Merge remote-tracking branch 'origin/core3-quick-fixes-20170703'

Makefile

@@ -138,6 +138,7 @@ ifeq ($(OS),Linux)
 	$(MAKE) install -C linux/system-config
 endif
 	$(PYTHON) setup.py install -O1 --skip-build --root $(DESTDIR)
+	ln -s qvm-device $(DESTDIR)/usr/bin/qvm-block
 	ln -s qvm-device $(DESTDIR)/usr/bin/qvm-pci
 	ln -s qvm-device $(DESTDIR)/usr/bin/qvm-usb
 #	$(MAKE) install -C tests

qubes/devices.py

@@ -272,8 +272,17 @@ class DeviceCollection(object):
         attached persistently.
         '''
 
-        devices = self._vm.fire_event('device-list-attached:' + self._bus,
-            persistent=persistent)
+        try:
+            devices = self._vm.fire_event('device-list-attached:' + self._bus,
+                persistent=persistent)
+        except Exception as e:  # pylint: disable=broad-except
+            self._vm.log.exception(e, 'Failed to list {} devices'.format(
+                self._bus))
+            if persistent is True:
+                # don't break app.save()
+                return self._set
+            else:
+                raise
         result = set()
         for dev, options in devices:
             if dev in self._set and not persistent:

qubes/tests/__init__.py

@@ -53,6 +53,7 @@ import pkg_resources
 
 import qubes.api
 import qubes.api.admin
+import qubes.api.internal
 import qubes.backup
 import qubes.config
 import qubes.devices

qubes/tests/devices_block.py

@@ -345,7 +345,6 @@ class TC_00_Block(qubes.tests.QubesTestCase):
             '    <driver name="phy" />\n'
             '    <source dev="/dev/sda" />\n'
             '        <target dev="xvdi" />\n'
-            '\n'
             '    <backenddomain name="sys-usb" />\n'
             '</disk>')
         vm.libvirt_domain.attachDevice.assert_called_once_with(device_xml)
@@ -366,7 +365,6 @@ class TC_00_Block(qubes.tests.QubesTestCase):
             '    <driver name="phy" />\n'
             '    <source dev="/dev/sda" />\n'
             '        <target dev="xvdj" />\n'
-            '\n'
             '    <backenddomain name="sys-usb" />\n'
             '</disk>')
         vm.libvirt_domain.attachDevice.assert_called_once_with(device_xml)
@@ -387,7 +385,7 @@ class TC_00_Block(qubes.tests.QubesTestCase):
             '    <driver name="phy" />\n'
             '    <source dev="/dev/sda" />\n'
             '        <target dev="xvdi" />\n'
-            '        <readonly />\n\n'
+            '        <readonly />\n'
             '    <backenddomain name="sys-usb" />\n'
             '</disk>')
         vm.libvirt_domain.attachDevice.assert_called_once_with(device_xml)
@@ -462,7 +460,7 @@ class TC_00_Block(qubes.tests.QubesTestCase):
             '    <driver name="phy" />\n'
             '    <source dev="/dev/sda" />\n'
             '        <target dev="xvdi" />\n'
-            '        <readonly />\n\n'
+            '        <readonly />\n'
             '    <backenddomain name="sys-usb" />\n'
             '</disk>')
         vm.libvirt_domain.attachDevice.assert_called_once_with(device_xml)
@@ -479,7 +477,7 @@ class TC_00_Block(qubes.tests.QubesTestCase):
             '    <driver name="phy" />\n'
             '    <source dev="/dev/sda" />\n'
             '        <target dev="xvdi" />\n'
-            '        <readonly />\n\n'
+            '        <readonly />\n'
             '    <backenddomain name="sys-usb" />\n'
             '</disk>')
         vm = TestVM({}, domain_xml=domain_xml_template.format(device_xml))

qubes/vm/adminvm.py

@@ -53,6 +53,7 @@ class AdminVM(qubes.vm.BaseVM):
         super().__init__(*args, **kwargs)
 
         self._qdb_connection = None
+        self._libvirt_domain = None
 
     def __str__(self):
         return self.name
@@ -76,12 +77,14 @@ class AdminVM(qubes.vm.BaseVM):
 
     @property
     def libvirt_domain(self):
-        '''Always :py:obj:`None`.
+        '''Libvirt object for dom0.
 
         .. seealso:
            :py:attr:`qubes.vm.qubesvm.QubesVM.libvirt_domain`
         '''
-        return None
+        if self._libvirt_domain is None:
+            self._libvirt_domain = self.app.vmm.libvirt_conn.lookupByID(0)
+        return self._libvirt_domain
 
     @staticmethod
     def is_running():

templates/libvirt/devices/block.xml

@@ -12,5 +12,7 @@
         <readonly />
     {%- endif %}
 
+    {%- if device.backend_domain.name != 'dom0' %}
     <backenddomain name="{{ device.backend_domain.name }}" />
+    {%- endif %}
 </disk>

templates/libvirt/xen.xml

@@ -10,6 +10,15 @@
         <currentMemory unit="MiB">{{ vm.memory }}</currentMemory>
         <vcpu placement="static">{{ vm.vcpus }}</vcpu>
     {% endblock %}
+    {% block cpu %}
+        <cpu mode='host-passthrough'>
+            <!-- disable nested HVM -->
+            <feature name='vmx' policy='disable'/>
+            <feature name='svm' policy='disable'/>
+            <!-- disable SMAP inside VM, because of Linux bug -->
+            <feature name='smap' policy='disable'/>
+        </cpu>
+    {% endblock %}
     <os>
         {% block os %}
             {% if vm.hvm %}