Archlinux now support pacman hooks that automatically handle both
building modules through dkms and rebuilding the initcpio.
For this reason, support scripts are not required anymore.
For example do not exclude (from exposing to qvm-block) loop devices
with this flag set, otherwise `qvm-block -l` would not list just
attached disk image files.
FixesQubesOS/qubes-issues#2453
For example, attaching a device-mapper device to another VM increases
its "dmsetup info" open count in is_used(), which triggered its removal
from qvm-block.
The canonical device name is not necessarily used in /proc/mounts or
/proc/self/mountinfo, see /dev/dm-0 vs. /dev/mapper/dmroot. (And only
checking by major:minor is not possible in the case of btrfs.)
Also fixes another bug where e.g. dm-10 would match when really only
dm-1 was mounted, or when the mountpoint path included the device name,
etc.
Also catches enabled swap.
Apparently some devices do not comply with standards (there is no such
thing as USB version 2.01), but other than that works fine. So take into
account only the major number of bcdUSB field.
FixesQubesOS/qubes-issues#2158
Those devices are most likely attached using "PV USB" from another
domain, so it doesn't make sense to list them as available for further
passthrough.
QubesOS/qubes-issues#531
Even if particular PV USB implementation doesn't support it, still have
it included in QubesDB. It should be up to attaching code to decide.
Also, don't fail if xen-usbback module doesn't exist. This isn't the
only option (the other one is usbip over qrexec).
QubesOS/qubes-issues#531
During early dom0 boot, before xenstored is started any access to it
through /proc/xen/xenbus (or /dev/xen/xenbus) will wait until xenstored
is started. If that happens in script ordered to start before xenstored,
we have a deadlock. Prevent this by using `xenstore-ls -s` in dom0,
which will fail immediately when xenstored isn't running yet. This fail
isn't a problem, because when xenstored isn't running yet, surely device
isn't attached anywhere.
QubesOS/qubes-issues#1081
This prevents simultaneous attachment of the same device (in practice)
to multiple VMs.
This change to be effective requires udev action being called when such
device is attached/detached to some domain. Script
/etc/xen/scripts/block will take care of it.
FixesQubesOS/qubes-issues#1081
Exclude exclude device if mounted/part of other device, or any of its
partition is used (same definition). Update this state whenever device
or it's partition receives udev event.
FixesQubesOS/qubes-issues#1600
* origin/pr/4:
archlinux: fix syntax errors in install file
archlinux: add an install file specifically for vm-kernel-support
kernel-support: compile u2mfn from source even if it has been never built
archlinux: implement kernel-support
archlinux: ensure gcc, make and pkgconfig are makedependencies
When device becomes non-attachable (for example because it gets mounted,
or used as part of LVM/RAID/whatever), it should be removed from
advertised available devices. The code for removing QubesDB entry was
buggy - the device is actually a directory in QubesDB, not a single
entry.
QubesOS/qubes-issues#1600
There are already some other rules to ignore not interesting devices.
This includes device-mapper assembled in initramfs manually. 'dmroot'
isn't properly detected as mounted because /dev/mapper/dmroot isn't a
symlink to /dev/dm-0 and /proc/mounts contains the former name, while
udev event the later.
FixesQubesOS/qubes-issues#1586
Generally build env (rpmbuild, dpkg-buildpackage) provide sane and
useful defaults.
Fixes hardening-no-relro lintian warning.
QubesOS/qubes-issues#1416
By default dracut set 600 mode. While it isn't a problem for starting a
VM (which is done as root), it is a problem for creating standalone VM,
which has it's own copy of kernel directory.
Olivier MEDOC