Tag for commit 96301f3cc1

-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU3OKsAAoJEBu5sftaTG2teD4P/2AgLmFI2x8RHqHz17T+lDZW
 gD4QoQlTFm1jysvexwLSCKYh4yYOKmMOaCs8UVc44k1KTxr1l/XYPhTFpzDg1gmb
 6zAKV36yxRZuB/3oRQ1tpUFN8obgV3GQh9Uz7zyOV8a34xSLkulUqp86ceW8gEyR
 XHlUF2XSNpOLca56IOTHzSlvje+kTxTON9OAfNv18cPv+Um27xt+IAz2nl7jytlc
 2SgZnJgcdf+blFvdxoEJQ9Dky3jLxcE/W4HMNmMPBEknSJYhoVNaSWtfgvJO66E9
 M0CIUk2v068vDSdmC7OUIDgQ/URE6SW85OyTvQlKOft3k33mZkSWog6y7FEbuXAS
 lWpXMR4xwnOqJtFTpKsGNyylqhNZhS1UQ4TpMgQijjxqs6oCWH42KwzSpPjd+zyq
 Vn151qsBg2UGMT5OqePDBq0fLFbN1Jfk1Oja78XFZ4PAKsvTmKdMd2oEaU10Wzkr
 jOpiEXtOK6QBWQYRySJH5GdFqEc2K4HFtHJPZPg6oIX7nMq9p8k3khfRDTgQ94nW
 qMwOoGa/rfuh/8PmSoMsvsceGHDzVV1zZtIVPHnzoQcDjp4wkKodD0dSRV/FC/4B
 lFsBS+UJMgOIvywzoRaU4lJowY0TPokg/MYPPYou3efWzDZCvB555n75gtRxYdg1
 TQz5tLSVBp9E2JNqt7is
 =ZgPE
 -----END PGP SIGNATURE-----

Merge tag 'jm_96301f3c'

Tag for commit 96301f3cc1

# gpg: Signature made Thu Feb 12 18:28:12 2015 CET using RSA key ID 5A4C6DAD
# gpg: Good signature from "Jason Mehring (Qubes OS Signing Key) <nrgaway@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: E0E3 2283 FDCA C1A5 1007  8F27 1BB9 B1FB 5A4C 6DAD

debian/changelog

@@ -1,3 +1,77 @@
+qubes-utils (3.0.1) jessie; urgency=medium
+
+  [ Wojciech Zygmunt Porczyk ]
+  * v3.0.1
+  * This has to be versioned because of dependency in core-agent-linux.
+
+  [ Marek Marczykowski-Górecki ]
+  * Update for new vchan API, remove code not needed anymore
+  * filecopy: fix handling ENOENT error
+  * Do not fail when file was successfully created.
+  * I will test before commit. I will test before commit. I will...
+
+  [ Marek Marczykowski-Górecki ]
+  * filecopy: really do not use O_TMPFILE when use_tmpfile==0
+  * When file opened with O_TMPFILE but use_tmpfile==0, the file will not be
+    linked to the directory (the code at the end of process_one_file_reg).
+    Additionally it is waste of time trying using O_TMPFILE when it's
+    already known it shouldn't be.
+    Also use_tmpfile==0 can mean we don't have access to /proc
+    (set_procfs_fd wasn't called), so even if linking the file to its
+    directory would be attempted, it would fail. This is the case for
+    dom0-updates copy.
+
+  [ Marek Marczykowski-Górecki ]
+  * filecopy: create new file unaccessible to the user until fully written
+    Otherwise source domain can modify (append) the file while the user
+    already is accessing it. While incoming files should be treated as
+    untrusted, this problem could allow file modification after the user
+    makes some sanity checks.
+
+  [ Marek Marczykowski-Górecki ]
+  * udev: update hotplug block scripts for QubesDB
+  * Some initial work was done, but apparently not complete and buggy.
+
+  [ Marek Marczykowski-Górecki ]
+  * version 3.0.0
+
+  [ Marek Marczykowski-Górecki ]
+  * Fix compile warnings
+
+  [ Marek Marczykowski-Górecki ]
+  * qrexec-utils: add read_vchan_all and write_vchan_all
+  * Similar to read_all and write_all.
+
+  [ Marek Marczykowski-Górecki ]
+  * qrexec: update protocol
+    - add new messages
+    - uniform packet header
+    - organize #defines
+
+  [ Marek Marczykowski-Górecki ]
+  * code style: change tabs to spaces
+
+  [ Marek Marczykowski-Górecki ]
+  * qrexec-utils: disable write-stdin (buffered writes) compilation
+  * Not compatible with new qrexec protocol yet. To be done.
+
+  [ Marek Marczykowski-Górecki ]
+  * New qrexec protocol
+  * Use separate vchan to pass I/O for each process, which greatly simplify
+    protocol implementation (eg. no flow control needed).
+
+  [ Marek Marczykowski-Górecki ]
+  * udev: setup permissions on xen device nodes
+
+  [ Marek Marczykowski ]
+  * qrexec-lib: prevent deadlock on vchan
+    It can happen that we already cleared libvchan_fd pending state via
+    libvchan_wait, but data arrived later. This is especially true just
+    after connection, when client send unsolicited notification to server,
+    which can confuse it with some requested notification.
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 10 Feb 2015 00:00:00 +0100
+
 qubes-utils (3.0.0) jessie; urgency=medium
 
   [ HW42 ]
@@ -17,7 +91,6 @@ qubes-utils (3.0.0) jessie; urgency=medium
   * qrexec-utils: add read_vchan_all and write_vchan_all
 
  -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 22 Nov 2014 16:24:11 +0100
-
 qubes-utils (2.0.14) jessie; urgency=medium
 
   [ Marek Marczykowski-Górecki ]

debian/control

@@ -10,7 +10,7 @@ Vcs-Git: http://dsg.is/qubes/qubes-linux-utils.git
 
 Package: qubes-utils
 Architecture: any
-Depends: libvchan-xen, lsb-base, ${shlibs:Depends}, ${misc:Depends}
+Depends: qubesdb-vm, libvchan-xen, lsb-base, ${shlibs:Depends}, ${misc:Depends}
 Conflicts: qubes-linux-utils
 Recommends: python2.7
 Description: Qubes Linux utilities

qrexec-lib/Makefile

@@ -1,5 +1,5 @@
 CC=gcc
-CFLAGS+=-I. -g -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
+CFLAGS+=-I. -g -Wall -Wextra -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
 COMMONIOALL=ioall.o
 SO_VER=1
 LDFLAGS=-shared