make commandtest more robust to fix broken build

make commandtest more robust
add ARM to NUMA platform exlcludes
2011-07-06 11:10:52 -04:00 · 2011-07-06 11:08:36 -04:00 · 2011-07-06 15:45:06 +01:00 · 2011-07-05 18:36:14 -04:00 · 2011-04-05 15:51:36 -04:00 · 2011-03-15 09:43:40 +08:00
25 changed files with 2233 additions and 2855 deletions
@@ -3,3 +3,6 @@
 i686
 x86_64
 libvirt-*.tar.gz
+/libvirt-0.8.4.tar.gz
+/libvirt-0.8.5.tar.gz
+/libvirt-0.8.7.tar.gz
@@ -1,38 +0,0 @@
-From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Thu, 17 Dec 2015 13:43:58 +0100
-Subject: [PATCH] schema: interleave domain name and uuid with other elements
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Allow <name> and <uuid> anywhere under <domain>, not just at the top:
-
-error:XML document failed to validate against schema: Unable to validate
-doc against /usr/share/libvirt/schemas/domain.rng
-Expecting an element name, got nothing
-Invalid sequence in interleave
-Element domain failed to validate content
-
-Introduced with the first RelaxNG schema in commit c642103.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1292131
-(cherry picked from commit b4e0549febe416ffefc16f389423740d6d65fa74)
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
---
- docs/schemas/domaincommon.rng | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
-index b252a17..48610ce 100644
--- a/docs/schemas/domaincommon.rng
-+++ b/docs/schemas/domaincommon.rng
-@@ -30,8 +30,8 @@
-   <define name="domain">
-     <element name="domain">
-       <ref name="hvs"/>
-      <ref name="ids"/>
-       <interleave>
-+        <ref name="ids"/>
-         <optional>
-           <ref name="title"/>
-         </optional>
@@ -1,32 +0,0 @@
-From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
-Date: Thu, 14 Jan 2016 14:31:17 +0100
-Subject: [PATCH] leaseshelper: fix crash when no mac is specified
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If dnsmasq specified DNSMASQ_IAID (so we're dealing with an IPv6
-lease) but no DNSMASQ_MAC, we skip creation of the new lease object.
-
-Also skip adding it to the leases array.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1202350
-(cherry picked from commit df9fe124d650bc438c531673492569da87523d20)
-Signed-off-by: Ján Tomko <jtomko@redhat.com>
---
- src/network/leaseshelper.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/network/leaseshelper.c b/src/network/leaseshelper.c
-index 2d528f7..6930310 100644
--- a/src/network/leaseshelper.c
-+++ b/src/network/leaseshelper.c
-@@ -439,7 +439,7 @@ main(int argc, char **argv)
- 
-     case VIR_LEASE_ACTION_OLD:
-     case VIR_LEASE_ACTION_ADD:
-        if (virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
-+        if (lease_new && virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
-             virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                            _("failed to create json"));
-             goto cleanup;
@@ -1,63 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 19 Jan 2016 22:19:56 -0500
-Subject: [PATCH] build: predictably generate systemtap tapsets (bz 1173641)
-
-The generated output is dependent on perl hashtable ordering, which
-gives different results for i686 and x86_64. Fix this by sorting
-the hash keys before iterating over them
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1173641
-(cherry picked from commit a1edb05c6028470aa24b74aa0f8d5fb5a181128a)
---
- src/rpc/gensystemtap.pl | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/src/rpc/gensystemtap.pl b/src/rpc/gensystemtap.pl
-index 2467300..7b80fbf 100755
--- a/src/rpc/gensystemtap.pl
-+++ b/src/rpc/gensystemtap.pl
-@@ -72,7 +72,7 @@ function libvirt_rpc_auth_name(type, verbose)
- {
- EOF
- my $first = 1;
-foreach my $type (keys %auth) {
-+foreach my $type (sort(keys %auth)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (type == ", $type, ") {\n";
-@@ -95,7 +95,7 @@ function libvirt_rpc_type_name(type, verbose)
- {
- EOF
- $first = 1;
-foreach my $type (keys %type) {
-+foreach my $type (sort(keys %type)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (type == ", $type, ") {\n";
-@@ -118,7 +118,7 @@ function libvirt_rpc_status_name(status, verbose)
- {
- EOF
- $first = 1;
-foreach my $status (keys %status) {
-+foreach my $status (sort(keys %status)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (status == ", $status, ") {\n";
-@@ -141,7 +141,7 @@ function libvirt_rpc_program_name(program, verbose)
- {
- EOF
- $first = 1;
-foreach my $prog (keys %funcs) {
-+foreach my $prog (sort(keys %funcs)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (program == ", $funcs{$prog}->{id}, ") {\n";
-@@ -165,7 +165,7 @@ function libvirt_rpc_procedure_name(program, version, proc, verbose)
- {
- EOF
- $first = 1;
-foreach my $prog (keys %funcs) {
-+foreach my $prog (sort(keys %funcs)) {
-     my $cond = $first ? "if" : "} else if";
-     $first = 0;
-     print "  $cond (program == ", $funcs{$prog}->{id}, " && version == ", $funcs{$prog}->{version}, ") {\n";
@@ -1,30 +0,0 @@
-From: "Daniel P. Berrange" <berrange@redhat.com>
-Date: Fri, 3 Jul 2015 16:51:56 +0100
-Subject: [PATCH] rpc: ensure daemon is spawn even if dead socket exists
-
-The auto-spawn code would originally attempt to spawn the
-daemon for both ENOENT and ECONNREFUSED errors from connect().
-The various refactorings eventually lost this so we only
-spawn the daemon on ENOENT. The result is if the daemon exits
-uncleanly, so that the socket is left in the filesystem, we
-will never be able to auto-spawn the daemon again.
-
-(cherry picked from commit 406ee8c226d2197ba1aaecb9cf3ad2b6df31ae44)
---
- src/rpc/virnetsocket.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 51f94d4..6153e0e 100644
--- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -610,7 +610,8 @@ int virNetSocketNewConnectUNIX(const char *path,
- 
-     while (retries &&
-            connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
-        if (!(spawnDaemon && errno == ENOENT)) {
-+        if (!(spawnDaemon && (errno == ENOENT ||
-+                              errno == ECONNREFUSED))) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-             goto cleanup;
@@ -1,48 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:01:24 -0500
-Subject: [PATCH] rpc: socket: Minor cleanups
-
- Add some debugging
- Make the loop dependent only on retries
- Make it explicit that connect(2) success exits the loop
- Invert the error checking logic
-
-(cherry picked from commit f102c7146ed7f6e04af0ad3bce302476239f2502)
---
- src/rpc/virnetsocket.c | 16 ++++++++++++----
- 1 file changed, 12 insertions(+), 4 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 6153e0e..dcff69e 100644
--- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -548,6 +548,9 @@ int virNetSocketNewConnectUNIX(const char *path,
-     char *rundir = NULL;
-     int ret = -1;
- 
-+    VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
-+        NULLSTR(binary));
-+
-     memset(&localAddr, 0, sizeof(localAddr));
-     memset(&remoteAddr, 0, sizeof(remoteAddr));
- 
-@@ -608,10 +611,15 @@ int virNetSocketNewConnectUNIX(const char *path,
-     if (remoteAddr.data.un.sun_path[0] == '@')
-         remoteAddr.data.un.sun_path[0] = '\0';
- 
-    while (retries &&
-           connect(fd, &remoteAddr.data.sa, remoteAddr.len) < 0) {
-        if (!(spawnDaemon && (errno == ENOENT ||
-                              errno == ECONNREFUSED))) {
-+    while (retries) {
-+        if (connect(fd, &remoteAddr.data.sa, remoteAddr.len) == 0) {
-+            VIR_DEBUG("connect() succeeded");
-+            break;
-+        }
-+        VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
-+
-+        if (!spawnDaemon ||
-+            (errno != ENOENT && errno != ECONNREFUSED)) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-             goto cleanup;
@@ -1,40 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:08:45 -0500
-Subject: [PATCH] rpc: socket: Explicitly error if we exceed retry count
-
-When we autolaunch libvirtd for session URIs, we spin in a retry
-loop waiting for the daemon to start and the connect(2) to succeed.
-
-However if we exceed the retry count, we don't explicitly raise an
-error, which can yield a slew of different error messages elsewhere
-in the code.
-
-Explicitly raise the last connect(2) failure if we run out of retries.
-
-(cherry picked from commit 8da02d528068942303923fc4f935e77cccac9c7c)
---
- src/rpc/virnetsocket.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index dcff69e..90951be 100644
--- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -618,7 +618,9 @@ int virNetSocketNewConnectUNIX(const char *path,
-         }
-         VIR_DEBUG("connect() failed: retries=%d errno=%d", retries, errno);
- 
-+        retries--;
-         if (!spawnDaemon ||
-+            retries == 0 ||
-             (errno != ENOENT && errno != ECONNREFUSED)) {
-             virReportSystemError(errno, _("Failed to connect socket to '%s'"),
-                                  path);
-@@ -628,7 +630,6 @@ int virNetSocketNewConnectUNIX(const char *path,
-         if (virNetSocketForkDaemon(binary) < 0)
-             goto cleanup;
- 
-        retries--;
-         usleep(5000);
-     }
- 
@@ -1,43 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Mon, 11 Jan 2016 20:13:38 -0500
-Subject: [PATCH] rpc: socket: Don't repeatedly attempt to launch daemon
-
-On every socket connect(2) attempt we were re-launching session
-libvirtd, up to 100 times in 5 seconds.
-
-This understandably caused some weird load races and intermittent
-qemu:///session startup failures
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1271183
-(cherry picked from commit 2eb7a975756d05a5b54ab4acf60083beb6161ac6)
---
- src/rpc/virnetsocket.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 90951be..2ee4b6e 100644
--- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -547,6 +547,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-     virSocketAddr remoteAddr;
-     char *rundir = NULL;
-     int ret = -1;
-+    bool daemonLaunched = false;
- 
-     VIR_DEBUG("path=%s spawnDaemon=%d binary=%s", path, spawnDaemon,
-         NULLSTR(binary));
-@@ -627,8 +628,12 @@ int virNetSocketNewConnectUNIX(const char *path,
-             goto cleanup;
-         }
- 
-        if (virNetSocketForkDaemon(binary) < 0)
-            goto cleanup;
-+        if (!daemonLaunched) {
-+            if (virNetSocketForkDaemon(binary) < 0)
-+                goto cleanup;
-+
-+            daemonLaunched = true;
-+        }
- 
-         usleep(5000);
-     }
@@ -1,57 +0,0 @@
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Fri, 15 Jan 2016 10:55:58 +0100
-Subject: [PATCH] security: Do not restore kernel and initrd labels
-
-Kernel/initrd files are essentially read-only shareable images and thus
-should be handled in the same way. We already use the appropriate label
-for kernel/initrd files when starting a domain, but when a domain gets
-destroyed we would remove the labels which would make other running
-domains using the same files very unhappy.
-
-https://bugzilla.redhat.com/show_bug.cgi?id=921135
-
-Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
-(cherry picked from commit 68acc701bd449481e3206723c25b18fcd3d261b7)
---
- src/security/security_dac.c     | 8 --------
- src/security/security_selinux.c | 8 --------
- 2 files changed, 16 deletions(-)
-
-diff --git a/src/security/security_dac.c b/src/security/security_dac.c
-index deb6980..d01215f 100644
--- a/src/security/security_dac.c
-+++ b/src/security/security_dac.c
-@@ -971,14 +971,6 @@ virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
-         virSecurityDACRestoreSecurityFileLabel(def->os.loader->nvram) < 0)
-         rc = -1;
- 
-    if (def->os.kernel &&
-        virSecurityDACRestoreSecurityFileLabel(def->os.kernel) < 0)
-        rc = -1;
-
-    if (def->os.initrd &&
-        virSecurityDACRestoreSecurityFileLabel(def->os.initrd) < 0)
-        rc = -1;
-
-     if (def->os.dtb &&
-         virSecurityDACRestoreSecurityFileLabel(def->os.dtb) < 0)
-         rc = -1;
-diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
-index 6e67a86..2475a80 100644
--- a/src/security/security_selinux.c
-+++ b/src/security/security_selinux.c
-@@ -1953,14 +1953,6 @@ virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
-         virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.loader->nvram) < 0)
-         rc = -1;
- 
-    if (def->os.kernel &&
-        virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.kernel) < 0)
-        rc = -1;
-
-    if (def->os.initrd &&
-        virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.initrd) < 0)
-        rc = -1;
-
-     if (def->os.dtb &&
-         virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.dtb) < 0)
-         rc = -1;
@@ -1,37 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 15 Mar 2016 17:04:32 -0400
-Subject: [PATCH] rpc: wait longer for session daemon to start up
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1271183
-
-We only wait 0.5 seconds for the session daemon to start up and present
-its socket, which isn't sufficient for many users. Bump up the sleep
-interval and retry amount so we wait for a total of 5.0 seconds.
-
-(cherry picked from commit ca0c06f4008154de55e0b3109885facd0bf02d32)
---
- src/rpc/virnetsocket.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
-index 2ee4b6e..275f1f5 100644
--- a/src/rpc/virnetsocket.c
-+++ b/src/rpc/virnetsocket.c
-@@ -542,7 +542,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-     char *lockpath = NULL;
-     int lockfd = -1;
-     int fd = -1;
-    int retries = 100;
-+    int retries = 500;
-     virSocketAddr localAddr;
-     virSocketAddr remoteAddr;
-     char *rundir = NULL;
-@@ -635,7 +635,7 @@ int virNetSocketNewConnectUNIX(const char *path,
-             daemonLaunched = true;
-         }
- 
-        usleep(5000);
-+        usleep(10000);
-     }
- 
-     localAddr.len = sizeof(localAddr.data);
@@ -1,27 +0,0 @@
-From: Jovanka Gulicoska <jovanka.gulicoska@gmail.com>
-Date: Thu, 17 Mar 2016 20:02:20 +0100
-Subject: [PATCH] driver: log missing modules as INFO, not WARN
-
-Missing modules is a common expected scenario for most libvirt usage on
-RPM distributions like Fedora, so it doesn't really warrant logging at
-WARN level. Use INFO instead
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1274849
-(cherry picked from commit 9a0c7f5f834185db9017c34aabc03ad99cf37bed)
---
- src/driver.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/driver.c b/src/driver.c
-index db03438..f926fe4 100644
--- a/src/driver.c
-+++ b/src/driver.c
-@@ -62,7 +62,7 @@ virDriverLoadModule(const char *name)
-         return NULL;
- 
-     if (access(modfile, R_OK) < 0) {
-        VIR_WARN("Module %s not accessible", modfile);
-+        VIR_INFO("Module %s not accessible", modfile);
-         goto cleanup;
-     }
- 
@@ -1,126 +0,0 @@
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 28 Apr 2015 17:38:00 -0400
-Subject: [PATCH] polkit: Allow password-less access for 'libvirt' group
-
-Many users, who admin their own machines, want to be able to access
-system libvirtd via tools like virt-manager without having to enter
-a root password. Just google 'virt-manager without password' and
-you'll find many hits. I've read at least 5 blog posts over the years
-describing slightly different ways of achieving this goal.
-
-Let's finally add official support for this.
-
-Install a polkit-1 rules file granting password-less auth for any user
-in the new 'libvirt' group. Create the group on RPM install
-
-https://bugzilla.redhat.com/show_bug.cgi?id=957300
-(cherry picked from commit e94979e901517af9fdde358d7b7c92cc055dd50c)
---
- daemon/Makefile.am   | 13 +++++++++++++
- daemon/libvirt.rules |  9 +++++++++
- libvirt.spec.in      | 15 +++++++++++++--
- 3 files changed, 35 insertions(+), 2 deletions(-)
- create mode 100644 daemon/libvirt.rules
-
-diff --git a/daemon/Makefile.am b/daemon/Makefile.am
-index b95a79d..9c5ea37 100644
--- a/daemon/Makefile.am
-+++ b/daemon/Makefile.am
-@@ -53,6 +53,7 @@ EXTRA_DIST =						\
- 	libvirtd.init.in				\
- 	libvirtd.upstart				\
- 	libvirtd.policy.in				\
-+	libvirt.rules					\
- 	libvirtd.sasl					\
- 	libvirtd.service.in				\
- 	libvirtd.socket.in				\
-@@ -233,6 +234,8 @@ policyauth = auth_admin_keep_session
- else ! WITH_POLKIT0
- policydir = $(datadir)/polkit-1/actions
- policyauth = auth_admin_keep
-+rulesdir = $(datadir)/polkit-1/rules.d
-+rulesfile = libvirt.rules
- endif ! WITH_POLKIT0
- endif WITH_POLKIT
- 
-@@ -263,9 +266,19 @@ if WITH_POLKIT
- install-data-polkit::
- 	$(MKDIR_P) $(DESTDIR)$(policydir)
- 	$(INSTALL_DATA) libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
-+if ! WITH_POLKIT0
-+	$(MKDIR_P) $(DESTDIR)$(rulesdir)
-+	$(INSTALL_DATA) $(srcdir)/$(rulesfile) $(DESTDIR)$(rulesdir)/50-libvirt.rules
-+endif ! WITH_POLKIT0
-+
- uninstall-data-polkit::
- 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
- 	rmdir $(DESTDIR)$(policydir) || :
-+if ! WITH_POLKIT0
-+	rm -f $(DESTDIR)$(rulesdir)/50-libvirt.rules
-+	rmdir $(DESTDIR)$(rulesdir) || :
-+endif ! WITH_POLKIT0
-+
- else ! WITH_POLKIT
- install-data-polkit::
- uninstall-data-polkit::
-diff --git a/daemon/libvirt.rules b/daemon/libvirt.rules
-new file mode 100644
-index 0000000..01a15fa
--- /dev/null
-+++ b/daemon/libvirt.rules
-@@ -0,0 +1,9 @@
-+// Allow any user in the 'libvirt' group to connect to system libvirtd
-+// without entering a password.
-+
-+polkit.addRule(function(action, subject) {
-+    if (action.id == "org.libvirt.unix.manage" &&
-+        subject.isInGroup("libvirt")) {
-+        return polkit.Result.YES;
-+    }
-+});
-diff --git a/libvirt.spec.in b/libvirt.spec.in
-index dc327a2..a23629d 100644
--- a/libvirt.spec.in
-+++ b/libvirt.spec.in
-@@ -1631,9 +1631,9 @@ then
- fi
- 
- %if %{with_libvirtd}
-+%pre daemon
-     %if ! %{with_driver_modules}
-         %if %{with_qemu}
-%pre daemon
-             %if 0%{?fedora} || 0%{?rhel} >= 6
- # We want soft static allocation of well-known ids, as disk images
- # are commonly shared across NFS mounts by id rather than name; see
-@@ -1647,11 +1647,21 @@ if ! getent passwd qemu >/dev/null; then
-     useradd -r -g qemu -G kvm -d / -s /sbin/nologin -c "qemu user" qemu
-   fi
- fi
-exit 0
-             %endif
-         %endif
-     %endif
- 
-+    %if %{with_polkit}
-+        %if 0%{?fedora} || 0%{?rhel} >= 6
-+# 'libvirt' group is just to allow password-less polkit access to
-+# libvirtd. The uid number is irrelevant, so we use dynamic allocation
-+# described at the above link.
-+getent group libvirt >/dev/null || groupadd -r libvirt
-+        %endif
-+    %endif
-+
-+exit 0
-+
- %post daemon
- 
-     %if %{with_systemd}
-@@ -1925,6 +1935,7 @@ exit 0
-         %if 0%{?fedora} || 0%{?rhel} >= 6
- %{_datadir}/polkit-1/actions/org.libvirt.unix.policy
- %{_datadir}/polkit-1/actions/org.libvirt.api.policy
-+%{_datadir}/polkit-1/rules.d/50-libvirt.rules
-         %else
- %{_datadir}/PolicyKit/policy/org.libvirt.unix.policy
-         %endif
@@ -0,0 +1,40 @@
+From e03899ff772cb753f02ecc99c81776a95c8e3d59 Mon Sep 17 00:00:00 2001
+From: Osier Yang <jyang@redhat.com>
+Date: Fri, 18 Feb 2011 13:45:13 +0800
+Subject: [PATCH 2/6] Requires gettext for client package
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+libvirt-guests invokes functions in gettext.sh, so we need to
+require gettext package in spec file.
+
+Demo with the fix:
+% rpm -q gettext
+package gettext is not installed
+
+% rpm -ivh libvirt-client-0.8.8-1.fc14.x86_64.rpm
+error: Failed dependencies:
+	gettext is needed by libvirt-client-0.8.8-1.fc14.x86_64
+
+* libvirt.spec.in
+---
+ libvirt.spec.in |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index d4208e8..c08b186 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -415,6 +415,8 @@ Requires: ncurses
+ # So remote clients can access libvirt over SSH tunnel
+ # (client invokes 'nc' against the UNIX socket on the server)
+ Requires: nc
+# Needed by libvirt-guests init script.
+Requires: gettext
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+-- 
+1.7.3.4
+
@@ -0,0 +1,51 @@
+From 2c2ae4c48c7e57fd233f1b9475fb6ecbab04804a Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 25 Mar 2011 16:45:45 +0100
+Subject: [PATCH 2/2] daemon: Avoid resetting errors before they are reported
+
+https://bugzilla.redhat.com/show_bug.cgi?id=690733
+
+Commit f44bfb7 was supposed to make sure no additional libvirt API (esp.
+*Free) is called before remoteDispatchConnError() is called on error.
+However, the patch missed two instances.
+(cherry picked from commit 55cc591fc18e87b29febf78dc5b424b7c12f7349)
+---
+ daemon/remote.c |    6 ++++--
+ 1 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 554e75e..159430e 100644
+--- a/daemon/remote.c
+++ b/daemon/remote.c
+@@ -4868,12 +4868,13 @@ remoteDispatchStoragePoolListVolumes (struct qemud_server *server ATTRIBUTE_UNUS
+     ret->names.names_len =
+         virStoragePoolListVolumes (pool,
+                                    ret->names.names_val, args->maxnames);
+-    virStoragePoolFree(pool);
+     if (ret->names.names_len == -1) {
+         VIR_FREE(ret->names.names_val);
+         remoteDispatchConnError(rerr, conn);
+        virStoragePoolFree(pool);
+         return -1;
+     }
+    virStoragePoolFree(pool);
+ 
+     return 0;
+ }
+@@ -4897,11 +4898,12 @@ remoteDispatchStoragePoolNumOfVolumes (struct qemud_server *server ATTRIBUTE_UNU
+     }
+ 
+     ret->num = virStoragePoolNumOfVolumes (pool);
+-    virStoragePoolFree(pool);
+     if (ret->num == -1) {
+         remoteDispatchConnError(rerr, conn);
+        virStoragePoolFree(pool);
+         return -1;
+     }
+    virStoragePoolFree(pool);
+ 
+     return 0;
+ }
+-- 
+1.7.3.4
+
@@ -0,0 +1,30 @@
+From 29680e00f67bad9145387022ea0d3c307465d3dc Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Mon, 21 Feb 2011 10:43:29 -0700
+Subject: [PATCH 4/6] build: add dependency on gnutls-utils
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+* libvirt.spec.in (Requires): Add gnutls-utils, for virt-pki-validate.
+Suggested by Daniel P. Berrange.
+---
+ libvirt.spec.in |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index c08b186..23f4525 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -417,6 +417,8 @@ Requires: ncurses
+ Requires: nc
+ # Needed by libvirt-guests init script.
+ Requires: gettext
+# Needed by virt-pki-validate script.
+Requires: gnutls-utils
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+-- 
+1.7.3.4
+
@@ -0,0 +1,27 @@
+commit efc2594b4e0cbcdd6947fafeeed41accd5b611e0
+Author: Jim Fehlig <jfehlig@novell.com>
+Date:   Thu Feb 17 14:22:55 2011 -0700
+
+    Do not add drive 'boot=on' param when a kernel is specified
+    
+    libvirt-tck was failing several domain tests [1] with qemu 0.14, which
+    is now less tolerable of specifying 2 bootroms with the same boot index [2].
+    
+    Drop the 'boot=on' param if kernel has been specfied.
+    
+    [1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
+    [2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
+
+diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
+index 371a7ed..0db2843 100644
+--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
+@@ -3173,7 +3173,7 @@ qemuBuildCommandLine(virConnectPtr conn,
+         int bootCD = 0, bootFloppy = 0, bootDisk = 0;
+ 
+         /* If QEMU supports boot=on for -drive param... */
+-        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT) {
+        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT && !def->os.kernel) {
+             for (i = 0 ; i < def->os.nBootDevs ; i++) {
+                 switch (def->os.bootDevs[i]) {
+                 case VIR_DOMAIN_BOOT_CDROM:
@@ -0,0 +1,32 @@
+From 12509c09a55bd2ab171f9fa029fb94f297adc0a0 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Thu, 24 Feb 2011 12:12:27 +0000
+Subject: [PATCH] Make commandtest more robust wrt its execution environment
+
+When executed from cron, commandtest would fail to correctly
+identify daemon processes. Set session ID and process group
+IDs at startup to ensure we have a consistent environment to
+run in.
+
+* tests/commandtest.c: Call setsid() and setpgid()
+---
+ tests/commandtest.c |    3 +++
+ 1 files changed, 3 insertions(+), 0 deletions(-)
+
+diff --git a/tests/commandtest.c b/tests/commandtest.c
+index 7157c51..dc2f8a1 100644
+--- a/tests/commandtest.c
+++ b/tests/commandtest.c
+@@ -730,6 +730,9 @@ mymain(int argc, char **argv)
+     if (chdir("/tmp") < 0)
+         return(EXIT_FAILURE);
+ 
+    setpgid(0, 0);
+    setsid();
+
+     /* Kill off any inherited fds that might interfere with our
+      * testing.  */
+     fd = 3;
+-- 
+1.7.3.4
+
@@ -0,0 +1,95 @@
+From: Guido Günther <agx@sigxcpu.org>
+Date: Mon, 14 Mar 2011 02:56:28 +0000 (+0800)
+Subject: Add missing checks for read only connections
+X-Git-Url: http://libvirt.org/git/?p=libvirt.git;a=commitdiff_plain;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3;hp=13c00dde3171b3a38d23cceb3f9151cb6cac3dad
+
+Add missing checks for read only connections
+
+As pointed on CVE-2011-1146, some API forgot to check the read-only
+status of the connection for entry point which modify the state
+of the system or may lead to a remote execution using user data.
+The entry points concerned are:
+  - virConnectDomainXMLToNative
+  - virNodeDeviceDettach
+  - virNodeDeviceReAttach
+  - virNodeDeviceReset
+  - virDomainRevertToSnapshot
+  - virDomainSnapshotDelete
+
+* src/libvirt.c: fix the above set of entry points to error on read-only
+                 connections
+---
+
+diff --git a/src/libvirt.c b/src/libvirt.c
+index caa109d..713291f 100644
+--- a/src/libvirt.c
+++ b/src/libvirt.c
+@@ -3321,6 +3321,10 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
+         virDispatchError(NULL);
+         return NULL;
+     }
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (nativeFormat == NULL || domainXml == NULL) {
+         virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+@@ -9748,6 +9752,11 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceDettach) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceDettach (dev);
+@@ -9791,6 +9800,11 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceReAttach) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceReAttach (dev);
+@@ -9836,6 +9850,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceReset) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceReset (dev);
+@@ -13131,6 +13150,10 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
+     }
+ 
+     conn = snapshot->domain->conn;
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (conn->driver->domainRevertToSnapshot) {
+         int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
+@@ -13177,6 +13200,10 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
+     }
+ 
+     conn = snapshot->domain->conn;
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (conn->driver->domainSnapshotDelete) {
+         int ret = conn->driver->domainSnapshotDelete(snapshot, flags);
@@ -0,0 +1,115 @@
+From 9388aeabcbb06ec93845b6d066148ad4cfe1dd9e Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Fri, 24 Jun 2011 12:16:05 -0600
+Subject: [PATCH 6/6] remote: protect against integer overflow
+
+https://bugzilla.redhat.com/show_bug.cgi?id=717204
+CVE-2011-2511 - integer overflow in VirDomainGetVcpus
+
+Integer overflow and remote code are never a nice mix.
+
+This has existed since commit 56cd414.
+
+* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
+* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
+  on sending rpc.
+* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
+  receiving rpc.
+
+(cherry picked from commit 774b21c163845170c9ffa873f5720d318812eaf6)
+
+Conflicts:
+
+	daemon/remote.c
+	src/remote/remote_driver.c
+
+Change to internal.h required to avoid backporting 89d994ad.
+---
+ daemon/remote.c            |    3 ++-
+ src/internal.h             |   17 +++++++++++++++++
+ src/libvirt.c              |    5 +++--
+ src/remote/remote_driver.c |    3 ++-
+ 4 files changed, 24 insertions(+), 4 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 159430e..b707326 100644
+--- a/daemon/remote.c
+++ b/daemon/remote.c
+@@ -1722,7 +1722,8 @@ remoteDispatchDomainGetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+         return -1;
+     }
+ 
+-    if (args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+    if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
+        args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+         virDomainFree(dom);
+         remoteDispatchFormatError (rerr, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
+         return -1;
+diff --git a/src/internal.h b/src/internal.h
+index e263684..f47b842 100644
+--- a/src/internal.h
+++ b/src/internal.h
+@@ -232,6 +232,23 @@
+         }                                                               \
+     } while (0)
+ 
+/* branch-specific: we don't want to update gnulib on the branch, so this
+ * backports just one required macro from newer gnulib's intprops.h.
+ * This version requires that both a and b are 'int', rather than
+ * the fully type-generic version from gnulib.  */
+# define INT_MULTIPLY_OVERFLOW(a, b)            \
+    ((b) < 0                                    \
+     ? ((a) < 0                                 \
+        ? (a) < INT_MAX / (b)                   \
+        : (b) == -1                             \
+        ? 0                                     \
+        : INT_MIN / (b) < (a))                  \
+     : (b) == 0                                 \
+     ? 0                                        \
+     : ((a) < 0                                 \
+        ? (a) < INT_MIN / (b)                   \
+        : INT_MAX / (b) < (a)))
+
+ /* divide value by size, rounding up */
+ # define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
+ 
+diff --git a/src/libvirt.c b/src/libvirt.c
+index 8c70a1f..d8ab8f8 100644
+--- a/src/libvirt.c
+++ b/src/libvirt.c
+@@ -40,6 +40,7 @@
+ #include "util.h"
+ #include "memory.h"
+ #include "configmake.h"
+#include "intprops.h"
+ 
+ #ifndef WITH_DRIVER_MODULES
+ # ifdef WITH_TEST
+@@ -5363,8 +5364,8 @@ virDomainGetVcpus(virDomainPtr domain, virVcpuInfoPtr info, int maxinfo,
+ 
+     /* Ensure that domainGetVcpus (aka remoteDomainGetVcpus) does not
+        try to memcpy anything into a NULL pointer.  */
+-    if ((cpumaps == NULL && maplen != 0)
+-        || (cpumaps && maplen <= 0)) {
+    if (!cpumaps ? maplen != 0
+        : (maplen <= 0 || INT_MULTIPLY_OVERFLOW(maxinfo, maplen))) {
+         virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+         goto error;
+     }
+diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
+index 4ca0d3b..c73452e 100644
+--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
+@@ -2850,7 +2850,8 @@ remoteDomainGetVcpus (virDomainPtr domain,
+                     maxinfo, REMOTE_VCPUINFO_MAX);
+         goto done;
+     }
+-    if (maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+    if (INT_MULTIPLY_OVERFLOW(maxinfo, maplen) ||
+        maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+         remoteError(VIR_ERR_RPC,
+                     _("vCPU map buffer length exceeds maximum: %d > %d"),
+                     maxinfo * maplen, REMOTE_CPUMAPS_MAX);
+-- 
+1.7.3.4
+
@@ -0,0 +1,99 @@
+From 775581ead9c0b6435e8a0dad2a6838909638e7b6 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Wed, 23 Mar 2011 10:30:49 -0600
+Subject: [PATCH 5/6] rpm: add missing dependencies
+
+manually adapted from upstream 206fc979b1656722b254e683d89b3e9fc4480c63
+
+Among others, the missing radvd dependency showed up as:
+
+error: Failed to start network ipv6net
+error: Cannot find radvd - Possibly the package isn't installed: No such file
+or directory
+
+even when radvd was installed, because the RADVD preprocessor
+symbol was missing at configure time.
+
+* libvirt.spec.in (with_network): Add Build and BuildRequires for radvd
+    (BuildRequires): Add libxslt and augeas for docs and test.
+    (with_libvirtd): Add module-init-tools for modprobe.
+    (with_nwfilter): Add BuildRequires for ebtables.
+---
+ libvirt.spec.in |   26 ++++++++++++++++++++++++--
+ 1 files changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index 23f4525..8ffb757 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -219,15 +219,21 @@ Requires: %{name}-client = %{version}-%{release}
+ # daemon is present
+ %if %{with_libvirtd}
+ Requires: bridge-utils
+# for modprobe of pci devices
+Requires: module-init-tools
+# for /sbin/ip
+Requires: iproute
+ %endif
+ %if %{with_network}
+ Requires: dnsmasq >= 2.41
+Requires: radvd
+%endif
+%if %{with_network} || %{with_nwfilter}
+ Requires: iptables
+Requires: iptables-ipv6
+ %endif
+ %if %{with_nwfilter}
+ Requires: ebtables
+-Requires: iptables
+-Requires: iptables-ipv6
+ %endif
+ # needed for device enumeration
+ %if %{with_hal}
+@@ -295,10 +301,15 @@ BuildRequires: xmlrpc-c-devel >= 1.14.0
+ %endif
+ BuildRequires: libxml2-devel
+ BuildRequires: xhtml1-dtds
+BuildRequires: libxslt
+ BuildRequires: readline-devel
+ BuildRequires: ncurses-devel
+ BuildRequires: gettext
+ BuildRequires: gnutls-devel
+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
+# for augparse, optionally used in testing
+BuildRequires: augeas
+%endif
+ %if %{with_hal}
+ BuildRequires: hal-devel
+ %endif
+@@ -323,8 +334,15 @@ BuildRequires: libselinux-devel
+ %endif
+ %if %{with_network}
+ BuildRequires: dnsmasq >= 2.41
+BuildRequires: iptables
+BuildRequires: iptables-ipv6
+BuildRequires: radvd
+%endif
+%if %{with_nwfilter}
+BuildRequires: ebtables
+ %endif
+ BuildRequires: bridge-utils
+BuildRequires: module-init-tools
+ %if %{with_sasl}
+ BuildRequires: cyrus-sasl-devel
+ %endif
+@@ -388,7 +406,11 @@ BuildRequires: libssh2-devel
+ BuildRequires: netcf-devel >= 0.1.4
+ %endif
+ %if %{with_esx}
+%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
+ BuildRequires: libcurl-devel
+%else
+BuildRequires: curl-devel
+%endif
+ %endif
+ %if %{with_audit}
+ BuildRequires: audit-libs-devel
+-- 
+1.7.3.4
+
@@ -0,0 +1,40 @@
+From c2d77ade37ee917ca258cb24ffb130fc07bb95b4 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Thu, 26 May 2011 08:18:46 -0600
+Subject: [PATCH 1/6] security: plug regression introduced in disk probe logic
+
+This patch resolves:
+
+  https://bugzilla.redhat.com/show_bug.cgi?id=709775
+  CVE-2011-2178 - regression introduced in disk probe logic
+
+Regression introduced in commit d6623003 (v0.8.8) - using the
+wrong sizeof operand meant that security manager private data
+was overlaying the allowDiskFormatProbing member of struct
+_virSecurityManager.  This reopens disk probing, which was
+supposed to be prevented by the solution to CVE-2010-2238.
+
+* src/security/security_manager.c
+(virSecurityManagerGetPrivateData): Use correct offset.
+---
+ src/security/security_manager.c |    4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/src/security/security_manager.c b/src/security/security_manager.c
+index 0246dd8..6f0becd 100644
+--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
+@@ -107,7 +107,9 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
+ 
+ void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
+ {
+-    return ((char*)mgr) + sizeof(mgr);
+    /* This accesses the memory just beyond mgr, which was allocated
+     * via VIR_ALLOC_VAR earlier.  */
+    return mgr + 1;
+ }
+ 
+ 
+-- 
+1.7.3.4
+
@@ -0,0 +1,27 @@
+From 9679cde15cabf95c7538c3b6929893ec68552d23 Mon Sep 17 00:00:00 2001
+From: Dan Kenigsberg <danken@redhat.com>
+Date: Sun, 20 Feb 2011 22:29:25 +0200
+Subject: [PATCH 3/6] virt-pki-validate: behave when CERTTOOL is missing
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+---
+ tools/virt-pki-validate.in |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
+index 207fa76..96659cf 100755
+--- a/tools/virt-pki-validate.in
+++ b/tools/virt-pki-validate.in
+@@ -14,7 +14,7 @@ PORT=16514
+ # First get certtool
+ #
+ CERTOOL=`which certtool 2>/dev/null`
+-if [ ! -x $CERTOOL ]
+if [ ! -x "$CERTOOL" ]
+ then
+     echo "Could not locate the certtool program"
+     echo "make sure the gnutls-utils (or gnutls-bin) package is installed"
+-- 
+1.7.3.4
+
@@ -1 +1 @@
-05f461cd499c628ef07822dd607c340a  libvirt-1.2.13.2.tar.gz
+ac9235576352b84b8cb17df7456bbdfc  libvirt-0.8.8.tar.gz
Author	SHA1	Message	Date
Laine Stump	40080a09a5	make commandtest more robust to fix broken build	2011-07-06 11:10:52 -04:00
Laine Stump	05aa1933ee	make commandtest more robust	2011-07-06 11:08:36 -04:00
Peter Robinson	6051cec412	add ARM to NUMA platform exlcludes	2011-07-06 15:45:06 +01:00
Laine Stump	84c34151e4	update to libvirt-0.8.8-5 Fix for CVE-2011-2178, regression introduced in disk probe logic, Bug 709775 Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus, Bug 717204 Add several build and runtime dependencies to specfile Bug 680270	2011-07-05 18:36:14 -04:00
Laine Stump	2915aa73af	Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe, bug 693457	2011-04-05 15:51:36 -04:00
Daniel Veillard	dedb223721	Fix for CVE-2011-1146, missing checks on read-only connections	2011-03-15 09:43:40 +08:00
Daniel P. Berrange	2243a44969	Add patch to fix -kernel boot with latest QEMU	2011-02-21 14:35:08 +00:00
Daniel Veillard	95a9c60969	Release of libvirt-0.8.8 upstream - expose new API for sysinfo extraction - cgroup blkio weight support - smartcard device support - qemu: Support per-device boot ordering - Various improvements and bug fixes Daniel	2011-02-17 12:24:52 -05:00