commit libvirt for openSUSE:Factory

[Source-Sync]

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package libvirt for openSUSE:Factory checked 
in at 2021-02-17 18:08:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libvirt (Old)
 and      /work/SRC/openSUSE:Factory/.libvirt.new.28504 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "libvirt"

Wed Feb 17 18:08:55 2021 rev:324 rq:871283 version:7.0.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes  2021-02-01 
14:42:08.524705496 +0100
+++ /work/SRC/openSUSE:Factory/.libvirt.new.28504/libvirt.changes       
2021-02-17 18:09:14.573827846 +0100
@@ -1,0 +2,15 @@
+Thu Feb 11 17:21:23 UTC 2021 - James Fehlig <jfeh...@suse.com>
+
+- qemu: Fix swtpm device with aarch64
+  7cf60006-qemu-swtpm-aarch64.patch,
+  afb823fc-qemu-validate-swtpm.patch
+  bsc#1181893
+
+-------------------------------------------------------------------
+Tue Feb  9 18:49:11 UTC 2021 - James Fehlig <jfeh...@suse.com>
+
+- build: Fix generation of virtproxyd socket files
+  e3d60f76-fix-socket-file-gen.patch
+  boo#1181838
+
+-------------------------------------------------------------------

New:
----
  7cf60006-qemu-swtpm-aarch64.patch
  afb823fc-qemu-validate-swtpm.patch
  e3d60f76-fix-socket-file-gen.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libvirt.spec ++++++
--- /var/tmp/diff_new_pack.pyvi6y/_old  2021-02-17 18:09:15.437828553 +0100
+++ /var/tmp/diff_new_pack.pyvi6y/_new  2021-02-17 18:09:15.441828556 +0100
@@ -292,6 +292,9 @@
 Source100:      %{name}-rpmlintrc
 # Upstream patches
 Patch0:         32c5e432-revert-f035f53b.patch
+Patch1:         e3d60f76-fix-socket-file-gen.patch
+Patch2:         7cf60006-qemu-swtpm-aarch64.patch
+Patch3:         afb823fc-qemu-validate-swtpm.patch
 # Patches pending upstream review
 Patch100:       libxl-dom-reset.patch
 Patch101:       network-don-t-use-dhcp-authoritative-on-static-netwo.patch

++++++ 7cf60006-qemu-swtpm-aarch64.patch ++++++
commit 7cf60006ce1e9898b960d7810f146ac6c89f6bb0
Author: Jim Fehlig <jfeh...@suse.com>
Date:   Tue Feb 9 14:57:22 2021 -0700

    qemu: Fix swtpm device with aarch64
    
    Starting a VM with swtpm device fails with qemu-system-aarch64.
    E.g. with TPM device config
    
         <tpm model='tpm-tis'>
           <backend type='emulator' version='2.0'/>
          </tpm>
    
    QEMU reports the following error
    
    error: internal error: process exited while connecting to monitor:
    2021-02-07T05:15:35.378927Z qemu-system-aarch64: -device
    tpm-tis,tpmdev=tpm-tpm0,id=tpm0: 'tpm-tis' is not a valid device model name
    
    Indeed the TPM device name is 'tpm-tis-device' [1][2] for aarch64,
    versus the shorter 'tpm-tis' for x86. The devices are the same from
    a functional POV, i.e. they both emulate a TPM device conforming to
    the TIS specification. Account for the unfortunate name difference
    when building the TPM device option in qemuBuildTPMDevStr(). Also
    include a test case for 'tpm-tis-device'.
    
    [1] https://qemu.readthedocs.io/en/latest/specs/tpm.html
    [2] 
https://github.com/qemu/qemu/commit/c294ac327ca99342b90bd3a83d2cef9b447afaa7
    
    Signed-off-by: Jim Fehlig <jfeh...@suse.com>
    Reviewed-by: Andrea Bolognani <abolo...@redhat.com>

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index d27d5eb55b..5fe4e618fe 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -9230,6 +9230,9 @@ qemuBuildTPMDevStr(const virDomainDef *def,
     g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
     const char *model = virDomainTPMModelTypeToString(tpm->model);
 
+    if (tpm->model == VIR_DOMAIN_TPM_MODEL_TIS && def->os.arch == 
VIR_ARCH_AARCH64)
+        model = "tpm-tis-device";
+
     virBufferAsprintf(&buf, "%s,tpmdev=tpm-%s,id=%s",
                       model, tpm->info.alias, tpm->info.alias);
 
diff --git a/tests/qemuxml2argvdata/aarch64-tpm.aarch64-latest.args 
b/tests/qemuxml2argvdata/aarch64-tpm.aarch64-latest.args
new file mode 100644
index 0000000000..94a083d816
--- /dev/null
+++ b/tests/qemuxml2argvdata/aarch64-tpm.aarch64-latest.args
@@ -0,0 +1,37 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/tmp/lib/domain--1-aarch64test \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/tmp/lib/domain--1-aarch64test/.local/share \
+XDG_CACHE_HOME=/tmp/lib/domain--1-aarch64test/.cache \
+XDG_CONFIG_HOME=/tmp/lib/domain--1-aarch64test/.config \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu-system-aarch64 \
+-name guest=aarch64test,debug-threads=on \
+-S \
+-object secret,id=masterKey0,format=raw,\
+file=/tmp/lib/domain--1-aarch64test/master-key.aes \
+-machine virt,accel=tcg,usb=off,dump-guest-core=off,gic-version=2,\
+memory-backend=mach-virt.ram \
+-cpu cortex-a15 \
+-m 1024 \
+-object memory-backend-ram,id=mach-virt.ram,size=1073741824 \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid 496d7ea8-9739-544b-4ebd-ef08be936e8b \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server,nowait \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-no-acpi \
+-boot strict=on \
+-tpmdev emulator,id=tpm-tpm0,chardev=chrtpm \
+-chardev socket,id=chrtpm,path=/dev/test \
+-device tpm-tis-device,tpmdev=tpm-tpm0,id=tpm0 \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
+resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxml2argvdata/aarch64-tpm.xml 
b/tests/qemuxml2argvdata/aarch64-tpm.xml
new file mode 100644
index 0000000000..d338a20f17
--- /dev/null
+++ b/tests/qemuxml2argvdata/aarch64-tpm.xml
@@ -0,0 +1,15 @@
+<domain type="qemu">
+  <name>aarch64test</name>
+  <uuid>496d7ea8-9739-544b-4ebd-ef08be936e8b</uuid>
+  <memory>1048576</memory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch="aarch64" machine="virt">hvm</type>
+  </os>
+  <devices>
+    <emulator>/usr/bin/qemu-system-aarch64</emulator>
+    <tpm model='tpm-tis'>
+      <backend type='emulator' version='2.0'/>
+    </tpm>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index d324921271..82cf503dd0 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2478,6 +2478,7 @@ mymain(void)
     DO_TEST_CAPS_LATEST("tpm-emulator-tpm2-enc");
     DO_TEST_CAPS_LATEST("tpm-emulator-tpm2-pstate");
     DO_TEST_CAPS_LATEST_PPC64("tpm-emulator-spapr");
+    DO_TEST_CAPS_ARCH_LATEST("aarch64-tpm", "aarch64");
 
     DO_TEST_PARSE_ERROR("pci-domain-invalid", NONE);
     DO_TEST_PARSE_ERROR("pci-bus-invalid", NONE);
++++++ afb823fc-qemu-validate-swtpm.patch ++++++
commit afb823fc501cf5b17d2d2b555487abf67c225a7c
Author: Jim Fehlig <jfeh...@suse.com>
Date:   Tue Feb 9 15:47:30 2021 -0700

    qemu: Validate TPM TIS device
    
    TPM devices with model='tpm-tis' are only valid with x86 and aarch64
    virt machines. Add a check to qemuValidateDomainDeviceDefTPM() to
    ensure VIR_DOMAIN_TPM_MODEL_TIS is only used with these architectures.
    
    Signed-off-by: Jim Fehlig <jfeh...@suse.com>
    Reviewed-by: Andrea Bolognani <abolo...@redhat.com>

diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index a70737327e..bf4901bf89 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4299,6 +4299,12 @@ qemuValidateDomainDeviceDefTPM(virDomainTPMDef *tpm,
 
     switch (tpm->model) {
     case VIR_DOMAIN_TPM_MODEL_TIS:
+        if (!ARCH_IS_X86(def->os.arch) && (def->os.arch != VIR_ARCH_AARCH64)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("TPM model '%s' is only available for x86 and 
aarch64 guests"),
+                          virDomainTPMModelTypeToString(tpm->model));
+            return -1;
+        }
         flag = QEMU_CAPS_DEVICE_TPM_TIS;
         break;
     case VIR_DOMAIN_TPM_MODEL_CRB:
++++++ e3d60f76-fix-socket-file-gen.patch ++++++
commit e3d60f761c7fc1c254e39ea8e42161698c0ee7b5
Author: Jim Fehlig <jfeh...@suse.com>
Date:   Tue Feb 9 08:55:41 2021 -0700

    build: Fix generation of virtproxyd socket files
    
    The various virtproxyd socket files are generated with invalid syntax,
    e.g. from virtproxyd.socket
    
    [Unit]
    Description=Libvirt proxy local socket
    Before=virtproxyd.service
    libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket 
libvirtd-tcp.socket libvirtd-tls.socket
    
    Note the missing 'Conflicts=' in the last line. Fix it by prepending
    'Conflicts=' to libvirtd_socket_conflicts when adding virtproxyd
    to virt_daemon_units.
    
    Signed-off-by: Jim Fehlig <jfeh...@suse.com>
    Reviewed-by: Daniel P. Berrang?? <berra...@redhat.com>

Index: libvirt-7.0.0/src/remote/meson.build
===================================================================
--- libvirt-7.0.0.orig/src/remote/meson.build
+++ libvirt-7.0.0/src/remote/meson.build
@@ -230,7 +230,7 @@ if conf.has('WITH_REMOTE')
       'name': 'Libvirt proxy',
       'sockprefix': 'libvirt',
       'sockets': [ 'main', 'ro', 'admin', 'tcp', 'tls' ],
-      'deps': libvirtd_socket_conflicts,
+      'deps': 'Conflicts=' + libvirtd_socket_conflicts,
     }
 
     openrc_init_files += {