2015-01-16 15:33:03 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# The Qubes OS Project, https://www.qubes-os.org/
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# Copyright (C) 2013-2015 Joanna Rutkowska <joanna@invisiblethingslab.com>
|
|
|
|
# Copyright (C) 2013-2015 Marek Marczykowski-Górecki
|
|
|
|
# <marmarek@invisiblethingslab.com>
|
2015-01-16 15:33:03 +01:00
|
|
|
# Copyright (C) 2015 Wojtek Porczyk <woju@invisiblethingslab.com>
|
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
# (at your option) any later version.
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
2015-01-19 18:03:23 +01:00
|
|
|
# You should have received a copy of the GNU General Public License along
|
|
|
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2015-01-16 15:33:03 +01:00
|
|
|
#
|
2017-01-18 22:16:46 +01:00
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
""" Qubes storage system"""
|
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
from __future__ import absolute_import
|
|
|
|
|
2017-05-12 17:41:38 +02:00
|
|
|
import inspect
|
2015-01-16 15:33:03 +01:00
|
|
|
import os
|
|
|
|
import os.path
|
2016-07-12 18:56:06 +02:00
|
|
|
import string # pylint: disable=deprecated-module
|
2016-07-12 18:57:04 +02:00
|
|
|
import time
|
|
|
|
from datetime import datetime
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
import asyncio
|
2016-06-02 22:02:06 +02:00
|
|
|
import lxml.etree
|
2016-04-27 21:51:40 +02:00
|
|
|
import pkg_resources
|
2015-01-16 15:33:03 +01:00
|
|
|
import qubes
|
2015-10-14 22:02:11 +02:00
|
|
|
import qubes.exc
|
2015-01-16 15:33:03 +01:00
|
|
|
import qubes.utils
|
2016-04-22 14:16:41 +02:00
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
STORAGE_ENTRY_POINT = 'qubes.storage'
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-01-29 17:56:33 +01:00
|
|
|
|
|
|
|
class StoragePoolException(qubes.exc.QubesException):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' A general storage exception '''
|
2016-01-29 17:56:33 +01:00
|
|
|
pass
|
|
|
|
|
|
|
|
|
2017-04-15 16:29:50 +02:00
|
|
|
class BlockDevice(object):
|
|
|
|
''' Represents a storage block device. '''
|
|
|
|
# pylint: disable=too-few-public-methods
|
|
|
|
def __init__(self, path, name, script=None, rw=True, domain=None,
|
|
|
|
devtype='disk'):
|
|
|
|
assert name, 'Missing device name'
|
|
|
|
assert path, 'Missing device path'
|
|
|
|
self.path = path
|
|
|
|
self.name = name
|
|
|
|
self.rw = rw
|
|
|
|
self.script = script
|
|
|
|
self.domain = domain
|
|
|
|
self.devtype = devtype
|
|
|
|
|
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
class Volume(object):
|
|
|
|
''' Encapsulates all data about a volume for serialization to qubes.xml and
|
|
|
|
libvirt config.
|
2016-07-12 18:56:06 +02:00
|
|
|
|
|
|
|
|
|
|
|
Keep in mind!
|
|
|
|
volatile = not snap_on_start and not save_on_stop
|
|
|
|
snapshot = snap_on_start and not save_on_stop
|
|
|
|
origin = not snap_on_start and save_on_stop
|
|
|
|
origin_snapshot = snap_on_start and save_on_stop
|
2016-03-28 02:55:38 +02:00
|
|
|
'''
|
|
|
|
|
|
|
|
devtype = 'disk'
|
|
|
|
domain = None
|
|
|
|
path = None
|
|
|
|
script = None
|
|
|
|
usage = 0
|
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def __init__(self, name, pool, vid, internal=False, removable=False,
|
|
|
|
revisions_to_keep=0, rw=False, save_on_stop=False, size=0,
|
|
|
|
snap_on_start=False, source=None, **kwargs):
|
|
|
|
''' Initialize a volume.
|
|
|
|
|
|
|
|
:param str name: The domain name
|
|
|
|
:param str pool: The pool name
|
|
|
|
:param str vid: Volume identifier needs to be unique in pool
|
|
|
|
:param bool internal: If `True` volume is hidden when qvm-block ls
|
|
|
|
is used
|
|
|
|
:param bool removable: If `True` volume can be detached from vm at
|
|
|
|
run time
|
|
|
|
:param int revisions_to_keep: Amount of revisions to keep around
|
|
|
|
:param bool rw: If true volume will be mounted read-write
|
|
|
|
:param bool snap_on_start: Create a snapshot from source on start
|
|
|
|
:param bool save_on_stop: Write changes to disk in vm.stop()
|
|
|
|
:param str source: Vid of other volume in same pool
|
|
|
|
:param str/int size: Size of the volume
|
|
|
|
|
|
|
|
'''
|
|
|
|
|
2016-04-22 14:58:21 +02:00
|
|
|
super(Volume, self).__init__(**kwargs)
|
2016-07-12 18:56:06 +02:00
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
self.name = str(name)
|
|
|
|
self.pool = str(pool)
|
2016-04-27 17:16:34 +02:00
|
|
|
self.internal = internal
|
2016-07-12 18:56:06 +02:00
|
|
|
self.removable = removable
|
2017-01-26 18:26:06 +01:00
|
|
|
self.revisions_to_keep = int(revisions_to_keep)
|
2016-07-12 18:56:06 +02:00
|
|
|
self.rw = rw
|
|
|
|
self.save_on_stop = save_on_stop
|
2016-09-04 21:53:43 +02:00
|
|
|
self._size = int(size)
|
2016-07-12 18:56:06 +02:00
|
|
|
self.snap_on_start = snap_on_start
|
|
|
|
self.source = source
|
|
|
|
self.vid = vid
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def __eq__(self, other):
|
|
|
|
return other.pool == self.pool and other.vid == self.vid
|
2016-04-22 14:29:30 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def __hash__(self):
|
|
|
|
return hash('%s:%s' % (self.pool, self.vid))
|
|
|
|
|
|
|
|
def __neq__(self, other):
|
|
|
|
return not self.__eq__(other)
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-04-22 14:47:00 +02:00
|
|
|
def __repr__(self):
|
2016-05-12 16:11:37 +02:00
|
|
|
return '{!r}'.format(self.pool + ':' + self.vid)
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def __str__(self):
|
|
|
|
return str(self.vid)
|
|
|
|
|
|
|
|
def __xml__(self):
|
|
|
|
config = _sanitize_config(self.config)
|
|
|
|
return lxml.etree.Element('volume', **config)
|
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
def block_device(self):
|
2017-04-15 16:29:50 +02:00
|
|
|
''' Return :py:class:`BlockDevice` for serialization in
|
2016-03-28 02:55:38 +02:00
|
|
|
the libvirt XML template as <disk>.
|
|
|
|
'''
|
2017-04-15 16:29:50 +02:00
|
|
|
return BlockDevice(self.path, self.name, self.script,
|
2016-07-12 18:56:06 +02:00
|
|
|
self.rw, self.domain, self.devtype)
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
@property
|
|
|
|
def revisions(self):
|
|
|
|
''' Returns a `dict` containing revision identifiers and paths '''
|
|
|
|
msg = "{!s} has revisions not implemented".format(self.__class__)
|
|
|
|
raise NotImplementedError(msg)
|
2016-04-27 21:51:40 +02:00
|
|
|
|
2016-09-04 21:53:43 +02:00
|
|
|
@property
|
|
|
|
def size(self):
|
|
|
|
return self._size
|
|
|
|
|
2016-09-04 23:49:42 +02:00
|
|
|
@size.setter
|
|
|
|
def size(self, size):
|
|
|
|
# pylint: disable=attribute-defined-outside-init
|
|
|
|
self._size = int(size)
|
|
|
|
|
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
@property
|
|
|
|
def config(self):
|
|
|
|
''' return config data for serialization to qubes.xml '''
|
|
|
|
result = {'name': self.name, 'pool': self.pool, 'vid': self.vid, }
|
2016-04-27 21:51:40 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
if self.internal:
|
|
|
|
result['internal'] = self.internal
|
2016-04-27 21:51:40 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
if self.removable:
|
|
|
|
result['removable'] = self.removable
|
|
|
|
|
|
|
|
if self.revisions_to_keep:
|
|
|
|
result['revisions_to_keep'] = self.revisions_to_keep
|
|
|
|
|
|
|
|
if self.rw:
|
|
|
|
result['rw'] = self.rw
|
|
|
|
|
|
|
|
if self.save_on_stop:
|
|
|
|
result['save_on_stop'] = self.save_on_stop
|
|
|
|
|
|
|
|
if self.size:
|
|
|
|
result['size'] = self.size
|
|
|
|
|
|
|
|
if self.snap_on_start:
|
|
|
|
result['snap_on_start'] = self.snap_on_start
|
|
|
|
|
|
|
|
if self.source:
|
|
|
|
result['source'] = self.source
|
|
|
|
|
|
|
|
return result
|
2016-05-28 18:06:12 +02:00
|
|
|
|
2016-03-28 02:55:38 +02:00
|
|
|
|
2016-03-03 01:05:23 +01:00
|
|
|
class Storage(object):
|
2016-03-28 02:55:38 +02:00
|
|
|
''' Class for handling VM virtual disks.
|
2015-01-16 15:33:03 +01:00
|
|
|
|
|
|
|
This is base class for all other implementations, mostly with Xen on Linux
|
|
|
|
in mind.
|
2016-01-29 17:56:33 +01:00
|
|
|
'''
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-05-09 04:24:43 +02:00
|
|
|
AVAILABLE_FRONTENDS = set(['xvd' + c for c in string.ascii_lowercase])
|
|
|
|
|
2016-04-15 20:13:06 +02:00
|
|
|
def __init__(self, vm):
|
2015-01-16 15:33:03 +01:00
|
|
|
#: Domain for which we manage storage
|
|
|
|
self.vm = vm
|
2016-04-15 20:40:53 +02:00
|
|
|
self.log = self.vm.log
|
2016-04-15 20:13:06 +02:00
|
|
|
#: Additional drive (currently used only by HVM)
|
|
|
|
self.drive = None
|
2016-04-15 20:40:53 +02:00
|
|
|
self.pools = {}
|
2016-07-12 18:56:06 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
if hasattr(vm, 'volume_config'):
|
|
|
|
for name, conf in self.vm.volume_config.items():
|
2016-07-12 18:57:43 +02:00
|
|
|
if 'volume_type' in conf:
|
|
|
|
conf = self._migrate_config(conf)
|
|
|
|
|
2016-11-04 12:39:29 +01:00
|
|
|
self.init_volume(name, conf)
|
|
|
|
|
|
|
|
def init_volume(self, name, volume_config):
|
|
|
|
''' Initialize Volume instance attached to this domain '''
|
|
|
|
assert 'pool' in volume_config, "Pool missing in volume_config" % str(
|
|
|
|
volume_config)
|
|
|
|
|
|
|
|
if 'name' not in volume_config:
|
|
|
|
volume_config['name'] = name
|
|
|
|
pool = self.vm.app.get_pool(volume_config['pool'])
|
|
|
|
volume = pool.init_volume(self.vm, volume_config)
|
|
|
|
self.vm.volumes[name] = volume
|
|
|
|
self.pools[name] = pool
|
|
|
|
return volume
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-07-12 18:57:43 +02:00
|
|
|
def _migrate_config(self, conf):
|
|
|
|
''' Migrates from the old config style to new
|
|
|
|
''' # FIXME: Remove this compatibility hack
|
|
|
|
assert 'volume_type' in conf
|
|
|
|
_type = conf['volume_type']
|
|
|
|
old_volume_types = [
|
|
|
|
'read-write', 'read-only', 'origin', 'snapshot', 'volatile'
|
|
|
|
]
|
|
|
|
msg = "Volume {!s} has unknown type {!s}".format(conf['name'], _type)
|
|
|
|
assert conf['volume_type'] in old_volume_types, msg
|
|
|
|
if _type == 'origin':
|
|
|
|
conf['rw'] = True
|
|
|
|
conf['source'] = None
|
|
|
|
conf['save_on_stop'] = True
|
|
|
|
conf['revisions_to_keep'] = 1
|
|
|
|
elif _type == 'snapshot':
|
|
|
|
conf['rw'] = False
|
|
|
|
if conf['pool'] == 'default':
|
|
|
|
template_vid = os.path.join('vm-templates',
|
|
|
|
self.vm.template.name, conf['name'])
|
|
|
|
elif conf['pool'] == 'qubes_dom0':
|
|
|
|
template_vid = os.path.join(
|
|
|
|
'qubes_dom0', self.vm.template.name + '-' + conf['name'])
|
|
|
|
conf['source'] = template_vid
|
|
|
|
conf['snap_on_start'] = True
|
|
|
|
elif _type == 'read-write':
|
|
|
|
conf['rw'] = True
|
|
|
|
conf['save_on_stop'] = True
|
|
|
|
conf['revisions_to_keep'] = 0
|
|
|
|
elif _type == 'read-only':
|
|
|
|
conf['rw'] = False
|
|
|
|
conf['snap_on_start'] = True
|
|
|
|
conf['save_on_stop'] = False
|
|
|
|
conf['revisions_to_keep'] = 0
|
|
|
|
elif _type == 'volatile':
|
|
|
|
conf['snap_on_start'] = False
|
|
|
|
conf['save_on_stop'] = False
|
|
|
|
conf['revisions_to_keep'] = 0
|
|
|
|
del conf['volume_type']
|
|
|
|
return conf
|
|
|
|
|
2016-05-09 04:24:43 +02:00
|
|
|
def attach(self, volume, rw=False):
|
|
|
|
''' Attach a volume to the domain '''
|
|
|
|
assert self.vm.is_running()
|
|
|
|
|
|
|
|
if self._is_already_attached(volume):
|
|
|
|
self.vm.log.info("{!r} already attached".format(volume))
|
|
|
|
return
|
|
|
|
|
|
|
|
try:
|
|
|
|
frontend = self.unused_frontend()
|
|
|
|
except IndexError:
|
|
|
|
raise StoragePoolException("No unused frontend found")
|
|
|
|
disk = lxml.etree.Element("disk")
|
|
|
|
disk.set('type', 'block')
|
|
|
|
disk.set('device', 'disk')
|
|
|
|
lxml.etree.SubElement(disk, 'driver').set('name', 'phy')
|
|
|
|
lxml.etree.SubElement(disk, 'source').set('dev', '/dev/%s' % volume.vid)
|
|
|
|
lxml.etree.SubElement(disk, 'target').set('dev', frontend)
|
|
|
|
if not rw:
|
|
|
|
lxml.etree.SubElement(disk, 'readonly')
|
|
|
|
|
2016-08-18 14:02:39 +02:00
|
|
|
if volume.domain is not None:
|
2016-05-09 04:24:43 +02:00
|
|
|
lxml.etree.SubElement(disk, 'backenddomain').set(
|
2016-08-18 14:02:39 +02:00
|
|
|
'name', volume.domain.name)
|
2016-05-09 04:24:43 +02:00
|
|
|
|
|
|
|
xml_string = lxml.etree.tostring(disk, encoding='utf-8')
|
|
|
|
self.vm.libvirt_domain.attachDevice(xml_string)
|
|
|
|
# trigger watches to update device status
|
|
|
|
# FIXME: this should be removed once libvirt will report such
|
|
|
|
# events itself
|
|
|
|
# self.vm.qdb.write('/qubes-block-devices', '') ← do we need this?
|
|
|
|
|
|
|
|
def _is_already_attached(self, volume):
|
|
|
|
''' Checks if the given volume is already attached '''
|
|
|
|
parsed_xml = lxml.etree.fromstring(self.vm.libvirt_domain.XMLDesc())
|
|
|
|
disk_sources = parsed_xml.xpath("//domain/devices/disk/source")
|
|
|
|
for source in disk_sources:
|
|
|
|
if source.get('dev') == '/dev/%s' % volume.vid:
|
|
|
|
return True
|
|
|
|
return False
|
|
|
|
|
2016-05-09 05:12:37 +02:00
|
|
|
def detach(self, volume):
|
|
|
|
''' Detach a volume from domain '''
|
|
|
|
parsed_xml = lxml.etree.fromstring(self.vm.libvirt_domain.XMLDesc())
|
|
|
|
disks = parsed_xml.xpath("//domain/devices/disk")
|
|
|
|
for disk in disks:
|
|
|
|
source = disk.xpath('source')[0]
|
|
|
|
if source.get('dev') == '/dev/%s' % volume.vid:
|
|
|
|
disk_xml = lxml.etree.tostring(disk, encoding='utf-8')
|
|
|
|
self.vm.libvirt_domain.detachDevice(disk_xml)
|
|
|
|
return
|
|
|
|
raise StoragePoolException('Volume {!r} is not attached'.format(volume))
|
|
|
|
|
2015-10-02 16:02:51 +02:00
|
|
|
@property
|
|
|
|
def kernels_dir(self):
|
|
|
|
'''Directory where kernel resides.
|
|
|
|
|
|
|
|
If :py:attr:`self.vm.kernel` is :py:obj:`None`, the this points inside
|
|
|
|
:py:attr:`self.vm.dir_path`
|
|
|
|
'''
|
2016-07-12 18:56:06 +02:00
|
|
|
assert 'kernel' in self.vm.volumes, "VM has no kernel volume"
|
2016-04-15 20:40:53 +02:00
|
|
|
return self.vm.volumes['kernel'].kernels_dir
|
2015-10-02 16:02:51 +02:00
|
|
|
|
2015-01-16 15:33:03 +01:00
|
|
|
def get_disk_utilization(self):
|
2016-04-15 20:40:53 +02:00
|
|
|
''' Returns summed up disk utilization for all domain volumes '''
|
|
|
|
result = 0
|
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
result += volume.usage
|
|
|
|
return result
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-04-15 20:40:53 +02:00
|
|
|
def resize(self, volume, size):
|
2016-07-12 18:58:11 +02:00
|
|
|
''' Resizes volume a read-writable volume '''
|
2017-01-18 22:16:46 +01:00
|
|
|
if isinstance(volume, str):
|
2016-08-17 22:42:15 +02:00
|
|
|
volume = self.vm.volumes[volume]
|
2017-04-25 23:01:17 +02:00
|
|
|
ret = self.get_pool(volume).resize(volume, size)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
yield from ret
|
2016-08-17 22:44:17 +02:00
|
|
|
if self.vm.is_running():
|
2017-04-25 23:01:17 +02:00
|
|
|
yield from self.vm.run_service_for_stdio('qubes.ResizeDisk',
|
|
|
|
input=volume.name.encode(),
|
|
|
|
user='root')
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-07-12 18:58:11 +02:00
|
|
|
def create(self):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' Creates volumes on disk '''
|
2016-07-21 23:16:39 +02:00
|
|
|
old_umask = os.umask(0o002)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
coros = []
|
2016-07-12 18:58:11 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
2017-04-25 23:01:17 +02:00
|
|
|
# launch the operation, if it's asynchronous, then append to wait
|
|
|
|
# for them at the end
|
|
|
|
ret = self.get_pool(volume).create(volume)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
coros.append(ret)
|
|
|
|
if coros:
|
|
|
|
yield from asyncio.wait(coros)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
|
|
|
os.umask(old_umask)
|
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-04-15 15:16:25 +02:00
|
|
|
def clone(self, src_vm):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' Clone volumes from the specified vm '''
|
2016-07-12 18:58:11 +02:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
# clone/import functions may be either synchronous or asynchronous
|
|
|
|
# in the later case, we need to wait for them to finish
|
|
|
|
clone_op = {}
|
|
|
|
|
2016-07-12 18:58:11 +02:00
|
|
|
self.vm.volumes = {}
|
|
|
|
with VmCreationManager(self.vm):
|
|
|
|
for name, config in self.vm.volume_config.items():
|
|
|
|
dst_pool = self.get_pool(config['pool'])
|
|
|
|
dst = dst_pool.init_volume(self.vm, config)
|
|
|
|
src_volume = src_vm.volumes[name]
|
|
|
|
src_pool = self.vm.app.get_pool(src_volume.pool)
|
|
|
|
if dst_pool == src_pool:
|
|
|
|
msg = "Cloning volume {!s} from vm {!s}"
|
|
|
|
self.vm.log.info(msg.format(src_volume.name, src_vm.name))
|
2017-04-25 23:01:17 +02:00
|
|
|
clone_op_ret = dst_pool.clone(src_volume, dst)
|
2016-07-12 18:58:11 +02:00
|
|
|
else:
|
|
|
|
msg = "Importing volume {!s} from vm {!s}"
|
|
|
|
self.vm.log.info(msg.format(src_volume.name, src_vm.name))
|
2017-04-25 23:01:17 +02:00
|
|
|
clone_op_ret = dst_pool.import_volume(
|
|
|
|
dst_pool, dst, src_pool, src_volume)
|
|
|
|
if asyncio.iscoroutine(clone_op_ret):
|
|
|
|
clone_op[name] = asyncio.ensure_future(clone_op_ret)
|
|
|
|
|
|
|
|
yield from asyncio.wait(x for x in clone_op.values()
|
2017-05-12 17:41:38 +02:00
|
|
|
if inspect.isawaitable(x))
|
2017-04-25 23:01:17 +02:00
|
|
|
|
|
|
|
for name, clone_op_ret in clone_op.items():
|
2017-05-12 17:41:38 +02:00
|
|
|
if inspect.isawaitable(clone_op_ret):
|
2017-04-25 23:01:17 +02:00
|
|
|
volume = clone_op_ret.result
|
|
|
|
else:
|
|
|
|
volume = clone_op_ret
|
2016-07-12 18:58:11 +02:00
|
|
|
|
|
|
|
assert volume, "%s.clone() returned '%s'" % (
|
2017-04-25 23:01:17 +02:00
|
|
|
self.get_pool(self.vm.volume_config[name]['pool']).
|
|
|
|
__class__.__name__, volume)
|
2016-07-12 18:58:11 +02:00
|
|
|
|
|
|
|
self.vm.volumes[name] = volume
|
|
|
|
|
2016-06-16 20:01:51 +02:00
|
|
|
@property
|
|
|
|
def outdated_volumes(self):
|
|
|
|
''' Returns a list of outdated volumes '''
|
|
|
|
result = []
|
|
|
|
if self.vm.is_halted():
|
|
|
|
return result
|
|
|
|
|
|
|
|
volumes = self.vm.volumes
|
|
|
|
for volume in volumes.values():
|
|
|
|
pool = self.get_pool(volume)
|
|
|
|
if pool.is_outdated(volume):
|
|
|
|
result += [volume]
|
|
|
|
|
|
|
|
return result
|
|
|
|
|
2016-04-15 17:11:42 +02:00
|
|
|
def rename(self, old_name, new_name):
|
|
|
|
''' Notify the pools that the domain was renamed '''
|
|
|
|
volumes = self.vm.volumes
|
|
|
|
for name, volume in volumes.items():
|
|
|
|
pool = self.get_pool(volume)
|
|
|
|
volumes[name] = pool.rename(volume, old_name, new_name)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def verify(self):
|
2016-04-15 20:40:53 +02:00
|
|
|
'''Verify that the storage is sane.
|
|
|
|
|
|
|
|
On success, returns normally. On failure, raises exception.
|
|
|
|
'''
|
2015-01-16 15:33:03 +01:00
|
|
|
if not os.path.exists(self.vm.dir_path):
|
2016-04-15 20:40:53 +02:00
|
|
|
raise qubes.exc.QubesVMError(
|
|
|
|
self.vm,
|
2015-01-22 11:24:23 +01:00
|
|
|
'VM directory does not exist: {}'.format(self.vm.dir_path))
|
2016-06-23 13:08:51 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
self.get_pool(volume).verify(volume)
|
2016-06-16 20:03:36 +02:00
|
|
|
self.vm.fire_event('domain-verify-files')
|
2016-07-12 18:56:06 +02:00
|
|
|
return True
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-04-15 20:40:53 +02:00
|
|
|
def remove(self):
|
2016-05-05 19:16:33 +02:00
|
|
|
''' Remove all the volumes.
|
|
|
|
|
|
|
|
Errors on removal are catched and logged.
|
|
|
|
'''
|
2017-04-25 23:01:17 +02:00
|
|
|
futures = []
|
2016-04-15 20:40:53 +02:00
|
|
|
for name, volume in self.vm.volumes.items():
|
2016-05-21 04:12:27 +02:00
|
|
|
self.log.info('Removing volume %s: %s' % (name, volume.vid))
|
2016-05-05 19:16:33 +02:00
|
|
|
try:
|
2017-04-25 23:01:17 +02:00
|
|
|
ret = self.get_pool(volume).remove(volume)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
futures.append(ret)
|
2016-05-05 19:16:33 +02:00
|
|
|
except (IOError, OSError) as e:
|
|
|
|
self.vm.log.exception("Failed to remove volume %s", name, e)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
if futures:
|
|
|
|
try:
|
|
|
|
yield from asyncio.wait(futures)
|
|
|
|
except (IOError, OSError) as e:
|
|
|
|
self.vm.log.exception("Failed to remove some volume", e)
|
|
|
|
|
|
|
|
@asyncio.coroutine
|
2016-04-15 20:40:53 +02:00
|
|
|
def start(self):
|
|
|
|
''' Execute the start method on each pool '''
|
2017-04-25 23:01:17 +02:00
|
|
|
futures = []
|
2016-04-15 20:40:53 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
2016-07-12 18:56:06 +02:00
|
|
|
pool = self.get_pool(volume)
|
2017-04-25 23:01:17 +02:00
|
|
|
ret = pool.start(volume)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
futures.append(ret)
|
|
|
|
|
|
|
|
if futures:
|
|
|
|
yield from asyncio.wait(futures)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-04-15 20:40:53 +02:00
|
|
|
def stop(self):
|
|
|
|
''' Execute the start method on each pool '''
|
2017-04-25 23:01:17 +02:00
|
|
|
futures = []
|
2016-04-15 20:40:53 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
2017-04-25 23:01:17 +02:00
|
|
|
ret = self.get_pool(volume).stop(volume)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
futures.append(ret)
|
|
|
|
|
|
|
|
if futures:
|
|
|
|
yield from asyncio.wait(futures)
|
2015-01-16 15:33:03 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def get_pool(self, volume):
|
|
|
|
''' Helper function '''
|
2017-01-18 22:16:46 +01:00
|
|
|
assert isinstance(volume, (Volume, str)), \
|
2016-07-12 18:56:06 +02:00
|
|
|
"You need to pass a Volume or pool name as str"
|
|
|
|
if isinstance(volume, Volume):
|
|
|
|
return self.pools[volume.name]
|
2017-04-15 20:04:38 +02:00
|
|
|
|
|
|
|
return self.vm.app.pools[volume]
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2017-04-25 23:01:17 +02:00
|
|
|
@asyncio.coroutine
|
2016-08-09 04:18:45 +02:00
|
|
|
def commit(self):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' Makes changes to an 'origin' volume persistent '''
|
2017-04-25 23:01:17 +02:00
|
|
|
futures = []
|
2016-04-15 20:40:53 +02:00
|
|
|
for volume in self.vm.volumes.values():
|
2016-08-09 04:18:45 +02:00
|
|
|
if volume.save_on_stop:
|
2017-04-25 23:01:17 +02:00
|
|
|
ret = self.get_pool(volume).commit(volume)
|
|
|
|
if asyncio.iscoroutine(ret):
|
|
|
|
futures.append(ret)
|
|
|
|
|
|
|
|
if futures:
|
|
|
|
yield asyncio.wait(futures)
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-05-09 04:24:43 +02:00
|
|
|
def unused_frontend(self):
|
|
|
|
''' Find an unused device name '''
|
|
|
|
unused_frontends = self.AVAILABLE_FRONTENDS.difference(
|
|
|
|
self.used_frontends)
|
|
|
|
return sorted(unused_frontends)[0]
|
|
|
|
|
|
|
|
@property
|
|
|
|
def used_frontends(self):
|
|
|
|
''' Used device names '''
|
|
|
|
xml = self.vm.libvirt_domain.XMLDesc()
|
|
|
|
parsed_xml = lxml.etree.fromstring(xml)
|
|
|
|
return set([target.get('dev', None)
|
|
|
|
for target in parsed_xml.xpath(
|
|
|
|
"//domain/devices/disk/target")])
|
|
|
|
|
2016-09-26 00:53:10 +02:00
|
|
|
def export(self, volume):
|
|
|
|
''' Helper function to export volume (pool.export(volume))'''
|
2017-01-18 22:16:46 +01:00
|
|
|
assert isinstance(volume, (Volume, str)), \
|
2016-09-26 00:53:10 +02:00
|
|
|
"You need to pass a Volume or pool name as str"
|
|
|
|
if isinstance(volume, Volume):
|
|
|
|
return self.pools[volume.name].export(volume)
|
2017-04-15 20:04:38 +02:00
|
|
|
|
|
|
|
return self.pools[volume].export(self.vm.volumes[volume])
|
2016-09-26 00:53:10 +02:00
|
|
|
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
class Pool(object):
|
|
|
|
''' A Pool is used to manage different kind of volumes (File
|
|
|
|
based/LVM/Btrfs/...).
|
2015-10-05 23:46:25 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
3rd Parties providing own storage implementations will need to extend
|
|
|
|
this class.
|
2016-07-12 18:56:06 +02:00
|
|
|
''' # pylint: disable=unused-argument
|
2016-04-15 20:13:06 +02:00
|
|
|
private_img_size = qubes.config.defaults['private_img_size']
|
|
|
|
root_img_size = qubes.config.defaults['root_img_size']
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def __init__(self, name, revisions_to_keep=1, **kwargs):
|
|
|
|
super(Pool, self).__init__(**kwargs)
|
|
|
|
self.name = name
|
|
|
|
self.revisions_to_keep = revisions_to_keep
|
|
|
|
kwargs['name'] = self.name
|
|
|
|
|
2016-06-05 20:18:56 +02:00
|
|
|
def __eq__(self, other):
|
|
|
|
return self.name == other.name
|
|
|
|
|
|
|
|
def __neq__(self, other):
|
|
|
|
return not self.__eq__(other)
|
|
|
|
|
|
|
|
def __str__(self):
|
|
|
|
return self.name
|
|
|
|
|
2017-04-25 22:50:12 +02:00
|
|
|
def __hash__(self):
|
|
|
|
return hash(self.name)
|
|
|
|
|
2016-04-22 14:16:41 +02:00
|
|
|
def __xml__(self):
|
2016-07-12 18:56:06 +02:00
|
|
|
config = _sanitize_config(self.config)
|
|
|
|
return lxml.etree.Element('pool', **config)
|
2016-04-22 14:16:41 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def create(self, volume):
|
2016-04-15 20:40:53 +02:00
|
|
|
''' Create the given volume on disk or copy from provided
|
|
|
|
`source_volume`.
|
2017-04-25 23:01:17 +02:00
|
|
|
|
|
|
|
This can be implemented as a coroutine.
|
2016-04-15 20:40:53 +02:00
|
|
|
'''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("create")
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def commit(self, volume): # pylint: disable=no-self-use
|
2017-04-25 23:01:17 +02:00
|
|
|
''' Write the snapshot to disk
|
|
|
|
|
|
|
|
This can be implemented as a coroutine.'''
|
2016-07-12 18:56:06 +02:00
|
|
|
msg = "Got volume_type {!s} when expected 'snap'"
|
|
|
|
msg = msg.format(volume.volume_type)
|
|
|
|
assert volume.volume_type == 'snap', msg
|
2016-03-03 01:05:23 +01:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
@property
|
|
|
|
def config(self):
|
|
|
|
''' Returns the pool config to be written to qubes.xml '''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("config")
|
2016-03-20 20:29:46 +01:00
|
|
|
|
2016-04-15 15:16:25 +02:00
|
|
|
def clone(self, source, target):
|
2017-04-25 23:01:17 +02:00
|
|
|
''' Clone volume.
|
|
|
|
|
|
|
|
This can be implemented as a coroutine. '''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("clone")
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-04-15 20:31:56 +02:00
|
|
|
def destroy(self):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' Called when removing the pool. Use this for implementation specific
|
|
|
|
clean up.
|
|
|
|
'''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("destroy")
|
|
|
|
|
|
|
|
def export(self, volume):
|
|
|
|
''' Returns an object that can be `open()`. '''
|
|
|
|
raise self._not_implemented("export")
|
|
|
|
|
|
|
|
def import_volume(self, dst_pool, dst_volume, src_pool, src_volume):
|
|
|
|
''' Imports data to a volume in this pool '''
|
|
|
|
raise self._not_implemented("import_volume")
|
|
|
|
|
|
|
|
def init_volume(self, vm, volume_config):
|
|
|
|
''' Initialize a :py:class:`qubes.storage.Volume` from `volume_config`.
|
|
|
|
'''
|
|
|
|
raise self._not_implemented("init_volume")
|
|
|
|
|
|
|
|
def is_dirty(self, volume):
|
|
|
|
''' Return `True` if volume was not properly shutdown and commited '''
|
|
|
|
raise self._not_implemented("is_dirty")
|
2016-04-15 20:31:56 +02:00
|
|
|
|
2016-06-16 20:01:51 +02:00
|
|
|
def is_outdated(self, volume):
|
2016-07-12 18:56:06 +02:00
|
|
|
''' Returns `True` if the currently used `volume.source` of a snapshot
|
|
|
|
volume is outdated.
|
|
|
|
'''
|
|
|
|
raise self._not_implemented("is_outdated")
|
|
|
|
|
|
|
|
def recover(self, volume):
|
|
|
|
''' Try to recover a :py:class:`Volume` or :py:class:`SnapVolume` '''
|
|
|
|
raise self._not_implemented("recover")
|
2016-06-16 20:01:51 +02:00
|
|
|
|
2016-04-15 20:40:53 +02:00
|
|
|
def remove(self, volume):
|
2017-04-25 23:01:17 +02:00
|
|
|
''' Remove volume.
|
|
|
|
|
|
|
|
This can be implemented as a coroutine.'''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("remove")
|
2016-04-15 17:11:42 +02:00
|
|
|
|
|
|
|
def rename(self, volume, old_name, new_name):
|
|
|
|
''' Called when the domain changes its name '''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("rename")
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def reset(self, volume):
|
|
|
|
''' Drop and recreate volume without copying it's content from source.
|
|
|
|
'''
|
|
|
|
raise self._not_implemented("reset")
|
|
|
|
|
2016-08-18 11:41:02 +02:00
|
|
|
def resize(self, volume, size):
|
|
|
|
''' Expands volume, throws
|
|
|
|
:py:class:`qubes.storage.StoragePoolException` if
|
|
|
|
given size is less than current_size
|
2017-04-25 23:01:17 +02:00
|
|
|
|
|
|
|
This can be implemented as a coroutine.
|
2016-08-18 11:41:02 +02:00
|
|
|
'''
|
|
|
|
raise self._not_implemented("resize")
|
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def revert(self, volume, revision=None):
|
|
|
|
''' Revert volume to previous revision '''
|
|
|
|
raise self._not_implemented("revert")
|
2016-04-15 20:40:53 +02:00
|
|
|
|
2016-04-15 20:31:56 +02:00
|
|
|
def setup(self):
|
2016-06-21 12:40:03 +02:00
|
|
|
''' Called when adding a pool to the system. Use this for implementation
|
|
|
|
specific set up.
|
|
|
|
'''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("setup")
|
2016-04-15 20:31:56 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def start(self, volume): # pylint: disable=no-self-use
|
2017-04-25 23:01:17 +02:00
|
|
|
''' Do what ever is needed on start
|
|
|
|
|
|
|
|
This can be implemented as a coroutine.'''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("start")
|
2016-04-15 20:13:06 +02:00
|
|
|
|
2016-07-12 18:56:06 +02:00
|
|
|
def stop(self, volume): # pylint: disable=no-self-use
|
2017-04-25 23:01:17 +02:00
|
|
|
''' Do what ever is needed on stop
|
|
|
|
|
|
|
|
This can be implemented as a coroutine.'''
|
2016-04-15 20:40:53 +02:00
|
|
|
|
2016-06-23 13:08:51 +02:00
|
|
|
def verify(self, volume):
|
|
|
|
''' Verifies the volume. '''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("verify")
|
2016-06-23 13:08:51 +02:00
|
|
|
|
2016-06-06 18:01:46 +02:00
|
|
|
@property
|
|
|
|
def volumes(self):
|
|
|
|
''' Return a list of volumes managed by this pool '''
|
2016-07-12 18:56:06 +02:00
|
|
|
raise self._not_implemented("volumes")
|
|
|
|
|
|
|
|
def _not_implemented(self, method_name):
|
|
|
|
''' Helper for emitting helpful `NotImplementedError` exceptions '''
|
|
|
|
msg = "Pool driver {!s} has {!s}() not implemented"
|
|
|
|
msg = msg.format(str(self.__class__.__name__), method_name)
|
|
|
|
return NotImplementedError(msg)
|
|
|
|
|
|
|
|
|
2016-07-12 18:58:11 +02:00
|
|
|
def _sanitize_config(config):
|
|
|
|
''' Helper function to convert types to appropriate strings
|
|
|
|
''' # FIXME: find another solution for serializing basic types
|
|
|
|
result = {}
|
|
|
|
for key, value in config.items():
|
|
|
|
if isinstance(value, bool):
|
|
|
|
if value:
|
|
|
|
result[key] = 'True'
|
|
|
|
else:
|
|
|
|
result[key] = str(value)
|
|
|
|
return result
|
2016-06-06 18:01:46 +02:00
|
|
|
|
2016-03-20 20:29:46 +01:00
|
|
|
|
|
|
|
def pool_drivers():
|
|
|
|
""" Return a list of EntryPoints names """
|
|
|
|
return [ep.name
|
2016-04-15 20:40:53 +02:00
|
|
|
for ep in pkg_resources.iter_entry_points(STORAGE_ENTRY_POINT)]
|
2016-07-12 18:57:04 +02:00
|
|
|
|
|
|
|
|
2017-03-09 02:42:05 +01:00
|
|
|
def driver_parameters(name):
|
|
|
|
''' Get __init__ parameters from a driver with out `self` & `name`. '''
|
|
|
|
init_function = qubes.utils.get_entry_point_one(
|
|
|
|
qubes.storage.STORAGE_ENTRY_POINT, name).__init__
|
|
|
|
params = init_function.func_code.co_varnames
|
|
|
|
ignored_params = ['self', 'name']
|
|
|
|
return [p for p in params if p not in ignored_params]
|
|
|
|
|
|
|
|
|
2016-07-12 18:57:04 +02:00
|
|
|
def isodate(seconds=time.time()):
|
|
|
|
''' Helper method which returns an iso date '''
|
|
|
|
return datetime.utcfromtimestamp(seconds).isoformat("T")
|
2016-07-12 18:58:11 +02:00
|
|
|
|
|
|
|
|
|
|
|
class VmCreationManager(object):
|
|
|
|
''' A `ContextManager` which cleans up if volume creation fails.
|
|
|
|
''' # pylint: disable=too-few-public-methods
|
|
|
|
def __init__(self, vm):
|
|
|
|
self.vm = vm
|
|
|
|
|
|
|
|
def __enter__(self):
|
|
|
|
pass
|
|
|
|
|
|
|
|
def __exit__(self, type, value, tb): # pylint: disable=redefined-builtin
|
|
|
|
if type is not None and value is not None and tb is not None:
|
|
|
|
for volume in self.vm.volumes.values():
|
|
|
|
try:
|
|
|
|
pool = self.vm.storage.get_pool(volume)
|
|
|
|
pool.remove(volume)
|
|
|
|
except Exception: # pylint: disable=broad-except
|
|
|
|
pass
|
|
|
|
os.rmdir(self.vm.dir_path)
|