Hello community, here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2017-11-21 15:22:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libvirt (Old) and /work/SRC/openSUSE:Factory/.libvirt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt" Tue Nov 21 15:22:54 2017 rev:240 rq:542717 version:3.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2017-11-10 14:38:32.892969500 +0100 +++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2017-11-21 15:23:12.009156024 +0100 @@ -1,0 +2,14 @@ +Fri Nov 17 21:59:28 UTC 2017 - jfeh...@suse.com + +- apparmor: allow libvirtd to send signals to unconfined processes + suse-apparmor-signal.patch + boo#1065123 + +------------------------------------------------------------------- +Fri Nov 17 18:37:43 UTC 2017 - jfeh...@suse.com + +- qemu: Tolerate storage source private data being NULL + 8056721c-qemu-null-storage-source.patch + bsc#1068752 + +------------------------------------------------------------------- New: ---- 8056721c-qemu-null-storage-source.patch suse-apparmor-signal.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.udMiPg/_old 2017-11-21 15:23:19.380888809 +0100 +++ /var/tmp/diff_new_pack.udMiPg/_new 2017-11-21 15:23:19.384888664 +0100 @@ -300,6 +300,7 @@ Source99: baselibs.conf Source100: %{name}-rpmlintrc # Upstream patches +Patch0: 8056721c-qemu-null-storage-source.patch # Patches pending upstream review Patch100: libxl-dom-reset.patch Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch @@ -322,14 +323,15 @@ Patch206: suse-qemu-conf.patch Patch207: suse-ovmf-paths.patch Patch208: suse-apparmor-libnl-paths.patch -Patch209: support-managed-pci-xen-driver.patch -Patch210: xen-sxpr-disk-type.patch -Patch211: libxl-support-block-script.patch -Patch212: apparmor-no-mount.patch -Patch213: qemu-apparmor-screenshot.patch -Patch214: libvirt-suse-netcontrol.patch -Patch215: lxc-wait-after-eth-del.patch -Patch216: libxl-qemu-emulator-caps.patch +Patch209: suse-apparmor-signal.patch +Patch210: support-managed-pci-xen-driver.patch +Patch211: xen-sxpr-disk-type.patch +Patch212: libxl-support-block-script.patch +Patch213: apparmor-no-mount.patch +Patch214: qemu-apparmor-screenshot.patch +Patch215: libvirt-suse-netcontrol.patch +Patch216: lxc-wait-after-eth-del.patch +Patch217: libxl-qemu-emulator-caps.patch # SLES-Only patches %if ! 0%{?is_opensuse} Patch400: virt-create-rootfs.patch @@ -876,6 +878,7 @@ %prep %setup -q +%patch0 -p1 %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -903,6 +906,7 @@ %patch214 -p1 %patch215 -p1 %patch216 -p1 +%patch217 -p1 %if ! 0%{?is_opensuse} %patch400 -p1 %endif ++++++ 8056721c-qemu-null-storage-source.patch ++++++ commit 8056721cbb75a717604a1f7971440726d9d85045 Author: Peter Krempa <pkre...@redhat.com> Date: Thu Nov 9 12:51:25 2017 +0100 qemu: Tolerate storage source private data being NULL In some cases it does not make sense to pursue that the private data will be allocated (especially when we don't need to put anything in it). Ensure that the code works without it. This also fixes few crashes pointed out in https://bugzilla.redhat.com/show_bug.cgi?id=1510323 Index: libvirt-3.9.0/src/qemu/qemu_command.c =================================================================== --- libvirt-3.9.0.orig/src/qemu/qemu_command.c +++ libvirt-3.9.0/src/qemu/qemu_command.c @@ -1362,12 +1362,17 @@ qemuBuildDriveSourceStr(virDomainDiskDef { int actualType = virStorageSourceGetActualType(disk->src); qemuDomainStorageSourcePrivatePtr srcpriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src); - qemuDomainSecretInfoPtr secinfo = srcpriv->secinfo; - qemuDomainSecretInfoPtr encinfo = srcpriv->encinfo; + qemuDomainSecretInfoPtr secinfo = NULL; + qemuDomainSecretInfoPtr encinfo = NULL; virJSONValuePtr srcprops = NULL; char *source = NULL; int ret = -1; + if (srcpriv) { + secinfo = srcpriv->secinfo; + encinfo = srcpriv->encinfo; + } + if (qemuDiskSourceNeedsProps(disk->src) && !(srcprops = qemuDiskSourceGetProps(disk->src))) goto cleanup; @@ -2239,8 +2244,13 @@ qemuBuildDiskDriveCommandLine(virCommand bool driveBoot = false; virDomainDiskDefPtr disk = def->disks[i]; qemuDomainStorageSourcePrivatePtr srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src); - qemuDomainSecretInfoPtr secinfo = srcPriv->secinfo; - qemuDomainSecretInfoPtr encinfo = srcPriv->encinfo; + qemuDomainSecretInfoPtr secinfo = NULL; + qemuDomainSecretInfoPtr encinfo = NULL; + + if (srcPriv) { + secinfo = srcPriv->secinfo; + encinfo = srcPriv->encinfo; + } if (disk->info.bootIndex) { bootindex = disk->info.bootIndex; Index: libvirt-3.9.0/src/qemu/qemu_hotplug.c =================================================================== --- libvirt-3.9.0.orig/src/qemu/qemu_hotplug.c +++ libvirt-3.9.0/src/qemu/qemu_hotplug.c @@ -259,6 +259,7 @@ qemuDomainChangeEjectableMedia(virQEMUDr qemuDomainObjPrivatePtr priv = vm->privateData; qemuDomainDiskPrivatePtr diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk); qemuDomainStorageSourcePrivatePtr srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src); + qemuDomainSecretInfoPtr secinfo = NULL; const char *format = NULL; char *sourcestr = NULL; @@ -268,6 +269,9 @@ qemuDomainChangeEjectableMedia(virQEMUDr goto cleanup; } + if (srcPriv) + secinfo = srcPriv->secinfo; + if (disk->device != VIR_DOMAIN_DISK_DEVICE_FLOPPY && disk->device != VIR_DOMAIN_DISK_DEVICE_CDROM) { virReportError(VIR_ERR_INTERNAL_ERROR, @@ -300,7 +304,7 @@ qemuDomainChangeEjectableMedia(virQEMUDr } if (!virStorageSourceIsEmpty(newsrc)) { - if (qemuGetDriveSourceString(newsrc, srcPriv->secinfo, &sourcestr) < 0) + if (qemuGetDriveSourceString(newsrc, secinfo, &sourcestr) < 0) goto error; if (virStorageSourceGetActualType(newsrc) != VIR_STORAGE_TYPE_DIR) { @@ -371,8 +375,8 @@ qemuDomainAttachDiskGeneric(virConnectPt virJSONValuePtr secobjProps = NULL; virJSONValuePtr encobjProps = NULL; qemuDomainStorageSourcePrivatePtr srcPriv; - qemuDomainSecretInfoPtr secinfo; - qemuDomainSecretInfoPtr encinfo; + qemuDomainSecretInfoPtr secinfo = NULL; + qemuDomainSecretInfoPtr encinfo = NULL; if (qemuDomainPrepareDisk(driver, vm, disk, NULL, false) < 0) goto cleanup; @@ -384,13 +388,16 @@ qemuDomainAttachDiskGeneric(virConnectPt goto error; srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src); - secinfo = srcPriv->secinfo; + if (srcPriv) { + secinfo = srcPriv->secinfo; + encinfo = srcPriv->encinfo; + } + if (secinfo && secinfo->type == VIR_DOMAIN_SECRET_INFO_TYPE_AES) { if (qemuBuildSecretInfoProps(secinfo, &secobjProps) < 0) goto error; } - encinfo = srcPriv->encinfo; if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0) goto error; ++++++ suse-apparmor-signal.patch ++++++ apparmor: allow libvirtd to send signals to unconfined processes When confinement of QEMU/KVM domains is not enforced (security_default_confined = 0), qemu processes run unconfined. Add a rule to the libvirtd apparmor profile allowing sending signals to unconfined processes. Without the rule, libvirtd is unable to signal QEMU/KVM domains. E.g. 'virsh destroy dom' results in the following denial in audit.log type=AVC msg=audit(1510951646.581:939): apparmor="DENIED" operation="signal" profile="/usr/sbin/libvirtd" pid=18891 comm="libvirtd" requested_mask="send" denied_mask="send" signal=term peer="unconfined" Index: libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd =================================================================== --- libvirt-3.9.0.orig/examples/apparmor/usr.sbin.libvirtd +++ libvirt-3.9.0/examples/apparmor/usr.sbin.libvirtd @@ -60,6 +60,9 @@ signal (send) peer=/usr/sbin/dnsmasq, signal (read, send) peer=libvirt-*, + # When confinement is not enforced (security_default_confined = 0), qemu + # processes run unconfined, hence 'peer=unconfined' + signal send set=(hup,kill,term) peer=unconfined, # Very lenient profile for libvirtd since we want to first focus on confining # the guests. Guests will have a very restricted profile.