Commit Graph

351 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
b4f48c1770 udev: update hotplug block scripts for QubesDB
Some initial work was done, but apparently not complete and buggy.
2014-12-11 06:06:57 +01:00
Marek Marczykowski-Górecki
f7325b3e9e version 3.0.0 2014-11-22 16:24:11 +01:00
Marek Marczykowski-Górecki
680c36934e Fix compile warnings 2014-11-19 15:10:59 +01:00
Marek Marczykowski-Górecki
020f341f98 qrexec-utils: add read_vchan_all and write_vchan_all
Similar to read_all and write_all.
2014-11-19 15:10:59 +01:00
Marek Marczykowski-Górecki
591fb10a32 qrexec: update protocol
- add new messages
- uniform packet header
- organize #defines
2014-11-19 15:10:59 +01:00
Marek Marczykowski-Górecki
0ca9e06877 code style: change tabs to spaces 2014-11-19 15:10:59 +01:00
Marek Marczykowski-Górecki
aa31c67e24 qrexec-utils: disable write-stdin (buffered writes) compilation
Not compatible with new qrexec protocol yet. To be done.
2014-11-19 15:10:58 +01:00
Marek Marczykowski-Górecki
3e0c5a74d2 New qrexec protocol
Use separate vchan to pass I/O for each process, which greatly simplify
protocol implementation (eg. no flow control needed).
2014-11-19 15:10:58 +01:00
Marek Marczykowski-Górecki
a930f7b2ea udev: setup permissions on xen device nodes 2014-11-19 15:10:58 +01:00
Marek Marczykowski
08f6f18af7 qrexec-lib: prevent deadlock on vchan
It can happen that we already cleared libvchan_fd pending state via
libvchan_wait, but data arrived later. This is especially true just
after connection, when client send unsolicited notification to server,
which can confuse it with some requested notification.
2014-11-19 15:10:58 +01:00
Marek Marczykowski
dc41fbad79 Use Qubes DB instead of Xenstore 2014-11-19 15:10:58 +01:00
Marek Marczykowski
a91a8c8312 Update for new vchan API, remove code not needed anymore
Remove some vchan wrappers, which are not necessary now.
2014-11-19 15:10:58 +01:00
Marek Marczykowski-Górecki
4476a1fe71 Use native systemd services (like in the fedora templates). This should also
add support for netvm, proxyvm, dispvm.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJUWAv1AAoJEIwFIWzgnAk887EP/2c9kc72kY/24vgDfo4zDIHu
 yfaYjlEUmqTH8MDNpA2JnOz4caSGNpHcLWt68Cn0zsi40Tq2G1kQGmoPJRrpKdnO
 muqqI+vjCcNymar7XTa4XpRxQ4PTfVW/XQ4GyzGja0JKnBW6IrtrbRDF+bW7KqjP
 8CxAjv+Pnm0hdkWXgvFLCt7uwDgXQ7oPb2a5G1eqfHKZ84HzXElU2PPr2Fh4Rh4x
 jWu/nsXDwY5XoT8YdaPfZ0vkmExfNfQXHgc6wnvZmW4ZuDvpldshhFI3iyZwa0zy
 dJyzykEM7FWT8RxnsLqalhjycjF9mX+7KUUDL0quQNArUuRR4hAnA/85kCaHAgaE
 3XjpWiwRJPhFKVj00rqxxBgYKQYPszr0Wy2X3AgMdB50/YNa7ct43v+OG8RZFjkW
 HLC4tfnwwMyDbpwc/Hy4Ltfcy2LIMM2w8AsO74wPmTwy5CcvlViUMiV5AEUssjE5
 cTx9iiAP76oOe0ewY7lmJ6pkMDMuYSM44PtwhHdITXR8XxgkDOiolkMtYNvsJ21q
 C4ECW5JoktvgDJZsKGWz0nB599+WVGeq7Kj/Km45PI+9NeVPrlS6IrVDdm7M55pJ
 zaRm/WhtuL6SJ152iCn9u40m/+3XcE+jruewPoxbxSV4/a6bVKflVtElffVm6MZK
 pmaIZmr9X5bKbr2Aub3h
 =EbZd
 -----END PGP SIGNATURE-----

Merge tag 'hw42_debian-systemd-1'

Use native systemd services (like in the fedora templates). This should also
add support for netvm, proxyvm, dispvm.

# gpg: Signature made Tue Nov  4 00:12:53 2014 CET using RSA key ID E09C093C
# gpg: Good signature from "HW42 (Qubes Signing Key) <hw42-qubes@ipsumj.de>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: FC1A C023 76D0 4C68 341F  406F 8C05 216C E09C 093C
2014-11-05 05:00:42 +01:00
HW42
7693f097d4 use systemd in debian 2014-09-26 23:33:38 +02:00
Marek Marczykowski-Górecki
6e965d0093 version 2.0.14 2014-07-28 02:46:39 +02:00
Marek Marczykowski-Górecki
35300b54ac udev: update dmsetup path
Debian has it in /sbin/dmsetup. Fedora has /sbin->/usr/sbin symlink, so
it should work on both.
2014-07-26 15:47:15 +02:00
Marek Marczykowski-Górecki
91766f9b5d gitignore 2014-07-26 03:36:31 +02:00
Marek Marczykowski-Górecki
098a93bab0 debian: rename package to qubes-utils, update deps 2014-07-26 03:35:57 +02:00
Davíð Steinn Geirsson
566bd2901b Initial native debian packaging 2014-07-23 04:32:46 +02:00
Davíð Steinn Geirsson
bc75b6559b Use xenstore.h when xen >= 4.2 2014-07-23 04:32:46 +02:00
Davíð Steinn Geirsson
b4751c55dc Add qmemman to make clean 2014-07-23 04:32:46 +02:00
Joanna Rutkowska
8284ed0c44 version 2.0.13 2014-07-12 14:07:56 +02:00
Marek Marczykowski-Górecki
43ec024616 rpm: add missing dependency 2014-07-08 12:07:38 +02:00
Marek Marczykowski-Górecki
60fe01e11f version 2.0.12 2014-07-05 16:13:31 +02:00
Marek Marczykowski-Górecki
644372149f udev: convert device description to ascii only 2014-07-05 16:13:08 +02:00
Marek Marczykowski-Górecki
36a2c99b49 udev: filter out template's root device 2014-07-05 16:12:37 +02:00
Marek Marczykowski-Górecki
6722b17333 version 2.0.11 2014-07-05 14:51:15 +02:00
Marek Marczykowski-Górecki
58df64ad20 udev: skip empty device-mapper nodes
It can happen during device reconfiguration - do not decide to expose
the device until its known what device it will be.
This fixes bug where root.img was visible in qvm-block as normal device
and could be detached.
2014-07-04 03:29:38 +02:00
Marek Marczykowski-Górecki
44e5c20806 udev: fix perms of udev-block-add-change
Accidentally "x" was removed.
2014-06-29 21:57:20 +02:00
Marek Marczykowski-Górecki
32a0a4156c version 2.0.10 2014-06-10 17:57:11 +02:00
Marek Marczykowski-Górecki
570446f448 udev: better support device-mapper/LVM
Do not ignore them completely.
2014-06-07 04:53:32 +02:00
Wojciech Zygmunt Porczyk
affc4fd3a9 imgconverter.py: really close stdout in get_through_dvm 2014-05-27 16:13:34 +02:00
Wojciech Zygmunt Porczyk
e18bfc5dad move site-packages/qubes/__init__.py from core-admin 2014-05-27 16:13:34 +02:00
Marek Marczykowski-Górecki
136d342dd6 version 2.0.9 2014-05-23 02:44:17 +02:00
Marek Marczykowski-Górecki
821a1c2fe9 qrexec-lib: use _exit in child process to not fire atexit hooks
Otherwise it would remove qrexec socket.
2014-05-19 16:52:27 +02:00
Marek Marczykowski-Górecki
f01b1a16ba version 2.0.8 2014-04-05 00:50:39 +02:00
Marek Marczykowski-Górecki
ed146390d6 rpm: fix meminfo-writer setup during system installation
We have no control over package installation, so it can happen to be
before qubes-release got installed. Simply enable both dom0 and VM
services - they contains relevant start conditions.
2014-03-21 02:47:49 +01:00
Marek Marczykowski-Górecki
11e9e89341 version 2.0.7 2014-02-20 01:01:26 +01:00
Marek Marczykowski-Górecki
b8b4e105c0 qrexec-lib: return unsigned where only non-negative value is returned 2014-02-19 20:52:24 +01:00
Marek Marczykowski-Górecki
b12f1539a4 Add -Wextra -Werror to all C code
Not only the security-critical one.
2014-02-16 11:10:38 +01:00
Marek Marczykowski-Górecki
12a9049cfe Fix some more -Wextra warnings 2014-02-16 11:10:31 +01:00
Vincent Penquerc'h
03c9cb1388 Add a few consts where appropriate 2014-02-16 11:08:22 +01:00
Vincent Penquerc'h
9f3a74fd77 unpack: prevent ability to bypass the byte limit
By passing an empty file with a declared negative size,
a hostile VM can decrease the total bytes counter, while
not have do supply a huge amount of data, thus disabing
the byte size check, and potentially filling the target
filesystem.
2014-02-15 14:14:20 +01:00
Davíð Steinn Geirsson
b95e80779e archlinux: Fix missing symlink for archlinux template build 2014-02-15 08:32:31 +01:00
Marek Marczykowski-Górecki
c3f924373a version 2.0.6 2014-02-07 05:42:52 +01:00
Marek Marczykowski-Górecki
f6ec5e1d8a Merge branch 'appicons'
Conflicts:
	rpm_spec/qubes-utils.spec
2014-02-07 05:40:51 +01:00
Marek Marczykowski-Górecki
312637358e version 2.0.5 2014-02-07 05:38:30 +01:00
Marek Marczykowski-Górecki
759c9da6be rpm: fix debuginfo package build 2014-02-07 05:31:46 +01:00
Marek Marczykowski-Górecki
20cb2103e5 rpm: package libraries in -libs package
There are need for both compiling (where main package is unwanted) and
using (where devel package is unnecessary).
2014-02-07 05:30:47 +01:00
Marek Marczykowski-Górecki
516815a266 qrexec-lib: make it shared library 2014-02-07 05:29:59 +01:00