Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of git://git.qubes-os.org/marmarek/core into pvusb2

Browse Source
This commit is contained in:
Alexandre Bezroutchko 2012-11-08 01:31:07 +01:00
commit 5ad7e9622c
15 changed files with 85 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Makefile
View File

@ -12,15 +12,20 @@ help:
@echo "make update-repo-installer -- copy dom0 rpms to installer repo" @echo "make update-repo-installer -- copy dom0 rpms to installer repo"
@echo "make clean -- cleanup" @echo "make clean -- cleanup"
rpms: rpms: rpms-vm rpms-dom0
rpms-vm:
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm.spec rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm.spec
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm-kernel-placeholder.spec rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm-kernel-placeholder.spec
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec
rpm --addsign \ rpm --addsign \
$(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*.rpm \
$(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*.rpm \ $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*.rpm \
$(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*.rpm $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*.rpm
rpms-dom0:
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec
rpm --addsign \
$(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*.rpm
rpms-vaio-fixes: rpms-vaio-fixes:
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0-vaio-fixes.spec rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0-vaio-fixes.spec
rpm --addsign $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*.rpm rpm --addsign $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*.rpm

1
build-deps.list Normal file
View File

@ -0,0 +1 @@
xen-devel-*DIST*

2
dom0/qvm-core/qubes.py
View File

@ -75,7 +75,7 @@ default_kernels_subdir = "kernels"
default_firewall_conf_file = "firewall.xml" default_firewall_conf_file = "firewall.xml"
default_memory = 400 default_memory = 400
default_kernelopts = "" default_kernelopts = ""
default_kernelopts_pcidevs = "iommu=soft swiotlb=2048" default_kernelopts_pcidevs = "iommu=soft swiotlb=4096"
default_hvm_disk_size = 20*1024*1024*1024 default_hvm_disk_size = 20*1024*1024*1024
default_hvm_private_img_size = 2*1024*1024*1024 default_hvm_private_img_size = 2*1024*1024*1024

19
dom0/qvm-tools/qvm-usb
View File

@ -26,6 +26,8 @@ from optparse import OptionParser
import sys import sys
import os import os
pvusb_enable_flagfile = '/var/lib/qubes/pvusb-enable.flag'
def main(): def main():
usage = "usage: %prog -l [options]\n"\ usage = "usage: %prog -l [options]\n"\
"usage: %prog -a [options] <vm-name> <device-vm-name>:<device>\n"\ "usage: %prog -a [options] <vm-name> <device-vm-name>:<device>\n"\
@ -46,6 +48,23 @@ def main():
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if not os.path.exists(pvusb_enable_flagfile):
print >> sys.stderr, ""
print >> sys.stderr, "******* WARNING *** WARNING *** WARNING *** WARNING *******"
print >> sys.stderr, "*** ***"
print >> sys.stderr, "*** PVUSB passthrough kernel support is still unstable. ***"
print >> sys.stderr, "*** It can CRASH your VMs ***"
print >> sys.stderr, "*** ***"
print >> sys.stderr, "***********************************************************"
print >> sys.stderr, ""
print >> sys.stderr, "If you still want to use it, type capital YES"
print >> sys.stderr, ""
prompt = raw_input ("Do you want enable PV USB support? ")
if prompt == "YES":
open(pvusb_enable_flagfile, "w").close()
else:
exit(1)
if os.geteuid() == 0: if os.geteuid() == 0:
if not options.force_root: if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems." print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."

3
rpm_spec/core-dom0.spec
View File

@ -56,9 +56,10 @@ python -O -m compileall qvm-core qmemman
make -C restore make -C restore
make -C qubes_rpc make -C qubes_rpc
make -C ../qubes_rpc make -C ../qubes_rpc
make -C ../vchan -f Makefile.linux
make -C ../u2mfn make -C ../u2mfn
make -C ../vchan -f Makefile.linux
make -C ../qrexec make -C ../qrexec
make -C ../misc
%install %install

4
rpm_spec/core-vm.spec
View File

@ -212,7 +212,7 @@ remove_ShowIn () {
for F in abrt-applet deja-dup-monitor imsettings-start krb5-auth-dialog pulseaudio restorecond sealertauto gnome-power-manager gnome-sound-applet gnome-screensaver orca-autostart; do for F in abrt-applet deja-dup-monitor imsettings-start krb5-auth-dialog pulseaudio restorecond sealertauto gnome-power-manager gnome-sound-applet gnome-screensaver orca-autostart; do
if [ -e /etc/xdg/autostart/$F.desktop ]; then if [ -e /etc/xdg/autostart/$F.desktop ]; then
remove_ShowIn $F remove_ShowIn $F
echo 'NotShowIn=QUBES' >> /etc/xdg/autostart/$F.desktop echo 'NotShowIn=QUBES;' >> /etc/xdg/autostart/$F.desktop
fi fi
done done
@ -220,7 +220,7 @@ done
for F in gcm-apply ; do for F in gcm-apply ; do
if [ -e /etc/xdg/autostart/$F.desktop ]; then if [ -e /etc/xdg/autostart/$F.desktop ]; then
remove_ShowIn $F remove_ShowIn $F
echo 'NotShowIn=DisposableVM' >> /etc/xdg/autostart/$F.desktop echo 'NotShowIn=DisposableVM;' >> /etc/xdg/autostart/$F.desktop
fi fi
done done

50
u2mfn/u2mfnlib.c
View File

@ -31,11 +31,24 @@ static int u2mfn_fd = -1;
static int get_fd() static int get_fd()
{ {
if (u2mfn_fd == -1) { if (u2mfn_fd == -1)
u2mfn_fd = open("/proc/u2mfn", O_RDWR); u2mfn_fd = u2mfn_get_fd();
if (u2mfn_fd < 0) if (u2mfn_fd < 0)
return -1; return -1;
} return 0;
}
int u2mfn_get_fd()
{
return open("/proc/u2mfn", O_RDWR);
}
int u2mfn_get_mfn_for_page_with_fd(int fd, long va, int *mfn)
{
*mfn = ioctl(fd, U2MFN_GET_MFN_FOR_PAGE, va);
if (*mfn == -1)
return -1;
return 0; return 0;
} }
@ -43,7 +56,12 @@ int u2mfn_get_mfn_for_page(long va, int *mfn)
{ {
if (get_fd()) if (get_fd())
return -1; return -1;
*mfn = ioctl(u2mfn_fd, U2MFN_GET_MFN_FOR_PAGE, va); return u2mfn_get_mfn_for_page_with_fd(u2mfn_fd, va, mfn);
}
int u2mfn_get_last_mfn_with_fd(int fd, int *mfn)
{
*mfn = ioctl(fd, U2MFN_GET_LAST_MFN, 0);
if (*mfn == -1) if (*mfn == -1)
return -1; return -1;
@ -54,22 +72,20 @@ int u2mfn_get_last_mfn(int *mfn)
{ {
if (get_fd()) if (get_fd())
return -1; return -1;
return u2mfn_get_last_mfn_with_fd(u2mfn_fd, mfn);
*mfn = ioctl(u2mfn_fd, U2MFN_GET_LAST_MFN, 0);
if (*mfn == -1)
return -1;
return 0;
} }
char *u2mfn_alloc_kpage_with_fd(int fd)
{
char *ret;
ret =
mmap(0, 4096, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
return ret;
}
char *u2mfn_alloc_kpage() char *u2mfn_alloc_kpage()
{ {
char *ret;
if (get_fd()) if (get_fd())
return MAP_FAILED; return MAP_FAILED;
ret = return u2mfn_alloc_kpage_with_fd(u2mfn_fd);
mmap(0, 4096, PROT_READ | PROT_WRITE, MAP_SHARED, u2mfn_fd, 0);
return ret;
} }

6
u2mfn/u2mfnlib.h
View File

@ -19,6 +19,10 @@
* *
*/ */
int u2mfn_get_fd();
int u2mfn_get_mfn_for_page(long va, int *mfn) ; int u2mfn_get_mfn_for_page(long va, int *mfn) ;
int u2mfn_get_mfn_for_page_with_fd(int fd, long va, int *mfn) ;
int u2mfn_get_last_mfn(int *mfn) ; int u2mfn_get_last_mfn(int *mfn) ;
char *u2mfn_alloc_kpage(void) ; int u2mfn_get_last_mfn_with_fd(int fd, int *mfn) ;
char *u2mfn_alloc_kpage(void);
char *u2mfn_alloc_kpage_with_fd(int fd);

8
vchan/init.c
View File

@ -92,6 +92,7 @@ static int ring_init(struct libvchan *ctrl)
static int ring_init(struct libvchan *ctrl) static int ring_init(struct libvchan *ctrl)
{ {
int mfn; int mfn;
int u2mfn_fd;
struct vchan_interface *ring; struct vchan_interface *ring;
#ifdef CONFIG_STUBDOM #ifdef CONFIG_STUBDOM
ring = (struct vchan_interface *) memalign(XC_PAGE_SIZE, sizeof(*ring)); ring = (struct vchan_interface *) memalign(XC_PAGE_SIZE, sizeof(*ring));
@ -102,12 +103,15 @@ static int ring_init(struct libvchan *ctrl)
mfn = virtual_to_mfn(ring); mfn = virtual_to_mfn(ring);
#else #else
ring = (struct vchan_interface *) u2mfn_alloc_kpage (); u2mfn_fd = u2mfn_get_fd();
if (u2mfn_fd < 0)
return -1;
ring = (struct vchan_interface *) u2mfn_alloc_kpage_with_fd (u2mfn_fd);
if (ring == MAP_FAILED) if (ring == MAP_FAILED)
return -1; return -1;
if (u2mfn_get_last_mfn (&mfn) < 0) if (u2mfn_get_last_mfn_with_fd (u2mfn_fd, &mfn) < 0)
return -1; return -1;
#endif #endif

2
vchan/io.c
View File

@ -129,7 +129,7 @@ int libvchan_wait(struct libvchan *ctrl)
may write less data than requested; may write less data than requested;
returns the amount of data processed, -1 on error or peer close returns the amount of data processed, -1 on error or peer close
*/ */
int libvchan_write(struct libvchan *ctrl, char *data, int size) int libvchan_write(struct libvchan *ctrl, const char *data, int size)
{ {
int avail, avail_contig; int avail, avail_contig;
int real_idx; int real_idx;

2
vchan/libvchan.h
View File

@ -78,7 +78,7 @@ struct libvchan *libvchan_server_init(int devno);
struct libvchan *libvchan_client_init(int domain, int devno); struct libvchan *libvchan_client_init(int domain, int devno);
int libvchan_server_handle_connected(struct libvchan *ctrl); int libvchan_server_handle_connected(struct libvchan *ctrl);
int libvchan_write(struct libvchan *ctrl, char *data, int size); int libvchan_write(struct libvchan *ctrl, const char *data, int size);
int libvchan_read(struct libvchan *ctrl, char *data, int size); int libvchan_read(struct libvchan *ctrl, char *data, int size);
int libvchan_wait(struct libvchan *ctrl); int libvchan_wait(struct libvchan *ctrl);
int libvchan_close(struct libvchan *ctrl); int libvchan_close(struct libvchan *ctrl);

2
version_dom0
View File

@ -1 +1 @@
2.0.36 2.1.1

2
version_vm
View File

@ -1 +1 @@
1.7.46 2.1.1

2
vm-init.d/qubes_core
View File

@ -17,6 +17,8 @@ start()
# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read # Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
chmod 666 /proc/xen/xenbus chmod 666 /proc/xen/xenbus
# Set permissions to files needed to listen at vchan
chmod 666 /proc/u2mfn /dev/xen/evtchn
mkdir -p /var/run/xen-hotplug mkdir -p /var/run/xen-hotplug

2
vm-systemd/qubes-sysinit.sh
View File

@ -25,6 +25,8 @@ mkdir -p /var/run/xen-hotplug
# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read # Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
chmod 666 /proc/xen/xenbus chmod 666 /proc/xen/xenbus
# Set permissions to files needed to listen at vchan
chmod 666 /proc/u2mfn /dev/xen/evtchn
# Set default services depending on VM type # Set default services depending on VM type
TYPE=`$XS_READ qubes_vm_type 2> /dev/null` TYPE=`$XS_READ qubes_vm_type 2> /dev/null`