Hannes Mehnert
6835072104
build-with-docker: update hash
2021-11-05 20:03:00 +01:00
Hannes Mehnert
d4e365a499
avoid fmt and cstruct deprecation warnings
2021-11-05 20:02:56 +01:00
Hannes Mehnert
7e3303a8d6
read DNS resolver IP addresses from QubesDB
...
as specified in https://www.qubes-os.org/doc/vm-interface/
2021-11-05 20:02:52 +01:00
Hannes Mehnert
65ff2a9203
update arp to >= 2.3.0, where arp.mirage is a sublibrary
2021-11-05 19:41:57 +01:00
Hannes Mehnert
ba8dbc3f57
Dockerfile: update opam-repository to current master
...
config.ml: require more recent dns and ipaddr packages
2021-11-05 19:41:52 +01:00
palainp
4cb5cfa036
update to ocaml-dns 6.0.0 interface
2021-10-28 13:39:32 +02:00
Thomas Leonard
6080e6db30
Merge pull request #129 from talex5/qrexecv3
...
Update to mirage-qubes 0.9.1 for qrexec3 compatibility
2020-12-31 15:20:58 +00:00
Thomas Leonard
a368b12648
Update to mirage-qubes 0.9.1 for qrexec3 compatibility
...
Also, switch to building with OCaml 4.11.
2020-12-03 16:20:53 +00:00
Thomas Leonard
cfe122592d
Merge pull request #118 from xaki23/master
...
unpin mirage+lwt versions for qubes-builder
2020-10-28 12:20:19 +00:00
xaki23
26b5b59b56
unpin mirage+lwt versions for qubes-builder
2020-10-28 13:14:16 +01:00
Thomas Leonard
089f349a05
Merge pull request #116 from talex5/solo5
...
Upgrade to Mirage 6 for solo5 PVH support
2020-10-28 12:11:00 +00:00
Thomas Leonard
d8ae7f749c
Update README
2020-10-28 11:00:13 +00:00
Thomas Leonard
be7461a20a
Switch Docker base image from Alpine to Fedora
...
There seems to be a problem with Xen events getting lost on Alpine.
2020-10-26 15:38:41 +00:00
Thomas Leonard
3dbb9ecb27
BROKEN: Upgrade to Mirage 6 for solo5 PVH support
...
For me, this mostly hangs at:
```
2020-10-26 11:16:31 -00:00: INF [qubes.rexec] waiting for client...
2020-10-26 11:16:31 -00:00: INF [qubes.gui] waiting for client...
2020-10-26 11:16:31 -00:00: INF [qubes.db] connecting to server...
```
Sometimes it gets a bit further:
```
2020-10-26 11:14:19 -00:00: INF [qubes.rexec] waiting for client...
2020-10-26 11:14:19 -00:00: INF [qubes.gui] waiting for client...
2020-10-26 11:14:19 -00:00: INF [qubes.db] connecting to server...
2020-10-26 11:14:19 -00:00: INF [qubes.db] connected
2020-10-26 11:14:19 -00:00: INF [qubes.rexec] client connected, using protocol version 2
2020-10-26 11:14:19 -00:00: INF [qubes.gui] client connected (screen size: 3840x2160 depth: 24 mem: 32401x)
2020-10-26 11:14:19 -00:00: INF [unikernel] GUI agent connected
```
2020-10-26 15:38:41 +00:00
Thomas Leonard
997446af6c
Merge pull request #117 from hannesm/kernelopts
...
README: use kernelopts='' instead of None
2020-10-24 13:38:46 +01:00
Hannes Mehnert
c173bf1cb0
README: use kernelopts='' instead of None
2020-10-24 12:43:08 +02:00
Thomas Leonard
006801c03e
Merge pull request #112 from roburio/mirage38
...
adapt to mirage 3.8.0 changes (ipaddr5, tcpip5); bump opam-repository hash (to get netchannel+mirage-net-xen 0.13.1)
2020-07-04 13:39:13 +01:00
Hannes Mehnert
aebaa2cafc
update sha256 from travis run
2020-07-03 16:55:38 +02:00
Hannes Mehnert
de0eb9d970
adapt to mirage 3.8.0 changes (ipaddr5, tcpip5); bump opam-repository hash (to get netchannel+mirage-net-xen 0.13.1)
2020-07-03 16:39:06 +02:00
Thomas Leonard
094637b2de
Merge pull request #110 from burghardt/dom0tar
...
Do not run tar in dom0 (closes #84 ).
2020-06-20 10:59:43 +01:00
Krzysztof Burghardt
f9842e8b18
Do not run tar in dom0 ( closes #84 ).
...
Do not run tar and bzip2 in dom0 to decompresses and extract archive
data created in, or downloaded to domU as any vulnerabilities in them
can compromise Qubes OS security model.
Instead of that run both tar and bzip2 in domU and copy unikernel to
dom0 as described in official Qubes documentation ["Copying from (and to)
dom0"](https://www.qubes-os.org/doc/copy-from-dom0/#copying-to-dom0 ).
Auxiliary files required to run unikernel in Qubes OS domU can be easily
created directly in dom0 using trusted tools available there.
2020-06-20 01:16:29 +02:00
linse
3ee01b5243
changes for 0.7.1
...
Co-Authored-By: hannes <hannes@mehnert.org>
2020-06-19 09:44:15 +00:00
Hannes Mehnert
620bbb5b35
update opam repository commit hash for release
2020-06-19 08:24:18 +00:00
Hannes Mehnert
6dc7de26e3
Merge pull request #103 from roburio/xenstore-client-ip
...
Handle other IP formats from xenstore.
2020-06-18 10:35:06 +02:00
linse
b5ec221e2a
Handle other IP formats from xenstore.
...
Example: "10.137.0.18 fd09:24ef:3178::a19:11"
reported via https://twitter.com/t_grote/status/1262747002334408704
2020-05-19 17:47:40 +02:00
linse
60ebd61b72
Update documentation.
2020-05-19 16:48:48 +02:00
Hannes Mehnert
49da96d5d9
Merge pull request #101 from roburio/release-0.7
...
Release 0.7
2020-05-19 14:51:11 +02:00
linse
53bf4f960c
update to ocaml 4.10 and mirage 3.7.7
2020-05-19 14:35:22 +02:00
linse
cc534d9618
Update changes for release.
2020-05-19 11:07:25 +02:00
linse
17ace89ed8
Merge pull request #100 from talex5/changes
...
Update changelog
2020-05-19 11:02:39 +02:00
Thomas Leonard
470160dcb2
Update changelog
2020-05-16 15:20:58 +01:00
Hannes Mehnert
152202b0de
Merge pull request #99 from xaki23/o4100
...
bump qubes-builder ocaml-version to 4.10.0 for gcc-10 compatibility
2020-05-16 11:12:22 +02:00
xaki23
6a1b012527
bump qubes-builder ocaml-version to 4.10.0 for gcc-10 compatibility
2020-05-15 18:36:03 +02:00
Hannes Mehnert
d34842e31a
Merge pull request #96 from roburio/squash
...
QubesOS 4.0 support
2020-05-15 17:33:23 +02:00
linse
8927a45f43
[ci skip] Edit CHANGES
2020-05-15 17:31:30 +02:00
linse
2d78d47591
Support firewall rules with hostnames.
...
Co-Authored-By: Mindy Preston <yomimono@users.noreply.github.com>
Co-Authored-By: Olle Jonsson <olle.jonsson@gmail.com>
Co-Authored-By: hannes <hannes@mehnert.org>
Co-Authored-By: cfcs <cfcs@users.noreply.github.com>
2020-05-15 16:25:46 +02:00
linse
87df5bdcc0
Read firewall rules from QubesDB. The module Rules contains a rule matcher instead of hardcoded rules now.
...
Co-Authored-By: Mindy Preston <yomimono@users.noreply.github.com>
2020-05-15 16:25:46 +02:00
Thomas Leonard
02e515d27c
Merge pull request #95 from hannesm/mirage-nat.2.1.0
...
mirage-nat.2.1.0
2020-02-19 14:27:41 +00:00
Thomas Leonard
65324b4197
Update Dockerfile to get new mirage-nat version
2020-02-19 14:16:49 +00:00
Hannes Mehnert
88fec9fa49
adapt to mirage-nat 2.1.0 API (Nat_packet returns a Fragments.Cache.t - which is now a Lru.F.t)
2020-02-08 15:58:37 +01:00
Hannes Mehnert
554e73a46d
cleanup: remove exception cases during Ethernet decode / Nat.of_ipv4_packet - they do not raise exceptions anymore
2020-02-08 15:55:32 +01:00
Thomas Leonard
0ced0ee901
Merge pull request #91 from xaki23/mirage-3.7-qb
...
support mirage-3.7 via qubes-builder
2020-01-14 14:50:22 +00:00
Thomas Leonard
16581b1e2e
Merge pull request #90 from talex5/cleanup
...
Minor cleanups
2020-01-14 12:54:48 +00:00
xaki23
e68962ac48
support mirage-3.7 via qubes-builder
2020-01-13 20:48:46 +01:00
Thomas Leonard
8e714c7712
Removed unreachable Lwt.catch
...
Spotted by Hannes Mehnert.
2020-01-13 10:05:38 +00:00
Thomas Leonard
ab3508a936
Remove unused Clock argument to Uplink
2020-01-13 09:54:09 +00:00
Thomas Leonard
48b38fa992
Fix Lwt.4.5.0 in the Dockerfile for faster builds
...
Otherwise, it installs Lwt 5 and then has to downgrade it in the next
step.
2020-01-13 09:49:37 +00:00
Thomas Leonard
e851565823
Merge pull request #89 from roburio/mirage-3.7
...
support Mirage 3.7 and mirage-nat 2.0.0
2020-01-13 09:45:04 +00:00
Hannes Mehnert
a734bcd2d3
[ci skip] adjust expected sha256
2020-01-11 16:01:08 +01:00
Hannes Mehnert
730957d19b
upgrade opam repository to current head and mirage to 3.7.4
2020-01-11 15:46:22 +01:00