debian: introduce qubes-kernel-vm-support package

This package is responsible for kernel modules and initramfs additions
needed in Qubes VM. When installed, it is possible to switch the VM to
use PV Grub and load the kernel from inside of VM. This greatly ease
installing custom kernel modules.

Changes:
 - make qubes_cow_setup.sh working with both dracut and initramfs-tools
 - add initramfs-tools configuration/scripts (including
         qubes_cow_setup.sh)
 - modify DESTDIR to handle multiple binary packages out of single
   source

QubesOS/qubes-issues#1354
This commit is contained in:
Marek Marczykowski-Górecki 2015-11-09 22:28:15 +01:00
parent 25c05a3bd3
commit 3cd77e4f70
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
11 changed files with 110 additions and 17 deletions

View File

@ -25,10 +25,16 @@ install:
$(MAKE) -C qmemman install
$(MAKE) -C core install
install-kernel-support:
install-fedora-kernel-support:
$(MAKE) -C dracut install
$(MAKE) -C kernel-modules install
install-debian-kernel-support:
$(MAKE) -C initramfs-tools install
$(MAKE) -C kernel-modules install
# expand module version
echo debian/tmp/usr/src/u2mfn-*/dkms.conf > debian/qubes-kernel-vm-support.dkms
clean:
$(MAKE) -C qrexec-lib clean
$(MAKE) -C qmemman clean

14
debian/control vendored
View File

@ -2,7 +2,7 @@ Source: qubes-utils
Section: admin
Priority: extra
Maintainer: Davíð Steinn Geirsson <david@dsg.is>
Build-Depends: libvchan-xen-dev, libxen-dev, debhelper (>= 8.0.0), quilt (>= 0.60), dh-systemd
Build-Depends: libvchan-xen-dev, libxen-dev, debhelper (>= 8.0.0), quilt (>= 0.60), dh-systemd, dkms
Standards-Version: 3.9.3
Homepage: http://www.qubes-os.org
Vcs-Git: http://dsg.is/qubes/qubes-linux-utils.git
@ -15,3 +15,15 @@ Conflicts: qubes-linux-utils
Recommends: python2.7
Description: Qubes Linux utilities
This package includes the basic qubes utilities necessary for domU.
Package: qubes-kernel-vm-support
Architecture: any
Depends: dkms, initramfs-tools, ${shlibs:Depends}, ${misc:Depends}
Description: Qubes VM kernel and initramfs modules
This package contains:
1. mkinitramfs module required to setup Qubes VM root filesystem. This package is
needed in VM only when the VM uses its own kernel (via pvgrub or so). Otherwise
initrd is provided by dom0.
.
2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
libvchan library.

1
debian/qubes-kernel-vm-support.dkms vendored Normal file
View File

@ -0,0 +1 @@
debian/tmp/usr/src/u2mfn-3.1.2/dkms.conf

View File

@ -0,0 +1,3 @@
usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
usr/share/initramfs-tools/hooks/qubes_vm
usr/src/u2mfn-*/*

6
debian/qubes-utils.install vendored Normal file
View File

@ -0,0 +1,6 @@
usr/sbin/meminfo-writer
lib/systemd/system/qubes-meminfo-writer.service
usr/libexec/qubes/*
usr/include/*
usr/lib/*
etc/*

5
debian/rules vendored
View File

@ -1,16 +1,17 @@
#!/usr/bin/make -f
# -*- makefile -*-
export DESTDIR=$(shell pwd)/debian/qubes-utils
export DESTDIR=$(shell pwd)/debian/tmp
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
%:
dh $@ --with=systemd
dh $@ --with=systemd,dkms
override_dh_auto_build:
make all LIBDIR=/usr/lib DEBIANBUILD=1
override_dh_auto_install:
make install LIBDIR=/usr/lib DEBIANBUILD=1
make install-debian-kernel-support LIBDIR=/usr/lib DEBIANBUILD=1

View File

@ -1,21 +1,58 @@
#!/bin/sh
#
# This file should be places in pre-mount directory in dracut's initramfs
# This file should be placed in pre-mount directory in dracut's initramfs, or
# scripts/local-top in case of initramfs-tools
#
echo "Qubes initramfs script here:"
# initramfs-tools (Debian) API
PREREQS=""
case "$1" in
prereqs)
# This runs during initramfs creation
echo "$PREREQS"
exit 0
;;
esac
# This runs inside real initramfs
if [ -r /scripts/functions ]; then
# We're running in Debian's initramfs
. /scripts/functions
alias die=panic
alias info=true
alias warn=log_warning_msg
alias log_begin=log_begin_msg
alias log_end=log_end_msg
elif [ -r /lib/dracut-lib.sh ]; then
. /lib/dracut-lib.sh
alias log_begin=info
alias log_end=true
else
die() {
echo "$@"
exit 1
}
alias info=echo
alias warn=echo
alias log_begin=echo
alias log_end=true
fi
info "Qubes initramfs script here:"
if [ -e /dev/mapper/dmroot ] ; then
die "Qubes: FATAL error: /dev/mapper/dmroot already exists?!"
fi
modprobe xenblk || modprobe xen-blkfront || echo "Qubes: Cannot load Xen Block Frontend..."
modprobe xenblk || modprobe xen-blkfront || warn "Qubes: Cannot load Xen Block Frontend..."
echo "Waiting for /dev/xvda* devices..."
log_begin "Waiting for /dev/xvda* devices..."
while ! [ -e /dev/xvda ]; do sleep 0.1; done
log_end
if [ `cat /sys/block/xvda/ro` = 1 ] ; then
echo "Qubes: Doing COW setup for AppVM..."
log_begin "Qubes: Doing COW setup for AppVM..."
while ! [ -e /dev/xvdc ]; do sleep 0.1; done
VOLATILE_SIZE=$(sfdisk -s /dev/xvdc)
@ -29,20 +66,19 @@ if [ `cat /sys/block/xvda/ro` = 1 ] ; then
,$ROOT_SIZE,L
EOF
if [ $? -ne 0 ]; then
echo "Qubes: failed to setup partitions on volatile device"
exit 1
die "Qubes: failed to setup partitions on volatile device"
fi
while ! [ -e /dev/xvdc1 ]; do sleep 0.1; done
mkswap /dev/xvdc1
while ! [ -e /dev/xvdc2 ]; do sleep 0.1; done
echo "0 `cat /sys/block/xvda/size` snapshot /dev/xvda /dev/xvdc2 N 16" | \
dmsetup --noudevsync create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; }
echo Qubes: done.
dmsetup --noudevsync create dmroot || die "Qubes: FATAL: cannot create dmroot!"
log_end
else
echo "Qubes: Doing R/W setup for TemplateVM..."
log_begin "Qubes: Doing R/W setup for TemplateVM..."
echo "0 `cat /sys/block/xvda/size` linear /dev/xvda 0" | \
dmsetup --noudevsync create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; exit 1; }
echo Qubes: done.
dmsetup --noudevsync create dmroot || die "Qubes: FATAL: cannot create dmroot!"
log_end
fi
dmsetup mknodes dmroot

6
initramfs-tools/Makefile Normal file
View File

@ -0,0 +1,6 @@
install:
install -D local-top/qubes_cow_setup.sh \
$(DESTDIR)/usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
install -D qubes_vm \
$(DESTDIR)/usr/share/initramfs-tools/hooks/qubes_vm

View File

@ -0,0 +1 @@
../../dracut/full-dmroot/qubes_cow_setup.sh

21
initramfs-tools/qubes_vm Executable file
View File

@ -0,0 +1,21 @@
#!/bin/sh
if grep -q control_d /proc/xen/capabilities; then
echo "Not intended for dom0"
exit 0
fi
PREREQS="dmsetup"
case "$1" in
prereqs)
echo "$PREREQS"
exit 0
;;
esac
. /usr/share/initramfs-tools/hook-functions
copy_exec /sbin/sfdisk
copy_exec /sbin/mkswap
force_load xen-blkfront
force_load dm-snapshot

View File

@ -57,7 +57,7 @@ ln -sf . %{name}-%{version}
%build
%install
make install-kernel-support DESTDIR=%{buildroot}
make install-fedora-kernel-support DESTDIR=%{buildroot}
%files
/usr/lib/dracut/modules.d/90qubes-vm