From 48633e28cb8635c76c0237dfabb1137ffe7d6ef6 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sat, 2 Jul 2011 00:31:02 +0200 Subject: [PATCH 01/12] 2.6.38.3-3 --- rel | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rel b/rel index 0cfbf08..00750ed 100644 --- a/rel +++ b/rel @@ -1 +1 @@ -2 +3 From 5d31a4cc98b88635b67d7906db791054d2f4a68b Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sun, 3 Jul 2011 20:51:47 +0200 Subject: [PATCH 02/12] Mount /lib/modules at initramfs phase (#263) This isn't elegant but /etc/rc.d/rc.sysinit requires modules at very early phase - before any customizable script (just before calling /etc/sysconfig/modules/*.modules). --- kernel-xenlinux.spec | 1 + vm-initramfs-pre-pivot/50_mount_modules.sh | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100755 vm-initramfs-pre-pivot/50_mount_modules.sh diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index 37b15e2..62c32bd 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -288,6 +288,7 @@ mkdir -p %buildroot/%vm_install_dir /sbin/dracut --nomdadmconf --nolvmconf \ --kmoddir %buildroot/lib/modules/%kernelrelease \ --include %_sourcedir/vm-initramfs-pre-udev /pre-udev \ + --include %_sourcedir/vm-initramfs-pre-pivot /pre-pivot \ --add-drivers xenblk \ %buildroot/%vm_install_dir/initramfs %kernelrelease diff --git a/vm-initramfs-pre-pivot/50_mount_modules.sh b/vm-initramfs-pre-pivot/50_mount_modules.sh new file mode 100755 index 0000000..d12c4c6 --- /dev/null +++ b/vm-initramfs-pre-pivot/50_mount_modules.sh @@ -0,0 +1,10 @@ +# +# This file should be places in pre-pivot directory in dracut's initramfs +# + +#!/bin/sh + +echo "Waiting for /dev/xvdd device..." +while ! [ -e /dev/xvdd ]; do sleep 0.1; done + +mount -n -t ext3 -o ro /dev/xvdd $NEWROOT/lib/modules From 7cea95338ed8bb4214325b179a693cf91fba721d Mon Sep 17 00:00:00 2001 From: Joanna Rutkowska Date: Sat, 2 Jul 2011 14:49:17 +0200 Subject: [PATCH 03/12] Makefile: update-repo-installer --- Makefile.common | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Makefile.common b/Makefile.common index 0962b83..ce2789a 100644 --- a/Makefile.common +++ b/Makefile.common @@ -111,6 +111,11 @@ update-repo-unstable: ln -f rpm/x86_64/kernel-devel-$(VERSION)-$(RELEASE)*.rpm $$vmrepo/rpm/ ;\ done +update-repo-installer: + ln -f rpm/x86_64/kernel-$(VERSION)-$(RELEASE)*.rpm ../installer/yum/qubes-dom0/rpm/ + ln -f rpm/x86_64/kernel-qubes-vm-$(VERSION)-$(RELEASE)*.rpm ../installer/yum/qubes-dom0/rpm/ + cd ../installer/yum && ./update_repo.sh + # mop up, printing out exactly what was mopped. .PHONY : clean From 3bce01fb11ade09cc46b6333011770d61309bdf0 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sat, 9 Jul 2011 20:12:46 +0200 Subject: [PATCH 04/12] Fix mounting /lib/modules in initramfs, reduce initramfs size (#263) --- kernel-xenlinux.spec | 5 ++--- .../pre-pivot}/50_mount_modules.sh | 0 .../pre-udev}/90_qubes_cow_setup.sh | 0 3 files changed, 2 insertions(+), 3 deletions(-) rename {vm-initramfs-pre-pivot => vm-initramfs/pre-pivot}/50_mount_modules.sh (100%) rename {vm-initramfs-pre-udev => vm-initramfs/pre-udev}/90_qubes_cow_setup.sh (100%) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index 62c32bd..25f1e7d 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -287,9 +287,8 @@ fi mkdir -p %buildroot/%vm_install_dir /sbin/dracut --nomdadmconf --nolvmconf \ --kmoddir %buildroot/lib/modules/%kernelrelease \ - --include %_sourcedir/vm-initramfs-pre-udev /pre-udev \ - --include %_sourcedir/vm-initramfs-pre-pivot /pre-pivot \ - --add-drivers xenblk \ + --include %_sourcedir/vm-initramfs / \ + -d "xenblk cdrom ext4 jbd2 crc16 dm_snapshot" \ %buildroot/%vm_install_dir/initramfs %kernelrelease cp -p arch/x86/boot/vmlinuz %buildroot/%vm_install_dir/vmlinuz diff --git a/vm-initramfs-pre-pivot/50_mount_modules.sh b/vm-initramfs/pre-pivot/50_mount_modules.sh similarity index 100% rename from vm-initramfs-pre-pivot/50_mount_modules.sh rename to vm-initramfs/pre-pivot/50_mount_modules.sh diff --git a/vm-initramfs-pre-udev/90_qubes_cow_setup.sh b/vm-initramfs/pre-udev/90_qubes_cow_setup.sh similarity index 100% rename from vm-initramfs-pre-udev/90_qubes_cow_setup.sh rename to vm-initramfs/pre-udev/90_qubes_cow_setup.sh From 8ec4b0913454c4019894e16b9cba402c830a3c95 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sat, 9 Jul 2011 23:45:24 +0200 Subject: [PATCH 05/12] Use plain version (without release) as vm-kernel subdir This prevent breaking VM settings when using non-default kernel version. --- kernel-xenlinux.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index 25f1e7d..f4ca89c 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -19,7 +19,7 @@ %define build_src_dir %my_builddir/linux-%version %define src_install_dir /usr/src/kernels/%kernelrelease %define kernel_build_dir %my_builddir/linux-obj -%define vm_install_dir /var/lib/qubes/vm-kernels/%kernelrelease +%define vm_install_dir /var/lib/qubes/vm-kernels/%version %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes}) @@ -401,7 +401,7 @@ umount /tmp/qubes-modules-%kernelrelease rmdir /tmp/qubes-modules-%kernelrelease mv /tmp/qubes-modules-%kernelrelease.img %vm_install_dir/modules.img -qvm-set-default-kernel %{kernelrelease} +qvm-set-default-kernel %version %files qubes-vm %defattr(-, root, root) From 22c5120d94ba106e48f2d14877ac3a9e56024572 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 12 Jul 2011 01:09:40 +0200 Subject: [PATCH 06/12] Provide kernel-uname-r For kmod-Standard 2 packages (eg nvidia kmod) --- kernel-xenlinux.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index f4ca89c..b023224 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -54,6 +54,7 @@ Conflicts: sysfsutils < 2.0 Conflicts: udev < 118 Conflicts: lvm2 < 2.02.33 Provides: kernel = %version-%kernelrelease +Provides: kernel-uname-r = %version-%kernelrelease Source0: linux-%version.tar.bz2 Source14: series.conf @@ -339,6 +340,7 @@ License: GPL v2 only Group: Development/Sources Provides: multiversion(kernel) Provides: %name-devel = %version-%kernelrelease +Provides: kernel-devel-uname-r = %version-%kernelrelease AutoReqProv: on %description devel From 9de931dff9539519f6ebc3c3adf3244a7de4d610 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sat, 9 Jul 2011 14:29:22 +0200 Subject: [PATCH 07/12] v2.6.38.3-4 --- rel | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rel b/rel index 00750ed..b8626c4 100644 --- a/rel +++ b/rel @@ -1 +1 @@ -3 +4 From 1fb715d0996df18d7a0d99dc45365ad496ae2341 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Thu, 14 Jul 2011 02:01:37 +0200 Subject: [PATCH 08/12] Fix versions of Provides: --- kernel-xenlinux.spec | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index b023224..56f997c 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -53,8 +53,8 @@ Conflicts: sysfsutils < 2.0 # root-lvm only works with newer udevs Conflicts: udev < 118 Conflicts: lvm2 < 2.02.33 -Provides: kernel = %version-%kernelrelease -Provides: kernel-uname-r = %version-%kernelrelease +Provides: kernel = %kernelrelease +Provides: kernel-uname-r = %kernelrelease Source0: linux-%version.tar.bz2 Source14: series.conf @@ -339,8 +339,8 @@ Summary: Development files necessary for building kernel modules License: GPL v2 only Group: Development/Sources Provides: multiversion(kernel) -Provides: %name-devel = %version-%kernelrelease -Provides: kernel-devel-uname-r = %version-%kernelrelease +Provides: %name-devel = %kernelrelease +Provides: kernel-devel-uname-r = %kernelrelease AutoReqProv: on %description devel From e20f891181f01660c3aa704687ecae72eb6c3492 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Thu, 14 Jul 2011 02:02:02 +0200 Subject: [PATCH 09/12] Custom initramfs for dom0 (#7, #55) New initramfs contains: - all modules needed for AESNI - pciback bounded to all network devices - to prevent loading real drivers in dom0 --- kernel-xenlinux.spec | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index 56f997c..b014b73 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -307,9 +307,21 @@ do done %post + +#Find all network devices +HIDE_PCI=`lspci -mm -n | grep '^[^ ]* "02'|awk '{ ORS="";print "(" $1 ")";}'` + +echo "# This file is autogenerated by kernel post-install script" > /etc/modprobe.d/pciback.conf +echo "# DO NOT EDIT" >> /etc/modprobe.d/pciback.conf +echo "" >> /etc/modprobe.d/pciback.conf +echo "options pciback hide=$HIDE_PCI" >> /etc/modprobe.d/pciback.conf + +dracut --force --add-drivers 'xts aesni-intel aes-x86_64 crc32c-intel fpu ghash-clmulni-intel salsa20-x86_64 twofish-x86_64 pciback' \ + /boot/initramfs-%{kernelrelease}.img %{kernelrelease} + /sbin/new-kernel-pkg --package %{name}-%{kernelrelease}\ - --mkinitrd --depmod --dracut\ - --kernel-args="max_loop=255"\ + --initrdfile=/boot/initramfs-%{kernelrelease}.img\ + --depmod --kernel-args="max_loop=255 rdloaddriver=pciback"\ --multiboot=/boot/xen.gz --banner="Qubes"\ --make-default --install %{kernelrelease} @@ -327,6 +339,7 @@ fi %files %defattr(-, root, root) %ghost /boot/initramfs-%{kernelrelease}.img +%ghost %attr(0644, root, root) /etc/modprobe.d/pciback.conf /boot/System.map-%{kernelrelease} /boot/config-%{kernelrelease} /boot/symvers-%kernelrelease.gz From 1382dccd77dcc6972364530602bb63f53c311903 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Thu, 14 Jul 2011 02:04:23 +0200 Subject: [PATCH 10/12] v2.6.38.3-5 --- rel | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rel b/rel index b8626c4..7ed6ff8 100644 --- a/rel +++ b/rel @@ -1 +1 @@ -4 +5 From ea413eff37fa21d2661f9ab15bf5b8a7de2ab8c9 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 15 Jul 2011 12:50:38 +0200 Subject: [PATCH 11/12] Move initrd generation to separate script --- kernel-xenlinux.spec | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec index b014b73..f2e81c0 100644 --- a/kernel-xenlinux.spec +++ b/kernel-xenlinux.spec @@ -308,19 +308,14 @@ done %post -#Find all network devices -HIDE_PCI=`lspci -mm -n | grep '^[^ ]* "02'|awk '{ ORS="";print "(" $1 ")";}'` - -echo "# This file is autogenerated by kernel post-install script" > /etc/modprobe.d/pciback.conf -echo "# DO NOT EDIT" >> /etc/modprobe.d/pciback.conf -echo "" >> /etc/modprobe.d/pciback.conf -echo "options pciback hide=$HIDE_PCI" >> /etc/modprobe.d/pciback.conf - -dracut --force --add-drivers 'xts aesni-intel aes-x86_64 crc32c-intel fpu ghash-clmulni-intel salsa20-x86_64 twofish-x86_64 pciback' \ - /boot/initramfs-%{kernelrelease}.img %{kernelrelease} +INITRD_OPT="--mkinitrd --dracut" +if [ -x /usr/lib/qubes/regenerate_initramfs.sh ]; then + /usr/lib/qubes/regenerate_initramfs.sh "%{kernelrelease}" + INITRD_OPT="--initrdfile=/boot/initramfs-%{kernelrelease}.img" +fi /sbin/new-kernel-pkg --package %{name}-%{kernelrelease}\ - --initrdfile=/boot/initramfs-%{kernelrelease}.img\ + $INITRD_OPT \ --depmod --kernel-args="max_loop=255 rdloaddriver=pciback"\ --multiboot=/boot/xen.gz --banner="Qubes"\ --make-default --install %{kernelrelease} From 9d2ada0644d4d1a3af827bce55f7000a7f157f48 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sun, 17 Jul 2011 01:36:33 +0200 Subject: [PATCH 12/12] v2.6.38.3-6 --- rel | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rel b/rel index 7ed6ff8..1e8b314 100644 --- a/rel +++ b/rel @@ -1 +1 @@ -5 +6