* Fri Jun 5 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-12.fc11

- Use the correct QEMU machine type for ppc (bug #502862) - Fix crash with TLS connections (bug #503066) - Fix broken networking with newer qemu releases (bug #503275) - Remove the qemu BuildRequires
* Mon May 25 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-11.fc11
2009-06-05 11:47:31 +00:00 · 2009-05-25 15:23:17 +00:00 · 2009-05-22 09:24:30 +00:00 · 2009-05-21 12:07:19 +00:00 · 2009-05-11 02:28:23 +00:00 · 2009-05-07 19:08:42 +00:00
34 changed files with 2133 additions and 4588 deletions
@@ -1,31 +0,0 @@
-[suppress_function]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_function]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_PRIVATE.*
-soname_regexp = libvirt\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = LIBVIRT_ADMIN_PRIVATE.*
-soname_regexp = libvirt-admin\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_storage_.*\\.so.*
-
-[suppress_function]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*
-
-[suppress_variable]
-symbol_version_regexp = .*
-soname_regexp = libvirt_driver_.*\\.so.*
@@ -0,0 +1,8 @@
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.gz
+libvirt-0.6.0.tar.gz
+libvirt-0.6.1.tar.gz
+libvirt-0.6.2.tar.gz
@@ -1,5 +0,0 @@
-.build*.log
-*.rpm
-i686
-x86_64
-libvirt-*.tar.xz
@@ -1,29 +0,0 @@
-From: Martin Kletzander <mkletzan@redhat.com>
-Date: Fri, 16 Aug 2024 13:56:51 +0200
-Subject: [PATCH] virarptable: Properly calculate rtattr length
-Content-type: text/plain
-
-Use convenience macro which does almost the same thing we were doing,
-but also pads out the payload length to a multiple of NLMSG_ALIGNTO (4)
-bytes.
-
-Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
-Reviewed-by: Laine Stump <laine@redhat.com>
---
- src/util/virarptable.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/src/util/virarptable.c b/src/util/virarptable.c
-index 299dddd664..d8e41c5a86 100644
--- a/src/util/virarptable.c
-+++ b/src/util/virarptable.c
-@@ -102,8 +102,7 @@ virArpTableGet(void)
-             return table;
- 
-         VIR_WARNINGS_NO_CAST_ALIGN
-        parse_rtattr(tb, NDA_MAX, NDA_RTA(r),
-                     nh->nlmsg_len - NLMSG_LENGTH(sizeof(*r)));
-+        parse_rtattr(tb, NDA_MAX, NDA_RTA(r), NLMSG_PAYLOAD(nh, sizeof(*r)));
-         VIR_WARNINGS_RESET
- 
-         if (tb[NDA_DST] == NULL || tb[NDA_LLADDR] == NULL)
@@ -1,34 +0,0 @@
-From: Martin Kletzander <mkletzan@redhat.com>
-Date: Fri, 16 Aug 2024 13:59:15 +0200
-Subject: [PATCH] virarptable: Fix check for message length
-Content-type: text/plain
-
-The previous check was all wrong since it calculated the how long would
-the netlink message be if the netlink header was the payload and then
-subtracted that from the whole message length, a variable that was not
-used later in the code.  This check can fail if there are no additional
-payloads, struct rtattr in particular, which we are parsing later,
-however the RTA_OK macro would've caught that anyway.
-
-Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
-Reviewed-by: Laine Stump <laine@redhat.com>
---
- src/util/virarptable.c | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/src/util/virarptable.c b/src/util/virarptable.c
-index d8e41c5a86..45ee76766f 100644
--- a/src/util/virarptable.c
-+++ b/src/util/virarptable.c
-@@ -81,10 +81,9 @@ virArpTableGet(void)
-     for (; NLMSG_OK(nh, msglen); nh = NLMSG_NEXT(nh, msglen)) {
-         VIR_WARNINGS_RESET
-         struct ndmsg *r = NLMSG_DATA(nh);
-        int len = nh->nlmsg_len;
-         void *addr;
- 
-        if ((len -= NLMSG_LENGTH(sizeof(*nh))) < 0) {
-+        if (nh->nlmsg_len < NLMSG_SPACE(sizeof(*r))) {
-             virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                            _("wrong nlmsg len"));
-             goto cleanup;
@@ -1,46 +0,0 @@
-From: Martin Kletzander <mkletzan@redhat.com>
-Date: Fri, 16 Aug 2024 14:02:48 +0200
-Subject: [PATCH] virarptable: End parsing earlier in case of NLMSG_DONE
-Content-type: text/plain
-
-Check for the last multipart message right as the first thing.  The
-presumption probably was that the last message might still contain a
-payload we want to parse.  However that cannot be true since that would
-have to be a type RTM_NEWNEIGH.  This was not caught because older
-kernels were note sending NLMSG_DONE and probably relied on the fact
-that the parsing just stops after all the messages are walked through,
-which the NLMSG_OK macro successfully did.
-
-Resolves: https://issues.redhat.com/browse/RHEL-52449
-Resolves: https://bugzilla.redhat.com/2302245
-Fixes: a176d67cdfaf5b8237a7e3a80d8be0e6bdf2d8fd
-Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
-Reviewed-by: Laine Stump <laine@redhat.com>
---
- src/util/virarptable.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/util/virarptable.c b/src/util/virarptable.c
-index 45ee76766f..20d11f97b0 100644
--- a/src/util/virarptable.c
-+++ b/src/util/virarptable.c
-@@ -83,6 +83,9 @@ virArpTableGet(void)
-         struct ndmsg *r = NLMSG_DATA(nh);
-         void *addr;
- 
-+        if (nh->nlmsg_type == NLMSG_DONE)
-+            break;
-+
-         if (nh->nlmsg_len < NLMSG_SPACE(sizeof(*r))) {
-             virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                            _("wrong nlmsg len"));
-@@ -97,9 +100,6 @@ virArpTableGet(void)
-             (!(r->ndm_state == NUD_STALE || r->ndm_state == NUD_REACHABLE)))
-             continue;
- 
-        if (nh->nlmsg_type == NLMSG_DONE)
-            return table;
-
-         VIR_WARNINGS_NO_CAST_ALIGN
-         parse_rtattr(tb, NDA_MAX, NDA_RTA(r), NLMSG_PAYLOAD(nh, sizeof(*r)));
-         VIR_WARNINGS_RESET
@@ -1,315 +0,0 @@
-From 807e2670f2704c41f0a1dca81a5d2f2f9336137c Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:44 -0500
-Subject: [PATCH 4/9] util: use a single flags arg for virNetDevBandwidthSet(),
- not multiple bools
-
-Having two bools in the arg list is on the borderline of being
-confusing to anyone trying to read the code, but we're about to add a
-3rd. This patch replaces the two bools with a single flags argument
-which will instead have one or more bits from virNetDevBandwidthFlags
-set.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/lxc/lxc_driver.c           |  8 ++++++--
- src/lxc/lxc_process.c          |  8 ++++++--
- src/network/bridge_driver.c    | 10 ++++++++--
- src/qemu/qemu_command.c        | 11 ++++++++---
- src/qemu/qemu_driver.c         | 29 ++++++++++++++-------------
- src/qemu/qemu_hotplug.c        | 22 +++++++++++++++------
- src/util/virnetdevbandwidth.c  | 36 ++++++++++++++++++++--------------
- src/util/virnetdevbandwidth.h  |  9 +++++++--
- tests/virnetdevbandwidthtest.c |  8 +++++++-
- 9 files changed, 94 insertions(+), 47 deletions(-)
-
-diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
-index 534e257f30..b693980dbb 100644
--- a/src/lxc/lxc_driver.c
-+++ b/src/lxc/lxc_driver.c
-@@ -3570,8 +3570,12 @@ lxcDomainAttachDeviceNetLive(virLXCDriver *driver,
-     actualBandwidth = virDomainNetGetActualBandwidth(net);
-     if (actualBandwidth) {
-         if (virNetDevSupportsBandwidth(actualType)) {
-            if (virNetDevBandwidthSet(net->ifname, actualBandwidth, false,
-                                      !virDomainNetTypeSharesHostView(net)) < 0)
-+            unsigned int flags = 0;
-+
-+            if (!virDomainNetTypeSharesHostView(net))
-+                flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+            if (virNetDevBandwidthSet(net->ifname, actualBandwidth, flags) < 0)
-                 goto cleanup;
-         } else {
-             VIR_WARN("setting bandwidth on interfaces of "
-diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
-index f5eb5383ec..0e689fbb70 100644
--- a/src/lxc/lxc_process.c
-+++ b/src/lxc/lxc_process.c
-@@ -605,8 +605,12 @@ virLXCProcessSetupInterfaces(virLXCDriver *driver,
-         actualBandwidth = virDomainNetGetActualBandwidth(net);
-         if (actualBandwidth) {
-             if (virNetDevSupportsBandwidth(type)) {
-                if (virNetDevBandwidthSet(net->ifname, actualBandwidth, false,
-                                          !virDomainNetTypeSharesHostView(net)) < 0)
-+                unsigned int flags = 0;
-+
-+                if (!virDomainNetTypeSharesHostView(net))
-+                    flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+                if (virNetDevBandwidthSet(net->ifname, actualBandwidth, flags) < 0)
-                     goto cleanup;
-             } else {
-                 VIR_WARN("setting bandwidth on interfaces of "
-diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
-index 32572c755f..1c53636450 100644
--- a/src/network/bridge_driver.c
-+++ b/src/network/bridge_driver.c
-@@ -2058,8 +2058,11 @@ networkStartNetworkVirtual(virNetworkDriverState *driver,
-         }
-     }
- 
-    if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
-+    if (virNetDevBandwidthSet(def->bridge, def->bandwidth,
-+                              VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS
-+                              | VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED) < 0) {
-         goto error;
-+    }
- 
-     return 0;
- 
-@@ -2141,8 +2144,11 @@ networkStartNetworkBridge(virNetworkObj *obj)
-      * type BRIDGE, is started. On failure, undo anything you've done,
-      * and return -1. On success return 0.
-      */
-    if (virNetDevBandwidthSet(def->bridge, def->bandwidth, true, true) < 0)
-+    if (virNetDevBandwidthSet(def->bridge, def->bandwidth,
-+                              VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS
-+                              | VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED) < 0) {
-         goto error;
-+    }
- 
-     if (networkStartHandleMACTableManagerMode(obj) < 0)
-         goto error;
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index f15e6bda1e..b4815e5e71 100644
--- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -8840,9 +8840,14 @@ qemuBuildInterfaceCommandLine(virQEMUDriver *driver,
-                                                         def->uuid,
-                                                         !virDomainNetTypeSharesHostView(net)) < 0)
-                     goto cleanup;
-            } else if (virNetDevBandwidthSet(net->ifname, actualBandwidth, false,
-                                             !virDomainNetTypeSharesHostView(net)) < 0) {
-                goto cleanup;
-+            } else {
-+                unsigned int flags = 0;
-+
-+                if (!virDomainNetTypeSharesHostView(net))
-+                    flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+                if (virNetDevBandwidthSet(net->ifname, actualBandwidth, flags) < 0)
-+                    goto cleanup;
-             }
-         } else {
-             VIR_WARN("setting bandwidth on interfaces of "
-diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
-index 736602333e..14929616e5 100644
--- a/src/qemu/qemu_driver.c
-+++ b/src/qemu/qemu_driver.c
-@@ -9941,21 +9941,22 @@ qemuDomainSetInterfaceParameters(virDomainPtr dom,
-                 virErrorRestore(&orig_err);
-                 goto endjob;
-             }
-        } else if (virNetDevBandwidthSet(net->ifname, newBandwidth, false,
-                                         !virDomainNetTypeSharesHostView(net)) < 0) {
-            virErrorPtr orig_err;
-
-            virErrorPreserveLast(&orig_err);
-            ignore_value(virNetDevBandwidthSet(net->ifname,
-                                               net->bandwidth,
-                                               false,
-                                               !virDomainNetTypeSharesHostView(net)));
-            if (net->bandwidth) {
-                ignore_value(virDomainNetBandwidthUpdate(net,
-                                                         net->bandwidth));
-+        } else {
-+            unsigned int bwflags = 0;
-+
-+            if (!virDomainNetTypeSharesHostView(net))
-+                bwflags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+            if (virNetDevBandwidthSet(net->ifname, newBandwidth, bwflags) < 0) {
-+                virErrorPtr orig_err;
-+
-+                virErrorPreserveLast(&orig_err);
-+                ignore_value(virNetDevBandwidthSet(net->ifname, net->bandwidth, bwflags));
-+                if (net->bandwidth)
-+                    ignore_value(virDomainNetBandwidthUpdate(net, net->bandwidth));
-+                virErrorRestore(&orig_err);
-+                goto endjob;
-             }
-            virErrorRestore(&orig_err);
-            goto endjob;
-         }
- 
-         /* If the old bandwidth was cleared out, restore qdisc. */
-diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
-index 7cb1800504..d5e7e99359 100644
--- a/src/qemu/qemu_hotplug.c
-+++ b/src/qemu/qemu_hotplug.c
-@@ -1279,9 +1279,14 @@ qemuDomainAttachNetDevice(virQEMUDriver *driver,
-                                                         vm->def->uuid,
-                                                         !virDomainNetTypeSharesHostView(net)) < 0)
-                     goto cleanup;
-            } else if (virNetDevBandwidthSet(net->ifname, actualBandwidth, false,
-                                             !virDomainNetTypeSharesHostView(net)) < 0) {
-                goto cleanup;
-+            } else {
-+                int flags = 0;
-+
-+                if (!virDomainNetTypeSharesHostView(net))
-+                    flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+                if (virNetDevBandwidthSet(net->ifname, actualBandwidth, flags) < 0)
-+                    goto cleanup;
-             }
-         } else {
-             VIR_WARN("setting bandwidth on interfaces of "
-@@ -4082,9 +4087,14 @@ qemuDomainChangeNet(virQEMUDriver *driver,
-                                                         vm->def->uuid,
-                                                         !virDomainNetTypeSharesHostView(newdev)) < 0)
-                     goto cleanup;
-            } else if (virNetDevBandwidthSet(newdev->ifname, newb, false,
-                                             !virDomainNetTypeSharesHostView(newdev)) < 0) {
-                goto cleanup;
-+            } else {
-+                int flags = 0;
-+
-+                if (!virDomainNetTypeSharesHostView(newdev))
-+                    flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+                if (virNetDevBandwidthSet(newdev->ifname, newb, flags) < 0)
-+                    goto cleanup;
-             }
-         } else {
-             if (virDomainInterfaceClearQoS(vm->def, olddev) < 0)
-diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c
-index 2b58c58d3e..1baad849c6 100644
--- a/src/util/virnetdevbandwidth.c
-+++ b/src/util/virnetdevbandwidth.c
-@@ -173,30 +173,35 @@ virNetDevBandwidthManipulateFilter(const char *ifname,
-  * virNetDevBandwidthSet:
-  * @ifname: on which interface
-  * @bandwidth: rates to set (may be NULL)
- * @hierarchical_class: whether to create hierarchical class
- * @swapped: true if IN/OUT should be set contrariwise
-+ * @flags: bits indicating certain optional actions
-  *
-+
-  * This function enables QoS on specified interface
-  * and set given traffic limits for both, incoming
- * and outgoing traffic. Any previous setting get
- * overwritten. If @hierarchical_class is TRUE, create
- * hierarchical class. It is used to guarantee minimal
- * throughput ('floor' attribute in NIC).
-+ * and outgoing traffic.
-+ *
-+ * @flags bits and their meanings:
-+ *
-+ *   VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS
-+ *     whether to create a hierarchical class
-+ *     A hiearchical class structure is used to implement a minimal
-+ *     throughput guarantee ('floor' attribute in NIC).
-  *
- * If @swapped is set, the IN part of @bandwidth is set on
- * @ifname's TX, and vice versa. If it is not set, IN is set on
- * RX and OUT on TX. This is because for some types of interfaces
- * domain and the host live on the same side of the interface (so
- * domain's RX/TX is host's RX/TX), and for some it's swapped
- * (domain's RX/TX is hosts's TX/RX).
-+ *   VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED
-+ *     set if IN/OUT should be set backwards from what's indicated in
-+ *     the bandwidth, i.e. the IN part of @bandwidth is set on
-+ *     @ifname's TX, and the OUT part of @bandwidth is set on
-+ *     @ifname's RX.  This is needed because for some types of
-+ *     interfaces the domain and the host live on the same side of the
-+ *     interface (so domain's RX/TX is host's RX/TX), and for some
-+ *     it's swapped (domain's RX/TX is hosts's TX/RX).
-  *
-  * Return 0 on success, -1 otherwise.
-  */
- int
- virNetDevBandwidthSet(const char *ifname,
-                       const virNetDevBandwidth *bandwidth,
-                      bool hierarchical_class,
-                      bool swapped)
-+                      unsigned int flags)
- {
-     int ret = -1;
-     virNetDevBandwidthRate *rx = NULL; /* From domain POV */
-@@ -205,6 +210,7 @@ virNetDevBandwidthSet(const char *ifname,
-     char *average = NULL;
-     char *peak = NULL;
-     char *burst = NULL;
-+    bool hierarchical_class = flags & VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS;
- 
-     if (!bandwidth) {
-         /* nothing to be enabled */
-@@ -224,7 +230,7 @@ virNetDevBandwidthSet(const char *ifname,
-         return -1;
-     }
- 
-    if (swapped) {
-+    if (flags & VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED) {
-         rx = bandwidth->out;
-         tx = bandwidth->in;
-     } else {
-diff --git a/src/util/virnetdevbandwidth.h b/src/util/virnetdevbandwidth.h
-index 6d268fb119..80dc654486 100644
--- a/src/util/virnetdevbandwidth.h
-+++ b/src/util/virnetdevbandwidth.h
-@@ -39,11 +39,16 @@ void virNetDevBandwidthFree(virNetDevBandwidth *def);
- 
- G_DEFINE_AUTOPTR_CLEANUP_FUNC(virNetDevBandwidth, virNetDevBandwidthFree);
- 
-+typedef enum {
-+    VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS = (1 << 0),
-+    VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED = (1 << 1),
-+} virNetDevBandwidthSetFlags;
-+
- int virNetDevBandwidthSet(const char *ifname,
-                           const virNetDevBandwidth *bandwidth,
-                          bool hierarchical_class,
-                          bool swapped)
-+                          unsigned int flags)
-     G_GNUC_WARN_UNUSED_RESULT;
-+
- int virNetDevBandwidthClear(const char *ifname);
- int virNetDevBandwidthCopy(virNetDevBandwidth **dest,
-                            const virNetDevBandwidth *src)
-diff --git a/tests/virnetdevbandwidthtest.c b/tests/virnetdevbandwidthtest.c
-index f7c38faa2e..6529ff4026 100644
--- a/tests/virnetdevbandwidthtest.c
-+++ b/tests/virnetdevbandwidthtest.c
-@@ -82,8 +82,14 @@ testVirNetDevBandwidthSet(const void *data)
-         if (virNetDevOpenvswitchInterfaceSetQos(iface, band, info->uuid, true) < 0)
-             return -1;
-     } else {
-+        unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+
-+        if (info->hierarchical_class)
-+            flags |= VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS;
-+
-         exp_cmd = info->exp_cmd_tc;
-        if (virNetDevBandwidthSet(iface, band, info->hierarchical_class, true) < 0)
-+
-+        if (virNetDevBandwidthSet(iface, band, flags) < 0)
-             return -1;
-     }
- 
-- 
-2.47.1
-
@@ -1,185 +0,0 @@
-From 490f58382dca2a415a5f16b6133f298d853bb379 Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:45 -0500
-Subject: [PATCH 5/9] util: make it optional to clear existing tc
- qdiscs/filters in virNetDevBandwidthSet()
-
-virNetDevBandwidthSet() always clears all existing qdiscs and their
-subordinate filters before adding all the new qdiscs/filters. This is
-normally exactly what we want, but there is one case (the network
-driver) where the Qdisc added by virNetDevBandwidthSet() may already
-be in use by the nftables backend (which will add a rule to fix the
-checksum of dhcp packets); in that case, we *don't* want
-virNetDevBandwidthSet() to clear out the qdisc that was already added
-for nftables, and none of the bandwidth filters have been added yet,
-so there already aren't any "old" filters that need to be removed
-either - it is safe to just skip virNetDevBandwidthClear() in this
-case.
-
-To allow the network driver to set bandwidth without first clearing
-it, this patch adds the flag VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL to the
-virNetDevBandwidthSetFlags enum, and recognizes it in
-virNetDevBandwidthSet() - if the flag is set, then
-virNetDevBandwidth() will call virNetDevBandwidthClear() just as it
-always has. But if the flag isn't set it *won't* call
-virNetDevBandwidthClear().
-
-As suggested above, VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL is set for all
-calls to virNetdevBandwidthSet() except for two places in the network
-driver.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/lxc/lxc_driver.c           |  2 +-
- src/lxc/lxc_process.c          |  2 +-
- src/qemu/qemu_command.c        |  2 +-
- src/qemu/qemu_driver.c         |  2 +-
- src/qemu/qemu_hotplug.c        |  4 ++--
- src/util/virnetdevbandwidth.c  | 21 ++++++++++++++++++++-
- src/util/virnetdevbandwidth.h  |  1 +
- tests/virnetdevbandwidthtest.c |  3 ++-
- 8 files changed, 29 insertions(+), 8 deletions(-)
-
-diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
-index b693980dbb..81581c74df 100644
--- a/src/lxc/lxc_driver.c
-+++ b/src/lxc/lxc_driver.c
-@@ -3570,7 +3570,7 @@ lxcDomainAttachDeviceNetLive(virLXCDriver *driver,
-     actualBandwidth = virDomainNetGetActualBandwidth(net);
-     if (actualBandwidth) {
-         if (virNetDevSupportsBandwidth(actualType)) {
-            unsigned int flags = 0;
-+            unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-             if (!virDomainNetTypeSharesHostView(net))
-                 flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
-index 0e689fbb70..081ce03a57 100644
--- a/src/lxc/lxc_process.c
-+++ b/src/lxc/lxc_process.c
-@@ -605,7 +605,7 @@ virLXCProcessSetupInterfaces(virLXCDriver *driver,
-         actualBandwidth = virDomainNetGetActualBandwidth(net);
-         if (actualBandwidth) {
-             if (virNetDevSupportsBandwidth(type)) {
-                unsigned int flags = 0;
-+                unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-                 if (!virDomainNetTypeSharesHostView(net))
-                     flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
-index b4815e5e71..ed54fd4c5b 100644
--- a/src/qemu/qemu_command.c
-+++ b/src/qemu/qemu_command.c
-@@ -8841,7 +8841,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriver *driver,
-                                                         !virDomainNetTypeSharesHostView(net)) < 0)
-                     goto cleanup;
-             } else {
-                unsigned int flags = 0;
-+                unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-                 if (!virDomainNetTypeSharesHostView(net))
-                     flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
-index 14929616e5..9549065b1f 100644
--- a/src/qemu/qemu_driver.c
-+++ b/src/qemu/qemu_driver.c
-@@ -9942,7 +9942,7 @@ qemuDomainSetInterfaceParameters(virDomainPtr dom,
-                 goto endjob;
-             }
-         } else {
-            unsigned int bwflags = 0;
-+            unsigned int bwflags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-             if (!virDomainNetTypeSharesHostView(net))
-                 bwflags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
-index d5e7e99359..ceda4119cd 100644
--- a/src/qemu/qemu_hotplug.c
-+++ b/src/qemu/qemu_hotplug.c
-@@ -1280,7 +1280,7 @@ qemuDomainAttachNetDevice(virQEMUDriver *driver,
-                                                         !virDomainNetTypeSharesHostView(net)) < 0)
-                     goto cleanup;
-             } else {
-                int flags = 0;
-+                int flags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-                 if (!virDomainNetTypeSharesHostView(net))
-                     flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-@@ -4088,7 +4088,7 @@ qemuDomainChangeNet(virQEMUDriver *driver,
-                                                         !virDomainNetTypeSharesHostView(newdev)) < 0)
-                     goto cleanup;
-             } else {
-                int flags = 0;
-+                int flags = VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-                 if (!virDomainNetTypeSharesHostView(newdev))
-                     flags |= VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c
-index 1baad849c6..9c48844c5d 100644
--- a/src/util/virnetdevbandwidth.c
-+++ b/src/util/virnetdevbandwidth.c
-@@ -196,6 +196,21 @@ virNetDevBandwidthManipulateFilter(const char *ifname,
-  *     interface (so domain's RX/TX is host's RX/TX), and for some
-  *     it's swapped (domain's RX/TX is hosts's TX/RX).
-  *
-+ *   VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL
-+ *     If VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL is set, then the root
-+ *     qdisc is deleted before adding any new qdisc/class/filter,
-+ *     which causes any pre-existing filters to also be deleted. If
-+ *     not set, then it's assumed that there are no existing rules (or
-+ *     that those already there need to be kept). The caller should
-+ *     set this flag for an existing interface that is having its
-+ *     bandwidth settings modified, but can leave it unset if the
-+ *     interface was newly created and this is the first time
-+ *     bandwidth has been set, but someone else might have already
-+ *     added the qdisc (e.g. this is the case when the network driver
-+ *     is setting bandwidth for a virtual network bridge device - the
-+ *     nftables backend may have already added qdisc handle 1:0 and a
-+ *     filter, and we don't want to delete them)
-+ *
-  * Return 0 on success, -1 otherwise.
-  */
- int
-@@ -238,7 +253,11 @@ virNetDevBandwidthSet(const char *ifname,
-         tx = bandwidth->out;
-     }
- 
-    virNetDevBandwidthClear(ifname);
-+    /* Only if the caller requests, clear everything including root
-+     * qdisc and all filters before adding everything.
-+     */
-+    if (flags & VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL)
-+        virNetDevBandwidthClear(ifname);
- 
-     if (tx && tx->average) {
-         average = g_strdup_printf("%llukbps", tx->average);
-diff --git a/src/util/virnetdevbandwidth.h b/src/util/virnetdevbandwidth.h
-index 80dc654486..744aa4c826 100644
--- a/src/util/virnetdevbandwidth.h
-+++ b/src/util/virnetdevbandwidth.h
-@@ -42,6 +42,7 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(virNetDevBandwidth, virNetDevBandwidthFree);
- typedef enum {
-     VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS = (1 << 0),
-     VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED = (1 << 1),
-+    VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL = (1 << 2),
- } virNetDevBandwidthSetFlags;
- 
- int virNetDevBandwidthSet(const char *ifname,
-diff --git a/tests/virnetdevbandwidthtest.c b/tests/virnetdevbandwidthtest.c
-index 6529ff4026..6d5c847ad7 100644
--- a/tests/virnetdevbandwidthtest.c
-+++ b/tests/virnetdevbandwidthtest.c
-@@ -82,7 +82,8 @@ testVirNetDevBandwidthSet(const void *data)
-         if (virNetDevOpenvswitchInterfaceSetQos(iface, band, info->uuid, true) < 0)
-             return -1;
-     } else {
-        unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED;
-+        unsigned int flags = VIR_NETDEV_BANDWIDTH_SET_DIR_SWAPPED |
-+                             VIR_NETDEV_BANDWIDTH_SET_CLEAR_ALL;
- 
-         if (info->hierarchical_class)
-             flags |= VIR_NETDEV_BANDWIDTH_SET_HIERARCHICAL_CLASS;
-- 
-2.47.1
-
@@ -1,98 +0,0 @@
-From faebbbbfa3b1bd4120852b3f416c8073ab82d5c5 Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:46 -0500
-Subject: [PATCH 6/9] util: put the command that adds a tx filter qdisc into a
- separate function
-
-virNetDevBandwidthSet() adds a queue discipline (qdisc) for each
-interface that it will need to add tc transmit filters to, and the
-filters are then attached to the qdisc.
-
-There are other circumstances where some other function will need to
-add tc transmit filters to an interface (in particular an upcoming
-patch to the network driver nftables backend that will use a tc tx
-filter to fix the checksum of dhcp packets), so that function will
-also need a qdisc for the tx filter. To assure both always use exactly
-the same qdisc, this patch puts the command that adds the tx filter
-qdisc into a separate helper function that can (and will) be called
-from either place
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/libvirt_private.syms      |  1 +
- src/util/virnetdevbandwidth.c | 30 +++++++++++++++++++++++++-----
- src/util/virnetdevbandwidth.h |  3 +++
- 3 files changed, 29 insertions(+), 5 deletions(-)
-
-diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
-index d15d6a6a9d..0211cee967 100644
--- a/src/libvirt_private.syms
-+++ b/src/libvirt_private.syms
-@@ -2859,6 +2859,7 @@ virNetDevVFInterfaceStats;
- 
- 
- # util/virnetdevbandwidth.h
-+virNetDevBandWidthAddTxFilterParentQdisc;
- virNetDevBandwidthClear;
- virNetDevBandwidthCopy;
- virNetDevBandwidthEqual;
-diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c
-index 9c48844c5d..90eebe6576 100644
--- a/src/util/virnetdevbandwidth.c
-+++ b/src/util/virnetdevbandwidth.c
-@@ -266,11 +266,7 @@ virNetDevBandwidthSet(const char *ifname,
-         if (tx->burst)
-             burst = g_strdup_printf("%llukb", tx->burst);
- 
-        cmd = virCommandNew(TC);
-        virCommandAddArgList(cmd, "qdisc", "add", "dev", ifname, "root",
-                             "handle", "1:", "htb", "default",
-                             hierarchical_class ? "2" : "1", NULL);
-        if (virCommandRun(cmd, NULL) < 0)
-+        if (virNetDevBandWidthAddTxFilterParentQdisc(ifname, hierarchical_class) < 0)
-             goto cleanup;
- 
-         /* If we are creating a hierarchical class, all non guaranteed traffic
-@@ -794,3 +790,27 @@ virNetDevBandwidthSetRootQDisc(const char *ifname,
- 
-     return 0;
- }
-+
-+/**
-+ * virNetDevBandwidthAddTxFilterParentQdisc:
-+ * @ifname: name of interface that needs a qdisc to attach tx filters to
-+ * @hierarchical_class: true if hierarchical classes will be used on this interface
-+ *
-+ * Add a root Qdisc (Queueing Discipline) for attaching Tx filters to
-+ * @ifname.
-+ *
-+ * returns 0 on success, -1 on failure
-+ */
-+int
-+virNetDevBandWidthAddTxFilterParentQdisc(const char *ifname,
-+                                         bool hierarchical_class)
-+{
-+    g_autoptr(virCommand) cmd = NULL;
-+
-+    cmd = virCommandNew(TC);
-+    virCommandAddArgList(cmd, "qdisc", "add", "dev", ifname, "root",
-+                         "handle", "1:", "htb", "default",
-+                         hierarchical_class ? "2" : "1", NULL);
-+
-+    return virCommandRun(cmd, NULL);
-+}
-diff --git a/src/util/virnetdevbandwidth.h b/src/util/virnetdevbandwidth.h
-index 744aa4c826..65c1500637 100644
--- a/src/util/virnetdevbandwidth.h
-+++ b/src/util/virnetdevbandwidth.h
-@@ -84,3 +84,6 @@ int virNetDevBandwidthUpdateFilter(const char *ifname,
- int virNetDevBandwidthSetRootQDisc(const char *ifname,
-                                    const char *qdisc)
-     G_NO_INLINE;
-+
-+int virNetDevBandWidthAddTxFilterParentQdisc(const char *ifname,
-+                                             bool hierarchical_class);
-- 
-2.47.1
-
@@ -1,107 +0,0 @@
-From 73c0fb19ce5b816ee81ede691252855c75391c9a Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:47 -0500
-Subject: [PATCH 7/9] util: don't re-add the qdisc used for tx filters if it
- already exists
-
-There will soon be two separate users of tc on virtual networks, and
-both will use the "qdisc root handle 1: htb" to add tx filters. One or the
-other could get the first chance to add the qdisc, and then if at a
-later time the other decides to use it, we need to prevent the 2nd
-user from attempting to re-add the qdisc (because that just generates
-an error).
-
-We do this by running "tc qdisc show dev $bridge handle 1:" then
-checking if the output of that command contains both "qdisc" and " 1:
-".[*] If it does then the qdisc has already been added. If not then we
-need to add it now.
-
-[*]As of this writing, the output more exactly starts with "qdisc
-htb 1: root", but our comparison is made purposefully generous to
-increase the chances that it will continue to work properly if tc
-modifies the format of its output.
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/util/virnetdevbandwidth.c  | 35 ++++++++++++++++++++++++++++------
- tests/virnetdevbandwidthtest.c |  3 +++
- 2 files changed, 32 insertions(+), 6 deletions(-)
-
-diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c
-index 90eebe6576..5c6a65528c 100644
--- a/src/util/virnetdevbandwidth.c
-+++ b/src/util/virnetdevbandwidth.c
-@@ -805,12 +805,35 @@ int
- virNetDevBandWidthAddTxFilterParentQdisc(const char *ifname,
-                                          bool hierarchical_class)
- {
-    g_autoptr(virCommand) cmd = NULL;
-+    g_autoptr(virCommand) testCmd = NULL;
-+    g_autofree char *testResult = NULL;
- 
-    cmd = virCommandNew(TC);
-    virCommandAddArgList(cmd, "qdisc", "add", "dev", ifname, "root",
-                         "handle", "1:", "htb", "default",
-                         hierarchical_class ? "2" : "1", NULL);
-+    /* first check it the qdisc with handle 1: was already added for
-+     * this interface by someone else
-+     */
-+    testCmd = virCommandNew(TC);
-+    virCommandAddArgList(testCmd, "qdisc", "show", "dev", ifname,
-+                         "handle", "1:", NULL);
-+    virCommandSetOutputBuffer(testCmd, &testResult);
- 
-    return virCommandRun(cmd, NULL);
-+    if (virCommandRun(testCmd, NULL) < 0)
-+        return -1;
-+
-+    /* output will be something like: "qdisc htb 1: root refcnt ..."
-+     * if the qdisc was already added. We just search for "qdisc" and
-+     * " 1: " anywhere in the output to allow for tc changing its
-+     * output format.
-+     */
-+    if (!(testResult && strstr(testResult, "qdisc") && strstr(testResult, " 1: "))) {
-+        /* didn't find qdisc in output, so we need to add one */
-+        g_autoptr(virCommand) addCmd = virCommandNew(TC);
-+
-+        virCommandAddArgList(addCmd, "qdisc", "add", "dev", ifname, "root",
-+                             "handle", "1:", "htb", "default",
-+                             hierarchical_class ? "2" : "1", NULL);
-+
-+        return virCommandRun(addCmd, NULL);
-+    }
-+
-+    return 0;
- }
-diff --git a/tests/virnetdevbandwidthtest.c b/tests/virnetdevbandwidthtest.c
-index 6d5c847ad7..31aa7f469d 100644
--- a/tests/virnetdevbandwidthtest.c
-+++ b/tests/virnetdevbandwidthtest.c
-@@ -147,6 +147,7 @@ mymain(void)
-                 "</bandwidth>",
-                 TC " qdisc del dev eth0 root\n"
-                 TC " qdisc del dev eth0 ingress\n"
-+                TC " qdisc show dev eth0 handle 1:\n"
-                 TC " qdisc add dev eth0 root handle 1: htb default 1\n"
-                 TC " class add dev eth0 parent 1: classid 1:1 htb rate 1024kbps quantum 87\n"
-                 TC " qdisc add dev eth0 parent 1:1 handle 2: sfq perturb 10\n"
-@@ -177,6 +178,7 @@ mymain(void)
-                 "</bandwidth>",
-                 TC " qdisc del dev eth0 root\n"
-                 TC " qdisc del dev eth0 ingress\n"
-+                TC " qdisc show dev eth0 handle 1:\n"
-                 TC " qdisc add dev eth0 root handle 1: htb default 1\n"
-                 TC " class add dev eth0 parent 1: classid 1:1 htb rate 1kbps ceil 2kbps burst 4kb quantum 1\n"
-                 TC " qdisc add dev eth0 parent 1:1 handle 2: sfq perturb 10\n"
-@@ -199,6 +201,7 @@ mymain(void)
-                 "</bandwidth>",
-                 TC " qdisc del dev eth0 root\n"
-                 TC " qdisc del dev eth0 ingress\n"
-+                TC " qdisc show dev eth0 handle 1:\n"
-                 TC " qdisc add dev eth0 root handle 1: htb default 1\n"
-                 TC " class add dev eth0 parent 1: classid 1:1 htb rate 4294967295kbps quantum 366503875\n"
-                 TC " qdisc add dev eth0 parent 1:1 handle 2: sfq perturb 10\n"
-- 
-2.47.1
-
@@ -1,171 +0,0 @@
-From dac9cb9030ac03d18f59884864a0a253e3c9f8f1 Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:48 -0500
-Subject: [PATCH 8/9] util: add new "tc" layer for virFirewallCmd objects
-
-If the layer of a virFirewallCmd is "tc", then the "tc" utility will
-be executed using the arguments that had been added to the
-virFirewallCmd
-
-tc layer doesn't support auto-rollback command creation (any rollback
-needs to be added manually with virFirewallAddRollbackCmd()), and also
-tc layer isn't supported by the iptables backend (it would have been
-straightforward to add, but the iptables backend doesn't need it, and
-I didn't want to take the chance of causing a regression in that
-code for no good reason).
-
-Signed-off-by: Laine Stump <laine@redhat.com>
-Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/network/network_nftables.c |  1 +
- src/util/virfirewall.c         | 66 +++++++++++++++++++++-------------
- src/util/virfirewall.h         |  1 +
- src/util/virfirewalld.c        |  1 +
- 4 files changed, 44 insertions(+), 25 deletions(-)
-
-diff --git a/src/network/network_nftables.c b/src/network/network_nftables.c
-index 268d1f12ca..cc184105c3 100644
--- a/src/network/network_nftables.c
-+++ b/src/network/network_nftables.c
-@@ -73,6 +73,7 @@ VIR_ENUM_IMPL(nftablesLayer,
-               "",
-               "ip",
-               "ip6",
-+              "",
- );
- 
- 
-diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
-index 811b787ecc..9389bcf541 100644
--- a/src/util/virfirewall.c
-+++ b/src/util/virfirewall.c
-@@ -47,6 +47,7 @@ VIR_ENUM_IMPL(virFirewallLayer,
-               "ethernet",
-               "ipv4",
-               "ipv6",
-+              "tc",
- );
- 
- typedef struct _virFirewallGroup virFirewallGroup;
-@@ -57,6 +58,7 @@ VIR_ENUM_IMPL(virFirewallLayerCommand,
-               EBTABLES,
-               IPTABLES,
-               IP6TABLES,
-+              TC,
- );
- 
- struct _virFirewallCmd {
-@@ -591,6 +593,7 @@ virFirewallCmdIptablesApply(virFirewall *firewall,
-     case VIR_FIREWALL_LAYER_IPV6:
-         virCommandAddArg(cmd, "-w");
-         break;
-+    case VIR_FIREWALL_LAYER_TC:
-     case VIR_FIREWALL_LAYER_LAST:
-         break;
-     }
-@@ -672,39 +675,52 @@ virFirewallCmdNftablesApply(virFirewall *firewall G_GNUC_UNUSED,
-     size_t i;
-     int status;
- 
-    cmd = virCommandNew(NFT);
-+    if (fwCmd->layer == VIR_FIREWALL_LAYER_TC) {
- 
-    if ((virFirewallTransactionGetFlags(firewall) & VIR_FIREWALL_TRANSACTION_AUTO_ROLLBACK) &&
-        fwCmd->argsLen > 1) {
-        /* skip any leading options to get to command verb */
-        for (i = 0; i < fwCmd->argsLen - 1; i++) {
-            if (fwCmd->args[i][0] != '-')
-                break;
-        }
-+        /* for VIR_FIREWALL_LAYER_TC, we run the 'tc' (traffic control) command with
-+         * the supplied args.
-+         */
-+        cmd = virCommandNew(TC);
- 
-        if (i + 1 < fwCmd->argsLen &&
-            VIR_NFTABLES_ARG_IS_CREATE(fwCmd->args[i])) {
-+        /* NB: RAW commands don't support auto-rollback command creation */
- 
-            cmdIdx = i;
-            objectType = fwCmd->args[i + 1];
-+    } else {
- 
-            /* we currently only handle auto-rollback for rules,
-             * chains, and tables, and those all can be "rolled
-             * back" by a delete command using the handle that is
-             * returned when "-ae" is added to the add/insert
-             * command.
-             */
-            if (STREQ_NULLABLE(objectType, "rule") ||
-                STREQ_NULLABLE(objectType, "chain") ||
-                STREQ_NULLABLE(objectType, "table")) {
-+        cmd = virCommandNew(NFT);
- 
-                needRollback = true;
-                /* this option to nft instructs it to add the
-                 * "handle" of the created object to stdout
-+        if ((virFirewallTransactionGetFlags(firewall) & VIR_FIREWALL_TRANSACTION_AUTO_ROLLBACK) &&
-+            fwCmd->argsLen > 1) {
-+            /* skip any leading options to get to command verb */
-+            for (i = 0; i < fwCmd->argsLen - 1; i++) {
-+                if (fwCmd->args[i][0] != '-')
-+                    break;
-+            }
-+
-+            if (i + 1 < fwCmd->argsLen &&
-+                VIR_NFTABLES_ARG_IS_CREATE(fwCmd->args[i])) {
-+
-+                cmdIdx = i;
-+                objectType = fwCmd->args[i + 1];
-+
-+                /* we currently only handle auto-rollback for rules,
-+                 * chains, and tables, and those all can be "rolled
-+                 * back" by a delete command using the handle that is
-+                 * returned when "-ae" is added to the add/insert
-+                 * command.
-                  */
-                virCommandAddArg(cmd, "-ae");
-+                if (STREQ_NULLABLE(objectType, "rule") ||
-+                    STREQ_NULLABLE(objectType, "chain") ||
-+                    STREQ_NULLABLE(objectType, "table")) {
-+
-+                    needRollback = true;
-+                    /* this option to nft instructs it to add the
-+                     * "handle" of the created object to stdout
-+                     */
-+                    virCommandAddArg(cmd, "-ae");
-+                }
-             }
-         }
-+
-     }
- 
-     for (i = 0; i < fwCmd->argsLen; i++)
-diff --git a/src/util/virfirewall.h b/src/util/virfirewall.h
-index bce51259d2..d42e60884b 100644
--- a/src/util/virfirewall.h
-+++ b/src/util/virfirewall.h
-@@ -39,6 +39,7 @@ typedef enum {
-     VIR_FIREWALL_LAYER_ETHERNET,
-     VIR_FIREWALL_LAYER_IPV4,
-     VIR_FIREWALL_LAYER_IPV6,
-+    VIR_FIREWALL_LAYER_TC,
- 
-     VIR_FIREWALL_LAYER_LAST,
- } virFirewallLayer;
-diff --git a/src/util/virfirewalld.c b/src/util/virfirewalld.c
-index 827e201dbb..124523c420 100644
--- a/src/util/virfirewalld.c
-+++ b/src/util/virfirewalld.c
-@@ -43,6 +43,7 @@ VIR_LOG_INIT("util.firewalld");
- VIR_ENUM_DECL(virFirewallLayerFirewallD);
- VIR_ENUM_IMPL(virFirewallLayerFirewallD,
-               VIR_FIREWALL_LAYER_LAST,
-+              "",
-               "eb",
-               "ipv4",
-               "ipv6",
-- 
-2.47.1
-
@@ -1,687 +0,0 @@
-From b1e2318a0d609fcdff04fcf88953ea87cdd02b95 Mon Sep 17 00:00:00 2001
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 25 Nov 2024 22:24:49 -0500
-Subject: [PATCH 9/9] network: add tc filter rule to nftables backend to fix
- checksum of DHCP responses
-
-Please see the commit log for commit v10.9.0-rc1-1-g42ab0148dd for the
-history and explanation of the problem that this patch is fixing.
-
-A shorter explanation is that when a guest is connected to a libvirt
-virtual network using a virtio-net adapter with in-kernel "vhost-net"
-packet processing enabled, it will fail to acquire an IP address from
-a DHCP seever running on the host.
-
-In commit v10.9.0-rc1-1-g42ab0148dd we tried fixing this by *zeroing
-out* the checksums of these packets with an nftables rule (nftables
-can't recompute the checksum, but it can set it to 0) . This
-*appeared* to work initially, but it turned out that zeroing the
-checksum ends up breaking dhcp packets on *non* virtio/vhost-net guest
-interfaces. That attempt was reverted in commit v10.9.0-rc2.
-
-Fortunately, there is an existing way to recompute the checksum of a
-packet as it leaves an interface - the "tc" (traffic control) utility
-that libvirt already uses for bandwidth management. This patch uses a
-tc filter rule to match dhcp response packets on the bridge and
-recompute their checksum.
-
-The filter rule must be attached to a tc qdisc, which may also have a
-filter attached for bandwidth management (in the <bandwidth> element
-of the network config). Not only must we add the qdisc only once
-(which was already handled by the patch two prior to this one), but
-also the filter rule for checksum fixing and the filter rule for
-bandwidth management must be different priorities so they don't clash;
-this is solved by adding the checksum-fix filter with "priority 2",
-while the bandwidth management filter remains "priority 1" (both will
-always be evaluated anyway, it's just a matter of which is evaluated
-first).
-
-So far this method has worked with every different guest we could
-throw at it, including several that failed with the previous method.
-
-Fixes: b89c4991daa0ee9371f10937fab3b03c5ffdabc6
-Reported-by: Rich Jones <rjones@redhat.com>
-Reported-by: Andrea Bolognani <abologna@redhat.com>
-Fix-Suggested-by: Eric Garver <egarver@redhat.com>
-Fix-Suggested-by: Phil Sutter <psutter@redhat.com>
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
- src/network/network_nftables.c                | 68 +++++++++++++++++++
- .../forward-dev-linux.nftables                | 40 +++++++++++
- .../isolated-linux.nftables                   | 40 +++++++++++
- .../nat-default-linux.nftables                | 40 +++++++++++
- .../nat-ipv6-linux.nftables                   | 40 +++++++++++
- .../nat-ipv6-masquerade-linux.nftables        | 40 +++++++++++
- .../nat-many-ips-linux.nftables               | 40 +++++++++++
- .../nat-no-dhcp-linux.nftables                | 40 +++++++++++
- .../nat-port-range-ipv6-linux.nftables        | 40 +++++++++++
- .../nat-port-range-linux.nftables             | 40 +++++++++++
- .../nat-tftp-linux.nftables                   | 40 +++++++++++
- .../route-default-linux.nftables              | 40 +++++++++++
- 12 files changed, 508 insertions(+)
-
-diff --git a/src/network/network_nftables.c b/src/network/network_nftables.c
-index cc184105c3..748edb0273 100644
--- a/src/network/network_nftables.c
-+++ b/src/network/network_nftables.c
-@@ -29,6 +29,7 @@
- 
- #include "internal.h"
- #include "virfirewalld.h"
-+#include "vircommand.h"
- #include "virerror.h"
- #include "virlog.h"
- #include "virhash.h"
-@@ -924,6 +925,67 @@ nftablesAddIPSpecificFirewallRules(virFirewall *fw,
- }
- 
- 
-+/**
-+ * nftablesAddUdpChecksumFixWithTC:
-+ *
-+ * Add a tc filter rule to @ifname (the bridge device of this network)
-+ * that will recompute the checksum of udp packets output from @iface with
-+ * destination port @port.
-+ *
-+ * Normally the checksum should be filled by some part of the basic
-+ * network stack, but there are cases (e.g. DHCP response packets sent
-+ * from virtualization host to a QEMU guest when the guest NIC uses
-+ * vhost-net packet processing) when the host (sender) thinks that
-+ * packet checksums will be computed elsewhere (and so leaves a
-+ * partially computed checksum in the packet header) while the guest
-+ * (receiver) thinks that the checksum has already been fully
-+ * computed; in the meantime none of the code in between has actually
-+ * finished computing the checksum.
-+ *
-+ * An example of this is DHCP response packets from host to guest. If
-+ * the checksum of each of these packets isn't properly computed, then
-+ * many guests (e.g. FreeBSD) will drop them with reason BAD CHECKSUM;
-+ * this tc filter rule will fix the ip and udp checksums, and the
-+ * FreeBSD dhcp client will happily accept the packet.
-+ *
-+ * (NB: if you're wondering how the tc qdisc and filter are removed
-+ * when the network is destroyed, the answer is that the kernel
-+ * automatically (and properly) removes them for us, so we don't need
-+ * to worry about keeping track/deleting as we do with nftables rules)
-+ */
-+static int
-+nftablesAddUdpChecksumFixWithTC(virFirewall *fw,
-+                                const char *iface,
-+                                int port)
-+{
-+    g_autofree char *portstr = g_strdup_printf("%d", port);
-+
-+    /* this will add the qdisc (that the filter below is attached to)
-+     * unless it already exists
-+     */
-+    if (virNetDevBandWidthAddTxFilterParentQdisc(iface, true) < 0)
-+        return -1;
-+
-+    /* add a filter to catch all udp packets with dst "port" and
-+     * recompute their checksum
-+     */
-+    virFirewallAddCmd(fw, VIR_FIREWALL_LAYER_TC,
-+                      "filter", "add", "dev", iface,
-+                      "prio", "2", "protocol", "ip", "parent", "1:",
-+                      "u32", "match", "ip", "dport", portstr, "ffff",
-+                      "action", "csum", "ip", "and", "udp",
-+                      NULL);
-+
-+    virFirewallAddRollbackCmd(fw, VIR_FIREWALL_LAYER_TC,
-+                              "filter", "del", "dev", iface,
-+                              "prio", "2", "protocol", "ip", "parent", "1:",
-+                              "u32", "match", "ip", "dport", portstr, "ffff",
-+                              "action", "csum", "ip", "and", "udp",
-+                              NULL);
-+    return 0;
-+}
-+
-+
- /* nftablesAddFirewallrules:
-  *
-  * @def - the network that needs an nftables firewall added
-@@ -944,6 +1006,12 @@ nftablesAddFirewallRules(virNetworkDef *def, virFirewall **fwRemoval)
- 
-     virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_AUTO_ROLLBACK);
- 
-+    /* add the tc filter rule needed to fixup the checksum of dhcp
-+     * response packets going from host to guest.
-+     */
-+    if (nftablesAddUdpChecksumFixWithTC(fw, def->bridge, 68) < 0)
-+        return -1;
-+
-     nftablesAddGeneralFirewallRules(fw, def);
- 
-     for (i = 0;
-diff --git a/tests/networkxml2firewalldata/forward-dev-linux.nftables b/tests/networkxml2firewalldata/forward-dev-linux.nftables
-index 8badb74beb..6772383b37 100644
--- a/tests/networkxml2firewalldata/forward-dev-linux.nftables
-+++ b/tests/networkxml2firewalldata/forward-dev-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/isolated-linux.nftables b/tests/networkxml2firewalldata/isolated-linux.nftables
-index d1b4dac178..546a18b75a 100644
--- a/tests/networkxml2firewalldata/isolated-linux.nftables
-+++ b/tests/networkxml2firewalldata/isolated-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-default-linux.nftables b/tests/networkxml2firewalldata/nat-default-linux.nftables
-index 28508292f9..08623c1381 100644
--- a/tests/networkxml2firewalldata/nat-default-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-default-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-ipv6-linux.nftables b/tests/networkxml2firewalldata/nat-ipv6-linux.nftables
-index d8a9ba706d..3fd6b94eef 100644
--- a/tests/networkxml2firewalldata/nat-ipv6-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-ipv6-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables b/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables
-index a7f09cda59..2811e098d1 100644
--- a/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-ipv6-masquerade-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-many-ips-linux.nftables b/tests/networkxml2firewalldata/nat-many-ips-linux.nftables
-index b826fe6134..5409d5b552 100644
--- a/tests/networkxml2firewalldata/nat-many-ips-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-many-ips-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables b/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables
-index d8a9ba706d..3fd6b94eef 100644
--- a/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-no-dhcp-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-port-range-ipv6-linux.nftables b/tests/networkxml2firewalldata/nat-port-range-ipv6-linux.nftables
-index ceaed6fa40..d74417cdb3 100644
--- a/tests/networkxml2firewalldata/nat-port-range-ipv6-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-port-range-ipv6-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-port-range-linux.nftables b/tests/networkxml2firewalldata/nat-port-range-linux.nftables
-index 1dc37a26ec..b55bb287a9 100644
--- a/tests/networkxml2firewalldata/nat-port-range-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-port-range-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/nat-tftp-linux.nftables b/tests/networkxml2firewalldata/nat-tftp-linux.nftables
-index 28508292f9..08623c1381 100644
--- a/tests/networkxml2firewalldata/nat-tftp-linux.nftables
-+++ b/tests/networkxml2firewalldata/nat-tftp-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-diff --git a/tests/networkxml2firewalldata/route-default-linux.nftables b/tests/networkxml2firewalldata/route-default-linux.nftables
-index 282c9542a5..76d6902517 100644
--- a/tests/networkxml2firewalldata/route-default-linux.nftables
-+++ b/tests/networkxml2firewalldata/route-default-linux.nftables
-@@ -1,3 +1,43 @@
-+tc \
-+qdisc \
-+show \
-+dev \
-+virbr0 \
-+handle \
-+1:
-+tc \
-+qdisc \
-+add \
-+dev \
-+virbr0 \
-+root \
-+handle \
-+1: \
-+htb \
-+default \
-+2
-+tc \
-+filter \
-+add \
-+dev \
-+virbr0 \
-+prio \
-+2 \
-+protocol \
-+ip \
-+parent \
-+1: \
-+u32 \
-+match \
-+ip \
-+dport \
-+68 \
-+ffff \
-+action \
-+csum \
-+ip \
-+and \
-+udp
- nft \
- -ae insert \
- rule \
-- 
-2.47.1
-
@@ -1,51 +0,0 @@
-From 114c0ec656e879ab4d67919914bb24cf5993106d Mon Sep 17 00:00:00 2001
-Message-ID: <114c0ec656e879ab4d67919914bb24cf5993106d.1734201785.git.crobinso@redhat.com>
-From: Laine Stump <laine@redhat.com>
-Date: Mon, 2 Sep 2024 16:13:08 -0400
-Subject: [PATCH] network: permit <forward mode='open'/> when a network has no
- IP address
-Content-type: text/plain
-
-The whole point of <forward mode='open'/> is to supress libvirt from
-adding any firewall rules for a network, and someone might want to
-create a network with no IP address (i.e. they don't want the guests
-to have connectivity to the host via this interface) and no firewall
-rules (they don't want any, or they want to add their own). So there's
-no reason to fail when a network has <forward mode='open'/> and also
-has no IP address.
-
-Kind-of-Resolves: https://gitlab.com/libvirt/libvirt/-/issues/588
-Signed-off-by: Laine Stump <laine@redhat.com>
-Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
-Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
- src/conf/network_conf.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
-index 5cf419acf1..320e1b089a 100644
--- a/src/conf/network_conf.c
-+++ b/src/conf/network_conf.c
-@@ -1789,7 +1789,6 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt,
- 
-     case VIR_NETWORK_FORWARD_ROUTE:
-     case VIR_NETWORK_FORWARD_NAT:
-    case VIR_NETWORK_FORWARD_OPEN:
-         /* It's pointless to specify L3 forwarding without specifying
-          * the network we're on.
-          */
-@@ -1806,8 +1805,10 @@ virNetworkDefParseXML(xmlXPathContextPtr ctxt,
-                            def->name);
-             return NULL;
-         }
-+        break;
- 
-        if (def->forward.type == VIR_NETWORK_FORWARD_OPEN && def->forward.nifs) {
-+    case VIR_NETWORK_FORWARD_OPEN:
-+        if (def->forward.nifs) {
-             /* an open network by definition can't place any restrictions
-              * on what traffic is allowed or where it goes, so specifying
-              * a forwarding device is nonsensical.
-- 
-2.47.1
-
@@ -1,64 +0,0 @@
-From d51179fa82448f4720f1645f0b7100df80508cc4 Mon Sep 17 00:00:00 2001
-From: Pavel Hrdina <phrdina@redhat.com>
-Date: Thu, 9 Jan 2025 16:23:44 +0100
-Subject: [PATCH] qemu: snapshot: delete disk image only if parent snapshot is
- external
-Content-type: text/plain
-
-When we are deleting external snapshot that is not active we only need
-to delete overlay disk image of the parent snapshot. This works
-correctly even if parent snapshot is external and active as it will have
-another overlay created when user reverted to that snapshot.
-
-In case the parent snapshot is internal there are no overlay disk images
-created as everything is stored internally within the disk image. In
-this case we would delete the actual disk image storing internal
-snapshots and most likely the original disk image as well resulting in
-data loss once the VM is shutoff.
-
-Fixes: https://gitlab.com/libvirt/libvirt/-/issues/734
-Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
-Reviewed-by: Peter Krempa <pkrempa@redhat.com>
---
- src/qemu/qemu_snapshot.c | 14 ++++++++------
- 1 file changed, 8 insertions(+), 6 deletions(-)
-
-diff --git a/src/qemu/qemu_snapshot.c b/src/qemu/qemu_snapshot.c
-index 18b2e478f6..80cd54bf33 100644
--- a/src/qemu/qemu_snapshot.c
-+++ b/src/qemu/qemu_snapshot.c
-@@ -3144,6 +3144,8 @@ qemuSnapshotDeleteExternalPrepareData(virDomainObj *vm,
-             return -1;
-         }
- 
-+        data->parentSnap = qemuSnapshotFindParentSnapForDisk(snap, data->snapDisk);
-+
-         if (data->merge) {
-             virStorageSource *snapDiskSrc = NULL;
- 
-@@ -3185,8 +3187,6 @@ qemuSnapshotDeleteExternalPrepareData(virDomainObj *vm,
-                 qemuSnapshotGetDisksWithBackingStore(vm, snap, data);
-             }
- 
-            data->parentSnap = qemuSnapshotFindParentSnapForDisk(snap, data->snapDisk);
-
-             if (data->parentSnap && !virDomainSnapshotIsExternal(data->parentSnap)) {
-                 virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
-                                _("deleting external snapshot that has internal snapshot as parent not supported"));
-@@ -3642,10 +3642,12 @@ qemuSnapshotDiscardExternal(virDomainObj *vm,
-             if (!data->job)
-                 goto error;
-         } else {
-            if (virStorageSourceInit(data->parentDomDisk->src) < 0 ||
-                virStorageSourceUnlink(data->parentDomDisk->src) < 0) {
-                VIR_WARN("Failed to remove snapshot image '%s'",
-                         data->snapDisk->name);
-+            if (data->parentSnap && virDomainSnapshotIsExternal(data->parentSnap)) {
-+                if (virStorageSourceInit(data->parentDomDisk->src) < 0 ||
-+                    virStorageSourceUnlink(data->parentDomDisk->src) < 0) {
-+                    VIR_WARN("Failed to remove snapshot image '%s'",
-+                             data->snapDisk->name);
-+                }
-             }
-         }
-     }
@@ -0,0 +1,21 @@
+# Makefile for source rpm: libvirt
+# $Id$
+NAME := libvirt
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attempt a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)
@@ -0,0 +1 @@
+F-11
@@ -0,0 +1,27 @@
+From 934b71abf1b908f720811a44ad5411cfc1a4ca37 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Thu, 28 May 2009 13:15:57 +0000
+Subject: [PATCH 1/1] Avoid broken networking with new QEMU/KVM >= 86
+
+---
+ src/qemu_conf.c |    4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index 93dc0b7..a04d216 100644
+--- a/src/qemu_conf.c
+++ b/src/qemu_conf.c
+@@ -658,8 +658,8 @@ qemudNetworkIfaceConnect(virConnectPtr conn,
+     }
+ 
+     snprintf(tapfdstr, sizeof(tapfdstr),
+-             "tap,fd=%d,script=,vlan=%d,ifname=%s",
+-             tapfd, vlan, net->ifname);
+             "tap,fd=%d,vlan=%d",
+             tapfd, vlan);
+ 
+     if (!(retval = strdup(tapfdstr)))
+         goto no_memory;
+-- 
+1.6.0.6
+
@@ -0,0 +1,48 @@
+From 4db7474b0c1907e877d7206edeb4d73962971096 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Tue, 12 May 2009 15:31:22 +0000
+Subject: [PATCH 1/1] * src/network_driver.c: enable bridges which are not up
+   without an IP address, patch by Ludwig Nussel
+ Daniel
+
+---
+ src/network_driver.c |    9 +++------
+ 1 files changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/src/network_driver.c b/src/network_driver.c
+index a17a769..a163b15 100644
+--- a/src/network_driver.c
+++ b/src/network_driver.c
+@@ -836,8 +836,7 @@ static int networkStartNetworkDaemon(virConnectPtr conn,
+         goto err_delbr;
+     }
+ 
+-    if (network->def->ipAddress &&
+-        (err = brSetInterfaceUp(driver->brctl, network->def->bridge, 1))) {
+    if ((err = brSetInterfaceUp(driver->brctl, network->def->bridge, 1))) {
+         virReportSystemError(conn, err,
+                              _("failed to bring the bridge '%s' up"),
+                              network->def->bridge);
+@@ -878,8 +877,7 @@ static int networkStartNetworkDaemon(virConnectPtr conn,
+     networkRemoveIptablesRules(driver, network);
+ 
+  err_delbr1:
+-    if (network->def->ipAddress &&
+-        (err = brSetInterfaceUp(driver->brctl, network->def->bridge, 0))) {
+    if ((err = brSetInterfaceUp(driver->brctl, network->def->bridge, 0))) {
+         char ebuf[1024];
+         networkLog(NETWORK_WARN, _("Failed to bring down bridge '%s' : %s\n"),
+                  network->def->bridge, virStrerror(err, ebuf, sizeof ebuf));
+@@ -920,8 +918,7 @@ static int networkShutdownNetworkDaemon(virConnectPtr conn,
+     networkRemoveIptablesRules(driver, network);
+ 
+     char ebuf[1024];
+-    if (network->def->ipAddress &&
+-        (err = brSetInterfaceUp(driver->brctl, network->def->bridge, 0))) {
+    if ((err = brSetInterfaceUp(driver->brctl, network->def->bridge, 0))) {
+         networkLog(NETWORK_WARN, _("Failed to bring down bridge '%s' : %s\n"),
+                  network->def->bridge, virStrerror(err, ebuf, sizeof ebuf));
+     }
+-- 
+1.6.0.6
+
@@ -0,0 +1,204 @@
+From fbd16cecc72494e8a9450f38197221f2f50c9d0e Mon Sep 17 00:00:00 2001
+From: =?utf-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Thu, 16 Apr 2009 15:56:27 +0000
+Subject: [PATCH 1/1] Don't log monitor output to domain log file.
+
+It's logged via the logging system already. Prefix monitor debug output with vm
+name.
+---
+ src/qemu_driver.c |   60 +++++++++++++++++++++-------------------------------
+ 1 files changed, 24 insertions(+), 36 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 79ee072..f5b5fa5 100644
+--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
+@@ -1710,27 +1710,11 @@ qemudMonitorCommandExtra(const virDomainObjPtr vm,
+             goto error;
+         }
+     }
+-
+-    /* Log, but ignore failures to write logfile for VM */
+-    if (safewrite(vm->logfile, buf, strlen(buf)) < 0) {
+-        char ebuf[1024];
+-        VIR_WARN(_("Unable to log VM console data: %s\n"),
+-                 virStrerror(errno, ebuf, sizeof ebuf));
+-    }
+-
+     *reply = buf;
+     return 0;
+ 
+  error:
+-    if (buf) {
+-        /* Log, but ignore failures to write logfile for VM */
+-        if (safewrite(vm->logfile, buf, strlen(buf)) < 0) {
+-            char ebuf[1024];
+-            VIR_WARN(_("Unable to log VM console data: %s\n"),
+-                     virStrerror(errno, ebuf, sizeof ebuf));
+-        }
+-        VIR_FREE(buf);
+-    }
+    VIR_FREE(buf);
+     return -1;
+ }
+ 
+@@ -2463,7 +2447,7 @@ static int qemudDomainGetMemoryBalloon(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
+-    DEBUG ("balloon reply: '%s'", reply);
+    DEBUG ("%s: balloon reply: '%s'", vm->def->name, reply);
+     if ((offset = strstr(reply, BALLOON_PREFIX)) != NULL) {
+         unsigned int memMB;
+         char *end;
+@@ -2517,7 +2501,7 @@ static int qemudDomainSetMemoryBalloon(virConnectPtr conn,
+ 
+     /* If the command failed qemu prints: 'unknown command'
+      * No message is printed on success it seems */
+-    DEBUG ("balloon reply: %s", reply);
+    DEBUG ("%s: balloon reply: %s",vm->def->name,  reply);
+     if (strstr(reply, "\nunknown command:")) {
+         /* Don't set error - it is expected memory balloon fails on many qemu */
+         ret = 0;
+@@ -2812,7 +2796,7 @@ static int qemudDomainSave(virDomainPtr dom,
+         goto cleanup;
+     }
+ 
+-    DEBUG ("migrate reply: %s", info);
+    DEBUG ("%s: migrate reply: %s", vm->def->name, info);
+ 
+     /* If the command isn't supported then qemu prints:
+      * unknown command: migrate" */
+@@ -3658,7 +3642,7 @@ static int qemudDomainChangeEjectableMedia(virConnectPtr conn,
+     /* If the command failed qemu prints:
+      * device not found, device is locked ...
+      * No message is printed on success it seems */
+-    DEBUG ("ejectable media change reply: %s", reply);
+    DEBUG ("%s: ejectable media change reply: %s", vm->def->name, reply);
+     if (strstr(reply, "\ndevice ")) {
+         qemudReportError (conn, dom, NULL, VIR_ERR_OPERATION_FAILED,
+                           _("changing cdrom media failed: %s"), reply);
+@@ -3719,7 +3703,7 @@ static int qemudDomainAttachPciDiskDevice(virConnectPtr conn,
+         return -1;
+     }
+ 
+-    DEBUG ("pci_add reply: %s", reply);
+    DEBUG ("%s: pci_add reply: %s", vm->def->name, reply);
+     /* If the command succeeds qemu prints:
+      * OK bus 0... */
+ #define PCI_ATTACH_OK_MSG "OK bus 0, slot "
+@@ -3787,7 +3771,7 @@ static int qemudDomainAttachUsbMassstorageDevice(virConnectPtr conn,
+         return -1;
+     }
+ 
+-    DEBUG ("attach_usb reply: %s", reply);
+    DEBUG ("%s: attach_usb reply: %s",vm->def->name,  reply);
+     /* If the command failed qemu prints:
+      * Could not add ... */
+     if (strstr(reply, "Could not add ")) {
+@@ -3841,7 +3825,7 @@ static int qemudDomainAttachHostDevice(virConnectPtr conn,
+         return -1;
+     }
+ 
+-    DEBUG ("attach_usb reply: %s", reply);
+    DEBUG ("%s: attach_usb reply: %s", vm->def->name, reply);
+     /* If the command failed qemu prints:
+      * Could not add ... */
+     if (strstr(reply, "Could not add ")) {
+@@ -3980,7 +3964,7 @@ static int qemudDomainDetachPciDiskDevice(virConnectPtr conn,
+         goto cleanup;
+     }
+ 
+-    DEBUG ("pci_del reply: %s", reply);
+    DEBUG ("%s: pci_del reply: %s",vm->def->name,  reply);
+     /* If the command fails due to a wrong slot qemu prints: invalid slot,
+      * nothing is printed on success */
+     if (strstr(reply, "invalid slot")) {
+@@ -4210,7 +4194,7 @@ qemudDomainBlockStats (virDomainPtr dom,
+                           "%s", _("'info blockstats' command failed"));
+         goto cleanup;
+     }
+-    DEBUG ("info blockstats reply: %s", info);
+    DEBUG ("%s: info blockstats reply: %s", vm->def->name, info);
+ 
+     /* If the command isn't supported then qemu prints the supported
+      * info commands, so the output starts "info ".  Since this is
+@@ -4251,21 +4235,25 @@ qemudDomainBlockStats (virDomainPtr dom,
+                 if (STRPREFIX (p, "rd_bytes=")) {
+                     p += 9;
+                     if (virStrToLong_ll (p, &dummy, 10, &stats->rd_bytes) == -1)
+-                        DEBUG ("error reading rd_bytes: %s", p);
+                        DEBUG ("%s: error reading rd_bytes: %s",
+                               vm->def->name, p);
+                 } else if (STRPREFIX (p, "wr_bytes=")) {
+                     p += 9;
+                     if (virStrToLong_ll (p, &dummy, 10, &stats->wr_bytes) == -1)
+-                        DEBUG ("error reading wr_bytes: %s", p);
+                        DEBUG ("%s: error reading wr_bytes: %s",
+                               vm->def->name, p);
+                 } else if (STRPREFIX (p, "rd_operations=")) {
+                     p += 14;
+                     if (virStrToLong_ll (p, &dummy, 10, &stats->rd_req) == -1)
+-                        DEBUG ("error reading rd_req: %s", p);
+                        DEBUG ("%s: error reading rd_req: %s",
+                               vm->def->name, p);
+                 } else if (STRPREFIX (p, "wr_operations=")) {
+                     p += 14;
+                     if (virStrToLong_ll (p, &dummy, 10, &stats->wr_req) == -1)
+-                        DEBUG ("error reading wr_req: %s", p);
+                        DEBUG ("%s: error reading wr_req: %s",
+                               vm->def->name, p);
+                 } else
+-                    DEBUG ("unknown block stat near %s", p);
+                    DEBUG ("%s: unknown block stat near %s", vm->def->name, p);
+ 
+                 /* Skip to next label. */
+                 p = strchr (p, ' ');
+@@ -4477,7 +4465,7 @@ qemudDomainMemoryPeek (virDomainPtr dom,
+         goto cleanup;
+     }
+ 
+-    DEBUG ("memsave reply: %s", info);
+    DEBUG ("%s: memsave reply: %s", vm->def->name, info);
+ 
+     /* Read the memory file into buffer. */
+     if (saferead (fd, buffer, size) == (ssize_t) -1) {
+@@ -4794,7 +4782,7 @@ qemudDomainMigratePerform (virDomainPtr dom,
+                              "%s", _("off-line migration specified, but suspend operation failed"));
+             goto cleanup;
+         }
+-        DEBUG ("stop reply: %s", info);
+        DEBUG ("%s: stop reply: %s", vm->def->name, info);
+         VIR_FREE(info);
+         paused = 1;
+ 
+@@ -4811,7 +4799,7 @@ qemudDomainMigratePerform (virDomainPtr dom,
+         snprintf (cmd, sizeof cmd, "migrate_set_speed %lum", resource);
+         qemudMonitorCommand (vm, cmd, &info);
+ 
+-        DEBUG ("migrate_set_speed reply: %s", info);
+        DEBUG ("%s: migrate_set_speed reply: %s", vm->def->name, info);
+         VIR_FREE (info);
+     }
+ 
+@@ -4830,7 +4818,7 @@ qemudDomainMigratePerform (virDomainPtr dom,
+         goto cleanup;
+     }
+ 
+-    DEBUG ("migrate reply: %s", info);
+    DEBUG ("%s: migrate reply: %s", vm->def->name, info);
+ 
+     /* Now check for "fail" in the output string */
+     if (strstr(info, "fail") != NULL) {
+@@ -4869,7 +4857,7 @@ cleanup:
+                       vm->def->name);
+         }
+         else {
+-            DEBUG ("cont reply: %s", info);
+            DEBUG ("%s: cont reply: %s", vm->def->name, info);
+             VIR_FREE(info);
+         }
+ 
+-- 
+1.6.0.6
+
@@ -0,0 +1,45 @@
+From: "Daniel P. Berrange" <berrange@redhat.com>
+To: libvir-list@redhat.com
+Date: Thu, 30 Apr 2009 15:09:05 +0100
+Subject: [libvirt] PATCH: Enable migration with QEMU >= 0.10.0
+
+The KVM migration code was added to QEMU for the 0.10.0 release, so we 
+should enable this in libvirt now.
+
+Daniel
+
+diff -r be7993675e07 src/qemu_conf.c
+--- a/src/qemu_conf.c	Thu Apr 30 14:49:27 2009 +0100
+++ b/src/qemu_conf.c	Thu Apr 30 15:08:45 2009 +0100
+@@ -472,16 +472,13 @@ int qemudExtractVersionInfo(const char *
+ 
+     /*
+      * Handling of -incoming arg with varying features
+-     *  -incoming tcp    (kvm >= 79)
+-     *  -incoming exec   (kvm >= 80)
+     *  -incoming tcp    (kvm >= 79, qemu >= 0.10.0)
+     *  -incoming exec   (kvm >= 80, qemu >= 0.10.0)
+      *  -incoming stdio  (all earlier kvm)
+      *
+      * NB, there was a pre-kvm-79 'tcp' support, but it
+      * was broken, because it blocked the monitor console
+      * while waiting for data, so pretend it doesn't exist
+-     *
+-     * XXX when next QEMU release after 0.9.1 arrives,
+-     * we'll need to add MIGRATE_QEMU_TCP/EXEC here too
+      */
+     if (kvm_version >= 79) {
+         flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_TCP;
+@@ -489,6 +486,9 @@ int qemudExtractVersionInfo(const char *
+             flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_EXEC;
+     } else if (kvm_version > 0) {
+         flags |= QEMUD_CMD_FLAG_MIGRATE_KVM_STDIO;
+    } else if (version >= 10000) {
+        flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_TCP;
+        flags |= QEMUD_CMD_FLAG_MIGRATE_QEMU_EXEC;
+     }
+ 
+     if (retversion)
+
+
+-- 
@@ -0,0 +1,144 @@
+From e7be6cc841a5652b73ddd2ccd3769c7f8bbad13d Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Tue, 12 May 2009 16:41:49 +0000
+Subject: [PATCH 1/2] Fix interrupting of main event thread & protect against accidental uniniitalized variables
+
+---
+ qemud/event.c |   42 +++++++++++++++++++++++++++++++++++-------
+ 1 files changed, 35 insertions(+), 7 deletions(-)
+
+diff --git a/qemud/event.c b/qemud/event.c
+index 65f548e..754f2b1 100644
+--- a/qemud/event.c
+++ b/qemud/event.c
+@@ -84,10 +84,10 @@ struct virEventLoop {
+ static struct virEventLoop eventLoop;
+ 
+ /* Unique ID for the next FD watch to be registered */
+-static int nextWatch = 0;
+static int nextWatch = 1;
+ 
+ /* Unique ID for the next timer to be registered */
+-static int nextTimer = 0;
+static int nextTimer = 1;
+ 
+ static void virEventLock(void)
+ {
+@@ -143,15 +143,22 @@ int virEventAddHandleImpl(int fd, int events,
+ 
+ void virEventUpdateHandleImpl(int watch, int events) {
+     int i;
+    EVENT_DEBUG("Update handle w=%d e=%d", watch, events);
+
+    if (watch <= 0) {
+        VIR_WARN("Ignoring invalid update watch %d", watch);
+        return;
+    }
+
+     virEventLock();
+     for (i = 0 ; i < eventLoop.handlesCount ; i++) {
+         if (eventLoop.handles[i].watch == watch) {
+             eventLoop.handles[i].events =
+                     virEventHandleTypeToPollEvent(events);
+            virEventInterruptLocked();
+             break;
+         }
+     }
+-    virEventInterruptLocked();
+     virEventUnlock();
+ }
+ 
+@@ -164,6 +171,12 @@ void virEventUpdateHandleImpl(int watch, int events) {
+ int virEventRemoveHandleImpl(int watch) {
+     int i;
+     EVENT_DEBUG("Remove handle %d", watch);
+
+    if (watch <= 0) {
+        VIR_WARN("Ignoring invalid remove watch %d", watch);
+        return -1;
+    }
+
+     virEventLock();
+     for (i = 0 ; i < eventLoop.handlesCount ; i++) {
+         if (eventLoop.handles[i].deleted)
+@@ -172,11 +185,11 @@ int virEventRemoveHandleImpl(int watch) {
+         if (eventLoop.handles[i].watch == watch) {
+             EVENT_DEBUG("mark delete %d %d", i, eventLoop.handles[i].fd);
+             eventLoop.handles[i].deleted = 1;
+            virEventInterruptLocked();
+             virEventUnlock();
+             return 0;
+         }
+     }
+-    virEventInterruptLocked();
+     virEventUnlock();
+     return -1;
+ }
+@@ -232,6 +245,12 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
+     struct timeval tv;
+     int i;
+     EVENT_DEBUG("Updating timer %d timeout with %d ms freq", timer, frequency);
+
+    if (timer <= 0) {
+        VIR_WARN("Ignoring invalid update timer %d", timer);
+        return;
+    }
+
+     if (gettimeofday(&tv, NULL) < 0) {
+         return;
+     }
+@@ -244,10 +263,10 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
+                 frequency >= 0 ? frequency +
+                 (((unsigned long long)tv.tv_sec)*1000) +
+                 (((unsigned long long)tv.tv_usec)/1000) : 0;
+            virEventInterruptLocked();
+             break;
+         }
+     }
+-    virEventInterruptLocked();
+     virEventUnlock();
+ }
+ 
+@@ -260,6 +279,12 @@ void virEventUpdateTimeoutImpl(int timer, int frequency) {
+ int virEventRemoveTimeoutImpl(int timer) {
+     int i;
+     EVENT_DEBUG("Remove timer %d", timer);
+
+    if (timer <= 0) {
+        VIR_WARN("Ignoring invalid remove timer %d", timer);
+        return -1;
+    }
+
+     virEventLock();
+     for (i = 0 ; i < eventLoop.timeoutsCount ; i++) {
+         if (eventLoop.timeouts[i].deleted)
+@@ -267,11 +292,11 @@ int virEventRemoveTimeoutImpl(int timer) {
+ 
+         if (eventLoop.timeouts[i].timer == timer) {
+             eventLoop.timeouts[i].deleted = 1;
+            virEventInterruptLocked();
+             virEventUnlock();
+             return 0;
+         }
+     }
+-    virEventInterruptLocked();
+     virEventUnlock();
+     return -1;
+ }
+@@ -617,9 +642,12 @@ static int virEventInterruptLocked(void)
+     char c = '\0';
+ 
+     if (!eventLoop.running ||
+-        pthread_self() == eventLoop.leader)
+        pthread_self() == eventLoop.leader) {
+        VIR_DEBUG("Skip interrupt, %d %d", eventLoop.running, (int)eventLoop.leader);
+         return 0;
+    }
+ 
+    VIR_DEBUG0("Interrupting");
+     if (safewrite(eventLoop.wakeupfd[1], &c, sizeof(c)) != sizeof(c))
+         return -1;
+     return 0;
+-- 
+1.6.0.6
+
@@ -0,0 +1,197 @@
+From 6483ee77ed12f037d68a6adc690624fa1b508dc0 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Tue, 12 May 2009 16:43:04 +0000
+Subject: [PATCH 2/2] Fix watch/timer event deletion
+
+---
+ qemud/event.c |  112 ++++++++++++++++++++++++++-------------------------------
+ 1 files changed, 51 insertions(+), 61 deletions(-)
+
+diff --git a/qemud/event.c b/qemud/event.c
+index 754f2b1..a57d967 100644
+--- a/qemud/event.c
+++ b/qemud/event.c
+@@ -313,7 +313,7 @@ static int virEventCalculateTimeout(int *timeout) {
+     EVENT_DEBUG("Calculate expiry of %d timers", eventLoop.timeoutsCount);
+     /* Figure out if we need a timeout */
+     for (i = 0 ; i < eventLoop.timeoutsCount ; i++) {
+-        if (eventLoop.timeouts[i].deleted || eventLoop.timeouts[i].frequency < 0)
+        if (eventLoop.timeouts[i].frequency < 0)
+             continue;
+ 
+         EVENT_DEBUG("Got a timeout scheduled for %llu", eventLoop.timeouts[i].expiresAt);
+@@ -350,32 +350,26 @@ static int virEventCalculateTimeout(int *timeout) {
+  * file handles. The caller must free the returned data struct
+  * returns: the pollfd array, or NULL on error
+  */
+-static int virEventMakePollFDs(struct pollfd **retfds) {
+static struct pollfd *virEventMakePollFDs(void) {
+     struct pollfd *fds;
+-    int i, nfds = 0;
+    int i;
+ 
+-    for (i = 0 ; i < eventLoop.handlesCount ; i++) {
+-        if (eventLoop.handles[i].deleted)
+-            continue;
+-        nfds++;
+-    }
+-    *retfds = NULL;
+     /* Setup the poll file handle data structs */
+-    if (VIR_ALLOC_N(fds, nfds) < 0)
+-        return -1;
+    if (VIR_ALLOC_N(fds, eventLoop.handlesCount) < 0)
+        return NULL;
+ 
+-    for (i = 0, nfds = 0 ; i < eventLoop.handlesCount ; i++) {
+-        if (eventLoop.handles[i].deleted)
+-            continue;
+-        fds[nfds].fd = eventLoop.handles[i].fd;
+-        fds[nfds].events = eventLoop.handles[i].events;
+-        fds[nfds].revents = 0;
+    for (i = 0 ; i < eventLoop.handlesCount ; i++) {
+        EVENT_DEBUG("Prepare n=%d w=%d, f=%d e=%d", i,
+                    eventLoop.handles[i].watch,
+                    eventLoop.handles[i].fd,
+                    eventLoop.handles[i].events);
+        fds[i].fd = eventLoop.handles[i].fd;
+        fds[i].events = eventLoop.handles[i].events;
+        fds[i].revents = 0;
+         //EVENT_DEBUG("Wait for %d %d", eventLoop.handles[i].fd, eventLoop.handles[i].events);
+-        nfds++;
+     }
+ 
+-    *retfds = fds;
+-    return nfds;
+    return fds;
+ }
+ 
+ 
+@@ -435,26 +429,30 @@ static int virEventDispatchTimeouts(void) {
+  * Returns 0 upon success, -1 if an error occurred
+  */
+ static int virEventDispatchHandles(int nfds, struct pollfd *fds) {
+-    int i, n;
+    int i;
+ 
+-    for (i = 0, n = 0 ; i < eventLoop.handlesCount && n < nfds ; i++) {
+    /* NB, use nfds not eventLoop.handlesCount, because new
+     * fds might be added on end of list, and they're not
+     * in the fds array we've got */
+    for (i = 0 ; i < nfds ; i++) {
+         if (eventLoop.handles[i].deleted) {
+-            EVENT_DEBUG("Skip deleted %d", eventLoop.handles[i].fd);
+            EVENT_DEBUG("Skip deleted n=%d w=%d f=%d", i,
+                        eventLoop.handles[i].watch, eventLoop.handles[i].fd);
+             continue;
+         }
+ 
+-        if (fds[n].revents) {
+        if (fds[i].revents) {
+             virEventHandleCallback cb = eventLoop.handles[i].cb;
+             void *opaque = eventLoop.handles[i].opaque;
+-            int hEvents = virPollEventToEventHandleType(fds[n].revents);
+-            EVENT_DEBUG("Dispatch %d %d %p", fds[n].fd,
+-                        fds[n].revents, eventLoop.handles[i].opaque);
+            int hEvents = virPollEventToEventHandleType(fds[i].revents);
+            EVENT_DEBUG("Dispatch n=%d f=%d w=%d e=%d %p", i,
+                        fds[i].fd, eventLoop.handles[i].watch,
+                        fds[i].revents, eventLoop.handles[i].opaque);
+             virEventUnlock();
+             (cb)(eventLoop.handles[i].watch,
+-                 fds[n].fd, hEvents, opaque);
+                 fds[i].fd, hEvents, opaque);
+             virEventLock();
+         }
+-        n++;
+     }
+ 
+     return 0;
+@@ -545,22 +543,21 @@ static int virEventCleanupHandles(void) {
+  * at least one file handle has an event, or a timer expires
+  */
+ int virEventRunOnce(void) {
+-    struct pollfd *fds;
+    struct pollfd *fds = NULL;
+     int ret, timeout, nfds;
+ 
+     virEventLock();
+     eventLoop.running = 1;
+     eventLoop.leader = pthread_self();
+-    if ((nfds = virEventMakePollFDs(&fds)) < 0) {
+-        virEventUnlock();
+-        return -1;
+-    }
+ 
+-    if (virEventCalculateTimeout(&timeout) < 0) {
+-        VIR_FREE(fds);
+-        virEventUnlock();
+-        return -1;
+-    }
+    if (virEventCleanupTimeouts() < 0 ||
+        virEventCleanupHandles() < 0)
+        goto error;
+
+    if (!(fds = virEventMakePollFDs()) ||
+        virEventCalculateTimeout(&timeout) < 0)
+        goto error;
+    nfds = eventLoop.handlesCount;
+ 
+     virEventUnlock();
+ 
+@@ -572,38 +569,31 @@ int virEventRunOnce(void) {
+         if (errno == EINTR) {
+             goto retry;
+         }
+-        VIR_FREE(fds);
+-        return -1;
+        goto error_unlocked;
+     }
+ 
+     virEventLock();
+-    if (virEventDispatchTimeouts() < 0) {
+-        VIR_FREE(fds);
+-        virEventUnlock();
+-        return -1;
+-    }
+    if (virEventDispatchTimeouts() < 0)
+        goto error;
+ 
+     if (ret > 0 &&
+-        virEventDispatchHandles(nfds, fds) < 0) {
+-        VIR_FREE(fds);
+-        virEventUnlock();
+-        return -1;
+-    }
+-    VIR_FREE(fds);
+-
+-    if (virEventCleanupTimeouts() < 0) {
+-        virEventUnlock();
+-        return -1;
+-    }
+        virEventDispatchHandles(nfds, fds) < 0)
+        goto error;
+ 
+-    if (virEventCleanupHandles() < 0) {
+-        virEventUnlock();
+-        return -1;
+-    }
+    if (virEventCleanupTimeouts() < 0 ||
+        virEventCleanupHandles() < 0)
+        goto error;
+ 
+     eventLoop.running = 0;
+     virEventUnlock();
+    VIR_FREE(fds);
+     return 0;
+
+error:
+    virEventUnlock();
+error_unlocked:
+    VIR_FREE(fds);
+    return -1;
+ }
+ 
+ static void virEventHandleWakeup(int watch ATTRIBUTE_UNUSED,
+-- 
+1.6.0.6
+
@@ -0,0 +1,13 @@
+diff -rup libvirt-0.6.2/src/security_selinux.c new/src/security_selinux.c
+--- libvirt-0.6.2/src/security_selinux.c	2009-05-10 22:04:25.000000000 -0400
+++ new/src/security_selinux.c	2009-05-10 22:06:09.000000000 -0400
+@@ -338,6 +338,9 @@ SELinuxSetSecurityImageLabel(virConnectP
+ {
+     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
+ 
+    if (!disk->src)
+        return 0;
+
+     if (disk->shared) {
+         return SELinuxSetFilecon(conn, disk->src, default_image_context);
+     } else if (disk->readonly) {
@@ -0,0 +1,82 @@
+From 2b3fcdc378e7bec5c1a78b81632756e92930fd24 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Mon, 11 May 2009 15:14:24 +0000
+Subject: [PATCH 1/1] Fix QEMU ARGV detection with kvm >= 85
+
+---
+ src/qemu_conf.c   |   18 ++++++++++++++----
+ src/qemu_driver.c |   12 ++----------
+ 2 files changed, 16 insertions(+), 14 deletions(-)
+
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index 9cb71eb..a57d3ab 100644
+--- a/src/qemu_conf.c
+++ b/src/qemu_conf.c
+@@ -431,18 +431,28 @@ int qemudExtractVersionInfo(const char *qemu,
+         return -1;
+ 
+     char *help = NULL;
+-    enum { MAX_HELP_OUTPUT_SIZE = 8192 };
+    enum { MAX_HELP_OUTPUT_SIZE = 1024*64 };
+     int len = virFileReadLimFD(newstdout, MAX_HELP_OUTPUT_SIZE, &help);
+-    if (len < 0)
+    if (len < 0) {
+        virReportSystemError(NULL, errno, "%s",
+                             _("Unable to read QEMU help output"));
+         goto cleanup2;
+    }
+ 
+     if (sscanf(help, "QEMU PC emulator version %u.%u.%u (kvm-%u)",
+                &major, &minor, &micro, &kvm_version) != 4)
+         kvm_version = 0;
+ 
+-    if (!kvm_version && sscanf(help, "QEMU PC emulator version %u.%u.%u",
+-               &major, &minor, &micro) != 3)
+    if (!kvm_version &&
+        sscanf(help, "QEMU PC emulator version %u.%u.%u",
+               &major, &minor, &micro) != 3) {
+        char *eol = strchr(help, '\n');
+        if (eol) *eol = '\0';
+        qemudReportError(NULL, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+                         _("cannot parse QEMU version number in '%s'"),
+                         help);
+         goto cleanup2;
+    }
+ 
+     version = (major * 1000 * 1000) + (minor * 1000) + micro;
+ 
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 30642d5..bd60b29 100644
+--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
+@@ -1391,12 +1391,8 @@ static int qemudStartVMDaemon(virConnectPtr conn,
+ 
+     if (qemudExtractVersionInfo(emulator,
+                                 NULL,
+-                                &qemuCmdFlags) < 0) {
+-        qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+-                         _("Cannot determine QEMU argv syntax %s"),
+-                         emulator);
+                                &qemuCmdFlags) < 0)
+         goto cleanup;
+-    }
+ 
+     if (qemuPrepareHostDevices(conn, vm->def) < 0)
+         goto cleanup;
+@@ -3715,12 +3711,8 @@ static int qemudDomainChangeEjectableMedia(virConnectPtr conn,
+ 
+     if (qemudExtractVersionInfo(vm->def->emulator,
+                                 NULL,
+-                                &qemuCmdFlags) < 0) {
+-        qemudReportError(conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
+-                         _("Cannot determine QEMU argv syntax %s"),
+-                         vm->def->emulator);
+                                &qemuCmdFlags) < 0)
+         return -1;
+-    }
+ 
+     if (qemuCmdFlags & QEMUD_CMD_FLAG_DRIVE) {
+         if (!(devname = qemudDiskDeviceName(conn, newdisk)))
+-- 
+1.6.0.6
+
@@ -0,0 +1,54 @@
+From c3b3f6005d45552d01823504925eb587889cf25a Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Fri, 29 May 2009 14:34:35 +0000
+Subject: [PATCH 1/1] Avoid double-free in daemon client cleanup code
+
+---
+ qemud/qemud.c |   22 +++++++++++++++++-----
+ 1 files changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/qemud/qemud.c b/qemud/qemud.c
+index 1375560..783dc69 100644
+--- a/qemud/qemud.c
+++ b/qemud/qemud.c
+@@ -1397,7 +1397,10 @@ static int qemudDispatchServer(struct qemud_server *server, struct qemud_socket
+  * jobs have finished, then clean it up elsehwere
+  */
+ void qemudDispatchClientFailure(struct qemud_client *client) {
+-    virEventRemoveHandleImpl(client->watch);
+    if (client->watch != -1) {
+        virEventRemoveHandleImpl(client->watch);
+        client->watch = -1;
+    }
+ 
+     /* Deregister event delivery callback */
+     if(client->conn) {
+@@ -1406,12 +1406,21 @@ void qemudDispatchClientFailure(struct qemud_client *client) {
+     }
+ 
+ #if HAVE_SASL
+-    if (client->saslconn) sasl_dispose(&client->saslconn);
+    if (client->saslconn) {
+        sasl_dispose(&client->saslconn);
+        client->saslconn = NULL;
+    }
+     free(client->saslUsername);
+    client->saslUsername = NULL;
+ #endif
+-    if (client->tlssession) gnutls_deinit (client->tlssession);
+-    close(client->fd);
+-    client->fd = -1;
+    if (client->tlssession) {
+        gnutls_deinit (client->tlssession);
+        client->tlssession = NULL;
+    }
+    if (client->fd != -1) {
+        close(client->fd);
+        client->fd = -1;
+    }
+ }
+ 
+ 
+-- 
+1.6.0.6
+
@@ -0,0 +1,26 @@
+From 0ae4c67ff5f1d24698c5cfc8a9719d333c892644 Mon Sep 17 00:00:00 2001
+From: Mark McLoughlin <markmc@redhat.com>
+Date: Thu, 16 Apr 2009 11:23:55 +0100
+Subject: [PATCH 1/3] qemu -drive takes format= not fmt=
+
+Seems like a simple typo - it has been "format=" since the flag
+was introduced, but we added it as "fmt=".
+
+Signed-off-by: Mark McLoughlin <markmc@redhat.com>
+---
+ src/qemu_conf.c                                    |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index f36c927..6f9e610 100644
+--- a/src/qemu_conf.c
+++ b/src/qemu_conf.c
+@@ -1135,7 +1135,7 @@ int qemudBuildCommandLine(virConnectPtr conn,
+                 disk->device == VIR_DOMAIN_DISK_DEVICE_DISK)
+                 virBufferAddLit(&opt, ",boot=on");
+             if (disk->driverType)
+-                virBufferVSprintf(&opt, ",fmt=%s", disk->driverType);
+                virBufferVSprintf(&opt, ",format=%s", disk->driverType);
+ 
+             if (disk->cachemode) {
+                 const char *mode =
@@ -0,0 +1,57 @@
+From daf3db93457427c25325781af684758c0341a6aa Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Fri, 29 May 2009 13:32:06 +0000
+Subject: [PATCH 1/1] PPC Qemu Machine Type update
+ * src/qemu_conf.c docs/schemas/domain.rng
+   tests/capabilityschemadata/caps-qemu-kvm.xml: PPC Qemu Machine Type
+   changed from g3bw to g3beige some time ago, patch by Thomas Baker
+ Daniel
+
+---
+ docs/schemas/domain.rng                      |    2 +-
+ src/qemu_conf.c                              |    2 +-
+ tests/capabilityschemadata/caps-qemu-kvm.xml |    2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng
+index 204c633..11cf04a 100644
+--- a/docs/schemas/domain.rng
+++ b/docs/schemas/domain.rng
+@@ -184,7 +184,7 @@
+       </attribute>
+       <attribute name="machine">
+         <choice>
+-          <value>g3bw</value>
+          <value>g3beige</value>
+           <value>mac99</value>
+           <value>prep</value>
+         </choice>
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index 18156cd..d54f2ca 100644
+--- a/src/qemu_conf.c
+++ b/src/qemu_conf.c
+@@ -192,7 +192,7 @@ static const char *const arch_info_hvm_sparc_machines[] = {
+     "sun4m"
+ };
+ static const char *const arch_info_hvm_ppc_machines[] = {
+-    "g3bw", "mac99", "prep"
+    "g3beige", "mac99", "prep"
+ };
+ 
+ static const char *const arch_info_xen_x86_machines[] = {
+diff --git a/tests/capabilityschemadata/caps-qemu-kvm.xml b/tests/capabilityschemadata/caps-qemu-kvm.xml
+index fd8523e..893f9ed 100644
+--- a/tests/capabilityschemadata/caps-qemu-kvm.xml
+++ b/tests/capabilityschemadata/caps-qemu-kvm.xml
+@@ -81,7 +81,7 @@
+     <arch name='ppc'>
+       <wordsize>32</wordsize>
+       <emulator>/usr/bin/qemu-system-ppc</emulator>
+-      <machine>g3bw</machine>
+      <machine>g3beige</machine>
+       <machine>mac99</machine>
+       <machine>prep</machine>
+       <domain type='qemu'>
+-- 
+1.6.0.6
+
@@ -0,0 +1,76 @@
+diff -rup libvirt-0.6.2/src/security_selinux.c libvirt-0.6.2.new/src/security_selinux.c
+--- libvirt-0.6.2/src/security_selinux.c	2009-04-03 15:36:56.000000000 +0100
+++ libvirt-0.6.2.new/src/security_selinux.c	2009-05-05 13:39:42.000000000 +0100
+@@ -24,11 +24,12 @@
+ #include "virterror_internal.h"
+ #include "util.h"
+ #include "memory.h"
+-
+#include "logging.h"
+ 
+ #define VIR_FROM_THIS VIR_FROM_SECURITY
+ 
+ static char default_domain_context[1024];
+static char default_content_context[1024];
+ static char default_image_context[1024];
+ #define SECURITY_SELINUX_VOID_DOI       "0"
+ #define SECURITY_SELINUX_NAME "selinux"
+@@ -148,8 +149,13 @@ SELinuxInitialize(virConnectPtr conn)
+     close(fd);
+ 
+     ptr = strchrnul(default_image_context, '\n');
+-    *ptr = '\0';
+-
+    if (*ptr == '\n') {
+        *ptr = '\0';
+        strcpy(default_content_context, ptr+1);
+        ptr = strchrnul(default_content_context, '\n');
+        if (*ptr == '\n')
+            *ptr = '\0';
+    }
+     return 0;
+ }
+ 
+@@ -275,6 +281,8 @@ SELinuxSetFilecon(virConnectPtr conn, co
+ {
+     char ebuf[1024];
+ 
+    VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
+
+     if(setfilecon(path, tcon) < 0) {
+         virSecurityReportError(conn, VIR_ERR_ERROR,
+                                _("%s: unable to set security context "
+@@ -299,6 +307,8 @@ SELinuxRestoreSecurityImageLabel(virConn
+     char *newpath = NULL;
+     const char *path = disk->src;
+ 
+    /* Don't restore labels on readoly/shared disks, because
+     * other VMs may still be accessing these */
+     if (disk->readonly || disk->shared)
+         return 0;
+ 
+@@ -328,8 +338,13 @@ SELinuxSetSecurityImageLabel(virConnectP
+ {
+     const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
+ 
+-    if (secdef->imagelabel)
+    if (disk->shared) {
+        return SELinuxSetFilecon(conn, disk->src, default_image_context);
+    } else if (disk->readonly) {
+        return SELinuxSetFilecon(conn, disk->src, default_content_context);
+    } else if (secdef->imagelabel) {
+         return SELinuxSetFilecon(conn, disk->src, secdef->imagelabel);
+    }
+ 
+     return 0;
+ }
+@@ -403,9 +418,6 @@ SELinuxSetSecurityLabel(virConnectPtr co
+ 
+     if (secdef->imagelabel) {
+         for (i = 0 ; i < vm->def->ndisks ; i++) {
+-            if (vm->def->disks[i]->readonly ||
+-                vm->def->disks[i]->shared) continue;
+-
+             if (SELinuxSetSecurityImageLabel(conn, vm, vm->def->disks[i]) < 0)
+                 return -1;
+         }
@@ -0,0 +1,33 @@
+--- src/qemu_conf.c.orig	2009-04-02 11:50:10.000000000 +0200
+++ src/qemu_conf.c	2009-04-03 17:46:59.000000000 +0200
+@@ -779,6 +779,20 @@ int qemudBuildCommandLine(virConnectPtr 
+     char domid[50];
+     char *pidfile;
+     const char *cpu = NULL;
+    int skipSound = 0;
+
+    if (driver->securityDriver &&
+        driver->securityDriver->name &&
+        STREQ(driver->securityDriver->name, "selinux") &&
+        getuid() == 0) {
+        static int soundWarned = 0; 
+        skipSound = 1;
+        if (vm->def->nsounds &&
+            !soundWarned) {
+            soundWarned = 1;
+            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
+        }
+    }
+ 
+     uname_normalize(&ut);
+ 
+@@ -1425,7 +1439,8 @@ int qemudBuildCommandLine(virConnectPtr 
+     }
+ 
+     /* Add sound hardware */
+-    if (vm->def->nsounds) {
+    if (vm->def->nsounds &&
+        !skipSound) {
+         int size = 100;
+         char *modstr;
+         if (VIR_ALLOC_N(modstr, size+1) < 0)
@@ -0,0 +1,47 @@
+From 7f7a4403860f56d5a1ad65bfd16f5bf97a971d45 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Wed, 13 May 2009 16:19:59 +0000
+Subject: [PATCH 1/1] * src/buf.c: avoid an XML attribute escaping bug #499791
+ daniel
+
+---
+ src/buf.c |   16 +++++++++++++++-
+ 1 files changed, 15 insertions(+), 1 deletions(-)
+
+diff --git a/src/buf.c b/src/buf.c
+index cdcdac9..259175d 100644
+--- a/src/buf.c
+++ b/src/buf.c
+@@ -266,7 +266,7 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
+         return;
+ 
+     len = strlen(str);
+-    if (VIR_ALLOC_N(escaped, 5 * len + 1) < 0) {
+    if (VIR_ALLOC_N(escaped, 6 * len + 1) < 0) {
+         virBufferNoMemory(buf);
+         return;
+     }
+@@ -290,6 +290,20 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
+             *out++ = 'm';
+             *out++ = 'p';
+             *out++ = ';';
+        } else if (*cur == '"') {
+            *out++ = '&';
+            *out++ = 'q';
+            *out++ = 'u';
+            *out++ = 'o';
+            *out++ = 't';
+            *out++ = ';';
+        } else if (*cur == '\'') {
+            *out++ = '&';
+            *out++ = 'a';
+            *out++ = 'p';
+            *out++ = 'o';
+            *out++ = 's';
+            *out++ = ';';
+         } else if ((*cur >= 0x20) || (*cur == '\n') || (*cur == '\t') ||
+                    (*cur == '\r')) {
+             /*
+-- 
+1.6.0.6
+
@@ -0,0 +1,45 @@
+From 3d7771e0570e09096ad9391a857dad48b150bc0c Mon Sep 17 00:00:00 2001
+From: Mark McLoughlin <markmc@redhat.com>
+Date: Wed, 6 May 2009 16:33:28 +0100
+Subject: [PATCH] Fix qemu driver's interpretation of <hostdev managed='yes'/>
+
+This change:
+
+  Tue Mar  3 08:55:13 GMT 2009 Daniel P. Berrange <berrange@redhat.com>
+
+       Don't try to detach & reset PCI devices while running test
+       suite for XML-> ARGV conversion.
+       * src/qemu_driver.c: Add qemuPrepareHostDevices() helper to
+       detach and reset PCI devices.
+       * src/qemu_conf.c: Don't detach & reset PCI devices while
+       building the command line argv
+
+accidentally did this:
+
+-            if (hostdev->managed) {
+        if (!hostdev->managed) {
+
+Which results in managed='yes' not causing the device to be
+detached when the guest is starting.
+
+Signed-off-by: Mark McLoughlin <markmc@redhat.com>
+---
+ src/qemu_driver.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 5898026..59312c0 100644
+--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
+@@ -1215,7 +1215,7 @@ static int qemuPrepareHostDevices(virConnectPtr conn,
+         if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI)
+             continue;
+ 
+-        if (!hostdev->managed) {
+        if (hostdev->managed) {
+             pciDevice *dev = pciGetDevice(conn,
+                                           hostdev->source.subsys.u.pci.domain,
+                                           hostdev->source.subsys.u.pci.bus,
+-- 
+1.6.0.6
+
@@ -0,0 +1,76 @@
+commit 0e51348cb9aeafe5e2fd6469a4bde0baa1eb8720
+Author: Cole Robinson <crobinso@redhat.com>
+Date:   Mon May 4 15:06:03 2009 -0400
+
+    Refresh QEMU driver capabilities for each getCapabilities call.
+    
+    Also fix up a couple issues where caps are accessed without locking
+    the driver structure.
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 23ea961..790dac6 100644
+--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
+@@ -1885,10 +1885,12 @@ static int qemudGetNodeInfo(virConnectPtr conn,
+ 
+ static char *qemudGetCapabilities(virConnectPtr conn) {
+     struct qemud_driver *driver = conn->privateData;
+-    char *xml;
+    char *xml = NULL;
+ 
+     qemuDriverLock(driver);
+-    if ((xml = virCapabilitiesFormatXML(driver->caps)) == NULL)
+    virCapabilitiesFree(qemu_driver->caps);
+    if ((qemu_driver->caps = qemudCapsInit()) == NULL ||
+        (xml = virCapabilitiesFormatXML(driver->caps)) == NULL)
+         virReportOOMError(conn);
+     qemuDriverUnlock(driver);
+ 
+@@ -3169,20 +3171,26 @@ cleanup:
+     return ret;
+ }
+ 
+-static int qemudNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr secmodel)
+static int qemudNodeGetSecurityModel(virConnectPtr conn,
+                                     virSecurityModelPtr secmodel)
+ {
+     struct qemud_driver *driver = (struct qemud_driver *)conn->privateData;
+     char *p;
+    int ret = 0;
+ 
+-    if (!driver->securityDriver)
+-        return -2;
+    qemuDriverLock(driver);
+    if (!driver->securityDriver) {
+        ret = -2;
+        goto cleanup;
+    }
+ 
+     p = driver->caps->host.secModel.model;
+     if (strlen(p) >= VIR_SECURITY_MODEL_BUFLEN-1) {
+         qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+                          _("security model string exceeds max %d bytes"),
+                          VIR_SECURITY_MODEL_BUFLEN-1);
+-        return -1;
+        ret = -1;
+        goto cleanup;
+     }
+     strcpy(secmodel->model, p);
+ 
+@@ -3191,10 +3199,14 @@ static int qemudNodeGetSecurityModel(virConnectPtr conn, virSecurityModelPtr sec
+         qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
+                          _("security DOI string exceeds max %d bytes"),
+                          VIR_SECURITY_DOI_BUFLEN-1);
+-        return -1;
+        ret = -1;
+        goto cleanup;
+     }
+     strcpy(secmodel->doi, p);
+-    return 0;
+
+cleanup:
+    qemuDriverUnlock(driver);
+    return ret;
+ }
+ 
+ /* TODO: check seclabel restore */
@@ -1 +1 @@
-SHA512 (libvirt-10.6.0.tar.xz) = edec79e89669d5e9a46be35e0d6334a6ed3bbf32426679549bd998bde24cba52b0378843f41a3abb5d781ad53e2a6a54619a0bad3f168c11fb41736cc6af6568
+3035b484861516a1cd425acef1e760e3  libvirt-0.6.2.tar.gz
Author	SHA1	Message	Date
Mark McLoughlin	c8361aee7d	* Fri Jun 5 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-12.fc11 - Use the correct QEMU machine type for ppc (bug #502862) - Fix crash with TLS connections (bug #503066) - Fix broken networking with newer qemu releases (bug #503275) - Remove the qemu BuildRequires	2009-06-05 11:47:31 +00:00
Mark McLoughlin	bda88aaa38	* Mon May 25 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-11.fc11 - Bring up the bridge, even if it doesn't have an IP address (bug #501912)	2009-05-25 15:23:17 +00:00
Mark McLoughlin	ca4d795c85	* Fri May 22 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-10.fc11 - Don't log monitor output to domain log file (bug #499584)	2009-05-22 09:24:30 +00:00
Mark McLoughlin	e2e196d813	* Thu May 21 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-9.fc11 - Fix qemu argv detection with latest qemu (bug #501923) - Fix XML attribute escaping (bug #499791) - Fix serious event handling issues causing guests to be destroyed (bug #499698)	2009-05-21 12:07:19 +00:00
Cole Robinson	a5a2a38a5e	Don't try to label a disk with no path (e.g. empty cdrom) (bug #499569 )	2009-05-11 02:28:23 +00:00
Mark McLoughlin	30f098460c	* Thu May 7 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-7.fc11 - Enable migration for qemu 0.10 (bug #499704)	2009-05-07 19:08:42 +00:00
Cole Robinson	7017c99a1e	Refresh qemu caps when getCapabilities is called (bug #460649 )	2009-05-06 16:32:34 +00:00
Mark McLoughlin	1c41ce6f30	* Wed May 6 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-5.fc11 - Fix handling of <hostdev managed='yes'> (bug #499386)	2009-05-06 15:51:47 +00:00
Daniel P. Berrange	c6db79d97f	Fix labelling of shared/readonly disks (rhbz #493692 )	2009-05-05 13:01:15 +00:00
Daniel Veillard	7b7f8cc27f	- Fix missing directories in spec (#496945 and gtk-doc) Daniel	2009-04-28 10:57:59 +00:00
Mark McLoughlin	a9cc41b082	* Thu Apr 16 2009 Mark McLoughlin <markmc@redhat.com> - 0.6.2-2.fc11 - Fix qemu drive format specification (#496092)	2009-04-16 15:26:45 +00:00
Jesse Keating	ce1593f88f	Initialize branch F-11 for libvirt	2009-04-15 07:13:06 +00:00