qubes-utils (3.0.5) wheezy; urgency=medium * udev: fix block devices ignoring rule -- Marek Marczykowski-Górecki Fri, 03 Apr 2015 11:26:47 +0200 qubes-utils (3.0.4) wheezy; urgency=medium * udev: ignore temporary devices created during VM startup -- Marek Marczykowski-Górecki Wed, 01 Apr 2015 00:11:15 +0200 qubes-utils (3.0.3) wheezy; urgency=medium * qrexec-lib: enable compiler optimization * udev: allow normal user to access /dev/xen/xenbus for vchan connections * Add VM kernel related files as qubes-core-vm-kernel-support package * dracut: do not assume full udevd running inside initramfs * Provide a script to generate VM kernel files * dracut: Provide minimalistic initramfs files - no udev, no systemd * dracut: load ext4 module manually in minimalistic dracut module * Compile u2mfn module only when not already present -- Marek Marczykowski-Górecki Thu, 26 Mar 2015 23:57:42 +0100 qubes-utils (3.0.2) jessie; urgency=medium [ Marek Marczykowski-Górecki ] * qrexec: create stdin/out/err as sockets instead of pipes * debian: O_TMPFILE already defined [ Jason Mehring ] * Removed -Werror from qrexec Makefile to allow unpack to compile for both Fedora 20 and 21 * debian: Modified control file for new R3 Debian depends * debian: Updated changelog to reflect 3.0.1 version change * debian: Added qubesdb-vm as a depend * debian: Revert back to using libxen-dev as depend [ Marek Marczykowski-Górecki ] * Revert "Removed -Werror from qrexec Makefile to allow unpack to compile for both Fedora 20 and 21" -- Marek Marczykowski-Górecki Tue, 17 Feb 2015 14:22:38 +0100 qubes-utils (3.0.1) jessie; urgency=medium [ Wojciech Zygmunt Porczyk ] * v3.0.1 * This has to be versioned because of dependency in core-agent-linux. [ Marek Marczykowski-Górecki ] * Update for new vchan API, remove code not needed anymore * filecopy: fix handling ENOENT error * Do not fail when file was successfully created. * I will test before commit. I will test before commit. I will... [ Marek Marczykowski-Górecki ] * filecopy: really do not use O_TMPFILE when use_tmpfile==0 * When file opened with O_TMPFILE but use_tmpfile==0, the file will not be linked to the directory (the code at the end of process_one_file_reg). Additionally it is waste of time trying using O_TMPFILE when it's already known it shouldn't be. Also use_tmpfile==0 can mean we don't have access to /proc (set_procfs_fd wasn't called), so even if linking the file to its directory would be attempted, it would fail. This is the case for dom0-updates copy. [ Marek Marczykowski-Górecki ] * filecopy: create new file unaccessible to the user until fully written Otherwise source domain can modify (append) the file while the user already is accessing it. While incoming files should be treated as untrusted, this problem could allow file modification after the user makes some sanity checks. [ Marek Marczykowski-Górecki ] * udev: update hotplug block scripts for QubesDB * Some initial work was done, but apparently not complete and buggy. [ Marek Marczykowski-Górecki ] * version 3.0.0 [ Marek Marczykowski-Górecki ] * Fix compile warnings [ Marek Marczykowski-Górecki ] * qrexec-utils: add read_vchan_all and write_vchan_all * Similar to read_all and write_all. [ Marek Marczykowski-Górecki ] * qrexec: update protocol - add new messages - uniform packet header - organize #defines [ Marek Marczykowski-Górecki ] * code style: change tabs to spaces [ Marek Marczykowski-Górecki ] * qrexec-utils: disable write-stdin (buffered writes) compilation * Not compatible with new qrexec protocol yet. To be done. [ Marek Marczykowski-Górecki ] * New qrexec protocol * Use separate vchan to pass I/O for each process, which greatly simplify protocol implementation (eg. no flow control needed). [ Marek Marczykowski-Górecki ] * udev: setup permissions on xen device nodes [ Marek Marczykowski ] * qrexec-lib: prevent deadlock on vchan It can happen that we already cleared libvchan_fd pending state via libvchan_wait, but data arrived later. This is especially true just after connection, when client send unsolicited notification to server, which can confuse it with some requested notification. -- Marek Marczykowski-Górecki Tue, 10 Feb 2015 00:00:00 +0100 qubes-utils (3.0.0) jessie; urgency=medium [ HW42 ] * use systemd in debian [ Marek Marczykowski ] * Update for new vchan API, remove code not needed anymore * Use Qubes DB instead of Xenstore * qrexec-lib: prevent deadlock on vchan [ Marek Marczykowski-Górecki ] * udev: setup permissions on xen device nodes * New qrexec protocol * qrexec-utils: disable write-stdin (buffered writes) compilation * code style: change tabs to spaces * qrexec: update protocol * qrexec-utils: add read_vchan_all and write_vchan_all -- Marek Marczykowski-Górecki Sat, 22 Nov 2014 16:24:11 +0100 qubes-utils (2.0.14) jessie; urgency=medium [ Marek Marczykowski-Górecki ] * qrexec-lib: use _exit in child process to not fire atexit hooks * version 2.0.9 [ Wojciech Zygmunt Porczyk ] * move site-packages/qubes/__init__.py from core-admin * imgconverter.py: really close stdout in get_through_dvm [ Marek Marczykowski-Górecki ] * udev: better support device-mapper/LVM * version 2.0.10 * udev: fix perms of udev-block-add-change * udev: skip empty device-mapper nodes * version 2.0.11 * udev: filter out template's root device * udev: convert device description to ascii only * version 2.0.12 * rpm: add missing dependency [ Joanna Rutkowska ] * version 2.0.13 [ Davíð Steinn Geirsson ] * Add qmemman to make clean * Use xenstore.h when xen >= 4.2 * Initial native debian packaging [ Marek Marczykowski-Górecki ] * debian: rename package to qubes-utils, update deps * gitignore -- Marek Marczykowski-Górecki Mon, 28 Jul 2014 02:46:39 +0200 qubes-utils (2.0.8) jessie; urgency=low * Initial Release. -- Davíð Steinn Geirsson Sun, 20 Apr 2014 21:47:01 +0000