debian: introduce qubes-kernel-vm-support package

This package is responsible for kernel modules and initramfs additions
needed in Qubes VM. When installed, it is possible to switch the VM to
use PV Grub and load the kernel from inside of VM. This greatly ease
installing custom kernel modules.

Changes:
 - make qubes_cow_setup.sh working with both dracut and initramfs-tools
 - add initramfs-tools configuration/scripts (including
         qubes_cow_setup.sh)
 - modify DESTDIR to handle multiple binary packages out of single
   source

QubesOS/qubes-issues#1354

Makefile

@@ -25,10 +25,16 @@ install:
 	$(MAKE) -C qmemman install
 	$(MAKE) -C core install
 
-install-kernel-support:
+install-fedora-kernel-support:
 	$(MAKE) -C dracut install
 	$(MAKE) -C kernel-modules install
 
+install-debian-kernel-support:
+	$(MAKE) -C initramfs-tools install
+	$(MAKE) -C kernel-modules install
+	# expand module version
+	echo debian/tmp/usr/src/u2mfn-*/dkms.conf > debian/qubes-kernel-vm-support.dkms
+
 clean:
 	$(MAKE) -C qrexec-lib clean
 	$(MAKE) -C qmemman clean

debian/control

@@ -2,7 +2,7 @@ Source: qubes-utils
 Section: admin
 Priority: extra
 Maintainer: Davíð Steinn Geirsson <david@dsg.is>
-Build-Depends: libvchan-xen-dev, libxen-dev, debhelper (>= 8.0.0), quilt (>= 0.60), dh-systemd
+Build-Depends: libvchan-xen-dev, libxen-dev, debhelper (>= 8.0.0), quilt (>= 0.60), dh-systemd, dkms
 Standards-Version: 3.9.3
 Homepage: http://www.qubes-os.org
 Vcs-Git: http://dsg.is/qubes/qubes-linux-utils.git
@@ -15,3 +15,15 @@ Conflicts: qubes-linux-utils
 Recommends: python2.7
 Description: Qubes Linux utilities
  This package includes the basic qubes utilities necessary for domU.
+
+Package: qubes-kernel-vm-support
+Architecture: any
+Depends: dkms, initramfs-tools, ${shlibs:Depends}, ${misc:Depends}
+Description: Qubes VM kernel and initramfs modules
+ This package contains:
+ 1. mkinitramfs module required to setup Qubes VM root filesystem. This package is
+ needed in VM only when the VM uses its own kernel (via pvgrub or so). Otherwise
+ initrd is provided by dom0.
+ .
+ 2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
+ libvchan library.

debian/qubes-kernel-vm-support.dkms

@@ -0,0 +1 @@
+debian/tmp/usr/src/u2mfn-3.1.2/dkms.conf

debian/qubes-kernel-vm-support.install

@@ -0,0 +1,3 @@
+usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
+usr/share/initramfs-tools/hooks/qubes_vm
+usr/src/u2mfn-*/*

debian/qubes-utils.install

@@ -0,0 +1,6 @@
+usr/sbin/meminfo-writer
+lib/systemd/system/qubes-meminfo-writer.service
+usr/libexec/qubes/*
+usr/include/*
+usr/lib/*
+etc/*

debian/rules

@@ -1,16 +1,17 @@
 #!/usr/bin/make -f
 # -*- makefile -*-
 
-export DESTDIR=$(shell pwd)/debian/qubes-utils
+export DESTDIR=$(shell pwd)/debian/tmp
 
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
 %:
-	dh $@ --with=systemd
+	dh $@ --with=systemd,dkms
 
 override_dh_auto_build:
 	make all LIBDIR=/usr/lib DEBIANBUILD=1
 
 override_dh_auto_install:
 	make install LIBDIR=/usr/lib DEBIANBUILD=1 
+	make install-debian-kernel-support LIBDIR=/usr/lib DEBIANBUILD=1 

dracut/full-dmroot/qubes_cow_setup.sh

@@ -1,21 +1,58 @@
 #!/bin/sh
 #
-# This file should be places in pre-mount directory in dracut's initramfs
+# This file should be placed in pre-mount directory in dracut's initramfs, or
+# scripts/local-top in case of initramfs-tools
 #
 
-echo "Qubes initramfs script here:"
+# initramfs-tools (Debian) API
+PREREQS=""
+case "$1" in
+    prereqs)
+        # This runs during initramfs creation
+        echo "$PREREQS"
+        exit 0
+        ;;
+esac
+
+# This runs inside real initramfs
+if [ -r /scripts/functions ]; then
+    # We're running in Debian's initramfs
+    . /scripts/functions
+    alias die=panic
+    alias info=true
+    alias warn=log_warning_msg
+    alias log_begin=log_begin_msg
+    alias log_end=log_end_msg
+elif [ -r /lib/dracut-lib.sh ]; then
+    . /lib/dracut-lib.sh
+    alias log_begin=info
+    alias log_end=true
+else
+    die() {
+        echo "$@"
+        exit 1
+    }
+    alias info=echo
+    alias warn=echo
+    alias log_begin=echo
+    alias log_end=true
+fi
+
+
+info "Qubes initramfs script here:"
 
 if [ -e /dev/mapper/dmroot ] ; then 
     die "Qubes: FATAL error: /dev/mapper/dmroot already exists?!"
 fi
 
-modprobe xenblk || modprobe xen-blkfront || echo "Qubes: Cannot load Xen Block Frontend..."
+modprobe xenblk || modprobe xen-blkfront || warn "Qubes: Cannot load Xen Block Frontend..."
 
-echo "Waiting for /dev/xvda* devices..."
+log_begin "Waiting for /dev/xvda* devices..."
 while ! [ -e /dev/xvda ]; do sleep 0.1; done
+log_end
 
 if [ `cat /sys/block/xvda/ro` = 1 ] ; then
-    echo "Qubes: Doing COW setup for AppVM..."
+    log_begin "Qubes: Doing COW setup for AppVM..."
 
     while ! [ -e /dev/xvdc ]; do sleep 0.1; done
     VOLATILE_SIZE=$(sfdisk -s /dev/xvdc)
@@ -29,20 +66,19 @@ if [ `cat /sys/block/xvda/ro` = 1 ] ; then
 ,$ROOT_SIZE,L
 EOF
     if [ $? -ne 0 ]; then
-        echo "Qubes: failed to setup partitions on volatile device"
+        die "Qubes: failed to setup partitions on volatile device"
-        exit 1
     fi
     while ! [ -e /dev/xvdc1 ]; do sleep 0.1; done
     mkswap /dev/xvdc1
     while ! [ -e /dev/xvdc2 ]; do sleep 0.1; done
 
     echo "0 `cat /sys/block/xvda/size` snapshot /dev/xvda /dev/xvdc2 N 16" | \
-        dmsetup --noudevsync create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; }
+        dmsetup --noudevsync create dmroot || die "Qubes: FATAL: cannot create dmroot!"
-    echo Qubes: done.
+    log_end
 else
-    echo "Qubes: Doing R/W setup for TemplateVM..."
+    log_begin "Qubes: Doing R/W setup for TemplateVM..."
     echo "0 `cat /sys/block/xvda/size` linear /dev/xvda 0" | \
-        dmsetup --noudevsync create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; exit 1; }
+        dmsetup --noudevsync create dmroot || die "Qubes: FATAL: cannot create dmroot!"
-    echo Qubes: done.
+    log_end
 fi
 dmsetup mknodes dmroot

initramfs-tools/Makefile

@@ -0,0 +1,6 @@
+install:
+	install -D local-top/qubes_cow_setup.sh \
+		$(DESTDIR)/usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
+	install -D qubes_vm \
+		$(DESTDIR)/usr/share/initramfs-tools/hooks/qubes_vm
+	

initramfs-tools/local-top/qubes_cow_setup.sh

@@ -0,0 +1 @@
+../../dracut/full-dmroot/qubes_cow_setup.sh

initramfs-tools/qubes_vm

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+if grep -q control_d /proc/xen/capabilities; then
+    echo "Not intended for dom0"
+    exit 0
+fi
+
+PREREQS="dmsetup"
+case "$1" in
+prereqs)
+    echo "$PREREQS"
+    exit 0
+    ;;
+esac
+
+. /usr/share/initramfs-tools/hook-functions
+
+copy_exec /sbin/sfdisk
+copy_exec /sbin/mkswap
+force_load xen-blkfront
+force_load dm-snapshot

rpm_spec/qubes-kernel-vm-support.spec

@@ -57,7 +57,7 @@ ln -sf . %{name}-%{version}
 %build
 
 %install
-make install-kernel-support DESTDIR=%{buildroot}
+make install-fedora-kernel-support DESTDIR=%{buildroot}
 
 %files
 /usr/lib/dracut/modules.d/90qubes-vm