nwfilter: increase pcap buffer size to be compatible with TPACKET_V3 (bz #1547237 )

Adapt to changed wireshark plugin install dir
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2018-07-03 12:15:26 -04:00 · 2018-06-21 10:56:18 +01:00 · 2018-06-21 09:16:26 +01:00 · 2018-02-13 14:26:06 -05:00 · 2017-12-04 12:11:03 -05:00 · 2017-09-15 19:06:08 -04:00
61 changed files with 4769 additions and 7003 deletions
@@ -1,13 +0,0 @@
-.build*.log
-*.rpm
-i686
-x86_64
-libvirt-*.tar.gz
-libvirt-0.6.0.tar.gz
-libvirt-0.6.1.tar.gz
-libvirt-0.6.2.tar.gz
-libvirt-0.6.3.tar.gz
-libvirt-0.6.4.tar.gz
-libvirt-0.6.5.tar.gz
-libvirt-0.7.0.tar.gz
-libvirt-0.7.1.tar.gz
@@ -0,0 +1,5 @@
+.build*.log
+*.rpm
+i686
+x86_64
+libvirt-*.tar.xz
@@ -0,0 +1,34 @@
+From: Stefan Berger <stefanb@linux.vnet.ibm.com>
+Date: Thu, 29 Jun 2017 14:01:11 -0400
+Subject: [PATCH] tpm: Use /dev/null for cancel path if none was found
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+TPM 2 does not implement sysfs files for cancellation of commands.
+We therefore use /dev/null for the cancel path passed to QEMU.
+
+Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
+Tested-by: Javier Martinez Canillas <javierm@redhat.com>
+Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+(cherry picked from commit dfbb15b75433e520fb1b905c1c3e28753e53e4a5)
+---
+ src/util/virtpm.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/util/virtpm.c b/src/util/virtpm.c
+index 6d9b0657a..d5c10da38 100644
+--- a/src/util/virtpm.c
+++ b/src/util/virtpm.c
+@@ -61,9 +61,7 @@ virTPMCreateCancelPath(const char *devpath)
+                 VIR_FREE(path);
+             }
+             if (!path)
+-                virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+-                               _("No usable sysfs TPM cancel file could be "
+-                                 "found"));
+                ignore_value(VIR_STRDUP(path, "/dev/null"));
+         } else {
+             virReportError(VIR_ERR_INTERNAL_ERROR,
+                            _("TPM device path %s is invalid"), devpath);
@@ -0,0 +1,108 @@
+From: Cole Robinson <crobinso@redhat.com>
+Date: Sun, 27 Aug 2017 11:23:47 -0400
+Subject: [PATCH] security: add MANAGER_MOUNT_NAMESPACE flag
+
+The VIR_SECURITY_MANAGER_MOUNT_NAMESPACE flag informs the DAC driver
+if mount namespaces are in use for the VM. Will be used for future
+changes.
+
+Wire it up in the qemu driver
+
+(cherry picked from commit 321031e482425dfeae0f125cdac6df870f079efd)
+---
+ src/qemu/qemu_driver.c          |  2 ++
+ src/security/security_dac.c     | 10 ++++++++++
+ src/security/security_dac.h     |  3 +++
+ src/security/security_manager.c |  4 +++-
+ src/security/security_manager.h |  1 +
+ 5 files changed, 19 insertions(+), 1 deletion(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index b7824512c..1f9264639 100644
+--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
+@@ -419,6 +419,8 @@ qemuSecurityInit(virQEMUDriverPtr driver)
+     if (virQEMUDriverIsPrivileged(driver)) {
+         if (cfg->dynamicOwnership)
+             flags |= VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP;
+        if (virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT))
+            flags |= VIR_SECURITY_MANAGER_MOUNT_NAMESPACE;
+         if (!(mgr = qemuSecurityNewDAC(QEMU_DRIVER_NAME,
+                                        cfg->user,
+                                        cfg->group,
+diff --git a/src/security/security_dac.c b/src/security/security_dac.c
+index ca7a6af6d..507be44a2 100644
+--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
+@@ -57,6 +57,7 @@ struct _virSecurityDACData {
+     gid_t *groups;
+     int ngroups;
+     bool dynamicOwnership;
+    bool mountNamespace;
+     char *baselabel;
+     virSecurityManagerDACChownCallback chownCallback;
+ };
+@@ -237,6 +238,15 @@ virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr,
+     priv->dynamicOwnership = dynamicOwnership;
+ }
+ 
+void
+virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr,
+                                bool mountNamespace)
+{
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+    priv->mountNamespace = mountNamespace;
+}
+
+
+ void
+ virSecurityDACSetChownCallback(virSecurityManagerPtr mgr,
+                                virSecurityManagerDACChownCallback chownCallback)
+diff --git a/src/security/security_dac.h b/src/security/security_dac.h
+index 846cefbb5..97681c961 100644
+--- a/src/security/security_dac.h
+++ b/src/security/security_dac.h
+@@ -32,6 +32,9 @@ int virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr,
+ void virSecurityDACSetDynamicOwnership(virSecurityManagerPtr mgr,
+                                        bool dynamic);
+ 
+void virSecurityDACSetMountNamespace(virSecurityManagerPtr mgr,
+                                     bool mountNamespace);
+
+ void virSecurityDACSetChownCallback(virSecurityManagerPtr mgr,
+                                     virSecurityManagerDACChownCallback chownCallback);
+ 
+diff --git a/src/security/security_manager.c b/src/security/security_manager.c
+index 95b995230..e43c99d4f 100644
+--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
+@@ -146,7 +146,8 @@ virSecurityManagerNewDAC(const char *virtDriver,
+     virSecurityManagerPtr mgr;
+ 
+     virCheckFlags(VIR_SECURITY_MANAGER_NEW_MASK |
+-                  VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP, NULL);
+                  VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP |
+                  VIR_SECURITY_MANAGER_MOUNT_NAMESPACE, NULL);
+ 
+     mgr = virSecurityManagerNewDriver(&virSecurityDriverDAC,
+                                       virtDriver,
+@@ -161,6 +162,7 @@ virSecurityManagerNewDAC(const char *virtDriver,
+     }
+ 
+     virSecurityDACSetDynamicOwnership(mgr, flags & VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP);
+    virSecurityDACSetMountNamespace(mgr, flags & VIR_SECURITY_MANAGER_MOUNT_NAMESPACE);
+     virSecurityDACSetChownCallback(mgr, chownCallback);
+ 
+     return mgr;
+diff --git a/src/security/security_manager.h b/src/security/security_manager.h
+index 01296d339..08fb89203 100644
+--- a/src/security/security_manager.h
+++ b/src/security/security_manager.h
+@@ -36,6 +36,7 @@ typedef enum {
+     VIR_SECURITY_MANAGER_REQUIRE_CONFINED   = 1 << 2,
+     VIR_SECURITY_MANAGER_PRIVILEGED         = 1 << 3,
+     VIR_SECURITY_MANAGER_DYNAMIC_OWNERSHIP  = 1 << 4,
+    VIR_SECURITY_MANAGER_MOUNT_NAMESPACE    = 1 << 5,
+ } virSecurityManagerNewFlags;
+ 
+ # define VIR_SECURITY_MANAGER_NEW_MASK  \
@@ -0,0 +1,101 @@
+From: Cole Robinson <crobinso@redhat.com>
+Date: Mon, 17 Jul 2017 08:57:57 -0400
+Subject: [PATCH] security: dac: relabel spice rendernode
+
+For a logged in user this a path like /dev/dri/renderD128 will have
+default ownership root:video which won't work for the qemu:qemu user,
+so we need to chown it.
+
+We only do this when mount namespaces are enabled in the qemu driver,
+so the chown'ing doesn't interfere with other users of the shared
+render node path
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1460804
+(cherry picked from commit 98931187eefdec6f2dea5cb82ab6d23a3ffa6634)
+---
+ src/security/security_dac.c | 58 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 58 insertions(+)
+
+diff --git a/src/security/security_dac.c b/src/security/security_dac.c
+index 507be44a2..349dbe81d 100644
+--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
+@@ -1380,6 +1380,54 @@ virSecurityDACRestoreTPMFileLabel(virSecurityManagerPtr mgr,
+ }
+ 
+ 
+static int
+virSecurityDACSetGraphicsLabel(virSecurityManagerPtr mgr,
+                               virDomainDefPtr def,
+                               virDomainGraphicsDefPtr gfx)
+
+{
+    virSecurityDACDataPtr priv = virSecurityManagerGetPrivateData(mgr);
+    virSecurityLabelDefPtr seclabel;
+    uid_t user;
+    gid_t group;
+
+    /* Skip chowning the shared render file if namespaces are disabled */
+    if (!priv->mountNamespace)
+        return 0;
+
+    seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_DAC_NAME);
+    if (seclabel && !seclabel->relabel)
+        return 0;
+
+    if (virSecurityDACGetIds(seclabel, priv, &user, &group, NULL, NULL) < 0)
+        return -1;
+
+    if (gfx->type == VIR_DOMAIN_GRAPHICS_TYPE_SPICE &&
+        gfx->data.spice.gl == VIR_TRISTATE_BOOL_YES &&
+        gfx->data.spice.rendernode) {
+        if (virSecurityDACSetOwnership(priv, NULL,
+                                       gfx->data.spice.rendernode,
+                                       user, group) < 0)
+            return -1;
+    }
+
+    return 0;
+}
+
+
+static int
+virSecurityDACRestoreGraphicsLabel(virSecurityManagerPtr mgr ATTRIBUTE_UNUSED,
+                               virDomainDefPtr def ATTRIBUTE_UNUSED,
+                               virDomainGraphicsDefPtr gfx ATTRIBUTE_UNUSED)
+
+{
+    /* The only graphics labelling we do is dependent on mountNamespaces,
+       in which case 'restoring' the label doesn't actually accomplish
+       anything, so there's nothing to do here */
+    return 0;
+}
+
+
+ static int
+ virSecurityDACSetInputLabel(virSecurityManagerPtr mgr,
+                             virDomainDefPtr def,
+@@ -1491,6 +1539,11 @@ virSecurityDACRestoreAllLabel(virSecurityManagerPtr mgr,
+             rc = -1;
+     }
+ 
+    for (i = 0; i < def->ngraphics; i++) {
+        if (virSecurityDACRestoreGraphicsLabel(mgr, def, def->graphics[i]) < 0)
+            return -1;
+    }
+
+     for (i = 0; i < def->ninputs; i++) {
+         if (virSecurityDACRestoreInputLabel(mgr, def, def->inputs[i]) < 0)
+             rc = -1;
+@@ -1611,6 +1664,11 @@ virSecurityDACSetAllLabel(virSecurityManagerPtr mgr,
+             return -1;
+     }
+ 
+    for (i = 0; i < def->ngraphics; i++) {
+        if (virSecurityDACSetGraphicsLabel(mgr, def, def->graphics[i]) < 0)
+            return -1;
+    }
+
+     for (i = 0; i < def->ninputs; i++) {
+         if (virSecurityDACSetInputLabel(mgr, def, def->inputs[i]) < 0)
+             return -1;
@@ -0,0 +1,72 @@
+From: "Daniel P. Berrange" <berrange@redhat.com>
+Date: Thu, 5 Oct 2017 17:54:28 +0100
+Subject: [PATCH] qemu: ensure TLS clients always verify the server certificate
+
+The default_tls_x509_verify (and related) parameters in qemu.conf
+control whether the QEMU TLS servers request & verify certificates
+from clients. This works as a simple access control system for
+servers by requiring the CA to issue certs to permitted clients.
+This use of client certificates is disabled by default, since it
+requires extra work to issue client certificates.
+
+Unfortunately the code was using this configuration parameter when
+setting up both TLS clients and servers in QEMU. The result was that
+TLS clients for character devices and disk devices had verification
+turned off, meaning they would ignore errors while validating the
+server certificate.
+
+This allows for trivial MITM attacks between client and server,
+as any certificate returned by the attacker will be accepted by
+the client.
+
+This is assigned CVE-2017-1000256  / LSN-2017-0002
+
+Reviewed-by: Eric Blake <eblake@redhat.com>
+Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
+(cherry picked from commit 441d3eb6d1be940a67ce45a286602a967601b157)
+(cherry picked from commit dc6c41798d1eb5c52c75365ffa22f7672709dfa7)
+---
+ src/qemu/qemu_command.c                                                 | 2 +-
+ tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args     | 2 +-
+ .../qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args                 | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
+index 9a27987d4..ae78cd17e 100644
+--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
+@@ -718,7 +718,7 @@ qemuBuildTLSx509BackendProps(const char *tlspath,
+     if (virJSONValueObjectCreate(propsret,
+                                  "s:dir", path,
+                                  "s:endpoint", (isListen ? "server": "client"),
+-                                 "b:verify-peer", verifypeer,
+                                 "b:verify-peer", (isListen ? verifypeer : true),
+                                  NULL) < 0)
+         goto cleanup;
+ 
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
+index 5aff7734e..ab5f7e27f 100644
+--- a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args
+@@ -26,7 +26,7 @@ server,nowait \
+ localport=1111 \
+ -device isa-serial,chardev=charserial0,id=serial0 \
+ -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
+-endpoint=client,verify-peer=no \
+endpoint=client,verify-peer=yes \
+ -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
+ tls-creds=objcharserial1_tls0 \
+ -device isa-serial,chardev=charserial1,id=serial1 \
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
+index 91f1fe0cd..2567abbfa 100644
+--- a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args
+@@ -31,7 +31,7 @@ localport=1111 \
+ data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+ -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\
+-endpoint=client,verify-peer=no,passwordid=charserial1-secret0 \
+endpoint=client,verify-peer=yes,passwordid=charserial1-secret0 \
+ -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\
+ tls-creds=objcharserial1_tls0 \
+ -device isa-serial,chardev=charserial1,id=serial1 \
@@ -0,0 +1,177 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 15 Nov 2017 13:15:57 +0100
+Subject: [PATCH] qemu: Move snapshot disk validation functions into one
+
+Move the code so that both the new image and old image can be verified
+in the same function.
+
+(cherry picked from commit 8ffdeed455650557df531aafc66c20b31bd4e0c4)
+---
+ src/qemu/qemu_driver.c | 91 ++++++++++++++++++++------------------------------
+ 1 file changed, 36 insertions(+), 55 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 1f9264639..57f0c2bf4 100644
+--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
+@@ -13793,17 +13793,19 @@ qemuDomainSnapshotCreateActiveInternal(virConnectPtr conn,
+ 
+ 
+ static int
+-qemuDomainSnapshotPrepareDiskExternalBackingInactive(virDomainDiskDefPtr disk)
+qemuDomainSnapshotPrepareDiskExternalInactive(virDomainSnapshotDiskDefPtr snapdisk,
+                                              virDomainDiskDefPtr domdisk)
+ {
+-    int actualType = virStorageSourceGetActualType(disk->src);
+    int domDiskType = virStorageSourceGetActualType(domdisk->src);
+    int snapDiskType = virStorageSourceGetActualType(snapdisk->src);
+ 
+-    switch ((virStorageType) actualType) {
+    switch ((virStorageType) domDiskType) {
+     case VIR_STORAGE_TYPE_BLOCK:
+     case VIR_STORAGE_TYPE_FILE:
+-        return 0;
+        break;
+ 
+     case VIR_STORAGE_TYPE_NETWORK:
+-        switch ((virStorageNetProtocol) disk->src->protocol) {
+        switch ((virStorageNetProtocol) domdisk->src->protocol) {
+         case VIR_STORAGE_NET_PROTOCOL_NONE:
+         case VIR_STORAGE_NET_PROTOCOL_NBD:
+         case VIR_STORAGE_NET_PROTOCOL_RBD:
+@@ -13820,7 +13822,7 @@ qemuDomainSnapshotPrepareDiskExternalBackingInactive(virDomainDiskDefPtr disk)
+             virReportError(VIR_ERR_INTERNAL_ERROR,
+                            _("external inactive snapshots are not supported on "
+                              "'network' disks using '%s' protocol"),
+-                           virStorageNetProtocolTypeToString(disk->src->protocol));
+                           virStorageNetProtocolTypeToString(domdisk->src->protocol));
+             return -1;
+         }
+         break;
+@@ -13831,7 +13833,23 @@ qemuDomainSnapshotPrepareDiskExternalBackingInactive(virDomainDiskDefPtr disk)
+     case VIR_STORAGE_TYPE_LAST:
+         virReportError(VIR_ERR_INTERNAL_ERROR,
+                        _("external inactive snapshots are not supported on "
+-                         "'%s' disks"), virStorageTypeToString(actualType));
+                         "'%s' disks"), virStorageTypeToString(domDiskType));
+        return -1;
+    }
+
+    switch ((virStorageType) snapDiskType) {
+    case VIR_STORAGE_TYPE_BLOCK:
+    case VIR_STORAGE_TYPE_FILE:
+        break;
+
+    case VIR_STORAGE_TYPE_NETWORK:
+    case VIR_STORAGE_TYPE_DIR:
+    case VIR_STORAGE_TYPE_VOLUME:
+    case VIR_STORAGE_TYPE_NONE:
+    case VIR_STORAGE_TYPE_LAST:
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("external inactive snapshots are not supported on "
+                         "'%s' disks"), virStorageTypeToString(snapDiskType));
+         return -1;
+     }
+ 
+@@ -13840,33 +13858,27 @@ qemuDomainSnapshotPrepareDiskExternalBackingInactive(virDomainDiskDefPtr disk)
+ 
+ 
+ static int
+-qemuDomainSnapshotPrepareDiskExternalBackingActive(virDomainDiskDefPtr disk)
+qemuDomainSnapshotPrepareDiskExternalActive(virDomainSnapshotDiskDefPtr snapdisk,
+                                            virDomainDiskDefPtr domdisk)
+ {
+-    if (disk->device == VIR_DOMAIN_DISK_DEVICE_LUN) {
+    int actualType = virStorageSourceGetActualType(snapdisk->src);
+
+    if (domdisk->device == VIR_DOMAIN_DISK_DEVICE_LUN) {
+         virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                        _("external active snapshots are not supported on scsi "
+                          "passthrough devices"));
+         return -1;
+     }
+ 
+-    return 0;
+-}
+-
+-
+-static int
+-qemuDomainSnapshotPrepareDiskExternalOverlayActive(virDomainSnapshotDiskDefPtr disk)
+-{
+-    int actualType = virStorageSourceGetActualType(disk->src);
+-
+     switch ((virStorageType) actualType) {
+     case VIR_STORAGE_TYPE_BLOCK:
+     case VIR_STORAGE_TYPE_FILE:
+-        return 0;
+        break;
+ 
+     case VIR_STORAGE_TYPE_NETWORK:
+-        switch ((virStorageNetProtocol) disk->src->protocol) {
+        switch ((virStorageNetProtocol) snapdisk->src->protocol) {
+         case VIR_STORAGE_NET_PROTOCOL_GLUSTER:
+-            return 0;
+            break;
+ 
+         case VIR_STORAGE_NET_PROTOCOL_NONE:
+         case VIR_STORAGE_NET_PROTOCOL_NBD:
+@@ -13883,7 +13895,7 @@ qemuDomainSnapshotPrepareDiskExternalOverlayActive(virDomainSnapshotDiskDefPtr d
+             virReportError(VIR_ERR_INTERNAL_ERROR,
+                            _("external active snapshots are not supported on "
+                              "'network' disks using '%s' protocol"),
+-                           virStorageNetProtocolTypeToString(disk->src->protocol));
+                           virStorageNetProtocolTypeToString(snapdisk->src->protocol));
+             return -1;
+ 
+         }
+@@ -13903,31 +13915,6 @@ qemuDomainSnapshotPrepareDiskExternalOverlayActive(virDomainSnapshotDiskDefPtr d
+ }
+ 
+ 
+-static int
+-qemuDomainSnapshotPrepareDiskExternalOverlayInactive(virDomainSnapshotDiskDefPtr disk)
+-{
+-    int actualType = virStorageSourceGetActualType(disk->src);
+-
+-    switch ((virStorageType) actualType) {
+-    case VIR_STORAGE_TYPE_BLOCK:
+-    case VIR_STORAGE_TYPE_FILE:
+-        return 0;
+-
+-    case VIR_STORAGE_TYPE_NETWORK:
+-    case VIR_STORAGE_TYPE_DIR:
+-    case VIR_STORAGE_TYPE_VOLUME:
+-    case VIR_STORAGE_TYPE_NONE:
+-    case VIR_STORAGE_TYPE_LAST:
+-        virReportError(VIR_ERR_INTERNAL_ERROR,
+-                       _("external inactive snapshots are not supported on "
+-                         "'%s' disks"), virStorageTypeToString(actualType));
+-        return -1;
+-    }
+-
+-    return 0;
+-}
+-
+-
+ static int
+ qemuDomainSnapshotPrepareDiskExternal(virConnectPtr conn,
+                                       virDomainDiskDefPtr disk,
+@@ -13945,16 +13932,10 @@ qemuDomainSnapshotPrepareDiskExternal(virConnectPtr conn,
+         if (virStorageTranslateDiskSourcePool(conn, disk) < 0)
+             return -1;
+ 
+-        if (qemuDomainSnapshotPrepareDiskExternalBackingInactive(disk) < 0)
+-            return -1;
+-
+-        if (qemuDomainSnapshotPrepareDiskExternalOverlayInactive(snapdisk) < 0)
+        if (qemuDomainSnapshotPrepareDiskExternalInactive(snapdisk, disk) < 0)
+             return -1;
+     } else {
+-        if (qemuDomainSnapshotPrepareDiskExternalBackingActive(disk) < 0)
+-            return -1;
+-
+-        if (qemuDomainSnapshotPrepareDiskExternalOverlayActive(snapdisk) < 0)
+        if (qemuDomainSnapshotPrepareDiskExternalActive(snapdisk, disk) < 0)
+             return -1;
+     }
+ 
@@ -0,0 +1,55 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Tue, 14 Nov 2017 15:34:46 +0100
+Subject: [PATCH] qemu: block: Add function to check if storage source allows
+ concurrent access
+
+Storage source format backing a shared device (e.g. running a cluster
+filesystem) needs to support the sharing so that metadata are not
+corrupted. Add a central function for checking this.
+
+(cherry picked from commit 1fc3cd8731640aefc48bbd9fc489f21cb99c6f67)
+---
+ src/qemu/qemu_block.c | 15 +++++++++++++++
+ src/qemu/qemu_block.h |  3 +++
+ 2 files changed, 18 insertions(+)
+
+diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
+index 7fb12ea5a..4c0a5eb78 100644
+--- a/src/qemu/qemu_block.c
+++ b/src/qemu/qemu_block.c
+@@ -379,6 +379,21 @@ qemuBlockGetNodeData(virJSONValuePtr data)
+ }
+ 
+ 
+/**
+ * qemuBlockStorageSourceSupportsConcurrentAccess:
+ * @src: disk storage source
+ *
+ * Returns true if the given storage format supports concurrent access from two
+ * separate processes.
+ */
+bool
+qemuBlockStorageSourceSupportsConcurrentAccess(virStorageSourcePtr src)
+{
+    /* no need to check in backing chain since only RAW storage supports this */
+    return src->format == VIR_STORAGE_FILE_RAW;
+}
+
+
+ /**
+  * qemuBlockStorageSourceBuildHostsJSONSocketAddress:
+  * @src: disk storage source
+diff --git a/src/qemu/qemu_block.h b/src/qemu/qemu_block.h
+index f0a2c9aa7..ebf3149ce 100644
+--- a/src/qemu/qemu_block.h
+++ b/src/qemu/qemu_block.h
+@@ -53,6 +53,9 @@ qemuBlockNodeNamesDetect(virQEMUDriverPtr driver,
+ virHashTablePtr
+ qemuBlockGetNodeData(virJSONValuePtr data);
+ 
+bool
+qemuBlockStorageSourceSupportsConcurrentAccess(virStorageSourcePtr src);
+
+ virJSONValuePtr
+ qemuBlockStorageSourceGetBackendProps(virStorageSourcePtr src);
+ 
@@ -0,0 +1,146 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Tue, 14 Nov 2017 15:37:09 +0100
+Subject: [PATCH] qemu: domain: Reject shared disk access if backing format
+ does not support it
+
+Disk sharing between two VMs may corrupt the images if the format driver
+does not support it. Check that the user declared use of a supported
+storage format when they want to share the disk.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1511480
+(cherry picked from commit 3b03a27cd00c2f032661d2bf8905795425752fc7)
+---
+ src/qemu/qemu_domain.c                             | 29 +++++++++++++++++++++-
+ .../qemuxml2argv-disk-drive-shared-qcow.xml        | 28 +++++++++++++++++++++
+ .../qemuxml2argv-disk-drive-shared.args            |  2 +-
+ .../qemuxml2argv-disk-drive-shared.xml             |  2 +-
+ tests/qemuxml2argvtest.c                           |  1 +
+ 5 files changed, 59 insertions(+), 3 deletions(-)
+ create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-qcow.xml
+
+diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
+index b98ffffae..42d17c1b0 100644
+--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
+@@ -25,6 +25,7 @@
+ 
+ #include "qemu_domain.h"
+ #include "qemu_alias.h"
+#include "qemu_block.h"
+ #include "qemu_cgroup.h"
+ #include "qemu_command.h"
+ #include "qemu_process.h"
+@@ -3299,6 +3300,29 @@ qemuDomainRedirdevDefValidate(const virDomainRedirdevDef *def)
+ }
+ 
+ 
+static int
+qemuDomainDeviceDefValidateDisk(const virDomainDiskDef *disk)
+{
+    if (disk->src->shared && !disk->src->readonly) {
+        if (disk->src->format <= VIR_STORAGE_FILE_AUTO) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("shared access for disk '%s' requires use of "
+                             "explicitly specified disk format"), disk->dst);
+            return -1;
+        }
+
+        if (!qemuBlockStorageSourceSupportsConcurrentAccess(disk->src)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("shared access for disk '%s' requires use of "
+                             "supported storage format"), disk->dst);
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+
+ static int
+ qemuDomainDeviceDefValidate(const virDomainDeviceDef *dev,
+                             const virDomainDef *def ATTRIBUTE_UNUSED,
+@@ -3308,7 +3332,10 @@ qemuDomainDeviceDefValidate(const virDomainDeviceDef *dev,
+     virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
+     int ret = -1;
+ 
+-    if (dev->type == VIR_DOMAIN_DEVICE_NET) {
+    if (dev->type == VIR_DOMAIN_DEVICE_DISK) {
+        if (qemuDomainDeviceDefValidateDisk(dev->data.disk) < 0)
+            goto cleanup;
+    } else if (dev->type == VIR_DOMAIN_DEVICE_NET) {
+         const virDomainNetDef *net = dev->data.net;
+ 
+         if (net->guestIP.nroutes || net->guestIP.nips) {
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-qcow.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-qcow.xml
+new file mode 100644
+index 000000000..ca88a944b
+--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-qcow.xml
+@@ -0,0 +1,28 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219136</memory>
+  <currentMemory unit='KiB'>219136</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type='block' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source dev='/dev/HostVG/QEMUGuest1'/>
+      <target dev='hda' bus='ide'/>
+      <shareable/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <controller type='usb' index='0'/>
+    <controller type='ide' index='0'/>
+    <memballoon model='virtio'/>
+  </devices>
+</domain>
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.args
+index 502157bf8..326fde1b3 100644
+--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.args
+@@ -19,7 +19,7 @@ server,nowait \
+ -no-acpi \
+ -boot c \
+ -usb \
+--drive file=/dev/HostVG/QEMUGuest1,format=qcow2,if=none,id=drive-ide0-0-0,\
+-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0,\
+ serial=XYZXYZXYZYXXYZYZYXYZY,cache=none \
+ -device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
+ -drive file=/dev/HostVG/QEMUGuest2,format=raw,if=none,media=cdrom,\
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.xml
+index 9f7472378..677c2b0b7 100644
+--- a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared.xml
+@@ -15,7 +15,7 @@
+   <devices>
+     <emulator>/usr/bin/qemu-system-i686</emulator>
+     <disk type='block' device='disk'>
+-      <driver name='qemu' type='qcow2'/>
+      <driver name='qemu' type='raw'/>
+       <source dev='/dev/HostVG/QEMUGuest1'/>
+       <target dev='hda' bus='ide'/>
+       <shareable/>
+diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
+index 18f06e5aa..93f892229 100644
+--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
+@@ -895,6 +895,7 @@ mymain(void)
+             QEMU_CAPS_DRIVE_BOOT);
+     DO_TEST("disk-drive-shared",
+             QEMU_CAPS_DRIVE_SERIAL);
+    DO_TEST_PARSE_ERROR("disk-drive-shared-qcow", NONE);
+     DO_TEST("disk-drive-error-policy-stop",
+             QEMU_CAPS_MONITOR_JSON);
+     DO_TEST("disk-drive-error-policy-enospace",
@@ -0,0 +1,63 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 15 Nov 2017 13:41:01 +0100
+Subject: [PATCH] qemu: snapshot: Disallow snapshot of unsupported shared disks
+
+Creating a snapshot would introduce a possibly unsupported member for
+sharing into the backing chain. Add a check to prevent that from
+happening.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1511480
+(cherry picked from commit 9b2fbfa6f6b535b9f41a7503531d43d86d7a8868)
+---
+ src/qemu/qemu_driver.c | 24 ++++++++++++++++++++++++
+ 1 file changed, 24 insertions(+)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 57f0c2bf4..91119a494 100644
+--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
+@@ -13792,6 +13792,24 @@ qemuDomainSnapshotCreateActiveInternal(virConnectPtr conn,
+ }
+ 
+ 
+static int
+qemuDomainSnapshotPrepareDiskShared(virDomainSnapshotDiskDefPtr snapdisk,
+                                    virDomainDiskDefPtr domdisk)
+{
+    if (!domdisk->src->shared || domdisk->src->readonly)
+        return 0;
+
+    if (!qemuBlockStorageSourceSupportsConcurrentAccess(snapdisk->src)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("shared access for disk '%s' requires use of "
+                         "supported storage format"), domdisk->dst);
+        return -1;
+    }
+
+    return 0;
+}
+
+
+ static int
+ qemuDomainSnapshotPrepareDiskExternalInactive(virDomainSnapshotDiskDefPtr snapdisk,
+                                               virDomainDiskDefPtr domdisk)
+@@ -13853,6 +13871,9 @@ qemuDomainSnapshotPrepareDiskExternalInactive(virDomainSnapshotDiskDefPtr snapdi
+         return -1;
+     }
+ 
+    if (qemuDomainSnapshotPrepareDiskShared(snapdisk, domdisk) < 0)
+        return -1;
+
+     return 0;
+ }
+ 
+@@ -13911,6 +13932,9 @@ qemuDomainSnapshotPrepareDiskExternalActive(virDomainSnapshotDiskDefPtr snapdisk
+         return -1;
+     }
+ 
+    if (qemuDomainSnapshotPrepareDiskShared(snapdisk, domdisk) < 0)
+        return -1;
+
+     return 0;
+ }
+ 
@@ -0,0 +1,34 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 15 Nov 2017 14:33:11 +0100
+Subject: [PATCH] qemu: Disallow pivot of shared disks to unsupported storage
+
+Pivoting to a unsupported storage type might break the assumption that
+shared disks will not corrupt metadata.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1511480
+(cherry picked from commit 2b41c86294786c07f53afa633fe3dce703debc3c)
+---
+ src/qemu/qemu_driver.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 91119a494..208ccc9bc 100644
+--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
+@@ -16325,6 +16325,16 @@ qemuDomainBlockPivot(virQEMUDriverPtr driver,
+         goto cleanup;
+     }
+ 
+    /* When pivoting to a shareable disk we need to make sure that the disk can
+     * be safely shared, since block copy might have changed the format. */
+    if (disk->src->shared && !disk->src->readonly &&
+        !qemuBlockStorageSourceSupportsConcurrentAccess(disk->mirror)) {
+        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+                       _("can't pivot a shared disk to a storage volume not "
+                         "supporting sharing"));
+        goto cleanup;
+    }
+
+     /* For active commit, the mirror is part of the already labeled
+      * chain.  For blockcopy, we previously labeled only the top-level
+      * image; but if the user is reusing an external image that
@@ -0,0 +1,126 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 15 Nov 2017 15:02:58 +0100
+Subject: [PATCH] qemu: caps: Add capability for 'share-rw' disk option
+
+'share-rw' for the disk device configures qemu to allow concurrent
+access to the backing storage.
+
+The capability is checked in various supported disk frontend buses since
+it does not make sense to partially backport it.
+
+(cherry picked from commit 860a3c4bea1d24773d8a495f213d5de3ac48a462)
+---
+ src/qemu/qemu_capabilities.c                      | 14 ++++++++++++++
+ src/qemu/qemu_capabilities.h                      | 10 ++++++++++
+ tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml |  1 +
+ tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml   |  1 +
+ tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml  |  1 +
+ 5 files changed, 27 insertions(+)
+
+diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
+index e7ea6f47c..2de84715e 100644
+--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
+@@ -439,6 +439,16 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
+               "virtio-net.tx_queue_size",
+               "chardev-reconnect",
+               "virtio-gpu.max_outputs",
+
+              /* 270 */
+              "vxhs",
+              "virtio-blk.num-queues",
+              "machine.pseries.resize-hpt",
+              "vmcoreinfo",
+              "spapr-vty",
+
+              /* 275 */
+              "disk-share-rw",
+     );
+ 
+ 
+@@ -1702,6 +1712,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBlk[] = {
+     { "event_idx", QEMU_CAPS_VIRTIO_BLK_EVENT_IDX },
+     { "scsi", QEMU_CAPS_VIRTIO_BLK_SCSI },
+     { "logical_block_size", QEMU_CAPS_BLOCKIO },
+    { "share-rw", QEMU_CAPS_DISK_SHARE_RW },
+ };
+ 
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioNet[] = {
+@@ -1732,10 +1743,12 @@ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVfioPCI[] = {
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsSCSIDisk[] = {
+     { "channel", QEMU_CAPS_SCSI_DISK_CHANNEL },
+     { "wwn", QEMU_CAPS_SCSI_DISK_WWN },
+    { "share-rw", QEMU_CAPS_DISK_SHARE_RW },
+ };
+ 
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsIDEDrive[] = {
+     { "wwn", QEMU_CAPS_IDE_DRIVE_WWN },
+    { "share-rw", QEMU_CAPS_DISK_SHARE_RW },
+ };
+ 
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsPiix4PM[] = {
+@@ -1766,6 +1779,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsQ35PCIHost[] = {
+ 
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsUSBStorage[] = {
+     { "removable", QEMU_CAPS_USB_STORAGE_REMOVABLE },
+    { "share-rw", QEMU_CAPS_DISK_SHARE_RW },
+ };
+ 
+ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsKVMPit[] = {
+diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
+index f32687d4a..9c92d6b46 100644
+--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
+@@ -426,6 +426,16 @@ typedef enum {
+     QEMU_CAPS_CHARDEV_RECONNECT, /* -chardev reconnect */
+     QEMU_CAPS_VIRTIO_GPU_MAX_OUTPUTS, /* -device virtio-(vga|gpu-*),max-outputs= */
+ 
+    /* 270 */
+    QEMU_CAPS_VXHS, /* -drive file.driver=vxhs via query-qmp-schema */
+    QEMU_CAPS_VIRTIO_BLK_NUM_QUEUES, /* virtio-blk-*.num-queues */
+    QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT, /* -machine pseries,resize-hpt */
+    QEMU_CAPS_DEVICE_VMCOREINFO, /* -device vmcoreinfo */
+    QEMU_CAPS_DEVICE_SPAPR_VTY, /* -device spapr-vty */
+
+    /* 275 */
+    QEMU_CAPS_DISK_SHARE_RW, /* share-rw=on for concurrent disk access */
+
+     QEMU_CAPS_LAST /* this must always be the last item */
+ } virQEMUCapsFlags;
+ 
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+index a373a6db6..9551907c6 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+@@ -172,6 +172,7 @@
+   <flag name='vnc-multi-servers'/>
+   <flag name='chardev-reconnect'/>
+   <flag name='virtio-gpu.max_outputs'/>
+  <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+   <package> (v2.9.0)</package>
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+index e80782cfb..0a6fbd077 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+@@ -137,6 +137,7 @@
+   <flag name='vnc-multi-servers'/>
+   <flag name='chardev-reconnect'/>
+   <flag name='virtio-gpu.max_outputs'/>
+  <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+   <package></package>
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+index 3641d0332..1294ebdb3 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+@@ -220,6 +220,7 @@
+   <flag name='vnc-multi-servers'/>
+   <flag name='chardev-reconnect'/>
+   <flag name='virtio-gpu.max_outputs'/>
+  <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+   <package> (v2.9.0)</package>
@@ -0,0 +1,133 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 15 Nov 2017 15:21:14 +0100
+Subject: [PATCH] qemu: command: Mark <shared/> disks as such in qemu
+
+Qemu has now an internal mechanism for locking images to fix specific
+cases of disk corruption. This requires libvirt to mark the image as
+shared so that qemu lifts certain restrictions.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1378242
+(cherry picked from commit 28907b0043fbf71085a798372ab9c816ba043b93)
+---
+ src/qemu/qemu_command.c                            |  4 +++
+ .../qemuxml2argv-disk-drive-shared-locking.args    | 32 +++++++++++++++++
+ .../qemuxml2argv-disk-drive-shared-locking.xml     | 42 ++++++++++++++++++++++
+ tests/qemuxml2argvtest.c                           |  2 ++
+ 4 files changed, 80 insertions(+)
+ create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.args
+ create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.xml
+
+diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
+index ae78cd17e..883525752 100644
+--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
+@@ -2075,6 +2075,10 @@ qemuBuildDriveDevStr(const virDomainDef *def,
+         goto error;
+     }
+ 
+    if (disk->src->shared &&
+        virQEMUCapsGet(qemuCaps, QEMU_CAPS_DISK_SHARE_RW))
+        virBufferAddLit(&opt, ",share-rw=on");
+
+     if (!(drivealias = qemuAliasFromDisk(disk)))
+         goto error;
+     virBufferAsprintf(&opt, ",drive=%s,id=%s", drivealias, disk->info.alias);
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.args
+new file mode 100644
+index 000000000..cdf17f26d
+--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.args
+@@ -0,0 +1,32 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/home/test \
+USER=test \
+LOGNAME=test \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu-system-i686 \
+-name QEMUGuest1 \
+-S \
+-M pc \
+-m 214 \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-nographic \
+-nodefaults \
+-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
+server,nowait \
+-mon chardev=charmonitor,id=monitor,mode=readline \
+-no-acpi \
+-boot c \
+-device virtio-scsi-pci,id=scsi0,bus=pci.0,addr=0x3 \
+-usb \
+-drive file=/dev/ide,format=raw,if=none,id=drive-ide0-0-0,cache=none \
+-device ide-drive,bus=ide.0,unit=0,share-rw=on,drive=drive-ide0-0-0,\
+id=ide0-0-0 \
+-drive file=/dev/scsi,format=raw,if=none,id=drive-scsi0-0-0-0,cache=none \
+-device scsi-disk,bus=scsi0.0,channel=0,scsi-id=0,lun=0,share-rw=on,\
+drive=drive-scsi0-0-0-0,id=scsi0-0-0-0 \
+-drive file=/dev/virtio,format=raw,if=none,id=drive-virtio-disk0,cache=none \
+-device virtio-blk-pci,bus=pci.0,addr=0x4,share-rw=on,drive=drive-virtio-disk0,\
+id=virtio-disk0 \
+-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5
+diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.xml
+new file mode 100644
+index 000000000..dd48857a3
+--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-shared-locking.xml
+@@ -0,0 +1,42 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219136</memory>
+  <currentMemory unit='KiB'>219136</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='i686' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-i686</emulator>
+    <disk type='block' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source dev='/dev/ide'/>
+      <target dev='hda' bus='ide'/>
+      <shareable/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <disk type='block' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source dev='/dev/scsi'/>
+      <target dev='sda' bus='scsi'/>
+      <shareable/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <disk type='block' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source dev='/dev/virtio'/>
+      <target dev='vda' bus='virtio'/>
+      <shareable/>
+    </disk>
+    <controller type='usb' index='0'/>
+    <controller type='ide' index='0'/>
+    <controller type='scsi' index='0' model='virtio-scsi'/>
+    <memballoon model='virtio'/>
+  </devices>
+</domain>
+diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
+index 93f892229..9585fdb70 100644
+--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
+@@ -896,6 +896,8 @@ mymain(void)
+     DO_TEST("disk-drive-shared",
+             QEMU_CAPS_DRIVE_SERIAL);
+     DO_TEST_PARSE_ERROR("disk-drive-shared-qcow", NONE);
+    DO_TEST("disk-drive-shared-locking",
+            QEMU_CAPS_VIRTIO_SCSI, QEMU_CAPS_DISK_SHARE_RW);
+     DO_TEST("disk-drive-error-policy-stop",
+             QEMU_CAPS_MONITOR_JSON);
+     DO_TEST("disk-drive-error-policy-enospace",
@@ -0,0 +1,36 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 20 Dec 2017 12:58:36 +0100
+Subject: [PATCH] util: probe: Add quiet versions of the "PROBE" macro
+
+PROBE macro adds a logging entry, when used in places seeing a lot of
+traffic this can cause a significant slowdown.
+
+(cherry picked from commit f06e488d5484031a76e7ed231c8fef8fa1181d2c)
+---
+ src/util/virprobe.h | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/util/virprobe.h b/src/util/virprobe.h
+index 7565954af..bd8c32964 100644
+--- a/src/util/virprobe.h
+++ b/src/util/virprobe.h
+@@ -90,11 +90,19 @@
+         PROBE_EXPAND(LIBVIRT_ ## NAME,                       \
+                      VIR_ADD_CASTS(__VA_ARGS__));            \
+     }
+
+#  define PROBE_QUIET(NAME, FMT, ...) \
+    if (LIBVIRT_ ## NAME ## _ENABLED()) { \
+        PROBE_EXPAND(LIBVIRT_ ## NAME, \
+                     VIR_ADD_CASTS(__VA_ARGS__)); \
+    }
+ # else
+ #  define PROBE(NAME, FMT, ...)                              \
+     VIR_INFO_INT(&virLogSelf,                                \
+                  __FILE__, __LINE__, __func__,               \
+                  #NAME ": " FMT, __VA_ARGS__);
+
+#  define PROBE_QUIET(NAME, FMT, ...)
+ # endif
+ 
+ #endif /* __VIR_PROBE_H__ */
@@ -0,0 +1,49 @@
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 20 Dec 2017 13:09:07 +0100
+Subject: [PATCH] qemu: monitor: Decrease logging verbosity
+
+The PROBE macro used in qemuMonitorIOProcess and the VIR_DEBUG message
+in qemuMonitorJSONIOProcess create a lot of logging churn when debug
+logging is enabled during monitor communication.
+
+The messages logged from the PROBE macro are rather useless since they
+are reporting the partial state of receiving the reply from qemu. The
+actual full reply is still logged in qemuMonitorJSONIOProcessLine once
+the full message is received.
+
+(cherry picked from commit f10bb3347b43d900ff361cda5fe1996782284991)
+---
+ src/qemu/qemu_monitor.c      | 4 ++--
+ src/qemu/qemu_monitor_json.c | 3 +++
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
+index 19082d8bf..3def28852 100644
+--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
+@@ -434,8 +434,8 @@ qemuMonitorIOProcess(qemuMonitorPtr mon)
+ # endif
+ #endif
+ 
+-    PROBE(QEMU_MONITOR_IO_PROCESS,
+-          "mon=%p buf=%s len=%zu", mon, mon->buffer, mon->bufferOffset);
+    PROBE_QUIET(QEMU_MONITOR_IO_PROCESS, "mon=%p buf=%s len=%zu",
+                mon, mon->buffer, mon->bufferOffset);
+ 
+     if (mon->json)
+         len = qemuMonitorJSONIOProcess(mon,
+diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
+index df5fb7c8f..461aae089 100644
+--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
+@@ -259,7 +259,10 @@ int qemuMonitorJSONIOProcess(qemuMonitorPtr mon,
+         }
+     }
+ 
+#if DEBUG_IO
+     VIR_DEBUG("Total used %d bytes out of %zd available in buffer", used, len);
+#endif
+
+     return used;
+ }
+ 
@@ -0,0 +1,63 @@
+From: Lubomir Rintel <lkundrak@v3.sk>
+Date: Sat, 27 Jan 2018 23:43:58 +0100
+Subject: [PATCH] virlog: determine the hostname on startup CVE-2018-6764
+
+At later point it might not be possible or even safe to use getaddrinfo(). It
+can in turn result in a load of NSS module.
+
+Notably, on a LXC container startup we may find ourselves with the guest
+filesystem already having replaced the host one. Loading a NSS module
+from the guest tree would allow a malicous guest to escape the
+confinement of its container environment because libvirt will not yet
+have locked it down.
+
+(cherry picked from commit 759b4d1b0fe5f4d84d98b99153dfa7ac289dd167)
+---
+ src/util/virlog.c | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/src/util/virlog.c b/src/util/virlog.c
+index d45a451a7..05e0e199e 100644
+--- a/src/util/virlog.c
+++ b/src/util/virlog.c
+@@ -64,6 +64,7 @@
+ VIR_LOG_INIT("util.log");
+ 
+ static regex_t *virLogRegex;
+static char *virLogHostname;
+ 
+ 
+ #define VIR_LOG_DATE_REGEX "[0-9]{4}-[0-9]{2}-[0-9]{2}"
+@@ -271,6 +272,12 @@ virLogOnceInit(void)
+             VIR_FREE(virLogRegex);
+     }
+ 
+    /* We get and remember the hostname early, because at later time
+     * it might not be possible to load NSS modules via getaddrinfo()
+     * (e.g. at container startup the host filesystem will not be
+     * accessible anymore. */
+    virLogHostname = virGetHostnameQuiet();
+
+     virLogUnlock();
+     return 0;
+ }
+@@ -466,17 +473,14 @@ static int
+ virLogHostnameString(char **rawmsg,
+                      char **msg)
+ {
+-    char *hostname = virGetHostnameQuiet();
+     char *hoststr;
+ 
+-    if (!hostname)
+    if (!virLogHostname)
+         return -1;
+ 
+-    if (virAsprintfQuiet(&hoststr, "hostname: %s", hostname) < 0) {
+-        VIR_FREE(hostname);
+    if (virAsprintfQuiet(&hoststr, "hostname: %s", virLogHostname) < 0) {
+         return -1;
+     }
+-    VIR_FREE(hostname);
+ 
+     if (virLogFormatString(msg, 0, NULL, VIR_LOG_INFO, hoststr) < 0) {
+         VIR_FREE(hoststr);
@@ -0,0 +1,27 @@
+From: Andrea Bolognani <abologna@redhat.com>
+Date: Wed, 7 Feb 2018 14:39:18 +0100
+Subject: [PATCH] util: Fix syntax-check
+
+Broken by 759b4d1b0fe5f4d84d98b99153dfa7ac289dd167.
+
+Signed-off-by: Andrea Bolognani <abologna@redhat.com>
+(cherry picked from commit 6ce3acc129bfdbe7fd02bcb8bbe8af6d13903684)
+---
+ src/util/virlog.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/src/util/virlog.c b/src/util/virlog.c
+index 05e0e199e..056b53cda 100644
+--- a/src/util/virlog.c
+++ b/src/util/virlog.c
+@@ -478,9 +478,8 @@ virLogHostnameString(char **rawmsg,
+     if (!virLogHostname)
+         return -1;
+ 
+-    if (virAsprintfQuiet(&hoststr, "hostname: %s", virLogHostname) < 0) {
+    if (virAsprintfQuiet(&hoststr, "hostname: %s", virLogHostname) < 0)
+         return -1;
+-    }
+ 
+     if (virLogFormatString(msg, 0, NULL, VIR_LOG_INFO, hoststr) < 0) {
+         VIR_FREE(hoststr);
@@ -0,0 +1,121 @@
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Mon, 12 Feb 2018 10:03:08 +0000
+Subject: [PATCH] log: fix deadlock obtaining hostname (related CVE-2018-6764)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The fix for CVE-2018-6764 introduced a potential deadlock scenario
+that gets triggered by the NSS module when virGetHostname() calls
+getaddrinfo to resolve the hostname:
+
+ #0  0x00007f6e714b57e7 in futex_wait
+ #1  futex_wait_simple
+ #2  __pthread_once_slow
+ #3  0x00007f6e71d16e7d in virOnce
+ #4  0x00007f6e71d0997c in virLogInitialize
+ #5  0x00007f6e71d0a09a in virLogVMessage
+ #6  0x00007f6e71d09ffd in virLogMessage
+ #7  0x00007f6e71d0db22 in virObjectNew
+ #8  0x00007f6e71d0dbf1 in virObjectLockableNew
+ #9  0x00007f6e71d0d3e5 in virMacMapNew
+ #10 0x00007f6e71cdc50a in findLease
+ #11 0x00007f6e71cdcc56 in _nss_libvirt_gethostbyname4_r
+ #12 0x00007f6e724631fc in gaih_inet
+ #13 0x00007f6e72464697 in __GI_getaddrinfo
+ #14 0x00007f6e71d19e81 in virGetHostnameImpl
+ #15 0x00007f6e71d1a057 in virGetHostnameQuiet
+ #16 0x00007f6e71d09936 in virLogOnceInit
+ #17 0x00007f6e71d09952 in virLogOnce
+ #18 0x00007f6e714b5829 in __pthread_once_slow
+ #19 0x00007f6e71d16e7d in virOnce
+ #20 0x00007f6e71d0997c in virLogInitialize
+ #21 0x00007f6e71d0a09a in virLogVMessage
+ #22 0x00007f6e71d09ffd in virLogMessage
+ #23 0x00007f6e71d0db22 in virObjectNew
+ #24 0x00007f6e71d0dbf1 in virObjectLockableNew
+ #25 0x00007f6e71d0d3e5 in virMacMapNew
+ #26 0x00007f6e71cdc50a in findLease
+ #27 0x00007f6e71cdc839 in _nss_libvirt_gethostbyname3_r
+ #28 0x00007f6e71cdc724 in _nss_libvirt_gethostbyname2_r
+ #29 0x00007f6e7248f72f in __gethostbyname2_r
+ #30 0x00007f6e7248f494 in gethostbyname2
+ #31 0x000056348c30c36d in hosts_keys
+ #32 0x000056348c30b7d2 in main
+
+Fortunately the extra stuff virGetHostname does is totally irrelevant to
+the needs of the logging code, so we can just inline a call to the
+native hostname() syscall directly.
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit c2dc6698c88fb591639e542c8ecb0076c54f3dfb)
+---
+ cfg.mk            |  2 +-
+ src/util/virlog.c | 20 ++++++++++++++------
+ 2 files changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/cfg.mk b/cfg.mk
+index 56cb14bd9..a4131592c 100644
+--- a/cfg.mk
+++ b/cfg.mk
+@@ -1158,7 +1158,7 @@ _src2=src/(util/vircommand|libvirt|lxc/lxc_controller|locking/lock_daemon|loggin
+ exclude_file_name_regexp--sc_prohibit_fork_wrappers = \
+   (^($(_src2)|tests/testutils|daemon/libvirtd)\.c$$)
+ 
+-exclude_file_name_regexp--sc_prohibit_gethostname = ^src/util/virutil\.c$$
+exclude_file_name_regexp--sc_prohibit_gethostname = ^src/util/vir(util|log)\.c$$
+ 
+ exclude_file_name_regexp--sc_prohibit_internal_functions = \
+   ^src/(util/(viralloc|virutil|virfile)\.[hc]|esx/esx_vi\.c)$$
+diff --git a/src/util/virlog.c b/src/util/virlog.c
+index 056b53cda..f76fc2caf 100644
+--- a/src/util/virlog.c
+++ b/src/util/virlog.c
+@@ -64,7 +64,7 @@
+ VIR_LOG_INIT("util.log");
+ 
+ static regex_t *virLogRegex;
+-static char *virLogHostname;
+static char virLogHostname[HOST_NAME_MAX+1];
+ 
+ 
+ #define VIR_LOG_DATE_REGEX "[0-9]{4}-[0-9]{2}-[0-9]{2}"
+@@ -261,6 +261,8 @@ virLogPriorityString(virLogPriority lvl)
+ static int
+ virLogOnceInit(void)
+ {
+    int r;
+
+     if (virMutexInit(&virLogMutex) < 0)
+         return -1;
+ 
+@@ -275,8 +277,17 @@ virLogOnceInit(void)
+     /* We get and remember the hostname early, because at later time
+      * it might not be possible to load NSS modules via getaddrinfo()
+      * (e.g. at container startup the host filesystem will not be
+-     * accessible anymore. */
+-    virLogHostname = virGetHostnameQuiet();
+     * accessible anymore.
+     * Must not use virGetHostname though as that causes re-entrancy
+     * problems if it triggers logging codepaths
+     */
+    r = gethostname(virLogHostname, sizeof(virLogHostname));
+    if (r == -1) {
+        ignore_value(virStrcpy(virLogHostname,
+                               "(unknown)", sizeof(virLogHostname)));
+    } else {
+        NUL_TERMINATE(virLogHostname);
+    }
+ 
+     virLogUnlock();
+     return 0;
+@@ -475,9 +486,6 @@ virLogHostnameString(char **rawmsg,
+ {
+     char *hoststr;
+ 
+-    if (!virLogHostname)
+-        return -1;
+-
+     if (virAsprintfQuiet(&hoststr, "hostname: %s", virLogHostname) < 0)
+         return -1;
+ 
@@ -0,0 +1,59 @@
+From: Michal Privoznik <mprivozn@redhat.com>
+Date: Thu, 4 Jan 2018 11:11:53 +0100
+Subject: [PATCH] qemuDomainAttachDeviceMknodHelper: Remove symlink before
+ creating it
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1528502
+
+So imagine you have /dev/blah symlink which points to /dev/sda.
+You attach /dev/blah as disk to your domain. Libvirt correctly
+creates the /dev/blah -> /dev/sda symlink in the qemu namespace.
+However, then you detach the disk, change the symlink so that it
+points to /dev/sdb and tries to attach the disk again. This time,
+however, the attach fails (well, qemu attaches wrong disk)
+because the code assumes that symlinks don't change. Well they
+do.
+
+This is inspired by test fix written by Eduardo Habkost.
+
+Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
+Reviewed-by: Andrea Bolognani <abologna@redhat.com>
+(cherry picked from commit db98e7f67ea0d7699410f514f01947cef5128a6c)
+---
+ src/qemu/qemu_domain.c | 22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
+index 42d17c1b0..e0f4aaafa 100644
+--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
+@@ -8864,13 +8864,23 @@ qemuDomainAttachDeviceMknodHelper(pid_t pid ATTRIBUTE_UNUSED,
+ 
+     if (isLink) {
+         VIR_DEBUG("Creating symlink %s -> %s", data->file, data->target);
+
+        /* First, unlink the symlink target. Symlinks change and
+         * therefore we have no guarantees that pre-existing
+         * symlink is still valid. */
+        if (unlink(data->file) < 0 &&
+            errno != ENOENT) {
+            virReportSystemError(errno,
+                                 _("Unable to remove symlink %s"),
+                                 data->file);
+            goto cleanup;
+        }
+
+         if (symlink(data->target, data->file) < 0) {
+-            if (errno != EEXIST) {
+-                virReportSystemError(errno,
+-                                     _("Unable to create symlink %s"),
+-                                     data->target);
+-                goto cleanup;
+-            }
+            virReportSystemError(errno,
+                                 _("Unable to create symlink %s (pointing to %s)"),
+                                 data->file, data->target);
+            goto cleanup;
+         } else {
+             delDevice = true;
+         }
@@ -0,0 +1,110 @@
+From ce5aebeacd10a1c15cb3ee46a59c8b5ff235589e Mon Sep 17 00:00:00 2001
+Message-Id: <ce5aebeacd10a1c15cb3ee46a59c8b5ff235589e.1530632895.git.crobinso@redhat.com>
+From: Laine Stump <laine@laine.org>
+Date: Wed, 25 Apr 2018 17:12:03 -0400
+Subject: [PATCH] nwfilter: increase pcap buffer size to be compatible with
+ TPACKET_V3
+
+When an nwfilter rule sets the parameter CTRL_IP_LEARNING to "dhcp",
+this turns on the "dhcpsnoop" thread, which uses libpcap to monitor
+traffic on the domain's tap device and extract the IP address from the
+DHCP response.
+
+If libpcap on the host is built with HAVE_TPACKET3 defined (to enable
+support for TPACKET_V3), the dhcpsnoop code's initialization of the
+libpcap socket would fail with the following error:
+
+  virNWFilterSnoopDHCPOpen:1134 : internal error: pcap_setfilter: can't remove kernel filter: Bad file descriptor
+
+It turns out that this was because TPACKET_V3 requires a larger buffer
+size than libvirt was setting (we were setting it to 128k). Changing
+the buffer size to 256k eliminates the error, and the dhcpsnoop thread
+once again works properly.
+
+A fuller explanation of why TPACKET_V3 requires such a large buffer,
+for future git spelunkers:
+
+libpcap calls setsockopt(... SOL_PACKET, PACKET_RX_RING...) to setup a
+ring buffer for receiving packets; two of the attributes sent to this
+API are called tp_frame_size, and tp_frame_nr. If libpcap was built
+with HAVE_TPACKET3 defined, tp_trame_size is set to MAXIMUM_SNAPLEN
+(defined in libpcap sources as 262144) and tp_frame_nr is set to:
+
+ [the buffer size we set, i.e. PCAP_BUFFERSIZE i.e. 262144] / tp_frame_size.
+
+So if PCAP_BUFFERSIZE < MAXIMUM_SNAPLEN, then tp_frame_nr (the number
+of frames in the ring buffer) is 0, which is nonsensical. This same
+value is later used as a multiplier to determine the size for a call
+to malloc() (which would also fail).
+
+(NB: if HAVE_TPACKET3 is *not* defined, then tp_frame_size is set to
+the snaplen set by the user (in our case 576) plus a small amount to
+account for ethernet headers, so 256k is far more than adequate)
+
+Since the TPACKET_V3 code in libpcap actually reads multiple packets
+into each frame, it's not a problem to have only a single frame
+(especially when we are monitoring such infrequent traffic), so it's
+okay to set this relatively small buffer size (in comparison to the
+default, which is 2MB), which is important since every guest using
+dhcp snooping in a nwfilter rule will hold 2 of these buffers for the
+entire life of the guest.
+
+Thanks to Christian Ehrhardt for discovering that buffer size was the
+problem (this was not at all obvious from the error that was logged!)
+
+Resolves: https://bugzilla.redhat.com/1547237
+Fixes: https://bugs.launchpad.net/libvirt/+bug/1758037
+
+Signed-off-by: Laine Stump <laine@laine.org>
+Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> (V1)
+Reviewed-by: John Ferlan <jferlan@redhat.com>
+Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+Signed-off-by: Cole Robinson <crobinso@redhat.com>
+---
+ src/nwfilter/nwfilter_dhcpsnoop.c | 22 +++++++++++++++++++---
+ 1 file changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcpsnoop.c
+index 6069e70460..50cfb944a2 100644
+--- a/src/nwfilter/nwfilter_dhcpsnoop.c
+++ b/src/nwfilter/nwfilter_dhcpsnoop.c
+@@ -256,10 +256,21 @@ struct _virNWFilterDHCPDecodeJob {
+ # define DHCP_BURST_INTERVAL_S  10 /* sec */
+ 
+ /*
+- * libpcap 1.5 requires a 128kb buffer
+- * 128 kb is bigger than (DHCP_PKT_BURST * PCAP_PBUFSIZE / 2)
+ * NB: Any libpcap built with HAVE_TPACKET3 will require
+ * PCAP_BUFFERSIZE to be at least 262144 (although
+ * pcap_set_buffer_size() with a lower value will succeed, and the
+ * error will only show up later when pcap_setfilter() is called).
+ *
+ * It is possible that in the future libpcap could increase the
+ * minimum size even further, but due to the fact that each guest
+ * using dhcp snooping keeps 2 pcap sockets open (and thus 2 buffers
+ * allocated) for the life of the guest, we want to minimize the
+ * length of the buffer, so instead of leaving it at the default size
+ * (2MB), we are setting it to the minimum viable size and including
+ * this clue in the source to help quickly resolve the problem when/if
+ * it reoccurs.
+  */
+-# define PCAP_BUFFERSIZE        (128 * 1024)
+# define PCAP_BUFFERSIZE        (256 * 1024)
+ 
+ # define MAX_QUEUED_JOBS        (DHCP_PKT_BURST + 2 * DHCP_PKT_RATE)
+ 
+@@ -1114,6 +1125,11 @@ virNWFilterSnoopDHCPOpen(const char *ifname, virMacAddr *mac,
+         goto cleanup_nohandle;
+     }
+ 
+    /* IMPORTANT: If there is any failure of *any* pcap_* function
+     * during setup of the socket, look to the comment where
+     * PCAP_BUFFERSIZE is defined. It may be too small, even if the
+     * generated error doesn't imply that.
+     */
+     if (pcap_set_snaplen(handle, PCAP_PBUFSIZE) < 0 ||
+         pcap_set_buffer_size(handle, PCAP_BUFFERSIZE) < 0 ||
+         pcap_activate(handle) < 0) {
+-- 
+2.17.1
+
@@ -0,0 +1,74 @@
+From e18672ce9a5fff383992fd6e842d1cbe85c141ea Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 12 Dec 2017 16:23:40 +0100
+Subject: [PATCH 10/19] util: add virFileReadHeaderQuiet wrapper around
+ virFileReadHeaderFD
+
+CVE-2017-5715
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/libvirt_private.syms |  1 +
+ src/util/virfile.c       | 19 +++++++++++++++++++
+ src/util/virfile.h       |  2 ++
+ 3 files changed, 22 insertions(+)
+
+diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
+index f30a04b145..29b73fa046 100644
+--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
+@@ -1703,6 +1703,7 @@ virFileReadAll;
+ virFileReadAllQuiet;
+ virFileReadBufQuiet;
+ virFileReadHeaderFD;
+virFileReadHeaderQuiet;
+ virFileReadLimFD;
+ virFileReadLink;
+ virFileReadValueBitmap;
+diff --git a/src/util/virfile.c b/src/util/virfile.c
+index 2f28e83f44..269db995ff 100644
+--- a/src/util/virfile.c
+++ b/src/util/virfile.c
+@@ -1356,6 +1356,25 @@ virFileReadHeaderFD(int fd, int maxlen, char **buf)
+ }
+ 
+ 
+int
+virFileReadHeaderQuiet(const char *path,
+                       int maxlen,
+                       char **buf)
+{
+    int fd;
+    int len;
+
+    fd = open(path, O_RDONLY);
+    if (fd < 0)
+        return -1;
+
+    len = virFileReadHeaderFD(fd, maxlen, buf);
+    VIR_FORCE_CLOSE(fd);
+
+    return len;
+}
+
+
+ /* A wrapper around saferead_lim that maps a failure due to
+    exceeding the maximum size limitation to EOVERFLOW.  */
+ int
+diff --git a/src/util/virfile.h b/src/util/virfile.h
+index 57ceb80721..657e7216fb 100644
+--- a/src/util/virfile.h
+++ b/src/util/virfile.h
+@@ -129,6 +129,8 @@ int virFileDeleteTree(const char *dir);
+ 
+ int virFileReadHeaderFD(int fd, int maxlen, char **buf)
+     ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3);
+int virFileReadHeaderQuiet(const char *path, int maxlen, char **buf)
+    ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(3);
+ int virFileReadLimFD(int fd, int maxlen, char **buf)
+     ATTRIBUTE_RETURN_CHECK ATTRIBUTE_NONNULL(3);
+ int virFileReadAll(const char *path, int maxlen, char **buf)
+-- 
+2.17.0
+
@@ -0,0 +1,36 @@
+From a84e70ad247da5d3ad13615efd70b91951392aa1 Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Fri, 5 Jan 2018 17:43:03 +0100
+Subject: [PATCH 12/19] cpu_x86: Copy CPU signature from ancestor
+
+When specifying a new CPU model in cpu_map.xml as an extension to an
+existing model, we forgot to copy the signature (family + model) from
+the original CPU model.
+
+We don't use this way of specifying CPU models, but it's still supported
+and it becomes useful when someone wants to quickly hack up a CPU model
+for testing or when creating additional variants of existing models to
+help with fixing some spectral issues.
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
+(cherry picked from commit b427cf4831d0ea7aac9dd1a3aa7682478356a483)
+---
+ src/cpu/cpu_x86.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
+index 2864454211..3b7a6f95fe 100644
+--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
+@@ -1206,6 +1206,7 @@ x86ModelParse(xmlXPathContextPtr ctxt,
+         VIR_FREE(name);
+ 
+         model->vendor = ancestor->vendor;
+        model->signature = ancestor->signature;
+         if (x86DataCopy(&model->data, &ancestor->data) < 0)
+             goto error;
+     }
+-- 
+2.17.0
+
@@ -0,0 +1,97 @@
+From de12d97c029d6644bb42afaa38410c4263bef41f Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 12 Dec 2017 16:23:41 +0100
+Subject: [PATCH 13/19] util: introduce virHostCPUGetMicrocodeVersion
+
+This new API reads host's CPU microcode version from /proc/cpuinfo.
+
+Unfortunately, there is no other way of reading microcode version which
+would be usable from both system and session daemon.
+
+CVE-2017-5715
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/libvirt_private.syms |  1 +
+ src/util/virhostcpu.c    | 43 ++++++++++++++++++++++++++++++++++++++++
+ src/util/virhostcpu.h    |  2 ++
+ 3 files changed, 46 insertions(+)
+
+diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
+index 29b73fa046..0ecd58a12c 100644
+--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
+@@ -1811,6 +1811,7 @@ virHostCPUGetCount;
+ virHostCPUGetInfo;
+ virHostCPUGetKVMMaxVCPUs;
+ virHostCPUGetMap;
+virHostCPUGetMicrocodeVersion;
+ virHostCPUGetOnline;
+ virHostCPUGetOnlineBitmap;
+ virHostCPUGetPresentBitmap;
+diff --git a/src/util/virhostcpu.c b/src/util/virhostcpu.c
+index c485a97211..713fdec553 100644
+--- a/src/util/virhostcpu.c
+++ b/src/util/virhostcpu.c
+@@ -1206,3 +1206,46 @@ virHostCPUGetKVMMaxVCPUs(void)
+     return -1;
+ }
+ #endif /* HAVE_LINUX_KVM_H */
+
+
+#ifdef __linux__
+
+unsigned int
+virHostCPUGetMicrocodeVersion(void)
+{
+    char *outbuf = NULL;
+    char *cur;
+    unsigned int version = 0;
+
+    if (virFileReadHeaderQuiet(CPUINFO_PATH, 4096, &outbuf) < 0) {
+        char ebuf[1024];
+        VIR_DEBUG("Failed to read microcode version from %s: %s",
+                  CPUINFO_PATH, virStrerror(errno, ebuf, sizeof(ebuf)));
+        return 0;
+    }
+
+    /* Account for format 'microcode    : XXXX'*/
+    if (!(cur = strstr(outbuf, "microcode")) ||
+        !(cur = strchr(cur, ':')))
+        goto cleanup;
+    cur++;
+
+    /* Linux places the microcode revision in a 32-bit integer, so
+     * ui is fine for us too.  */
+    if (virStrToLong_ui(cur, &cur, 0, &version) < 0)
+        goto cleanup;
+
+ cleanup:
+    VIR_FREE(outbuf);
+    return version;
+}
+
+#else
+
+unsigned int
+virHostCPUGetMicrocodeVersion(void)
+{
+    return 0;
+}
+
+#endif
+diff --git a/src/util/virhostcpu.h b/src/util/virhostcpu.h
+index 67033de842..f9f3359288 100644
+--- a/src/util/virhostcpu.h
+++ b/src/util/virhostcpu.h
+@@ -66,4 +66,6 @@ virBitmapPtr virHostCPUGetSiblingsList(unsigned int cpu);
+ 
+ int virHostCPUGetOnline(unsigned int cpu, bool *online);
+ 
+unsigned int virHostCPUGetMicrocodeVersion(void);
+
+ #endif /* __VIR_HOSTCPU_H__*/
+-- 
+2.17.0
+
@@ -0,0 +1,51 @@
+From a0ad8c160ed81417e4d5b46adf3118df1b6b1b77 Mon Sep 17 00:00:00 2001
+From: Jiri Denemark <jdenemar@redhat.com>
+Date: Wed, 13 Dec 2017 22:30:31 +0100
+Subject: [PATCH 14/19] cpu_x86: Rename virCPUx86MapInitialize
+
+The function will be used to initialize internal data of the x86 CPU
+driver (including the CPU map).
+
+CVE-2017-5715
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/cpu/cpu_x86.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
+index 3b7a6f95fe..0cb0dcacb3 100644
+--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
+@@ -153,8 +153,8 @@ struct _virCPUx86Map {
+ };
+ 
+ static virCPUx86MapPtr cpuMap;
+-int virCPUx86MapOnceInit(void);
+-VIR_ONCE_GLOBAL_INIT(virCPUx86Map);
+int virCPUx86DriverOnceInit(void);
+VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
+ 
+ 
+ typedef enum {
+@@ -1387,7 +1387,7 @@ virCPUx86LoadMap(void)
+ 
+ 
+ int
+-virCPUx86MapOnceInit(void)
+virCPUx86DriverOnceInit(void)
+ {
+     if (!(cpuMap = virCPUx86LoadMap()))
+         return -1;
+@@ -1399,7 +1399,7 @@ virCPUx86MapOnceInit(void)
+ static virCPUx86MapPtr
+ virCPUx86GetMap(void)
+ {
+-    if (virCPUx86MapInitialize() < 0)
+    if (virCPUx86DriverInitialize() < 0)
+         return NULL;
+ 
+     return cpuMap;
+-- 
+2.17.0
+
@@ -0,0 +1,133 @@
+From c628c42493170bfd70f30d9fb56d0067e6e4828a Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 19 Jun 2018 16:47:20 +0100
+Subject: [PATCH 15/19] conf: include x86 microcode version in virsh
+ capabiltiies
+
+A microcode update can cause the CPUID bits to change; an example
+from the past was the update that disabled TSX on several Haswell and
+Broadwell machines.
+
+In order to track the x86 microcode version in the QEMU capabilities,
+we have to fetch it and store it in the host CPU.  This also makes the
+version visible in "virsh capabilities", which is a nice side effect.
+
+CVE-2017-5715
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/conf/cpu_conf.c | 14 ++++++++++++++
+ src/conf/cpu_conf.h |  1 +
+ src/cpu/cpu_x86.c   |  9 +++++++++
+ 3 files changed, 24 insertions(+)
+
+diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
+index c21d11d244..3f3c25320e 100644
+--- a/src/conf/cpu_conf.c
+++ b/src/conf/cpu_conf.c
+@@ -127,6 +127,7 @@ virCPUDefCopyModelFilter(virCPUDefPtr dst,
+         VIR_STRDUP(dst->vendor_id, src->vendor_id) < 0 ||
+         VIR_ALLOC_N(dst->features, src->nfeatures) < 0)
+         return -1;
+    dst->microcodeVersion = src->microcodeVersion;
+     dst->nfeatures_max = src->nfeatures;
+     dst->nfeatures = 0;
+ 
+@@ -178,6 +179,7 @@ virCPUDefStealModel(virCPUDefPtr dst,
+ 
+     VIR_STEAL_PTR(dst->model, src->model);
+     VIR_STEAL_PTR(dst->features, src->features);
+    dst->microcodeVersion = src->microcodeVersion;
+     dst->nfeatures_max = src->nfeatures_max;
+     src->nfeatures_max = 0;
+     dst->nfeatures = src->nfeatures;
+@@ -379,6 +381,14 @@ virCPUDefParseXML(xmlXPathContextPtr ctxt,
+             goto cleanup;
+         }
+         VIR_FREE(arch);
+
+        if (virXPathBoolean("boolean(./microcode[1]/@version)", ctxt) > 0 &&
+            virXPathUInt("string(./microcode[1]/@version)", ctxt,
+                         &def->microcodeVersion) < 0) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("invalid microcode version"));
+            goto cleanup;
+        }
+     }
+ 
+     if (!(def->model = virXPathString("string(./model[1])", ctxt)) &&
+@@ -723,6 +733,10 @@ virCPUDefFormatBuf(virBufferPtr buf,
+     if (formatModel && def->vendor)
+         virBufferEscapeString(buf, "<vendor>%s</vendor>\n", def->vendor);
+ 
+    if (def->type == VIR_CPU_TYPE_HOST && def->microcodeVersion)
+        virBufferAsprintf(buf, "<microcode version='%u'/>\n",
+                          def->microcodeVersion);
+
+     if (def->sockets && def->cores && def->threads) {
+         virBufferAddLit(buf, "<topology");
+         virBufferAsprintf(buf, " sockets='%u'", def->sockets);
+diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
+index b44974f47e..a30ecf8681 100644
+--- a/src/conf/cpu_conf.h
+++ b/src/conf/cpu_conf.h
+@@ -133,6 +133,7 @@ struct _virCPUDef {
+     char *vendor_id;    /* vendor id returned by CPUID in the guest */
+     int fallback;       /* enum virCPUFallback */
+     char *vendor;
+    unsigned int microcodeVersion;
+     unsigned int sockets;
+     unsigned int cores;
+     unsigned int threads;
+diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
+index 0cb0dcacb3..41aaa61c35 100644
+--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
+@@ -33,6 +33,7 @@
+ #include "virbuffer.h"
+ #include "virendian.h"
+ #include "virstring.h"
+#include "virhostcpu.h"
+ 
+ #define VIR_FROM_THIS VIR_FROM_CPU
+ 
+@@ -153,6 +154,8 @@ struct _virCPUx86Map {
+ };
+ 
+ static virCPUx86MapPtr cpuMap;
+static unsigned int microcodeVersion;
+
+ int virCPUx86DriverOnceInit(void);
+ VIR_ONCE_GLOBAL_INIT(virCPUx86Driver);
+ 
+@@ -1392,6 +1395,8 @@ virCPUx86DriverOnceInit(void)
+     if (!(cpuMap = virCPUx86LoadMap()))
+         return -1;
+ 
+    microcodeVersion = virHostCPUGetMicrocodeVersion();
+
+     return 0;
+ }
+ 
+@@ -2409,6 +2414,9 @@ virCPUx86GetHost(virCPUDefPtr cpu,
+     virCPUDataPtr cpuData = NULL;
+     int ret = -1;
+ 
+    if (virCPUx86DriverInitialize() < 0)
+        goto cleanup;
+
+     if (!(cpuData = virCPUDataNew(archs[0])))
+         goto cleanup;
+ 
+@@ -2417,6 +2425,7 @@ virCPUx86GetHost(virCPUDefPtr cpu,
+         goto cleanup;
+ 
+     ret = x86DecodeCPUData(cpu, cpuData, models, nmodels, NULL);
+    cpu->microcodeVersion = microcodeVersion;
+ 
+  cleanup:
+     virCPUx86DataFree(cpuData);
+-- 
+2.17.0
+
@@ -0,0 +1,535 @@
+From a31edb693bb79f1ad8931db284f1dbceae178f27 Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 19 Jun 2018 16:50:02 +0100
+Subject: [PATCH 16/19] qemu: capabilities: force update if the microcode
+ version does not match
+
+A microcode update can cause the CPUID bits to change; an example
+from the past was the update that disabled TSX on several Haswell
+and Broadwell machines.
+
+Therefore, place microcode version in the virQEMUCaps struct and
+XML, and rebuild the cache if the versions do not match.
+
+CVE-2017-5715
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/qemu/qemu_capabilities.c                  | 40 ++++++++++++++++++-
+ src/qemu/qemu_capabilities.h                  |  6 ++-
+ src/qemu/qemu_capspriv.h                      |  6 +++
+ src/qemu/qemu_driver.c                        |  9 ++++-
+ .../caps_1.2.2.x86_64.xml                     |  1 +
+ .../caps_1.3.1.x86_64.xml                     |  1 +
+ .../caps_1.4.2.x86_64.xml                     |  1 +
+ .../caps_1.5.3.x86_64.xml                     |  1 +
+ .../caps_1.6.0.x86_64.xml                     |  1 +
+ .../caps_1.7.0.x86_64.xml                     |  1 +
+ .../caps_2.1.1.x86_64.xml                     |  1 +
+ .../caps_2.4.0.x86_64.xml                     |  1 +
+ .../caps_2.5.0.x86_64.xml                     |  1 +
+ .../caps_2.6.0-gicv2.aarch64.xml              |  1 +
+ .../caps_2.6.0-gicv3.aarch64.xml              |  1 +
+ .../caps_2.6.0.ppc64le.xml                    |  1 +
+ .../caps_2.6.0.x86_64.xml                     |  1 +
+ .../qemucapabilitiesdata/caps_2.7.0.s390x.xml |  1 +
+ .../caps_2.7.0.x86_64.xml                     |  1 +
+ .../qemucapabilitiesdata/caps_2.8.0.s390x.xml |  1 +
+ .../caps_2.8.0.x86_64.xml                     |  1 +
+ .../caps_2.9.0.ppc64le.xml                    |  1 +
+ .../qemucapabilitiesdata/caps_2.9.0.s390x.xml |  1 +
+ .../caps_2.9.0.x86_64.xml                     |  1 +
+ tests/qemucapabilitiestest.c                  | 14 +++++--
+ tests/qemucapsprobe.c                         |  2 +-
+ tests/testutilsqemu.c                         |  2 +-
+ 27 files changed, 89 insertions(+), 10 deletions(-)
+
+diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
+index 2de84715ea..72b70ce750 100644
+--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
+@@ -500,6 +500,7 @@ struct _virQEMUCaps {
+     unsigned int version;
+     unsigned int kvmVersion;
+     unsigned int libvirtVersion;
+    unsigned int microcodeVersion;
+     char *package;
+ 
+     virArch arch;
+@@ -2304,6 +2305,7 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps)
+ 
+     ret->version = qemuCaps->version;
+     ret->kvmVersion = qemuCaps->kvmVersion;
+    ret->microcodeVersion = qemuCaps->microcodeVersion;
+ 
+     if (VIR_STRDUP(ret->package, qemuCaps->package) < 0)
+         goto error;
+@@ -3809,6 +3811,7 @@ struct _virQEMUCapsCachePriv {
+     uid_t runUid;
+     gid_t runGid;
+     virArch hostArch;
+    unsigned int microcodeVersion;
+ };
+ typedef struct _virQEMUCapsCachePriv virQEMUCapsCachePriv;
+ typedef virQEMUCapsCachePriv *virQEMUCapsCachePrivPtr;
+@@ -3931,6 +3934,13 @@ virQEMUCapsLoadCache(virArch hostArch,
+         goto cleanup;
+     }
+ 
+    if (virXPathUInt("string(./microcodeVersion)", ctxt,
+                     &qemuCaps->microcodeVersion) < 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("missing microcode version in QEMU capabilities cache"));
+        goto cleanup;
+    }
+
+     if (virXPathBoolean("boolean(./package)", ctxt) > 0) {
+         qemuCaps->package = virXPathString("string(./package)", ctxt);
+         if (!qemuCaps->package &&
+@@ -4195,6 +4205,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps)
+     virBufferAsprintf(&buf, "<kvmVersion>%d</kvmVersion>\n",
+                       qemuCaps->kvmVersion);
+ 
+    virBufferAsprintf(&buf, "<microcodeVersion>%u</microcodeVersion>\n",
+                      qemuCaps->microcodeVersion);
+
+     if (qemuCaps->package)
+         virBufferAsprintf(&buf, "<package>%s</package>\n",
+                           qemuCaps->package);
+@@ -4336,6 +4349,16 @@ virQEMUCapsIsValid(void *data,
+         return false;
+     }
+ 
+    if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM) &&
+        priv->microcodeVersion != qemuCaps->microcodeVersion) {
+        VIR_DEBUG("Outdated capabilities for '%s': microcode version changed "
+                  "(%u vs %u)",
+                  qemuCaps->binary,
+                  priv->microcodeVersion,
+                  qemuCaps->microcodeVersion);
+        return false;
+    }
+
+     return true;
+ }
+ 
+@@ -5151,6 +5174,7 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
+                                 const char *libDir,
+                                 uid_t runUid,
+                                 gid_t runGid,
+                                unsigned int microcodeVersion,
+                                 bool qmpOnly)
+ {
+     virQEMUCapsPtr qemuCaps;
+@@ -5207,6 +5231,9 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
+     virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_KVM);
+     virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_QEMU);
+ 
+    if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM))
+        qemuCaps->microcodeVersion = microcodeVersion;
+
+  cleanup:
+     VIR_FREE(qmperr);
+     return qemuCaps;
+@@ -5228,6 +5255,7 @@ virQEMUCapsNewData(const char *binary,
+                                            priv->libDir,
+                                            priv->runUid,
+                                            priv->runGid,
+                                           priv->microcodeVersion,
+                                            false);
+ }
+ 
+@@ -5310,7 +5338,8 @@ virFileCachePtr
+ virQEMUCapsCacheNew(const char *libDir,
+                     const char *cacheDir,
+                     uid_t runUid,
+-                    gid_t runGid)
+                    gid_t runGid,
+                    unsigned int microcodeVersion)
+ {
+     char *capsCacheDir = NULL;
+     virFileCachePtr cache = NULL;
+@@ -5333,6 +5362,7 @@ virQEMUCapsCacheNew(const char *libDir,
+ 
+     priv->runUid = runUid;
+     priv->runGid = runGid;
+    priv->microcodeVersion = microcodeVersion;
+ 
+  cleanup:
+     VIR_FREE(capsCacheDir);
+@@ -5810,3 +5840,11 @@ virQEMUCapsFillDomainCaps(virCapsPtr caps,
+         return -1;
+     return 0;
+ }
+
+
+void
+virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps,
+                               unsigned int microcodeVersion)
+{
+    qemuCaps->microcodeVersion = microcodeVersion;
+}
+diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
+index 9c92d6b469..eea296c9c3 100644
+--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
+@@ -514,8 +514,10 @@ void virQEMUCapsFilterByMachineType(virQEMUCapsPtr qemuCaps,
+                                     const char *machineType);
+ 
+ virFileCachePtr virQEMUCapsCacheNew(const char *libDir,
+-                                        const char *cacheDir,
+-                                        uid_t uid, gid_t gid);
+                                    const char *cacheDir,
+                                    uid_t uid,
+                                    gid_t gid,
+                                    unsigned int microcodeVersion);
+ virQEMUCapsPtr virQEMUCapsCacheLookup(virFileCachePtr cache,
+                                       const char *binary);
+ virQEMUCapsPtr virQEMUCapsCacheLookupCopy(virFileCachePtr cache,
+diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h
+index d05256bd35..38c14ffa01 100644
+--- a/src/qemu/qemu_capspriv.h
+++ b/src/qemu/qemu_capspriv.h
+@@ -36,6 +36,7 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
+                                 const char *libDir,
+                                 uid_t runUid,
+                                 gid_t runGid,
+                                unsigned int microcodeVersion,
+                                 bool qmpOnly);
+ 
+ int virQEMUCapsLoadCache(virArch hostArch,
+@@ -101,4 +102,9 @@ virQEMUCapsParseHelpStr(const char *qemu,
+ int
+ virQEMUCapsParseDeviceStr(virQEMUCapsPtr qemuCaps,
+                           const char *str);
+
+void
+virQEMUCapsSetMicrocodeVersion(virQEMUCapsPtr qemuCaps,
+                               unsigned int microcodeVersion);
+
+ #endif
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 208ccc9bc3..d8dc5388ea 100644
+--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
+@@ -631,6 +631,8 @@ qemuStateInitialize(bool privileged,
+     gid_t run_gid = -1;
+     char *hugepagePath = NULL;
+     size_t i;
+    virCPUDefPtr hostCPU = NULL;
+    unsigned int microcodeVersion = 0;
+ 
+     if (VIR_ALLOC(qemu_driver) < 0)
+         return -1;
+@@ -853,10 +855,15 @@ qemuStateInitialize(bool privileged,
+         run_gid = cfg->group;
+     }
+ 
+    if ((hostCPU = virCPUProbeHost(virArchFromHost())))
+        microcodeVersion = hostCPU->microcodeVersion;
+    virCPUDefFree(hostCPU);
+
+     qemu_driver->qemuCapsCache = virQEMUCapsCacheNew(cfg->libDir,
+                                                      cfg->cacheDir,
+                                                      run_uid,
+-                                                     run_gid);
+                                                     run_gid,
+                                                     microcodeVersion);
+     if (!qemu_driver->qemuCapsCache)
+         goto error;
+ 
+diff --git a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
+index 956284d5d3..f3f66cd8f5 100644
+--- a/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.2.2.x86_64.xml
+@@ -111,6 +111,7 @@
+   <flag name='query-cpu-definitions'/>
+   <version>1002002</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>26900</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='qemu64'/>
+diff --git a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
+index 99384ce5e6..1c4d5ff4a4 100644
+--- a/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.3.1.x86_64.xml
+@@ -129,6 +129,7 @@
+   <flag name='query-cpu-definitions'/>
+   <version>1003001</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>30198</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='qemu64'/>
+diff --git a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
+index aea043c57d..a50383c259 100644
+--- a/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.4.2.x86_64.xml
+@@ -130,6 +130,7 @@
+   <flag name='query-cpu-definitions'/>
+   <version>1004002</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>30915</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
+index 6f860e4f25..ad3e122775 100644
+--- a/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.5.3.x86_64.xml
+@@ -142,6 +142,7 @@
+   <flag name='kernel-irqchip'/>
+   <version>1005003</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>47019</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
+index e5dc8360de..7b2324d697 100644
+--- a/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.6.0.x86_64.xml
+@@ -147,6 +147,7 @@
+   <flag name='kernel-irqchip'/>
+   <version>1006000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>45248</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
+index 86d87eaf0c..4ba509a753 100644
+--- a/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_1.7.0.x86_64.xml
+@@ -149,6 +149,7 @@
+   <flag name='kernel-irqchip'/>
+   <version>1007000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>50692</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
+index 2fa551b1a0..416703ac89 100644
+--- a/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.1.1.x86_64.xml
+@@ -165,6 +165,7 @@
+   <flag name='kernel-irqchip'/>
+   <version>2001001</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>59488</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
+index f97e4cb813..4550139e0c 100644
+--- a/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.4.0.x86_64.xml
+@@ -190,6 +190,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2004000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>75653</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
+index 2ba40fc494..6072438688 100644
+--- a/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.5.0.x86_64.xml
+@@ -196,6 +196,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2005000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>216775</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
+index 0b34fa30d4..6fc0ab25e0 100644
+--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv2.aarch64.xml
+@@ -174,6 +174,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2006000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>228838</microcodeVersion>
+   <package></package>
+   <arch>aarch64</arch>
+   <cpu type='kvm' name='pxa262'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
+index d41d578c7e..1846bf6a7c 100644
+--- a/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.6.0-gicv3.aarch64.xml
+@@ -174,6 +174,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2006000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>228838</microcodeVersion>
+   <package></package>
+   <arch>aarch64</arch>
+   <cpu type='kvm' name='pxa262'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
+index f1c9fc98a4..199fc2cd22 100644
+--- a/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
+++ b/tests/qemucapabilitiesdata/caps_2.6.0.ppc64le.xml
+@@ -169,6 +169,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2006000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>263602</microcodeVersion>
+   <package></package>
+   <arch>ppc64</arch>
+   <cpu type='kvm' name='default'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
+index bdf006f6be..5897fbc0c9 100644
+--- a/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.6.0.x86_64.xml
+@@ -206,6 +206,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2006000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>227579</microcodeVersion>
+   <package></package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
+index fe7bca93b9..4c208008be 100644
+--- a/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.7.0.s390x.xml
+@@ -136,6 +136,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2007000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>217559</microcodeVersion>
+   <package></package>
+   <arch>s390x</arch>
+   <cpu type='kvm' name='host'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
+index 3fd28f09fe..e3a154806c 100644
+--- a/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.7.0.x86_64.xml
+@@ -209,6 +209,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2007000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>239276</microcodeVersion>
+   <package> (v2.7.0)</package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='Opteron_G5'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
+index 21bbb820d0..f13c783d44 100644
+--- a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
+@@ -138,6 +138,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2007093</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>242460</microcodeVersion>
+   <package></package>
+   <arch>s390x</arch>
+   <hostCPU type='kvm' model='zEC12.2-base' migratability='no'>
+diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
+index 761f9d1415..f5bd1d7272 100644
+--- a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
+@@ -211,6 +211,7 @@
+   <flag name='virtio-gpu.max_outputs'/>
+   <version>2008000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>255931</microcodeVersion>
+   <package> (v2.8.0)</package>
+   <arch>x86_64</arch>
+   <cpu type='kvm' name='host' usable='yes'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+index 9551907c66..2d1d0f9a89 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.ppc64le.xml
+@@ -175,6 +175,7 @@
+   <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>347135</microcodeVersion>
+   <package> (v2.9.0)</package>
+   <arch>ppc64</arch>
+   <cpu type='kvm' name='default'/>
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+index 0a6fbd0776..3b733801f8 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.s390x.xml
+@@ -140,6 +140,7 @@
+   <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>265878</microcodeVersion>
+   <package></package>
+   <arch>s390x</arch>
+   <hostCPU type='kvm' model='z13.2-base' migratability='no'>
+diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+index 1294ebdb31..086594def5 100644
+--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+@@ -223,6 +223,7 @@
+   <flag name='disk-share-rw'/>
+   <version>2009000</version>
+   <kvmVersion>0</kvmVersion>
+  <microcodeVersion>321194</microcodeVersion>
+   <package> (v2.9.0)</package>
+   <arch>x86_64</arch>
+   <hostCPU type='kvm' model='base' migratability='yes'>
+diff --git a/tests/qemucapabilitiestest.c b/tests/qemucapabilitiestest.c
+index 3ae55fc62f..4608fffbb2 100644
+--- a/tests/qemucapabilitiestest.c
+++ b/tests/qemucapabilitiestest.c
+@@ -61,10 +61,16 @@ testQemuCaps(const void *opaque)
+                                   qemuMonitorTestGetMonitor(mon)) < 0)
+         goto cleanup;
+ 
+-    if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM) &&
+-        virQEMUCapsInitQMPMonitorTCG(capsActual,
+-                                     qemuMonitorTestGetMonitor(mon)) < 0)
+-        goto cleanup;
+    if (virQEMUCapsGet(capsActual, QEMU_CAPS_KVM)) {
+        if (virQEMUCapsInitQMPMonitorTCG(capsActual,
+                                         qemuMonitorTestGetMonitor(mon)) < 0)
+            goto cleanup;
+
+        /* Fill microcodeVersion with a "random" value which is the file
+         * length to provide a reproducible number for testing.
+         */
+        virQEMUCapsSetMicrocodeVersion(capsActual, virFileLength(repliesFile, -1));
+    }
+ 
+     if (!(actual = virQEMUCapsFormatCache(capsActual)))
+         goto cleanup;
+diff --git a/tests/qemucapsprobe.c b/tests/qemucapsprobe.c
+index 4b8d6229b4..a5f5a38b16 100644
+--- a/tests/qemucapsprobe.c
+++ b/tests/qemucapsprobe.c
+@@ -72,7 +72,7 @@ main(int argc, char **argv)
+         return EXIT_FAILURE;
+ 
+     if (!(caps = virQEMUCapsNewForBinaryInternal(VIR_ARCH_NONE, argv[1], "/tmp",
+-                                                 -1, -1, true)))
+                                                 -1, -1, 0, true)))
+         return EXIT_FAILURE;
+ 
+     virObjectUnref(caps);
+diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
+index 2c7124bf26..f8182033fc 100644
+--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
+@@ -603,7 +603,7 @@ int qemuTestDriverInit(virQEMUDriver *driver)
+ 
+     /* Using /dev/null for libDir and cacheDir automatically produces errors
+      * upon attempt to use any of them */
+-    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0);
+    driver->qemuCapsCache = virQEMUCapsCacheNew("/dev/null", "/dev/null", 0, 0, 0);
+     if (!driver->qemuCapsCache)
+         goto error;
+ 
+-- 
+2.17.0
+
@@ -0,0 +1,142 @@
+From ac0e85360cd8f25160b67ee9fb45663d20f82c1d Mon Sep 17 00:00:00 2001
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 19 Jun 2018 16:51:13 +0100
+Subject: [PATCH 17/19] cpu: add CPU features and model for indirect branch
+ prediction protection
+
+CVE-2017-5715
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/cpu/cpu_map.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 44 insertions(+)
+
+diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
+index 8e7ac4973d..c31e7ce36a 100644
+--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
+@@ -283,6 +283,9 @@
+     <feature name='avx512-4fmaps'>
+       <cpuid eax_in='0x07' ecx_in='0x00' edx='0x00000008'/>
+     </feature>
+    <feature name='spec-ctrl'>
+      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
+    </feature>
+ 
+     <!-- Processor Extended State Enumeration sub leaf 1 -->
+     <feature name='xsaveopt'>
+@@ -411,6 +414,11 @@
+       <cpuid eax_in='0x80000007' edx='0x00000100'/>
+     </feature>
+ 
+    <!-- More AMD-specific features -->
+    <feature name='ibpb'>
+      <cpuid eax_in='0x80000008' ebx='0x00001000'/>
+    </feature>
+
+     <!-- models -->
+     <model name='486'>
+       <feature name='fpu'/>
+@@ -857,6 +865,10 @@
+       <feature name='syscall'/>
+       <feature name='tsc'/>
+     </model>
+    <model name='Nehalem-IBRS'>
+      <model name='Nehalem'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Westmere'>
+       <signature family='6' model='44'/>
+@@ -894,6 +906,10 @@
+       <feature name='syscall'/>
+       <feature name='tsc'/>
+     </model>
+    <model name='Westmere-IBRS'>
+      <model name='Westmere'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='SandyBridge'>
+       <signature family='6' model='42'/>
+@@ -937,6 +953,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='SandyBridge-IBRS'>
+      <model name='SandyBridge'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='IvyBridge'>
+       <signature family='6' model='58'/>
+@@ -986,6 +1006,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='IvyBridge-IBRS'>
+      <model name='IvyBridge'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Haswell-noTSX'>
+       <signature family='6' model='60'/>
+@@ -1039,6 +1063,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='Haswell-noTSX-IBRS'>
+      <model name='Haswell-noTSX'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Haswell'>
+       <signature family='6' model='60'/>
+@@ -1094,6 +1122,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='Haswell-IBRS'>
+      <model name='Haswell'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Broadwell-noTSX'>
+       <signature family='6' model='61'/>
+@@ -1151,6 +1183,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='Broadwell-noTSX-IBRS'>
+      <model name='Broadwell-noTSX'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Broadwell'>
+       <signature family='6' model='61'/>
+@@ -1210,6 +1246,10 @@
+       <feature name='x2apic'/>
+       <feature name='xsave'/>
+     </model>
+    <model name='Broadwell-IBRS'>
+      <model name='Broadwell'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <model name='Skylake-Client'>
+       <signature family='6' model='94'/>
+@@ -1278,6 +1318,10 @@
+       <feature name='xsavec'/>
+       <feature name='xsaveopt'/>
+     </model>
+    <model name='Skylake-Client-IBRS'>
+      <model name='Skylake-Client'/>
+      <feature name='spec-ctrl'/>
+    </model>
+ 
+     <!-- AMD CPUs -->
+     <model name='athlon'>
+-- 
+2.17.0
+
@@ -0,0 +1,37 @@
+From 9a252992aa81b4873b22f174de9d345f4289051c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Mon, 21 May 2018 23:05:07 +0100
+Subject: [PATCH 18/19] cpu: define the 'ssbd' CPUID feature bit
+ (CVE-2018-3639)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+New microcode introduces the "Speculative Store Bypass Disable"
+CPUID feature bit. This needs to be exposed to guest OS to allow
+them to protect against CVE-2018-3639.
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
+(cherry picked from commit 1dbca2eccad58d91a5fd33962854f1a653638182)
+---
+ src/cpu/cpu_map.xml | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
+index c31e7ce36a..87301dc0ef 100644
+--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
+@@ -286,6 +286,9 @@
+     <feature name='spec-ctrl'>
+       <cpuid eax_in='0x07' ecx_in='0x00' edx='0x04000000'/>
+     </feature>
+    <feature name='ssbd'>
+      <cpuid eax_in='0x07' ecx_in='0x00' edx='0x80000000'/>
+    </feature>
+ 
+     <!-- Processor Extended State Enumeration sub leaf 1 -->
+     <feature name='xsaveopt'>
+-- 
+2.17.0
+
@@ -0,0 +1,46 @@
+From 7774fbbda1c886633eaf0015d6211fc0ad703bc7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Mon, 21 May 2018 23:05:08 +0100
+Subject: [PATCH 19/19] cpu: define the 'virt-ssbd' CPUID feature bit
+ (CVE-2018-3639)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Some AMD processors only support a non-architectural means of
+enabling Speculative Store Bypass Disable. To allow simplified
+handling in virtual environments, hypervisors will expose an
+architectural definition through CPUID bit 0x80000008_EBX[25].
+This needs to be exposed to guest OS running on AMD x86 hosts to
+allow them to protect against CVE-2018-3639.
+
+Note that since this CPUID bit won't be present in the host CPUID
+results on physical hosts, it will not be enabled automatically
+in guests configured with "host-model" CPU unless using QEMU
+version >= 2.9.0. Thus for older versions of QEMU, this feature
+must be manually enabled using policy=force. Guests using the
+"host-passthrough" CPU mode do not need special handling.
+
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/cpu/cpu_map.xml | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
+index 87301dc0ef..e31c9ae86c 100644
+--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
+@@ -421,6 +421,9 @@
+     <feature name='ibpb'>
+       <cpuid eax_in='0x80000008' ebx='0x00001000'/>
+     </feature>
+    <feature name='virt-ssbd'>
+      <cpuid eax_in='0x80000008' ebx='0x02000000'/>
+    </feature>
+ 
+     <!-- models -->
+     <model name='486'>
+-- 
+2.17.0
+
@@ -1 +0,0 @@
-F-12
@@ -1,267 +0,0 @@
-commit bc0010b3d149df00406b82c37eb59874d8525af4
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Wed Nov 11 12:07:00 2009 +0000
-
-    Fix save and restore with non-privileged guests and SELinux
-    
-    When running qemu:///system instance, libvirtd runs as root,
-    but QEMU may optionally be configured to run non-root. When
-    then saving a guest to a state file, the file is initially
-    created as root, and thus QEMU cannot write to it. It is also
-    missing labelling required to allow access via SELinux.
-    
-    * src/qemu_driver.c: Set ownership on save image before
-      running migrate command in virDomainSave impl. Call out to
-      security driver to set save image labelling
-    * src/security.h: Add driver APIs for setting
-      and restoring saved state file labelling
-    * src/security_selinux.c: Implement saved state file
-      labelling for SELinux
-
-diff --git a/src/security.h b/src/security.h
-index fde2978..5514962 100644
--- a/src/security.h
-+++ b/src/security.h
-@@ -42,6 +42,11 @@ typedef int (*virSecurityDomainRestoreHostdevLabel) (virConnectPtr conn,
- typedef int (*virSecurityDomainSetHostdevLabel) (virConnectPtr conn,
-                                                  virDomainObjPtr vm,
-                                                  virDomainHostdevDefPtr dev);
-+typedef int (*virSecurityDomainSetSavedStateLabel) (virConnectPtr conn,
-+                                                    virDomainObjPtr vm,
-+                                                    const char *savefile);
-+typedef int (*virSecurityDomainRestoreSavedStateLabel) (virConnectPtr conn,
-+                                                        const char *savefile);
- typedef int (*virSecurityDomainGenLabel) (virConnectPtr conn,
-                                           virDomainObjPtr sec);
- typedef int (*virSecurityDomainReserveLabel) (virConnectPtr conn,
-@@ -71,6 +76,8 @@ struct _virSecurityDriver {
-     virSecurityDomainRestoreLabel domainRestoreSecurityLabel;
-     virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
-     virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
-+    virSecurityDomainSetSavedStateLabel domainSetSavedStateLabel;
-+    virSecurityDomainRestoreSavedStateLabel domainRestoreSavedStateLabel;
- 
-     /*
-      * This is internally managed driver state and should only be accessed
-diff --git a/src/security_selinux.c b/src/security_selinux.c
-index 0e31077..bd838e6 100644
--- a/src/security_selinux.c
-+++ b/src/security_selinux.c
-@@ -523,6 +523,7 @@ done:
-     return ret;
- }
- 
-+
- static int
- SELinuxRestoreSecurityPCILabel(virConnectPtr conn,
-                                pciDevice *dev ATTRIBUTE_UNUSED,
-@@ -623,6 +624,26 @@ SELinuxRestoreSecurityLabel(virConnectPtr conn,
-     return rc;
- }
- 
-+
-+static int
-+SELinuxSetSavedStateLabel(virConnectPtr conn,
-+                          virDomainObjPtr vm,
-+                          const char *savefile)
-+{
-+    const virSecurityLabelDefPtr secdef = &vm->def->seclabel;
-+
-+    return SELinuxSetFilecon(conn, savefile, secdef->imagelabel);
-+}
-+
-+
-+static int
-+SELinuxRestoreSavedStateLabel(virConnectPtr conn,
-+                              const char *savefile)
-+{
-+    return SELinuxRestoreSecurityFileLabel(conn, savefile);
-+}
-+
-+
- static int
- SELinuxSecurityVerify(virConnectPtr conn, virDomainDefPtr def)
- {
-@@ -692,4 +713,6 @@ virSecurityDriver virSELinuxSecurityDriver = {
-     .domainSetSecurityLabel     = SELinuxSetSecurityLabel,
-     .domainSetSecurityHostdevLabel = SELinuxSetSecurityHostdevLabel,
-     .domainRestoreSecurityHostdevLabel = SELinuxRestoreSecurityHostdevLabel,
-+    .domainSetSavedStateLabel = SELinuxSetSavedStateLabel,
-+    .domainRestoreSavedStateLabel = SELinuxRestoreSavedStateLabel,
- };
-diff -rup libvirt-0.7.1/src/qemu_driver.c new/src/qemu_driver.c
--- libvirt-0.7.1/src/qemu_driver.c	2010-05-17 16:28:38.243890000 -0400
-+++ new/src/qemu_driver.c	2010-05-17 16:36:28.035091000 -0400
-@@ -3907,6 +3907,20 @@ static int qemudDomainSave(virDomainPtr 
-     }
-     fd = -1;
- 
-+    if (driver->privileged &&
-+        chown(path, driver->user, driver->group) < 0) {
-+        virReportSystemError(NULL, errno,
-+                             _("unable to set ownership of '%s' to user %d:%d"),
-+                             path, driver->user, driver->group);
-+        goto cleanup;
-+    }
-+
-+    if (driver->securityDriver &&
-+        driver->securityDriver->domainSetSavedStateLabel &&
-+        driver->securityDriver->domainSetSavedStateLabel(dom->conn, vm, path) == -1)
-+        goto cleanup;
-+
-+
-     /* Migrate to file */
-     safe_path = qemudEscapeShellArg(path);
-     if (!safe_path) {
-@@ -3956,6 +3970,20 @@ static int qemudDomainSave(virDomainPtr 
-         goto cleanup;
-     }
- 
-+    if (driver->privileged &&
-+        chown(path, 0, 0) < 0) {
-+        virReportSystemError(NULL, errno,
-+                             _("unable to set ownership of '%s' to user %d:%d"),
-+                             path, 0, 0);
-+        goto cleanup;
-+    }
-+
-+    if (driver->securityDriver &&
-+        driver->securityDriver->domainRestoreSavedStateLabel &&
-+        driver->securityDriver->domainRestoreSavedStateLabel(dom->conn, path) == -1)
-+        VIR_WARN("failed to restore save state label on %s", path);
-+
-+
-     /* Shut it down */
-     qemudShutdownVMDaemon(dom->conn, driver, vm);
-     event = virDomainEventNewFromObj(vm,
-diff -rup libvirt-0.7.1/src/qemu_driver.c new/src/qemu_driver.c
--- libvirt-0.7.1/src/qemu_driver.c	2010-05-17 17:55:34.000000000 -0400
-+++ new/src/qemu_driver.c	2010-05-18 11:45:29.903145000 -0400
-@@ -4028,7 +4028,7 @@ static int qemudDomainSave(virDomainPtr 
- 
-     if (driver->securityDriver &&
-         driver->securityDriver->domainRestoreSavedStateLabel &&
-        driver->securityDriver->domainRestoreSavedStateLabel(dom->conn, path) == -1)
-+        driver->securityDriver->domainRestoreSavedStateLabel(dom->conn, vm, path) == -1)
-         VIR_WARN("failed to restore save state label on %s", path);
- 
- 
-@@ -4616,6 +4616,11 @@ static int qemudDomainRestore(virConnect
-     }
-     def = NULL;
- 
-+    if (driver->securityDriver &&
-+        driver->securityDriver->domainSetSavedStateLabelRO &&
-+        driver->securityDriver->domainSetSavedStateLabelRO(conn, vm, path) == -1)
-+        goto cleanup;
-+
-     if (header.version == 2) {
-         const char *intermediate_argv[3] = { NULL, "-dc", NULL };
-         const char *prog = qemudSaveCompressionTypeToString(header.compressed);
-@@ -4651,11 +4656,6 @@ static int qemudDomainRestore(virConnect
-     close(fd);
-     fd = -1;
-     if (ret < 0) {
-        if (!vm->persistent) {
-            virDomainRemoveInactive(&driver->domains,
-                                    vm);
-            vm = NULL;
-        }
-         goto cleanup;
-     }
- 
-@@ -4677,6 +4677,19 @@ static int qemudDomainRestore(virConnect
-     ret = 0;
- 
- cleanup:
-+    if (ret < 0) {
-+        if (!vm->persistent) {
-+            virDomainRemoveInactive(&driver->domains,
-+                                    vm);
-+            vm = NULL;
-+        }
-+    }
-+
-+    if (driver->securityDriver &&
-+        driver->securityDriver->domainRestoreSavedStateLabel &&
-+        driver->securityDriver->domainRestoreSavedStateLabel(conn, vm, path) == -1)
-+        VIR_WARN("Unable to restore labelling on %s", path);
-+
-     virDomainDefFree(def);
-     VIR_FREE(xml);
-     if (fd != -1)
-diff -rup libvirt-0.7.1/src/security.h new/src/security.h
--- libvirt-0.7.1/src/security.h	2010-05-17 17:55:34.000000000 -0400
-+++ new/src/security.h	2010-05-18 11:41:27.703746000 -0400
-@@ -44,7 +44,11 @@ typedef int (*virSecurityDomainSetHostde
- typedef int (*virSecurityDomainSetSavedStateLabel) (virConnectPtr conn,
-                                                     virDomainObjPtr vm,
-                                                     const char *savefile);
-+typedef int (*virSecurityDomainSetSavedStateLabelRO) (virConnectPtr conn,
-+                                                      virDomainObjPtr vm,
-+                                                      const char *savefile);
- typedef int (*virSecurityDomainRestoreSavedStateLabel) (virConnectPtr conn,
-+                                                        virDomainObjPtr vm,
-                                                         const char *savefile);
- typedef int (*virSecurityDomainGenLabel) (virConnectPtr conn,
-                                           virDomainObjPtr sec);
-@@ -76,6 +80,7 @@ struct _virSecurityDriver {
-     virSecurityDomainRestoreHostdevLabel domainRestoreSecurityHostdevLabel;
-     virSecurityDomainSetHostdevLabel domainSetSecurityHostdevLabel;
-     virSecurityDomainSetSavedStateLabel domainSetSavedStateLabel;
-+    virSecurityDomainSetSavedStateLabelRO domainSetSavedStateLabelRO;
-     virSecurityDomainRestoreSavedStateLabel domainRestoreSavedStateLabel;
- 
-     /*
-diff -rup libvirt-0.7.1/src/security_selinux.c new/src/security_selinux.c
--- libvirt-0.7.1/src/security_selinux.c	2010-05-17 17:55:34.000000000 -0400
-+++ new/src/security_selinux.c	2010-05-18 11:49:24.542106000 -0400
-@@ -364,12 +364,20 @@ SELinuxRestoreSecurityFileLabel(virConne
-         goto err;
-     }
- 
-    if (stat(newpath, &buf) != 0)
-+    if (stat(newpath, &buf) != 0) {
-+        virReportSystemError(conn, err,
-+                             _("cannot stat %s"), newpath);
-         goto err;
-+    }
- 
-    if (matchpathcon(newpath, buf.st_mode, &fcon) == 0)  {
-        rc = SELinuxSetFilecon(conn, newpath, fcon);
-+    if (matchpathcon(newpath, buf.st_mode, &fcon) != 0)  {
-+        virReportSystemError(conn, err,
-+                             _("failed to determine default context for %s"), newpath);
-+        goto err;
-     }
-+
-+    rc = SELinuxSetFilecon(conn, newpath, fcon);
-+
- err:
-     VIR_FREE(fcon);
-     VIR_FREE(newpath);
-@@ -632,7 +640,17 @@ SELinuxSetSavedStateLabel(virConnectPtr 
- 
- 
- static int
-+SELinuxSetSavedStateLabelRO(virConnectPtr conn,
-+                            virDomainObjPtr vm ATTRIBUTE_UNUSED,
-+                            const char *savefile)
-+{
-+    return SELinuxSetFilecon(conn, savefile, default_content_context);
-+}
-+
-+
-+static int
- SELinuxRestoreSavedStateLabel(virConnectPtr conn,
-+                              virDomainObjPtr vm ATTRIBUTE_UNUSED,
-                               const char *savefile)
- {
-     return SELinuxRestoreSecurityFileLabel(conn, savefile);
-@@ -709,5 +727,6 @@ virSecurityDriver virSELinuxSecurityDriv
-     .domainSetSecurityHostdevLabel = SELinuxSetSecurityHostdevLabel,
-     .domainRestoreSecurityHostdevLabel = SELinuxRestoreSecurityHostdevLabel,
-     .domainSetSavedStateLabel = SELinuxSetSavedStateLabel,
-+    .domainSetSavedStateLabelRO = SELinuxSetSavedStateLabelRO,
-     .domainRestoreSavedStateLabel = SELinuxRestoreSavedStateLabel,
- };
@@ -1,22 +0,0 @@
-commit 823a684f8d0495bd5e7b413e1a81fd5a600abef7
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Thu Feb 11 14:39:13 2010 +0000
-
-    Fix USB device path formatting mixup
-    
-    * src/util/hostusb.c: The device path for a USB device wants the
-      bus/device IDs in decimal not octal
-
-diff --git a/src/util/hostusb.c b/src/util/hostusb.c
-index 3cce66b..bf96539 100644
--- a/src/hostusb.c
-+++ b/src/hostusb.c
-@@ -184,7 +184,7 @@ usbGetDevice(unsigned bus,
-     snprintf(dev->name, sizeof(dev->name), "%.3o:%.3o",
-              dev->bus, dev->dev);
-     snprintf(dev->path, sizeof(dev->path),
-             USB_DEVFS "%03o/%03o", dev->bus, dev->dev);
-+             USB_DEVFS "%03d/%03d", dev->bus, dev->dev);
- 
-     /* XXX fixme. this should be product/vendor */
-     snprintf(dev->id, sizeof(dev->id), "%d %d", dev->bus, dev->dev);
@@ -1,496 +0,0 @@
-diff -rup libvirt-0.7.1/src/hostusb.c new/src/hostusb.c
--- libvirt-0.7.1/src/hostusb.c	2010-05-17 16:53:48.740748000 -0400
-+++ new/src/hostusb.c	2010-05-17 16:57:19.294731000 -0400
-@@ -37,9 +37,10 @@
- #include "util.h"
- #include "virterror_internal.h"
- 
-+#define USB_SYSFS "/sys/bus/usb"
- #define USB_DEVFS "/dev/bus/usb/"
-#define USB_ID_LEN 10 /* "XXXX XXXX" */
-#define USB_ADDR_LEN 8 /* "XXX:XXX" */
-+#define USB_ID_LEN 10 /* "1234 5678" */
-+#define USB_ADDR_LEN 8 /* "123:456" */
- 
- struct _usbDevice {
-     unsigned      bus;
-@@ -57,6 +58,101 @@ struct _usbDevice {
-     virReportErrorHelper(conn, VIR_FROM_NONE, code, __FILE__,  \
-                          __FUNCTION__, __LINE__, fmt)
- 
-+static int usbSysReadFile(virConnectPtr conn,
-+                          const char *f_name, const char *d_name,
-+                          int base, unsigned *value)
-+{
-+    int ret = -1, tmp;
-+    char *buf = NULL;
-+    char *filename = NULL;
-+    char *ignore = NULL;
-+
-+    tmp = virAsprintf(&filename, USB_SYSFS "/devices/%s/%s", d_name, f_name);
-+    if (tmp < 0) {
-+        virReportOOMError(conn);
-+        goto error;
-+    }
-+
-+    if (virFileReadAll(filename, 1024, &buf) < 0)
-+        goto error;
-+
-+    if (virStrToLong_ui(buf, &ignore, base, value) < 0) {
-+        usbReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                       _("Could not parse usb file %s"), filename);
-+        goto error;
-+    }
-+
-+    ret = 0;
-+error:
-+    VIR_FREE(filename);
-+    VIR_FREE(buf);
-+    return ret;
-+}
-+
-+static int usbFindBusByVendor(virConnectPtr conn,
-+                              unsigned vendor, unsigned product,
-+                              unsigned *bus, unsigned *devno)
-+{
-+    DIR *dir = NULL;
-+    int ret = -1, found = 0;
-+    char *ignore = NULL;
-+    struct dirent *de;
-+
-+    dir = opendir(USB_SYSFS "/devices");
-+    if (!dir) {
-+        virReportSystemError(conn, errno,
-+                             _("Could not open directory %s"),
-+                             USB_SYSFS "/devices");
-+        goto error;
-+    }
-+
-+    while ((de = readdir(dir))) {
-+        unsigned found_prod, found_vend;
-+        if (de->d_name[0] == '.' || strchr(de->d_name, ':'))
-+            continue;
-+
-+        if (usbSysReadFile(conn, "idVendor", de->d_name,
-+                           16, &found_vend) < 0)
-+            goto error;
-+        if (usbSysReadFile(conn, "idProduct", de->d_name,
-+                           16, &found_prod) < 0)
-+            goto error;
-+
-+        if (found_prod == product && found_vend == vendor) {
-+            /* Lookup bus.addr info */
-+            char *tmpstr = de->d_name;
-+            unsigned found_bus, found_addr;
-+
-+            if (STREQ(de->d_name, "usb"))
-+                tmpstr += 3;
-+
-+            if (virStrToLong_ui(tmpstr, &ignore, 10, &found_bus) < 0) {
-+                usbReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                               _("Failed to parse dir name '%s'"),
-+                               de->d_name);
-+                goto error;
-+            }
-+
-+            if (usbSysReadFile(conn, "devnum", de->d_name,
-+                               10, &found_addr) < 0)
-+                goto error;
-+
-+            *bus = found_bus;
-+            *devno = found_addr;
-+            found = 1;
-+            break;
-+        }
-+    }
-+
-+    if (!found)
-+        usbReportError(conn, VIR_ERR_INTERNAL_ERROR,
-+                       _("Did not find USB device %x:%x"), vendor, product);
-+    else
-+        ret = 0;
-+
-+error:
-+    return ret;
-+}
- 
- usbDevice *
- usbGetDevice(virConnectPtr conn,
-@@ -86,6 +182,21 @@ usbGetDevice(virConnectPtr conn,
-     return dev;
- }
- 
-+
-+usbDevice *
-+usbFindDevice(unsigned vendor,
-+              unsigned product)
-+{
-+    unsigned bus = 0, devno = 0;
-+
-+    if (usbFindBusByVendor(vendor, product, &bus, &devno) < 0) {
-+        return NULL;
-+    }
-+
-+    return usbGetDevice(bus, devno);
-+}
-+
-+
- void
- usbFreeDevice(virConnectPtr conn ATTRIBUTE_UNUSED, usbDevice *dev)
- {
-@@ -93,6 +204,18 @@ usbFreeDevice(virConnectPtr conn ATTRIBU
-     VIR_FREE(dev);
- }
- 
-+unsigned usbDeviceGetBus(usbDevice *dev)
-+{
-+    return dev->bus;
-+}
-+
-+
-+unsigned usbDeviceGetDevno(usbDevice *dev)
-+{
-+    return dev->dev;
-+}
-+
-+
- 
- int usbDeviceFileIterate(virConnectPtr conn,
-                          usbDevice *dev,
-diff -rup libvirt-0.7.1/src/hostusb.h new/src/hostusb.h
--- libvirt-0.7.1/src/hostusb.h	2009-09-10 09:45:00.000000000 -0400
-+++ new/src/hostusb.h	2010-05-17 16:58:06.553924000 -0400
-@@ -27,11 +27,16 @@
- 
- typedef struct _usbDevice usbDevice;
- 
-usbDevice *usbGetDevice      (virConnectPtr  conn,
-                              unsigned       bus,
-                              unsigned       devno);
-void       usbFreeDevice     (virConnectPtr  conn,
-                              usbDevice     *dev);
-+usbDevice *usbGetDevice(virConnectPtr conn,
-+                        unsigned bus,
-+                        unsigned devno);
-+usbDevice *usbFindDevice(virConnectPtr conn,
-+                         unsigned vendor,
-+                         unsigned product);
-+void       usbFreeDevice (virConnectPtr conn, usbDevice *dev);
-+
-+unsigned usbDeviceGetBus(usbDevice *dev);
-+unsigned usbDeviceGetDevno(usbDevice *dev);
- 
- /*
-  * Callback that will be invoked once for each file
-diff -rup libvirt-0.7.1/src/libvirt_private.syms new/src/libvirt_private.syms
--- libvirt-0.7.1/src/libvirt_private.syms	2010-05-17 16:53:48.401831000 -0400
-+++ new/src/libvirt_private.syms	2010-05-17 16:55:03.001748000 -0400
-@@ -441,7 +441,10 @@ virFileMatchesNameSuffix;
- 
- # usb.h
- usbGetDevice;
-+usbFindDevice;
- usbFreeDevice;
-+usbDeviceGetBus;
-+usbDeviceGetDevno;
- usbDeviceFileIterate;
- 
- # uuid.h
-diff -rup libvirt-0.7.1/src/qemu_driver.c new/src/qemu_driver.c
--- libvirt-0.7.1/src/qemu_driver.c	2010-05-17 16:53:48.785743000 -0400
-+++ new/src/qemu_driver.c	2010-05-17 17:06:40.575145000 -0400
-@@ -1493,16 +1493,13 @@ qemuUpdateActivePciHostdevs(struct qemud
- }
- 
- static int
-qemuPrepareHostDevices(virConnectPtr conn,
-                       struct qemud_driver *driver,
-                       virDomainDefPtr def)
-+qemuPrepareHostPCIDevices(virConnectPtr conn,
-+                          struct qemud_driver *driver,
-+                          virDomainDefPtr def)
- {
-     pciDeviceList *pcidevs;
-     int i;
- 
-    if (!def->nhostdevs)
-        return 0;
-
-     if (!(pcidevs = qemuGetPciHostDeviceList(conn, def)))
-         return -1;
- 
-@@ -1792,14 +1789,11 @@ static int qemuDomainSetHostdevUSBOwners
-     struct qemuFileOwner owner = { uid, gid };
-     int ret = -1;
- 
-    /* XXX what todo for USB devs assigned based on product/vendor ? Doom :-( */
-    if (!def->source.subsys.u.usb.bus ||
-        !def->source.subsys.u.usb.device)
-        return 0;
-
-     usbDevice *dev = usbGetDevice(conn,
-                                   def->source.subsys.u.usb.bus,
-                                  def->source.subsys.u.usb.device);
-+                                  def->source.subsys.u.usb.device,
-+                                  def->source.subsys.u.usb.vendor,
-+                                  def->source.subsys.u.usb.product);
- 
-     if (!dev)
-         goto cleanup;
-@@ -2065,13 +2059,17 @@ static int qemudStartVMDaemon(virConnect
-         return -1;
-     }
- 
-+    DEBUG0("Preparing host devices");
-+    if (qemuPrepareHostDevices(conn, driver, vm->def) < 0)
-+        goto cleanup;
-+
-     /* If you are using a SecurityDriver with dynamic labelling,
-        then generate a security label for isolation */
-     if (vm->def->seclabel.type == VIR_DOMAIN_SECLABEL_DYNAMIC &&
-         driver->securityDriver &&
-         driver->securityDriver->domainGenSecurityLabel &&
-         driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0)
-        return -1;
-+        return cleanup;
- 
-     /* Ensure no historical cgroup for this VM is lieing around bogus settings */
-     qemuRemoveCgroup(conn, driver, vm);
-@@ -2119,9 +2117,6 @@ static int qemudStartVMDaemon(virConnect
-     if (qemuSetupCgroup(conn, driver, vm) < 0)
-         goto cleanup;
- 
-    if (qemuPrepareHostDevices(conn, driver, vm->def) < 0)
-        goto cleanup;
-
-     if (VIR_ALLOC(vm->monitor_chr) < 0) {
-         virReportOOMError(conn);
-         goto cleanup;
-@@ -2348,6 +2343,56 @@ retry:
- }
- 
- 
-+
-+static int
-+qemuPrepareHostUSBDevices(struct qemud_driver *driver ATTRIBUTE_UNUSED,
-+                          virDomainDefPtr def)
-+{
-+    int i;
-+    for (i = 0 ; i < def->nhostdevs ; i++) {
-+        virDomainHostdevDefPtr hostdev = def->hostdevs[i];
-+
-+        if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
-+            continue;
-+        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
-+            continue;
-+
-+        /* Resolve a vendor/product to bus/device */
-+        if (hostdev->source.subsys.u.usb.vendor) {
-+            usbDevice *usb
-+                = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
-+                                hostdev->source.subsys.u.usb.product);
-+
-+            if (!usb)
-+                return -1;
-+
-+            hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(usb);
-+            hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(usb);
-+
-+            usbFreeDevice(usb);
-+        }
-+    }
-+
-+    return 0;
-+}
-+
-+static int
-+qemuPrepareHostDevices(struct qemud_driver *driver,
-+                       virDomainDefPtr def)
-+{
-+    if (!def->nhostdevs)
-+        return 0;
-+
-+    if (qemuPrepareHostPCIDevices(driver, def) < 0)
-+        return -1;
-+
-+    if (qemuPrepareHostUSBDevices(driver, def) < 0)
-+        return -1;
-+
-+    return 0;
-+}
-+
-+
- static void
- qemudDispatchVMEvent(int watch, int fd, int events, void *opaque) {
-     struct qemud_driver *driver = opaque;
-@@ -6294,6 +6339,23 @@ static int qemudDomainDetachHostDevice(v
-         return -1;
-     }
- 
-+    /* Resolve USB product/vendor to bus/device */
-+    if (hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB &&
-+        hostdev->source.subsys.u.usb.vendor) {
-+        usbDevice *usb
-+            = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
-+                            hostdev->source.subsys.u.usb.product);
-+
-+        if (!usb)
-+            return -1;
-+
-+        hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(usb);
-+        hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(usb);
-+
-+        usbFreeDevice(usb);
-+    }
-+
-+
-     if (driver->securityDriver &&
-         driver->securityDriver->domainSetSecurityHostdevLabel(conn, vm, dev->data.hostdev) < 0)
-         VIR_WARN0("Failed to restore device labelling");
-diff -rup libvirt-0.7.1/src/security_selinux.c new/src/security_selinux.c
--- libvirt-0.7.1/src/security_selinux.c	2010-05-17 16:53:48.775745000 -0400
-+++ new/src/security_selinux.c	2010-05-17 16:58:47.442604000 -0400
-@@ -482,20 +482,15 @@ SELinuxSetSecurityHostdevLabel(virConnec
- 
-     switch (dev->source.subsys.type) {
-     case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB: {
-        if (dev->source.subsys.u.usb.bus && dev->source.subsys.u.usb.device) {
-            usbDevice *usb = usbGetDevice(conn,
-                                          dev->source.subsys.u.usb.bus,
-                                          dev->source.subsys.u.usb.device);
-
-            if (!usb)
-                goto done;
-
-            ret = usbDeviceFileIterate(conn, usb, SELinuxSetSecurityUSBLabel, vm);
-            usbFreeDevice(conn, usb);
-        } else {
-            /* XXX deal with product/vendor better */
-            ret = 0;
-        }
-+        usbDevice *usb = usbGetDevice(conn,
-+                                      dev->source.subsys.u.usb.bus,
-+                                      dev->source.subsys.u.usb.device);
-+
-+        if (!usb)
-+            goto done;
-+
-+        ret = usbDeviceFileIterate(conn, usb, SELinuxSetSecurityUSBLabel, vm);
-+        usbFreeDevice(conn, usb);
-         break;
-     }
- 
-diff -rup libvirt-0.7.1/src/hostusb.c new/src/hostusb.c
--- libvirt-0.7.1/src/hostusb.c	2010-05-17 17:09:02.573638000 -0400
-+++ new/src/hostusb.c	2010-05-17 17:29:49.133509000 -0400
-@@ -184,16 +184,17 @@ usbGetDevice(virConnectPtr conn,
- 
- 
- usbDevice *
-usbFindDevice(unsigned vendor,
-+usbFindDevice(virConnectPtr conn,
-+              unsigned vendor,
-               unsigned product)
- {
-     unsigned bus = 0, devno = 0;
- 
-    if (usbFindBusByVendor(vendor, product, &bus, &devno) < 0) {
-+    if (usbFindBusByVendor(conn, vendor, product, &bus, &devno) < 0) {
-         return NULL;
-     }
- 
-    return usbGetDevice(bus, devno);
-+    return usbGetDevice(conn, bus, devno);
- }
- 
- 
-diff -rup libvirt-0.7.1/src/qemu_driver.c new/src/qemu_driver.c
--- libvirt-0.7.1/src/qemu_driver.c	2010-05-17 17:09:02.602638000 -0400
-+++ new/src/qemu_driver.c	2010-05-17 17:36:10.066214000 -0400
-@@ -1791,9 +1791,7 @@ static int qemuDomainSetHostdevUSBOwners
- 
-     usbDevice *dev = usbGetDevice(conn,
-                                   def->source.subsys.u.usb.bus,
-                                  def->source.subsys.u.usb.device,
-                                  def->source.subsys.u.usb.vendor,
-                                  def->source.subsys.u.usb.product);
-+                                  def->source.subsys.u.usb.device);
- 
-     if (!dev)
-         goto cleanup;
-@@ -2026,6 +2024,10 @@ qemuPrepareMonitorChr(virConnectPtr conn
-     return 0;
- }
- 
-+static int
-+qemuPrepareHostDevices(struct qemud_driver *driver,
-+                       virDomainDefPtr def);
-+
- static int qemudStartVMDaemon(virConnectPtr conn,
-                               struct qemud_driver *driver,
-                               virDomainObjPtr vm,
-@@ -2060,7 +2062,7 @@ static int qemudStartVMDaemon(virConnect
-     }
- 
-     DEBUG0("Preparing host devices");
-    if (qemuPrepareHostDevices(conn, driver, vm->def) < 0)
-+    if (qemuPrepareHostDevices(driver, vm->def) < 0)
-         goto cleanup;
- 
-     /* If you are using a SecurityDriver with dynamic labelling,
-@@ -2069,7 +2071,7 @@ static int qemudStartVMDaemon(virConnect
-         driver->securityDriver &&
-         driver->securityDriver->domainGenSecurityLabel &&
-         driver->securityDriver->domainGenSecurityLabel(conn, vm) < 0)
-        return cleanup;
-+        goto cleanup;
- 
-     /* Ensure no historical cgroup for this VM is lieing around bogus settings */
-     qemuRemoveCgroup(conn, driver, vm);
-@@ -2360,7 +2362,8 @@ qemuPrepareHostUSBDevices(struct qemud_d
-         /* Resolve a vendor/product to bus/device */
-         if (hostdev->source.subsys.u.usb.vendor) {
-             usbDevice *usb
-                = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
-+                = usbFindDevice(NULL,
-+                                hostdev->source.subsys.u.usb.vendor,
-                                 hostdev->source.subsys.u.usb.product);
- 
-             if (!usb)
-@@ -2369,7 +2372,7 @@ qemuPrepareHostUSBDevices(struct qemud_d
-             hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(usb);
-             hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(usb);
- 
-            usbFreeDevice(usb);
-+            usbFreeDevice(NULL, usb);
-         }
-     }
- 
-@@ -2383,7 +2386,7 @@ qemuPrepareHostDevices(struct qemud_driv
-     if (!def->nhostdevs)
-         return 0;
- 
-    if (qemuPrepareHostPCIDevices(driver, def) < 0)
-+    if (qemuPrepareHostPCIDevices(NULL, driver, def) < 0)
-         return -1;
- 
-     if (qemuPrepareHostUSBDevices(driver, def) < 0)
-@@ -6343,7 +6346,8 @@ static int qemudDomainDetachHostDevice(v
-     if (hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB &&
-         hostdev->source.subsys.u.usb.vendor) {
-         usbDevice *usb
-            = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
-+            = usbFindDevice(NULL,
-+                            hostdev->source.subsys.u.usb.vendor,
-                             hostdev->source.subsys.u.usb.product);
- 
-         if (!usb)
-@@ -6352,7 +6356,7 @@ static int qemudDomainDetachHostDevice(v
-         hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(usb);
-         hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(usb);
- 
-        usbFreeDevice(usb);
-+        usbFreeDevice(NULL, usb);
-     }
- 
- 
@@ -1,686 +0,0 @@
-commit 33a198c1f6a4a1bc7f34d50a31032e03bec10fee
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Fri Jul 17 20:20:08 2009 +0100
-
-    Initialize gcrypt threading
-    
-    GNUTLS uses gcrypt for its crypto functions. gcrypt requires
-    that the app/library initializes threading before using it.
-    We don't want to force apps using libvirt to know about
-    gcrypt, so we make virInitialize init threading on their
-    behalf. This location also ensures libvirtd has initialized
-    it correctly. This initialization is required even if libvirt
-    itself were only using one thread, since another non-libvirt
-    library (eg GTK-VNC) could also be using gcrypt from another
-    thread
-    
-    * src/libvirt.c: Register thread functions for gcrypt
-    * configure.in: Add -lgcrypt to linker flags
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index 103b331..cad33c2 100644
--- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -22,6 +22,7 @@
- #include <sys/wait.h>
- #endif
- #include <time.h>
-+#include <gcrypt.h>
- 
- #include <libxml/parser.h>
- #include <libxml/xpath.h>
-@@ -251,6 +252,55 @@ winsock_init (void)
- }
- #endif
- 
-+static int virTLSMutexInit (void **priv)
-+{                                                                             \
-+    virMutexPtr lock = NULL;
-+
-+    if (VIR_ALLOC(lock) < 0)
-+        return ENOMEM;
-+
-+    if (virMutexInit(lock) < 0) {
-+        VIR_FREE(lock);
-+        return errno;
-+    }
-+
-+    *priv = lock;
-+    return 0;
-+}
-+
-+static int virTLSMutexDestroy(void **priv)
-+{
-+    virMutexPtr lock = *priv;
-+    virMutexDestroy(lock);
-+    VIR_FREE(lock);
-+    return 0;
-+}
-+
-+static int virTLSMutexLock(void **priv)
-+{
-+    virMutexPtr lock = *priv;
-+    virMutexLock(lock);
-+    return 0;
-+}
-+
-+static int virTLSMutexUnlock(void **priv)
-+{
-+    virMutexPtr lock = *priv;
-+    virMutexUnlock(lock);
-+    return 0;
-+}
-+
-+static struct gcry_thread_cbs virTLSThreadImpl = {
-+    (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)),
-+    NULL,
-+    virTLSMutexInit,
-+    virTLSMutexDestroy,
-+    virTLSMutexLock,
-+    virTLSMutexUnlock,
-+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-+};
-+
-+
- /**
-  * virInitialize:
-  *
-@@ -273,6 +323,9 @@ virInitialize(void)
-         virRandomInitialize(time(NULL) ^ getpid()))
-         return -1;
- 
-+    gcry_control(GCRYCTL_SET_THREAD_CBS, &virTLSThreadImpl);
-+    gcry_check_version(NULL);
-+
-     virLogSetFromEnv();
- 
-     DEBUG0("register drivers");
-commit 1c5c63338c90f6e82731f6871901dc72732033ef
-Author: Matthias Bolte <matthias.bolte@googlemail.com>
-Date:   Fri Dec 18 12:02:07 2009 +0100
-
-    Fix compilation with gcrypt < 1.4.2
-    
-    Commit 33a198c1f6a4a1bc7f34d50a31032e03bec10fee increased the gcrypt
-    version requirement to 1.4.2 because the GCRY_THREAD_OPTION_VERSION
-    define was added in this version.
-    
-    The configure script doesn't check for the gcrypt version. To support
-    gcrypt versions < 1.4.2 change the virTLSThreadImpl initialization
-    to use GCRY_THREAD_OPTION_VERSION only if it's defined.
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index 5167bc2..16c851f 100644
--- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -291,7 +291,12 @@ static int virTLSMutexUnlock(void **priv)
- }
- 
- static struct gcry_thread_cbs virTLSThreadImpl = {
-+    /* GCRY_THREAD_OPTION_VERSION was added in gcrypt 1.4.2 */
-+#ifdef GCRY_THREAD_OPTION_VERSION
-     (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)),
-+#else
-+    GCRY_THREAD_OPTION_PTHREAD,
-+#endif
-     NULL,
-     virTLSMutexInit,
-     virTLSMutexDestroy,
-diff -rup libvirt-0.7.1/aclocal.m4 gcrypt-new/aclocal.m4
--- libvirt-0.7.1/aclocal.m4	2009-09-15 08:35:04.000000000 -0400
-+++ gcrypt-new/aclocal.m4	2010-05-17 17:52:13.765215000 -0400
-@@ -1,4 +1,4 @@
-# generated automatically by aclocal 1.11 -*- Autoconf -*-
-+# generated automatically by aclocal 1.11.1 -*- Autoconf -*-
- 
- # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- # 2005, 2006, 2007, 2008, 2009  Free Software Foundation, Inc.
-@@ -190,7 +190,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
- [am__api_version='1.11'
- dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
- dnl require some minimum version.  Point them to the right macro.
-m4_if([$1], [1.11], [],
-+m4_if([$1], [1.11.1], [],
-       [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
- ])
- 
-@@ -206,7 +206,7 @@ m4_define([_AM_AUTOCONF_VERSION], [])
- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
- # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
- AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.11])dnl
-+[AM_AUTOMAKE_VERSION([1.11.1])dnl
- m4_ifndef([AC_AUTOCONF_VERSION],
-   [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
- _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
-diff -rup libvirt-0.7.1/configure gcrypt-new/configure
--- libvirt-0.7.1/configure	2009-09-15 08:35:09.000000000 -0400
-+++ gcrypt-new/configure	2010-05-17 17:52:18.706838000 -0400
-@@ -43324,7 +43324,7 @@ fi
- $as_echo "$as_me: error: You must install the GnuTLS library in order to compile and run libvirt" >&2;}
-    { (exit 1); exit 1; }; }
- 
-  GNUTLS_LIBS=$LIBS
-+      GNUTLS_LIBS="$LIBS -lgcrypt"
-   LIBS="$old_libs"
- fi
- 
-diff -rup libvirt-0.7.1/docs/devhelp/Makefile.in gcrypt-new/docs/devhelp/Makefile.in
--- libvirt-0.7.1/docs/devhelp/Makefile.in	2009-09-15 08:35:13.000000000 -0400
-+++ gcrypt-new/docs/devhelp/Makefile.in	2010-05-17 17:52:23.305455000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/docs/examples/Makefile.in gcrypt-new/docs/examples/Makefile.in
--- libvirt-0.7.1/docs/examples/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/docs/examples/Makefile.in	2010-05-17 17:52:23.492454000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -999,7 +999,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1024,7 +1024,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/docs/examples/python/Makefile.in gcrypt-new/docs/examples/python/Makefile.in
--- libvirt-0.7.1/docs/examples/python/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/docs/examples/python/Makefile.in	2010-05-17 17:52:23.650454000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/docs/Makefile.in gcrypt-new/docs/Makefile.in
--- libvirt-0.7.1/docs/Makefile.in	2009-09-15 08:35:13.000000000 -0400
-+++ gcrypt-new/docs/Makefile.in	2010-05-17 17:52:23.143456000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -966,7 +966,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -991,7 +991,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/docs/schemas/Makefile.in gcrypt-new/docs/schemas/Makefile.in
--- libvirt-0.7.1/docs/schemas/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/docs/schemas/Makefile.in	2010-05-17 17:52:23.807456000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/examples/domain-events/events-c/Makefile.in gcrypt-new/examples/domain-events/events-c/Makefile.in
--- libvirt-0.7.1/examples/domain-events/events-c/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/examples/domain-events/events-c/Makefile.in	2010-05-17 17:52:23.983380000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/examples/hellolibvirt/Makefile.in gcrypt-new/examples/hellolibvirt/Makefile.in
--- libvirt-0.7.1/examples/hellolibvirt/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/examples/hellolibvirt/Makefile.in	2010-05-17 17:52:24.166378000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/gnulib/lib/Makefile.in gcrypt-new/gnulib/lib/Makefile.in
--- libvirt-0.7.1/gnulib/lib/Makefile.in	2009-09-15 08:35:14.000000000 -0400
-+++ gcrypt-new/gnulib/lib/Makefile.in	2010-05-17 17:52:24.409381000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1128,7 +1128,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1153,7 +1153,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/gnulib/tests/Makefile.in gcrypt-new/gnulib/tests/Makefile.in
--- libvirt-0.7.1/gnulib/tests/Makefile.in	2009-09-15 08:35:15.000000000 -0400
-+++ gcrypt-new/gnulib/tests/Makefile.in	2010-05-17 17:52:24.719382000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1501,7 +1501,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1526,7 +1526,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/include/libvirt/Makefile.in gcrypt-new/include/libvirt/Makefile.in
--- libvirt-0.7.1/include/libvirt/Makefile.in	2009-09-15 08:35:15.000000000 -0400
-+++ gcrypt-new/include/libvirt/Makefile.in	2010-05-17 17:52:25.069302000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/include/Makefile.in gcrypt-new/include/Makefile.in
--- libvirt-0.7.1/include/Makefile.in	2009-09-15 08:35:15.000000000 -0400
-+++ gcrypt-new/include/Makefile.in	2010-05-17 17:52:24.902313000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -896,7 +896,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -921,7 +921,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/Makefile.in gcrypt-new/Makefile.in
--- libvirt-0.7.1/Makefile.in	2009-09-15 08:35:18.000000000 -0400
-+++ gcrypt-new/Makefile.in	2010-05-17 17:52:28.423082000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1060,7 +1060,7 @@ uninstall-pkgconfigDATA:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1085,7 +1085,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1265,7 +1265,8 @@ distdir: $(DISTFILES)
- 	  top_distdir="$(top_distdir)" distdir="$(distdir)" \
- 	  dist-hook
- 	-test -n "$(am__skip_mode_fix)" \
-	|| find "$(distdir)" -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
-+	|| find "$(distdir)" -type d ! -perm -755 \
-+		-exec chmod u+rwx,go+rx {} \; -o \
- 	  ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
- 	  ! -type d ! -perm -400 -exec chmod a+r {} \; -o \
- 	  ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
-@@ -1309,17 +1310,17 @@ dist dist-all: distdir
- distcheck: dist
- 	case '$(DIST_ARCHIVES)' in \
- 	*.tar.gz*) \
-	  GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
-+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
- 	*.tar.bz2*) \
-	  bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
-+	  bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
- 	*.tar.lzma*) \
-	  unlzma -c $(distdir).tar.lzma | $(am__untar) ;;\
-+	  lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
- 	*.tar.xz*) \
- 	  xz -dc $(distdir).tar.xz | $(am__untar) ;;\
- 	*.tar.Z*) \
- 	  uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
- 	*.shar.gz*) \
-	  GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\
-+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
- 	*.zip*) \
- 	  unzip $(distdir).zip ;;\
- 	esac
-diff -rup libvirt-0.7.1/proxy/Makefile.in gcrypt-new/proxy/Makefile.in
--- libvirt-0.7.1/proxy/Makefile.in	2009-09-15 08:35:15.000000000 -0400
-+++ gcrypt-new/proxy/Makefile.in	2010-05-17 17:52:25.334306000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/python/Makefile.in gcrypt-new/python/Makefile.in
--- libvirt-0.7.1/python/Makefile.in	2009-09-15 08:35:16.000000000 -0400
-+++ gcrypt-new/python/Makefile.in	2010-05-17 17:52:25.538302000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1090,7 +1090,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1115,7 +1115,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/python/tests/Makefile.in gcrypt-new/python/tests/Makefile.in
--- libvirt-0.7.1/python/tests/Makefile.in	2009-09-15 08:35:16.000000000 -0400
-+++ gcrypt-new/python/tests/Makefile.in	2010-05-17 17:52:25.702304000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/qemud/Makefile.in gcrypt-new/qemud/Makefile.in
--- libvirt-0.7.1/qemud/Makefile.in	2009-09-15 08:35:16.000000000 -0400
-+++ gcrypt-new/qemud/Makefile.in	2010-05-17 17:52:25.997229000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1522,7 +1522,7 @@ remote_protocol.c: remote_protocol.h
- @WITH_LIBVIRTD_TRUE@	test -e $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml || \
- @WITH_LIBVIRTD_TRUE@           ln -s ../default.xml \
- @WITH_LIBVIRTD_TRUE@	    $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
-@WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/qemu
-+@WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt
- @WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/run/libvirt
- @WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/lib/libvirt
- 
-@@ -1530,7 +1530,7 @@ remote_protocol.c: remote_protocol.h
- @WITH_LIBVIRTD_TRUE@	rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
- @WITH_LIBVIRTD_TRUE@	rm -f $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
- @WITH_LIBVIRTD_TRUE@	rmdir $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart || :
-@WITH_LIBVIRTD_TRUE@	rmdir $(DESTDIR)$(localstatedir)/log/libvirt/qemu || :
-+@WITH_LIBVIRTD_TRUE@	rmdir $(DESTDIR)$(localstatedir)/log/libvirt || :
- @WITH_LIBVIRTD_TRUE@	rmdir $(DESTDIR)$(localstatedir)/run/libvirt || :
- @WITH_LIBVIRTD_TRUE@	rmdir $(DESTDIR)$(localstatedir)/lib/libvirt || :
- 
-@@ -1577,6 +1577,8 @@ remote_protocol.c: remote_protocol.h
- 
- @WITH_LIBVIRTD_TRUE@install-logrotate: libvirtd.logrotate
- @WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/qemu/
-+@WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/lxc/
-+@WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/uml/
- @WITH_LIBVIRTD_TRUE@	mkdir -p $(DESTDIR)$(sysconfdir)/logrotate.d/
- @WITH_LIBVIRTD_TRUE@	$(INSTALL_DATA) $< $(DESTDIR)$(sysconfdir)/logrotate.d/libvirtd
- 
-diff -rup libvirt-0.7.1/src/Makefile.in gcrypt-new/src/Makefile.in
--- libvirt-0.7.1/src/Makefile.in	2009-09-15 08:35:17.000000000 -0400
-+++ gcrypt-new/src/Makefile.in	2010-05-17 17:52:26.929151000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -598,9 +598,9 @@ am__objects_45 = libvirt_util_la-bridge.
- 	libvirt_util_la-pci.lo libvirt_util_la-hostusb.lo \
- 	libvirt_util_la-qparams.lo \
- 	libvirt_util_la-storage_encryption_conf.lo \
-	libvirt_util_la-threads.lo libvirt_util_la-uuid.lo \
-	libvirt_util_la-util.lo libvirt_util_la-virterror.lo \
-	libvirt_util_la-xml.lo
-+	libvirt_util_la-storage_file.lo libvirt_util_la-threads.lo \
-+	libvirt_util_la-uuid.lo libvirt_util_la-util.lo \
-+	libvirt_util_la-virterror.lo libvirt_util_la-xml.lo
- am_libvirt_util_la_OBJECTS = $(am__objects_45)
- libvirt_util_la_OBJECTS = $(am_libvirt_util_la_OBJECTS)
- libvirt_util_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
-@@ -617,11 +617,11 @@ am__libvirt_lxc_SOURCES_DIST = lxc_conf.
- 	event.h hash.c hash.h iptables.c iptables.h logging.c \
- 	logging.h memory.c memory.h pci.c pci.h hostusb.c hostusb.h \
- 	qparams.c qparams.h storage_encryption_conf.h \
-	storage_encryption_conf.c threads.c threads.h \
-	threads-pthread.h threads-win32.h uuid.c uuid.h util.c util.h \
-	virterror.c virterror_internal.h xml.c xml.h capabilities.c \
-	capabilities.h domain_conf.c domain_conf.h nodeinfo.h \
-	nodeinfo.c
-+	storage_encryption_conf.c storage_file.c storage_file.h \
-+	threads.c threads.h threads-pthread.h threads-win32.h uuid.c \
-+	uuid.h util.c util.h virterror.c virterror_internal.h xml.c \
-+	xml.h capabilities.c capabilities.h domain_conf.c \
-+	domain_conf.h nodeinfo.h nodeinfo.c
- am__objects_46 = libvirt_lxc-lxc_conf.$(OBJEXT) \
- 	libvirt_lxc-lxc_container.$(OBJEXT) \
- 	libvirt_lxc-lxc_controller.$(OBJEXT) \
-@@ -633,6 +633,7 @@ am__objects_47 = libvirt_lxc-bridge.$(OB
- 	libvirt_lxc-memory.$(OBJEXT) libvirt_lxc-pci.$(OBJEXT) \
- 	libvirt_lxc-hostusb.$(OBJEXT) libvirt_lxc-qparams.$(OBJEXT) \
- 	libvirt_lxc-storage_encryption_conf.$(OBJEXT) \
-+	libvirt_lxc-storage_file.$(OBJEXT) \
- 	libvirt_lxc-threads.$(OBJEXT) libvirt_lxc-uuid.$(OBJEXT) \
- 	libvirt_lxc-util.$(OBJEXT) libvirt_lxc-virterror.$(OBJEXT) \
- 	libvirt_lxc-xml.$(OBJEXT)
-@@ -1485,6 +1486,7 @@ UTIL_SOURCES = \
- 		hostusb.c hostusb.h				\
- 		qparams.c qparams.h				\
- 		storage_encryption_conf.h storage_encryption_conf.c	\
-+		storage_file.c storage_file.h			\
- 		threads.c threads.h				\
- 		threads-pthread.h				\
- 		threads-win32.h					\
-@@ -2151,6 +2153,7 @@ distclean-compile:
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-pci.Po@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-qparams.Po@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-storage_encryption_conf.Po@am__quote@
-+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-storage_file.Po@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-threads.Po@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-util.Po@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_lxc-uuid.Po@am__quote@
-@@ -2170,6 +2173,7 @@ distclean-compile:
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-pci.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-qparams.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-storage_encryption_conf.Plo@am__quote@
-+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-storage_file.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-threads.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-util.Plo@am__quote@
- @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libvirt_util_la-uuid.Plo@am__quote@
-@@ -2753,6 +2757,14 @@ libvirt_util_la-storage_encryption_conf.
- @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- @am__fastdepCC_FALSE@	$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_util_la_CFLAGS) $(CFLAGS) -c -o libvirt_util_la-storage_encryption_conf.lo `test -f 'storage_encryption_conf.c' || echo '$(srcdir)/'`storage_encryption_conf.c
- 
-+libvirt_util_la-storage_file.lo: storage_file.c
-+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_util_la_CFLAGS) $(CFLAGS) -MT libvirt_util_la-storage_file.lo -MD -MP -MF $(DEPDIR)/libvirt_util_la-storage_file.Tpo -c -o libvirt_util_la-storage_file.lo `test -f 'storage_file.c' || echo '$(srcdir)/'`storage_file.c
-+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libvirt_util_la-storage_file.Tpo $(DEPDIR)/libvirt_util_la-storage_file.Plo
-+@am__fastdepCC_FALSE@	$(AM_V_CC) @AM_BACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='storage_file.c' object='libvirt_util_la-storage_file.lo' libtool=yes @AMDEPBACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-+@am__fastdepCC_FALSE@	$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_util_la_CFLAGS) $(CFLAGS) -c -o libvirt_util_la-storage_file.lo `test -f 'storage_file.c' || echo '$(srcdir)/'`storage_file.c
-+
- libvirt_util_la-threads.lo: threads.c
- @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_util_la_CFLAGS) $(CFLAGS) -MT libvirt_util_la-threads.lo -MD -MP -MF $(DEPDIR)/libvirt_util_la-threads.Tpo -c -o libvirt_util_la-threads.lo `test -f 'threads.c' || echo '$(srcdir)/'`threads.c
- @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libvirt_util_la-threads.Tpo $(DEPDIR)/libvirt_util_la-threads.Plo
-@@ -3065,6 +3077,22 @@ libvirt_lxc-storage_encryption_conf.obj:
- @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- @am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -c -o libvirt_lxc-storage_encryption_conf.obj `if test -f 'storage_encryption_conf.c'; then $(CYGPATH_W) 'storage_encryption_conf.c'; else $(CYGPATH_W) '$(srcdir)/storage_encryption_conf.c'; fi`
- 
-+libvirt_lxc-storage_file.o: storage_file.c
-+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -MT libvirt_lxc-storage_file.o -MD -MP -MF $(DEPDIR)/libvirt_lxc-storage_file.Tpo -c -o libvirt_lxc-storage_file.o `test -f 'storage_file.c' || echo '$(srcdir)/'`storage_file.c
-+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libvirt_lxc-storage_file.Tpo $(DEPDIR)/libvirt_lxc-storage_file.Po
-+@am__fastdepCC_FALSE@	$(AM_V_CC) @AM_BACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='storage_file.c' object='libvirt_lxc-storage_file.o' libtool=no @AMDEPBACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -c -o libvirt_lxc-storage_file.o `test -f 'storage_file.c' || echo '$(srcdir)/'`storage_file.c
-+
-+libvirt_lxc-storage_file.obj: storage_file.c
-+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -MT libvirt_lxc-storage_file.obj -MD -MP -MF $(DEPDIR)/libvirt_lxc-storage_file.Tpo -c -o libvirt_lxc-storage_file.obj `if test -f 'storage_file.c'; then $(CYGPATH_W) 'storage_file.c'; else $(CYGPATH_W) '$(srcdir)/storage_file.c'; fi`
-+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libvirt_lxc-storage_file.Tpo $(DEPDIR)/libvirt_lxc-storage_file.Po
-+@am__fastdepCC_FALSE@	$(AM_V_CC) @AM_BACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='storage_file.c' object='libvirt_lxc-storage_file.obj' libtool=no @AMDEPBACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -c -o libvirt_lxc-storage_file.obj `if test -f 'storage_file.c'; then $(CYGPATH_W) 'storage_file.c'; else $(CYGPATH_W) '$(srcdir)/storage_file.c'; fi`
-+
- libvirt_lxc-threads.o: threads.c
- @am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libvirt_lxc_CFLAGS) $(CFLAGS) -MT libvirt_lxc-threads.o -MD -MP -MF $(DEPDIR)/libvirt_lxc-threads.Tpo -c -o libvirt_lxc-threads.o `test -f 'threads.c' || echo '$(srcdir)/'`threads.c
- @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libvirt_lxc-threads.Tpo $(DEPDIR)/libvirt_lxc-threads.Po
-diff -rup libvirt-0.7.1/tests/confdata/Makefile.in gcrypt-new/tests/confdata/Makefile.in
--- libvirt-0.7.1/tests/confdata/Makefile.in	2009-09-15 08:35:17.000000000 -0400
-+++ gcrypt-new/tests/confdata/Makefile.in	2010-05-17 17:52:27.383154000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/tests/Makefile.in gcrypt-new/tests/Makefile.in
--- libvirt-0.7.1/tests/Makefile.in	2009-09-15 08:35:17.000000000 -0400
-+++ gcrypt-new/tests/Makefile.in	2010-05-17 17:52:27.223153000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-@@ -1401,7 +1401,7 @@ clean-libtool:
- #     (which will cause the Makefiles to be regenerated when you run `make');
- # (2) otherwise, pass the desired values on the `make' command line.
- $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-@@ -1426,7 +1426,7 @@ $(RECURSIVE_TARGETS):
- 	fi; test -z "$$fail"
- 
- $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
-+	@fail= failcom='exit 1'; \
- 	for f in x $$MAKEFLAGS; do \
- 	  case $$f in \
- 	    *=* | --[!k]*);; \
-diff -rup libvirt-0.7.1/tests/sexpr2xmldata/Makefile.in gcrypt-new/tests/sexpr2xmldata/Makefile.in
--- libvirt-0.7.1/tests/sexpr2xmldata/Makefile.in	2009-09-15 08:35:17.000000000 -0400
-+++ gcrypt-new/tests/sexpr2xmldata/Makefile.in	2010-05-17 17:52:27.543159000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/tests/xencapsdata/Makefile.in gcrypt-new/tests/xencapsdata/Makefile.in
--- libvirt-0.7.1/tests/xencapsdata/Makefile.in	2009-09-15 08:35:18.000000000 -0400
-+++ gcrypt-new/tests/xencapsdata/Makefile.in	2010-05-17 17:52:27.704150000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/tests/xmconfigdata/Makefile.in gcrypt-new/tests/xmconfigdata/Makefile.in
--- libvirt-0.7.1/tests/xmconfigdata/Makefile.in	2009-09-15 08:35:18.000000000 -0400
-+++ gcrypt-new/tests/xmconfigdata/Makefile.in	2010-05-17 17:52:27.872118000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/tests/xml2sexprdata/Makefile.in gcrypt-new/tests/xml2sexprdata/Makefile.in
--- libvirt-0.7.1/tests/xml2sexprdata/Makefile.in	2009-09-15 08:35:18.000000000 -0400
-+++ gcrypt-new/tests/xml2sexprdata/Makefile.in	2010-05-17 17:52:28.046074000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-diff -rup libvirt-0.7.1/tools/Makefile.in gcrypt-new/tools/Makefile.in
--- libvirt-0.7.1/tools/Makefile.in	2009-09-15 08:35:18.000000000 -0400
-+++ gcrypt-new/tools/Makefile.in	2010-05-17 17:52:28.213075000 -0400
-@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
-+# Makefile.in generated by automake 1.11.1 from Makefile.am.
- # @configure_input@
- 
- # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -1,29 +0,0 @@
-commit c11a82b62aefc21e070c527f59a1f9c57a7b4f36
-Author: Richard Jones <rjones@redhat.com>
-Date:   Thu Dec 10 16:39:07 2009 +0000
-
-    qemu driver: Fix segfault in libvirt/libvirtd when uri->path is NULL.
-    
-    See also:
-    https://bugzilla.redhat.com/show_bug.cgi?id=545400#c1
-
-diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
-index 2fb059d..e9cc8c3 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -2651,6 +2651,15 @@ static virDrvOpenStatus qemudOpen(virConnectPtr conn,
-             return VIR_DRV_OPEN_ERROR;
-         }
- 
-+        if (conn->uri->path == NULL) {
-+            qemudReportError(conn, NULL, NULL, VIR_ERR_INTERNAL_ERROR,
-+                             _("no QEMU URI path given, try %s"),
-+                             qemu_driver->privileged
-+                               ? "qemu:///system"
-+                               : "qemu:///session");
-+                return VIR_DRV_OPEN_ERROR;
-+        }
-+
-         if (qemu_driver->privileged) {
-             if (STRNEQ (conn->uri->path, "/system") &&
-                 STRNEQ (conn->uri->path, "/session")) {
@@ -1,34 +0,0 @@
-From bcd4180124afa20580d720912e2179b3a2f9295a Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 5 Oct 2009 17:03:14 +0200
-Subject: [PATCH] 526769 change logrotate config default to weekly
-
-* daemon/libvirtd.logrotate.in: change to weekly rotation of logs,
-  keep a month worth of data and also extend to cover LXC and UML
-  domain logs
-
-(cherry picked from commit 529325bbdd050af89bda5a5c1a01b5553c49a57e)
-
-Fedora-patch: libvirt-change-logrotate-config-to-weekly.patch
---
- qemud/libvirtd.logrotate.in |    6 +++---
- 1 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/qemud/libvirtd.logrotate.in b/qemud/libvirtd.logrotate.in
-index 9b42630..093651c 100644
--- a/qemud/libvirtd.logrotate.in
-+++ b/qemud/libvirtd.logrotate.in
-@@ -1,7 +1,7 @@
-@localstatedir@/log/libvirt/qemu/*.log {
-        daily
-+@localstatedir@/log/libvirt/qemu/*.log @localstatedir@/log/libvirt/uml/*.log @localstatedir@/log/libvirt/lxc/*.log {
-+        weekly
-         missingok
-        rotate 7
-+        rotate 4
-         compress
-         delaycompress
-         copytruncate
-- 
-1.6.2.5
-
@@ -1,77 +0,0 @@
-From 4721ceb9b85daabe53804627473b06ced821c695 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Mon, 14 Sep 2009 11:23:20 +0100
-Subject: [PATCH] Allow control over QEMU audio backend
-
-When using VNC for graphics + keyboard + mouse, we shouldn't
-then use the host OS for audio. Audio should go back over
-VNC.
-
-When using SDL for graphics, we should use the host OS for
-audio since that's where the display is. We need to allow
-certain QEMU env variables to be passed through to guest
-too to allow choice of QEMU audio backend.
-
-* qemud/libvirtd.sysconf: Mention QEMU/SDL audio env vars
-* src/qemu_conf.c: Passthrough QEMU/SDL audio env for SDL display,
-  disable host audio for VNC display
-
-(cherry picked from commit b08e6d38ae7a0ed70300d7d82107f83fddb60f44)
-
-Fedora-patch: libvirt-disable-audio-backend.patch
---
- qemud/libvirtd.sysconf |    8 ++++++++
- src/qemu_conf.c        |   14 ++++++++++++++
- 2 files changed, 22 insertions(+), 0 deletions(-)
-
-diff --git a/qemud/libvirtd.sysconf b/qemud/libvirtd.sysconf
-index fe4596a..28080a0 100644
--- a/qemud/libvirtd.sysconf
-+++ b/qemud/libvirtd.sysconf
-@@ -7,3 +7,11 @@
- 
- # Override Kerberos service keytab for SASL/GSSAPI
- #KRB5_KTNAME=/etc/libvirt/krb5.tab
-+
-+# Override the QEMU/SDL default audio driver probing when
-+# starting virtual machines using SDL graphics
-+#
-+# NB these have no effect for VMs using VNC
-+#QEMU_AUDIO_DRV=sdl
-+#
-+#SDL_AUDIODRIVER=pulse
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index f92bcef..0dd0624 100644
--- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -2109,6 +2109,13 @@ int qemudBuildCommandLine(virConnectPtr conn,
-             ADD_ARG_LIT("-k");
-             ADD_ARG_LIT(def->graphics[0]->data.vnc.keymap);
-         }
-+
-+        /* QEMU implements a VNC extension for providing audio, so we
-+         * set the audio backend to none, to prevent it opening the
-+         * host OS audio devices since that causes security issues
-+         * and is non-sensical when using VNC.
-+         */
-+        ADD_ENV_LIT("QEMU_AUDIO_DRV=none");
-     } else if ((def->ngraphics == 1) &&
-                def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL) {
-         char *xauth = NULL;
-@@ -2131,6 +2138,13 @@ int qemudBuildCommandLine(virConnectPtr conn,
-             ADD_ENV(display);
-         if (def->graphics[0]->data.sdl.fullscreen)
-             ADD_ARG_LIT("-full-screen");
-+
-+        /* If using SDL for video, then we should just let it
-+         * use QEMU's host audio drivers, possibly SDL too
-+         * User can set these two before starting libvirtd
-+         */
-+        ADD_ENV_COPY("QEMU_AUDIO_DRV");
-+        ADD_ENV_COPY("SDL_AUDIODRIVER");
-     }
- 
-     if (def->nvideos) {
-- 
-1.6.2.5
-
@@ -1,31 +0,0 @@
-From a5fa9f63fcffbf70465386672f24edac439866b9 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Thu, 24 Sep 2009 15:42:25 +0100
-Subject: [PATCH] Fix crash in device hotplug cleanup code
-
-* src/qemu/qemu_driver.c: Fix crash in scenario where XML
-  parsing of hotplugged device failed & thus 'dev' is NULL
-
-(cherry picked from commit 879cd8cc2ba00f795913f296556e05f25afa7877)
-
-Fedora-patch: libvirt-fix-crash-on-device-hotplug-parse-error.patch
---
- src/qemu_driver.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 0ce403c..c956258 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -5912,7 +5912,7 @@ cleanup:
-     if (cgroup)
-         virCgroupFree(&cgroup);
- 
-    if (ret < 0) {
-+    if (ret < 0 && dev != NULL) {
-         if (qemuDomainSetDeviceOwnership(dom->conn, driver, dev, 1) < 0)
-             VIR_WARN0("Fail to restore disk device ownership");
-         virDomainDeviceDefFree(dev);
-- 
-1.6.2.5
-
@@ -1,33 +0,0 @@
-From 7bc1491deba6338e514504d1b68fe097e7f2bf19 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 1 Oct 2009 11:54:38 +0200
-Subject: [PATCH] Avoid a libvirtd crash on broken input 523418
-
-* src/conf/domain_conf.c: a simple typo in an XML domain file could lead
-  to a crash, because we called STRPREFIX() on the looked up value without
-  checking it was non-null.
-
-(cherry picked from commit 79d233b5ca62f86ab22d271d1f08ec20060eee88)
-
-Fedora-patch: libvirt-fix-crash-on-missing-iface-target-dev.patch
---
- src/domain_conf.c |    3 ++-
- 1 files changed, 2 insertions(+), 1 deletions(-)
-
-diff --git a/src/domain_conf.c b/src/domain_conf.c
-index c424c67..476cdd7 100644
--- a/src/domain_conf.c
-+++ b/src/domain_conf.c
-@@ -1031,7 +1031,8 @@ virDomainNetDefParseXML(virConnectPtr conn,
-             } else if ((ifname == NULL) &&
-                        xmlStrEqual(cur->name, BAD_CAST "target")) {
-                 ifname = virXMLPropString(cur, "dev");
-                if (STRPREFIX((const char*)ifname, "vnet")) {
-+                if ((ifname != NULL) &&
-+                    (STRPREFIX((const char*)ifname, "vnet"))) {
-                     /* An auto-generated target name, blank it out */
-                     VIR_FREE(ifname);
-                 }
-- 
-1.6.2.5
-
@@ -1,29 +0,0 @@
-From 58c38896a67c170063401d8091bae7dca8842923 Mon Sep 17 00:00:00 2001
-From: Jiri Denemark <jdenemar@redhat.com>
-Date: Wed, 23 Sep 2009 18:46:23 +0200
-Subject: [PATCH] Fix a typo in virDiskHasValidPciAddr()
-
-(cherry-picked from commit 3620e3cdcfe56cc4475b5ef1a0a893757240b795)
-
-Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
-Fedora-patch: libvirt-fix-device-detach-typo1.patch
---
- src/domain_conf.h |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/domain_conf.h b/src/domain_conf.h
-index 09368d9..d494e54 100644
--- a/src/domain_conf.h
-+++ b/src/domain_conf.h
-@@ -125,7 +125,7 @@ struct _virDomainDiskDef {
- static inline int
- virDiskHasValidPciAddr(virDomainDiskDefPtr def)
- {
-    return def->pci_addr.domain || def->pci_addr.domain || def->pci_addr.slot;
-+    return def->pci_addr.domain || def->pci_addr.bus || def->pci_addr.slot;
- }
- 
- 
-- 
-1.6.2.5
-
@@ -1,30 +0,0 @@
-From 81e967c716ce8c085be8baad9169f7772452d187 Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Thu, 24 Sep 2009 08:55:55 +0100
-Subject: [PATCH] Fix a typo in virNetHasValidPciAddr() too
-
-* src/domain_conf.h: check domain/bus/slot, not domain/domain/slot
-
-(cherry-picked from commit 6bfffce91635bb08de601747e94ed1182c0f47eb)
-
-Fedora-patch: libvirt-fix-device-detach-typo2.patch
---
- src/domain_conf.h |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/domain_conf.h b/src/domain_conf.h
-index d494e54..7c918a7 100644
--- a/src/domain_conf.h
-+++ b/src/domain_conf.h
-@@ -207,7 +207,7 @@ struct _virDomainNetDef {
- static inline int
- virNetHasValidPciAddr(virDomainNetDefPtr def)
- {
-    return def->pci_addr.domain || def->pci_addr.domain || def->pci_addr.slot;
-+    return def->pci_addr.domain || def->pci_addr.bus || def->pci_addr.slot;
- }
- 
- enum virDomainChrSrcType {
-- 
-1.6.2.5
-
@@ -1,30 +0,0 @@
-From 3a64779ec5a89d38d64e07bca2b11b19e1882d7a Mon Sep 17 00:00:00 2001
-From: Charles Duffy <charles@dyfis.net>
-Date: Thu, 24 Sep 2009 09:00:24 +0100
-Subject: [PATCH] Fix unitialized variable in qemudDomainDetachHostPciDevice()
-
-* src/qemu_driver.c: initialize detach var
-
-(cherry-picked from commit 580ad29288751234bee47ac9f6c04dac1dc529ea)
-
-Fedora-patch: libvirt-fix-device-detach-typo3.patch
---
- src/qemu_driver.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 7c7b985..550a59c 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -6126,7 +6126,7 @@ static int qemudDomainDetachHostPciDevice(virConnectPtr conn,
-                                           virDomainObjPtr vm,
-                                           virDomainDeviceDefPtr dev)
- {
-    virDomainHostdevDefPtr detach;
-+    virDomainHostdevDefPtr detach = NULL;
-     char *cmd, *reply;
-     int i, ret;
-     pciDevice *pci;
-- 
-1.6.2.5
-
@@ -1,32 +0,0 @@
-From 7692e1e19487c28454b1e5f6488d5574c70883f2 Mon Sep 17 00:00:00 2001
-From: Chris Lalancette <clalance@redhat.com>
-Date: Mon, 21 Sep 2009 14:53:31 +0200
-Subject: [PATCH] Don't do virSetConnError when virDrvSupportsFeature is successful.
-
-Signed-off-by: Chris Lalancette <clalance@redhat.com>
-Fedora-patch: libvirt-fix-drv-supports-feature-bogus-error.patch
---
- src/libvirt.c |    7 +++++--
- 1 files changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/src/libvirt.c b/src/libvirt.c
-index 4a11688..fa59dc7 100644
--- a/src/libvirt.c
-+++ b/src/libvirt.c
-@@ -1349,8 +1349,11 @@ virDrvSupportsFeature (virConnectPtr conn, int feature)
-     }
- 
-     ret = VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn, feature);
-    /* Copy to connection error object for back compatability */
-    virSetConnError(conn);
-+
-+    if (ret < 0)
-+        /* Copy to connection error object for back compatability */
-+        virSetConnError(conn);
-+
-     return ret;
- }
- 
-- 
-1.6.2.5
-
@@ -1,79 +0,0 @@
-From 71de8d92f20a9a9ee76d4d5df77ff477f1b7d441 Mon Sep 17 00:00:00 2001
-From: Matthias Bolte <matthias.bolte@googlemail.com>
-Date: Wed, 30 Sep 2009 02:17:27 +0200
-Subject: [PATCH] Fix memory leaks in libvirtd's message processing
-
-Commit 47cab734995fa9521b1df05d37e9978eedd8d3a2 changed the way how
-qemud_client_message objects were reused. Before this commit
-remoteDispatchClientRequest() reused the received message for normal responses
-and to report non-fatal errors. If a fatal error occurred qemudWorker() frees
-the message. After this commit non-fatal errors are reported by
-remoteSerializeReplyError() using a new qemud_client_message object and the
-original message leaks.
-
-To fix this leak the original message has to be freed if
-remoteSerializeReplyError() succeeds. If remoteSerializeReplyError()
-fails the original message is freed in qemudWorker().
-
-* daemon/dispatch.c: free qemud_client_message objects that will not be reused
-  and would leak otherwise, also free the allocated qemud_client_message object
-  in remoteSerializeError() if an error occurs
-
-(cherry-picked from commit c6f1459eb998619ab21a92d9bb87341f26978181)
-
-Fedora-patch: libvirt-fix-libvirtd-leak-in-error-reply.patch
---
- qemud/dispatch.c |   15 +++++++++++++--
- 1 files changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/qemud/dispatch.c b/qemud/dispatch.c
-index a60f2f4..ddb3215 100644
--- a/qemud/dispatch.c
-+++ b/qemud/dispatch.c
-@@ -191,6 +191,7 @@ remoteSerializeError(struct qemud_client *client,
- 
- xdr_error:
-     xdr_destroy(&xdr);
-+    VIR_FREE(msg);
- fatal_error:
-     xdr_free((xdrproc_t)xdr_remote_error,  (char *)rerr);
-     return -1;
-@@ -336,6 +337,7 @@ remoteDispatchClientRequest (struct qemud_server *server,
-                              struct qemud_client *client,
-                              struct qemud_client_message *msg)
- {
-+    int ret;
-     remote_error rerr;
- 
-     memset(&rerr, 0, sizeof rerr);
-@@ -364,7 +366,12 @@ remoteDispatchClientRequest (struct qemud_server *server,
-     }
- 
- error:
-    return remoteSerializeReplyError(client, &rerr, &msg->hdr);
-+    ret = remoteSerializeReplyError(client, &rerr, &msg->hdr);
-+
-+    if (ret >= 0)
-+        VIR_FREE(msg);
-+
-+    return ret;
- }
- 
- 
-@@ -521,8 +528,12 @@ remoteDispatchClientCall (struct qemud_server *server,
- rpc_error:
-     /* Semi-bad stuff happened, we can still try to send back
-      * an RPC error message to client */
-    return remoteSerializeReplyError(client, &rerr, &msg->hdr);
-+    rv = remoteSerializeReplyError(client, &rerr, &msg->hdr);
-+
-+    if (rv >= 0)
-+        VIR_FREE(msg);
- 
-+    return rv;
- 
- xdr_error:
-     /* Seriously bad stuff happened, so we'll kill off this client
-- 
-1.6.2.5
-
@@ -1,46 +0,0 @@
-From ba585ed6cff624c6c0f1f9801382fd6846466ee0 Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Thu, 17 Sep 2009 15:31:08 +0100
-Subject: [PATCH] Fix net/disk hot-unplug segfault
-
-When we hot-unplug the last device, we're currently double-freeing
-the device definition.
-
-Reported by Michal Nowak here:
-
-  https://bugzilla.redhat.com/523953
-
-* src/qemu_driver.c: fix double free
-
-(cherry-picked from commit 8881ae1bf8783006777429403cc543c33187175d)
-
-Fedora-patch: libvirt-fix-net-hotunplug-double-free.patch
---
- src/qemu_driver.c |    4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index a65334f..de31581 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -5998,7 +5998,7 @@ try_command:
-             /* ignore, harmless */
-         }
-     } else {
-        VIR_FREE(vm->def->disks[0]);
-+        VIR_FREE(vm->def->disks);
-         vm->def->ndisks = 0;
-     }
-     virDomainDiskDefFree(detach);
-@@ -6100,7 +6100,7 @@ qemudDomainDetachNetDevice(virConnectPtr conn,
-             /* ignore, harmless */
-         }
-     } else {
-        VIR_FREE(vm->def->nets[0]);
-+        VIR_FREE(vm->def->nets);
-         vm->def->nnets = 0;
-     }
-     virDomainNetDefFree(detach);
-- 
-1.6.2.5
-
@@ -1,50 +0,0 @@
-From 17831d20051f8de8f1f7d661e8a23f4fe67c2153 Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Thu, 17 Sep 2009 15:32:45 +0100
-Subject: [PATCH] Fix leak in PCI hostdev hot-unplug
-
-* src/qemu_driver.c: sync the hostdev hot-unplug code with the disk/net
-  code.
-
-(cherry-picked from commit a70da51ff76ed860bfc0cdee2e1d556da997c557)
-
-Fedora-patch: libvirt-fix-pci-hostdev-hotunplug-leak.patch
---
- src/qemu_driver.c |   20 +++++++++++++-------
- 1 files changed, 13 insertions(+), 7 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index de31581..2ddcdc0 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -6206,14 +6206,20 @@ static int qemudDomainDetachHostPciDevice(virConnectPtr conn,
-         pciFreeDevice(conn, pci);
-     }
- 
-    if (i != --vm->def->nhostdevs)
-        memmove(&vm->def->hostdevs[i],
-                &vm->def->hostdevs[i+1],
-                sizeof(*vm->def->hostdevs) * (vm->def->nhostdevs-i));
-    if (VIR_REALLOC_N(vm->def->hostdevs, vm->def->nhostdevs) < 0) {
-        virReportOOMError(conn);
-        ret = -1;
-+    if (vm->def->nhostdevs > 1) {
-+        memmove(vm->def->hostdevs + i,
-+                vm->def->hostdevs + i + 1,
-+                sizeof(*vm->def->hostdevs) *
-+                (vm->def->nhostdevs - (i + 1)));
-+        vm->def->nhostdevs--;
-+        if (VIR_REALLOC_N(vm->def->hostdevs, vm->def->nhostdevs) < 0) {
-+            /* ignore, harmless */
-+        }
-+    } else {
-+        VIR_FREE(vm->def->hostdevs);
-+        vm->def->nhostdevs = 0;
-     }
-+    virDomainHostdevDefFree(detach);
- 
-     return ret;
- }
-- 
-1.6.2.5
-
@@ -1,53 +0,0 @@
-From f1be5a4714e194a84840343e0937fe62463a18dc Mon Sep 17 00:00:00 2001
-From: Charles Duffy <Charles_Duffy@dell.com>
-Date: Fri, 18 Sep 2009 11:32:35 -0500
-Subject: [PATCH] Prevent attempt to call cat -c during virDomainSave to raw
-
-Fedora-patch: libvirt-fix-qemu-raw-format-save.patch
---
- src/qemu_driver.c |   28 ++++++++++++++++++----------
- 1 files changed, 18 insertions(+), 10 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 2ddcdc0..7c7b985 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -3905,17 +3905,25 @@ static int qemudDomainSave(virDomainPtr dom,
-         goto cleanup;
-     }
- 
-    const char *prog = qemudSaveCompressionTypeToString(header.compressed);
-    if (prog == NULL) {
-        qemudReportError(dom->conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
-                         _("Invalid compress format %d"), header.compressed);
-        goto cleanup;
-    }
-+    {
-+        const char *prog = qemudSaveCompressionTypeToString(header.compressed);
-+        const char *args;
- 
-    if (STREQ (prog, "raw"))
-        prog = "cat";
-    internalret = virAsprintf(&command, "migrate \"exec:"
-                              "%s -c >> '%s' 2>/dev/null\"", prog, safe_path);
-+        if (prog == NULL) {
-+            qemudReportError(dom->conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
-+                             _("Invalid compress format %d"), header.compressed);
-+            goto cleanup;
-+        }
-+
-+        if (STREQ (prog, "raw")) {
-+            prog = "cat";
-+            args = "";
-+        } else {
-+            args = "-c";
-+        }
-+        internalret = virAsprintf(&command, "migrate \"exec:"
-+                                  "%s %s >> '%s' 2>/dev/null\"", prog, args, safe_path);
-+    }
- 
-     if (internalret < 0) {
-         virReportOOMError(dom->conn);
-- 
-1.6.2.5
-
@@ -1,38 +0,0 @@
-From 0b846a30468a6b4586407f020ccde7bb51afaf98 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Mon, 12 Oct 2009 20:03:50 +0100
-Subject: [PATCH] Fix QEMU restore from file in raw format
-
-The logic for running the decompression programs was broken in
-commit f238709304f9f6c57204cdd943e542cbae38fa5f, so that for
-non-raw formats the decompression program was never run, and
-for raw formats, it tried to exec an argv[] with initial NULL
-in the program name.
-
-* src/qemu/qemu_driver.c: Fix logic in runing decompression program
-
-(cherry picked from commit 74b379cbd5ba9f472a3a2d5710e497966b1a3a37)
-
-Fedora-patch: libvirt-fix-qemu-restore-from-raw1.patch
---
- src/qemu_driver.c |    3 +--
- 1 files changed, 1 insertions(+), 2 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 550a59c..0ce403c 100644
--- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -4541,9 +4541,8 @@ static int qemudDomainRestore(virConnectPtr conn,
-             goto cleanup;
-         }
- 
-        if (header.compressed != QEMUD_SAVE_FORMAT_RAW)
-+        if (header.compressed != QEMUD_SAVE_FORMAT_RAW) {
-             intermediate_argv[0] = prog;
-        else {
-             intermediatefd = fd;
-             fd = -1;
-             if (virExec(conn, intermediate_argv, NULL, NULL,
-- 
-1.6.2.5
-
@@ -1,120 +0,0 @@
-From 57d7cc602d14c6b50e2826e427a5de124e479f95 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Mon, 12 Oct 2009 20:32:33 +0100
-Subject: [PATCH] Fix virFileReadLimFD/virFileReadAll to handle EINTR
-
-The fread_file_lim() function uses fread() but never handles
-EINTR results, causing unexpected failures when reading QEMU
-help arg info. It was unneccessarily using FILE * instead
-of plain UNIX file handles, which prevented use of saferead()
-
-* src/util/util.c: Switch fread_file_lim over to use saferead
-  instead of fread, remove FILE * use, and rename
-
-(cherry picked from commit 11a36d956cb8a5e439e535bff3e0cfce50a64bca)
-
-Fedora-patch: libvirt-fix-qemu-restore-from-raw2.patch
---
- src/util.c |   45 ++++++++++++---------------------------------
- 1 files changed, 12 insertions(+), 33 deletions(-)
-
-diff --git a/src/util.c b/src/util.c
-index 1878e33..7bc3a66 100644
--- a/src/util.c
-+++ b/src/util.c
-@@ -887,7 +887,7 @@ virExec(virConnectPtr conn,
-    number of bytes.  If the length of the input is <= max_len, and
-    upon error while reading that data, it works just like fread_file.  */
- static char *
-fread_file_lim (FILE *stream, size_t max_len, size_t *length)
-+saferead_lim (int fd, size_t max_len, size_t *length)
- {
-     char *buf = NULL;
-     size_t alloc = 0;
-@@ -895,8 +895,8 @@ fread_file_lim (FILE *stream, size_t max_len, size_t *length)
-     int save_errno;
- 
-     for (;;) {
-        size_t count;
-        size_t requested;
-+        int count;
-+        int requested;
- 
-         if (size + BUFSIZ + 1 > alloc) {
-             alloc += alloc / 2;
-@@ -912,12 +912,12 @@ fread_file_lim (FILE *stream, size_t max_len, size_t *length)
-         /* Ensure that (size + requested <= max_len); */
-         requested = MIN (size < max_len ? max_len - size : 0,
-                          alloc - size - 1);
-        count = fread (buf + size, 1, requested, stream);
-+        count = saferead (fd, buf + size, requested);
-         size += count;
- 
-         if (count != requested || requested == 0) {
-             save_errno = errno;
-            if (ferror (stream))
-+            if (count < 0)
-                 break;
-             buf[size] = '\0';
-             *length = size;
-@@ -930,12 +930,12 @@ fread_file_lim (FILE *stream, size_t max_len, size_t *length)
-     return NULL;
- }
- 
-/* A wrapper around fread_file_lim that maps a failure due to
-+/* A wrapper around saferead_lim that maps a failure due to
-    exceeding the maximum size limitation to EOVERFLOW.  */
-static int virFileReadLimFP(FILE *fp, int maxlen, char **buf)
-+int virFileReadLimFD(int fd, int maxlen, char **buf)
- {
-     size_t len;
-    char *s = fread_file_lim (fp, maxlen+1, &len);
-+    char *s = saferead_lim (fd, maxlen+1, &len);
-     if (s == NULL)
-         return -1;
-     if (len > maxlen || (int)len != len) {
-@@ -949,37 +949,16 @@ static int virFileReadLimFP(FILE *fp, int maxlen, char **buf)
-     return len;
- }
- 
-/* Like virFileReadLimFP, but use a file descriptor rather than a FILE*.  */
-int virFileReadLimFD(int fd_arg, int maxlen, char **buf)
-{
-    int fd = dup (fd_arg);
-    if (fd >= 0) {
-        FILE *fp = fdopen (fd, "r");
-        if (fp) {
-            int len = virFileReadLimFP (fp, maxlen, buf);
-            int saved_errno = errno;
-            fclose (fp);
-            errno = saved_errno;
-            return len;
-        } else {
-            int saved_errno = errno;
-            close (fd);
-            errno = saved_errno;
-        }
-    }
-    return -1;
-}
-
- int virFileReadAll(const char *path, int maxlen, char **buf)
- {
-    FILE *fh = fopen(path, "r");
-    if (fh == NULL) {
-+    int fd = open(path, O_RDONLY);
-+    if (fd < 0) {
-         virReportSystemError(NULL, errno, _("Failed to open file '%s'"), path);
-         return -1;
-     }
- 
-    int len = virFileReadLimFP (fh, maxlen, buf);
-    fclose(fh);
-+    int len = virFileReadLimFD(fd, maxlen, buf);
-+    close(fd);
-     if (len < 0) {
-         virReportSystemError(NULL, errno, _("Failed to read file '%s'"), path);
-         return -1;
-- 
-1.6.2.5
-
@@ -1,41 +0,0 @@
-From 6b12148864cf6a1d22a2cf4e0e9c48e9946331cb Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Wed, 30 Sep 2009 18:37:03 +0100
-Subject: [PATCH] Fix USB device re-labelling
-
-A simple misplaced break out of a switch results in:
-
-  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./vendor': No such file or directory
-  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./device': No such file or directory
-  libvir: error : this function is not supported by the hypervisor: Failed to read product/vendor ID for 0000:00:54c.
-
-when trying to passthrough a USB host device to qemu.
-
-* src/security_selinux.c: fix a switch/break thinko
-
-Fedora-patch: libvirt-fix-usb-device-passthrough.patch
---
- src/security_selinux.c |    3 +--
- 1 files changed, 1 insertions(+), 2 deletions(-)
-
-diff --git a/src/security_selinux.c b/src/security_selinux.c
-index bc295b1..b4dc153 100644
--- a/src/security_selinux.c
-+++ b/src/security_selinux.c
-@@ -464,12 +464,11 @@ SELinuxSetSecurityHostdevLabel(virConnectPtr conn,
- 
-             ret = usbDeviceFileIterate(conn, usb, SELinuxSetSecurityUSBLabel, vm);
-             usbFreeDevice(conn, usb);
-
-            break;
-         } else {
-             /* XXX deal with product/vendor better */
-             ret = 0;
-         }
-+        break;
-     }
- 
-     case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: {
-- 
-1.6.2.5
-
@@ -1,103 +0,0 @@
-From cab81502320d97dac4c5c12e7496f30896709c49 Mon Sep 17 00:00:00 2001
-From: Matthias Bolte <matthias.bolte@googlemail.com>
-Date: Tue, 22 Sep 2009 15:12:48 +0200
-Subject: [PATCH] Fix xen driver refcounting.
-
-The commit cb51aa48a777ddae6997faa9f28350cb62655ffd "Fix up connection
-reference counting." changed the driver closing and virConnectPtr
-unref-logic in virConnectClose().
-
-Before this commit virConnectClose() closed all drivers of the given
-virConnectPtr and virUnrefConnect()'ed it afterwards. After this
-commit the driver-closing is done in virUnrefConnect() if and only if
-the ref-count of the virConnectPtr dropped to zero.
-
-This change in execution order leads to a virConnectPtr leak, at least
-for connections to Xen.
-
-The relevant call sequences:
-
-virConnectOpen() -> xenUnifiedOpen() ...
-
-... xenInotifyOpen() -> virConnectRef(conn)
-
-... xenStoreOpen() -> xenStoreAddWatch() -> conn->refs++
-
-virConnectClose() -> xenUnifiedClose() ...
-
-... xenInotifyClose() -> virUnrefConnect(conn)
-
-... xenStoreClose() -> xenStoreRemoveWatch() -> virUnrefConnect(conn)
-
-Before the commit this additional virConnectRef/virUnrefConnect calls
-where no problem, because virConnectClose() closed the drivers
-explicitly and the additional refs added by the Xen subdrivers were
-removed properly. After the commit this additional refs result in a
-virConnectPtr leak (including a leak of the hypercall file handle;
-that's how I noticed this problem), because now the drivers are only
-close if and only if the ref-count drops to zero, but this cannot
-happen anymore, because the additional refs from the Xen subdrivers
-would only be removed if the drivers get closed, but that doesn't
-happen because the ref-count cannot drop to zero.
-
-The fix for this problem is simple: remove the
-virConnectRef/virUnrefConnect calls from the Xen subdrivers (see
-attached patch). Maybe someone could explain why the Xen Inotify and
-Xen Store driver do this extra ref-counting, but none of the other Xen
-subdrivers. It seems unnecessary to me and can be removed without
-problems.
-
-Signed-off-by: Chris Lalancette <clalance@redhat.com>
-
-(cherry picked from commit 6ed7374c5a6c6a2b1b1801d7d041dc7f09748592)
-
-Fedora-patch: libvirt-fix-xen-driver-refcounting.patch
---
- src/xen_inotify.c |    2 --
- src/xs_internal.c |    3 ---
- 2 files changed, 0 insertions(+), 5 deletions(-)
-
-diff --git a/src/xen_inotify.c b/src/xen_inotify.c
-index e312b9e..ecaefaf 100644
--- a/src/xen_inotify.c
-+++ b/src/xen_inotify.c
-@@ -463,7 +463,6 @@ xenInotifyOpen(virConnectPtr conn ATTRIBUTE_UNUSED,
-         DEBUG0("Failed to add inotify handle, disabling events");
-     }
- 
-    virConnectRef(conn);
-     return 0;
- }
- 
-@@ -486,7 +485,6 @@ xenInotifyClose(virConnectPtr conn)
-     if (priv->inotifyWatch != -1)
-         virEventRemoveHandle(priv->inotifyWatch);
-     close(priv->inotifyFD);
-    virUnrefConnect(conn);
- 
-     return 0;
- }
-diff --git a/src/xs_internal.c b/src/xs_internal.c
-index 1f54b1f..a18dcad 100644
--- a/src/xs_internal.c
-+++ b/src/xs_internal.c
-@@ -1139,8 +1139,6 @@ int xenStoreAddWatch(virConnectPtr conn,
-     list->watches[n] = watch;
-     list->count++;
- 
-    conn->refs++;
-
-     return xs_watch(priv->xshandle, watch->path, watch->token);
- }
- 
-@@ -1190,7 +1188,6 @@ int xenStoreRemoveWatch(virConnectPtr conn,
-                 ; /* Failure to reduce memory allocation isn't fatal */
-             }
-             list->count--;
-            virUnrefConnect(conn);
-             return 0;
-         }
-     }
-- 
-1.6.2.5
-
@@ -1,31 +0,0 @@
-From 918724aa76982224437384d712c182c332fa5ef9 Mon Sep 17 00:00:00 2001
-From: Dan Kenigsberg <danken@redhat.com>
-Date: Wed, 21 Oct 2009 13:56:04 +0200
-Subject: [PATCH] Do not log rotate very small logs
-
-Without this, after few weeks without use, each defined domain grows a
-tail of empty gzipped logs, instead of keeping just the last log of
-interest.
-
-* daemon/libvirtd.logrotate.in: only rotate when the log is over 100 KBytes
-
-(cherry picked from commit b03fe2d0aefb57a096a102bf23375f0a167ca189)
-
-Fedora-patch: libvirt-logrotate-avoid-compressing-small-logs.patch
---
- qemud/libvirtd.logrotate.in |    1 +
- 1 files changed, 1 insertions(+), 0 deletions(-)
-
-diff --git a/qemud/libvirtd.logrotate.in b/qemud/libvirtd.logrotate.in
-index 093651c..0c51fd3 100644
--- a/qemud/libvirtd.logrotate.in
-+++ b/qemud/libvirtd.logrotate.in
-@@ -5,4 +5,5 @@
-         compress
-         delaycompress
-         copytruncate
-+        minsize 100k
- }
-- 
-1.6.2.5
-
@@ -1,54 +0,0 @@
-From b7e3ac4f23befe67518b57e34691c301820a436c Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Tue, 6 Oct 2009 12:33:17 +0100
-Subject: [PATCH] Create /var/log/libvirt/{lxc,uml} dirs
-
-Otherwise logrotate barfs:
-
-  error: error accessing /var/log/libvirt/uml: No such file or directory
-  error: libvirtd:1 glob failed for /var/log/libvirt/uml/*.log
-  error: found error in /var/log/libvirt/qemu/*.log /var/log/libvirt/uml/*.log /var/log/libvirt/lxc/*.log , skipping
-
-* qemud/Makefile.am: always create /var/log/libvirt/{lxc,uml} when
-  installing the logrotate conf; not ideal, but easier than making
-  the logrotate conf depend on which drivers are enabled
-
-Fedora-patch: libvirt-logrotate-create-lxc-uml-dirs.patch
---
- qemud/Makefile.am |    6 ++++--
- 1 files changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/qemud/Makefile.am b/qemud/Makefile.am
-index 3d143da..a7f4bdf 100644
--- a/qemud/Makefile.am
-+++ b/qemud/Makefile.am
-@@ -176,7 +176,7 @@ install-data-local: install-init install-data-sasl install-data-polkit \
- 	test -e $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml || \
-            ln -s ../default.xml \
- 	    $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
-	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/qemu
-+	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt
- 	mkdir -p $(DESTDIR)$(localstatedir)/run/libvirt
- 	mkdir -p $(DESTDIR)$(localstatedir)/lib/libvirt
- 
-@@ -184,7 +184,7 @@ uninstall-local:: uninstall-init uninstall-data-sasl install-data-polkit
- 	rm -f $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart/default.xml
- 	rm -f $(DESTDIR)$(sysconfdir)/$(default_xml_dest)
- 	rmdir $(DESTDIR)$(sysconfdir)/libvirt/qemu/networks/autostart || :
-	rmdir $(DESTDIR)$(localstatedir)/log/libvirt/qemu || :
-+	rmdir $(DESTDIR)$(localstatedir)/log/libvirt || :
- 	rmdir $(DESTDIR)$(localstatedir)/run/libvirt || :
- 	rmdir $(DESTDIR)$(localstatedir)/lib/libvirt || :
- 
-@@ -240,6 +240,8 @@ libvirtd.logrotate: libvirtd.logrotate.in
- 
- install-logrotate: libvirtd.logrotate
- 	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/qemu/
-+	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/lxc/
-+	mkdir -p $(DESTDIR)$(localstatedir)/log/libvirt/uml/
- 	mkdir -p $(DESTDIR)$(sysconfdir)/logrotate.d/
- 	$(INSTALL_DATA) $< $(DESTDIR)$(sysconfdir)/logrotate.d/libvirtd
- 
-- 
-1.6.2.5
-
@@ -1,32 +0,0 @@
-From ba3bc9b22a21b8e9e110166c98be70e2ad6469cb Mon Sep 17 00:00:00 2001
-From: Cole Robinson <crobinso@redhat.com>
-Date: Tue, 13 Oct 2009 11:31:27 -0400
-Subject: [PATCH] network: Fix printing XML 'delay' attribute
-
-When specifying bridge delay via network XML define, we were looking for
-the 'delay' attribute, but would dump the value as 'forwardDelay'. Have
-the output match the expected input (and schema).
-
-(cherry picked from commit 3b13aa3db37bf5a692bccfa015a01999043e797b)
-
-Fedora-patch: libvirt-network-delay-attribute-formatting.patch
---
- src/network_conf.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/network_conf.c b/src/network_conf.c
-index 3764bb4..f75c457 100644
--- a/src/network_conf.c
-+++ b/src/network_conf.c
-@@ -587,7 +587,7 @@ char *virNetworkDefFormat(virConnectPtr conn,
-     virBufferAddLit(&buf, "  <bridge");
-     if (def->bridge)
-         virBufferEscapeString(&buf, " name='%s'", def->bridge);
-    virBufferVSprintf(&buf, " stp='%s' forwardDelay='%ld' />\n",
-+    virBufferVSprintf(&buf, " stp='%s' delay='%ld' />\n",
-                       def->stp ? "on" : "off",
-                       def->delay);
- 
-- 
-1.6.2.5
-
@@ -1,177 +0,0 @@
-From d7722ed1cb04aa8a7b9fbf880882841867b69ab0 Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Mon, 12 Oct 2009 10:52:13 +0100
-Subject: [PATCH] Take domain type into account when looking up default machine
-
-If one has e.g.
-
-  <guest>
-    <os_type>hvm</os_type>
-    <arch name='x86_64'>
-      <wordsize>64</wordsize>
-      <emulator>/usr/bin/qemu-system-x86_64</emulator>
-      <machine>pc-0.11</machine>
-      <machine canonical='pc-0.11'>pc</machine>
-      <machine>pc-0.10</machine>
-      <machine>isapc</machine>
-      <domain type='qemu'>
-      </domain>
-      <domain type='kvm'>
-        <emulator>/usr/bin/kvm</emulator>
-        <machine>pc</machine>
-        <machine>isapc</machine>
-      </domain>
-    </arch>
-  </guest>
-
-and start a guest with:
-
-  <domain type='kvm'>
-    ...
-    <os>
-      <type arch='x86_64'>hvm</type>
-      ...
-    </os>
-  </domain>
-
-then the default machine type should be 'pc' and not 'pc-0.11'
-
-Issue was reported by Anton Protopopov.
-
-* src/capabilities.[ch]: pass the domain type to
-  virCapabilitiesDefaultGuestArch() and use it to look up the default
-  machine type from a specific guest domain if needed.
-
-* src/conf/domain_conf.c, src/xen/xm_internal.c: update
-
-* tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.xml: update
-  the domain type to 'kvm' and remove the machine type to check
-  that the default gets looked up correctly
-
-(cherry picked from commit 73c901a8075c09203545fc81164c1e5f11c67c89)
-
-Fedora-patch: libvirt-qemu-machine-type-fixes1.patch
---
- src/capabilities.c                                 |   31 ++++++++++++++++---
- src/capabilities.h                                 |    3 +-
- src/domain_conf.c                                  |    3 +-
- src/xm_internal.c                                  |    3 +-
- .../qemuxml2argv-machine-aliases2.xml              |    4 +-
- 5 files changed, 34 insertions(+), 10 deletions(-)
-
-diff --git a/src/capabilities.c b/src/capabilities.c
-index 38fe7fc..6ebddf5 100644
--- a/src/capabilities.c
-+++ b/src/capabilities.c
-@@ -549,22 +549,43 @@ virCapabilitiesDefaultGuestArch(virCapsPtr caps,
-  * @caps: capabilities to query
-  * @ostype: OS type to search for
-  * @arch: architecture to search for
-+ * @domain: domain type to search for
-  *
-  * Returns the first machine variant associated with
- * the requested operating system type and architecture
-+ * the requested operating system type, architecture
-+ * and domain type
-  */
- extern const char *
- virCapabilitiesDefaultGuestMachine(virCapsPtr caps,
-                                    const char *ostype,
-                                   const char *arch)
-+                                   const char *arch,
-+                                   const char *domain)
- {
-     int i;
-+
-     for (i = 0 ; i < caps->nguests ; i++) {
-        if (STREQ(caps->guests[i]->ostype, ostype) &&
-            STREQ(caps->guests[i]->arch.name, arch) &&
-            caps->guests[i]->arch.defaultInfo.nmachines)
-+        virCapsGuestPtr guest = caps->guests[i];
-+        int j;
-+
-+        if (!STREQ(guest->ostype, ostype) || !STREQ(guest->arch.name, arch))
-+            continue;
-+
-+        for (j = 0; j < guest->arch.ndomains; j++) {
-+            virCapsGuestDomainPtr dom= guest->arch.domains[j];
-+
-+            if (!STREQ(dom->type, domain))
-+                continue;
-+
-+            if (!dom->info.nmachines)
-+                break;
-+
-+            return dom->info.machines[0]->name;
-+        }
-+
-+        if (guest->arch.defaultInfo.nmachines)
-             return caps->guests[i]->arch.defaultInfo.machines[0]->name;
-     }
-+
-     return NULL;
- }
- 
-diff --git a/src/capabilities.h b/src/capabilities.h
-index b958d95..2f24605 100644
--- a/src/capabilities.h
-+++ b/src/capabilities.h
-@@ -207,7 +207,8 @@ virCapabilitiesDefaultGuestArch(virCapsPtr caps,
- extern const char *
- virCapabilitiesDefaultGuestMachine(virCapsPtr caps,
-                                    const char *ostype,
-                                   const char *arch);
-+                                   const char *arch,
-+                                   const char *domain);
- extern const char *
- virCapabilitiesDefaultGuestEmulator(virCapsPtr caps,
-                                     const char *ostype,
-diff --git a/src/domain_conf.c b/src/domain_conf.c
-index 5ae0775..c424c67 100644
--- a/src/domain_conf.c
-+++ b/src/domain_conf.c
-@@ -2664,7 +2664,8 @@ static virDomainDefPtr virDomainDefParseXML(virConnectPtr conn,
-     if (!def->os.machine) {
-         const char *defaultMachine = virCapabilitiesDefaultGuestMachine(caps,
-                                                                         def->os.type,
-                                                                        def->os.arch);
-+                                                                        def->os.arch,
-+                                                                        virDomainVirtTypeToString(def->virtType));
-         if (defaultMachine != NULL) {
-             if (!(def->os.machine = strdup(defaultMachine))) {
-                 virReportOOMError(conn);
-diff --git a/src/xm_internal.c b/src/xm_internal.c
-index de3aca9..6d351d4 100644
--- a/src/xm_internal.c
-+++ b/src/xm_internal.c
-@@ -720,7 +720,8 @@ xenXMDomainConfigParse(virConnectPtr conn, virConfPtr conf) {
- 
-     defaultMachine = virCapabilitiesDefaultGuestMachine(priv->caps,
-                                                         def->os.type,
-                                                        def->os.arch);
-+                                                        def->os.arch,
-+                                                        virDomainVirtTypeToString(def->virtType));
-     if (defaultMachine != NULL) {
-         if (!(def->os.machine = strdup(defaultMachine)))
-             goto no_memory;
-diff --git a/tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.xml b/tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.xml
-index 6f62243..a2c6254 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.xml
-+++ b/tests/qemuxml2argvdata/qemuxml2argv-machine-aliases2.xml
-@@ -1,11 +1,11 @@
-<domain type='qemu'>
-+<domain type='kvm'>
-   <name>QEMUGuest1</name>
-   <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
-   <memory>219200</memory>
-   <currentMemory>219200</currentMemory>
-   <vcpu>1</vcpu>
-   <os>
-    <type arch='x86_64' machine='pc'>hvm</type>
-+    <type arch='x86_64'>hvm</type>
-     <boot dev='hd'/>
-   </os>
-   <clock offset='utc'/>
-- 
-1.6.2.5
-
@@ -1,42 +0,0 @@
-From bb64cc4cbe5d3c69057f63be2c1acaca72038e5a Mon Sep 17 00:00:00 2001
-From: Mark McLoughlin <markmc@redhat.com>
-Date: Thu, 15 Oct 2009 12:09:17 +0100
-Subject: [PATCH] Don't copy old machines from a domain which has none
-
-If the the qemu and kvm binaries are the same, we don't include machine
-types in the kvm domain info.
-
-However, the code which refreshes the machine types info from the
-previous capabilities structure first looks at the kvm domain's info,
-finds it matches and then copies the empty machine types list over
-for the top-level qemu domain.
-
-That doesn't make sense, we shouldn't copy an empty machin types list.
-
-* src/qemu/qemu_conf.c: qemudGetOldMachinesFromInfo(): don't copy an
-  empty machine types list.
-
-(cherry picked from commit 2210f8a3a8e2774ca4fb8b42e21899e5b85ca913)
-
-Fedora-patch: libvirt-qemu-machine-type-fixes2.patch
---
- src/qemu_conf.c |    3 +++
- 1 files changed, 3 insertions(+), 0 deletions(-)
-
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index 0dd0624..34a7fe1 100644
--- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -505,6 +505,9 @@ qemudGetOldMachinesFromInfo(virCapsGuestDomainInfoPtr info,
-     virCapsGuestMachinePtr *list;
-     int i;
- 
-+    if (!info->nmachines)
-+        return 0;
-+
-     if (!info->emulator || !STREQ(emulator, info->emulator))
-         return 0;
- 
-- 
-1.6.2.5
-
@@ -1,30 +0,0 @@
-From a44bce591a8d746a4a00c8609cb0111c76271cab Mon Sep 17 00:00:00 2001
-From: Cole Robinson <crobinso@redhat.com>
-Date: Thu, 8 Oct 2009 18:05:36 -0400
-Subject: [PATCH] storage: Fix generating iscsi 'auth' xml
-
-We were missing a closing tag, so the XML wasn't proper.
-
-(cherry picked from commit 826cbac4591fd5929b497299a90d3a65226b2825)
-
-Fedora-patch: libvirt-storage-iscsi-auth-xml-formatting.patch
---
- src/storage_conf.c |    2 +-
- 1 files changed, 1 insertions(+), 1 deletions(-)
-
-diff --git a/src/storage_conf.c b/src/storage_conf.c
-index 788de15..1633aac 100644
--- a/src/storage_conf.c
-+++ b/src/storage_conf.c
-@@ -799,7 +799,7 @@ virStoragePoolSourceFormat(virConnectPtr conn,
- 
- 
-     if (src->authType == VIR_STORAGE_POOL_AUTH_CHAP)
-        virBufferVSprintf(buf,"    <auth type='chap' login='%s' passwd='%s'>\n",
-+        virBufferVSprintf(buf,"    <auth type='chap' login='%s' passwd='%s'/>\n",
-                           src->auth.chap.login,
-                           src->auth.chap.passwd);
-     virBufferAddLit(buf,"  </source>\n");
-- 
-1.6.2.5
-
@@ -1 +1 @@
-f1cd360a5da38b847e166c6482141940  libvirt-0.7.1.tar.gz
+SHA512 (libvirt-3.7.0.tar.xz) = b3f7021ef4c6954430f8fa503f0c49e3df4f662b228cb631ba2c2139ecec2307dde6cec05037cc28663e82ab1001296c20c5c68acd183cd364dd484a7746f498