make commandtest more robust to fix broken build

make commandtest more robust
add ARM to NUMA platform exlcludes
2011-07-06 11:10:52 -04:00 · 2011-07-06 11:08:36 -04:00 · 2011-07-06 15:45:06 +01:00 · 2011-07-05 18:36:14 -04:00 · 2011-04-05 15:51:36 -04:00 · 2011-03-15 09:43:40 +08:00
21 changed files with 3060 additions and 2328 deletions
@@ -1,31 +0,0 @@
-[suppress_function]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_function]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*
@@ -2,4 +2,7 @@
 *.rpm
 i686
 x86_64
-libvirt-*.tar.xz
+libvirt-*.tar.gz
+/libvirt-0.8.4.tar.gz
+/libvirt-0.8.5.tar.gz
+/libvirt-0.8.7.tar.gz
@@ -1,36 +0,0 @@
-From: Michal Privoznik <mprivozn@redhat.com>
-Date: Mon, 9 Mar 2020 16:40:57 +0100
-Subject: [PATCH] virDomainDiskTranslateSourcePool: Check for disk type
- correctly
-
-When rewriting the virDomainDiskTranslateSourcePool() function in
-v6.1.0-rc1~184 a typo was introduced. Previously, we allowed
-startup policy only for those volumes which translated to
-VIR_STORAGE_TYPE_FILE. But starting with the referenced commit,
-the value we checked for was changed to VIR_STORAGE_VOL_FILE
-which comes from a different enum and has a different value too.
-This is wrong, because virStorageSourceGetActualType() returns a
-value from the original enum.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1811728
-
-Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
-Reviewed-by: Peter Krempa <pkrempa@redhat.com>
-(cherry picked from commit 3918dbd84e4951b43f93fbf50ef52be00274850c)
---
- src/conf/domain_conf.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
-index 17867eeece..fd2e8f4eb5 100644
--- a/src/conf/domain_conf.c
-+++ b/src/conf/domain_conf.c
-@@ -31746,7 +31746,7 @@ virDomainDiskTranslateSourcePool(virDomainDiskDefPtr def)
-     }
- 
-     if (def->startupPolicy != 0 &&
-        virStorageSourceGetActualType(def->src) != VIR_STORAGE_VOL_FILE) {
-+        virStorageSourceGetActualType(def->src) != VIR_STORAGE_TYPE_FILE) {
-         virReportError(VIR_ERR_XML_ERROR, "%s",
-                        _("'startupPolicy' is only valid for "
-                          "'file' type volume"));
@@ -1,55 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Thu, 7 May 2020 22:32:59 -0400
-Subject: [PATCH] network: make it safe to call networkSetupPrivateChains()
- multiple times
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-networkSetupPrivateChains() is currently called only once per run of
-libvirtd, so it can assume that errInitV4 and errInitV6 are empty/null
-when it is called. In preparation for potentially calling this
-function multiple times during one run, this patch moves the reset of
-errInitV[46] to the top of the function, to assure no memory is
-leaked.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit de110f110fb917a31b9f33ad8e4b3c1d3284766a)
---
- src/network/bridge_driver_linux.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
-index 7bbde5c6a9..80bd2409e1 100644
--- a/src/network/bridge_driver_linux.c
-+++ b/src/network/bridge_driver_linux.c
-@@ -48,6 +48,10 @@ static void networkSetupPrivateChains(void)
-     VIR_DEBUG("Setting up global firewall chains");
- 
-     createdChains = false;
-+    virFreeError(errInitV4);
-+    errInitV4 = NULL;
-+    virFreeError(errInitV6);
-+    errInitV6 = NULL;
- 
-     rc = iptablesSetupPrivateChains(VIR_FIREWALL_LAYER_IPV4);
-     if (rc < 0) {
-@@ -56,8 +60,6 @@ static void networkSetupPrivateChains(void)
-         errInitV4 = virSaveLastError();
-         virResetLastError();
-     } else {
-        virFreeError(errInitV4);
-        errInitV4 = NULL;
-         if (rc) {
-             VIR_DEBUG("Created global IPv4 chains");
-             createdChains = true;
-@@ -73,8 +75,6 @@ static void networkSetupPrivateChains(void)
-         errInitV6 = virSaveLastError();
-         virResetLastError();
-     } else {
-        virFreeError(errInitV6);
-        errInitV6 = NULL;
-         if (rc) {
-             VIR_DEBUG("Created global IPv6 chains");
-             createdChains = true;
@@ -1,265 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Thu, 7 May 2020 21:54:39 -0400
-Subject: [PATCH] network: force re-creation of iptables private chains on
- firewalld restart
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-When firewalld is stopped, it removes *all* iptables rules and chains,
-including those added by libvirt. Since restarting firewalld means
-stopping and then starting it, any time it is restarted, libvirt needs
-to recreate all the private iptables chains it uses, along with all
-the rules it adds.
-
-We already have code in place to call networkReloadFirewallRules() any
-time we're notified of a firewalld start, and
-networkReloadFirewallRules() will call
-networkPreReloadFirewallRules(), which calls
-networkSetupPrivateChains(); unfortunately that last call is called
-using virOnce(), meaning that it will only be called the first time
-through networkPreReloadFirewallRules() after libvirtd starts - so of
-course when firewalld is later restarted, the call to
-networkSetupPrivateChains() is skipped.
-
-The neat and tidy way to fix this would be if there was a standard way
-to reset a pthread_once_t object so that the next time virOnce was
-called, it would think the function hadn't been called, and call it
-again. Unfortunately, there isn't any official way of doing that (we
-*could* just fill it with 0 and hope for the best, but that doesn't
-seem very safe.
-
-So instead, this patch just adds a static variable called
-chainInitDone, which is set to true after networkSetupPrivateChains()
-is called for the first time, and then during calls to
-networkPreReloadFirewallRules(), if chainInitDone is set, we call
-networkSetupPrivateChains() directly instead of via virOnce().
-
-It may seem unsafe to directly call a function that is meant to be
-called only once, but I think in this case we're safe - there's
-nothing in the function that is inherently "once only" - it doesn't
-initialize anything that can't safely be re-initialized (as long as
-two threads don't try to do it at the same time), and it only happens
-when responding to a dbus message that firewalld has been started (and
-I don't think it's possible for us to be processing two of those at
-once), and even then only if the initial call to the function has
-already been completed (so we're safe if we receive a firewalld
-restart call at a time when we haven't yet called it, or even if
-another thread is already in the process of executing it. The only
-problematic bit I can think of is if another thread is in the process
-of adding an iptable rule at the time we're executing this function,
-but 1) none of those threads will be trying to add chains, and 2) if
-there was a concurrency problem with other threads adding iptables
-rules while firewalld was being restarted, it would still be a problem
-even without this change.
-
-This is yet another patch that fixes an occurrence of this error:
-
-COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --insert LIBVIRT_INP --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT' failed: iptables: No chain/target/match by that name.
-
-In particular, this resolves: https://bugzilla.redhat.com/1813830
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit f5418b427e7d2f26803880309478de9103680826)
---
- src/network/bridge_driver.c          | 16 ++++---
- src/network/bridge_driver_linux.c    | 69 ++++++++++++++++++----------
- src/network/bridge_driver_nop.c      |  3 +-
- src/network/bridge_driver_platform.h |  2 +-
- 4 files changed, 58 insertions(+), 32 deletions(-)
-
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index 369e80a889..aaf14defe4 100644
--- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -273,7 +273,9 @@ static int
- networkShutdownNetworkExternal(virNetworkObjPtr obj);
- 
- static void
-networkReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup);
-+networkReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                           bool startup,
-+                           bool force);
- 
- static void
- networkRefreshDaemons(virNetworkDriverStatePtr driver);
-@@ -689,7 +691,7 @@ firewalld_dbus_filter_bridge(DBusConnection *connection G_GNUC_UNUSED,
- 
-     if (reload) {
-         VIR_DEBUG("Reload in bridge_driver because of firewalld.");
-        networkReloadFirewallRules(driver, false);
-+        networkReloadFirewallRules(driver, false, true);
-     }
- 
-     return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
-@@ -798,7 +800,7 @@ networkStateInitialize(bool privileged,
-     virNetworkObjListPrune(network_driver->networks,
-                            VIR_CONNECT_LIST_NETWORKS_INACTIVE |
-                            VIR_CONNECT_LIST_NETWORKS_TRANSIENT);
-    networkReloadFirewallRules(network_driver, true);
-+    networkReloadFirewallRules(network_driver, true, false);
-     networkRefreshDaemons(network_driver);
- 
-     if (virDriverShouldAutostart(network_driver->stateDir, &autostart) < 0)
-@@ -868,7 +870,7 @@ networkStateReload(void)
-                                 network_driver->networkConfigDir,
-                                 network_driver->networkAutostartDir,
-                                 network_driver->xmlopt);
-    networkReloadFirewallRules(network_driver, false);
-+    networkReloadFirewallRules(network_driver, false, false);
-     networkRefreshDaemons(network_driver);
-     virNetworkObjListForEach(network_driver->networks,
-                              networkAutostartConfig,
-@@ -2236,14 +2238,16 @@ networkReloadFirewallRulesHelper(virNetworkObjPtr obj,
- 
- 
- static void
-networkReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup)
-+networkReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                           bool startup,
-+                           bool force)
- {
-     VIR_INFO("Reloading iptables rules");
-     /* Ideally we'd not even register the driver when unprivilegd
-      * but until we untangle the virt driver that's not viable */
-     if (!driver->privileged)
-         return;
-    networkPreReloadFirewallRules(driver, startup);
-+    networkPreReloadFirewallRules(driver, startup, force);
-     virNetworkObjListForEach(driver->networks,
-                              networkReloadFirewallRulesHelper,
-                              NULL);
-diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
-index 80bd2409e1..b0bd207250 100644
--- a/src/network/bridge_driver_linux.c
-+++ b/src/network/bridge_driver_linux.c
-@@ -36,11 +36,14 @@ VIR_LOG_INIT("network.bridge_driver_linux");
- #define PROC_NET_ROUTE "/proc/net/route"
- 
- static virOnceControl createdOnce;
-static bool createdChains;
-+static bool chainInitDone; /* true iff networkSetupPrivateChains was ever called */
-+static bool createdChains; /* true iff networkSetupPrivateChains created chains during most recent call */
- static virErrorPtr errInitV4;
- static virErrorPtr errInitV6;
- 
-/* Only call via virOnce */
-+/* Usually only called via virOnce, but can also be called directly in
-+ * response to firewalld reload (if chainInitDone == true)
-+ */
- static void networkSetupPrivateChains(void)
- {
-     int rc;
-@@ -82,6 +85,8 @@ static void networkSetupPrivateChains(void)
-             VIR_DEBUG("Global IPv6 chains already exist");
-         }
-     }
-+
-+    chainInitDone = true;
- }
- 
- 
-@@ -111,7 +116,10 @@ networkHasRunningNetworks(virNetworkDriverStatePtr driver)
- }
- 
- 
-void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup)
-+void
-+networkPreReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                              bool startup,
-+                              bool force)
- {
-     /*
-      * If there are any running networks, we need to
-@@ -130,29 +138,42 @@ void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup
-      * of starting the network though as that makes them
-      * more likely to be seen by a human
-      */
-    if (!networkHasRunningNetworks(driver)) {
-        VIR_DEBUG("Delayed global rule setup as no networks are running");
-        return;
-    }
-+    if (chainInitDone && force) {
-+        /* The Private chains have already been initialized once
-+         * during this run of libvirtd, so 1) we can't do it again via
-+         * virOnce(), and 2) we need to re-add the private chains even
-+         * if there are currently no running networks, because the
-+         * next time a network is started, libvirt will expect that
-+         * the chains have already been added. So we call directly
-+         * instead of via virOnce().
-+         */
-+        networkSetupPrivateChains();
- 
-    ignore_value(virOnce(&createdOnce, networkSetupPrivateChains));
-+    } else {
-+        if (!networkHasRunningNetworks(driver)) {
-+            VIR_DEBUG("Delayed global rule setup as no networks are running");
-+            return;
-+        }
- 
-    /*
-     * If this is initial startup, and we just created the
-     * top level private chains we either
-     *
-     *   - upgraded from old libvirt
-     *   - freshly booted from clean state
-     *
-     * In the first case we must delete the old rules from
-     * the built-in chains, instead of our new private chains.
-     * In the second case it doesn't matter, since no existing
-     * rules will be present. Thus we can safely just tell it
-     * to always delete from the builin chain
-     */
-    if (startup && createdChains) {
-        VIR_DEBUG("Requesting cleanup of legacy firewall rules");
-        iptablesSetDeletePrivate(false);
-+        ignore_value(virOnce(&createdOnce, networkSetupPrivateChains));
-+
-+        /*
-+         * If this is initial startup, and we just created the
-+         * top level private chains we either
-+         *
-+         *   - upgraded from old libvirt
-+         *   - freshly booted from clean state
-+         *
-+         * In the first case we must delete the old rules from
-+         * the built-in chains, instead of our new private chains.
-+         * In the second case it doesn't matter, since no existing
-+         * rules will be present. Thus we can safely just tell it
-+         * to always delete from the builin chain
-+         */
-+        if (startup && createdChains) {
-+            VIR_DEBUG("Requesting cleanup of legacy firewall rules");
-+            iptablesSetDeletePrivate(false);
-+        }
-     }
- }
- 
-diff --git a/src/network/bridge_driver_nop.c b/src/network/bridge_driver_nop.c
-index 08d737511f..db89c10023 100644
--- a/src/network/bridge_driver_nop.c
-+++ b/src/network/bridge_driver_nop.c
-@@ -20,7 +20,8 @@
- #include <config.h>
- 
- void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver G_GNUC_UNUSED,
-                                   bool startup G_GNUC_UNUSED)
-+                                   bool startup G_GNUC_UNUSED,
-+                                   bool force G_GNUC_UNUSED)
- {
- }
- 
-diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
-index 169417a6c0..48ab52c160 100644
--- a/src/network/bridge_driver_platform.h
-+++ b/src/network/bridge_driver_platform.h
-@@ -62,7 +62,7 @@ struct _virNetworkDriverState {
- typedef struct _virNetworkDriverState virNetworkDriverState;
- typedef virNetworkDriverState *virNetworkDriverStatePtr;
- 
-void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup);
-+void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup, bool force);
- void networkPostReloadFirewallRules(bool startup);
- 
- int networkCheckRouteCollision(virNetworkDefPtr def);
@@ -1,100 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Fri, 1 May 2020 00:05:50 -0400
-Subject: [PATCH] systemd: start libvirtd after firewalld/iptables services
-
-When a system has enabled the iptables/ip6tables services rather than
-firewalld, there is no explicit ordering of the start of those
-services vs. libvirtd. This creates a problem when libvirtd.service is
-started before ip[6]tables, as the latter, when it finally is started,
-will remove all of the iptables rules that had previously been added
-by libvirt, including the custom chains where libvirt's rules are
-kept. This results in an error message similar to the following when a
-user subsequently tries to start a new libvirt network:
-
- "Error while activating network: Call to virNetworkCreate failed:
- internal error: Failed to apply firewall rules
- /usr/sbin/ip6tables -w --table filter --insert LIBVIRT_FWO \
-   --in-interface virbr2 --jump REJECT:
- ip6tables: No chain/target/match by that name."
-
-(Prior to logging this error, it also would have caused failure to
-forward (or block) traffic in some cases, e.g. for guests on a NATed
-network, since libvirt's rules to forward/block had all been deleted
-and libvirt didn't know about it, so it couldn't fix the problem)
-
-When this happens, the problem can be remedied by simply restarting
-libvirtd.service (which has the side-effect of reloading all
-libvirt-generated firewall rules)
-
-Instead, we can just explicitly stating in the libvirtd.service file
-that libvirtd.service should start after ip6tables.service and
-ip6tables.service, eliminating the race condition that leads to the
-error.
-
-There is also nothing (that I can see) in the systemd .service files
-to guarantee that firewalld.service will be started (if enabled) prior
-to libvirtd.service. The same error scenario given above would occur
-if libvirtd.service started before firewalld.service.  Even before
-that, though libvirtd would have detected that firewalld.service was
-disabled, and then turn off all firewalld support. So, for example,
-firewalld's libvirt zone wouldn't be used, and most likely traffic
-from guests would therefore be blocked (all with no external
-indication of the source of the problem other than a debug-level log
-when libvirtd was started saying that firewalld wasn't in use); also
-libvirtd wouldn't notice when firewalld reloaded its rules (which also
-simultaneously deletes all of libvirt's rules).
-
-I'm not aware of any reports that have been traced back to
-libvirtd.service starting before firewalld.service, but have seen that
-error reported multiple times, and also don't see an existing
-dependency that would guarantee firewalld.service starts before
-libvirtd.service, so it's possible it's been happening and we just
-haven't gotten to the bottom of it.
-
-This patch adds an After= line to the libvirtd.service file for each
-of iptables.service, ip6tables.service, and firewalld.servicee, which
-should guarantee that libvirtd.service isn't started until systemd has
-started whichever of the others is enabled.
-
-This race was diagnosed, and patch proposed, by Jason Montleon in
-https://bugzilla.redhat.com/1723698 . At the time (April 2019) danpb
-agreed with him that this change to libvirtd.service was a reasonable
-thing to do, but I guess everyone thought someone else was going to
-post a patch, so in the end nobody did.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
-(cherry picked from commit 0756415f147dda15a417bd79eef9a62027d176e6)
---
- src/network/virtnetworkd.service.in | 3 +++
- src/remote/libvirtd.service.in      | 3 +++
- 2 files changed, 6 insertions(+)
-
-diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in
-index 656e8b4f84..56182e1693 100644
--- a/src/network/virtnetworkd.service.in
-+++ b/src/network/virtnetworkd.service.in
-@@ -5,6 +5,9 @@ Requires=virtnetworkd.socket
- Requires=virtnetworkd-ro.socket
- Requires=virtnetworkd-admin.socket
- After=network.target
-+After=firewalld.service
-+After=iptables.service
-+After=ip6tables.service
- After=dbus.service
- After=apparmor.service
- After=local-fs.target
-diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in
-index 90b2cad5b0..cc0d4e3693 100644
--- a/src/remote/libvirtd.service.in
-+++ b/src/remote/libvirtd.service.in
-@@ -11,6 +11,9 @@ Wants=libvirtd-admin.socket
- Wants=systemd-machined.service
- Before=libvirt-guests.service
- After=network.target
-+After=firewalld.service
-+After=iptables.service
-+After=ip6tables.service
- After=dbus.service
- After=iscsid.service
- After=apparmor.service
@@ -1,43 +0,0 @@
-From: Jim Fehlig <jfehlig@suse.com>
-Date: Fri, 3 Apr 2020 15:51:48 -0600
-Subject: [PATCH] libxl: fix crash when initializing driver
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Commit 54a401af478 split out DriverConfigInit from DriverConfigNew, but
-then called it a bit late from libxlStateInitialize. The cfg is used in
-libxlDriverConfigLoadFile and when uninitialized results in a crash.
-Calling DriverConfigInit immediately after DriverConfigNew fixes the
-crash.
-
-Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-Reviewed-by: Erik Skultety <eskultet@redhat.com>
-Reviewed-by: Ján Tomko <jtomko@redhat.com>
-(cherry picked from commit 88011ed280c4f946a7b8e7ffcea2335eb075de60)
---
- src/libxl/libxl_driver.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
-index f2387e2a20..c4fb791fa0 100644
--- a/src/libxl/libxl_driver.c
-+++ b/src/libxl/libxl_driver.c
-@@ -703,14 +703,14 @@ libxlStateInitialize(bool privileged,
-     if (!(cfg = libxlDriverConfigNew()))
-         goto error;
- 
-+    if (libxlDriverConfigInit(cfg) < 0)
-+        goto error;
-+
-     driverConf = g_strdup_printf("%s/libxl.conf", cfg->configBaseDir);
- 
-     if (libxlDriverConfigLoadFile(cfg, driverConf) < 0)
-         goto error;
- 
-    if (libxlDriverConfigInit(cfg) < 0)
-        goto error;
-
-     /* Register the callbacks providing access to libvirt's event loop */
-     libxl_osevent_register_hooks(cfg->ctx, &libxl_osevent_callbacks, cfg->ctx);
- 
@@ -0,0 +1,21 @@
+# Makefile for source rpm: libvirt
+# $Id$
+NAME := libvirt
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attempt a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)
@@ -0,0 +1,40 @@
+From e03899ff772cb753f02ecc99c81776a95c8e3d59 Mon Sep 17 00:00:00 2001
+From: Osier Yang <jyang@redhat.com>
+Date: Fri, 18 Feb 2011 13:45:13 +0800
+Subject: [PATCH 2/6] Requires gettext for client package
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+libvirt-guests invokes functions in gettext.sh, so we need to
+require gettext package in spec file.
+
+Demo with the fix:
+% rpm -q gettext
+package gettext is not installed
+
+% rpm -ivh libvirt-client-0.8.8-1.fc14.x86_64.rpm
+error: Failed dependencies:
+	gettext is needed by libvirt-client-0.8.8-1.fc14.x86_64
+
+* libvirt.spec.in
+---
+ libvirt.spec.in |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index d4208e8..c08b186 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -415,6 +415,8 @@ Requires: ncurses
+ # So remote clients can access libvirt over SSH tunnel
+ # (client invokes 'nc' against the UNIX socket on the server)
+ Requires: nc
+# Needed by libvirt-guests init script.
+Requires: gettext
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+-- 
+1.7.3.4
+
@@ -0,0 +1,51 @@
+From 2c2ae4c48c7e57fd233f1b9475fb6ecbab04804a Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 25 Mar 2011 16:45:45 +0100
+Subject: [PATCH 2/2] daemon: Avoid resetting errors before they are reported
+
+https://bugzilla.redhat.com/show_bug.cgi?id=690733
+
+Commit f44bfb7 was supposed to make sure no additional libvirt API (esp.
+*Free) is called before remoteDispatchConnError() is called on error.
+However, the patch missed two instances.
+(cherry picked from commit 55cc591fc18e87b29febf78dc5b424b7c12f7349)
+---
+ daemon/remote.c |    6 ++++--
+ 1 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 554e75e..159430e 100644
+--- a/daemon/remote.c
+++ b/daemon/remote.c
+@@ -4868,12 +4868,13 @@ remoteDispatchStoragePoolListVolumes (struct qemud_server *server ATTRIBUTE_UNUS
+     ret->names.names_len =
+         virStoragePoolListVolumes (pool,
+                                    ret->names.names_val, args->maxnames);
+-    virStoragePoolFree(pool);
+     if (ret->names.names_len == -1) {
+         VIR_FREE(ret->names.names_val);
+         remoteDispatchConnError(rerr, conn);
+        virStoragePoolFree(pool);
+         return -1;
+     }
+    virStoragePoolFree(pool);
+ 
+     return 0;
+ }
+@@ -4897,11 +4898,12 @@ remoteDispatchStoragePoolNumOfVolumes (struct qemud_server *server ATTRIBUTE_UNU
+     }
+ 
+     ret->num = virStoragePoolNumOfVolumes (pool);
+-    virStoragePoolFree(pool);
+     if (ret->num == -1) {
+         remoteDispatchConnError(rerr, conn);
+        virStoragePoolFree(pool);
+         return -1;
+     }
+    virStoragePoolFree(pool);
+ 
+     return 0;
+ }
+-- 
+1.7.3.4
+
@@ -0,0 +1,30 @@
+From 29680e00f67bad9145387022ea0d3c307465d3dc Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Mon, 21 Feb 2011 10:43:29 -0700
+Subject: [PATCH 4/6] build: add dependency on gnutls-utils
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+
+* libvirt.spec.in (Requires): Add gnutls-utils, for virt-pki-validate.
+Suggested by Daniel P. Berrange.
+---
+ libvirt.spec.in |    2 ++
+ 1 files changed, 2 insertions(+), 0 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index c08b186..23f4525 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -417,6 +417,8 @@ Requires: ncurses
+ Requires: nc
+ # Needed by libvirt-guests init script.
+ Requires: gettext
+# Needed by virt-pki-validate script.
+Requires: gnutls-utils
+ %if %{with_sasl}
+ Requires: cyrus-sasl
+ # Not technically required, but makes 'out-of-box' config
+-- 
+1.7.3.4
+
@@ -0,0 +1,27 @@
+commit efc2594b4e0cbcdd6947fafeeed41accd5b611e0
+Author: Jim Fehlig <jfehlig@novell.com>
+Date:   Thu Feb 17 14:22:55 2011 -0700
+
+    Do not add drive 'boot=on' param when a kernel is specified
+    
+    libvirt-tck was failing several domain tests [1] with qemu 0.14, which
+    is now less tolerable of specifying 2 bootroms with the same boot index [2].
+    
+    Drop the 'boot=on' param if kernel has been specfied.
+    
+    [1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
+    [2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
+
+diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
+index 371a7ed..0db2843 100644
+--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
+@@ -3173,7 +3173,7 @@ qemuBuildCommandLine(virConnectPtr conn,
+         int bootCD = 0, bootFloppy = 0, bootDisk = 0;
+ 
+         /* If QEMU supports boot=on for -drive param... */
+-        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT) {
+        if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE_BOOT && !def->os.kernel) {
+             for (i = 0 ; i < def->os.nBootDevs ; i++) {
+                 switch (def->os.bootDevs[i]) {
+                 case VIR_DOMAIN_BOOT_CDROM:
@@ -0,0 +1,32 @@
+From 12509c09a55bd2ab171f9fa029fb94f297adc0a0 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Thu, 24 Feb 2011 12:12:27 +0000
+Subject: [PATCH] Make commandtest more robust wrt its execution environment
+
+When executed from cron, commandtest would fail to correctly
+identify daemon processes. Set session ID and process group
+IDs at startup to ensure we have a consistent environment to
+run in.
+
+* tests/commandtest.c: Call setsid() and setpgid()
+---
+ tests/commandtest.c |    3 +++
+ 1 files changed, 3 insertions(+), 0 deletions(-)
+
+diff --git a/tests/commandtest.c b/tests/commandtest.c
+index 7157c51..dc2f8a1 100644
+--- a/tests/commandtest.c
+++ b/tests/commandtest.c
+@@ -730,6 +730,9 @@ mymain(int argc, char **argv)
+     if (chdir("/tmp") < 0)
+         return(EXIT_FAILURE);
+ 
+    setpgid(0, 0);
+    setsid();
+
+     /* Kill off any inherited fds that might interfere with our
+      * testing.  */
+     fd = 3;
+-- 
+1.7.3.4
+
@@ -0,0 +1,95 @@
+From: Guido Günther <agx@sigxcpu.org>
+Date: Mon, 14 Mar 2011 02:56:28 +0000 (+0800)
+Subject: Add missing checks for read only connections
+X-Git-Url: http://libvirt.org/git/?p=libvirt.git;a=commitdiff_plain;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3;hp=13c00dde3171b3a38d23cceb3f9151cb6cac3dad
+
+Add missing checks for read only connections
+
+As pointed on CVE-2011-1146, some API forgot to check the read-only
+status of the connection for entry point which modify the state
+of the system or may lead to a remote execution using user data.
+The entry points concerned are:
+  - virConnectDomainXMLToNative
+  - virNodeDeviceDettach
+  - virNodeDeviceReAttach
+  - virNodeDeviceReset
+  - virDomainRevertToSnapshot
+  - virDomainSnapshotDelete
+
+* src/libvirt.c: fix the above set of entry points to error on read-only
+                 connections
+---
+
+diff --git a/src/libvirt.c b/src/libvirt.c
+index caa109d..713291f 100644
+--- a/src/libvirt.c
+++ b/src/libvirt.c
+@@ -3321,6 +3321,10 @@ char *virConnectDomainXMLToNative(virConnectPtr conn,
+         virDispatchError(NULL);
+         return NULL;
+     }
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (nativeFormat == NULL || domainXml == NULL) {
+         virLibConnError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+@@ -9748,6 +9752,11 @@ virNodeDeviceDettach(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceDettach) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceDettach (dev);
+@@ -9791,6 +9800,11 @@ virNodeDeviceReAttach(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceReAttach) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceReAttach (dev);
+@@ -9836,6 +9850,11 @@ virNodeDeviceReset(virNodeDevicePtr dev)
+         return -1;
+     }
+ 
+    if (dev->conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+
+     if (dev->conn->driver->nodeDeviceReset) {
+         int ret;
+         ret = dev->conn->driver->nodeDeviceReset (dev);
+@@ -13131,6 +13150,10 @@ virDomainRevertToSnapshot(virDomainSnapshotPtr snapshot,
+     }
+ 
+     conn = snapshot->domain->conn;
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (conn->driver->domainRevertToSnapshot) {
+         int ret = conn->driver->domainRevertToSnapshot(snapshot, flags);
+@@ -13177,6 +13200,10 @@ virDomainSnapshotDelete(virDomainSnapshotPtr snapshot,
+     }
+ 
+     conn = snapshot->domain->conn;
+    if (conn->flags & VIR_CONNECT_RO) {
+        virLibConnError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+        goto error;
+    }
+ 
+     if (conn->driver->domainSnapshotDelete) {
+         int ret = conn->driver->domainSnapshotDelete(snapshot, flags);
@@ -0,0 +1,115 @@
+From 9388aeabcbb06ec93845b6d066148ad4cfe1dd9e Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Fri, 24 Jun 2011 12:16:05 -0600
+Subject: [PATCH 6/6] remote: protect against integer overflow
+
+https://bugzilla.redhat.com/show_bug.cgi?id=717204
+CVE-2011-2511 - integer overflow in VirDomainGetVcpus
+
+Integer overflow and remote code are never a nice mix.
+
+This has existed since commit 56cd414.
+
+* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
+* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
+  on sending rpc.
+* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
+  receiving rpc.
+
+(cherry picked from commit 774b21c163845170c9ffa873f5720d318812eaf6)
+
+Conflicts:
+
+	daemon/remote.c
+	src/remote/remote_driver.c
+
+Change to internal.h required to avoid backporting 89d994ad.
+---
+ daemon/remote.c            |    3 ++-
+ src/internal.h             |   17 +++++++++++++++++
+ src/libvirt.c              |    5 +++--
+ src/remote/remote_driver.c |    3 ++-
+ 4 files changed, 24 insertions(+), 4 deletions(-)
+
+diff --git a/daemon/remote.c b/daemon/remote.c
+index 159430e..b707326 100644
+--- a/daemon/remote.c
+++ b/daemon/remote.c
+@@ -1722,7 +1722,8 @@ remoteDispatchDomainGetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+         return -1;
+     }
+ 
+-    if (args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+    if (INT_MULTIPLY_OVERFLOW(args->maxinfo, args->maplen) ||
+        args->maxinfo * args->maplen > REMOTE_CPUMAPS_MAX) {
+         virDomainFree(dom);
+         remoteDispatchFormatError (rerr, "%s", _("maxinfo * maplen > REMOTE_CPUMAPS_MAX"));
+         return -1;
+diff --git a/src/internal.h b/src/internal.h
+index e263684..f47b842 100644
+--- a/src/internal.h
+++ b/src/internal.h
+@@ -232,6 +232,23 @@
+         }                                                               \
+     } while (0)
+ 
+/* branch-specific: we don't want to update gnulib on the branch, so this
+ * backports just one required macro from newer gnulib's intprops.h.
+ * This version requires that both a and b are 'int', rather than
+ * the fully type-generic version from gnulib.  */
+# define INT_MULTIPLY_OVERFLOW(a, b)            \
+    ((b) < 0                                    \
+     ? ((a) < 0                                 \
+        ? (a) < INT_MAX / (b)                   \
+        : (b) == -1                             \
+        ? 0                                     \
+        : INT_MIN / (b) < (a))                  \
+     : (b) == 0                                 \
+     ? 0                                        \
+     : ((a) < 0                                 \
+        ? (a) < INT_MIN / (b)                   \
+        : INT_MAX / (b) < (a)))
+
+ /* divide value by size, rounding up */
+ # define VIR_DIV_UP(value, size) (((value) + (size) - 1) / (size))
+ 
+diff --git a/src/libvirt.c b/src/libvirt.c
+index 8c70a1f..d8ab8f8 100644
+--- a/src/libvirt.c
+++ b/src/libvirt.c
+@@ -40,6 +40,7 @@
+ #include "util.h"
+ #include "memory.h"
+ #include "configmake.h"
+#include "intprops.h"
+ 
+ #ifndef WITH_DRIVER_MODULES
+ # ifdef WITH_TEST
+@@ -5363,8 +5364,8 @@ virDomainGetVcpus(virDomainPtr domain, virVcpuInfoPtr info, int maxinfo,
+ 
+     /* Ensure that domainGetVcpus (aka remoteDomainGetVcpus) does not
+        try to memcpy anything into a NULL pointer.  */
+-    if ((cpumaps == NULL && maplen != 0)
+-        || (cpumaps && maplen <= 0)) {
+    if (!cpumaps ? maplen != 0
+        : (maplen <= 0 || INT_MULTIPLY_OVERFLOW(maxinfo, maplen))) {
+         virLibDomainError(VIR_ERR_INVALID_ARG, __FUNCTION__);
+         goto error;
+     }
+diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
+index 4ca0d3b..c73452e 100644
+--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
+@@ -2850,7 +2850,8 @@ remoteDomainGetVcpus (virDomainPtr domain,
+                     maxinfo, REMOTE_VCPUINFO_MAX);
+         goto done;
+     }
+-    if (maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+    if (INT_MULTIPLY_OVERFLOW(maxinfo, maplen) ||
+        maxinfo * maplen > REMOTE_CPUMAPS_MAX) {
+         remoteError(VIR_ERR_RPC,
+                     _("vCPU map buffer length exceeds maximum: %d > %d"),
+                     maxinfo * maplen, REMOTE_CPUMAPS_MAX);
+-- 
+1.7.3.4
+
@@ -0,0 +1,99 @@
+From 775581ead9c0b6435e8a0dad2a6838909638e7b6 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Wed, 23 Mar 2011 10:30:49 -0600
+Subject: [PATCH 5/6] rpm: add missing dependencies
+
+manually adapted from upstream 206fc979b1656722b254e683d89b3e9fc4480c63
+
+Among others, the missing radvd dependency showed up as:
+
+error: Failed to start network ipv6net
+error: Cannot find radvd - Possibly the package isn't installed: No such file
+or directory
+
+even when radvd was installed, because the RADVD preprocessor
+symbol was missing at configure time.
+
+* libvirt.spec.in (with_network): Add Build and BuildRequires for radvd
+    (BuildRequires): Add libxslt and augeas for docs and test.
+    (with_libvirtd): Add module-init-tools for modprobe.
+    (with_nwfilter): Add BuildRequires for ebtables.
+---
+ libvirt.spec.in |   26 ++++++++++++++++++++++++--
+ 1 files changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/libvirt.spec.in b/libvirt.spec.in
+index 23f4525..8ffb757 100644
+--- a/libvirt.spec.in
+++ b/libvirt.spec.in
+@@ -219,15 +219,21 @@ Requires: %{name}-client = %{version}-%{release}
+ # daemon is present
+ %if %{with_libvirtd}
+ Requires: bridge-utils
+# for modprobe of pci devices
+Requires: module-init-tools
+# for /sbin/ip
+Requires: iproute
+ %endif
+ %if %{with_network}
+ Requires: dnsmasq >= 2.41
+Requires: radvd
+%endif
+%if %{with_network} || %{with_nwfilter}
+ Requires: iptables
+Requires: iptables-ipv6
+ %endif
+ %if %{with_nwfilter}
+ Requires: ebtables
+-Requires: iptables
+-Requires: iptables-ipv6
+ %endif
+ # needed for device enumeration
+ %if %{with_hal}
+@@ -295,10 +301,15 @@ BuildRequires: xmlrpc-c-devel >= 1.14.0
+ %endif
+ BuildRequires: libxml2-devel
+ BuildRequires: xhtml1-dtds
+BuildRequires: libxslt
+ BuildRequires: readline-devel
+ BuildRequires: ncurses-devel
+ BuildRequires: gettext
+ BuildRequires: gnutls-devel
+%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
+# for augparse, optionally used in testing
+BuildRequires: augeas
+%endif
+ %if %{with_hal}
+ BuildRequires: hal-devel
+ %endif
+@@ -323,8 +334,15 @@ BuildRequires: libselinux-devel
+ %endif
+ %if %{with_network}
+ BuildRequires: dnsmasq >= 2.41
+BuildRequires: iptables
+BuildRequires: iptables-ipv6
+BuildRequires: radvd
+%endif
+%if %{with_nwfilter}
+BuildRequires: ebtables
+ %endif
+ BuildRequires: bridge-utils
+BuildRequires: module-init-tools
+ %if %{with_sasl}
+ BuildRequires: cyrus-sasl-devel
+ %endif
+@@ -388,7 +406,11 @@ BuildRequires: libssh2-devel
+ BuildRequires: netcf-devel >= 0.1.4
+ %endif
+ %if %{with_esx}
+%if 0%{?fedora} >= 9 || 0%{?rhel} >= 6
+ BuildRequires: libcurl-devel
+%else
+BuildRequires: curl-devel
+%endif
+ %endif
+ %if %{with_audit}
+ BuildRequires: audit-libs-devel
+-- 
+1.7.3.4
+
@@ -0,0 +1,40 @@
+From c2d77ade37ee917ca258cb24ffb130fc07bb95b4 Mon Sep 17 00:00:00 2001
+From: Eric Blake <eblake@redhat.com>
+Date: Thu, 26 May 2011 08:18:46 -0600
+Subject: [PATCH 1/6] security: plug regression introduced in disk probe logic
+
+This patch resolves:
+
+  https://bugzilla.redhat.com/show_bug.cgi?id=709775
+  CVE-2011-2178 - regression introduced in disk probe logic
+
+Regression introduced in commit d6623003 (v0.8.8) - using the
+wrong sizeof operand meant that security manager private data
+was overlaying the allowDiskFormatProbing member of struct
+_virSecurityManager.  This reopens disk probing, which was
+supposed to be prevented by the solution to CVE-2010-2238.
+
+* src/security/security_manager.c
+(virSecurityManagerGetPrivateData): Use correct offset.
+---
+ src/security/security_manager.c |    4 +++-
+ 1 files changed, 3 insertions(+), 1 deletions(-)
+
+diff --git a/src/security/security_manager.c b/src/security/security_manager.c
+index 0246dd8..6f0becd 100644
+--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
+@@ -107,7 +107,9 @@ virSecurityManagerPtr virSecurityManagerNew(const char *name,
+ 
+ void *virSecurityManagerGetPrivateData(virSecurityManagerPtr mgr)
+ {
+-    return ((char*)mgr) + sizeof(mgr);
+    /* This accesses the memory just beyond mgr, which was allocated
+     * via VIR_ALLOC_VAR earlier.  */
+    return mgr + 1;
+ }
+ 
+ 
+-- 
+1.7.3.4
+
@@ -0,0 +1,27 @@
+From 9679cde15cabf95c7538c3b6929893ec68552d23 Mon Sep 17 00:00:00 2001
+From: Dan Kenigsberg <danken@redhat.com>
+Date: Sun, 20 Feb 2011 22:29:25 +0200
+Subject: [PATCH 3/6] virt-pki-validate: behave when CERTTOOL is missing
+
+https://bugzilla.redhat.com/show_bug.cgi?id=680270
+libvirt-client is missing some dependencies
+---
+ tools/virt-pki-validate.in |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
+index 207fa76..96659cf 100755
+--- a/tools/virt-pki-validate.in
+++ b/tools/virt-pki-validate.in
+@@ -14,7 +14,7 @@ PORT=16514
+ # First get certtool
+ #
+ CERTOOL=`which certtool 2>/dev/null`
+-if [ ! -x $CERTOOL ]
+if [ ! -x "$CERTOOL" ]
+ then
+     echo "Could not locate the certtool program"
+     echo "make sure the gnutls-utils (or gnutls-bin) package is installed"
+-- 
+1.7.3.4
+
@@ -1 +1 @@
-SHA512 (libvirt-6.1.0.tar.xz) = 17a2641f300a4a05149261bae74ac856e9a2511a259146595d2e2412c4a0601d88369b0544ba86edc80e433a47cf828317d8de38c6ec86a1b3efaca75294a606
+ac9235576352b84b8cb17df7456bbdfc  libvirt-0.8.8.tar.gz
Author	SHA1	Message	Date
Laine Stump	40080a09a5	make commandtest more robust to fix broken build	2011-07-06 11:10:52 -04:00
Laine Stump	05aa1933ee	make commandtest more robust	2011-07-06 11:08:36 -04:00
Peter Robinson	6051cec412	add ARM to NUMA platform exlcludes	2011-07-06 15:45:06 +01:00
Laine Stump	84c34151e4	update to libvirt-0.8.8-5 Fix for CVE-2011-2178, regression introduced in disk probe logic, Bug 709775 Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus, Bug 717204 Add several build and runtime dependencies to specfile Bug 680270	2011-07-05 18:36:14 -04:00
Laine Stump	2915aa73af	Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe, bug 693457	2011-04-05 15:51:36 -04:00
Daniel Veillard	dedb223721	Fix for CVE-2011-1146, missing checks on read-only connections	2011-03-15 09:43:40 +08:00
Daniel P. Berrange	2243a44969	Add patch to fix -kernel boot with latest QEMU	2011-02-21 14:35:08 +00:00
Daniel Veillard	95a9c60969	Release of libvirt-0.8.8 upstream - expose new API for sysinfo extraction - cgroup blkio weight support - smartcard device support - qemu: Support per-device boot ordering - Various improvements and bug fixes Daniel	2011-02-17 12:24:52 -05:00