Merge branch 'r1-beta1-fixes'

Conflicts:
	dom0/qvm-core/qubes.py
	version_dom0
	version_vm

Makefile

@@ -1,11 +1,13 @@
 RPMS_DIR=rpm/
 
 VERSION_DOM0 := $(shell cat version_dom0)
+VERSION_VAIO_FIXES := $(shell cat version_vaio_fixes)
 VERSION_VM := $(shell cat version_vm)
 
 help:
 	@echo "make rpms                  -- generate binary rpm packages"
 	@echo "make update-repo-current   -- copy newly generated rpms to qubes yum repo"
+	@echo "make update-repo-current-testing  -- same, but to -current-testing repo"
 	@echo "make update-repo-unstable  -- same, but to -testing repo"
 	@echo "make update-repo-installer -- copy dom0 rpms to installer repo"
 	@echo "make clean                 -- cleanup"
@@ -17,17 +19,31 @@ rpms:
 	rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-proxyvm.spec
 	rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec
 	rpm --addsign \
-		$(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION_DOM0)*.rpm \
+		$(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*.rpm \
 		$(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*.rpm
 
+rpms-vaio-fixes:
+	rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0-vaio-fixes.spec
+	rpm --addsign $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*.rpm 
+
 update-repo-current:
-	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/current/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/current/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/current/dom0/rpm/
 	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc13*.rpm ../yum/current-release/current/vm/f13/rpm/
 	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc14*.rpm ../yum/current-release/current/vm/f14/rpm/
 	cd ../yum && ./update_repo.sh
 
+update-repo-current-testing:
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc13*.rpm ../yum/current-release/current-testing/vm/f13/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc14*.rpm ../yum/current-release/current-testing/vm/f14/rpm/
+	cd ../yum && ./update_repo.sh
+
+
 update-repo-unstable:
-	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/unstable/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/unstable/dom0/rpm/
+	ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/unstable/dom0/rpm/
 	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc13*.rpm ../yum/current-release/unstable/vm/f13/rpm/
 	ln -f $(RPMS_DIR)/x86_64/qubes-core-*vm-*$(VERSION_VM)*fc14*.rpm ../yum/current-release/unstable/vm/f14/rpm/
 	cd ../yum && ./update_repo.sh

appvm/Makefile

@@ -1,14 +1,14 @@
 CC=gcc
-CFLAGS=-g -Wall -I../common
+CFLAGS=-g -Wall -I../common -fPIC -pie
 all:	dvm_file_editor qfile-agent-dvm qfile-agent qfile-unpacker
 dvm_file_editor: dvm_file_editor.o ../common/ioall.o
-	$(CC) -g -o dvm_file_editor dvm_file_editor.o ../common/ioall.o
+	$(CC) -pie -g -o dvm_file_editor dvm_file_editor.o ../common/ioall.o
 qfile-agent-dvm: qfile-agent-dvm.o ../common/ioall.o ../common/gui-fatal.o
-	$(CC) -g -o qfile-agent-dvm qfile-agent-dvm.o ../common/ioall.o ../common/gui-fatal.o 
+	$(CC) -pie -g -o qfile-agent-dvm qfile-agent-dvm.o ../common/ioall.o ../common/gui-fatal.o 
 qfile-agent: qfile-agent.o ../common/ioall.o ../common/gui-fatal.o copy_file.o
-	$(CC) -g -o qfile-agent qfile-agent.o ../common/ioall.o ../common/gui-fatal.o copy_file.o
+	$(CC) -pie -g -o qfile-agent qfile-agent.o ../common/ioall.o ../common/gui-fatal.o copy_file.o
 qfile-unpacker: qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o copy_file.o unpack.o
-	$(CC) -g -o qfile-unpacker qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o copy_file.o unpack.o
+	$(CC) -pie -g -o qfile-unpacker qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o copy_file.o unpack.o
 
 clean:
 	rm -f qfile-agent-dvm qfile-agent qfile-unpacker dvm_file_editor *.o *~

common/qubes.fc13.repo

@@ -4,6 +4,13 @@ baseurl = http://yum.qubes-os.org/r1-beta1/current/vm/f13
 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary
 gpgcheck = 1
 
+[qubes-vm-current-testing]
+name = Qubes OS Repository for VM (updates-testing)
+baseurl = http://yum.qubes-os.org/r1-beta1/current-testing/vm/f13
+gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary
+gpgcheck = 1
+enabled=0
+
 [qubes-vm-unstable]
 name = Qubes OS Repository for VM (unstable)
 baseurl = http://yum.qubes-os.org/r1-beta1/unstable/vm/f13

common/qubes.fc14.repo

@@ -4,6 +4,13 @@ baseurl = http://yum.qubes-os.org/r1-beta1/current/vm/f14
 gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary
 gpgcheck = 1
 
+[qubes-vm-current-testing]
+name = Qubes OS Repository for VM (updates-testing)
+baseurl = http://yum.qubes-os.org/r1-beta1/current-testing/vm/f14
+gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary
+gpgcheck = 1
+enabled=0
+
 [qubes-vm-unstable]
 name = Qubes OS Repository for VM (unstable)
 baseurl = http://yum.qubes-os.org/r1-beta1/unstable/vm/f14

proxyvm/bin/qubes_netwatcher

@@ -13,11 +13,14 @@ trap 'exit 0' SIGTERM
 while true; do
 	NET_DOMID=$(/usr/bin/xenstore-read qubes_netvm_domid)
 	if [[ -n "$NET_DOMID" ]] && [[ $NET_DOMID -gt 0 ]]; then
-		NETCFG=$(/usr/bin/xenstore-read /local/domain/$NET_DOMID/qubes_netvm_external_ip)
-		if [[ "$NETCFG" != "$CURR_NETCFG" ]]; then
+		UNTRUSTED_NETCFG=$(/usr/bin/xenstore-read /local/domain/$NET_DOMID/qubes_netvm_external_ip)
+		# UNTRUSTED_NETCFG is not parsed in any way
+		# thus, no sanitization ready
+		# but be careful when passing it to other shell scripts
+		if [[ "$UNTRUSTED_NETCFG" != "$CURR_NETCFG" ]]; then
 			/sbin/service qubes_firewall stop
 			/sbin/service qubes_firewall start
-			CURR_NETCFG="$NETCFG"
+			CURR_NETCFG="$UNTRUSTED_NETCFG"
 			/usr/bin/xenstore-write qubes_netvm_external_ip "$CURR_NETCFG"
 		fi
 

version_vaio_fixes

@@ -0,0 +1 @@
+1.5.25