* Wed Sep 30 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.1-7

- Fix USB device passthrough (#522683)

.cvsignore

@@ -9,6 +9,5 @@ libvirt-0.6.2.tar.gz
 libvirt-0.6.3.tar.gz
 libvirt-0.6.4.tar.gz
 libvirt-0.6.5.tar.gz
-libvirt-0.7.0-0.1.gitf055724.tar.gz
-libvirt-0.7.0-0.6.gite195b43.tar.gz
 libvirt-0.7.0.tar.gz
+libvirt-0.7.1.tar.gz

branch

@@ -0,0 +1 @@
+F-12

libvirt-0.6.4-svirt-sound.patch

@@ -1,6 +1,21 @@
---- src/qemu_conf.c.orig	2009-05-29 19:24:59.000000000 +0200
-+++ src/qemu_conf.c	2009-05-29 19:19:39.000000000 +0200
-@@ -792,6 +792,20 @@ int qemudBuildCommandLine(virConnectPtr 
+From 127a39777e9809053bb98a9082e27c73543ccfa2 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Mon, 17 Aug 2009 08:32:08 +0100
+Subject: [PATCH] Disable sound cards when running sVirt
+
+Temporary hack till PulseAudio autostart problems are sorted out when
+SELinux enforcing (bz 486112)
+
+Fedora-patch: libvirt-0.6.4-svirt-sound.patch
+---
+ src/qemu_conf.c |   17 ++++++++++++++++-
+ 1 files changed, 16 insertions(+), 1 deletions(-)
+
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index f92bcef..f3b4ef0 100644
+--- a/src/qemu_conf.c
++++ b/src/qemu_conf.c
+@@ -1510,6 +1510,20 @@ int qemudBuildCommandLine(virConnectPtr conn,
      char uuid[VIR_UUID_STRING_BUFLEN];
      char domid[50];
      const char *cpu = NULL;
@@ -10,7 +25,7 @@
 +        driver->securityDriver->name &&
 +        STREQ(driver->securityDriver->name, "selinux") &&
 +        getuid() == 0) {
-+        static int soundWarned = 0; 
++        static int soundWarned = 0;
 +        skipSound = 1;
 +        if (def->nsounds &&
 +            !soundWarned) {
@@ -21,7 +36,7 @@
  
      uname_normalize(&ut);
  
-@@ -1429,7 +1443,8 @@ int qemudBuildCommandLine(virConnectPtr 
+@@ -2181,7 +2195,8 @@ int qemudBuildCommandLine(virConnectPtr conn,
      }
  
      /* Add sound hardware */
@@ -31,3 +46,6 @@
          int size = 100;
          char *modstr;
          if (VIR_ALLOC_N(modstr, size+1) < 0)
+-- 
+1.6.2.5
+

libvirt-0.7.0-chown-kernel-initrd-before-spawning-qemu.patch

@@ -1,73 +0,0 @@
-From: Mark McLoughlin <markmc@redhat.com>
-Subject: [PATCH] chown kernel/initrd before spawning qemu
-
-If we're running qemu unprivileged, we need to chown any supplied kernel
-or initrd before spawning it.
-
-* src/qemu_driver.c: rename qemuDomainSetDiskOwnership() to
-  qemuDomainSetFileOwnership(), pass it a path string instead of a disk
-  definition and use it for chowning the kernel/initrd in
-  qemuDomainSetAllDeviceOwnership()
----
- src/qemu_driver.c |   20 ++++++++++++--------
- 1 files changed, 12 insertions(+), 8 deletions(-)
-
-diff --git a/src/qemu_driver.c b/src/qemu_driver.c
-index 412b68d..bd58435 100644
---- a/src/qemu_driver.c
-+++ b/src/qemu_driver.c
-@@ -1684,18 +1684,18 @@ static int qemuDomainSetHostdevOwnership(virConnectPtr conn,
- 
- }
- 
--static int qemuDomainSetDiskOwnership(virConnectPtr conn,
--                                      virDomainDiskDefPtr def,
-+static int qemuDomainSetFileOwnership(virConnectPtr conn,
-+                                      const char *path,
-                                       uid_t uid, gid_t gid)
- {
- 
--    if (!def->src)
-+    if (!path)
-         return 0;
- 
--    VIR_DEBUG("Setting ownership on %s to %d:%d", def->src, uid, gid);
--    if (chown(def->src, uid, gid) < 0) {
-+    VIR_DEBUG("Setting ownership on %s to %d:%d", path, uid, gid);
-+    if (chown(path, uid, gid) < 0) {
-         virReportSystemError(conn, errno, _("cannot set ownership on %s"),
--                             def->src);
-+                             path);
-         return -1;
-     }
-     return 0;
-@@ -1725,7 +1725,7 @@ static int qemuDomainSetDeviceOwnership(virConnectPtr conn,
-             (def->data.disk->readonly || def->data.disk->shared))
-             return 0;
- 
--        return qemuDomainSetDiskOwnership(conn, def->data.disk, uid, gid);
-+        return qemuDomainSetFileOwnership(conn, def->data.disk->src, uid, gid);
- 
-     case VIR_DOMAIN_DEVICE_HOSTDEV:
-         return qemuDomainSetHostdevOwnership(conn, def->data.hostdev, uid, gid);
-@@ -1753,12 +1753,16 @@ static int qemuDomainSetAllDeviceOwnership(virConnectPtr conn,
-     uid = restore ? 0 : driver->user;
-     gid = restore ? 0 : driver->group;
- 
-+    if (qemuDomainSetFileOwnership(conn, def->os.kernel, uid, gid) < 0 ||
-+        qemuDomainSetFileOwnership(conn, def->os.initrd, uid, gid) < 0)
-+        return -1;
-+
-     for (i = 0 ; i < def->ndisks ; i++) {
-         if (restore &&
-             (def->disks[i]->readonly || def->disks[i]->shared))
-             continue;
- 
--        if (qemuDomainSetDiskOwnership(conn, def->disks[i], uid, gid) < 0)
-+        if (qemuDomainSetFileOwnership(conn, def->disks[i]->src, uid, gid) < 0)
-             return -1;
-     }
- 
--- 
-1.6.2.5
-

libvirt-0.7.0-handle-kernels-with-no-ipv6-support.patch

@@ -1,39 +0,0 @@
-From: Mark McLoughlin <markmc@redhat.com>
-Subject: [PATCH] Handle kernels with no ipv6 support
-
-If the ipv6 kernel module is not loaded, then we get this when starting
-a virtual network:
-
-  libvir: Network Config error :
-  cannot enable /proc/sys/net/ipv6/conf/virbr0/disable_ipv6:
-  No such file or directory
-
-If disable_ipv6 is not present, we should just merrily continue on our
-way.
-
-* src/network_driver.c: make networkDisableIPV6() not fail if the kernel
-  has no ipv6 support
----
- src/network_driver.c |    6 ++++++
- 1 files changed, 6 insertions(+), 0 deletions(-)
-
-diff --git a/src/network_driver.c b/src/network_driver.c
-index eaea454..84910ab 100644
---- a/src/network_driver.c
-+++ b/src/network_driver.c
-@@ -801,6 +801,12 @@ static int networkDisableIPV6(virConnectPtr conn,
-         goto cleanup;
-     }
- 
-+    if (access(field, W_OK) < 0 && errno == ENOENT) {
-+        VIR_DEBUG("ipv6 appears to already be disabled on %s", network->def->bridge);
-+        ret = 0;
-+        goto cleanup;
-+    }
-+
-     if (virFileWriteStr(field, "1") < 0) {
-         virReportSystemError(conn, errno,
-                              _("cannot enable %s"), field);
--- 
-1.6.2.5
-

libvirt-0.7.0-numa-ignore-fail.patch

@@ -1,85 +0,0 @@
-commit 19bac57b26c2d46ac8a7601158f210f34acdceac
-Author: Daniel P. Berrange <berrange@redhat.com>
-Date:   Thu Aug 13 11:56:31 2009 +0100
-
-    Make LXC / UML drivers robust against NUMA topology brokenness
-    
-    Some kernel versions expose broken NUMA topology for some machines.
-    This causes the LXC/UML drivers to fail to start. QEMU driver was
-    already fixed for this problem
-    
-    * src/lxc_conf.c: Log and ignore failure to populate NUMA info
-    * src/uml_conf.c: Log and ignore failure to populate NUMA info
-    * src/capabilities.c: Reset nnumaCell to 0 after freeing
-
-diff --git a/src/capabilities.c b/src/capabilities.c
-index c6766b6..193a9fe 100644
---- a/src/capabilities.c
-+++ b/src/capabilities.c
-@@ -139,6 +139,7 @@ virCapabilitiesFreeNUMAInfo(virCapsPtr caps)
-     for (i = 0 ; i < caps->host.nnumaCell ; i++)
-         virCapabilitiesFreeHostNUMACell(caps->host.numaCell[i]);
-     VIR_FREE(caps->host.numaCell);
-+    caps->host.nnumaCell = 0;
- }
- 
- /**
-diff --git a/src/lxc_conf.c b/src/lxc_conf.c
-index d06a024..fef60ba 100644
---- a/src/lxc_conf.c
-+++ b/src/lxc_conf.c
-@@ -30,6 +30,8 @@
- #include "lxc_conf.h"
- #include "nodeinfo.h"
- #include "virterror_internal.h"
-+#include "logging.h"
-+
- 
- #define VIR_FROM_THIS VIR_FROM_LXC
- 
-@@ -46,8 +48,14 @@ virCapsPtr lxcCapsInit(void)
-                                    0, 0)) == NULL)
-         goto no_memory;
- 
--    if (nodeCapsInitNUMA(caps) < 0)
--        goto no_memory;
-+    /* Some machines have problematic NUMA toplogy causing
-+     * unexpected failures. We don't want to break the QEMU
-+     * driver in this scenario, so log errors & carry on
-+     */
-+    if (nodeCapsInitNUMA(caps) < 0) {
-+        virCapabilitiesFreeNUMAInfo(caps);
-+        VIR_WARN0("Failed to query host NUMA topology, disabling NUMA capabilities");
-+    }
- 
-     /* XXX shouldn't 'borrow' KVM's prefix */
-     virCapabilitiesSetMacPrefix(caps, (unsigned char []){ 0x52, 0x54, 0x00 });
-diff --git a/src/uml_conf.c b/src/uml_conf.c
-index 48e05a8..4f756d4 100644
---- a/src/uml_conf.c
-+++ b/src/uml_conf.c
-@@ -45,6 +45,7 @@
- #include "nodeinfo.h"
- #include "verify.h"
- #include "bridge.h"
-+#include "logging.h"
- 
- #define VIR_FROM_THIS VIR_FROM_UML
- 
-@@ -63,8 +64,14 @@ virCapsPtr umlCapsInit(void) {
-                                    0, 0)) == NULL)
-         goto no_memory;
- 
--    if (nodeCapsInitNUMA(caps) < 0)
--        goto no_memory;
-+    /* Some machines have problematic NUMA toplogy causing
-+     * unexpected failures. We don't want to break the QEMU
-+     * driver in this scenario, so log errors & carry on
-+     */
-+    if (nodeCapsInitNUMA(caps) < 0) {
-+        virCapabilitiesFreeNUMAInfo(caps);
-+        VIR_WARN0("Failed to query host NUMA topology, disabling NUMA capabilities");
-+    }
- 
-     if ((guest = virCapabilitiesAddGuest(caps,
-                                          "uml",

libvirt-0.7.0-policy-kit-rewrite.patch

@@ -1,469 +0,0 @@
-diff -rupN libvirt-0.7.0/configure.in libvirt-0.7.0.new/configure.in
---- libvirt-0.7.0/configure.in	2009-08-05 08:53:49.000000000 -0400
-+++ libvirt-0.7.0.new/configure.in	2009-08-13 08:37:22.393897620 -0400
-@@ -641,40 +641,61 @@ AC_SUBST([SASL_LIBS])
- dnl PolicyKit library
- POLKIT_CFLAGS=
- POLKIT_LIBS=
-+PKCHECK_PATH=
- AC_ARG_WITH([polkit],
-   [  --with-polkit         use PolicyKit for UNIX socket access checks],
-   [],
-   [with_polkit=check])
- 
-+with_polkit0=no
-+with_polkit1=no
- if test "x$with_polkit" = "xyes" -o "x$with_polkit" = "xcheck"; then
--  PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED,
--    [with_polkit=yes], [
--    if test "x$with_polkit" = "xcheck" ; then
--       with_polkit=no
--    else
--       AC_MSG_ERROR(
--         [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt])
--    fi
--  ])
--  if test "x$with_polkit" = "xyes" ; then
-+  dnl Check for new polkit first - just a binary
-+  AC_PATH_PROG([PKCHECK_PATH],[pkcheck], [], [/usr/sbin:$PATH])
-+  if test "x$PKCHECK_PATH" != "x" ; then
-+    AC_DEFINE_UNQUOTED([PKCHECK_PATH],["$PKCHECK_PATH"],[Location of pkcheck program])
-     AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1,
--      [use PolicyKit for UNIX socket access checks])
--
--    old_CFLAGS=$CFLAGS
--    old_LDFLAGS=$LDFLAGS
--    CFLAGS="$CFLAGS $POLKIT_CFLAGS"
--    LDFLAGS="$LDFLAGS $POLKIT_LIBS"
--    AC_CHECK_FUNCS([polkit_context_is_caller_authorized])
--    CFLAGS="$old_CFLAGS"
--    LDFLAGS="$old_LDFLAGS"
--
--    AC_PATH_PROG([POLKIT_AUTH], [polkit-auth])
--    if test "x$POLKIT_AUTH" != "x"; then
--      AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
-+        [use PolicyKit for UNIX socket access checks])
-+    AC_DEFINE_UNQUOTED([HAVE_POLKIT1], 1,
-+        [use PolicyKit for UNIX socket access checks])
-+    with_polkit="yes"
-+    with_polkit1="yes"
-+  else
-+    dnl Check for old polkit second - library + binary
-+    PKG_CHECK_MODULES(POLKIT, polkit-dbus >= $POLKIT_REQUIRED,
-+      [with_polkit=yes], [
-+      if test "x$with_polkit" = "xcheck" ; then
-+         with_polkit=no
-+      else
-+         AC_MSG_ERROR(
-+           [You must install PolicyKit >= $POLKIT_REQUIRED to compile libvirt])
-+      fi
-+    ])
-+    if test "x$with_polkit" = "xyes" ; then
-+      AC_DEFINE_UNQUOTED([HAVE_POLKIT], 1,
-+        [use PolicyKit for UNIX socket access checks])
-+      AC_DEFINE_UNQUOTED([HAVE_POLKIT0], 1,
-+        [use PolicyKit for UNIX socket access checks])
-+
-+      old_CFLAGS=$CFLAGS
-+      old_LDFLAGS=$LDFLAGS
-+      CFLAGS="$CFLAGS $POLKIT_CFLAGS"
-+      LDFLAGS="$LDFLAGS $POLKIT_LIBS"
-+      AC_CHECK_FUNCS([polkit_context_is_caller_authorized])
-+      CFLAGS="$old_CFLAGS"
-+      LDFLAGS="$old_LDFLAGS"
-+
-+      AC_PATH_PROG([POLKIT_AUTH], [polkit-auth])
-+      if test "x$POLKIT_AUTH" != "x"; then
-+        AC_DEFINE_UNQUOTED([POLKIT_AUTH],["$POLKIT_AUTH"],[Location of polkit-auth program])
-+      fi
-+      with_polkit0="yes"
-     fi
-   fi
- fi
- AM_CONDITIONAL([HAVE_POLKIT], [test "x$with_polkit" = "xyes"])
-+AM_CONDITIONAL([HAVE_POLKIT0], [test "x$with_polkit0" = "xyes"])
-+AM_CONDITIONAL([HAVE_POLKIT1], [test "x$with_polkit1" = "xyes"])
- AC_SUBST([POLKIT_CFLAGS])
- AC_SUBST([POLKIT_LIBS])
- 
-@@ -1695,7 +1716,11 @@ else
- AC_MSG_NOTICE([   avahi: no])
- fi
- if test "$with_polkit" = "yes" ; then
--AC_MSG_NOTICE([  polkit: $POLKIT_CFLAGS $POLKIT_LIBS])
-+if test "$with_polkit0" = "yes" ; then
-+AC_MSG_NOTICE([  polkit: $POLKIT_CFLAGS $POLKIT_LIBS (version 0)])
-+else
-+AC_MSG_NOTICE([  polkit: $PKCHECK_PATH (version 1)])
-+fi
- else
- AC_MSG_NOTICE([  polkit: no])
- fi
-diff -rupN libvirt-0.7.0/qemud/libvirtd.policy libvirt-0.7.0.new/qemud/libvirtd.policy
---- libvirt-0.7.0/qemud/libvirtd.policy	2009-07-22 09:37:32.000000000 -0400
-+++ libvirt-0.7.0.new/qemud/libvirtd.policy	1969-12-31 19:00:00.000000000 -0500
-@@ -1,42 +0,0 @@
--<!DOCTYPE policyconfig PUBLIC
-- "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
-- "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
--
--<!--
--Policy definitions for libvirt daemon
--
--Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
--
--libvirt is licensed to you under the GNU Lesser General Public License
--version 2. See COPYING for details.
--
--NOTE: If you make changes to this file, make sure to validate the file
--using the polkit-policy-file-validate(1) tool. Changes made to this
--file are instantly applied.
---->
--
--<policyconfig>
--    <action id="org.libvirt.unix.monitor">
--      <description>Monitor local virtualized systems</description>
--      <message>System policy prevents monitoring of local virtualized systems</message>
--      <defaults>
--        <!-- Any program can use libvirt in read-only mode for monitoring,
--             even if not part of a session -->
--        <allow_any>yes</allow_any>
--        <allow_inactive>yes</allow_inactive>
--        <allow_active>yes</allow_active>
--      </defaults>
--    </action>
--
--    <action id="org.libvirt.unix.manage">
--      <description>Manage local virtualized systems</description>
--      <message>System policy prevents management of local virtualized systems</message>
--      <defaults>
--        <!-- Only a program in the active host session can use libvirt in
--             read-write mode for management, and we require user password -->
--        <allow_any>no</allow_any>
--        <allow_inactive>no</allow_inactive>
--        <allow_active>auth_admin_keep_session</allow_active>
--      </defaults>
--    </action>
--</policyconfig>
-diff -rupN libvirt-0.7.0/qemud/libvirtd.policy-0 libvirt-0.7.0.new/qemud/libvirtd.policy-0
---- libvirt-0.7.0/qemud/libvirtd.policy-0	1969-12-31 19:00:00.000000000 -0500
-+++ libvirt-0.7.0.new/qemud/libvirtd.policy-0	2009-08-13 08:37:22.408883879 -0400
-@@ -0,0 +1,42 @@
-+<!DOCTYPE policyconfig PUBLIC
-+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
-+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-+
-+<!--
-+Policy definitions for libvirt daemon
-+
-+Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
-+
-+libvirt is licensed to you under the GNU Lesser General Public License
-+version 2. See COPYING for details.
-+
-+NOTE: If you make changes to this file, make sure to validate the file
-+using the polkit-policy-file-validate(1) tool. Changes made to this
-+file are instantly applied.
-+-->
-+
-+<policyconfig>
-+    <action id="org.libvirt.unix.monitor">
-+      <description>Monitor local virtualized systems</description>
-+      <message>System policy prevents monitoring of local virtualized systems</message>
-+      <defaults>
-+        <!-- Any program can use libvirt in read-only mode for monitoring,
-+             even if not part of a session -->
-+        <allow_any>yes</allow_any>
-+        <allow_inactive>yes</allow_inactive>
-+        <allow_active>yes</allow_active>
-+      </defaults>
-+    </action>
-+
-+    <action id="org.libvirt.unix.manage">
-+      <description>Manage local virtualized systems</description>
-+      <message>System policy prevents management of local virtualized systems</message>
-+      <defaults>
-+        <!-- Only a program in the active host session can use libvirt in
-+             read-write mode for management, and we require user password -->
-+        <allow_any>no</allow_any>
-+        <allow_inactive>no</allow_inactive>
-+        <allow_active>auth_admin_keep_session</allow_active>
-+      </defaults>
-+    </action>
-+</policyconfig>
-diff -rupN libvirt-0.7.0/qemud/libvirtd.policy-1 libvirt-0.7.0.new/qemud/libvirtd.policy-1
---- libvirt-0.7.0/qemud/libvirtd.policy-1	1969-12-31 19:00:00.000000000 -0500
-+++ libvirt-0.7.0.new/qemud/libvirtd.policy-1	2009-08-13 08:37:22.412905763 -0400
-@@ -0,0 +1,42 @@
-+<!DOCTYPE policyconfig PUBLIC
-+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
-+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
-+
-+<!--
-+Policy definitions for libvirt daemon
-+
-+Copyright (c) 2007 Daniel P. Berrange <berrange redhat com>
-+
-+libvirt is licensed to you under the GNU Lesser General Public License
-+version 2. See COPYING for details.
-+
-+NOTE: If you make changes to this file, make sure to validate the file
-+using the polkit-policy-file-validate(1) tool. Changes made to this
-+file are instantly applied.
-+-->
-+
-+<policyconfig>
-+    <action id="org.libvirt.unix.monitor">
-+      <description>Monitor local virtualized systems</description>
-+      <message>System policy prevents monitoring of local virtualized systems</message>
-+      <defaults>
-+        <!-- Any program can use libvirt in read-only mode for monitoring,
-+             even if not part of a session -->
-+        <allow_any>yes</allow_any>
-+        <allow_inactive>yes</allow_inactive>
-+        <allow_active>yes</allow_active>
-+      </defaults>
-+    </action>
-+
-+    <action id="org.libvirt.unix.manage">
-+      <description>Manage local virtualized systems</description>
-+      <message>System policy prevents management of local virtualized systems</message>
-+      <defaults>
-+        <!-- Only a program in the active host session can use libvirt in
-+             read-write mode for management, and we require user password -->
-+        <allow_any>no</allow_any>
-+        <allow_inactive>no</allow_inactive>
-+        <allow_active>auth_admin_keep</allow_active>
-+      </defaults>
-+    </action>
-+</policyconfig>
-diff -rupN libvirt-0.7.0/qemud/Makefile.am libvirt-0.7.0.new/qemud/Makefile.am
---- libvirt-0.7.0/qemud/Makefile.am	2009-07-22 09:37:32.000000000 -0400
-+++ libvirt-0.7.0.new/qemud/Makefile.am	2009-08-13 08:37:22.398915449 -0400
-@@ -21,7 +21,8 @@ EXTRA_DIST =						\
- 	remote_protocol.x				\
- 	libvirtd.conf					\
- 	libvirtd.init.in				\
--	libvirtd.policy					\
-+	libvirtd.policy-0				\
-+	libvirtd.policy-1				\
- 	libvirtd.sasl					\
- 	libvirtd.sysconf				\
- 	libvirtd.aug                                    \
-@@ -147,7 +148,13 @@ endif
- libvirtd_LDADD += ../src/libvirt.la
- 
- if HAVE_POLKIT
-+if HAVE_POLKIT0
- policydir = $(datadir)/PolicyKit/policy
-+policyfile = libvirtd.policy-0
-+else
-+policydir = $(datadir)/polkit-1/actions
-+policyfile = libvirtd.policy-1
-+endif
- endif
- 
- if HAVE_AVAHI
-@@ -197,7 +204,7 @@ endif
- if HAVE_POLKIT
- install-data-polkit:: install-init
- 	mkdir -p $(DESTDIR)$(policydir)
--	$(INSTALL_DATA) $(srcdir)/libvirtd.policy $(DESTDIR)$(policydir)/org.libvirt.unix.policy
-+	$(INSTALL_DATA) $(srcdir)/$(policyfile) $(DESTDIR)$(policydir)/org.libvirt.unix.policy
- uninstall-data-polkit:: install-init
- 	rm -f $(DESTDIR)$(policydir)/org.libvirt.unix.policy
- else
-diff -rupN libvirt-0.7.0/qemud/qemud.c libvirt-0.7.0.new/qemud/qemud.c
---- libvirt-0.7.0/qemud/qemud.c	2009-07-22 09:37:32.000000000 -0400
-+++ libvirt-0.7.0.new/qemud/qemud.c	2009-08-13 08:37:22.419878018 -0400
-@@ -895,7 +895,7 @@ static struct qemud_server *qemudNetwork
-     }
- #endif
- 
--#ifdef HAVE_POLKIT
-+#if HAVE_POLKIT0
-     if (auth_unix_rw == REMOTE_AUTH_POLKIT ||
-         auth_unix_ro == REMOTE_AUTH_POLKIT) {
-         DBusError derr;
-@@ -982,7 +982,7 @@ static struct qemud_server *qemudNetwork
-             sock = sock->next;
-         }
- 
--#ifdef HAVE_POLKIT
-+#if HAVE_POLKIT0
-         if (server->sysbus)
-             dbus_connection_unref(server->sysbus);
- #endif
-diff -rupN libvirt-0.7.0/qemud/qemud.h libvirt-0.7.0.new/qemud/qemud.h
---- libvirt-0.7.0/qemud/qemud.h	2009-07-23 12:33:02.000000000 -0400
-+++ libvirt-0.7.0.new/qemud/qemud.h	2009-08-13 08:37:22.425909852 -0400
-@@ -34,7 +34,7 @@
- #include <sasl/sasl.h>
- #endif
- 
--#ifdef HAVE_POLKIT
-+#if HAVE_POLKIT0
- #include <dbus/dbus.h>
- #endif
- 
-@@ -253,7 +253,7 @@ struct qemud_server {
- #if HAVE_SASL
-     char **saslUsernameWhitelist;
- #endif
--#if HAVE_POLKIT
-+#if HAVE_POLKIT0
-     DBusConnection *sysbus;
- #endif
- };
-diff -rupN libvirt-0.7.0/qemud/remote.c libvirt-0.7.0.new/qemud/remote.c
---- libvirt-0.7.0/qemud/remote.c	2009-07-23 12:33:02.000000000 -0400
-+++ libvirt-0.7.0.new/qemud/remote.c	2009-08-13 08:37:22.431865087 -0400
-@@ -43,7 +43,7 @@
- #include <fnmatch.h>
- #include "virterror_internal.h"
- 
--#ifdef HAVE_POLKIT
-+#if HAVE_POLKIT0
- #include <polkit/polkit.h>
- #include <polkit-dbus/polkit-dbus.h>
- #endif
-@@ -3106,7 +3106,80 @@ remoteDispatchAuthSaslStep (struct qemud
- #endif /* HAVE_SASL */
- 
- 
--#if HAVE_POLKIT
-+#if HAVE_POLKIT1
-+static int
-+remoteDispatchAuthPolkit (struct qemud_server *server,
-+                          struct qemud_client *client,
-+                          virConnectPtr conn ATTRIBUTE_UNUSED,
-+                          remote_error *rerr,
-+                          void *args ATTRIBUTE_UNUSED,
-+                          remote_auth_polkit_ret *ret)
-+{
-+    pid_t callerPid;
-+    uid_t callerUid;
-+    const char *action;
-+    int status = -1;
-+    char pidbuf[50];
-+    int rv;
-+
-+    virMutexLock(&server->lock);
-+    virMutexLock(&client->lock);
-+    virMutexUnlock(&server->lock);
-+
-+    action = client->readonly ?
-+        "org.libvirt.unix.monitor" :
-+        "org.libvirt.unix.manage";
-+
-+    const char * const pkcheck [] = {
-+      PKCHECK_PATH,
-+      "--action-id", action,
-+      "--process", pidbuf,
-+      "--allow-user-interaction",
-+      NULL
-+    };
-+
-+    REMOTE_DEBUG("Start PolicyKit auth %d", client->fd);
-+    if (client->auth != REMOTE_AUTH_POLKIT) {
-+        VIR_ERROR0(_("client tried invalid PolicyKit init request"));
-+        goto authfail;
-+    }
-+
-+    if (qemudGetSocketIdentity(client->fd, &callerUid, &callerPid) < 0) {
-+        VIR_ERROR0(_("cannot get peer socket identity"));
-+        goto authfail;
-+    }
-+
-+    VIR_INFO(_("Checking PID %d running as %d"), callerPid, callerUid);
-+
-+    rv = snprintf(pidbuf, sizeof pidbuf, "%d", callerPid);
-+    if (rv < 0 || rv >= sizeof pidbuf) {
-+        VIR_ERROR(_("Caller PID was too large %d"), callerPid);
-+	goto authfail;
-+    }
-+
-+    if (virRun(NULL, pkcheck, &status) < 0) {
-+        VIR_ERROR(_("Cannot invoke %s"), PKCHECK_PATH);
-+	goto authfail;
-+    }
-+    if (status != 0) {
-+        VIR_ERROR(_("Policy kit denied action %s from pid %d, uid %d, result: %d\n"),
-+                  action, callerPid, callerUid, status);
-+        goto authfail;
-+    }
-+    VIR_INFO(_("Policy allowed action %s from pid %d, uid %d"),
-+             action, callerPid, callerUid);
-+    ret->complete = 1;
-+    client->auth = REMOTE_AUTH_NONE;
-+
-+    virMutexUnlock(&client->lock);
-+    return 0;
-+
-+authfail:
-+    remoteDispatchAuthError(rerr);
-+    virMutexUnlock(&client->lock);
-+    return -1;
-+}
-+#elif HAVE_POLKIT0
- static int
- remoteDispatchAuthPolkit (struct qemud_server *server,
-                           struct qemud_client *client,
-@@ -3217,7 +3290,7 @@ authfail:
-     return -1;
- }
- 
--#else /* HAVE_POLKIT */
-+#else /* !HAVE_POLKIT0 & !HAVE_POLKIT1*/
- 
- static int
- remoteDispatchAuthPolkit (struct qemud_server *server ATTRIBUTE_UNUSED,
-@@ -3231,7 +3304,7 @@ remoteDispatchAuthPolkit (struct qemud_s
-     remoteDispatchAuthError(rerr);
-     return -1;
- }
--#endif /* HAVE_POLKIT */
-+#endif /* HAVE_POLKIT1 */
- 
- 
- /***************************************************************
-diff -rupN libvirt-0.7.0/src/remote_internal.c libvirt-0.7.0.new/src/remote_internal.c
---- libvirt-0.7.0/src/remote_internal.c	2009-07-29 10:42:15.000000000 -0400
-+++ libvirt-0.7.0.new/src/remote_internal.c	2009-08-13 10:55:57.607899170 -0400
-@@ -6201,6 +6201,7 @@ remoteAuthPolkit (virConnectPtr conn, st
-                   virConnectAuthPtr auth)
- {
-     remote_auth_polkit_ret ret;
-+#if HAVE_POLKIT0
-     int i, allowcb = 0;
-     virConnectCredential cred = {
-         VIR_CRED_EXTERNAL,
-@@ -6210,8 +6211,10 @@ remoteAuthPolkit (virConnectPtr conn, st
-         NULL,
-         0,
-     };
-+#endif
-     DEBUG0("Client initialize PolicyKit authentication");
- 
-+#if HAVE_POLKIT0
-     if (auth && auth->cb) {
-         /* Check if the necessary credential type for PolicyKit is supported */
-         for (i = 0 ; i < auth->ncredtype ; i++) {
-@@ -6220,6 +6223,7 @@ remoteAuthPolkit (virConnectPtr conn, st
-         }
- 
-         if (allowcb) {
-+            DEBUG0("Client run callback for PolicyKit authentication");
-             /* Run the authentication callback */
-             if ((*(auth->cb))(&cred, 1, auth->cbdata) < 0) {
-                 virRaiseError (in_open ? NULL : conn, NULL, NULL, VIR_FROM_REMOTE,
-@@ -6233,6 +6237,9 @@ remoteAuthPolkit (virConnectPtr conn, st
-     } else {
-         DEBUG0("No auth callback provided");
-     }
-+#else
-+    DEBUG0("No auth callback required for PolicyKit-1");
-+#endif
- 
-     memset (&ret, 0, sizeof ret);
-     if (call (conn, priv, in_open, REMOTE_PROC_AUTH_POLKIT,

libvirt-fix-drv-supports-feature-bogus-error.patch

@@ -0,0 +1,32 @@
+From 2f6e857ac7d6ed5cd417e684147dd9c98775ab3d Mon Sep 17 00:00:00 2001
+From: Chris Lalancette <clalance@redhat.com>
+Date: Mon, 21 Sep 2009 14:53:31 +0200
+Subject: [PATCH] Don't do virSetConnError when virDrvSupportsFeature is successful.
+
+Signed-off-by: Chris Lalancette <clalance@redhat.com>
+Fedora-patch: libvirt-fix-drv-supports-feature-bogus-error.patch
+---
+ src/libvirt.c |    7 +++++--
+ 1 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/libvirt.c b/src/libvirt.c
+index 4a11688..fa59dc7 100644
+--- a/src/libvirt.c
++++ b/src/libvirt.c
+@@ -1349,8 +1349,11 @@ virDrvSupportsFeature (virConnectPtr conn, int feature)
+     }
+ 
+     ret = VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn, feature);
+-    /* Copy to connection error object for back compatability */
+-    virSetConnError(conn);
++
++    if (ret < 0)
++        /* Copy to connection error object for back compatability */
++        virSetConnError(conn);
++
+     return ret;
+ }
+ 
+-- 
+1.6.2.5
+

libvirt-fix-net-hotunplug-double-free.patch

@@ -0,0 +1,46 @@
+From d09ff3c35c29d14760d5ea03559042cc024e09ab Mon Sep 17 00:00:00 2001
+From: Mark McLoughlin <markmc@redhat.com>
+Date: Thu, 17 Sep 2009 15:31:08 +0100
+Subject: [PATCH] Fix net/disk hot-unplug segfault
+
+When we hot-unplug the last device, we're currently double-freeing
+the device definition.
+
+Reported by Michal Nowak here:
+
+  https://bugzilla.redhat.com/523953
+
+* src/qemu_driver.c: fix double free
+
+(cherry-picked from commit 8881ae1bf8783006777429403cc543c33187175d)
+
+Fedora-patch: libvirt-fix-net-hotunplug-double-free.patch
+---
+ src/qemu_driver.c |    4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index a65334f..de31581 100644
+--- a/src/qemu_driver.c
++++ b/src/qemu_driver.c
+@@ -5998,7 +5998,7 @@ try_command:
+             /* ignore, harmless */
+         }
+     } else {
+-        VIR_FREE(vm->def->disks[0]);
++        VIR_FREE(vm->def->disks);
+         vm->def->ndisks = 0;
+     }
+     virDomainDiskDefFree(detach);
+@@ -6100,7 +6100,7 @@ qemudDomainDetachNetDevice(virConnectPtr conn,
+             /* ignore, harmless */
+         }
+     } else {
+-        VIR_FREE(vm->def->nets[0]);
++        VIR_FREE(vm->def->nets);
+         vm->def->nnets = 0;
+     }
+     virDomainNetDefFree(detach);
+-- 
+1.6.2.5
+

libvirt-fix-pci-hostdev-hotunplug-leak.patch

@@ -0,0 +1,50 @@
+From d04ac8624f5fabe7587982796f2e2161220b0fcc Mon Sep 17 00:00:00 2001
+From: Mark McLoughlin <markmc@redhat.com>
+Date: Thu, 17 Sep 2009 15:32:45 +0100
+Subject: [PATCH] Fix leak in PCI hostdev hot-unplug
+
+* src/qemu_driver.c: sync the hostdev hot-unplug code with the disk/net
+  code.
+
+(cherry-picked from commit a70da51ff76ed860bfc0cdee2e1d556da997c557)
+
+Fedora-patch: libvirt-fix-pci-hostdev-hotunplug-leak.patch
+---
+ src/qemu_driver.c |   20 +++++++++++++-------
+ 1 files changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index de31581..2ddcdc0 100644
+--- a/src/qemu_driver.c
++++ b/src/qemu_driver.c
+@@ -6206,14 +6206,20 @@ static int qemudDomainDetachHostPciDevice(virConnectPtr conn,
+         pciFreeDevice(conn, pci);
+     }
+ 
+-    if (i != --vm->def->nhostdevs)
+-        memmove(&vm->def->hostdevs[i],
+-                &vm->def->hostdevs[i+1],
+-                sizeof(*vm->def->hostdevs) * (vm->def->nhostdevs-i));
+-    if (VIR_REALLOC_N(vm->def->hostdevs, vm->def->nhostdevs) < 0) {
+-        virReportOOMError(conn);
+-        ret = -1;
++    if (vm->def->nhostdevs > 1) {
++        memmove(vm->def->hostdevs + i,
++                vm->def->hostdevs + i + 1,
++                sizeof(*vm->def->hostdevs) *
++                (vm->def->nhostdevs - (i + 1)));
++        vm->def->nhostdevs--;
++        if (VIR_REALLOC_N(vm->def->hostdevs, vm->def->nhostdevs) < 0) {
++            /* ignore, harmless */
++        }
++    } else {
++        VIR_FREE(vm->def->hostdevs);
++        vm->def->nhostdevs = 0;
+     }
++    virDomainHostdevDefFree(detach);
+ 
+     return ret;
+ }
+-- 
+1.6.2.5
+

libvirt-fix-qemu-raw-format-save.patch

@@ -0,0 +1,53 @@
+From e50c91fdcea5d81e3eb2051c05f4e51a16c3e692 Mon Sep 17 00:00:00 2001
+From: Charles Duffy <Charles_Duffy@dell.com>
+Date: Fri, 18 Sep 2009 11:32:35 -0500
+Subject: [PATCH] Prevent attempt to call cat -c during virDomainSave to raw
+
+Fedora-patch: libvirt-fix-qemu-raw-format-save.patch
+---
+ src/qemu_driver.c |   28 ++++++++++++++++++----------
+ 1 files changed, 18 insertions(+), 10 deletions(-)
+
+diff --git a/src/qemu_driver.c b/src/qemu_driver.c
+index 2ddcdc0..7c7b985 100644
+--- a/src/qemu_driver.c
++++ b/src/qemu_driver.c
+@@ -3905,17 +3905,25 @@ static int qemudDomainSave(virDomainPtr dom,
+         goto cleanup;
+     }
+ 
+-    const char *prog = qemudSaveCompressionTypeToString(header.compressed);
+-    if (prog == NULL) {
+-        qemudReportError(dom->conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
+-                         _("Invalid compress format %d"), header.compressed);
+-        goto cleanup;
+-    }
++    {
++        const char *prog = qemudSaveCompressionTypeToString(header.compressed);
++        const char *args;
+ 
+-    if (STREQ (prog, "raw"))
+-        prog = "cat";
+-    internalret = virAsprintf(&command, "migrate \"exec:"
+-                              "%s -c >> '%s' 2>/dev/null\"", prog, safe_path);
++        if (prog == NULL) {
++            qemudReportError(dom->conn, dom, NULL, VIR_ERR_INTERNAL_ERROR,
++                             _("Invalid compress format %d"), header.compressed);
++            goto cleanup;
++        }
++
++        if (STREQ (prog, "raw")) {
++            prog = "cat";
++            args = "";
++        } else {
++            args = "-c";
++        }
++        internalret = virAsprintf(&command, "migrate \"exec:"
++                                  "%s %s >> '%s' 2>/dev/null\"", prog, args, safe_path);
++    }
+ 
+     if (internalret < 0) {
+         virReportOOMError(dom->conn);
+-- 
+1.6.2.5
+

libvirt-fix-usb-device-passthrough.patch

@@ -0,0 +1,41 @@
+From 16f20706f8d2f113bb6a49f56e415c16d438183e Mon Sep 17 00:00:00 2001
+From: Mark McLoughlin <markmc@redhat.com>
+Date: Wed, 30 Sep 2009 18:37:03 +0100
+Subject: [PATCH] Fix USB device re-labelling
+
+A simple misplaced break out of a switch results in:
+
+  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./vendor': No such file or directory
+  libvir: error : Failed to open file '/sys/bus/pci/devices/0000:00:54c./device': No such file or directory
+  libvir: error : this function is not supported by the hypervisor: Failed to read product/vendor ID for 0000:00:54c.
+
+when trying to passthrough a USB host device to qemu.
+
+* src/security_selinux.c: fix a switch/break thinko
+
+Fedora-patch: libvirt-fix-usb-device-passthrough.patch
+---
+ src/security_selinux.c |    3 +--
+ 1 files changed, 1 insertions(+), 2 deletions(-)
+
+diff --git a/src/security_selinux.c b/src/security_selinux.c
+index bc295b1..b4dc153 100644
+--- a/src/security_selinux.c
++++ b/src/security_selinux.c
+@@ -464,12 +464,11 @@ SELinuxSetSecurityHostdevLabel(virConnectPtr conn,
+ 
+             ret = usbDeviceFileIterate(conn, usb, SELinuxSetSecurityUSBLabel, vm);
+             usbFreeDevice(conn, usb);
+-
+-            break;
+         } else {
+             /* XXX deal with product/vendor better */
+             ret = 0;
+         }
++        break;
+     }
+ 
+     case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: {
+-- 
+1.6.4.4
+

sources

@@ -1 +1 @@
-8c2c14a7695c9c661004bcfc6468d62d  libvirt-0.7.0.tar.gz
+f1cd360a5da38b847e166c6482141940  libvirt-0.7.1.tar.gz