version 3.2.7

Reduce code duplication by moving parsing of "QUBESRPC" magic command to
one place.
Call qubes-rpc-multiplexer directly with execve(), to avoid string
expansions in its parameters.

(cherry picked from commit 50412a8a8f)

.travis.yml

@@ -7,5 +7,7 @@ env:
  - DIST_DOM0=fc23 USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
  - DISTS_VM=fc23 USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
  - DISTS_VM=fc24 USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc25 USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc26 USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
  - DISTS_VM=jessie USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1
  - DISTS_VM=stretch USE_QUBES_REPO_VERSION=3.2 USE_QUBES_REPO_TESTING=1

debian/changelog

@@ -1,3 +1,43 @@
+qubes-utils (3.2.7) unstable; urgency=medium
+
+  * qrexec: provide common function for handling service call
+  * debian: adjust required version after adding new function
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 20 Feb 2018 00:15:54 +0100
+
+qubes-utils (3.2.6) unstable; urgency=medium
+
+  [ HW42 ]
+  * u2mfn: get mfn via pte
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 13 Jan 2018 03:35:31 +0100
+
+qubes-utils (3.2.5) unstable; urgency=medium
+
+  [ unman ]
+  * Improve error message when file exists
+
+  [ Marek Marczykowski-Górecki ]
+  * rpm: add missing build requires
+
+  [ Rusty Bird ]
+  * Fall back to sync() if syncfs() is unavailable
+
+  [ Olivier MEDOC ]
+  * Fix gcc Werror because of a typo in a switch/case explicit
+    fallthrough comment
+
+  [ Marek Marczykowski-Górecki ]
+  * initramfs: move qubes_cow_setup hook to pre-trigger
+
+  [ Paras Chetal ]
+  * Fix include header syntax
+
+  [ Marek Marczykowski-Górecki ]
+  * travis: add fc25 and fc26 build targets
+
+ -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sun, 24 Sep 2017 21:54:29 +0200
+
 qubes-utils (3.2.4) unstable; urgency=medium
 
   [ Johanna A ]

debian/libqrexec-utils2.shlibs

@@ -1 +1 @@
-libqrexec-utils 2 libqrexec-utils2 (>= 3.1.3)
+libqrexec-utils 2 libqrexec-utils2 (>= 3.2.7)

dracut/full-dmroot/module-setup.sh

@@ -14,7 +14,7 @@ depends() {
 }
 
 install() {
-    inst_hook pre-udev 90 $moddir/qubes_cow_setup.sh
+    inst_hook pre-trigger 90 $moddir/qubes_cow_setup.sh
     inst_multiple \
         sfdisk \
         mkswap

dracut/full-dmroot/qubes_cow_setup.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# This file should be placed in pre-mount directory in dracut's initramfs, or
+# This file should be placed in pre-trigger directory in dracut's initramfs, or
 # scripts/local-top in case of initramfs-tools
 #
 

dracut/simple/init.sh

@@ -83,7 +83,6 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
     rmdir /tmp/modules
 fi
 
-
 umount /dev /sys /proc
 
 exec switch_root $NEWROOT /sbin/init

kernel-modules/u2mfn/u2mfn.c

@@ -54,6 +54,11 @@ static inline unsigned long VIRT_TO_MFN(void *addr)
 }
 #endif
 
+static int u2mfn_get_mfn(pte_t *pte, pgtable_t token, unsigned long addr, void *data) {
+    *((unsigned long *) data) = pfn_to_mfn(pte_pfn(*pte));
+    return 0;
+}
+
 /// User virtual address to mfn translator
 /**
     \param cmd ignored
@@ -63,9 +68,8 @@ static inline unsigned long VIRT_TO_MFN(void *addr)
 static long u2mfn_ioctl(struct file *f, unsigned int cmd,
 		       unsigned long data)
 {
-	struct page *user_page;
-	void *kaddr;
 	long ret;
+	unsigned long mfn;
 
 	if (_IOC_TYPE(cmd) != U2MFN_MAGIC) {
 		printk("Qubes u2mfn: wrong IOCTL magic");
@@ -74,26 +78,15 @@ static long u2mfn_ioctl(struct file *f, unsigned int cmd,
 
 	switch (cmd) {
 	case U2MFN_GET_MFN_FOR_PAGE:
-		down_read(&current->mm->mmap_sem);
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0)
-		ret = get_user_pages
-			(data, 1, (FOLL_WRITE | FOLL_FORCE), &user_page, 0);
-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
-		ret = get_user_pages
-		    (data, 1, 1, 0, &user_page, 0);
-#else
-		ret = get_user_pages
-		    (current, current->mm, data, 1, 1, 0, &user_page, 0);
-#endif
-		up_read(&current->mm->mmap_sem);
-		if (ret != 1) {
-			printk("U2MFN_GET_MFN_FOR_PAGE: get_user_pages failed, ret=0x%lx\n", ret);
+		ret = apply_to_page_range(current->mm, data, PAGE_SIZE, u2mfn_get_mfn, &mfn);
+
+		if (ret < 0 || mfn == INVALID_P2M_ENTRY) {
+			printk("U2MFN_GET_MFN_FOR_PAGE: failed to get mfn, "
+			       "addr=0x%lx ret=0x%lx\n", data, ret);
 			return -1;
 		}
-		kaddr = kmap(user_page);
-		ret = VIRT_TO_MFN(kaddr);
-		kunmap(user_page);
-		put_page(user_page);
+
+		ret = mfn;
 		break;
 
 	case U2MFN_GET_LAST_MFN:

qrexec-lib/copy-file.c

@@ -1,5 +1,5 @@
 #include <unistd.h>
-#include <ioall.h>
+#include "ioall.h"
 #include "libqubes-rpc-filecopy.h"
 #include "crc32.h"
 

qrexec-lib/exec.c

@@ -24,6 +24,8 @@
 #include <stdlib.h>
 #include <unistd.h>
 #include <stdio.h>
+#include <string.h>
+#include "qrexec.h"
 #include "libqrexec-utils.h"
 
 static do_exec_t *exec_func = NULL;
@@ -31,6 +33,29 @@ void register_exec_func(do_exec_t *func) {
     exec_func = func;
 }
 
+void exec_qubes_rpc_if_requested(char *prog, char *const envp[]) {
+    /* avoid calling qubes-rpc-multiplexer through shell */
+    if (strncmp(prog, RPC_REQUEST_COMMAND, RPC_REQUEST_COMMAND_LEN) == 0) {
+        char *tok;
+        char *argv[16]; // right now 6 are used, but allow future extensions
+        size_t i = 0;
+
+        tok=strtok(prog, " ");
+        do {
+            if (i >= sizeof(argv)/sizeof(argv[0])-1) {
+                fprintf(stderr, "To many arguments to %s\n", RPC_REQUEST_COMMAND);
+                exit(1);
+            }
+            argv[i++] = tok;
+        } while ((tok=strtok(NULL, " ")));
+        argv[i] = NULL;
+        argv[0] = QUBES_RPC_MULTIPLEXER_PATH;
+        execve(QUBES_RPC_MULTIPLEXER_PATH, argv, envp);
+        perror("exec qubes-rpc-multiplexer");
+        exit(1);
+    }
+}
+
 void fix_fds(int fdin, int fdout, int fderr)
 {
     int i;
@@ -68,7 +93,7 @@ void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
                 fix_fds(inpipe[0], outpipe[1], 2);
 
             if (exec_func != NULL)
-                exec_func(cmdline);
+                exec_func((char*)cmdline);
             exit(-1);
         default:;
     }

qrexec-lib/libqrexec-utils.h

@@ -33,8 +33,14 @@ struct buffer {
 #define WRITE_STDIN_BUFFERED  1 /* something still in the buffer */
 #define WRITE_STDIN_ERROR     2 /* write error, errno set */
 
-typedef void (do_exec_t)(const char *);
+typedef void (do_exec_t)(char *);
 void register_exec_func(do_exec_t *func);
+/*
+ * exec() qubes-rpc-multiplexer if *prog* starts with magic "QUBESRPC" keyword,
+ * do not return in that case; pass *envp* to execve() as en environment
+ * otherwise, return false without any action
+ */
+void exec_qubes_rpc_if_requested(char *prog, char *const envp[]);
 
 void buffer_init(struct buffer *b);
 void buffer_free(struct buffer *b);

qrexec-lib/pack.c

@@ -89,7 +89,7 @@ void wait_for_result(void)
     if (hdr.error_code != 0) {
         switch (hdr.error_code) {
             case EEXIST:
-                call_error_handler("File copy: not overwriting existing file. Clean QubesIncoming dir, and retry copy%s%s", last_filename_prefix, last_filename);
+                call_error_handler("A file named %s already exists in QubesIncoming dir", last_filename);
                 break;
             case EINVAL:
                 call_error_handler("File copy: Corrupted data from packer%s%s", last_filename_prefix, last_filename);
@@ -100,7 +100,7 @@ void wait_for_result(void)
                      * desynchronized in this case */
                     return;
                 }
-                /* fall though */
+		/* fallthrough */
             default:
                 call_error_handler("File copy: %s%s%s",
                         strerror(hdr.error_code), last_filename_prefix, last_filename);

qrexec-lib/unpack.c

@@ -1,6 +1,5 @@
 #define _GNU_SOURCE /* For O_NOFOLLOW. */
 #include <errno.h>
-#include <ioall.h>
 #include <fcntl.h>
 #include <sys/time.h>
 #include <sys/stat.h>
@@ -10,6 +9,7 @@
 #include <stdio.h>
 #include <limits.h>
 #include "libqubes-rpc-filecopy.h"
+#include "ioall.h"
 #include "crc32.h"
 
 char untrusted_namebuf[MAX_PATH_LENGTH];
@@ -237,6 +237,8 @@ int do_unpack(void)
     cwd_fd = open(".", O_RDONLY);
     if (cwd_fd >= 0 && syncfs(cwd_fd) == 0 && close(cwd_fd) == 0)
         errno = saved_errno;
+#else
+    sync();
 #endif
 
     send_status_and_crc(errno, untrusted_namebuf);

rpm_spec/qubes-utils.spec

@@ -19,6 +19,8 @@ Requires:	%{name}-libs
 Requires:	ImageMagick
 Requires:	pycairo
 BuildRequires:  qubes-libvchan-devel
+# for meminfo-writer
+BuildRequires:  xen-devel
 
 %description
 Common Linux files for Qubes Dom0 and VM

version

@@ -1 +1 @@
-3.2.4
+3.2.7