diff --git a/SOURCES/libvirt-qemu-block-commit-Determine-relative-path-of-images-before-initializing.patch b/SOURCES/libvirt-qemu-block-commit-Determine-relative-path-of-images-before-initializing.patch
new file mode 100644
index 0000000..a6d2bf2
--- /dev/null
+++ b/SOURCES/libvirt-qemu-block-commit-Determine-relative-path-of-images-before-initializing.patch
@@ -0,0 +1,69 @@
+From 615457ad6a27f84b9c1898626dc691fe445ec852 Mon Sep 17 00:00:00 2001
+Message-Id: <615457ad6a27f84b9c1898626dc691fe445ec852@dist-git>
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 22 Nov 2017 18:20:49 +0100
+Subject: [PATCH] qemu: block commit: Determine relative path of images before
+ initializing
+
+Changing labelling of the images does not need to happen after setting
+the labeling and lock manager access. This saves the cleanup of the
+labeling if the relative path can't be determined.
+
+(cherry picked from commit 3488f449a63994c1a20e08cd6a7fe35de303e77a)
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1516717
+
+This commit simplifies backport of the actual patch, is simple and useful.
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/qemu/qemu_driver.c | 26 +++++++++++++-------------
+ 1 file changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 46016fb36e..f8df2d452d 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -17225,19 +17225,6 @@ qemuDomainBlockCommit(virDomainPtr dom,
+ goto endjob;
+ }
+
+- /* For the commit to succeed, we must allow qemu to open both the
+- * 'base' image and the parent of 'top' as read/write; 'top' might
+- * not have a parent, or might already be read-write. XXX It
+- * would also be nice to revert 'base' to read-only, as well as
+- * revoke access to files removed from the chain, when the commit
+- * operation succeeds, but doing that requires tracking the
+- * operation in XML across libvirtd restarts. */
+- clean_access = true;
+- if (qemuDomainDiskChainElementPrepare(driver, vm, baseSource, false) < 0 ||
+- (top_parent && top_parent != disk->src &&
+- qemuDomainDiskChainElementPrepare(driver, vm, top_parent, false) < 0))
+- goto endjob;
+-
+ if (flags & VIR_DOMAIN_BLOCK_COMMIT_RELATIVE &&
+ topSource != disk->src) {
+ if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_CHANGE_BACKING_FILE)) {
+@@ -17257,6 +17244,19 @@ qemuDomainBlockCommit(virDomainPtr dom,
+ }
+ }
+
++ /* For the commit to succeed, we must allow qemu to open both the
++ * 'base' image and the parent of 'top' as read/write; 'top' might
++ * not have a parent, or might already be read-write. XXX It
++ * would also be nice to revert 'base' to read-only, as well as
++ * revoke access to files removed from the chain, when the commit
++ * operation succeeds, but doing that requires tracking the
++ * operation in XML across libvirtd restarts. */
++ clean_access = true;
++ if (qemuDomainDiskChainElementPrepare(driver, vm, baseSource, false) < 0 ||
++ (top_parent && top_parent != disk->src &&
++ qemuDomainDiskChainElementPrepare(driver, vm, top_parent, false) < 0))
++ goto endjob;
++
+ /* Start the commit operation. Pass the user's original spelling,
+ * if any, through to qemu, since qemu may behave differently
+ * depending on whether the input was specified as relative or
+--
+2.15.1
+
diff --git a/SOURCES/libvirt-qemu-block-commit-Don-t-overwrite-error-when-rolling-back-disk-labels.patch b/SOURCES/libvirt-qemu-block-commit-Don-t-overwrite-error-when-rolling-back-disk-labels.patch
new file mode 100644
index 0000000..af45104
--- /dev/null
+++ b/SOURCES/libvirt-qemu-block-commit-Don-t-overwrite-error-when-rolling-back-disk-labels.patch
@@ -0,0 +1,46 @@
+From 8fc980241464db978fad2e86bc3d6916a173cbe9 Mon Sep 17 00:00:00 2001
+Message-Id: <8fc980241464db978fad2e86bc3d6916a173cbe9@dist-git>
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 22 Nov 2017 18:20:48 +0100
+Subject: [PATCH] qemu: block commit: Don't overwrite error when rolling back
+ disk labels
+
+Calls to qemuDomainDiskChainElementPrepare resets the original error,
+thus we need to save it in the cleanup path of qemuDomainBlockCommit.
+
+(cherry picked from commit c885b7fe1de1961391a117c033b4012a02cc8fca)
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1516717
+
+Helps resolve merge conflicts with the actual patch and is useful by
+itself.
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/qemu/qemu_driver.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index bfd7ff6c09..46016fb36e 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -17302,10 +17302,16 @@ qemuDomainBlockCommit(virDomainPtr dom,
+
+ endjob:
+ if (ret < 0 && clean_access) {
++ virErrorPtr orig_err = virSaveLastError();
+ /* Revert access to read-only, if possible. */
+ qemuDomainDiskChainElementPrepare(driver, vm, baseSource, true);
+ if (top_parent && top_parent != disk->src)
+ qemuDomainDiskChainElementPrepare(driver, vm, top_parent, true);
++
++ if (orig_err) {
++ virSetError(orig_err);
++ virFreeError(orig_err);
++ }
+ }
+ virStorageSourceFree(mirror);
+ qemuDomainObjEndJob(driver, vm);
+--
+2.15.1
+
diff --git a/SOURCES/libvirt-qemu-domain-Don-t-call-namespace-setup-for-storage-already-accessed-by-vm.patch b/SOURCES/libvirt-qemu-domain-Don-t-call-namespace-setup-for-storage-already-accessed-by-vm.patch
new file mode 100644
index 0000000..9f47835
--- /dev/null
+++ b/SOURCES/libvirt-qemu-domain-Don-t-call-namespace-setup-for-storage-already-accessed-by-vm.patch
@@ -0,0 +1,141 @@
+From cccfeedda80612c8ce2c48e4eed26fe6c51382f3 Mon Sep 17 00:00:00 2001
+Message-Id: <cccfeedda80612c8ce2c48e4eed26fe6c51382f3@dist-git>
+From: Peter Krempa <pkrempa@redhat.com>
+Date: Wed, 22 Nov 2017 18:20:50 +0100
+Subject: [PATCH] qemu: domain: Don't call namespace setup for storage already
+ accessed by vm
+
+When doing block commit we need to allow write for members of the
+backing chain so that we can commit the data into them.
+
+qemuDomainDiskChainElementPrepare was used for this which since commit
+786d8d91b4 calls qemuDomainNamespaceSetupDisk which has very adverse
+side-effects, namely it relabels the nodes to the same label it has in
+the main namespace. This was messing up permissions for the commit
+operation since its touching various parts of a single backing chain.
+
+Since we are are actually not introducing new images at that point add a
+flag for qemuDomainDiskChainElementPrepare which will refrain from
+calling to the namespace setup function.
+
+Calls from qemuDomainSnapshotCreateSingleDiskActive and
+qemuDomainBlockCopyCommon do introduce new members all calls from
+qemuDomainBlockCommit do not, so the calls are anotated accordingly.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1506072
+(cherry picked from commit 3746a38e7b9ae5342675547624122d55e73d6c81)
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1516717
+
+Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
+---
+ src/qemu/qemu_domain.c | 17 ++++++++++++++---
+ src/qemu/qemu_domain.h | 3 ++-
+ src/qemu/qemu_driver.c | 12 ++++++------
+ 3 files changed, 22 insertions(+), 10 deletions(-)
+
+diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
+index 68c1f3b7c5..dd70bd6367 100644
+--- a/src/qemu/qemu_domain.c
++++ b/src/qemu/qemu_domain.c
+@@ -5510,15 +5510,25 @@ qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver,
+
+ /**
+ * qemuDomainDiskChainElementPrepare:
++ * @driver: qemu driver data
++ * @vm: domain object
++ * @elem: source structure to set access for
++ * @readonly: setup read-only access if true
++ * @newSource: @elem describes a storage source which @vm can't access yet
+ *
+ * Allow a VM access to a single element of a disk backing chain; this helper
+ * ensures that the lock manager, cgroup device controller, and security manager
+- * labelling are all aware of each new file before it is added to a chain */
++ * labelling are all aware of each new file before it is added to a chain.
++ *
++ * When modifying permissions of @elem which @vm can already access (is in the
++ * backing chain) @newSource needs to be set to false.
++ */
+ int
+ qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver,
+ virDomainObjPtr vm,
+ virStorageSourcePtr elem,
+- bool readonly)
++ bool readonly,
++ bool newSource)
+ {
+ bool was_readonly = elem->readonly;
+ virQEMUDriverConfigPtr cfg = NULL;
+@@ -5531,7 +5541,8 @@ qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver,
+ if (virDomainLockImageAttach(driver->lockManager, cfg->uri, vm, elem) < 0)
+ goto cleanup;
+
+- if (qemuDomainNamespaceSetupDisk(driver, vm, elem) < 0)
++ if (newSource &&
++ qemuDomainNamespaceSetupDisk(driver, vm, elem) < 0)
+ goto cleanup;
+
+ if (qemuSetupImageCgroup(vm, elem) < 0)
+diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
+index 1a658bcf7e..68458ad9ae 100644
+--- a/src/qemu/qemu_domain.h
++++ b/src/qemu/qemu_domain.h
+@@ -642,7 +642,8 @@ void qemuDomainDiskChainElementRevoke(virQEMUDriverPtr driver,
+ int qemuDomainDiskChainElementPrepare(virQEMUDriverPtr driver,
+ virDomainObjPtr vm,
+ virStorageSourcePtr elem,
+- bool readonly);
++ bool readonly,
++ bool newSource);
+
+ int qemuDomainCleanupAdd(virDomainObjPtr vm,
+ qemuDomainCleanupCallback cb);
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index f8df2d452d..498f787ad3 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -14277,7 +14277,7 @@ qemuDomainSnapshotCreateSingleDiskActive(virQEMUDriverPtr driver,
+ }
+
+ /* set correct security, cgroup and locking options on the new image */
+- if (qemuDomainDiskChainElementPrepare(driver, vm, dd->src, false) < 0) {
++ if (qemuDomainDiskChainElementPrepare(driver, vm, dd->src, false, true) < 0) {
+ qemuDomainDiskChainElementRevoke(driver, vm, dd->src);
+ goto cleanup;
+ }
+@@ -16865,7 +16865,7 @@ qemuDomainBlockCopyCommon(virDomainObjPtr vm,
+ keepParentLabel) < 0)
+ goto endjob;
+
+- if (qemuDomainDiskChainElementPrepare(driver, vm, mirror, false) < 0) {
++ if (qemuDomainDiskChainElementPrepare(driver, vm, mirror, false, true) < 0) {
+ qemuDomainDiskChainElementRevoke(driver, vm, mirror);
+ goto endjob;
+ }
+@@ -17252,9 +17252,9 @@ qemuDomainBlockCommit(virDomainPtr dom,
+ * operation succeeds, but doing that requires tracking the
+ * operation in XML across libvirtd restarts. */
+ clean_access = true;
+- if (qemuDomainDiskChainElementPrepare(driver, vm, baseSource, false) < 0 ||
++ if (qemuDomainDiskChainElementPrepare(driver, vm, baseSource, false, false) < 0 ||
+ (top_parent && top_parent != disk->src &&
+- qemuDomainDiskChainElementPrepare(driver, vm, top_parent, false) < 0))
++ qemuDomainDiskChainElementPrepare(driver, vm, top_parent, false, false) < 0))
+ goto endjob;
+
+ /* Start the commit operation. Pass the user's original spelling,
+@@ -17304,9 +17304,9 @@ qemuDomainBlockCommit(virDomainPtr dom,
+ if (ret < 0 && clean_access) {
+ virErrorPtr orig_err = virSaveLastError();
+ /* Revert access to read-only, if possible. */
+- qemuDomainDiskChainElementPrepare(driver, vm, baseSource, true);
++ qemuDomainDiskChainElementPrepare(driver, vm, baseSource, true, false);
+ if (top_parent && top_parent != disk->src)
+- qemuDomainDiskChainElementPrepare(driver, vm, top_parent, true);
++ qemuDomainDiskChainElementPrepare(driver, vm, top_parent, true, false);
+
+ if (orig_err) {
+ virSetError(orig_err);
+--
+2.15.1
+
diff --git a/SPECS/libvirt.spec b/SPECS/libvirt.spec
index 73d1f1b..722b4c6 100644
--- a/SPECS/libvirt.spec
+++ b/SPECS/libvirt.spec
@@ -228,7 +228,7 @@
Summary: Library providing a simple virtualization API
Name: libvirt
Version: 3.2.0
-Release: 14%{?dist}.4%{?extra_release}
+Release: 14%{?dist}.5%{?extra_release}
License: LGPLv2+
Group: Development/Libraries
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -488,6 +488,9 @@ Patch245: libvirt-qemu-Separate-CPU-updating-code-from-qemuProcessReconnect.patc
Patch246: libvirt-conf-Introduce-virCPUDefFindFeature.patch
Patch247: libvirt-qemu-Filter-CPU-features-when-using-host-CPU.patch
Patch248: libvirt-qemu-Fix-CPU-model-broken-by-older-libvirt.patch
+Patch249: libvirt-qemu-block-commit-Don-t-overwrite-error-when-rolling-back-disk-labels.patch
+Patch250: libvirt-qemu-block-commit-Determine-relative-path-of-images-before-initializing.patch
+Patch251: libvirt-qemu-domain-Don-t-call-namespace-setup-for-storage-already-accessed-by-vm.patch
Requires: libvirt-daemon = %{version}-%{release}
Requires: libvirt-daemon-config-network = %{version}-%{release}
@@ -2336,6 +2339,11 @@ exit 0
%changelog
+* Fri Dec 1 2017 Jiri Denemark <jdenemar@redhat.com> - 3.2.0-14.el7_4.5
+- qemu: block commit: Don't overwrite error when rolling back disk labels (rhbz#1516717)
+- qemu: block commit: Determine relative path of images before initializing (rhbz#1516717)
+- qemu: domain: Don't call namespace setup for storage already accessed by vm (rhbz#1516717)
+
* Mon Nov 6 2017 Jiri Denemark <jdenemar@redhat.com> - 3.2.0-14.el7_4.4
- qemu: Pass virArch * to virQEMUCapsCPUFilterFeatures (rhbz#1508549)
- qemu: Publish virQEMUCapsCPUFilterFeatures (rhbz#1508549)