Add qemu.conf options for audio workaround

Fix parsing certain USB sysfs files (bz 598272)
Sanitize pool target paths (bz 494005)
Add qemu.conf for clear emulator capabilities
Prevent libvirtd inside a VM from breaking network access (bz 235961)
Mention --all in 'virsh list' docs (bz 575512)
Initscript fixes (bz 565238)
List wireless interfaces via nodedev-list (bz 596928)

.abignore

@@ -1,31 +0,0 @@
-[suppress_function]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_function]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*

.cvsignore

@@ -0,0 +1,18 @@
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.gz
+libvirt-0.6.0.tar.gz
+libvirt-0.6.1.tar.gz
+libvirt-0.6.2.tar.gz
+libvirt-0.6.3.tar.gz
+libvirt-0.6.4.tar.gz
+libvirt-0.6.5.tar.gz
+libvirt-0.7.0.tar.gz
+libvirt-0.7.1.tar.gz
+libvirt-0.7.2.tar.gz
+libvirt-0.7.3.tar.gz
+libvirt-0.7.4.tar.gz
+libvirt-0.7.5.tar.gz
+libvirt-0.7.6.tar.gz

.gitignore

@@ -1,5 +0,0 @@
-.build*.log
-*.rpm
-i686
-x86_64
-libvirt-*.tar.xz

0001-virDomainDiskTranslateSourcePool-Check-for-disk-type.patch

@@ -1,36 +0,0 @@
-From: Michal Privoznik <mprivozn@redhat.com>
-Date: Mon, 9 Mar 2020 16:40:57 +0100
-Subject: [PATCH] virDomainDiskTranslateSourcePool: Check for disk type
- correctly
-
-When rewriting the virDomainDiskTranslateSourcePool() function in
-v6.1.0-rc1~184 a typo was introduced. Previously, we allowed
-startup policy only for those volumes which translated to
-VIR_STORAGE_TYPE_FILE. But starting with the referenced commit,
-the value we checked for was changed to VIR_STORAGE_VOL_FILE
-which comes from a different enum and has a different value too.
-This is wrong, because virStorageSourceGetActualType() returns a
-value from the original enum.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1811728
-
-Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
-Reviewed-by: Peter Krempa <pkrempa@redhat.com>
-(cherry picked from commit 3918dbd84e4951b43f93fbf50ef52be00274850c)
----
- src/conf/domain_conf.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
-index 17867eeece..fd2e8f4eb5 100644
---- a/src/conf/domain_conf.c
-+++ b/src/conf/domain_conf.c
-@@ -31746,7 +31746,7 @@ virDomainDiskTranslateSourcePool(virDomainDiskDefPtr def)
-     }
- 
-     if (def->startupPolicy != 0 &&
--        virStorageSourceGetActualType(def->src) != VIR_STORAGE_VOL_FILE) {
-+        virStorageSourceGetActualType(def->src) != VIR_STORAGE_TYPE_FILE) {
-         virReportError(VIR_ERR_XML_ERROR, "%s",
-                        _("'startupPolicy' is only valid for "
-                          "'file' type volume"));

0002-network-make-it-safe-to-call-networkSetupPrivateChai.patch

@@ -1,55 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Thu, 7 May 2020 22:32:59 -0400
-Subject: [PATCH] network: make it safe to call networkSetupPrivateChains()
- multiple times
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-networkSetupPrivateChains() is currently called only once per run of
-libvirtd, so it can assume that errInitV4 and errInitV6 are empty/null
-when it is called. In preparation for potentially calling this
-function multiple times during one run, this patch moves the reset of
-errInitV[46] to the top of the function, to assure no memory is
-leaked.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit de110f110fb917a31b9f33ad8e4b3c1d3284766a)
----
- src/network/bridge_driver_linux.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
-index 7bbde5c6a9..80bd2409e1 100644
---- a/src/network/bridge_driver_linux.c
-+++ b/src/network/bridge_driver_linux.c
-@@ -48,6 +48,10 @@ static void networkSetupPrivateChains(void)
-     VIR_DEBUG("Setting up global firewall chains");
- 
-     createdChains = false;
-+    virFreeError(errInitV4);
-+    errInitV4 = NULL;
-+    virFreeError(errInitV6);
-+    errInitV6 = NULL;
- 
-     rc = iptablesSetupPrivateChains(VIR_FIREWALL_LAYER_IPV4);
-     if (rc < 0) {
-@@ -56,8 +60,6 @@ static void networkSetupPrivateChains(void)
-         errInitV4 = virSaveLastError();
-         virResetLastError();
-     } else {
--        virFreeError(errInitV4);
--        errInitV4 = NULL;
-         if (rc) {
-             VIR_DEBUG("Created global IPv4 chains");
-             createdChains = true;
-@@ -73,8 +75,6 @@ static void networkSetupPrivateChains(void)
-         errInitV6 = virSaveLastError();
-         virResetLastError();
-     } else {
--        virFreeError(errInitV6);
--        errInitV6 = NULL;
-         if (rc) {
-             VIR_DEBUG("Created global IPv6 chains");
-             createdChains = true;

0003-network-force-re-creation-of-iptables-private-chains.patch

@@ -1,265 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Thu, 7 May 2020 21:54:39 -0400
-Subject: [PATCH] network: force re-creation of iptables private chains on
- firewalld restart
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-When firewalld is stopped, it removes *all* iptables rules and chains,
-including those added by libvirt. Since restarting firewalld means
-stopping and then starting it, any time it is restarted, libvirt needs
-to recreate all the private iptables chains it uses, along with all
-the rules it adds.
-
-We already have code in place to call networkReloadFirewallRules() any
-time we're notified of a firewalld start, and
-networkReloadFirewallRules() will call
-networkPreReloadFirewallRules(), which calls
-networkSetupPrivateChains(); unfortunately that last call is called
-using virOnce(), meaning that it will only be called the first time
-through networkPreReloadFirewallRules() after libvirtd starts - so of
-course when firewalld is later restarted, the call to
-networkSetupPrivateChains() is skipped.
-
-The neat and tidy way to fix this would be if there was a standard way
-to reset a pthread_once_t object so that the next time virOnce was
-called, it would think the function hadn't been called, and call it
-again. Unfortunately, there isn't any official way of doing that (we
-*could* just fill it with 0 and hope for the best, but that doesn't
-seem very safe.
-
-So instead, this patch just adds a static variable called
-chainInitDone, which is set to true after networkSetupPrivateChains()
-is called for the first time, and then during calls to
-networkPreReloadFirewallRules(), if chainInitDone is set, we call
-networkSetupPrivateChains() directly instead of via virOnce().
-
-It may seem unsafe to directly call a function that is meant to be
-called only once, but I think in this case we're safe - there's
-nothing in the function that is inherently "once only" - it doesn't
-initialize anything that can't safely be re-initialized (as long as
-two threads don't try to do it at the same time), and it only happens
-when responding to a dbus message that firewalld has been started (and
-I don't think it's possible for us to be processing two of those at
-once), and even then only if the initial call to the function has
-already been completed (so we're safe if we receive a firewalld
-restart call at a time when we haven't yet called it, or even if
-another thread is already in the process of executing it. The only
-problematic bit I can think of is if another thread is in the process
-of adding an iptable rule at the time we're executing this function,
-but 1) none of those threads will be trying to add chains, and 2) if
-there was a concurrency problem with other threads adding iptables
-rules while firewalld was being restarted, it would still be a problem
-even without this change.
-
-This is yet another patch that fixes an occurrence of this error:
-
-COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --insert LIBVIRT_INP --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT' failed: iptables: No chain/target/match by that name.
-
-In particular, this resolves: https://bugzilla.redhat.com/1813830
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
-(cherry picked from commit f5418b427e7d2f26803880309478de9103680826)
----
- src/network/bridge_driver.c          | 16 ++++---
- src/network/bridge_driver_linux.c    | 69 ++++++++++++++++++----------
- src/network/bridge_driver_nop.c      |  3 +-
- src/network/bridge_driver_platform.h |  2 +-
- 4 files changed, 58 insertions(+), 32 deletions(-)
-
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index 369e80a889..aaf14defe4 100644
---- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -273,7 +273,9 @@ static int
- networkShutdownNetworkExternal(virNetworkObjPtr obj);
- 
- static void
--networkReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup);
-+networkReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                           bool startup,
-+                           bool force);
- 
- static void
- networkRefreshDaemons(virNetworkDriverStatePtr driver);
-@@ -689,7 +691,7 @@ firewalld_dbus_filter_bridge(DBusConnection *connection G_GNUC_UNUSED,
- 
-     if (reload) {
-         VIR_DEBUG("Reload in bridge_driver because of firewalld.");
--        networkReloadFirewallRules(driver, false);
-+        networkReloadFirewallRules(driver, false, true);
-     }
- 
-     return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
-@@ -798,7 +800,7 @@ networkStateInitialize(bool privileged,
-     virNetworkObjListPrune(network_driver->networks,
-                            VIR_CONNECT_LIST_NETWORKS_INACTIVE |
-                            VIR_CONNECT_LIST_NETWORKS_TRANSIENT);
--    networkReloadFirewallRules(network_driver, true);
-+    networkReloadFirewallRules(network_driver, true, false);
-     networkRefreshDaemons(network_driver);
- 
-     if (virDriverShouldAutostart(network_driver->stateDir, &autostart) < 0)
-@@ -868,7 +870,7 @@ networkStateReload(void)
-                                 network_driver->networkConfigDir,
-                                 network_driver->networkAutostartDir,
-                                 network_driver->xmlopt);
--    networkReloadFirewallRules(network_driver, false);
-+    networkReloadFirewallRules(network_driver, false, false);
-     networkRefreshDaemons(network_driver);
-     virNetworkObjListForEach(network_driver->networks,
-                              networkAutostartConfig,
-@@ -2236,14 +2238,16 @@ networkReloadFirewallRulesHelper(virNetworkObjPtr obj,
- 
- 
- static void
--networkReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup)
-+networkReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                           bool startup,
-+                           bool force)
- {
-     VIR_INFO("Reloading iptables rules");
-     /* Ideally we'd not even register the driver when unprivilegd
-      * but until we untangle the virt driver that's not viable */
-     if (!driver->privileged)
-         return;
--    networkPreReloadFirewallRules(driver, startup);
-+    networkPreReloadFirewallRules(driver, startup, force);
-     virNetworkObjListForEach(driver->networks,
-                              networkReloadFirewallRulesHelper,
-                              NULL);
-diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
-index 80bd2409e1..b0bd207250 100644
---- a/src/network/bridge_driver_linux.c
-+++ b/src/network/bridge_driver_linux.c
-@@ -36,11 +36,14 @@ VIR_LOG_INIT("network.bridge_driver_linux");
- #define PROC_NET_ROUTE "/proc/net/route"
- 
- static virOnceControl createdOnce;
--static bool createdChains;
-+static bool chainInitDone; /* true iff networkSetupPrivateChains was ever called */
-+static bool createdChains; /* true iff networkSetupPrivateChains created chains during most recent call */
- static virErrorPtr errInitV4;
- static virErrorPtr errInitV6;
- 
--/* Only call via virOnce */
-+/* Usually only called via virOnce, but can also be called directly in
-+ * response to firewalld reload (if chainInitDone == true)
-+ */
- static void networkSetupPrivateChains(void)
- {
-     int rc;
-@@ -82,6 +85,8 @@ static void networkSetupPrivateChains(void)
-             VIR_DEBUG("Global IPv6 chains already exist");
-         }
-     }
-+
-+    chainInitDone = true;
- }
- 
- 
-@@ -111,7 +116,10 @@ networkHasRunningNetworks(virNetworkDriverStatePtr driver)
- }
- 
- 
--void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup)
-+void
-+networkPreReloadFirewallRules(virNetworkDriverStatePtr driver,
-+                              bool startup,
-+                              bool force)
- {
-     /*
-      * If there are any running networks, we need to
-@@ -130,29 +138,42 @@ void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup
-      * of starting the network though as that makes them
-      * more likely to be seen by a human
-      */
--    if (!networkHasRunningNetworks(driver)) {
--        VIR_DEBUG("Delayed global rule setup as no networks are running");
--        return;
--    }
-+    if (chainInitDone && force) {
-+        /* The Private chains have already been initialized once
-+         * during this run of libvirtd, so 1) we can't do it again via
-+         * virOnce(), and 2) we need to re-add the private chains even
-+         * if there are currently no running networks, because the
-+         * next time a network is started, libvirt will expect that
-+         * the chains have already been added. So we call directly
-+         * instead of via virOnce().
-+         */
-+        networkSetupPrivateChains();
- 
--    ignore_value(virOnce(&createdOnce, networkSetupPrivateChains));
-+    } else {
-+        if (!networkHasRunningNetworks(driver)) {
-+            VIR_DEBUG("Delayed global rule setup as no networks are running");
-+            return;
-+        }
- 
--    /*
--     * If this is initial startup, and we just created the
--     * top level private chains we either
--     *
--     *   - upgraded from old libvirt
--     *   - freshly booted from clean state
--     *
--     * In the first case we must delete the old rules from
--     * the built-in chains, instead of our new private chains.
--     * In the second case it doesn't matter, since no existing
--     * rules will be present. Thus we can safely just tell it
--     * to always delete from the builin chain
--     */
--    if (startup && createdChains) {
--        VIR_DEBUG("Requesting cleanup of legacy firewall rules");
--        iptablesSetDeletePrivate(false);
-+        ignore_value(virOnce(&createdOnce, networkSetupPrivateChains));
-+
-+        /*
-+         * If this is initial startup, and we just created the
-+         * top level private chains we either
-+         *
-+         *   - upgraded from old libvirt
-+         *   - freshly booted from clean state
-+         *
-+         * In the first case we must delete the old rules from
-+         * the built-in chains, instead of our new private chains.
-+         * In the second case it doesn't matter, since no existing
-+         * rules will be present. Thus we can safely just tell it
-+         * to always delete from the builin chain
-+         */
-+        if (startup && createdChains) {
-+            VIR_DEBUG("Requesting cleanup of legacy firewall rules");
-+            iptablesSetDeletePrivate(false);
-+        }
-     }
- }
- 
-diff --git a/src/network/bridge_driver_nop.c b/src/network/bridge_driver_nop.c
-index 08d737511f..db89c10023 100644
---- a/src/network/bridge_driver_nop.c
-+++ b/src/network/bridge_driver_nop.c
-@@ -20,7 +20,8 @@
- #include <config.h>
- 
- void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver G_GNUC_UNUSED,
--                                   bool startup G_GNUC_UNUSED)
-+                                   bool startup G_GNUC_UNUSED,
-+                                   bool force G_GNUC_UNUSED)
- {
- }
- 
-diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
-index 169417a6c0..48ab52c160 100644
---- a/src/network/bridge_driver_platform.h
-+++ b/src/network/bridge_driver_platform.h
-@@ -62,7 +62,7 @@ struct _virNetworkDriverState {
- typedef struct _virNetworkDriverState virNetworkDriverState;
- typedef virNetworkDriverState *virNetworkDriverStatePtr;
- 
--void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup);
-+void networkPreReloadFirewallRules(virNetworkDriverStatePtr driver, bool startup, bool force);
- void networkPostReloadFirewallRules(bool startup);
- 
- int networkCheckRouteCollision(virNetworkDefPtr def);

0004-systemd-start-libvirtd-after-firewalld-iptables-serv.patch

@@ -1,100 +0,0 @@
-From: Laine Stump <laine@redhat.com>
-Date: Fri, 1 May 2020 00:05:50 -0400
-Subject: [PATCH] systemd: start libvirtd after firewalld/iptables services
-
-When a system has enabled the iptables/ip6tables services rather than
-firewalld, there is no explicit ordering of the start of those
-services vs. libvirtd. This creates a problem when libvirtd.service is
-started before ip[6]tables, as the latter, when it finally is started,
-will remove all of the iptables rules that had previously been added
-by libvirt, including the custom chains where libvirt's rules are
-kept. This results in an error message similar to the following when a
-user subsequently tries to start a new libvirt network:
-
- "Error while activating network: Call to virNetworkCreate failed:
- internal error: Failed to apply firewall rules
- /usr/sbin/ip6tables -w --table filter --insert LIBVIRT_FWO \
-   --in-interface virbr2 --jump REJECT:
- ip6tables: No chain/target/match by that name."
-
-(Prior to logging this error, it also would have caused failure to
-forward (or block) traffic in some cases, e.g. for guests on a NATed
-network, since libvirt's rules to forward/block had all been deleted
-and libvirt didn't know about it, so it couldn't fix the problem)
-
-When this happens, the problem can be remedied by simply restarting
-libvirtd.service (which has the side-effect of reloading all
-libvirt-generated firewall rules)
-
-Instead, we can just explicitly stating in the libvirtd.service file
-that libvirtd.service should start after ip6tables.service and
-ip6tables.service, eliminating the race condition that leads to the
-error.
-
-There is also nothing (that I can see) in the systemd .service files
-to guarantee that firewalld.service will be started (if enabled) prior
-to libvirtd.service. The same error scenario given above would occur
-if libvirtd.service started before firewalld.service.  Even before
-that, though libvirtd would have detected that firewalld.service was
-disabled, and then turn off all firewalld support. So, for example,
-firewalld's libvirt zone wouldn't be used, and most likely traffic
-from guests would therefore be blocked (all with no external
-indication of the source of the problem other than a debug-level log
-when libvirtd was started saying that firewalld wasn't in use); also
-libvirtd wouldn't notice when firewalld reloaded its rules (which also
-simultaneously deletes all of libvirt's rules).
-
-I'm not aware of any reports that have been traced back to
-libvirtd.service starting before firewalld.service, but have seen that
-error reported multiple times, and also don't see an existing
-dependency that would guarantee firewalld.service starts before
-libvirtd.service, so it's possible it's been happening and we just
-haven't gotten to the bottom of it.
-
-This patch adds an After= line to the libvirtd.service file for each
-of iptables.service, ip6tables.service, and firewalld.servicee, which
-should guarantee that libvirtd.service isn't started until systemd has
-started whichever of the others is enabled.
-
-This race was diagnosed, and patch proposed, by Jason Montleon in
-https://bugzilla.redhat.com/1723698 . At the time (April 2019) danpb
-agreed with him that this change to libvirtd.service was a reasonable
-thing to do, but I guess everyone thought someone else was going to
-post a patch, so in the end nobody did.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
-(cherry picked from commit 0756415f147dda15a417bd79eef9a62027d176e6)
----
- src/network/virtnetworkd.service.in | 3 +++
- src/remote/libvirtd.service.in      | 3 +++
- 2 files changed, 6 insertions(+)
-
-diff --git a/src/network/virtnetworkd.service.in b/src/network/virtnetworkd.service.in
-index 656e8b4f84..56182e1693 100644
---- a/src/network/virtnetworkd.service.in
-+++ b/src/network/virtnetworkd.service.in
-@@ -5,6 +5,9 @@ Requires=virtnetworkd.socket
- Requires=virtnetworkd-ro.socket
- Requires=virtnetworkd-admin.socket
- After=network.target
-+After=firewalld.service
-+After=iptables.service
-+After=ip6tables.service
- After=dbus.service
- After=apparmor.service
- After=local-fs.target
-diff --git a/src/remote/libvirtd.service.in b/src/remote/libvirtd.service.in
-index 90b2cad5b0..cc0d4e3693 100644
---- a/src/remote/libvirtd.service.in
-+++ b/src/remote/libvirtd.service.in
-@@ -11,6 +11,9 @@ Wants=libvirtd-admin.socket
- Wants=systemd-machined.service
- Before=libvirt-guests.service
- After=network.target
-+After=firewalld.service
-+After=iptables.service
-+After=ip6tables.service
- After=dbus.service
- After=iscsid.service
- After=apparmor.service

0005-libxl-fix-crash-when-initializing-driver.patch

@@ -1,43 +0,0 @@
-From: Jim Fehlig <jfehlig@suse.com>
-Date: Fri, 3 Apr 2020 15:51:48 -0600
-Subject: [PATCH] libxl: fix crash when initializing driver
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Commit 54a401af478 split out DriverConfigInit from DriverConfigNew, but
-then called it a bit late from libxlStateInitialize. The cfg is used in
-libxlDriverConfigLoadFile and when uninitialized results in a crash.
-Calling DriverConfigInit immediately after DriverConfigNew fixes the
-crash.
-
-Signed-off-by: Jim Fehlig <jfehlig@suse.com>
-Reviewed-by: Erik Skultety <eskultet@redhat.com>
-Reviewed-by: Ján Tomko <jtomko@redhat.com>
-(cherry picked from commit 88011ed280c4f946a7b8e7ffcea2335eb075de60)
----
- src/libxl/libxl_driver.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
-index f2387e2a20..c4fb791fa0 100644
---- a/src/libxl/libxl_driver.c
-+++ b/src/libxl/libxl_driver.c
-@@ -703,14 +703,14 @@ libxlStateInitialize(bool privileged,
-     if (!(cfg = libxlDriverConfigNew()))
-         goto error;
- 
-+    if (libxlDriverConfigInit(cfg) < 0)
-+        goto error;
-+
-     driverConf = g_strdup_printf("%s/libxl.conf", cfg->configBaseDir);
- 
-     if (libxlDriverConfigLoadFile(cfg, driverConf) < 0)
-         goto error;
- 
--    if (libxlDriverConfigInit(cfg) < 0)
--        goto error;
--
-     /* Register the callbacks providing access to libvirt's event loop */
-     libxl_osevent_register_hooks(cfg->ctx, &libxl_osevent_callbacks, cfg->ctx);
- 

Makefile

@@ -0,0 +1,21 @@
+# Makefile for source rpm: libvirt
+# $Id$
+NAME := libvirt
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attempt a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)

branch

@@ -0,0 +1 @@
+F-13

libvirt-0.7.7-audio-config.patch

@@ -0,0 +1,163 @@
+commit 377bc412ce10845930346744e30fe9c4790e5e63
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Wed May 19 16:03:52 2010 -0400
+
+    daemon: Export SDL audio environment variables
+    
+    /etc/sysconfig/libvirtd has a few environment variables for configuring
+    libvirt SDL audio. The libvirtd process doesn't see these, however, because
+    they are never exported. Let's export the variables after sourcing the
+    sysconfig script.
+    
+    There is another problem here that the commented out values in the
+    sysconfig script are not neccessarily the actual defaults, we are qemus
+    mercy here. Not sure how to solve that.
+
+diff --git a/daemon/libvirtd.init.in b/daemon/libvirtd.init.in
+index 809433e..aa7870c 100644
+--- a/daemon/libvirtd.init.in
++++ b/daemon/libvirtd.init.in
+@@ -45,6 +45,9 @@ KRB5_KTNAME=/etc/libvirt/krb5.tab
+ 
+ test -f @sysconfdir@/sysconfig/libvirtd && . @sysconfdir@/sysconfig/libvirtd
+ 
++export QEMU_AUDIO_DRV
++export SDL_AUDIODRIVER
++
+ LIBVIRTD_CONFIG_ARGS=
+ if [ -n "$LIBVIRTD_CONFIG" ]
+ then
+commit 7f44743c524faa493d05eaf026f1e90a807e502b
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Wed May 26 10:51:36 2010 -0400
+
+    daemon: sysconf: Update comment about VNC audio
+
+diff --git a/daemon/libvirtd.sysconf b/daemon/libvirtd.sysconf
+index 28080a0..b730c5e 100644
+--- a/daemon/libvirtd.sysconf
++++ b/daemon/libvirtd.sysconf
+@@ -11,7 +11,8 @@
+ # Override the QEMU/SDL default audio driver probing when
+ # starting virtual machines using SDL graphics
+ #
+-# NB these have no effect for VMs using VNC
++# NB these have no effect for VMs using VNC, unless vnc_allow_host_audio
++# is enabled in /etc/libvirt/qemu.conf
+ #QEMU_AUDIO_DRV=sdl
+ #
+ #SDL_AUDIODRIVER=pulse
+commit fb3ebd0397980ae035e66f0008b09e13377ef80f
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Wed May 19 16:41:01 2010 -0400
+
+    qemu: Allow using regular audio backends with VNC
+    
+    Currently all host audio backends are disabled if a VM is using VNC, in
+    favor of the QEMU VNC audio extension. Unfortunately no released VNC
+    client supports this extension, so users have no way of getting audio
+    to work if using VNC.
+    
+    Add a new config option in qemu.conf which allows changing libvirt's
+    behavior, but keep the default intact.
+    
+    v2: Fix doc typos, change name to vnc_allow_host_audio
+
+diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
+index 5bd60b3..551cc20 100644
+--- a/src/qemu/libvirtd_qemu.aug
++++ b/src/qemu/libvirtd_qemu.aug
+@@ -38,6 +38,7 @@ module Libvirtd_qemu =
+                  | str_entry "save_image_format"
+                  | str_entry "hugetlbfs_mount"
+                  | bool_entry "relaxed_acs_check"
++                 | bool_entry "vnc_allow_host_audio"
+ 
+    (* Each enty in the config is one of the following three ... *)
+    let entry = vnc_entry
+diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
+index 3da332f..98a1176 100644
+--- a/src/qemu/qemu.conf
++++ b/src/qemu/qemu.conf
+@@ -168,3 +168,13 @@
+ # be assigned to guests.
+ #
+ # relaxed_acs_check = 1
++
++
++# QEMU implements an extension for providing audio over a VNC connection,
++# though if your VNC client does not support it, your only chance for getting
++# sound output is through regular audio backends. By default, libvirt will
++# disable all QEMU sound backends if using VNC, since they can cause
++# permissions issues. Enabling this option will make libvirtd honor the
++# QEMU_AUDIO_DRV environment variable when using VNC.
++#
++# vnc_allow_host_audio = 0
+diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
+index 2755545..b4d8e74 100644
+--- a/src/qemu/qemu_conf.c
++++ b/src/qemu/qemu_conf.c
+@@ -351,6 +351,10 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
+     CHECK_TYPE ("relaxed_acs_check", VIR_CONF_LONG);
+     if (p) driver->relaxedACS = p->l;
+ 
++    p = virConfGetValue (conf, "vnc_allow_host_audio");
++    CHECK_TYPE ("vnc_allow_host_audio", VIR_CONF_LONG);
++    if (p) driver->vncAllowHostAudio = p->l;
++
+     virConfFree (conf);
+     return 0;
+ }
+@@ -4399,12 +4403,15 @@ int qemudBuildCommandLine(virConnectPtr conn,
+             ADD_ARG_LIT(def->graphics[0]->data.vnc.keymap);
+         }
+ 
+-        /* QEMU implements a VNC extension for providing audio, so we
+-         * set the audio backend to none, to prevent it opening the
+-         * host OS audio devices since that causes security issues
+-         * and is non-sensical when using VNC.
++        /* Unless user requested it, set the audio backend to none, to
++         * prevent it opening the host OS audio devices, since that causes
++         * security issues and might not work when using VNC.
+          */
+-        ADD_ENV_LIT("QEMU_AUDIO_DRV=none");
++        if (driver->vncAllowHostAudio) {
++            ADD_ENV_COPY("QEMU_AUDIO_DRV");
++        } else {
++            ADD_ENV_LIT("QEMU_AUDIO_DRV=none");
++        }
+     } else if ((def->ngraphics == 1) &&
+                def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL) {
+         char *xauth = NULL;
+diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
+index 8fd8d79..7fb4de5 100644
+--- a/src/qemu/qemu_conf.h
++++ b/src/qemu/qemu_conf.h
+@@ -138,6 +138,8 @@ struct qemud_driver {
+ 
+     unsigned int relaxedACS : 1;
+ 
++    unsigned int vncAllowHostAudio : 1;
++
+     virCapsPtr caps;
+ 
+     /* An array of callbacks */
+diff --git a/src/qemu/test_libvirtd_qemu.aug b/src/qemu/test_libvirtd_qemu.aug
+index 2feedc0..a048ae5 100644
+--- a/src/qemu/test_libvirtd_qemu.aug
++++ b/src/qemu/test_libvirtd_qemu.aug
+@@ -97,6 +97,8 @@ save_image_format = \"gzip\"
+ hugetlbfs_mount = \"/dev/hugepages\"
+ 
+ relaxed_acs_check = 1
++
++vnc_allow_host_audio = 1
+ "
+ 
+    test Libvirtd_qemu.lns get conf =
+@@ -204,3 +206,5 @@ relaxed_acs_check = 1
+ { "hugetlbfs_mount" = "/dev/hugepages" }
+ { "#empty" }
+ { "relaxed_acs_check" = "1" }
++{ "#empty" }
++{ "vnc_allow_host_audio" = "1" }

libvirt-0.7.7-caps-option.patch

@@ -0,0 +1,110 @@
+diff -rup libvirt-0.7.7/src/qemu/libvirtd_qemu.aug new/src/qemu/libvirtd_qemu.aug
+--- libvirt-0.7.7/src/qemu/libvirtd_qemu.aug	2010-06-17 12:38:52.998946000 -0400
++++ new/src/qemu/libvirtd_qemu.aug	2010-06-17 12:39:28.504148000 -0400
+@@ -39,6 +39,7 @@ module Libvirtd_qemu =
+                  | str_entry "hugetlbfs_mount"
+                  | bool_entry "relaxed_acs_check"
+                  | bool_entry "vnc_allow_host_audio"
++                 | bool_entry "clear_emulator_capabilities"
+ 
+    (* Each enty in the config is one of the following three ... *)
+    let entry = vnc_entry
+diff -rup libvirt-0.7.7/src/qemu/qemu.conf new/src/qemu/qemu.conf
+--- libvirt-0.7.7/src/qemu/qemu.conf	2010-06-17 12:38:53.001953000 -0400
++++ new/src/qemu/qemu.conf	2010-06-17 12:39:28.508149000 -0400
+@@ -178,3 +178,12 @@
+ # QEMU_AUDIO_DRV environment variable when using VNC.
+ #
+ # vnc_allow_host_audio = 0
++
++# If clear_emulator_capabilities is enabled, libvirt will drop all
++# privileged capabilities of the QEmu/KVM emulator. This is enabled by
++# default.
++#
++# Warning: Disabling this option means that a compromised guest can
++# exploit the privileges and possibly do damage to the host.
++#
++# clear_emulator_capabilities = 1
+diff -rup libvirt-0.7.7/src/qemu/qemu_conf.c new/src/qemu/qemu_conf.c
+--- libvirt-0.7.7/src/qemu/qemu_conf.c	2010-06-17 12:38:53.010946000 -0400
++++ new/src/qemu/qemu_conf.c	2010-06-17 12:39:28.526151000 -0400
+@@ -103,6 +103,7 @@ int qemudLoadDriverConfig(struct qemud_d
+ 
+     /* Setup critical defaults */
+     driver->dynamicOwnership = 1;
++    driver->clearEmulatorCapabilities = 1;
+ 
+     if (!(driver->vncListen = strdup("127.0.0.1"))) {
+         virReportOOMError();
+@@ -354,6 +355,10 @@ int qemudLoadDriverConfig(struct qemud_d
+     CHECK_TYPE ("vnc_allow_host_audio", VIR_CONF_LONG);
+     if (p) driver->vncAllowHostAudio = p->l;
+ 
++    p = virConfGetValue (conf, "clear_emulator_capabilities");
++    CHECK_TYPE ("clear_emulator_capabilities", VIR_CONF_LONG);
++    if (p) driver->clearEmulatorCapabilities = p->l;
++
+     virConfFree (conf);
+     return 0;
+ }
+diff -rup libvirt-0.7.7/src/qemu/qemu_conf.h new/src/qemu/qemu_conf.h
+--- libvirt-0.7.7/src/qemu/qemu_conf.h	2010-06-17 12:38:53.015945000 -0400
++++ new/src/qemu/qemu_conf.h	2010-06-17 12:39:28.531146000 -0400
+@@ -129,8 +129,8 @@ struct qemud_driver {
+     ebtablesContext *ebtables;
+ 
+     unsigned int relaxedACS : 1;
+-
+     unsigned int vncAllowHostAudio : 1;
++    unsigned int clearEmulatorCapabilities : 1;
+ 
+     virCapsPtr caps;
+ 
+diff -rup libvirt-0.7.7/src/qemu/qemu_driver.c new/src/qemu/qemu_driver.c
+--- libvirt-0.7.7/src/qemu/qemu_driver.c	2010-06-17 12:38:52.988953000 -0400
++++ new/src/qemu/qemu_driver.c	2010-06-17 12:39:28.542147000 -0400
+@@ -2699,7 +2699,7 @@ static int qemudStartVMDaemon(virConnect
+                               int stdin_fd) {
+     const char **argv = NULL, **tmp;
+     const char **progenv = NULL;
+-    int i, ret;
++    int i, ret, runflags;
+     struct stat sb;
+     int *tapfds = NULL;
+     int ntapfds = 0;
+@@ -2893,9 +2893,16 @@ static int qemudStartVMDaemon(virConnect
+     for (i = 0 ; i < ntapfds ; i++)
+         FD_SET(tapfds[i], &keepfd);
+ 
++    VIR_DEBUG("Clear emulator capabilities: %d",
++              driver->clearEmulatorCapabilities);
++    runflags = VIR_EXEC_NONBLOCK;
++    if (driver->clearEmulatorCapabilities) {
++        runflags |= VIR_EXEC_CLEAR_CAPS;
++    }
++
+     ret = virExecDaemonize(argv, progenv, &keepfd, &child,
+                            stdin_fd, &logfile, &logfile,
+-                           VIR_EXEC_NONBLOCK | VIR_EXEC_CLEAR_CAPS,
++                           runflags,
+                            qemudSecurityHook, &hookData,
+                            pidfile);
+     VIR_FREE(pidfile);
+diff -rup libvirt-0.7.7/src/qemu/test_libvirtd_qemu.aug new/src/qemu/test_libvirtd_qemu.aug
+--- libvirt-0.7.7/src/qemu/test_libvirtd_qemu.aug	2010-06-17 12:38:53.018948000 -0400
++++ new/src/qemu/test_libvirtd_qemu.aug	2010-06-17 12:39:28.546145000 -0400
+@@ -99,6 +99,8 @@ hugetlbfs_mount = \"/dev/hugepages\"
+ relaxed_acs_check = 1
+ 
+ vnc_allow_host_audio = 1
++
++clear_emulator_capabilities = 0
+ "
+ 
+    test Libvirtd_qemu.lns get conf =
+@@ -208,3 +210,5 @@ vnc_allow_host_audio = 1
+ { "relaxed_acs_check" = "1" }
+ { "#empty" }
+ { "vnc_allow_host_audio" = "1" }
++{ "#empty" }
++{ "clear_emulator_capabilities" = "0" }

libvirt-0.7.7-fix-cdrom-change.patch

@@ -0,0 +1,132 @@
+commit c4896d378b921ba6471562d7b17641be121c19d6
+Author: Daniel P. Berrange <berrange@redhat.com>
+Date:   Thu Apr 15 11:35:07 2010 +0100
+
+    Fix CDROM media change for QEMU when using -device syntax
+    
+    Disk devices in QEMU have two parts, the guest device and the host
+    backend driver. Historically these two parts have had the same
+    "unique" name. With the switch to using -device though, they now
+    have separate names. Thus when changing CDROM media, for guests
+    using -device syntax, we need to prepend the QEMU_DRIVE_HOST_PREFIX
+    constant
+    
+    * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Add helper function
+      qemuDeviceDriveHostAlias() for building a host backend alias
+    * src/qemu/qemu_driver.c: Use qemuDeviceDriveHostAlias() to determine
+      the host backend alias for performing eject/change commands in the
+      monitor
+
+diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
+index 1a8b4aa..0cbedf2 100644
+--- a/src/qemu/qemu_conf.c
++++ b/src/qemu/qemu_conf.c
+@@ -1699,6 +1699,26 @@ static int qemuAssignDeviceDiskAliasLegacy(virDomainDiskDefPtr disk)
+ }
+ 
+ 
++char *qemuDeviceDriveHostAlias(virDomainDiskDefPtr disk,
++                               unsigned long long qemudCmdFlags)
++{
++    char *ret;
++
++    if (qemudCmdFlags & QEMUD_CMD_FLAG_DEVICE) {
++        if (virAsprintf(&ret, "%s%s", QEMU_DRIVE_HOST_PREFIX, disk->info.alias) < 0) {
++            virReportOOMError();
++            return NULL;
++        }
++    } else {
++        if (!(ret = strdup(disk->info.alias))) {
++            virReportOOMError();
++            return NULL;
++        }
++    }
++    return ret;
++}
++
++
+ /* Names used before -drive supported the id= option */
+ static int qemuAssignDeviceDiskAliasFixed(virDomainDiskDefPtr disk)
+ {
+diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
+index 574709e..b2820f0 100644
+--- a/src/qemu/qemu_conf.h
++++ b/src/qemu/qemu_conf.h
+@@ -220,6 +220,9 @@ char * qemuBuildNicStr(virDomainNetDefPtr net,
+ char * qemuBuildNicDevStr(virDomainNetDefPtr net,
+                           int vlan);
+ 
++char *qemuDeviceDriveHostAlias(virDomainDiskDefPtr disk,
++                               unsigned long long qemudCmdFlags);
++
+ /* Both legacy & current support */
+ char *qemuBuildDriveStr(virDomainDiskDefPtr disk,
+                         int bootable,
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 0189dcf..7d2f3ef 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -6552,11 +6552,13 @@ cleanup:
+ 
+ static int qemudDomainChangeEjectableMedia(struct qemud_driver *driver,
+                                            virDomainObjPtr vm,
+-                                           virDomainDiskDefPtr disk)
++                                           virDomainDiskDefPtr disk,
++                                           unsigned long long qemuCmdFlags)
+ {
+     virDomainDiskDefPtr origdisk = NULL;
+     int i;
+     int ret;
++    char *driveAlias = NULL;
+ 
+     origdisk = NULL;
+     for (i = 0 ; i < vm->def->ndisks ; i++) {
+@@ -6594,6 +6596,9 @@ static int qemudDomainChangeEjectableMedia(struct qemud_driver *driver,
+         driver->securityDriver->domainSetSecurityImageLabel(vm, disk) < 0)
+         return -1;
+ 
++    if (!(driveAlias = qemuDeviceDriveHostAlias(origdisk, qemuCmdFlags)))
++        goto error;
++
+     qemuDomainObjPrivatePtr priv = vm->privateData;
+     qemuDomainObjEnterMonitorWithDriver(driver, vm);
+     if (disk->src) {
+@@ -6605,10 +6610,10 @@ static int qemudDomainChangeEjectableMedia(struct qemud_driver *driver,
+                 format = origdisk->driverType;
+         }
+         ret = qemuMonitorChangeMedia(priv->mon,
+-                                     origdisk->info.alias,
++                                     driveAlias,
+                                      disk->src, format);
+     } else {
+-        ret = qemuMonitorEjectMedia(priv->mon, origdisk->info.alias);
++        ret = qemuMonitorEjectMedia(priv->mon, driveAlias);
+     }
+     qemuDomainObjExitMonitorWithDriver(driver, vm);
+ 
+@@ -6625,11 +6630,14 @@ static int qemudDomainChangeEjectableMedia(struct qemud_driver *driver,
+     disk->src = NULL;
+     origdisk->type = disk->type;
+ 
++    VIR_FREE(driveAlias);
++
+     virDomainDiskDefFree(disk);
+ 
+     return ret;
+ 
+ error:
++    VIR_FREE(driveAlias);
+     if (driver->securityDriver &&
+         driver->securityDriver->domainRestoreSecurityImageLabel &&
+         driver->securityDriver->domainRestoreSecurityImageLabel(vm, disk) < 0)
+@@ -7434,7 +7442,9 @@ static int qemudDomainAttachDevice(virDomainPtr dom,
+         switch (dev->data.disk->device) {
+         case VIR_DOMAIN_DISK_DEVICE_CDROM:
+         case VIR_DOMAIN_DISK_DEVICE_FLOPPY:
+-            ret = qemudDomainChangeEjectableMedia(driver, vm, dev->data.disk);
++            ret = qemudDomainChangeEjectableMedia(driver, vm,
++                                                  dev->data.disk,
++                                                  qemuCmdFlags);
+             if (ret == 0)
+                 dev->data.disk = NULL;
+             break;

libvirt-0.7.7-fix-slow-dsync.patch

@@ -0,0 +1,41 @@
+From e3c36a2575bc88a16d776693dc39ea01c780b406 Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Tue, 16 Mar 2010 16:03:59 +0100
+Subject: [PATCH] Use fsync() at the end of file allocation instead of O_DSYNC
+
+Instead of opening storage file with O_DSYNC, make sure data are written
+to a disk only before we claim allocation has finished.
+---
+ src/storage/storage_backend.c |    9 ++++++++-
+ 1 files changed, 8 insertions(+), 1 deletions(-)
+
+diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
+index ec9fc43..7294a00 100644
+--- a/src/storage/storage_backend.c
++++ b/src/storage/storage_backend.c
+@@ -331,6 +331,13 @@ static int createRawFileOpHook(int fd, void *data) {
+                 goto cleanup;
+             }
+         }
++
++        if (fsync(fd) < 0) {
++            ret = errno;
++            virReportSystemError(errno, _("cannot sync data to file '%s'"),
++                                 hdata->vol->target.path);
++            goto cleanup;
++        }
+     }
+ 
+ cleanup:
+@@ -359,7 +366,7 @@ virStorageBackendCreateRaw(virConnectPtr conn ATTRIBUTE_UNUSED,
+     gid_t gid = (vol->target.perms.gid == -1) ? getgid() : vol->target.perms.gid;
+ 
+     if ((createstat = virFileOperation(vol->target.path,
+-                                       O_RDWR | O_CREAT | O_EXCL | O_DSYNC,
++                                       O_RDWR | O_CREAT | O_EXCL,
+                                        vol->target.perms.mode, uid, gid,
+                                        createRawFileOpHook, &hdata,
+                                        VIR_FILE_OP_FORCE_PERMS |
+-- 
+1.6.6.1
+

libvirt-0.7.7-fix-usb-parsing.patch

@@ -0,0 +1,12 @@
+diff -rup libvirt-0.7.1/src/util/hostusb.c new/src/hostusb.c
+--- libvirt-0.7.1/src/util/hostusb.c	2010-06-03 13:51:14.392459000 -0400
++++ new/src/util/hostusb.c	2010-06-03 14:49:11.763379000 -0400
+@@ -123,7 +123,7 @@ static int usbFindBusByVendor(virConnect
+             char *tmpstr = de->d_name;
+             unsigned found_bus, found_addr;
+ 
+-            if (STREQ(de->d_name, "usb"))
++            if (STRPREFIX(de->d_name, "usb"))
+                 tmpstr += 3;
+ 
+             if (virStrToLong_ui(tmpstr, &ignore, 10, &found_bus) < 0) {

libvirt-0.7.7-fix-usb-product.patch

@@ -0,0 +1,233 @@
+From 3a441522017aa9c1b8b54d2ce4569d0f0d96fa72 Mon Sep 17 00:00:00 2001
+From: Cole Robinson <crobinso@redhat.com>
+Date: Fri, 12 Mar 2010 12:36:56 -0500
+Subject: [PATCH] qemu: Add some debugging at domain startup
+
+---
+ src/qemu/qemu_driver.c |   24 +++++++++++++++++++++++-
+ 1 files changed, 23 insertions(+), 1 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index f8ab545..040d645 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -2695,6 +2695,8 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+ 
+     FD_ZERO(&keepfd);
+ 
++    DEBUG0("Beginning VM startup process");
++
+     if (virDomainObjIsActive(vm)) {
+         qemuReportError(VIR_ERR_OPERATION_INVALID,
+                         "%s", _("VM is already active"));
+@@ -2703,22 +2705,27 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+ 
+     /* If you are using a SecurityDriver with dynamic labelling,
+        then generate a security label for isolation */
++    DEBUG0("Generating domain security label (if required)");
+     if (driver->securityDriver &&
+         driver->securityDriver->domainGenSecurityLabel &&
+         driver->securityDriver->domainGenSecurityLabel(vm) < 0)
+         return -1;
+ 
++    DEBUG0("Generating setting domain security labels (if required)");
+     if (driver->securityDriver &&
+         driver->securityDriver->domainSetSecurityAllLabel &&
+         driver->securityDriver->domainSetSecurityAllLabel(vm) < 0)
+         goto cleanup;
+ 
+-    /* Ensure no historical cgroup for this VM is lieing around bogus settings */
++    /* Ensure no historical cgroup for this VM is lying around bogus
++     * settings */
++    DEBUG0("Ensuring no historical cgroup is lying around");
+     qemuRemoveCgroup(driver, vm, 1);
+ 
+     if ((vm->def->ngraphics == 1) &&
+         vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
+         vm->def->graphics[0]->data.vnc.autoport) {
++        DEBUG0("Determining VNC port");
+         int port = qemudNextFreeVNCPort(driver);
+         if (port < 0) {
+             qemuReportError(VIR_ERR_INTERNAL_ERROR,
+@@ -2735,6 +2742,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
++    DEBUG0("Creating domain log file");
+     if ((logfile = qemudLogFD(driver, vm->def->name)) < 0)
+         goto cleanup;
+ 
+@@ -2751,14 +2759,17 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
++    DEBUG0("Determing emulator version");
+     if (qemudExtractVersionInfo(emulator,
+                                 NULL,
+                                 &qemuCmdFlags) < 0)
+         goto cleanup;
+ 
++    DEBUG0("Setting up domain cgroup (if required)");
+     if (qemuSetupCgroup(driver, vm) < 0)
+         goto cleanup;
+ 
++    DEBUG0("Preparing host devices");
+     if (qemuPrepareHostDevices(driver, vm->def) < 0)
+         goto cleanup;
+ 
+@@ -2767,6 +2778,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
++    DEBUG0("Preparing monitor state");
+     if (qemuPrepareMonitorChr(driver, priv->monConfig, vm->def->name) < 0)
+         goto cleanup;
+ 
+@@ -2798,6 +2810,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+      * use in hotplug
+      */
+     if (qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE) {
++        DEBUG0("Assigning domain PCI addresses");
+         /* Populate cache with current addresses */
+         if (priv->pciaddrs) {
+             qemuDomainPCIAddressSetFree(priv->pciaddrs);
+@@ -2816,6 +2829,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+         priv->persistentAddrs = 0;
+     }
+ 
++    DEBUG0("Building emulator command line");
+     vm->def->id = driver->nextvmid++;
+     if (qemudBuildCommandLine(conn, driver, vm->def, priv->monConfig,
+                               priv->monJSON, qemuCmdFlags, &argv, &progenv,
+@@ -2899,25 +2913,31 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+     if (ret == -1) /* The VM failed to start */
+         goto cleanup;
+ 
++    DEBUG0("Waiting for monitor to show up");
+     if (qemudWaitForMonitor(driver, vm, pos) < 0)
+         goto abort;
+ 
++    DEBUG0("Detecting VCPU PIDs");
+     if (qemuDetectVcpuPIDs(driver, vm) < 0)
+         goto abort;
+ 
++    DEBUG0("Setting CPU affinity");
+     if (qemudInitCpuAffinity(vm) < 0)
+         goto abort;
+ 
++    DEBUG0("Setting any required VM passwords");
+     if (qemuInitPasswords(conn, driver, vm, qemuCmdFlags) < 0)
+         goto abort;
+ 
+     /* If we have -device, then addresses are assigned explicitly.
+      * If not, then we have to detect dynamic ones here */
+     if (!(qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)) {
++        DEBUG0("Determining domain device PCI addresses");
+         if (qemuInitPCIAddresses(driver, vm) < 0)
+             goto abort;
+     }
+ 
++    DEBUG0("Setting initial memory amount");
+     qemuDomainObjEnterMonitorWithDriver(driver, vm);
+     if (qemuMonitorSetBalloon(priv->mon, vm->def->memory) < 0) {
+         qemuDomainObjExitMonitorWithDriver(driver, vm);
+@@ -2925,6 +2945,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+     }
+ 
+     if (migrateFrom == NULL) {
++        DEBUG0("Starting domain CPUs");
+         /* Allow the CPUS to start executing */
+         if (qemuMonitorStartCPUs(priv->mon, conn) < 0) {
+             if (virGetLastError() == NULL)
+@@ -2937,6 +2958,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+     qemuDomainObjExitMonitorWithDriver(driver, vm);
+ 
+ 
++    DEBUG0("Writing domain status to disk");
+     if (virDomainSaveStatus(driver->caps, driver->stateDir, vm) < 0)
+         goto abort;
+ 
+-- 
+1.6.6.1
+
+From 6d5c8a8f51db8ce97ab35ab6022dd5c94ab016b4 Mon Sep 17 00:00:00 2001
+From: Cole Robinson <crobinso@redhat.com>
+Date: Fri, 12 Mar 2010 12:37:52 -0500
+Subject: [PATCH] qemu: Fix USB by product with security enabled
+
+We need to call PrepareHostdevs to determine the USB device path before
+any security calls. PrepareHostUSBDevices was also incorrectly skipping
+all USB devices.
+---
+ src/qemu/qemu_driver.c |   11 ++++++-----
+ 1 files changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 040d645..b17d26d 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -2360,7 +2360,7 @@ qemuPrepareHostUSBDevices(struct qemud_driver *driver ATTRIBUTE_UNUSED,
+ 
+         if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+             continue;
+-        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
++        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+             continue;
+ 
+         /* Resolve a vendor/product to bus/device */
+@@ -2703,6 +2703,11 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+         return -1;
+     }
+ 
++    /* Must be run before security labelling */
++    DEBUG0("Preparing host devices");
++    if (qemuPrepareHostDevices(driver, vm->def) < 0)
++        goto cleanup;
++
+     /* If you are using a SecurityDriver with dynamic labelling,
+        then generate a security label for isolation */
+     DEBUG0("Generating domain security label (if required)");
+@@ -2769,10 +2774,6 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+     if (qemuSetupCgroup(driver, vm) < 0)
+         goto cleanup;
+ 
+-    DEBUG0("Preparing host devices");
+-    if (qemuPrepareHostDevices(driver, vm->def) < 0)
+-        goto cleanup;
+-
+     if (VIR_ALLOC(priv->monConfig) < 0) {
+         virReportOOMError();
+         goto cleanup;
+-- 
+1.6.6.1
+
+From 65e97240e6e4606820dd1c42ac172319e0af4d8d Mon Sep 17 00:00:00 2001
+From: Cole Robinson <crobinso@redhat.com>
+Date: Mon, 22 Mar 2010 10:45:36 -0400
+Subject: [PATCH] security: selinux: Fix crash when releasing non-existent label
+
+This can be triggered by the qemuStartVMDaemon cleanup path if a
+VM references a non-existent USB device (by product) in the XML.
+
+Signed-off-by: Cole Robinson <crobinso@redhat.com>
+---
+ src/security/security_selinux.c |    3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
+index 975b315..6680e2d 100644
+--- a/src/security/security_selinux.c
++++ b/src/security/security_selinux.c
+@@ -632,7 +632,8 @@ SELinuxReleaseSecurityLabel(virDomainObjPtr vm)
+ {
+     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
+ 
+-    if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC)
++    if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC ||
++        secdef->label == NULL)
+         return 0;
+ 
+     context_t con = context_new(secdef->label);
+-- 
+1.6.6.1
+

libvirt-0.7.7-init-fixes.patch

@@ -0,0 +1,35 @@
+commit 9d0adf249827dde9e1c0d1c19513cf6018ceb34e
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Wed May 19 15:57:56 2010 -0400
+
+    daemon: A few initscript corrections
+    
+    Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=565238
+    
+    - Avahi service is called 'avahi-daemon'
+    - chkconfig descriptions must use \ for line continuations
+
+diff --git a/daemon/libvirtd.init.in b/daemon/libvirtd.init.in
+index d4dc98b..809433e 100644
+--- a/daemon/libvirtd.init.in
++++ b/daemon/libvirtd.init.in
+@@ -9,7 +9,7 @@
+ # Should-Start: $named
+ # Should-Start: xend
+ # Should-Start: hal
+-# Should-Start: avahi
++# Should-Start: avahi-daemon
+ # Required-Stop: $network messagebus
+ # Should-Stop: $named
+ # Default-Start: 3 4 5
+@@ -24,8 +24,8 @@
+ # libvirtd:   guest and virtual network management daemon
+ #
+ # chkconfig: 345 97 03
+-# description:  This is a daemon for managing guest instances
+-#               and libvirt virtual networks
++# description:  This is a daemon for managing guest instances \
++#               and libvirt virtual networks \
+ #               See http://libvirt.org
+ #
+ # processname: libvirtd

libvirt-0.7.7-man-page-list.patch

@@ -0,0 +1,65 @@
+commit e5f31f461f63bbad211e84b810d6ba43a705f9dd
+Author: Justin Clift <justin@salasaga.org>
+Date:   Sun May 30 13:28:42 2010 +1000
+
+    Trivial virsh.pod additions --all for "list" command and similar
+    
+    This is just a trivial patch to virsh.pod (from git master). It adds the
+    following pieces to the virsh man page:
+    
+      + Shows the --inactive and --all optional parameters for the list
+        command.
+    
+        Closes Bugzilla #575512, reported by Renich Bon Ciric
+        https://bugzilla.redhat.com/show_bug.cgi?id=575512
+    
+      + Corrects the existing description of the list command, to now say
+        that only running domains are listed if no domains are specified.
+    
+        The man page up until this point has said all domains are listed if
+        no domains are specified, which is incorrect.
+    
+      + Adds the "shut off" state to the list of states for the list
+        command.
+    
+      + Adds a missing =back around line 755, that pod2man was complaining
+        was missing.
+
+diff --git a/tools/virsh.pod b/tools/virsh.pod
+index cf7585d..495bb46 100644
+--- a/tools/virsh.pod
++++ b/tools/virsh.pod
+@@ -156,10 +156,10 @@ description see:
+   L<http://libvirt.org/formatcaps.html>
+ The XML also show the NUMA topology information if available.
+ 
+-=item B<list>
++=item B<list> optional I<--inactive> I<--all>
+ 
+ Prints information about one or more domains.  If no domains are
+-specified it prints out information about all domains.
++specified it prints out information about running domains.
+ 
+ An example format for the list is as follows:
+ 
+@@ -177,7 +177,7 @@ State is the run state (see below).
+ 
+ B<STATES>
+ 
+-The State field lists 6 states for a domain, and which ones the
++The State field lists 7 states for a domain, and which ones the
+ current domain is in.
+ 
+ =over 4
+@@ -205,6 +205,11 @@ The domain is in the process of shutting down, i.e. the guest operating system
+ has been notified and should be in the process of stopping its operations
+ gracefully.
+ 
++=item B<shut off>
++
++The domain is not running.  Usually this indicates the domain has been
++shut down completely, or has not been started.
++
+ =item B<crashed>
+ 
+ The domain has crashed, which is always a violent ending.  Usually

libvirt-0.7.7-network-collision.patch

@@ -0,0 +1,169 @@
+commit a83fe2c23efad190a1e00e448f607fe032650fd6
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Thu May 20 19:31:16 2010 -0400
+
+    network: bridge: Don't start network if it collides with host routing
+    
+    Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=235961
+    
+    If using the default virtual network, an easy way to lose guest network
+    connectivity is to install libvirt inside the VM. The autostarted
+    default network inside the guest collides with host virtual network
+    routing. This is a long standing issue that has caused users quite a
+    bit of pain and confusion.
+    
+    On network startup, parse /proc/net/route and compare the requested
+    IP+netmask against host routing destinations: if any matches are found,
+    refuse to start the network.
+    
+    v2: Drop sscanf, fix a comment typo, comment that function could use
+        libnl instead of /proc
+    
+    v3: Consider route netmask. Compare binary data rather than convert to
+        string.
+    
+    v4: Return to using sscanf, drop inet functions in favor of virSocket,
+        parsing safety checks. Don't make parse failures fatal, in case
+        expected format changes.
+    
+    v5: Try and continue if we receive unexpected. Delimit parsed lines to
+        prevent scanning past newline
+
+diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
+index 5d7ef19..7ab3f3e 100644
+--- a/src/network/bridge_driver.c
++++ b/src/network/bridge_driver.c
+@@ -57,6 +57,7 @@
+ #include "iptables.h"
+ #include "bridge.h"
+ #include "logging.h"
++#include "util/network.h"
+ 
+ #define NETWORK_PID_DIR LOCAL_STATE_DIR "/run/libvirt/network"
+ #define NETWORK_STATE_DIR LOCAL_STATE_DIR "/lib/libvirt/network"
+@@ -908,6 +909,114 @@ cleanup:
+     return ret;
+ }
+ 
++#define PROC_NET_ROUTE "/proc/net/route"
++
++/* XXX: This function can be a lot more exhaustive, there are certainly
++ *      other scenarios where we can ruin host network connectivity.
++ * XXX: Using a proper library is preferred over parsing /proc
++ */
++static int networkCheckRouteCollision(virNetworkObjPtr network)
++{
++    int ret = -1, len;
++    unsigned int net_dest;
++    char *cur, *buf = NULL;
++    enum {MAX_ROUTE_SIZE = 1024*64};
++    virSocketAddr inaddress, innetmask;
++
++    if (!network->def->ipAddress || !network->def->netmask)
++        return 0;
++
++    if (virSocketParseAddr(network->def->ipAddress, &inaddress, 0) < 0) {
++        networkReportError(VIR_ERR_INTERNAL_ERROR,
++                           _("cannot parse IP address '%s'"),
++                           network->def->ipAddress);
++        goto error;
++    }
++
++    if (virSocketParseAddr(network->def->netmask, &innetmask, 0) < 0) {
++        networkReportError(VIR_ERR_INTERNAL_ERROR,
++                           _("cannot parse netmask '%s'"),
++                           network->def->netmask);
++        goto error;
++    }
++
++    if (inaddress.stor.ss_family != AF_INET ||
++        innetmask.stor.ss_family != AF_INET) {
++        /* Only support collision check for IPv4 */
++        goto out;
++    }
++
++    net_dest = (inaddress.inet4.sin_addr.s_addr &
++                innetmask.inet4.sin_addr.s_addr);
++
++    /* Read whole routing table into memory */
++    if ((len = virFileReadAll(PROC_NET_ROUTE, MAX_ROUTE_SIZE, &buf)) < 0)
++        goto error;
++
++    /* Dropping the last character shouldn't hurt */
++    if (len > 0)
++        buf[len-1] = '\0';
++
++    VIR_DEBUG("%s output:\n%s", PROC_NET_ROUTE, buf);
++
++    if (!STRPREFIX (buf, "Iface"))
++        goto out;
++
++    /* First line is just headings, skip it */
++    cur = strchr(buf, '\n');
++    if (cur)
++        cur++;
++
++    while (cur) {
++        char iface[17], dest[128], mask[128];
++        unsigned int addr_val, mask_val;
++        int num;
++
++        /* NUL-terminate the line, so sscanf doesn't go beyond a newline.  */
++        char *nl = strchr(cur, '\n');
++        if (nl) {
++            *nl++ = '\0';
++        }
++
++        num = sscanf(cur, "%16s %127s %*s %*s %*s %*s %*s %127s",
++                     iface, dest, mask);
++        cur = nl;
++
++        if (num != 3) {
++            VIR_DEBUG("Failed to parse %s", PROC_NET_ROUTE);
++            continue;
++        }
++
++        if (virStrToLong_ui(dest, NULL, 16, &addr_val) < 0) {
++            VIR_DEBUG("Failed to convert network address %s to uint", dest);
++            continue;
++        }
++
++        if (virStrToLong_ui(mask, NULL, 16, &mask_val) < 0) {
++            VIR_DEBUG("Failed to convert network mask %s to uint", mask);
++            continue;
++        }
++
++        addr_val &= mask_val;
++
++        if ((net_dest == addr_val) &&
++            (innetmask.inet4.sin_addr.s_addr == mask_val)) {
++            networkReportError(VIR_ERR_INTERNAL_ERROR,
++                              _("Network %s/%s is already in use by "
++                                "interface %s"),
++                                network->def->ipAddress,
++                                network->def->netmask, iface);
++            goto error;
++        }
++    }
++
++out:
++    ret = 0;
++error:
++    VIR_FREE(buf);
++    return ret;
++}
++
+ static int networkStartNetworkDaemon(struct network_driver *driver,
+                                      virNetworkObjPtr network)
+ {
+@@ -919,6 +1028,10 @@ static int networkStartNetworkDaemon(struct network_driver *driver,
+         return -1;
+     }
+ 
++    /* Check to see if network collides with an existing route */
++    if (networkCheckRouteCollision(network) < 0)
++        return -1;
++
+     if ((err = brAddBridge(driver->brctl, network->def->bridge))) {
+         virReportSystemError(err,
+                              _("cannot create bridge '%s'"),

libvirt-0.7.7-no-secdriver-crash.patch

@@ -0,0 +1,26 @@
+commit b7a7b3365145f6e9e434a3265a58666cd2e6d8dd
+Author: Guido Günther <agx@sigxcpu.org>
+Date:   Wed Mar 17 21:04:11 2010 +0100
+
+    Don't crash without a security driver
+    
+    "virsh dominfo <vm>" crashes if there's no primary security driver set
+    since we only intialize the secmodel.model and secmodel.doi if we have
+    one. Attached patch checks for securityPrimaryDriver instead of
+    securityDriver since the later is always set in qemudSecurityInit().
+    
+    Closes: http://bugs.debian.org/574359
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 1f2b11d..257f914 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -4979,7 +4979,7 @@ static int qemudNodeGetSecurityModel(virConnectPtr conn,
+     int ret = 0;
+ 
+     qemuDriverLock(driver);
+-    if (!driver->securityDriver) {
++    if (!driver->securityPrimaryDriver) {
+         memset(secmodel, 0, sizeof (*secmodel));
+         goto cleanup;
+     }

libvirt-0.7.7-nodedev-conversions.patch

@@ -0,0 +1,77 @@
+commit 74c7a3463d18a530d6d749d0199061b5d3f17faa
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Tue May 11 14:44:34 2010 -0400
+
+    node_device: udev: Fix PCI product/vendor swappage
+    
+    Product and vendor values were swapped in the XML, which made virt-manager
+    PCI device listing kinda useless.
+
+diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c
+index bcfe991..4a9d65f 100644
+--- a/src/node_device/node_device_udev.c
++++ b/src/node_device/node_device_udev.c
+@@ -382,8 +382,8 @@ static int udevTranslatePCIIds(unsigned int vendor,
+ 
+     /* pci_get_strings returns void */
+     pci_get_strings(&m,
+-                    &vendor_name,
+                     &device_name,
++                    &vendor_name,
+                     NULL,
+                     NULL);
+ 
+commit 75d88455f54088f88bc7a503da0a4cd413ef7b95
+Author: Klaus Ethgen <Klaus@Ethgen.de>
+Date:   Tue Apr 27 09:20:47 2010 +0200
+
+    The base used for conversion of USB values should be 16 not 10.
+    
+    Signed-off-by: Guido Günther <agx@sigxcpu.org>
+
+diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c
+index b12a49e..3a5a7e2 100644
+--- a/src/node_device/node_device_udev.c
++++ b/src/node_device/node_device_udev.c
+@@ -548,8 +548,6 @@ out:
+ }
+ 
+ 
+-/* XXX Is 10 the correct base for the Number/Class/SubClass/Protocol
+- * conversions?  */
+ static int udevProcessUSBInterface(struct udev_device *device,
+                                    virNodeDeviceDefPtr def)
+ {
+@@ -559,28 +557,28 @@ static int udevProcessUSBInterface(struct udev_device *device,
+     if (udevGetUintSysfsAttr(device,
+                              "bInterfaceNumber",
+                              &data->usb_if.number,
+-                             10) == PROPERTY_ERROR) {
++                             16) == PROPERTY_ERROR) {
+         goto out;
+     }
+ 
+     if (udevGetUintSysfsAttr(device,
+                              "bInterfaceClass",
+                              &data->usb_if._class,
+-                             10) == PROPERTY_ERROR) {
++                             16) == PROPERTY_ERROR) {
+         goto out;
+     }
+ 
+     if (udevGetUintSysfsAttr(device,
+                              "bInterfaceSubClass",
+                              &data->usb_if.subclass,
+-                             10) == PROPERTY_ERROR) {
++                             16) == PROPERTY_ERROR) {
+         goto out;
+     }
+ 
+     if (udevGetUintSysfsAttr(device,
+                              "bInterfaceProtocol",
+                              &data->usb_if.protocol,
+-                             10) == PROPERTY_ERROR) {
++                             16) == PROPERTY_ERROR) {
+         goto out;
+     }
+ 

libvirt-0.7.7-pci-decimal-parsing.patch

@@ -0,0 +1,50 @@
+commit e984019688509605966c03cd77f4591d2cc222d3
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Fri Apr 30 18:14:35 2010 +0200
+
+    domain: Fix PCI address decimal parsing regression
+    
+    <hostdev> address parsing previously attempted to detect the number
+    base: currently it is hardcoded to base 16, which can break PCI
+    assignment via virt-manager. Revert to the previous behavior.
+    
+    * src/conf/domain_conf.c: virDomainDevicePCIAddressParseXML, switch to
+      virStrToLong_ui(bus, NULL, 0, ...) to autodetect base
+
+diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
+index 1607e8b..546ddf2 100644
+--- a/src/conf/domain_conf.c
++++ b/src/conf/domain_conf.c
+@@ -1079,28 +1079,28 @@ virDomainDevicePCIAddressParseXML(xmlNodePtr node,
+     function = virXMLPropString(node, "function");
+ 
+     if (domain &&
+-        virStrToLong_ui(domain, NULL, 16, &addr->domain) < 0) {
++        virStrToLong_ui(domain, NULL, 0, &addr->domain) < 0) {
+         virDomainReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                              _("Cannot parse <address> 'domain' attribute"));
+         goto cleanup;
+     }
+ 
+     if (bus &&
+-        virStrToLong_ui(bus, NULL, 16, &addr->bus) < 0) {
++        virStrToLong_ui(bus, NULL, 0, &addr->bus) < 0) {
+         virDomainReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                              _("Cannot parse <address> 'bus' attribute"));
+         goto cleanup;
+     }
+ 
+     if (slot &&
+-        virStrToLong_ui(slot, NULL, 16, &addr->slot) < 0) {
++        virStrToLong_ui(slot, NULL, 0, &addr->slot) < 0) {
+         virDomainReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                              _("Cannot parse <address> 'slot' attribute"));
+         goto cleanup;
+     }
+ 
+     if (function &&
+-        virStrToLong_ui(function, NULL, 16, &addr->function) < 0) {
++        virStrToLong_ui(function, NULL, 0, &addr->function) < 0) {
+         virDomainReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                              _("Cannot parse <address> 'function' attribute"));
+         goto cleanup;

libvirt-0.7.7-qemu-startup-output.patch

@@ -0,0 +1,108 @@
+commit 83be64034a0b530c904ceb4fd1ed1c10b5cdf4bf
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Mon May 17 10:15:53 2010 -0400
+
+    qemu: Report cmdline output if VM dies early
+    
+    qemuReadLogOutput early VM death detection is racy and won't always work.
+    Startup then errors when connecting to the VM monitor. This won't report
+    the emulator cmdline output which is typically the most useful diagnostic.
+    
+    Check if the VM has died at the very end of the monitor connection step,
+    and if so, report the cmdline output.
+    
+    See also: https://bugzilla.redhat.com/show_bug.cgi?id=581381
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index ab6bec8..582fdee 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -2034,39 +2034,47 @@ static void qemudFreePtyPath(void *payload, const char *name ATTRIBUTE_UNUSED)
+     VIR_FREE(payload);
+ }
+ 
++static void
++qemuReadLogFD(int logfd, char *buf, int maxlen, int off)
++{
++    int ret;
++    char *tmpbuf = buf + off;
++
++    ret = saferead(logfd, tmpbuf, maxlen - off - 1);
++    if (ret < 0) {
++        ret = 0;
++    }
++
++    tmpbuf[ret] = '\0';
++}
++
+ static int
+ qemudWaitForMonitor(struct qemud_driver* driver,
+                     virDomainObjPtr vm, off_t pos)
+ {
+-    char buf[4096]; /* Plenty of space to get startup greeting */
++    char buf[4096] = ""; /* Plenty of space to get startup greeting */
+     int logfd;
+     int ret = -1;
++    virHashTablePtr paths = NULL;
+ 
+-    if ((logfd = qemudLogReadFD(driver->logDir, vm->def->name, pos))
+-        < 0)
++    if ((logfd = qemudLogReadFD(driver->logDir, vm->def->name, pos)) < 0)
+         return -1;
+ 
+-    ret = qemudReadLogOutput(vm, logfd, buf, sizeof(buf),
+-                             qemudFindCharDevicePTYs,
+-                             "console", 30);
+-    if (close(logfd) < 0) {
+-        char ebuf[4096];
+-        VIR_WARN(_("Unable to close logfile: %s"),
+-                 virStrerror(errno, ebuf, sizeof ebuf));
+-    }
+-
+-    if (ret < 0)
+-        return -1;
++    if (qemudReadLogOutput(vm, logfd, buf, sizeof(buf),
++                           qemudFindCharDevicePTYs,
++                           "console", 30) < 0)
++        goto closelog;
+ 
+     VIR_DEBUG("Connect monitor to %p '%s'", vm, vm->def->name);
+-    if (qemuConnectMonitor(driver, vm) < 0)
+-        return -1;
++    if (qemuConnectMonitor(driver, vm) < 0) {
++        goto cleanup;
++    }
+ 
+     /* Try to get the pty path mappings again via the monitor. This is much more
+      * reliable if it's available.
+      * Note that the monitor itself can be on a pty, so we still need to try the
+      * log output method. */
+-    virHashTablePtr paths = virHashCreate(0);
++    paths = virHashCreate(0);
+     if (paths == NULL) {
+         virReportOOMError();
+         goto cleanup;
+@@ -2087,6 +2095,23 @@ cleanup:
+         virHashFree(paths, qemudFreePtyPath);
+     }
+ 
++    if (kill(vm->pid, 0) == -1 && errno == ESRCH) {
++        /* VM is dead, any other error raised in the interim is probably
++         * not as important as the qemu cmdline output */
++        qemuReadLogFD(logfd, buf, sizeof(buf), strlen(buf));
++        qemuReportError(VIR_ERR_INTERNAL_ERROR,
++                        _("process exited while connecting to monitor: %s"),
++                        buf);
++        ret = -1;
++    }
++
++closelog:
++    if (close(logfd) < 0) {
++        char ebuf[4096];
++        VIR_WARN(_("Unable to close logfile: %s"),
++                 virStrerror(errno, ebuf, sizeof ebuf));
++    }
++
+     return ret;
+ }
+ 

libvirt-0.7.7-sanitize-pool.patch

@@ -0,0 +1,155 @@
+diff -rup libvirt-0.7.7/src/conf/storage_conf.c new/src/conf/storage_conf.c
+--- libvirt-0.7.7/src/conf/storage_conf.c	2010-03-05 09:46:29.000000000 -0500
++++ new/src/conf/storage_conf.c	2010-06-17 12:28:44.319588000 -0400
+@@ -601,6 +601,7 @@ virStoragePoolDefParseXML(xmlXPathContex
+     xmlNodePtr source_node;
+     char *type = NULL;
+     char *uuid = NULL;
++    char *tmppath;
+ 
+     if (VIR_ALLOC(ret) < 0) {
+         virReportOOMError();
+@@ -698,11 +699,16 @@ virStoragePoolDefParseXML(xmlXPathContex
+         }
+     }
+ 
+-    if ((ret->target.path = virXPathString("string(./target/path)", ctxt)) == NULL) {
++    if ((tmppath = virXPathString("string(./target/path)", ctxt)) == NULL) {
+         virStorageReportError(VIR_ERR_XML_ERROR,
+                               "%s", _("missing storage pool target path"));
+         goto cleanup;
+     }
++    ret->target.path = virFileSanitizePath(tmppath);
++    VIR_FREE(tmppath);
++    if (!ret->target.path)
++        goto cleanup;
++
+ 
+     if (virStorageDefParsePerms(ctxt, &ret->target.perms,
+                                 "./target/permissions", 0700) < 0)
+diff -rup libvirt-0.7.7/src/libvirt_private.syms new/src/libvirt_private.syms
+--- libvirt-0.7.7/src/libvirt_private.syms	2010-03-05 10:45:23.000000000 -0500
++++ new/src/libvirt_private.syms	2010-06-17 12:28:44.334585000 -0400
+@@ -582,6 +582,7 @@ virFileReadLimFD;
+ virFilePid;
+ virFileReadPid;
+ virFileLinkPointsTo;
++virFileSanitizePath;
+ virParseNumber;
+ virAsprintf;
+ virRun;
+diff -rup libvirt-0.7.7/src/storage/storage_driver.c new/src/storage/storage_driver.c
+--- libvirt-0.7.7/src/storage/storage_driver.c	2010-03-05 09:46:29.000000000 -0500
++++ new/src/storage/storage_driver.c	2010-06-17 12:28:44.346586000 -0400
+@@ -1200,6 +1200,11 @@ storageVolumeLookupByPath(virConnectPtr 
+     virStorageDriverStatePtr driver = conn->storagePrivateData;
+     unsigned int i;
+     virStorageVolPtr ret = NULL;
++    char *cleanpath;
++
++    cleanpath = virFileSanitizePath(path);
++    if (!cleanpath)
++        return NULL;
+ 
+     storageDriverLock(driver);
+     for (i = 0 ; i < driver->pools.count && !ret ; i++) {
+@@ -1209,7 +1214,7 @@ storageVolumeLookupByPath(virConnectPtr 
+             const char *stable_path;
+ 
+             stable_path = virStorageBackendStablePath(driver->pools.objs[i],
+-                                                      path);
++                                                      cleanpath);
+             /*
+              * virStorageBackendStablePath already does
+              * virStorageReportError if it fails; we just need to keep
+@@ -1238,6 +1243,7 @@ storageVolumeLookupByPath(virConnectPtr 
+                               "%s", _("no storage vol with matching path"));
+ 
+ cleanup:
++    VIR_FREE(cleanpath);
+     storageDriverUnlock(driver);
+     return ret;
+ }
+diff -rup libvirt-0.7.7/src/util/util.c new/src/util/util.c
+--- libvirt-0.7.7/src/util/util.c	2010-03-03 05:48:25.000000000 -0500
++++ new/src/util/util.c	2010-06-17 12:28:44.357588000 -0400
+@@ -1867,6 +1867,55 @@ int virFileAbsPath(const char *path, cha
+     return 0;
+ }
+ 
++/* Remove spurious / characters from a path. The result must be freed */
++char *
++virFileSanitizePath(const char *path)
++{
++    const char *cur = path;
++    char *cleanpath;
++    int idx = 0;
++
++    cleanpath = strdup(path);
++    if (!cleanpath) {
++        virReportOOMError();
++        return NULL;
++    }
++
++    /* Need to sanitize:
++     * //           -> //
++     * ///          -> /
++     * /../foo      -> /../foo
++     * /foo///bar/  -> /foo/bar
++     */
++
++    /* Starting with // is valid posix, but ///foo == /foo */
++    if (cur[0] == '/' && cur[1] == '/' && cur[2] != '/') {
++        idx = 2;
++        cur += 2;
++    }
++
++    /* Sanitize path in place */
++    while (*cur != '\0') {
++        if (*cur != '/') {
++            cleanpath[idx++] = *cur++;
++            continue;
++        }
++
++        /* Skip all extra / */
++        while (*++cur == '/')
++            continue;
++
++        /* Don't add a trailing / */
++        if (idx != 0 && *cur == '\0')
++            break;
++
++        cleanpath[idx++] = '/';
++    }
++    cleanpath[idx] = '\0';
++
++    return cleanpath;
++}
++
+ /* Like strtol, but produce an "int" result, and check more carefully.
+    Return 0 upon success;  return -1 to indicate failure.
+    When END_PTR is NULL, the byte after the final valid digit must be NUL.
+diff -rup libvirt-0.7.7/src/util/util.h new/src/util/util.h
+--- libvirt-0.7.7/src/util/util.h	2010-02-19 12:14:07.000000000 -0500
++++ new/src/util/util.h	2010-06-17 12:28:44.364585000 -0400
+@@ -109,6 +109,8 @@ char *virFindFileInPath(const char *file
+ 
+ int virFileExists(const char *path);
+ 
++char *virFileSanitizePath(const char *path);
++
+ enum {
+     VIR_FILE_OP_NONE        = 0,
+     VIR_FILE_OP_AS_UID      = (1 << 0),
+diff -rup libvirt-0.7.7/tests/storagepoolxml2xmlin/pool-dir.xml new/tests/storagepoolxml2xmlin/pool-dir.xml
+--- libvirt-0.7.7/tests/storagepoolxml2xmlin/pool-dir.xml	2009-12-22 04:37:57.000000000 -0500
++++ new/tests/storagepoolxml2xmlin/pool-dir.xml	2010-06-17 12:28:44.367585000 -0400
+@@ -7,7 +7,7 @@
+   <source>
+   </source>
+   <target>
+-    <path>/var/lib/libvirt/images</path>
++    <path>///var/////lib/libvirt/images//</path>
+     <permissions>
+       <mode>0700</mode>
+       <owner>0</owner>

libvirt-0.7.7-set-kernel-perms.patch

@@ -0,0 +1,87 @@
+From 3f1aa08af6580c215d973bc6bf57f505dbf8b926 Mon Sep 17 00:00:00 2001
+From: Cole Robinson <crobinso@redhat.com>
+Date: Fri, 12 Mar 2010 13:38:39 -0500
+Subject: [PATCH] security: Set permissions for kernel/initrd
+
+Fixes URL installs when running virt-install as root on Fedora.
+---
+ src/qemu/qemu_security_dac.c    |   21 +++++++++++++++++++++
+ src/security/security_selinux.c |   16 ++++++++++++++++
+ 2 files changed, 37 insertions(+), 0 deletions(-)
+
+diff --git a/src/qemu/qemu_security_dac.c b/src/qemu/qemu_security_dac.c
+index 6911f48..1883fbe 100644
+--- a/src/qemu/qemu_security_dac.c
++++ b/src/qemu/qemu_security_dac.c
+@@ -332,6 +332,15 @@ qemuSecurityDACRestoreSecurityAllLabel(virDomainObjPtr vm)
+                                                      vm->def->disks[i]) < 0)
+             rc = -1;
+     }
++
++    if (vm->def->os.kernel &&
++        qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
++        rc = -1;
++
++    if (vm->def->os.initrd &&
++        qemuSecurityDACRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
++        rc = -1;
++
+     return rc;
+ }
+ 
+@@ -356,6 +365,18 @@ qemuSecurityDACSetSecurityAllLabel(virDomainObjPtr vm)
+             return -1;
+     }
+ 
++    if (vm->def->os.kernel &&
++        qemuSecurityDACSetOwnership(vm->def->os.kernel,
++                                    driver->user,
++                                    driver->group) < 0)
++        return -1;
++
++    if (vm->def->os.initrd &&
++        qemuSecurityDACSetOwnership(vm->def->os.initrd,
++                                    driver->user,
++                                    driver->group) < 0)
++        return -1;
++
+     return 0;
+ }
+ 
+diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
+index b2c8581..975b315 100644
+--- a/src/security/security_selinux.c
++++ b/src/security/security_selinux.c
+@@ -616,6 +616,14 @@ SELinuxRestoreSecurityAllLabel(virDomainObjPtr vm)
+             rc = -1;
+     }
+ 
++    if (vm->def->os.kernel &&
++        SELinuxRestoreSecurityFileLabel(vm->def->os.kernel) < 0)
++        rc = -1;
++
++    if (vm->def->os.initrd &&
++        SELinuxRestoreSecurityFileLabel(vm->def->os.initrd) < 0)
++        rc = -1;
++
+     return rc;
+ }
+ 
+@@ -736,6 +744,14 @@ SELinuxSetSecurityAllLabel(virDomainObjPtr vm)
+             return -1;
+     }
+ 
++    if (vm->def->os.kernel &&
++        SELinuxSetFilecon(vm->def->os.kernel, default_content_context) < 0)
++        return -1;
++
++    if (vm->def->os.initrd &&
++        SELinuxSetFilecon(vm->def->os.initrd, default_content_context) < 0)
++        return -1;
++
+     return 0;
+ }
+ 
+-- 
+1.6.6.1
+

libvirt-0.7.7-udev-wireless.patch

@@ -0,0 +1,66 @@
+commit 07f6c3a95f1caca368c8723b5b0a25ae2faa1ffe
+Author: David Allan <dallan@redhat.com>
+Date:   Thu May 27 10:44:02 2010 -0400
+
+    v2 of Cole's wlan support
+    
+    * Incorporated Jim's feedback (v1 & v2)
+    
+    * Moved case of DEVTYPE == "wlan" up as it's definitive that we have a network interface.
+    
+    * Made comment more detailed about the wired case to explain better
+      how it differentiates between wired network interfaces and USB
+      devices.
+
+diff --git a/src/node_device/node_device_udev.c b/src/node_device/node_device_udev.c
+index f0485f1..c437861 100644
+--- a/src/node_device/node_device_udev.c
++++ b/src/node_device/node_device_udev.c
+@@ -597,8 +597,15 @@ static int udevProcessNetworkInterface(struct udev_device *device,
+                                        virNodeDeviceDefPtr def)
+ {
+     int ret = -1;
++    const char *devtype = udev_device_get_devtype(device);
+     union _virNodeDevCapData *data = &def->caps->data;
+ 
++    if (devtype && STREQ(devtype, "wlan")) {
++        data->net.subtype = VIR_NODE_DEV_CAP_NET_80211;
++    } else {
++        data->net.subtype = VIR_NODE_DEV_CAP_NET_80203;
++    }
++
+     if (udevGetStringProperty(device,
+                               "INTERFACE",
+                               &data->net.ifname) == PROPERTY_ERROR) {
+@@ -1074,6 +1081,8 @@ static int udevGetDeviceType(struct udev_device *device,
+     int ret = 0;
+ 
+     devtype = udev_device_get_devtype(device);
++    VIR_DEBUG("Found device type '%s' for device '%s'",
++              NULLSTR(devtype), udev_device_get_sysname(device));
+ 
+     if (devtype != NULL && STREQ(devtype, "usb_device")) {
+         *type = VIR_NODE_DEV_CAP_USB_DEV;
+@@ -1105,13 +1114,20 @@ static int udevGetDeviceType(struct udev_device *device,
+         goto out;
+     }
+ 
++    if (devtype != NULL && STREQ(devtype, "wlan")) {
++        *type = VIR_NODE_DEV_CAP_NET;
++        goto out;
++    }
++
+     if (udevGetUintProperty(device, "PCI_CLASS", &tmp, 16) == PROPERTY_FOUND) {
+         *type = VIR_NODE_DEV_CAP_PCI_DEV;
+         goto out;
+     }
+ 
+-    /* It does not appear that network interfaces set the device type
+-     * property. */
++    /* It does not appear that wired network interfaces set the
++     * DEVTYPE property.  USB devices also have an INTERFACE property,
++     * but they do set DEVTYPE, so if devtype is NULL and the
++     * INTERFACE property exists, we have a network device. */
+     if (devtype == NULL &&
+         udevGetStringProperty(device,
+                               "INTERFACE",

sources

@@ -1 +1 @@
-SHA512 (libvirt-6.1.0.tar.xz) = 17a2641f300a4a05149261bae74ac856e9a2511a259146595d2e2412c4a0601d88369b0544ba86edc80e433a47cf828317d8de38c6ec86a1b3efaca75294a606
+5f315b0bf20e3964f7657ba1e630cd67  libvirt-0.7.7.tar.gz