Refresh stubdomain software

.gitlab-ci.yml

@@ -1,11 +1,7 @@
 include:
   - project: QubesOS/qubes-continuous-integration
-    file: /r4.1/gitlab-base.yml
+    file: /r4.3/gitlab-base.yml
   - project: QubesOS/qubes-continuous-integration
-    file: /r4.1/gitlab-dom0.yml
+    file: /r4.3/gitlab-host.yml
   - project: QubesOS/qubes-continuous-integration
-    file: /r4.2/gitlab-base.yml
-  - project: QubesOS/qubes-continuous-integration
-    file: /r4.2/gitlab-host.yml
-  - project: QubesOS/qubes-continuous-integration
-    file: /r4.2/gitlab-host-openqa.yml
+    file: /r4.3/gitlab-host-openqa.yml

.qubesbuilder

@@ -8,21 +8,21 @@ source:
   # it treats component as external source like "xen", "grub", etc.
   create-archive: true
   files:
-  - url: https://download.qemu.org/qemu-8.1.2.tar.xz
-    signature: https://download.qemu.org/qemu-8.1.2.tar.xz.sig
+  - url: https://download.qemu.org/qemu-9.0.2.tar.xz
+    signature: https://download.qemu.org/qemu-9.0.2.tar.xz.sig
     pubkeys:
     - keys/qemu/mdroth.asc
     - keys/qemu/pbonzini.asc
-  - url: https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.10.200.tar.xz
-    signature: https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.10.200.tar.sign
+  - url: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.44.tar.xz
+    signature: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.6.44.tar.sign
     uncompress: true
     pubkeys:
     - keys/linux/greg.asc
-  - url: https://busybox.net/downloads/busybox-1.31.1.tar.bz2
-#    signature: https://busybox.net/downloads/busybox-1.31.1.tar.bz2.sig
+  - url: https://busybox.net/downloads/busybox-1.36.1.tar.bz2
+#    signature: https://busybox.net/downloads/busybox-1.36.1.tar.bz2.sig
 #    pubkeys:
 #    - keys/busybox/vda_pubkey.asc
-    sha512: checksums/busybox-1.31.1.tar.bz2.sha512
+    sha512: checksums/busybox-1.36.1.tar.bz2.sha512
   - url: https://www.freedesktop.org/software/pulseaudio/releases/pulseaudio-14.2.tar.xz
     sha512: checksums/pulseaudio-14.2.tar.xz.sha512
   - url: https://github.com/libusb/libusb/releases/download/v1.0.23/libusb-1.0.23.tar.bz2

Makefile.stubdom

@@ -256,10 +256,8 @@ build/qemu/build/config.status: build/qemu/.patched build/qemu/.gui-agent-copied
 		--disable-numa \
 		--disable-qom-cast-debug \
 		--disable-virglrenderer \
-		--enable-stubdom \
 		--disable-tools \
 		--disable-replication \
-		--disable-hax \
 		--disable-opengl \
 		--disable-virglrenderer \
 		--disable-tcg \

Makefile.vars

@@ -1,5 +1,5 @@
-QEMU_VERSION := 8.1.2
-LINUX_VERSION := 5.10.200
-BUSYBOX_VERSION := 1.31.1
+QEMU_VERSION := 9.0.2
+LINUX_VERSION := 6.6.44
+BUSYBOX_VERSION := 1.36.1
 PULSEAUDIO_VERSION := 14.2
 LIBUSB_VERSION := 1.0.23

busybox/busybox.config

@@ -794,6 +794,7 @@ CONFIG_FEATURE_IP_NEIGH=y
 # CONFIG_ROUTE is not set
 # CONFIG_SLATTACH is not set
 # CONFIG_SSL_CLIENT is not set
+# CONFIG_TC is not set
 # CONFIG_TCPSVD is not set
 # CONFIG_UDPSVD is not set
 # CONFIG_TELNET is not set

checksums/busybox-1.36.1.tar.bz2.sha512

@@ -0,0 +1 @@
+8c0c754c9ae04b5e6b23596283a7d3a4ef96225fe179f92d6f6a99c69c0caa95b1aa56c267f52d7c807f6cc69e1f0b7dd29a8ac624098f601738f8c0c57980d4

helpers/vchan-socket-proxy.c

@@ -227,7 +227,7 @@ static struct libxenvchan *connect_vchan(int domid, const char *path) {
     struct libxenvchan *ctrl = NULL;
     struct xs_handle *xs = NULL;
     xc_interface *xc = NULL;
-    xc_dominfo_t dominfo;
+    xc_domaininfo_t dominfo;
     char **watch_ret;
     unsigned int watch_num;
     int ret;
@@ -259,12 +259,12 @@ static struct libxenvchan *connect_vchan(int domid, const char *path) {
         if (ctrl)
             break;
 
-        ret = xc_domain_getinfo(xc, domid, 1, &dominfo);
+        ret = xc_domain_getinfo_single(xc, domid, &dominfo);
         /* break the loop if domain is definitely not there anymore, but
          * continue if it is or the call failed (like EPERM) */
         if (ret == -1 && errno == ESRCH)
             break;
-        if (ret == 1 && (dominfo.domid != (uint32_t)domid || dominfo.dying))
+        if (ret == 0 && (dominfo.flags & XEN_DOMINF_dying))
             break;
     }
 

linux/config/05-base

@@ -75,6 +75,7 @@ CONFIG_PROC_FS=y
 CONFIG_PROC_SYSCTL=y
 CONFIG_SYSFS=y
 CONFIG_DEVTMPFS=y
+CONFIG_TMPFS=y
 CONFIG_PRINTK=y
 CONFIG_BUG=y
 

linux/patches/0001-tty-hvc-setup-hvc-consoles-in-RAW-mode-by-default.patch

@@ -31,9 +31,9 @@ index 27284a2dcd2b..cd063b3c6903 100644
 +	 * buffered data */
 +	drv->init_termios.c_iflag = 0;
 +	drv->init_termios.c_lflag &= ~(ISIG | ICANON);
- 	drv->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_RESET_TERMIOS;
  	tty_set_operations(drv, &hvc_ops);
 
+ 	/* Always start the kthread because there can be hotplug vty adapters
 -- 
 2.17.2
 

qemu/patches/0001-hw-xen-detect-when-running-inside-stubdomain.patch

@@ -0,0 +1,95 @@
+From e66aa97dca5120f22e015c19710b2ff04f525720 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
+ <[email protected]>
+Date: Sat, 17 Feb 2024 03:51:44 +0100
+Subject: [PATCH 1/2] hw/xen: detect when running inside stubdomain
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Introduce global xen_is_stubdomain variable when qemu is running inside
+a stubdomain instead of dom0. This will be relevant for subsequent
+patches, as few things like accessing PCI config space need to be done
+differently.
+
+Signed-off-by: Marek Marczykowski-Górecki <[email protected]>
+---
+Changes in v3:
+- move to xen_hvm_init_pc()
+- coding style
+Changes in v2:
+- use sigend int for domid to match xenstore_read_int() types
+- fix code style
+---
+ hw/i386/xen/xen-hvm.c | 22 ++++++++++++++++++++++
+ include/hw/xen/xen.h  |  1 +
+ system/globals.c      |  1 +
+ 3 files changed, 24 insertions(+)
+
+diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
+index 7745cb3963..3291c177d3 100644
+--- a/hw/i386/xen/xen-hvm.c
++++ b/hw/i386/xen/xen-hvm.c
+@@ -583,6 +583,26 @@ static void xen_wakeup_notifier(Notifier *notifier, void *data)
+     xc_set_hvm_param(xen_xc, xen_domid, HVM_PARAM_ACPI_S_STATE, 0);
+ }
+
++static bool xen_check_stubdomain(struct xs_handle *xsh)
++{
++    char *dm_path = g_strdup_printf(
++        "/local/domain/%d/image/device-model-domid", xen_domid);
++    char *val;
++    int32_t dm_domid;
++    bool is_stubdom = false;
++
++    val = xs_read(xsh, 0, dm_path, NULL);
++    if (val) {
++        if (sscanf(val, "%d", &dm_domid) == 1) {
++            is_stubdom = dm_domid != 0;
++        }
++        free(val);
++    }
++
++    g_free(dm_path);
++    return is_stubdom;
++}
++
+ void xen_hvm_init_pc(PCMachineState *pcms, MemoryRegion **ram_memory)
+ {
+     MachineState *ms = MACHINE(pcms);
+@@ -595,6 +615,8 @@ void xen_hvm_init_pc(PCMachineState *pcms, MemoryRegion **ram_memory)
+
+     xen_register_ioreq(state, max_cpus, &xen_memory_listener);
+
++    xen_is_stubdomain = xen_check_stubdomain(state->xenstore);
++
+     QLIST_INIT(&xen_physmap);
+     xen_read_physmap(state);
+
+diff --git a/include/hw/xen/xen.h b/include/hw/xen/xen.h
+index 37ecc91fc3..ecb89ecfc1 100644
+--- a/include/hw/xen/xen.h
++++ b/include/hw/xen/xen.h
+@@ -36,6 +36,7 @@ enum xen_mode {
+ extern uint32_t xen_domid;
+ extern enum xen_mode xen_mode;
+ extern bool xen_domid_restrict;
++extern bool xen_is_stubdomain;
+
+ int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num);
+ int xen_set_pci_link_route(uint8_t link, uint8_t irq);
+diff --git a/system/globals.c b/system/globals.c
+index e353584201..d602a04fa2 100644
+--- a/system/globals.c
++++ b/system/globals.c
+@@ -60,6 +60,7 @@ bool qemu_uuid_set;
+ uint32_t xen_domid;
+ enum xen_mode xen_mode = XEN_DISABLED;
+ bool xen_domid_restrict;
++bool xen_is_stubdomain;
+ struct evtchn_backend_ops *xen_evtchn_ops;
+ struct gnttab_backend_ops *xen_gnttab_ops;
+ struct foreignmem_backend_ops *xen_foreignmem_ops;
+-- 
+2.45.2
+