Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,928 Commits 1 Branch 0 Tags 20 MiB
246de96dcd
Commit Graph

163 Commits

Author SHA1 Message Date
Marek Marczykowski
b8c62c0279 Wrap all VMM connection related object into QubesVMMConnection class 
This makes easier to import right objects in submodules (only one
object). This also implement lazy connection - at first access, not at
module import, which speeds up tools, which doesn't need runtime
information (like qvm-prefs or qvm-service). In the future this will
ease migration from xenstore to QubesDB.

Also implement "offline mode" - operate on qubes.xml without connecting
to VMM - raise exception at such try.
This is needed to run tools during installation, where only minimal
set of services are started, especially no libvirt.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
201cd509e1 QubesDom0NetVm: provide get_mem* 
As libvirt doesn't keep dom0 domain object, so add special cases to get
memory information.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
550d8cac68 Create permanent libvirt domain objects 
Do not recreate them at each startup. This will save some time and also
solve some problems from invalidated libvirt handles after domain
shutdown (e.g. causes qubes-manager crashes).
This requires storing uuid in qubes.xml.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
1fda0502ab Check for invalid XID 2014-11-19 12:48:26 +01:00
Marek Marczykowski
895ca0633d Fix current memory reporting 2014-11-19 12:48:26 +01:00
Marek Marczykowski
4f090cdb5e pass VM name to guid via cmdline 2014-11-19 12:48:26 +01:00
Marek Marczykowski
107ebad9d5 Migration to libvirt - DispVM 
Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from
qubes-restore. As actual restore is handled by libvirt, we don't get
much from separate qubes-restore process.
This code still needs some improvements, especially on performance.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
f44dc40858 Migration to libvirt - HVM 2014-11-19 12:47:00 +01:00
Marek Marczykowski
f3a7d5f6e6 Remove debug_console QubesVm.start() argument 
It isn't working for a long time, so remove it to not confuse reader.
 2014-11-19 12:47:00 +01:00
Marek Marczykowski
a880483092 Migration to libvirt - core part 
Still not all code migrated, added appropriate TODO/FIXME comments.
 2014-11-19 12:47:00 +01:00
Marek Marczykowski-Górecki
aa958eeff6 core: really quiet mode if vm.start() 
Pass '-q' option to gui-daemon and qrexec-daemon.
 2014-10-25 01:45:01 +02:00
Victor Lopez
bf2173073b Linux VM specific: maxmem limited by init mem 
Check maxmem taking into account the minimum init memory that allows
that requested maximum memory.

Explanation:
Linux kernel needs space for memory-related structures created at boot.
If init_mem is just 400MB, then max_mem can't balloon above 4.3GB (at
which poing it yields "add_memory() failed: -17" messages and apps
crash), regardless of the max_mem_size value.

Based on Marek's findings and my tests on a 16GB PC, using several
processes like:
   stress -m 1 --vm-bytes 1g --vm-hang 100

result in the following points:
init_mem  ==> actual max memory
400             4300
700             7554
800             8635
1024            11051
1200            12954
1300            14038
1500            14045 <== probably capped on my 16GB system

The actual ratio of max_mem_size/init_mem is surprisingly constant at
10.79

If less init memory is set than that ratio allows, then the set
maxmem is unreachable and the VM becomes unstable (app crashes)

Based on qubes-devel discussion titled "Qubes Dom0 init memory against
Xen best practices?" at:
https://groups.google.com/d/msg/qubes-devel/VRqkFj1IOtA/UgMgnwfxVSIJ
 2014-10-06 04:02:07 +02:00
Marek Marczykowski-Górecki
ed15e15f50 core: make create_on_disk verbose parameter optional 2014-10-01 03:50:55 +02:00
Marek Marczykowski-Górecki
9ad4e15c66 core: inherit default_user from template 2014-09-16 01:46:41 +02:00
Marek Marczykowski-Górecki
17cf9f7a9b Remove duplicated line 2014-09-16 01:33:40 +02:00
Marek Marczykowski-Górecki
355ed640b2 hvm: reserve memory for stubdom 
Previously it was allocated from 50MB memory margin left by qmemman.
Which wasn't reliable enough.
 2014-09-16 01:18:55 +02:00
Wojciech Zygmunt Porczyk
d7958625c6 core+modules: provide meaingful repr()s for some classes 2014-08-11 16:34:33 +02:00
Marek Marczykowski-Górecki
279dc78a02 core: do not reject already existing VMs with invalid name 
It would break the system when the rules for names change. Warn instead.
 2014-07-28 01:07:02 +02:00
Marek Marczykowski-Górecki
98540ac513 core: reject VM names longer than 31 chars 2014-07-28 01:00:51 +02:00
Wojciech Zygmunt Porczyk
b2162b1af9 Forbid renaming of RPM-borne VMs (mainly templates) (#839) 
User can still clone VM and remove old via rpm/yum.
 2014-06-26 13:55:35 +02:00
Marek Marczykowski-Górecki
44f38fe076 Declare file encoding for all python files, fill missing copyright headers 
Without that, python do not accept UTF-8 even in comments.
 2014-05-18 21:03:27 +02:00
Marek Marczykowski-Górecki
6566d4f57c core: allow clone_attrs() to not fail on errors 
... and continue setting other properties. Currently not used, but can
be considered for backup-restore (to restore as much properties as
possible).
 2014-05-12 19:47:48 +02:00
Marek Marczykowski-Górecki
86bae8d276 core: verify kernel property when its modified 
Do not assume that frontend have verified that setting.
 2014-05-12 19:45:30 +02:00
Marek Marczykowski-Górecki
e5feb3169a core: cleanup remains of failed domain startup (#825) 2014-05-10 21:23:04 +02:00
Wojciech Zygmunt Porczyk
8ef5f4c665 QubesTemplateVm: fire post-rename hooks 2014-05-07 14:15:15 +02:00
Wojciech Zygmunt Porczyk
a63a8069b1 QubesVm: setter hook passes old value 
This is part of #827 bug.
 2014-05-05 22:23:43 +02:00
Wojciech Zygmunt Porczyk
72f74b6b76 QubesVm: add attribute setter hook mechanism 
This is part of #827 bug.
 2014-05-05 16:40:44 +02:00
Marek Marczykowski-Górecki
dfb6b384cb core: fix typo in firewall.xml root element 2014-05-05 05:22:25 +02:00
Marek Marczykowski-Górecki
14f3094036 core: fix resize of root.img for HVM template (#837) 2014-04-29 02:13:16 +02:00
Marek Marczykowski-Górecki
8ac5981fdd Merge remote-tracking branch 'woju/bug-822' 2014-04-28 14:31:29 +02:00
Wojciech Zygmunt Porczyk
8c26f19103 core-modules: remove duplicate get_disk_usage 2014-04-28 13:33:18 +02:00
Wojciech Zygmunt Porczyk
ee059df63e qubesutils.py: get_disk_usage 
get_disk_usage is moved from code-modules and backup.py and rewritten not to
call external du

This commit is part of #822 fix.
 2014-04-24 21:50:12 +02:00
Marek Marczykowski-Górecki
cac866ed1b core: not not fail network reconnect on HVM without qrexec installed 2014-04-24 12:57:41 +02:00
Marek Marczykowski-Górecki
047cbb3443 core: fix tempate HVM creation 2014-04-23 04:17:40 +02:00
Marek Marczykowski-Górecki
113fe3391d core: fix vm.is_outdated() for template-based HVM 
HVM template can't be started while any its VM is running, so VM is
never outdated.
 2014-04-18 01:34:09 +02:00
Marek Marczykowski-Górecki
ca1be8683c core: Fix creation of template-based HVM 2014-04-18 01:23:39 +02:00
Marek Marczykowski-Górecki
1ac3f81848 core: increase default netvm memory to 300MB (#818) 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
f4deddbbdf core: do not run commands on paused VM 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
b17bf72b8a hvm: do not kill stubdom GUI in debug mode 2014-04-16 12:54:24 +02:00
Marek Marczykowski-Górecki
ac7746feed qvm-run: add color output and filtering escape sequences 
This makes VM output clearly distinguishable
 2014-04-15 03:19:48 +02:00
Marek Marczykowski-Górecki
5704b41a45 hvm: seamless_gui_mode setting, including runtime change support (#810) 2014-04-01 01:12:35 +02:00
Marek Marczykowski-Górecki
12d897cd3e hvm: fix startup of HVM without Qubes Tools 
Do not pollute environment of calling process, otherwise all VMs started
from Qubes Manager afterwards will get QREXEC_STARTUP_NOWAIT, which
will cause wait_for_session not working.
 2014-04-01 01:07:57 +02:00
Marek Marczykowski-Górecki
2eaf649eed core: add simple 'run_service' function 2014-04-01 01:07:23 +02:00
Marek Marczykowski-Górecki
72d277c56b core: add QubesVm.get_prefmem (#788) 
Expose 'prefmem' property used by qmemman.
 2014-03-31 03:45:16 +02:00
Marek Marczykowski-Górecki
242590902a firewall: minor improvements 
Do not require ports specified in rule - useful for "any" protocol where
ports doesn't have sense.
 2014-03-28 02:55:35 +01:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
d1fbd9c59d proxyvm: use "conntrack" iptables module instead of deprecated "state" 2014-03-27 17:16:36 +01:00
Marek Marczykowski-Górecki
04f86c7059 core: use functions instead of evals for storing attributes to qubes.xml 2014-03-27 17:15:15 +01:00
Marek Marczykowski-Górecki
e9fe890acb core: rewrite "eval" to "func" attribute handlers 2014-03-26 04:41:28 +01:00
Marek Marczykowski-Górecki
5141aba741 core: support functions instead of evals in attribute config 
eval still supported, but once all the code will be converted to
functions, the support will be removed.
 2014-03-26 04:40:45 +01:00
Marek Marczykowski-Górecki
91428ebaa1 core: method to resize root.img (#699) 2014-03-21 18:43:13 +01:00
Marek Marczykowski-Górecki
9768b38ffc core: handle errors with xenstore access during VM shutdown 
When netvm and firewallvm is shut down, netvm handling code will
try to revoke firewallvm access to external IP. But if netvm shutdown
happens in the meantime, xenstore will throw ENOENT error.
 2014-03-13 18:32:13 +01:00
Marek Marczykowski-Górecki
840dc38730 core: do not mark DispVMs as included in backups 2014-03-10 04:29:59 +01:00
Marek Marczykowski-Górecki
09652cb0f8 core: store date of last backup for each VM 2014-03-10 04:29:14 +01:00
Marek Marczykowski-Górecki
c5e2ba03bd core: notify xenstored about domain resume 
Otherwise it will not fire further domain suspend/death watches against
this domain - so xl will not cleanup the domain.
 2014-03-05 03:39:49 +01:00
Marek Marczykowski-Górecki
f7b43d1f34 hvm: check for qrexec presence 2014-03-01 15:17:41 +01:00
Marek Marczykowski-Górecki
17e0a62a10 hvm: fix drive option parse 2014-03-01 15:17:17 +01:00
Marek Marczykowski-Górecki
9e3cd62d12 hvm: move 'drive' parameter *parsing* to property setter 2014-02-17 00:55:59 +01:00
Marek Marczykowski-Górecki
6fece6347f core: call xl destroy as root 
In case the VM has PCI devices, it need to access sysfs (as root).
 2014-02-16 11:15:06 +01:00
Marek Marczykowski-Górecki
1e2459c210 core: include 'default_user' in cloned attributes 2014-02-10 12:59:46 +01:00
Marek Marczykowski-Górecki
62457da085 Merge branch 'appicons' 2014-02-07 05:52:36 +01:00
Marek Marczykowski-Górecki
86d3e2f4dd core: Do not kill the VM when qrexec connect timed out (#790) 
In such case show an error to the user (via tray notification, not
dialog box!) and leave the VM in "transient" state. The user can wait
some more time for VM startup, check what VM is doing, or kill it
manually.
 2014-02-05 03:31:36 +01:00
Marek Marczykowski-Górecki
f4a2fcc8ae core: remove dead "xm console" code 2014-02-05 03:31:32 +01:00
Marek Marczykowski-Górecki
d25482ad29 Add one more method to get system timezone 
Some programs (like KDE system settings) makes /etc/localtime hardlink
instead of symlink. Handle this case. Hopefully there will be less and
less such applications...
 2014-01-23 02:33:05 +01:00
Marek Marczykowski-Górecki
4ea600c8d3 core/proxyvm: allow TCP traffic to DNS servers 
Some DNS queries requires TCP - namely those with response not fitting
in 512 bytes.
 2014-01-21 04:45:41 +01:00
Marek Marczykowski-Górecki
8dda7cf884 core: improve VM name validation 
Do not allow 'special' names.
 2014-01-21 00:41:01 +01:00
Wojciech Porczyk
962d3da42e
appicons 
labels need to be specified with colour code
also fixed duplicate QubesDispVmLabels
 2014-01-11 00:07:55 +01:00
Marek Marczykowski-Górecki
5f38ff916a hvm: one more fix for start() return value 2013-12-19 13:46:30 +01:00
Marek Marczykowski-Górecki
cdd031cea5 hvm: fix return value of vm.start() 2013-12-17 23:59:05 +01:00
Olivier MEDOC
2576e5000e hvm: copy template private.img during hvm creation if hvm is template based 2013-12-14 03:58:01 +01:00
Marek Marczykowski-Górecki
73c38d8d1c hvm: propagate qrexec/guiagent setting from template 
Do it only in one way - i.e. support the situation where template
doesn't have tools installed, but child VM does.
 2013-12-13 22:47:20 +01:00
Marek Marczykowski-Górecki
e4d6be3a4b hvm: start guid for HVM without guiagent installed 
This is fix for commit "ebf0a27 hvm: start fullscreen guid only if no
guiagent installed or in debug mode"
 2013-12-09 19:10:25 +01:00
Marek Marczykowski-Górecki
ebf0a275a1 hvm: start fullscreen guid only if no guiagent installed or in debug mode 2013-12-06 06:35:30 +01:00
Marek Marczykowski-Górecki
76aa93e94b hvm: start stubdom guid regardless of guiagent_installed (#60 pro) 
Alway start stubdom guid, then if guiagent_installed set - start the
target one and when connects, kill stubdom one. This allow the user to
see startup messages so prevent the impression of hang VM.

Note 1: this doesn't work when VM disables SVGA output (just after
windows boot splash screen).
Note 2: gui-daemon sometimes hangs after receiving SIGTERM (libvchan_wait
during libvchan_close). This looks to be stubdom gui agent problem.
 2013-12-03 06:18:23 +01:00
Marek Marczykowski-Górecki
4ce3acd64d hvm: always use qrexec for clipboard operations 
This is temporary solution until Windows GUI agent will handle
MSG_CLIPBOARD_* commands.

Also fix code style - wrap long lines
 2013-12-02 03:47:49 +01:00
Marek Marczykowski-Górecki
27f6f0e64e Merge branch 'new-backups' 
Conflicts:
	core-modules/000QubesVm.py
 2013-11-29 04:00:58 +01:00
Marek Marczykowski-Górecki
b73970c62d core: rename QubesDom0NetVm to QubesAdminVm 
This is somehow related to #757, but only first (easier) step. Actual
change of QubesAdminVm base class requires somehow more changes, for
example qvm-ls needs to know how to display this type of VM (none of
template, appvm, netvm).

Make this first step change now, because starting with R2Beta3 dom0 will
be stored in qubes.xml (for new backups purposes) so this rename would
be complicated later.
 2013-11-29 03:42:56 +01:00
Marek Marczykowski-Górecki
3c99ac1d07 Performance optimization regarding xenstore access 
Reduce number of xenstore access during checking current domain XID.
 2013-11-26 20:16:10 +01:00
Marek Marczykowski-Górecki
dc55720738 core: QubesTemplateHVm.is_appvm = False 2013-11-25 07:22:21 +01:00
Marek Marczykowski-Górecki
09393734a3 core: refuse to set template for standalone VM 2013-11-25 07:18:01 +01:00
Marek Marczykowski-Górecki
5033b53543 core: split HVM template into separate class 2013-11-25 07:18:01 +01:00
Marek Marczykowski-Górecki
dc6fd3c8f3 core: store dom0 info in qubes.xml 
At least to have there info about its backup.
 2013-11-24 23:50:39 +01:00
Marek Marczykowski-Górecki
1b83e5c687 hvm: default to template's MAC in MAC auto mode (#755) 2013-11-21 14:49:42 +01:00
Marek Marczykowski-Górecki
aeb83d1a45 hvm: do not reset root.img to template state when debug mode enabled 2013-11-21 04:36:53 +01:00
Marek Marczykowski-Górecki
a457b62728 core: more flexible mechanism for template compatibility check 
Using class method allow the users (Qubes Manager at least) to check
for compatibility without having any particular VM instance - useful
while creating the VM.
 2013-11-21 03:42:31 +01:00
Marek Marczykowski-Górecki
efeb284ab1 core: do not call resize2fs on private.img in dom0 
Do not parse VM data (filesystem metadata in this case) in dom0, as this
expose dom0 for potential attack.
 2013-11-21 03:38:12 +01:00
Marek Marczykowski-Górecki
6fddae3b9b Support for autostart VMs (#724) 2013-11-20 02:57:17 +01:00
Marek Marczykowski-Górecki
2005207462 Template support for HVM (#719) 
Any HVM (which isn't already template-based) can be a template for
another HVM. For now do not allow simultaneous run of template and its
VM (this assumption simplify the implementation, as no root-cow.img is
needed).
 2013-11-19 18:42:59 +01:00
Marek Marczykowski-Górecki
4090fdf758 QubesHVm: restore private.img support 2013-11-19 18:35:10 +01:00
Marek Marczykowski-Górecki
1315bdec87 QubesHVm: fix copy&paste error 2013-11-19 18:33:35 +01:00
Marek Marczykowski-Górecki
b3c127091d hvm: check for HVM capability on host when failed to start the VM 2013-11-09 23:48:49 +01:00
Marek Marczykowski-Górecki
a9a8335403 Merge remote-tracking branch 'oliv/master' into new-backups 
Conflicts:
	core/qubesutils.py
	dom0/qvm-core/qubes.py
 2013-11-07 22:41:16 +01:00
Marek Marczykowski-Górecki
c52059a23e core: unify handling dom0 case in --cdrom option 2013-11-01 02:25:22 +01:00
Marek Marczykowski-Górecki
55b4c6b6d1 missing import once again 2013-11-01 02:25:04 +01:00
Marek Marczykowski-Górecki
e2c43d2292 Allow HVM to notify dom0 about tools installation 
HVM can set some xenstore entries (in qubes-tools/ subtree) to pass
informations about installed tools to dom0. qubes.NotifyTools service
triggers update of VM properties (like qrexec_installed).
This way, after installation of Qubes Windows Tools, the user doesn't need
to change any VM settings to use the tools.
 2013-10-28 05:09:54 +01:00
Marek Marczykowski-Górecki
495a24a2e7 core/HVM: always start qrexec daemon 
If not marked as installed, start it in background - waiting for
possible Qubes Tools installation. If that happens, make it possible to
tell the dom0 about that fact.
 2013-10-28 05:08:28 +01:00
Marek Marczykowski-Górecki
3df9719972 core: add missing import 2013-10-27 16:09:16 +01:00
Marek Marczykowski-Górecki
dfe0b18382 core: call ACPI S3 emulation only for VMs with PCI devices 
Actually it looks to be needed only there.
But also another problem: this suspend doesn't work for firewallvm, for
unknown reason.
 2013-10-24 04:10:07 +02:00
Marek Marczykowski-Górecki
149971ae2e core: add methods to trigger ACPI S3 of VM 
Those methods should be called during dom0 suspend/resume.
 2013-10-23 21:56:50 +02:00
Marek Marczykowski
5e0d8c1155 Pass domain name to qrexec daemon 2013-10-18 03:39:02 +02:00