues; i++)
+ virBufferEscapeString(buf, "<value>%s</value>\n", values->values[i]);
+}
+
+
#define FORMAT_PROLOGUE(item) \
do { \
virBufferAsprintf(buf, "<" #item " supported='%s'%s\n", \
@@ -185,6 +213,7 @@ virDomainCapsLoaderFormat(virBufferPtr buf,
{
FORMAT_PROLOGUE(loader);
+ virDomainCapsStringValuesFormat(buf, &loader->values);
ENUM_PROCESS(loader, type, virDomainLoaderTypeToString);
ENUM_PROCESS(loader, readonly, virTristateBoolTypeToString);
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index 768646b..597ac75 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -37,6 +37,13 @@ struct _virDomainCapsEnum {
unsigned int values; /* Bitmask of values supported in the corresponding enum */
};
+typedef struct _virDomainCapsStringValues virDomainCapsStringValues;
+typedef virDomainCapsStringValues *virDomainCapsStringValuesPtr;
+struct _virDomainCapsStringValues {
+ char **values; /* raw string values */
+ size_t nvalues; /* number of strings */
+};
+
typedef struct _virDomainCapsDevice virDomainCapsDevice;
typedef virDomainCapsDevice *virDomainCapsDevicePtr;
struct _virDomainCapsDevice {
@@ -47,6 +54,7 @@ typedef struct _virDomainCapsLoader virDomainCapsLoader;
typedef virDomainCapsLoader *virDomainCapsLoaderPtr;
struct _virDomainCapsLoader {
virDomainCapsDevice device;
+ virDomainCapsStringValues values; /* Info about values for the element */
virDomainCapsEnum type; /* Info about virDomainLoader */
virDomainCapsEnum readonly; /* Info about readonly:virTristateBool */
};
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index d2e5f47..651bacd 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -3611,10 +3611,30 @@ virQEMUCapsGetDefaultMachine(virQEMUCapsPtr qemuCaps)
static int
virQEMUCapsFillDomainLoaderCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsLoaderPtr loader,
- virArch arch)
+ virArch arch,
+ virQEMUDriverConfigPtr cfg)
{
+ size_t i;
+
loader->device.supported = true;
+ if (VIR_ALLOC_N(loader->values.values, cfg->nloader) < 0)
+ return -1;
+
+ for (i = 0; i < cfg->nloader; i++) {
+ const char *filename = cfg->loader[i];
+
+ if (!virFileExists(filename)) {
+ VIR_DEBUG("loader filename=%s does not exist", filename);
+ continue;
+ }
+
+ if (VIR_STRDUP(loader->values.values[loader->values.nvalues],
+ filename) < 0)
+ return -1;
+ loader->values.nvalues++;
+ }
+
VIR_DOMAIN_CAPS_ENUM_SET(loader->type,
VIR_DOMAIN_LOADER_TYPE_ROM);
@@ -3636,12 +3656,13 @@ virQEMUCapsFillDomainLoaderCaps(virQEMUCapsPtr qemuCaps,
static int
virQEMUCapsFillDomainOSCaps(virQEMUCapsPtr qemuCaps,
virDomainCapsOSPtr os,
- virArch arch)
+ virArch arch,
+ virQEMUDriverConfigPtr cfg)
{
virDomainCapsLoaderPtr loader = &os->loader;
os->device.supported = true;
- if (virQEMUCapsFillDomainLoaderCaps(qemuCaps, loader, arch) < 0)
+ if (virQEMUCapsFillDomainLoaderCaps(qemuCaps, loader, arch, cfg) < 0)
return -1;
return 0;
}
@@ -3725,7 +3746,8 @@ virQEMUCapsFillDomainDeviceHostdevCaps(virQEMUCapsPtr qemuCaps,
int
virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
- virQEMUCapsPtr qemuCaps)
+ virQEMUCapsPtr qemuCaps,
+ virQEMUDriverConfigPtr cfg)
{
virDomainCapsOSPtr os = &domCaps->os;
virDomainCapsDeviceDiskPtr disk = &domCaps->disk;
@@ -3734,7 +3756,7 @@ virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
domCaps->maxvcpus = maxvcpus;
- if (virQEMUCapsFillDomainOSCaps(qemuCaps, os, domCaps->arch) < 0 ||
+ if (virQEMUCapsFillDomainOSCaps(qemuCaps, os, domCaps->arch, cfg) < 0 ||
virQEMUCapsFillDomainDeviceDiskCaps(qemuCaps, disk) < 0 ||
virQEMUCapsFillDomainDeviceHostdevCaps(qemuCaps, hostdev) < 0)
return -1;
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 828bba3..cf69e59 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -324,7 +324,12 @@ int virQEMUCapsInitGuestFromBinary(virCapsPtr caps,
virQEMUCapsPtr kvmbinCaps,
virArch guestarch);
+/* Forward declaration */
+typedef struct _virQEMUDriverConfig virQEMUDriverConfig;
+typedef virQEMUDriverConfig *virQEMUDriverConfigPtr;
+
int virQEMUCapsFillDomainCaps(virDomainCapsPtr domCaps,
- virQEMUCapsPtr qemuCaps);
+ virQEMUCapsPtr qemuCaps,
+ virQEMUDriverConfigPtr cfg);
#endif /* __QEMU_CAPABILITIES_H__*/
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 9c1644c..0d895c6 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -17133,12 +17133,15 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
int virttype; /* virDomainVirtType */
virDomainCapsPtr domCaps = NULL;
int arch = virArchFromHost(); /* virArch */
+ virQEMUDriverConfigPtr cfg = NULL;
virCheckFlags(0, ret);
if (virConnectGetDomainCapabilitiesEnsureACL(conn) < 0)
return ret;
+ cfg = virQEMUDriverGetConfig(driver);
+
if (qemuHostdevHostSupportsPassthroughLegacy())
virttype = VIR_DOMAIN_VIRT_KVM;
else
@@ -17205,11 +17208,12 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
if (!(domCaps = virDomainCapsNew(emulatorbin, machine, arch, virttype)))
goto cleanup;
- if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps) < 0)
+ if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps, cfg) < 0)
goto cleanup;
ret = virDomainCapsFormat(domCaps);
cleanup:
+ virObjectUnref(cfg);
virObjectUnref(domCaps);
virObjectUnref(qemuCaps);
return ret;
diff --git a/tests/domaincapsschemadata/domaincaps-full.xml b/tests/domaincapsschemadata/domaincaps-full.xml
index 9722772..96202bc 100644
--- a/tests/domaincapsschemadata/domaincaps-full.xml
+++ b/tests/domaincapsschemadata/domaincaps-full.xml
@@ -6,6 +6,8 @@
<vcpu max='255'/>
<os supported='yes'>
<loader supported='yes'>
+ <value>/foo/bar</value>
+ <value>/tmp/my_path</value>
<enum name='type'>
<value>rom</value>
<value>pflash</value>
diff --git a/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml b/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
index 568cecb..346ef65 100644
--- a/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
+++ b/tests/domaincapsschemadata/domaincaps-qemu_1.6.50-1.xml
@@ -5,6 +5,7 @@
<arch>x86_64</arch>
<os supported='yes'>
<loader supported='yes'>
+ <value>/usr/share/OVMF/OVMF_CODE.fd</value>
<enum name='type'>
<value>rom</value>
<value>pflash</value>
diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c
index 0c4b09f..8543963 100644
--- a/tests/domaincapstest.c
+++ b/tests/domaincapstest.c
@@ -34,6 +34,27 @@ typedef int (*virDomainCapsFill)(virDomainCapsPtr domCaps,
#define SET_ALL_BITS(x) \
memset(&(x.values), 0xff, sizeof(x.values))
+static int ATTRIBUTE_SENTINEL
+fillStringValues(virDomainCapsStringValuesPtr values, ...)
+{
+ int ret = 0;
+ va_list list;
+ const char *str;
+
+ va_start(list, values);
+ while ((str = va_arg(list, const char *))) {
+ if (VIR_REALLOC_N(values->values, values->nvalues + 1) < 0 ||
+ VIR_STRDUP(values->values[values->nvalues], str) < 0) {
+ ret = -1;
+ break;
+ }
+ values->nvalues++;
+ }
+ va_end(list);
+
+ return ret;
+}
+
static int
fillAll(virDomainCapsPtr domCaps,
void *opaque ATTRIBUTE_UNUSED)
@@ -49,6 +70,11 @@ fillAll(virDomainCapsPtr domCaps,
loader->device.supported = true;
SET_ALL_BITS(loader->type);
SET_ALL_BITS(loader->readonly);
+ if (fillStringValues(&loader->values,
+ "/foo/bar",
+ "/tmp/my_path",
+ NULL) < 0)
+ return -1;
disk->device.supported = true;
SET_ALL_BITS(disk->diskDevice);
@@ -66,13 +92,21 @@ fillAll(virDomainCapsPtr domCaps,
#ifdef WITH_QEMU
# include "testutilsqemu.h"
+
+struct fillQemuCapsData {
+ virQEMUCapsPtr qemuCaps;
+ virQEMUDriverConfigPtr cfg;
+};
+
static int
fillQemuCaps(virDomainCapsPtr domCaps,
void *opaque)
{
- virQEMUCapsPtr qemuCaps = (virQEMUCapsPtr) opaque;
+ struct fillQemuCapsData *data = (struct fillQemuCapsData *) opaque;
+ virQEMUCapsPtr qemuCaps = data->qemuCaps;
+ virQEMUDriverConfigPtr cfg = data->cfg;
- if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps) < 0)
+ if (virQEMUCapsFillDomainCaps(domCaps, qemuCaps, cfg) < 0)
return -1;
/* The function above tries to query host's KVM & VFIO capabilities by
@@ -97,7 +131,7 @@ buildVirDomainCaps(const char *emulatorbin,
virDomainCapsFill fillFunc,
void *opaque)
{
- virDomainCapsPtr domCaps;
+ virDomainCapsPtr domCaps, ret = NULL;
if (!(domCaps = virDomainCapsNew(emulatorbin, machine, arch, type)))
goto cleanup;
@@ -107,8 +141,9 @@ buildVirDomainCaps(const char *emulatorbin,
domCaps = NULL;
}
+ ret = domCaps;
cleanup:
- return domCaps;
+ return ret;
}
struct test_virDomainCapsFormatData {
@@ -182,13 +217,16 @@ mymain(void)
#ifdef WITH_QEMU
+ virQEMUDriverConfigPtr cfg = virQEMUDriverConfigNew(false);
+
# define DO_TEST_QEMU(Filename, QemuCapsFile, Emulatorbin, Machine, Arch, Type, ...) \
do { \
const char *capsPath = abs_srcdir "/qemucapabilitiesdata/" QemuCapsFile ".caps"; \
virQEMUCapsPtr qemuCaps = qemuTestParseCapabilities(capsPath); \
+ struct fillQemuCapsData fillData = {.qemuCaps = qemuCaps, .cfg = cfg}; \
struct test_virDomainCapsFormatData data = {.filename = Filename, \
.emulatorbin = Emulatorbin, .machine = Machine, .arch = Arch, \
- .type = Type, .fillFunc = fillQemuCaps, .opaque = qemuCaps}; \
+ .type = Type, .fillFunc = fillQemuCaps, .opaque = &fillData}; \
if (!qemuCaps) { \
fprintf(stderr, "Unable to build qemu caps from %s\n", capsPath); \
ret = -1; \
@@ -199,6 +237,7 @@ mymain(void)
DO_TEST_QEMU("qemu_1.6.50-1", "caps_1.6.50-1", "/usr/bin/qemu-system-x86_64",
"pc-1.2", VIR_ARCH_X86_64, VIR_DOMAIN_VIRT_KVM);
+ virObjectUnref(cfg);
#endif /* WITH_QEMU */
return ret;

40
0019-domaincapstest-Run-cleanly-on-systems-missing-OVMF-f.patch
View File

@ -1,40 +0,0 @@
From 82354e136a056fbadb77b0a11705fd2b9e803a3a Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Wed, 17 Sep 2014 17:17:03 +0200
Subject: [PATCH] domaincapstest: Run cleanly on systems missing OVMF firmware
As of f05b6a918e28 the test produces the list of paths that can
be passed to <loader/> and libvirt knows about them. However,
during the process of generating the list the paths are checked
for their presence. This may produce different results on
different systems. Therefore, the path - if missing - is
added to pretend it's there.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit b3f42da6b77644107bcbaf720d7ed9cef5c798a2)
---
tests/domaincapstest.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/tests/domaincapstest.c b/tests/domaincapstest.c
index 8543963..067ad4d 100644
--- a/tests/domaincapstest.c
+++ b/tests/domaincapstest.c
@@ -118,6 +118,17 @@ fillQemuCaps(virDomainCapsPtr domCaps,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_KVM,
VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO);
+
+ /* Moreover, as of f05b6a918e28 we are expecting to see
+ * OVMF_CODE.fd file which may not exists everywhere. */
+ if (!domCaps->os.loader.values.nvalues) {
+ virDomainCapsLoaderPtr loader = &domCaps->os.loader;
+
+ if (fillStringValues(&loader->values,
+ "/usr/share/OVMF/OVMF_CODE.fd",
+ NULL) < 0)
+ return -1;
+ }
return 0;
}
#endif /* WITH_QEMU */

22
0020-spec-Re-run-autotools-for-ovmf-patches.patch
View File

@ -1,22 +0,0 @@
From 14622ac1f06ea3436c005e0728b81e33e3189ebd Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Tue, 23 Sep 2014 17:14:09 -0400
Subject: [PATCH] spec: Re-run autotools for ovmf patches
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 32e51f7..98890ed 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -13,7 +13,7 @@
# Default to skipping autoreconf. Distros can change just this one line
# (or provide a command-line override) if they backport any patches that
# touch configure.ac or Makefile.am.
-%{!?enable_autotools:%define enable_autotools 0}
+%{!?enable_autotools:%define enable_autotools 1}
# A client only build will create a libvirt.so only containing
# the generic RPC driver, and test driver and no libvirtd

291
0101-qemu_command-Split-qemuBuildCpuArgStr.patch
View File

@ -1,291 +0,0 @@
From 5237e9b27b8102c6f91015f33bab8e892c5fa82b Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Tue, 23 Sep 2014 11:35:57 -0400
Subject: [PATCH] qemu_command: Split qemuBuildCpuArgStr
Move the CPU mode/model handling to its own function. This is just
code movement and re-indentation.
(cherry picked from commit e1d872dc77c80d43036f928f83f560f2e9286148)
---
src/qemu/qemu_command.c | 226 ++++++++++++++++++++++++++----------------------
1 file changed, 122 insertions(+), 104 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 718533b..67ff000 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6052,139 +6052,162 @@ qemuBuildClockArgStr(virDomainClockDefPtr def)
return NULL;
}
-
static int
-qemuBuildCpuArgStr(virQEMUDriverPtr driver,
- const virDomainDef *def,
- const char *emulator,
- virQEMUCapsPtr qemuCaps,
- virArch hostarch,
- char **opt,
- bool *hasHwVirt,
- bool migrating)
+qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
+ const virDomainDef *def,
+ virBufferPtr buf,
+ virQEMUCapsPtr qemuCaps,
+ bool *hasHwVirt,
+ bool migrating)
{
+ int ret = -1;
+ size_t i;
virCPUDefPtr host = NULL;
virCPUDefPtr guest = NULL;
virCPUDefPtr cpu = NULL;
size_t ncpus = 0;
char **cpus = NULL;
- const char *default_model;
virCPUDataPtr data = NULL;
- bool have_cpu = false;
char *compare_msg = NULL;
- int ret = -1;
- virBuffer buf = VIR_BUFFER_INITIALIZER;
- size_t i;
+ virCPUCompareResult cmp;
+ const char *preferred;
virCapsPtr caps = NULL;
- *hasHwVirt = false;
-
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
host = caps->host.cpu;
- if (def->os.arch == VIR_ARCH_I686)
- default_model = "qemu32";
- else
- default_model = "qemu64";
+ if (!host ||
+ !host->model ||
+ (ncpus = virQEMUCapsGetCPUDefinitions(qemuCaps, &cpus)) == 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("CPU specification not supported by hypervisor"));
+ goto cleanup;
+ }
- if (def->cpu &&
- (def->cpu->mode != VIR_CPU_MODE_CUSTOM || def->cpu->model)) {
- virCPUCompareResult cmp;
- const char *preferred;
+ if (!(cpu = virCPUDefCopy(def->cpu)))
+ goto cleanup;
+
+ if (cpu->mode != VIR_CPU_MODE_CUSTOM &&
+ !migrating &&
+ cpuUpdate(cpu, host) < 0)
+ goto cleanup;
- if (!host ||
- !host->model ||
- (ncpus = virQEMUCapsGetCPUDefinitions(qemuCaps, &cpus)) == 0) {
+ cmp = cpuGuestData(host, cpu, &data, &compare_msg);
+ switch (cmp) {
+ case VIR_CPU_COMPARE_INCOMPATIBLE:
+ if (compare_msg) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("guest and host CPU are not compatible: %s"),
+ compare_msg);
+ } else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("CPU specification not supported by hypervisor"));
- goto cleanup;
+ _("guest CPU is not compatible with host CPU"));
}
+ /* fall through */
+ case VIR_CPU_COMPARE_ERROR:
+ goto cleanup;
- if (!(cpu = virCPUDefCopy(def->cpu)))
+ default:
+ break;
+ }
+
+ /* Only 'svm' requires --enable-nesting. The nested
+ * 'vmx' patches now simply hook off the CPU features
+ */
+ if (def->os.arch == VIR_ARCH_X86_64 ||
+ def->os.arch == VIR_ARCH_I686) {
+ int hasSVM = cpuHasFeature(data, "svm");
+ if (hasSVM < 0)
goto cleanup;
+ *hasHwVirt = hasSVM > 0 ? true : false;
+ }
- if (cpu->mode != VIR_CPU_MODE_CUSTOM &&
- !migrating &&
- cpuUpdate(cpu, host) < 0)
+ if (cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) {
+ const char *mode = virCPUModeTypeToString(cpu->mode);
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_HOST)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("CPU mode '%s' is not supported by QEMU"
+ " binary"), mode);
+ goto cleanup;
+ }
+ if (def->virtType != VIR_DOMAIN_VIRT_KVM) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("CPU mode '%s' is only supported with kvm"),
+ mode);
+ goto cleanup;
+ }
+ virBufferAddLit(buf, "host");
+ } else {
+ if (VIR_ALLOC(guest) < 0)
+ goto cleanup;
+ if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
goto cleanup;
- cmp = cpuGuestData(host, cpu, &data, &compare_msg);
- switch (cmp) {
- case VIR_CPU_COMPARE_INCOMPATIBLE:
- if (compare_msg) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("guest and host CPU are not compatible: %s"),
- compare_msg);
- } else {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("guest CPU is not compatible with host CPU"));
- }
- /* fall through */
- case VIR_CPU_COMPARE_ERROR:
+ guest->arch = host->arch;
+ if (cpu->match == VIR_CPU_MATCH_MINIMUM)
+ preferred = host->model;
+ else
+ preferred = cpu->model;
+
+ guest->type = VIR_CPU_TYPE_GUEST;
+ guest->fallback = cpu->fallback;
+ if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
goto cleanup;
- default:
- break;
- }
+ virBufferAdd(buf, guest->model, -1);
+ if (guest->vendor_id)
+ virBufferAsprintf(buf, ",vendor=%s", guest->vendor_id);
+ for (i = 0; i < guest->nfeatures; i++) {
+ char sign;
+ if (guest->features[i].policy == VIR_CPU_FEATURE_DISABLE)
+ sign = '-';
+ else
+ sign = '+';
- /* Only 'svm' requires --enable-nesting. The nested
- * 'vmx' patches now simply hook off the CPU features
- */
- if (def->os.arch == VIR_ARCH_X86_64 ||
- def->os.arch == VIR_ARCH_I686) {
- int hasSVM = cpuHasFeature(data, "svm");
- if (hasSVM < 0)
- goto cleanup;
- *hasHwVirt = hasSVM > 0 ? true : false;
+ virBufferAsprintf(buf, ",%c%s", sign, guest->features[i].name);
}
+ }
- if (cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) {
- const char *mode = virCPUModeTypeToString(cpu->mode);
- if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_HOST)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("CPU mode '%s' is not supported by QEMU"
- " binary"), mode);
- goto cleanup;
- }
- if (def->virtType != VIR_DOMAIN_VIRT_KVM) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("CPU mode '%s' is only supported with kvm"),
- mode);
- goto cleanup;
- }
- virBufferAddLit(&buf, "host");
- } else {
- if (VIR_ALLOC(guest) < 0)
- goto cleanup;
- if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
- goto cleanup;
+ ret = 0;
+cleanup:
+ virObjectUnref(caps);
+ VIR_FREE(compare_msg);
+ cpuDataFree(data);
+ virCPUDefFree(guest);
+ virCPUDefFree(cpu);
+ return ret;
+}
- guest->arch = host->arch;
- if (cpu->match == VIR_CPU_MATCH_MINIMUM)
- preferred = host->model;
- else
- preferred = cpu->model;
+static int
+qemuBuildCpuArgStr(virQEMUDriverPtr driver,
+ const virDomainDef *def,
+ const char *emulator,
+ virQEMUCapsPtr qemuCaps,
+ virArch hostarch,
+ char **opt,
+ bool *hasHwVirt,
+ bool migrating)
+{
+ const char *default_model;
+ bool have_cpu = false;
+ int ret = -1;
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+ size_t i;
- guest->type = VIR_CPU_TYPE_GUEST;
- guest->fallback = cpu->fallback;
- if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
- goto cleanup;
+ *hasHwVirt = false;
- virBufferAdd(&buf, guest->model, -1);
- if (guest->vendor_id)
- virBufferAsprintf(&buf, ",vendor=%s", guest->vendor_id);
- for (i = 0; i < guest->nfeatures; i++) {
- char sign;
- if (guest->features[i].policy == VIR_CPU_FEATURE_DISABLE)
- sign = '-';
- else
- sign = '+';
+ if (def->os.arch == VIR_ARCH_I686)
+ default_model = "qemu32";
+ else
+ default_model = "qemu64";
- virBufferAsprintf(&buf, ",%c%s", sign, guest->features[i].name);
- }
- }
+ if (def->cpu &&
+ (def->cpu->mode != VIR_CPU_MODE_CUSTOM || def->cpu->model)) {
+ if (qemuBuildCpuModelArgStr(driver, def, &buf, qemuCaps,
+ hasHwVirt, migrating) < 0)
+ goto cleanup;
have_cpu = true;
} else {
/*
@@ -6309,11 +6332,6 @@ qemuBuildCpuArgStr(virQEMUDriverPtr driver,
ret = 0;
cleanup:
- VIR_FREE(compare_msg);
- cpuDataFree(data);
- virCPUDefFree(guest);
- virCPUDefFree(cpu);
- virObjectUnref(caps);
return ret;
}

536
0102-qemu-Don-t-compare-CPU-against-host-for-TCG.patch
View File

@ -1,536 +0,0 @@
From 25acf3c750c2dd636f82cbf555591552ae2f07cf Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Tue, 23 Sep 2014 13:07:09 -0400
Subject: [PATCH] qemu: Don't compare CPU against host for TCG
Right now when building the qemu command line, we try to do various
unconditional validations of the guest CPU against the host CPU. However
this checks are overly applied. The only time we should use the checks
are:
- The user requests host-model/host-passthrough, or
- When KVM is requsted. CPU features requested in TCG mode are always
emulated by qemu and are independent of the host CPU, so no host CPU
checks should be performed.
Right now if trying to specify a CPU for arm on an x86 host, it attempts
to do non-sensical validation and falls over.
Switch all the test cases that were intending to test CPU validation to
use KVM, so they continue to test the intended code.
Amend some aarch64 XML tests with a CPU model, to ensure things work
correctly.
(cherry picked from commit cf7fce8f2fd1c930f357fd4ff93ac35f38eb30c6)
---
src/qemu/qemu_command.c | 68 +++++++++++++---------
.../qemuxml2argv-aarch64-virt-default-nic.args | 3 +-
.../qemuxml2argv-aarch64-virt-default-nic.xml | 3 +
.../qemuxml2argv-aarch64-virt-virtio.args | 3 +-
.../qemuxml2argv-aarch64-virt-virtio.xml | 3 +
.../qemuxml2argvdata/qemuxml2argv-cpu-exact1.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml | 4 +-
.../qemuxml2argv-cpu-exact2-nofallback.args | 2 +-
.../qemuxml2argv-cpu-exact2-nofallback.xml | 4 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-exact2.args | 2 +-
tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml | 4 +-
.../qemuxml2argv-cpu-fallback.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml | 4 +-
.../qemuxml2argv-cpu-minimum1.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml | 4 +-
.../qemuxml2argv-cpu-minimum2.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml | 4 +-
.../qemuxml2argv-cpu-nofallback.xml | 2 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-strict1.args | 2 +-
.../qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml | 4 +-
.../qemuxml2argv-graphics-spice-timeout.args | 2 +-
.../qemuxml2argv-graphics-spice-timeout.xml | 4 +-
.../qemuxml2argv-pseries-cpu-exact.args | 4 +-
tests/qemuxml2argvtest.c | 21 +++----
.../qemuxml2xmlout-graphics-spice-timeout.xml | 4 +-
25 files changed, 90 insertions(+), 69 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 67ff000..42c8f60 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6072,6 +6072,8 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
virCPUCompareResult cmp;
const char *preferred;
virCapsPtr caps = NULL;
+ bool compareAgainstHost = (def->virtType == VIR_DOMAIN_VIRT_KVM ||
+ def->cpu->mode != VIR_CPU_MODE_CUSTOM);
if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
goto cleanup;
@@ -6094,30 +6096,33 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
cpuUpdate(cpu, host) < 0)
goto cleanup;
- cmp = cpuGuestData(host, cpu, &data, &compare_msg);
- switch (cmp) {
- case VIR_CPU_COMPARE_INCOMPATIBLE:
- if (compare_msg) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("guest and host CPU are not compatible: %s"),
- compare_msg);
- } else {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("guest CPU is not compatible with host CPU"));
- }
- /* fall through */
- case VIR_CPU_COMPARE_ERROR:
- goto cleanup;
+ /* For non-KVM, CPU features are emulated, so host compat doesn't matter */
+ if (compareAgainstHost) {
+ cmp = cpuGuestData(host, cpu, &data, &compare_msg);
+ switch (cmp) {
+ case VIR_CPU_COMPARE_INCOMPATIBLE:
+ if (compare_msg) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("guest and host CPU are not compatible: %s"),
+ compare_msg);
+ } else {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("guest CPU is not compatible with host CPU"));
+ }
+ /* fall through */
+ case VIR_CPU_COMPARE_ERROR:
+ goto cleanup;
- default:
- break;
+ default:
+ break;
+ }
}
/* Only 'svm' requires --enable-nesting. The nested
* 'vmx' patches now simply hook off the CPU features
*/
- if (def->os.arch == VIR_ARCH_X86_64 ||
- def->os.arch == VIR_ARCH_I686) {
+ if ((def->os.arch == VIR_ARCH_X86_64 || def->os.arch == VIR_ARCH_I686) &&
+ compareAgainstHost) {
int hasSVM = cpuHasFeature(data, "svm");
if (hasSVM < 0)
goto cleanup;
@@ -6145,16 +6150,23 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
goto cleanup;
- guest->arch = host->arch;
- if (cpu->match == VIR_CPU_MATCH_MINIMUM)
- preferred = host->model;
- else
- preferred = cpu->model;
+ if (compareAgainstHost) {
+ guest->arch = host->arch;
+ if (cpu->match == VIR_CPU_MATCH_MINIMUM)
+ preferred = host->model;
+ else
+ preferred = cpu->model;
- guest->type = VIR_CPU_TYPE_GUEST;
- guest->fallback = cpu->fallback;
- if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
- goto cleanup;
+ guest->type = VIR_CPU_TYPE_GUEST;
+ guest->fallback = cpu->fallback;
+ if (cpuDecode(guest, data,
+ (const char **)cpus, ncpus, preferred) < 0)
+ goto cleanup;
+ } else {
+ guest->arch = def->os.arch;
+ if (VIR_STRDUP(guest->model, cpu->model) < 0)
+ goto cleanup;
+ }
virBufferAdd(buf, guest->model, -1);
if (guest->vendor_id)
@@ -6171,7 +6183,7 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
}
ret = 0;
-cleanup:
+ cleanup:
virObjectUnref(caps);
VIR_FREE(compare_msg);
cpuDataFree(data);
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
index d4d403b..8cb57c5 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
@@ -1,5 +1,6 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu-system-aarch64 -S -M virt -m 1024 -smp 1 -nographic \
+/usr/bin/qemu-system-aarch64 -S -M virt -cpu cortex-a53 \
+-m 1024 -smp 1 -nographic \
-nodefconfig -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
-boot c -kernel /aarch64.kernel -initrd /aarch64.initrd -append console=ttyAMA0 \
-usb -device virtio-net-device,vlan=0,id=net0,mac=52:54:00:09:a4:37 \
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
index 868de94..3a6f098 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
@@ -7,6 +7,9 @@
<features>
<acpi/>
</features>
+ <cpu match='exact'>
+ <model>cortex-a53</model>
+ </cpu>
<os>
<type arch="aarch64" machine="virt">hvm</type>
<kernel>/aarch64.kernel</kernel>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
index afd6e41..05f3629 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
@@ -1,5 +1,6 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu-system-aarch64 -S -M virt -m 1024 -smp 1 -nographic \
+/usr/bin/qemu-system-aarch64 -S -M virt -cpu cortex-a53 \
+-m 1024 -smp 1 -nographic \
-nodefconfig -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
-boot c -kernel /aarch64.kernel -initrd /aarch64.initrd -append \
'earlyprintk console=ttyAMA0,115200n8 rw root=/dev/vda rootwait' \
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
index 184b62c..ad34615 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
@@ -16,6 +16,9 @@
<apic/>
<pae/>
</features>
+ <cpu match='exact'>
+ <model>cortex-a53</model>
+ </cpu>
<clock offset="utc"/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
index 76c2c48..0a58616 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu qemu64,-svm,-lm,-nx,-syscall,-clflush,-pse36,-mca -m 214 -smp 6 \
-nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
none -serial none -parallel none
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
index ddd9d5a..1d1e815 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -23,6 +23,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
index 0e37379..e46527b 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+ds_cpl,+tm,+ht,+ds,-nx -m 214 -smp 6 \
-nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
none -serial none -parallel none
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
index de4c8d2..6b9b7d4 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -30,6 +30,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
index 0e37379..e46527b 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+ds_cpl,+tm,+ht,+ds,-nx -m 214 -smp 6 \
-nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
none -serial none -parallel none
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
index e027e6f..eaea564 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -30,6 +30,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
index 4ee8391..ead561f 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
@@ -3,7 +3,7 @@ PATH=/bin \
HOME=/home/test \
USER=test \
LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu \
+/usr/bin/qemu-kvm \
-S \
-M pc \
-cpu Penryn,-sse4.1 \
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
index 6125f41..85642e9 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -20,6 +20,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
index 0630ef4..d8207e7 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,+est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,\
+acpi,+ds -m 214 -smp 6 -nographic -monitor unix:/tmp/test-monitor,server,\
nowait -no-acpi -boot n -usb -net none -serial none -parallel none
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
index 4ba5d0b..5879d35 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -16,6 +16,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
index 830994f..17ba256 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,+est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,\
+acpi,+ds,-lm,-nx,-syscall -m 214 -smp 6 -nographic -monitor \
unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net none -serial none \
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
index c43bf4f..b8bbf25 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -20,6 +20,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
index 4ae0be8..abb0e9c 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
index 8b545a7..c500ef7 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
-/usr/bin/qemu -S -M pc \
+/usr/bin/qemu-kvm -S -M pc \
-cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+est,+vmx,+ds_cpl,+tm,+ht,+acpi,+ds,-nx \
-m 214 -smp 6 -nographic -monitor unix:/tmp/test-monitor,server,nowait \
-no-acpi -boot n -usb -net none -serial none -parallel none
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
index 935f46f..a9fc9c5 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
@@ -33,6 +33,6 @@
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
</devices>
</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
index 48744b2..8b5d9ee 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=spice \
-/usr/bin/qemu -S -M pc -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,\
+/usr/bin/qemu-kvm -S -M pc -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,\
+est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,+acpi,+ds \
-m 1024 -smp 2 -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
-boot dc -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 \
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
index e6ecbed..3ed864c 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>f14</name>
<uuid>553effab-b5e1-2d80-dfe3-da4344826c43</uuid>
<memory unit='KiB'>1048576</memory>
@@ -38,7 +38,7 @@
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/f14.img'/>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args b/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
index 1e09680..9927294 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
@@ -1,6 +1,6 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
-/usr/bin/qemu-system-ppc64 -S -M pseries -cpu POWER7_v2.3 -m 512 -smp 1 -nographic \
--nodefconfig -nodefaults \
+QEMU_AUDIO_DRV=none /usr/bin/qemu-system-ppc64 -S -M pseries -cpu POWER7_v2.3 \
+-m 512 -smp 1 -nographic -nodefconfig -nodefaults \
-chardev socket,id=charmonitor,path=/tmp/test-monitor,server,nowait \
-mon chardev=charmonitor,id=monitor,mode=readline -no-acpi -boot c -usb \
-chardev pty,id=charserial0 \
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 5c28253..60a5fdf 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -922,7 +922,7 @@ mymain(void)
QEMU_CAPS_DEVICE, QEMU_CAPS_SPICE,
QEMU_CAPS_DEVICE_QXL);
DO_TEST("graphics-spice-timeout",
- QEMU_CAPS_DRIVE,
+ QEMU_CAPS_KVM, QEMU_CAPS_DRIVE,
QEMU_CAPS_VGA, QEMU_CAPS_VGA_QXL,
QEMU_CAPS_DEVICE, QEMU_CAPS_SPICE,
QEMU_CAPS_DEVICE_QXL_VGA);
@@ -1194,14 +1194,14 @@ mymain(void)
DO_TEST("cpu-topology1", QEMU_CAPS_SMP_TOPOLOGY);
DO_TEST("cpu-topology2", QEMU_CAPS_SMP_TOPOLOGY);
DO_TEST("cpu-topology3", NONE);
- DO_TEST("cpu-minimum1", NONE);
- DO_TEST("cpu-minimum2", NONE);
- DO_TEST("cpu-exact1", NONE);
- DO_TEST("cpu-exact2", NONE);
- DO_TEST("cpu-exact2-nofallback", NONE);
- DO_TEST("cpu-fallback", NONE);
- DO_TEST_FAILURE("cpu-nofallback", NONE);
- DO_TEST("cpu-strict1", NONE);
+ DO_TEST("cpu-minimum1", QEMU_CAPS_KVM);
+ DO_TEST("cpu-minimum2", QEMU_CAPS_KVM);
+ DO_TEST("cpu-exact1", QEMU_CAPS_KVM);
+ DO_TEST("cpu-exact2", QEMU_CAPS_KVM);
+ DO_TEST("cpu-exact2-nofallback", QEMU_CAPS_KVM);
+ DO_TEST("cpu-fallback", QEMU_CAPS_KVM);
+ DO_TEST_FAILURE("cpu-nofallback", QEMU_CAPS_KVM);
+ DO_TEST("cpu-strict1", QEMU_CAPS_KVM);
DO_TEST("cpu-numa1", NONE);
DO_TEST("cpu-numa2", QEMU_CAPS_SMP_TOPOLOGY);
DO_TEST_PARSE_ERROR("cpu-numa3", NONE);
@@ -1286,7 +1286,8 @@ mymain(void)
DO_TEST("pseries-usb-kbd", QEMU_CAPS_PCI_OHCI,
QEMU_CAPS_DEVICE_USB_KBD, QEMU_CAPS_CHARDEV,
QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
- DO_TEST_FAILURE("pseries-cpu-exact", QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
+ DO_TEST("pseries-cpu-exact", QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE,
+ QEMU_CAPS_NODEFCONFIG);
DO_TEST("disk-ide-drive-split",
QEMU_CAPS_DRIVE, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_IDE_CD);
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
index 44c4cf7..73ebcab 100644
--- a/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
@@ -1,4 +1,4 @@
-<domain type='qemu'>
+<domain type='kvm'>
<name>f14</name>
<uuid>553effab-b5e1-2d80-dfe3-da4344826c43</uuid>
<memory unit='KiB'>1048576</memory>
@@ -38,7 +38,7 @@
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
- <emulator>/usr/bin/qemu</emulator>
+ <emulator>/usr/bin/qemu-kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/f14.img'/>

78
0103-security-Fix-labelling-host-devices-bz-1145968.patch
View File

@ -1,78 +0,0 @@
From 3a8e136e6b46174f347e088ade020c168fffafad Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Wed, 24 Sep 2014 11:47:46 -0400
Subject: [PATCH] security: Fix labelling host devices (bz 1145968)
The check for ISCSI devices was missing a check of subsys type, which
meant we could skip labelling of other host devices as well. This fixes
USB hotplug on F21
https://bugzilla.redhat.com/show_bug.cgi?id=1145968
---
src/security/security_apparmor.c | 3 ++-
src/security/security_dac.c | 6 ++++--
src/security/security_selinux.c | 6 ++++--
3 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 041ce65..3025284 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -828,7 +828,8 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
/* Like AppArmorRestoreSecurityImageLabel() for a networked disk,
* do nothing for an iSCSI hostdev
*/
- if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
+ if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
+ scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
return 0;
if (profile_loaded(secdef->imagelabel) < 0)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index e398d2c..85253af 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -523,7 +523,8 @@ virSecurityDACSetSecurityHostdevLabel(virSecurityManagerPtr mgr,
/* Like virSecurityDACSetSecurityImageLabel() for a networked disk,
* do nothing for an iSCSI hostdev
*/
- if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
+ if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
+ scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
return 0;
cbdata.manager = mgr;
@@ -657,7 +658,8 @@ virSecurityDACRestoreSecurityHostdevLabel(virSecurityManagerPtr mgr,
/* Like virSecurityDACRestoreSecurityImageLabelInt() for a networked disk,
* do nothing for an iSCSI hostdev
*/
- if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
+ if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
+ scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
return 0;
switch ((virDomainHostdevSubsysType) dev->source.subsys.type) {
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index b9efbc5..ea1efc9 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1327,7 +1327,8 @@ virSecuritySELinuxSetSecurityHostdevSubsysLabel(virDomainDefPtr def,
/* Like virSecuritySELinuxSetSecurityImageLabelInternal() for a networked
* disk, do nothing for an iSCSI hostdev
*/
- if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
+ if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
+ scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
return 0;
switch (dev->source.subsys.type) {
@@ -1520,7 +1521,8 @@ virSecuritySELinuxRestoreSecurityHostdevSubsysLabel(virSecurityManagerPtr mgr,
/* Like virSecuritySELinuxRestoreSecurityImageLabelInt() for a networked
* disk, do nothing for an iSCSI hostdev
*/
- if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
+ if (dev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI &&
+ scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI)
return 0;
switch (dev->source.subsys.type) {

74
libvirt.spec
View File

@ -13,7 +13,7 @@
# Default to skipping autoreconf. Distros can change just this one line
# (or provide a command-line override) if they backport any patches that
# touch configure.ac or Makefile.am.
%{!?enable_autotools:%define enable_autotools 1}
%{!?enable_autotools:%define enable_autotools 0}
# A client only build will create a libvirt.so only containing
# the generic RPC driver, and test driver and no libvirtd
@ -362,8 +362,8 @@
Summary: Library providing a simple virtualization API
Name: libvirt
Version: 1.2.8
Release: 6%{?dist}%{?extra_release}
Version: 1.2.9
Release: 1%{?dist}%{?extra_release}
License: LGPLv2+
Group: Development/Libraries
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@ -374,39 +374,6 @@ URL: http://libvirt.org/
%endif
Source: http://libvirt.org/sources/%{?mainturl}libvirt-%{version}.tar.gz
# Generate non-colliding network IP range at RPM install time (bz
# #811967)
Patch0001: 0001-network-try-to-eliminate-default-network-conflict-du.patch
Patch0002: 0002-network-detect-conflicting-route-even-if-it-is-the-f.patch
# Fix directory creation at session daemon startup (bz #1139672)
Patch0003: 0003-rpc-reformat-the-flow-to-make-a-bit-more-sense.patch
Patch0004: 0004-remove-redundant-pidfile-path-constructions.patch
Patch0005: 0005-util-fix-potential-leak-in-error-codepath.patch
Patch0006: 0006-util-get-rid-of-unnecessary-umask-call.patch
Patch0007: 0007-rpc-make-daemon-spawning-a-bit-more-intelligent.patch
# Fix preun script (bz #1142367)
Patch0008: 0008-spec-Fix-preun-script-for-daemon.patch
# Don't mess up labelling of /dev/net/tun (bz #1141879)
Patch0009: 0009-virSecuritySELinuxSetTapFDLabel-Temporarily-revert-t.patch
# pflash/nvram support for UEFI/OVMF
Patch0010: 0010-conf-Extend-loader-and-introduce-nvram.patch
Patch0011: 0011-qemu-Implement-extended-loader-and-nvram.patch
Patch0012: 0012-qemu-Automatically-create-NVRAM-store.patch
Patch0013: 0013-nvram-Fix-permissions.patch
Patch0014: 0014-virDomainUndefineFlags-Allow-NVRAM-unlinking.patch
Patch0015: 0015-formatdomain-Update-loader-example-to-match-the-rest.patch
Patch0016: 0016-domaincaps-Expose-UEFI-capability.patch
Patch0017: 0017-qemu_capabilities-Change-virQEMUCapsFillDomainCaps-s.patch
Patch0018: 0018-domaincaps-Expose-UEFI-binary-path-if-it-exists.patch
Patch0019: 0019-domaincapstest-Run-cleanly-on-systems-missing-OVMF-f.patch
Patch0020: 0020-spec-Re-run-autotools-for-ovmf-patches.patch
# Fix specifying CPU for qemu aarch64
Patch0101: 0101-qemu_command-Split-qemuBuildCpuArgStr.patch
Patch0102: 0102-qemu-Don-t-compare-CPU-against-host-for-TCG.patch
# Fix labelling host devices (bz #1145968)
Patch0103: 0103-security-Fix-labelling-host-devices-bz-1145968.patch
%if %{with_libvirtd}
Requires: libvirt-daemon = %{version}-%{release}
%if %{with_network}
@ -1231,39 +1198,6 @@ driver
%prep
%setup -q
# Generate non-colliding network IP range at RPM install time (bz
# #811967)
%patch0001 -p1
%patch0002 -p1
# Fix directory creation at session daemon startup (bz #1139672)
%patch0003 -p1
%patch0004 -p1
%patch0005 -p1
%patch0006 -p1
%patch0007 -p1
# Fix preun script (bz #1142367)
%patch0008 -p1
# Don't mess up labelling of /dev/net/tun (bz #1141879)
%patch0009 -p1
# pflash/nvram support for UEFI/OVMF
%patch0010 -p1
%patch0011 -p1
%patch0012 -p1
%patch0013 -p1
%patch0014 -p1
%patch0015 -p1
%patch0016 -p1
%patch0017 -p1
%patch0018 -p1
%patch0019 -p1
%patch0020 -p1
# Fix specifying CPU for qemu aarch64
%patch0101 -p1
%patch0102 -p1
# Fix labelling host devices (bz #1145968)
%patch0103 -p1
%build
%if ! %{with_xen}
%define _without_xen --without-xen
@ -2136,7 +2070,7 @@ exit 0
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/channel/target/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
%dir %attr(0711, %{qemu_user}, %{qemu_group}) %{_localstatedir}/lib/libvirt/qemu/nvram/
%dir %attr(0750, %{qemu_user}, %{qemu_group}) %{_localstatedir}/cache/libvirt/qemu/
%{_datadir}/augeas/lenses/libvirtd_qemu.aug
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug

2
sources
View File

@ -1 +1 @@
75114991290f7c8f01dd5223431b9c00 libvirt-1.2.8.tar.gz
f017075995062ff1d15577b0b093d02e libvirt-1.2.9.tar.gz