Make AppVM/DispVM root volume rw to avoid CoW-on-CoW

2018-02-12 21:20:04 +00:00 · 2018-02-12 21:20:04 +00:00 · 7a75e1090d
commit 7a75e1090d
parent 9b5256f002
4 changed files with 11 additions and 7 deletions
--- a/doc/qubes-storage.rst
+++ b/doc/qubes-storage.rst
@ -9,14 +9,18 @@ possible to register additional 3rd-party drivers.
 Domain's storage volumes:

 - `root` - this is where operating system is installed. The volume is
-   available read-write to :py:class:`~qubes.vm.templatevm.TemplateVM` and
-   :py:class:`~qubes.vm.standalonevm.StandaloneVM`, and read-only to others
-   (:py:class:`~qubes.vm.appvm.AppVM` and :py:class:`~qubes.vm.dispvm.DispVM`).
+   available read-write to all domain classes. It could be made read-only for
+   :py:class:`~qubes.vm.appvm.AppVM` and :py:class:`~qubes.vm.dispvm.DispVM` to
+   implement an untrusted storage domain in the future, but doing so will cause
+   such VMs to set up a device-mapper based copy-on-write layer that redirects
+   writes to the `volatile` volume. Whose storage driver may already do CoW,
+   leading to an inefficient CoW-on-CoW setup. For this reason, `root` is
+   currently read-write in all cases.
 - `private` - this is where domain's data live. The volume is available
   read-write to all domain classes (including :py:class:`~qubes.vm.dispvm.DispVM`,
   but data written there is discarded on domain shutdown).
 - `volatile` - this is used for any data that do not to persist. This include
-   swap, copy-on-write layer for `root` volume etc.
+   swap, copy-on-write layer for a future read-only `root` volume etc.
 - `kernel` - domain boot files - operating system kernel, initial ramdisk,
   kernel modules etc. This volume is provided read-only and should be provided by
   a storage pool respecting :py:attr:`qubes.vm.qubesvm.QubesVM.kernel` property.
--- a/qubes/tests/storage_file.py
+++ b/qubes/tests/storage_file.py
@ -274,7 +274,7 @@ class TC_01_FileVolumes(qubes.tests.QubesTestCase):
        expected = template_dir + '/root.img:' + \
                   template_dir + '/root-cow.img:' + \
                   vm_dir + '/root-cow.img'
-        self.assertVolumePath(vm, 'root', expected, rw=False)
+        self.assertVolumePath(vm, 'root', expected, rw=True)
        expected = vm_dir + '/private.img:' + \
            vm_dir + '/private-cow.img'
        self.assertVolumePath(vm, 'private', expected, rw=True)
--- a/qubes/vm/appvm.py
+++ b/qubes/vm/appvm.py
@ -45,7 +45,7 @@ class AppVM(qubes.vm.qubesvm.QubesVM):
                'name': 'root',
                'snap_on_start': True,
                'save_on_stop': False,
-                'rw': False,
+                'rw': True,
                'source': None,
            },
            'private': {
--- a/qubes/vm/dispvm.py
+++ b/qubes/vm/dispvm.py
@ -47,7 +47,7 @@ class DispVM(qubes.vm.qubesvm.QubesVM):
                'name': 'root',
                'snap_on_start': True,
                'save_on_stop': False,
-                'rw': False,
+                'rw': True,
                'source': None,
            },
            'private': {