Commit Graph

274 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
c62c8e4416
version 4.0.7 2017-09-15 13:43:18 +02:00
Marek Marczykowski-Górecki
c7420318e2
udev: fix loop devices exclusion based on directory flagfile
Getting loop device backing file path was broken:
${NAME%p*} for not-partitioned devices will cut the actual device name.
Use full name instead. This probably breaks handling partitioned
devices, but such devices should not appear in a directory flagged to be
ignored (VM images)

QubesOS/qubes-issues#3084
2017-09-15 05:25:42 +02:00
Olivier MEDOC
0207537b50
Fix gcc Werror because of a typo in a switch/case explicit fallthrough comment
GCC crash because of -Werror=implicit-fallthrough. However the fallthrough exists but has a typo.

Thanks for omac777 analysis (7d0b8155a3)

However the fallthrough exists but has a typo

(cherry picked from commit ea0c714139)
2017-09-13 01:06:04 +02:00
Marek Marczykowski-Górecki
d703652070
version 4.0.6 2017-09-12 04:52:48 +02:00
Marek Marczykowski-Górecki
764b0f3f07
udev: major cleanup in block devices handling
1. Do not detach device forcefully when it's removed. This breaks
libvirt (which thinks the device is still there). After this change, it
is possible to detach device using libvirt, even if it was already
removed physically from backend domain (unless it is dom0 - in which
case it is still broken). So, this is partial fix for
QubesOS/qubes-issues#1082.

2. Do not trigger "change" udev event when only QubesDB state needs to
be updated - this leads to massive udev events queue, and heavy I/O
usage - for example scanning all LVM many times. In some cases it even
caused infinite event queue.

3. Do not use QUBES_EXPOSED udev property - it was needed a while back
before QubesDB, because concurrent xenstore accesses are expensive
(because of transactions). It isn't the problem on QubesDB.

4. Cache information about device-mapper, so it is possible to
reconstruct it at device remove - when the actual device cannot be
queried anymore. This is specifically about list of lower layer devices
used.

5. Allow excluding loop devices pointing at a file in directory marked
with ".qubes-exclude-block-devices" file. This is more generic than
hardcoding /var/lib/qubes.

QubesOS/qubes-issues#3084
Fixes QubesOS/qubes-issues#3073
QubesOS/qubes-issues#1082
2017-09-12 04:25:34 +02:00
Marek Marczykowski-Górecki
dd71f295e5
Merge remote-tracking branch 'qubesos/pr/16'
* qubesos/pr/16:
  Fix off-by-one error in header length calculation
2017-08-12 14:02:51 +02:00
Jean-Philippe Ouellet
349f79bc66
Fix off-by-one error in header length calculation
int(ceil(log10(100))) is one lower than it should be when max widths are
powers of 10. This means providing a value of 100 when the max is 100
produces an unexpected failure.

Was never triggered because imghdrlen args are only hard-coded
constants, but a bug is a bug.
2017-08-11 09:43:41 -04:00
Marek Marczykowski-Górecki
22c94c37a9
version 4.0.5 2017-08-11 13:34:11 +02:00
Marek Marczykowski-Górecki
823d73a524
udev: filter-out QEMU devices
Fixes QubesOS/qubes-issues#2969
2017-08-07 23:00:53 +02:00
Marek Marczykowski-Górecki
43908b7eaa
version 4.0.4 2017-07-29 05:19:34 +02:00
Marek Marczykowski-Górecki
b130b79b28
Merge remote-tracking branch 'qubesos/pr/15'
* qubesos/pr/15:
  u2mfn: get mfn via pte
2017-07-24 14:02:37 +02:00
Marek Marczykowski-Górecki
4dd813c14b
version 4.0.3 2017-07-06 19:41:04 +02:00
Marek Marczykowski-Górecki
0d4c561064
udev: don't list in qvm-block any device marked to be ignored by udev
Not only device-mapper one.
This especially include loop devices for VM disk images.

QubesOS/qubes-issues#2319
2017-07-06 19:40:51 +02:00
HW42
f14637a615 u2mfn: get mfn via pte
Before this commit u2mfn got the address via kmap(get_user_pages(...)).
This has the problem that get_user_pages() does not work in some cases.
For example when qemu in a stubdom tries to get the mfn for a page which
is mapped from the target domain u2mfn fails because get_user_pages()
cannot be used for such mappings.

So get the address from the pte with apply_to_page_range(). Since we are
only interested in one page get_locked_pte() would be simpler but it's
not available to modules.
2017-07-05 20:21:22 +02:00
Marek Marczykowski-Górecki
1b437e57d5
Merge remote-tracking branch 'qubesos/pr/14'
* qubesos/pr/14:
  Fall back to sync() if syncfs() is unavailable
2017-07-04 13:29:13 +02:00
Marek Marczykowski-Górecki
eb1b20fd48
version 4.0.2 2017-06-24 14:55:03 +02:00
Rusty Bird
90a1e6abbd
Fall back to sync() if syncfs() is unavailable
It seems better to err on the side of safety (vs. performance).
2017-06-16 16:13:44 +00:00
Marek Marczykowski-Górecki
da3f3cd426
initramfs: use symlink for rw root.img, instead of dm-linear
Do not add 1:1 dm-linear when root.img (/dev/xvda) is read-write. This
was to always have root device at /dev/mapper/dmroot, but unfortunately
grub can't parse it properly (fails at looking for partition number of
/dev/xvda1). There was a hack specifically for this, but it caused other
partitions on xvda unavailable.
On the other hand, symlink is enough to be able to mount always the same
device. Now, grub detect that root fs is on /dev/xvda1, which is
enough to have grub2-install working. Unfortunate effect is that it puts
root=/dev/xvda1 at kernel command line, which breaks AppVMs based on
this TemplateVM. But it's easier to fix kernel command line, than grub
device detection logic.

Fixes "initramfs: add support for root.img with partition table"

QubesOS/qubes-issues#2557
2017-06-12 13:02:31 +02:00
Paras Chetal
e9b8e5a4d1
Fix include header syntax 2017-06-09 04:45:38 +05:30
Marek Marczykowski-Górecki
77c6d8be6a
version 4.0.1 2017-05-18 01:54:46 +02:00
Marek Marczykowski-Górecki
4d6579474d
rpm: add missing build requires 2017-05-18 01:23:23 +02:00
Marek Marczykowski-Górecki
02d9a1e68f
imgconverter: use core3 API in get_from_vm() 2017-05-18 01:03:06 +02:00
Marek Marczykowski-Górecki
95805f6333
imgconverter: make it really work on python3 2017-05-18 01:03:06 +02:00
Marek Marczykowski-Górecki
6c36cb8de9
rpm: packge qubesimgconverter for both python2 and python3
And while at it, move it to separate subpackages, following Fedora
packaging guidelines.
2017-05-18 01:03:05 +02:00
unman
1db0daea9c
Improve error message when file exists 2017-04-16 02:08:54 +01:00
Marek Marczykowski-Górecki
40fe0d9c8f
travis: drop fc23 vm packages building 2017-04-10 11:01:46 +02:00
Marek Marczykowski-Górecki
ae56d597f3
rpm: add missing build requires 2017-04-10 10:47:48 +02:00
Marek Marczykowski-Górecki
488627e2e6
travis: switch to Qubes 4.0 2017-04-08 14:15:51 +02:00
Marek Marczykowski-Górecki
513a1cecf2
version 4.0.0 2017-04-08 13:58:53 +02:00
Marek Marczykowski-Górecki
13b9ea7f1c
debian: fix install location of python files
Debian use /usr/lib/python*/dist-packages (instead of site-packages) for
packaged python modules. It's achieved using --install-layout=deb
option, so pass it on Debian build.
2017-04-08 13:58:34 +02:00
Marek Marczykowski-Górecki
d0fe5e6f9a
initramfs: add support for root.img with partition table
Installing grub on root.img require some space before the filesystem.
Create it by adding partition table to root.img. This commit take care
of assembling dmroot device when such partition table is present, while
preserving compatibility with partition-less images.

QubesOS/qubes-issues#2577
2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
5c7c54adab
initramfs: move qubes_cow_setup hook to pre-trigger
This hook require new device nodes to appear in /dev. If devtmpfs is
used, it's not a problem ("simple" initramfs case), but otherwise udevd
is needed - and it isn't running in pre-udev hook yet.

QubesOS/qubes-issues#2577
2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
69a3f06f99
Install python modules to /usr
On Debian python-setuptools is configured to install into /usr/local by
default.
2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
9f6018bdb5
debian: adjust file list 2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
b52f4e0f36
Add python-setuptools to build depends 2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
fbbd21a54b
qmemman-meminfo-writer: send simplified meminfo value
Send just one value - used memory (which is calculated anyway),
instead of full input data. This greatly simplify parsing at qmemman
side.

Fixes QubesOS/qubes-issues#1312
2017-04-08 13:58:33 +02:00
Marek Marczykowski-Górecki
44edc8a9b2
dracut: add missing 'die' function to 'simple' module 2017-04-08 13:58:32 +02:00
Wojtek Porczyk
162e3734e5
Move imggen module from artwork. 2017-04-08 13:58:32 +02:00
Wojtek Porczyk
2a0bbe1c6f
Package imgconverter as separate Python module
This is partly because qubes/__init__.py conflicted with core3.
It is also a good practice.
2017-04-08 13:58:32 +02:00
Wojtek Porczyk
b6ad625b85
debian/control: remove unneeded qubesdb dependency 2017-04-08 13:58:32 +02:00
Marek Marczykowski-Górecki
4de6e4d9be
version 3.2.4 2017-03-23 11:34:01 +01:00
Marek Marczykowski-Górecki
ee5badddd5
Merge remote-tracking branch 'qubesos/pr/9'
* qubesos/pr/9:
  qubes-prepare-vm-kernel: Do not hardcode path to dracut
2017-03-17 13:46:55 +01:00
M. Vefa Bicakci
7470251cb8
qubes-prepare-vm-kernel: Do not hardcode path to dracut
dracut has apparently moved from /sbin to /bin some time in the past.
Accommodate this change to avoid failures.

Signed-off-by: M. Vefa Bicakci <m.v.b@runbox.com>
2017-03-14 19:02:03 +03:00
Olivier MEDOC
e83c8036e6 archlinux: use dracut native file instead of our own 2017-01-29 15:10:33 +01:00
Marek Marczykowski-Górecki
d3cda230b4
travis: drop debootstrap workaround
Move to qubes-builder

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2017-01-04 23:24:45 +01:00
Olivier MEDOC
dfde69e9a7 archlinux: clean up PKGBUILD and bump version number 2016-12-28 08:38:01 +01:00
Olivier MEDOC
e398441481 archlinux: clean up qubes-prepare-vm-kernel
Archlinux now support pacman hooks that automatically handle both
building modules through dkms and rebuilding the initcpio.
For this reason, support scripts are not required anymore.
2016-12-28 08:29:01 +01:00
Marek Marczykowski-Górecki
db2b027153
udev: use DM ignore device flag only for DM devices
For example do not exclude (from exposing to qvm-block) loop devices
with this flag set, otherwise `qvm-block -l` would not list just
attached disk image files.

Fixes QubesOS/qubes-issues#2453
2016-11-23 03:40:37 +01:00
Johanna A
e01745f66f Builds against 4.9
The function signature for get_user_pages() has changed in linux 4.9.
2016-10-29 10:01:01 +02:00
Marek Marczykowski-Górecki
fbcad1cb17
version 3.2.3 2016-07-17 05:17:40 +02:00