From e20f891181f01660c3aa704687ecae72eb6c3492 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@mimuw.edu.pl>
Date: Thu, 14 Jul 2011 02:02:02 +0200
Subject: [PATCH] Custom initramfs for dom0 (#7, #55)

New initramfs contains:
 - all modules needed for AESNI
 - pciback bounded to all network devices - to prevent loading real drivers in
   dom0
---
 kernel-xenlinux.spec | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/kernel-xenlinux.spec b/kernel-xenlinux.spec
index 56f997c..b014b73 100644
--- a/kernel-xenlinux.spec
+++ b/kernel-xenlinux.spec
@@ -307,9 +307,21 @@ do
 done
 
 %post
+
+#Find all network devices
+HIDE_PCI=`lspci -mm -n | grep '^[^ ]* "02'|awk '{ ORS="";print "(" $1 ")";}'`
+
+echo "# This file is autogenerated by kernel post-install script" > /etc/modprobe.d/pciback.conf
+echo "# DO NOT EDIT" >> /etc/modprobe.d/pciback.conf
+echo "" >> /etc/modprobe.d/pciback.conf
+echo "options pciback hide=$HIDE_PCI" >> /etc/modprobe.d/pciback.conf
+
+dracut --force --add-drivers 'xts aesni-intel aes-x86_64 crc32c-intel fpu ghash-clmulni-intel salsa20-x86_64 twofish-x86_64 pciback' \
+    /boot/initramfs-%{kernelrelease}.img %{kernelrelease}
+
 /sbin/new-kernel-pkg --package %{name}-%{kernelrelease}\
-        --mkinitrd --depmod --dracut\
-        --kernel-args="max_loop=255"\
+        --initrdfile=/boot/initramfs-%{kernelrelease}.img\
+        --depmod --kernel-args="max_loop=255 rdloaddriver=pciback"\
         --multiboot=/boot/xen.gz --banner="Qubes"\
         --make-default --install %{kernelrelease}
 
@@ -327,6 +339,7 @@ fi
 %files
 %defattr(-, root, root)
 %ghost /boot/initramfs-%{kernelrelease}.img
+%ghost %attr(0644, root, root) /etc/modprobe.d/pciback.conf
 /boot/System.map-%{kernelrelease}
 /boot/config-%{kernelrelease}
 /boot/symvers-%kernelrelease.gz