From 19983edc3cf15c38fe6f5e40fc94161804562160 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Thu, 22 Nov 2012 00:51:18 +0100
Subject: [PATCH] vm: setup /dev/xen/evtchn permissions using udev rule

This works also when the device is recreated, which is the case in DispVM
(during xl restore).
---
 misc/{qubes_memory.rules => qubes_misc.rules} | 1 +
 rpm_spec/core-vm.spec                         | 4 ++--
 vm-init.d/qubes_core                          | 2 +-
 vm-systemd/qubes-sysinit.sh                   | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)
 rename misc/{qubes_memory.rules => qubes_misc.rules} (70%)

diff --git a/misc/qubes_memory.rules b/misc/qubes_misc.rules
similarity index 70%
rename from misc/qubes_memory.rules
rename to misc/qubes_misc.rules
index 9a0c95a1..cf69b73b 100644
--- a/misc/qubes_memory.rules
+++ b/misc/qubes_misc.rules
@@ -1 +1,2 @@
 SUBSYSTEM=="memory", ACTION=="add", ATTR{state}=="offline", ATTR{state}="online"
+KERNEL=="xen/evtchn", MODE="0666"
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 61d244c0..db064cf2 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -113,7 +113,7 @@ install -d -m 755 $RPM_BUILD_ROOT/etc/pki/rpm-gpg
 install -m 644 misc/RPM-GPG-KEY-qubes* $RPM_BUILD_ROOT/etc/pki/rpm-gpg/
 install -D misc/xenstore-watch $RPM_BUILD_ROOT/usr/bin/xenstore-watch-qubes
 install -d $RPM_BUILD_ROOT/etc/udev/rules.d
-install -m 0644 misc/qubes_memory.rules $RPM_BUILD_ROOT/etc/udev/rules.d/50-qubes_memory.rules
+install -m 0644 misc/qubes_misc.rules $RPM_BUILD_ROOT/etc/udev/rules.d/50-qubes_misc.rules
 install -m 0644 misc/qubes_block.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_block.rules
 install -m 0644 misc/qubes_usb.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_usb.rules
 install -d $RPM_BUILD_ROOT/usr/lib/qubes/
@@ -384,7 +384,7 @@ rm -rf $RPM_BUILD_ROOT
 /etc/sysconfig/modules/qubes_misc.modules
 /etc/tinyproxy/filter-qubes-yum
 /etc/tinyproxy/tinyproxy-qubes-yum.conf
-/etc/udev/rules.d/50-qubes_memory.rules
+/etc/udev/rules.d/50-qubes_misc.rules
 /etc/udev/rules.d/99-qubes_block.rules
 /etc/udev/rules.d/99-qubes_network.rules
 /etc/udev/rules.d/99-qubes_usb.rules
diff --git a/vm-init.d/qubes_core b/vm-init.d/qubes_core
index b3927fd3..0707bb1e 100755
--- a/vm-init.d/qubes_core
+++ b/vm-init.d/qubes_core
@@ -18,7 +18,7 @@ start()
 	# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
 	chmod 666 /proc/xen/xenbus
 	# Set permissions to files needed to listen at vchan
-	chmod 666 /proc/u2mfn /dev/xen/evtchn
+	chmod 666 /proc/u2mfn
 
 	mkdir -p /var/run/xen-hotplug
 
diff --git a/vm-systemd/qubes-sysinit.sh b/vm-systemd/qubes-sysinit.sh
index f0b098a7..0c2aaeac 100755
--- a/vm-systemd/qubes-sysinit.sh
+++ b/vm-systemd/qubes-sysinit.sh
@@ -26,7 +26,7 @@ mkdir -p /var/run/xen-hotplug
 # Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
 chmod 666 /proc/xen/xenbus
 # Set permissions to files needed to listen at vchan
-chmod 666 /proc/u2mfn /dev/xen/evtchn
+chmod 666 /proc/u2mfn
 
 # Set default services depending on VM type
 TYPE=`$XS_READ qubes_vm_type 2> /dev/null`