2015-01-19 18:03:23 +01:00
|
|
|
#!/usr/bin/python2 -O
|
|
|
|
# vim: fileencoding=utf-8
|
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# The Qubes OS Project, https://www.qubes-os.org/
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# Copyright (C) 2013-2015 Joanna Rutkowska <joanna@invisiblethingslab.com>
|
|
|
|
# Copyright (C) 2013-2015 Marek Marczykowski-Górecki
|
|
|
|
# <marmarek@invisiblethingslab.com>
|
2015-01-16 15:33:03 +01:00
|
|
|
# Copyright (C) 2015 Wojtek Porczyk <woju@invisiblethingslab.com>
|
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
# (at your option) any later version.
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# You should have received a copy of the GNU General Public License along
|
|
|
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
2016-03-20 20:29:46 +01:00
|
|
|
""" Qubes storage system"""
|
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
from __future__ import absolute_import
|
|
|
|
|
|
|
|
import os
|
|
|
|
import os.path
|
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
import pkg_resources
|
2016-06-02 22:02:06 +02:00
|
|
|
import lxml.etree
|
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
import qubes
|
2015-10-14 22:02:11 +02:00
|
|
|
import qubes.exc
|
2015-01-16 15:33:03 +01:00
|
|
|
import qubes.utils
|
2016-06-02 22:02:06 +02:00
|
|
|
import qubes.devices
|
2016-04-22 14:16:41 +02:00
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
STORAGE_ENTRY_POINT = 'qubes.storage'
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-01-29 17:56:33 +01:00
|
|
|
|
|
|
|
class StoragePoolException(qubes.exc.QubesException):
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
class Volume(object):
|
|
|
|
''' Encapsulates all data about a volume for serialization to qubes.xml and
|
|
|
|
libvirt config.
|
|
|
|
'''
|
|
|
|
|
|
|
|
devtype = 'disk'
|
|
|
|
domain = None
|
|
|
|
path = None
|
|
|
|
rw = True
|
|
|
|
script = None
|
|
|
|
usage = 0
|
|
|
|
|
2016-04-27 17:17:32 +02:00
|
|
|
def __init__(self, name, pool, volume_type, vid=None, size=0,
|
|
|
|
removable=False, **kwargs):
|
2016-04-22 14:58:21 +02:00
|
|
|
super(Volume, self).__init__(**kwargs)
|
2016-03-28 02:55:38 +02:00
|
|
|
self.name = str(name)
|
|
|
|
self.pool = str(pool)
|
|
|
|
self.vid = vid
|
|
|
|
self.size = size
|
|
|
|
self.volume_type = volume_type
|
2016-04-27 17:17:32 +02:00
|
|
|
self.removable = removable
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-04-22 14:29:30 +02:00
|
|
|
def __xml__(self):
|
|
|
|
return lxml.etree.Element('volume', **self.config)
|
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
@property
|
|
|
|
def config(self):
|
|
|
|
''' return config data for serialization to qubes.xml '''
|
|
|
|
return {'name': self.name,
|
|
|
|
'pool': self.pool,
|
|
|
|
'volume_type': self.volume_type}
|
|
|
|
|
2016-04-22 14:47:00 +02:00
|
|
|
def __repr__(self):
|
|
|
|
return '{}(name={!s}, pool={!r}, vid={!r}, volume_type={!r})'.format(
|
|
|
|
self.__class__.__name__, self.name, self.pool, self.vid,
|
|
|
|
self.volume_type)
|
2016-03-28 02:55:38 +02:00
|
|
|
|
|
|
|
def block_device(self):
|
|
|
|
''' Return :py:class:`qubes.devices.BlockDevice` for serialization in
|
|
|
|
the libvirt XML template as <disk>.
|
|
|
|
'''
|
2016-06-02 22:02:06 +02:00
|
|
|
return qubes.devices.BlockDevice(self.path, self.name, self.script,
|
|
|
|
self.rw, self.domain, self.devtype)
|
2016-03-28 02:55:38 +02:00
|
|
|
|
|
|
|
|
2016-03-03 01:05:23 +01:00
|
|
|
class Storage(object):
|
2016-03-28 02:55:38 +02:00
|
|
|
''' Class for handling VM virtual disks.
|
2015-01-16 15:33:03 +01:00
|
|
|
|
|
|
|
This is base class for all other implementations, mostly with Xen on Linux
|
|
|
|
in mind.
|
2016-01-29 17:56:33 +01:00
|
|
|
'''
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:13:06 +02:00
|
|
|
def __init__(self, vm):
|
2015-01-16 15:33:03 +01:00
|
|
|
#: Domain for which we manage storage
|
|
|
|
self.vm = vm
|
2016-04-15 20:40:53 +02:00
|
|
|
self.log = self.vm.log
|
2016-04-15 20:13:06 +02:00
|
|
|
#: Additional drive (currently used only by HVM)
|
|
|
|
self.drive = None
|
2016-04-15 20:40:53 +02:00
|
|
|
self.pools = {}
|
|
|
|
if hasattr(vm, 'volume_config'):
|
|
|
|
for name, conf in self.vm.volume_config.items():
|
|
|
|
assert 'pool' in conf, "Pool missing in volume_config" % str(
|
|
|
|
conf)
|
|
|
|
pool = self.vm.app.get_pool(conf['pool'])
|
|
|
|
self.vm.volumes[name] = pool.init_volume(self.vm, conf)
|
|
|
|
self.pools[name] = pool
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2015-10-02 16:02:51 +02:00
|
|
|
@property
|
|
|
|
def kernels_dir(self):
|
|
|
|
'''Directory where kernel resides.
|
|
|
|
|
|
|
|
If :py:attr:`self.vm.kernel` is :py:obj:`None`, the this points inside
|
|
|
|
:py:attr:`self.vm.dir_path`
|
|
|
|
'''
|
2016-04-15 20:40:53 +02:00
|
|
|
assert 'kernel' in self.vm.volumes, "VM has no kernel pool"
|
|
|
|
return self.vm.volumes['kernel'].kernels_dir
|
2015-10-02 16:02:51 +02:00
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
def get_disk_utilization(self):
|
2016-04-15 20:40:53 +02:00
|
|
|
''' Returns summed up disk utilization for all domain volumes '''
|
|
|
|
result = 0
|
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
result += volume.usage
|
|
|
|
return result
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def resize(self, volume, size):
|
|
|
|
''' Resize volume '''
|
|
|
|
self.get_pool(volume).resize(volume, size)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-06-16 12:39:18 +02:00
|
|
|
def create(self, source_template=None):
|
|
|
|
|
2016-02-10 17:01:51 +01:00
|
|
|
if source_template is None and hasattr(self.vm, 'template'):
|
2015-01-16 15:33:03 +01:00
|
|
|
source_template = self.vm.template
|
|
|
|
|
|
|
|
old_umask = os.umask(002)
|
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
for name, volume in self.vm.volumes.items():
|
|
|
|
source_volume = None
|
|
|
|
if source_template and hasattr(source_template, 'volumes'):
|
|
|
|
source_volume = source_template.volumes[name]
|
|
|
|
self.get_pool(volume).create(volume, source_volume=source_volume)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
|
|
|
os.umask(old_umask)
|
|
|
|
|
2016-04-15 15:16:25 +02:00
|
|
|
def clone(self, src_vm):
|
2015-01-16 15:33:03 +01:00
|
|
|
self.vm.log.info('Creating directory: {0}'.format(self.vm.dir_path))
|
2016-04-15 15:16:25 +02:00
|
|
|
if not os.path.exists(self.vm.dir_path):
|
|
|
|
self.log.info('Creating directory: {0}'.format(self.vm.dir_path))
|
|
|
|
os.makedirs(self.vm.dir_path)
|
|
|
|
for name, target in self.vm.volumes.items():
|
|
|
|
pool = self.get_pool(target)
|
|
|
|
source = src_vm.volumes[name]
|
|
|
|
volume = pool.clone(source, target)
|
2016-04-15 20:31:56 +02:00
|
|
|
assert volume, "%s.clone() returned '%s'" % (pool.__class__,
|
|
|
|
volume)
|
2016-04-15 15:16:25 +02:00
|
|
|
self.vm.volumes[name] = volume
|
2016-04-15 20:40:53 +02:00
|
|
|
|
2016-06-16 20:01:51 +02:00
|
|
|
@property
|
|
|
|
def outdated_volumes(self):
|
|
|
|
''' Returns a list of outdated volumes '''
|
|
|
|
result = []
|
|
|
|
if self.vm.is_halted():
|
|
|
|
return result
|
|
|
|
|
|
|
|
volumes = self.vm.volumes
|
|
|
|
for volume in volumes.values():
|
|
|
|
pool = self.get_pool(volume)
|
|
|
|
if pool.is_outdated(volume):
|
|
|
|
result += [volume]
|
|
|
|
|
|
|
|
return result
|
|
|
|
|
2016-04-15 17:11:42 +02:00
|
|
|
def rename(self, old_name, new_name):
|
|
|
|
''' Notify the pools that the domain was renamed '''
|
|
|
|
volumes = self.vm.volumes
|
|
|
|
for name, volume in volumes.items():
|
|
|
|
pool = self.get_pool(volume)
|
|
|
|
volumes[name] = pool.rename(volume, old_name, new_name)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
|
|
|
def verify_files(self):
|
2016-04-15 20:40:53 +02:00
|
|
|
'''Verify that the storage is sane.
|
|
|
|
|
|
|
|
On success, returns normally. On failure, raises exception.
|
|
|
|
'''
|
2015-01-16 15:33:03 +01:00
|
|
|
if not os.path.exists(self.vm.dir_path):
|
2016-04-15 20:40:53 +02:00
|
|
|
raise qubes.exc.QubesVMError(
|
|
|
|
self.vm,
|
2015-01-22 11:24:23 +01:00
|
|
|
'VM directory does not exist: {}'.format(self.vm.dir_path))
|
2016-06-16 20:03:36 +02:00
|
|
|
self.vm.fire_event('domain-verify-files')
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def remove(self):
|
2016-05-05 19:16:33 +02:00
|
|
|
''' Remove all the volumes.
|
|
|
|
|
|
|
|
Errors on removal are catched and logged.
|
|
|
|
'''
|
2016-04-15 20:40:53 +02:00
|
|
|
for name, volume in self.vm.volumes.items():
|
2016-05-21 04:12:27 +02:00
|
|
|
self.log.info('Removing volume %s: %s' % (name, volume.vid))
|
2016-05-05 19:16:33 +02:00
|
|
|
try:
|
|
|
|
self.get_pool(volume).remove(volume)
|
|
|
|
except (IOError, OSError) as e:
|
|
|
|
self.vm.log.exception("Failed to remove volume %s", name, e)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def start(self):
|
|
|
|
''' Execute the start method on each pool '''
|
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
self.get_pool(volume).start(volume)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def stop(self):
|
|
|
|
''' Execute the start method on each pool '''
|
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
self.get_pool(volume).stop(volume)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def get_pool(self, volume):
|
|
|
|
''' Helper function '''
|
|
|
|
assert isinstance(volume, Volume), "You need to pass a Volume"
|
|
|
|
return self.pools[volume.name]
|
2016-04-15 20:13:06 +02:00
|
|
|
|
|
|
|
def commit_template_changes(self):
|
2016-04-15 20:40:53 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
if volume.volume_type == 'origin':
|
|
|
|
self.get_pool(volume).commit_template_changes(volume)
|
2015-10-05 23:46:25 +02:00
|
|
|
|
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
class Pool(object):
|
|
|
|
''' A Pool is used to manage different kind of volumes (File
|
|
|
|
based/LVM/Btrfs/...).
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
3rd Parties providing own storage implementations will need to extend
|
|
|
|
this class.
|
2015-10-05 23:46:25 +02:00
|
|
|
'''
|
2016-04-15 20:13:06 +02:00
|
|
|
private_img_size = qubes.config.defaults['private_img_size']
|
|
|
|
root_img_size = qubes.config.defaults['root_img_size']
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-04-22 14:58:21 +02:00
|
|
|
def __init__(self, name, **kwargs):
|
|
|
|
super(Pool, self).__init__(**kwargs)
|
2016-03-23 12:11:58 +01:00
|
|
|
self.name = name
|
2016-04-15 20:31:56 +02:00
|
|
|
kwargs['name'] = self.name
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-04-22 14:16:41 +02:00
|
|
|
def __xml__(self):
|
|
|
|
return lxml.etree.Element('pool', **self.config)
|
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def create(self, volume, source_volume):
|
|
|
|
''' Create the given volume on disk or copy from provided
|
|
|
|
`source_volume`.
|
|
|
|
'''
|
|
|
|
raise NotImplementedError("Pool %s has create() not implemented" %
|
|
|
|
self.name)
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def commit_template_changes(self, volume):
|
|
|
|
''' Update origin device '''
|
|
|
|
raise NotImplementedError(
|
|
|
|
"Pool %s has commit_template_changes() not implemented" %
|
|
|
|
self.name)
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
@property
|
|
|
|
def config(self):
|
|
|
|
''' Returns the pool config to be written to qubes.xml '''
|
|
|
|
raise NotImplementedError("Pool %s has config() not implemented" %
|
|
|
|
self.name)
|
2016-03-20 20:29:46 +01:00
|
|
|
|
2016-04-15 15:16:25 +02:00
|
|
|
def clone(self, source, target):
|
|
|
|
''' Clone volume '''
|
|
|
|
raise NotImplementedError("Pool %s has clone() not implemented" %
|
|
|
|
self.name)
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-04-15 20:31:56 +02:00
|
|
|
def destroy(self):
|
|
|
|
raise NotImplementedError("Pool %s has destroy() not implemented" %
|
|
|
|
self.name)
|
|
|
|
|
2016-06-16 20:01:51 +02:00
|
|
|
def is_outdated(self, volume):
|
|
|
|
raise NotImplementedError("Pool %s has is_outdated() not implemented" %
|
|
|
|
self.name)
|
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def remove(self, volume):
|
|
|
|
''' Remove volume'''
|
|
|
|
raise NotImplementedError("Pool %s has remove() not implemented" %
|
2016-04-15 17:11:42 +02:00
|
|
|
self.name)
|
|
|
|
|
|
|
|
def rename(self, volume, old_name, new_name):
|
|
|
|
''' Called when the domain changes its name '''
|
|
|
|
raise NotImplementedError("Pool %s has rename() not implemented" %
|
2016-04-15 20:40:53 +02:00
|
|
|
self.name)
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def start(self, volume):
|
|
|
|
''' Do what ever is needed on start '''
|
|
|
|
raise NotImplementedError("Pool %s has start() not implemented" %
|
|
|
|
self.name)
|
|
|
|
|
2016-04-15 20:31:56 +02:00
|
|
|
def setup(self):
|
|
|
|
raise NotImplementedError("Pool %s has setup() not implemented" %
|
|
|
|
self.name)
|
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def stop(self, volume):
|
|
|
|
''' Do what ever is needed on stop'''
|
|
|
|
raise NotImplementedError("Pool %s has stop() not implemented" %
|
|
|
|
self.name)
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-04-30 20:42:00 +02:00
|
|
|
def init_volume(self, vm, volume_config):
|
2016-04-15 20:40:53 +02:00
|
|
|
''' Initialize a :py:class:`qubes.storage.Volume` from `volume_config`.
|
|
|
|
'''
|
|
|
|
raise NotImplementedError("Pool %s has init_volume() not implemented" %
|
|
|
|
self.name)
|
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
|
|
|
|
def pool_drivers():
|
|
|
|
""" Return a list of EntryPoints names """
|
|
|
|
return [ep.name
|
2016-04-15 20:40:53 +02:00
|
|
|
for ep in pkg_resources.iter_entry_points(STORAGE_ENTRY_POINT)]
|