Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
6,190 Commits 1 Branch 0 Tags 15 MiB
master
Commit Graph

6190 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rafal Wojtczuk
11abef3439 qmemman: xc.domain_set_target_mem can throw exceptions, too 2010-09-07 13:10:48 +02:00
Rafal Wojtczuk
a013973806 Use vif-route-qubes. 2010-09-06 17:24:12 +02:00
Rafal Wojtczuk
31e7e96056 Switch to routed VM network (instead of bridging) 
No headache from layer 2 attacks.
 2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
64e8013dc2 Unify dom0 and netvm sysconfig/iptables 
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
 2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
22df517425 qmemman: detect domain list change by watching /vm, not /local/domain 
The latter triggers on every memory/meminfo key update, which needlessly
adds xenstore requests.
 2010-09-06 10:46:36 +02:00
Rafal Wojtczuk
1c337db989 qmemman: make meminfo-writer a C program 2010-09-03 16:23:09 +02:00
Rafal Wojtczuk
7dcb7cb196 qmemman: don't use xenapi, use hypercalls to do mem-set 2010-09-03 16:19:48 +02:00
Rafal Wojtczuk
10408d61db qmemman: when low on memory, do not make a VM go below prefmem 
Now the balance() has two different cases: enough memory and low_on_memory.
In the former, distribute memory proportianally; in the former, dont do this, as this
makes a VM go below prefmem.
 2010-09-01 12:40:02 +02:00
Rafal Wojtczuk
80771763cf qmemman: limit total memory transfer, not each one 2010-09-01 10:39:39 +02:00
Rafal Wojtczuk
c66e0848f3 qmemman: limit domain memory to 2G to workaround for xen xml-rpc limitation 
File "/usr/lib64/python2.6/xmlrpclib.py", line 710, in dump_int
    raise OverflowError, "int exceeds XML-RPC limits"
OverflowError: int exceeds XML-RPC limits
How crappy.
 2010-08-31 16:19:01 +02:00
Rafal Wojtczuk
de2619fbed qmemman: wrap xenapi.memset within try/except 
It can fail e.g. when a domain is being shutdown with a pretty
message like
 File "/usr/lib64/python2.6/site-packages/xen/xend/XendDomainInfo.py", line 1322, in setMemoryTarget
    (target * 1024))
Error: (1, 'Operation not permitted')
 2010-08-31 15:53:24 +02:00
Rafal Wojtczuk
eb6755e93c qmemman: fix locking 
We want balance() to wait on a lock even after balloon() has finished,
until socket client has closed.
 2010-08-30 14:50:48 +02:00
Rafal Wojtczuk
2eba4c1c15 I will test before commit. I will test before commit. I will... 2010-08-30 12:01:42 +02:00
Rafal Wojtczuk
f3561b7aad Fix restore completion detection in appvm/qubes_core 2010-08-30 11:43:30 +02:00
Rafal Wojtczuk
62487c0f1e Memory management across VMs, first release 2010-08-30 11:40:19 +02:00
Rafal Wojtczuk
8a022d7904 core.git/dom0/pendrive_swapper/README 2010-08-03 09:03:32 +02:00
Rafal Wojtczuk
cee9d6b4d6 Added comments to nonobvious code fragments 2010-08-03 07:12:59 +02:00
Joanna Rutkowska
8317c2ca18 appvm/qubes_add_pendrive_script: set HOME, and pass -M to mimeopen 2010-07-30 16:01:58 +02:00
Joanna Rutkowska
f4198057f8 appvm/qubes_core: do not set hostname for DispVM 2010-07-30 16:01:15 +02:00
Joanna Rutkowska
4d26334709 dom0/init.d/qubes_core: set Dom0 mem to 1600M 2010-07-30 16:00:18 +02:00
Joanna Rutkowska
557984f4b9 minor ident fixes 2010-07-30 15:59:43 +02:00
Joanna Rutkowska
0f378864fe version 1.2.2 2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
4cf0a61858 Before restoring DVM, check for available xen memory 
As we already do xm mem-set 0 800 in qubes_core, this is a
correct check. Now, there should be no errors from qubes_restore
in normal circumstances.
 2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
a5f11913be xenlinux netvm requires modprobe netbk 2010-07-27 16:08:09 +02:00
Joanna Rutkowska
68903cd9d4 appvm/init.d/qubes_core: a few more comments and cleanup 2010-07-27 12:52:26 +02:00
Joanna Rutkowska
c6cd630acf appvm/init.d/qubes_core: make /home avilable for DispVM template 2010-07-27 12:51:54 +02:00
Joanna Rutkowska
3856f7cdbd qvm-create-default-dvm: use gray label for dvm-template (be consitent with VM template label) 2010-07-27 12:47:18 +02:00
Joanna Rutkowska
0cfa61d681 version 1.2.1 2010-07-21 13:46:44 +02:00
Joanna Rutkowska
56755b2f11 Makefile: call make clean in dom0/restore 2010-07-21 13:46:31 +02:00
Joanna Rutkowska
fd619b605c Merge branch 'dispvm' 2010-07-21 13:26:38 +02:00
Rafal Wojtczuk
b81983f1dc appvm/xorg-preload-apps.conf was missing 2010-07-21 13:21:00 +02:00
Rafal Wojtczuk
b578aab5d5 qubes_prepare_saved_domain.sh: Check exit code of xm save 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
aa894b5700 qvm-create-default-dvm script 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d46bf2a270 Pathnames cleanup 
Move internal scripts to /usr/lib/qubes plus a couple of similar.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
11b8a0409f DVM: execute user script before save 
qubes_prepare_saved_domain.sh now takes optional second argument, the
filename. The content of the file will be copied (via xenstore) to DVM
and executed just before save. This makes it possible to preload memory
with useful apps.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c0f34ba9b DVM: manage savefiles 
Instead of hardcoded savefile name, use a symlink in
/var/run/qubes. Tools should set this symlink to a correct
savefile. Also, test whether the savefile is older than the
template root.img.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
6ee594f972 Update qubes.xml with DVM 
Also, pass correct parameters to DVM's qubes_guid (taken from
qubes.xml).
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
de4ff20448 dvm: dont send back the file if not modified 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
e1320483f9 qfilexchgd: handle 'killme' command 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
2991f20d6b dvm: graceful exit from add_pendrive on error 
If something goes wrong, tell qfileexchgd to kill us, instead of
plain exiting. Works with dropped privs, and lets qfileexchgd
use dvm-debug switch to delay dvm kill.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c122f670e qfilexchgd: pass correct transaction_seq for delayed transaction 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
203b3fd70b dvm: reserve a bit more ram in dom0 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
4398bad1e1 dvm: notify user when opening a document in dvm failed 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
2e927cce68 dvm: correct PATH and permissions 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
c71a1694d2 Make the message about DVM creation failure more verbose 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
a343272481 Make br0 forward traffic delay short 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
726e5808c6 Allow to call "umount" via qubes_penctl 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
55555d8bed Always detach xvdh, even on error 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d93e6dd86b add syslog.h to qubes_restore.c 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
a9047d63be add qvm-dvm.desktop to rpm files section 2010-07-21 12:57:02 +02:00