version 3.0.17

udev: fix hiding devices from qvm-block
When device becomes non-attachable (for example because it gets mounted, or used as part of LVM/RAID/whatever), it should be removed from advertised available devices. The code for removing QubesDB entry was buggy - the device is actually a directory in QubesDB, not a single entry. QubesOS/qubes-issues#1600 (cherry picked from commit 22d6892ec9)
14 changed files with 184 additions and 75 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,64 @@
+qubes-utils (3.0.17) wheezy; urgency=medium
+
+  * udev: fix hiding devices from qvm-block
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sun, 01 May 2016 22:42:15 +0200
+
+qubes-utils (3.0.16) wheezy; urgency=medium
+
+  * udev: do not assume static device-mapper major number
+  * udev: ignore devices set to be ignore elsewhere
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 15 Jan 2016 12:40:17 +0100
+
+qubes-utils (3.0.15) wheezy; urgency=medium
+
+  * qrexec-lib: add glibc version test check for having syncfs
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 11 Dec 2015 21:44:12 +0100
+
+qubes-utils (3.0.14) wheezy; urgency=medium
+
+  [ Marek Marczykowski-Górecki ]
+  * debian: prevent upgrades without new enough qubes-core-agent
+
+  [ Rusty Bird ]
+  * qfile-unpacker: syncfs() to avoid qvm-move-to-vm data loss
+
+  [ Marek Marczykowski-Górecki ]
+  * qrexec: add clarification commends in qrexec.h
+  * qubes-prepare-vm-kernel: ensure proper permissions on initramfs
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 11 Dec 2015 21:09:45 +0100
+
+qubes-utils (3.0.13) wheezy; urgency=medium
+
+  [ Rusty Bird ]
+  * Check if QubesIncoming filesystem supports O_TMPFILE
+
+  [ Marek Marczykowski-Górecki ]
+  * rpm: disable debuginfo subpackage in qubes-kernel-vm-support
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 13 Nov 2015 23:20:22 +0100
+
+qubes-utils (3.0.12) wheezy; urgency=medium
+
+  * libqrexec-utils: fix linker options
+  * libqrexec-utils: bring back buffered write helpers
+  * libqrexec-utils: bump SO version because of ABI change
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 30 Oct 2015 15:33:28 +0100
+
+qubes-utils (3.0.11) wheezy; urgency=medium
+
+  [ qubesuser ]
+  * Report Xen balloon current size instead of Linux total memory
+
+  [ Marek Marczykowski-Górecki ]
+  * qfile-unpacker: do not call fdatasync() at each file (#1257)
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sun, 11 Oct 2015 02:51:07 +0200
+
 qubes-utils (3.0.10) wheezy; urgency=medium

  [ Olivier MEDOC ]
--- a/debian/control
+++ b/debian/control
@ -12,6 +12,7 @@ Package: qubes-utils
 Architecture: any
 Depends: qubesdb-vm, libvchan-xen, lsb-base, ${shlibs:Depends}, ${misc:Depends}
 Conflicts: qubes-linux-utils
+Breaks: qubes-core-agent (<< 3.0.19)
 Recommends: python2.7
 Description: Qubes Linux utilities
 This package includes the basic qubes utilities necessary for domU.
--- a/kernel-modules/qubes-prepare-vm-kernel
+++ b/kernel-modules/qubes-prepare-vm-kernel
@ -56,6 +56,7 @@ function build_initramfs() {
        --conf /dev/null --confdir /var/empty \
        -d "xenblk xen-blkfront cdrom ext4 jbd2 crc16 dm_snapshot" \
        $output_file $kver
+    chmod 644 "$output_file"
 }

 if [ -z "$1" ]; then
--- a/qmemman/meminfo-writer.c
+++ b/qmemman/meminfo-writer.c
@ -16,9 +16,9 @@ int used_mem_change_threshold;
 int delay;
 int usr1_received;

-const char *parse(const char *buf)
+const char *parse(const char *meminfo_buf, const char* dom_current_buf)
 {
-	const char *ptr = buf;
+	const char *ptr = meminfo_buf;
 	static char outbuf[4096];
 	int val;
 	int len;
@ -59,6 +59,12 @@ const char *parse(const char *buf)
 		ptr += len;
 	}

+	if(dom_current_buf) {
+		int DomTotal = strtol(dom_current_buf, 0, 10);
+		if(DomTotal)
+			MemTotal = DomTotal;
+	}
+
 	used_mem =
 	    MemTotal - Buffers - Cached - MemFree + SwapTotal - SwapFree;
 	if (used_mem < 0)
@ -103,13 +109,50 @@ void usr1_handler(int sig __attribute__((__unused__))) {
 	usr1_received = 1;
 }

-int main(int argc, char **argv)
+static inline void pread0_string(int fd, char* buf, size_t buf_size)
 {
-	char buf[4096];
-	int n;
+	int n = pread(fd, buf, buf_size - 1, 0);
+	if (n < 0) {
+		perror("pread");
+		exit(1);
+	}
+	buf[n] = 0;
+}
+
+static void update(struct xs_handle *xs, int meminfo_fd, int dom_current_fd)
+{
+	char dom_current_buf[32];
+	char dom_current_buf2[32];
+	char meminfo_buf[4096];
 	const char *meminfo_data;
-	int fd;
+
+	pread0_string(dom_current_fd, dom_current_buf, sizeof(dom_current_buf));
+
+	/* check until the dom current reading is stable to avoid races */
+	for(;;) {
+		pread0_string(meminfo_fd, meminfo_buf, sizeof(meminfo_buf));
+		pread0_string(dom_current_fd, dom_current_buf2, sizeof(dom_current_buf2));
+
+		if(!strcmp(dom_current_buf, dom_current_buf2))
+			break;
+
+		pread0_string(meminfo_fd, meminfo_buf, sizeof(meminfo_buf));
+		pread0_string(dom_current_fd, dom_current_buf, sizeof(dom_current_buf));
+
+		if(!strcmp(dom_current_buf, dom_current_buf2))
+			break;
+	}
+
+	meminfo_data = parse(meminfo_buf, dom_current_buf);
+	if (meminfo_data)
+		send_to_qmemman(xs, meminfo_data);
+}
+
+int main(int argc, char **argv)
+{
+	int meminfo_fd, dom_current_fd;
 	struct xs_handle *xs;
+	int n;

 	if (argc != 3 && argc != 4)
 		usage();
@ -121,6 +164,8 @@ int main(int argc, char **argv)
 	if (argc == 4) {
 		pid_t pid;
 		sigset_t mask, oldmask;
+		int fd;
+		char buf[32];

 		switch (pid = fork()) {
 			case -1:
@ -155,9 +200,14 @@ int main(int argc, char **argv)
 		}
 	}

-	fd = open("/proc/meminfo", O_RDONLY);
-	if (fd < 0) {
-		perror("open meminfo");
+	meminfo_fd = open("/proc/meminfo", O_RDONLY);
+	if (meminfo_fd < 0) {
+		perror("open /proc/meminfo");
+		exit(1);
+	}
+	dom_current_fd = open("/sys/devices/system/xen_memory/xen_memory0/info/current_kb", O_RDONLY);
+	if (dom_current_fd < 0) {
+		perror("open /sys/devices/system/xen_memory/xen_memory0/info/current_kb");
 		exit(1);
 	}
 	xs = xs_domain_open();
@ -167,15 +217,8 @@ int main(int argc, char **argv)
 	}
 	if (argc == 3) {
 		/* if not waiting for signal, fork after first info written to xenstore */
-		n = pread(fd, buf, sizeof(buf)-1, 0);
-		if (n < 0) {
-			perror("pread");
-			exit(1);
-		}
-		buf[n] = 0;
-		meminfo_data = parse(buf);
-		if (meminfo_data)
-			send_to_qmemman(xs, meminfo_data);
+		update(xs, meminfo_fd, dom_current_fd);
+
 		n = fork();
 		if (n < 0) {
 			perror("fork");
@ -187,15 +230,8 @@ int main(int argc, char **argv)
 	}

 	for (;;) {
-		n = pread(fd, buf, sizeof(buf)-1, 0);
-		if (n < 0) {
-			perror("pread");
-			exit(1);
-		}
-		buf[n] = 0;
-		meminfo_data = parse(buf);
-		if (meminfo_data)
-			send_to_qmemman(xs, meminfo_data);
+		update(xs, meminfo_fd, dom_current_fd);
 		usleep(delay);
 	}
 }
+
--- a/qrexec-lib/Makefile
+++ b/qrexec-lib/Makefile
@ -1,8 +1,9 @@
 CC=gcc
 CFLAGS+=-I. -g -O2 -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
 COMMONIOALL=ioall.o
-SO_VER=1
+SO_VER=2
 LDFLAGS=-shared
+VCHANLIBS = `pkg-config --libs vchan-$(BACKEND_VMM)`

 _XENSTORE_H=$(shell ls /usr/include/xenstore.h)
 ifneq "$(_XENSTORE_H)" ""
@ -11,8 +12,8 @@ endif


 all: libqrexec-utils.so.$(SO_VER) libqubes-rpc-filecopy.so.$(SO_VER)
-libqrexec-utils.so.$(SO_VER): unix-server.o ioall.o buffer.o exec.o txrx-vchan.o
-	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^ $(XENLIBS)
+libqrexec-utils.so.$(SO_VER): unix-server.o ioall.o buffer.o exec.o txrx-vchan.o write-stdin.o
+	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^ $(VCHANLIBS)
 libqubes-rpc-filecopy.so.$(SO_VER): ioall.o copy-file.o crc32.o unpack.o
 	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^

--- a/qrexec-lib/libqrexec-utils.h
+++ b/qrexec-lib/libqrexec-utils.h
@ -28,6 +28,11 @@ struct buffer {
 	int buflen;
 };

+/* return codes for buffered writes */
+#define WRITE_STDIN_OK        0 /* all written */
+#define WRITE_STDIN_BUFFERED  1 /* something still in the buffer */
+#define WRITE_STDIN_ERROR     2 /* write error, errno set */
+
 typedef void (do_exec_t)(const char *);
 void register_exec_func(do_exec_t *func);

@ -38,6 +43,9 @@ void buffer_remove(struct buffer *b, int len);
 int buffer_len(struct buffer *b);
 void *buffer_data(struct buffer *b);

+int flush_client_data(int fd, struct buffer *buffer);
+int write_stdin(int fd, const char *data, int len, struct buffer *buffer);
+int fork_and_flush_stdin(int fd, struct buffer *buffer);

 void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
 		  int *stderr_fd);
--- a/qrexec-lib/qrexec.h
+++ b/qrexec-lib/qrexec.h
@ -80,16 +80,16 @@ struct msg_header {
 struct exec_params {
    uint32_t connect_domain; /* target domain name */
    uint32_t connect_port;   /* target vchan port for i/o exchange */
-    char cmdline[0];         /* command line to execute, size = msg_header.len - sizeof(struct exec_params) */
+    char cmdline[0];         /* command line to execute, null terminated, size = msg_header.len - sizeof(struct exec_params) */
 };

 struct service_params {
-    char ident[32];
+    char ident[32];          /* null terminated ASCII string */
 };

 struct trigger_service_params {
-    char service_name[64];
-    char target_domain[32];
+    char service_name[64];            /* null terminated ASCII string */
+    char target_domain[32];           /* null terminated ASCII string */
    struct service_params request_id; /* service request id */
 };

@ -105,7 +105,7 @@ enum {
    MSG_DATA_STDOUT,
    /* stderr VM->dom0 */
    MSG_DATA_STDERR,
-    /* VM process exit code VM->dom0 (int) */
+    /* VM process exit code VM->dom0 (uint32_t) */
    MSG_DATA_EXIT_CODE,
 };

--- a/qrexec-lib/unpack.c
+++ b/qrexec-lib/unpack.c
@ -33,6 +33,10 @@ void send_status_and_crc(int code, const char *last_filename);
 #define O_TMPFILE_MASK (__O_TMPFILE | O_DIRECTORY | O_CREAT)
 #endif

+#if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 14)
+#define HAVE_SYNCFS
+#endif
+
 void do_exit(int code, const char *last_filename)
 {
 	close(0);
@ -112,11 +116,11 @@ void process_one_file_reg(struct file_header *untrusted_hdr,
 	if (use_tmpfile) {
 		fdout = open(".", O_WRONLY | O_TMPFILE, 0700);
 		if (fdout < 0) {
-		   if (errno==ENOENT)
-			   /* if it fails, do not attempt further use - most likely kernel too old */
-			   use_tmpfile = 0;
-		   else
-			   do_exit(errno, untrusted_name);
+			if (errno==ENOENT || /* most likely, kernel too old for O_TMPFILE */
+			    errno==EOPNOTSUPP) /* filesystem has no support for O_TMPFILE */
+				use_tmpfile = 0;
+			else
+				do_exit(errno, untrusted_name);
 		}
 	}
 	if (fdout < 0)
@ -137,7 +141,6 @@ void process_one_file_reg(struct file_header *untrusted_hdr,
 		else
 			do_exit(errno, untrusted_name);
 	}
-	fdatasync(fdout);
 	if (use_tmpfile) {
 		char fd_str[7];
 		snprintf(fd_str, sizeof(fd_str), "%d", fdout);
@ -209,6 +212,11 @@ void process_one_file(struct file_header *untrusted_hdr)
 int do_unpack(void)
 {
 	struct file_header untrusted_hdr;
+#ifdef HAVE_SYNCFS
+	int cwd_fd;
+	int saved_errno;
+#endif
+
 	total_bytes = total_files = 0;
 	/* initialize checksum */
 	crc32_sum = 0;
@ -223,6 +231,14 @@ int do_unpack(void)
 			do_exit(EDQUOT, untrusted_namebuf);
 		process_one_file(&untrusted_hdr);
 	}
+
+#ifdef HAVE_SYNCFS
+	saved_errno = errno;
+	cwd_fd = open(".", O_RDONLY);
+	if (cwd_fd >= 0 && syncfs(cwd_fd) == 0 && close(cwd_fd) == 0)
+		errno = saved_errno;
+#endif
+
 	send_status_and_crc(errno, untrusted_namebuf);
 	return errno;
 }
--- a/qrexec-lib/write-stdin.c
+++ b/qrexec-lib/write-stdin.c
@ -29,16 +29,18 @@
 #include "libqrexec-utils.h"

 /* 
-There is buffered data in "buffer" for client id "client_id", and select()
-reports that "fd" is writable. Write as much as possible to fd, if all sent,
-notify the peer that this client's pipe is no longer full.
+There is buffered data in "buffer" for client and select()
+reports that "fd" is writable. Write as much as possible to fd.
 */
-int flush_client_data(libvchan_t *vchan, int fd, int client_id, struct buffer *buffer)
+int flush_client_data(int fd, struct buffer *buffer)
 {
 	int ret;
 	int len;
 	for (;;) {
 		len = buffer_len(buffer);
+		if (!len) {
+			return WRITE_STDIN_OK;
+		}
 		if (len > MAX_DATA_CHUNK)
 			len = MAX_DATA_CHUNK;
 		ret = write(fd, buffer_data(buffer), len);
@ -52,27 +54,15 @@ int flush_client_data(libvchan_t *vchan, int fd, int client_id, struct buffer *b
 		// it will be wrong if we change MAX_DATA_CHUNK to something large
 		// as pipes writes are atomic only to PIPE_MAX limit 
 		buffer_remove(buffer, ret);
-		len = buffer_len(buffer);
-		if (!len) {
-			struct server_header s_hdr;
-			s_hdr.type = MSG_XON;
-			s_hdr.client_id = client_id;
-			s_hdr.len = 0;
-			if (libvchan_send(vchan, (char*)&s_hdr, sizeof s_hdr) < 0)
-				return WRITE_STDIN_ERROR;
-			return WRITE_STDIN_OK;
-		}
 	}

 }

 /*
 Write "len" bytes from "data" to "fd". If not all written, buffer the rest
-to "buffer", and notify the peer that the client "client_id" pipe is full via 
-MSG_XOFF message.
+to "buffer".
 */
-int write_stdin(libvchan_t *vchan, int fd, int client_id, const char *data, int len,
-		struct buffer *buffer)
+int write_stdin(int fd, const char *data, int len, struct buffer *buffer)
 {
 	int ret;
 	int written = 0;
@ -88,26 +78,17 @@ int write_stdin(libvchan_t *vchan, int fd, int client_id, const char *data, int
 			exit(1);
 		}
 		if (ret == -1) {
-			struct server_header s_hdr;
-
 			if (errno != EAGAIN)
 				return WRITE_STDIN_ERROR;

 			buffer_append(buffer, data + written,
 				      len - written);

-			s_hdr.type = MSG_XOFF;
-			s_hdr.client_id = client_id;
-			s_hdr.len = 0;
-			if (libvchan_send(vchan, (char*)&s_hdr, sizeof s_hdr) < 0)
-				return WRITE_STDIN_ERROR;
-
 			return WRITE_STDIN_BUFFERED;
 		}
 		written += ret;
 	}
 	return WRITE_STDIN_OK;
-
 }

 /* 
--- a/rpm_spec/qubes-kernel-vm-support.spec
+++ b/rpm_spec/qubes-kernel-vm-support.spec
@ -22,6 +22,9 @@

 %{!?version: %define version %(cat version)}

+# Package contains /usr/lib, but not binary files, which confuses find-debuginfo.sh script.
+%global debug_package %{nil}
+
 Name:		qubes-kernel-vm-support
 Version:	%{version}
 Release:	1%{?dist}
--- a/rpm_spec/qubes-utils.spec
+++ b/rpm_spec/qubes-utils.spec
@ -85,8 +85,8 @@ rm -rf $RPM_BUILD_ROOT
 %{python_sitearch}/qubes/imgconverter.pyo

 %files libs
-%{_libdir}/libqrexec-utils.so.1
-%{_libdir}/libqubes-rpc-filecopy.so.1
+%{_libdir}/libqrexec-utils.so.2
+%{_libdir}/libqubes-rpc-filecopy.so.2

 %files devel
 %defattr(-,root,root,-)
--- a/udev/udev-block-add-change
+++ b/udev/udev-block-add-change
@ -9,7 +9,7 @@ QDB_KEY="/qubes-block-devices/$NAME"

 xs_remove() {
    if [ "$QUBES_EXPOSED" == "1" ]; then
-        qubesdb-rm "$QDB_KEY"
+        qubesdb-rm "$QDB_KEY/"
        qubesdb-write /qubes-block-devices ''
    fi
    echo QUBES_EXPOSED=0
--- a/udev/udev-qubes-block.rules
+++ b/udev/udev-qubes-block.rules
@ -11,9 +11,10 @@ KERNEL=="xvda|xvdb|xvdc*|xvdd", ENV{UDISKS_IGNORE}="1"
 ENV{MAJOR}=="202", GOTO="qubes_block_end"

 # Skip device-mapper devices
-ENV{MAJOR}=="253", ENV{DM_NAME}=="snapshot-*", GOTO="qubes_block_end"
-ENV{MAJOR}=="253", ENV{DM_NAME}=="origin-*", GOTO="qubes_block_end"
-ENV{MAJOR}=="253", ENV{DM_NAME}=="", GOTO="qubes_block_end"
+KERNEL=="dm-*", ENV{DM_NAME}=="snapshot-*", GOTO="qubes_block_end"
+KERNEL=="dm-*", ENV{DM_NAME}=="origin-*", GOTO="qubes_block_end"
+KERNEL=="dm-*", ENV{DM_NAME}=="", GOTO="qubes_block_end"
+ENV{DM_UDEV_DISABLE_DISK_RULES_FLAG}=="1", GOTO="qubes_block_end"

 IMPORT{db}="QUBES_EXPOSED"
 ACTION=="add", IMPORT{program}="/usr/libexec/qubes/udev-block-add-change"
--- a/2
+++ b/2
@ -1 +1 @@
-3.0.10
+3.0.17
Author	SHA1	Message	Date
Marek Marczykowski-Górecki	f324f9b3f9	version 3.0.17	8 years ago
Marek Marczykowski-Górecki	09bdeab290	udev: fix hiding devices from qvm-block When device becomes non-attachable (for example because it gets mounted, or used as part of LVM/RAID/whatever), it should be removed from advertised available devices. The code for removing QubesDB entry was buggy - the device is actually a directory in QubesDB, not a single entry. QubesOS/qubes-issues#1600 (cherry picked from commit `22d6892ec9`)	8 years ago
Marek Marczykowski-Górecki	919a1e8fa2	version 3.0.16	8 years ago
Marek Marczykowski-Górecki	7fb5b27fea	udev: ignore devices set to be ignore elsewhere There are already some other rules to ignore not interesting devices. This includes device-mapper assembled in initramfs manually. 'dmroot' isn't properly detected as mounted because /dev/mapper/dmroot isn't a symlink to /dev/dm-0 and /proc/mounts contains the former name, while udev event the later. Fixes QubesOS/qubes-issues#1586 (cherry picked from commit `6ac3fc3247`)	8 years ago
Marek Marczykowski-Górecki	c347d7e0df	udev: do not assume static device-mapper major number It is not static. QubesOS/qubes-issues#1586 (cherry picked from commit `50145d448a`)	8 years ago
Marek Marczykowski-Górecki	bfffb05fcd	version 3.0.15	9 years ago
Marek Marczykowski-Górecki	8e6bbc7187	qrexec-lib: add glibc version test check for having syncfs Compile fix for wheezy, which has too old glibc (2.13). (cherry picked from commit `c2c36d9c09`)	9 years ago
Marek Marczykowski-Górecki	6ce2b79438	version 3.0.14	9 years ago
Marek Marczykowski-Górecki	b23ddddd3e	qubes-prepare-vm-kernel: ensure proper permissions on initramfs By default dracut set 600 mode. While it isn't a problem for starting a VM (which is done as root), it is a problem for creating standalone VM, which has it's own copy of kernel directory. (cherry picked from commit `2f1c8ea459`)	9 years ago
Marek Marczykowski-Górecki	ddcbe6fbc4	qrexec: add clarification commends in qrexec.h QubesOS/qubes-issues#1392 (cherry picked from commit `cd277485bb`)	9 years ago
Rusty Bird	f3ffcfe9ba	qfile-unpacker: syncfs() to avoid qvm-move-to-vm data loss Commit https://github.com/QubesOS/qubes-linux-utils/commit/c1d42f1 -- "qfile-unpacker: do not call fdatasync() at each file" fixing QubesOS/qubes-issues#1257 -- increased the chance of data loss with qvm-move-to-vm: Say it nominally succeeds, and deletes the files from the source VM. Soon after, the destination VM or the system could crash, or an external drive hosting ~/QubesIncoming/srcVM could get unplugged by accident, all before the data had really been persisted to disk. But reverting the commit (ignoring the performance issue) wouldn't completely solve this: "Calling fsync() does not necessarily ensure that the entry in the directory containing the file has also reached disk. For that an explicit fsync() on a file descriptor for the directory is also needed." - fsync(2) It gets even worse for "slow symlinks" (whose target is too long to be stored directly in the inode metadata), apparently they can't be synced at all individually. So instead, just call syncfs() once after everything has been unpacked: + Should prevent all data loss (if fs and disk are well behaved) + Allows caching and reordering -> no slowdown with many small files - Blocks until any unrelated writes on the filesystem finish :\ (cherry picked from commit `4f59b3df6f`)	9 years ago
Marek Marczykowski-Górecki	f0cfd2c080	debian: prevent upgrades without new enough qubes-core-agent New qubes-utils package brings new libqrexec-utils (changed SO name) and it will break qubes-core-agent linked with the old one.	9 years ago
Marek Marczykowski-Górecki	b66299eacb	version 3.0.13	9 years ago
Marek Marczykowski-Górecki	ea452e277e	rpm: disable debuginfo subpackage in qubes-kernel-vm-support find-debuginfo.sh in Fedora 23 doesn't properly handle packages without any binary. QubesOS/qubes-issues#1413 (cherry picked from commit `170d46c40d`)	9 years ago
Rusty Bird	c78b2c3a7a	Check if QubesIncoming filesystem supports O_TMPFILE The filesystem hosting ~/QubesIncoming/srcVM/ needs to support O_TMPFILE too, in addition to the kernel. If it doesn't, take the use_tmpfile = 0 fallback. (cherry picked from commit `74a1b4cc50`)	9 years ago
Marek Marczykowski-Górecki	6fcc66eae4	version 3.0.12	9 years ago
Marek Marczykowski-Górecki	d77658b115	libqrexec-utils: bump SO version because of ABI change New functions were introduced. (cherry picked from commit `1a3be481b5`)	9 years ago
Marek Marczykowski-Górecki	61c3357ce1	libqrexec-utils: bring back buffered write helpers It is required to prevent deadlocks in single-threaded select-based IO programs (namely: qrexec). POSIX API doesn't support checking how much can be written to pipe/socket without blocking, so to prevent blocking application must use O_NONBLOCK mode, and somehow deal with non-written data (buffer it). QubesOS/qubes-issues#1347 (cherry picked from commit `6a44eaeb09`)	9 years ago
Marek Marczykowski-Górecki	aa6e51f369	libqrexec-utils: fix linker options Fix linking with libvchan. Previously it worked because all the users were also linked with libvchan. (cherry picked from commit `632522b35e`)	9 years ago
Marek Marczykowski-Górecki	0e26602071	version 3.0.11	9 years ago
Marek Marczykowski-Górecki	eb11cf6989	qfile-unpacker: do not call fdatasync() at each file (#1257 ) POSIX requires that a read(2) which can be proved to occur after a write() has returned returns the new data. We want here only that other processes in the same VM will see the file either fully written, or not see it at all. So ensuring that linkat(2) is called after write is completed should be enough. Fixes QubesOS/qubes-issues#1257 (cherry picked from commit `c1d42f1602`)	9 years ago
qubesuser	d2a8725217	Report Xen balloon current size instead of Linux total memory This results in qmemman knowing about the memory map overhead and properly sizing VMs. (cherry picked from commit `2d871075cc`)	9 years ago
 @ -1 +1 @@
 .0.10
 .0.17