core-admin/dispvm/qubes-prepare-saved-domain.sh

#!/bin/bash

set -o pipefail

get_encoded_script()
{
	ENCODED_SCRIPT=`
		if [ "$1" == "vm-default" ]; then
			echo /usr/lib/qubes/dispvm-prerun.sh
		else
			cat "$1"
		fi | base64 -w0` || exit 1
}

if [ $# != 2 -a $# != 3 ] ; then
	echo "usage: $0 domainname savefile_to_be_created [preload script]" >&2
	exit 1
fi
export PATH=$PATH:/sbin:/usr/sbin
if [ $# = 3 ] ; then
	get_encoded_script $3
fi
VMDIR=/var/lib/qubes/appvms/$1
if ! [ -d $VMDIR ] ; then
	echo "$VMDIR does not exist ?" >&2
	exit 1
fi
if ! qvm-start $1 --dvm ; then
	exit 1
fi

ID=`virsh -c xen:/// domid $1`
echo "Waiting for DVM $1 ..." >&2
if [ -n "$ENCODED_SCRIPT" ] ; then
	qubesdb-write -d $1 /qubes-save-script "$ENCODED_SCRIPT"
fi
#set -x
qubesdb-write -d $1 /qubes-save-request 1
qubesdb-watch -d $1 /qubes-used-mem
qubesdb-read -d $1 /qubes-gateway | \
	cut -d . -f 3 | tr -d "\n" > $VMDIR/netvm-id.txt
kill `cat /var/run/qubes/guid-running.$ID`
# FIXME: get connection URI from core scripts
virsh -c xen:/// detach-disk $1 xvdb
MEM=$(qubesdb-read -d $1 /qubes-used-mem | grep '^[0-9]\+$' | head -n 1)
echo "DVM boot complete, memory used=$MEM. Saving image..." >&2
QMEMMAN_STOP=/var/run/qubes/do-not-membalance
touch $QMEMMAN_STOP
virsh -c xen:/// setmem $1 $MEM
# Add some safety margin
virsh -c xen:/// setmaxmem $1 $[ $MEM + 1024 ]
# Stop qubesdb daemon now, so VM can restart it later
kill `cat /var/run/qubes/qubesdb.$1.pid`
sleep 1
touch $2
if ! virsh -c xen:/// save $1 $2; then
	rm -f $QMEMMAN_STOP
	qvm-kill $1
	exit 1
fi
rm -f $QMEMMAN_STOP
# Do not allow smaller allocation than 400MB. If that small number comes from
# an error, it would prevent further savefile regeneration (because VM would
# not start with too little memory). Also 'maxmem' depends on 'memory', so
# 400MB is sane compromise.
if [ "$MEM" -lt 409600 ]; then
    qvm-prefs -s $1 memory 400
else
    qvm-prefs -s $1 memory $[ $MEM / 1024 ]
fi
ln -snf $VMDIR /var/lib/qubes/dvmdata/vmdir
cd $VMDIR
fstype=`df --output=fstype $VMDIR | tail -n 1`
if [ "$fstype" = "tmpfs" ]; then
    # bsdtar doesn't work on tmpfs because FS_IOC_FIEMAP ioctl isn't supported
    # there
    tar -cSf saved-cows.tar volatile.img
else
    bsdtar -cSf saved-cows.tar volatile.img
fi
echo "DVM savefile created successfully."
dom0: use /bin/bash as interpreter of qubes_prepare_saved_domain.sh Required for ex $(( )) construction. /bin/sh may not handle it (when linked to some other shell than bash). 2011-06-08 03:41:22 +02:00			`#!/bin/bash`
dispvm: simplify DispVM preparation script 2014-01-21 04:40:22 +01:00
			`set -o pipefail`

DVM: execute user script before save qubes_prepare_saved_domain.sh now takes optional second argument, the filename. The content of the file will be copied (via xenstore) to DVM and executed just before save. This makes it possible to preload memory with useful apps. 2010-07-14 18:50:48 +02:00			`get_encoded_script()`
			`{`
dispvm: simplify DispVM preparation script 2014-01-21 04:40:22 +01:00			ENCODED_SCRIPT=`
			`if [ "$1" == "vm-default" ]; then`
			`echo /usr/lib/qubes/dispvm-prerun.sh`
			`else`
			`cat "$1"`
			fi \| base64 -w0` \|\| exit 1
DVM: execute user script before save qubes_prepare_saved_domain.sh now takes optional second argument, the filename. The content of the file will be copied (via xenstore) to DVM and executed just before save. This makes it possible to preload memory with useful apps. 2010-07-14 18:50:48 +02:00			`}`

			`if [ $# != 2 -a $# != 3 ] ; then`
dispvm: print diagnostics to stderr 2014-11-10 11:42:47 +01:00			`echo "usage: $0 domainname savefile_to_be_created [preload script]" >&2`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`exit 1`
			`fi`
dvm: correct PATH and permissions 2010-06-30 15:23:44 +02:00			`export PATH=$PATH:/sbin:/usr/sbin`
DVM: execute user script before save qubes_prepare_saved_domain.sh now takes optional second argument, the filename. The content of the file will be copied (via xenstore) to DVM and executed just before save. This makes it possible to preload memory with useful apps. 2010-07-14 18:50:48 +02:00			`if [ $# = 3 ] ; then`
			`get_encoded_script $3`
			`fi`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`VMDIR=/var/lib/qubes/appvms/$1`
			`if ! [ -d $VMDIR ] ; then`
dispvm: print diagnostics to stderr 2014-11-10 11:42:47 +01:00			`echo "$VMDIR does not exist ?" >&2`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`exit 1`
			`fi`
dispvm: start guid during savefile preparation Now gui-agent supports reconnect to guid, so start it early to have Xorg running in the VM. This is still not done - for example it tries to run some commands via (not running yet) qrexec. 2014-01-24 06:42:20 +01:00			`if ! qvm-start $1 --dvm ; then`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`exit 1`
			`fi`

Merge branch 'dispvm-speedup' into dispvm-speedup3 Conflicts: dispvm/qubes-prepare-saved-domain.sh 2015-03-02 03:35:15 +01:00			ID=`virsh -c xen:/// domid $1`
dispvm: use qubesdb instead of xenstore 2013-06-10 04:28:13 +02:00			`echo "Waiting for DVM $1 ..." >&2`
DVM: execute user script before save qubes_prepare_saved_domain.sh now takes optional second argument, the filename. The content of the file will be copied (via xenstore) to DVM and executed just before save. This makes it possible to preload memory with useful apps. 2010-07-14 18:50:48 +02:00			`if [ -n "$ENCODED_SCRIPT" ] ; then`
dispvm: use qubesdb instead of xenstore 2013-06-10 04:28:13 +02:00			`qubesdb-write -d $1 /qubes-save-script "$ENCODED_SCRIPT"`
DVM: execute user script before save qubes_prepare_saved_domain.sh now takes optional second argument, the filename. The content of the file will be copied (via xenstore) to DVM and executed just before save. This makes it possible to preload memory with useful apps. 2010-07-14 18:50:48 +02:00			`fi`
Make qubes_prepare_saved_domain.sh output less scary for [normal] users 2010-09-22 11:15:22 +02:00			`#set -x`
dispvm: use qubesdb instead of xenstore 2013-06-10 04:28:13 +02:00			`qubesdb-write -d $1 /qubes-save-request 1`
			`qubesdb-watch -d $1 /qubes-used-mem`
			`qubesdb-read -d $1 /qubes-gateway \| \`
The Underscores Revolution: DispVM savefiles 2013-03-14 14:45:45 +01:00			`cut -d . -f 3 \| tr -d "\n" > $VMDIR/netvm-id.txt`
Merge branch 'dispvm-speedup' into dispvm-speedup3 Conflicts: dispvm/qubes-prepare-saved-domain.sh 2015-03-02 03:35:15 +01:00			kill `cat /var/run/qubes/guid-running.$ID`
Migration to libvirt - DispVM Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from qubes-restore. As actual restore is handled by libvirt, we don't get much from separate qubes-restore process. This code still needs some improvements, especially on performance. 2013-05-04 04:50:37 +02:00			`# FIXME: get connection URI from core scripts`
			`virsh -c xen:/// detach-disk $1 xvdb`
Fix "dispvm: sanitize used memory info received from VM" There should be no -q option - we actually want the result. Fixes qubesos/qubes-issues#994 2015-05-11 16:49:27 +02:00			`MEM=$(qubesdb-read -d $1 /qubes-used-mem \| grep '^[0-9]\+$' \| head -n 1)`
dispvm: print diagnostics to stderr 2014-11-10 11:42:47 +01:00			`echo "DVM boot complete, memory used=$MEM. Saving image..." >&2`
qmemman: switch off memory balancing when doing xm save Apparently, it interferes: INFO (XendCheckpoint:417) ERROR Internal error: Could not get vcpu context INFO (XendCheckpoint:417) ERROR Internal error: Failed to map/save the p2m frame list 2010-09-07 16:00:14 +02:00			`QMEMMAN_STOP=/var/run/qubes/do-not-membalance`
			`touch $QMEMMAN_STOP`
Migration to libvirt - DispVM Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from qubes-restore. As actual restore is handled by libvirt, we don't get much from separate qubes-restore process. This code still needs some improvements, especially on performance. 2013-05-04 04:50:37 +02:00			`virsh -c xen:/// setmem $1 $MEM`
			`# Add some safety margin`
			`virsh -c xen:/// setmaxmem $1 $[ $MEM + 1024 ]`
dispvm: use qubesdb instead of xenstore 2013-06-10 04:28:13 +02:00			`# Stop qubesdb daemon now, so VM can restart it later`
			kill `cat /var/run/qubes/qubesdb.$1.pid`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`sleep 1`
			`touch $2`
Migration to libvirt - DispVM Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from qubes-restore. As actual restore is handled by libvirt, we don't get much from separate qubes-restore process. This code still needs some improvements, especially on performance. 2013-05-04 04:50:37 +02:00			`if ! virsh -c xen:/// save $1 $2; then`
qmemman: switch off memory balancing when doing xm save Apparently, it interferes: INFO (XendCheckpoint:417) ERROR Internal error: Could not get vcpu context INFO (XendCheckpoint:417) ERROR Internal error: Failed to map/save the p2m frame list 2010-09-07 16:00:14 +02:00			`rm -f $QMEMMAN_STOP`
dispvm: clean the VM in case of failed savefile creation Otherwise further tries to regenerate savefile would fail. 2015-05-15 03:19:28 +02:00			`qvm-kill $1`
qmemman: switch off memory balancing when doing xm save Apparently, it interferes: INFO (XendCheckpoint:417) ERROR Internal error: Could not get vcpu context INFO (XendCheckpoint:417) ERROR Internal error: Failed to map/save the p2m frame list 2010-09-07 16:00:14 +02:00			`exit 1`
			`fi`
			`rm -f $QMEMMAN_STOP`
dispvm: set 'memory' to the size reported on savefile generation That parameter will be used later to request memory from qmemman just before loading savefile to memory, so it should match the real need. Do not allow values smaller than 400, to prevent storing some erroneous values. Fixes qubesos/qubes-issues#973 2015-05-15 02:41:18 +02:00			`# Do not allow smaller allocation than 400MB. If that small number comes from`
			`# an error, it would prevent further savefile regeneration (because VM would`
			`# not start with too little memory). Also 'maxmem' depends on 'memory', so`
			`# 400MB is sane compromise.`
			`if [ "$MEM" -lt 409600 ]; then`
			`qvm-prefs -s $1 memory 400`
			`else`
			`qvm-prefs -s $1 memory $[ $MEM / 1024 ]`
			`fi`
dispvm: fix setting up DispVM based on non-default template Replace 'vmdir' symlink instead of creating new one inside of 'vmdir' directory. 2015-02-11 15:02:33 +01:00			`ln -snf $VMDIR /var/lib/qubes/dvmdata/vmdir`
Quick VM restore support 2010-06-02 15:50:22 +02:00			`cd $VMDIR`
dispvm: fallback to tar instead of bsdtar on tmpfs 2015-08-04 18:11:32 +02:00			fstype=`df --output=fstype $VMDIR \| tail -n 1`
			`if [ "$fstype" = "tmpfs" ]; then`
			`# bsdtar doesn't work on tmpfs because FS_IOC_FIEMAP ioctl isn't supported`
			`# there`
			`tar -cSf saved-cows.tar volatile.img`
			`else`
			`bsdtar -cSf saved-cows.tar volatile.img`
			`fi`
Migration to libvirt - DispVM Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from qubes-restore. As actual restore is handled by libvirt, we don't get much from separate qubes-restore process. This code still needs some improvements, especially on performance. 2013-05-04 04:50:37 +02:00			`echo "DVM savefile created successfully."`