libvirt: Update to version 11.7.0

- Update from version 11.4.0 to 11.7.0
- Update of rootfile
- Changelog
    11.7.0
	New features
	  * Allow setting the log level of Cloud Hypervisor
	    Users can now configure the verbosity of Cloud Hypervisor by setting
	    the "log_level" option in ch.conf
	  * bhyve: experimental NAT networking support
	    The bhyve driver now has experimental NAT networking support
	    using the Packet Filter (pf) firewall.
	  * bhyve: domain statistics reporting
	    The bhyve driver now supports querying domain block, interface,
	    and memory statistics. Not all statistics fields are supported though.
	Improvements
	  * bhyve: improve 'efi' configuration autofill
	    When a domain is configured with ``<os firmware='efi'/>``, NVRAM
	    configuration is now autofilled.
    11.6.0
	New features
	  * Introduce VIR_CONNECT_BASELINE_CPU_IGNORE_HOST flag
	    This new flag for virConnectBaselineHypervisorCPU can be used for computing
	    a baseline CPU on any host. Without the VIR_CONNECT_BASELINE_CPU_IGNORE_HOST
	    flag the baseline API would return reasonable output only when run on one of
	    the hosts that the input CPU definitions were collected from.
	  * Allow control over QEMU TLS priority strings
	    The qemu.conf file now has multiple settings allowing control over the
	    QEMU TLS priority strings, for the different subsystems in QEMU that
	    can support TLS. This can be used to workaround a current bug in GNUTLS
	    that is liable to cause crashes of the source QEMU when performing long
	    running live migration operations with TLS enabled.
	  * Add support for disabling deprecated CPU model features by default for s390
	    domains. Starting an s390 domain with host-model will now default to
	    setting the ``deprecated_features`` attribute to ``off``, ensuring the
	    domain starts with a migration-compatible CPU model to newer systems. This
	    behavior can be modified by setting the ``default_cpu_deprecated_features``
	    option in the qemu.conf file.
	  * bhyve: Add TCP console support
	    TCP serial devices can now be configured with ``<serial type='tcp'>``::
	      <serial type='tcp'>
	        <source mode='bind' host='127.0.0.1' service='12345'/>
	        <target type='serial' port='0'/>
	      </serial>
	    Additionally, number of supported consoles increased to 4.
	  * qemu: Add support for RBD namespaces
	    Allow specifying the 'namespace' within a RBD image pool.
	Improvements
	  * qemu: Change default SCSI controller model to ``virtio-scsi`` for ARM and
	    RISC-V The previous default of ``lsilogic`` is unsupported by modern
	    operating systems. ``virtio-scsi`` is a more suitable default for ARM and
	    RISC-V ``virt`` machine types.
	  * Clarify documentation of virConnectBaselineHypervisorCPU
	    The documentation makes it clear virConnectBaselineHypervisorCPU is
	    supposed to be called on one of the hosts represented in the input CPU
	    definitions. Otherwise the API will give unexpected results.
	  * Allow specifying zero discard granularity for block devices
	    This can be used to tell some guest operating systems (notably Windows) to
	    not trim the disk.
	  * bhyve: Add timeout handling for bhyveload
	    It is now possible to run ``bhyveload`` with the ``timeout`` tool, which
	    can send ``SIGTERM`` and ``SIGKILL`` signals when timeout is reached.
	    Timeout values are set using the ``bhyveload_timeout`` and
	    ``bhyveload_timeout_kill`` configuration options in ``bhyve.conf``.
	  * nss: Improve debugging
	    Debugging messages from NSS modules can be now enabled by setting the
	    ``LIBVIRT_NSS_DEBUG`` environment variable. So far, there is no special
	    meaning to its value.
	  * rpc: Removed requirement for TLS certificates to support 'key encipherment'
	    With TLS 1.3, key encipherment is not required even for RSA keys. Other key
	    types didn't even support it so they were wrongly refused even in cases when
	    they would work with libvirt. The TLS certificate validation now no longer
	    requires 'key encipherment' to be enabled.
	Bug fixes
	  * bhyve: Fix resetting of the autostart flag of the domain on destroy.
	  * The nwfilter driver no longer recreates the base iptable/ip6tables chains
	    The nwfilter driver had a impl mistake causing it to recreate the
	    base chains for iptables/ip6tables every time a VM was started.
	    This allowed a small window where traffic might not be fully
	    filtered. It now handles iptables/ip6tables the same way as
	    ebtables, creating the base chains only if they did not already
	    exist.
	  * Fix systemd unit ordering for auto-shutdown of domains via the daemon
	    The ordering of systemd units created by libvirt for individual machines
	    needed to be adapted when the shutdown of VMs on host shutdown is done
	    via the virt daemon itself (rather than ``libvirt-guests.service``) to
	    ensure that the VMs are not terminated before the virt daemon can deal with
	    them.
    11.5.0
	Removed features
	  * qemu: Don't accept VIR_DUMP_LIVE flag in virDomainCoreDumpWithFormat()
	    Unfortunately, QEMU always pauses vCPUs when doing a core dump. Therefore,
	    there is no way for Libvirt to honor VIR_DUMP_LIVE flag semantics. Instead
	    of silently pretending the flag works, an appropriate error is now
	    reported.
	New features
	  * vmx: Add support for reporting NVMe disks in the domain XML
	  * qemu: Add support for NVMe disks
	    NVMe disks can now be emulated by using an ``nvme`` bus, but require a
	    serial due to the hypervisor::
	      <target dev='nvme0n1' bus='nvme'/>
	      <serial>qwertyuiop</serial>
	    Multiple disks can be represented as different namespaces on the same
	    controller, but they cannot have a different serial number due to the fact
	    that it is the controller which ultimately has the serial number attached to
	    it, but for ease of use it is automatically copied from the disk serial.
	  * esx: Add support for specifying alternative CA bundle for remote peer
	    verification. Users can now use ``cacert`` parameter in the URI to specify
	    a file path with CA certificate(s) that will be used for remote peer
	    certificate validation.
	  * qemu: add support for AMD IOMMU device
	    The ``amd`` model for the ``<iommu>`` device is now supported.
	    New attributes ``passtrhough`` and ``xtsup`` are also supported for this
	    model.
	Improvements
	  * Include supported console types in domain capabilities
	    Domain capabilities now include information about supported console types,
	    such as::
	      <console supported='yes'>
	        <enum name='type'>
	          <value>pty</value>
	          <value>tcp</value>
	        </enum>
	      </console>
	  * virsh: Add waiting for domain state via ``virsh await``
	    The new helper command ``virsh await`` simplifies waiting on domain state
	    which is normally announced via events. Currently two waiting conditions are
	    implemented: ``domain-inactive``, and ``guest-agent-available``.
	Bug fixes
	  * qemu: Be more forgiving when acquiring QUERY job when formatting domain XML
	    Since ``libvirt-11.0.0`` the ``virDomainGetXMLDesc()`` API used to format
	    domain XML acquires QUERY job. But this caused a regression when the API
	    might timeout for incoming migration. This is now fixed.
	  * qemu: Fix shared filesystem detection on nonexistent paths
	    Since ``libvirt-11.1.0`` nonexistent paths within directories marked as
	    shared filesystem (via the ``shared_filesystems`` option in ``qemu.conf``
	    would not be properly detected as being on a shared filesystem.
	  * qemu: Properly emulate USB cdrom device
	    CD-ROM devices on USB bus are now properly emulated as such which was not
	    the case since libvirt switched to the modern qemu commandline syntax for
	    storage backends.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/packages/libvirt | 13 ++++--
 lfs/libvirt                       | 66 +++++++++++++++----------------
 2 files changed, 41 insertions(+), 38 deletions(-)