Enable ZFS storage driver (bz #1471912)

Don't use cgroup mount points from /proc/mounts that are hidden (bz #1470593)
disk driver name=... should be optional (bz #1473091)

.gitignore

@@ -2,4 +2,4 @@
 *.rpm
 i686
 x86_64
-libvirt-*.tar.gz
+libvirt-*.tar.xz

0001-Fix-padding-of-encrypted-data.patch

@@ -0,0 +1,55 @@
+From: "Daniel P. Berrange" <berrange@redhat.com>
+Date: Tue, 2 May 2017 11:32:43 +0100
+Subject: [PATCH] Fix padding of encrypted data
+
+If we are encoding a block of data that is 16 bytes in length,
+we cannot leave it as 16 bytes, we must pad it out to the next
+block boundary, 32 bytes. Without this padding, the decoder will
+incorrectly treat the last byte of plain text as the padding
+length, as it can't distinguish padded from non-padded data.
+
+The problem exhibited itself when using a 16 byte passphrase
+for a LUKS volume
+
+  $ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 \
+       $(echo -n 1234567812345678 | base64)
+  Secret value set
+
+  $ virsh start demo
+  error: Failed to start domain demo
+  error: internal error: process exited while connecting to monitor: >>>>>>>>>>Len 16
+  2017-05-02T10:35:40.016390Z qemu-system-x86_64: -object \
+    secret,id=virtio-disk1-luks-secret0,data=SEtNi5vDUeyseMKHwc1c1Q==,\
+    keyid=masterKey0,iv=zm7apUB1A6dPcH53VW960Q==,format=base64: \
+    Incorrect number of padding bytes (56) found on decrypted data
+
+Notice how the padding '56' corresponds to the ordinal value of
+the character '8'.
+
+Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+(cherry picked from commit 71890992daf37ec78b00b4ce873369421dc99731)
+---
+ src/util/vircrypto.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
+index 03410a1a4..8f1e0b7b7 100644
+--- a/src/util/vircrypto.c
++++ b/src/util/vircrypto.c
+@@ -152,8 +152,14 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
+     uint8_t *ciphertext;
+     size_t ciphertextlen;
+ 
+-    /* Allocate a padded buffer, copy in the data */
+-    ciphertextlen = VIR_ROUND_UP(datalen, 16);
++    /* Allocate a padded buffer, copy in the data.
++     *
++     * NB, we must *always* have at least 1 byte of
++     * padding - we can't skip it on multiples of
++     * 16, otherwise decoder can't distinguish padded
++     * data from non-padded data. Hence datalen + 1
++     */
++    ciphertextlen = VIR_ROUND_UP(datalen + 1, 16);
+     if (VIR_ALLOC_N(ciphertext, ciphertextlen) < 0)
+         return -1;
+     memcpy(ciphertext, data, datalen);

0001-qemu_command-Split-qemuBuildCpuArgStr.patch

@@ -1,291 +0,0 @@
-From 96a7f7fa1953707e1eb9f0f638baf213507a5cb2 Mon Sep 17 00:00:00 2001
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 23 Sep 2014 11:35:57 -0400
-Subject: [PATCH] qemu_command: Split qemuBuildCpuArgStr
-
-Move the CPU mode/model handling to its own function. This is just
-code movement and re-indentation.
-
-(cherry picked from commit e1d872dc77c80d43036f928f83f560f2e9286148)
----
- src/qemu/qemu_command.c | 226 ++++++++++++++++++++++++++----------------------
- 1 file changed, 122 insertions(+), 104 deletions(-)
-
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index eb72451..db5ea35 100644
---- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -6140,139 +6140,162 @@ qemuBuildClockArgStr(virDomainClockDefPtr def)
-     return NULL;
- }
- 
--
- static int
--qemuBuildCpuArgStr(virQEMUDriverPtr driver,
--                   const virDomainDef *def,
--                   const char *emulator,
--                   virQEMUCapsPtr qemuCaps,
--                   virArch hostarch,
--                   char **opt,
--                   bool *hasHwVirt,
--                   bool migrating)
-+qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
-+                        const virDomainDef *def,
-+                        virBufferPtr buf,
-+                        virQEMUCapsPtr qemuCaps,
-+                        bool *hasHwVirt,
-+                        bool migrating)
- {
-+    int ret = -1;
-+    size_t i;
-     virCPUDefPtr host = NULL;
-     virCPUDefPtr guest = NULL;
-     virCPUDefPtr cpu = NULL;
-     size_t ncpus = 0;
-     char **cpus = NULL;
--    const char *default_model;
-     virCPUDataPtr data = NULL;
--    bool have_cpu = false;
-     char *compare_msg = NULL;
--    int ret = -1;
--    virBuffer buf = VIR_BUFFER_INITIALIZER;
--    size_t i;
-+    virCPUCompareResult cmp;
-+    const char *preferred;
-     virCapsPtr caps = NULL;
- 
--    *hasHwVirt = false;
--
-     if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
-         goto cleanup;
- 
-     host = caps->host.cpu;
- 
--    if (def->os.arch == VIR_ARCH_I686)
--        default_model = "qemu32";
--    else
--        default_model = "qemu64";
-+    if (!host ||
-+        !host->model ||
-+        (ncpus = virQEMUCapsGetCPUDefinitions(qemuCaps, &cpus)) == 0) {
-+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-+                       _("CPU specification not supported by hypervisor"));
-+        goto cleanup;
-+    }
- 
--    if (def->cpu &&
--        (def->cpu->mode != VIR_CPU_MODE_CUSTOM || def->cpu->model)) {
--        virCPUCompareResult cmp;
--        const char *preferred;
-+    if (!(cpu = virCPUDefCopy(def->cpu)))
-+        goto cleanup;
-+
-+    if (cpu->mode != VIR_CPU_MODE_CUSTOM &&
-+        !migrating &&
-+        cpuUpdate(cpu, host) < 0)
-+        goto cleanup;
- 
--        if (!host ||
--            !host->model ||
--            (ncpus = virQEMUCapsGetCPUDefinitions(qemuCaps, &cpus)) == 0) {
-+    cmp = cpuGuestData(host, cpu, &data, &compare_msg);
-+    switch (cmp) {
-+    case VIR_CPU_COMPARE_INCOMPATIBLE:
-+        if (compare_msg) {
-+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-+                           _("guest and host CPU are not compatible: %s"),
-+                           compare_msg);
-+        } else {
-             virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
--                           _("CPU specification not supported by hypervisor"));
--            goto cleanup;
-+                           _("guest CPU is not compatible with host CPU"));
-         }
-+        /* fall through */
-+    case VIR_CPU_COMPARE_ERROR:
-+        goto cleanup;
- 
--        if (!(cpu = virCPUDefCopy(def->cpu)))
-+    default:
-+        break;
-+    }
-+
-+    /* Only 'svm' requires --enable-nesting. The nested
-+     * 'vmx' patches now simply hook off the CPU features
-+     */
-+    if (def->os.arch == VIR_ARCH_X86_64 ||
-+        def->os.arch == VIR_ARCH_I686) {
-+        int hasSVM = cpuHasFeature(data, "svm");
-+        if (hasSVM < 0)
-             goto cleanup;
-+        *hasHwVirt = hasSVM > 0 ? true : false;
-+    }
- 
--        if (cpu->mode != VIR_CPU_MODE_CUSTOM &&
--            !migrating &&
--            cpuUpdate(cpu, host) < 0)
-+    if (cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) {
-+        const char *mode = virCPUModeTypeToString(cpu->mode);
-+        if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_HOST)) {
-+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-+                           _("CPU mode '%s' is not supported by QEMU"
-+                             " binary"), mode);
-+            goto cleanup;
-+        }
-+        if (def->virtType != VIR_DOMAIN_VIRT_KVM) {
-+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-+                           _("CPU mode '%s' is only supported with kvm"),
-+                           mode);
-+            goto cleanup;
-+        }
-+        virBufferAddLit(buf, "host");
-+    } else {
-+        if (VIR_ALLOC(guest) < 0)
-+            goto cleanup;
-+        if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
-             goto cleanup;
- 
--        cmp = cpuGuestData(host, cpu, &data, &compare_msg);
--        switch (cmp) {
--        case VIR_CPU_COMPARE_INCOMPATIBLE:
--            if (compare_msg) {
--                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--                               _("guest and host CPU are not compatible: %s"),
--                               compare_msg);
--            } else {
--                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
--                               _("guest CPU is not compatible with host CPU"));
--            }
--            /* fall through */
--        case VIR_CPU_COMPARE_ERROR:
-+        guest->arch = host->arch;
-+        if (cpu->match == VIR_CPU_MATCH_MINIMUM)
-+            preferred = host->model;
-+        else
-+            preferred = cpu->model;
-+
-+        guest->type = VIR_CPU_TYPE_GUEST;
-+        guest->fallback = cpu->fallback;
-+        if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
-             goto cleanup;
- 
--        default:
--            break;
--        }
-+        virBufferAdd(buf, guest->model, -1);
-+        if (guest->vendor_id)
-+            virBufferAsprintf(buf, ",vendor=%s", guest->vendor_id);
-+        for (i = 0; i < guest->nfeatures; i++) {
-+            char sign;
-+            if (guest->features[i].policy == VIR_CPU_FEATURE_DISABLE)
-+                sign = '-';
-+            else
-+                sign = '+';
- 
--        /* Only 'svm' requires --enable-nesting. The nested
--         * 'vmx' patches now simply hook off the CPU features
--         */
--        if (def->os.arch == VIR_ARCH_X86_64 ||
--            def->os.arch == VIR_ARCH_I686) {
--            int hasSVM = cpuHasFeature(data, "svm");
--            if (hasSVM < 0)
--                goto cleanup;
--            *hasHwVirt = hasSVM > 0 ? true : false;
-+            virBufferAsprintf(buf, ",%c%s", sign, guest->features[i].name);
-         }
-+    }
- 
--        if (cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) {
--            const char *mode = virCPUModeTypeToString(cpu->mode);
--            if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_HOST)) {
--                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--                               _("CPU mode '%s' is not supported by QEMU"
--                                 " binary"), mode);
--                goto cleanup;
--            }
--            if (def->virtType != VIR_DOMAIN_VIRT_KVM) {
--                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--                               _("CPU mode '%s' is only supported with kvm"),
--                               mode);
--                goto cleanup;
--            }
--            virBufferAddLit(&buf, "host");
--        } else {
--            if (VIR_ALLOC(guest) < 0)
--                goto cleanup;
--            if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
--                goto cleanup;
-+    ret = 0;
-+cleanup:
-+    virObjectUnref(caps);
-+    VIR_FREE(compare_msg);
-+    cpuDataFree(data);
-+    virCPUDefFree(guest);
-+    virCPUDefFree(cpu);
-+    return ret;
-+}
- 
--            guest->arch = host->arch;
--            if (cpu->match == VIR_CPU_MATCH_MINIMUM)
--                preferred = host->model;
--            else
--                preferred = cpu->model;
-+static int
-+qemuBuildCpuArgStr(virQEMUDriverPtr driver,
-+                   const virDomainDef *def,
-+                   const char *emulator,
-+                   virQEMUCapsPtr qemuCaps,
-+                   virArch hostarch,
-+                   char **opt,
-+                   bool *hasHwVirt,
-+                   bool migrating)
-+{
-+    const char *default_model;
-+    bool have_cpu = false;
-+    int ret = -1;
-+    virBuffer buf = VIR_BUFFER_INITIALIZER;
-+    size_t i;
- 
--            guest->type = VIR_CPU_TYPE_GUEST;
--            guest->fallback = cpu->fallback;
--            if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
--                goto cleanup;
-+    *hasHwVirt = false;
- 
--            virBufferAdd(&buf, guest->model, -1);
--            if (guest->vendor_id)
--                virBufferAsprintf(&buf, ",vendor=%s", guest->vendor_id);
--            for (i = 0; i < guest->nfeatures; i++) {
--                char sign;
--                if (guest->features[i].policy == VIR_CPU_FEATURE_DISABLE)
--                    sign = '-';
--                else
--                    sign = '+';
-+    if (def->os.arch == VIR_ARCH_I686)
-+        default_model = "qemu32";
-+    else
-+        default_model = "qemu64";
- 
--                virBufferAsprintf(&buf, ",%c%s", sign, guest->features[i].name);
--            }
--        }
-+    if (def->cpu &&
-+        (def->cpu->mode != VIR_CPU_MODE_CUSTOM || def->cpu->model)) {
-+        if (qemuBuildCpuModelArgStr(driver, def, &buf, qemuCaps,
-+                                    hasHwVirt, migrating) < 0)
-+            goto cleanup;
-         have_cpu = true;
-     } else {
-         /*
-@@ -6398,11 +6421,6 @@ qemuBuildCpuArgStr(virQEMUDriverPtr driver,
-     ret = 0;
- 
-  cleanup:
--    VIR_FREE(compare_msg);
--    cpuDataFree(data);
--    virCPUDefFree(guest);
--    virCPUDefFree(cpu);
--    virObjectUnref(caps);
-     return ret;
- }
- 

0002-qemu-Don-t-compare-CPU-against-host-for-TCG.patch

@@ -1,536 +0,0 @@
-From bbdbfbfc03494f5cbba4ee869149cca37c1fd53c Mon Sep 17 00:00:00 2001
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 23 Sep 2014 13:07:09 -0400
-Subject: [PATCH] qemu: Don't compare CPU against host for TCG
-
-Right now when building the qemu command line, we try to do various
-unconditional validations of the guest CPU against the host CPU. However
-this checks are overly applied. The only time we should use the checks
-are:
-
-- The user requests host-model/host-passthrough, or
-
-- When KVM is requsted. CPU features requested in TCG mode are always
-  emulated by qemu and are independent of the host CPU, so no host CPU
-  checks should be performed.
-
-Right now if trying to specify a CPU for arm on an x86 host, it attempts
-to do non-sensical validation and falls over.
-
-Switch all the test cases that were intending to test CPU validation to
-use KVM, so they continue to test the intended code.
-
-Amend some aarch64 XML tests with a CPU model, to ensure things work
-correctly.
-
-(cherry picked from commit cf7fce8f2fd1c930f357fd4ff93ac35f38eb30c6)
----
- src/qemu/qemu_command.c                            | 68 +++++++++++++---------
- .../qemuxml2argv-aarch64-virt-default-nic.args     |  3 +-
- .../qemuxml2argv-aarch64-virt-default-nic.xml      |  3 +
- .../qemuxml2argv-aarch64-virt-virtio.args          |  3 +-
- .../qemuxml2argv-aarch64-virt-virtio.xml           |  3 +
- .../qemuxml2argvdata/qemuxml2argv-cpu-exact1.args  |  2 +-
- tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml |  4 +-
- .../qemuxml2argv-cpu-exact2-nofallback.args        |  2 +-
- .../qemuxml2argv-cpu-exact2-nofallback.xml         |  4 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-exact2.args  |  2 +-
- tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml |  4 +-
- .../qemuxml2argv-cpu-fallback.args                 |  2 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml |  4 +-
- .../qemuxml2argv-cpu-minimum1.args                 |  2 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml |  4 +-
- .../qemuxml2argv-cpu-minimum2.args                 |  2 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml |  4 +-
- .../qemuxml2argv-cpu-nofallback.xml                |  2 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-strict1.args |  2 +-
- .../qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml  |  4 +-
- .../qemuxml2argv-graphics-spice-timeout.args       |  2 +-
- .../qemuxml2argv-graphics-spice-timeout.xml        |  4 +-
- .../qemuxml2argv-pseries-cpu-exact.args            |  4 +-
- tests/qemuxml2argvtest.c                           | 21 +++----
- .../qemuxml2xmlout-graphics-spice-timeout.xml      |  4 +-
- 25 files changed, 90 insertions(+), 69 deletions(-)
-
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index db5ea35..cd34445 100644
---- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -6160,6 +6160,8 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
-     virCPUCompareResult cmp;
-     const char *preferred;
-     virCapsPtr caps = NULL;
-+    bool compareAgainstHost = (def->virtType == VIR_DOMAIN_VIRT_KVM ||
-+        def->cpu->mode != VIR_CPU_MODE_CUSTOM);
- 
-     if (!(caps = virQEMUDriverGetCapabilities(driver, false)))
-         goto cleanup;
-@@ -6182,30 +6184,33 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
-         cpuUpdate(cpu, host) < 0)
-         goto cleanup;
- 
--    cmp = cpuGuestData(host, cpu, &data, &compare_msg);
--    switch (cmp) {
--    case VIR_CPU_COMPARE_INCOMPATIBLE:
--        if (compare_msg) {
--            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--                           _("guest and host CPU are not compatible: %s"),
--                           compare_msg);
--        } else {
--            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
--                           _("guest CPU is not compatible with host CPU"));
--        }
--        /* fall through */
--    case VIR_CPU_COMPARE_ERROR:
--        goto cleanup;
-+    /* For non-KVM, CPU features are emulated, so host compat doesn't matter */
-+    if (compareAgainstHost) {
-+        cmp = cpuGuestData(host, cpu, &data, &compare_msg);
-+        switch (cmp) {
-+        case VIR_CPU_COMPARE_INCOMPATIBLE:
-+            if (compare_msg) {
-+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-+                               _("guest and host CPU are not compatible: %s"),
-+                               compare_msg);
-+            } else {
-+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
-+                               _("guest CPU is not compatible with host CPU"));
-+            }
-+            /* fall through */
-+        case VIR_CPU_COMPARE_ERROR:
-+            goto cleanup;
- 
--    default:
--        break;
-+        default:
-+            break;
-+        }
-     }
- 
-     /* Only 'svm' requires --enable-nesting. The nested
-      * 'vmx' patches now simply hook off the CPU features
-      */
--    if (def->os.arch == VIR_ARCH_X86_64 ||
--        def->os.arch == VIR_ARCH_I686) {
-+    if ((def->os.arch == VIR_ARCH_X86_64 || def->os.arch == VIR_ARCH_I686) &&
-+         compareAgainstHost) {
-         int hasSVM = cpuHasFeature(data, "svm");
-         if (hasSVM < 0)
-             goto cleanup;
-@@ -6233,16 +6238,23 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
-         if (VIR_STRDUP(guest->vendor_id, cpu->vendor_id) < 0)
-             goto cleanup;
- 
--        guest->arch = host->arch;
--        if (cpu->match == VIR_CPU_MATCH_MINIMUM)
--            preferred = host->model;
--        else
--            preferred = cpu->model;
-+        if (compareAgainstHost) {
-+            guest->arch = host->arch;
-+            if (cpu->match == VIR_CPU_MATCH_MINIMUM)
-+                preferred = host->model;
-+            else
-+                preferred = cpu->model;
- 
--        guest->type = VIR_CPU_TYPE_GUEST;
--        guest->fallback = cpu->fallback;
--        if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
--            goto cleanup;
-+            guest->type = VIR_CPU_TYPE_GUEST;
-+            guest->fallback = cpu->fallback;
-+            if (cpuDecode(guest, data,
-+                          (const char **)cpus, ncpus, preferred) < 0)
-+                goto cleanup;
-+        } else {
-+            guest->arch = def->os.arch;
-+            if (VIR_STRDUP(guest->model, cpu->model) < 0)
-+                goto cleanup;
-+        }
- 
-         virBufferAdd(buf, guest->model, -1);
-         if (guest->vendor_id)
-@@ -6259,7 +6271,7 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr driver,
-     }
- 
-     ret = 0;
--cleanup:
-+ cleanup:
-     virObjectUnref(caps);
-     VIR_FREE(compare_msg);
-     cpuDataFree(data);
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
-index d4d403b..8cb57c5 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.args
-@@ -1,5 +1,6 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu-system-aarch64 -S -M virt -m 1024 -smp 1 -nographic \
-+/usr/bin/qemu-system-aarch64 -S -M virt -cpu cortex-a53 \
-+-m 1024 -smp 1 -nographic \
- -nodefconfig -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
- -boot c -kernel /aarch64.kernel -initrd /aarch64.initrd -append console=ttyAMA0 \
- -usb -device virtio-net-device,vlan=0,id=net0,mac=52:54:00:09:a4:37 \
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
-index 868de94..3a6f098 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-default-nic.xml
-@@ -7,6 +7,9 @@
-   <features>
-     <acpi/>
-   </features>
-+  <cpu match='exact'>
-+    <model>cortex-a53</model>
-+  </cpu>
-   <os>
-     <type arch="aarch64" machine="virt">hvm</type>
-     <kernel>/aarch64.kernel</kernel>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
-index afd6e41..05f3629 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.args
-@@ -1,5 +1,6 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu-system-aarch64 -S -M virt -m 1024 -smp 1 -nographic \
-+/usr/bin/qemu-system-aarch64 -S -M virt -cpu cortex-a53 \
-+-m 1024 -smp 1 -nographic \
- -nodefconfig -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
- -boot c -kernel /aarch64.kernel -initrd /aarch64.initrd -append \
- 'earlyprintk console=ttyAMA0,115200n8 rw root=/dev/vda rootwait' \
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
-index 184b62c..ad34615 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-aarch64-virt-virtio.xml
-@@ -16,6 +16,9 @@
-     <apic/>
-     <pae/>
-   </features>
-+  <cpu match='exact'>
-+    <model>cortex-a53</model>
-+  </cpu>
-   <clock offset="utc"/>
-   <on_poweroff>destroy</on_poweroff>
-   <on_reboot>restart</on_reboot>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
-index 76c2c48..0a58616 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu qemu64,-svm,-lm,-nx,-syscall,-clflush,-pse36,-mca -m 214 -smp 6 \
- -nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
- none -serial none -parallel none
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
-index ddd9d5a..1d1e815 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact1.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -23,6 +23,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
-index 0e37379..e46527b 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+ds_cpl,+tm,+ht,+ds,-nx -m 214 -smp 6 \
- -nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
- none -serial none -parallel none
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
-index de4c8d2..6b9b7d4 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2-nofallback.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -30,6 +30,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
-index 0e37379..e46527b 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+ds_cpl,+tm,+ht,+ds,-nx -m 214 -smp 6 \
- -nographic -monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net \
- none -serial none -parallel none
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
-index e027e6f..eaea564 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-exact2.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -30,6 +30,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
-index 4ee8391..ead561f 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.args
-@@ -3,7 +3,7 @@ PATH=/bin \
- HOME=/home/test \
- USER=test \
- LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu \
-+/usr/bin/qemu-kvm \
- -S \
- -M pc \
- -cpu Penryn,-sse4.1 \
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
-index 6125f41..85642e9 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-fallback.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -20,6 +20,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
-index 0630ef4..d8207e7 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,+est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,\
- +acpi,+ds -m 214 -smp 6 -nographic -monitor unix:/tmp/test-monitor,server,\
- nowait -no-acpi -boot n -usb -net none -serial none -parallel none
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
-index 4ba5d0b..5879d35 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum1.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -16,6 +16,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
-index 830994f..17ba256 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,+est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,\
- +acpi,+ds,-lm,-nx,-syscall -m 214 -smp 6 -nographic -monitor \
- unix:/tmp/test-monitor,server,nowait -no-acpi -boot n -usb -net none -serial none \
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
-index c43bf4f..b8bbf25 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-minimum2.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -20,6 +20,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
-index 4ae0be8..abb0e9c 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-nofallback.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
-index 8b545a7..c500ef7 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=none \
--/usr/bin/qemu -S -M pc \
-+/usr/bin/qemu-kvm -S -M pc \
- -cpu core2duo,+lahf_lm,+3dnowext,+xtpr,+est,+vmx,+ds_cpl,+tm,+ht,+acpi,+ds,-nx \
- -m 214 -smp 6 -nographic -monitor unix:/tmp/test-monitor,server,nowait \
- -no-acpi -boot n -usb -net none -serial none -parallel none
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
-index 935f46f..a9fc9c5 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-cpu-strict1.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory unit='KiB'>219100</memory>
-@@ -33,6 +33,6 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>destroy</on_crash>
-   <devices>
--      <emulator>/usr/bin/qemu</emulator>
-+      <emulator>/usr/bin/qemu-kvm</emulator>
-   </devices>
- </domain>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
-index 48744b2..8b5d9ee 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.args
-@@ -1,5 +1,5 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test QEMU_AUDIO_DRV=spice \
--/usr/bin/qemu -S -M pc -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,\
-+/usr/bin/qemu-kvm -S -M pc -cpu core2duo,+lahf_lm,+xtpr,+cx16,+tm2,\
- +est,+vmx,+ds_cpl,+pbe,+tm,+ht,+ss,+acpi,+ds \
- -m 1024 -smp 2 -nodefaults -monitor unix:/tmp/test-monitor,server,nowait \
- -boot dc -device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x6 \
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
-index e6ecbed..3ed864c 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>f14</name>
-   <uuid>553effab-b5e1-2d80-dfe3-da4344826c43</uuid>
-   <memory unit='KiB'>1048576</memory>
-@@ -38,7 +38,7 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>restart</on_crash>
-   <devices>
--    <emulator>/usr/bin/qemu</emulator>
-+    <emulator>/usr/bin/qemu-kvm</emulator>
-     <disk type='file' device='disk'>
-       <driver name='qemu' type='qcow2'/>
-       <source file='/var/lib/libvirt/images/f14.img'/>
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args b/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
-index 1e09680..9927294 100644
---- a/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-pseries-cpu-exact.args
-@@ -1,6 +1,6 @@
- LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
--/usr/bin/qemu-system-ppc64 -S -M pseries -cpu POWER7_v2.3 -m 512 -smp 1 -nographic \
---nodefconfig -nodefaults \
-+QEMU_AUDIO_DRV=none /usr/bin/qemu-system-ppc64 -S -M pseries -cpu POWER7_v2.3 \
-+-m 512 -smp 1 -nographic -nodefconfig -nodefaults \
- -chardev socket,id=charmonitor,path=/tmp/test-monitor,server,nowait \
- -mon chardev=charmonitor,id=monitor,mode=readline -no-acpi -boot c -usb \
- -chardev pty,id=charserial0 \
-diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
-index b380fd8..483ca90 100644
---- a/tests/qemuxml2argvtest.c
-+++ b/tests/qemuxml2argvtest.c
-@@ -933,7 +933,7 @@ mymain(void)
-             QEMU_CAPS_DEVICE, QEMU_CAPS_SPICE,
-             QEMU_CAPS_DEVICE_QXL);
-     DO_TEST("graphics-spice-timeout",
--            QEMU_CAPS_DRIVE,
-+            QEMU_CAPS_KVM, QEMU_CAPS_DRIVE,
-             QEMU_CAPS_VGA, QEMU_CAPS_VGA_QXL,
-             QEMU_CAPS_DEVICE, QEMU_CAPS_SPICE,
-             QEMU_CAPS_DEVICE_QXL_VGA);
-@@ -1208,14 +1208,14 @@ mymain(void)
-     DO_TEST("cpu-topology1", QEMU_CAPS_SMP_TOPOLOGY);
-     DO_TEST("cpu-topology2", QEMU_CAPS_SMP_TOPOLOGY);
-     DO_TEST("cpu-topology3", NONE);
--    DO_TEST("cpu-minimum1", NONE);
--    DO_TEST("cpu-minimum2", NONE);
--    DO_TEST("cpu-exact1", NONE);
--    DO_TEST("cpu-exact2", NONE);
--    DO_TEST("cpu-exact2-nofallback", NONE);
--    DO_TEST("cpu-fallback", NONE);
--    DO_TEST_FAILURE("cpu-nofallback", NONE);
--    DO_TEST("cpu-strict1", NONE);
-+    DO_TEST("cpu-minimum1", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-minimum2", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-exact1", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-exact2", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-exact2-nofallback", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-fallback", QEMU_CAPS_KVM);
-+    DO_TEST_FAILURE("cpu-nofallback", QEMU_CAPS_KVM);
-+    DO_TEST("cpu-strict1", QEMU_CAPS_KVM);
-     DO_TEST("cpu-numa1", NONE);
-     DO_TEST("cpu-numa2", QEMU_CAPS_SMP_TOPOLOGY);
-     DO_TEST_PARSE_ERROR("cpu-numa3", NONE);
-@@ -1303,7 +1303,8 @@ mymain(void)
-     DO_TEST("pseries-usb-kbd", QEMU_CAPS_PCI_OHCI,
-             QEMU_CAPS_DEVICE_USB_KBD, QEMU_CAPS_CHARDEV,
-             QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
--    DO_TEST_FAILURE("pseries-cpu-exact", QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
-+    DO_TEST("pseries-cpu-exact", QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE,
-+            QEMU_CAPS_NODEFCONFIG);
-     DO_TEST("disk-ide-drive-split",
-             QEMU_CAPS_DRIVE, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG,
-             QEMU_CAPS_IDE_CD);
-diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
-index 44c4cf7..73ebcab 100644
---- a/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
-+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-graphics-spice-timeout.xml
-@@ -1,4 +1,4 @@
--<domain type='qemu'>
-+<domain type='kvm'>
-   <name>f14</name>
-   <uuid>553effab-b5e1-2d80-dfe3-da4344826c43</uuid>
-   <memory unit='KiB'>1048576</memory>
-@@ -38,7 +38,7 @@
-   <on_reboot>restart</on_reboot>
-   <on_crash>restart</on_crash>
-   <devices>
--    <emulator>/usr/bin/qemu</emulator>
-+    <emulator>/usr/bin/qemu-kvm</emulator>
-     <disk type='file' device='disk'>
-       <driver name='qemu' type='qcow2'/>
-       <source file='/var/lib/libvirt/images/f14.img'/>

0002-spec-Add-support-for-building-the-zfs-storage-driver.patch

@@ -0,0 +1,90 @@
+From: Neal Gompa <ngompa13@gmail.com>
+Date: Mon, 17 Jul 2017 11:32:46 -0400
+Subject: [PATCH] spec: Add support for building the zfs storage driver
+
+Where it can be supported in Fedora, the driver is built and made
+available as a subpackage.
+
+Signed-off-by: Neal Gompa <ngompa13@gmail.com>
+(cherry picked from commit 9af764e86aef7dfb0191a9561bf1d1abf941da05)
+---
+ libvirt.spec.in | 31 +++++++++++++++++++++++++++++++
+ 1 file changed, 31 insertions(+)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index 8eb67fa2e..f9a705e7c 100644
+--- a/libvirt.spec.in
++++ b/libvirt.spec.in
+@@ -70,6 +70,13 @@
+ %define with_storage_gluster 0%{!?_without_storage_gluster:1}
+ %define with_numactl          0%{!?_without_numactl:1}
+ 
++# F25+ has zfs-fuse
++%if 0%{?fedora} >= 25
++    %define with_storage_zfs      0%{!?_without_storage_zfs:1}
++%else
++    %define with_storage_zfs      0
++%endif
++
+ # A few optional bits off by default, we enable later
+ %define with_fuse          0%{!?_without_fuse:0}
+ %define with_cgconfig      0%{!?_without_cgconfig:0}
+@@ -113,6 +120,12 @@
+     %endif
+ %endif
+ 
++# zfs-fuse is not available on some architectures
++%ifarch s390 s390x aarch64
++    %define with_storage_zfs 0
++%endif
++
++
+ # RHEL doesn't ship OpenVZ, VBox, UML, PowerHypervisor,
+ # VMware, libxenserver (xenapi), libxenlight (Xen 4.1 and newer),
+ # or HyperV.
+@@ -364,6 +377,12 @@ BuildRequires: glusterfs-devel >= 3.4.1
+ %if %{with_storage_sheepdog}
+ BuildRequires: sheepdog
+ %endif
++%if %{with_storage_zfs}
++# Support any conforming implementation of zfs. On stock Fedora
++# this is zfs-fuse, but could be zfsonlinux upstream RPMs
++BuildRequires: /sbin/zfs
++BuildRequires: /sbin/zpool
++%endif
+ %if %{with_numactl}
+ # For QEMU/LXC numa info
+ BuildRequires: numactl-devel
+@@ -597,6 +616,11 @@ Requires: device-mapper
+ # For Sheepdog support
+ Requires: sheepdog
+ %endif
++%if %{with_storage_zfs}
++# Support any conforming implementation of zfs
++Requires: /sbin/zfs
++Requires: /sbin/zpool
++%endif
+ %if %{with_qemu}
+ # From QEMU RPMs
+ Requires: /usr/bin/qemu-img
+@@ -1063,6 +1087,12 @@ rm -rf .git
+     %define arg_storage_gluster --without-storage-gluster
+ %endif
+ 
++%if %{with_storage_zfs}
++    %define arg_storage_zfs --with-storage-zfs
++%else
++    %define arg_storage_zfs --without-storage-zfs
++%endif
++
+ %if %{with_numactl}
+     %define arg_numactl --with-numactl
+ %else
+@@ -1170,6 +1200,7 @@ rm -f po/stamp-po
+            %{?arg_storage_rbd} \
+            %{?arg_storage_sheepdog} \
+            %{?arg_storage_gluster} \
++           %{?arg_storage_zfs} \
+            %{?arg_numactl} \
+            %{?arg_numad} \
+            --with-capng \

0003-Avoid-hidden-cgroup-mount-points.patch

@@ -0,0 +1,150 @@
+From: Juan Hernandez <jhernand@redhat.com>
+Date: Thu, 6 Jul 2017 17:03:31 +0200
+Subject: [PATCH] Avoid hidden cgroup mount points
+
+Currently the scan of the /proc/mounts file used to find cgroup mount
+points doesn't take into account that mount points may hidden by other
+mount points. For, example in certain Kubernetes environments the
+/proc/mounts contains the following lines:
+
+  cgroup /sys/fs/cgroup/net_prio,net_cls cgroup ...
+  tmpfs /sys/fs/cgroup tmpfs ...
+  cgroup /sys/fs/cgroup/net_cls,net_prio cgroup ...
+
+In this particular environment the first mount point is hidden by the
+second one. The correct mount point is the third one, but libvirt will
+never process it because it only checks the first mount point for each
+controller (net_cls in this case). So libvirt will try to use the first
+mount point, which doesn't actually exist, and the complete detection
+process will fail.
+
+To avoid that issue this patch changes the virCgroupDetectMountsFromFile
+function so that when there are duplicates it takes the information from
+the last line in /proc/mounts. This requires removing the previous
+explicit condition to skip duplicates, and adding code to free the
+memory used by the processing of duplicated lines.
+
+Related-To: https://bugzilla.redhat.com/1468214
+Related-To: https://github.com/kubevirt/libvirt/issues/4
+Signed-off-by: Juan Hernandez <jhernand@redhat.com>
+(cherry picked from commit dacd160d7479e0ec2d8a63f102145fd30636a1c8)
+---
+ src/util/vircgroup.c                | 23 ++++++++++++++---------
+ tests/vircgroupdata/kubevirt.mounts | 25 +++++++++++++++++++++++++
+ tests/vircgroupdata/kubevirt.parsed | 10 ++++++++++
+ tests/vircgrouptest.c               |  1 +
+ 4 files changed, 50 insertions(+), 9 deletions(-)
+ create mode 100644 tests/vircgroupdata/kubevirt.mounts
+ create mode 100644 tests/vircgroupdata/kubevirt.parsed
+
+diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
+index f2477d5e9..322f7fb54 100644
+--- a/src/util/vircgroup.c
++++ b/src/util/vircgroup.c
+@@ -396,6 +396,7 @@ virCgroupDetectMountsFromFile(virCgroupPtr group,
+             const char *typestr = virCgroupControllerTypeToString(i);
+             int typelen = strlen(typestr);
+             char *tmp = entry.mnt_opts;
++            struct virCgroupController *controller = &group->controllers[i];
+             while (tmp) {
+                 char *next = strchr(tmp, ',');
+                 int len;
+@@ -405,18 +406,22 @@ virCgroupDetectMountsFromFile(virCgroupPtr group,
+                 } else {
+                     len = strlen(tmp);
+                 }
+-                /* NB, the same controller can appear >1 time in mount list
+-                 * due to bind mounts from one location to another. Pick the
+-                 * first entry only
+-                 */
+-                if (typelen == len && STREQLEN(typestr, tmp, len) &&
+-                    !group->controllers[i].mountPoint) {
++
++                if (typelen == len && STREQLEN(typestr, tmp, len)) {
+                     char *linksrc;
+                     struct stat sb;
+                     char *tmp2;
+ 
+-                    if (VIR_STRDUP(group->controllers[i].mountPoint,
+-                                   entry.mnt_dir) < 0)
++                    /* Note that the lines in /proc/mounts have the same
++                     * order than the mount operations, and that there may
++                     * be duplicates due to bind mounts. This means
++                     * that the same mount point may be processed more than
++                     * once. We need to save the results of the last one,
++                     * and we need to be careful to release the memory used
++                     * by previous processing. */
++                    VIR_FREE(controller->mountPoint);
++                    VIR_FREE(controller->linkPoint);
++                    if (VIR_STRDUP(controller->mountPoint, entry.mnt_dir) < 0)
+                         goto error;
+ 
+                     tmp2 = strrchr(entry.mnt_dir, '/');
+@@ -452,7 +457,7 @@ virCgroupDetectMountsFromFile(virCgroupPtr group,
+                                 VIR_WARN("Expecting a symlink at %s for controller %s",
+                                          linksrc, typestr);
+                             } else {
+-                                group->controllers[i].linkPoint = linksrc;
++                                controller->linkPoint = linksrc;
+                             }
+                         }
+                     }
+diff --git a/tests/vircgroupdata/kubevirt.mounts b/tests/vircgroupdata/kubevirt.mounts
+new file mode 100644
+index 000000000..ca036196b
+--- /dev/null
++++ b/tests/vircgroupdata/kubevirt.mounts
+@@ -0,0 +1,25 @@
++rootfs / rootfs rw 0 0
++proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
++udev /dev devtmpfs rw,nosuid,relatime,size=10240k,nr_inodes=1006404,mode=755 0 0
++devpts /dev/pts devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
++sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
++/dev/sda1 / ext4 rw,noatime,data=ordered 0 0
++tmpfs /run tmpfs rw,nodev,relatime,size=812296k,mode=755 0 0
++mqueue /dev/mqueue mqueue rw,nosuid,nodev,noexec,relatime 0 0
++shm /dev/shm tmpfs rw,nosuid,nodev,noexec,relatime 0 0
++debugfs /sys/kernel/debug debugfs rw,nosuid,nodev,noexec,relatime 0 0
++cgroup_root /sys/fs/cgroup tmpfs rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755 0 0
++openrc /sys/fs/cgroup/openrc cgroup rw,nosuid,nodev,noexec,relatime,release_agent=/lib64/rc/sh/cgroup-release-agent.sh,name=openrc 0 0
++cpuset /some/random/location/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 0
++cpuset /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 0
++cpu /sys/fs/cgroup/cpu cgroup rw,nosuid,nodev,noexec,relatime,cpu 0 0
++cpuacct /some/random/location/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuacct 0 0
++cpuacct /sys/fs/cgroup/cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpuacct 0 0
++memory /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 0 0
++devices /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 0 0
++freezer /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 0 0
++blkio /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 0
++perf_event /sys/fs/cgroup/perf_event cgroup rw,nosuid,nodev,noexec,relatime,perf_event 0 0
++hugetlb /sys/fs/cgroup/hugetlb cgroup rw,nosuid,nodev,noexec,relatime,hugetlb 0 0
++binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,nosuid,nodev,noexec,relatime 0 0
++freezer /some/random/location/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 0 0
+diff --git a/tests/vircgroupdata/kubevirt.parsed b/tests/vircgroupdata/kubevirt.parsed
+new file mode 100644
+index 000000000..694870723
+--- /dev/null
++++ b/tests/vircgroupdata/kubevirt.parsed
+@@ -0,0 +1,10 @@
++cpu          /sys/fs/cgroup/cpu
++cpuacct      /sys/fs/cgroup/cpuacct
++cpuset       /sys/fs/cgroup/cpuset
++memory       /sys/fs/cgroup/memory
++devices      /sys/fs/cgroup/devices
++freezer      /some/random/location/freezer
++blkio        /sys/fs/cgroup/blkio
++net_cls      <null>
++perf_event   /sys/fs/cgroup/perf_event
++name=systemd <null>
+diff --git a/tests/vircgrouptest.c b/tests/vircgrouptest.c
+index f55ef74a1..cf0315f16 100644
+--- a/tests/vircgrouptest.c
++++ b/tests/vircgrouptest.c
+@@ -885,6 +885,7 @@ mymain(void)
+     DETECT_MOUNTS("cgroups3");
+     DETECT_MOUNTS("all-in-one");
+     DETECT_MOUNTS("no-cgroups");
++    DETECT_MOUNTS("kubevirt");
+ 
+     if (virTestRun("New cgroup for self", testCgroupNewForSelf, NULL) < 0)
+         ret = -1;

0003-security_selinux-Don-t-relabel-dev-net-tun.patch

@@ -1,81 +0,0 @@
-From 1c20d4a0a608d65d02953b360c6f10397d3c4069 Mon Sep 17 00:00:00 2001
-From: Michal Privoznik <mprivozn@redhat.com>
-Date: Tue, 7 Oct 2014 16:22:17 +0200
-Subject: [PATCH] security_selinux: Don't relabel /dev/net/tun
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1147057
-
-The code for relabelling the TAP FD is there due to a race. When
-libvirt creates a /dev/tapN device it's labeled as
-'system_u:object_r:device_t:s0' by default. Later, when
-udev/systemd reacts to this device, it's relabelled to the
-expected label 'system_u:object_r:tun_tap_device_t:s0'. Hence, we
-have a code that relabels the device, to cut the race down. For
-more info see ae368ebfcc4.
-
-But the problem is, the relabel function is called on all TUN/TAP
-devices. Yes, on /dev/net/tun too. This is however a special kind
-of device - other processes uses it too. We shouldn't touch it's
-label then.
-
-Ideally, there would an API in SELinux that would label just the
-passed FD and not the underlying path. That way, we wouldn't need
-to care as we would be not labeling /dev/net/tun but the FD
-passed to the domain. Unfortunately, there's no such API so we
-have to workaround until then.
-
-Tested-by: Richard W.M. Jones <rjones@redhat.com>
-Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
-(cherry picked from commit ebc05263960f41065fa7d882959ea754b9281ab1)
----
- src/security/security_selinux.c | 23 +++++++++++++++++++++--
- 1 file changed, 21 insertions(+), 2 deletions(-)
-
-diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
-index b7c1015..352f1ab 100644
---- a/src/security/security_selinux.c
-+++ b/src/security/security_selinux.c
-@@ -2352,7 +2352,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr,
-     struct stat buf;
-     security_context_t fcon = NULL;
-     virSecurityLabelDefPtr secdef;
--    char *str = NULL;
-+    char *str = NULL, *proc = NULL, *fd_path = NULL;
-     int rc = -1;
- 
-     secdef = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
-@@ -2370,7 +2370,24 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr,
-         goto cleanup;
-     }
- 
--    if (getContext(mgr, "/dev/tap.*", buf.st_mode, &fcon) < 0) {
-+    /* Label /dev/tap.* devices only. Leave /dev/net/tun alone! */
-+    if (virAsprintf(&proc, "/proc/self/fd/%d", fd) == -1)
-+        goto cleanup;
-+
-+    if (virFileResolveLink(proc, &fd_path) < 0) {
-+        virReportSystemError(errno,
-+                             _("Unable to resolve link: %s"), proc);
-+        goto cleanup;
-+    }
-+
-+    if (!STRPREFIX(fd_path, "/dev/tap")) {
-+        VIR_DEBUG("fd=%d points to %s not setting SELinux label",
-+                  fd, fd_path);
-+        rc = 0;
-+        goto cleanup;
-+    }
-+
-+    if (getContext(mgr, "/dev/tap*", buf.st_mode, &fcon) < 0) {
-         virReportError(VIR_ERR_INTERNAL_ERROR,
-                        _("cannot lookup default selinux label for tap fd %d"), fd);
-         goto cleanup;
-@@ -2384,6 +2401,8 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManagerPtr mgr,
- 
-  cleanup:
-     freecon(fcon);
-+    VIR_FREE(fd_path);
-+    VIR_FREE(proc);
-     VIR_FREE(str);
-     return rc;
- }

0004-docs-schema-make-disk-driver-name-attribute-optional.patch

@@ -0,0 +1,53 @@
+From: Jim Fehlig <jfehlig@suse.com>
+Date: Tue, 18 Jul 2017 10:20:35 -0600
+Subject: [PATCH] docs: schema: make disk driver name attribute optional
+
+/domain/devices/disk/driver/@name is not a required or mandatory
+attribute according to formatdomain, and indeed it was agreed on
+IRC that the attribute is "optional for input, recommended (but
+not required) for output". Currently the schema requires the
+attribute, causing virt-xml-validate to fail on disk config where
+the driver name is not explicitly specified. E.g.
+
+# cat test.xml | grep -A 5 cdrom
+    <disk type='file' device='cdrom'>
+      <driver type='raw'/>
+      <target dev='hdb' bus='ide'/>
+      <readonly/>
+      <address type='drive' controller='0' bus='0' target='0' unit='1'/>
+    </disk>
+
+# virt-xml-validate test.xml
+Relax-NG validity error : Extra element devices in interleave
+test.xml:21: element devices: Relax-NG validity error : Element domain failed to validate content
+test.xml fails to validate
+
+Relaxing the name attribute to be optional fixes the validation
+
+# virt-xml-validate test.xml
+test.xml validates
+
+(cherry picked from commit b494e09d058f09b48d0fd8855edd557101294671)
+---
+ docs/schemas/domaincommon.rng | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
+index 9a7d03ed9..38dda780e 100644
+--- a/docs/schemas/domaincommon.rng
++++ b/docs/schemas/domaincommon.rng
+@@ -1670,9 +1670,11 @@
+     </element>
+   </define>
+   <define name="driverFormat">
+-    <attribute name="name">
+-      <ref name="genericName"/>
+-    </attribute>
++    <optional>
++      <attribute name="name">
++        <ref name="genericName"/>
++      </attribute>
++    </optional>
+     <optional>
+       <attribute name='type'>
+         <choice>

0004-qemu-x86_64-is-good-enough-for-i686.patch

@@ -1,53 +0,0 @@
-From cd1b72fdd821d1fb4d08198833ea782651760e01 Mon Sep 17 00:00:00 2001
-Message-Id: <cd1b72fdd821d1fb4d08198833ea782651760e01.1414680021.git.crobinso@redhat.com>
-From: Lubomir Rintel <lkundrak@v3.sk>
-Date: Thu, 16 Oct 2014 21:28:00 +0200
-Subject: [PATCH 4/5] qemu: x86_64 is good enough for i686
-
-virt-manager on Fedora sets up i686 hosts with "/usr/bin/qemu-kvm" emulator,
-which in turn unconditionally execs qemu-system-x86_64 querying capabilities
-then fails:
-
-Error launching details: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'
-
-Traceback (most recent call last):
-  File "/usr/share/virt-manager/virtManager/engine.py", line 748, in _show_vm_helper
-    details = self._get_details_dialog(uri, vm.get_connkey())
-  File "/usr/share/virt-manager/virtManager/engine.py", line 726, in _get_details_dialog
-    obj = vmmDetails(conn.get_vm(connkey))
-  File "/usr/share/virt-manager/virtManager/details.py", line 399, in __init__
-    self.init_details()
-  File "/usr/share/virt-manager/virtManager/details.py", line 784, in init_details
-    domcaps = self.vm.get_domain_capabilities()
-  File "/usr/share/virt-manager/virtManager/domain.py", line 518, in get_domain_capabilities
-    self.get_xmlobj().os.machine, self.get_xmlobj().type)
-  File "/usr/lib/python2.7/site-packages/libvirt.py", line 3492, in getDomainCapabilities
-    if ret is None: raise libvirtError ('virConnectGetDomainCapabilities() failed', conn=self)
-libvirtError: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'
-
-Journal:
-
-Oct 16 21:08:26 goatlord.localdomain libvirtd[1530]: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'
-
-(cherry picked from commit afe8f4200f6e80d2510731165dd2cdae741bd9fb)
----
- src/qemu/qemu_driver.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
-index e873d45..d379c1f 100644
---- a/src/qemu/qemu_driver.c
-+++ b/src/qemu/qemu_driver.c
-@@ -17572,7 +17572,8 @@ qemuConnectGetDomainCapabilities(virConnectPtr conn,
- 
-         arch_from_caps = virQEMUCapsGetArch(qemuCaps);
- 
--        if (arch_from_caps != arch) {
-+        if (arch_from_caps != arch &&
-+            (arch_from_caps != VIR_ARCH_X86_64 || arch != VIR_ARCH_I686)) {
-             virReportError(VIR_ERR_INVALID_ARG,
-                            _("architecture from emulator '%s' doesn't "
-                              "match given architecture '%s'"),
--- 
-2.1.0
-

0005-util-Prepare-URI-formatting-for-libxml2-2.9.2.patch

@@ -1,50 +0,0 @@
-From f4d5340ba116befaa965e14537f42c2ead17d486 Mon Sep 17 00:00:00 2001
-Message-Id: <f4d5340ba116befaa965e14537f42c2ead17d486.1414680854.git.crobinso@redhat.com>
-From: Martin Kletzander <mkletzan@redhat.com>
-Date: Fri, 3 Oct 2014 18:27:01 +0200
-Subject: [PATCH] util: Prepare URI formatting for libxml2 >= 2.9.2
-
-Since commit 8eb55d782a2b9afacc7938694891cc6fad7b42a5 libxml2 removes
-two slashes from the URI when there is no server part.  This is fixed
-with beb7281055dbf0ed4d041022a67c6c5cfd126f25, but only if the calling
-application calls xmlSaveUri() on URI that xmlURIParse() parsed.  And
-that is not the case in virURIFormat().  virURIFormat() accepts
-virURIPtr that can be created without parsing it and we do that when we
-format network storage paths for gluster for example.  Even though
-virStorageSourceParseBackingURI() uses virURIParse(), it throws that data
-structure right away.
-
-Since we want to format URIs as URIs and not absolute URIs or opaque
-URIs (see RFC 3986), we can specify that with a special hack thanks to
-commit beb7281055dbf0ed4d041022a67c6c5cfd126f25, by setting port to -1.
-
-This fixes qemuxml2argvtest test where the disk-drive-network-gluster
-case was failing.
-
-Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
-(cherry picked from commit 8f17d0eaae7ee2fa3e214b79b188fc14ed5aa1eb)
----
- src/util/viruri.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/util/viruri.c b/src/util/viruri.c
-index 69e7649..23d86c5 100644
---- a/src/util/viruri.c
-+++ b/src/util/viruri.c
-@@ -254,6 +254,13 @@ virURIFormat(virURIPtr uri)
-         xmluri.server = tmpserver;
-     }
- 
-+    /*
-+     * This helps libxml2 deal with the difference
-+     * between uri:/absolute/path and uri:///absolute/path.
-+     */
-+    if (!xmluri.server && !xmluri.port)
-+        xmluri.port = -1;
-+
-     ret = (char *)xmlSaveUri(&xmluri);
-     if (!ret) {
-         virReportOOMError();
--- 
-2.1.0
-

sources

@@ -1 +1 @@
-f017075995062ff1d15577b0b093d02e  libvirt-1.2.9.tar.gz
+SHA512 (libvirt-2.2.1.tar.xz) = b89a2665bea81c440afc3f9f69c26e314344f1f2fbf53f82b25bdddcc89532ddf3393902e9cf552edb827ce5d8b46b9214b5a25303b19cf0f3f085131d870518