diff --git a/libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch b/libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch new file mode 100644 index 0000000..375ed05 --- /dev/null +++ b/libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch @@ -0,0 +1,68 @@ +From 531c9abeb0483ed64adafdd0546d77b13d913445 Mon Sep 17 00:00:00 2001 +Message-ID: <531c9abeb0483ed64adafdd0546d77b13d913445.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Fri, 16 Jan 2026 16:38:38 +0100 +Subject: [PATCH] qemuDomainSetBlockIoTuneField: Move setting of 'group_name' + out of the loop + +The refactor will simplify further change which will introduce another +source for the group name. + +Signed-off-by: Peter Krempa +Reviewed-by: Michal Privoznik +(cherry picked from commit fa064375668df0e67b4d68fdfc4a386862026f3f) + +https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2] +https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8] +--- + src/qemu/qemu_driver.c | 20 ++++++++++++-------- + 1 file changed, 12 insertions(+), 8 deletions(-) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index 194017a29a..ecfb65c535 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -15173,6 +15173,7 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info, + int *eventNparams, + int *eventMaxparams) + { ++ const char *param_group_name = NULL; + size_t i; + + #define SET_IOTUNE_FIELD(FIELD, BOOL, CONST) \ +@@ -15218,15 +15219,8 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info, + WRITE_IOPS_SEC_MAX); + SET_IOTUNE_FIELD(size_iops_sec, SIZE_IOPS, SIZE_IOPS_SEC); + +- /* NB: Cannot use macro since this is a value.s not a value.ul */ + if (STREQ(param->field, VIR_DOMAIN_BLOCK_IOTUNE_GROUP_NAME)) { +- info->group_name = g_strdup(param->value.s); +- *set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME; +- if (virTypedParamsAddString(eventParams, eventNparams, +- eventMaxparams, +- VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME, +- param->value.s) < 0) +- return -1; ++ param_group_name = param->value.s; + continue; + } + +@@ -15244,6 +15238,16 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info, + WRITE_IOPS_SEC_MAX_LENGTH); + } + ++ if (param_group_name) { ++ info->group_name = g_strdup(param_group_name); ++ *set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME; ++ if (virTypedParamsAddString(eventParams, eventNparams, ++ eventMaxparams, ++ VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME, ++ param_group_name) < 0) ++ return -1; ++ } ++ + #undef SET_IOTUNE_FIELD + + return 0; +-- +2.52.0 diff --git a/libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch b/libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch new file mode 100644 index 0000000..9f58bb6 --- /dev/null +++ b/libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch @@ -0,0 +1,75 @@ +From a32dfdf78ac0051b3f2c218272c2baa253ffa239 Mon Sep 17 00:00:00 2001 +Message-ID: +From: Peter Krempa +Date: Fri, 16 Jan 2026 16:39:40 +0100 +Subject: [PATCH] qemuDomainSetThrottleGroup: Always honour thottle group name + passed as argument + +Due to the code share with 'qemuDomainSetBlockIoTune' the throttle group +setting code accepts the throttle group name also via typed parameters. + +In 'qemuDomainSetThrottleGroup', this means that there are 2 ways to +pass it the throttle group name and both are handled slightly +differently. Specifically the name of the group used in the list of +groups is the name taken from the typed parameters rather than the one +passed via API. We also don't validate that they match. + +Now if the name in the typed parameters is missing we'd add empty string +to the group list which would later crash when looking up the group +name. + +To avoid this problem always use the name passed via argument. This is +achieved by passing it into 'qemuDomainSetBlockIoTuneFields' so that it +overrides whatever is in the typed parameters. + +Signed-off-by: Peter Krempa +Reviewed-by: Michal Privoznik +(cherry picked from commit 0cd13906dcf15ea5709a7b253466816a1b875640) + +https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2] +https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8] +--- + src/qemu/qemu_driver.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index ecfb65c535..a6d5dd6e05 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -15168,6 +15168,7 @@ static int + qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info, + virTypedParameterPtr params, + int nparams, ++ const char *group_name, + qemuBlockIoTuneSetFlags *set_fields, + virTypedParameterPtr *eventParams, + int *eventNparams, +@@ -15238,6 +15239,10 @@ qemuDomainSetBlockIoTuneFields(virDomainBlockIoTuneInfo *info, + WRITE_IOPS_SEC_MAX_LENGTH); + } + ++ /* The name of the throttle group passed via API always takes precedence */ ++ if (group_name) ++ param_group_name = group_name; ++ + if (param_group_name) { + info->group_name = g_strdup(param_group_name); + *set_fields |= QEMU_BLOCK_IOTUNE_SET_GROUP_NAME; +@@ -15385,6 +15390,7 @@ qemuDomainSetBlockIoTune(virDomainPtr dom, + if (qemuDomainSetBlockIoTuneFields(&info, + params, + nparams, ++ NULL, + &set_fields, + &eventParams, + &eventNparams, +@@ -20379,6 +20385,7 @@ qemuDomainSetThrottleGroup(virDomainPtr dom, + if (qemuDomainSetBlockIoTuneFields(&info, + params, + nparams, ++ groupname, + &set_fields, + &eventParams, + &eventNparams, +-- +2.52.0 diff --git a/libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch b/libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch new file mode 100644 index 0000000..0e7a2d4 --- /dev/null +++ b/libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch @@ -0,0 +1,43 @@ +From 537bc39e12472a9cd9bdaa149e680caa4eb7d5f2 Mon Sep 17 00:00:00 2001 +Message-ID: <537bc39e12472a9cd9bdaa149e680caa4eb7d5f2.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Fri, 16 Jan 2026 16:39:49 +0100 +Subject: [PATCH] qemuDomainSetThrottleGroup: Don't put group name into the + 'tunable' event twice + +'qemuDomainSetBlockIoTuneFields' already populates the contents of the +VIR_DOMAIN_EVENT_ID_TUNABLE params with the group name so there's no +need to do it explicitly. We'd report the group name twice: + + event 'tunable' for domain 'cd': + blkdeviotune.group_name: asdf + blkdeviotune.total_bytes_sec: 1234 + blkdeviotune.group_name: asdf + +Signed-off-by: Peter Krempa +Reviewed-by: Michal Privoznik +(cherry picked from commit adcc14e1538433ec1b2f4b103cdf641917e63242) + +https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2] +https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8] +--- + src/qemu/qemu_driver.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index a6d5dd6e05..08a547c546 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -20378,10 +20378,6 @@ qemuDomainSetThrottleGroup(virDomainPtr dom, + if (virDomainObjGetDefs(vm, flags, &def, &persistentDef) < 0) + goto endjob; + +- if (virTypedParamsAddString(&eventParams, &eventNparams, &eventMaxparams, +- VIR_DOMAIN_TUNABLE_BLKDEV_GROUP_NAME, groupname) < 0) +- goto endjob; +- + if (qemuDomainSetBlockIoTuneFields(&info, + params, + nparams, +-- +2.52.0 diff --git a/libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch b/libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch new file mode 100644 index 0000000..c6d0945 --- /dev/null +++ b/libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch @@ -0,0 +1,38 @@ +From 9b395b3de68aacda18bbb40f8bfba8f85087aec1 Mon Sep 17 00:00:00 2001 +Message-ID: <9b395b3de68aacda18bbb40f8bfba8f85087aec1.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Fri, 16 Jan 2026 16:36:50 +0100 +Subject: [PATCH] qemuDomainSetThrottleGroup: Enforce non-zero 'groupname' + string length + +Having a name of 0 characters makes no sense. Reject it. + +Signed-off-by: Peter Krempa +Reviewed-by: Michal Privoznik +(cherry picked from commit abcdc9511b1c78df7dcdee9f01c6d55651d3a424) + +https://issues.redhat.com/browse/RHEL-141820 [rhel-10.2] +https://issues.redhat.com/browse/RHEL-144010 [rhel-9.8] +--- + src/qemu/qemu_driver.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c +index f2e024dae3..194017a29a 100644 +--- a/src/qemu/qemu_driver.c ++++ b/src/qemu/qemu_driver.c +@@ -20345,6 +20345,12 @@ qemuDomainSetThrottleGroup(virDomainPtr dom, + virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | + VIR_DOMAIN_AFFECT_CONFIG, -1); + ++ if (strlen(groupname) == 0) { ++ virReportError(VIR_ERR_INVALID_ARG, "%s", ++ _("'groupname' parameter string must have non-zero length")); ++ return -1; ++ } ++ + if (qemuDomainValidateBlockIoTune(params, nparams) < 0) + return -1; + +-- +2.52.0 diff --git a/libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch b/libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch new file mode 100644 index 0000000..ddc8a2c --- /dev/null +++ b/libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch @@ -0,0 +1,57 @@ +From 887c6befa9ee57f0da96f49dd62bea463bbc75af Mon Sep 17 00:00:00 2001 +Message-ID: <887c6befa9ee57f0da96f49dd62bea463bbc75af.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Mon, 12 Jan 2026 10:54:38 +0100 +Subject: [PATCH] qemuSecurityMoveImageMetadata: Move seclabels only to + virStorageSource of same type + +The concept of moving a seclabel is used e.g. when a new image is +introduced to the backing chain (or one of the existing ones becomes +active during block commit). What it does is that it moves the metedata +remembering the original seclabel to the new image. + +That idea works reasonably well if both the original and new image are +of same type e.g. a file, where they have comparable seclabel. + +It breaks down though when you e.g. create a snapshot stored in a 'file' +on top of a disk originally backed by a 'block' storage source, since +the seclabels differ quite siginificantly. + +This patch restricts the seclabel move in qemuSecurityMoveImageMetadata +to happen only if the storage sources are of same type to avoid the +issue. This means that the seclabels will not be remebered and will be +restored to the default but it's better than to transfer wrong labels. + +Resolves: https://issues.redhat.com/browse/RHEL-114412 + +Signed-off-by: Peter Krempa +Reviewed-by: Michal Privoznik +(cherry picked from commit 37d51c0d27692a245d7a5eeeef57748e7574de4b) +https://issues.redhat.com/browse/RHEL-140624 +--- + src/qemu/qemu_security.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c +index 6bb0f9170d..84cb981a96 100644 +--- a/src/qemu/qemu_security.c ++++ b/src/qemu/qemu_security.c +@@ -201,6 +201,16 @@ qemuSecurityMoveImageMetadata(virQEMUDriver *driver, + if (qemuDomainNamespaceEnabled(vm, QEMU_DOMAIN_NS_MOUNT)) + pid = vm->pid; + ++ /* Moving seclabel metadata makes sense only when 'src' and 'dst' are of ++ * the same type. Otherwise 'dst' could end up with a seclabel that doesn't ++ * make sense for it (e.g. a seclabel originating from a block device /dev ++ * node moved to a file), once the seclabels are restored for it */ ++ if (src && dst && src->type != dst->type) { ++ VIR_DEBUG("dropping security label metadata instead of moving it from '%s' to '%s' due to type mismatch", ++ NULLSTR(src->path), NULLSTR(dst->path)); ++ dst = NULL; ++ } ++ + return virSecurityManagerMoveImageMetadata(driver->securityManager, + cfg->sharedFilesystems, + pid, src, dst); +-- +2.52.0 diff --git a/libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch b/libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch new file mode 100644 index 0000000..62d2a7a --- /dev/null +++ b/libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch @@ -0,0 +1,48 @@ +From 5192ca6507c19b3c98df8dff4354d2e22d946cfb Mon Sep 17 00:00:00 2001 +Message-ID: <5192ca6507c19b3c98df8dff4354d2e22d946cfb.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Fri, 23 Jan 2026 08:42:50 +0100 +Subject: [PATCH] qemuSnapshotDiskHasBackingDisk: Avoid call of + virStorageSourceIsSameLocation with NULL argument + +When the 'backingStore' pointer is not populated the function calls +'virStorageSourceGetMetadata' to try to populate it but if the on-disk +metadata doesn't have a backing image (e.g. if it's the 'base' image of +the chain) the 'backingStore' or the metadata fetcher fails the pointer +will still be NULL. + +The function then calls 'virStorageSourceIsSameLocation' but the +internal functions for dealing with storage sources don't handle NULL +gracefully. + +Since the code calling 'qemu-img' based on the data detected here +doesn't actually raise errors if the operations fail there's no point +in raising errors here either. + +Closes: https://gitlab.com/libvirt/libvirt/-/issues/844 +Signed-off-by: Peter Krempa +Reviewed-by: Pavel Hrdina +(cherry picked from commit b43aee9cc904961e0f18156c3c84a3e460bdb7be) + + https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2] + https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8] +--- + src/qemu/qemu_snapshot.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c +index 302775af92..dfc3f449e3 100644 +--- a/src/qemu/qemu_snapshot.c ++++ b/src/qemu/qemu_snapshot.c +@@ -3135,7 +3135,8 @@ qemuSnapshotDiskHasBackingDisk(void *payload, + if (!disk->src->backingStore) + ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid, 1, false)); + +- if (virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) { ++ if (disk->src->backingStore && ++ virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) { + struct _qemuSnapshotDisksWithBackingStoreData *data = + g_new0(struct _qemuSnapshotDisksWithBackingStoreData, 1); + +-- +2.52.0 diff --git a/libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch b/libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch new file mode 100644 index 0000000..f81c7a0 --- /dev/null +++ b/libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch @@ -0,0 +1,75 @@ +From f14123947915d38c9c1b9664f5da73cbf21ff4c5 Mon Sep 17 00:00:00 2001 +Message-ID: +From: Peter Krempa +Date: Mon, 26 Jan 2026 16:39:24 +0100 +Subject: [PATCH] qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when + calling 'virStorageSourceGetMetadata' + +The 'max_depth' argument of 'virStorageSourceGetMetadata' doesn't just +limit how far the function goes but also fails completely if the chain +is deeper than the passed value. + +In 'qemuSnapshotDiskHasBackingDisk' we only care about finding the +backing image, so just one level below, the passed path, but due to the +above setting '1' as max_depth will make the function simply fail every +time. + +Extract and reuse QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH as the +detection depth. While '200' layers is overkill for this code, we also +start a full qemu instance just to delete an snapshot so this doens't +matter and still protects from self-referential images. + +Signed-off-by: Peter Krempa +Reviewed-by: Pavel Hrdina +(cherry picked from commit 6bcdf4ee59595041c76ed2339c45503723400737) + + https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2] + https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8] +--- + src/qemu/qemu_domain.c | 2 -- + src/qemu/qemu_domain.h | 1 + + src/qemu/qemu_snapshot.c | 4 +++- + 3 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c +index ac56fc7cb4..486a0e7913 100644 +--- a/src/qemu/qemu_domain.c ++++ b/src/qemu/qemu_domain.c +@@ -6297,8 +6297,6 @@ qemuDomainStorageAlias(const char *device, int depth) + } + + +-#define QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH 200 +- + /** + * qemuDomainStorageSourceValidateDepth: + * @src: storage source chain to validate +diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h +index 3396f929fd..b9bb338682 100644 +--- a/src/qemu/qemu_domain.h ++++ b/src/qemu/qemu_domain.h +@@ -706,6 +706,7 @@ int qemuDomainCheckDiskStartupPolicy(virQEMUDriver *driver, + size_t diskIndex, + bool cold_boot); + ++#define QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH 200 + int qemuDomainStorageSourceValidateDepth(virStorageSource *src, + int add, + const char *diskdst); +diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c +index 942ba0d437..c23add5103 100644 +--- a/src/qemu/qemu_snapshot.c ++++ b/src/qemu/qemu_snapshot.c +@@ -3133,7 +3133,9 @@ qemuSnapshotDiskHasBackingDisk(void *payload, + NULL, &uid, &gid); + + if (!disk->src->backingStore) +- ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid, 1, false)); ++ ignore_value(virStorageSourceGetMetadata(disk->src, uid, gid, ++ QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH, ++ false)); + + if (disk->src->backingStore && + virStorageSourceIsSameLocation(disk->src->backingStore, iterdata->diskSrc)) { +-- +2.52.0 diff --git a/libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch b/libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch new file mode 100644 index 0000000..c159416 --- /dev/null +++ b/libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch @@ -0,0 +1,34 @@ +From beaa6db9d526a2fe044507483d709505e1d62bb5 Mon Sep 17 00:00:00 2001 +Message-ID: +From: Peter Krempa +Date: Fri, 23 Jan 2026 08:54:32 +0100 +Subject: [PATCH] qemuSnapshotUpdateBackingStore: Remove stale comment + +The code does a 'qemu-img rebase' rather than a 'qemu-img create' what +the commit suggests. Since we enumerate all arguments right below, +there's no need for a comment. + +Signed-off-by: Peter Krempa +Reviewed-by: Pavel Hrdina +(cherry picked from commit 452c281aee7a043b59a288de043ea4e3b75a6b7c) + + https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2] + https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8] +--- + src/qemu/qemu_snapshot.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c +index dfc3f449e3..942ba0d437 100644 +--- a/src/qemu/qemu_snapshot.c ++++ b/src/qemu/qemu_snapshot.c +@@ -3698,7 +3698,6 @@ qemuSnapshotUpdateBackingStore(qemuSnapshotDeleteExternalData *data) + struct _qemuSnapshotDisksWithBackingStoreData *backingData = cur->data; + g_autoptr(virCommand) cmd = NULL; + +- /* creates cmd line args: qemu-img create -f qcow2 -o */ + if (!(cmd = virCommandNewArgList("qemu-img", + "rebase", + "-u", +-- +2.52.0 diff --git a/libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch b/libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch new file mode 100644 index 0000000..8d5f560 --- /dev/null +++ b/libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch @@ -0,0 +1,97 @@ +From d5878727f9fab5a93f040d1c8c340bb1d5e9da40 Mon Sep 17 00:00:00 2001 +Message-ID: +From: Peter Krempa +Date: Mon, 26 Jan 2026 16:49:50 +0100 +Subject: [PATCH] qemuSnapshotUpdateBackingStore: Retry as curent user if + qemu-img fails + +The code calls 'qemu-img rebase' to fix the backing store references. +The 'qemu-img' process here is run as the 'qemu' user or whatever the +defaults and domain XML resolve to. Since this, in certain cases, works +also on images which are not part of the backing chain and in privileged +deployments thus can be owned by 'root:root' the update may fail +(silently). + +To preserver root-squash deployments but fix also the above case, retry +the operation on failure as current user. + +Signed-off-by: Peter Krempa +Reviewed-by: Pavel Hrdina +(cherry picked from commit 6bb982178b40768f37c5177f317e73562733530f) + + https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2] + https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8] +--- + src/qemu/qemu_snapshot.c | 53 ++++++++++++++++++++++++++++------------ + 1 file changed, 38 insertions(+), 15 deletions(-) + +diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c +index c23add5103..e30ade9dc8 100644 +--- a/src/qemu/qemu_snapshot.c ++++ b/src/qemu/qemu_snapshot.c +@@ -3698,25 +3698,48 @@ qemuSnapshotUpdateBackingStore(qemuSnapshotDeleteExternalData *data) + + for (cur = data->disksWithBacking; cur; cur = g_slist_next(cur)) { + struct _qemuSnapshotDisksWithBackingStoreData *backingData = cur->data; +- g_autoptr(virCommand) cmd = NULL; ++ /* Try to run the command first as the appropriate user based on the ++ * domain definition and config. If error is returned retry as current ++ * (possibly privileged) user for cases where seclabels were reset ++ * to the default */ ++ g_autoptr(virCommand) cmd_user_qemu = NULL; ++ g_autoptr(virCommand) cmd_user_curr = NULL; + +- if (!(cmd = virCommandNewArgList("qemu-img", +- "rebase", +- "-u", +- "-F", +- virStorageFileFormatTypeToString(data->parentDiskSrc->format), +- "-f", +- virStorageFileFormatTypeToString(backingData->diskSrc->format), +- "-b", +- data->parentDiskSrc->path, +- backingData->diskSrc->path, +- NULL))) ++ if (!(cmd_user_qemu = virCommandNewArgList("qemu-img", ++ "rebase", ++ "-u", ++ "-F", ++ virStorageFileFormatTypeToString(data->parentDiskSrc->format), ++ "-f", ++ virStorageFileFormatTypeToString(backingData->diskSrc->format), ++ "-b", ++ data->parentDiskSrc->path, ++ backingData->diskSrc->path, ++ NULL))) + continue; + +- virCommandSetUID(cmd, backingData->uid); +- virCommandSetGID(cmd, backingData->gid); ++ virCommandSetUID(cmd_user_qemu, backingData->uid); ++ virCommandSetGID(cmd_user_qemu, backingData->gid); + +- ignore_value(virCommandRun(cmd, NULL)); ++ /* done on success */ ++ if (virCommandRun(cmd_user_qemu, NULL) == 0) ++ continue; ++ ++ /* retry as current user */ ++ if (!(cmd_user_curr = virCommandNewArgList("qemu-img", ++ "rebase", ++ "-u", ++ "-F", ++ virStorageFileFormatTypeToString(data->parentDiskSrc->format), ++ "-f", ++ virStorageFileFormatTypeToString(backingData->diskSrc->format), ++ "-b", ++ data->parentDiskSrc->path, ++ backingData->diskSrc->path, ++ NULL))) ++ continue; ++ ++ ignore_value(virCommandRun(cmd_user_curr, NULL)); + } + } + +-- +2.52.0 diff --git a/libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch b/libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch new file mode 100644 index 0000000..8b9427e --- /dev/null +++ b/libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch @@ -0,0 +1,37 @@ +From 75176aff12076de0511a3cc46ad820255a0d05f0 Mon Sep 17 00:00:00 2001 +Message-ID: <75176aff12076de0511a3cc46ad820255a0d05f0.1769699807.git.jdenemar@redhat.com> +From: Peter Krempa +Date: Mon, 26 Jan 2026 16:39:45 +0100 +Subject: [PATCH] virDomainSnapshotDefAssignExternalNames: Improve error + message + +Mention the 'path' where the detection failed as well as include the +possibility that the 'path' doesn't exist in the message itself. + +Signed-off-by: Peter Krempa +Reviewed-by: Pavel Hrdina +(cherry picked from commit f1ad5219368b1b2c603d876f28dc852fd6da3a8d) + + https://issues.redhat.com/browse/RHEL-144089 [rhel-10.2] + https://issues.redhat.com/browse/RHEL-144090 [rhel-9.8] +--- + src/conf/snapshot_conf.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/conf/snapshot_conf.c b/src/conf/snapshot_conf.c +index 039ed77b84..4309667a34 100644 +--- a/src/conf/snapshot_conf.c ++++ b/src/conf/snapshot_conf.c +@@ -541,8 +541,8 @@ virDomainSnapshotDefAssignExternalNames(virDomainSnapshotDef *def, + + if (stat(origpath, &sb) < 0 || !S_ISREG(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, +- _("source for disk '%1$s' is not a regular file; refusing to generate external snapshot name"), +- disk->name); ++ _("source for disk '%1$s' (%2$s) doesn't exist or is not a regular file; refusing to generate external snapshot name"), ++ disk->name, origpath); + return -1; + } + +-- +2.52.0 diff --git a/libvirt.spec b/libvirt.spec index 7eed5f7..6391bc1 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -294,7 +294,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 11.10.0 -Release: 3%{?dist}%{?extra_release} +Release: 4%{?dist}%{?extra_release} License: GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND OFL-1.1 URL: https://libvirt.org/ @@ -313,6 +313,16 @@ Patch8: libvirt-qemu_validate-Drop-VIR_DOMAIN_HYPERV_SYNIC-dependency-on-VIR_DOM Patch9: libvirt-qemu_validate-Drop-VIR_DOMAIN_HYPERV_STIMER-dependency-on-VIR_DOMAIN_HYPERV_VPINDEX.patch Patch10: libvirt-esx_util-Introduce-esxUtil_EscapeInventoryObject.patch Patch11: libvirt-esx-URI-encode-inventory-objects-twice.patch +Patch12: libvirt-qemuSecurityMoveImageMetadata-Move-seclabels-only-to-virStorageSource-of-same-type.patch +Patch13: libvirt-qemuDomainSetThrottleGroup-Enforce-non-zero-groupname-string-length.patch +Patch14: libvirt-qemuDomainSetBlockIoTuneField-Move-setting-of-group_name-out-of-the-loop.patch +Patch15: libvirt-qemuDomainSetThrottleGroup-Always-honour-thottle-group-name-passed-as-argument.patch +Patch16: libvirt-qemuDomainSetThrottleGroup-Don-t-put-group-name-into-the-tunable-event-twice.patch +Patch17: libvirt-qemuSnapshotDiskHasBackingDisk-Avoid-call-of-virStorageSourceIsSameLocation-with-NULL-argument.patch +Patch18: libvirt-qemuSnapshotUpdateBackingStore-Remove-stale-comment.patch +Patch19: libvirt-qemuSnapshotDiskHasBackingDisk-Use-proper-max_depth-when-calling-virStorageSourceGetMetadata.patch +Patch20: libvirt-virDomainSnapshotDefAssignExternalNames-Improve-error-message.patch +Patch21: libvirt-qemuSnapshotUpdateBackingStore-Retry-as-curent-user-if-qemu-img-fails.patch Requires: libvirt-daemon = %{version}-%{release} @@ -2704,6 +2714,18 @@ exit 0 %endif %changelog +* Thu Jan 29 2026 Jiri Denemark - 11.10.0-4 +- qemuSecurityMoveImageMetadata: Move seclabels only to virStorageSource of same type (RHEL-140624) +- qemuDomainSetThrottleGroup: Enforce non-zero 'groupname' string length (RHEL-144010) +- qemuDomainSetBlockIoTuneField: Move setting of 'group_name' out of the loop (RHEL-144010) +- qemuDomainSetThrottleGroup: Always honour thottle group name passed as argument (RHEL-144010) +- qemuDomainSetThrottleGroup: Don't put group name into the 'tunable' event twice (RHEL-144010) +- qemuSnapshotDiskHasBackingDisk: Avoid call of virStorageSourceIsSameLocation with NULL argument (RHEL-144090) +- qemuSnapshotUpdateBackingStore: Remove stale comment (RHEL-144090) +- qemuSnapshotDiskHasBackingDisk: Use proper 'max_depth' when calling 'virStorageSourceGetMetadata' (RHEL-144090) +- virDomainSnapshotDefAssignExternalNames: Improve error message (RHEL-144090) +- qemuSnapshotUpdateBackingStore: Retry as curent user if qemu-img fails (RHEL-144090) + * Tue Jan 13 2026 Jiri Denemark - 11.10.0-3 - util: json: Increase JSON nesting limit when parsing to 300 (RHEL-135128) - virjsontest: Add test for nesting depth (RHEL-135128)