debian: Refactor Debian quilt packaging for xen

- Use copy-in for debian-quilt package in Makefile.builder instead of hook (to be removed) in Makefile.debian
- Remove patches from debian/patches; they are now applied dynamicly from series-debian-vm.conf

Makefile

@@ -191,10 +191,6 @@ install-common:
 	install -d $(DESTDIR)/home_volatile/user
 	install -d $(DESTDIR)/rw
 
-# Create a quilt orig package so we can build xen in Debian
-dist: 	
-	tar cvfz "../qubes-core-agent_$(VERSION).orig.tar.gz" --exclude-vcs --exclude=debian .
-
 install-deb:
 	mkdir -p $(DESTDIR)/etc/apt/sources.list.d
 	sed -e "s/@DIST@/`lsb_release -cs`/" misc/qubes-r3.list.in > $(DESTDIR)/etc/apt/sources.list.d/qubes-r3.list

Makefile.builder

@@ -1,7 +1,20 @@
 ifeq ($(PACKAGE_SET),vm)
-RPM_SPEC_FILES := rpm_spec/core-vm.spec \
-    rpm_spec/core-vm-doc.spec \
-    rpm_spec/core-vm-kernel-placeholder.spec
-ARCH_BUILD_DIRS := archlinux
-DEBIAN_BUILD_DIRS := debian
+  RPM_SPEC_FILES := rpm_spec/core-vm.spec \
+  rpm_spec/core-vm-doc.spec \
+  rpm_spec/core-vm-kernel-placeholder.spec
+
+  ifneq ($(filter $(DISTRIBUTION), debian qubuntu),)
+    DEBIAN_BUILD_DIRS := debian
+    SOURCE_COPY_IN := source-debian-quilt-copy-in
+  endif
+
+  ARCH_BUILD_DIRS := archlinux
 endif
+
+source-debian-quilt-copy-in: VERSION = $(shell cat $(ORIG_SRC)/version)
+source-debian-quilt-copy-in: ORIG_FILE = "$(CHROOT_DIR)/$(DIST_SRC)/../qubes-core-agent_$(VERSION).orig.tar.gz"
+source-debian-quilt-copy-in:
+	-$(shell $(ORIG_SRC)/debian-quilt $(ORIG_SRC)/series-debian-vm.conf $(CHROOT_DIR)/$(DIST_SRC)/debian/patches)
+	tar cvfz $(ORIG_FILE) --exclude-vcs --exclude=debian -C $(CHROOT_DIR)/$(DIST_SRC) .
+
+# vim: filetype=make

debian-quilt

@@ -0,0 +1,31 @@
+#!/bin/bash
+# vim: set ts=4 sw=4 sts=4 et :
+#
+# Given a series.conf file and debian patches directory, patches
+# are copied to debian patch directory
+
+USAGE="${0} <series.conf> <patchdir>"
+
+set -e
+set -o pipefail
+
+DIR="${0%/*}"
+SERIES_CONF="${1}"
+PATCH_DIR="${2}"
+
+if test $# -lt 2 || [ ! -e "${SERIES_CONF}" ] || [ ! -d "${PATCH_DIR}" ] ; then
+	echo "${USAGE}" >&2
+	exit 1
+fi
+
+# Clear patch series.conf file
+rm -f "${PATCH_DIR}/series"
+touch "${PATCH_DIR}/series"
+
+while read patch_file
+do
+    if [ -e "${DIR}/${patch_file}" ]; then
+        echo -e "${patch_file##*/}" >> "${PATCH_DIR}/series"
+        cp "${DIR}/${patch_file}" "${PATCH_DIR}"
+    fi
+done < "${SERIES_CONF}"

debian/patches/series

@@ -1 +0,0 @@
-qrexec_disable_all_warnings_as_errors.patch

debian/rules

@@ -4,13 +4,11 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-DPKG_EXPORT_BUILDFLAGS = 1
 include /usr/share/dpkg/default.mk
-
 export DESTDIR=$(shell pwd)/debian/qubes-core-agent
 
 %:
-	dh $@ --with systemd --with autotools-dev
+	dh $@ --with systemd
 
 override_dh_auto_build:
 	make all

patches.debian/qrexec_disable_all_warnings_as_errors.patch

@@ -0,0 +1,19 @@
+qrexec: Disable all warnings being treated as errors
+
+gcc -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -I. -g -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-xen` -D_FORTIFY_SOURCE=2  -c -o qrexec-agent-data.o qrexec-agent-data.c
+qrexec-agent-data.c: In function 'handle_remote_data':
+qrexec-agent-data.c:217:17: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
+                 status = *(unsigned int *)buf;
+                 ^
+cc1: all warnings being treated as errors
+<builtin>: recipe for target 'qrexec-agent-data.o' failed
+
+--- a/qrexec/Makefile
++++ b/qrexec/Makefile
+@@ -1,5 +1,5 @@
+ CC=gcc
+-CFLAGS+=-I. -g -Wall -Wextra -Werror -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
++CFLAGS+=-I. -g -Wall -Wextra -pie -fPIC `pkg-config --cflags vchan-$(BACKEND_VMM)`
+ LIBS=`pkg-config --libs vchan-$(BACKEND_VMM)` -lqrexec-utils
+ 
+ all: qrexec-agent qrexec-client-vm

series-debian-vm.conf

@@ -0,0 +1 @@
+patches.debian/qrexec_disable_all_warnings_as_errors.patch