* Thu Oct 1 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.1-8

- Disable sound backend, even when selinux is disabled (#524499)

libvirt-0.6.4-svirt-sound.patch

@@ -1,51 +0,0 @@
-From 127a39777e9809053bb98a9082e27c73543ccfa2 Mon Sep 17 00:00:00 2001
-From: Daniel P. Berrange <berrange@redhat.com>
-Date: Mon, 17 Aug 2009 08:32:08 +0100
-Subject: [PATCH] Disable sound cards when running sVirt
-
-Temporary hack till PulseAudio autostart problems are sorted out when
-SELinux enforcing (bz 486112)
-
-Fedora-patch: libvirt-0.6.4-svirt-sound.patch
----
- src/qemu_conf.c |   17 ++++++++++++++++-
- 1 files changed, 16 insertions(+), 1 deletions(-)
-
-diff --git a/src/qemu_conf.c b/src/qemu_conf.c
-index f92bcef..f3b4ef0 100644
---- a/src/qemu_conf.c
-+++ b/src/qemu_conf.c
-@@ -1510,6 +1510,20 @@ int qemudBuildCommandLine(virConnectPtr conn,
-     char uuid[VIR_UUID_STRING_BUFLEN];
-     char domid[50];
-     const char *cpu = NULL;
-+    int skipSound = 0;
-+
-+    if (driver->securityDriver &&
-+        driver->securityDriver->name &&
-+        STREQ(driver->securityDriver->name, "selinux") &&
-+        getuid() == 0) {
-+        static int soundWarned = 0;
-+        skipSound = 1;
-+        if (def->nsounds &&
-+            !soundWarned) {
-+            soundWarned = 1;
-+            VIR_WARN0("Sound cards for VMs are disabled while SELinux security model is active");
-+        }
-+    }
- 
-     uname_normalize(&ut);
- 
-@@ -2181,7 +2195,8 @@ int qemudBuildCommandLine(virConnectPtr conn,
-     }
- 
-     /* Add sound hardware */
--    if (def->nsounds) {
-+    if (def->nsounds &&
-+        !skipSound) {
-         int size = 100;
-         char *modstr;
-         if (VIR_ALLOC_N(modstr, size+1) < 0)
--- 
-1.6.2.5
-

libvirt-disable-audio-backend.patch

@@ -0,0 +1,77 @@
+From 4721ceb9b85daabe53804627473b06ced821c695 Mon Sep 17 00:00:00 2001
+From: Daniel P. Berrange <berrange@redhat.com>
+Date: Mon, 14 Sep 2009 11:23:20 +0100
+Subject: [PATCH] Allow control over QEMU audio backend
+
+When using VNC for graphics + keyboard + mouse, we shouldn't
+then use the host OS for audio. Audio should go back over
+VNC.
+
+When using SDL for graphics, we should use the host OS for
+audio since that's where the display is. We need to allow
+certain QEMU env variables to be passed through to guest
+too to allow choice of QEMU audio backend.
+
+* qemud/libvirtd.sysconf: Mention QEMU/SDL audio env vars
+* src/qemu_conf.c: Passthrough QEMU/SDL audio env for SDL display,
+  disable host audio for VNC display
+
+(cherry picked from commit b08e6d38ae7a0ed70300d7d82107f83fddb60f44)
+
+Fedora-patch: libvirt-disable-audio-backend.patch
+---
+ qemud/libvirtd.sysconf |    8 ++++++++
+ src/qemu_conf.c        |   14 ++++++++++++++
+ 2 files changed, 22 insertions(+), 0 deletions(-)
+
+diff --git a/qemud/libvirtd.sysconf b/qemud/libvirtd.sysconf
+index fe4596a..28080a0 100644
+--- a/qemud/libvirtd.sysconf
++++ b/qemud/libvirtd.sysconf
+@@ -7,3 +7,11 @@
+ 
+ # Override Kerberos service keytab for SASL/GSSAPI
+ #KRB5_KTNAME=/etc/libvirt/krb5.tab
++
++# Override the QEMU/SDL default audio driver probing when
++# starting virtual machines using SDL graphics
++#
++# NB these have no effect for VMs using VNC
++#QEMU_AUDIO_DRV=sdl
++#
++#SDL_AUDIODRIVER=pulse
+diff --git a/src/qemu_conf.c b/src/qemu_conf.c
+index f92bcef..0dd0624 100644
+--- a/src/qemu_conf.c
++++ b/src/qemu_conf.c
+@@ -2109,6 +2109,13 @@ int qemudBuildCommandLine(virConnectPtr conn,
+             ADD_ARG_LIT("-k");
+             ADD_ARG_LIT(def->graphics[0]->data.vnc.keymap);
+         }
++
++        /* QEMU implements a VNC extension for providing audio, so we
++         * set the audio backend to none, to prevent it opening the
++         * host OS audio devices since that causes security issues
++         * and is non-sensical when using VNC.
++         */
++        ADD_ENV_LIT("QEMU_AUDIO_DRV=none");
+     } else if ((def->ngraphics == 1) &&
+                def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL) {
+         char *xauth = NULL;
+@@ -2131,6 +2138,13 @@ int qemudBuildCommandLine(virConnectPtr conn,
+             ADD_ENV(display);
+         if (def->graphics[0]->data.sdl.fullscreen)
+             ADD_ARG_LIT("-full-screen");
++
++        /* If using SDL for video, then we should just let it
++         * use QEMU's host audio drivers, possibly SDL too
++         * User can set these two before starting libvirtd
++         */
++        ADD_ENV_COPY("QEMU_AUDIO_DRV");
++        ADD_ENV_COPY("SDL_AUDIODRIVER");
+     }
+ 
+     if (def->nvideos) {
+-- 
+1.6.2.5
+

libvirt-fix-drv-supports-feature-bogus-error.patch

@@ -1,4 +1,4 @@
-From 2f6e857ac7d6ed5cd417e684147dd9c98775ab3d Mon Sep 17 00:00:00 2001
+From 7692e1e19487c28454b1e5f6488d5574c70883f2 Mon Sep 17 00:00:00 2001
 From: Chris Lalancette <clalance@redhat.com>
 Date: Mon, 21 Sep 2009 14:53:31 +0200
 Subject: [PATCH] Don't do virSetConnError when virDrvSupportsFeature is successful.

libvirt-fix-net-hotunplug-double-free.patch

@@ -1,4 +1,4 @@
-From d09ff3c35c29d14760d5ea03559042cc024e09ab Mon Sep 17 00:00:00 2001
+From ba585ed6cff624c6c0f1f9801382fd6846466ee0 Mon Sep 17 00:00:00 2001
 From: Mark McLoughlin <markmc@redhat.com>
 Date: Thu, 17 Sep 2009 15:31:08 +0100
 Subject: [PATCH] Fix net/disk hot-unplug segfault

libvirt-fix-pci-hostdev-hotunplug-leak.patch

@@ -1,4 +1,4 @@
-From d04ac8624f5fabe7587982796f2e2161220b0fcc Mon Sep 17 00:00:00 2001
+From 17831d20051f8de8f1f7d661e8a23f4fe67c2153 Mon Sep 17 00:00:00 2001
 From: Mark McLoughlin <markmc@redhat.com>
 Date: Thu, 17 Sep 2009 15:32:45 +0100
 Subject: [PATCH] Fix leak in PCI hostdev hot-unplug

libvirt-fix-qemu-raw-format-save.patch

@@ -1,4 +1,4 @@
-From e50c91fdcea5d81e3eb2051c05f4e51a16c3e692 Mon Sep 17 00:00:00 2001
+From f1be5a4714e194a84840343e0937fe62463a18dc Mon Sep 17 00:00:00 2001
 From: Charles Duffy <Charles_Duffy@dell.com>
 Date: Fri, 18 Sep 2009 11:32:35 -0500
 Subject: [PATCH] Prevent attempt to call cat -c during virDomainSave to raw

libvirt-fix-usb-device-passthrough.patch

@@ -1,4 +1,4 @@
-From 16f20706f8d2f113bb6a49f56e415c16d438183e Mon Sep 17 00:00:00 2001
+From 6b12148864cf6a1d22a2cf4e0e9c48e9946331cb Mon Sep 17 00:00:00 2001
 From: Mark McLoughlin <markmc@redhat.com>
 Date: Wed, 30 Sep 2009 18:37:03 +0100
 Subject: [PATCH] Fix USB device re-labelling
@@ -37,5 +37,5 @@ index bc295b1..b4dc153 100644
  
      case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: {
 -- 
-1.6.4.4
+1.6.2.5
 

libvirt.spec

@@ -151,15 +151,11 @@
 Summary: Library providing a simple API virtualization
 Name: libvirt
 Version: 0.7.1
-Release: 7%{?dist}%{?extra_release}
+Release: 8%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
 
-# Temporary hack till PulseAudio autostart problems are sorted
-# out when SELinux enforcing (bz 486112)
-Patch00: libvirt-0.6.4-svirt-sound.patch
-
 # A couple of hot-unplug memory handling fixes (#523953)
 Patch01: libvirt-fix-net-hotunplug-double-free.patch
 Patch02: libvirt-fix-pci-hostdev-hotunplug-leak.patch
@@ -173,6 +169,9 @@ Patch04: libvirt-fix-qemu-raw-format-save.patch
 # Fix USB device passthrough (#422683)
 Patch05: libvirt-fix-usb-device-passthrough.patch
 
+# Disable sound backend (#524499, #508317)
+Patch06: libvirt-disable-audio-backend.patch
+
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
 BuildRequires: python-devel
@@ -385,12 +384,12 @@ of recent versions of Linux (and other OSes).
 %prep
 %setup -q
 
-%patch00 -p1
 %patch01 -p1
 %patch02 -p1
 %patch03 -p1
 %patch04 -p1
 %patch05 -p1
+%patch06 -p1
 
 %build
 %if ! %{with_xen}
@@ -781,6 +780,9 @@ fi
 %endif
 
 %changelog
+* Thu Oct  1 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.1-8
+- Disable sound backend, even when selinux is disabled (#524499)
+
 * Wed Sep 30 2009 Mark McLoughlin <markmc@redhat.com> - 0.7.1-7
 - Fix USB device passthrough (#522683)