rpms/libvirt
7
0
Fork 1
Code Issues Pull Requests Releases Activity

libvirt-11.10.0-4.el9

Browse Source 
- qemuSecurityMoveImageMetadata: Move seclabels only to virStorageSource of same type (RHEL-140624)
- qemuDomainSetThrottleGroup: Enforce non-zero 'groupname' string length (RHEL-144010)
- qemuDomainSetBlockIoTuneField: Move setting of 'group_name' out of the loop (RHEL-144010)
- qemuDomainSetThrottleGroup: Always honour thottle group name passed as argument (RHEL-144010)
- qemuDomainSetThrottleGroup: Don't put group name into the 'tunable' event twice (RHEL-144010)
- qemuSnapshotDiskHasBackingDisk: Avoid call of virStorageSourceIsSameLocation with NULL argument (RHEL-144090)
- qemuSnapshotUpdateBackingStore: Remove stale comment (RHEL-144090)
- qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when calling 'virStorageSourceGetMetadata' (RHEL-144090)
- virDomainSnapshotDefAssignExternalNames: Improve error message (RHEL-144090)
- qemuSnapshotUpdateBackingStore: Retry as curent user if qemu-img fails (RHEL-144090)

Resolves: RHEL-140624, RHEL-144010, RHEL-144090
This commit is contained in:
Jiri Denemark 2026-01-29 16:16:47 +01:00
parent 26147fadd8
commit 83aad8ea81
11 changed files with 595 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch Normal file
View File

@ -0,0 +1,68 @@
From 531c9abeb0483ed64adafdd0546d77b13d913445 Mon Sep 17 00:00:00 2001
Message-ID: <531c9abeb0483ed64adafdd0546d77b13d913445.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 16 Jan 2026 16:38:38 +0100
Subject: [PATCH] qemuDomainSetBlockIoTuneField: Move setting of 'group_name'
out of the loop
The refactor will simplify further change which will introduce another
source for the group name.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit fa064375668df0e67b4d68fdfc4a386862026f3f)
https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8]
---
src/qemu/qemu_driver.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 194017a29a..ecfb65c535 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15173,6 +15173,7 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info,
int *eventNparams,
int *eventMaxparams)
{
+ const char *param_group_name = NULL;
size_t i;
#define SET_IOTUNE_FIELD(FIELD, BOOL, CONST) \
@@ -15218,15 +15219,8 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info,
WRITE_IOPS_SEC_MAX);
SET_IOTUNE_FIELD(size_iops_sec, SIZE_IOPS, SIZE_IOPS_SEC);
- /* NB: Cannot use macro since this is a value.s not a value.ul */
if (STREQ(param->field, VIR_DOMAIN_BLOCK_IOTUNE_GROUP_NAME)) {
- info->group_name = g_strdup(param->value.s);
- *set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME;
- if (virTypedParamsAddString(eventParams, eventNparams,
- eventMaxparams,
- VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME,
- param->value.s) < 0)
- return -1;
+ param_group_name = param->value.s;
continue;
}
@@ -15244,6 +15238,16 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info,
WRITE_IOPS_SEC_MAX_LENGTH);
}
+ if (param_group_name) {
+ info->group_name = g_strdup(param_group_name);
+ *set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME;
+ if (virTypedParamsAddString(eventParams, eventNparams,
+ eventMaxparams,
+ VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME,
+ param_group_name) < 0)
+ return -1;
+ }
+
#undef SET_IOTUNE_FIELD
return 0;
--
2.52.0

75
libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch Normal file
View File

@ -0,0 +1,75 @@
From a32dfdf78ac0051b3f2c218272c2baa253ffa239 Mon Sep 17 00:00:00 2001
Message-ID: <a32dfdf78ac0051b3f2c218272c2baa253ffa239.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 16 Jan 2026 16:39:40 +0100
Subject: [PATCH] qemuDomainSetThrottleGroup: Always honour thottle group name
passed as argument
Due to the code share with 'qemuDomainSetBlockIoTune' the throttle group
setting code accepts the throttle group name also via typed parameters.
In 'qemuDomainSetThrottleGroup', this means that there are 2 ways to
pass it the throttle group name and both are handled slightly
differently. Specifically the name of the group used in the list of
groups is the name taken from the typed parameters rather than the one
passed via API. We also don't validate that they match.
Now if the name in the typed parameters is missing we'd add empty string
to the group list which would later crash when looking up the group
name.
To avoid this problem always use the name passed via argument. This is
achieved by passing it into 'qemuDomainSetBlockIoTuneFields' so that it
overrides whatever is in the typed parameters.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 0cd13906dcf15ea5709a7b253466816a1b875640)
https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8]
---
src/qemu/qemu_driver.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index ecfb65c535..a6d5dd6e05 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -15168,6 +15168,7 @@ static int
qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info,
virTypedParameterPtr params,
int nparams,
+ const char *group_name,
qemuBlockIoTuneSetFlags *set_fields,
virTypedParameterPtr *eventParams,
int *eventNparams,
@@ -15238,6 +15239,10 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info,
WRITE_IOPS_SEC_MAX_LENGTH);
}
+ /* The name of the throttle group passed via API always takes precedence */
+ if (group_name)
+ param_group_name = group_name;
+
if (param_group_name) {
info->group_name = g_strdup(param_group_name);
*set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME;
@@ -15385,6 +15390,7 @@ qemuDomainSetBlockIoTune(virDomainPtr dom,
if (qemuDomainSetBlockIoTuneFields(&info,
params,
nparams,
+ NULL,
&set_fields,
&eventParams,
&eventNparams,
@@ -20379,6 +20385,7 @@ qemuDomainSetThrottleGroup(virDomainPtr dom,
if (qemuDomainSetBlockIoTuneFields(&info,
params,
nparams,
+ groupname,
&set_fields,
&eventParams,
&eventNparams,
--
2.52.0

43
libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch Normal file
View File

@ -0,0 +1,43 @@
From 537bc39e12472a9cd9bdaa149e680caa4eb7d5f2 Mon Sep 17 00:00:00 2001
Message-ID: <537bc39e12472a9cd9bdaa149e680caa4eb7d5f2.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 16 Jan 2026 16:39:49 +0100
Subject: [PATCH] qemuDomainSetThrottleGroup: Don't put group name into the
'tunable' event twice
'qemuDomainSetBlockIoTuneFields' already populates the contents of the
VIR_DOMAIN_EVENT_ID_TUNABLE params with the group name so there's no
need to do it explicitly. We'd report the group name twice:
event 'tunable' for domain 'cd':
blkdeviotune.group_name: asdf
blkdeviotune.total_bytes_sec: 1234
blkdeviotune.group_name: asdf
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit adcc14e1538433ec1b2f4b103cdf641917e63242)
https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8]
---
src/qemu/qemu_driver.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index a6d5dd6e05..08a547c546 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -20378,10 +20378,6 @@ qemuDomainSetThrottleGroup(virDomainPtr dom,
if (virDomainObjGetDefs(vm, flags, &def, &persistentDef) < 0)
goto endjob;
- if (virTypedParamsAddString(&eventParams, &eventNparams, &eventMaxparams,
- VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME, groupname) < 0)
- goto endjob;
-
if (qemuDomainSetBlockIoTuneFields(&info,
params,
nparams,
--
2.52.0

38
libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch Normal file
View File

@ -0,0 +1,38 @@
From 9b395b3de68aacda18bbb40f8bfba8f85087aec1 Mon Sep 17 00:00:00 2001
Message-ID: <9b395b3de68aacda18bbb40f8bfba8f85087aec1.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 16 Jan 2026 16:36:50 +0100
Subject: [PATCH] qemuDomainSetThrottleGroup: Enforce non-zero 'groupname'
string length
Having a name of 0 characters makes no sense. Reject it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit abcdc9511b1c78df7dcdee9f01c6d55651d3a424)
https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8]
---
src/qemu/qemu_driver.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f2e024dae3..194017a29a 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -20345,6 +20345,12 @@ qemuDomainSetThrottleGroup(virDomainPtr dom,
virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
VIR_DOMAIN_AFFECT_CONFIG, -1);
+ if (strlen(groupname) == 0) {
+ virReportError(VIR_ERR_INVALID_ARG, "%s",
+ _("'groupname' parameter string must have non-zero length"));
+ return -1;
+ }
+
if (qemuDomainValidateBlockIoTune(params, nparams) < 0)
return -1;
--
2.52.0

57
libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch Normal file
View File

@ -0,0 +1,57 @@
From 887c6befa9ee57f0da96f49dd62bea463bbc75af Mon Sep 17 00:00:00 2001
Message-ID: <887c6befa9ee57f0da96f49dd62bea463bbc75af.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 12 Jan 2026 10:54:38 +0100
Subject: [PATCH] qemuSecurityMoveImageMetadata: Move seclabels only to
virStorageSource of same type
The concept of moving a seclabel is used e.g. when a new image is
introduced to the backing chain (or one of the existing ones becomes
active during block commit). What it does is that it moves the metedata
remembering the original seclabel to the new image.
That idea works reasonably well if both the original and new image are
of same type e.g. a file, where they have comparable seclabel.
It breaks down though when you e.g. create a snapshot stored in a 'file'
on top of a disk originally backed by a 'block' storage source, since
the seclabels differ quite siginificantly.
This patch restricts the seclabel move in qemuSecurityMoveImageMetadata
to happen only if the storage sources are of same type to avoid the
issue. This means that the seclabels will not be remebered and will be
restored to the default but it's better than to transfer wrong labels.
Resolves: https://issues.redhat.com/browse/RHEL-114412
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
(cherry picked from commit 37d51c0d27692a245d7a5eeeef57748e7574de4b)
https://issues.redhat.com/browse/RHEL-140624
---
src/qemu/qemu_security.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c
index 6bb0f9170d..84cb981a96 100644
--- a/src/qemu/qemu_security.c
+++ b/src/qemu/qemu_security.c
@@ -201,6 +201,16 @@ qemuSecurityMoveImageMetadata(virQEMUDriver *driver,
if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT))
pid = vm->pid;
+ /* Moving seclabel metadata makes sense only when 'src' and 'dst' are of
+ * the same type. Otherwise 'dst' could end up with a seclabel that doesn't
+ * make sense for it (e.g. a seclabel originating from a block device /dev
+ * node moved to a file), once the seclabels are restored for it */
+ if (src && dst && src->type != dst->type) {
+ VIR_DEBUG("dropping security label metadata instead of moving it from '%s' to '%s' due to type mismatch",
+ NULLSTR(src->path), NULLSTR(dst->path));
+ dst = NULL;
+ }
+
return virSecurityManagerMoveImageMetadata(driver->securityManager,
cfg->sharedFilesystems,
pid, src, dst);
--
2.52.0

48
libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch Normal file
View File

@ -0,0 +1,48 @@
From 5192ca6507c19b3c98df8dff4354d2e22d946cfb Mon Sep 17 00:00:00 2001
Message-ID: <5192ca6507c19b3c98df8dff4354d2e22d946cfb.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 23 Jan 2026 08:42:50 +0100
Subject: [PATCH] qemuSnapshotDiskHasBackingDisk: Avoid call of
virStorageSourceIsSameLocation with NULL argument
When the 'backingStore' pointer is not populated the function calls
'virStorageSourceGetMetadata' to try to populate it but if the on-disk
metadata doesn't have a backing image (e.g. if it's the 'base' image of
the chain) the 'backingStore' or the metadata fetcher fails the pointer
will still be NULL.
The function then calls 'virStorageSourceIsSameLocation' but the
internal functions for dealing with storage sources don't handle NULL
gracefully.
Since the code calling 'qemu-img' based on the data detected here
doesn't actually raise errors if the operations fail there's no point
in raising errors here either.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/844
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit b43aee9cc904961e0f18156c3c84a3e460bdb7be)
https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8]
---
src/qemu/qemu_snapshot.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index 302775af92..dfc3f449e3 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -3135,7 +3135,8 @@ qemuSnapshotDiskHasBackingDisk(void *payload,
if (!disk->src->backingStore)
ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid, 1, false));
- if (virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) {
+ if (disk->src->backingStore &&
+ virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) {
struct _qemuSnapshotDisksWithBackingStoreData *data =
g_new0(struct _qemuSnapshotDisksWithBackingStoreData, 1);
--
2.52.0

75
libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch Normal file
View File

@ -0,0 +1,75 @@
From f14123947915d38c9c1b9664f5da73cbf21ff4c5 Mon Sep 17 00:00:00 2001
Message-ID: <f14123947915d38c9c1b9664f5da73cbf21ff4c5.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 26 Jan 2026 16:39:24 +0100
Subject: [PATCH] qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when
calling 'virStorageSourceGetMetadata'
The 'max_depth' argument of 'virStorageSourceGetMetadata' doesn't just
limit how far the function goes but also fails completely if the chain
is deeper than the passed value.
In 'qemuSnapshotDiskHasBackingDisk' we only care about finding the
backing image, so just one level below, the passed path, but due to the
above setting '1' as max_depth will make the function simply fail every
time.
Extract and reuse QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH as the
detection depth. While '200' layers is overkill for this code, we also
start a full qemu instance just to delete an snapshot so this doens't
matter and still protects from self-referential images.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit 6bcdf4ee59595041c76ed2339c45503723400737)
https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8]
---
src/qemu/qemu_domain.c | 2 --
src/qemu/qemu_domain.h | 1 +
src/qemu/qemu_snapshot.c | 4 +++-
3 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index ac56fc7cb4..486a0e7913 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -6297,8 +6297,6 @@ qemuDomainStorageAlias(const char *device, int depth)
}
-#define QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH 200
-
/**
* qemuDomainStorageSourceValidateDepth:
* @src: storage source chain to validate
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 3396f929fd..b9bb338682 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -706,6 +706,7 @@ int qemuDomainCheckDiskStartupPolicy(virQEMUDriver *driver,
size_t diskIndex,
bool cold_boot);
+#define QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH 200
int qemuDomainStorageSourceValidateDepth(virStorageSource *src,
int add,
const char *diskdst);
diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index 942ba0d437..c23add5103 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -3133,7 +3133,9 @@ qemuSnapshotDiskHasBackingDisk(void *payload,
NULL, &uid, &gid);
if (!disk->src->backingStore)
- ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid, 1, false));
+ ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid,
+ QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH,
+ false));
if (disk->src->backingStore &&
virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) {
--
2.52.0

34
libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch Normal file
View File

@ -0,0 +1,34 @@
From beaa6db9d526a2fe044507483d709505e1d62bb5 Mon Sep 17 00:00:00 2001
Message-ID: <beaa6db9d526a2fe044507483d709505e1d62bb5.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 23 Jan 2026 08:54:32 +0100
Subject: [PATCH] qemuSnapshotUpdateBackingStore: Remove stale comment
The code does a 'qemu-img rebase' rather than a 'qemu-img create' what
the commit suggests. Since we enumerate all arguments right below,
there's no need for a comment.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit 452c281aee7a043b59a288de043ea4e3b75a6b7c)
https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8]
---
src/qemu/qemu_snapshot.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index dfc3f449e3..942ba0d437 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -3698,7 +3698,6 @@ qemuSnapshotUpdateBackingStore(qemuSnapshotDeleteExternalData *data)
struct _qemuSnapshotDisksWithBackingStoreData *backingData = cur->data;
g_autoptr(virCommand) cmd = NULL;
- /* creates cmd line args: qemu-img create -f qcow2 -o */
if (!(cmd = virCommandNewArgList("qemu-img",
"rebase",
"-u",
--
2.52.0

97
libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch Normal file
View File

@ -0,0 +1,97 @@
From d5878727f9fab5a93f040d1c8c340bb1d5e9da40 Mon Sep 17 00:00:00 2001
Message-ID: <d5878727f9fab5a93f040d1c8c340bb1d5e9da40.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 26 Jan 2026 16:49:50 +0100
Subject: [PATCH] qemuSnapshotUpdateBackingStore: Retry as curent user if
qemu-img fails
The code calls 'qemu-img rebase' to fix the backing store references.
The 'qemu-img' process here is run as the 'qemu' user or whatever the
defaults and domain XML resolve to. Since this, in certain cases, works
also on images which are not part of the backing chain and in privileged
deployments thus can be owned by 'root:root' the update may fail
(silently).
To preserver root-squash deployments but fix also the above case, retry
the operation on failure as current user.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit 6bb982178b40768f37c5177f317e73562733530f)
https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8]
---
src/qemu/qemu_snapshot.c | 53 ++++++++++++++++++++++++++++------------
1 file changed, 38 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
index c23add5103..e30ade9dc8 100644
--- a/src/qemu/qemu_snapshot.c
+++ b/src/qemu/qemu_snapshot.c
@@ -3698,25 +3698,48 @@ qemuSnapshotUpdateBackingStore(qemuSnapshotDeleteExternalData *data)
for (cur = data->disksWithBacking; cur; cur = g_slist_next(cur)) {
struct _qemuSnapshotDisksWithBackingStoreData *backingData = cur->data;
- g_autoptr(virCommand) cmd = NULL;
+ /* Try to run the command first as the appropriate user based on the
+ * domain definition and config. If error is returned retry as current
+ * (possibly privileged) user for cases where seclabels were reset
+ * to the default */
+ g_autoptr(virCommand) cmd_user_qemu = NULL;
+ g_autoptr(virCommand) cmd_user_curr = NULL;
- if (!(cmd = virCommandNewArgList("qemu-img",
- "rebase",
- "-u",
- "-F",
- virStorageFileFormatTypeToString(data->parentDiskSrc->format),
- "-f",
- virStorageFileFormatTypeToString(backingData->diskSrc->format),
- "-b",
- data->parentDiskSrc->path,
- backingData->diskSrc->path,
- NULL)))
+ if (!(cmd_user_qemu = virCommandNewArgList("qemu-img",
+ "rebase",
+ "-u",
+ "-F",
+ virStorageFileFormatTypeToString(data->parentDiskSrc->format),
+ "-f",
+ virStorageFileFormatTypeToString(backingData->diskSrc->format),
+ "-b",
+ data->parentDiskSrc->path,
+ backingData->diskSrc->path,
+ NULL)))
continue;
- virCommandSetUID(cmd, backingData->uid);
- virCommandSetGID(cmd, backingData->gid);
+ virCommandSetUID(cmd_user_qemu, backingData->uid);
+ virCommandSetGID(cmd_user_qemu, backingData->gid);
- ignore_value(virCommandRun(cmd, NULL));
+ /* done on success */
+ if (virCommandRun(cmd_user_qemu, NULL) == 0)
+ continue;
+
+ /* retry as current user */
+ if (!(cmd_user_curr = virCommandNewArgList("qemu-img",
+ "rebase",
+ "-u",
+ "-F",
+ virStorageFileFormatTypeToString(data->parentDiskSrc->format),
+ "-f",
+ virStorageFileFormatTypeToString(backingData->diskSrc->format),
+ "-b",
+ data->parentDiskSrc->path,
+ backingData->diskSrc->path,
+ NULL)))
+ continue;
+
+ ignore_value(virCommandRun(cmd_user_curr, NULL));
}
}
--
2.52.0

37
libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch Normal file
View File

@ -0,0 +1,37 @@
From 75176aff12076de0511a3cc46ad820255a0d05f0 Mon Sep 17 00:00:00 2001
Message-ID: <75176aff12076de0511a3cc46ad820255a0d05f0.1769699807.git.jdenemar@redhat.com>
From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 26 Jan 2026 16:39:45 +0100
Subject: [PATCH] virDomainSnapshotDefAssignExternalNames: Improve error
message
Mention the 'path' where the detection failed as well as include the
possibility that the 'path' doesn't exist in the message itself.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
(cherry picked from commit f1ad5219368b1b2c603d876f28dc852fd6da3a8d)
https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2]
https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8]
---
src/conf/snapshot_conf.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/conf/snapshot_conf.c b/src/conf/snapshot_conf.c
index 039ed77b84..4309667a34 100644
--- a/src/conf/snapshot_conf.c
+++ b/src/conf/snapshot_conf.c
@@ -541,8 +541,8 @@ virDomainSnapshotDefAssignExternalNames(virDomainSnapshotDef *def,
if (stat(origpath, &sb) < 0 || !S_ISREG(sb.st_mode)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("source for disk '%1$s' is not a regular file; refusing to generate external snapshot name"),
- disk->name);
+ _("source for disk '%1$s' (%2$s) doesn't exist or is not a regular file; refusing to generate external snapshot name"),
+ disk->name, origpath);
return -1;
}
--
2.52.0

24
libvirt.spec
View File

@ -294,7 +294,7 @@
Summary: Library providing a simple virtualization API
Name: libvirt
Version: 11.10.0
Release: 3%{?dist}%{?extra_release}
Release: 4%{?dist}%{?extra_release}
License: GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND OFL-1.1
URL: https://libvirt.org/
@ -313,6 +313,16 @@ Patch8: libvirt-qemu_validate-Drop-VIR_DOMAIN_HYPERV_SYNIC-dependency-on-VIR_DOM
Patch9: libvirt-qemu_validate-Drop-VIR_DOMAIN_HYPERV_STIMER-dependency-on-VIR_DOMAIN_HYPERV_VPINDEX.patch
Patch10: libvirt-esx_util-Introduce-esxUtil_EscapeInventoryObject.patch
Patch11: libvirt-esx-URI-encode-inventory-objects-twice.patch
Patch12: libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch
Patch13: libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch
Patch14: libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch
Patch15: libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch
Patch16: libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch
Patch17: libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch
Patch18: libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch
Patch19: libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch
Patch20: libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch
Patch21: libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch
Requires: libvirt-daemon = %{version}-%{release}
@ -2704,6 +2714,18 @@ exit 0
%endif
%changelog
* Thu Jan 29 2026 Jiri Denemark <jdenemar@redhat.com> - 11.10.0-4
- qemuSecurityMoveImageMetadata: Move seclabels only to virStorageSource of same type (RHEL-140624)
- qemuDomainSetThrottleGroup: Enforce non-zero 'groupname' string length (RHEL-144010)
- qemuDomainSetBlockIoTuneField: Move setting of 'group_name' out of the loop (RHEL-144010)
- qemuDomainSetThrottleGroup: Always honour thottle group name passed as argument (RHEL-144010)
- qemuDomainSetThrottleGroup: Don't put group name into the 'tunable' event twice (RHEL-144010)
- qemuSnapshotDiskHasBackingDisk: Avoid call of virStorageSourceIsSameLocation with NULL argument (RHEL-144090)
- qemuSnapshotUpdateBackingStore: Remove stale comment (RHEL-144090)
- qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when calling 'virStorageSourceGetMetadata' (RHEL-144090)
- virDomainSnapshotDefAssignExternalNames: Improve error message (RHEL-144090)
- qemuSnapshotUpdateBackingStore: Retry as curent user if qemu-img fails (RHEL-144090)
* Tue Jan 13 2026 Jiri Denemark <jdenemar@redhat.com> - 11.10.0-3
- util: json: Increase JSON nesting limit when parsing to 300 (RHEL-135128)
- virjsontest: Add test for nesting depth (RHEL-135128)