Commit Graph

745 Commits

Author SHA1 Message Date
Joanna Rutkowska
1bf125fc63 Merge branch 'syncjoanna' of git.qubes-os.org:/var/lib/qubes/git/rafal/core into r1-beta1 2011-05-23 21:12:36 +02:00
Rafal Wojtczuk
e7d2eefecd qrexec: fix stdout flush on process exit
In case a child of qrexec_daemon has exited and there is still data in its
stdout pipe, we need to flush it to the peer. Previously, the case when the
peer is blocked was not handled; it is now. The bug impact was premature EOF.
2011-05-23 15:35:40 +02:00
Marek Marczykowski
e1cea1f50b dom0: tool for sync desktop file templates (#45) 2011-05-20 16:38:00 +02:00
Marek Marczykowski
b24cf454b3 version 1.6.0 2011-05-17 23:06:02 +02:00
Marek Marczykowski
773f0f7b7a dom0: Fix qvm-prefs for standalone VM 2011-05-17 23:05:55 +02:00
Timo Juhani Lindfors
215e788f62 Add _GNU_SOURCE to get O_NOFOLLOW on debian squeeze. 2011-05-13 14:16:11 +02:00
Timo Juhani Lindfors
6e19780551 Ensure 'make clean' descends to u2mfn/ 2011-05-13 14:16:10 +02:00
Timo Juhani Lindfors
b43baee220 Ensure 'make clean' removes xenstore-watch 2011-05-13 14:16:10 +02:00
Marek Marczykowski
bb073c3cdb vm: Remove root password to allow easy escalation from UI application (#202)
Ex. gpk-application needs this to work properly while running from user. When
root password is set - polkit-daemon asks for it (according to polkit setting).
2011-05-12 19:15:24 +02:00
Marek Marczykowski
ee87fff0d7 dom0: implement QubesVm.get_start_time() (#231)
Needed to check if VM was just started again
2011-05-12 18:15:09 +02:00
Marek Marczykowski
dccc528144 dom0: qmemman: distribute memory only if there are VMs which can accept it
This prevent potential inifinite loop in qmemman when free memory cannot be
assigned to any VM (because of static max). Practically this will never happen,
because dom0 can always accept memory.
2011-05-12 17:36:47 +02:00
Joanna Rutkowska
5b286c8a2a version 1.5.26 2011-05-12 16:16:50 +02:00
Marek Marczykowski
b57b41aafa dom0: qmemman: Support for maxmem != physical memory (#235) 2011-05-12 15:20:26 +02:00
Joanna Rutkowska
f28f2f2044 Merge branch 'sane-and-pretty' of git.qubes-os.org:/var/lib/qubes/git/rafal/core into r1-beta1 2011-05-10 12:41:00 +02:00
Rafal Wojtczuk
c677f1cc4e qrexec and qfile-*: compile with -pie
For full ASLR.
2011-05-10 12:19:28 +02:00
Joanna Rutkowska
4f0054529a version 1.2.25 2011-05-10 11:45:01 +02:00
Joanna Rutkowska
cb6a4176cb Merge branch 'r1-beta1-fixes' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into r1-beta1 2011-05-10 11:42:07 +02:00
Joanna Rutkowska
8c218c38a7 core-dom0-vaio-fixes is now a separate package
Also fixes to postun scripts to properly handle updates
2011-05-10 11:14:41 +02:00
Marek Marczykowski
99acf80c6d Merge branch 'r1-beta1' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core into r1-beta1-fixes 2011-05-10 11:13:44 +02:00
Marek Marczykowski
761c774189 Remove correct lockfile on qubes_setupdvm stop 2011-05-10 00:55:04 +02:00
Marek Marczykowski
832289c53e Catch more exceptions during VM restore (#212) 2011-05-10 00:54:39 +02:00
Marek Marczykowski
3f28f16336 Link to icon on template clone (#225) 2011-05-10 00:54:09 +02:00
Marek Marczykowski
f28407bca6 Run qubes_core_appvm also in TemplateVM (#222) 2011-05-10 00:53:38 +02:00
Marek Marczykowski
1071e3a53c Fix typo 2011-05-10 00:53:33 +02:00
Joanna Rutkowska
b77d2193f4 Makefile: update-repo-current-testing target 2011-05-09 18:40:51 +02:00
Joanna Rutkowska
07c7b6e1c2 version 1.5.24 2011-05-09 18:28:08 +02:00
Joanna Rutkowska
b592065d27 Merge branch 'sane-and-pretty' of git.qubes-os.org:/var/lib/qubes/git/rafal/core into r1-beta1 2011-05-09 18:24:28 +02:00
Rafal Wojtczuk
7bc7dc6294 qubes_netwatcher: expand a note about NETCFG untrusted origin 2011-05-09 16:26:48 +02:00
Rafal Wojtczuk
adad94cb09 qubes_netwatcher: add a note about NETCFG untrusted origin 2011-05-09 16:23:52 +02:00
Marek Marczykowski
b842155516 Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core into r1-beta1-fixes 2011-05-09 14:30:55 +02:00
Marek Marczykowski
ef517e5e66 Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-05-09 13:57:21 +02:00
Rafal Wojtczuk
8733c0ef77 qrexec_daemon: fixed typo in msg name 2011-05-09 13:31:38 +02:00
Marek Marczykowski
3d92e50792 Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-05-09 12:25:14 +02:00
Rafal Wojtczuk
7294f8f345 qfile-unpacker: prefix all variables with untrusted_ 2011-05-09 11:02:40 +02:00
Joanna Rutkowska
7b320db29e Merge branch 'sane-and-pretty' of git.qubes-os.org:/var/lib/qubes/git/rafal/core into r1-beta1 2011-05-05 23:38:51 +02:00
Rafal Wojtczuk
6067be29df qmemman: add comments, make some identifiers more verbose 2011-05-04 17:58:28 +02:00
Rafal Wojtczuk
18e207cbc5 qmemman: prefix variables read from xenstore with "untrusted_"
Additionally move all already existing checks to an already
existing is_meminfo_suspicious procedure.
2011-05-04 17:10:01 +02:00
Rafal Wojtczuk
d84289f983 qrexec - indentation 2011-05-04 13:00:39 +02:00
Rafal Wojtczuk
b4fb7a4b5d qrexec: added two I/O error checks, even though it is redundant in these cases 2011-05-04 12:56:52 +02:00
Rafal Wojtczuk
d68183da0c qrexec: added comments, made identifiers more verbose 2011-05-04 12:52:54 +02:00
Rafal Wojtczuk
675d4ce25b qrexec_daemon: add explicite sanitize routine
It sanitizes messages from agent, the only untrusted input. No new
checks have been added, just moved the code.
2011-05-04 10:53:43 +02:00
Joanna Rutkowska
9dc819d709 version 1.5.23-dom0 2011-05-02 17:45:31 +02:00
Marek Marczykowski
4a76bf2981 Call xm to set maxmem, instead of direct call to xend.
Previous one hangs sometimes with 100% occupied by xend.
This will also be simpler to port to xl/libxl interface.
2011-05-01 12:02:27 +02:00
Marek Marczykowski
f49c3a4224 Reduce dom0 priority bonus
To not kill AppVMs performance with ex kcryptd
2011-05-01 00:32:04 +02:00
Marek Marczykowski
369a8dc67e Down net ifaces on suspend (#146)
NetworkManager stop isn't enough
2011-04-30 23:55:15 +02:00
Marek Marczykowski
1891954f71 Revert "Run nm-applet as normal user"
This reverts commit 2f5b6e6582.

Dbus policy hacking not needed any more. ConsoleKit session is correctly started.
2011-04-29 02:32:55 +02:00
Marek Marczykowski
aa7df98b7e Use half of host memory as maxmem by default. Allow to configure it per VM. 2011-04-29 01:43:41 +02:00
Marek Marczykowski
ac84bbe621 Remove correct lockfile on qubes_setupdvm stop 2011-04-27 23:07:38 +02:00
Marek Marczykowski
98f4028142 Connect vif's to already running VMs on NetVM/ProxyVM startup (#190)
Also cleanup stale vifs using "xm network-detach ... -f"
Fix iptables rules to support not only first vif of VM
2011-04-23 03:05:27 +02:00
Marek Marczykowski
655f13e2ec Configure VM network iface on attach (not only on boot) (#190) 2011-04-23 02:31:54 +02:00