Issued:: 2013-04-09
Updated:: 2013-04-09

RHBA-2013:0725 - libvirt bug fix update

Synopsis

libvirt bug fix update

Type/Severity

Bug Fix Advisory

Topic

Updated libvirt packages that fix two bugs are now available for Red Hat Enterprise Linux 6.

Description

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

This update fixes the following bugs:

When SELinux was disabled on a host, or the qemu driver was configured not to use it, and the domain XML configuration contained an explicit seclabel option, the code parsed the seclabel option, but ignored it later on when it was generating labels on domain start, and created a new and empty seclabel entry [seclabeltype='none'/]. Consequently, a migration between two hosts running Red Hat Enterprise Linux 6.4 failed with the following error message:

libvirtError: XML error: missing security model when using multiple labels

With this update, if a seclabel entry already exists, a new one is no longer created, and the migration works as expected in the described scenario. (BZ#928879)

An ABI inconsistency in messages of the kernel netlink protocol between Red Hat Enterprise Linux versions 6.3, 6.4, and 6.4.z was causing errors when libvirt sent a netlink NLM_F_REQUEST message if the libvirt binary had been built using kernel header files from a different version of the kernel than the version on the machine running libvirt. Consequently, PCI passthrough device assignments of SR-IOV network devices failed if they used the [interface type='hostdev'] option, or if the libvirt network was set with the [forward mode='hostdev'] option. In such a case, the following error message or a similar one was returned:

error dumping (eth3) (3) interface: Invalid argument

With this update, libvirt retries the NLM_F_REQUEST message formatted appropriately for all three versions of the kernel. Now, a single libvirt binary successfully assigns SR-IOV network devices to a guest using PCI passthrough on a host running any version of Red Hat Enterprise Linux 6 kernel. (BZ#928881)

Users of libvirt are advised to upgrade to these updated packages, which fix these bugs. After installing the updated packages, libvirtd will be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

Affected Products

Product	Version	Arch
Red Hat Virtualization	3	x86_64
Red Hat Storage for Public Cloud (via RHUI)	2.1	x86_64
Red Hat Gluster Storage Server for On-premise	2.1	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	6.4	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support	6.4	i386
Red Hat Enterprise Linux for Scientific Computing	6	x86_64
Red Hat Enterprise Linux for Power, big endian	6	ppc64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support	6.4	ppc64
Red Hat Enterprise Linux for IBM z Systems	6	s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support	6.4	s390x
Red Hat Enterprise Linux Workstation	6	x86_64
Red Hat Enterprise Linux Workstation	6	i386
Red Hat Enterprise Linux Server	6	x86_64
Red Hat Enterprise Linux Server	6	i386
Red Hat Enterprise Linux Server from RHUI	6	x86_64
Red Hat Enterprise Linux Server from RHUI	6	i386
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support	6	x86_64
Red Hat Enterprise Linux Server - Extended Update Support from RHUI	6.4	x86_64
Red Hat Enterprise Linux Server - Extended Update Support from RHUI	6.4	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support	6	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support	6	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension	6	x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension	6	i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems)	6	s390x
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)	6	s390x
Red Hat Enterprise Linux Server - AUS	6.4	x86_64
Red Hat Enterprise Linux Desktop	6	x86_64
Red Hat Enterprise Linux Desktop	6	i386

Updated Packages

libvirt-lock-sanlock-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-client-0.10.2-18.el6_4.3.ppc.rpm
libvirt-client-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.s390x.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.ppc64.rpm
libvirt-devel-0.10.2-18.el6_4.3.i686.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.s390.rpm
libvirt-python-0.10.2-18.el6_4.3.s390x.rpm
libvirt-client-0.10.2-18.el6_4.3.i686.rpm
libvirt-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-0.10.2-18.el6_4.3.src.rpm
libvirt-devel-0.10.2-18.el6_4.3.ppc64.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.i686.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.ppc.rpm
libvirt-0.10.2-18.el6_4.3.ppc64.rpm
libvirt-debuginfo-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-client-0.10.2-18.el6_4.3.s390.rpm
libvirt-devel-0.10.2-18.el6_4.3.s390.rpm
libvirt-client-0.10.2-18.el6_4.3.ppc64.rpm
libvirt-python-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-devel-0.10.2-18.el6_4.3.x86_64.rpm
libvirt-python-0.10.2-18.el6_4.3.i686.rpm
libvirt-0.10.2-18.el6_4.3.s390x.rpm
libvirt-devel-0.10.2-18.el6_4.3.ppc.rpm
libvirt-devel-0.10.2-18.el6_4.3.s390x.rpm
libvirt-0.10.2-18.el6_4.3.i686.rpm
libvirt-python-0.10.2-18.el6_4.3.ppc64.rpm
libvirt-client-0.10.2-18.el6_4.3.s390x.rpm

Fixes

This content is not included.BZ - 928879

CVEs

(none)

References

(none)

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.