version 4.0.27

Add missing busybox (required for grep inside initramfs).
Add missing grub2-common (required for grub config generation).
Convert Recommends: initramfs-tools to Depends: initramfs-tools |
dracut (see also QubesOS/qubes-issues#3361).

Fixes QubesOS/qubes-issues#5490

(cherry picked from commit 2ba9fd6c23)

.travis.yml

@@ -1,5 +1,5 @@
 sudo: required
-dist: xenial
+dist: bionic
 language: python
 python:
   - '2.7'
@@ -22,10 +22,12 @@ jobs:
   include:
    - env: TESTS_ONLY=1
      python: 2.7
-   - env: TESTS_ONLY=1
-     python: 3.4
    - env: TESTS_ONLY=1
      python: 3.5
+   - env: TESTS_ONLY=1
+     python: 3.6
+   - env: TESTS_ONLY=1
+     python: 3.7
    - stage: deploy
      python: 3.5
      env: DIST_DOM0=fc25 TESTS_ONLY=

debian/changelog

@@ -1,3 +1,45 @@
+qubes-utils (4.0.27) unstable; urgency=medium
+
+  [ Frédéric Pierret (fepitre) ]
+  * travis: switch to bionic
+
+  [ Marek Marczykowski-Górecki ]
+  * travis: update python versions
+
+  [ Patrick Schleizer ]
+  * qubes-kernel-vm-support.preinst create folder /boot/grub
+  * qubes-kernel-vm-support.postinst run update-grub
+
+  [ Marek Marczykowski-Górecki ]
+  * debian: fix dependencies of qubes-kernel-vm-support pkg
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 31 Jan 2020 03:54:15 +0100
+
+qubes-utils (4.0.26) unstable; urgency=medium
+
+  [ M. Vefa Bicakci ]
+  * u2mfn: Make compatible with kernel versions >= 5.3.y
+
+  [ Marek Marczykowski-Górecki ]
+  * rpm: update python2 deps
+
+  [ xaki23 ]
+  * align volatile swap partition to 1Mb instead of 512b
+
+  [ Marek Marczykowski-Górecki ]
+  * Disable BLS config style in grub
+
+  [ xaki23 ]
+  * partition full volatile for non-COW setups too
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 28 Sep 2019 12:11:44 +0200
+
+qubes-utils (4.0.25) unstable; urgency=medium
+
+  * initrd: mount / rw for the overlayfs setup time
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 10 Jun 2019 00:42:47 +0200
+
 qubes-utils (4.0.24) unstable; urgency=medium
 
   [ Marek Marczykowski-Górecki ]

debian/control

@@ -26,8 +26,12 @@ Description: Qubes Linux utilities
 
 Package: qubes-kernel-vm-support
 Architecture: any
-Recommends: initramfs-tools
-Depends: dkms, ${misc:Depends}
+Depends:
+ dkms,
+ busybox,
+ initramfs-tools | dracut,
+ grub2-common,
+ ${misc:Depends}
 Description: Qubes VM kernel and initramfs modules
  This package contains:
  1. mkinitramfs module required to setup Qubes VM root filesystem. This package

debian/qubes-kernel-vm-support.postinst

@@ -46,6 +46,19 @@ esac
 
 #DEBHELPER#
 
+## https://phabricator.whonix.org/T377
+## Debian has no update-grub trigger yet:
+## https://bugs.debian.org/481542
+
+if command -v update-grub >/dev/null 2>&1; then
+   update-grub || \
+      echo "$DPKG_MAINTSCRIPT_PACKAGE $DPKG_MAINTSCRIPT_NAME ERROR: Running \
+'update-grub' failed with exit code $?. $DPKG_MAINTSCRIPT_PACKAGE is most \
+likely only the trigger, not the cause. Unless you know this is not an issue, \
+you should fix running 'update-grub', otherwise your system might no longer \
+boot." >&2
+fi
+
 exit 0
 
 # vim: set ts=4 sw=4 sts=4 et :

debian/qubes-kernel-vm-support.preinst

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+mkdir --parents /boot/grub || true
+
+#DEBHELPER#
+
+exit 0

dracut/full-dmroot/qubes_cow_setup.sh

@@ -79,8 +79,8 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
         die "volatile.img smaller than 1GB, cannot continue"
     fi
     sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-1,$SWAP_SIZE,S
-,,L
+xvdc1: type=82,start=2048,size=$SWAP_SIZE
+xvdc2: type=83
 EOF
     if [ $? -ne 0 ]; then
         die "Qubes: failed to setup partitions on volatile device"
@@ -97,7 +97,8 @@ else
     log_begin "Qubes: Doing R/W setup for TemplateVM..."
     while ! [ -e /dev/xvdc ]; do sleep 0.1; done
     sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-1,$SWAP_SIZE,S
+xvdc1: type=82,start=2048,size=$SWAP_SIZE
+xvdc3: type=83
 EOF
     if [ $? -ne 0 ]; then
         die "Qubes: failed to setup partitions on volatile device"

dracut/simple/init.sh

@@ -53,8 +53,8 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
         die "volatile.img smaller than 1GB, cannot continue"
     fi
     /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-1,$SWAP_SIZE,S
-,,L
+xvdc1: type=82,start=2048,size=$SWAP_SIZE
+xvdc2: type=83
 EOF
     if [ $? -ne 0 ]; then
         echo "Qubes: failed to setup partitions on volatile device"
@@ -72,7 +72,8 @@ else
     echo "Qubes: Doing R/W setup for TemplateVM..."
     while ! [ -e /dev/xvdc ]; do sleep 0.1; done
     /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-1,$SWAP_SIZE,S
+xvdc1: type=82,start=2048,size=$SWAP_SIZE
+xvdc3: type=83
 EOF
     if [ $? -ne 0 ]; then
         die "Qubes: failed to setup partitions on volatile device"
@@ -86,7 +87,7 @@ fi
 /sbin/modprobe ext4
 
 mkdir -p /sysroot
-mount /dev/mapper/dmroot /sysroot -o ro
+mount /dev/mapper/dmroot /sysroot -o rw
 NEWROOT=/sysroot
 
 kver="`uname -r`"
@@ -99,18 +100,14 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
     if /sbin/modprobe overlay; then
         # if overlayfs is supported, use that to provide fully writable /lib/modules
         if ! [ -d "$NEWROOT/lib/.modules_work" ]; then
-            mount "$NEWROOT" -o remount,rw
             mkdir -p "$NEWROOT/lib/.modules_work"
-            mount "$NEWROOT" -o remount,ro
         fi
         mount -t overlay none $NEWROOT/lib/modules -o lowerdir=/tmp/modules,upperdir=$NEWROOT/lib/modules,workdir=$NEWROOT/lib/.modules_work
     else
         # otherwise mount only `uname -r` subdirectory, to leave the rest of
         # /lib/modules writable
         if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
-            mount "$NEWROOT" -o remount,rw
             mkdir -p "$NEWROOT/lib/modules/$kver"
-            mount "$NEWROOT" -o remount,ro
         fi
         mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
     fi
@@ -119,5 +116,6 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
 fi
 
 umount /dev /sys /proc
+mount "$NEWROOT" -o remount,ro
 
 exec /sbin/switch_root $NEWROOT /sbin/init

grub/grub.qubes-kernel-vm-support

@@ -5,4 +5,4 @@ if [ -r /usr/share/qubes/marker-vm ] &&
         [ "$(cat /var/lib/qubes/initramfs-updated 2>/dev/null || echo 0)" -ge 1 ]; then
     GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX xen_scrub_pages=0"
 fi
-
+GRUB_ENABLE_BLSCFG=false

kernel-modules/u2mfn/u2mfn.c

@@ -54,10 +54,17 @@ static inline unsigned long VIRT_TO_MFN(void *addr)
 }
 #endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,3,0)
+static int u2mfn_get_mfn(pte_t *pte, unsigned long addr, void *data) {
+    *((unsigned long *) data) = pfn_to_mfn(pte_pfn(*pte));
+    return 0;
+}
+#else
 static int u2mfn_get_mfn(pte_t *pte, pgtable_t token, unsigned long addr, void *data) {
     *((unsigned long *) data) = pfn_to_mfn(pte_pfn(*pte));
     return 0;
 }
+#endif
 
 /// User virtual address to mfn translator
 /**

rpm_spec/qubes-utils.spec.in

@@ -15,7 +15,7 @@ Requires:	python%{python3_pkgversion}-qubesimgconverter
 %{?systemd_requires}
 BuildRequires:  systemd
 BuildRequires:  qubes-libvchan-devel
-BuildRequires:  python-setuptools
+BuildRequires:  python2-setuptools
 BuildRequires:  python%{python3_pkgversion}-setuptools
 BuildRequires:  python2-rpm-macros
 BuildRequires:  python3-rpm-macros
@@ -28,7 +28,7 @@ Common Linux files for Qubes Dom0 and VM
 
 %package -n python2-qubesimgconverter
 Summary:    Python package qubesimgconverter
-Requires:   python
+Requires:   python2
 Requires:   pycairo
 %if 0%{?rhel} >= 7
 Requires:   python-pillow

version

@@ -1 +1 @@
-4.0.24
+4.0.27