linux/meta-virtualization.git/recipes-extended/libvirt, branch hardknott-next

libvirt: fix CVE-2021-3667

2021-11-24T21:59:58+00:00

Backport a fix for CVE-2021-3667. The CVE discription: An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1986094 Signed-off-by: Yanfei Xu Signed-off-by: Bruce Ashfield

libvirt: Security fix for CVE-2021-3631

2021-09-16T22:21:15+00:00

Source: https://libvirt.org/git/libvirt.git MR: 112956 Type: Security Fix Disposition: Backport from https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2 ChangeID: 314727e329e5b1351326737eb9c9232f465db184 Description: Signed-off-by: Armin Kuster Signed-off-by: Bruce Ashfield

libvirt: Security fix for CVE-2020-25637

2021-09-16T22:21:15+00:00

Source: https://libvirt.org/git/libvirt.git MR: 105864 Type: Security Fix Disposition: Backport from https://libvirt.org/git/libvirt.git ChangeID: 99bb9b4fc1b608e4e9a56b9d2308bfa54d9ba33c Description: * https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401 * https://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923 * https://libvirt.org/git/?p=libvirt.git;a=commit;h=e4116eaa44cb366b59f7fe98f4b88d04c04970ad * https://libvirt.org/git/?p=libvirt.git;a=commit;h=a63b48c5ecef077bf0f909a85f453a605600cf05 Affects <= 6.3.0 Signed-off-by: Armin Kuster Signed-off-by: Bruce Ashfield

libvirt-python: inherit python3targetconfig

2021-02-09T13:21:36+00:00

* otherwise libvirt build will incorrectly use host's gcc and fail with: gcc: error: unrecognized command line option "-fmacro-prefix-map=/OE/libvirt/6.1.0-r0=/usr/src/debug/libvirt/6.1.0-r0" Signed-off-by: Martin Jansa Signed-off-by: Bruce Ashfield

Revert "libvirt: fix host gcc can't recognized option -fmacro-prefix-map"

2021-02-09T13:21:36+00:00

This reverts commit 08b5de42f9216a10bb2f83263b7e6789686b4c3d. libvirt shouldn't be using host's gcc to build python module, this issue is caused by missing inherit of python3targetconfig instead added in: https://git.openembedded.org/openembedded-core/commit/?id=5a118d4e7985fa88f04c3611f8db813f0dafce75 Signed-off-by: Martin Jansa Signed-off-by: Bruce Ashfield

libvirt: fix host gcc can't recognized option -fmacro-prefix-map

2020-11-19T16:05:48+00:00

libvirt-python picks host gcc (instead of cross gcc) to build shared library in absense of LD*SHARED flags. Instead of inherit distutils3-base.class, taking SHARED flags to create libvirt-python package. Ref: https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/classes/distutils-common-base.bbclass Signed-off-by: Naveen Saini Signed-off-by: Bruce Ashfield

libvirt: Use /run in replace of /var/run in libvirt

2020-09-21T21:32:39+00:00

To avoid systemd complains that the libvirt unit files use legacy directory, we configure the libvirt with '--with-runstatedir=/run' and do some minor changes. ------------------cut here---------------------- 014: systemd[1]: /lib/systemd/system/virtlogd.socket:6: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/virtlogd-sock → /run/libvirt/virtlogd-sock; please update the unit file accordingly. 014: systemd[1]: /lib/systemd/system/virtlogd-admin.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/virtlogd-admin-sock → /run/libvirt/virtlogd-admin-sock; please update the unit file accordingly. 014: systemd[1]: /lib/systemd/system/virtlockd.socket:6: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/virtlockd-sock → /run/libvirt/virtlockd-sock; please update the unit file accordingly. 014: systemd[1]: /lib/systemd/system/virtlockd-admin.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/virtlockd-admin-sock → /run/libvirt/virtlockd-admin-sock; please update the unit file accordingly. 014: systemd[1]: /lib/systemd/system/libvirtd.socket:9: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/libvirt-sock → /run/libvirt/libvirt-sock; please update the unit file accordingly. 014: systemd[1]: /lib/systemd/system/libvirtd-ro.socket:11: ListenStream= references a path below legacy directory /var/run/, updating /var/run/libvirt/libvirt-sock-ro → /run/libvirt/libvirt-sock-ro; please update the unit file accordingly. ...... Signed-off-by: Yanfei Xu Signed-off-by: Bruce Ashfield

libvirt: specify location of dmidecode

2020-08-08T02:21:22+00:00

We should tell configure where dmidecode is rather than have it search the host for it. Signed-off-by: Joe Slater Signed-off-by: Bruce Ashfield

libvirt: fix install error without qemu

2020-08-08T02:19:43+00:00

An error occurs during the install step of libvirt when the variable PACKAGECONFIG does not contain qemu. Indeed, in this case, the operation "chown -R qemu:qemu ${D}/${localstatedir}/lib/libvirt/qemu" fails, since the folder ${D}/${localstatedir}/lib/libvirt/qemu has not been created. The fix consist in doing this operation only if the variable “PACKAGECONFIG” contains “qemu”. remark: issue present since the Warrior release of yocto. Upstream-Status: Pending Signed-off-by: Nicolas Lavocat Signed-off-by: Bruce Ashfield

libvirt: fix patch fuzz warning

2020-06-02T02:30:39+00:00

Refreshed patches to fix: "WARNING: libvirt-6.3.0-r0 do_patch: Fuzz detected" Signed-off-by: Sakib Sajal Signed-off-by: Bruce Ashfield