Fix QEMU startup timeout/race (rhbz #484649)

Setup DBus threading. Don't allow dbus to call _exit / change SIGPIPE (rhbz #484553)
Fix timeout when autostarting session daemon

.cvsignore

@@ -0,0 +1,6 @@
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.gz
+libvirt-0.4.2.tar.gz

.gitignore

@@ -1,8 +0,0 @@
-.build*.log
-*.rpm
-i686
-x86_64
-libvirt-*.tar.gz
-/libvirt-0.8.4.tar.gz
-/libvirt-0.8.5.tar.gz
-/libvirt-0.8.7.tar.gz

Makefile

@@ -4,7 +4,7 @@ NAME := libvirt
 SPECFILE = $(firstword $(wildcard *.spec))
 
 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef
 
 MAKEFILE_COMMON := $(shell $(find-makefile-common))

branch

@@ -0,0 +1 @@
+F-9

libvirt-0.6.0-autostart-timeout.patch

@@ -0,0 +1,21 @@
+diff -rup libvirt-0.6.0.orig/src/remote_internal.c libvirt-0.6.0.new/src/remote_internal.c
+--- libvirt-0.6.0.orig/src/remote_internal.c	2009-02-18 10:56:34.000000000 +0000
++++ libvirt-0.6.0.new/src/remote_internal.c	2009-02-18 13:35:26.000000000 +0000
+@@ -654,12 +654,13 @@ doRemoteOpen (virConnectPtr conn,
+              */
+             if (errno == ECONNREFUSED &&
+                 flags & VIR_DRV_OPEN_REMOTE_AUTOSTART &&
+-                trials < 5) {
++                trials < 20) {
+                 close(priv->sock);
+                 priv->sock = -1;
+-                if (remoteForkDaemon(conn) == 0) {
++                if (trials > 0 ||
++                    remoteForkDaemon(conn) == 0) {
+                     trials++;
+-                    usleep(5000 * trials * trials);
++                    usleep(1000 * 100 * trials);
+                     goto autostart_retry;
+                 }
+             }
+Only in libvirt-0.6.0.new/src: remote_internal.c~

libvirt-0.6.0-dbus-threads.patch

@@ -0,0 +1,44 @@
+diff -rup libvirt-0.6.0.orig/qemud/qemud.c libvirt-0.6.0.new/qemud/qemud.c
+--- libvirt-0.6.0.orig/qemud/qemud.c	2009-02-18 10:56:34.000000000 +0000
++++ libvirt-0.6.0.new/qemud/qemud.c	2009-02-18 12:52:18.000000000 +0000
+@@ -860,6 +860,10 @@ static struct qemud_server *qemudNetwork
+     if (auth_unix_rw == REMOTE_AUTH_POLKIT ||
+         auth_unix_ro == REMOTE_AUTH_POLKIT) {
+         DBusError derr;
++
++        dbus_connection_set_change_sigpipe(FALSE);
++        dbus_threads_init_default();
++
+         dbus_error_init(&derr);
+         server->sysbus = dbus_bus_get(DBUS_BUS_SYSTEM, &derr);
+         if (!(server->sysbus)) {
+@@ -868,6 +872,7 @@ static struct qemud_server *qemudNetwork
+             dbus_error_free(&derr);
+             goto cleanup;
+         }
++        dbus_connection_set_exit_on_disconnect(server->sysbus, FALSE);
+     }
+ #endif
+ 
+diff -rup libvirt-0.6.0.orig/src/node_device_hal.c libvirt-0.6.0.new/src/node_device_hal.c
+--- libvirt-0.6.0.orig/src/node_device_hal.c	2009-01-16 12:44:22.000000000 +0000
++++ libvirt-0.6.0.new/src/node_device_hal.c	2009-02-18 12:52:48.000000000 +0000
+@@ -685,6 +685,9 @@ static int halDeviceMonitorStartup(void)
+     nodeDeviceLock(driverState);
+ 
+     /* Allocate and initialize a new HAL context */
++    dbus_connection_set_change_sigpipe(FALSE);
++    dbus_threads_init_default();
++
+     dbus_error_init(&err);
+     hal_ctx = libhal_ctx_new();
+     if (hal_ctx == NULL) {
+@@ -696,6 +699,8 @@ static int halDeviceMonitorStartup(void)
+         fprintf(stderr, "%s: dbus_bus_get failed\n", __FUNCTION__);
+         goto failure;
+     }
++    dbus_connection_set_exit_on_disconnect(dbus_conn, FALSE);
++
+     if (!libhal_ctx_set_dbus_connection(hal_ctx, dbus_conn)) {
+         fprintf(stderr, "%s: libhal_ctx_set_dbus_connection failed\n",
+                 __FUNCTION__);

libvirt-0.6.0-qemu-startup.patch

@@ -0,0 +1,109 @@
+diff -rup libvirt-0.6.0.orig/src/qemu_driver.c libvirt-0.6.0.new/src/qemu_driver.c
+--- libvirt-0.6.0.orig/src/qemu_driver.c	2009-01-31 09:04:18.000000000 +0000
++++ libvirt-0.6.0.new/src/qemu_driver.c	2009-02-18 11:15:37.000000000 +0000
+@@ -633,6 +633,7 @@ qemudReadMonitorOutput(virConnectPtr con
+ {
+     int got = 0;
+     buf[0] = '\0';
++    timeout *= 1000; /* poll wants milli seconds */
+ 
+     /* Consume & discard the initial greeting */
+     while (got < (buflen-1)) {
+@@ -694,6 +695,56 @@ qemudReadMonitorOutput(virConnectPtr con
+ 
+ }
+ 
++
++/*
++ * Returns -1 for error, 0 on success
++ */
++static int
++qemudReadLogOutput(virConnectPtr conn,
++                   virDomainObjPtr vm,
++                   int fd,
++                   char *buf,
++                   int buflen,
++                   qemudHandlerMonitorOutput func,
++                   const char *what,
++                   int timeout)
++{
++    int got = 0;
++    int ret;
++    int retries = timeout*10;
++    buf[0] = '\0';
++
++    while (retries) {
++        while((ret = read(fd, buf+got, buflen-got-1)) > 0) {
++            got += ret;
++            buf[got] = '\0';
++            if ((buflen-got-1) == 0) {
++                qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
++                                 _("Out of space while reading %s log output"), what);
++                return -1;
++            }
++        }
++
++        if (ret < 0 && errno != EINTR) {
++            virReportSystemError(conn, errno,
++                                 _("Failure while reading %s log output"),
++                                 what);
++            return -1;
++        }
++
++        ret = func(conn, vm, buf, fd);
++        if (ret <= 0)
++            return ret;
++
++        usleep(100*1000);
++        retries--;
++    }
++    if (retries == 0)
++        qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
++                         _("Timed out while reading %s log output"), what);
++    return -1;
++}
++
+ static int
+ qemudCheckMonitorPrompt(virConnectPtr conn ATTRIBUTE_UNUSED,
+                         virDomainObjPtr vm,
+@@ -738,7 +789,7 @@ static int qemudOpenMonitor(virConnectPt
+                                    vm, monfd,
+                                    buf, sizeof(buf),
+                                    qemudCheckMonitorPrompt,
+-                                   "monitor", 10000) <= 0)
++                                   "monitor", 10) <= 0)
+             ret = -1;
+         else
+             ret = 0;
+@@ -770,6 +821,7 @@ static int qemudOpenMonitor(virConnectPt
+     return ret;
+ }
+ 
++/* Returns -1 for error, 0 success, 1 continue reading */
+ static int qemudExtractMonitorPath(virConnectPtr conn,
+                                    const char *haystack,
+                                    size_t *offset,
+@@ -873,19 +925,16 @@ static int qemudWaitForMonitor(virConnec
+         < 0)
+         return -1;
+ 
+-    ret = qemudReadMonitorOutput(conn, vm, logfd, buf, sizeof(buf),
+-                                 qemudFindCharDevicePTYs,
+-                                 "console", 3000);
++    ret = qemudReadLogOutput(conn, vm, logfd, buf, sizeof(buf),
++                             qemudFindCharDevicePTYs,
++                             "console", 3);
+     if (close(logfd) < 0)
+         qemudLog(QEMUD_WARN, _("Unable to close logfile: %s\n"),
+                  strerror(errno));
+ 
+-    if (ret == 1) /* Success */
++    if (ret == 0) /* success */
+         return 0;
+ 
+-    if (ret == -1)
+-        return -1;
+-
+     /* Unexpected end of file - inform user of QEMU log data */
+     qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+                      _("unable to start guest: %s"), buf);

libvirt-0.6.0-rpccall.patch

@@ -0,0 +1,70 @@
+diff -rup libvirt-0.6.0.orig/qemud/event.c libvirt-0.6.0.new/qemud/event.c
+--- libvirt-0.6.0.orig/qemud/event.c	2009-02-06 19:30:58.000000000 +0000
++++ libvirt-0.6.0.new/qemud/event.c	2009-02-06 19:30:00.000000000 +0000
+@@ -657,6 +657,8 @@ virPollEventToEventHandleType(int events
+         ret |= VIR_EVENT_HANDLE_WRITABLE;
+     if(events & POLLERR)
+         ret |= VIR_EVENT_HANDLE_ERROR;
++    if(events & POLLNVAL) /* Treat NVAL as error, since libvirt doesn't distinguish */
++        ret |= VIR_EVENT_HANDLE_ERROR;
+     if(events & POLLHUP)
+         ret |= VIR_EVENT_HANDLE_HANGUP;
+     return ret;
+diff -rup libvirt-0.6.0.orig/src/domain_conf.c libvirt-0.6.0.new/src/domain_conf.c
+--- libvirt-0.6.0.orig/src/domain_conf.c	2009-01-31 09:04:17.000000000 +0000
++++ libvirt-0.6.0.new/src/domain_conf.c	2009-02-06 19:30:00.000000000 +0000
+@@ -504,6 +504,7 @@ virDomainObjPtr virDomainAssignDef(virCo
+     domain->state = VIR_DOMAIN_SHUTOFF;
+     domain->def = def;
+     domain->monitor_watch = -1;
++    domain->monitor = -1;
+ 
+     if (VIR_REALLOC_N(doms->objs, doms->count + 1) < 0) {
+         virReportOOMError(conn);
+diff -rup libvirt-0.6.0.orig/src/remote_internal.c libvirt-0.6.0.new/src/remote_internal.c
+--- libvirt-0.6.0.orig/src/remote_internal.c	2009-01-31 09:04:18.000000000 +0000
++++ libvirt-0.6.0.new/src/remote_internal.c	2009-02-06 19:30:00.000000000 +0000
+@@ -6198,17 +6198,17 @@ processCalls(virConnectPtr conn,
+                 continue;
+             virReportSystemError(in_open ? NULL : conn, errno,
+                                  "%s", _("poll on socket failed"));
+-            return -1;
++            goto error;
+         }
+ 
+         if (fds[0].revents & POLLOUT) {
+             if (processCallSend(conn, priv, in_open) < 0)
+-                return -1;
++                goto error;
+         }
+ 
+         if (fds[0].revents & POLLIN) {
+             if (processCallRecv(conn, priv, in_open) < 0)
+-                return -1;
++                goto error;
+         }
+ 
+         /* Iterate through waiting threads and if
+@@ -6259,9 +6259,21 @@ processCalls(virConnectPtr conn,
+         if (fds[0].revents & (POLLHUP | POLLERR)) {
+             errorf(in_open ? NULL : conn, VIR_ERR_INTERNAL_ERROR,
+                    "%s", _("received hangup / error event on socket"));
+-            return -1;
++            goto error;
+         }
+     }
++
++
++error:
++    priv->waitDispatch = thiscall->next;
++    DEBUG("Giving up the buck due to I/O error %d %p %p", thiscall->proc_nr, thiscall, priv->waitDispatch);
++    /* See if someone else is still waiting
++     * and if so, then pass the buck ! */
++    if (priv->waitDispatch) {
++        DEBUG("Passing the buck to %d %p", priv->waitDispatch->proc_nr, priv->waitDispatch);
++        virCondSignal(&priv->waitDispatch->cond);
++    }
++    return -1;
+ }
+ 
+ /*

libvirt-0.6.0-timeout.patch

@@ -0,0 +1,124 @@
+diff -rup libvirt-0.6.0.orig/qemud/event.c libvirt-0.6.0.new/qemud/event.c
+--- libvirt-0.6.0.orig/qemud/event.c	2008-12-22 13:02:54.000000000 +0000
++++ libvirt-0.6.0.new/qemud/event.c	2009-02-06 19:29:28.000000000 +0000
+@@ -68,6 +68,7 @@ struct virEventTimeout {
+ /* State for the main event loop */
+ struct virEventLoop {
+     pthread_mutex_t lock;
++    int running;
+     pthread_t leader;
+     int wakeupfd[2];
+     int handlesCount;
+@@ -521,6 +522,7 @@ int virEventRunOnce(void) {
+     int ret, timeout, nfds;
+ 
+     virEventLock();
++    eventLoop.running = 1;
+     eventLoop.leader = pthread_self();
+     if ((nfds = virEventMakePollFDs(&fds)) < 0) {
+         virEventUnlock();
+@@ -572,7 +574,7 @@ int virEventRunOnce(void) {
+         return -1;
+     }
+ 
+-    eventLoop.leader = 0;
++    eventLoop.running = 0;
+     virEventUnlock();
+     return 0;
+ }
+@@ -611,7 +613,9 @@ int virEventInit(void)
+ static int virEventInterruptLocked(void)
+ {
+     char c = '\0';
+-    if (pthread_self() == eventLoop.leader)
++
++    if (!eventLoop.running ||
++        pthread_self() == eventLoop.leader)
+         return 0;
+ 
+     if (safewrite(eventLoop.wakeupfd[1], &c, sizeof(c)) != sizeof(c))
+diff -rup libvirt-0.6.0.orig/qemud/qemud.c libvirt-0.6.0.new/qemud/qemud.c
+--- libvirt-0.6.0.orig/qemud/qemud.c	2009-01-31 09:04:17.000000000 +0000
++++ libvirt-0.6.0.new/qemud/qemud.c	2009-02-06 19:29:28.000000000 +0000
+@@ -2013,11 +2013,15 @@ static int qemudOneLoop(void) {
+     return 0;
+ }
+ 
+-static void qemudInactiveTimer(int timer ATTRIBUTE_UNUSED, void *data) {
++static void qemudInactiveTimer(int timerid, void *data) {
+     struct qemud_server *server = (struct qemud_server *)data;
+-    DEBUG0("Got inactive timer expiry");
+-    if (!virStateActive()) {
+-        DEBUG0("No state active, shutting down");
++
++    if (virStateActive() ||
++        server->clients) {
++        DEBUG0("Timer expired but still active, not shutting down");
++        virEventUpdateTimeoutImpl(timerid, -1);
++    } else {
++        DEBUG0("Timer expired and inactive, shutting down");
+         server->shutdown = 1;
+     }
+ }
+@@ -2048,9 +2052,18 @@ static void qemudFreeClient(struct qemud
+ static int qemudRunLoop(struct qemud_server *server) {
+     int timerid = -1;
+     int ret = -1, i;
++    int timerActive = 0;
+ 
+     virMutexLock(&server->lock);
+ 
++    if (timeout > 0 &&
++        (timerid = virEventAddTimeoutImpl(-1,
++                                          qemudInactiveTimer,
++                                          server, NULL)) < 0) {
++        VIR_ERROR0(_("Failed to register shutdown timeout"));
++        return -1;
++    }
++
+     if (min_workers > max_workers)
+         max_workers = min_workers;
+ 
+@@ -2071,11 +2084,21 @@ static int qemudRunLoop(struct qemud_ser
+          * if any drivers have active state, if not
+          * shutdown after timeout seconds
+          */
+-        if (timeout > 0 && !virStateActive() && !server->clients) {
+-            timerid = virEventAddTimeoutImpl(timeout*1000,
+-                                             qemudInactiveTimer,
+-                                             server, NULL);
+-            DEBUG("Scheduling shutdown timer %d", timerid);
++        if (timeout > 0) {
++            if (timerActive) {
++                if (server->clients) {
++                    DEBUG("Deactivating shutdown timer %d", timerid);
++                    virEventUpdateTimeoutImpl(timerid, -1);
++                    timerActive = 0;
++                }
++            } else {
++                if (!virStateActive() &&
++                    !server->clients) {
++                    DEBUG("Activating shutdown timer %d", timerid);
++                    virEventUpdateTimeoutImpl(timerid, timeout * 1000);
++                    timerActive = 1;
++                }
++            }
+         }
+ 
+         virMutexUnlock(&server->lock);
+@@ -2129,15 +2152,6 @@ static int qemudRunLoop(struct qemud_ser
+             }
+         }
+ 
+-        /* Unregister any timeout that's active, since we
+-         * just had an event processed
+-         */
+-        if (timerid != -1) {
+-            DEBUG("Removing shutdown timer %d", timerid);
+-            virEventRemoveTimeoutImpl(timerid);
+-            timerid = -1;
+-        }
+-
+         if (server->shutdown) {
+             ret = 0;
+             break;

libvirt-0.8.8-Requires-gettext-for-client-package.patch

@@ -1,40 +0,0 @@
-From e03899ff772cb753f02ecc99c81776a95c8e3d59 Mon Sep 17 00:00:00 2001
-From: Osier Yang <jyang@redhat.com>
-Date: Fri, 18 Feb 2011 13:45:13 +0800
-Subject: [PATCH 2/6] Requires gettext for client package
-
-https://bugzilla.redhat.com/show_bug.cgi?id=680270
-libvirt-client is missing some dependencies
-
-libvirt-guests invokes functions in gettext.sh, so we need to
-require gettext package in spec file.
-
-Demo with the fix:
-% rpm -q gettext
-package gettext is not installed
-
-% rpm -ivh libvirt-client-0.8.8-1.fc14.x86_64.rpm
-error: Failed dependencies:
-	gettext is needed by libvirt-client-0.8.8-1.fc14.x86_64
-
-* libvirt.spec.in
----
- libvirt.spec.in |    2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
-
-diff --git a/libvirt.spec.in b/libvirt.spec.in
-index d4208e8..c08b186 100644
---- a/libvirt.spec.in
-+++ b/libvirt.spec.in
-@@ -415,6 +415,8 @@ Requires: ncurses
- # So remote clients can access libvirt over SSH tunnel
- # (client invokes 'nc' against the UNIX socket on the server)
- Requires: nc
-+# Needed by libvirt-guests init script.
-+Requires: gettext
- %if %{with_sasl}
- Requires: cyrus-sasl
- # Not technically required, but makes 'out-of-box' config
--- 
-1.7.3.4
-

libvirt-0.8.8-avoid-resetting-errors.patch

@@ -1,51 +0,0 @@
-From 2c2ae4c48c7e57fd233f1b9475fb6ecbab04804a Mon Sep 17 00:00:00 2001
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Fri, 25 Mar 2011 16:45:45 +0100
-Subject: [PATCH 2/2] daemon: Avoid resetting errors before they are reported
-
-https://bugzilla.redhat.com/show_bug.cgi?id=690733
-
-Commit f44bfb7 was supposed to make sure no additional libvirt API (esp.
-*Free) is called before remoteDispatchConnError() is called on error.
-However, the patch missed two instances.
-(cherry picked from commit 55cc591fc18e87b29febf78dc5b424b7c12f7349)
----
- daemon/remote.c |    6 ++++--
- 1 files changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/daemon/remote.c b/daemon/remote.c
-index 554e75e..159430e 100644
---- a/daemon/remote.c
-+++ b/daemon/remote.c
-@@ -4868,12 +4868,13 @@ remoteDispatchStoragePoolListVolumes (struct qemud_server *server ATTRIBUTE_UNUS
-     ret->names.names_len =
-         virStoragePoolListVolumes (pool,
-                                    ret->names.names_val, args->maxnames);
--    virStoragePoolFree(pool);
-     if (ret->names.names_len == -1) {
-         VIR_FREE(ret->names.names_val);
-         remoteDispatchConnError(rerr, conn);
-+        virStoragePoolFree(pool);
-         return -1;
-     }
-+    virStoragePoolFree(pool);
- 
-     return 0;
- }
-@@ -4897,11 +4898,12 @@ remoteDispatchStoragePoolNumOfVolumes (struct qemud_server *server ATTRIBUTE_UNU
-     }
- 
-     ret->num = virStoragePoolNumOfVolumes (pool);
--    virStoragePoolFree(pool);
-     if (ret->num == -1) {
-         remoteDispatchConnError(rerr, conn);
-+        virStoragePoolFree(pool);
-         return -1;
-     }
-+    virStoragePoolFree(pool);
- 
-     return 0;
- }
--- 
-1.7.3.4
-

libvirt-0.8.8-build-add-dependency-on-gnutls-utils.patch

@@ -1,30 +0,0 @@
-From 29680e00f67bad9145387022ea0d3c307465d3dc Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Mon, 21 Feb 2011 10:43:29 -0700
-Subject: [PATCH 4/6] build: add dependency on gnutls-utils
-
-https://bugzilla.redhat.com/show_bug.cgi?id=680270
-libvirt-client is missing some dependencies
-
-* libvirt.spec.in (Requires): Add gnutls-utils, for virt-pki-validate.
-Suggested by Daniel P. Berrange.
----
- libvirt.spec.in |    2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
-
-diff --git a/libvirt.spec.in b/libvirt.spec.in
-index c08b186..23f4525 100644
---- a/libvirt.spec.in
-+++ b/libvirt.spec.in
-@@ -417,6 +417,8 @@ Requires: ncurses
- Requires: nc
- # Needed by libvirt-guests init script.
- Requires: gettext
-+# Needed by virt-pki-validate script.
-+Requires: gnutls-utils
- %if %{with_sasl}
- Requires: cyrus-sasl
- # Not technically required, but makes 'out-of-box' config
--- 
-1.7.3.4
-

libvirt-0.8.8-kernel-boot-index.patch

@@ -1,27 +0,0 @@
-commit efc2594b4e0cbcdd6947fafeeed41accd5b611e0
-Author: Jim Fehlig <jfehlig@novell.com>
-Date:   Thu Feb 17 14:22:55 2011 -0700
-
-    Do not add drive 'boot=on' param when a kernel is specified
-    
-    libvirt-tck was failing several domain tests [1] with qemu 0.14, which
-    is now less tolerable of specifying 2 bootroms with the same boot index [2].
-    
-    Drop the 'boot=on' param if kernel has been specfied.
-    
-    [1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
-    [2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
-
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index 371a7ed..0db2843 100644
---- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -3173,7 +3173,7 @@ qemuBuildCommandLine(virConnectPtr conn,
-         int bootCD = 0, bootFloppy = 0, bootDisk = 0;
- 
-         /* If QEMU supports boot=on for -drive param... */
--        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT) {
-+        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT && !def->os.kernel) {
-             for (i = 0 ; i < def->os.nBootDevs ; i++) {
-                 switch (def->os.bootDevs[i]) {
-                 case VIR_DOMAIN_BOOT_CDROM:

libvirt-0.8.8-make-commandtest-more-robust.patch

@@ -1,32 +0,0 @@
-From 12509c09a55bd2ab171f9fa029fb94f297adc0a0 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Thu, 24 Feb 2011 12:12:27 +0000
-Subject: [PATCH] Make commandtest more robust wrt its execution environment
-
-When executed from cron, commandtest would fail to correctly
-identify daemon processes. Set session ID and process group
-IDs at startup to ensure we have a consistent environment to
-run in.
-
-* tests/commandtest.c: Call setsid() and setpgid()
----
- tests/commandtest.c |    3 +++
- 1 files changed, 3 insertions(+), 0 deletions(-)
-
-diff --git a/tests/commandtest.c b/tests/commandtest.c
-index 7157c51..dc2f8a1 100644
---- a/tests/commandtest.c
-+++ b/tests/commandtest.c
-@@ -730,6 +730,9 @@ mymain(int argc, char **argv)
-     if (chdir("/tmp") < 0)
-         return(EXIT_FAILURE);
- 
-+    setpgid(0, 0);
-+    setsid();
-+
-     /* Kill off any inherited fds that might interfere with our
-      * testing.  */
-     fd = 3;
--- 
-1.7.3.4
-

libvirt-0.8.8-read-only-checks.patch

@@ -1,95 +0,0 @@
-From: Guido Günther <agx@sigxcpu.org>
-Date: Mon, 14 Mar 2011 02:56:28 +0000 (+0800)
-Subject: Add missing checks for read only connections
-X-Git-Url: http://libvirt.org/git/?p=libvirt.git;a=commitdiff_plain;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3;hp=13c00dde3171b3a38d23cceb3f9151cb6cac3dad
-
-Add missing checks for read only connections
-
-As pointed on CVE-2011-1146, some API forgot to check the read-only
-status of the connection for entry point which modify the state
-of the system or may lead to a remote execution using user data.
-The entry points concerned are:
-  - virConnectDomainXMLToNative
-  - virNodeDeviceDettach
-  - virNodeDeviceReAttach
-  - virNodeDeviceReset
-  - virDomainRevertToSnapshot
-  - virDomainSnapshotDelete
-
-* src/libvirt.c: fix the above set of entry points to error on read-only
-                 connections
----
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index caa109d..713291f 100644
---- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -3321,6 +3321,10 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
-         virDispatchError(NULL);
-         return NULL;
-     }
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (nativeFormat == NULL || domainXml == NULL) {
-         virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
-@@ -9748,6 +9752,11 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceDettach) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceDettach (dev);
-@@ -9791,6 +9800,11 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceReAttach) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceReAttach (dev);
-@@ -9836,6 +9850,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
-         return -1;
-     }
- 
-+    if (dev->conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
-+
-     if (dev->conn->driver->nodeDeviceReset) {
-         int ret;
-         ret = dev->conn->driver->nodeDeviceReset (dev);
-@@ -13131,6 +13150,10 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
-     }
- 
-     conn = snapshot->domain->conn;
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (conn->driver->domainRevertToSnapshot) {
-         int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
-@@ -13177,6 +13200,10 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
-     }
- 
-     conn = snapshot->domain->conn;
-+    if (conn->flags & VIR_CONNECT_RO) {
-+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
-+        goto error;
-+    }
- 
-     if (conn->driver->domainSnapshotDelete) {
-         int ret = conn->driver->domainSnapshotDelete(snapshot, flags);

libvirt-0.8.8-remote-protect-against-integer-overflow.patch

@@ -1,115 +0,0 @@
-From 9388aeabcbb06ec93845b6d066148ad4cfe1dd9e Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Fri, 24 Jun 2011 12:16:05 -0600
-Subject: [PATCH 6/6] remote: protect against integer overflow
-
-https://bugzilla.redhat.com/show_bug.cgi?id=717204
-CVE-2011-2511 - integer overflow in VirDomainGetVcpus
-
-Integer overflow and remote code are never a nice mix.
-
-This has existed since commit 56cd414.
-
-* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
-* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
-  on sending rpc.
-* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
-  receiving rpc.
-
-(cherry picked from commit 774b21c163845170c9ffa873f5720d318812eaf6)
-
-Conflicts:
-
-	daemon/remote.c
-	src/remote/remote_driver.c
-
-Change to internal.h required to avoid backporting 89d994ad.
----
- daemon/remote.c            |    3 ++-
- src/internal.h             |   17 +++++++++++++++++
- src/libvirt.c              |    5 +++--
- src/remote/remote_driver.c |    3 ++-
- 4 files changed, 24 insertions(+), 4 deletions(-)
-
-diff --git a/daemon/remote.c b/daemon/remote.c
-index 159430e..b707326 100644
---- a/daemon/remote.c
-+++ b/daemon/remote.c
-@@ -1722,7 +1722,8 @@ remoteDispatchDomainGetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
-         return -1;
-     }
- 
--    if (args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
-+    if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
-+        args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
-         virDomainFree(dom);
-         remoteDispatchFormatError (rerr, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
-         return -1;
-diff --git a/src/internal.h b/src/internal.h
-index e263684..f47b842 100644
---- a/src/internal.h
-+++ b/src/internal.h
-@@ -232,6 +232,23 @@
-         }                                                               \
-     } while (0)
- 
-+/* branch-specific: we don't want to update gnulib on the branch, so this
-+ * backports just one required macro from newer gnulib's intprops.h.
-+ * This version requires that both a and b are 'int', rather than
-+ * the fully type-generic version from gnulib.  */
-+# define INT_MULTIPLY_OVERFLOW(a, b)            \
-+    ((b) < 0                                    \
-+     ? ((a) < 0                                 \
-+        ? (a) < INT_MAX / (b)                   \
-+        : (b) == -1                             \
-+        ? 0                                     \
-+        : INT_MIN / (b) < (a))                  \
-+     : (b) == 0                                 \
-+     ? 0                                        \
-+     : ((a) < 0                                 \
-+        ? (a) < INT_MIN / (b)                   \
-+        : INT_MAX / (b) < (a)))
-+
- /* divide value by size, rounding up */
- # define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
- 
-diff --git a/src/libvirt.c b/src/libvirt.c
-index 8c70a1f..d8ab8f8 100644
---- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -40,6 +40,7 @@
- #include "util.h"
- #include "memory.h"
- #include "configmake.h"
-+#include "intprops.h"
- 
- #ifndef WITH_DRIVER_MODULES
- # ifdef WITH_TEST
-@@ -5363,8 +5364,8 @@ virDomainGetVcpus(virDomainPtr domain, virVcpuInfoPtr info, int maxinfo,
- 
-     /* Ensure that domainGetVcpus (aka remoteDomainGetVcpus) does not
-        try to memcpy anything into a NULL pointer.  */
--    if ((cpumaps == NULL && maplen != 0)
--        || (cpumaps && maplen <= 0)) {
-+    if (!cpumaps ? maplen != 0
-+        : (maplen <= 0 || INT_MULTIPLY_OVERFLOW(maxinfo, maplen))) {
-         virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
-         goto error;
-     }
-diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
-index 4ca0d3b..c73452e 100644
---- a/src/remote/remote_driver.c
-+++ b/src/remote/remote_driver.c
-@@ -2850,7 +2850,8 @@ remoteDomainGetVcpus (virDomainPtr domain,
-                     maxinfo, REMOTE_VCPUINFO_MAX);
-         goto done;
-     }
--    if (maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
-+    if (INT_MULTIPLY_OVERFLOW(maxinfo, maplen) ||
-+        maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
-         remoteError(VIR_ERR_RPC,
-                     _("vCPU map buffer length exceeds maximum: %d > %d"),
-                     maxinfo * maplen, REMOTE_CPUMAPS_MAX);
--- 
-1.7.3.4
-

libvirt-0.8.8-rpm-add-missing-dependencies.patch

@@ -1,99 +0,0 @@
-From 775581ead9c0b6435e8a0dad2a6838909638e7b6 Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Wed, 23 Mar 2011 10:30:49 -0600
-Subject: [PATCH 5/6] rpm: add missing dependencies
-
-manually adapted from upstream 206fc979b1656722b254e683d89b3e9fc4480c63
-
-Among others, the missing radvd dependency showed up as:
-
-error: Failed to start network ipv6net
-error: Cannot find radvd - Possibly the package isn't installed: No such file
-or directory
-
-even when radvd was installed, because the RADVD preprocessor
-symbol was missing at configure time.
-
-* libvirt.spec.in (with_network): Add Build and BuildRequires for radvd
-    (BuildRequires): Add libxslt and augeas for docs and test.
-    (with_libvirtd): Add module-init-tools for modprobe.
-    (with_nwfilter): Add BuildRequires for ebtables.
----
- libvirt.spec.in |   26 ++++++++++++++++++++++++--
- 1 files changed, 24 insertions(+), 2 deletions(-)
-
-diff --git a/libvirt.spec.in b/libvirt.spec.in
-index 23f4525..8ffb757 100644
---- a/libvirt.spec.in
-+++ b/libvirt.spec.in
-@@ -219,15 +219,21 @@ Requires: %{name}-client = %{version}-%{release}
- # daemon is present
- %if %{with_libvirtd}
- Requires: bridge-utils
-+# for modprobe of pci devices
-+Requires: module-init-tools
-+# for /sbin/ip
-+Requires: iproute
- %endif
- %if %{with_network}
- Requires: dnsmasq >= 2.41
-+Requires: radvd
-+%endif
-+%if %{with_network} || %{with_nwfilter}
- Requires: iptables
-+Requires: iptables-ipv6
- %endif
- %if %{with_nwfilter}
- Requires: ebtables
--Requires: iptables
--Requires: iptables-ipv6
- %endif
- # needed for device enumeration
- %if %{with_hal}
-@@ -295,10 +301,15 @@ BuildRequires: xmlrpc-c-devel >= 1.14.0
- %endif
- BuildRequires: libxml2-devel
- BuildRequires: xhtml1-dtds
-+BuildRequires: libxslt
- BuildRequires: readline-devel
- BuildRequires: ncurses-devel
- BuildRequires: gettext
- BuildRequires: gnutls-devel
-+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
-+# for augparse, optionally used in testing
-+BuildRequires: augeas
-+%endif
- %if %{with_hal}
- BuildRequires: hal-devel
- %endif
-@@ -323,8 +334,15 @@ BuildRequires: libselinux-devel
- %endif
- %if %{with_network}
- BuildRequires: dnsmasq >= 2.41
-+BuildRequires: iptables
-+BuildRequires: iptables-ipv6
-+BuildRequires: radvd
-+%endif
-+%if %{with_nwfilter}
-+BuildRequires: ebtables
- %endif
- BuildRequires: bridge-utils
-+BuildRequires: module-init-tools
- %if %{with_sasl}
- BuildRequires: cyrus-sasl-devel
- %endif
-@@ -388,7 +406,11 @@ BuildRequires: libssh2-devel
- BuildRequires: netcf-devel >= 0.1.4
- %endif
- %if %{with_esx}
-+%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
- BuildRequires: libcurl-devel
-+%else
-+BuildRequires: curl-devel
-+%endif
- %endif
- %if %{with_audit}
- BuildRequires: audit-libs-devel
--- 
-1.7.3.4
-

libvirt-0.8.8-security-plug-regression-introduced-in-disk-probe-lo.patch

@@ -1,40 +0,0 @@
-From c2d77ade37ee917ca258cb24ffb130fc07bb95b4 Mon Sep 17 00:00:00 2001
-From: Eric Blake <eblake@redhat.com>
-Date: Thu, 26 May 2011 08:18:46 -0600
-Subject: [PATCH 1/6] security: plug regression introduced in disk probe logic
-
-This patch resolves:
-
-  https://bugzilla.redhat.com/show_bug.cgi?id=709775
-  CVE-2011-2178 - regression introduced in disk probe logic
-
-Regression introduced in commit d6623003 (v0.8.8) - using the
-wrong sizeof operand meant that security manager private data
-was overlaying the allowDiskFormatProbing member of struct
-_virSecurityManager.  This reopens disk probing, which was
-supposed to be prevented by the solution to CVE-2010-2238.
-
-* src/security/security_manager.c
-(virSecurityManagerGetPrivateData): Use correct offset.
----
- src/security/security_manager.c |    4 +++-
- 1 files changed, 3 insertions(+), 1 deletions(-)
-
-diff --git a/src/security/security_manager.c b/src/security/security_manager.c
-index 0246dd8..6f0becd 100644
---- a/src/security/security_manager.c
-+++ b/src/security/security_manager.c
-@@ -107,7 +107,9 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
- 
- void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
- {
--    return ((char*)mgr) + sizeof(mgr);
-+    /* This accesses the memory just beyond mgr, which was allocated
-+     * via VIR_ALLOC_VAR earlier.  */
-+    return mgr + 1;
- }
- 
- 
--- 
-1.7.3.4
-

libvirt-0.8.8-virt-pki-validate-behave-when-CERTTOOL-is-missing.patch

@@ -1,27 +0,0 @@
-From 9679cde15cabf95c7538c3b6929893ec68552d23 Mon Sep 17 00:00:00 2001
-From: Dan Kenigsberg <danken@redhat.com>
-Date: Sun, 20 Feb 2011 22:29:25 +0200
-Subject: [PATCH 3/6] virt-pki-validate: behave when CERTTOOL is missing
-
-https://bugzilla.redhat.com/show_bug.cgi?id=680270
-libvirt-client is missing some dependencies
----
- tools/virt-pki-validate.in |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
-index 207fa76..96659cf 100755
---- a/tools/virt-pki-validate.in
-+++ b/tools/virt-pki-validate.in
-@@ -14,7 +14,7 @@ PORT=16514
- # First get certtool
- #
- CERTOOL=`which certtool 2>/dev/null`
--if [ ! -x $CERTOOL ]
-+if [ ! -x "$CERTOOL" ]
- then
-     echo "Could not locate the certtool program"
-     echo "make sure the gnutls-utils (or gnutls-bin) package is installed"
--- 
-1.7.3.4
-

sources

@@ -1 +1 @@
-ac9235576352b84b8cb17df7456bbdfc  libvirt-0.8.8.tar.gz
+8e0120d5452b37179f682031bf0895ea  libvirt-0.6.0.tar.gz