Fix the test suite on s390x

CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (bz #1722463, bz #1720115)
CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients (bz #1722462, bz #1720114)
CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API (bz #1722464, bz #1720117)
CVE-2019-10168: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (bz #1722466, bz #1720118)
CVE-2019-3886: virsh domhostname command discloses guest hostname in readonly mode [fedora-rawhide
Failed to attache NEW rbd device to guest (bz #1672620)
PCI hostdev interface segfault (bz #1692053)

.cvsignore

@@ -1,12 +0,0 @@
-.build*.log
-*.rpm
-i686
-x86_64
-libvirt-*.tar.gz
-libvirt-0.6.0.tar.gz
-libvirt-0.6.1.tar.gz
-libvirt-0.6.2.tar.gz
-libvirt-0.6.3.tar.gz
-libvirt-0.6.4.tar.gz
-libvirt-0.6.5.tar.gz
-libvirt-0.7.0-0.1.gitf055724.tar.gz

.gitignore

@@ -0,0 +1,5 @@
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.xz

0001-qemu-Allow-creating-ppc64-guests-with-graphics-and-n.patch

@@ -0,0 +1,112 @@
+From: Andrea Bolognani <abologna@redhat.com>
+Date: Wed, 27 Feb 2019 18:41:35 +0100
+Subject: [PATCH] qemu: Allow creating ppc64 guests with graphics and no USB
+ mouse
+
+The existing behavior for ppc64 guests is to always add a USB
+keyboard and mouse combo if graphics are present; unfortunately,
+this means any attempt to use a USB tablet will cause both pointing
+devices to show up in the guest, which in turn will result in poor
+user experience.
+
+We can't just stop adding the USB mouse or start adding a USB tablet
+instead, because existing applications and users might rely on the
+current behavior; however, we can avoid adding the USB mouse if a USB
+tablet is already present, thus allowing users and applications to
+create guests that contain a single pointing device.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1683681
+
+Signed-off-by: Andrea Bolognani <abologna@redhat.com>
+Reviewed-by: Cole Robinson <crobinso@redhat.com>
+(cherry picked from commit 186bb479d0f409dc75175bea48a760838c479a6c)
+---
+ src/qemu/qemu_domain.c                        | 20 ++++++++
+ .../ppc64-pseries-graphics.ppc64-latest.args  | 47 +++++++++++++++++++
+ 2 files changed, 67 insertions(+)
+ create mode 100644 tests/qemuxml2argvdata/ppc64-pseries-graphics.ppc64-latest.args
+
+diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
+index f161cf6c84..764ffacb2e 100644
+--- a/src/qemu/qemu_domain.c
++++ b/src/qemu/qemu_domain.c
+@@ -3384,6 +3384,26 @@ qemuDomainDefAddDefaultDevices(virDomainDefPtr def,
+         def->memballoon = memballoon;
+     }
+ 
++    if (addDefaultUSBMouse) {
++        bool hasUSBTablet = false;
++        size_t j;
++
++        for (j = 0; j < def->ninputs; j++) {
++            if (def->inputs[j]->type == VIR_DOMAIN_INPUT_TYPE_TABLET &&
++                def->inputs[j]->bus == VIR_DOMAIN_INPUT_BUS_USB) {
++                hasUSBTablet = true;
++                break;
++            }
++        }
++
++        /* Historically, we have automatically added USB keyboard and
++         * mouse to some guests. While the former device is generally
++         * safe to have, adding the latter is undesiderable if a USB
++         * tablet is already present in the guest */
++        if (hasUSBTablet)
++            addDefaultUSBMouse = false;
++    }
++
+     if (addDefaultUSBKBD &&
+         def->ngraphics > 0 &&
+         virDomainDefMaybeAddInput(def,
+diff --git a/tests/qemuxml2argvdata/ppc64-pseries-graphics.ppc64-latest.args b/tests/qemuxml2argvdata/ppc64-pseries-graphics.ppc64-latest.args
+new file mode 100644
+index 0000000000..b81648f078
+--- /dev/null
++++ b/tests/qemuxml2argvdata/ppc64-pseries-graphics.ppc64-latest.args
+@@ -0,0 +1,47 @@
++LC_ALL=C \
++PATH=/bin \
++HOME=/home/test \
++USER=test \
++LOGNAME=test \
++QEMU_AUDIO_DRV=none \
++/usr/bin/qemu-system-ppc64 \
++-name guest=guest,debug-threads=on \
++-S \
++-object secret,id=masterKey0,format=raw,\
++file=/tmp/lib/domain--1-guest/master-key.aes \
++-machine pseries,accel=tcg,usb=off,dump-guest-core=off \
++-m 4096 \
++-realtime mlock=off \
++-smp 4,sockets=4,cores=1,threads=1 \
++-uuid b35969f7-e7cf-4d90-a9a0-4dd9000f9824 \
++-no-user-config \
++-nodefaults \
++-chardev socket,id=charmonitor,fd=1729,server,nowait \
++-mon chardev=charmonitor,id=monitor,mode=control \
++-rtc base=utc \
++-no-shutdown \
++-boot strict=on \
++-device qemu-xhci,p2=15,p3=15,id=usb,bus=pci.0,addr=0x2 \
++-device virtio-serial-pci,id=virtio-serial0,bus=pci.0,addr=0x3 \
++-drive file=/var/lib/libvirt/images/guest.qcow2,format=qcow2,if=none,\
++id=drive-virtio-disk0 \
++-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
++id=virtio-disk0,bootindex=1 \
++-netdev user,id=hostnet0 \
++-device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:a2:44:92,bus=pci.0,\
++addr=0x1 \
++-chardev pty,id=charserial0 \
++-device spapr-vty,chardev=charserial0,id=serial0,reg=0x30000000 \
++-chardev socket,id=charchannel0,fd=1729,server,nowait \
++-device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,\
++id=channel0,name=org.qemu.guest_agent.0 \
++-device usb-tablet,id=input0,bus=usb.0,port=1 \
++-device usb-kbd,id=input1,bus=usb.0,port=2 \
++-vnc 127.0.0.1:0 \
++-device VGA,id=video0,vgamem_mb=16,bus=pci.0,addr=0x7 \
++-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 \
++-object rng-random,id=objrng0,filename=/dev/urandom \
++-device virtio-rng-pci,rng=objrng0,id=rng0,bus=pci.0,addr=0x6 \
++-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
++resourcecontrol=deny \
++-msg timestamp=on

0002-qemu-Remove-duplicated-qemuAgentCheckError.patch

@@ -0,0 +1,34 @@
+From: John Ferlan <jferlan@redhat.com>
+Date: Fri, 7 Sep 2018 16:01:27 -0400
+Subject: [PATCH] qemu: Remove duplicated qemuAgentCheckError
+
+Commit 5b3492fadb moved qemuAgentCheckError calls into
+qemuAgentCommand for various reasons; however, subsequent
+commit 0977b8aa0 adding a new command made call again
+So let's just remove the duplicitous call from
+qemuAgentGetInterfaces.
+
+Signed-off-by: John Ferlan <jferlan@redhat.com>
+ACKed-by: Michal Privoznik <mprivozn@redhat.com>
+(cherry picked from commit 9ed175fbc2deecfdaeabca7bc77c7e7ae33a3377)
+---
+ src/qemu/qemu_agent.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
+index bf08871f18..d235c058a5 100644
+--- a/src/qemu/qemu_agent.c
++++ b/src/qemu/qemu_agent.c
+@@ -1987,10 +1987,9 @@ qemuAgentGetInterfaces(qemuAgentPtr mon,
+     if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL)))
+         goto cleanup;
+ 
+-    if (qemuAgentCommand(mon, cmd, &reply, false, VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0 ||
+-        qemuAgentCheckError(cmd, reply) < 0) {
++    if (qemuAgentCommand(mon, cmd, &reply, false,
++                         VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0)
+         goto cleanup;
+-    }
+ 
+     if (!(ret_array = virJSONValueObjectGet(reply, "return"))) {
+         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",

0003-qemu-require-reply-from-guest-agent-in-qemuAgentGetI.patch

@@ -0,0 +1,40 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 4 Jan 2019 10:17:46 +0100
+Subject: [PATCH] qemu: require reply from guest agent in
+ qemuAgentGetInterfaces
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Since its introduction in commit 0977b8aa071 (released in v1.2.14)
+qemuAgentGetInterfaces calls qemuAgentCommand with needReply=false,
+which allows qemuAgentCommand to return 0 even when it did not get
+any reply from the agent.
+
+Set needReply to true, since we dereference it right after.
+
+This can be hit if libvirt is waiting for an event from the agent
+(e.g. shutdown) and the agent cannot reply in time (e.g. due to
+the guest being shut down), as reported in:
+https://bugzilla.redhat.com/show_bug.cgi?id=1663051
+
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
+(cherry picked from commit 7cfd1fbb1332ae5df678b9f41a62156cb2e88c73)
+---
+ src/qemu/qemu_agent.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
+index d235c058a5..af0c054f99 100644
+--- a/src/qemu/qemu_agent.c
++++ b/src/qemu/qemu_agent.c
+@@ -1987,7 +1987,7 @@ qemuAgentGetInterfaces(qemuAgentPtr mon,
+     if (!(cmd = qemuAgentMakeCommand("guest-network-get-interfaces", NULL)))
+         goto cleanup;
+ 
+-    if (qemuAgentCommand(mon, cmd, &reply, false,
++    if (qemuAgentCommand(mon, cmd, &reply, true,
+                          VIR_DOMAIN_QEMU_AGENT_COMMAND_BLOCK) < 0)
+         goto cleanup;
+ 

0004-cpu_x86-Do-not-cache-microcode-version.patch

@@ -0,0 +1,51 @@
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 5 Apr 2019 11:33:32 +0200
+Subject: [PATCH] cpu_x86: Do not cache microcode version
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The microcode version checks are used to invalidate cached CPU data we
+get from QEMU. To minimize /proc/cpuinfo parsing the microcode version
+was only read when libvirtd started and cached for the daemon's
+lifetime. However, the CPU microcode can change anytime (updating the
+microcode package can automatically upload it to the CPU) and we need to
+stop caching it to avoid using stale CPU model data.
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+(cherry picked from commit be46f613261d3b655a1f15afd635087e68a9c39b)
+---
+ src/cpu/cpu_x86.c | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
+index cb27550025..ce48ca6867 100644
+--- a/src/cpu/cpu_x86.c
++++ b/src/cpu/cpu_x86.c
+@@ -163,7 +163,6 @@ struct _virCPUx86Map {
+ };
+ 
+ static virCPUx86MapPtr cpuMap;
+-static unsigned int microcodeVersion;
+ 
+ int virCPUx86DriverOnceInit(void);
+ VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
+@@ -1331,8 +1330,6 @@ virCPUx86DriverOnceInit(void)
+     if (!(cpuMap = virCPUx86LoadMap()))
+         return -1;
+ 
+-    microcodeVersion = virHostCPUGetMicrocodeVersion();
+-
+     return 0;
+ }
+ 
+@@ -2372,7 +2369,7 @@ virCPUx86GetHost(virCPUDefPtr cpu,
+         goto cleanup;
+ 
+     ret = x86DecodeCPUData(cpu, cpuData, models);
+-    cpu->microcodeVersion = microcodeVersion;
++    cpu->microcodeVersion = virHostCPUGetMicrocodeVersion();
+ 
+  cleanup:
+     virCPUx86DataFree(cpuData);

0005-qemu-Don-t-cache-microcode-version.patch

@@ -0,0 +1,147 @@
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 12 Apr 2019 21:21:05 +0200
+Subject: [PATCH] qemu: Don't cache microcode version
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+My earlier commit be46f61326 was incomplete. It removed caching of
+microcode version in the CPU driver, which means the capabilities XML
+will see the correct microcode version. But it is also cached in the
+QEMU capabilities cache where it is used to detect whether we need to
+reprobe QEMU. By missing the second place, the original commit
+be46f61326 made the situation even worse since libvirt would report
+correct microcode version while still using the old host CPU model
+(visible in domain capabilities XML).
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+(cherry picked from commit 673c62a3b7855a0685d8f116e227c402720b9ee9)
+
+Conflicts:
+        src/qemu/qemu_capabilities.c
+            - virQEMUCapsCacheLookupByArch refactoring (commits
+              7948ad4129a and 1a3de67001c) are missing
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+---
+ src/qemu/qemu_capabilities.c | 12 ++++++++----
+ src/qemu/qemu_capabilities.h |  3 +--
+ src/qemu/qemu_driver.c       |  9 +--------
+ tests/testutilsqemu.c        |  2 +-
+ 4 files changed, 11 insertions(+), 15 deletions(-)
+
+diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
+index a075677421..eaf369f5b1 100644
+--- a/src/qemu/qemu_capabilities.c
++++ b/src/qemu/qemu_capabilities.c
+@@ -4700,7 +4700,7 @@ virQEMUCapsNewData(const char *binary,
+                                            priv->libDir,
+                                            priv->runUid,
+                                            priv->runGid,
+-                                           priv->microcodeVersion,
++                                           virHostCPUGetMicrocodeVersion(),
+                                            priv->kernelVersion);
+ }
+ 
+@@ -4783,8 +4783,7 @@ virFileCachePtr
+ virQEMUCapsCacheNew(const char *libDir,
+                     const char *cacheDir,
+                     uid_t runUid,
+-                    gid_t runGid,
+-                    unsigned int microcodeVersion)
++                    gid_t runGid)
+ {
+     char *capsCacheDir = NULL;
+     virFileCachePtr cache = NULL;
+@@ -4808,7 +4807,6 @@ virQEMUCapsCacheNew(const char *libDir,
+ 
+     priv->runUid = runUid;
+     priv->runGid = runGid;
+-    priv->microcodeVersion = microcodeVersion;
+ 
+     if (uname(&uts) == 0 &&
+         virAsprintf(&priv->kernelVersion, "%s %s", uts.release, uts.version) < 0)
+@@ -4829,8 +4827,11 @@ virQEMUCapsPtr
+ virQEMUCapsCacheLookup(virFileCachePtr cache,
+                        const char *binary)
+ {
++    virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
+     virQEMUCapsPtr ret = NULL;
+ 
++    priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
++
+     ret = virFileCacheLookup(cache, binary);
+ 
+     VIR_DEBUG("Returning caps %p for %s", ret, binary);
+@@ -4876,10 +4877,13 @@ virQEMUCapsPtr
+ virQEMUCapsCacheLookupByArch(virFileCachePtr cache,
+                              virArch arch)
+ {
++    virQEMUCapsCachePrivPtr priv = virFileCacheGetPriv(cache);
+     virQEMUCapsPtr ret = NULL;
+     virArch target;
+     struct virQEMUCapsSearchData data = { .arch = arch };
+ 
++    priv->microcodeVersion = virHostCPUGetMicrocodeVersion();
++
+     ret = virFileCacheLookupByFunc(cache, virQEMUCapsCompareArch, &data);
+     if (!ret) {
+         /* If the first attempt at finding capabilities has failed, try
+diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
+index 3d3a978759..956babc7eb 100644
+--- a/src/qemu/qemu_capabilities.h
++++ b/src/qemu/qemu_capabilities.h
+@@ -574,8 +574,7 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps,
+ virFileCachePtr virQEMUCapsCacheNew(const char *libDir,
+                                     const char *cacheDir,
+                                     uid_t uid,
+-                                    gid_t gid,
+-                                    unsigned int microcodeVersion);
++                                    gid_t gid);
+ virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache,
+                                       const char *binary);
+ virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache,
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index a0f7c71675..75f8699e7d 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -592,8 +592,6 @@ qemuStateInitialize(bool privileged,
+     char *hugepagePath = NULL;
+     char *memoryBackingPath = NULL;
+     size_t i;
+-    virCPUDefPtr hostCPU = NULL;
+-    unsigned int microcodeVersion = 0;
+ 
+     if (VIR_ALLOC(qemu_driver) < 0)
+         return -1;
+@@ -813,15 +811,10 @@ qemuStateInitialize(bool privileged,
+         run_gid = cfg->group;
+     }
+ 
+-    if ((hostCPU = virCPUProbeHost(virArchFromHost())))
+-        microcodeVersion = hostCPU->microcodeVersion;
+-    virCPUDefFree(hostCPU);
+-
+     qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
+                                                      cfg->cacheDir,
+                                                      run_uid,
+-                                                     run_gid,
+-                                                     microcodeVersion);
++                                                     run_gid);
+     if (!qemu_driver->qemuCapsCache)
+         goto error;
+ 
+diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
+index 8438613f28..4e53f03f9e 100644
+--- a/tests/testutilsqemu.c
++++ b/tests/testutilsqemu.c
+@@ -707,7 +707,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
+ 
+     /* Using /dev/null for libDir and cacheDir automatically produces errors
+      * upon attempt to use any of them */
+-    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0);
++    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0);
+     if (!driver->qemuCapsCache)
+         goto error;
+ 

0006-cputest-Add-data-for-Intel-R-Xeon-R-CPU-E3-1225-v5.patch

@@ -0,0 +1,880 @@
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 5 Apr 2019 11:19:30 +0200
+Subject: [PATCH] cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+(cherry picked from commit 5cd9db3ac11e88846cbcf95fad9f6fae9d880dee)
+
+CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+
+Conflicts:
+	tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+	tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+            - intel-pt feature is missing
+	    - stibp feature is missing
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+---
+ tests/cputest.c                               |   1 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml |   7 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml  |   8 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-guest.xml    |  26 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-host.xml     |  27 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5-json.xml     |  10 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5.json         | 652 ++++++++++++++++++
+ .../x86_64-cpuid-Xeon-E3-1225-v5.sig          |   4 +
+ .../x86_64-cpuid-Xeon-E3-1225-v5.xml          |  47 ++
+ 9 files changed, 782 insertions(+)
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig
+ create mode 100644 tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml
+
+diff --git a/tests/cputest.c b/tests/cputest.c
+index baf2b3c648..fbb2a86af8 100644
+--- a/tests/cputest.c
++++ b/tests/cputest.c
+@@ -1190,6 +1190,7 @@ mymain(void)
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Phenom-B95", JSON_HOST);
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Ryzen-7-1800X-Eight-Core", JSON_HOST);
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-5110", JSON_NONE);
++    DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1225-v5", JSON_MODELS);
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E3-1245-v5", JSON_MODELS);
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2609-v3", JSON_MODELS);
+     DO_TEST_CPUID(VIR_ARCH_X86_64, "Xeon-E5-2623-v4", JSON_MODELS);
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml
+new file mode 100644
+index 0000000000..ce51903e53
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-disabled.xml
+@@ -0,0 +1,7 @@
++<!-- Features disabled by QEMU -->
++<cpudata arch='x86'>
++  <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x0800c1fc' edx='0xb0600000'/>
++  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x02000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/>
++</cpudata>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+new file mode 100644
+index 0000000000..0deca9fba6
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+@@ -0,0 +1,8 @@
++<!-- Features enabled by QEMU -->
++<cpudata arch='x86'>
++  <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/>
++  <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
++</cpudata>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+new file mode 100644
+index 0000000000..993db80cc9
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+@@ -0,0 +1,26 @@
++<cpu mode='custom' match='exact'>
++  <model fallback='forbid'>Skylake-Client-IBRS</model>
++  <vendor>Intel</vendor>
++  <feature policy='require' name='ds'/>
++  <feature policy='require' name='acpi'/>
++  <feature policy='require' name='ss'/>
++  <feature policy='require' name='ht'/>
++  <feature policy='require' name='tm'/>
++  <feature policy='require' name='pbe'/>
++  <feature policy='require' name='dtes64'/>
++  <feature policy='require' name='monitor'/>
++  <feature policy='require' name='ds_cpl'/>
++  <feature policy='require' name='vmx'/>
++  <feature policy='require' name='smx'/>
++  <feature policy='require' name='est'/>
++  <feature policy='require' name='tm2'/>
++  <feature policy='require' name='xtpr'/>
++  <feature policy='require' name='pdcm'/>
++  <feature policy='require' name='osxsave'/>
++  <feature policy='require' name='tsc_adjust'/>
++  <feature policy='require' name='clflushopt'/>
++  <feature policy='require' name='ssbd'/>
++  <feature policy='require' name='xsaves'/>
++  <feature policy='require' name='pdpe1gb'/>
++  <feature policy='require' name='invtsc'/>
++</cpu>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+new file mode 100644
+index 0000000000..074a39ba1d
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+@@ -0,0 +1,27 @@
++<cpu>
++  <arch>x86_64</arch>
++  <model>Skylake-Client-IBRS</model>
++  <vendor>Intel</vendor>
++  <feature name='ds'/>
++  <feature name='acpi'/>
++  <feature name='ss'/>
++  <feature name='ht'/>
++  <feature name='tm'/>
++  <feature name='pbe'/>
++  <feature name='dtes64'/>
++  <feature name='monitor'/>
++  <feature name='ds_cpl'/>
++  <feature name='vmx'/>
++  <feature name='smx'/>
++  <feature name='est'/>
++  <feature name='tm2'/>
++  <feature name='xtpr'/>
++  <feature name='pdcm'/>
++  <feature name='osxsave'/>
++  <feature name='tsc_adjust'/>
++  <feature name='clflushopt'/>
++  <feature name='ssbd'/>
++  <feature name='xsaves'/>
++  <feature name='pdpe1gb'/>
++  <feature name='invtsc'/>
++</cpu>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+new file mode 100644
+index 0000000000..1984bd4cf2
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+@@ -0,0 +1,10 @@
++<cpu mode='custom' match='exact'>
++  <model fallback='forbid'>Skylake-Client-IBRS</model>
++  <vendor>Intel</vendor>
++  <feature policy='require' name='ss'/>
++  <feature policy='require' name='hypervisor'/>
++  <feature policy='require' name='tsc_adjust'/>
++  <feature policy='require' name='clflushopt'/>
++  <feature policy='require' name='ssbd'/>
++  <feature policy='require' name='pdpe1gb'/>
++</cpu>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json
+new file mode 100644
+index 0000000000..084747556b
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.json
+@@ -0,0 +1,652 @@
++{
++  "return": {
++    "model": {
++      "name": "base",
++      "props": {
++        "phys-bits": 0,
++        "core-id": -1,
++        "xlevel": 2147483656,
++        "cmov": true,
++        "ia64": false,
++        "aes": true,
++        "mmx": true,
++        "rdpid": false,
++        "arat": true,
++        "gfni": false,
++        "pause-filter": false,
++        "xsavec": true,
++        "intel-pt": false,
++        "osxsave": false,
++        "hv-frequencies": false,
++        "tsc-frequency": 0,
++        "xd": true,
++        "hv-vendor-id": "",
++        "kvm-asyncpf": true,
++        "kvm_asyncpf": true,
++        "perfctr_core": false,
++        "perfctr-core": false,
++        "mpx": true,
++        "pbe": false,
++        "decodeassists": false,
++        "avx512cd": false,
++        "sse4_1": true,
++        "sse4.1": true,
++        "sse4-1": true,
++        "family": 6,
++        "legacy-cache": true,
++        "vmware-cpuid-freq": true,
++        "avx512f": false,
++        "msr": true,
++        "mce": true,
++        "mca": true,
++        "hv-runtime": false,
++        "xcrypt": false,
++        "thread-id": -1,
++        "min-level": 13,
++        "xgetbv1": true,
++        "cid": false,
++        "hv-relaxed": false,
++        "hv-crash": false,
++        "ds": false,
++        "fxsr": true,
++        "xsaveopt": true,
++        "xtpr": false,
++        "avx512vl": false,
++        "avx512-vpopcntdq": false,
++        "phe": false,
++        "extapic": false,
++        "3dnowprefetch": true,
++        "avx512vbmi2": false,
++        "cr8legacy": false,
++        "stibp": true,
++        "cpuid-0xb": true,
++        "xcrypt-en": false,
++        "kvm_pv_eoi": true,
++        "apic-id": 4294967295,
++        "pn": false,
++        "dca": false,
++        "vendor": "GenuineIntel",
++        "pku": false,
++        "smx": false,
++        "cmp_legacy": false,
++        "cmp-legacy": false,
++        "node-id": -1,
++        "avx512-4fmaps": false,
++        "vmcb_clean": false,
++        "vmcb-clean": false,
++        "3dnowext": false,
++        "hle": true,
++        "npt": false,
++        "memory": "/machine/unattached/system[0]",
++        "clwb": false,
++        "lbrv": false,
++        "adx": true,
++        "ss": true,
++        "pni": true,
++        "svm_lock": false,
++        "svm-lock": false,
++        "pfthreshold": false,
++        "smep": true,
++        "smap": true,
++        "x2apic": true,
++        "avx512vbmi": false,
++        "avx512vnni": false,
++        "hv-stimer": false,
++        "i64": true,
++        "flushbyasid": false,
++        "f16c": true,
++        "ace2-en": false,
++        "pat": true,
++        "pae": true,
++        "sse": true,
++        "phe-en": false,
++        "kvm_nopiodelay": true,
++        "kvm-nopiodelay": true,
++        "tm": false,
++        "kvmclock-stable-bit": true,
++        "hypervisor": true,
++        "socket-id": -1,
++        "pcommit": false,
++        "syscall": true,
++        "level": 13,
++        "avx512dq": false,
++        "svm": false,
++        "full-cpuid-auto-level": true,
++        "hv-reset": false,
++        "invtsc": false,
++        "sse3": true,
++        "sse2": true,
++        "ssbd": true,
++        "est": false,
++        "avx512ifma": false,
++        "tm2": false,
++        "kvm-pv-eoi": true,
++        "cx8": true,
++        "kvm_mmu": false,
++        "kvm-mmu": false,
++        "sse4_2": true,
++        "sse4.2": true,
++        "sse4-2": true,
++        "pge": true,
++        "fill-mtrr-mask": true,
++        "avx512bitalg": false,
++        "nodeid_msr": false,
++        "pdcm": false,
++        "movbe": true,
++        "model": 94,
++        "nrip_save": false,
++        "nrip-save": false,
++        "kvm_pv_unhalt": true,
++        "ssse3": true,
++        "sse4a": false,
++        "invpcid": true,
++        "pdpe1gb": true,
++        "tsc-deadline": true,
++        "fma": true,
++        "cx16": true,
++        "de": true,
++        "enforce": false,
++        "stepping": 3,
++        "xsave": true,
++        "clflush": true,
++        "skinit": false,
++        "tsc": true,
++        "tce": false,
++        "fpu": true,
++        "ibs": false,
++        "ds_cpl": false,
++        "ds-cpl": false,
++        "host-phys-bits": true,
++        "fma4": false,
++        "la57": false,
++        "osvw": false,
++        "check": true,
++        "hv-spinlocks": -1,
++        "pmu": false,
++        "pmm": false,
++        "apic": true,
++        "spec-ctrl": true,
++        "min-xlevel2": 0,
++        "tsc-adjust": true,
++        "tsc_adjust": true,
++        "kvm-steal-time": true,
++        "kvm_steal_time": true,
++        "kvmclock": true,
++        "l3-cache": true,
++        "lwp": false,
++        "ibpb": false,
++        "xop": false,
++        "avx": true,
++        "ospke": false,
++        "ace2": false,
++        "avx512bw": false,
++        "acpi": false,
++        "hv-vapic": false,
++        "fsgsbase": true,
++        "ht": false,
++        "nx": true,
++        "pclmulqdq": true,
++        "mmxext": false,
++        "vaes": false,
++        "popcnt": true,
++        "xsaves": false,
++        "tcg-cpuid": true,
++        "lm": true,
++        "umip": false,
++        "pse": true,
++        "avx2": true,
++        "sep": true,
++        "pclmuldq": true,
++        "virt-ssbd": false,
++        "x-hv-max-vps": -1,
++        "nodeid-msr": false,
++        "md-clear": true,
++        "kvm": true,
++        "misalignsse": false,
++        "min-xlevel": 2147483656,
++        "kvm-pv-unhalt": true,
++        "bmi2": true,
++        "bmi1": true,
++        "realized": false,
++        "tsc_scale": false,
++        "tsc-scale": false,
++        "topoext": false,
++        "hv-vpindex": false,
++        "xlevel2": 0,
++        "clflushopt": true,
++        "kvm-no-smi-migration": false,
++        "monitor": false,
++        "avx512er": false,
++        "pmm-en": false,
++        "pcid": true,
++        "3dnow": false,
++        "erms": true,
++        "lahf-lm": true,
++        "lahf_lm": true,
++        "vpclmulqdq": false,
++        "fxsr-opt": false,
++        "hv-synic": false,
++        "xstore": false,
++        "fxsr_opt": false,
++        "kvm-hint-dedicated": false,
++        "rtm": true,
++        "lmce": true,
++        "hv-time": false,
++        "perfctr-nb": false,
++        "perfctr_nb": false,
++        "ffxsr": false,
++        "rdrand": true,
++        "rdseed": true,
++        "avx512-4vnniw": false,
++        "vmx": false,
++        "vme": true,
++        "dtes64": false,
++        "mtrr": true,
++        "rdtscp": true,
++        "pse36": true,
++        "kvm-pv-tlb-flush": false,
++        "tbm": false,
++        "wdt": false,
++        "pause_filter": false,
++        "sha-ni": false,
++        "model-id": "Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz",
++        "abm": true,
++        "avx512pf": false,
++        "xstore-en": false
++      }
++    }
++  },
++  "id": "model-expansion"
++}
++
++{
++  "return": [
++    {
++      "name": "max",
++      "typename": "max-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": false
++    },
++    {
++      "name": "host",
++      "typename": "host-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": false
++    },
++    {
++      "name": "base",
++      "typename": "base-x86_64-cpu",
++      "unavailable-features": [],
++      "static": true,
++      "migration-safe": true
++    },
++    {
++      "name": "qemu64",
++      "typename": "qemu64-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "qemu32",
++      "typename": "qemu32-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "phenom",
++      "typename": "phenom-x86_64-cpu",
++      "unavailable-features": [
++        "mmxext",
++        "fxsr-opt",
++        "3dnowext",
++        "3dnow",
++        "sse4a",
++        "npt"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "pentium3",
++      "typename": "pentium3-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "pentium2",
++      "typename": "pentium2-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "pentium",
++      "typename": "pentium-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "n270",
++      "typename": "n270-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "kvm64",
++      "typename": "kvm64-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "kvm32",
++      "typename": "kvm32-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "cpu64-rhel6",
++      "typename": "cpu64-rhel6-x86_64-cpu",
++      "unavailable-features": [
++        "sse4a"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "coreduo",
++      "typename": "coreduo-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "core2duo",
++      "typename": "core2duo-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "athlon",
++      "typename": "athlon-x86_64-cpu",
++      "unavailable-features": [
++        "mmxext",
++        "3dnowext",
++        "3dnow"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Westmere",
++      "typename": "Westmere-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Westmere-IBRS",
++      "typename": "Westmere-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Skylake-Server",
++      "typename": "Skylake-Server-x86_64-cpu",
++      "unavailable-features": [
++        "avx512f",
++        "avx512dq",
++        "clwb",
++        "avx512cd",
++        "avx512bw",
++        "avx512vl",
++        "avx512f",
++        "avx512f",
++        "avx512f"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Skylake-Server-IBRS",
++      "typename": "Skylake-Server-IBRS-x86_64-cpu",
++      "unavailable-features": [
++        "avx512f",
++        "avx512dq",
++        "clwb",
++        "avx512cd",
++        "avx512bw",
++        "avx512vl",
++        "avx512f",
++        "avx512f",
++        "avx512f"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Skylake-Client",
++      "typename": "Skylake-Client-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Skylake-Client-IBRS",
++      "typename": "Skylake-Client-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "SandyBridge",
++      "typename": "SandyBridge-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "SandyBridge-IBRS",
++      "typename": "SandyBridge-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Penryn",
++      "typename": "Penryn-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Opteron_G5",
++      "typename": "Opteron_G5-x86_64-cpu",
++      "unavailable-features": [
++        "sse4a",
++        "misalignsse",
++        "xop",
++        "fma4",
++        "tbm"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Opteron_G4",
++      "typename": "Opteron_G4-x86_64-cpu",
++      "unavailable-features": [
++        "sse4a",
++        "misalignsse",
++        "xop",
++        "fma4"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Opteron_G3",
++      "typename": "Opteron_G3-x86_64-cpu",
++      "unavailable-features": [
++        "sse4a",
++        "misalignsse"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Opteron_G2",
++      "typename": "Opteron_G2-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Opteron_G1",
++      "typename": "Opteron_G1-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Nehalem",
++      "typename": "Nehalem-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Nehalem-IBRS",
++      "typename": "Nehalem-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "IvyBridge",
++      "typename": "IvyBridge-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "IvyBridge-IBRS",
++      "typename": "IvyBridge-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Haswell",
++      "typename": "Haswell-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Haswell-noTSX",
++      "typename": "Haswell-noTSX-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Haswell-noTSX-IBRS",
++      "typename": "Haswell-noTSX-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Haswell-IBRS",
++      "typename": "Haswell-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "EPYC",
++      "typename": "EPYC-x86_64-cpu",
++      "unavailable-features": [
++        "sha-ni",
++        "mmxext",
++        "fxsr-opt",
++        "cr8legacy",
++        "sse4a",
++        "misalignsse",
++        "osvw"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "EPYC-IBPB",
++      "typename": "EPYC-IBPB-x86_64-cpu",
++      "unavailable-features": [
++        "sha-ni",
++        "mmxext",
++        "fxsr-opt",
++        "cr8legacy",
++        "sse4a",
++        "misalignsse",
++        "osvw",
++        "ibpb"
++      ],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Conroe",
++      "typename": "Conroe-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Broadwell",
++      "typename": "Broadwell-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Broadwell-noTSX",
++      "typename": "Broadwell-noTSX-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Broadwell-noTSX-IBRS",
++      "typename": "Broadwell-noTSX-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "Broadwell-IBRS",
++      "typename": "Broadwell-IBRS-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    },
++    {
++      "name": "486",
++      "typename": "486-x86_64-cpu",
++      "unavailable-features": [],
++      "static": false,
++      "migration-safe": true
++    }
++  ],
++  "id": "definitions"
++}
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig
+new file mode 100644
+index 0000000000..7e57c2ded6
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.sig
+@@ -0,0 +1,4 @@
++0506e3
++family:     6 (0x06)
++model:     94 (0x5e)
++stepping:   3 (0x03)
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml
+new file mode 100644
+index 0000000000..437429d61d
+--- /dev/null
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5.xml
+@@ -0,0 +1,47 @@
++<!-- Intel(R) Xeon(R) CPU E3-1225 v5 @ 3.30GHz -->
++<cpudata arch='x86'>
++  <cpuid eax_in='0x00000000' ecx_in='0x00' eax='0x00000016' ebx='0x756e6547' ecx='0x6c65746e' edx='0x49656e69'/>
++  <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x000506e3' ebx='0x06100800' ecx='0x7ffafbff' edx='0xbfebfbff'/>
++  <cpuid eax_in='0x00000002' ecx_in='0x00' eax='0x76036301' ebx='0x00f0b6ff' ecx='0x00000000' edx='0x00c30000'/>
++  <cpuid eax_in='0x00000003' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000004' ecx_in='0x00' eax='0x1c004121' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/>
++  <cpuid eax_in='0x00000004' ecx_in='0x01' eax='0x1c004122' ebx='0x01c0003f' ecx='0x0000003f' edx='0x00000000'/>
++  <cpuid eax_in='0x00000004' ecx_in='0x02' eax='0x1c004143' ebx='0x00c0003f' ecx='0x000003ff' edx='0x00000000'/>
++  <cpuid eax_in='0x00000004' ecx_in='0x03' eax='0x1c03c163' ebx='0x03c0003f' ecx='0x00001fff' edx='0x00000006'/>
++  <cpuid eax_in='0x00000005' ecx_in='0x00' eax='0x00000040' ebx='0x00000040' ecx='0x00000003' edx='0x00142120'/>
++  <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x000027f7' ebx='0x00000002' ecx='0x00000009' edx='0x00000000'/>
++  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x029c6fbf' ecx='0x00000000' edx='0x9c002400'/>
++  <cpuid eax_in='0x00000008' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000009' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000a' ecx_in='0x00' eax='0x07300804' ebx='0x00000000' ecx='0x00000000' edx='0x00000603'/>
++  <cpuid eax_in='0x0000000b' ecx_in='0x00' eax='0x00000001' ebx='0x00000001' ecx='0x00000100' edx='0x00000006'/>
++  <cpuid eax_in='0x0000000b' ecx_in='0x01' eax='0x00000004' ebx='0x00000004' ecx='0x00000201' edx='0x00000006'/>
++  <cpuid eax_in='0x0000000c' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x00' eax='0x0000001f' ebx='0x00000440' ecx='0x00000440' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x0000000f' ebx='0x000003c0' ecx='0x00000100' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x02' eax='0x00000100' ebx='0x00000240' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x03' eax='0x00000040' ebx='0x000003c0' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x04' eax='0x00000040' ebx='0x00000400' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000d' ecx_in='0x08' eax='0x00000080' ebx='0x00000000' ecx='0x00000001' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000e' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x0000000f' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000010' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000011' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000012' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000013' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000014' ecx_in='0x00' eax='0x00000001' ebx='0x0000000f' ecx='0x00000007' edx='0x00000000'/>
++  <cpuid eax_in='0x00000014' ecx_in='0x01' eax='0x02490002' ebx='0x003f3fff' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000015' ecx_in='0x00' eax='0x00000002' ebx='0x00000114' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x00000016' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/>
++  <cpuid eax_in='0x80000000' ecx_in='0x00' eax='0x80000008' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
++  <cpuid eax_in='0x80000002' ecx_in='0x00' eax='0x65746e49' ebx='0x2952286c' ecx='0x6f655820' edx='0x2952286e'/>
++  <cpuid eax_in='0x80000003' ecx_in='0x00' eax='0x55504320' ebx='0x2d334520' ecx='0x35323231' edx='0x20357620'/>
++  <cpuid eax_in='0x80000004' ecx_in='0x00' eax='0x2e332040' ebx='0x48473033' ecx='0x0000007a' edx='0x00000000'/>
++  <cpuid eax_in='0x80000005' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x80000006' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x01006040' edx='0x00000000'/>
++  <cpuid eax_in='0x80000007' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000000' edx='0x00000100'/>
++  <cpuid eax_in='0x80000008' ecx_in='0x00' eax='0x00003027' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
++  <cpuid eax_in='0x80860000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/>
++  <cpuid eax_in='0xc0000000' ecx_in='0x00' eax='0x00000ce4' ebx='0x00000e74' ecx='0x00000064' edx='0x00000000'/>
++</cpudata>

0007-cpu_map-Define-md-clear-CPUID-bit.patch

@@ -0,0 +1,102 @@
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Tue, 9 Apr 2019 12:35:52 +0200
+Subject: [PATCH] cpu_map: Define md-clear CPUID bit
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+
+The bit is set when microcode provides the mechanism to invoke a flush
+of various exploitable CPU buffers by invoking the VERW instruction.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 538d873571d7a682852dc1d70e5f4478f4d64e85)
+
+Conflicts:
+        src/cpu_map/x86_features.xml
+            - missing pconfig feature
+
+        tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-guest.xml
+        tests/cputestdata/x86_64-cpuid-Xeon-Platinum-8268-host.xml
+            - test data missing downstream
+
+        tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+        tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+            - intel-pt feature is missing
+	    - stibp feature is missing
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+---
+ src/cpu_map/x86_features.xml                               | 3 +++
+ tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml | 2 +-
+ tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml   | 1 +
+ tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml    | 1 +
+ tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml    | 1 +
+ 5 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/cpu_map/x86_features.xml b/src/cpu_map/x86_features.xml
+index 109c653dbc..c8ae540ccc 100644
+--- a/src/cpu_map/x86_features.xml
++++ b/src/cpu_map/x86_features.xml
+@@ -290,6 +290,9 @@
+   <feature name='avx512-4fmaps'>
+     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
+   </feature>
++  <feature name='md-clear'> <!-- md_clear -->
++    <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000400'/>
++  </feature>
+   <feature name='spec-ctrl'>
+     <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
+   </feature>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+index 0deca9fba6..74763a462b 100644
+--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-enabled.xml
+@@ -2,7 +2,7 @@
+ <cpudata arch='x86'>
+   <cpuid eax_in='0x00000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0xf7fa3203' edx='0x0f8bfbff'/>
+   <cpuid eax_in='0x00000006' ecx_in='0x00' eax='0x00000004' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
+-  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000000'/>
++  <cpuid eax_in='0x00000007' ecx_in='0x00' eax='0x00000000' ebx='0x009c4fbb' ecx='0x00000000' edx='0x8c000400'/>
+   <cpuid eax_in='0x0000000d' ecx_in='0x01' eax='0x00000007' ebx='0x00000000' ecx='0x00000000' edx='0x00000000'/>
+   <cpuid eax_in='0x80000001' ecx_in='0x00' eax='0x00000000' ebx='0x00000000' ecx='0x00000121' edx='0x2c100800'/>
+ </cpudata>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+index 993db80cc9..29c1fdb80a 100644
+--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-guest.xml
+@@ -19,6 +19,7 @@
+   <feature policy='require' name='osxsave'/>
+   <feature policy='require' name='tsc_adjust'/>
+   <feature policy='require' name='clflushopt'/>
++  <feature policy='require' name='md-clear'/>
+   <feature policy='require' name='ssbd'/>
+   <feature policy='require' name='xsaves'/>
+   <feature policy='require' name='pdpe1gb'/>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+index 074a39ba1d..2003ca9ef6 100644
+--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-host.xml
+@@ -20,6 +20,7 @@
+   <feature name='osxsave'/>
+   <feature name='tsc_adjust'/>
+   <feature name='clflushopt'/>
++  <feature name='md-clear'/>
+   <feature name='ssbd'/>
+   <feature name='xsaves'/>
+   <feature name='pdpe1gb'/>
+diff --git a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+index 1984bd4cf2..d6529c59a3 100644
+--- a/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
++++ b/tests/cputestdata/x86_64-cpuid-Xeon-E3-1225-v5-json.xml
+@@ -5,6 +5,7 @@
+   <feature policy='require' name='hypervisor'/>
+   <feature policy='require' name='tsc_adjust'/>
+   <feature policy='require' name='clflushopt'/>
++  <feature policy='require' name='md-clear'/>
+   <feature policy='require' name='ssbd'/>
+   <feature policy='require' name='pdpe1gb'/>
+ </cpu>

0008-admin-reject-clients-unless-their-UID-matches-the-cu.patch

@@ -0,0 +1,54 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 17:26:13 +0100
+Subject: [PATCH] admin: reject clients unless their UID matches the current
+ UID
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The admin protocol RPC messages are only intended for use by the user
+running the daemon. As such they should not be allowed for any client
+UID that does not match the server UID.
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
+---
+ src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
+ 1 file changed, 22 insertions(+)
+
+diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c
+index b78ff902c0..9f25813ae3 100644
+--- a/src/admin/admin_server_dispatch.c
++++ b/src/admin/admin_server_dispatch.c
+@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED,
+                    void *opaque)
+ {
+     struct daemonAdmClientPrivate *priv;
++    uid_t clientuid;
++    gid_t clientgid;
++    pid_t clientpid;
++    unsigned long long timestamp;
++
++    if (virNetServerClientGetUNIXIdentity(client,
++                                          &clientuid,
++                                          &clientgid,
++                                          &clientpid,
++                                          &timestamp) < 0)
++        return NULL;
++
++    VIR_DEBUG("New client pid %lld uid %lld",
++              (long long)clientpid,
++              (long long)clientuid);
++
++    if (geteuid() != clientuid) {
++        virReportRestrictedError(_("Disallowing client %lld with uid %lld"),
++                                 (long long)clientpid,
++                                 (long long)clientuid);
++        return NULL;
++    }
+ 
+     if (VIR_ALLOC(priv) < 0)
+         return NULL;

0009-locking-restrict-sockets-to-mode-0600.patch

@@ -0,0 +1,47 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 16:51:37 +0100
+Subject: [PATCH] locking: restrict sockets to mode 0600
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virtlockd daemon's only intended client is the libvirtd daemon. As
+such it should never allow clients from other user accounts to connect.
+The code already enforces this and drops clients from other UIDs, but
+we can get earlier (and thus stronger) protection against DoS by setting
+the socket permissions to 0600
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1)
+---
+ src/locking/virtlockd-admin.socket.in | 1 +
+ src/locking/virtlockd.socket.in       | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/src/locking/virtlockd-admin.socket.in b/src/locking/virtlockd-admin.socket.in
+index 2a7500f3d0..f674c492f7 100644
+--- a/src/locking/virtlockd-admin.socket.in
++++ b/src/locking/virtlockd-admin.socket.in
+@@ -5,6 +5,7 @@ Before=libvirtd.service
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlockd-admin-sock
+ Service=virtlockd.service
++SocketMode=0600
+ 
+ [Install]
+ WantedBy=sockets.target
+diff --git a/src/locking/virtlockd.socket.in b/src/locking/virtlockd.socket.in
+index 45e0f20235..d701b27516 100644
+--- a/src/locking/virtlockd.socket.in
++++ b/src/locking/virtlockd.socket.in
+@@ -4,6 +4,7 @@ Before=libvirtd.service
+ 
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlockd-sock
++SocketMode=0600
+ 
+ [Install]
+ WantedBy=sockets.target

0010-logging-restrict-sockets-to-mode-0600.patch

@@ -0,0 +1,47 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 17:27:41 +0100
+Subject: [PATCH] logging: restrict sockets to mode 0600
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virtlogd daemon's only intended client is the libvirtd daemon. As
+such it should never allow clients from other user accounts to connect.
+The code already enforces this and drops clients from other UIDs, but
+we can get earlier (and thus stronger) protection against DoS by setting
+the socket permissions to 0600
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f)
+---
+ src/logging/virtlogd-admin.socket.in | 1 +
+ src/logging/virtlogd.socket.in       | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/src/logging/virtlogd-admin.socket.in b/src/logging/virtlogd-admin.socket.in
+index 595e6c4c4b..5c41dfeb7b 100644
+--- a/src/logging/virtlogd-admin.socket.in
++++ b/src/logging/virtlogd-admin.socket.in
+@@ -5,6 +5,7 @@ Before=libvirtd.service
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlogd-admin-sock
+ Service=virtlogd.service
++SocketMode=0600
+ 
+ [Install]
+ WantedBy=sockets.target
+diff --git a/src/logging/virtlogd.socket.in b/src/logging/virtlogd.socket.in
+index 22b9360c8d..ae48cdab9a 100644
+--- a/src/logging/virtlogd.socket.in
++++ b/src/logging/virtlogd.socket.in
+@@ -4,6 +4,7 @@ Before=libvirtd.service
+ 
+ [Socket]
+ ListenStream=@localstatedir@/run/libvirt/virtlogd-sock
++SocketMode=0600
+ 
+ [Install]
+ WantedBy=sockets.target

0011-api-disallow-virDomainSaveImageGetXMLDesc-on-read-on.patch

@@ -0,0 +1,80 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 08:47:42 +0200
+Subject: [PATCH] api: disallow virDomainSaveImageGetXMLDesc on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virDomainSaveImageGetXMLDesc API is taking a path parameter,
+which can point to any path on the system. This file will then be
+read and parsed by libvirtd running with root privileges.
+
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10161
+Reported-by: Matthias Gerstner <mgerstner@suse.de>
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit aed6a032cead4386472afb24b16196579e239580)
+---
+ src/libvirt-domain.c         | 10 ++--------
+ src/qemu/qemu_driver.c       |  2 +-
+ src/remote/remote_protocol.x |  3 +--
+ 3 files changed, 4 insertions(+), 11 deletions(-)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index ef460277f7..cda579180b 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -1073,8 +1073,7 @@ virDomainRestoreFlags(virConnectPtr conn, const char *from, const char *dxml,
+  * previously by virDomainSave() or virDomainSaveFlags().
+  *
+  * No security-sensitive data will be included unless @flags contains
+- * VIR_DOMAIN_XML_SECURE; this flag is rejected on read-only
+- * connections.  For this API, @flags should not contain either
++ * VIR_DOMAIN_XML_SECURE
+  * VIR_DOMAIN_XML_INACTIVE or VIR_DOMAIN_XML_UPDATE_CPU.
+  *
+  * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of
+@@ -1091,12 +1090,7 @@ virDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *file,
+ 
+     virCheckConnectReturn(conn, NULL);
+     virCheckNonNullArgGoto(file, error);
+-
+-    if ((conn->flags & VIR_CONNECT_RO) && (flags & VIR_DOMAIN_XML_SECURE)) {
+-        virReportError(VIR_ERR_OPERATION_DENIED, "%s",
+-                       _("virDomainSaveImageGetXMLDesc with secure flag"));
+-        goto error;
+-    }
++    virCheckReadOnlyGoto(conn->flags, error);
+ 
+     if (conn->driver->domainSaveImageGetXMLDesc) {
+         char *ret;
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 75f8699e7d..933f71c7b8 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -6791,7 +6791,7 @@ qemuDomainSaveImageGetXMLDesc(virConnectPtr conn, const char *path,
+     if (fd < 0)
+         goto cleanup;
+ 
+-    if (virDomainSaveImageGetXMLDescEnsureACL(conn, def, flags) < 0)
++    if (virDomainSaveImageGetXMLDescEnsureACL(conn, def) < 0)
+         goto cleanup;
+ 
+     ret = qemuDomainDefFormatXML(driver, def, flags);
+diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
+index 28c8febabd..52b92334fa 100644
+--- a/src/remote/remote_protocol.x
++++ b/src/remote/remote_protocol.x
+@@ -5226,8 +5226,7 @@ enum remote_procedure {
+     /**
+      * @generate: both
+      * @priority: high
+-     * @acl: domain:read
+-     * @acl: domain:read_secure:VIR_DOMAIN_XML_SECURE
++     * @acl: domain:write
+      */
+     REMOTE_PROC_DOMAIN_SAVE_IMAGE_GET_XML_DESC = 235,
+ 

0012-api-disallow-virDomainManagedSaveDefineXML-on-read-o.patch

@@ -0,0 +1,33 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:14:53 +0200
+Subject: [PATCH] api: disallow virDomainManagedSaveDefineXML on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virDomainManagedSaveDefineXML can be used to alter the domain's
+config used for managedsave or even execute arbitrary emulator binaries.
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10166
+Reported-by: Matthias Gerstner <mgerstner@suse.de>
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a)
+---
+ src/libvirt-domain.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index cda579180b..4c0355180e 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -9483,6 +9483,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml,
+ 
+     virCheckDomainReturn(domain, -1);
+     conn = domain->conn;
++    virCheckReadOnlyGoto(conn->flags, error);
+ 
+     if (conn->driver->domainManagedSaveDefineXML) {
+         int ret;

0013-api-disallow-virConnectGetDomainCapabilities-on-read.patch

@@ -0,0 +1,31 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:16:14 +0200
+Subject: [PATCH] api: disallow virConnectGetDomainCapabilities on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This API can be used to execute arbitrary emulators.
+Forbid it on read-only connections.
+
+Fixes: CVE-2019-10167
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26)
+---
+ src/libvirt-domain.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index 4c0355180e..8ecb964381 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -11275,6 +11275,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn,
+     virResetLastError();
+ 
+     virCheckConnectReturn(conn, NULL);
++    virCheckReadOnlyGoto(conn->flags, error);
+ 
+     if (conn->driver->connectGetDomainCapabilities) {
+         char *ret;

0014-api-disallow-virConnect-HypervisorCPU-on-read-only-c.patch

@@ -0,0 +1,39 @@
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Fri, 14 Jun 2019 09:17:39 +0200
+Subject: [PATCH] api: disallow virConnect*HypervisorCPU on read-only
+ connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+These APIs can be used to execute arbitrary emulators.
+Forbid them on read-only connections.
+
+Fixes: CVE-2019-10168
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291)
+---
+ src/libvirt-host.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/libvirt-host.c b/src/libvirt-host.c
+index e20d6ee250..2978825d22 100644
+--- a/src/libvirt-host.c
++++ b/src/libvirt-host.c
+@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn,
+ 
+     virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR);
+     virCheckNonNullArgGoto(xmlCPU, error);
++    virCheckReadOnlyGoto(conn->flags, error);
+ 
+     if (conn->driver->connectCompareHypervisorCPU) {
+         int ret;
+@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn,
+ 
+     virCheckConnectReturn(conn, NULL);
+     virCheckNonNullArgGoto(xmlCPUs, error);
++    virCheckReadOnlyGoto(conn->flags, error);
+ 
+     if (conn->driver->connectBaselineHypervisorCPU) {
+         char *cpu;

0015-api-disallow-virDomainGetHostname-for-read-only-conn.patch

@@ -0,0 +1,32 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Wed, 27 Mar 2019 10:59:58 +0000
+Subject: [PATCH] api: disallow virDomainGetHostname for read-only connections
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The virDomainGetHostname API is fetching guest information and this may
+involve use of an untrusted guest agent. As such its use must be
+forbidden on a read-only connection to libvirt.
+
+Fixes CVE-2019-3886
+Reviewed-by: Jim Fehlig <jfehlig@suse.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 2a07c990bd9143d7a0fe8d1b6b7c763c52185240)
+---
+ src/libvirt-domain.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
+index 8ecb964381..cc2f61275d 100644
+--- a/src/libvirt-domain.c
++++ b/src/libvirt-domain.c
+@@ -10940,6 +10940,8 @@ virDomainGetHostname(virDomainPtr domain, unsigned int flags)
+     virCheckDomainReturn(domain, NULL);
+     conn = domain->conn;
+ 
++    virCheckReadOnlyGoto(domain->conn->flags, error);
++
+     if (conn->driver->domainGetHostname) {
+         char *ret;
+         ret = conn->driver->domainGetHostname(domain, flags);

0016-remote-enforce-ACL-write-permission-for-getting-gues.patch

@@ -0,0 +1,42 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Wed, 27 Mar 2019 11:22:49 +0000
+Subject: [PATCH] remote: enforce ACL write permission for getting guest time &
+ hostname
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Getting the guest time and hostname both require use of guest agent
+commands. These must not be allowed for read-only users, so the
+permissions check must validate "write" permission not "read".
+
+Fixes CVE-2019-3886
+Reviewed-by: Jim Fehlig <jfehlig@suse.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit ae076bb40e0e150aef41361b64001138d04d6c60)
+---
+ src/remote/remote_protocol.x | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
+index 52b92334fa..58ab4ab039 100644
+--- a/src/remote/remote_protocol.x
++++ b/src/remote/remote_protocol.x
+@@ -5496,7 +5496,7 @@ enum remote_procedure {
+ 
+     /**
+      * @generate: both
+-     * @acl: domain:read
++     * @acl: domain:write
+      */
+     REMOTE_PROC_DOMAIN_GET_HOSTNAME = 277,
+ 
+@@ -5891,7 +5891,7 @@ enum remote_procedure {
+ 
+     /**
+      * @generate: none
+-     * @acl: domain:read
++     * @acl: domain:write
+      */
+     REMOTE_PROC_DOMAIN_GET_TIME = 337,
+ 

0017-Revert-qemu-hotplug-Prepare-disk-source-in-qemuDomai.patch

@@ -0,0 +1,75 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Mon, 24 Sep 2018 16:49:01 +0200
+Subject: [PATCH] Revert "qemu: hotplug: Prepare disk source in
+ qemuDomainAttachDeviceDiskLive"
+
+Preparing the storage source prior to assigning the alias will not work
+as the names of the certain objects depend on the alias for the legacy
+hotplug case as we generate the object names for the secrets based on
+the alias.
+
+This reverts commit 192fdaa614e3800255048a8a70c1292ccf18397a.
+
+Signed-off-by: Peter Krempa <pkrempa@redhat.com>
+(cherry picked from commit 9ac196997839a29486029a02d8f519df54ae0186)
+---
+ src/qemu/qemu_hotplug.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
+index 4f290b5648..421cc2c174 100644
+--- a/src/qemu/qemu_hotplug.c
++++ b/src/qemu/qemu_hotplug.c
+@@ -781,6 +781,7 @@ qemuDomainAttachDiskGeneric(virQEMUDriverPtr driver,
+     qemuDomainObjPrivatePtr priv = vm->privateData;
+     qemuHotplugDiskSourceDataPtr diskdata = NULL;
+     char *devstr = NULL;
++    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+ 
+     if (qemuHotplugPrepareDiskAccess(driver, vm, disk, NULL, false) < 0)
+         goto cleanup;
+@@ -788,6 +789,9 @@ qemuDomainAttachDiskGeneric(virQEMUDriverPtr driver,
+     if (qemuAssignDeviceDiskAlias(vm->def, disk, priv->qemuCaps) < 0)
+         goto error;
+ 
++    if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0)
++        goto error;
++
+     if (!(diskdata = qemuHotplugDiskSourceAttachPrepare(disk, priv->qemuCaps)))
+         goto error;
+ 
+@@ -822,6 +826,7 @@ qemuDomainAttachDiskGeneric(virQEMUDriverPtr driver,
+     qemuHotplugDiskSourceDataFree(diskdata);
+     qemuDomainSecretDiskDestroy(disk);
+     VIR_FREE(devstr);
++    virObjectUnref(cfg);
+     return ret;
+ 
+  exit_monitor:
+@@ -1062,8 +1067,6 @@ qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver,
+                                bool forceMediaChange)
+ {
+     size_t i;
+-    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+-    qemuDomainObjPrivatePtr priv = vm->privateData;
+     virDomainDiskDefPtr disk = dev->data.disk;
+     virDomainDiskDefPtr orig_disk = NULL;
+     int ret = -1;
+@@ -1080,9 +1083,6 @@ qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver,
+     if (qemuDomainDetermineDiskChain(driver, vm, disk, true) < 0)
+         goto cleanup;
+ 
+-    if (qemuDomainPrepareDiskSource(disk, priv, cfg) < 0)
+-        goto cleanup;
+-
+     switch ((virDomainDiskDevice) disk->device)  {
+     case VIR_DOMAIN_DISK_DEVICE_CDROM:
+     case VIR_DOMAIN_DISK_DEVICE_FLOPPY:
+@@ -1153,7 +1153,6 @@ qemuDomainAttachDeviceDiskLive(virQEMUDriverPtr driver,
+  cleanup:
+     if (ret != 0)
+         ignore_value(qemuRemoveSharedDevice(driver, dev, vm->def->name));
+-    virObjectUnref(cfg);
+     return ret;
+ }
+ 

0018-util-Fixing-invalid-error-checking-from-virPCIGetNet.patch

@@ -0,0 +1,29 @@
+From: Radoslaw Biernacki <radoslaw.biernacki@linaro.org>
+Date: Tue, 22 Jan 2019 12:26:15 -0700
+Subject: [PATCH] util: Fixing invalid error checking from virPCIGetNetname()
+
+The @linkdev is In/Out function parameter as second order
+reference pointer so requires first order dereference for
+checking NULL which can be the result of virPCIGetNetName().
+
+Fixes: d6ee56d7237 (util: change virPCIGetNetName() to not return error if device has no net name)
+Signed-off-by: Radoslaw Biernacki <radoslaw.biernacki@linaro.org>
+Signed-off-by: dann frazier <dann.frazier@canonical.com>
+(cherry picked from commit 04983c3c6a821f67994b1c65d4d6175f3ac49d69)
+---
+ src/util/virhostdev.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/util/virhostdev.c b/src/util/virhostdev.c
+index ca79c37787..d9a3711386 100644
+--- a/src/util/virhostdev.c
++++ b/src/util/virhostdev.c
+@@ -319,7 +319,7 @@ virHostdevNetDevice(virDomainHostdevDefPtr hostdev,
+         if (virPCIGetNetName(sysfs_path, 0, NULL, linkdev) < 0)
+             return -1;
+ 
+-        if (!linkdev) {
++        if (!(*linkdev)) {
+             virReportError(VIR_ERR_INTERNAL_ERROR,
+                            _("The device at %s has no network device name"),
+                              sysfs_path);

0019-tests-merge-code-for-UNIX-and-TCP-socket-testing.patch

@@ -0,0 +1,203 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 1 May 2018 11:34:51 +0100
+Subject: [PATCH] tests: merge code for UNIX and TCP socket testing
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The test code for UNIX and TCP sockets will need to be rewritten and
+extended later, and will benefit from code sharing.
+
+Reviewed-by: Andrea Bolognani <abologna@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 9e2fad87b429060842a536de26d6af61ea3d96ea)
+---
+ tests/virnetsockettest.c | 120 +++++++++++++++++----------------------
+ 1 file changed, 51 insertions(+), 69 deletions(-)
+
+diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
+index 9f9a243484..e463d432ff 100644
+--- a/tests/virnetsockettest.c
++++ b/tests/virnetsockettest.c
+@@ -116,38 +116,67 @@ checkProtocols(bool *hasIPv4, bool *hasIPv6,
+ }
+ 
+ 
+-struct testTCPData {
++struct testSocketData {
+     const char *lnode;
+     int port;
+     const char *cnode;
+ };
+ 
+-static int testSocketTCPAccept(const void *opaque)
++static int testSocketAccept(const void *opaque)
+ {
+     virNetSocketPtr *lsock = NULL; /* Listen socket */
+     size_t nlsock = 0, i;
+     virNetSocketPtr ssock = NULL; /* Server socket */
+     virNetSocketPtr csock = NULL; /* Client socket */
+-    const struct testTCPData *data = opaque;
++    const struct testSocketData *data = opaque;
+     int ret = -1;
+     char portstr[100];
++    char *tmpdir = NULL;
++    char *path = NULL;
++    char template[] = "/tmp/libvirt_XXXXXX";
+ 
+-    snprintf(portstr, sizeof(portstr), "%d", data->port);
++    if (!data) {
++        virNetSocketPtr usock;
++        tmpdir = mkdtemp(template);
++        if (tmpdir == NULL) {
++            VIR_WARN("Failed to create temporary directory");
++            goto cleanup;
++        }
++        if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
++            goto cleanup;
+ 
+-    if (virNetSocketNewListenTCP(data->lnode, portstr,
+-                                 AF_UNSPEC,
+-                                 &lsock, &nlsock) < 0)
+-        goto cleanup;
++        if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &usock) < 0)
++            goto cleanup;
++
++        if (VIR_ALLOC_N(lsock, 1) < 0) {
++            virObjectUnref(usock);
++            goto cleanup;
++        }
++
++        lsock[0] = usock;
++        nlsock = 1;
++    } else {
++        snprintf(portstr, sizeof(portstr), "%d", data->port);
++        if (virNetSocketNewListenTCP(data->lnode, portstr,
++                                     AF_UNSPEC,
++                                     &lsock, &nlsock) < 0)
++            goto cleanup;
++    }
+ 
+     for (i = 0; i < nlsock; i++) {
+         if (virNetSocketListen(lsock[i], 0) < 0)
+             goto cleanup;
+     }
+ 
+-    if (virNetSocketNewConnectTCP(data->cnode, portstr,
+-                                  AF_UNSPEC,
+-                                  &csock) < 0)
+-        goto cleanup;
++    if (!data) {
++        if (virNetSocketNewConnectUNIX(path, false, NULL, &csock) < 0)
++            goto cleanup;
++    } else {
++        if (virNetSocketNewConnectTCP(data->cnode, portstr,
++                                      AF_UNSPEC,
++                                      &csock) < 0)
++            goto cleanup;
++    }
+ 
+     virObjectUnref(csock);
+ 
+@@ -171,62 +200,15 @@ static int testSocketTCPAccept(const void *opaque)
+     for (i = 0; i < nlsock; i++)
+         virObjectUnref(lsock[i]);
+     VIR_FREE(lsock);
+-    return ret;
+-}
+-#endif
+-
+-
+-#ifndef WIN32
+-static int testSocketUNIXAccept(const void *data ATTRIBUTE_UNUSED)
+-{
+-    virNetSocketPtr lsock = NULL; /* Listen socket */
+-    virNetSocketPtr ssock = NULL; /* Server socket */
+-    virNetSocketPtr csock = NULL; /* Client socket */
+-    int ret = -1;
+-
+-    char *path = NULL;
+-    char *tmpdir;
+-    char template[] = "/tmp/libvirt_XXXXXX";
+-
+-    tmpdir = mkdtemp(template);
+-    if (tmpdir == NULL) {
+-        VIR_WARN("Failed to create temporary directory");
+-        goto cleanup;
+-    }
+-    if (virAsprintf(&path, "%s/test.sock", tmpdir) < 0)
+-        goto cleanup;
+-
+-    if (virNetSocketNewListenUNIX(path, 0700, -1, getegid(), &lsock) < 0)
+-        goto cleanup;
+-
+-    if (virNetSocketListen(lsock, 0) < 0)
+-        goto cleanup;
+-
+-    if (virNetSocketNewConnectUNIX(path, false, NULL, &csock) < 0)
+-        goto cleanup;
+-
+-    virObjectUnref(csock);
+-
+-    if (virNetSocketAccept(lsock, &ssock) != -1) {
+-        char c = 'a';
+-        if (virNetSocketWrite(ssock, &c, 1) != -1) {
+-            VIR_DEBUG("Unexpected client socket present");
+-            goto cleanup;
+-        }
+-    }
+-
+-    ret = 0;
+-
+- cleanup:
+     VIR_FREE(path);
+-    virObjectUnref(lsock);
+-    virObjectUnref(ssock);
+     if (tmpdir)
+         rmdir(tmpdir);
+     return ret;
+ }
++#endif
+ 
+ 
++#ifndef WIN32
+ static int testSocketUNIXAddrs(const void *data ATTRIBUTE_UNUSED)
+ {
+     virNetSocketPtr lsock = NULL; /* Listen socket */
+@@ -456,28 +438,28 @@ mymain(void)
+     }
+ 
+     if (hasIPv4) {
+-        struct testTCPData tcpData = { "127.0.0.1", freePort, "127.0.0.1" };
+-        if (virTestRun("Socket TCP/IPv4 Accept", testSocketTCPAccept, &tcpData) < 0)
++        struct testSocketData tcpData = { "127.0.0.1", freePort, "127.0.0.1" };
++        if (virTestRun("Socket TCP/IPv4 Accept", testSocketAccept, &tcpData) < 0)
+             ret = -1;
+     }
+     if (hasIPv6) {
+-        struct testTCPData tcpData = { "::1", freePort, "::1" };
+-        if (virTestRun("Socket TCP/IPv6 Accept", testSocketTCPAccept, &tcpData) < 0)
++        struct testSocketData tcpData = { "::1", freePort, "::1" };
++        if (virTestRun("Socket TCP/IPv6 Accept", testSocketAccept, &tcpData) < 0)
+             ret = -1;
+     }
+     if (hasIPv6 && hasIPv4) {
+-        struct testTCPData tcpData = { NULL, freePort, "127.0.0.1" };
+-        if (virTestRun("Socket TCP/IPv4+IPv6 Accept", testSocketTCPAccept, &tcpData) < 0)
++        struct testSocketData tcpData = { NULL, freePort, "127.0.0.1" };
++        if (virTestRun("Socket TCP/IPv4+IPv6 Accept", testSocketAccept, &tcpData) < 0)
+             ret = -1;
+ 
+         tcpData.cnode = "::1";
+-        if (virTestRun("Socket TCP/IPv4+IPv6 Accept", testSocketTCPAccept, &tcpData) < 0)
++        if (virTestRun("Socket TCP/IPv4+IPv6 Accept", testSocketAccept, &tcpData) < 0)
+             ret = -1;
+     }
+ #endif
+ 
+ #ifndef WIN32
+-    if (virTestRun("Socket UNIX Accept", testSocketUNIXAccept, NULL) < 0)
++    if (virTestRun("Socket UNIX Accept", testSocketAccept, NULL) < 0)
+         ret = -1;
+ 
+     if (virTestRun("Socket UNIX Addrs", testSocketUNIXAddrs, NULL) < 0)

0020-tests-rewrite-socket-to-do-something-sensible-and-re.patch

@@ -0,0 +1,241 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 1 May 2018 11:55:02 +0100
+Subject: [PATCH] tests: rewrite socket to do something sensible and reliable
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The current socket test is rather crazy in that it sets up a server
+listening for sockets and then runs a client connect call, relying on
+the fact that the kernel will accept this despite the application
+not having called accept() yet. It then closes the client socket and
+calls accept() on the server. On Linux accept() will always see that
+the client has gone and so skip the rest of the code. On FreeBSD,
+however, the accept sometimes succeeds, causing us to then go into
+code that attempts to read and write to the client which will fail
+aborting the test. The accept() never succeeds on FreeBSD guests
+with a single CPU, but as you add more CPUs, accept() becomes more and
+more likely to succeed, giving a 100% failure rate for the test when
+using 8 CPUs.
+
+This completely rewrites the test so that it is avoids this designed in
+race condition. We simply spawn a background thread to act as the
+client, which will read a byte from the server and write it back again.
+The main thread can now properly listen and accept the client in a
+synchronous manner avoiding any races.
+
+Reviewed-by: Andrea Bolognani <abologna@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 39015a6f3a0d4f9ca2041b9227094f0bcc2217e9)
+---
+ tests/virnetsockettest.c | 141 +++++++++++++++++++++++++++++++++------
+ 1 file changed, 120 insertions(+), 21 deletions(-)
+
+diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
+index e463d432ff..cccb90d0be 100644
+--- a/tests/virnetsockettest.c
++++ b/tests/virnetsockettest.c
+@@ -115,6 +115,56 @@ checkProtocols(bool *hasIPv4, bool *hasIPv6,
+     return ret;
+ }
+ 
++struct testClientData {
++    const char *path;
++    const char *cnode;
++    const char *portstr;
++};
++
++static void
++testSocketClient(void *opaque)
++{
++    struct testClientData *data = opaque;
++    char c;
++    virNetSocketPtr csock = NULL;
++
++    if (data->path) {
++        if (virNetSocketNewConnectUNIX(data->path, false,
++                                       NULL, &csock) < 0)
++            return;
++    } else {
++        if (virNetSocketNewConnectTCP(data->cnode, data->portstr,
++                                      AF_UNSPEC,
++                                      &csock) < 0)
++            return;
++    }
++
++    virNetSocketSetBlocking(csock, true);
++
++    if (virNetSocketRead(csock, &c, 1) != 1) {
++        VIR_DEBUG("Cannot read from server");
++        goto done;
++    }
++    if (virNetSocketWrite(csock, &c, 1) != 1) {
++        VIR_DEBUG("Cannot write to server");
++        goto done;
++    }
++
++ done:
++    virObjectUnref(csock);
++}
++
++
++static void
++testSocketIncoming(virNetSocketPtr sock,
++                   int events ATTRIBUTE_UNUSED,
++                   void *opaque)
++{
++    virNetSocketPtr *retsock = opaque;
++    VIR_DEBUG("Incoming sock=%p events=%d\n", sock, events);
++    *retsock = sock;
++}
++
+ 
+ struct testSocketData {
+     const char *lnode;
+@@ -122,18 +172,25 @@ struct testSocketData {
+     const char *cnode;
+ };
+ 
+-static int testSocketAccept(const void *opaque)
++
++static int
++testSocketAccept(const void *opaque)
+ {
+     virNetSocketPtr *lsock = NULL; /* Listen socket */
+     size_t nlsock = 0, i;
+     virNetSocketPtr ssock = NULL; /* Server socket */
+-    virNetSocketPtr csock = NULL; /* Client socket */
++    virNetSocketPtr rsock = NULL; /* Incoming client socket */
+     const struct testSocketData *data = opaque;
+     int ret = -1;
+     char portstr[100];
+     char *tmpdir = NULL;
+     char *path = NULL;
+     char template[] = "/tmp/libvirt_XXXXXX";
++    virThread th;
++    struct testClientData cdata = { 0 };
++    bool goodsock = false;
++    char a = 'a';
++    char b = '\0';
+ 
+     if (!data) {
+         virNetSocketPtr usock;
+@@ -155,50 +212,90 @@ static int testSocketAccept(const void *opaque)
+ 
+         lsock[0] = usock;
+         nlsock = 1;
++
++        cdata.path = path;
+     } else {
+         snprintf(portstr, sizeof(portstr), "%d", data->port);
+         if (virNetSocketNewListenTCP(data->lnode, portstr,
+                                      AF_UNSPEC,
+                                      &lsock, &nlsock) < 0)
+             goto cleanup;
++
++        cdata.cnode = data->cnode;
++        cdata.portstr = portstr;
+     }
+ 
+     for (i = 0; i < nlsock; i++) {
+         if (virNetSocketListen(lsock[i], 0) < 0)
+             goto cleanup;
+-    }
+ 
+-    if (!data) {
+-        if (virNetSocketNewConnectUNIX(path, false, NULL, &csock) < 0)
+-            goto cleanup;
+-    } else {
+-        if (virNetSocketNewConnectTCP(data->cnode, portstr,
+-                                      AF_UNSPEC,
+-                                      &csock) < 0)
++        if (virNetSocketAddIOCallback(lsock[i],
++                                      VIR_EVENT_HANDLE_READABLE,
++                                      testSocketIncoming,
++                                      &rsock,
++                                      NULL) < 0) {
+             goto cleanup;
++        }
+     }
+ 
+-    virObjectUnref(csock);
++    if (virThreadCreate(&th, true,
++                        testSocketClient,
++                        &cdata) < 0)
++        goto cleanup;
++
++    while (rsock == NULL)
++        virEventRunDefaultImpl();
+ 
+     for (i = 0; i < nlsock; i++) {
+-        if (virNetSocketAccept(lsock[i], &ssock) != -1 && ssock) {
+-            char c = 'a';
+-            if (virNetSocketWrite(ssock, &c, 1) != -1 &&
+-                virNetSocketRead(ssock, &c, 1) != -1) {
+-                VIR_DEBUG("Unexpected client socket present");
+-                goto cleanup;
+-            }
++        if (lsock[i] == rsock) {
++            goodsock = true;
++            break;
+         }
+-        virObjectUnref(ssock);
+-        ssock = NULL;
+     }
+ 
++    if (!goodsock) {
++        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
++                       "Unexpected server socket seen");
++        goto join;
++    }
++
++    if (virNetSocketAccept(rsock, &ssock) < 0)
++        goto join;
++
++    if (!ssock) {
++        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
++                       "Client went away unexpectedly");
++        goto join;
++    }
++
++    virNetSocketSetBlocking(ssock, true);
++
++    if (virNetSocketWrite(ssock, &a, 1) < 0 ||
++        virNetSocketRead(ssock, &b, 1) < 0) {
++        goto join;
++    }
++
++    if (a != b) {
++        virReportError(VIR_ERR_INTERNAL_ERROR,
++                       "Bad data received '%x' != '%x'", a, b);
++        goto join;
++    }
++
++    virObjectUnref(ssock);
++    ssock = NULL;
++
+     ret = 0;
+ 
++ join:
++    virThreadJoin(&th);
++
+  cleanup:
+     virObjectUnref(ssock);
+-    for (i = 0; i < nlsock; i++)
++    for (i = 0; i < nlsock; i++) {
++        virNetSocketRemoveIOCallback(lsock[i]);
++        virNetSocketClose(lsock[i]);
+         virObjectUnref(lsock[i]);
++    }
+     VIR_FREE(lsock);
+     VIR_FREE(path);
+     if (tmpdir)
+@@ -431,6 +528,8 @@ mymain(void)
+ 
+     signal(SIGPIPE, SIG_IGN);
+ 
++    virEventRegisterDefaultImpl();
++
+ #ifdef HAVE_IFADDRS_H
+     if (checkProtocols(&hasIPv4, &hasIPv6, &freePort) < 0) {
+         fprintf(stderr, "Cannot identify IPv4/6 availability\n");

0021-test-Remove-possible-infinite-loop-in-virnetsockette.patch

@@ -0,0 +1,34 @@
+From: John Ferlan <jferlan@redhat.com>
+Date: Fri, 7 Sep 2018 08:20:15 -0400
+Subject: [PATCH] test: Remove possible infinite loop in virnetsockettest
+
+Commit 39015a6f3 modified the test to be more reliable/realistic,
+but without checking the return status of virEventRunDefaultImpl
+it's possible that the test could run infinitely.
+
+Found by Coverity
+
+Signed-off-by: John Ferlan <jferlan@redhat.com>
+ACKed-by: Michal Privoznik <mprivozn@redhat.com>
+(cherry picked from commit a0ba31c0069e89f178f064e724ddbc8540b64d32)
+---
+ tests/virnetsockettest.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/tests/virnetsockettest.c b/tests/virnetsockettest.c
+index cccb90d0be..5927be1f80 100644
+--- a/tests/virnetsockettest.c
++++ b/tests/virnetsockettest.c
+@@ -243,8 +243,10 @@ testSocketAccept(const void *opaque)
+                         &cdata) < 0)
+         goto cleanup;
+ 
+-    while (rsock == NULL)
+-        virEventRunDefaultImpl();
++    while (rsock == NULL) {
++        if (virEventRunDefaultImpl() < 0)
++            break;
++    }
+ 
+     for (i = 0; i < nlsock; i++) {
+         if (lsock[i] == rsock) {

Makefile

@@ -4,7 +4,7 @@ NAME := libvirt
 SPECFILE = $(firstword $(wildcard *.spec))
 
 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef
 
 MAKEFILE_COMMON := $(shell $(find-makefile-common))

libvirt-0.6.4-svirt-sound.patch

@@ -1,33 +0,0 @@
---- src/qemu_conf.c.orig	2009-05-29 19:24:59.000000000 +0200
-+++ src/qemu_conf.c	2009-05-29 19:19:39.000000000 +0200
-@@ -792,6 +792,20 @@ int qemudBuildCommandLine(virConnectPtr 
-     char uuid[VIR_UUID_STRING_BUFLEN];
-     char domid[50];
-     const char *cpu = NULL;
-+    int skipSound = 0;
-+
-+    if (driver->securityDriver &&
-+        driver->securityDriver->name &&
-+        STREQ(driver->securityDriver->name, "selinux") &&
-+        getuid() == 0) {
-+        static int soundWarned = 0; 
-+        skipSound = 1;
-+        if (def->nsounds &&
-+            !soundWarned) {
-+            soundWarned = 1;
-+            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
-+        }
-+    }
- 
-     uname_normalize(&ut);
- 
-@@ -1429,7 +1443,8 @@ int qemudBuildCommandLine(virConnectPtr 
-     }
- 
-     /* Add sound hardware */
--    if (def->nsounds) {
-+    if (def->nsounds &&
-+        !skipSound) {
-         int size = 100;
-         char *modstr;
-         if (VIR_ALLOC_N(modstr, size+1) < 0)

libvirt-convert-news-to-utf8.patch

@@ -1,248 +0,0 @@
-From 50f5a6c7ab7795fb6ade4bb24849fa2bab5084dd Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Wed, 29 Jul 2009 08:40:17 +0100
-Subject: [PATCH] Convert NEWS to UTF-8
-
-* docs/news.xsl: request UTF-8 as the output encoding
-
-* NEWS: re-generate with UTF-8 encoding
----
- NEWS          |   70 ++++++++++++++++++++++++++++----------------------------
- docs/news.xsl |    2 +-
- 2 files changed, 36 insertions(+), 36 deletions(-)
-
-diff --git a/NEWS b/NEWS
-index 447d2b4..0a838b9 100644
---- a/NEWS
-+++ b/NEWS
-@@ -137,7 +137,7 @@
-    - Improvements: add SCSI storage rescan (David Allan), rootless
-           LXC containers support improvements (Serge Hallyn), getHostname
-           support for LXC (Dan Smith), cleanup and logging output of some
--          domain functions (Guido Günther), drop pool lock when allocating
-+          domain functions (Guido Günther), drop pool lock when allocating
-           volumes (Cole Robinson), LXC handle kernel without CLONE_NEWUSER
-           support (Serge Hallyn), cpu pinning on defined Xen domains (Takahashi
-           Tomohiro), dynamic bridge names support (Soren Hansen), LXC use
-@@ -145,7 +145,7 @@
-           virNodeDeviceCreateXML and virNodeDeviceDestroy entry points
-           (Dave Allan)
-    - Cleanups: don't hardcode getgrnam_r buffer to 1024 bytes (Guido
--          Günther), qemudBuildCommandLine API cleanup (Daniel Berrange),
-+          Günther), qemudBuildCommandLine API cleanup (Daniel Berrange),
-           
- 
- 
-@@ -214,15 +214,15 @@
-           to avoid crashes (Daniel Berrange), mark defined network descriptions
-           as persistent (Cole Robinson), qemu+tls handshake negotiation hang
-           (Chris Lalancette)
--   - Improvements: don't hardcode ssh port (Guido Günther), new test
-+   - Improvements: don't hardcode ssh port (Guido Günther), new test
-           cases and testing infrastructure (Jim Meyering), improve the
-           SExpr parser (John Levon), proper error reporting on xend
-           shutdown command (John Levon), proper handling of errors when
--          saving QEmu domains state (Guido Günther), revamp of the internal
-+          saving QEmu domains state (Guido Günther), revamp of the internal
-           error memory APIs (John Levon), better virsh error reporting (John
-           Levon), more daemon options to allow running multiple daemons (Jim
--          Meyering), error handling when creating a QEmu domain (Guido Günther),
--          fix timeouts in QEmu log reading (Guido Günther), migration with
-+          Meyering), error handling when creating a QEmu domain (Guido Günther),
-+          fix timeouts in QEmu log reading (Guido Günther), migration with
-           xend 3.3 fixes (John Levon), virsh XML dump flags cleanup (Cole
-           Robinson), fix build with loadable drivers (Maximilian Wilhelm),
-           internal XML APIs to read long long and hexa values (Mark
-@@ -236,7 +236,7 @@
-           (Jim Meyering), many error handling cleanups (Jim Meyering), XML
-           module cleanups (Mark McLoughlin), compiler warning (Maximilian
-           Wilhelm), daemon TCP listen cleanup (Cole Robinson), size_t type
--          cleanup (Guido Günther), parallel make fix (Michael Marineau),
-+          cleanup (Guido Günther), parallel make fix (Michael Marineau),
-           storage error diagnostic fix (Ryota Ozaki), remove redundant monitor
-           watch variable (Cole Robinson), qemu AttachDevice error report
-           improvement (Cole Robinson), virsh output cleanup (Jim Meyering),
-@@ -248,7 +248,7 @@
- 0.6.0: Jan 31 2009:
-    - New features: thread safety of the API and event handling (Daniel
-           Berrange), allow QEmu domains to survive daemon restart (Guido
--          Günther), extended logging capabilities, support copy-on-write
-+          Günther), extended logging capabilities, support copy-on-write
-           storage volumes (Daniel Berrange), support of storage cache
-           control options for QEmu/KVM (Daniel Berrange)
-    - Portability: fix old DBus API problem, Debian portability fix
-@@ -260,13 +260,13 @@
-           solaris Xen fixes (John Levon), RPC portability to Solaris (Daniel
-           Berrange)
-    - Documentation: typo fixes (Richard Jones), logging support,
--          vnc keymap attributes (Guido Günther), HACKING file updates
-+          vnc keymap attributes (Guido Günther), HACKING file updates
-          (Jim Meyering), new PCI passthrough format, libvirt-qpid and
-          UML driver documentation (Daniel Berrange), provide RNG schemas
-          for all XML formats used in libvirt APIs (Daniel Berrange), 
-    - Bug fixes: segfault on virtual network without bridge name (Cole
-           Robinson), various locking fixes (Cole Robinson), fix serial
--          and parallel devices on tcp/unix/telnet (Guido Günther), leak
-+          and parallel devices on tcp/unix/telnet (Guido Günther), leak
-           in daemon (Jim Meyering), storage driver segfault (Miloslav TrmaC),
-           missing check in read-only connections (Daniel Berrange),
-           OpenVZ crash and mutex fixes (Anton Protopopov), couple of
-@@ -282,15 +282,15 @@
-    - Improvements: driver infrastructure and locking (Daniel Berrange),
-           Test driver infrastructure (Daniel Berrange), parallelism in the
-           daemon and associated config (Daniel Berrange), virsh help cleanups
--          (Jim Meyering), logrotate daemon logs (Guido Günther), more
-+          (Jim Meyering), logrotate daemon logs (Guido Günther), more
-           regression tests (Jim Meyering), QEmu SDL graphics (Itamar Heim),
-           add --version flag to daemon (Dave Allan), memory consumption
-           cleanup (Dave Allan), QEmu pid file and XML states for daemon
--          restart (Guido Günther), gnulib updates (Jim Meyering and
-+          restart (Guido Günther), gnulib updates (Jim Meyering and
-           Dan Berrange), PCI passthrough for KVM (Jason Krieg), generic
-           internal thread API (Daniel Berrange), RHEL-5 specific Xen
-           configure option and code (Markus Armbruster), save domain
--          state as string in status file (Guido Günther), add locking
-+          state as string in status file (Guido Günther), add locking
-           to all API entry points (Daniel Berrange), new ref counting APIs
-           (Daniel Berrange), IP address for Xen bridges (John Levon),
-           driver format for disk file types (Daniel Berrange), improve
-@@ -303,15 +303,15 @@
-           (Jim Meyering), gethostby* cleanup and test (Jim Meyering), some
-            code fixes (Dave Allan), various code cleanup (Jim Meyering),
-            virsh argument handling cleanup (Jim Meyering), virAsprintf
--           cleanup replacement (Guido Günther), QEmu monitor reads (Cole
--           Robinson), Makefile cleanups (Guido Günther), Xen code cleanups
-+           cleanup replacement (Guido Günther), QEmu monitor reads (Cole
-+           Robinson), Makefile cleanups (Guido Günther), Xen code cleanups
-            (John Levon), revamp of ELF export scripts (John Levon), domain
-            event callback args (John Levon), enforce use of pid_t (John Levon),
-            virsh pool-*-as XML code merge (Cole Robinson), xgettext warnings
--           (Jim Meyering), add virKillProcess (Guido Günther), add
-+           (Jim Meyering), add virKillProcess (Guido Günther), add
-            virGetHostname (David Lutterkort), add flags argument to the full
--           XML parsing stack (Guido Günther), various daemon code cleanups
--           (Guido Günther), handling of daemon missing config file (Jim
-+           XML parsing stack (Guido Günther), various daemon code cleanups
-+           (Guido Günther), handling of daemon missing config file (Jim
-            Meyering), rpcgen invocation cleanup (Richard Jones), devhelp
-            builkd makefile cleanups (John Levon), update error handling for
-            threading (Daniel Berrange), remove all non-rentrant POSIX calls
-@@ -331,7 +331,7 @@
-    - Bug fixes: add a delay in storage backend for disks to show up
-           (Chris Lalancette), fix parsing for CDRom device with no source
-           (Daniel Berrange), use xenstore to list domains to avoid some
--          bugs (Guido Günther), remove a leak in xen inotify code (Daniel
-+          bugs (Guido Günther), remove a leak in xen inotify code (Daniel
-           Berrange), UML driver freeing of uninitialialized variable (Ron
-           Yorston), fix UML inotify code (Daniel Berrange), crash when
-           adding storage without a format (Cole Robinson)
-@@ -339,8 +339,8 @@
-           max memory (Jim Fehlig), allow remote://hostname/ URI for automatic
-           probe of hypervisors (Daniel Berrange), fix daemon configuration
-           regression testing (Jim Meyering ), check /usr/bin/kvm for QEmu
--          driver init (Guido Günther), proper active vs. inactive
--          differentiation (Guido Günther), improve MTU setting on tap
-+          driver init (Guido Günther), proper active vs. inactive
-+          differentiation (Guido Günther), improve MTU setting on tap
-           interfaces (Eduardo Habkost), increase timeout for initial QEmu
-           monitor poll (Cole Robinson)
-    - Cleanups:fix improper initialisations (Jim Meyering)
-@@ -350,9 +350,9 @@
-    - New features: CPU and scheduler support for LXC (Dan Smith), SDL display configuration (Daniel Berrange), domain lifecycle event support for QEmu and Xen with python bindings (Ben Guthro and Daniel Berrange), KVM/QEmu migration support (Rich Jones and Chris Lalancette), User Mode Linux driver (Daniel Berrange), API for node device enumeration using HAL and DeviceKit with python bindings (David Lively), 
-    - Portability: RHEL build fixes, VPATH build (Guido Gunther), many MinGW related cleanups and fixes (Richard Jones), compilation without libvirtd (Richard Jones), Add a Windows icon (Richard Jones), sys/poll.h portability fixes (Daniel Berrange), gnulib and mingw cleanups (Jim Meyering), 
-    - Documentation: virsh man page cleanups (Mark McLoughlin), doc for NIC model selection (Richard Jones), monitoring section, link to AMQP bindings, inew APIs, UML driver docs (Daniel Berrange), 
--   - Bug fixes: Xen interfaces ordering (Jim Fehlig), startup timeout with multiple pty (Cole Robinson), segfault if QEmu without active virtual network (Cole Robinson), qemu small leak (Eduardo Habkost), index creation for more than 26 disks (Sanjay Rao and Chris Wright), virRealloc handling of 0 (Daniel Berrange), missing pointer initialization (Chris Lalancette), bus device index bug (Guido Günther), avoid crash in some error patch (Chris Lalancette), fix a problem in storage back-end (Chris Lalancette), minimum domain memory size check for Xen (Shigeki Sakamoto), switch off QEmu cache if device is shared (Charles Duffy), logical volume definition before scan bug (Chris Lalancette), a couple of memory leaks on QEmu vnc (Jim Meyering), lvs parsing fixes (Cole Robinson),  
--   - Improvements: LXC resources control and internal cgroup API (Dan Smith), virDomainCreateLinux renamed virDomainDefineXML, network driver modularization (Daniel Berrange), change the way domain and net are reported in errors (Jim Meyering), partition table scan on iSCSI (Chris Lalancette), qemudDiskDeviceName to handle normal disks (Guido Günther), qemudDomainBlockStats improvement (Guido Günther), scsi/virtio hotplug support for KVM (Guido Günther), USB hot addition in QEmu (Guido Günther), logical pool and storage backend XML dump improvement (Chris Lalancette), MAC addresses prefix per driver (Daniel Berrange), OpenVZ getVersion support (Daniel Berrange), hot removal of scsi/virtio disks for KVM (Guido Günther), test storage driver (Cole Robinson), iSCSI and disk storage driver improvement on path handling (Chris Lalancette), UUID and ID support for Xenner (Daniel Berrange), better logging when when executing commands (Cole Robinson), bridged network for OpenVZ (Daniel Berrange), OpenVZ config file params (Evgeniy Sokolov), allow to build drivers as libtool convenience libs (Daniel Berrange), fully versioned linker script for exported ABI (Daniel Berrange), Push URI probing down into drivers open (Daniel Berrange), move all stateful drivers into the daemon binary (Daniel Berrange), improve domain event with a detail field (Daniel Berrange), domain events for QEMU driver (Daniel Berrange), event unregister callback crash (David Lively), plug a few leaks (Daniel Berrange), internal APIs for handling node device XML config (David Lively), tweaks to node device implementation (Daniel Berrange), OpenVZ vCPUs values init (Evgeniy Sokolov)
--   - Cleanups: C99 initializers (Guido Gunther), test output (Cole Robinson), debug macro centralization (Cole Robinson), various error handling (Guido Günther), safewrite use cleanup (Jim Meyering), centralize error reporting logic (Cole Robinson), avoid printf warnings (Daniel Berrange), use arrays instead of list for internal APIs (Daniel Berrange), remove many format string warnings Jim Meyering), avoid syntax check warnings (Chris Lalancette), improve po-check and list generation (Jim Meyering), .gitignore generation and handling (Jim Meyering), use ARRAY_CARDINALITY (Jim Meyering), gnulib updates and switch to use netdb.h (Jim Meyering), drop usage of socket_errno (Jim Meyering), remove socketcompat.h (Jim Meyering), more tests (Jim Meyering), drop virStringList (Daniel Berrange), reformatting and isolation of the error APIs (Daniel Berrange), cleanup internal.h and move internal APIs in specific headers (Daniel Berrange), move domain events helpers into domain_events.c (Daniel Berrange), cleanup the way optional modules are compiled (Daniel Berrange), add new logging module, optional dlopen of drivers (Daniel Berrange), various new tests (Jim Meyering), cleanups when Xen is not configured in (Daniel Berrange), add some missing functions comments (Jim Meyering), 
-+   - Bug fixes: Xen interfaces ordering (Jim Fehlig), startup timeout with multiple pty (Cole Robinson), segfault if QEmu without active virtual network (Cole Robinson), qemu small leak (Eduardo Habkost), index creation for more than 26 disks (Sanjay Rao and Chris Wright), virRealloc handling of 0 (Daniel Berrange), missing pointer initialization (Chris Lalancette), bus device index bug (Guido Günther), avoid crash in some error patch (Chris Lalancette), fix a problem in storage back-end (Chris Lalancette), minimum domain memory size check for Xen (Shigeki Sakamoto), switch off QEmu cache if device is shared (Charles Duffy), logical volume definition before scan bug (Chris Lalancette), a couple of memory leaks on QEmu vnc (Jim Meyering), lvs parsing fixes (Cole Robinson),  
-+   - Improvements: LXC resources control and internal cgroup API (Dan Smith), virDomainCreateLinux renamed virDomainDefineXML, network driver modularization (Daniel Berrange), change the way domain and net are reported in errors (Jim Meyering), partition table scan on iSCSI (Chris Lalancette), qemudDiskDeviceName to handle normal disks (Guido Günther), qemudDomainBlockStats improvement (Guido Günther), scsi/virtio hotplug support for KVM (Guido Günther), USB hot addition in QEmu (Guido Günther), logical pool and storage backend XML dump improvement (Chris Lalancette), MAC addresses prefix per driver (Daniel Berrange), OpenVZ getVersion support (Daniel Berrange), hot removal of scsi/virtio disks for KVM (Guido Günther), test storage driver (Cole Robinson), iSCSI and disk storage driver improvement on path handling (Chris Lalancette), UUID and ID support for Xenner (Daniel Berrange), better logging when when executing commands (Cole Robinson), bridged network for OpenVZ (Daniel Berrange), OpenVZ config file params (Evgeniy Sokolov), allow to build drivers as libtool convenience libs (Daniel Berrange), fully versioned linker script for exported ABI (Daniel Berrange), Push URI probing down into drivers open (Daniel Berrange), move all stateful drivers into the daemon binary (Daniel Berrange), improve domain event with a detail field (Daniel Berrange), domain events for QEMU driver (Daniel Berrange), event unregister callback crash (David Lively), plug a few leaks (Daniel Berrange), internal APIs for handling node device XML config (David Lively), tweaks to node device implementation (Daniel Berrange), OpenVZ vCPUs values init (Evgeniy Sokolov)
-+   - Cleanups: C99 initializers (Guido Gunther), test output (Cole Robinson), debug macro centralization (Cole Robinson), various error handling (Guido Günther), safewrite use cleanup (Jim Meyering), centralize error reporting logic (Cole Robinson), avoid printf warnings (Daniel Berrange), use arrays instead of list for internal APIs (Daniel Berrange), remove many format string warnings Jim Meyering), avoid syntax check warnings (Chris Lalancette), improve po-check and list generation (Jim Meyering), .gitignore generation and handling (Jim Meyering), use ARRAY_CARDINALITY (Jim Meyering), gnulib updates and switch to use netdb.h (Jim Meyering), drop usage of socket_errno (Jim Meyering), remove socketcompat.h (Jim Meyering), more tests (Jim Meyering), drop virStringList (Daniel Berrange), reformatting and isolation of the error APIs (Daniel Berrange), cleanup internal.h and move internal APIs in specific headers (Daniel Berrange), move domain events helpers into domain_events.c (Daniel Berrange), cleanup the way optional modules are compiled (Daniel Berrange), add new logging module, optional dlopen of drivers (Daniel Berrange), various new tests (Jim Meyering), cleanups when Xen is not configured in (Daniel Berrange), add some missing functions comments (Jim Meyering), 
- 
- 
- 0.4.6: Sep 23 2008:
-@@ -364,7 +364,7 @@
-           OpenVZ (Evgeniy Sokolov), fix parsing of pool without a source
-           (Chris Lalancette and Daniel Berrange)
-    - Improvements: add storage disk volume delete (Cole Robinson),
--          KVM dynamic max CPU detection (Guido Günther), spec file improvement
-+          KVM dynamic max CPU detection (Guido Günther), spec file improvement
-           for minimal builds (Ben Guthro), improved error message in XM
-           configuration module (Richard Jones), network config in OpenVZ
-           support (Evgeniy Sokolov), enable stopping a pool in logical
-@@ -379,7 +379,7 @@
-           unified XML domain and network parsing for all drivers (Daniel
-           Berrange), OpenVZ features improvements (Evgeniy Sokolov),
-           OpenVZ and Linux containers support now default, USB device
--          passthrough for QEmu/KVM (Guido Günther), storage pool source
-+          passthrough for QEmu/KVM (Guido Günther), storage pool source
-           discovery (David Lively)
-    - Portability: fixes for MinGW (Atsushi SAKAI and Daniel Berrange),
-           detection of xen lib improvement (David Lively),
-@@ -389,9 +389,9 @@
-           SAKAI and Daniel Berrange), HTML generation fix, -lpthread explicit
-           linking when needed (Jim Meyering)
-    - Documentation: various typo fixes (Anton Protopopov, Toth
--          István, Atsushi SAKAI, Nguyen Anh Quynh),
-+          István, Atsushi SAKAI, Nguyen Anh Quynh),
-           Java bindings docs, remove Xen centric
--          comments (Guido Günther), various typo in comments (Chris
-+          comments (Guido Günther), various typo in comments (Chris
-           Lalancette), docs and API comments fixes (Charles Duffy),
-           how to contribute to open source link (Richard Jones),
-           memory unit fixups (matthew chan)
-@@ -401,14 +401,14 @@
-           in QEmu/KVM (Daniel Berrange), fix OpenVZ probe function (Evgeniy
-           Sokolov), ID related lookup fixes in OpenVZ (Evgeniy Sokolov),
-           pool cration for netfs (Cole Robinson), check for migrate support
--          with QEmu (Guido Günther), check against double create with QEmu
--          (Guido Günther), broken open failure detection in QEmu (Guido
--          Günther), UUID string conversions in QEmu (Guido Günther),
-+          with QEmu (Guido Günther), check against double create with QEmu
-+          (Guido Günther), broken open failure detection in QEmu (Guido
-+          Günther), UUID string conversions in QEmu (Guido Günther),
-           various small cleanup and bug fixes (Daniel Berrange), ID
-           related fixes in the test driver (Daniel Berrange), better error
-           reporting on XML parsing (Daniel Berrange), empty CD-ROM source
-           device section (Chris Lalancette), avoid crashes for interface
--          without a name in QEmu (Guido Günther), provide the real
-+          without a name in QEmu (Guido Günther), provide the real
-           vncport (Charles Duffy), fix forward delay (Daniel Berrange),
-           new VM state is initialized to be SHUTOFF (Daniel Berrange),
-           virsh attach-disk bug fixes (Chris Lalancette), veth clash
-@@ -440,7 +440,7 @@
-           (Daniel Berrange), virsh "edit" command (Richard Jones), save
-           UUID of OpenVZ domains (Evgeniy Sokolov), improve xen blocks
-           statistics (Chris Lalancette), gnulib updates (Jim Meyering),
--          allow to add disk as USB devices (Guido Günther), LXC container
-+          allow to add disk as USB devices (Guido Günther), LXC container
-           process should survive libvirtd restarts (Daniel Berrange), allow
-           to define static host domain configs, number of CPU used by
-           OpenVZ domains (Evgeniy Sokolov), private root fs for LXC (Daniel
-@@ -572,9 +572,9 @@
-       driver (Cole Robinson), xen and hvm added to test driver capabilities
-       (Cole Robinson)
-    - Code cleanup: remove unused getopt header (Jim Meyering), mark more
--      strings as translatable (Guido Günther and Jim Meyering), convert
-+      strings as translatable (Guido Günther and Jim Meyering), convert
-       error strings to something meaningful and translatable (Jim Meyering),
--      Linux Containers code cleanup, last error initializer (Guido Günther)
-+      Linux Containers code cleanup, last error initializer (Guido Günther)
- 
- 
- 0.4.1: Mar 3 2008:
-diff --git a/docs/news.xsl b/docs/news.xsl
-index a190120..e35030e 100644
---- a/docs/news.xsl
-+++ b/docs/news.xsl
-@@ -1,7 +1,7 @@
- <?xml version="1.0"?>
- <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
-                 version="1.0">
--  <xsl:output method="text" encoding="ISO-8859-1"/>
-+  <xsl:output method="text" encoding="UTF-8"/>
- 
-   <xsl:template match="/">
-     <xsl:text>
--- 
-1.6.2.5
-

sources

@@ -1 +1 @@
-7c8008af99963682cb38666d2f1661ba  libvirt-0.7.0-0.1.gitf055724.tar.gz
+SHA512 (libvirt-4.7.0.tar.xz) = a4b320460b923508d9519c65c8be18b5013eb7ed4d581984cc5edf0d3476c34f959d69ad4ca7a0e257dac91351e11718785efc3f201d4b58fa999dbca1daac47