Commit Graph

206 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
a465359a5d
udev: fix deadlock on xenstore access during dom0 boot
During early dom0 boot, before xenstored is started any access to it
through /proc/xen/xenbus (or /dev/xen/xenbus) will wait until xenstored
is started. If that happens in script ordered to start before xenstored,
we have a deadlock. Prevent this by using `xenstore-ls -s` in dom0,
which will fail immediately when xenstored isn't running yet. This fail
isn't a problem, because when xenstored isn't running yet, surely device
isn't attached anywhere.

QubesOS/qubes-issues#1081

(cherry picked from commit cdbcb2eb55)
2016-06-21 04:32:30 +02:00
Marek Marczykowski-Górecki
95eeeef86c
udev/qvm-block: exclude device if its partition is already attached
This prevents simultaneous attachment of the same device (in practice)
to multiple VMs.
This change to be effective requires udev action being called when such
device is attached/detached to some domain. Script
/etc/xen/scripts/block will take care of it.

Fixes QubesOS/qubes-issues#1081

(cherry picked from commit 098bfb634d)
2016-06-21 04:32:12 +02:00
Marek Marczykowski-Górecki
4fee631c94
udev/qvm-block: exclude devices used elsewhere
Exclude exclude device if mounted/part of other device, or any of its
partition is used (same definition). Update this state whenever device
or it's partition receives udev event.

Fixes QubesOS/qubes-issues#1600

(cherry picked from commit efd9854376)
2016-06-21 04:32:10 +02:00
Marek Marczykowski-Górecki
29cf44233a
version 3.1.8 2016-02-08 05:06:21 +01:00
Marek Marczykowski-Górecki
0a0b04f88d
Merge remote-tracking branch 'origin/pr/4'
* origin/pr/4:
  archlinux: fix syntax errors in install file
  archlinux: add an install file specifically for vm-kernel-support
  kernel-support: compile u2mfn from source even if it has been never built
  archlinux: implement kernel-support
  archlinux: ensure gcc, make and pkgconfig are makedependencies
2016-01-17 04:25:54 +01:00
Marek Marczykowski-Górecki
22d6892ec9
udev: fix hiding devices from qvm-block
When device becomes non-attachable (for example because it gets mounted,
or used as part of LVM/RAID/whatever), it should be removed from
advertised available devices. The code for removing QubesDB entry was
buggy - the device is actually a directory in QubesDB, not a single
entry.

QubesOS/qubes-issues#1600
2016-01-14 05:01:27 +01:00
Olivier MEDOC
269d87ff0d archlinux: fix syntax errors in install file 2016-01-11 09:50:04 +01:00
Olivier MEDOC
66eaa697dd archlinux: add an install file specifically for vm-kernel-support 2016-01-11 09:49:52 +01:00
Olivier MEDOC
0b35e4d327 kernel-support: compile u2mfn from source even if it has been never built 2016-01-11 09:49:35 +01:00
Olivier MEDOC
a8d9bd8842 archlinux: implement kernel-support 2016-01-11 09:48:14 +01:00
Olivier MEDOC
8bd7132fa8 archlinux: ensure gcc, make and pkgconfig are makedependencies 2016-01-11 09:47:05 +01:00
Marek Marczykowski-Górecki
1d20cdea89
version 3.1.7 2016-01-07 05:59:41 +01:00
Marek Marczykowski-Górecki
6ac3fc3247
udev: ignore devices set to be ignore elsewhere
There are already some other rules to ignore not interesting devices.
This includes device-mapper assembled in initramfs manually. 'dmroot'
isn't properly detected as mounted because /dev/mapper/dmroot isn't a
symlink to /dev/dm-0 and /proc/mounts contains the former name, while
udev event the later.

Fixes QubesOS/qubes-issues#1586
2016-01-07 03:00:32 +01:00
Marek Marczykowski-Górecki
50145d448a
udev: do not assume static device-mapper major number
It is not static.

QubesOS/qubes-issues#1586
2016-01-06 04:22:50 +01:00
Marek Marczykowski-Górecki
e23cbbc261
Fix building Fedora package after Archlinux build fixes
LIBDIR on Fedora is /usr/lib64, not something that we want for scripts,
Also make sure to export SYSLIBDIR.
2016-01-06 04:21:42 +01:00
pqg
86e7f7c2c8 Fix build (installation) on Archlinux
/lib is a symlink to /usr/lib on Arch, so /lib/blah... paths are
rejected when installation is attempted.
2015-12-15 14:19:24 +00:00
Marek Marczykowski-Górecki
4dc959e94f
version 3.1.6 2015-12-13 04:38:28 +01:00
Marek Marczykowski-Górecki
c2c36d9c09
qrexec-lib: add glibc version test check for having syncfs
Compile fix for wheezy, which has too old glibc (2.13).
2015-12-11 21:43:40 +01:00
HW42
931944f118 debian: remove obsolete conffiles in /etc/udev/rules.d 2015-12-10 04:47:39 +01:00
Marek Marczykowski-Górecki
8da3f09ccc
version 3.1.5 2015-11-30 05:55:14 +01:00
Marek Marczykowski-Górecki
fae64a2c69
Fix for "debian: split libraries out of qubes-utils package"
Package python modules
2015-11-30 05:51:50 +01:00
Marek Marczykowski-Górecki
3fc71a3b40
version 3.1.4 2015-11-27 20:44:04 +01:00
Marek Marczykowski-Górecki
14297508e5
debian: break hardlink before modifying debian/....dkms
(When building using qubes-builder) otherwise the change will be visible
in original source tree as uncommitted. Not a bad thing, just
inconvenience.
2015-11-27 16:41:22 +01:00
Marek Marczykowski-Górecki
b625704edd
debian: split libraries out of qubes-utils package
According to Debian Policy:
https://www.debian.org/doc/debian-policy/ch-sharedlibs.html

This is the proper way to handle shared libraries (and dependencies on
them) in Debian.

Fixes QubesOS/qubes-issues#1416
2015-11-26 22:24:39 +01:00
Marek Marczykowski-Górecki
d95174f52c
makefile: honor build env CFLAGS and LDFLAGS
Generally build env (rpmbuild, dpkg-buildpackage) provide sane and
useful defaults.
Fixes hardening-no-relro lintian warning.

QubesOS/qubes-issues#1416
2015-11-26 22:21:19 +01:00
Marek Marczykowski-Górecki
7148f8d135
Move udev scripts to /usr/lib/qubes, move rules to /lib/udev/
Resolve udev-rule-in-etc, non-standard-dir-in-usr, file-in-unusual-dir
lintian warnings.

QubesOS/qubes-issues#1416
2015-11-26 22:18:03 +01:00
Marek Marczykowski-Górecki
031dd4c844
debian: resolve quilt-build-dep-but-no-series-file lintian warning
QubesOS/qubes-issues#1416
2015-11-26 22:05:46 +01:00
Marek Marczykowski-Górecki
2f1c8ea459
qubes-prepare-vm-kernel: ensure proper permissions on initramfs
By default dracut set 600 mode. While it isn't a problem for starting a
VM (which is done as root), it is a problem for creating standalone VM,
which has it's own copy of kernel directory.
2015-11-25 03:42:32 +01:00
Marek Marczykowski-Górecki
a23030e49f
initramfs: initialize volatile.img partition table also in TemplateVM
While there is no additional snapshot device, swap partition is still
used.

Fixes QubesOS/qubes-issues#1308
2015-11-25 03:41:04 +01:00
Marek Marczykowski-Górecki
6cd22a42bb
initramfs: use units of sectors in sfdisk call
New version of sfdisk have different syntax for other units (suffixes
beside the numbers, instead of global --unit). The only common unit is
sector, so use that.

Fixes QubesOS/qubes-issues#1427
2015-11-25 03:38:51 +01:00
Marek Marczykowski-Górecki
61f6054ce3
Merge remote-tracking branch 'qubesos/pr/2'
* qubesos/pr/2:
  qfile-unpacker: syncfs() to avoid qvm-move-to-vm data loss
2015-11-23 16:21:49 +01:00
Marek Marczykowski-Górecki
cd277485bb
qrexec: add clarification commends in qrexec.h
QubesOS/qubes-issues#1392
2015-11-23 16:20:34 +01:00
Rusty Bird
4f59b3df6f
qfile-unpacker: syncfs() to avoid qvm-move-to-vm data loss
Commit https://github.com/QubesOS/qubes-linux-utils/commit/c1d42f1 --
"qfile-unpacker: do not call fdatasync() at each file" fixing
QubesOS/qubes-issues#1257 -- increased the chance of data loss with
qvm-move-to-vm: Say it nominally succeeds, and *deletes* the files from
the source VM. Soon after, the destination VM or the system could crash,
or an external drive hosting ~/QubesIncoming/srcVM could get unplugged
by accident, all before the data had really been persisted to disk.

But reverting the commit (ignoring the performance issue) wouldn't
completely solve this:

  "Calling fsync() does not necessarily ensure that the entry in the
   directory containing the file has also reached disk. For that an
   explicit fsync() on a file descriptor for the directory is also
   needed."  - fsync(2)

It gets even worse for "slow symlinks" (whose target is too long to be
stored directly in the inode metadata), apparently they can't be synced
at all individually.

So instead, just call syncfs() once after everything has been unpacked:

  + Should prevent all data loss (if fs and disk are well behaved)
  + Allows caching and reordering -> no slowdown with many small files
  - Blocks until any unrelated writes on the filesystem finish :\
2015-11-18 13:11:30 +00:00
Marek Marczykowski-Górecki
8311e1263d
initramfs: fix swap size
It should be 1GB, not 1MB...

QubesOS/qubes-issues#1354
2015-11-13 14:42:51 +01:00
Marek Marczykowski-Górecki
170d46c40d
rpm: disable debuginfo subpackage in qubes-kernel-vm-support
find-debuginfo.sh in Fedora 23 doesn't properly handle packages without
any binary.

QubesOS/qubes-issues#1413
2015-11-13 06:02:37 +01:00
Marek Marczykowski-Górecki
83c03af067
Merge remote-tracking branch 'qubesos/pr/1'
* qubesos/pr/1:
  Check if QubesIncoming filesystem supports O_TMPFILE
2015-11-13 02:59:31 +01:00
Marek Marczykowski-Górecki
3826f4070f
Merge remote-tracking branch 'origin/pr/2'
* origin/pr/2:
  Fix u2mfn.ko for > 16TB RAM by not truncating to 32-bit improperly
2015-11-13 02:58:08 +01:00
Rusty Bird
74a1b4cc50
Check if QubesIncoming filesystem supports O_TMPFILE
The filesystem hosting ~/QubesIncoming/srcVM/ needs to support O_TMPFILE
too, in addition to the kernel. If it doesn't, take the use_tmpfile = 0
fallback.
2015-11-11 11:35:16 +00:00
Marek Marczykowski-Górecki
5b250eb279
version 3.1.3 2015-11-11 05:12:11 +01:00
Marek Marczykowski-Górecki
dfe5c11a55
qrexec: define NOGUI_CMD_PREFIX
This is part of the qrexec protocol, so keep it in protocol definitions.

QubesOS/qubes-issues#1392
2015-11-11 05:10:59 +01:00
Marek Marczykowski-Górecki
64331d7e09
dracut: add a safety check preventing qubes_cow_setup.sh running in dom0
Theoretically it shouldn't be a problem, because module isn't installed
in initramfs by default (in dom0), but since such error would be fatal
to dom0 (will prevent it from booting), add a safety check for it.

Probably it will be required when (if) we migrate dom0 to Debian
2015-11-11 05:10:59 +01:00
Marek Marczykowski-Górecki
3cd77e4f70
debian: introduce qubes-kernel-vm-support package
This package is responsible for kernel modules and initramfs additions
needed in Qubes VM. When installed, it is possible to switch the VM to
use PV Grub and load the kernel from inside of VM. This greatly ease
installing custom kernel modules.

Changes:
 - make qubes_cow_setup.sh working with both dracut and initramfs-tools
 - add initramfs-tools configuration/scripts (including
         qubes_cow_setup.sh)
 - modify DESTDIR to handle multiple binary packages out of single
   source

QubesOS/qubes-issues#1354
2015-11-11 05:10:59 +01:00
Marek Marczykowski-Górecki
25c05a3bd3
dracut: add dmsetup --noudevsync since we're running in pre-udev hook
When udev is installed (and scheduled to be started), but not running
yet, plain dmsetup will deadlock on waiting for udev. Since we call
`dmsetup mknodes dmroot` anyway

QubesOS/qubes-issues#1354
2015-11-09 00:44:24 +01:00
Marek Marczykowski-Górecki
aaf84ba305
kernel-modules: build/install u2mfn module by default
The module is required by gui-agent, so make sure it will be actually
installed. This would also install the module in dom0 (when
qubes-kernel-vm-support is installed there), but this this is harmless.

QubesOS/qubes-issues#1354
2015-11-08 03:51:18 +01:00
Marek Marczykowski-Górecki
789e9c2549
dracut: mount only subdirectory of /lib/modules
This makes is possible to modify /lib/modules content - especially
install other kernel packages, without unmounting the whole
/lib/modules. Since dom0-provided modules will no longer conflict with
VM kernel packages (assuming kernel versions are different), there is no
need for qubes-kernel-vm-placeholder anymore.

Having only one subdirectory of /lib/modules mounted is somehow tricky,
because:
1. Directory name isn't always the same - it depends on kernel version.
This means that mountpoint must be created dynamically (so $NEWROOT must
be mounted in R/W for a moment).
2. There is one-command way to mount only a subdirectory of some
filesystem. So use a trick: mount it in some temporary directory, get
interesting subdir with `mount --bind`, then unmount temporary
directory.

QubesOS/qubes-issues#1354
2015-11-08 03:46:25 +01:00
Marek Marczykowski-Górecki
42469fdbe4
dracut: fix qubes-vm module dependencies
It needs 'dm' for 'dmsetup' utility. Additionally fix check - qubesdb
path starts with '/'.

QubesOS/qubes-issues#1354
2015-11-08 03:44:46 +01:00
Marek Marczykowski-Górecki
882052eca0
dracut: split 'full' dracut module into 'full-dmroot' and 'full-modules'
When PV Grub will be used, VM initramfs should not contain /lib/modules
mounting code, as the VM root.img will already contains kernel modules.
Make it possible by splitting the module.

QubesOS/qubes-issues#1354
2015-11-08 03:44:27 +01:00
Marek Marczykowski-Górecki
d1238ce060
qrexec-lib: add qfile packing functions to libqubes-rpc-filecopy
This is counterpart of 5774c78 "qfile-agent: move data handling code to
libqubes-rpc-filecopy" in core-agent-linux. The main purpose is to
easily reuse the code in dom0 qvm-copy-to-vm tool.

QubesOS/qubes-issues#1324
2015-11-03 03:42:49 +01:00
Marek Marczykowski-Górecki
603e8f8685
version 3.1.2 2015-10-26 20:00:08 +01:00
qubesuser
71ce41cf61
Fix u2mfn.ko for > 16TB RAM by not truncating to 32-bit improperly
At the moment, Xen has a 16TB limit on x86, so this has no practical
impact, aside for silencing compiler truncation warnings.

Also, the rest of the GUI/u2mfn code and protocol would need to be
expanded to use 64-bit mfns for Qubes to actually work there.
2015-10-26 20:00:08 +01:00