core-admin/qubes/storage/file.py

436 lines
14 KiB
Python
Raw Normal View History

2015-01-16 15:33:03 +01:00
#
2015-01-19 18:03:23 +01:00
# The Qubes OS Project, https://www.qubes-os.org/
2015-01-16 15:33:03 +01:00
#
2015-01-19 18:03:23 +01:00
# Copyright (C) 2015 Joanna Rutkowska <joanna@invisiblethingslab.com>
# Copyright (C) 2013-2015 Marek Marczykowski-Górecki
# <marmarek@invisiblethingslab.com>
2015-01-16 15:33:03 +01:00
# Copyright (C) 2015 Wojtek Porczyk <woju@invisiblethingslab.com>
#
2015-01-19 18:03:23 +01:00
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
2015-01-16 15:33:03 +01:00
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
2015-01-19 18:03:23 +01:00
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
2015-01-16 15:33:03 +01:00
#
2016-06-16 13:32:54 +02:00
''' This module contains pool implementations backed by file images'''
2015-01-16 15:33:03 +01:00
from __future__ import absolute_import
import os
import os.path
2015-01-19 18:14:15 +01:00
import re
2015-01-16 15:33:03 +01:00
import subprocess
2016-07-12 17:53:31 +02:00
import qubes.storage
2015-01-16 15:33:03 +01:00
BLKSIZE = 512
2015-01-16 15:33:03 +01:00
2016-07-12 17:53:31 +02:00
class FilePool(qubes.storage.Pool):
''' File based 'original' disk implementation
Volumes are stored in sparse files. Additionally device-mapper is used for
applying copy-on-write layer.
Quick reference on device-mapper layers:
snap_on_start save_on_stop layout
yes yes not supported
no yes snapshot-origin(volume.img, volume-cow.img)
yes no snapshot(
snapshot(source.img, source-cow.img),
volume-cow.img)
no no volume.img directly
2016-07-12 17:53:31 +02:00
''' # pylint: disable=protected-access
driver = 'file'
2015-01-16 15:33:03 +01:00
2016-07-12 17:53:31 +02:00
def __init__(self, revisions_to_keep=1, dir_path=None, **kwargs):
super(FilePool, self).__init__(revisions_to_keep=revisions_to_keep,
**kwargs)
2016-04-15 20:15:18 +02:00
assert dir_path, "No pool dir_path specified"
self.dir_path = os.path.normpath(dir_path)
self._volumes = []
2016-04-15 16:01:27 +02:00
@property
def config(self):
return {
'name': self.name,
'dir_path': self.dir_path,
'driver': FilePool.driver,
2016-07-12 17:53:31 +02:00
'revisions_to_keep': self.revisions_to_keep
2016-04-15 16:01:27 +02:00
}
2016-07-12 17:53:31 +02:00
def init_volume(self, vm, volume_config):
if volume_config.get('snap_on_start', False) and \
volume_config.get('save_on_stop', False):
raise NotImplementedError(
'snap_on_start + save_on_stop not supported by file driver')
2016-07-12 17:53:31 +02:00
volume_config['dir_path'] = self.dir_path
if 'vid' not in volume_config:
volume_config['vid'] = os.path.join(
self._vid_prefix(vm), volume_config['name'])
try:
if not volume_config.get('save_on_stop', False):
2016-07-12 17:53:31 +02:00
volume_config['revisions_to_keep'] = 0
except KeyError:
pass
finally:
if 'revisions_to_keep' not in volume_config:
volume_config['revisions_to_keep'] = self.revisions_to_keep
if int(volume_config['revisions_to_keep']) > 1:
raise NotImplementedError(
'FilePool supports maximum 1 volume revision to keep')
volume_config['pool'] = self
2016-07-12 17:53:31 +02:00
volume = FileVolume(**volume_config)
self._volumes += [volume]
return volume
2016-04-15 20:33:04 +02:00
def destroy(self):
pass
def setup(self):
create_dir_if_not_exists(self.dir_path)
appvms_path = os.path.join(self.dir_path, 'appvms')
create_dir_if_not_exists(appvms_path)
vm_templates_path = os.path.join(self.dir_path, 'vm-templates')
create_dir_if_not_exists(vm_templates_path)
2016-07-12 17:53:31 +02:00
@staticmethod
def _vid_prefix(vm):
''' Helper to create a prefix for the vid for volume
''' # FIX Remove this if we drop the file backend
import qubes.vm.templatevm # pylint: disable=redefined-outer-name
import qubes.vm.dispvm # pylint: disable=redefined-outer-name
if isinstance(vm, qubes.vm.templatevm.TemplateVM):
subdir = 'vm-templates'
else:
subdir = 'appvms'
return os.path.join(subdir, vm.name)
def target_dir(self, vm):
2016-04-15 20:15:18 +02:00
""" Returns the path to vmdir depending on the type of the VM.
The default QubesOS file storage saves the vm images in three
different directories depending on the ``QubesVM`` type:
* ``appvms`` for ``QubesAppVm`` or ``QubesHvm``
* ``vm-templates`` for ``QubesTemplateVm`` or ``QubesTemplateHvm``
Args:
vm: a QubesVM
pool_dir: the root directory of the pool
Returns:
string (str) absolute path to the directory where the vm files
are stored
"""
2016-04-15 20:40:48 +02:00
2016-07-12 17:53:31 +02:00
return os.path.join(self.dir_path, self._vid_prefix(vm))
2016-04-14 19:00:52 +02:00
def list_volumes(self):
return self._volumes
2016-04-14 19:00:52 +02:00
2016-04-15 19:59:40 +02:00
2016-07-12 17:53:31 +02:00
class FileVolume(qubes.storage.Volume):
''' Parent class for the xen volumes implementation which expects a
2016-07-12 17:53:31 +02:00
`target_dir` param on initialization. '''
def __init__(self, dir_path, **kwargs):
2016-07-12 17:53:31 +02:00
self.dir_path = dir_path
assert self.dir_path, "dir_path not specified"
super(FileVolume, self).__init__(**kwargs)
if self.snap_on_start:
img_name = self.source.vid + '-cow.img'
self.path_source_cow = os.path.join(self.dir_path, img_name)
2016-07-12 17:53:31 +02:00
def create(self):
assert isinstance(self.size, int) and self.size > 0, \
'Volume size must be > 0'
if not self.snap_on_start:
create_sparse_file(self.path, self.size)
def remove(self):
if not self.snap_on_start:
_remove_if_exists(self.path)
if self.snap_on_start or self.save_on_stop:
_remove_if_exists(self.path_cow)
def is_dirty(self):
if not self.save_on_stop:
return False
if os.path.exists(self.path_cow):
stat = os.stat(self.path_cow)
return stat.st_blocks > 0
return False
def resize(self, size):
''' Expands volume, throws
:py:class:`qubst.storage.qubes.storage.StoragePoolException` if
given size is less than current_size
''' # pylint: disable=no-self-use
if not self.rw:
msg = 'Can not resize reađonly volume {!s}'.format(self)
raise qubes.storage.StoragePoolException(msg)
if size < self.size:
raise qubes.storage.StoragePoolException(
'For your own safety, shrinking of %s is'
' disabled. If you really know what you'
' are doing, use `truncate` on %s manually.' %
(self.name, self.vid))
with open(self.path, 'a+b') as fd:
fd.truncate(size)
p = subprocess.Popen(['losetup', '--associated', self.path],
stdout=subprocess.PIPE)
result = p.communicate()
m = re.match(r'^(/dev/loop\d+):\s', result[0].decode())
if m is not None:
loop_dev = m.group(1)
# resize loop device
subprocess.check_call(['losetup', '--set-capacity',
loop_dev])
self.size = size
def commit(self):
msg = 'Tried to commit a non commitable volume {!r}'.format(self)
assert self.save_on_stop and self.rw, msg
if os.path.exists(self.path_cow):
if self.revisions_to_keep:
old_path = self.path_cow + '.old'
os.rename(self.path_cow, old_path)
else:
os.unlink(self.path_cow)
create_sparse_file(self.path_cow, self.size)
return self
def export(self):
# FIXME: this should rather return snapshot(self.path, self.path_cow)
# if domain is running
return self.path
def import_volume(self, src_volume):
msg = "Can not import snapshot volume {!s} in to pool {!s} "
msg = msg.format(src_volume, self)
assert not src_volume.snap_on_start, msg
if self.save_on_stop:
_remove_if_exists(self.path)
copy_file(src_volume.export(), self.path)
return self
def import_data(self):
return self.path
def reset(self):
''' Remove and recreate a volatile volume '''
assert not self.snap_on_start and not self.save_on_stop, \
"Not a volatile volume"
assert isinstance(self.size, int) and self.size > 0, \
'Volatile volume size must be > 0'
_remove_if_exists(self.path)
create_sparse_file(self.path, self.size)
return self
def start(self):
if not self.save_on_stop and not self.snap_on_start:
self.reset()
else:
if not self.save_on_stop:
# make sure previous snapshot is removed - even if VM
# shutdown routine wasn't called (power interrupt or so)
_remove_if_exists(self.path_cow)
if not os.path.exists(self.path_cow):
create_sparse_file(self.path_cow, self.size)
if not self.snap_on_start:
_check_path(self.path)
if hasattr(self, 'path_source_cow'):
if not os.path.exists(self.path_source_cow):
create_sparse_file(self.path_source_cow, self.size)
return self
def stop(self):
if self.save_on_stop:
self.commit()
elif self.snap_on_start:
_remove_if_exists(self.path_cow)
else:
_remove_if_exists(self.path)
return self
@property
def path(self):
if self.snap_on_start:
return os.path.join(self.dir_path, self.source.vid + '.img')
return os.path.join(self.dir_path, self.vid + '.img')
@property
def path_cow(self):
img_name = self.vid + '-cow.img'
return os.path.join(self.dir_path, img_name)
2016-07-12 17:53:31 +02:00
def verify(self):
''' Verifies the volume. '''
if not os.path.exists(self.path) and \
(self.snap_on_start or self.save_on_stop):
2016-07-12 17:53:31 +02:00
msg = 'Missing image file: {!s}.'.format(self.path)
raise qubes.storage.StoragePoolException(msg)
return True
@property
def script(self):
if not self.snap_on_start and not self.save_on_stop:
2016-07-12 17:53:31 +02:00
return None
elif not self.snap_on_start and self.save_on_stop:
2016-07-12 17:53:31 +02:00
return 'block-origin'
elif self.snap_on_start:
2016-07-12 17:53:31 +02:00
return 'block-snapshot'
def block_device(self):
''' Return :py:class:`qubes.storage.BlockDevice` for serialization in
2016-07-12 17:53:31 +02:00
the libvirt XML template as <disk>.
2016-06-16 13:32:54 +02:00
'''
2016-07-12 17:53:31 +02:00
path = self.path
if self.snap_on_start:
path += ":" + self.path_source_cow
if self.snap_on_start or self.save_on_stop:
2016-07-12 17:53:31 +02:00
path += ":" + self.path_cow
return qubes.storage.BlockDevice(path, self.name, self.script, self.rw,
2016-07-12 17:53:31 +02:00
self.domain, self.devtype)
2016-06-16 13:32:54 +02:00
2016-07-12 17:53:31 +02:00
@property
def revisions(self):
if not hasattr(self, 'path_cow'):
return {}
2016-04-15 19:59:40 +02:00
2016-07-12 17:53:31 +02:00
old_revision = self.path_cow + '.old' # pylint: disable=no-member
2016-07-12 17:53:31 +02:00
if not os.path.exists(old_revision):
return {}
2017-04-15 20:04:38 +02:00
seconds = os.path.getctime(old_revision)
iso_date = qubes.storage.isodate(seconds).split('.', 1)[0]
return {'old': iso_date}
2016-04-15 19:59:40 +02:00
@property
def usage(self):
''' Returns the actualy used space '''
return get_disk_usage(self.vid)
2016-06-21 14:41:14 +02:00
def create_sparse_file(path, size):
''' Create an empty sparse file '''
2016-04-15 19:59:40 +02:00
if os.path.exists(path):
raise IOError("Volume %s already exists", path)
parent_dir = os.path.dirname(path)
if not os.path.exists(parent_dir):
os.makedirs(parent_dir)
2016-04-15 19:59:40 +02:00
with open(path, 'a+b') as fh:
fh.truncate(size)
def get_disk_usage_one(st):
'''Extract disk usage of one inode from its stat_result struct.
If known, get real disk usage, as written to device by filesystem, not
logical file size. Those values may be different for sparse files.
:param os.stat_result st: stat result
:returns: disk usage
'''
try:
return st.st_blocks * BLKSIZE
except AttributeError:
return st.st_size
def get_disk_usage(path):
'''Get real disk usage of given path (file or directory).
When *path* points to directory, then it is evaluated recursively.
This function tries estiate real disk usage. See documentation of
:py:func:`get_disk_usage_one`.
:param str path: path to evaluate
:returns: disk usage
'''
try:
st = os.lstat(path)
except OSError:
return 0
ret = get_disk_usage_one(st)
# if path is not a directory, this is skipped
for dirpath, dirnames, filenames in os.walk(path):
for name in dirnames + filenames:
ret += get_disk_usage_one(os.lstat(os.path.join(dirpath, name)))
return ret
def create_dir_if_not_exists(path):
""" Check if a directory exists in if not create it.
This method does not create any parent directories.
"""
if not os.path.exists(path):
os.mkdir(path)
def copy_file(source, destination):
2016-06-16 13:37:17 +02:00
'''Effective file copy, preserving sparse files etc.'''
# We prefer to use Linux's cp, because it nicely handles sparse files
assert os.path.exists(source), \
"Missing the source %s to copy from" % source
assert not os.path.exists(destination), \
"Destination %s already exists" % destination
parent_dir = os.path.dirname(destination)
if not os.path.exists(parent_dir):
os.makedirs(parent_dir)
try:
cmd = ['cp', '--sparse=auto',
2016-07-12 17:53:31 +02:00
'--reflink=auto', source, destination]
subprocess.check_call(cmd)
except subprocess.CalledProcessError:
raise IOError('Error while copying {!r} to {!r}'.format(source,
destination))
def _remove_if_exists(path):
2016-06-21 12:47:47 +02:00
''' Removes a file if it exist, silently succeeds if file does not exist '''
if os.path.exists(path):
os.remove(path)
def _check_path(path):
''' Raise an StoragePoolException if ``path`` does not exist'''
if not os.path.exists(path):
2016-07-12 17:53:31 +02:00
msg = 'Missing image file: %s' % path
raise qubes.storage.StoragePoolException(msg)