Commit Graph

353 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
3e41a2987c
imgconverter: fix make_padlock function
hex_to_float is gone, use hex_to_int instead

Fixes QubesOS/qubes-issues#3331
2017-12-21 19:12:55 +01:00
Gianluca Guida
5fbd19e1d6
Fix qrexec-lib headers 2017-12-15 20:20:15 +01:00
Marek Marczykowski-Górecki
72343fe0cd
version 4.0.12 2017-12-12 01:41:53 +01:00
Marek Marczykowski-Górecki
ee66bb4c80
Merge remote-tracking branch 'qubesos/pr/27'
* qubesos/pr/27:
  qubes-kernel-vm-support compatibility with dracut
2017-12-01 00:12:17 +01:00
Marek Marczykowski-Górecki
dc5d025247
debian: include drauct module in qubes-kernel-vm-support
Support dracut also on Debian systems.

Fixes QubesOS/qubes-issues#3361
2017-12-01 00:11:28 +01:00
Marek Marczykowski-Górecki
3d44d3a80b
debian: make it easier to spot missing files in debian/*.install 2017-12-01 00:02:46 +01:00
Patrick Schleizer
7360aee988
qubes-kernel-vm-support compatibility with dracut
move initramfs-tools from Depends: to Recommends:

fixes https://github.com/QubesOS/qubes-issues/issues/3361
2017-12-01 00:00:28 +01:00
Marek Marczykowski-Górecki
e784f3caa3
version 4.0.11 2017-11-21 05:34:50 +01:00
Marek Marczykowski-Górecki
68d7be77db
Make udev-block-add-change executable again 2017-11-21 05:34:21 +01:00
Marek Marczykowski-Górecki
6cb980f5be
Add missing classmethod decorator 2017-11-21 05:34:01 +01:00
Marek Marczykowski-Górecki
0a7d2c0789
Merge remote-tracking branch 'qubesos/pr/25'
* qubesos/pr/25:
  replace tinting algorithm with one that partially preserves saturation too
  reimplement tint algorithm with numpy for reasonable performance
  use PIL image library instead of ImageMagick to load/save images when tinting
  add Python pillow and numpy dependencies
  remove unused cairo import
2017-11-21 05:14:11 +01:00
Marek Marczykowski-Górecki
92a86fad18
version 4.0.10 2017-11-21 04:46:49 +01:00
Marek Marczykowski-Górecki
141b9912e8
Initialize pad field in filecopy final response
Do not leak 4 bytes from the receiver stack.

Reported by @cfcs
2017-11-20 13:58:39 +01:00
Marek Marczykowski-Górecki
75fa0d3cb0
Merge remote-tracking branch 'qubesos/pr/26'
* qubesos/pr/26:
  This commit specifies the integer width explicitly to match `result_header_ext` etc.
2017-11-20 13:56:55 +01:00
Your Name
a96fe7203e This commit specifies the integer width explicitly to match result_header_ext etc.
also, can someone explain to me why `send_status_and_crc` does not need
to set `_pad` to prevent leaking stack memory in the responses?
2017-11-20 02:40:35 +01:00
qubesuser
ee58088dec replace tinting algorithm with one that partially preserves saturation too
This algorithm partially preserves saturation, for a  better result, but
enforces a minimum chroma, so that greyscale images get tinted.
2017-11-08 18:57:22 +01:00
qubesuser
843ac6c477 reimplement tint algorithm with numpy for reasonable performance
The old algorithm was so slow it would take seconds to tint all images
for a VM.
2017-11-08 18:57:22 +01:00
qubesuser
86e9231ac9 use PIL image library instead of ImageMagick to load/save images when tinting 2017-11-08 18:57:22 +01:00
qubesuser
6c6070ab49 add Python pillow and numpy dependencies 2017-11-08 17:45:21 +01:00
qubesuser
f893420871 remove unused cairo import 2017-11-08 17:45:21 +01:00
qubesuser
4d08ff40a9 Speed up udev-block-add-change by not using xenstore
xenstore-ls is incredibly slow, while reading sysfs is much faster
2017-11-08 03:37:53 +01:00
Olivier MEDOC
19cb61a0ed archlinux: build imgconverter with both python2 and python3 2017-10-22 19:17:12 +02:00
Marek Marczykowski-Górecki
f7cd2b2a76
version 4.0.9 2017-10-17 23:54:15 +02:00
Marek Marczykowski-Górecki
09e6d2ac95
initramfs: add support for variable partitions layout
Try to find root filesystem by partition label (not filesystem label!).
If that fails, default to 3rd partition according to (new) default
layout.

Fixes QubesOS/qubes-issues#3173
2017-10-17 22:45:07 +02:00
Marek Marczykowski-Górecki
e9615899ff
qubes-prepare-vm-kernel: Include kernel and initramfs inside modules.img
This will allow to boot the HVM using provided kernel directly (loaded
by qemu in stubdomain), without need for additional bootloader.

Fixes QubesOS/qubes-issues#2822
2017-10-16 23:43:03 +02:00
Marek Marczykowski-Górecki
b227d01a8a
Fix initramfs scripts on Debian
1. /etc/udev/rules.d needs to be created
2. udev needs to be reloaded explicitly

Fixes QubesOS/qubes-issues#3178
2017-10-16 23:41:21 +02:00
Marek Marczykowski-Górecki
766f83de8e
version 4.0.8 2017-09-30 01:59:38 +02:00
Marek Marczykowski-Górecki
b2207b44fc
travis: add fc26 build 2017-09-29 21:13:16 +02:00
Frédéric Pierret
b3f24caaf2
Fix CentOS dependencies: python3 2017-09-28 14:34:20 +02:00
Marek Marczykowski-Górecki
c62c8e4416
version 4.0.7 2017-09-15 13:43:18 +02:00
Marek Marczykowski-Górecki
c7420318e2
udev: fix loop devices exclusion based on directory flagfile
Getting loop device backing file path was broken:
${NAME%p*} for not-partitioned devices will cut the actual device name.
Use full name instead. This probably breaks handling partitioned
devices, but such devices should not appear in a directory flagged to be
ignored (VM images)

QubesOS/qubes-issues#3084
2017-09-15 05:25:42 +02:00
Olivier MEDOC
0207537b50
Fix gcc Werror because of a typo in a switch/case explicit fallthrough comment
GCC crash because of -Werror=implicit-fallthrough. However the fallthrough exists but has a typo.

Thanks for omac777 analysis (7d0b8155a3)

However the fallthrough exists but has a typo

(cherry picked from commit ea0c714139)
2017-09-13 01:06:04 +02:00
Marek Marczykowski-Górecki
d703652070
version 4.0.6 2017-09-12 04:52:48 +02:00
Marek Marczykowski-Górecki
764b0f3f07
udev: major cleanup in block devices handling
1. Do not detach device forcefully when it's removed. This breaks
libvirt (which thinks the device is still there). After this change, it
is possible to detach device using libvirt, even if it was already
removed physically from backend domain (unless it is dom0 - in which
case it is still broken). So, this is partial fix for
QubesOS/qubes-issues#1082.

2. Do not trigger "change" udev event when only QubesDB state needs to
be updated - this leads to massive udev events queue, and heavy I/O
usage - for example scanning all LVM many times. In some cases it even
caused infinite event queue.

3. Do not use QUBES_EXPOSED udev property - it was needed a while back
before QubesDB, because concurrent xenstore accesses are expensive
(because of transactions). It isn't the problem on QubesDB.

4. Cache information about device-mapper, so it is possible to
reconstruct it at device remove - when the actual device cannot be
queried anymore. This is specifically about list of lower layer devices
used.

5. Allow excluding loop devices pointing at a file in directory marked
with ".qubes-exclude-block-devices" file. This is more generic than
hardcoding /var/lib/qubes.

QubesOS/qubes-issues#3084
Fixes QubesOS/qubes-issues#3073
QubesOS/qubes-issues#1082
2017-09-12 04:25:34 +02:00
Marek Marczykowski-Górecki
dd71f295e5
Merge remote-tracking branch 'qubesos/pr/16'
* qubesos/pr/16:
  Fix off-by-one error in header length calculation
2017-08-12 14:02:51 +02:00
Jean-Philippe Ouellet
349f79bc66
Fix off-by-one error in header length calculation
int(ceil(log10(100))) is one lower than it should be when max widths are
powers of 10. This means providing a value of 100 when the max is 100
produces an unexpected failure.

Was never triggered because imghdrlen args are only hard-coded
constants, but a bug is a bug.
2017-08-11 09:43:41 -04:00
Marek Marczykowski-Górecki
22c94c37a9
version 4.0.5 2017-08-11 13:34:11 +02:00
Marek Marczykowski-Górecki
823d73a524
udev: filter-out QEMU devices
Fixes QubesOS/qubes-issues#2969
2017-08-07 23:00:53 +02:00
Marek Marczykowski-Górecki
43908b7eaa
version 4.0.4 2017-07-29 05:19:34 +02:00
Marek Marczykowski-Górecki
b130b79b28
Merge remote-tracking branch 'qubesos/pr/15'
* qubesos/pr/15:
  u2mfn: get mfn via pte
2017-07-24 14:02:37 +02:00
Marek Marczykowski-Górecki
4dd813c14b
version 4.0.3 2017-07-06 19:41:04 +02:00
Marek Marczykowski-Górecki
0d4c561064
udev: don't list in qvm-block any device marked to be ignored by udev
Not only device-mapper one.
This especially include loop devices for VM disk images.

QubesOS/qubes-issues#2319
2017-07-06 19:40:51 +02:00
HW42
f14637a615 u2mfn: get mfn via pte
Before this commit u2mfn got the address via kmap(get_user_pages(...)).
This has the problem that get_user_pages() does not work in some cases.
For example when qemu in a stubdom tries to get the mfn for a page which
is mapped from the target domain u2mfn fails because get_user_pages()
cannot be used for such mappings.

So get the address from the pte with apply_to_page_range(). Since we are
only interested in one page get_locked_pte() would be simpler but it's
not available to modules.
2017-07-05 20:21:22 +02:00
Marek Marczykowski-Górecki
1b437e57d5
Merge remote-tracking branch 'qubesos/pr/14'
* qubesos/pr/14:
  Fall back to sync() if syncfs() is unavailable
2017-07-04 13:29:13 +02:00
Marek Marczykowski-Górecki
eb1b20fd48
version 4.0.2 2017-06-24 14:55:03 +02:00
Rusty Bird
90a1e6abbd
Fall back to sync() if syncfs() is unavailable
It seems better to err on the side of safety (vs. performance).
2017-06-16 16:13:44 +00:00
Marek Marczykowski-Górecki
da3f3cd426
initramfs: use symlink for rw root.img, instead of dm-linear
Do not add 1:1 dm-linear when root.img (/dev/xvda) is read-write. This
was to always have root device at /dev/mapper/dmroot, but unfortunately
grub can't parse it properly (fails at looking for partition number of
/dev/xvda1). There was a hack specifically for this, but it caused other
partitions on xvda unavailable.
On the other hand, symlink is enough to be able to mount always the same
device. Now, grub detect that root fs is on /dev/xvda1, which is
enough to have grub2-install working. Unfortunate effect is that it puts
root=/dev/xvda1 at kernel command line, which breaks AppVMs based on
this TemplateVM. But it's easier to fix kernel command line, than grub
device detection logic.

Fixes "initramfs: add support for root.img with partition table"

QubesOS/qubes-issues#2557
2017-06-12 13:02:31 +02:00
Paras Chetal
e9b8e5a4d1
Fix include header syntax 2017-06-09 04:45:38 +05:30
Marek Marczykowski-Górecki
77c6d8be6a
version 4.0.1 2017-05-18 01:54:46 +02:00
Marek Marczykowski-Górecki
4d6579474d
rpm: add missing build requires 2017-05-18 01:23:23 +02:00