Add xen_scrub_pages=0 kernel option only if initramfs was rebuilt

Rebuild initramfs on package upgrade (already done for Debian previously) and store 1 into /var/lib/qubes/initramfs-updated. Then, only add xen_scrub_pages=0 kernel option if /var/lib/qubes/initramfs-updated is there (with "1" or greater number). This way, if initramfs rebuild doesn't happen for any reason, xen_scrub_pages=0 will not be added. Fixes 456fe99 "Disable scrubbing memory pages during initial balloon down" QubesOS/qubes-issues#1963
Really install xen-scrub-pages dracut module
2019-02-25 01:17:07 +01:00 · 2019-02-25 00:31:40 +01:00
35 changed files with 1087 additions and 162 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,5 +1,5 @@
 sudo: required
-dist: bionic
+dist: trusty
 language: python
 python:
  - '2.7'
@ -10,26 +10,26 @@ script:
 - test -z "$TESTS_ONLY" || python -m unittest discover -v imgconverter -p test.py
 - test -n "$TESTS_ONLY" || ~/qubes-builder/scripts/travis-build
 env:
- - DIST_DOM0=fc31 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DIST_DOM0=fc25 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=fc29 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc27 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=fc30 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc28 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=stretch USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=fc29 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=buster USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=jessie USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=centos7 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
+ - DISTS_VM=stretch USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
 - DISTS_VM=buster USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
 - DISTS_VM=centos7 USE_QUBES_REPO_VERSION=4.0 USE_QUBES_REPO_TESTING=1
 jobs:
  include:
   - env: TESTS_ONLY=1
     python: 2.7
   - env: TESTS_ONLY=1
     python: 3.4
   - env: TESTS_ONLY=1
     python: 3.5
   - env: TESTS_ONLY=1
     python: 3.6
   - env: TESTS_ONLY=1
     python: 3.7
   - stage: deploy
-     python: 3.6
+     python: 3.5
-     env: DIST_DOM0=fc31 TESTS_ONLY=
+     env: DIST_DOM0=fc25 TESTS_ONLY=
     script: ~/qubes-builder/scripts/travis-deploy
 # don't build tags which are meant for code signing only
--- a/3
+++ b/3
@ -37,6 +37,9 @@ install-debian-kernel-support:
 	$(MAKE) -C dracut install
 	$(MAKE) -C kernel-modules install
 	$(MAKE) -C grub install-debian
 	# expand module version
 	rm -f debian/qubes-kernel-vm-support.dkms
 	echo debian/tmp/usr/src/u2mfn-*/dkms.conf > debian/qubes-kernel-vm-support.dkms
 clean:
 	$(MAKE) -C qrexec-lib clean
--- a/archlinux/PKGBUILD
+++ b/archlinux/PKGBUILD
@ -13,7 +13,7 @@ arch=("x86_64")
 url="http://qubes-os.org/"
 license=('GPL')
 groups=()
-makedepends=(gcc make pkgconfig 'python-setuptools' 'python2-setuptools')
+makedepends=(gcc make pkgconfig 'qubes-libvchan' 'python-setuptools' 'python2-setuptools')
 checkdepends=()
 optdepends=()
 provides=()
@ -45,7 +45,7 @@ make -C imgconverter all
 }
 package_qubes-vm-utils() {
-depends=(imagemagick python2-cairo python2-pillow python2-numpy python-pillow python-numpy)
+depends=(qubes-libvchan imagemagick python2-cairo python2-pillow python2-numpy python-pillow python-numpy)
 install=PKGBUILD-qubes-vm-utils.install
 # Install all for python2
@ -57,7 +57,7 @@ make -C imgconverter install DESTDIR=$pkgdir LIBDIR=/usr/lib SYSLIBDIR=/usr/lib
 }
 package_qubes-vm-kernel-support() {
-depends=(mkinitcpio grub)
+depends=(qubes-libvchan mkinitcpio dkms grub)
 install=PKGBUILD-qubes-vm-kernel-support.install
 mkdir -p ${pkgdir}/usr/lib/initcpio/install/
@ -68,6 +68,8 @@ mkdir -p ${pkgdir}/usr/bin/
 install -m 611 ${srcdir}/PKGBUILD-initcpio-install.sh ${pkgdir}/usr/lib/initcpio/install/qubes
 install -m 611 ${srcdir}/PKGBUILD-initcpio-hook.sh ${pkgdir}/usr/lib/initcpio/hooks/qubes
 install -m 755 ${srcdir}/dracut/full-dmroot/qubes_cow_setup.sh ${pkgdir}/usr/lib/qubes/qubes_cow_setup.sh
 make install-u2mfn DESTDIR=$pkgdir -C kernel-modules
 }
--- a/archlinux/PKGBUILD-initcpio-install.sh
+++ b/archlinux/PKGBUILD-initcpio-install.sh
@ -3,6 +3,7 @@
 build() {
  add_module "xen-blkfront"
  add_module "u2mfn"
  add_binary "/usr/bin/sfdisk"
  add_binary "/usr/bin/mkswap"
  add_binary "/usr/bin/dmsetup"
--- a/debian/changelog
+++ b/debian/changelog
@ -1,75 +1,3 @@
 qubes-utils (4.1.3) unstable; urgency=medium
  [ xaki23 ]
  * partition full volatile for non-COW setups too
  [ Frédéric Pierret (fepitre) ]
  * travis: switch to bionic
  [ Marek Marczykowski-Górecki ]
  * travis: update python versions
  [ Patrick Schleizer ]
  * qubes-kernel-vm-support.preinst create folder /boot/grub
  * qubes-kernel-vm-support.postinst run update-grub
  [ Marek Marczykowski-Górecki ]
  * debian: fix dependencies of qubes-kernel-vm-support pkg
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 07 Dec 2019 05:50:26 +0100
 qubes-utils (4.1.2) unstable; urgency=medium
  [ xaki23 ]
  * align volatile swap partition to 1Mb instead of 512b
  [ Marek Marczykowski-Górecki ]
  * rpm: update python2 deps
  * Disable BLS config style in grub
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sun, 22 Sep 2019 05:10:19 +0200
 qubes-utils (4.1.1) unstable; urgency=medium
  * initrd: mount / rw for the overlayfs setup time
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 10 Jun 2019 00:48:40 +0200
 qubes-utils (4.1.0) unstable; urgency=medium
  * Remove qrexec related files
  * Remove u2mfn module
  * travis: update to R4.1
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Sat, 08 Jun 2019 03:20:55 +0200
 qubes-utils (4.0.24) unstable; urgency=medium
  [ Marek Marczykowski-Górecki ]
  * Declare u2mfn module version, skip build for qubes kernels
  [ Frédéric Pierret (fepitre) ]
  * python3: use macro pkgversion
  * travis: switch to xenial
  * travis: remove older Fedora releases and add Fedora 30
  [ Marek Marczykowski-Górecki ]
  * initramfs: use overlayfs for /lib/modules, if available
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Thu, 06 Jun 2019 21:30:30 +0200
 qubes-utils (4.0.23) unstable; urgency=medium
  * Disable scrubbing memory pages during initial balloon down
  * dracut: fix checking for "Root filesystem" label, improve udev sync
  * dracut: add a flag file indicating scrub-pages option support
  * Adjust permissions of /dev/xen/hypercall
  * Do not use /proc/xen for detecting dom0 anymore
  * Really install xen-scrub-pages dracut module
  * Add xen_scrub_pages=0 kernel option only if initramfs was rebuilt
 -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>  Mon, 25 Feb 2019 21:46:52 +0100
 qubes-utils (4.0.22) unstable; urgency=medium
  * tests: skip img converter test if qubes-img-converter is not
--- a/debian/control
+++ b/debian/control
@ -3,10 +3,12 @@ Section: admin
 Priority: extra
 Maintainer: Davíð Steinn Geirsson <david@dsg.is>
 Build-Depends:
 libvchan-xen-dev,
 libxen-dev,
 pkg-config,
 debhelper (>= 9.0.0),
 dh-systemd,
 dkms,
 python-setuptools,
 Standards-Version: 3.9.3
 Homepage: http://www.qubes-os.org
@ -15,7 +17,7 @@ Vcs-Git: http://dsg.is/qubes/qubes-linux-utils.git
 Package: qubes-utils
 Architecture: any
-Depends: lsb-base, python-pil, python-numpy, python3-pil, python3-numpy, ${shlibs:Depends}, ${misc:Depends}
+Depends: libvchan-xen, lsb-base, python-pil, python-numpy, python3-pil, python3-numpy, ${shlibs:Depends}, ${misc:Depends}
 Conflicts: qubes-linux-utils
 Breaks: qubes-core-agent (<< 3.1.4)
 Recommends: python2.7
@ -24,16 +26,24 @@ Description: Qubes Linux utilities
 Package: qubes-kernel-vm-support
 Architecture: any
-Depends:
+Recommends: initramfs-tools
- busybox,
+Depends: dkms, ${misc:Depends}
 initramfs-tools | dracut,
 grub2-common,
 ${misc:Depends}
 Description: Qubes VM kernel and initramfs modules
 This package contains:
 1. mkinitramfs module required to setup Qubes VM root filesystem. This package
 is needed in VM only when the VM uses its own kernel (via pvgrub or so).
 Otherwise initrd is provided by dom0.
 .
 2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
 libvchan library.
 Package: libqrexec-utils2
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Breaks: qubes-utils (<< 3.1.4)
 Replaces: qubes-utils (<< 3.1.4)
 Description: Library of common functions of qrexec agent and daemon
 This library contains common helper functions for qrexec agent and daemon.
 Package: libqubes-rpc-filecopy2
 Architecture: any
@ -44,6 +54,15 @@ Description: Qubes file copy protocol library
 This library can be used for both sending files using qfile protocol and for
 receiving them.
 Package: libqrexec-utils-dev
 Architecture: any
 Section: libdevel
 Depends: libqrexec-utils2 (= ${binary:Version}), ${misc:Depends}
 Breaks: qubes-utils (<< 3.1.4)
 Replaces: qubes-utils (<< 3.1.4)
 Description: Development headers for libqrexec-utils
 This package contains files required to compile qrexec-agent and qrexec-daemon.
 Package: libqubes-rpc-filecopy-dev
 Architecture: any
 Section: libdevel
--- a/debian/libqrexec-utils-dev.install
+++ b/debian/libqrexec-utils-dev.install
@ -0,0 +1,3 @@
 usr/include/libqrexec-utils.h
 usr/include/qrexec.h
 usr/lib/libqrexec-utils.so
--- a/debian/libqrexec-utils2.install
+++ b/debian/libqrexec-utils2.install
@ -0,0 +1 @@
 usr/lib/libqrexec-utils.so.2*
--- a/debian/libqrexec-utils2.shlibs
+++ b/debian/libqrexec-utils2.shlibs
@ -0,0 +1 @@
 libqrexec-utils 2 libqrexec-utils2 (>= 4.0.16)
--- a/debian/qubes-kernel-vm-support.dkms
+++ b/debian/qubes-kernel-vm-support.dkms
@ -0,0 +1 @@
 debian/tmp/usr/src/u2mfn-3.1.2/dkms.conf
--- a/debian/qubes-kernel-vm-support.install
+++ b/debian/qubes-kernel-vm-support.install
@ -4,5 +4,5 @@ usr/share/initramfs-tools/hooks/qubes_vm
 usr/lib/dracut/modules.d/90qubes-vm/*
 usr/lib/dracut/modules.d/90qubes-vm-modules/*
 usr/lib/dracut/modules.d/90qubes-vm-simple/*
-usr/lib/dracut/modules.d/80xen-scrub-pages/*
+usr/src/u2mfn-*/*
 etc/default/grub.d/30-qubes-kernel-vm-support.cfg
--- a/debian/qubes-kernel-vm-support.postinst
+++ b/debian/qubes-kernel-vm-support.postinst
@ -46,19 +46,6 @@ esac
 #DEBHELPER#
 ## https://phabricator.whonix.org/T377
 ## Debian has no update-grub trigger yet:
 ## https://bugs.debian.org/481542
 if command -v update-grub >/dev/null 2>&1; then
   update-grub || \
      echo "$DPKG_MAINTSCRIPT_PACKAGE $DPKG_MAINTSCRIPT_NAME ERROR: Running \
 'update-grub' failed with exit code $?. $DPKG_MAINTSCRIPT_PACKAGE is most \
 likely only the trigger, not the cause. Unless you know this is not an issue, \
 you should fix running 'update-grub', otherwise your system might no longer \
 boot." >&2
 fi
 exit 0
 # vim: set ts=4 sw=4 sts=4 et :
--- a/debian/qubes-kernel-vm-support.preinst
+++ b/debian/qubes-kernel-vm-support.preinst
@ -1,9 +0,0 @@
 #!/bin/bash
 set -e
 mkdir --parents /boot/grub || true
 #DEBHELPER#
 exit 0
--- a/debian/rules
+++ b/debian/rules
@ -7,7 +7,7 @@ export DESTDIR=$(shell pwd)/debian/tmp
 #export DH_VERBOSE=1
 %:
-	dh $@ --with=systemd
+	dh $@ --with=systemd,dkms
 override_dh_auto_build:
 	make all LIBDIR=/usr/lib DEBIANBUILD=1
--- a/dracut/full-dmroot/qubes_cow_setup.sh
+++ b/dracut/full-dmroot/qubes_cow_setup.sh
@ -79,8 +79,8 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
        die "volatile.img smaller than 1GB, cannot continue"
    fi
    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
-xvdc2: type=83
+,,L
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
@ -97,8 +97,7 @@ else
    log_begin "Qubes: Doing R/W setup for TemplateVM..."
    while ! [ -e /dev/xvdc ]; do sleep 0.1; done
    sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
 xvdc3: type=83
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
--- a/dracut/simple/init.sh
+++ b/dracut/simple/init.sh
@ -53,8 +53,8 @@ if [ `cat /sys/class/block/$ROOT_DEV/ro` = 1 ] ; then
        die "volatile.img smaller than 1GB, cannot continue"
    fi
    /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
-xvdc2: type=83
+,,L
 EOF
    if [ $? -ne 0 ]; then
        echo "Qubes: failed to setup partitions on volatile device"
@ -72,8 +72,7 @@ else
    echo "Qubes: Doing R/W setup for TemplateVM..."
    while ! [ -e /dev/xvdc ]; do sleep 0.1; done
    /sbin/sfdisk -q --unit S /dev/xvdc >/dev/null <<EOF
-xvdc1: type=82,start=2048,size=$SWAP_SIZE
+1,$SWAP_SIZE,S
 xvdc3: type=83
 EOF
    if [ $? -ne 0 ]; then
        die "Qubes: failed to setup partitions on volatile device"
@ -87,7 +86,7 @@ fi
 /sbin/modprobe ext4
 mkdir -p /sysroot
-mount /dev/mapper/dmroot /sysroot -o rw
+mount /dev/mapper/dmroot /sysroot -o ro
 NEWROOT=/sysroot
 kver="`uname -r`"
@ -95,27 +94,19 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
    echo "Waiting for /dev/xvdd device..."
    while ! [ -e /dev/xvdd ]; do sleep 0.1; done
    # Mount only `uname -r` subdirectory, to leave the rest of /lib/modules writable
    mkdir -p /tmp/modules
    mount -n -t ext3 /dev/xvdd /tmp/modules
-    if /sbin/modprobe overlay; then
+    if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
-        # if overlayfs is supported, use that to provide fully writable /lib/modules
+        mount "$NEWROOT" -o remount,rw
-        if ! [ -d "$NEWROOT/lib/.modules_work" ]; then
+        mkdir -p "$NEWROOT/lib/modules/$kver"
-            mkdir -p "$NEWROOT/lib/.modules_work"
+        mount "$NEWROOT" -o remount,ro
        fi
        mount -t overlay none $NEWROOT/lib/modules -o lowerdir=/tmp/modules,upperdir=$NEWROOT/lib/modules,workdir=$NEWROOT/lib/.modules_work
    else
        # otherwise mount only `uname -r` subdirectory, to leave the rest of
        # /lib/modules writable
        if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
            mkdir -p "$NEWROOT/lib/modules/$kver"
        fi
        mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
    fi
    mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
    umount /tmp/modules
    rmdir /tmp/modules
 fi
 umount /dev /sys /proc
 mount "$NEWROOT" -o remount,ro
 exec /sbin/switch_root $NEWROOT /sbin/init
--- a/dracut/simple/module-setup.sh
+++ b/dracut/simple/module-setup.sh
@ -9,10 +9,6 @@ depends() {
    return 0
 }
 installkernel() {
    hostonly='' instmods overlay
 }
 install() {
    inst $moddir/init.sh /init
    inst_multiple \
--- a/grub/grub.qubes-kernel-vm-support
+++ b/grub/grub.qubes-kernel-vm-support
@ -5,4 +5,4 @@ if [ -r /usr/share/qubes/marker-vm ] &&
        [ "$(cat /var/lib/qubes/initramfs-updated 2>/dev/null || echo 0)" -ge 1 ]; then
    GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX xen_scrub_pages=0"
 fi
-GRUB_ENABLE_BLSCFG=false
+
--- a/kernel-modules/Makefile
+++ b/kernel-modules/Makefile
@ -1,5 +1,13 @@
-install:	install-scripts
+ver		:= $(shell cat ../version)
 srcdir	:= /usr/src/u2mfn-$(ver)
 install:	install-u2mfn install-scripts
 install-scripts:
 	install -d $(DESTDIR)/usr/sbin
 	install qubes-prepare-vm-kernel $(DESTDIR)/usr/sbin
 install-u2mfn:
 	install -d $(DESTDIR)$(srcdir)
 	install -m 644 u2mfn/u2mfn.c u2mfn/Makefile $(DESTDIR)$(srcdir)
 	sed -e 's#@@VERSION@@#$(ver)#' u2mfn/dkms.conf.in > $(DESTDIR)$(srcdir)/dkms.conf
--- a/kernel-modules/qubes-prepare-vm-kernel
+++ b/kernel-modules/qubes-prepare-vm-kernel
@ -25,6 +25,14 @@ set -e
 basedir=/var/lib/qubes/vm-kernels
 function recompile_u2mfn() {
    kver=$1
    u2mfn_ver=`dkms status u2mfn|tail -n 1|cut -f 2 -d ' '|tr -d ':,'`
    if ! modinfo -k "$kver" -n u2mfn >/dev/null; then
        dkms install u2mfn/$u2mfn_ver -k $kver --no-initrd
    fi
 }
 function build_modules_img() {
    kver=$1
    initramfs=$2
@ -73,6 +81,8 @@ fi
 echo "--> Building files for $kernel_version in $output_dir"
 echo "---> Recompiling kernel module (u2mfn)"
 recompile_u2mfn "$kernel_version"
 mkdir -p "$output_dir"
 cp "/boot/vmlinuz-$kernel_version" "$output_dir/vmlinuz"
 echo "---> Generating initramfs"
--- a/kernel-modules/u2mfn/Makefile
+++ b/kernel-modules/u2mfn/Makefile
@ -0,0 +1,28 @@
 #
 # The Qubes OS Project, http://www.qubes-os.org
 #
 # Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; either version 2
 # of the License, or (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #
 #
 obj-m                       += u2mfn.o
 clean:
 	rm -f *.o *.ko *~
 	rm -f .u2mfn.* *.mod.c Module.symvers modules.order
 	rm -fr .tmp_versions
 	rm -f Makefile.xen
--- a/kernel-modules/u2mfn/dkms.conf.in
+++ b/kernel-modules/u2mfn/dkms.conf.in
@ -0,0 +1,8 @@
 PACKAGE_VERSION="@@VERSION@@"
 # Items below here should not have to change with each driver version
 PACKAGE_NAME="u2mfn"
 BUILT_MODULE_NAME[0]="u2mfn"
 DEST_MODULE_LOCATION[0]="/extra/"
 AUTOINSTALL=yes
--- a/kernel-modules/u2mfn/u2mfn.c
+++ b/kernel-modules/u2mfn/u2mfn.c
@ -0,0 +1,172 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <linux/module.h>
 #include <linux/version.h>
 #include <linux/proc_fs.h>
 #include <linux/fs.h>
 #include <linux/mm.h>
 #include <linux/sched.h>
 #ifndef FOREIGN_FRAME_BIT
 #include <xen/page.h>
 #endif
 #include <linux/highmem.h>
 /* copy of /usr/include/u2mfn-kernel.h, to reduce requirements */
 #include <linux/ioctl.h>
 #define U2MFN_MAGIC 0xf5
 #define U2MFN_GET_MFN_FOR_PAGE _IOW(U2MFN_MAGIC, 1, int)
 #define U2MFN_GET_LAST_MFN _IO(U2MFN_MAGIC, 2)
 #if LINUX_VERSION_CODE < KERNEL_VERSION(3,0,0)
 static inline unsigned long virt_to_phys(volatile void *address)
 {
 	return __pa((unsigned long) address);
 }
 #endif
 #ifdef virt_to_mfn
 #define VIRT_TO_MFN virt_to_mfn
 #else
 extern unsigned long *phys_to_machine_mapping;
 static inline unsigned long VIRT_TO_MFN(void *addr)
 {
 	return phys_to_machine_mapping[virt_to_phys(addr) >> PAGE_SHIFT] & ~FOREIGN_FRAME_BIT;
 }
 #endif
 static int u2mfn_get_mfn(pte_t *pte, pgtable_t token, unsigned long addr, void *data) {
    *((unsigned long *) data) = pfn_to_mfn(pte_pfn(*pte));
    return 0;
 }
 /// User virtual address to mfn translator
 /**
    \param cmd ignored
    \param data the user-specified address
    \return mfn corresponding to "data" argument, or -1 on error
 */
 static long u2mfn_ioctl(struct file *f, unsigned int cmd,
 		       unsigned long data)
 {
 	long ret;
 	unsigned long mfn;
 	if (_IOC_TYPE(cmd) != U2MFN_MAGIC) {
 		printk("Qubes u2mfn: wrong IOCTL magic");
 		return -ENOTTY;
 	}
 	switch (cmd) {
 	case U2MFN_GET_MFN_FOR_PAGE:
 		ret = apply_to_page_range(current->mm, data, PAGE_SIZE, u2mfn_get_mfn, &mfn);
 		if (ret < 0 || mfn == INVALID_P2M_ENTRY) {
 			printk("U2MFN_GET_MFN_FOR_PAGE: failed to get mfn, "
 			       "addr=0x%lx ret=0x%lx\n", data, ret);
 			return -1;
 		}
 		ret = mfn;
 		break;
 	case U2MFN_GET_LAST_MFN:
 		if (f->private_data)
 			ret = VIRT_TO_MFN(f->private_data);
 		else
 			ret = 0;
 		break;
 	default:
 		printk("Qubes u2mfn: wrong ioctl passed!\n");
 		return -ENOTTY;
 	}
 	return ret;
 }
 static int u2mfn_mmap(struct file *f, struct vm_area_struct *vma)
 {
 	int ret;
 	char *kbuf;
 	long length = vma->vm_end - vma->vm_start;
 	printk("u2mfn_mmap: entering, private=%p\n", f->private_data);
 	if (f->private_data)
 		return -EBUSY;
 	if (length != PAGE_SIZE)
 		return -EINVAL;
 	kbuf = (char *) __get_free_page(GFP_KERNEL);
 	if (!kbuf)
 		return -ENOMEM;
 	f->private_data = kbuf;
 	ret = remap_pfn_range(vma, vma->vm_start,
 			      virt_to_phys(kbuf) >> PAGE_SHIFT,
 			      length, vma->vm_page_prot);
 	printk("u2mfn_mmap: calling remap return %d\n", ret);
 	if (ret)
 		return ret;
 	return 0;
 }
 static int u2mfn_release(struct inode *i, struct file *f)
 {
 	printk("u2mfn_release, priv=%p\n", f->private_data);
 	if (f->private_data)
 		__free_page(f->private_data);
 	f->private_data = NULL;
 	return 0;
 }
 static struct file_operations u2mfn_fops = {
 	.unlocked_ioctl = u2mfn_ioctl,
 	.mmap = u2mfn_mmap,
 	.release = u2mfn_release
 };
 /// u2mfn module registration
 /**
    tries to register "/proc/u2mfn" pseudofile
 */
 static int u2mfn_init(void)
 {
 	struct proc_dir_entry *u2mfn_node =
 	    proc_create_data("u2mfn", 0666, NULL,
 			     &u2mfn_fops, 0);
 	if (!u2mfn_node)
 		return -1;
 	return 0;
 }
 static void u2mfn_exit(void)
 {
 	remove_proc_entry("u2mfn", 0);
 }
 module_init(u2mfn_init);
 module_exit(u2mfn_exit);
 MODULE_LICENSE("GPL");
--- a/qrexec-lib/Makefile
+++ b/qrexec-lib/Makefile
@ -1,9 +1,19 @@
 CC=gcc
-CFLAGS+=-I. -g -O2 -Wall -Wextra -Werror -pie -fPIC
+CFLAGS+=-I. -g -O2 -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
 COMMONIOALL=ioall.o
 SO_VER=2
 LDFLAGS+=-shared
 VCHANLIBS = `pkg-config --libs vchan-$(BACKEND_VMM)`
-all: libqubes-rpc-filecopy.so.$(SO_VER)
+_XENSTORE_H=$(shell ls /usr/include/xenstore.h)
 ifneq "$(_XENSTORE_H)" ""
 	CFLAGS+= -DUSE_XENSTORE_H
 endif
 all: libqrexec-utils.so.$(SO_VER) libqubes-rpc-filecopy.so.$(SO_VER)
 libqrexec-utils.so.$(SO_VER): unix-server.o ioall.o buffer.o exec.o txrx-vchan.o write-stdin.o
 	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^ $(VCHANLIBS)
 libqubes-rpc-filecopy.so.$(SO_VER): ioall.o copy-file.o crc32.o unpack.o pack.o
 	$(CC) $(LDFLAGS) -Wl,-soname,$@ -o $@ $^
@ -14,7 +24,12 @@ clean:
 install:
 	mkdir -p $(DESTDIR)$(LIBDIR)
 	cp libqrexec-utils.so.$(SO_VER) $(DESTDIR)$(LIBDIR)
 	ln -s libqrexec-utils.so.$(SO_VER) $(DESTDIR)$(LIBDIR)/libqrexec-utils.so
 	cp libqubes-rpc-filecopy.so.$(SO_VER) $(DESTDIR)$(LIBDIR)
 	ln -s libqubes-rpc-filecopy.so.$(SO_VER) $(DESTDIR)$(LIBDIR)/libqubes-rpc-filecopy.so
 	mkdir -p $(DESTDIR)$(INCLUDEDIR)
 	cp libqrexec-utils.h $(DESTDIR)$(INCLUDEDIR)
 	cp libqubes-rpc-filecopy.h $(DESTDIR)$(INCLUDEDIR)
 	cp qrexec.h $(DESTDIR)$(INCLUDEDIR)
--- a/qrexec-lib/buffer.c
+++ b/qrexec-lib/buffer.c
@ -0,0 +1,115 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "libqrexec-utils.h"
 #define BUFFER_LIMIT 50000000
 static int total_mem;
 static char *limited_malloc(int len)
 {
    char *ret;
    total_mem += len;
    if (total_mem > BUFFER_LIMIT) {
        fprintf(stderr, "attempt to allocate >BUFFER_LIMIT\n");
        exit(1);
    }
    ret = malloc(len);
    if (!ret) {
        perror("malloc");
        exit(1);
    }
    return ret;
 }
 static void limited_free(char *ptr, int len)
 {
    free(ptr);
    total_mem -= len;
 }
 void buffer_init(struct buffer *b)
 {
    b->buflen = 0;
    b->data = NULL;
 }
 void buffer_free(struct buffer *b)
 {
    if (b->buflen)
        limited_free(b->data, b->buflen);
    buffer_init(b);
 }
 /*
   The following two functions can be made much more efficient.
   Yet the profiling output show they are not significant CPU hogs, so
   we keep them so simple to make them obviously correct.
   */
 void buffer_append(struct buffer *b, const char *data, int len)
 {
    int newsize;
    char *qdata;
    if (len < 0 || len > BUFFER_LIMIT) {
        fprintf(stderr, "buffer_append %d\n", len);
        exit(1);
    }
    if (len == 0)
        return;
    newsize = len + b->buflen;
    qdata = limited_malloc(len + b->buflen);
    memcpy(qdata, b->data, b->buflen);
    memcpy(qdata + b->buflen, data, len);
    buffer_free(b);
    b->buflen = newsize;
    b->data = qdata;
 }
 void buffer_remove(struct buffer *b, int len)
 {
    int newsize;
    char *qdata = NULL;
    if (len < 0 || len > b->buflen) {
        fprintf(stderr, "buffer_remove %d/%d\n", len, b->buflen);
        exit(1);
    }
    newsize = b->buflen - len;
    if (newsize > 0) {
        qdata = limited_malloc(newsize);
        memcpy(qdata, b->data + len, newsize);
    }
    buffer_free(b);
    b->buflen = newsize;
    b->data = qdata;
 }
 int buffer_len(struct buffer *b)
 {
    return b->buflen;
 }
 void *buffer_data(struct buffer *b)
 {
    return b->data;
 }
--- a/qrexec-lib/exec.c
+++ b/qrexec-lib/exec.c
@ -0,0 +1,108 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/socket.h>
 #include <sys/types.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <stdio.h>
 #include <string.h>
 #include "qrexec.h"
 #include "libqrexec-utils.h"
 static do_exec_t *exec_func = NULL;
 void register_exec_func(do_exec_t *func) {
    exec_func = func;
 }
 void exec_qubes_rpc_if_requested(char *prog, char *const envp[]) {
    /* avoid calling qubes-rpc-multiplexer through shell */
    if (strncmp(prog, RPC_REQUEST_COMMAND, RPC_REQUEST_COMMAND_LEN) == 0) {
        char *tok;
        char *argv[16]; // right now 6 are used, but allow future extensions
        size_t i = 0;
        tok=strtok(prog, " ");
        do {
            if (i >= sizeof(argv)/sizeof(argv[0])-1) {
                fprintf(stderr, "To many arguments to %s\n", RPC_REQUEST_COMMAND);
                exit(1);
            }
            argv[i++] = tok;
        } while ((tok=strtok(NULL, " ")));
        argv[i] = NULL;
        argv[0] = QUBES_RPC_MULTIPLEXER_PATH;
        execve(QUBES_RPC_MULTIPLEXER_PATH, argv, envp);
        perror("exec qubes-rpc-multiplexer");
        exit(1);
    }
 }
 void fix_fds(int fdin, int fdout, int fderr)
 {
    int i;
    for (i = 0; i < 256; i++)
        if (i != fdin && i != fdout && i != fderr)
            close(i);
    dup2(fdin, 0);
    dup2(fdout, 1);
    dup2(fderr, 2);
    close(fdin);
    close(fdout);
    if (fderr != 2)
        close(fderr);
 }
 void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
        int *stderr_fd)
 {
    int inpipe[2], outpipe[2], errpipe[2];
    if (socketpair(AF_UNIX, SOCK_STREAM, 0, inpipe) || 
            socketpair(AF_UNIX, SOCK_STREAM, 0, outpipe) || 
            (stderr_fd && socketpair(AF_UNIX, SOCK_STREAM, 0, errpipe))) {
        perror("socketpair");
        exit(1);
    }
    switch (*pid = fork()) {
        case -1:
            perror("fork");
            exit(-1);
        case 0:
            if (stderr_fd) {
                fix_fds(inpipe[0], outpipe[1], errpipe[1]);
            } else
                fix_fds(inpipe[0], outpipe[1], 2);
            if (exec_func != NULL)
                exec_func((char*)cmdline);
            exit(-1);
        default:;
    }
    close(inpipe[0]);
    close(outpipe[1]);
    *stdin_fd = inpipe[1];
    *stdout_fd = outpipe[0];
    if (stderr_fd) {
        close(errpipe[1]);
        *stderr_fd = errpipe[0];
    }
 }
--- a/qrexec-lib/libqrexec-utils.h
+++ b/qrexec-lib/libqrexec-utils.h
@ -0,0 +1,70 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 * Copyright (C) 2013  Marek Marczykowski  <marmarek@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/select.h>
 #include <libvchan.h>
 struct buffer {
    char *data;
    int buflen;
 };
 /* return codes for buffered writes */
 #define WRITE_STDIN_OK        0 /* all written */
 #define WRITE_STDIN_BUFFERED  1 /* something still in the buffer */
 #define WRITE_STDIN_ERROR     2 /* write error, errno set */
 typedef void (do_exec_t)(char *);
 void register_exec_func(do_exec_t *func);
 /*
 * exec() qubes-rpc-multiplexer if *prog* starts with magic "QUBESRPC" keyword,
 * do not return in that case; pass *envp* to execve() as en environment
 * otherwise, return false without any action
 */
 void exec_qubes_rpc_if_requested(char *prog, char *const envp[]);
 void buffer_init(struct buffer *b);
 void buffer_free(struct buffer *b);
 void buffer_append(struct buffer *b, const char *data, int len);
 void buffer_remove(struct buffer *b, int len);
 int buffer_len(struct buffer *b);
 void *buffer_data(struct buffer *b);
 int flush_client_data(int fd, struct buffer *buffer);
 int write_stdin(int fd, const char *data, int len, struct buffer *buffer);
 int fork_and_flush_stdin(int fd, struct buffer *buffer);
 void do_fork_exec(const char *cmdline, int *pid, int *stdin_fd, int *stdout_fd,
        int *stderr_fd);
 void wait_for_vchan_or_argfd(libvchan_t *vchan, int max, fd_set * rdset, fd_set * wrset);
 int read_vchan_all(libvchan_t *vchan, void *data, size_t size);
 int write_vchan_all(libvchan_t *vchan, const void *data, size_t size);
 int read_all(int fd, void *buf, int size);
 int write_all(int fd, const void *buf, int size);
 void fix_fds(int fdin, int fdout, int fderr);
 void set_nonblock(int fd);
 void set_block(int fd);
 int get_server_socket(const char *);
 int do_accept(int s);
 void set_nonblock(int fd);
--- a/qrexec-lib/qrexec.h
+++ b/qrexec-lib/qrexec.h
@ -0,0 +1,121 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 /* See also http://wiki.qubes-os.org/trac/wiki/Qrexec */
 #include <stdint.h>
 #define QREXEC_PROTOCOL_VERSION 2
 #define MAX_FDS 256
 #define MAX_DATA_CHUNK 4096
 #define RPC_REQUEST_COMMAND "QUBESRPC"
 #define RPC_REQUEST_COMMAND_LEN (sizeof(RPC_REQUEST_COMMAND)-1)
 #define NOGUI_CMD_PREFIX "nogui:"
 #define NOGUI_CMD_PREFIX_LEN (sizeof(NOGUI_CMD_PREFIX)-1)
 #define VCHAN_BASE_PORT 512
 /* Messages sent over control vchan between daemon(dom0) and agent(vm).
 * The same are used between client(dom0) and daemon(dom0).
 */
 enum {
    /* daemon->agent messages */
    /* start process in VM and pass its stdin/out/err to dom0
     * struct exec_params passed as data */
    MSG_EXEC_CMDLINE = 0x200,
    /* start process in VM discarding its stdin/out/err (connect to /dev/null)
    * struct exec_params passed as data */
    MSG_JUST_EXEC,
    /* connect to existing process in VM to receive its stdin/out/err
     * struct service_params passed as cmdline field in exec_params */
    MSG_SERVICE_CONNECT,
    /* refuse to start a service (denied by policy, invalid parameters etc)
     * struct service_params passed as data to identify which service call was
     * refused */
    MSG_SERVICE_REFUSED,
    /* agent->daemon messages */
    /* call Qubes RPC service
     * struct trigger_service_params passed as data */
    MSG_TRIGGER_SERVICE = 0x210,
    /* connection was terminated, struct exec_params passed as data (with empty
     * cmdline field) informs about released vchan port */
    MSG_CONNECTION_TERMINATED,
    /* common messages */
    /* initialize connection, struct peer_info passed as data
     * should be sent as the first message (server first, then client) */
    MSG_HELLO = 0x300,
 };
 /* uniform for all peers, data type depends on message type */
 struct msg_header {
    uint32_t type;           /* message type */
    uint32_t len;            /* data length */
 };
 /* variable size */
 struct exec_params {
    uint32_t connect_domain; /* target domain name */
    uint32_t connect_port;   /* target vchan port for i/o exchange */
    char cmdline[0];         /* command line to execute, null terminated, size = msg_header.len - sizeof(struct exec_params) */
 };
 struct service_params {
    char ident[32];          /* null terminated ASCII string */
 };
 struct trigger_service_params {
    char service_name[64];            /* null terminated ASCII string */
    char target_domain[32];           /* null terminated ASCII string */
    struct service_params request_id; /* service request id */
 };
 struct peer_info {
    uint32_t version; /* qrexec protocol version */
 };
 /* data vchan client<->agent, separate for each VM process */
 enum {
    /* stdin dom0->VM */
    MSG_DATA_STDIN = 0x190,
    /* stdout VM->dom0 */
    MSG_DATA_STDOUT,
    /* stderr VM->dom0 */
    MSG_DATA_STDERR,
    /* VM process exit code VM->dom0 (uint32_t) */
    MSG_DATA_EXIT_CODE,
 };
 // linux-specific stuff below
 #define QREXEC_AGENT_TRIGGER_PATH "/var/run/qubes/qrexec-agent"
 #define QREXEC_AGENT_FDPASS_PATH "/var/run/qubes/qrexec-agent-fdpass"
 #define MEMINFO_WRITER_PIDFILE "/var/run/meminfo-writer.pid"
 #define QUBES_RPC_MULTIPLEXER_PATH "/usr/lib/qubes/qubes-rpc-multiplexer"
 #define QREXEC_DAEMON_SOCKET_DIR "/var/run/qubes"
--- a/qrexec-lib/txrx-vchan.c
+++ b/qrexec-lib/txrx-vchan.c
@ -0,0 +1,105 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <unistd.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <signal.h>
 #include <errno.h>
 #include <sys/select.h>
 #include <libvchan.h>
 int wait_for_vchan_or_argfd_once(libvchan_t *ctrl, int max, fd_set * rdset, fd_set * wrset)
 {
    int vfd, ret;
    struct timespec tv = { 1, 100000000 };
    sigset_t empty_set;
    sigemptyset(&empty_set);
    vfd = libvchan_fd_for_select(ctrl);
    FD_SET(vfd, rdset);
    if (vfd > max)
        max = vfd;
    max++;
    ret = pselect(max, rdset, wrset, NULL, &tv, &empty_set);
    if (ret < 0) {
        if (errno != EINTR) {
            perror("select");
            exit(1);
        } else {
            FD_ZERO(rdset);
            FD_ZERO(wrset);
            fprintf(stderr, "eintr\n");
            return 1;
        }
    }
    if (!libvchan_is_open(ctrl)) {
        fprintf(stderr, "libvchan_is_eof\n");
        exit(0);
    }
    if (FD_ISSET(vfd, rdset))
        // the following will never block; we need to do this to
        // clear libvchan_fd pending state 
        libvchan_wait(ctrl);
    if (libvchan_data_ready(ctrl))
        return 1;
    return ret;
 }
 void wait_for_vchan_or_argfd(libvchan_t *ctrl, int max, fd_set * rdset, fd_set * wrset)
 {
    fd_set r = *rdset, w = *wrset;
    do {
        *rdset = r;
        *wrset = w;
    }
    while (wait_for_vchan_or_argfd_once(ctrl, max, rdset, wrset) == 0);
 }
 int write_vchan_all(libvchan_t *vchan, const void *data, size_t size) {
    size_t pos;
    int ret;
    pos = 0;
    while (pos < size) {
        ret = libvchan_write(vchan, data+pos, size-pos);
        if (ret < 0)
            return 0;
        pos += ret;
    }
    return 1;
 }
 int read_vchan_all(libvchan_t *vchan, void *data, size_t size) {
    size_t pos;
    int ret;
    pos = 0;
    while (pos < size) {
        ret = libvchan_read(vchan, data+pos, size-pos);
        if (ret < 0)
            return 0;
        pos += ret;
    }
    return 1;
 }
--- a/qrexec-lib/unix-server.c
+++ b/qrexec-lib/unix-server.c
@ -0,0 +1,74 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <sys/socket.h>
 #include <sys/un.h>
 #include <stdio.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <stdlib.h>
 #include <string.h>
 //#include "qrexec.h"
 int get_server_socket(const char *socket_address)
 {
    struct sockaddr_un sockname;
    int s;
    unlink(socket_address);
    s = socket(AF_UNIX, SOCK_STREAM, 0);
    if (s < 0) {
        printf("socket() failed\n");
        exit(1);
    }
    memset(&sockname, 0, sizeof(sockname));
    sockname.sun_family = AF_UNIX;
    strncpy(sockname.sun_path, socket_address, sizeof sockname.sun_path);
    sockname.sun_path[sizeof sockname.sun_path - 1] = 0;
    if (bind(s, (struct sockaddr *) &sockname, sizeof(sockname)) == -1) {
        printf("bind() failed\n");
        close(s);
        exit(1);
    }
    //      chmod(sockname.sun_path, 0666);
    if (listen(s, 5) == -1) {
        perror("listen() failed\n");
        close(s);
        exit(1);
    }
    return s;
 }
 int do_accept(int s)
 {
    struct sockaddr_un peer;
    unsigned int addrlen;
    int fd;
    addrlen = sizeof(peer);
    fd = accept(s, (struct sockaddr *) &peer, &addrlen);
    if (fd == -1) {
        perror("unix accept");
        exit(1);
    }
    return fd;
 }
--- a/qrexec-lib/unpack.c
+++ b/qrexec-lib/unpack.c
@ -33,6 +33,10 @@ void send_status_and_crc(int code, const char *last_filename);
 #define O_TMPFILE_MASK (__O_TMPFILE | O_DIRECTORY | O_CREAT)
 #endif
 #if __GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 14)
 #define HAVE_SYNCFS
 #endif
 void do_exit(int code, const char *last_filename)
 {
    close(0);
@ -209,8 +213,10 @@ void process_one_file(struct file_header *untrusted_hdr)
 int do_unpack(void)
 {
    struct file_header untrusted_hdr;
 #ifdef HAVE_SYNCFS
    int cwd_fd;
    int saved_errno;
 #endif
    total_bytes = total_files = 0;
    /* initialize checksum */
@ -227,10 +233,14 @@ int do_unpack(void)
        process_one_file(&untrusted_hdr);
    }
 #ifdef HAVE_SYNCFS
    saved_errno = errno;
    cwd_fd = open(".", O_RDONLY);
    if (cwd_fd >= 0 && syncfs(cwd_fd) == 0 && close(cwd_fd) == 0)
        errno = saved_errno;
 #else
    sync();
 #endif
    send_status_and_crc(errno, untrusted_namebuf);
    return errno;
--- a/qrexec-lib/write-stdin.c
+++ b/qrexec-lib/write-stdin.c
@ -0,0 +1,119 @@
 /*
 * The Qubes OS Project, http://www.qubes-os.org
 *
 * Copyright (C) 2010  Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 *
 */
 #include <stdio.h>
 #include <unistd.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
 #include <libvchan.h>
 #include "qrexec.h"
 #include "libqrexec-utils.h"
 /* 
 There is buffered data in "buffer" for client and select()
 reports that "fd" is writable. Write as much as possible to fd.
 */
 int flush_client_data(int fd, struct buffer *buffer)
 {
    int ret;
    int len;
    for (;;) {
        len = buffer_len(buffer);
        if (!len) {
            return WRITE_STDIN_OK;
        }
        if (len > MAX_DATA_CHUNK)
            len = MAX_DATA_CHUNK;
        ret = write(fd, buffer_data(buffer), len);
        if (ret == -1) {
            if (errno != EAGAIN) {
                return WRITE_STDIN_ERROR;
            } else
                return WRITE_STDIN_BUFFERED;
        }
        // we previously called buffer_remove(buffer, len)
        // it will be wrong if we change MAX_DATA_CHUNK to something large
        // as pipes writes are atomic only to PIPE_MAX limit 
        buffer_remove(buffer, ret);
    }
 }
 /*
 * Write "len" bytes from "data" to "fd". If not all written, buffer the rest
 * to "buffer".
 */
 int write_stdin(int fd, const char *data, int len, struct buffer *buffer)
 {
    int ret;
    int written = 0;
    if (buffer_len(buffer)) {
        buffer_append(buffer, data, len);
        return WRITE_STDIN_BUFFERED;
    }
    while (written < len) {
        ret = write(fd, data + written, len - written);
        if (ret == 0) {
            perror("write_stdin: write returns 0 ???");
            exit(1);
        }
        if (ret == -1) {
            if (errno != EAGAIN)
                return WRITE_STDIN_ERROR;
            buffer_append(buffer, data + written,
                    len - written);
            return WRITE_STDIN_BUFFERED;
        }
        written += ret;
    }
    return WRITE_STDIN_OK;
 }
 /* 
 * Data feed process has exited, so we need to clear all control structures for 
 * the client. However, if we have buffered data for the client (which is rare btw),
 * fire&forget a separate process to flush them.
 */
 int fork_and_flush_stdin(int fd, struct buffer *buffer)
 {
    int i;
    if (!buffer_len(buffer))
        return 0;
    switch (fork()) {
        case -1:
            perror("fork");
            exit(1);
        case 0:
            break;
        default:
            return 1;
    }
    for (i = 0; i < MAX_FDS; i++)
        if (i != fd && i != 2)
            close(i);
    set_block(fd);
    write_all(fd, buffer_data(buffer), buffer_len(buffer));
    _exit(0);
 }
--- a/rpm_spec/qubes-kernel-vm-support.spec.in
+++ b/rpm_spec/qubes-kernel-vm-support.spec.in
@ -22,7 +22,7 @@
 Name:		qubes-kernel-vm-support
 Version:	@VERSION@
 Release:	1%{?dist}
-Summary:	Qubes VM initramfs modules
+Summary:	Qubes VM kernel and initramfs modules
 Source0:    qubes-utils-%{version}.tar.gz
 Group:		Qubes
@ -31,6 +31,7 @@ License:	GPL v2 only
 URL:		http://www.qubes-os.org
 Requires:	dracut
 Requires:	dkms
 %description
 This package contains:
@ -38,6 +39,9 @@ This package contains:
 needed in VM only when the VM uses its own kernel (via pvgrub or so). Otherwise
 initrd is provided by dom0.
 2. u2mfn kernel module sources (dkms) required by GUI agent and R2 version of
 libvchan library.
 %prep
 %setup -q -n qubes-utils-%{version}
@ -49,6 +53,7 @@ make install-fedora-kernel-support DESTDIR=%{buildroot}
 /usr/lib/dracut/modules.d/90qubes-vm-modules
 /usr/lib/dracut/modules.d/90qubes-vm-simple
 /usr/lib/dracut/modules.d/80xen-scrub-pages
 /usr/src/u2mfn-%{version}/
 /usr/sbin/qubes-prepare-vm-kernel
 %config(noreplace) /etc/default/grub.qubes-kernel-vm-support
@ -59,7 +64,12 @@ if ! grep -q '/etc/default/grub.qubes-kernel-vm-support$' /etc/default/grub 2>/d
    echo '. /etc/default/grub.qubes-kernel-vm-support' >> /etc/default/grub
 fi
 %post
 dkms add -m u2mfn -v %{version} --rpm_safe_upgrade
 %preun
 dkms remove -m u2mfn -v %{version} --all --rpm_safe_upgrade
 if [ $1 -eq 0 ]; then
    if grep -q '/etc/default/grub.qubes-kernel-vm-support$' /etc/default/grub 2>/dev/null; then
        sed -i -e '/grub.qubes-kernel-vm-support$/d' /etc/default/grub
--- a/rpm_spec/qubes-utils.spec.in
+++ b/rpm_spec/qubes-utils.spec.in
@ -11,11 +11,20 @@ URL:		http://www.qubes-os.org
 Requires:	udev
 Requires:	%{name}-libs
 Requires:	ImageMagick
-Requires:	python%{python3_pkgversion}-qubesimgconverter
+%if 0%{?rhel} >= 7
 Requires:	python34-qubesimgconverter
 %else
 Requires:	python3-qubesimgconverter
 %endif
 %{?systemd_requires}
 BuildRequires:  systemd
-BuildRequires:  python2-setuptools
+BuildRequires:  qubes-libvchan-devel
-BuildRequires:  python%{python3_pkgversion}-setuptools
+BuildRequires:  python-setuptools
 %if 0%{?rhel} >= 7
 BuildRequires:  python34-setuptools
 %else
 BuildRequires:  python3-setuptools
 %endif
 BuildRequires:  python2-rpm-macros
 BuildRequires:  python3-rpm-macros
 # for meminfo-writer
@ -27,7 +36,7 @@ Common Linux files for Qubes Dom0 and VM
 %package -n python2-qubesimgconverter
 Summary:    Python package qubesimgconverter
-Requires:   python2
+Requires:   python
 Requires:   pycairo
 %if 0%{?rhel} >= 7
 Requires:   python-pillow
@ -40,15 +49,27 @@ Requires:   python2-numpy
 %description -n python2-qubesimgconverter
 Python package qubesimgconverter
-%package -n python%{python3_pkgversion}-qubesimgconverter
+%if 0%{?rhel} >= 7
 %package -n python34-qubesimgconverter
 Summary:    Python package qubesimgconverter
-Requires:   python%{python3_pkgversion}
+Requires:   python34
-Requires:   python%{python3_pkgversion}-cairo
+Requires:   python34-cairo
-Requires:   python%{python3_pkgversion}-pillow
+Requires:   python34-pillow
-Requires:   python%{python3_pkgversion}-numpy
+Requires:   python34-numpy
-%description -n python%{python3_pkgversion}-qubesimgconverter
+%description -n python34-qubesimgconverter
 Python package qubesimgconverter
 %else
 %package -n python3-qubesimgconverter
 Summary:    Python package qubesimgconverter
 Requires:   python3
 Requires:   python3-cairo
 Requires:   python3-pillow
 Requires:   python3-numpy
 %description -n python3-qubesimgconverter
 Python package qubesimgconverter
 %endif
 %package devel
 Summary:	Development headers for qubes-utils
@ -112,7 +133,11 @@ rm -rf $RPM_BUILD_ROOT
 %{python2_sitelib}/qubesimgconverter/test_integ.py*
 %{python2_sitelib}/qubesimgconverter-%{version}-py?.?.egg-info
-%files -n python%{python3_pkgversion}-qubesimgconverter
+%if 0%{?rhel} >= 7
 %files -n python34-qubesimgconverter
 %else
 %files -n python3-qubesimgconverter
 %endif
 %{python3_sitelib}/qubesimgconverter/__init__.py
 %{python3_sitelib}/qubesimgconverter/imggen.py
 %{python3_sitelib}/qubesimgconverter/test.py
@ -121,11 +146,15 @@ rm -rf $RPM_BUILD_ROOT
 %{python3_sitelib}/qubesimgconverter/__pycache__
 %files libs
 %{_libdir}/libqrexec-utils.so.2
 %{_libdir}/libqubes-rpc-filecopy.so.2
 %files devel
 %defattr(-,root,root,-)
 /usr/include/libqrexec-utils.h
 /usr/include/libqubes-rpc-filecopy.h
 /usr/include/qrexec.h
 %{_libdir}/libqrexec-utils.so
 %{_libdir}/libqubes-rpc-filecopy.so
 %changelog
--- a/2
+++ b/2
@ -1 +1 @@
-4.1.3
+4.0.22
		`@ -0,0 +1 @@`
							`libqrexec-utils 2 libqrexec-utils2 (>= 4.0.16)`