Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

dom0+vm: expose block devices info in xenstore (#226)

Browse Source
This commit is contained in:
Marek Marczykowski 2011-09-29 13:49:52 +02:00
parent 801e113c06
commit 6b885bd361
6 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
common/block_add_change Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
NAME=${DEVNAME#/dev/}
DESC="${ID_MODEL} (${ID_FS_LABEL})"
SIZE=$(cat /sys/$DEVPATH/size)
MODE=w
XS_KEY="qubes-block-devices/$NAME"
# Ignore mounted...
if fgrep -q $DEVNAME /proc/mounts; then
xenstore-rm "$XS_KEY"
exit 0
fi
# ... and used by device-mapper
if [ -n "`ls -A /sys/$DEVPATH/holders 2> /dev/null`" ]; then
xenstore-rm "$XS_KEY"
exit 0
fi
# Special case for CD
if [ "$ID_TYPE" = "cd" ]; then
if [ "$ID_MEDIA_CDROM" != "1" ]; then
# Hide empty cdrom drive
xenstore-rm "$XS_KEY"
exit 0
fi
MODE=r
fi
xenstore-write "$XS_KEY/desc" "$DESC" "$XS_KEY/size" "$SIZE" "$XS_KEY/mode" "$MODE"

5
common/block_remove Executable file
View File

@ -0,0 +1,5 @@
#!/bin/sh
NAME=${DEVNAME#/dev/}
XS_KEY="qubes-block-devices/$NAME"
xenstore-rm "$XS_KEY"

19
common/qubes_block.rules Normal file
View File

@ -0,0 +1,19 @@
# Expose all (except xen-frontend) block devices via xenstore
# Only block devices are interesting
SUBSYSTEM!="block", GOTO="qubes_block_end"
# Skip xen-blkfront devices
ENV{MAJOR}=="202", GOTO="qubes_block_end"
# Skip loop devices
ENV{MAJOR}=="7", GOTO="qubes_block_end"
# Skip device-mapper devices
ENV{MAJOR}=="253", GOTO="qubes_block_end"
ACTION=="add", RUN+="/usr/lib/qubes/block_add_change"
ACTION=="change", RUN+="/usr/lib/qubes/block_add_change"
ACTION=="remove", RUN+="/usr/lib/qubes/block_remove"
LABEL="qubes_block_end"

6
dom0/qvm-core/qubes.py
View File

@ -658,11 +658,17 @@ class QubesVm(object):
"{0}/qubes_secondary_dns".format(domain_path), "{0}/qubes_secondary_dns".format(domain_path),
self.netvm_vm.secondary_dns) self.netvm_vm.secondary_dns)
xs.write('',
"{0}/qubes-block-devices".format(domain_path),
'')
# Fix permissions # Fix permissions
xs.set_permissions('', '{0}/device'.format(domain_path), xs.set_permissions('', '{0}/device'.format(domain_path),
[{ 'dom': xid }]) [{ 'dom': xid }])
xs.set_permissions('', '{0}/memory'.format(domain_path), xs.set_permissions('', '{0}/memory'.format(domain_path),
[{ 'dom': xid }]) [{ 'dom': xid }])
xs.set_permissions('', '{0}/qubes-block-devices'.format(domain_path),
[{ 'dom': xid }])
def get_rootdev(self, source_template=None): def get_rootdev(self, source_template=None):
if self.template_vm: if self.template_vm:

6
rpm_spec/core-commonvm.spec
View File

@ -78,9 +78,12 @@ cp serial.conf $RPM_BUILD_ROOT/var/lib/qubes/
mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d
cp qubes_network.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_network.rules cp qubes_network.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_network.rules
cp qubes_memory.rules $RPM_BUILD_ROOT/etc/udev/rules.d/50-qubes_memory.rules cp qubes_memory.rules $RPM_BUILD_ROOT/etc/udev/rules.d/50-qubes_memory.rules
cp qubes_block.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_block.rules
mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes/ mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes/
cp setup_ip $RPM_BUILD_ROOT/usr/lib/qubes/ cp setup_ip $RPM_BUILD_ROOT/usr/lib/qubes/
cp qubes_download_dom0_updates.sh $RPM_BUILD_ROOT/usr/lib/qubes/ cp qubes_download_dom0_updates.sh $RPM_BUILD_ROOT/usr/lib/qubes/
cp block_add_change $RPM_BUILD_ROOT/usr/lib/qubes/
cp block_remove $RPM_BUILD_ROOT/usr/lib/qubes/
mkdir -p $RPM_BUILD_ROOT/etc/yum/post-actions mkdir -p $RPM_BUILD_ROOT/etc/yum/post-actions
cp qubes_trigger_sync_appmenus.action $RPM_BUILD_ROOT/etc/yum/post-actions/ cp qubes_trigger_sync_appmenus.action $RPM_BUILD_ROOT/etc/yum/post-actions/
mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes
@ -243,9 +246,12 @@ rm -rf $RPM_BUILD_ROOT
/usr/bin/xenstore-watch-qubes /usr/bin/xenstore-watch-qubes
/etc/udev/rules.d/99-qubes_network.rules /etc/udev/rules.d/99-qubes_network.rules
/etc/udev/rules.d/50-qubes_memory.rules /etc/udev/rules.d/50-qubes_memory.rules
/etc/udev/rules.d/99-qubes_block.rules
/etc/sysconfig/modules/qubes_core.modules /etc/sysconfig/modules/qubes_core.modules
/usr/lib/qubes/setup_ip /usr/lib/qubes/setup_ip
/etc/yum/post-actions/qubes_trigger_sync_appmenus.action /etc/yum/post-actions/qubes_trigger_sync_appmenus.action
/usr/lib/qubes/qubes_trigger_sync_appmenus.sh /usr/lib/qubes/qubes_trigger_sync_appmenus.sh
/usr/lib/qubes/qubes_download_dom0_updates.sh /usr/lib/qubes/qubes_download_dom0_updates.sh
/usr/lib/qubes/block_add_change
/usr/lib/qubes/block_remove
/lib/firmware/updates /lib/firmware/updates

8
rpm_spec/core-dom0.spec
View File

@ -74,6 +74,9 @@ cp ../common/vif-route-qubes $RPM_BUILD_ROOT/etc/xen/scripts
cp ../common/block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts cp ../common/block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts
ln -s block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts/block-origin ln -s block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts/block-origin
mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d
cp ../common/qubes_block.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes_block.rules
mkdir -p $RPM_BUILD_ROOT%{python_sitearch}/qubes mkdir -p $RPM_BUILD_ROOT%{python_sitearch}/qubes
cp qvm-core/qubes.py $RPM_BUILD_ROOT%{python_sitearch}/qubes cp qvm-core/qubes.py $RPM_BUILD_ROOT%{python_sitearch}/qubes
cp qvm-core/qubes.py[co] $RPM_BUILD_ROOT%{python_sitearch}/qubes cp qvm-core/qubes.py[co] $RPM_BUILD_ROOT%{python_sitearch}/qubes
@ -99,6 +102,8 @@ cp ../qrexec/qrexec_policy $RPM_BUILD_ROOT/usr/lib/qubes/
cp aux-tools/qfile-dom0-unpacker $RPM_BUILD_ROOT/usr/lib/qubes/ cp aux-tools/qfile-dom0-unpacker $RPM_BUILD_ROOT/usr/lib/qubes/
cp aux-tools/qubes-receive-updates $RPM_BUILD_ROOT/usr/lib/qubes/ cp aux-tools/qubes-receive-updates $RPM_BUILD_ROOT/usr/lib/qubes/
cp aux-tools/keep-dom0-clock-synced $RPM_BUILD_ROOT/usr/lib/qubes/ cp aux-tools/keep-dom0-clock-synced $RPM_BUILD_ROOT/usr/lib/qubes/
cp ../common/block_add_change $RPM_BUILD_ROOT/usr/lib/qubes/
cp ../common/block_remove $RPM_BUILD_ROOT/usr/lib/qubes/
mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc/policy mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc/policy
cp ../appvm/qubes.Filecopy.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.Filecopy cp ../appvm/qubes.Filecopy.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.Filecopy
@ -305,6 +310,8 @@ fi
/usr/lib/qubes/meminfo-writer /usr/lib/qubes/meminfo-writer
/usr/lib/qubes/qfile-daemon-dvm* /usr/lib/qubes/qfile-daemon-dvm*
/usr/lib/qubes/qubes-receive-updates /usr/lib/qubes/qubes-receive-updates
/usr/lib/qubes/block_add_change
/usr/lib/qubes/block_remove
%attr(4750,root,qubes) /usr/lib/qubes/qfile-dom0-unpacker %attr(4750,root,qubes) /usr/lib/qubes/qfile-dom0-unpacker
/usr/lib/qubes/keep-dom0-clock-synced /usr/lib/qubes/keep-dom0-clock-synced
%attr(770,root,qubes) %dir /var/lib/qubes %attr(770,root,qubes) %dir /var/lib/qubes
@ -358,6 +365,7 @@ fi
/etc/sudoers.d/qubes /etc/sudoers.d/qubes
/etc/xdg/autostart/qubes-guid.desktop /etc/xdg/autostart/qubes-guid.desktop
/etc/security/limits.d/99-qubes.conf /etc/security/limits.d/99-qubes.conf
/etc/udev/rules.d/99-qubes_block.rules
/etc/dracut.conf.d/* /etc/dracut.conf.d/*
%dir /usr/share/dracut/modules.d/90qubes-pciback %dir /usr/share/dracut/modules.d/90qubes-pciback
/usr/share/dracut/modules.d/90qubes-pciback/* /usr/share/dracut/modules.d/90qubes-pciback/*