diff --git a/Don-t-require-secdrivers-to-implement-.domainMoveIma.patch b/Don-t-require-secdrivers-to-implement-.domainMoveIma.patch new file mode 100644 index 0000000000000000000000000000000000000000..8cb380e58f8e543732c03f31db436ec89e2e6454 --- /dev/null +++ b/Don-t-require-secdrivers-to-implement-.domainMoveIma.patch @@ -0,0 +1,42 @@ +From bfde8ecd49d09f4690c5d309d95c0371fcb82636 Mon Sep 17 00:00:00 2001 +From: Michal Privoznik +Date: Mon, 18 May 2020 10:07:30 +0200 +Subject: [PATCH] Don't require secdrivers to implement + .domainMoveImageMetadata + +The AppArmor secdriver does not use labels to grant access to +resources. Therefore, it doesn't use XATTRs and hence it lacks +implementation of .domainMoveImageMetadata callback. This leads +to a harmless but needless error message appearing in the logs: + + virSecurityManagerMoveImageMetadata:476 : this function is not + supported by the connection driver: virSecurityManagerMoveImageMetadata + +Closes: https://gitlab.com/libvirt/libvirt/-/issues/25 + +cherry-pick from commit: cc8c297e473afd55e5d8e35e18345d8df176059d + +Signed-off-by: Michal Privoznik +Reviewed-by: Erik Skultety +Signed-off-by: Jin Yan +--- + src/security/security_manager.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/security/security_manager.c b/src/security/security_manager.c +index fe032746ff..1445291410 100644 +--- a/src/security/security_manager.c ++++ b/src/security/security_manager.c +@@ -473,8 +473,7 @@ virSecurityManagerMoveImageMetadata(virSecurityManagerPtr mgr, + return ret; + } + +- virReportUnsupportedError(); +- return -1; ++ return 0; + } + + +-- +2.23.0 + diff --git a/Fix-some-wrong-usage-of-ATTRIBUTE_NONNULL.patch b/Fix-some-wrong-usage-of-ATTRIBUTE_NONNULL.patch new file mode 100644 index 0000000000000000000000000000000000000000..00872b9d398bceeaba227fedf7fe5413776161e3 --- /dev/null +++ b/Fix-some-wrong-usage-of-ATTRIBUTE_NONNULL.patch @@ -0,0 +1,56 @@ +From 116115cdd9f8b8b150356f3f64d4e57e4357ecca Mon Sep 17 00:00:00 2001 +From: Bihong Yu +Date: Sat, 6 Jun 2020 18:52:35 +0800 +Subject: [PATCH] Fix some wrong usage of ATTRIBUTE_NONNULL() + +The virStateInitialize() function has ATTRIBUTE_NONNULL() +referring to @root argument (incorrectly anyway) but in +daemonRunStateInit() NULL is passed in anyway. + +Then there is virCommandAddArgPair() which also has +ATTRIBUTE_NONNULL() for one of its arguments and then checks the +argument for being NULL anyways. + +cherry-pick from commit: 2a372a5ad5fab3bf26fb9bea019d38fa04ba8b34 + +Signed-off-by:Bihong Yu +Reviewed-by:Chuan Zheng +Signed-off-by: Michal Privoznik +Reviewed-by: Michal Privoznik +Signed-off-by: Jin Yan +--- + src/libvirt_internal.h | 3 +-- + src/util/vircommand.h | 3 +-- + 2 files changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/libvirt_internal.h b/src/libvirt_internal.h +index 00ef7aaf25..72c61274a7 100644 +--- a/src/libvirt_internal.h ++++ b/src/libvirt_internal.h +@@ -33,8 +33,7 @@ int virStateInitialize(bool privileged, + bool mandatory, + const char *root, + virStateInhibitCallback inhibit, +- void *opaque) +- ATTRIBUTE_NONNULL(2); ++ void *opaque); + int virStateCleanup(void); + int virStateReload(void); + int virStateStop(void); +diff --git a/src/util/vircommand.h b/src/util/vircommand.h +index 9086f9a90c..4e6cb0ac0d 100644 +--- a/src/util/vircommand.h ++++ b/src/util/vircommand.h +@@ -128,8 +128,7 @@ void virCommandAddArgFormat(virCommandPtr cmd, + + void virCommandAddArgPair(virCommandPtr cmd, + const char *name, +- const char *val) +- ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); ++ const char *val); + + void virCommandAddArgSet(virCommandPtr cmd, + const char *const*vals) ATTRIBUTE_NONNULL(2); +-- +2.23.0 + diff --git a/Substitute-security_context_t-with-char.patch b/Substitute-security_context_t-with-char.patch new file mode 100644 index 0000000000000000000000000000000000000000..77a26aaa6b4c8a9859a56cc3315205f23a53f324 --- /dev/null +++ b/Substitute-security_context_t-with-char.patch @@ -0,0 +1,320 @@ +From dc5bfcec3c97d7cc065483a7a567e64ed805edb4 Mon Sep 17 00:00:00 2001 +From: Xu Yandong +Date: Tue, 4 Aug 2020 01:44:48 +0000 +Subject: [PATCH] Substitute security_context_t with char * + +Historically, we've used security_context_t for variables passed +to libselinux APIs. But almost 7 years ago, libselinux developers +admitted in their API that in fact, it's just a 'char *' type +[1]. Ever since then the APIs accept 'char *' instead, but they +kept the old alias just for API stability. Well, not anymore [2]. + +1: https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 +2: https://github.com/SELinuxProject/selinux/commit/7a124ca2758136f49cc38efc26fb1a2d385ecfd9 + +Signed-off-by: Michal Privoznik +Reviewed-by: Andrea Bolognani +(cherry-picked from commit e71e13488dc1aa65456e54a4b41bc925821b4263) +Signed-off-by: Xu Yandong +--- + src/libvirt-lxc.c | 2 +- + src/rpc/virnetsocket.c | 2 +- + src/security/security_selinux.c | 26 +++++++++++++------------- + src/storage/storage_util.c | 2 +- + src/util/viridentity.c | 2 +- + tests/securityselinuxhelper.c | 16 ++++++++-------- + tests/securityselinuxlabeltest.c | 4 ++-- + tests/securityselinuxtest.c | 2 +- + tests/viridentitytest.c | 2 +- + 9 files changed, 29 insertions(+), 29 deletions(-) + +diff --git a/src/libvirt-lxc.c b/src/libvirt-lxc.c +index 47a06a39f2..25f1cfc5f7 100644 +--- a/src/libvirt-lxc.c ++++ b/src/libvirt-lxc.c +@@ -204,7 +204,7 @@ virDomainLxcEnterSecurityLabel(virSecurityModelPtr model, + if (STREQ(model->model, "selinux")) { + #ifdef WITH_SELINUX + if (oldlabel) { +- security_context_t ctx; ++ char *ctx; + + if (getcon(&ctx) < 0) { + virReportSystemError(errno, +diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c +index 6c790cb577..553728984b 100644 +--- a/src/rpc/virnetsocket.c ++++ b/src/rpc/virnetsocket.c +@@ -1595,7 +1595,7 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock G_GNUC_UNUSED, + int virNetSocketGetSELinuxContext(virNetSocketPtr sock, + char **context) + { +- security_context_t seccon = NULL; ++ char *seccon = NULL; + int ret = -1; + + *context = NULL; +diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c +index 8aeb6e45a5..72d1658e05 100644 +--- a/src/security/security_selinux.c ++++ b/src/security/security_selinux.c +@@ -198,7 +198,7 @@ virSecuritySELinuxTransactionAppend(const char *path, + + static int + virSecuritySELinuxRememberLabel(const char *path, +- const security_context_t con) ++ const char *con) + { + return virSecuritySetRememberedLabel(SECURITY_SELINUX_NAME, + path, con); +@@ -207,7 +207,7 @@ virSecuritySELinuxRememberLabel(const char *path, + + static int + virSecuritySELinuxRecallLabel(const char *path, +- security_context_t *con) ++ char **con) + { + int rv; + +@@ -431,7 +431,7 @@ virSecuritySELinuxMCSGetProcessRange(char **sens, + int *catMin, + int *catMax) + { +- security_context_t ourSecContext = NULL; ++ char *ourSecContext = NULL; + context_t ourContext = NULL; + char *cat = NULL; + char *tmp; +@@ -530,8 +530,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens, + } + + static char * +-virSecuritySELinuxContextAddRange(security_context_t src, +- security_context_t dst) ++virSecuritySELinuxContextAddRange(char *src, ++ char *dst) + { + char *str = NULL; + char *ret = NULL; +@@ -575,7 +575,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext, + context_t context = NULL; + char *ret = NULL; + char *str; +- security_context_t ourSecContext = NULL; ++ char *ourSecContext = NULL; + context_t ourContext = NULL; + + VIR_DEBUG("basecontext=%s mcs=%s isObjectContext=%d", +@@ -967,7 +967,7 @@ virSecuritySELinuxReserveLabel(virSecurityManagerPtr mgr, + virDomainDefPtr def, + pid_t pid) + { +- security_context_t pctx; ++ char *pctx; + context_t ctx = NULL; + const char *mcs; + int rv; +@@ -1217,7 +1217,7 @@ virSecuritySELinuxGetProcessLabel(virSecurityManagerPtr mgr G_GNUC_UNUSED, + pid_t pid, + virSecurityLabelPtr sec) + { +- security_context_t ctx; ++ char *ctx; + + if (getpidcon_raw(pid, &ctx) == -1) { + virReportSystemError(errno, +@@ -1330,7 +1330,7 @@ virSecuritySELinuxSetFilecon(virSecurityManagerPtr mgr, + bool remember) + { + bool privileged = virSecurityManagerGetPrivileged(mgr); +- security_context_t econ = NULL; ++ char *econ = NULL; + int refcount; + int rc; + bool rollback = false; +@@ -1440,7 +1440,7 @@ virSecuritySELinuxFSetFilecon(int fd, char *tcon) + /* Set fcon to the appropriate label for path and mode, or return -1. */ + static int + getContext(virSecurityManagerPtr mgr G_GNUC_UNUSED, +- const char *newpath, mode_t mode, security_context_t *fcon) ++ const char *newpath, mode_t mode, char **fcon) + { + virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr); + +@@ -1457,7 +1457,7 @@ virSecuritySELinuxRestoreFileLabel(virSecurityManagerPtr mgr, + { + bool privileged = virSecurityManagerGetPrivileged(mgr); + struct stat buf; +- security_context_t fcon = NULL; ++ char *fcon = NULL; + char *newpath = NULL; + int rc; + int ret = -1; +@@ -2972,7 +2972,7 @@ virSecuritySELinuxSetDaemonSocketLabel(virSecurityManagerPtr mgr G_GNUC_UNUSED, + { + /* TODO: verify DOI */ + virSecurityLabelDefPtr secdef; +- security_context_t scon = NULL; ++ char *scon = NULL; + char *str = NULL; + int rc = -1; + +@@ -3259,7 +3259,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr, + int fd) + { + struct stat buf; +- security_context_t fcon = NULL; ++ char *fcon = NULL; + virSecurityLabelDefPtr secdef; + char *str = NULL, *proc = NULL, *fd_path = NULL; + int rc = -1; +diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c +index 1ec1d13625..4c67d3a4b1 100644 +--- a/src/storage/storage_util.c ++++ b/src/storage/storage_util.c +@@ -1818,7 +1818,7 @@ virStorageBackendUpdateVolTargetInfoFD(virStorageSourcePtr target, + struct stat *sb) + { + #if WITH_SELINUX +- security_context_t filecon = NULL; ++ char *filecon = NULL; + #endif + + if (virStorageSourceUpdateBackingSizes(target, fd, sb) < 0) +diff --git a/src/util/viridentity.c b/src/util/viridentity.c +index 8cc2db2568..2cb9042a84 100644 +--- a/src/util/viridentity.c ++++ b/src/util/viridentity.c +@@ -157,7 +157,7 @@ virIdentityPtr virIdentityGetSystem(void) + unsigned long long startTime; + g_autoptr(virIdentity) ret = NULL; + #if WITH_SELINUX +- security_context_t con; ++ char *con; + #endif + + if (!(ret = virIdentityNew())) +diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c +index f89224c07a..63b57261da 100644 +--- a/tests/securityselinuxhelper.c ++++ b/tests/securityselinuxhelper.c +@@ -58,7 +58,7 @@ static struct selabel_handle *(*real_selabel_open)(unsigned int backend, + unsigned nopts); + static void (*real_selabel_close)(struct selabel_handle *handle); + static int (*real_selabel_lookup_raw)(struct selabel_handle *handle, +- security_context_t *con, ++ char **con, + const char *key, + int type); + +@@ -94,7 +94,7 @@ static void init_syms(void) + * the virt_use_nfs bool is set. + */ + +-int getcon_raw(security_context_t *context) ++int getcon_raw(char **context) + { + if (!is_selinux_enabled()) { + errno = EINVAL; +@@ -109,12 +109,12 @@ int getcon_raw(security_context_t *context) + return 0; + } + +-int getcon(security_context_t *context) ++int getcon(char **context) + { + return getcon_raw(context); + } + +-int getpidcon_raw(pid_t pid, security_context_t *context) ++int getpidcon_raw(pid_t pid, char **context) + { + if (!is_selinux_enabled()) { + errno = EINVAL; +@@ -134,7 +134,7 @@ int getpidcon_raw(pid_t pid, security_context_t *context) + return 0; + } + +-int getpidcon(pid_t pid, security_context_t *context) ++int getpidcon(pid_t pid, char **context) + { + return getpidcon_raw(pid, context); + } +@@ -170,7 +170,7 @@ int setfilecon(const char *path, const char *con) + return setfilecon_raw(path, con); + } + +-int getfilecon_raw(const char *path, security_context_t *con) ++int getfilecon_raw(const char *path, char **con) + { + char *constr = NULL; + ssize_t len = getxattr(path, "user.libvirt.selinux", +@@ -194,7 +194,7 @@ int getfilecon_raw(const char *path, security_context_t *con) + } + + +-int getfilecon(const char *path, security_context_t *con) ++int getfilecon(const char *path, char **con) + { + return getfilecon_raw(path, con); + } +@@ -315,7 +315,7 @@ void selabel_close(struct selabel_handle *handle) + } + + int selabel_lookup_raw(struct selabel_handle *handle, +- security_context_t *con, ++ char **con, + const char *key, + int type) + { +diff --git a/tests/securityselinuxlabeltest.c b/tests/securityselinuxlabeltest.c +index 3040a36693..50b447c163 100644 +--- a/tests/securityselinuxlabeltest.c ++++ b/tests/securityselinuxlabeltest.c +@@ -252,7 +252,7 @@ static int + testSELinuxCheckLabels(testSELinuxFile *files, size_t nfiles) + { + size_t i; +- security_context_t ctx; ++ char *ctx; + + for (i = 0; i < nfiles; i++) { + ctx = NULL; +@@ -360,7 +360,7 @@ mymain(void) + if (virTestRun("Labelling " # name, testSELinuxLabeling, name) < 0) \ + ret = -1; + +- setcon((security_context_t)"system_r:system_u:libvirtd_t:s0:c0.c1023"); ++ setcon("system_r:system_u:libvirtd_t:s0:c0.c1023"); + + DO_TEST_LABELING("disks"); + DO_TEST_LABELING("kernel"); +diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c +index 6c8314de6b..3f069c2d6b 100644 +--- a/tests/securityselinuxtest.c ++++ b/tests/securityselinuxtest.c +@@ -217,7 +217,7 @@ testSELinuxGenLabel(const void *opaque) + context_t con = NULL; + context_t imgcon = NULL; + +- if (setcon_raw((security_context_t)data->pidcon) < 0) { ++ if (setcon_raw(data->pidcon) < 0) { + perror("Cannot set process security context"); + return -1; + } +diff --git a/tests/viridentitytest.c b/tests/viridentitytest.c +index 3f87af1c3b..9a8c8914d3 100644 +--- a/tests/viridentitytest.c ++++ b/tests/viridentitytest.c +@@ -120,7 +120,7 @@ static int testIdentityGetSystem(const void *data) + static int testSetFakeSELinuxContext(const void *data G_GNUC_UNUSED) + { + #if WITH_SELINUX +- return setcon_raw((security_context_t)data); ++ return setcon_raw(data); + #else + VIR_DEBUG("libvirt not compiled with SELinux, skipping this test"); + return EXIT_AM_SKIP; +-- +2.23.0 + diff --git a/conf-Don-t-format-http-cookies-unless-VIR_DOMAIN_DEF.patch b/conf-Don-t-format-http-cookies-unless-VIR_DOMAIN_DEF.patch new file mode 100644 index 0000000000000000000000000000000000000000..81e9d764dc13421684c23b5d3fd21860df96c6e1 --- /dev/null +++ b/conf-Don-t-format-http-cookies-unless-VIR_DOMAIN_DEF.patch @@ -0,0 +1,53 @@ +From 6df0bc6f56a76c20a382b8fe6d0afff1051a4077 Mon Sep 17 00:00:00 2001 +From: Xu Yandong +Date: Tue, 4 Aug 2020 08:40:36 +0000 +Subject: [PATCH] conf: Don't format http cookies unless + VIR_DOMAIN_DEF_FORMAT_SECURE is used + +Starting with 3b076391befc3fe72deb0c244ac6c2b4c100b410 +(v6.1.0-122-g3b076391be) we support http cookies. Since they may contain +somewhat sensitive information we should not format them into the XML +unless VIR_DOMAIN_DEF_FORMAT_SECURE is asserted. + +Reported-by: Han Han +Signed-off-by: Peter Krempa +Reviewed-by: Erik Skultety +(cherry-picked from commit a5b064bf4b17a9884d7d361733737fb614ad8979) +Signed-off-by: Xu Yandong +--- + src/conf/domain_conf.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c +index 914e03c705..cf93a591f4 100644 +--- a/src/conf/domain_conf.c ++++ b/src/conf/domain_conf.c +@@ -24565,11 +24565,15 @@ virDomainSourceDefFormatSeclabel(virBufferPtr buf, + + static void + virDomainDiskSourceFormatNetworkCookies(virBufferPtr buf, +- virStorageSourcePtr src) ++ virStorageSourcePtr src, ++ unsigned int flags) + { + g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf); + size_t i; + ++ if (!(flags & VIR_DOMAIN_DEF_FORMAT_SECURE)) ++ return; ++ + for (i = 0; i < src->ncookies; i++) { + virBufferEscapeString(&childBuf, "", src->cookies[i]->name); + virBufferEscapeString(&childBuf, "%s\n", src->cookies[i]->value); +@@ -24630,7 +24634,7 @@ virDomainDiskSourceFormatNetwork(virBufferPtr attrBuf, + virTristateBoolTypeToString(src->sslverify)); + } + +- virDomainDiskSourceFormatNetworkCookies(childBuf, src); ++ virDomainDiskSourceFormatNetworkCookies(childBuf, src, flags); + + if (src->readahead) + virBufferAsprintf(childBuf, "\n", src->readahead); +-- +2.23.0 + diff --git a/conf-Increase-cpuset-length-limit-for-CPU-pinning.patch b/conf-Increase-cpuset-length-limit-for-CPU-pinning.patch new file mode 100644 index 0000000000000000000000000000000000000000..9033a406fbdde32c5e8e2bbe131e9794b2209861 --- /dev/null +++ b/conf-Increase-cpuset-length-limit-for-CPU-pinning.patch @@ -0,0 +1,33 @@ +From 45607ee0b646aa9d96fd886394018a00b2817559 Mon Sep 17 00:00:00 2001 +From: Jiri Denemark +Date: Thu, 11 Jun 2020 13:53:27 +0200 +Subject: [PATCH] conf: Increase cpuset length limit for CPU pinning + +Domains are now allowed to be pinned to host CPUs with IDs up to 16383. +The new limit is as arbitrary as the old one. It's just bigger. + +cherry-pick from commit: e728ffba5119cfb1488aa7363fef596940449f50 + +Signed-off-by: Jiri Denemark +Reviewed-by: Michal Privoznik +Signed-off-by: Jin Yan +--- + src/conf/domain_conf.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h +index a40773a0f4..16e625331c 100644 +--- a/src/conf/domain_conf.h ++++ b/src/conf/domain_conf.h +@@ -2241,7 +2241,7 @@ struct _virDomainHugePage { + unsigned long long size; /* hugepage size in KiB */ + }; + +-#define VIR_DOMAIN_CPUMASK_LEN 1024 ++#define VIR_DOMAIN_CPUMASK_LEN 16384 + + struct _virDomainIOThreadIDDef { + bool autofill; +-- +2.23.0 + diff --git a/conf-vmx-check-for-OOM-after-calling-xmlBufferCreate.patch b/conf-vmx-check-for-OOM-after-calling-xmlBufferCreate.patch new file mode 100644 index 0000000000000000000000000000000000000000..f1caef42e50ef8f0e5a1e3cb926d18141eae5cba --- /dev/null +++ b/conf-vmx-check-for-OOM-after-calling-xmlBufferCreate.patch @@ -0,0 +1,100 @@ +From e2c3676e4a44ee3ca4b0f9f3c1a9c4e919facdd9 Mon Sep 17 00:00:00 2001 +From: Laine Stump +Date: Thu, 18 Jun 2020 12:49:09 -0400 +Subject: [PATCH] conf, vmx: check for OOM after calling xmlBufferCreate() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Although libvirt itself uses g_malloc0() and friends, which exit when +there isn't enouogh memory, libxml2 uses standard malloc(), which just +returns NULL on OOM - this means we must check for NULL on return from +any libxml2 functions that allocate memory. + +xmlBufferCreate(), for example, might return NULL, and we don't always +check for it. This patch adds checks where it isn't already done. + +(NB: Although libxml2 has a provision for changing behavior on OOM (by +calling xmlMemSetup() to change what functions are used to +allocating/freeing memory), we can't use that, since parts of libvirt +code end up in libvirt.so, which is linked and called directly by +applications that may themselves use libxml2 (and may have already set +their own alternate malloc()), e.g. drivers like esx which live totally +in the library rather than a separate process.) + +cherry pick from: b7a92bce070fd57844a59bf8b1c30cb4ef4f3acd + +Signed-off-by: Laine Stump +Reviewed-by: Ján Tomko +--- + src/conf/domain_conf.c | 6 +++++- + src/conf/network_conf.c | 6 +++++- + src/vmx/vmx.c | 11 +++++++---- + 3 files changed, 17 insertions(+), 6 deletions(-) + +diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c +index 6192c08545..c51c613673 100644 +--- a/src/conf/domain_conf.c ++++ b/src/conf/domain_conf.c +@@ -29027,7 +29027,11 @@ virDomainDefFormatInternalSetRootName(virDomainDefPtr def, + * Thankfully, libxml maps what looks like globals into + * thread-local uses, so we are thread-safe. */ + xmlIndentTreeOutput = 1; +- xmlbuf = xmlBufferCreate(); ++ if (!(xmlbuf = xmlBufferCreate())) { ++ virReportOOMError(); ++ goto error; ++ } ++ + if (xmlNodeDump(xmlbuf, def->metadata->doc, def->metadata, + virBufferGetIndent(buf) / 2, 1) < 0) { + xmlBufferFree(xmlbuf); +diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c +index 819b645df7..c379042241 100644 +--- a/src/conf/network_conf.c ++++ b/src/conf/network_conf.c +@@ -2478,7 +2478,11 @@ virNetworkDefFormatBuf(virBufferPtr buf, + * Thankfully, libxml maps what looks like globals into + * thread-local uses, so we are thread-safe. */ + xmlIndentTreeOutput = 1; +- xmlbuf = xmlBufferCreate(); ++ if (!(xmlbuf = xmlBufferCreate())) { ++ virReportOOMError(); ++ return -1; ++ } ++ + if (xmlNodeDump(xmlbuf, def->metadata->doc, def->metadata, + virBufferGetIndent(buf) / 2, 1) < 0) { + xmlBufferFree(xmlbuf); +diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c +index b1fd1181eb..fbc8366f2b 100644 +--- a/src/vmx/vmx.c ++++ b/src/vmx/vmx.c +@@ -697,8 +697,8 @@ virVMXConvertToUTF8(const char *encoding, const char *string) + { + char *result = NULL; + xmlCharEncodingHandlerPtr handler; +- xmlBufferPtr input; +- xmlBufferPtr utf8; ++ xmlBufferPtr input = NULL; ++ xmlBufferPtr utf8 = NULL; + + handler = xmlFindCharEncodingHandler(encoding); + +@@ -708,8 +708,11 @@ virVMXConvertToUTF8(const char *encoding, const char *string) + return NULL; + } + +- input = xmlBufferCreateStatic((char *)string, strlen(string)); +- utf8 = xmlBufferCreate(); ++ if (!(input = xmlBufferCreateStatic((char *)string, strlen(string))) || ++ !(utf8 = xmlBufferCreate())) { ++ virReportOOMError(); ++ goto cleanup; ++ } + + if (xmlCharEncInFunc(handler, utf8, input) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, +-- +2.23.0 + diff --git a/leaseshelper-Report-more-errors.patch b/leaseshelper-Report-more-errors.patch new file mode 100644 index 0000000000000000000000000000000000000000..b98f9abfb6618449acc1856b63cc3236ec59c264 --- /dev/null +++ b/leaseshelper-Report-more-errors.patch @@ -0,0 +1,66 @@ +From 49c31f5015f9d31f57a0088e320f577f5e495275 Mon Sep 17 00:00:00 2001 +From: Michal Privoznik +Date: Mon, 15 Jun 2020 12:53:48 +0200 +Subject: [PATCH] leaseshelper: Report more errors +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some functions or code paths that may fail don't report error +(e.g. when acquiring PID file fails) leading to a silent quit +of the leaseshelper. This makes it super hard for us and users +to debug what is happening. Fortunately, dnsmasq captures both +stdout and stderr so we can write an error message there. + +cherry pick from: 9ed345ac1a035c8cf1de37431de638f4bac41de3 + +Signed-off-by: Michal Privoznik +Reviewed-by: Daniel P. Berrangé +--- + src/network/leaseshelper.c | 18 ++++++++++++++---- + 1 file changed, 14 insertions(+), 4 deletions(-) + +diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c +index 86c847db6d..2b5fc0f442 100644 +--- a/src/network/leaseshelper.c ++++ b/src/network/leaseshelper.c +@@ -131,8 +131,10 @@ main(int argc, char **argv) + * events for expired leases. So, libvirtd sets another env var for this + * purpose */ + if (!interface && +- !(interface = getenv("VIR_BRIDGE_NAME"))) +- goto cleanup; ++ !(interface = getenv("VIR_BRIDGE_NAME"))) { ++ fprintf(stderr, _("interface not set\n")); ++ exit(EXIT_FAILURE); ++ } + + ip = argv[3]; + mac = argv[2]; +@@ -160,13 +162,21 @@ main(int argc, char **argv) + pid_file = g_strdup(RUNSTATEDIR "/leaseshelper.pid"); + + /* Try to claim the pidfile, exiting if we can't */ +- if ((pid_file_fd = virPidFileAcquirePath(pid_file, true, getpid())) < 0) ++ if ((pid_file_fd = virPidFileAcquirePath(pid_file, true, getpid())) < 0) { ++ fprintf(stderr, ++ _("Unable to acquire PID file: %s\n errno=%d"), ++ pid_file, errno); + goto cleanup; ++ } + + /* Since interfaces can be hot plugged, we need to make sure that the + * corresponding custom lease file exists. If not, 'touch' it */ +- if (virFileTouch(custom_lease_file, 0644) < 0) ++ if (virFileTouch(custom_lease_file, 0644) < 0) { ++ fprintf(stderr, ++ _("Unable to create: %s\n errno=%d"), ++ custom_lease_file, errno); + goto cleanup; ++ } + + switch ((enum virLeaseActionFlags) action) { + case VIR_LEASE_ACTION_ADD: +-- +2.23.0 + diff --git a/leaseshelper-Wait-to-acquire-PID-file.patch b/leaseshelper-Wait-to-acquire-PID-file.patch new file mode 100644 index 0000000000000000000000000000000000000000..c8ada651e0bd9ffa54baa3a6a68a6b1aa7f6cb0c --- /dev/null +++ b/leaseshelper-Wait-to-acquire-PID-file.patch @@ -0,0 +1,45 @@ +From ec9da8b78bbfcc77ed14739d10464cb350b6054f Mon Sep 17 00:00:00 2001 +From: Michal Privoznik +Date: Thu, 11 Jun 2020 16:43:22 +0200 +Subject: [PATCH] leaseshelper: Wait to acquire PID file +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +On a DHCP transaction, dnsmasq runs our leases helper which +updates corresponding JSON files. While one dnsmasq won't run the +leaseshelper in parallel, two dnsmasqs (from two distinct +networks) might. To avoid corrupting JSON file, the leaseshelper +acquires PID file first. Well, the way it's acquiring it is not +ideal - it calls virPidFileAcquirePath(wait = false); which +means, that either it acquires the PID file instantly or returns +an error and does not touch the JSON at all. This in turn means +that there might be a leases record missing. With wait = true, +this won't happen. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1840307 + +cherry pick from: 876211ef4a192df1603b45715044ec14567d7e9f + +Signed-off-by: Michal Privoznik +Reviewed-by: Daniel P. Berrangé +--- + src/network/leaseshelper.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c +index a1780ca4e4..86c847db6d 100644 +--- a/src/network/leaseshelper.c ++++ b/src/network/leaseshelper.c +@@ -160,7 +160,7 @@ main(int argc, char **argv) + pid_file = g_strdup(RUNSTATEDIR "/leaseshelper.pid"); + + /* Try to claim the pidfile, exiting if we can't */ +- if ((pid_file_fd = virPidFileAcquirePath(pid_file, false, getpid())) < 0) ++ if ((pid_file_fd = virPidFileAcquirePath(pid_file, true, getpid())) < 0) + goto cleanup; + + /* Since interfaces can be hot plugged, we need to make sure that the +-- +2.23.0 + diff --git a/libvirt-support-aarch64-vtpm-with-parameter-tpm-tis-.patch b/libvirt-support-aarch64-vtpm-with-parameter-tpm-tis-.patch index 34488d6138cb0a3dc0f792120a991c7969d654bd..14e08d6c6c5b8c8c0a55cb0d93d13fb7524d5c03 100644 --- a/libvirt-support-aarch64-vtpm-with-parameter-tpm-tis-.patch +++ b/libvirt-support-aarch64-vtpm-with-parameter-tpm-tis-.patch @@ -1,4 +1,4 @@ -From 959bbbafc3ba59e2aa00b83c88fa84a32d500def Mon Sep 17 00:00:00 2001 +From 51371f5f174cfeaeb28478aed9c85251804fe015 Mon Sep 17 00:00:00 2001 From: jiangfangjie Date: Wed, 5 Aug 2020 12:54:43 +0800 Subject: [PATCH] libvirt: support aarch64 vtpm with parameter tpm-tis-device @@ -13,7 +13,7 @@ Signed-off-by: jiangfangjie 5 files changed, 16 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c -index cf93a59..6192c08 100644 +index cf93a591f4..6192c08545 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1140,6 +1140,7 @@ VIR_ENUM_IMPL(virDomainTPMModel, @@ -25,7 +25,7 @@ index cf93a59..6192c08 100644 VIR_ENUM_IMPL(virDomainTPMBackend, diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h -index 33875d9..a40773a 100644 +index 33875d942f..a40773a0f4 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -1274,6 +1274,7 @@ typedef enum { @@ -37,7 +37,7 @@ index 33875d9..a40773a 100644 VIR_DOMAIN_TPM_MODEL_LAST } virDomainTPMModel; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c -index 73a8856..18bf37b 100644 +index 73a8856f34..18bf37b569 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -568,6 +568,9 @@ VIR_ENUM_IMPL(virQEMUCaps, @@ -70,7 +70,7 @@ index 73a8856..18bf37b 100644 static int diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h -index 51ec1a5..8e16fc0 100644 +index 51ec1a5165..8e16fc0e78 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -549,6 +549,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */ @@ -84,7 +84,7 @@ index 51ec1a5..8e16fc0 100644 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c -index dd48b6f..b1a4647 100644 +index dd48b6fff3..b1a46478ed 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -8118,6 +8118,9 @@ qemuDomainDeviceDefValidateTPM(virDomainTPMDef *tpm, diff --git a/libvirt.spec b/libvirt.spec index bc5e82fef3495f9dcd19ddb53f2b77eaf8a5c2a1..9dee5abad68161c3239942acf3fd6c064c5f6e41 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -99,7 +99,7 @@ Summary: Library providing a simple virtualization API Name: libvirt Version: 6.2.0 -Release: 13 +Release: 14 License: LGPLv2+ URL: https://libvirt.org/ @@ -164,6 +164,46 @@ Patch0053: qemuDomainDefPostParse-Fail-if-unable-to-fill-machin.patch Patch0054: virNetDevGetFamilyId-Change-signature.patch Patch0055: virNetDevSwitchdevFeature-Make-failure-to-get-family.patch Patch0056: qemuDomainGetUnplugTimeout-Add-G_GNUC_NO_INLINE.patch +Patch0057: tests-commandtest-skip-the-test4-if-the-testcase-is-.patch +Patch0058: Substitute-security_context_t-with-char.patch +Patch0059: conf-Don-t-format-http-cookies-unless-VIR_DOMAIN_DEF.patch +Patch0060: virstoragetest-testBackingParse-Use-VIR_DOMAIN_DEF_F.patch +Patch0061: libvirt-support-aarch64-vtpm-with-parameter-tpm-tis-.patch +Patch0062: remote-fix-driver-name-check-for-libxl-driver.patch +Patch0063: systemd-start-libvirtd-after-firewalld-iptables-serv.patch +Patch0064: qemuDomainCleanupRun-Actually-run-cleanup-callbacks-.patch +Patch0065: virDevMapperGetTargetsImpl-quit-early-if-device-is-n.patch +Patch0066: qemu-only-stop-external-devices-after-the-domain.patch +Patch0067: qemuDomainStorageSourcePrivateDispose-Free-httpcooki.patch +Patch0068: Don-t-require-secdrivers-to-implement-.domainMoveIma.patch +Patch0069: qemuProcessStop-Use-XATTRs-to-restore-seclabels-on-d.patch +Patch0070: qemuProcessStop-Reattach-NVMe-disks-a-domain-is-mirr.patch +Patch0071: security-don-t-fail-if-built-without-attr-support.patch +Patch0072: qemu-Skip-pre-creation-of-NVMe-disks.patch +Patch0073: Fix-some-wrong-usage-of-ATTRIBUTE_NONNULL.patch +Patch0074: conf-Increase-cpuset-length-limit-for-CPU-pinning.patch +Patch0075: virQEMUDriverConfigNew-Add-slash-to-cfg-defaultTLSx5.patch +Patch0076: qemuDomainSetNumaParamsLive-set-nodeset-for-root-cgr.patch +Patch0077: qemu-do-not-add-model-when-actual-iface-type-is-host.patch +Patch0078: qemu-pre-create-the-dbus-directory-in-qemuStateIniti.patch +Patch0079: conf-vmx-check-for-OOM-after-calling-xmlBufferCreate.patch +Patch0080: leaseshelper-Wait-to-acquire-PID-file.patch +Patch0081: leaseshelper-Report-more-errors.patch +Patch0082: qemuBuildMemoryBackendProps-Use-boolean-type-for-pme.patch +Patch0083: qemu-format-ramfb-attribute-for-mediated-devices.patch +Patch0084: resctrl-Do-not-open-directory-for-writing.patch +Patch0085: libxl-fix-crash-when-initializing-driver.patch +Patch0086: util-fix-iteration-in-virSocketAddrResolveService.patch +Patch0087: qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch +Patch0088: qemu-Revoke-access-to-mirror-on-failed-blockcopy.patch +Patch0089: qemuDomainDefPostParse-Fail-if-unable-to-fill-machin.patch +Patch0090: virNetDevGetFamilyId-Change-signature.patch +Patch0091: virNetDevSwitchdevFeature-Make-failure-to-get-family.patch +Patch0092: qemuDomainGetUnplugTimeout-Add-G_GNUC_NO_INLINE.patch +Patch0093: rpc-gendispatch-handle-empty-flags.patch +Patch0094: rpc-add-support-for-filtering-acls-by-uint-params.patch +Patch0095: rpc-require-write-acl-for-guest-agent-in-virDomainIn.patch +Patch0096: qemu-agent-set-ifname-to-NULL-after-freeing.patch Requires: libvirt-daemon = %{version}-%{release} Requires: libvirt-daemon-config-network = %{version}-%{release} @@ -1896,6 +1936,52 @@ exit 0 %changelog +* Wed Oct 14 2020 Huawei Technologies Co., Ltd +- rpc: gendispatch: handle empty flags +- rpc: add support for filtering @acls by uint params +- rpc: require write acl for guest agent in virDomainInterfaceAddresses +- qemu: agent: set ifname to NULL after freeing + +* Thu Apr 23 2020 Huawei Technologies Co., Ltd +- Substitute security_context_t with char * +- conf: Don't format http cookies unless VIR_DOMAIN_DEF_FORMAT_SECURE is used +- virstoragetest: testBackingParse: Use VIR_DOMAIN_DEF_FORMAT_SECURE when formatting xml +- libvirt: support aarch64 vtpm with parameter tpm-tis-device +- remote: fix driver name check for libxl driver +- systemd: start libvirtd after firewalld/iptables services +- qemuDomainCleanupRun: Actually run cleanup callbacks in reverse order +- virDevMapperGetTargetsImpl: quit early if device is not a devmapper target +- qemu: only stop external devices after the domain +- qemuDomainStorageSourcePrivateDispose: Free httpcookie +- Don't require secdrivers to implement .domainMoveImageMetadata +- qemuProcessStop: Use XATTRs to restore seclabels on disks a domain is mirroring into +- qemuProcessStop: Reattach NVMe disks a domain is mirroring into +- security: don't fail if built without attr support +- qemu: Skip pre-creation of NVMe disks +- Fix some wrong usage of ATTRIBUTE_NONNULL() +- conf: Increase cpuset length limit for CPU pinning +- virQEMUDriverConfigNew: Add slash to cfg->defaultTLSx509certdir for non-embedded driver +- qemuDomainSetNumaParamsLive: set nodeset for root cgroup +- qemu: do not add model when actual iface type is hostdev +- qemu: pre-create the dbus directory in qemuStateInitialize +- conf, vmx: check for OOM after calling xmlBufferCreate() +- leaseshelper: Wait to acquire PID file +- leaseshelper: Report more errors +- qemuBuildMemoryBackendProps: Use boolean type for 'pmem' property +- qemu: format 'ramfb' attribute for mediated devices +- resctrl: Do not open directory for writing +- libxl: fix crash when initializing driver +- util: fix iteration in virSocketAddrResolveService +- qemu: fix hang in p2p + xbzrle compression + parallel migration +- qemu: Revoke access to mirror on failed blockcopy +- qemuDomainDefPostParse: Fail if unable to fill machine type +- virNetDevGetFamilyId: Change signature +- virNetDevSwitchdevFeature: Make failure to get 'family_id' non-fatal +- qemuDomainGetUnplugTimeout: Add G_GNUC_NO_INLINE + +* Wed Sep 16 2020 Huawei Technologies Co., Ltd +- tests/commandtest: skip the test4 if the testcase is run in the container env + * Tue Sep 22 2020 AlexChen - 6.2.0-13 - bugfix: cherry-pick some bugfix patches from opensource community * Tue Sep 22 2020 Hao Wang - 6.2.0-12 diff --git a/libxl-fix-crash-when-initializing-driver.patch b/libxl-fix-crash-when-initializing-driver.patch index 4d295c0435c4896aeda3057a0ec96123d11f745a..5d45f1378eaac1f5ff4c671b4ff49b0bd9f2f24a 100644 --- a/libxl-fix-crash-when-initializing-driver.patch +++ b/libxl-fix-crash-when-initializing-driver.patch @@ -1,7 +1,7 @@ -From 0e95f7b912055cf254b71b0b02dcb0acf7da3870 Mon Sep 17 00:00:00 2001 +From 12570517b88233230d640ef44a9812a2437bd77a Mon Sep 17 00:00:00 2001 From: Jim Fehlig Date: Fri, 3 Apr 2020 15:51:48 -0600 -Subject: [PATCH 1/8] libxl: fix crash when initializing driver +Subject: [PATCH] libxl: fix crash when initializing driver MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit diff --git a/qemu-Revoke-access-to-mirror-on-failed-blockcopy.patch b/qemu-Revoke-access-to-mirror-on-failed-blockcopy.patch index 2fadfadfc941a2478530240e7f49c876d8025efe..07f59fdebd90d0a65883881319d48858a8f8c7fd 100644 --- a/qemu-Revoke-access-to-mirror-on-failed-blockcopy.patch +++ b/qemu-Revoke-access-to-mirror-on-failed-blockcopy.patch @@ -1,7 +1,7 @@ -From 19d06bcb3c64662d5c131a035146d2caa8c5a437 Mon Sep 17 00:00:00 2001 +From 4e64a13e6402bf4293e3e237356dd5786783d1b3 Mon Sep 17 00:00:00 2001 From: Michal Privoznik Date: Tue, 14 Apr 2020 11:18:02 +0200 -Subject: [PATCH 4/8] qemu: Revoke access to mirror on failed blockcopy +Subject: [PATCH] qemu: Revoke access to mirror on failed blockcopy When preparing to do a blockcopy, the mirror image is modified so that QEMU can access it. For instance, the mirror has seclabels @@ -22,10 +22,10 @@ Signed-off-by: AlexChen 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c -index 8bc5368b2f..7162875492 100644 +index c8af44b738..a0f6df2490 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c -@@ -17972,6 +17972,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, +@@ -17983,6 +17983,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, virDomainDiskDefPtr disk = NULL; int ret = -1; bool need_unlink = false; @@ -33,7 +33,7 @@ index 8bc5368b2f..7162875492 100644 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); const char *format = NULL; bool mirror_reuse = !!(flags & VIR_DOMAIN_BLOCK_COPY_REUSE_EXT); -@@ -18146,6 +18147,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, +@@ -18157,6 +18158,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, if (qemuDomainStorageSourceChainAccessAllow(driver, vm, mirror) < 0) goto endjob; @@ -41,7 +41,7 @@ index 8bc5368b2f..7162875492 100644 if (blockdev) { if (mirror_reuse) { -@@ -18254,14 +18256,17 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, +@@ -18265,14 +18267,17 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm, endjob: if (ret < 0 && diff --git a/qemu-Skip-pre-creation-of-NVMe-disks.patch b/qemu-Skip-pre-creation-of-NVMe-disks.patch new file mode 100644 index 0000000000000000000000000000000000000000..662290a75dd03c668fb79eb481a37a512f15f2f4 --- /dev/null +++ b/qemu-Skip-pre-creation-of-NVMe-disks.patch @@ -0,0 +1,53 @@ +From 56e3bc6478ec8d51cd25b2f5ad93ad2ea1b0719d Mon Sep 17 00:00:00 2001 +From: Michal Privoznik +Date: Tue, 26 May 2020 16:26:25 +0200 +Subject: [PATCH] qemu: Skip pre-creation of NVMe disks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Upon migration with disks, libvirt determines if each disk exists +on the destination and tries to pre-create missing ones. Well, +NVMe disks can't be pre-created, but they can be checked for +presence. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1823639 + +cherry-pick from commit: a5a297f387fee9e9aa4cbc2df6788c330fd33ad1 + +Signed-off-by: Michal Privoznik +Reviewed-by: Ján Tomko +Signed-off-by: Jin Yan +--- + src/qemu/qemu_migration.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c +index 65b47ec657..3f4627bd39 100644 +--- a/src/qemu/qemu_migration.c ++++ b/src/qemu/qemu_migration.c +@@ -315,6 +315,7 @@ qemuMigrationDstPrecreateStorage(virDomainObjPtr vm, + for (i = 0; i < nbd->ndisks; i++) { + virDomainDiskDefPtr disk; + const char *diskSrcPath; ++ g_autofree char *nvmePath = NULL; + + VIR_DEBUG("Looking up disk target '%s' (capacity=%llu)", + nbd->disks[i].target, nbd->disks[i].capacity); +@@ -326,7 +327,12 @@ qemuMigrationDstPrecreateStorage(virDomainObjPtr vm, + goto cleanup; + } + +- diskSrcPath = virDomainDiskGetSource(disk); ++ if (disk->src->type == VIR_STORAGE_TYPE_NVME) { ++ virPCIDeviceAddressGetSysfsFile(&disk->src->nvme->pciAddr, &nvmePath); ++ diskSrcPath = nvmePath; ++ } else { ++ diskSrcPath = virDomainDiskGetSource(disk); ++ } + + /* Skip disks we don't want to migrate and already existing disks. */ + if (!qemuMigrationAnyCopyDisk(disk, nmigrate_disks, migrate_disks) || +-- +2.23.0 + diff --git a/qemu-agent-set-ifname-to-NULL-after-freeing.patch b/qemu-agent-set-ifname-to-NULL-after-freeing.patch new file mode 100644 index 0000000000000000000000000000000000000000..9498da5ffb3ac7139def8d63625c98d6f8e78887 --- /dev/null +++ b/qemu-agent-set-ifname-to-NULL-after-freeing.patch @@ -0,0 +1,33 @@ +From f759c367b48a25113ad5bde12f3951909a03bf22 Mon Sep 17 00:00:00 2001 +From: Jan Tomko +Date: Wed, 14 Oct 2020 17:23:54 +0800 +Subject: [PATCH] qemu: agent: set ifname to NULL after freeing + +CVE-2020-25637 + +Signed-off-by: Jan Tomko +Rported-by: Ilja Van Sprundel +Reviewed-by: Mauro Matteo Cascella +Reviewed-by: Jiri Denemark + +cherry-pick from commit a63b48c5ecef077bf0f909a85f453a605600cf05 +Signed-off-by: Jiajie Li +--- + src/qemu/qemu_agent.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c +index d7fcc869c6..31d3268d42 100644 +--- a/src/qemu/qemu_agent.c ++++ b/src/qemu/qemu_agent.c +@@ -2166,6 +2166,7 @@ qemuAgentGetInterfaces(qemuAgentPtr agent, + + /* Has to be freed for each interface. */ + virStringListFree(ifname); ++ ifname = NULL; + + /* as well as IP address which - moreover - + * can be presented multiple times */ +-- +2.23.0 + diff --git a/qemu-do-not-add-model-when-actual-iface-type-is-host.patch b/qemu-do-not-add-model-when-actual-iface-type-is-host.patch new file mode 100644 index 0000000000000000000000000000000000000000..43778dcf5db3430aebad0caea83a940e385a8aa1 --- /dev/null +++ b/qemu-do-not-add-model-when-actual-iface-type-is-host.patch @@ -0,0 +1,34 @@ +From 2c405ee2378c8f51d0e5c6bd0430a35d7ca5aef8 Mon Sep 17 00:00:00 2001 +From: Paulo de Rezende Pinatti +Date: Tue, 16 Jun 2020 16:32:10 +0200 +Subject: [PATCH] qemu: do not add model when actual iface type is hostdev + +No default model should be added to the interface +entry at post parse when its actual network type is hostdev +as doing so might cause a mismatch between the interface +definition and its actual device type. + +cherry-pick from commit: bdb8f2e41867ae5dbcc040909b1b8c20fd864a40 + +Signed-off-by: Paulo de Rezende Pinatti +Reviewed-by: Laine Stump +Signed-off-by: Jin Yan +--- + src/qemu/qemu_domain.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c +index 91c1a49efa..cfada815b1 100644 +--- a/src/qemu/qemu_domain.c ++++ b/src/qemu/qemu_domain.c +@@ -9334,6 +9334,7 @@ qemuDomainDeviceNetDefPostParse(virDomainNetDefPtr net, + virQEMUCapsPtr qemuCaps) + { + if (net->type != VIR_DOMAIN_NET_TYPE_HOSTDEV && ++ virDomainNetResolveActualType(net) != VIR_DOMAIN_NET_TYPE_HOSTDEV && + !virDomainNetGetModelString(net)) + net->model = qemuDomainDefaultNetModel(def, qemuCaps); + +-- +2.23.0 + diff --git a/qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch b/qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch index 5905cf7e4b592b275230d86aa2f05fe23d90eeca..5db7be726fe3a15b6c2ac4f741030d8784e089b6 100644 --- a/qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch +++ b/qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch @@ -1,7 +1,7 @@ -From f15935ea3b510bf0633dc2219a132412a7a8e96c Mon Sep 17 00:00:00 2001 +From c28dadb73409e84afc75512293131561ca5deddd Mon Sep 17 00:00:00 2001 From: Lin Ma Date: Thu, 16 Apr 2020 12:44:51 +0800 -Subject: [PATCH 3/8] qemu: fix hang in p2p + xbzrle compression + parallel +Subject: [PATCH] qemu: fix hang in p2p + xbzrle compression + parallel migration When we do parallel migration, The multifd-channels migration parameter diff --git a/qemu-format-ramfb-attribute-for-mediated-devices.patch b/qemu-format-ramfb-attribute-for-mediated-devices.patch new file mode 100644 index 0000000000000000000000000000000000000000..33b9453e4d923f1e0ba7b7d5ebbc9e8b1646df35 --- /dev/null +++ b/qemu-format-ramfb-attribute-for-mediated-devices.patch @@ -0,0 +1,107 @@ +From 710d16a2012c0ad134daae87838d85e9d4cb2330 Mon Sep 17 00:00:00 2001 +From: Jonathon Jongsma +Date: Tue, 23 Jun 2020 13:29:56 -0500 +Subject: [PATCH] qemu: format 'ramfb' attribute for mediated devices +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +It's possible to use ramfb as the boot display of an assigned vgpu +device. This was introduced in 4b95738c, but unfortunately the attribute +was not formatted into the xml output for such a device. This patch +fixes that oversight and adds a xml2xml test to verify proper behavior. + +https://bugzilla.redhat.com/show_bug.cgi?id=1847791 + +cherry pick from: c5815b31976f3982d18c7f6c1367ab6e403eb7eb + +Signed-off-by: Jonathon Jongsma +Reviewed-by: Daniel Henrique Barboza +Signed-off-by: Ján Tomko +Reviewed-by: Ján Tomko +--- + src/conf/domain_conf.c | 3 ++ + ...stdev-mdev-display-ramfb.x86_64-latest.xml | 44 +++++++++++++++++++ + tests/qemuxml2xmltest.c | 1 + + 3 files changed, 48 insertions(+) + create mode 100644 tests/qemuxml2xmloutdata/hostdev-mdev-display-ramfb.x86_64-latest.xml + +diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c +index c51c613673..dbc3e103ff 100644 +--- a/src/conf/domain_conf.c ++++ b/src/conf/domain_conf.c +@@ -27854,6 +27854,9 @@ virDomainHostdevDefFormat(virBufferPtr buf, + if (mdevsrc->display != VIR_TRISTATE_SWITCH_ABSENT) + virBufferAsprintf(buf, " display='%s'", + virTristateSwitchTypeToString(mdevsrc->display)); ++ if (mdevsrc->ramfb != VIR_TRISTATE_SWITCH_ABSENT) ++ virBufferAsprintf(buf, " ramfb='%s'", ++ virTristateSwitchTypeToString(mdevsrc->ramfb)); + } + + } +diff --git a/tests/qemuxml2xmloutdata/hostdev-mdev-display-ramfb.x86_64-latest.xml b/tests/qemuxml2xmloutdata/hostdev-mdev-display-ramfb.x86_64-latest.xml +new file mode 100644 +index 0000000000..c134400486 +--- /dev/null ++++ b/tests/qemuxml2xmloutdata/hostdev-mdev-display-ramfb.x86_64-latest.xml +@@ -0,0 +1,44 @@ ++ ++ QEMUGuest2 ++ c7a5fdbd-edaf-9455-926a-d65c16db1809 ++ 219136 ++ 219136 ++ 1 ++ ++ hvm ++ ++ ++ ++ qemu64 ++ ++ ++ destroy ++ restart ++ destroy ++ ++ /usr/bin/qemu-system-i386 ++ ++
++ ++ ++ ++
++ ++ ++ ++ ++ ++ ++