From 0cae9428b866e558c5199f0dd7b3e88dcd96e646 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Fri, 1 Apr 2022 17:52:44 -0400
Subject: [PATCH 1/4] dmsetup: return non-zero on stdio I/O error

If there is an I/O error on stdout or stderr, return a non-zero status
so that udev can avoid trusting the values printed.
---
 libdm/dm-tools/dmsetup.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libdm/dm-tools/dmsetup.c b/libdm/dm-tools/dmsetup.c
index 8502d9adc..74804bc52 100644
--- a/libdm/dm-tools/dmsetup.c
+++ b/libdm/dm-tools/dmsetup.c
@@ -7505,5 +7505,9 @@ int main(int argc, char **argv)
 	if (_initial_timestamp)
 		dm_timestamp_destroy(_initial_timestamp);
 
+        fflush(stdout);
+        fflush(stderr);
+        if (ferror(stdout) || ferror(stderr))
+            return 1;
 	return (_switches[HELP_ARG] || _switches[VERSION_ARG]) ? 0 : ret;
 }

From bedc4458fa08a963baec764b35ffb6c86d6856ab Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Fri, 1 Apr 2022 17:53:29 -0400
Subject: [PATCH 2/4] Disable lvm2 udev rules if `dmsetup splitname` fails

If the output of `dmsetup splitname` cannot be trusted, the safest
option is to disable all lvm2 rules.
---
 udev/11-dm-lvm.rules.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/udev/11-dm-lvm.rules.in b/udev/11-dm-lvm.rules.in
index 7c589943b..f7066b7dd 100644
--- a/udev/11-dm-lvm.rules.in
+++ b/udev/11-dm-lvm.rules.in
@@ -18,7 +18,7 @@ ENV{DM_UDEV_RULES_VSN}!="?*", GOTO="lvm_end"
 ENV{DM_UUID}!="LVM-?*", GOTO="lvm_end"
 
 # Use DM name and split it up into its VG/LV/layer constituents.
-IMPORT{program}="(DM_EXEC)/dmsetup splitname --nameprefixes --noheadings --rows $env{DM_NAME}"
+IMPORT{program}!="(DM_EXEC)/dmsetup splitname --nameprefixes --noheadings --rows $env{DM_NAME}", GOTO="lvm_disable"
 
 # DM_SUBSYSTEM_UDEV_FLAG0 is the 'NOSCAN' flag for LVM subsystem.
 # This flag is used to temporarily disable selected rules to prevent any

From 45f8689a14a60c30413431e5a779cc22ab6abea8 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Fri, 1 Apr 2022 18:15:18 -0400
Subject: [PATCH 3/4] Disable udev rules if udev flags can't be obtained

In this cased the safest option is to disable most udev rules.
---
 udev/10-dm.rules.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/udev/10-dm.rules.in b/udev/10-dm.rules.in
index b4fa52ab7..9fae8df95 100644
--- a/udev/10-dm.rules.in
+++ b/udev/10-dm.rules.in
@@ -50,7 +50,7 @@ ACTION!="add|change", GOTO="dm_end"
 # These flags are encoded in DM_COOKIE variable that was introduced in
 # kernel version 2.6.31. Therefore, we can use this feature with
 # kernels >= 2.6.31 only. Cookie is not decoded for remove event.
-ENV{DM_COOKIE}=="?*", IMPORT{program}="(DM_EXEC)/dmsetup udevflags $env{DM_COOKIE}"
+ENV{DM_COOKIE}=="?*", IMPORT{program}!="(DM_EXEC)/dmsetup udevflags $env{DM_COOKIE}", GOTO="dm_disable"
 
 # Rule out easy-to-detect inappropriate events first.
 ENV{DISK_RO}=="1", GOTO="dm_disable"

From b9ad503010a240a12f46860349d35b1a7670ffa5 Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi@invisiblethingslab.com>
Date: Fri, 1 Apr 2022 18:16:24 -0400
Subject: [PATCH 4/4] Drop support for very old kernels

All kernels Qubes OS uses are new enough to have the dm/ subdirectory.
---
 udev/10-dm.rules.in | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/udev/10-dm.rules.in b/udev/10-dm.rules.in
index 9fae8df95..93b7d10e1 100644
--- a/udev/10-dm.rules.in
+++ b/udev/10-dm.rules.in
@@ -47,9 +47,6 @@ KERNEL!="dm-[0-9]*", GOTO="dm_end"
 ACTION!="add|change", GOTO="dm_end"
 
 # Decode udev control flags and set environment variables appropriately.
-# These flags are encoded in DM_COOKIE variable that was introduced in
-# kernel version 2.6.31. Therefore, we can use this feature with
-# kernels >= 2.6.31 only. Cookie is not decoded for remove event.
 ENV{DM_COOKIE}=="?*", IMPORT{program}!="(DM_EXEC)/dmsetup udevflags $env{DM_COOKIE}", GOTO="dm_disable"
 
 # Rule out easy-to-detect inappropriate events first.
@@ -104,16 +101,10 @@ LABEL="dm_no_coldplug"
 #   |_ dev still not active            0                        0
 #   \_ dev already active              1                        0
 
-# "dm" sysfs subdirectory is available in newer versions of DM
-# only (kernels >= 2.6.29). We have to check for its existence
-# and use dmsetup tool instead to get the DM name, uuid and 
-# suspended state if the "dm" subdirectory is not present.
-# The "suspended" item was added even later (kernels >= 2.6.31),
-# so we also have to call dmsetup if the kernel version used
-# is in between these releases.
-TEST=="dm", ENV{DM_NAME}="$attr{dm/name}", ENV{DM_UUID}="$attr{dm/uuid}", ENV{DM_SUSPENDED}="$attr{dm/suspended}"
-TEST!="dm", IMPORT{program}="(DM_EXEC)/dmsetup info -j %M -m %m -c --nameprefixes --noheadings --rows -o name,uuid,suspended"
-ENV{DM_SUSPENDED}!="?*", IMPORT{program}="(DM_EXEC)/dmsetup info -j %M -m %m -c --nameprefixes --noheadings --rows -o suspended"
+# Kernels older than 2.6.31 do not have dm/suspended sysfs attribute and are not
+# supported
+ENV{DM_NAME}="$attr{dm/name}", ENV{DM_UUID}="$attr{dm/uuid}", ENV{DM_SUSPENDED}="$attr{dm/suspended}"
+ENV{DM_SUSPENDED}!="?*", GOTO="dm_disable"
 
 # dmsetup tool provides suspended state information in textual
 # form with values "Suspended"/"Active". We translate it to