57 changed files with 1140 additions and 787 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,39 +1,12 @@
 sudo: required
-dist: bionic
+dist: trusty
-language: python
+language: generic
-python:
+install: git clone https://github.com/QubesOS/qubes-builder ~/qubes-builder
-  - '2.7'
+script: ~/qubes-builder/scripts/travis-build
 install:
 - test -z "$TESTS_ONLY" || pip install -r ci/requirements.txt
 - test -n "$TESTS_ONLY" || git clone https://github.com/QubesOS/qubes-builder ~/qubes-builder
 script:
 - test -z "$TESTS_ONLY" || python -m unittest discover -v imgconverter -p test.py
 - test -n "$TESTS_ONLY" || ~/qubes-builder/scripts/travis-build
 env:
- - DIST_DOM0=fc31 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DIST_DOM0=fc25 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=fc29 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc24 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=fc30 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc25 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=stretch USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc26 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=buster USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=jessie USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=centos7 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=stretch USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
 jobs:
  include:
   - env: TESTS_ONLY=1
     python: 2.7
   - env: TESTS_ONLY=1
     python: 3.5
   - env: TESTS_ONLY=1
     python: 3.6
   - env: TESTS_ONLY=1
     python: 3.7
   - stage: deploy
     python: 3.6
     env: DIST_DOM0=fc31 TESTS_ONLY=
     script: ~/qubes-builder/scripts/travis-deploy
 # don't build tags which are meant for code signing only
 branches:
  except:
    - /.*_.*/
--- a/6
+++ b/6
@ -30,13 +30,13 @@ install:
 install-fedora-kernel-support:
 	$(MAKE) -C dracut install
 	$(MAKE) -C kernel-modules install
 	$(MAKE) -C grub install-fedora
 install-debian-kernel-support:
 	$(MAKE) -C initramfs-tools install
 	$(MAKE) -C dracut install
 	$(MAKE) -C kernel-modules install
-	$(MAKE) -C grub install-debian
+	# expand module version
 	rm -f debian/qubes-kernel-vm-support.dkms
 	echo debian/tmp/usr/src/u2mfn-*/dkms.conf > debian/qubes-kernel-vm-support.dkms
 clean:
 	$(MAKE) -C qrexec-lib clean
--- a/archlinux/PKGBUILD
+++ b/archlinux/PKGBUILD
@ -13,7 +13,7 @@ arch=("x86_64")
 url="http://qubes-os.org/"
 license=('GPL')
 groups=()
-makedepends=(gcc make pkgconfig 'python-setuptools' 'python2-setuptools')
+makedepends=(gcc make pkgconfig 'qubes-libvchan' 'python-setuptools' 'python2-setuptools')
 checkdepends=()
 optdepends=()
 provides=()
@ -45,7 +45,7 @@ make -C imgconverter all
 }
 package_qubes-vm-utils() {
-depends=(imagemagick python2-cairo python2-pillow python2-numpy python-pillow python-numpy)
+depends=(qubes-libvchan imagemagick python2-cairo)
 install=PKGBUILD-qubes-vm-utils.install
 # Install all for python2
@ -57,7 +57,7 @@ make -C imgconverter install DESTDIR=$pkgdir LIBDIR=/usr/lib SYSLIBDIR=/usr/lib
 }
 package_qubes-vm-kernel-support() {
-depends=(mkinitcpio grub)
+depends=(qubes-libvchan mkinitcpio dkms grub)
 install=PKGBUILD-qubes-vm-kernel-support.install
 mkdir -p ${pkgdir}/usr/lib/initcpio/install/
@ -68,6 +68,8 @@ mkdir -p ${pkgdir}/usr/bin/
 install -m 611 ${srcdir}/PKGBUILD-initcpio-install.sh ${pkgdir}/usr/lib/initcpio/install/qubes
 install -m 611 ${srcdir}/PKGBUILD-initcpio-hook.sh ${pkgdir}/usr/lib/initcpio/hooks/qubes
 install -m 755 ${srcdir}/dracut/full-dmroot/qubes_cow_setup.sh ${pkgdir}/usr/lib/qubes/qubes_cow_setup.sh
 make install-u2mfn DESTDIR=$pkgdir -C kernel-modules
 }
--- a/archlinux/PKGBUILD-initcpio-install.sh
+++ b/archlinux/PKGBUILD-initcpio-install.sh
@ -3,6 +3,7 @@
 build() {
  add_module "xen-blkfront"
  add_module "u2mfn"
  add_binary "/usr/bin/sfdisk"
  add_binary "/usr/bin/mkswap"
  add_binary "/usr/bin/dmsetup"
--- a/ci/requirements.txt
+++ b/ci/requirements.txt
@ -1,2 +0,0 @@
 Pillow
 numpy
--- a/debian/changelog
+++ b/debian/changelog
@ -1,226 +1,3 @@
 qubes-utils (4.1.3) unstable; urgency=medium
  [ xaki23 ]
  * partition full volatile for non-COW setups too
  [ Frédéric Pierret (fepitre) ]
  * travis: switch to bionic
  [ Marek Marczykowski-Górecki ]
  * travis: update python versions
  [ Patrick Schleizer ]
  * qubes-kernel-vm-support.preinst create folder /boot/grub
  * qubes-kernel-vm-support.postinst run update-grub
  [ Marek Marczykowski-Górecki ]
  * debian: fix dependencies of qubes-kernel-vm-support pkg
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 07 Dec 2019 05:50:26 +0100
 qubes-utils (4.1.2) unstable; urgency=medium
  [ xaki23 ]
  * align volatile swap partition to 1Mb instead of 512b
  [ Marek Marczykowski-Górecki ]
  * rpm: update python2 deps
  * Disable BLS config style in grub
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sun, 22 Sep 2019 05:10:19 +0200
 qubes-utils (4.1.1) unstable; urgency=medium
  * initrd: mount / rw for the overlayfs setup time
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 10 Jun 2019 00:48:40 +0200
 qubes-utils (4.1.0) unstable; urgency=medium
  * Remove qrexec related files
  * Remove u2mfn module
  * travis: update to R4.1
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 08 Jun 2019 03:20:55 +0200
 qubes-utils (4.0.24) unstable; urgency=medium
  [ Marek Marczykowski-Górecki ]
  * Declare u2mfn module version, skip build for qubes kernels
  [ Frédéric Pierret (fepitre) ]
  * python3: use macro pkgversion
  * travis: switch to xenial
  * travis: remove older Fedora releases and add Fedora 30
  [ Marek Marczykowski-Górecki ]
  * initramfs: use overlayfs for /lib/modules, if available
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Thu, 06 Jun 2019 21:30:30 +0200
 qubes-utils (4.0.23) unstable; urgency=medium
  * Disable scrubbing memory pages during initial balloon down
  * dracut: fix checking for "Root filesystem" label, improve udev sync
  * dracut: add a flag file indicating scrub-pages option support
  * Adjust permissions of /dev/xen/hypercall
  * Do not use /proc/xen for detecting dom0 anymore
  * Really install xen-scrub-pages dracut module
  * Add xen_scrub_pages=0 kernel option only if initramfs was rebuilt
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 25 Feb 2019 21:46:52 +0100
 qubes-utils (4.0.22) unstable; urgency=medium
  * tests: skip img converter test if qubes-img-converter is not
    installed
  * imgconverter: allow icons up to 2048x2048
  * tests: skip the other img converter test too
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 29 Oct 2018 01:03:59 +0100
 qubes-utils (4.0.21) unstable; urgency=medium
  [ Rusty Bird ]
  * Order qubes-meminfo-writer-dom0 before systemd-user-sessions
  [ Marek Marczykowski-Górecki ]
  * rpm: adjust for fc29
  * travis: update Fedora and Debian versions
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 09 Oct 2018 00:25:11 +0200
 qubes-utils (4.0.20) unstable; urgency=medium
  * udev: create /dev/mapper/dmroot -> xvda3 symlink when its mounted
    directly
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 03 Jul 2018 21:11:00 +0200
 qubes-utils (4.0.19) unstable; urgency=medium
  * rpm: use proper macros for systemd handling
  * travis: add centos7
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Wed, 02 May 2018 17:55:09 +0200
 qubes-utils (4.0.18) unstable; urgency=medium
  [ Marek Marczykowski-Górecki ]
  * udev: don't call udev-block-add-change for devices excluded by other
    rules
  * rpm: preparation for src.rpm building
  [ Frédéric Pierret ]
  * Makefile.builder: currently disable Mock
  * Remove _builddir
  * Fix debug symbols
  * spec.in: add changelog placeholder
  [ Marek Marczykowski-Górecki ]
  * travis: update Fedora versions
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 21 Apr 2018 14:36:39 +0200
 qubes-utils (4.0.17) unstable; urgency=medium
  [ Frédéric Pierret ]
  * Fix python3 package names with respect to CentOS for consistency
    with python34 names
  * Remove busybox as it is not provided in RHEL7 anymore
  * centos: fix python packages names
  * drop busybox dependance
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 27 Feb 2018 15:17:12 +0100
 qubes-utils (4.0.16) unstable; urgency=medium
  * qrexec: provide common function for handling service call
  * debian: adjust required version after adding new function
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 20 Feb 2018 00:05:31 +0100
 qubes-utils (4.0.15) unstable; urgency=medium
  * udev: update detecting usbip-connected devices
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Thu, 18 Jan 2018 19:07:40 +0100
 qubes-utils (4.0.14) unstable; urgency=medium
  [ Reynir Björnsson ]
  * Remove duplicate #define
  [ Rusty Bird ]
  * udev-block-add-change: ignore unconnected Network Block Device
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Fri, 12 Jan 2018 06:16:05 +0100
 qubes-utils (4.0.13) unstable; urgency=medium
  [ Marek Marczykowski-Górecki ]
  * imgconverter: fix make_padlock function
  * Update tests
  * travis: run imgconverter unit tests
  * Make tests python3 compatible
  * travis: run tests also on python3
  * travis: enable deploy stage for master-staging -> master gate
  [ Gianluca Guida ]
  * Fix qrexec-lib headers
  [ Marek Marczykowski-Górecki ]
  * imgconverter: fix handling explicit file type
  * tests: integration tests for qvm-convert-img
  * travis: run only unit tests
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 23 Dec 2017 02:50:19 +0100
 qubes-utils (4.0.12) unstable; urgency=medium
  [ Marek Marczykowski-Górecki ]
  * debian: make it easier to spot missing files in debian/*.install
  * debian: include drauct module in qubes-kernel-vm-support
  [ Patrick Schleizer ]
  * qubes-kernel-vm-support compatibility with dracut
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 12 Dec 2017 01:41:52 +0100
 qubes-utils (4.0.11) unstable; urgency=medium
  [ qubesuser ]
  * remove unused cairo import
  * add Python pillow and numpy dependencies
  * use PIL image library instead of ImageMagick to load/save images
    when tinting
  * reimplement tint algorithm with numpy for reasonable performance
  * replace tinting algorithm with one that partially preserves
    saturation too
  [ Marek Marczykowski-Górecki ]
  * Add missing classmethod decorator
  * Make udev-block-add-change executable again
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 21 Nov 2017 05:34:50 +0100
 qubes-utils (4.0.10) unstable; urgency=medium
  [ Olivier MEDOC ]
  * archlinux: build imgconverter with both python2 and python3
  [ qubesuser ]
  * Speed up udev-block-add-change by not using xenstore
  [ Your Name ]
  * This commit specifies the integer width explicitly to match
    `result_header_ext` etc.
  [ Marek Marczykowski-Górecki ]
  * Initialize pad field in filecopy final response
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Tue, 21 Nov 2017 04:46:49 +0100
 qubes-utils (4.0.9) unstable; urgency=medium
  * Fix initramfs scripts on Debian
--- a/debian/control
+++ b/debian/control
@ -3,10 +3,12 @@ Section: admin
 Priority: extra
 Maintainer: Davíð Steinn Geirsson <david@dsg.is>
 Build-Depends:
 libvchan-xen-dev,
 libxen-dev,
 pkg-config,
 debhelper (>= 9.0.0),
 dh-systemd,
 dkms,
 python-setuptools,
 Standards-Version: 3.9.3
 Homepage: http://www.qubes-os.org
@ -15,7 +17,7 @@ Vcs-Git: http://dsg.is/qubes/qubes-linux-utils.git
 Package: qubes-utils
 Architecture: any
-Depends: lsb-base, python-pil, python-numpy, python3-pil, python3-numpy, ${shlibs:Depends}, ${misc:Depends}
+Depends: libvchan-xen, lsb-base, ${shlibs:Depends}, ${misc:Depends}
 Conflicts: qubes-linux-utils
 Breaks: qubes-core-agent (<< 3.1.4)
 Recommends: python2.7
@ -24,16 +26,23 @@ Description: Qubes Linux utilities
 Package: qubes-kernel-vm-support
 Architecture: any
-Depends:
+Depends: dkms, initramfs-tools, ${misc:Depends}
 busybox,
 initramfs-tools | dracut,
 grub2-common,
 ${misc:Depends}
 Description: Qubes VM kernel and initramfs modules
 This package contains:
 1. mkinitramfs module required to setup Qubes VM root filesystem. This package
 is needed in VM only when the VM uses its own kernel (via pvgrub or so).
 Otherwise initrd is provided by dom0.
 .
 2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
 libvchan library.
 Package: libqrexec-utils2
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Breaks: qubes-utils (<< 3.1.4)
 Replaces: qubes-utils (<< 3.1.4)
 Description: Library of common functions of qrexec agent and daemon
 This library contains common helper functions for qrexec agent and daemon.
 Package: libqubes-rpc-filecopy2
 Architecture: any
@ -44,6 +53,15 @@ Description: Qubes file copy protocol library
 This library can be used for both sending files using qfile protocol and for
 receiving them.
 Package: libqrexec-utils-dev
 Architecture: any
 Section: libdevel
 Depends: libqrexec-utils2 (= ${binary:Version}), ${misc:Depends}
 Breaks: qubes-utils (<< 3.1.4)
 Replaces: qubes-utils (<< 3.1.4)
 Description: Development headers for libqrexec-utils
 This package contains files required to compile qrexec-agent and qrexec-daemon.
 Package: libqubes-rpc-filecopy-dev
 Architecture: any
 Section: libdevel
--- a/debian/libqrexec-utils-dev.install
+++ b/debian/libqrexec-utils-dev.install
@ -0,0 +1,3 @@
 usr/include/libqrexec-utils.h
 usr/include/qrexec.h
 usr/lib/libqrexec-utils.so
--- a/debian/libqrexec-utils2.install
+++ b/debian/libqrexec-utils2.install
@ -0,0 +1 @@
 usr/lib/libqrexec-utils.so.2*
--- a/debian/libqrexec-utils2.shlibs
+++ b/debian/libqrexec-utils2.shlibs
@ -0,0 +1 @@
 libqrexec-utils 2 libqrexec-utils2 (>= 3.1.3)
--- a/debian/qubes-kernel-vm-support.dkms
+++ b/debian/qubes-kernel-vm-support.dkms
@ -0,0 +1 @@
 debian/tmp/usr/src/u2mfn-3.1.2/dkms.conf
--- a/debian/qubes-kernel-vm-support.install
+++ b/debian/qubes-kernel-vm-support.install
@ -1,8 +1,3 @@
 usr/share/initramfs-tools/scripts/local-top/scrub_pages
 usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
 usr/share/initramfs-tools/hooks/qubes_vm
-usr/lib/dracut/modules.d/90qubes-vm/*
+usr/src/u2mfn-*/*
 usr/lib/dracut/modules.d/90qubes-vm-modules/*
 usr/lib/dracut/modules.d/90qubes-vm-simple/*
 usr/lib/dracut/modules.d/80xen-scrub-pages/*
 etc/default/grub.d/30-qubes-kernel-vm-support.cfg
--- a/debian/qubes-kernel-vm-support.postinst
+++ b/debian/qubes-kernel-vm-support.postinst
@ -1,64 +0,0 @@
 #!/bin/bash
 # postinst script for qubes-kernel-vm-support
 #
 # see: dh_installdeb(1)
 set -e
 # The postinst script may be called in the following ways:
 #   * <postinst> 'configure' <most-recently-configured-version>
 #   * <old-postinst> 'abort-upgrade' <new version>
 #   * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
 #     <new-version>
 #   * <postinst> 'abort-remove'
 #   * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
 #     <failed-install-package> <version> 'removing'
 #     <conflicting-package> <version>
 #
 #    For details, see http://www.debian.org/doc/debian-policy/ or
 # https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
 # the debian-policy package
 case "${1}" in
    configure)
        if [ -x /usr/sbin/update-initramfs ]; then
            if update-initramfs -u; then
                # "milestone" initramfs update version:
                # 1 - addition of xen scrub_pages enabling code
                echo 1 > /var/lib/qubes/initramfs-updated
            fi
        fi
        ;;
    abort-upgrade|abort-remove|abort-deconfigure)
        exit 0
        ;;
    *)
        echo "postinst called with unknown argument \`${1}'" >&2
        exit 1
        ;;
 esac
 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 #DEBHELPER#
 ## https://phabricator.whonix.org/T377
 ## Debian has no update-grub trigger yet:
 ## https://bugs.debian.org/481542
 if command -v update-grub >/dev/null 2>&1; then
   update-grub || \
      echo "$DPKG_MAINTSCRIPT_PACKAGE $DPKG_MAINTSCRIPT_NAME ERROR: Running \
 'update-grub' failed with exit code $?. $DPKG_MAINTSCRIPT_PACKAGE is most \
 likely only the trigger, not the cause. Unless you know this is not an issue, \
 you should fix running 'update-grub', otherwise your system might no longer \
 boot." >&2
 fi
 exit 0
 # vim: set ts=4 sw=4 sts=4 et :
--- a/debian/qubes-kernel-vm-support.preinst
+++ b/debian/qubes-kernel-vm-support.preinst
@ -1,9 +0,0 @@
 #!/bin/bash
 set -e
 mkdir --parents /boot/grub || true
 #DEBHELPER#
 exit 0
--- a/debian/rules
+++ b/debian/rules
@ -7,7 +7,7 @@ export DESTDIR=$(shell pwd)/debian/tmp
 #export DH_VERBOSE=1
 %:
-	dh $@ --with=systemd
+	dh $@ --with=systemd,dkms
 override_dh_auto_build:
 	make all LIBDIR=/usr/lib DEBIANBUILD=1
@ -15,8 +15,3 @@ override_dh_auto_build:
 override_dh_auto_install:
 	make install LIBDIR=/usr/lib DEBIANBUILD=1 PYTHON_PREFIX_ARG=--install-layout=deb
 	make install-debian-kernel-support LIBDIR=/usr/lib DEBIANBUILD=1 
 	# dom0-only file
 	rm -f $(DESTDIR)/usr/sbin/qubes-prepare-vm-kernel
 override_dh_install:
 	dh_install --fail-missing
--- a/dracut/Makefile
+++ b/dracut/Makefile
@ -2,4 +2,3 @@ install:
 	$(MAKE) -C simple
 	$(MAKE) -C full-dmroot
 	$(MAKE) -C full-modules
 	$(MAKE) -C xen-balloon-scrub-pages
--- a/dracut/full-dmroot/qubes_cow_setup.sh
+++ b/dracut/full-dmroot/qubes_cow_setup.sh
@ -53,12 +53,12 @@ fi
 modprobe xenblk || modprobe xen-blkfront || warn "Qubes: Cannot load Xen Block Frontend..."
 log_begin "Waiting for /dev/xvda* devices..."
-udevadm settle --exit-if-exists=/dev/xvda
+while ! [ -e /dev/xvda ]; do sleep 0.1; done
 log_end
 # prefer partition if exists
 if [ -b /dev/xvda1 ]; then
-    if [ -e "/dev/disk/by-partlabel/Root\\x20filesystem" ]; then
+    if [ -d /dev/disk/by-partlabel ]; then
        ROOT_DEV=$(basename $(readlink "/dev/disk/by-partlabel/Root\\x20filesystem"))
    else
        ROOT_DEV=xvda3
@ -79,8 +79,8 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
        die "volatile.img smaller than 1GB, cannot continue"
    fi
    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
-xvdc2: type=83
+,,L
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
@ -97,8 +97,7 @@ else
    log_begin "Qubes: Doing R/W setup for TemplateVM..."
    while ! [ -e /dev/xvdc ]; do sleep 0.1; done
    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
 xvdc3: type=83
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
--- a/dracut/simple/Makefile
+++ b/dracut/simple/Makefile
@ -2,5 +2,3 @@ install:
 	install -d $(DESTDIR)/usr/lib/dracut/modules.d/90qubes-vm-simple
 	install module-setup.sh init.sh \
 		$(DESTDIR)/usr/lib/dracut/modules.d/90qubes-vm-simple/
 	# flag indicating the module will (re-)enable scrub-pages option
 	touch $(DESTDIR)/usr/lib/dracut/modules.d/90qubes-vm-simple/xen-scrub-pages-supported
--- a/dracut/simple/init.sh
+++ b/dracut/simple/init.sh
@ -6,16 +6,11 @@ mount -t proc proc /proc
 mount -t sysfs sysfs /sys
 mount -t devtmpfs devtmpfs /dev
 if [ -w /sys/devices/system/xen_memory/xen_memory0/scrub_pages ]; then
    # re-enable xen-balloon pages scrubbing, after initial balloon down
    echo 1 > /sys/devices/system/xen_memory/xen_memory0/scrub_pages
 fi
 if [ -e /dev/mapper/dmroot ] ; then 
    echo "Qubes: FATAL error: /dev/mapper/dmroot already exists?!"
 fi
-/sbin/modprobe xenblk || /sbin/modprobe xen-blkfront || echo "Qubes: Cannot load Xen Block Frontend..."
+modprobe xenblk || modprobe xen-blkfront || echo "Qubes: Cannot load Xen Block Frontend..."
 die() {
    echo "$@" >&2
@ -52,42 +47,41 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
    if [ $VOLATILE_SIZE -lt $SWAP_SIZE ]; then
        die "volatile.img smaller than 1GB, cannot continue"
    fi
-    /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
+    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
-xvdc2: type=83
+,,L
 EOF
    if [ $? -ne 0 ]; then
        echo "Qubes: failed to setup partitions on volatile device"
        exit 1
    fi
    while ! [ -e /dev/xvdc1 ]; do sleep 0.1; done
-    /sbin/mkswap /dev/xvdc1
+    mkswap /dev/xvdc1
    while ! [ -e /dev/xvdc2 ]; do sleep 0.1; done
    echo "0 `cat /sys/class/block/$ROOT_DEV/size` snapshot /dev/$ROOT_DEV /dev/xvdc2 N 16" | \
-        /sbin/dmsetup create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; exit 1; }
+        dmsetup create dmroot || { echo "Qubes: FATAL: cannot create dmroot!"; exit 1; }
-    /sbin/dmsetup mknodes dmroot
+    dmsetup mknodes dmroot
    echo Qubes: done.
 else
    echo "Qubes: Doing R/W setup for TemplateVM..."
    while ! [ -e /dev/xvdc ]; do sleep 0.1; done
-    /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
+    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
 xvdc3: type=83
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
    fi
    while ! [ -e /dev/xvdc1 ]; do sleep 0.1; done
-    /sbin/mkswap /dev/xvdc1
+    mkswap /dev/xvdc1
    ln -s ../$ROOT_DEV /dev/mapper/dmroot
    echo Qubes: done.
 fi
-/sbin/modprobe ext4
+modprobe ext4
 mkdir -p /sysroot
-mount /dev/mapper/dmroot /sysroot -o rw
+mount /dev/mapper/dmroot /sysroot -o ro
 NEWROOT=/sysroot
 kver="`uname -r`"
@ -95,27 +89,19 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
    echo "Waiting for /dev/xvdd device..."
    while ! [ -e /dev/xvdd ]; do sleep 0.1; done
    # Mount only `uname -r` subdirectory, to leave the rest of /lib/modules writable
    mkdir -p /tmp/modules
    mount -n -t ext3 /dev/xvdd /tmp/modules
-    if /sbin/modprobe overlay; then
+    if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
-        # if overlayfs is supported, use that to provide fully writable /lib/modules
+        mount "$NEWROOT" -o remount,rw
-        if ! [ -d "$NEWROOT/lib/.modules_work" ]; then
+        mkdir -p "$NEWROOT/lib/modules/$kver"
-            mkdir -p "$NEWROOT/lib/.modules_work"
+        mount "$NEWROOT" -o remount,ro
        fi
        mount -t overlay none $NEWROOT/lib/modules -o lowerdir=/tmp/modules,upperdir=$NEWROOT/lib/modules,workdir=$NEWROOT/lib/.modules_work
    else
        # otherwise mount only `uname -r` subdirectory, to leave the rest of
        # /lib/modules writable
        if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
            mkdir -p "$NEWROOT/lib/modules/$kver"
        fi
        mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
    fi
    mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
    umount /tmp/modules
    rmdir /tmp/modules
 fi
 umount /dev /sys /proc
 mount "$NEWROOT" -o remount,ro
-exec /sbin/switch_root $NEWROOT /sbin/init
+exec switch_root $NEWROOT /sbin/init
--- a/dracut/simple/module-setup.sh
+++ b/dracut/simple/module-setup.sh
@ -5,30 +5,13 @@ check() {
 }
 depends() {
-    echo dm
+    echo busybox dm
    return 0
 }
 installkernel() {
    hostonly='' instmods overlay
 }
 install() {
    inst $moddir/init.sh /init
    inst_multiple \
        basename \
        readlink \
        uname \
        grep \
        kmod \
        modprobe \
        ln \
        switch_root \
        mount \
        umount \
        mkdir \
        rmdir \
        sleep \
        sfdisk \
        mkswap
 }
--- a/dracut/xen-balloon-scrub-pages/Makefile
+++ b/dracut/xen-balloon-scrub-pages/Makefile
@ -1,4 +0,0 @@
 install:
 	install -d $(DESTDIR)/usr/lib/dracut/modules.d/80xen-scrub-pages
 	install module-setup.sh scrub_pages.sh \
 		$(DESTDIR)/usr/lib/dracut/modules.d/80xen-scrub-pages/
--- a/dracut/xen-balloon-scrub-pages/module-setup.sh
+++ b/dracut/xen-balloon-scrub-pages/module-setup.sh
@ -1,17 +0,0 @@
 #!/bin/bash
 check() {
    if [ -r /usr/share/qubes/marker-vm ]; then
        return 0
    else
        return 255
    fi
 }
 depends() {
    return 0
 }
 install() {
    inst_hook pre-trigger 60 $moddir/scrub_pages.sh
 }
--- a/dracut/xen-balloon-scrub-pages/scrub_pages.sh
+++ b/dracut/xen-balloon-scrub-pages/scrub_pages.sh
@ -1,20 +0,0 @@
 #!/bin/sh
 #
 # This file should be placed in pre-trigger directory in dracut's initramfs, or
 # scripts/local-top in case of initramfs-tools
 #
 # initramfs-tools (Debian) API
 PREREQS=""
 case "$1" in
    prereqs)
        # This runs during initramfs creation
        echo "$PREREQS"
        exit 0
        ;;
 esac
 if [ -w /sys/devices/system/xen_memory/xen_memory0/scrub_pages ]; then
    # re-enable xen-balloon pages scrubbing, after initial balloon down
    echo 1 > /sys/devices/system/xen_memory/xen_memory0/scrub_pages
 fi
--- a/grub/Makefile
+++ b/grub/Makefile
@ -1,7 +0,0 @@
 install-fedora:
 	install -D -m 0644 grub.qubes-kernel-vm-support \
 		$(DESTDIR)/etc/default/grub.qubes-kernel-vm-support
 install-debian:
 	install -D -m 0644 grub.qubes-kernel-vm-support \
 		$(DESTDIR)/etc/default/grub.d/30-qubes-kernel-vm-support.cfg
--- a/grub/grub.qubes-kernel-vm-support
+++ b/grub/grub.qubes-kernel-vm-support
@ -1,8 +0,0 @@
 # add kernel options only in VM, and only if initramfs is updated already
 # /var/lib/qubes/initramfs-updated contains "milestone" initramfs update version:
 # 1 - addition of xen scrub_pages enabling code
 if [ -r /usr/share/qubes/marker-vm ] &&
        [ "$(cat /var/lib/qubes/initramfs-updated 2>/dev/null || echo 0)" -ge 1 ]; then
    GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX xen_scrub_pages=0"
 fi
 GRUB_ENABLE_BLSCFG=false
--- a/imgconverter/qubesimgconverter/init.py
+++ b/imgconverter/qubesimgconverter/init.py
@ -23,6 +23,8 @@ Toolkit for secure transfer and conversion of images between Qubes VMs.'''
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 import colorsys
 import math
 import os
 import re
 try:
@ -33,8 +35,7 @@ import subprocess
 import sys
 import unittest
-import PIL.Image
+import cairo
 import numpy
 # those are for "zOMG UlTRa HD! WalLLpapPer 8K!!1!" to work seamlessly;
 # 8192 * 5120 * 4 B = 160 MiB, so DoS by memory exhaustion is unlikely
@ -44,7 +45,7 @@ MAX_HEIGHT = 5120
 # current max raster icon size in hicolor theme is 256 as of 2013/fedora-18
 # beyond that one probably shall use scalable icons
 # (SVG is currently unsupported)
-ICON_MAXSIZE = 2048
+ICON_MAXSIZE = 512
 # header consists of two decimal numbers, SPC and LF
 re_imghdr = re.compile(br'^\d+ \d+\n$')
@ -72,12 +73,6 @@ get_from_stream(), get_from_vm(), get_xdg_icon_from_vm(), get_through_dvm()'''
        if p.wait():
            raise Exception('Conversion failed')
    def save_pil(self, dst):
        '''Save image to disk using PIL.'''
        img = PIL.Image.frombytes('RGBA', self._size, self._rgba)
        img.save(dst)
    @property
    def data(self):
        return self._rgba
@ -93,66 +88,27 @@ get_from_stream(), get_from_vm(), get_xdg_icon_from_vm(), get_through_dvm()'''
    def tint(self, colour):
        '''Return new tinted image'''
-        tr, tg, tb = hex_to_int(colour)
+        r, g, b = hex_to_float(colour)
-        tM = max(tr, tg, tb)
+        h, _, s = colorsys.rgb_to_hls(r, g, b)
-        tm = min(tr, tg, tb)
+        result = BytesIO()
-        # (trn/tdn, tgn/tdn, tbn/tdn) is the tint color with maximum saturation
+        # duplicate the whole loop for performance reasons
-        if tm == tM:
+        if sys.version_info[0] < 3:
-            trn = 1
+            for i in range(0, self._size[0] * self._size[1] * 4, 4):
-            tgn = 1
+                r, g, b, a = tuple(ord(c) / 255. for c in self._rgba[i:i+4])
-            tbn = 1
+                _, l, _ = colorsys.rgb_to_hls(r, g, b)
-            tdn = 2
+                r, g, b = colorsys.hls_to_rgb(h, l, s)
                result.write(b''.join(chr(int(i * 255)) for i in [r, g, b, a]))
        else:
-            trn = tr - tm
+            for i in range(0, self._size[0] * self._size[1] * 4, 4):
-            tgn = tg - tm
+                r, g, b, a = tuple(c / 255. for c in self._rgba[i:i + 4])
-            tbn = tb - tm
+                _, l, _ = colorsys.rgb_to_hls(r, g, b)
-            tdn = tM - tm
+                r, g, b = colorsys.hls_to_rgb(h, l, s)
-        # use a 1D image representation since we only process a single pixel at a time
+                result.write(bytes(int(i * 255) for i in [r, g, b, a]))
        pixels = self._size[0] * self._size[1]
        x = numpy.fromstring(self._rgba, 'B').reshape(pixels, 4)
        r = x[:, 0]
        g = x[:, 1]
        b = x[:, 2]
        a = x[:, 3]
        M = numpy.maximum(numpy.maximum(r, g), b).astype('u4')
        m = numpy.minimum(numpy.minimum(r, g), b).astype('u4')
-        # Tn/Td is how much chroma range is reserved for the tint color
+        return self.__class__(rgba=result.getvalue(), size=self._size)
        # 0 -> greyscale image becomes greyscale image
        # 1 -> image becomes solid tint color
        Tn = 1
        Td = 4
        # set chroma to the original pixel chroma mapped to the Tn/Td .. 1 range
        # float c2 = (Tn/Td) + (1.0 - Tn/Td) * c
        # set lightness to the original pixel lightness mapped to the range for the new chroma value
        # float m2 = m * (1.0 - c2) / (1.0 - c)
        c = M - m
        c2 = (Tn * 255) + (Td - Tn) * c
        c2d = Td
        m2 = ((255 * c2d) - c2) * m
        # the maximum avoids division by 0 when c = 255 (m2 is 0 anyway, so m2d doesn't matter)
        m2d = numpy.maximum((255 - c) * c2d, 1)
        # precomputed values
        c2d_tdn = tdn * c2d
        m2_c2d_tdn = m2 * c2d_tdn
        m2d_c2d_tdn = m2d * c2d_tdn
        c2_m2d = c2 * m2d
        # float vt = m2 + tvn * c2
        rt = ((m2_c2d_tdn + trn * c2_m2d) // m2d_c2d_tdn).astype('B')
        gt = ((m2_c2d_tdn + tgn * c2_m2d) // m2d_c2d_tdn).astype('B')
        bt = ((m2_c2d_tdn + tbn * c2_m2d) // m2d_c2d_tdn).astype('B')
        xt = numpy.column_stack((rt, gt, bt, a))
        return self.__class__(rgba=xt.tobytes(), size=self._size)
    @classmethod
    def load_from_file(cls, filename):
@ -174,13 +130,6 @@ get_from_stream(), get_from_vm(), get_xdg_icon_from_vm(), get_through_dvm()'''
        return cls(rgba=rgba, size=size)
    @classmethod
    def load_from_file_pil(cls, filename):
        '''Loads image from local file using PIL.'''
        img = PIL.Image.open(filename)
        img = img.convert('RGBA')
        return cls(rgba=img.tobytes(), size=img.size)
    @classmethod
    def get_from_stream(cls, stream, max_width=MAX_WIDTH, max_height=MAX_HEIGHT):
        '''Carefully parse image data from stream.
@ -250,8 +199,9 @@ get_from_stream(), get_from_vm(), get_xdg_icon_from_vm(), get_through_dvm()'''
        '''Master end of image filter: writes untrusted image to stdout and
 expects header+RGBA on stdin. This method is invoked from qvm-imgconverter-client.'''
        filetype = None
        if ':' in filename:
-            filetype, filename = filename.split(':', 1)
+            filetype, filename = filename.split(':', 1)[0]
            sys.stdout.write('{0}:-\n'.format(filetype))
        else:
            sys.stdout.write('-\n')
@ -273,23 +223,26 @@ expects header+RGBA on stdin. This method is invoked from qvm-imgconverter-clien
    def __ne__(self, other):
        return not self.__eq__(other)
-def hex_to_int(colour, channels=3, depth=1):
+def hex_to_float(colour, channels=3, depth=8):
-    '''Convert hex colour definition to tuple of ints.'''
+    '''Convert hex colour definition to tuple of floats.'''
-    length = channels * depth * 2
+    if depth % 4 != 0:
-    step = depth * 2
+        raise NotImplementedError('depths not divisible by 4 are unsupported')
    length = channels * depth // 4
    step = depth // 4
    # get rid of '#' or '0x' in front of hex values
    colour = colour[-length:]
-    return tuple(int(colour[i:i+step], 0x10) for i in range(0, length, step))
+    return tuple(int(colour[i:i+step], 0x10) / float(2**depth - 1) for i in range(0, length, step))
 def tint(src, dst, colour):
    '''Tint image to reflect vm label.
-    src and dst may NOT specify ImageMagick format'''
+    src and dst may specify format, like png:aqq.gif'''
-    Image.load_from_file_pil(src).tint(colour).save_pil(dst)
+    Image.load_from_file(src).tint(colour).save(dst)
 # vim: ft=python sw=4 ts=4 et
--- a/imgconverter/qubesimgconverter/imggen.py
+++ b/imgconverter/qubesimgconverter/imggen.py
@ -38,8 +38,7 @@ def make_padlock(dst, colour, size=qubesimgconverter.ICON_MAXSIZE, disp=False):
    cs = cairo.ImageSurface(cairo.FORMAT_ARGB32, size, size)
    cr = cairo.Context(cs)
-    cr.set_source_rgb(*[c / 256.0
+    cr.set_source_rgb(*qubesimgconverter.hex_to_float(colour))
        for c in qubesimgconverter.hex_to_int(colour)])
    cr.set_line_width(.125 * size)
    cr.rectangle(.125 * size, .5 * size, .75 * size, .4375 * size)
@ -77,7 +76,7 @@ def make_padlock(dst, colour, size=qubesimgconverter.ICON_MAXSIZE, disp=False):
            cr.arc_negative(cx, cy, radius + width,         offset + (i + 1) * arrow - gap, offset + i * arrow)
            cr.close_path()
-        cr.set_source_rgb(0xcc / 256.0, 0, 0)  # tango's red
+        cr.set_source_rgb(*qubesimgconverter.hex_to_float('0xcc0000')) # tango's red
        cr.set_line_width(.0500 * size)
        cr.set_line_join(cairo.LINE_JOIN_ROUND)
        cr.stroke_preserve()
--- a/imgconverter/qubesimgconverter/test.py
+++ b/imgconverter/qubesimgconverter/test.py
@ -2,10 +2,7 @@
 from __future__ import absolute_import
-try:
+import cStringIO as StringIO
    from io import BytesIO
 except ImportError:
    from cStringIO import StringIO as BytesIO
 import unittest
 import qubesimgconverter
@ -13,8 +10,8 @@ import qubesimgconverter
 class TestCaseImage(unittest.TestCase):
    def setUp(self):
        self.rgba = \
-            b'\x00\x00\x00\xff' b'\xff\x00\x00\xff' \
+            '\x00\x00\x00\xff' '\xff\x00\x00\xff' \
-            b'\x00\xff\x00\xff' b'\x00\x00\x00\xff'
+            '\x00\xff\x00\xff' '\x00\x00\x00\xff'
        self.size = (2, 2)
        self.image = qubesimgconverter.Image(rgba=self.rgba, size=self.size)
@ -27,11 +24,11 @@ class TestCaseImage(unittest.TestCase):
        image = self.image.tint('#0000ff')
        self.assertEqual(image._rgba,
-            b'\x00\x00\x3f\xff' b'\x00\x00\xff\xff'
+            '\x00\x00\x00\xff' '\x00\x00\xff\xff'
-            b'\x00\x00\xff\xff' b'\x00\x00\x3f\xff')
+            '\x00\x00\xff\xff' '\x00\x00\x00\xff')
    def test_10_get_from_stream(self):
-        io = BytesIO('{0[0]} {0[1]}\n'.format(self.size).encode() + self.rgba)
+        io = StringIO.StringIO('{0[0]} {0[1]}\n{1}'.format(self.size, self.rgba))
        image = qubesimgconverter.Image.get_from_stream(io)
@ -39,14 +36,13 @@ class TestCaseImage(unittest.TestCase):
        self.assertEqual(image._size, self.size)
    def test_11_get_from_stream_malformed(self):
-        io = BytesIO('{0[0]} {0[1]}\n'.format(self.size).encode() +
+        io = StringIO.StringIO('{0[0]} {0[1]}\n{1}'.format(self.size, self.rgba[-1])) # one byte too short
                     self.rgba[:-1])  # one byte too short
        with self.assertRaises(Exception):
            image = qubesimgconverter.Image.get_from_stream(io)
    def test_12_get_from_stream_too_big(self):
-        io = BytesIO('{0[0]} {0[1]}\n'.format(self.size).encode() + self.rgba)  # 2x2
+        io = StringIO.StringIO('{0[0]} {0[1]}\n{1}'.format(self.size, self.rgba)) # 2x2
        with self.assertRaises(Exception):
            image = qubesimgconverter.Image.get_from_stream(io, max_width=1)
@ -61,21 +57,20 @@ class TestCaseFunctionsAndConstants(unittest.TestCase):
        self.assertEqual(qubesimgconverter.imghdrlen(100, 100), len('100 100\n'))
    def test_01_re_imghdr(self):
-        self.assertTrue(qubesimgconverter.re_imghdr.match(b'8 15\n'))
+        self.assertTrue(qubesimgconverter.re_imghdr.match('8 15\n'))
-        self.assertIsNone(qubesimgconverter.re_imghdr.match(b'8 15'))
+        self.assertIsNone(qubesimgconverter.re_imghdr.match('8 15'))
-        self.assertIsNone(qubesimgconverter.re_imghdr.match(b'815\n'))
+        self.assertIsNone(qubesimgconverter.re_imghdr.match('815\n'))
-        self.assertIsNone(qubesimgconverter.re_imghdr.match(b'x yx\n'))
+        self.assertIsNone(qubesimgconverter.re_imghdr.match('x yx\n'))
    def test_10_hex_to_float_result_00(self):
-        self.assertEqual(qubesimgconverter.hex_to_int('#000000'), (0, 0, 0))
+        self.assertEqual(qubesimgconverter.hex_to_float('#000000'), (0.0, 0.0, 0.0))
    def test_11_hex_to_float_result_ff(self):
-        self.assertEqual(qubesimgconverter.hex_to_int('0xffffff'),
+        self.assertEqual(qubesimgconverter.hex_to_float('0xffffff'), (1.0, 1.0, 1.0))
            (0xff, 0xff, 0xff))
    def test_12_hex_to_float_depth_3_not_implemented(self):
-        with self.assertRaises(ValueError):
+        with self.assertRaises(NotImplementedError):
-            qubesimgconverter.hex_to_int('123456', depth=3)
+            qubesimgconverter.hex_to_float('123456', depth=3)
 if __name__ == '__main__':
    unittest.main()
--- a/imgconverter/qubesimgconverter/test_integ.py
+++ b/imgconverter/qubesimgconverter/test_integ.py
@ -1,99 +0,0 @@
 # vim: fileencoding=utf-8
 #
 # The Qubes OS Project, https://www.qubes-os.org/
 #
 # Copyright (C) 2017
 #                   Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License along
 # with this program; if not, write to the Free Software Foundation, Inc.,
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 import itertools
 import qubes.tests.extra
 # noinspection PyPep8Naming
 class TC_00_ImgConverter(qubes.tests.extra.ExtraTestCase):
    def setUp(self):
        super(TC_00_ImgConverter, self).setUp()
        # noinspection PyAttributeOutsideInit
        self.vm = self.create_vms(["vm"])[0]
        self.vm.start()
        self.image_size = 16
        # RGB data for the image
        self.image_data = [
            (0xff // self.image_size * x, 0x80, 0xff // self.image_size * y,
            0xff)
            for x in range(self.image_size)
            for y in range(self.image_size)]
    def create_img(self, filename):
        '''Create image file with given sample content
        :param filename: output filename
        '''
        p = self.vm.run(
            'convert -size {}x{} -depth 8 rgba:- "{}" 2>&1'.format(
                self.image_size, self.image_size, filename),
            passio_popen=True)
        bytes_data = bytes(bytearray(itertools.chain(*self.image_data)))
        (stdout, _) = p.communicate(bytes_data)
        if p.returncode != 0:
            self.skipTest('failed to create test image: {}'.format(stdout))
    def assertCorrectlyTransformed(self, orig_filename, trusted_filename):
        self.assertEquals(
            self.vm.run('test -r "{}"'.format(trusted_filename), wait=True), 0)
        self.assertEquals(
            self.vm.run('test -r "{}"'.format(orig_filename), wait=True), 0)
        # retrieve original image too, to compensate for compression
        p = self.vm.run('convert "{}" rgb:-'.format(orig_filename),
            passio_popen=True)
        orig_image_data, _ = p.communicate()
        p = self.vm.run('convert "{}" rgb:-'.format(trusted_filename),
            passio_popen=True)
        trusted_image_data, _ = p.communicate()
        self.assertEquals(orig_image_data, trusted_image_data)
    def test_000_png(self):
        self.create_img('test.png')
        p = self.vm.run('qvm-convert-img test.png trusted.png 2>&1',
            passio_popen=True)
        (stdout, _) = p.communicate()
        if p.returncode == 127:
            self.skipTest('qubes-img-converter not installed')
        self.assertEquals(p.returncode, 0, 'qvm-convert-img failed: {}'.format(
            stdout))
        self.assertCorrectlyTransformed('test.png', 'trusted.png')
    def test_010_filename_with_spaces(self):
        self.create_img('test with spaces.png')
        p = self.vm.run('qvm-convert-img "test with spaces.png" '
                        '"trusted with spaces.png" 2>&1',
            passio_popen=True)
        (stdout, _) = p.communicate()
        if p.returncode == 127:
            self.skipTest('qubes-img-converter not installed')
        self.assertEquals(p.returncode, 0, 'qvm-convert-img failed: {}'.format(
            stdout))
        self.assertCorrectlyTransformed(
            'test with spaces.png', 'trusted with spaces.png')
 def list_tests():
    tests = [TC_00_ImgConverter]
    return tests
--- a/imgconverter/setup.py
+++ b/imgconverter/setup.py
@ -9,11 +9,6 @@ setuptools.setup(
    license='GPL2+',
    url='https://www.qubes-os.org/',
    packages=['qubesimgconverter'],
    entry_points={
        'qubes.tests.extra.for_template':
            'qubesimgconverter = qubesimgconverter.test_integ:list_tests',
    }
 )
 # vim: ts=4 sts=4 sw=4 et
--- a/initramfs-tools/Makefile
+++ b/initramfs-tools/Makefile
@ -1,8 +1,6 @@
 install:
 	install -D local-top/qubes_cow_setup.sh \
 		$(DESTDIR)/usr/share/initramfs-tools/scripts/local-top/qubes_cow_setup
 	install -D local-top/scrub_pages.sh \
 		$(DESTDIR)/usr/share/initramfs-tools/scripts/local-top/scrub_pages
 	install -D qubes_vm \
 		$(DESTDIR)/usr/share/initramfs-tools/hooks/qubes_vm
--- a/initramfs-tools/local-top/scrub_pages.sh
+++ b/initramfs-tools/local-top/scrub_pages.sh
@ -1 +0,0 @@
 ../../dracut/xen-balloon-scrub-pages/scrub_pages.sh
--- a/initramfs-tools/qubes_vm
+++ b/initramfs-tools/qubes_vm
@ -1,6 +1,6 @@
 #!/bin/sh
-if grep -q '^[0-]*$' /sys/hypervisor/uuid; then
+if grep -q control_d /proc/xen/capabilities; then
    echo "Not intended for dom0"
    exit 0
 fi
--- a/kernel-modules/Makefile
+++ b/kernel-modules/Makefile
@ -1,5 +1,13 @@
-install:	install-scripts
+ver		:= $(shell cat ../version)
 srcdir	:= /usr/src/u2mfn-$(ver)
 install:	install-u2mfn install-scripts
 install-scripts:
 	install -d $(DESTDIR)/usr/sbin
 	install qubes-prepare-vm-kernel $(DESTDIR)/usr/sbin
 install-u2mfn:
 	install -d $(DESTDIR)$(srcdir)
 	install -m 644 u2mfn/u2mfn.c u2mfn/Makefile $(DESTDIR)$(srcdir)
 	sed -e 's#@@VERSION@@#$(ver)#' u2mfn/dkms.conf.in > $(DESTDIR)$(srcdir)/dkms.conf
--- a/kernel-modules/qubes-prepare-vm-kernel
+++ b/kernel-modules/qubes-prepare-vm-kernel
@ -25,6 +25,14 @@ set -e
 basedir=/var/lib/qubes/vm-kernels
 function recompile_u2mfn() {
    kver=$1
    u2mfn_ver=`dkms status u2mfn|tail -n 1|cut -f 2 -d ' '|tr -d ':,'`
    if ! modinfo -k "$kver" -n u2mfn >/dev/null; then
        dkms install u2mfn/$u2mfn_ver -k $kver --no-initrd
    fi
 }
 function build_modules_img() {
    kver=$1
    initramfs=$2
@ -73,6 +81,8 @@ fi
 echo "--> Building files for $kernel_version in $output_dir"
 echo "---> Recompiling kernel module (u2mfn)"
 recompile_u2mfn "$kernel_version"
 mkdir -p "$output_dir"
 cp "/boot/vmlinuz-$kernel_version" "$output_dir/vmlinuz"
 echo "---> Generating initramfs"
--- a/kernel-modules/u2mfn/Makefile
+++ b/kernel-modules/u2mfn/Makefile
@ -0,0 +1,28 @@
 #
 # The Qubes OS Project, http://www.qubes-os.org
 #
 # Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; either version 2
 # of the License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #
 #
 obj-m                       += u2mfn.o
 clean:
 	rm -f *.o *.ko *~
 	rm -f .u2mfn.* *.mod.c Module.symvers modules.order
 	rm -fr .tmp_versions
 	rm -f Makefile.xen
--- a/kernel-modules/u2mfn/dkms.conf.in
+++ b/kernel-modules/u2mfn/dkms.conf.in
@ -0,0 +1,8 @@
 PACKAGE_VERSION="@@VERSION@@"
 # Items below here should not have to change with each driver version
 PACKAGE_NAME="u2mfn"
 BUILT_MODULE_NAME[0]="u2mfn"
 DEST_MODULE_LOCATION[0]="/extra/"
 AUTOINSTALL=yes
--- a/kernel-modules/u2mfn/u2mfn.c
+++ b/kernel-modules/u2mfn/u2mfn.c
@ -0,0 +1,172 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <linux/module.h>
 #include <linux/version.h>
 #include <linux/proc_fs.h>
 #include <linux/fs.h>
 #include <linux/mm.h>
 #include <linux/sched.h>
 #ifndef FOREIGN_FRAME_BIT
 #include <xen/page.h>
 #endif
 #include <linux/highmem.h>
 /* copy of /usr/include/u2mfn-kernel.h, to reduce requirements */
 #include <linux/ioctl.h>
 #define U2MFN_MAGIC 0xf5
 #define U2MFN_GET_MFN_FOR_PAGE _IOW(U2MFN_MAGIC, 1, int)
 #define U2MFN_GET_LAST_MFN _IO(U2MFN_MAGIC, 2)
 #if LINUX_VERSION_CODE < KERNEL_VERSION(3,0,0)
 static inline unsigned long virt_to_phys(volatile void *address)
 {
 	return __pa((unsigned long) address);
 }
 #endif
 #ifdef virt_to_mfn
 #define VIRT_TO_MFN virt_to_mfn
 #else
 extern unsigned long *phys_to_machine_mapping;
 static inline unsigned long VIRT_TO_MFN(void *addr)
 {
 	return phys_to_machine_mapping[virt_to_phys(addr) >> PAGE_SHIFT] & ~FOREIGN_FRAME_BIT;
 }
 #endif
 static int u2mfn_get_mfn(pte_t *pte, pgtable_t token, unsigned long addr, void *data) {
    *((unsigned long *) data) = pfn_to_mfn(pte_pfn(*pte));
    return 0;
 }
 /// User virtual address to mfn translator
 /**
    \param cmd ignored
    \param data the user-specified address
    \return mfn corresponding to "data" argument, or -1 on error
 */
 static long u2mfn_ioctl(struct file *f, unsigned int cmd,
 		       unsigned long data)
 {
 	long ret;
 	unsigned long mfn;
 	if (_IOC_TYPE(cmd) != U2MFN_MAGIC) {
 		printk("Qubes u2mfn: wrong IOCTL magic");
 		return -ENOTTY;
 	}
 	switch (cmd) {
 	case U2MFN_GET_MFN_FOR_PAGE:
 		ret = apply_to_page_range(current->mm, data, PAGE_SIZE, u2mfn_get_mfn, &mfn);
 		if (ret < 0 || mfn == INVALID_P2M_ENTRY) {
 			printk("U2MFN_GET_MFN_FOR_PAGE: failed to get mfn, "
 			       "addr=0x%lx ret=0x%lx\n", data, ret);
 			return -1;
 		}
 		ret = mfn;
 		break;
 	case U2MFN_GET_LAST_MFN:
 		if (f->private_data)
 			ret = VIRT_TO_MFN(f->private_data);
 		else
 			ret = 0;
 		break;
 	default:
 		printk("Qubes u2mfn: wrong ioctl passed!\n");
 		return -ENOTTY;
 	}
 	return ret;
 }
 static int u2mfn_mmap(struct file *f, struct vm_area_struct *vma)
 {
 	int ret;
 	char *kbuf;
 	long length = vma->vm_end - vma->vm_start;
 	printk("u2mfn_mmap: entering, private=%p\n", f->private_data);
 	if (f->private_data)
 		return -EBUSY;
 	if (length != PAGE_SIZE)
 		return -EINVAL;
 	kbuf = (char *) __get_free_page(GFP_KERNEL);
 	if (!kbuf)
 		return -ENOMEM;
 	f->private_data = kbuf;
 	ret = remap_pfn_range(vma, vma->vm_start,
 			      virt_to_phys(kbuf) >> PAGE_SHIFT,
 			      length, vma->vm_page_prot);
 	printk("u2mfn_mmap: calling remap return %d\n", ret);
 	if (ret)
 		return ret;
 	return 0;
 }
 static int u2mfn_release(struct inode *i, struct file *f)
 {
 	printk("u2mfn_release, priv=%p\n", f->private_data);
 	if (f->private_data)
 		__free_page(f->private_data);
 	f->private_data = NULL;
 	return 0;
 }
 static struct file_operations u2mfn_fops = {
 	.unlocked_ioctl = u2mfn_ioctl,
 	.mmap = u2mfn_mmap,
 	.release = u2mfn_release
 };
 /// u2mfn module registration
 /**
    tries to register "/proc/u2mfn" pseudofile
 */
 static int u2mfn_init(void)
 {
 	struct proc_dir_entry *u2mfn_node =
 	    proc_create_data("u2mfn", 0666, NULL,
 			     &u2mfn_fops, 0);
 	if (!u2mfn_node)
 		return -1;
 	return 0;
 }
 static void u2mfn_exit(void)
 {
 	remove_proc_entry("u2mfn", 0);
 }
 module_init(u2mfn_init);
 module_exit(u2mfn_exit);
 MODULE_LICENSE("GPL");
--- a/qmemman/qubes-meminfo-writer-dom0.service
+++ b/qmemman/qubes-meminfo-writer-dom0.service
@ -1,6 +1,5 @@
 [Unit]
 Description=Qubes memory information reporter
 Before=systemd-user-sessions.service
 After=qubes-core.service qubes-qmemman.service
 ConditionPathExists=/var/run/qubes/qmemman.sock
--- a/qrexec-lib/Makefile
+++ b/qrexec-lib/Makefile
@ -1,9 +1,19 @@
 CC=gcc
-CFLAGS+=-I. -g -O2 -Wall -Wextra -Werror -pie -fPIC
+CFLAGS+=-I. -g -O2 -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
 COMMONIOALL=ioall.o
 SO_VER=2
 LDFLAGS+=-shared
 VCHANLIBS = `pkg-config --libs vchan-$(BACKEND_VMM)`
-all: libqubes-rpc-filecopy.so.$(SO_VER)
+_XENSTORE_H=$(shell ls /usr/include/xenstore.h)
 ifneq "$(_XENSTORE_H)" ""
 	CFLAGS+= -DUSE_XENSTORE_H
 endif
 all: libqrexec-utils.so.$(SO_VER) libqubes-rpc-filecopy.so.$(SO_VER)
 libqrexec-utils.so.$(SO_VER): unix-server.o ioall.o buffer.o exec.o txrx-vchan.o write-stdin.o
 	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^ $(VCHANLIBS)
 libqubes-rpc-filecopy.so.$(SO_VER): ioall.o copy-file.o crc32.o unpack.o pack.o
 	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^
@ -14,7 +24,12 @@ clean:
 install:
 	mkdir -p $(DESTDIR)$(LIBDIR)
 	cp libqrexec-utils.so.$(SO_VER) $(DESTDIR)$(LIBDIR)
 	ln -s libqrexec-utils.so.$(SO_VER) $(DESTDIR)$(LIBDIR)/libqrexec-utils.so
 	cp libqubes-rpc-filecopy.so.$(SO_VER) $(DESTDIR)$(LIBDIR)
 	ln -s libqubes-rpc-filecopy.so.$(SO_VER) $(DESTDIR)$(LIBDIR)/libqubes-rpc-filecopy.so
 	mkdir -p $(DESTDIR)$(INCLUDEDIR)
 	cp libqrexec-utils.h $(DESTDIR)$(INCLUDEDIR)
 	cp libqubes-rpc-filecopy.h $(DESTDIR)$(INCLUDEDIR)
 	cp qrexec.h $(DESTDIR)$(INCLUDEDIR)
--- a/qrexec-lib/buffer.c
+++ b/qrexec-lib/buffer.c
@ -0,0 +1,115 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "libqrexec-utils.h"
 #define BUFFER_LIMIT 50000000
 static int total_mem;
 static char *limited_malloc(int len)
 {
    char *ret;
    total_mem += len;
    if (total_mem > BUFFER_LIMIT) {
        fprintf(stderr, "attempt to allocate >BUFFER_LIMIT\n");
        exit(1);
    }
    ret = malloc(len);
    if (!ret) {
        perror("malloc");
        exit(1);
    }
    return ret;
 }
 static void limited_free(char *ptr, int len)
 {
    free(ptr);
    total_mem -= len;
 }
 void buffer_init(struct buffer *b)
 {
    b->buflen = 0;
    b->data = NULL;
 }
 void buffer_free(struct buffer *b)
 {
    if (b->buflen)
        limited_free(b->data, b->buflen);
    buffer_init(b);
 }
 /*
   The following two functions can be made much more efficient.
   Yet the profiling output show they are not significant CPU hogs, so
   we keep them so simple to make them obviously correct.
   */
 void buffer_append(struct buffer *b, const char *data, int len)
 {
    int newsize;
    char *qdata;
    if (len < 0 || len > BUFFER_LIMIT) {
        fprintf(stderr, "buffer_append %d\n", len);
        exit(1);
    }
    if (len == 0)
        return;
    newsize = len + b->buflen;
    qdata = limited_malloc(len + b->buflen);
    memcpy(qdata, b->data, b->buflen);
    memcpy(qdata + b->buflen, data, len);
    buffer_free(b);
    b->buflen = newsize;
    b->data = qdata;
 }
 void buffer_remove(struct buffer *b, int len)
 {
    int newsize;
    char *qdata = NULL;
    if (len < 0 || len > b->buflen) {
        fprintf(stderr, "buffer_remove %d/%d\n", len, b->buflen);
        exit(1);
    }
    newsize = b->buflen - len;
    if (newsize > 0) {
        qdata = limited_malloc(newsize);
        memcpy(qdata, b->data + len, newsize);
    }
    buffer_free(b);
    b->buflen = newsize;
    b->data = qdata;
 }
 int buffer_len(struct buffer *b)
 {
    return b->buflen;
 }
 void *buffer_data(struct buffer *b)
 {
    return b->data;
 }
--- a/qrexec-lib/exec.c
+++ b/qrexec-lib/exec.c
@ -0,0 +1,83 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/socket.h>
 #include <sys/types.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <stdio.h>
 #include "libqrexec-utils.h"
 static do_exec_t *exec_func = NULL;
 void register_exec_func(do_exec_t *func) {
    exec_func = func;
 }
 void fix_fds(int fdin, int fdout, int fderr)
 {
    int i;
    for (i = 0; i < 256; i++)
        if (i != fdin && i != fdout && i != fderr)
            close(i);
    dup2(fdin, 0);
    dup2(fdout, 1);
    dup2(fderr, 2);
    close(fdin);
    close(fdout);
    if (fderr != 2)
        close(fderr);
 }
 void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
        int *stderr_fd)
 {
    int inpipe[2], outpipe[2], errpipe[2];
    if (socketpair(AF_UNIX, SOCK_STREAM, 0, inpipe) || 
            socketpair(AF_UNIX, SOCK_STREAM, 0, outpipe) || 
            (stderr_fd && socketpair(AF_UNIX, SOCK_STREAM, 0, errpipe))) {
        perror("socketpair");
        exit(1);
    }
    switch (*pid = fork()) {
        case -1:
            perror("fork");
            exit(-1);
        case 0:
            if (stderr_fd) {
                fix_fds(inpipe[0], outpipe[1], errpipe[1]);
            } else
                fix_fds(inpipe[0], outpipe[1], 2);
            if (exec_func != NULL)
                exec_func(cmdline);
            exit(-1);
        default:;
    }
    close(inpipe[0]);
    close(outpipe[1]);
    *stdin_fd = inpipe[1];
    *stdout_fd = outpipe[0];
    if (stderr_fd) {
        close(errpipe[1]);
        *stderr_fd = errpipe[0];
    }
 }
--- a/qrexec-lib/libqrexec-utils.h
+++ b/qrexec-lib/libqrexec-utils.h
@ -0,0 +1,64 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 * Copyright (C) 2013  Marek Marczykowski  <marmarek@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/select.h>
 #include <libvchan.h>
 struct buffer {
    char *data;
    int buflen;
 };
 /* return codes for buffered writes */
 #define WRITE_STDIN_OK        0 /* all written */
 #define WRITE_STDIN_BUFFERED  1 /* something still in the buffer */
 #define WRITE_STDIN_ERROR     2 /* write error, errno set */
 typedef void (do_exec_t)(const char *);
 void register_exec_func(do_exec_t *func);
 void buffer_init(struct buffer *b);
 void buffer_free(struct buffer *b);
 void buffer_append(struct buffer *b, const char *data, int len);
 void buffer_remove(struct buffer *b, int len);
 int buffer_len(struct buffer *b);
 void *buffer_data(struct buffer *b);
 int flush_client_data(int fd, struct buffer *buffer);
 int write_stdin(int fd, const char *data, int len, struct buffer *buffer);
 int fork_and_flush_stdin(int fd, struct buffer *buffer);
 void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
        int *stderr_fd);
 void wait_for_vchan_or_argfd(libvchan_t *vchan, int max, fd_set * rdset, fd_set * wrset);
 int read_vchan_all(libvchan_t *vchan, void *data, size_t size);
 int write_vchan_all(libvchan_t *vchan, const void *data, size_t size);
 int read_all(int fd, void *buf, int size);
 int write_all(int fd, const void *buf, int size);
 void fix_fds(int fdin, int fdout, int fderr);
 void set_nonblock(int fd);
 void set_block(int fd);
 int get_server_socket(const char *);
 int do_accept(int s);
 void set_nonblock(int fd);
--- a/qrexec-lib/qrexec.h
+++ b/qrexec-lib/qrexec.h
@ -0,0 +1,122 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 /* See also http://wiki.qubes-os.org/trac/wiki/Qrexec */
 #include <stdint.h>
 #define QREXEC_PROTOCOL_VERSION 2
 #define MAX_FDS 256
 #define MAX_DATA_CHUNK 4096
 #define RPC_REQUEST_COMMAND "QUBESRPC"
 #define RPC_REQUEST_COMMAND_LEN (sizeof(RPC_REQUEST_COMMAND)-1)
 #define NOGUI_CMD_PREFIX "nogui:"
 #define NOGUI_CMD_PREFIX_LEN (sizeof(NOGUI_CMD_PREFIX)-1)
 #define VCHAN_BASE_PORT 512
 #define MAX_DATA_CHUNK 4096
 /* Messages sent over control vchan between daemon(dom0) and agent(vm).
 * The same are used between client(dom0) and daemon(dom0).
 */
 enum {
    /* daemon->agent messages */
    /* start process in VM and pass its stdin/out/err to dom0
     * struct exec_params passed as data */
    MSG_EXEC_CMDLINE = 0x200,
    /* start process in VM discarding its stdin/out/err (connect to /dev/null)
    * struct exec_params passed as data */
    MSG_JUST_EXEC,
    /* connect to existing process in VM to receive its stdin/out/err
     * struct service_params passed as cmdline field in exec_params */
    MSG_SERVICE_CONNECT,
    /* refuse to start a service (denied by policy, invalid parameters etc)
     * struct service_params passed as data to identify which service call was
     * refused */
    MSG_SERVICE_REFUSED,
    /* agent->daemon messages */
    /* call Qubes RPC service
     * struct trigger_service_params passed as data */
    MSG_TRIGGER_SERVICE = 0x210,
    /* connection was terminated, struct exec_params passed as data (with empty
     * cmdline field) informs about released vchan port */
    MSG_CONNECTION_TERMINATED,
    /* common messages */
    /* initialize connection, struct peer_info passed as data
     * should be sent as the first message (server first, then client) */
    MSG_HELLO = 0x300,
 };
 /* uniform for all peers, data type depends on message type */
 struct msg_header {
    uint32_t type;           /* message type */
    uint32_t len;            /* data length */
 };
 /* variable size */
 struct exec_params {
    uint32_t connect_domain; /* target domain name */
    uint32_t connect_port;   /* target vchan port for i/o exchange */
    char cmdline[0];         /* command line to execute, null terminated, size = msg_header.len - sizeof(struct exec_params) */
 };
 struct service_params {
    char ident[32];          /* null terminated ASCII string */
 };
 struct trigger_service_params {
    char service_name[64];            /* null terminated ASCII string */
    char target_domain[32];           /* null terminated ASCII string */
    struct service_params request_id; /* service request id */
 };
 struct peer_info {
    uint32_t version; /* qrexec protocol version */
 };
 /* data vchan client<->agent, separate for each VM process */
 enum {
    /* stdin dom0->VM */
    MSG_DATA_STDIN = 0x190,
    /* stdout VM->dom0 */
    MSG_DATA_STDOUT,
    /* stderr VM->dom0 */
    MSG_DATA_STDERR,
    /* VM process exit code VM->dom0 (uint32_t) */
    MSG_DATA_EXIT_CODE,
 };
 // linux-specific stuff below
 #define QREXEC_AGENT_TRIGGER_PATH "/var/run/qubes/qrexec-agent"
 #define QREXEC_AGENT_FDPASS_PATH "/var/run/qubes/qrexec-agent-fdpass"
 #define MEMINFO_WRITER_PIDFILE "/var/run/meminfo-writer.pid"
 #define QUBES_RPC_MULTIPLEXER_PATH "/usr/lib/qubes/qubes-rpc-multiplexer"
 #define QREXEC_DAEMON_SOCKET_DIR "/var/run/qubes"
--- a/qrexec-lib/txrx-vchan.c
+++ b/qrexec-lib/txrx-vchan.c
@ -0,0 +1,104 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <unistd.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <signal.h>
 #include <errno.h>
 #include <libvchan.h>
 int wait_for_vchan_or_argfd_once(libvchan_t *ctrl, int max, fd_set * rdset, fd_set * wrset)
 {
    int vfd, ret;
    struct timespec tv = { 1, 100000000 };
    sigset_t empty_set;
    sigemptyset(&empty_set);
    vfd = libvchan_fd_for_select(ctrl);
    FD_SET(vfd, rdset);
    if (vfd > max)
        max = vfd;
    max++;
    ret = pselect(max, rdset, wrset, NULL, &tv, &empty_set);
    if (ret < 0) {
        if (errno != EINTR) {
            perror("select");
            exit(1);
        } else {
            FD_ZERO(rdset);
            FD_ZERO(wrset);
            fprintf(stderr, "eintr\n");
            return 1;
        }
    }
    if (!libvchan_is_open(ctrl)) {
        fprintf(stderr, "libvchan_is_eof\n");
        exit(0);
    }
    if (FD_ISSET(vfd, rdset))
        // the following will never block; we need to do this to
        // clear libvchan_fd pending state 
        libvchan_wait(ctrl);
    if (libvchan_data_ready(ctrl))
        return 1;
    return ret;
 }
 void wait_for_vchan_or_argfd(libvchan_t *ctrl, int max, fd_set * rdset, fd_set * wrset)
 {
    fd_set r = *rdset, w = *wrset;
    do {
        *rdset = r;
        *wrset = w;
    }
    while (wait_for_vchan_or_argfd_once(ctrl, max, rdset, wrset) == 0);
 }
 int write_vchan_all(libvchan_t *vchan, const void *data, size_t size) {
    size_t pos;
    int ret;
    pos = 0;
    while (pos < size) {
        ret = libvchan_write(vchan, data+pos, size-pos);
        if (ret < 0)
            return 0;
        pos += ret;
    }
    return 1;
 }
 int read_vchan_all(libvchan_t *vchan, void *data, size_t size) {
    size_t pos;
    int ret;
    pos = 0;
    while (pos < size) {
        ret = libvchan_read(vchan, data+pos, size-pos);
        if (ret < 0)
            return 0;
        pos += ret;
    }
    return 1;
 }
--- a/qrexec-lib/unix-server.c
+++ b/qrexec-lib/unix-server.c
@ -0,0 +1,73 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/socket.h>
 #include <sys/un.h>
 #include <stdio.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <stdlib.h>
 //#include "qrexec.h"
 int get_server_socket(const char *socket_address)
 {
    struct sockaddr_un sockname;
    int s;
    unlink(socket_address);
    s = socket(AF_UNIX, SOCK_STREAM, 0);
    if (s < 0) {
        printf("socket() failed\n");
        exit(1);
    }
    memset(&sockname, 0, sizeof(sockname));
    sockname.sun_family = AF_UNIX;
    strncpy(sockname.sun_path, socket_address, sizeof sockname.sun_path);
    sockname.sun_path[sizeof sockname.sun_path - 1] = 0;
    if (bind(s, (struct sockaddr *) &sockname, sizeof(sockname)) == -1) {
        printf("bind() failed\n");
        close(s);
        exit(1);
    }
    //      chmod(sockname.sun_path, 0666);
    if (listen(s, 5) == -1) {
        perror("listen() failed\n");
        close(s);
        exit(1);
    }
    return s;
 }
 int do_accept(int s)
 {
    struct sockaddr_un peer;
    unsigned int addrlen;
    int fd;
    addrlen = sizeof(peer);
    fd = accept(s, (struct sockaddr *) &peer, &addrlen);
    if (fd == -1) {
        perror("unix accept");
        exit(1);
    }
    return fd;
 }
--- a/qrexec-lib/unpack.c
+++ b/qrexec-lib/unpack.c
@ -33,6 +33,10 @@ void send_status_and_crc(int code, const char *last_filename);
 #define O_TMPFILE_MASK (__O_TMPFILE | O_DIRECTORY | O_CREAT)
 #endif
 #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 14)
 #define HAVE_SYNCFS
 #endif
 void do_exit(int code, const char *last_filename)
 {
    close(0);
@ -209,8 +213,10 @@ void process_one_file(struct file_header *untrusted_hdr)
 int do_unpack(void)
 {
    struct file_header untrusted_hdr;
 #ifdef HAVE_SYNCFS
    int cwd_fd;
    int saved_errno;
 #endif
    total_bytes = total_files = 0;
    /* initialize checksum */
@ -227,10 +233,14 @@ int do_unpack(void)
        process_one_file(&untrusted_hdr);
    }
 #ifdef HAVE_SYNCFS
    saved_errno = errno;
    cwd_fd = open(".", O_RDONLY);
    if (cwd_fd >= 0 && syncfs(cwd_fd) == 0 && close(cwd_fd) == 0)
        errno = saved_errno;
 #else
    sync();
 #endif
    send_status_and_crc(errno, untrusted_namebuf);
    return errno;
--- a/qrexec-lib/write-stdin.c
+++ b/qrexec-lib/write-stdin.c
@ -0,0 +1,119 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <stdio.h>
 #include <unistd.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
 #include <libvchan.h>
 #include "qrexec.h"
 #include "libqrexec-utils.h"
 /* 
 There is buffered data in "buffer" for client and select()
 reports that "fd" is writable. Write as much as possible to fd.
 */
 int flush_client_data(int fd, struct buffer *buffer)
 {
    int ret;
    int len;
    for (;;) {
        len = buffer_len(buffer);
        if (!len) {
            return WRITE_STDIN_OK;
        }
        if (len > MAX_DATA_CHUNK)
            len = MAX_DATA_CHUNK;
        ret = write(fd, buffer_data(buffer), len);
        if (ret == -1) {
            if (errno != EAGAIN) {
                return WRITE_STDIN_ERROR;
            } else
                return WRITE_STDIN_BUFFERED;
        }
        // we previously called buffer_remove(buffer, len)
        // it will be wrong if we change MAX_DATA_CHUNK to something large
        // as pipes writes are atomic only to PIPE_MAX limit 
        buffer_remove(buffer, ret);
    }
 }
 /*
 * Write "len" bytes from "data" to "fd". If not all written, buffer the rest
 * to "buffer".
 */
 int write_stdin(int fd, const char *data, int len, struct buffer *buffer)
 {
    int ret;
    int written = 0;
    if (buffer_len(buffer)) {
        buffer_append(buffer, data, len);
        return WRITE_STDIN_BUFFERED;
    }
    while (written < len) {
        ret = write(fd, data + written, len - written);
        if (ret == 0) {
            perror("write_stdin: write returns 0 ???");
            exit(1);
        }
        if (ret == -1) {
            if (errno != EAGAIN)
                return WRITE_STDIN_ERROR;
            buffer_append(buffer, data + written,
                    len - written);
            return WRITE_STDIN_BUFFERED;
        }
        written += ret;
    }
    return WRITE_STDIN_OK;
 }
 /* 
 * Data feed process has exited, so we need to clear all control structures for 
 * the client. However, if we have buffered data for the client (which is rare btw),
 * fire&forget a separate process to flush them.
 */
 int fork_and_flush_stdin(int fd, struct buffer *buffer)
 {
    int i;
    if (!buffer_len(buffer))
        return 0;
    switch (fork()) {
        case -1:
            perror("fork");
            exit(1);
        case 0:
            break;
        default:
            return 1;
    }
    for (i = 0; i < MAX_FDS; i++)
        if (i != fd && i != 2)
            close(i);
    set_block(fd);
    write_all(fd, buffer_data(buffer), buffer_len(buffer));
    _exit(0);
 }
--- a/rpm_spec/qubes-kernel-vm-support.spec.in
+++ b/rpm_spec/qubes-kernel-vm-support.spec.in
@ -19,11 +19,16 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #
 %{!?version: %define version %(cat version)}
 # Package contains /usr/lib, but not binary files, which confuses find-debuginfo.sh script.
 %global debug_package %{nil}
 Name:		qubes-kernel-vm-support
-Version:	@VERSION@
+Version:	%{version}
 Release:	1%{?dist}
-Summary:	Qubes VM initramfs modules
+Summary:	Qubes VM kernel and initramfs modules
 Source0:    qubes-utils-%{version}.tar.gz
 Group:		Qubes
 Vendor:     Invisible Things Lab
@ -31,6 +36,10 @@ License:	GPL v2 only
 URL:		http://www.qubes-os.org
 Requires:	dracut
 Requires:	dkms
 Requires:	busybox
 %define _builddir %(pwd)
 %description
 This package contains:
@ -38,8 +47,17 @@ This package contains:
 needed in VM only when the VM uses its own kernel (via pvgrub or so). Otherwise
 initrd is provided by dom0.
 2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
 libvchan library.
 %prep
-%setup -q -n qubes-utils-%{version}
+# we operate on the current directory, so no need to unpack anything
 # symlink is to generate useful debuginfo packages
 rm -f %{name}-%{version}
 ln -sf . %{name}-%{version}
 %setup -T -D
 %build
 %install
 make install-fedora-kernel-support DESTDIR=%{buildroot}
@ -48,40 +66,14 @@ make install-fedora-kernel-support DESTDIR=%{buildroot}
 /usr/lib/dracut/modules.d/90qubes-vm
 /usr/lib/dracut/modules.d/90qubes-vm-modules
 /usr/lib/dracut/modules.d/90qubes-vm-simple
-/usr/lib/dracut/modules.d/80xen-scrub-pages
+/usr/src/u2mfn-%{version}/
 /usr/sbin/qubes-prepare-vm-kernel
 %config(noreplace) /etc/default/grub.qubes-kernel-vm-support
-%triggerin -- grub2-tools
+%post
-if ! grep -q '/etc/default/grub.qubes-kernel-vm-support$' /etc/default/grub 2>/dev/null; then
+dkms add -m u2mfn -v %{version} --rpm_safe_upgrade
    # do not keep Qubes-related settings directly in user-controlled config,
    # include another file
    echo '. /etc/default/grub.qubes-kernel-vm-support' >> /etc/default/grub
 fi
 %preun
-if [ $1 -eq 0 ]; then
+dkms remove -m u2mfn -v %{version} --all --rpm_safe_upgrade
    if grep -q '/etc/default/grub.qubes-kernel-vm-support$' /etc/default/grub 2>/dev/null; then
        sed -i -e '/grub.qubes-kernel-vm-support$/d' /etc/default/grub
    fi
 fi
 %posttrans
 # Rebuild all initramfs images to include updated modules
 if [ -r /usr/share/qubes/marker-vm ] && [ -x /usr/bin/dracut ]; then
    ret=0
    for img in /boot/initramfs-*.img; do
        kver="${img#*initramfs-}"
        kver="${kver%.img}"
        dracut -f "$img" "$kver" || ret=$?
    done
    if [ "$ret" -eq 0 ]; then
        # "milestone" initramfs update version:
        # 1 - addition of xen scrub_pages enabling code
        echo 1 > /var/lib/qubes/initramfs-updated
    fi
 fi
 %changelog
-@CHANGELOG@
+
--- a/rpm_spec/qubes-utils.spec.in
+++ b/rpm_spec/qubes-utils.spec.in
@ -1,8 +1,12 @@
 %define version %(cat version)
 %if 0%{?qubes_builder}
 %define _builddir %(pwd)
 %endif
 Name:		qubes-utils
-Version:	@VERSION@
+Version:	%{version}
 Release:	1%{?dist}
 Summary:	Common Linux files for Qubes Dom0 and VM
 Source0:    %{name}-%{version}.tar.gz
 Group:		Qubes
 License:	GPL
@ -11,43 +15,41 @@ URL:		http://www.qubes-os.org
 Requires:	udev
 Requires:	%{name}-libs
 Requires:	ImageMagick
-Requires:	python%{python3_pkgversion}-qubesimgconverter
+Requires:	python3-qubesimgconverter
-%{?systemd_requires}
+BuildRequires:  qubes-libvchan-devel
-BuildRequires:  systemd
+BuildRequires:  python-setuptools
-BuildRequires:  python2-setuptools
+%if 0%{?rhel} >= 7
-BuildRequires:  python%{python3_pkgversion}-setuptools
+BuildRequires:  python34-setuptools
 %else
 BuildRequires:  python3-setuptools
 %endif
 BuildRequires:  python2-rpm-macros
 BuildRequires:  python3-rpm-macros
 # for meminfo-writer
 BuildRequires:  xen-devel
 BuildRequires:	gcc
 %description
 Common Linux files for Qubes Dom0 and VM
 %package -n python2-qubesimgconverter
 Summary:    Python package qubesimgconverter
-Requires:   python2
+Requires:   python
 Requires:   pycairo
 %if 0%{?rhel} >= 7
 Requires:   python-pillow
 Requires:   numpy
 %else
 Requires:   python2-pillow
 Requires:   python2-numpy
 %endif
 %description -n python2-qubesimgconverter
 Python package qubesimgconverter
-%package -n python%{python3_pkgversion}-qubesimgconverter
+%package -n python3-qubesimgconverter
 Summary:    Python package qubesimgconverter
-Requires:   python%{python3_pkgversion}
+%if 0%{?rhel} >= 7
-Requires:   python%{python3_pkgversion}-cairo
+Requires:   python34
-Requires:   python%{python3_pkgversion}-pillow
+Requires:   pycairo
-Requires:   python%{python3_pkgversion}-numpy
+%else
 Requires:   python3
 Requires:   python3-cairo
 %endif
-%description -n python%{python3_pkgversion}-qubesimgconverter
+%description -n python3-qubesimgconverter
 Python package qubesimgconverter
 %package devel
@ -66,11 +68,15 @@ Release:	1%{?dist}
 Libraries for qubes-utils
 %prep
-%setup -q
+# we operate on the current directory, so no need to unpack anything
 # symlink is to generate useful debuginfo packages
 rm -f %{name}-%{version}
 ln -sf . %{name}-%{version}
 %setup -T -D
 %build
-export PYTHON=%{__python2}
+make all
 make all BACKEND_VMM=@BACKEND_VMM@
 %install
 make install DESTDIR=%{buildroot} PYTHON=%{__python2}
@ -79,17 +85,15 @@ rm -rf imgconverter/build
 %post
 # dom0
-%systemd_post qubes-meminfo-writer-dom0.service
+/bin/systemctl enable qubes-meminfo-writer-dom0.service > /dev/null 2>&1
 # VM
-%systemd_post qubes-meminfo-writer.service
+/bin/systemctl enable qubes-meminfo-writer.service > /dev/null 2>&1
 %preun
 %systemd_preun qubes-meminfo-writer-dom0.service
 %systemd_preun qubes-meminfo-writer.service
 %postun
-%systemd_postun_with_restart qubes-meminfo-writer-dom0.service
+if [ $1 -eq 0 ]; then
-%systemd_postun_with_restart qubes-meminfo-writer.service
+    /bin/systemctl disable qubes-meminfo-writer.service > /dev/null 2>&1
    /bin/systemctl disable qubes-meminfo-writer.service > /dev/null 2>&1
 fi
 %post libs -p /sbin/ldconfig
 %postun libs -p /sbin/ldconfig
@ -99,34 +103,36 @@ rm -rf $RPM_BUILD_ROOT
 %files
 %defattr(-,root,root,-)
-/lib/udev/rules.d/*-qubes-*.rules
+/lib/udev/rules.d/99-qubes-*.rules
 /usr/lib/qubes/udev-*
 %{_sbindir}/meminfo-writer
 %{_unitdir}/qubes-meminfo-writer.service
 %{_unitdir}/qubes-meminfo-writer-dom0.service
 %files -n python2-qubesimgconverter
-%{python2_sitelib}/qubesimgconverter/__init__.py*
+%{python_sitelib}/qubesimgconverter/__init__.py*
-%{python2_sitelib}/qubesimgconverter/imggen.py*
+%{python_sitelib}/qubesimgconverter/imggen.py*
-%{python2_sitelib}/qubesimgconverter/test.py*
+%{python_sitelib}/qubesimgconverter/test.py*
-%{python2_sitelib}/qubesimgconverter/test_integ.py*
+%{python_sitelib}/qubesimgconverter-%{version}-py?.?.egg-info/*
 %{python2_sitelib}/qubesimgconverter-%{version}-py?.?.egg-info
-%files -n python%{python3_pkgversion}-qubesimgconverter
+%files -n python3-qubesimgconverter
 %{python3_sitelib}/qubesimgconverter/__init__.py
 %{python3_sitelib}/qubesimgconverter/imggen.py
 %{python3_sitelib}/qubesimgconverter/test.py
-%{python3_sitelib}/qubesimgconverter/test_integ.py
+%{python3_sitelib}/qubesimgconverter-%{version}-py?.?.egg-info/*
 %{python3_sitelib}/qubesimgconverter-%{version}-py?.?.egg-info
 %{python3_sitelib}/qubesimgconverter/__pycache__
 %files libs
 %{_libdir}/libqrexec-utils.so.2
 %{_libdir}/libqubes-rpc-filecopy.so.2
 %files devel
 %defattr(-,root,root,-)
 /usr/include/libqrexec-utils.h
 /usr/include/libqubes-rpc-filecopy.h
 /usr/include/qrexec.h
 %{_libdir}/libqrexec-utils.so
 %{_libdir}/libqubes-rpc-filecopy.so
 %changelog
-@CHANGELOG@
+
--- a/udev/Makefile
+++ b/udev/Makefile
@ -5,7 +5,6 @@ install:
 	cp udev-qubes-block.rules $(DESTDIR)$(SYSLIBDIR)/udev/rules.d/99-qubes-block.rules
 	cp udev-qubes-usb.rules $(DESTDIR)$(SYSLIBDIR)/udev/rules.d/99-qubes-usb.rules
 	cp udev-qubes-misc.rules $(DESTDIR)$(SYSLIBDIR)/udev/rules.d/99-qubes-misc.rules
 	cp udev-qubes-dmroot.rules $(DESTDIR)$(SYSLIBDIR)/udev/rules.d/90-qubes-dmroot.rules
 	mkdir -p $(DESTDIR)$(SCRIPTSDIR)
 	cp udev-block-add-change $(DESTDIR)$(SCRIPTSDIR)
--- a/udev/udev-block-add-change
+++ b/udev/udev-block-add-change
@ -119,12 +119,6 @@ if [ "$MAJOR" -eq 7 -a ! -d /sys/$DEVPATH/loop ]; then
    exit 0
 fi
 # or unconnected Network Block Device
 if [ "$MAJOR" -eq 43 -a ! -e /sys/$DEVPATH/pid ]; then
    xs_remove
    exit 0
 fi
 # ... and loop devices from excluded directories
 if [[ "$NAME" = 'loop'* ]]; then
    backing_file=$(cat /sys/block/${NAME}/loop/backing_file)
--- a/udev/udev-qubes-block.rules
+++ b/udev/udev-qubes-block.rules
@ -10,9 +10,6 @@ KERNEL=="xvda|xvdb|xvdc*|xvdd", ENV{UDISKS_IGNORE}="1"
 # Skip xen-blkfront devices
 ENV{MAJOR}=="202", GOTO="qubes_block_end"
 # skip devices excluded elsewhere
 ENV{DM_UDEV_DISABLE_DISK_RULES_FLAG}=="1", GOTO="qubes_block_end"
 # Skip device-mapper devices
 KERNEL=="dm-*", ENV{DM_NAME}=="snapshot-*", GOTO="qubes_block_end"
 KERNEL=="dm-*", ENV{DM_NAME}=="origin-*", GOTO="qubes_block_end"
--- a/udev/udev-qubes-dmroot.rules
+++ b/udev/udev-qubes-dmroot.rules
@ -1,5 +0,0 @@
 # Create /dev/mapper/dmroot symlink on TemplateVM/StandaloneVM to make
 # grub-mkconfig happy.
 # On TemplateBasedVM, it is really a device mapper device.
 SUBSYSTEM=="block", ENV{ID_PART_ENTRY_NAME}=="Root\x20filesystem", ATTR{ro}=="0", SYMLINK+="mapper/dmroot"
--- a/udev/udev-qubes-misc.rules
+++ b/udev/udev-qubes-misc.rules
@ -4,4 +4,3 @@ KERNEL=="xen/gntdev", MODE="0660", GROUP="qubes"
 KERNEL=="xen/gntalloc", MODE="0660", GROUP="qubes"
 KERNEL=="xen/privcmd", MODE="0660", GROUP="qubes"
 KERNEL=="xen/xenbus", MODE="0660", GROUP="qubes"
 KERNEL=="xen/hypercall", MODE="0660", GROUP="qubes"
--- a/udev/udev-usb-add-change
+++ b/udev/udev-usb-add-change
@ -25,7 +25,7 @@ VERSION=`cat /sys/$DEVPATH/version | tr -d ' '|cut -f 1 -d .`
 # ignore usbip-connected devices, as most likely already passed through from
 # another VM
-if echo $DEVPATH | grep -q /vhci_hcd; then
+if [ "`echo $DEVPATH | cut -d / -f 2-4`" = "devices/platform/vhci_hcd" ]; then
    exit 0
 fi
--- a/2
+++ b/2
@ -1 +1 @@
-4.1.3
+4.0.9
		`@ -0,0 +1 @@`
							`libqrexec-utils 2 libqrexec-utils2 (>= 3.1.3)`
		`@ -1 +0,0 @@`
			`../../dracut/xen-balloon-scrub-pages/scrub_pages.sh`