As planned I tagged the git tree earlier today and pushed tarballs and
rpms to the usual place:
ftp://libvirt.org/libvirt/
The release is a bit smaller than usual in terms of commited patches
probably due to a large part of the team travelling to KVM Forum !
This is mostly a bug fix and maintainance release, it includes 4
important security patches in addition to the usual set of bug and
leak fixes. To note the added support for ARM 64 bits arch, and quite
a large set of portability fixes:
Features:
- Add support for AArch64 architecture (Pranavkumar Sawargaonkar)
- Various improvements on test code and test driver (many people)
Security:
- Don't link virt-login-shell against libvirt.so (CVE-2013-4400) (Daniel P. Berrange)
- Close all non-stdio FDs in virt-login-shell (CVE-2013-4400) (Daniel P. Berrange)
- Only allow 'stderr' log output when running setuid (CVE-2013-4400) (Daniel P.
Berrange)
- Fix perms for virConnectDomainXML{To,From}Native (CVE-2013-4401) (Daniel P. Berrange)
Documentation:
- generate links from plain text documentation (Claudio Bley)
- define style of code blocks inside descriptions (Claudio Bley)
- add class "description" to div's containing descriptions (Claudio Bley)
- process code blocks similar to Markdown (Claudio Bley)
- fix typos in formatnwfilter (Chen Hanxiao)
- fix a typo in formatdomain (Chen Hanxiao)
- virsh: fix doc typos (Eric Blake)
- maint: typo fixes (Eric Blake)
- fix some typos about 'informations' (Chen Hanxiao)
- fix a typo in formatdomain (Chen Hanxiao)
- Expand description of host-model CPU mode (Jiri Denemark)
- virsh: fix a typo in virsh-domain (Chen Hanxiao)
- storage: document existing pools (Eric Blake)
- remote-driver: Fix 'leav' typo in comment (Christophe Fergeau)
- change the minimum weight description for blkio (Chen Hanxiao)
- Add some notes about secure usage of libvirt (Daniel P. Berrange)
- lxc: Fix an improper comment in lxc_process.c (Chen Hanxiao)
- nwfilter: fix a typo in nwfilter_gentech_driver.c (Hongwei Bi)
- cgroup: fix a comment typo in vircgroup.c (Chen Hanxiao)
- fix typo in HACKING (Chen Hanxiao)
- aclpolkit: Fix a heading typo (Cole Robinson)
Portability:
- virnetsocket: fix getsockopt on FreeBSD (Ryota Ozaki)
- MacOS: Handle changes to xdrproc_t definition (Doug Goldstein)
- fix api changes in xen restore (Bamvor Jian Zhang)
- MacOS: Re-add support for QEMU backend (Doug Goldstein)
- rpc: Retrieve peer PID via new getsockopt() for Mac (Doug Goldstein)
- build: fix build of virt-login-shell on systems with older gnutls (Jim Fehlig)
- build: fix linking virt-login-shell (Jim Fehlig)
- nodeinfo: fix physical memory size on Mac OS X (Ryota Ozaki)
- Add stub getegid impl for platforms lacking it (Daniel P. Berrange)
- better error checking for LOCAL_PEERCRED (Brian Candler)
- Add support for detecting PPC little endian arches (Daniel P. Berrange)
- xenapi: Fix build after const correctnes changes (Peter Krempa)
- rpc: Fix getsockopt on Snow Leopard and lower (Doug Goldstein)
- build: fix linker error on FreeBSD (Giuseppe Scrivano)
- tests: avoid compile failure on linux kernels older than 2.6.19 (Giuseppe Scrivano)
- nodeinfo: make freebsdNodeGetCPUCount work on Mac OS X (Ryota Ozaki)
- rpc: fix getsockopt for LOCAL_PEERCRED on Mac OS X (Ryota Ozaki)
- build: fix build on 32-bit platforms (Eric Blake)
- build: fix build on RHEL 5 (Eric Blake)
- build: fix build --without-remote (Eric Blake)
Bug fixes:
- Fix race in starting transient VMs (Daniel P. Berrange)
- Use a port from the migration range for NBD as well (Ján Tomko)
- nodedev_hal: fix segfault when virDBusGetSystemBus fails (Ryota Ozaki)
- Fix race condition reconnecting to vms & loading configs (Daniel P. Berrange)
- Don't update dom->persistent without lock held (Daniel P. Berrange)
- storage: fix incorrect typedef (Eric Blake)
- apparmor: Fix typo in function name in driver struct initialization (Peter Krempa)
- qemu: fix well-formed migration URI formatting (Michael Chapman)
- LXC: don't free tty before using it in lxcContainerSetupDevices (Gao feng)
- python: Fix Create*WithFiles filefd passing (Marian Neagul)
- networkStartDhcpDaemon: Check for dnsmasqCapsRefresh failure (Hongwei Bi)
- virsh: Fix job watching when STDIN is not a tty (Peter Krempa)
- qemu: fix removal of <interface type='hostdev'> (Laine Stump)
- Fix a problem introduced by commit 99889012 (Geoff Hickey)
- qemu: Avoid assigning unavailable migration ports (Wang Yufei)
- viralloc.h: Fix typo in VIR_APPEND_ELEMENT_COPY_QUIT (Michal Privoznik)
- remote: fix regression in event deregistration (Zhou Yimin)
- daemon: don't free domain if it's null (Chen Hanxiao)
- Remove ATTRIBUTE_NONNULL(3) from qemuMonitorJSONDrivePivot (John Ferlan)
- rpc: Correct the wrong payload size checking (Osier Yang)
- Fix typo breaking cgroups for NBD backed filesystems (Daniel P. Berrange)
- Ignore thin pool LVM devices. (Dusty Mabe)
- domain_conf.c: Initialize arrVar and cntVar (Michal Privoznik)
- vbox: handle 'saved' state of VMs (Ryota Ozaki)
- esx: Fix floppy.fileName handling in the vmx file parser (Geoff Hickey)
- Convert uuid to a string before printing it (Ján Tomko)
- Initialize threading & error layer in LXC controller (Daniel P. Berrange)
- Don't ignore all dbus connection errors (Daniel P. Berrange)
- Fix exit status of lxc controller (Daniel P. Berrange)
- Fix flaw in detecting log format (Daniel P. Berrange)
- qemu_migration: Avoid crashing if domain dies too quickly (Michal Privoznik)
- util: fix two virCompareLimitUlong bugs (Bing Bu Cao)
- storage_backend: Fix issue with allocation of 0 length volume (John Ferlan)
- qemu: Init @pcidevs in qemuPrepareHostdevPCIDevices (Michal Privoznik)
- LXC: Fix handling of RAM filesystem size units (Ján Tomko)
- Don't clobber 'ret' variable in testCompareXMLToXMLHelper (Daniel P.
Berrange)
- Adjust legacy max payload size to account for header information (Claudio Bley)
- storage: fix file allocation behavior in file cloning (Oskari Saarenmaa)
- virfile: safezero: fix buffer allocation max size (Oskari Saarenmaa)
- test: Fix coverity warnings (Cole Robinson)
- nodedev: Resolve Relax-NG validity error (John Ferlan)
- Free cmd in virNetDevVethCreate (Gao feng)
- Free cmd in virNetDevVethDelete (Gao feng)
- qemu: check actual netdev type rather than config netdev type during init (Laine Stump)
- qemuMonitorTestFree: Join worker thread (Michal Privoznik)
- Avoid deleting NULL veth device name (Daniel P. Berrange)
- qemuMonitorJSONSendKey: Avoid double free (Michal Privoznik)
- qemuMonitorJSONGetVirtType: Fix error message (Michal Privoznik)
- qemu: cgroup: Fix crash if starting nographics guest (Cole Robinson)
- selinux: Only close the selabel_handle once (Ján Tomko)
- Fix handling of IPv6 listen addresses in cmdDomDisplay (Ján Tomko)
- util: recognize SMB/CIFS filesystems as shared (Laine Stump)
- Fix leak of objects when reconnecting to QEMU instances (Daniel P. Berrange)
Improvements:
- libxl: fix dubious cpumask handling in libxlDomainSetVcpuAffinities (Jeremy
Fitzhardinge)
- Improve debugging of QEMU start/stop (Daniel P. Berrange)
- Improve debugging of job enter/exit code (Daniel P. Berrange)
- storage: use correct type for array count (Eric Blake)
- maint: avoid further typedef accidents (Eric Blake)
- libvirt.c: indent code of virDomainGetMemoryParameters's documentation (Claudio
Bley)
- libvirt.c: add 2 spaces of indentation to example code of virStreamSend (Claudio Bley)
- Add '+' to uid/gid printing for label processing (John Ferlan)
- Push RPM deps down into libvirt-daemon-driver-XXXX sub-RPMs (Daniel P. Berrange)
- capabilities: add baselabel per sec driver/virt type to secmodel (Giuseppe Scrivano)
- security: add new internal function "virSecurityManagerGetBaseLabel" (Giuseppe
Scrivano)
- security: use a single function to set DAC user and group (Giuseppe Scrivano)
- virsh: new environment variable VIRSH_HISTSIZE (Pavel Raiskup)
- maint: update to latest gnulib (Eric Blake)
- Skip debug message in lxcContainerSetID if no map is set. (Chen Hanxiao)
- Avoid Coverity DEADCODE warning (John Ferlan)
- virsh: allow alias to expand to opt=value pair (Eric Blake)
- Ignore GNU Global tag files (Martin Kletzander)
- build: Fix prohibit_int_ijk (and iijjkk) on RHEL 5 (Martin Kletzander)
- Get rid of shadowed booleans (Michal Privoznik)
- vircgroupmock: Mock access() to some more files (Michal Privoznik)
- tests: Use lv_abs_top_builddir instead of bare abs_top_builddir (Michal Privoznik)
- qemu: move qemuDomainRemoveNetDevice to avoid forward reference (Laine Stump)
- qemu: simplify calling qemuDomainHostdevNetConfigRestore (Laine Stump)
- Move virt-login-shell into libvirt-login-shell sub-RPM (Daniel P. Berrange)
- Block all use of libvirt.so in setuid programs (Daniel P. Berrange)
- Remove (nearly) all use of getuid()/getgid() (Daniel P. Berrange)
- Don't allow remote driver daemon autostart when running setuid (Daniel P. Berrange)
- Only allow the UNIX transport in remote driver when setuid (Daniel P. Berrange)
- Block all use of getenv with syntax-check (Daniel P. Berrange)
- Remove all direct use of getenv (Daniel P. Berrange)
- Make virCommand env handling robust in setuid env (Daniel P. Berrange)
- Set a sane $PATH for virt-login-shell (Daniel P. Berrange)
- Add helpers for getting env vars in a setuid environment (Daniel P. Berrange)
- qemu: Fix augeas support for migration ports (Michal Privoznik)
- qemu: Make migration port range configurable (Jiri Denemark)
- netcf: Don't complain when cleanup is called before init (Christophe Fergeau)
- virsh: improve usability of '--print-xml' flag for attach-disk command (Chen
Hanxiao)
- esx: Remove unnecessary NULL comparisons (3/3) (Geoff Hickey)
- esx: Remove unnecessary NULL comparisons (2/3) (Geoff Hickey)
- esx: Remove unnecessary NULL comparisons (1/3) (Geoff Hickey)
- Add support for enabling SASL for SPICE guests (Daniel P. Berrange)
- qemuDomainCleanupRemove: s/memmove/VIR_DELETE_ELEMENT_INPLACE/ (Michal Privoznik)
- build: use the gnulib version of the .m4 files when present (Giuseppe Scrivano)
- storage: allow interleave in pool XML (Eric Blake)
- Add some logging to LXC disk/fs nbd/loop setup (Daniel P. Berrange)
- Add logging to LXC cgroup devices setup (Daniel P. Berrange)
- Add log statement when NBD device is setup (Daniel P. Berrange)
- AArch64: Add qemu capabilities schemeta for test. (Pranavkumar Sawargaonkar)
- Implement minimal sysinfo for AArch64 platforms. (Pranavkumar Sawargaonkar)
- AArch64: Parse cputopology from /proc/cpuinfo. (Pranavkumar Sawargaonkar)
- AArch64: CPU Support for AArch64 (ARMv8 64bit). (Pranavkumar Sawargaonkar)
- AArch64: Add AArch64 architecture to list of valid arches. (Pranavkumar Sawargaonkar)
- cpu: x86: Clean up error messages in x86VendorLoad() (Peter Krempa)
- cpu: x86: Use whitespace to clarify context and use consistent labels (Peter Krempa)
- cpu: x86: Fix function header formatting and whitespace (Peter Krempa)
- cpu: x86: Fix return types of x86cpuidMatch and x86cpuidMatchMasked (Peter Krempa)
- cpu: x86: Rename data_iterator and DATA_ITERATOR_INIT (Peter Krempa)
- cpu: x86: Rename x86DataAddCpuid as virCPUx86DataAddCPUID (Jiri Denemark)
- cpu: x86: Rename x86MakeCPUData as virCPUx86MakeData (Jiri Denemark)
- cpu: x86: Rename x86DataFree() as virCPUx86DataFree() (Jiri Denemark)
- cpu: x86: Rename struct cpuX86Data as virCPUx86Data (Jiri Denemark)
- cpu: x86: Rename struct cpuX86cpuid as virCPUx86CPUID (Jiri Denemark)
- cpu: Add support for loading and storing CPU data (Jiri Denemark)
- qemu: command: Fix macro indentation (Peter Krempa)
- conf: Mark user provided strings in error messages when parsing XML (Peter Krempa)
- schema: Rename option 'hypervtristate' to 'featurestate' (Peter Krempa)
- fix typo in lxc_driver.c and virsh-nodedev.c (Hongwei Bi)
- build: Add lxc testcase to dist list (Daniel Hansel)
- cgroup: leave blkio cgroup value checking to kernel (Chen Hanxiao)
- cgroup: show error when EINVAL is returned (Chen Hanxiao)
- vbox: merge duplicate state conversions (Ryota Ozaki)
- build: syntax check to avoid 'const fooPtr' (Eric Blake)
- maint: avoid 'const fooPtr' in all remaining places (Eric Blake)
- maint: avoid 'const fooPtr' in qemu (Eric Blake)
- maint: avoid 'const fooPtr' in security (Eric Blake)
- maint: avoid 'const fooPtr' in conf (Eric Blake)
- maint: avoid 'const fooPtr' in domain_conf (Eric Blake)
- maint: fix awkward typing of virDomainChrGetDomainPtrs (Eric Blake)
- maint: avoid 'const fooPtr' in python bindings (Eric Blake)
- maint: avoid 'const fooPtr' in tests (Eric Blake)
- maint: avoid 'const fooPtr' in nwfilter files (Eric Blake)
- maint: avoid 'const fooPtr' in cpu files (Eric Blake)
- maint: avoid 'const fooPtr' in virnet files (Eric Blake)
- maint: avoid 'const fooPtr' in several util files (Eric Blake)
- maint: avoid 'const fooPtr' in hashes (Eric Blake)
- maint: avoid 'const fooPtr' in public API (Eric Blake)
- Improve log filtering in virLXCProcessReadLogOutputData (Daniel P. Berrange)
- Ensure lxcContainerResolveSymlinks reports errors (Daniel P. Berrange)
- Ensure lxcContainerMain reports errors on stderr (Daniel P. Berrange)
- VMX: Serial devices don't have to be attached (Doug Goldstein)
- Revert "VMX: Some serial ports are not actually connected" (Doug Goldstein)
- qemu: snapshot: Add support for compressing external snapshot memory (Peter Krempa)
- qemu: managedsave: Add support for compressing managed save images (Peter Krempa)
- Improve error reporting with LXC controller (Daniel P. Berrange)
- Make LXC controller use a private dbus connection & close it (Daniel P. Berrange)
- Add a method for closing the dbus system bus connection (Daniel P. Berrange)
- Allow use of a private dbus bus connection (Daniel P. Berrange)
- VMware: Do version detection earlier (Doug Goldstein)
- VMware: Simplify array walk for driver type (Doug Goldstein)
- qemu: Include listenAddress in debug prints (Michal Privoznik)
- Move virNetDevVPort enum impl into virnetdevvportprofile.c (Daniel P. Berrange)
- qemu_conf: Introduce "migration_address" (Michal Privoznik)
- qemu: Implement support for VIR_MIGRATE_PARAM_LISTEN_ADDRESS (Michal Privoznik)
- virsocket: Introduce virSocketAddrIsWildcard (Michal Privoznik)
- Migration: Introduce VIR_MIGRATE_PARAM_LISTEN_ADDRESS (Michal Privoznik)
- qemu: Introduce qemuDomainDefCheckABIStability (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONSendKey (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetVirtType (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetCPUInfo (Michal Privoznik)
- qemumonitorjsontest: Extend the test for yet another monitor commands (Michal
Privoznik)
- qemu: Prefer VFIO for PCI device passthrough (Peter Krempa)
- qemu: hostdev: Add checks if PCI passthrough is available in the host (Peter Krempa)
- qemu: hostdev: Fix function spacing and header formatting (Peter Krempa)
- qemu: refactor qemuCompressProgramAvailable() (Peter Krempa)
- qemu: Fix coding style in qemuDomainSaveFlags() (Peter Krempa)
- storage: Use bool instead of int (Ján Tomko)
- tests: Add qemu test for multiple timers (Cole Robinson)
- qemu: hostdev: Refactor PCI passhrough handling (Peter Krempa)
- virerror: s/VIR_ERR_STORAGE_VOL_EXISTS/VIR_ERR_STORAGE_VOL_EXISTS/ (Michal Privoznik)
- fix a ambiguous output of the command:'virsh vol-create-as' (Hongwei Bi)
- build: add configure --without-readline (Eric Blake)
- build: move readline check into its own macro (Eric Blake)
- build: kill maintainer mode, always rebuild by default (Eric Blake)
- Remove use of virConnectPtr from all remaining nwfilter code (Daniel P. Berrange)
- Don't pass virConnectPtr in nwfilter 'struct domUpdateCBStruct' (Daniel P.
Berrange)
- Remove virConnectPtr arg from virNWFilterDefParse* (Daniel P. Berrange)
- qemu: Use maximum guest memory size when getting NUMA placement advice (Peter Krempa)
- virfile: safezero: fall back to writing block by block if mmap fails (Oskari Saarenmaa)
- test: snapshot: Add REDEFINE support (Cole Robinson)
- qemu: snapshot: Break out redefine preparation to shared function (Cole Robinson)
- test: Implement snapshot create/delete/revert APIs (Cole Robinson)
- test: Allow specifying domainsnapshot XML (Cole Robinson)
- qemu: snapshots: Simplify REDEFINE flag check (Cole Robinson)
- qemucapabilitiesdata: Add qemu-1.6.50 data (Michal Privoznik)
- qemucapabilitiesdata: Add qemu-1.6.0 data (Michal Privoznik)
- qemucapabilitiesdata: Add qemu-1.4.2 data (Michal Privoznik)
- qemucapabilitiesdata: Add qemu-1.3.1 data (Michal Privoznik)
- qemucapabilitiesdata: Add qemu-1.2.2 data (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONSystemPowerdown (Michal Privoznik)
- Use 'vnet' as prefix for veth devices (Daniel P. Berrange)
- Retry veth device creation on failure (Daniel P. Berrange)
- Avoid reporting an error if veth device is already deleted (Daniel P. Berrange)
- Don't set netdev offline in container cleanup (Daniel P. Berrange)
- qemumonitorjsontest: Test qemuMonitorJSONGetMigrationCapability (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetTargetArch (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONSetBlockIoThrottle (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetPtyPaths (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetSpiceMigrationStatus (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetMigrationStatus (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetMigrationCacheSize (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetBlockStatsInfo (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetBlockInfo (Michal Privoznik)
- qemumonitorjsontest: Test qemuMonitorJSONGetBalloonInfo (Michal Privoznik)
- qemu_hotplug: Allow QoS update in qemuDomainChangeNet (Michal Privoznik)
- virNetDevBandwidthEqual: Make it more robust (Michal Privoznik)
- test: Implement readonly snapshot APIs (Cole Robinson)
- test: Wire up managed save APIs (Cole Robinson)
- test: Allow specifying object transient state in driver XML (Cole Robinson)
- tests: Introduce qemucapabilitiestest (Michal Privoznik)
- qemuMonitorTest: Make check for monitor command match optional (Michal Privoznik)
- tests: Learn qemuMonitorTestNew optional greeting (Michal Privoznik)
- qemu_capabilities: Introduce virQEMUCapsInitQMPMonitor (Michal Privoznik)
Cleanups:
- xenapi: fix coding style in xenapi_driver.c (Hongwei Bi)
- virsh: undocument --shareable (--mode already covers it) (Eric Blake)
- Remove test case average timing (Daniel P. Berrange)
- Remove existing OOM test impl (Daniel P. Berrange)
Thanks everybody for everyone who helped for this release, be it for
documentation, bug reports, patches, etc ...
Enjoy !
Daniel
--
Daniel Veillard | Open Source and Standards, Red Hat
veillard(a)redhat.com | libxml Gnome XML XSLT toolkit
http://xmlsoft.org/
http://veillard.com/ | virtualization library
http://libvirt.org/