Commit Graph

2216 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
b06f831528
Deprecate property-del:name events and introduce property-reset:name instead
And the same for -pre- events.

The property-del name is really confusing (it makes sense only for those
with deep knowledge of the implementation), because the property isn't
really deleted - it is only reverted to the "default" state (which most
properties have). So, name the event property-reset, intentionally
similar to property-set, as it is also kind of a value change.

Additionally the property-reset event is meant to be called when the
(dynamic) default value changes. Due to the current implementation, it
is a manual process so it can't be guaranteed to be called in all those
cases, but lets try to cover as much as possible.

Fixes QubesOS/qubes-issues#5834
2020-05-23 03:57:42 +02:00
Frédéric Pierret (fepitre)
f06f41d594
Drop initial root thin pool definition
See https://github.com/QubesOS/qubes-core-admin/pull/344#issuecomment-629626978
2020-05-18 14:13:51 +02:00
Marek Marczykowski-Górecki
88c7c66bb9
tests/backup: ignore automatic 'servicevm' feature...
...when verifying old backup restored. It wasn't present in the backup,
but its presence is expected in some cases. Properly setting 'servicevm'
feature is tested elsewhere.
2020-05-16 13:00:40 +02:00
Frédéric Pierret (fepitre)
e4d7df4976
Prevent double hyphens in thin_pool parsing 2020-05-15 15:15:37 +02:00
Frédéric Pierret (fepitre)
71159bfca2
Rename default root thin pool from 'lvm' to 'root'
New partition output split dom0 and VM thin pools

https://github.com/QubesOS/qubes-anaconda-addon/pull/7
QubesOS/qubes-issues#5763
2020-05-12 17:32:07 +02:00
Marek Marczykowski-Górecki
c7d3635972
Merge remote-tracking branch 'origin/pr/342'
* origin/pr/342:
  Added a servicevm feature extension
  Removed unused Qubes Manager extension
  Add vm.icon property
2020-05-11 01:51:52 +02:00
Marek Marczykowski-Górecki
48ae89fe62
Make qubesd connected directly as an socket qrexec service
Remove intermediate qubesd-query-fast proxy process.
This requires changing socket protocol to match what qrexec is sending
in the header.

Fixes QubesOS/qubes-issues#3293
2020-05-11 01:13:15 +02:00
Marta Marczykowska-Górecka
419b4d5968
Added a servicevm feature extension
Used by vm.icon method, at the moment features['servicevm'] is set
when a VM provides_network.
2020-05-10 23:44:48 +02:00
Marek Marczykowski-Górecki
4a56064adb
Merge remote-tracking branch 'origin/pr/341'
* origin/pr/341:
  libvirt xen: Add gfx_passthru and device_video
2020-05-07 04:36:08 +02:00
Marta Marczykowska-Górecka
7241b54868
Removed unused Qubes Manager extension
A fossil from Qubes 3.2 times.
2020-05-05 16:33:45 +02:00
Marta Marczykowska-Górecka
c34b53d83a
Add vm.icon property
This is a property for handling vm icons that change depending on
vm type.
Depends on QubesOS/qubes-artwork#17

references QubesOS/qubes-issues#5767
2020-05-05 16:14:10 +02:00
Marek Marczykowski-Górecki
dbe072b762
ext/admin: fix async/non-async mismatch 2020-04-30 21:22:29 +02:00
Artur Puzio
3e8f5a7a57
libvirt xen: Add gfx_passthru and device_video
Add gfx_passthru and device_video options to libvirt Xen domain template

Signed-off-by: Artur Puzio <contact@puzio.waw.pl>
2020-04-30 16:33:10 +02:00
Marek Marczykowski-Górecki
e5edbc53fd
Merge remote-tracking branch 'origin/pr/332'
* origin/pr/332:
  tests: improve audio tests
  tests: fix qvm-copy-to-vm test
  tests: ensure proper cleanup of auxiliary process
2020-04-10 05:34:56 +02:00
Marek Marczykowski-Górecki
3b963030a6
Merge remote-tracking branch 'origin/pr/331'
* origin/pr/331:
  Fix multiple qmemman issues
2020-04-10 05:34:28 +02:00
Marek Marczykowski-Górecki
46f09f897c
Merge remote-tracking branch 'origin/pr/326'
* origin/pr/326:
  ext/admin: workaround for extension's __init__() called multiple times
  tests: teardown fixes
  travis: include core-qrexec in tests
  api/admin: (ext/admin) limit listing VMs based on qrexec policy
  api/internal: extract get_system_info() function
2020-04-10 05:32:58 +02:00
Marek Marczykowski-Górecki
8420adf973
tests: improve audio tests
- wait for the client be listed in dom0
- report parecord stderr
- allow up to 20ms to be missing, to account for potentially suspended
  device initially
2020-04-09 05:56:12 +02:00
Marek Marczykowski-Górecki
a6efd6a301
Merge remote-tracking branch 'origin/pr/334'
* origin/pr/334:
  collections.Callable -> collections.abc.Callable
2020-04-09 03:28:00 +02:00
Rusty Bird
6605bf406d
collections.Callable -> collections.abc.Callable
"Deprecated since version 3.3, will be removed in version 3.10"
- https://docs.python.org/3/library/collections.html
2020-04-07 21:30:21 +00:00
Rusty Bird
f9538a578d
tests/file: run_until_complete(); coro_maybe() for single arg 2020-04-07 21:04:04 +00:00
Rusty Bird
9122a14f94
tests/file: use self.loop 2020-04-07 21:04:02 +00:00
Marek Marczykowski-Górecki
3066190283
tests: fix qvm-copy-to-vm test
Make the check if remote file wasn't removed meaningful. Previously the
user didn't have permission to remote the source file, so even if the
tool would try, it would fail.
2020-04-01 17:57:12 +02:00
Marek Marczykowski-Górecki
1b7e2a5cbf
tests: ensure proper cleanup of auxiliary process
Various qrexec tests create auxiliary process (service_proc) as a local
variable. In case of test failure, process cleanup isn't called and may
lead to FD leaks and breaking subsequent tests.

Fix this by always saving such process instance in self.service_proc and
cleaning it up in self.tearDown() (this code is already there).

Add also waiting (and in case of timeout - killing) of a service call
process too.
2020-04-01 17:35:57 +02:00
Marek Marczykowski-Górecki
dd50e300c3
Fix multiple qmemman issues
First the main bug: when meminfo xenstore watch fires, in some cases
(just after starting some domain) XS_Watcher refreshes internal list of
domains before processing the event. This is done specifically to
include new domain in there. But the opposite could happen too - the
domain could be destroyed. In this case refres_meminfo() function raises
an exception, which isn't handled and interrupts the whole xenstore
watch loop. This issue is likely to be triggered by killing the domain,
as this way it could disappear shortly after writing updated meminfo
entry. In case of proper shutdown, meminfo-writer is stopped earlier and
do not write updates just before domain destroy.
Fix this by checking if the requested domain is still there just after
refreshing the list.

Then, catch exceptions in xenstore watch handling functions, to not
interrupt xenstore watch loop. If it gets interrupted, qmemman basically
stops memory balancing.

And finally, clear force_refresh_domain_list flag after refreshing the
domain list. That missing line caused domain refresh at every meminfo
change, making it use some more CPU time.

While at it, change "EOF" log message to something a bit more
meaningful.

Thanks @conorsch for capturing valuable logs.

Fixes QubesOS/qubes-issues#4890
2020-04-01 03:46:29 +02:00
Marek Marczykowski-Górecki
b11d6e058b
ext/admin: workaround for extension's __init__() called multiple times
... during tests.
qubes.ext.Extension class is a weird thing that tries to make each extension
a singleton. But this unfortunately have a side effect that __init__()
is called separately for each "instance" (created in Qubes()'s
__init__()), even though this is really the same object. During normal
execution this isn't an issue, because there is just one Qubes() object
instance. But during tests, multiple objects are created.

In this particular case, it caused PolicyCache() to be created twice and
the second one overriden the first one - without properly cleaning it
up. This leaks a file descriptor (inotify one). The fact that cleanup()
was called twice too didn't helped, because it was really called on
the same object, the one requiring cleanup was already gone.

Workaround this by checking if policy_cache field is initialize and
avoid re-initialize it. Also, on Qubes() object cleanup remove that
field, so it can be properly initialized on the next test iteration.
2020-03-31 01:57:22 +02:00
Marek Marczykowski-Górecki
0341cc5258
tests: teardown fixes
Add few missing app.close() calls on test teardown.
Fix socket cleanup in TC_00_QubesDaemonProtocol() - not only close the
FD, but also unregister it from asyncio event loop.
2020-03-28 03:23:29 +01:00
Marek Marczykowski-Górecki
3f96c72ee3
api/admin: (ext/admin) limit listing VMs based on qrexec policy
Various Admin API calls, when directed at dom0, retrieve global system
view instead of a specific VM. This applies to admin.vm.List (called at
dom0 retrieve full VM list) and admin.Events (called at dom0 listen for
events of all the VMs). This makes it tricky to configure a management
VM with access to limited set of VMs only, because many tools require
ability to list VMs, and that would return full list.

Fix this issue by adding a filter to admin.vm.List and admin.Events
calls (using event handlers in AdminExtension) that filters the output
using qrexec policy. This version evaluates policy for each VM or event
(but loads only once). If the performance will be an issue, it can be
optimized later.

Fixes QubesOS/qubes-issues#5509
2020-03-28 03:23:28 +01:00
Marek Marczykowski-Górecki
8f0ec59f95
Merge remote-tracking branch 'origin/pr/330'
* origin/pr/330:
  gui: fixes from Marek's comments
  gui: improvements of feature keyboard layout checks
  tests: adapt tests for keyboard-layout
  gui: drop legacy qubes-keyboard support
2020-03-18 14:34:22 +01:00
Frédéric Pierret (fepitre)
577e4b24a6
gui: fixes from Marek's comments 2020-03-18 14:17:04 +01:00
Frédéric Pierret (fepitre)
f130ec0bf3
gui: improvements of feature keyboard layout checks 2020-03-18 09:46:21 +01:00
Frédéric Pierret (fepitre)
5cb0e61a84
tests: adapt tests for keyboard-layout 2020-03-18 09:17:37 +01:00
Frédéric Pierret (fepitre)
732e291ab6
gui: drop legacy qubes-keyboard support
Add check for keyboard-layout feature set
2020-03-18 09:17:37 +01:00
Marek Marczykowski-Górecki
29020d0c53
Merge branch 'feature-pre-set'
* feature-pre-set:
  Add pre- events to vm features
2020-03-17 19:26:53 +01:00
Marek Marczykowski-Górecki
d05592ba52
Add pre- events to vm features
Allow extensions to validate feature values, before it is set.
2020-03-17 18:46:12 +01:00
Marek Marczykowski-Górecki
ddc13d6b62
Merge remote-tracking branch 'origin/pr/329'
* origin/pr/329:
  tests: make PEP8 happier
  tests: fix already registered event impl
2020-03-17 12:07:18 +01:00
Frédéric Pierret (fepitre)
d8f80c9687
tests: make PEP8 happier 2020-03-16 23:22:36 +01:00
Frédéric Pierret (fepitre)
40156c3e78
tests: fix already registered event impl 2020-03-16 23:21:15 +01:00
Marek Marczykowski-Górecki
f62a861140
tests: fix test_053_qrexec_vm_service_eof_reverse
and not mark it as expected failure anymore. Note the removal of the
expected failure isn't just about the changes here, but also about the
actual fix on the qrexec side (ffafd01 "Fix not closed file descriptors in
qubes-rpc-multiplexer" commit in core-qrexec repository).
2020-03-15 02:55:18 +01:00
Marek Marczykowski-Górecki
5423ead27a
tests/vm_qrexec_gui: do not swallow stderr on failure
QubesVM.run_for_stdio() by default captures stderr. In case of call fail
(non-zero return code), captured stderr is included in the exception
object, but isn't printed by default CalledProcessError message.
Make it visible by:
 - handling CalledProcessError and including in the test failure message
   (when exception is captured already)
 - not capturing stderr (if no exception handling is present in the
   test)
2020-03-14 03:43:22 +01:00
Marek Marczykowski-Górecki
d033457f3d
tests: adjust for qrexec-client-vm exit code
It now consistently returns remote exit code, not a local one.
Check 'cat' exit code instead.
2020-03-14 03:43:17 +01:00
Marek Marczykowski-Górecki
7a750ea9c8
tests: QubesVM.run_for_stdio 2020-03-10 11:56:48 +01:00
Marek Marczykowski-Górecki
9ec86f3c41
Workaround different behaviour of asyncio's Process.communicate()
In asyncio's Process.communicate() input=None does not close stdin.
Workaround it by using b'' instead of None.

https://bugs.python.org/issue39744
2020-03-10 11:56:48 +01:00
Marek Marczykowski-Górecki
3ce4e5eaa5
tests: adjust SystemTestCase.create_remote_file to create executables
The main use case for this function is to create qrexec services in VMs.
Since qrexec now require service scripts to be executable, make
create_remote_file() adjust permissions.
2020-03-10 11:56:47 +01:00
Marek Marczykowski-Górecki
2460adbdef
tests: socket-based qrexec services
QubesOS/qubes-issues#3912
2020-03-10 11:56:47 +01:00
Marek Marczykowski-Górecki
3f5fb0de9e
tests: hide git output when checking local checkout 2020-03-10 11:56:47 +01:00
Marek Marczykowski-Górecki
534de9bc1c
tests: fix cleanup before test
If any test-* VMs remains from previous test run, there are removed
before test. self.app doesn't exist at this point, so don't require it
in self.remove_vms().
2020-03-10 11:56:47 +01:00
Marek Marczykowski-Górecki
879ee9e7d6
api/internal: extract get_system_info() function
This will be useful in other places too.

QubesOS/qubes-issues#5099
2020-03-09 19:25:10 +01:00
Marek Marczykowski-Górecki
135eda0582
Merge remote-tracking branch 'origin/pr/320'
* origin/pr/320:
  storage/lvm: don't try to resize non-existing lvm volumes
  storage/lvm: update volume.size attribute on resize
2020-03-09 18:34:49 +01:00
M. Vefa Bicakci
5d755eb065
tests: Add a test case for QubesVM.is_fully_usable
This commit adds a test case for the QubesVM class's is_fully_usable
method. The verified scenarios are as follows:

* The VM has qrexec enabled, and the qrexec service has been
  successfully started.
  (The VM becomes "fully usable" in this case.)

* The VM has qrexec enabled, and the qrexec service has failed to start
  (Error handling case; the VM is *not* fully usable.)

* The VM does *not* have qrexec enabled.
  (The VM becomes "fully usable" in this case.)
2020-03-09 00:22:51 -04:00
M. Vefa Bicakci
2d55841a5e
qubesvm: Let HVMs enter 'Running' state
Prior to this commit, a properly configured Linux HVM would not
transition from the 'Transient' state to the 'Running' state according
to qvm-ls output, even if the HVM in question had the 'qrexec' feature
disabled.

This issue is caused by an unconditional qrexec check in the
'on_domain_is_fully_usable' method, and is resolved by adding
a check that short-circuits the qrexec check if the aforementioned
feature is not enabled for the VM in question.
2020-03-08 22:39:16 -04:00
M. Vefa Bicakci
d81d6a9267
qubes module: Typo fix
This commit fixes a typo, where the exception type DontSave was used,
even though the name of the function dontsave was intended.
2020-03-08 22:39:16 -04:00
Marek Marczykowski-Górecki
16bdeea2c0
Merge remote-tracking branch 'origin/pr/295'
* origin/pr/295:
  tests: fix tag name in audiovm test
  tests: ensure notin while setting Audio/Gui VM
  gui: add checks for changing/removing guivm
  audio: add checks for changing/removing audiovm
  audio/gui: use simply vm.tags instead of list()
  tests: fix tests for gui/audio vm
  Make pylint happy
  gui/audio: fixes from Marek's comments
  Allow AudioVM to be ran after any attached qubes
  Allow GuiVM to be ran after any attached qubes
  xid: ensure vm is not running
  tests: fix missing default audiovm and guivm tags
  gui, audio: better handling of start/stop guivm/audiovm
  gui, audio: ensure guivm and audiovm tag are set
  Support for AudioVM
2020-03-09 01:48:01 +01:00
Marek Marczykowski-Górecki
36e9afe1ff
Merge branch 'tests20200301'
* tests20200301:
  tests/salt: don't depend on initial tags set
  tests: make audio tests less racy
2020-03-09 01:45:58 +01:00
Marek Marczykowski-Górecki
4cfc423d5e
tests: fix tag name in audiovm test 2020-03-09 01:11:58 +01:00
Marek Marczykowski-Górecki
84ec49e98d
Merge remote-tracking branch 'origin/pr/322'
* origin/pr/322:
  Ensure empty service value delete /var/run/qubes-service/ file
  services: fixes from Marek's comments
  config: fix mistake in path for services
  tests: add/remove services in dom0
  config: specify dom0 services path
  services: handle dom0 write permission errors
  services: handle /var/run/qubes/'SERVICE NAME' for dom0
  services: make PEP8 happier
2020-03-09 00:37:44 +01:00
Frédéric Pierret (fepitre)
a61bb9a0cb
Ensure empty service value delete /var/run/qubes-service/ file
- Add tests and stop patch path from Marek's comment
2020-03-08 23:08:48 +01:00
Frédéric Pierret (fepitre)
532d9a3a98
tests: ensure notin while setting Audio/Gui VM 2020-03-08 22:59:46 +01:00
Frédéric Pierret (fepitre)
90584c487a
gui: add checks for changing/removing guivm 2020-03-08 17:07:29 +01:00
Frédéric Pierret (fepitre)
c36ad38eb3
audio: add checks for changing/removing audiovm 2020-03-08 17:07:29 +01:00
Frédéric Pierret (fepitre)
9051aff15a
audio/gui: use simply vm.tags instead of list() 2020-03-08 17:07:29 +01:00
Frédéric Pierret (fepitre)
4b5ae0833b
tests: fix tests for gui/audio vm 2020-03-08 17:07:24 +01:00
Frédéric Pierret (fepitre)
43786e1478
Make pylint happy
- Drop unused 'asyncio'
- Drop useless 'else' after return
2020-03-08 17:05:34 +01:00
Frédéric Pierret (fepitre)
7506482d08
gui/audio: fixes from Marek's comments 2020-03-08 17:05:34 +01:00
Frédéric Pierret (fepitre)
660c224914
Allow AudioVM to be ran after any attached qubes 2020-03-08 17:05:34 +01:00
Frédéric Pierret (fepitre)
edfb251413
Allow GuiVM to be ran after any attached qubes 2020-03-08 17:05:34 +01:00
Frédéric Pierret (fepitre)
3f4ee9f8d9
xid: ensure vm is not running 2020-03-08 17:05:34 +01:00
Frédéric Pierret (fepitre)
820500a367
tests: fix missing default audiovm and guivm tags 2020-03-08 17:05:33 +01:00
Frédéric Pierret (fepitre)
a1752ef265
gui, audio: better handling of start/stop guivm/audiovm 2020-03-08 17:05:33 +01:00
Frédéric Pierret (fepitre)
8f67334c4f
gui, audio: ensure guivm and audiovm tag are set 2020-03-08 17:05:33 +01:00
Frédéric Pierret (fepitre)
795ff1233a
Support for AudioVM 2020-03-08 17:05:33 +01:00
Marek Marczykowski-Górecki
b569f5a2b0
tests/firewall: update future time to be really in the future
Mar 4 2020 is no longer future, move it much more into the future.
2020-03-08 16:35:39 +01:00
Frédéric Pierret (fepitre)
bdc3c6588b
services: fixes from Marek's comments 2020-03-08 09:51:30 +01:00
Frédéric Pierret (fepitre)
31c098d1bd
config: fix mistake in path for services 2020-03-08 09:47:09 +01:00
Marek Marczykowski-Górecki
283d251387
Merge remote-tracking branch 'origin/pr/319'
* origin/pr/319:
  gui: set xkb_layout manually
  tests: handle legacy layout
  gui: no check in subprocess.run
  gui: handle legacy keymap setting /qubes-keyboard
2020-03-08 01:29:21 +01:00
Marek Marczykowski-Górecki
6874c7fece
tests/salt: don't depend on initial tags set
Some extensions may add tags at VM creation (guivm-*, audiovm-*). Take
this into account when calculating expected tags.
2020-03-01 22:36:54 +01:00
Marek Marczykowski-Górecki
ec88796129
tests: make audio tests less racy
Wait specifically for pulseaudio to start in the VM, instead of just
waiting few seconds.
Also, improve failure message to distinguish total lack of audio from
just missing few samples.
2020-03-01 22:36:54 +01:00
Marek Marczykowski-Górecki
34e6c2ff34
Merge remote-tracking branch 'origin/pr/323'
* origin/pr/323:
  Add guivm to internal.GetSystemInfo
2020-03-01 03:51:24 +01:00
Paweł Marczewski
941b7f16a0
Add guivm to internal.GetSystemInfo
Needed to move qrexec-policy-agent out to a separate GuiVM.
2020-02-27 18:20:48 +01:00
Frédéric Pierret (fepitre)
a67b8f35ba
gui: set xkb_layout manually 2020-02-25 11:34:02 +01:00
Frédéric Pierret (fepitre)
9a6ff177ce
tests: add/remove services in dom0 2020-02-20 23:07:49 +01:00
Frédéric Pierret (fepitre)
0b8e5400a3
config: specify dom0 services path 2020-02-20 15:56:48 +01:00
Frédéric Pierret (fepitre)
a7e7166f7a
services: handle dom0 write permission errors 2020-02-20 15:55:04 +01:00
Frédéric Pierret (fepitre)
d0a8b49cc9
services: handle /var/run/qubes/'SERVICE NAME' for dom0 2020-02-20 15:55:04 +01:00
Frédéric Pierret (fepitre)
6f2f57caea
services: make PEP8 happier 2020-02-20 15:55:03 +01:00
Marek Marczykowski-Górecki
2f4b42e5cd
Merge remote-tracking branch 'origin/pr/318'
* origin/pr/318:
  Pass network parameters to linux-stubdom

Fixes QubesOS/qubes-issues#5022
2020-02-17 03:56:45 +01:00
Rusty Bird
e8a7a6c82c
qubes/config: reindent varlibqubes pool; add a blank line 2020-02-15 18:33:18 +00:00
Rusty Bird
d527e01136
Remove more core2 code 2020-02-15 17:48:32 +00:00
Rusty Bird
8e581108b7
Remove pylint pragma working around very old false positive 2020-02-15 17:33:35 +00:00
Rusty Bird
1f71a06aed
Remove python2 compat __future__ imports 2020-02-15 17:33:34 +00:00
Frédéric Pierret (fepitre)
65238c187f
tests: handle legacy layout 2020-02-13 22:46:52 +01:00
Frédéric Pierret (fepitre)
2e1290eec1
gui: no check in subprocess.run 2020-02-13 22:31:33 +01:00
Marek Marczykowski-Górecki
86881afeef
storage/lvm: don't try to resize non-existing lvm volumes
Volume with save_on_stop=False and snap_on_start=False exists only when
VM is running and this is already handled under is_dirty() condition.
For non-running VMs, skip LVM resize step and only update internal size
attribute.

Fixes QubesOS/qubes-issues#5645
2020-02-12 21:57:34 +01:00
Marek Marczykowski-Górecki
6b474e39f6
storage/lvm: update volume.size attribute on resize
When volume is resized, underlying LVM is adjusted if exists. For
persistent volumes it is enough, as generally the driver prefers
underlying LVM size than internal attribute. But volatile volume is
removed at vm shutdown, so that value is lost.

Fix it by updating Volume.size attribute too, to be updated in qubes.xml
later too.

Fixes QubesOS/qubes-issues#5645
2020-02-12 21:44:16 +01:00
Frédéric Pierret (fepitre)
dbacd07b43
gui: handle legacy keymap setting /qubes-keyboard 2020-02-10 14:42:30 +01:00
Marek Marczykowski-Górecki
c332de9653
Merge remote-tracking branch 'origin/pr/312'
* origin/pr/312:
  Added handling for 'force' option in vm shutdown
2020-02-06 23:31:43 +01:00
Marek Marczykowski-Górecki
f59fd3d474
Merge remote-tracking branch 'origin/pr/316'
* origin/pr/316:
  storage/reflink: trivial style tweaks
  storage/reflink: comment on _get_size() use in start()
  storage/reflink: don't bother using _get_size() in create()
  storage/reflink: delete all images at beginning of create()
  storage/reflink: get VM dir from less arbitrary-looking path
  storage/reflink: factor out _remove_all_images()
  storage/reflink: _remove_incomplete_{files -> images}()
  storage/reflink: omit redundant comment
2020-02-06 23:29:08 +01:00
Rusty Bird
ada27ee431
storage/reflink: trivial style tweaks
Avoid early return for short and not deeply nested functions.
2020-02-05 17:26:44 +00:00
Rusty Bird
21971d6d0a
storage/reflink: comment on _get_size() use in start() 2020-02-05 17:26:43 +00:00
Marta Marczykowska-Górecka
284fbe1d44
Added handling for 'force' option in vm shutdown
To be more precise: just allowed using it, as the option was
actually implemented previously.

references QubesOS/qubes-issues#5591
2020-01-29 22:12:49 +01:00
Pawel Marczewski
1d1cc10211
Pass network parameters to linux-stubdom
See QubesOS/qubes-issues#5022.
2020-01-29 09:45:05 +01:00
marmot1791
d7b90f92e0 Correct comments in to match current code behavior 2020-01-28 23:02:43 +00:00
Rusty Bird
749ce477df
storage/reflink: don't bother using _get_size() in create()
Only the nominal size is available at this point.
2020-01-28 13:40:15 +00:00
Rusty Bird
6659ed8d39
storage/reflink: delete all images at beginning of create()
Ensure that there are no leftover image files for the volume, e.g. from
an unsuccessful removal of a previous incarnation of this vid, or from
an messily restored pool filesystem backup. We don't want to preserve
any stale data (revisions) or metadata (size) in the new incarnation.
2020-01-28 13:40:14 +00:00
Rusty Bird
56f6a6ef65
storage/reflink: get VM dir from less arbitrary-looking path 2020-01-28 13:40:13 +00:00
Rusty Bird
12d882b355
storage/reflink: factor out _remove_all_images() 2020-01-28 13:40:11 +00:00
Rusty Bird
8f4c90c37a
storage/reflink: _remove_incomplete_{files -> images}() 2020-01-28 13:40:10 +00:00
Rusty Bird
9c9d71c069
storage/reflink: omit redundant comment
The is_dirty() one-liner is defined right above.
2020-01-28 13:40:09 +00:00
Pawel Marczewski
e8baf2a157
Remove leftovers from QubesVM.run_for_stdio() refactoring
We no longer use qubes.VMShell there.
2020-01-24 16:59:42 +01:00
Pawel Marczewski
08d83fb241
Support qubes.VMExec call
The feature is advertised by core-agent so that it can be used
instead of VMShell.

See QubesOS/qubes-issues#4850.
2020-01-24 16:57:13 +01:00
Marek Marczykowski-Górecki
0a66a0c7dd
Merge remote-tracking branch 'origin/pr/313'
* origin/pr/313:
  Fix overlapping block device names
2020-01-24 01:43:33 +01:00
Marek Marczykowski-Górecki
869f963335
Merge remote-tracking branch 'origin/pr/311'
* origin/pr/311:
  Add a test for loading volume config from XML
  Fix ThinVolume.size initialization from string
2020-01-24 01:38:16 +01:00
Marek Marczykowski-Górecki
edf5977b23
Merge remote-tracking branch 'origin/pr/309'
* origin/pr/309:
  import: check exact size of copied data
  Implement new admin.vm.ImportWithSize API call

Fixes QubesOS/qubes-issues#5239
2020-01-24 01:35:00 +01:00
Pawel Marczewski
fe72fe1681
Fix overlapping block device names
This was caused by a change in Jinja template engine that breaks
assignments like {% set i = i + 1 %} in a loop.

Jinja 2.10 introduces a "namespace" object for this use case, but
unfortunately dom0-fc25 uses 2.8.1.

See:

https://github.com/pallets/jinja/issues/641
https://github.com/pallets/jinja/pull/684

Fixes QubesOS/qubes-issues#5551.
2020-01-23 11:27:05 +01:00
Pawel Marczewski
66abc69a33
Add a test for loading volume config from XML 2020-01-23 10:42:26 +01:00
Pawel Marczewski
49f2c1b78d
Fix ThinVolume.size initialization from string
The size config parameter might be a string coming from XML.
The Volume base class handles the conversion to integer already.

Fixes QubesOS/qubes-issues#5219.
2020-01-23 10:39:47 +01:00
Pawel Marczewski
e9b97e42b1
import: check exact size of copied data
The import will error out if there is not enough data, or too
much data provided.
2020-01-23 09:48:58 +01:00
Pawel Marczewski
63ac952803
Implement new admin.vm.ImportWithSize API call
This should allow importing a volume and changing the size at the
same time, without performing the resize operation on original
volume first.

The internal API has been renamed to internal.vm.volume.ImportBegin
to avoid confusion, and for symmetry with ImportEnd.

See QubesOS/qubes-issues#5239.
2020-01-23 09:47:22 +01:00
Marek Marczykowski-Górecki
88037ff289
Merge remote-tracking branch 'origin/pr/310'
* origin/pr/310:
  storage/reflink: fix comment
  storage/reflink: bail out early on most FICLONE errnos
  storage/reflink: pool.setup_check -> pool._setup_check
2020-01-23 04:50:14 +01:00
Marek Marczykowski-Górecki
29f84d5105
Merge remote-tracking branch 'origin/pr/308'
* origin/pr/308:
  Move devices check to on_domain_pre_deleted
  Prevent removing VM if it provides devices in persistent mode
2020-01-23 04:32:39 +01:00
Pawel Marczewski
f1ff6c26d8
Move devices check to on_domain_pre_deleted 2020-01-21 15:35:30 +01:00
Rusty Bird
d54e4b0c6e
storage/reflink: fix comment 2020-01-17 16:45:29 +00:00
Rusty Bird
ba662d2819
storage/reflink: bail out early on most FICLONE errnos
Don't fall back on 'cp' if the FICLONE ioctl gives an errno that's not
plausibly reflink specific, because in such a case any fallback could
theoretically mask real but intermittent system/storage errors.

Looking through ioctl_ficlone(2) and the kernel source, it should be
sufficient to do the fallback only on EBADF/EINVAL/EOPNOTSUPP/EXDEV.
(EISDIR/ETXTBSY don't apply to this storage driver, which will never
legitimately attempt to reflink a directory or an active - in the
storage domain - swap file.)
2020-01-17 15:56:51 +00:00
Rusty Bird
90f25890cf
storage/reflink: pool.setup_check -> pool._setup_check 2020-01-17 15:56:50 +00:00
Marek Marczykowski-Górecki
8dda66d693
tests: fix key generation for dom0 updates tests
gpg2 requires explicit `%no-protection`, otherwise tries to
interactively (through gpg-agent) prompt for the passphrase.
2020-01-17 04:50:31 +01:00
Pawel Marczewski
b09a137b26
Prevent removing VM if it provides devices in persistent mode
Fixes QubesOS/qubes-issues#5136.
2020-01-16 11:13:07 +01:00
Marek Marczykowski-Górecki
309dd11b1d
Merge remote-tracking branch 'origin/pr/307'
* origin/pr/307:
  Implement missing get_cputime() in AdminVM
  Add admin.vm.CurrentState method
2020-01-16 04:12:42 +01:00
Marek Marczykowski-Górecki
161f139f98
Merge remote-tracking branch 'origin/pr/305'
* origin/pr/305:
  Test file copy hang when target machine qrexec is disabled
2020-01-16 04:05:09 +01:00
Marek Marczykowski-Górecki
0c08305f1a
Merge remote-tracking branch 'origin/pr/303'
* origin/pr/303:
  Update tests after adding /connected-ips
  Also reload /connected-ips on firewall change / domain spawn
  Also store /connected-ips6 for machines that have IPv6 addresses
  Don't try to write to qubesdb of an offline VM
  Maintain a list of connected machine IPs in qubesdb
2020-01-16 04:03:44 +01:00
Marek Marczykowski-Górecki
e6aa35fcdf
Merge branch 'tests-leaks'
* tests-leaks:
  ext/pci: handle 'qubes-close' event
  tests: allow extensions to cleanup objects references
2020-01-16 04:00:59 +01:00
Marek Marczykowski-Górecki
51adb434d1
tests: FileVolume.resize()
QubesOS/qubes-issues#5518
2020-01-16 01:38:14 +01:00
Pawel Marczewski
44dc35e972
Implement missing get_cputime() in AdminVM 2020-01-15 16:37:57 +01:00
Pawel Marczewski
62735d9696
Add admin.vm.CurrentState method
For all the transient values that should not be treated as
real properties. To be used in core-admin-client.
2020-01-15 16:06:08 +01:00
Pawel Marczewski
e69bdc5efa
Test file copy hang when target machine qrexec is disabled
See QubesOS/qubes-issues#5347.

Fix in QubesOS/qubes-core-qrexec#15.
2020-01-14 15:07:42 +01:00
Marek Marczykowski-Górecki
74e956e1f1
ext/pci: handle 'qubes-close' event
Move cache cleanup to 'qubes-close' event handler, instead of doing it
specifically in tests.
2020-01-11 03:54:30 +01:00
Marek Marczykowski-Górecki
a89d3f0cae
tests: allow extensions to cleanup objects references
Extension objects are singletons and normally do not require any special
cleanup. But in case of tests, we try to remove all the qubes objects
between tests and the cache in usb extension makes it hard.
Add a 'qubes-close' event that extensions can handle to remove extra
references stored in extension objects themselves.
2020-01-11 01:22:30 +01:00
Pawel Marczewski
70c862fe73
Update tests after adding /connected-ips 2020-01-09 16:41:14 +01:00
Pawel Marczewski
4d8fd0253b
Also reload /connected-ips on firewall change / domain spawn
There are scenarios where it turns out to be necessary, such as
enabling IPv6 on a machine causing it to acquire an IPv6 address.
2020-01-09 16:25:25 +01:00
Pawel Marczewski
40f372ee5f
Also store /connected-ips6 for machines that have IPv6 addresses 2020-01-09 16:18:07 +01:00
Pawel Marczewski
6bf230cf4d
Don't try to write to qubesdb of an offline VM 2020-01-09 12:37:43 +01:00
Pawel Marczewski
7597a50b20
Maintain a list of connected machine IPs in qubesdb
Necessary for anti-spoofing, see QubesOS/qubes-issues#5540.
2020-01-09 12:23:04 +01:00
Marek Marczykowski-Górecki
d181c0f354
storage/file: fix resize
Fixes QubesOS/qubes-issues#5518
2019-12-14 15:48:49 +01:00
Marta Marczykowska-Górecka
35fa733a67
Fixed Exceptions inferiting from KeyError
Due to strangeness of KeyError (it overrrides __str__ method) in some
cases exceptions received superflous quotation marks when inheriting
from it.

fixes QubesOS/qubes-issues#5106
2019-12-09 21:02:24 +01:00
Marek Marczykowski-Górecki
7cb46e6929
Merge remote-tracking branch 'origin/pr/298'
* origin/pr/298:
  tests/network: let xl devd bring the interfaces up
  tests/network: improve error reporting
  api/admin: implement *.property.GetAll methods
  Avoid resetting clocksync service of just enabled clockvm
  doc/tests: extend qubes-specific quirks in tests
  tests: add include and exclude lists for extra tests loader
2019-12-07 05:04:42 +01:00
Marek Marczykowski-Górecki
8965e9a8e4
tests/network: let xl devd bring the interfaces up
xl devd doesn't use startup notify, so when the service is started
(according to systemd) it may still be initializing interfaces. Add a
little sleep for that.
2019-12-05 23:31:15 +01:00
Marek Marczykowski-Górecki
ffa1a40e6e
tests/network: improve error reporting
Include stdout/stderr of failed command during netvm setup.
2019-12-05 23:31:15 +01:00
Marek Marczykowski-Górecki
10f99e5c4a
api/admin: implement *.property.GetAll methods
Allow getting all the VM properties with one call. This greatly improve
performance of an applications retrieving many/all of them (qvm-ls,
qubes manager etc)

QubesOS/qubes-issues#5415
Fixes QubesOS/qubes-issues#3293
2019-12-05 23:31:14 +01:00
Rusty Bird
87081d6ee3
storage/reflink: _cleanup() -> _remove_incomplete_files()
"cleanup" sounds related to the concept of a volume being "dirty" - but
it's unrelated. Rename it for clarity.
2019-12-03 18:21:55 +00:00
Rusty Bird
d7478d128b
storage/reflink: document hardcoded sizeof(int) for FICLONE
One alternative would look like

    import ctypes
    sizeof_int = ctypes.sizeof(ctypes.c_int)
    FICLONE = (1073741824 % 256**sizeof_int) | 37897 | (sizeof_int << 16)

but, even if the above really(?) is a 100% correct Python port of

    $ echo FICLONE | cpp -include linux/fs.h | tail -n 1

it still seems more likely that the ctypes package is somehow buggy
somewhere than for Qubes storage to run on an exotic architecture with
non 32 bit ints (in the foreseeable future).

So just document the baked in assumption.
2019-12-03 18:21:54 +00:00
Rusty Bird
3f0286220c
storage/reflink: simplify _replace_file() comment 2019-12-03 18:21:52 +00:00
Rusty Bird
9d5deffb13
storage/reflink: open in binary mode for loopdev resize ioctl
The default (= text) mode for a loop device which contains a VM image
looked weird, even though it didn't make a difference here because the
dev_io object was never actually read from.
2019-12-03 18:21:51 +00:00
Rusty Bird
4cd9e42416
storage/reflink: use a conditional expression 2019-12-03 18:21:50 +00:00
Marek Marczykowski-Górecki
5d77cf2298
Avoid resetting clocksync service of just enabled clockvm
When setting global clockvm property, 'clocksync' service is
automatically added to the new value and then removed from the old one.
But if the new value is the same as the old one, the service gets
removed from the just set new value.
Check for this case explicitly.

Fixes QubesOS/qubes-issues#4939
2019-11-30 05:20:08 +01:00
Marek Marczykowski-Górecki
7c18b187de
tests: add include and exclude lists for extra tests loader
'extra' tests run is getting ridiculously long. Allow splitting it into
several jobs. Since this appears as just one class from the test loader
perspective, implement it as environment variables:
 - QUBES_TEST_EXTRA_INCLUDE - load just selected tests
 - QUBES_TEST_EXTRA_EXCLUDE - skip selected tests (to select "the rest"
   tests)
2019-11-30 04:35:18 +01:00
Marek Marczykowski-Górecki
fd8e89c546
Merge remote-tracking branch 'origin/pr/297'
* origin/pr/297:
  doc: remove useless _static generated by sphinx
  cleanup-dispvms: fix python shebang
  spec: fix missing dependency
  Fix Sphinx 2 new API for Fedora 31+
  doc: Make PEP8 happier
  qmemmand: separate SystemState init xc and xs to a 'init' method
  doc: drop moved elsewhere components
2019-11-27 02:12:37 +01:00
Frédéric Pierret (fepitre)
be1c193e3c
Fix Sphinx 2 new API for Fedora 31+ 2019-11-22 21:39:31 +01:00
Frédéric Pierret (fepitre)
b4177cf7d2
doc: Make PEP8 happier 2019-11-22 21:39:30 +01:00
Frédéric Pierret (fepitre)
0d20639cc1
qmemmand: separate SystemState init xc and xs to a 'init' method
It prevents any connection to xen when initiallizing the class
notably in doc build generation.
2019-11-22 21:38:27 +01:00
Marek Marczykowski-Górecki
6c7af109e5
ext/block: prefer connecting cdrom as xvdd
Only first 4 disks can be emulated as IDE disks by QEMU. Specifically,
CDROM must be one of those first 4 disks, otherwise it will be
ignored. This is especially important if one wants to boot the VM from
that CDROM.
Since xvdd normally is a kernel-related volume (boot image, modules) it
makes perfect sense to re-use it for CDROM. It is either set for kernel
volume (in which case, VM should boot from it and not the CDROM), or
(possibly bootable) CDROM.

This needs to be done in two places:
 - BlockExtension for dynamic attach
 - libvirt xen.xml - for before-boot attach

In theory the latter would be enough, but it would be quite confusing
that device will get different options depending on when it's attached
(in addition to whether the kernel is set - introduced here).

This all also means, xvdd not always is a "system disk". Adjust listing
connected disks accordingly.
2019-11-19 14:03:21 +01:00
Marek Marczykowski-Górecki
9bf0cce11e
tests: extend mock objects in QubesVM tests
- allow TestQubesDB to be populated with initial data
- support list() method
- allow to register pre-created VM instance (useful for AdminVM, which
        don't accept setting qid)
2019-11-18 23:45:02 +01:00
Frédéric Pierret (fepitre)
e092b40350
tests: make PEP8 happier 2019-11-17 01:54:27 +01:00
Frédéric Pierret (fepitre)
3a6ed2d0cd
tests: fix test with not None default_guivm 2019-11-17 01:48:20 +01:00
Frédéric Pierret (fepitre)
85edf511cb
default_guivm: set to dom0 due to migration R4.0->R4.1 problems 2019-11-16 13:04:42 +01:00
Marta Marczykowska-Górecka
783832adde
Correct inconsistent behavior on unavailable usage data
fixes QubesOS/qubes-issues#5463
2019-11-15 20:01:43 +01:00
Marek Marczykowski-Górecki
ba105e89c6
Merge branch 'devel20191029' 2019-11-12 23:11:30 +01:00
Marek Marczykowski-Górecki
7de9f3e078
tests: is_iommu_supported function
QubesOS/qubes-issues#4689
2019-11-12 22:45:30 +01:00
Marek Marczykowski-Górecki
c79e91d59d
Merge remote-tracking branch 'origin/pr/292'
* origin/pr/292:
  Throw BackupAlreadyRunningError when backup is already running
2019-11-12 22:26:53 +01:00
Marta Marczykowska-Górecka
7a4455bbfa
Throw BackupAlreadyRunningError when backup is already running
Instead of generic PermissionDenied.

requires https://github.com/QubesOS/qubes-core-admin-client/pull/115
references QubesOS/qubes-issues#5432
2019-11-11 19:16:03 +01:00
Frédéric Pierret (fepitre)
2ccdd4ee8e
gui: make pylint happy 2019-11-11 11:27:40 +01:00
Marek Marczykowski-Górecki
77cf310c47
storage/kernels: fix listing volumes
Pool.volumes property is implemented in a base class, individual drivers
should provide list_volumes() method as a backend for that property.
Fix this in a LinuxKernel pool.
2019-11-10 01:14:34 +01:00
Marek Marczykowski-Górecki
263f218d40
api/admin: implement admin.pool.volume.List method
Similar to admin.vm.volume.List. There are still other
admin.pool.volume.* methods missing, but lets start with just this one.
Those with both pool name and volume id arguments may need some more
thoughts.
2019-11-09 18:38:56 +01:00
Frédéric Pierret (fepitre)
5f934b43ab
tests: add app guivm tests 2019-11-09 17:06:46 +01:00
Frédéric Pierret (fepitre)
728766d191
default_guivm: fire property-set on default_guivm 2019-11-09 16:10:16 +01:00
Frédéric Pierret (fepitre)
78d0d2cabb
gui: set guivm windows prefix 2019-11-07 18:11:32 +01:00
Marek Marczykowski-Górecki
dd037f4663
storage/file: get volume size from the actual image file size
Don't realy on a volume configuration only, it's easy to miss updating
it. Specifically, import_volume() function didn't updated the size based
on the source volume.
The size that the actual VM sees is based on the
file size, and so is the filesystem inside. Outdated size property can
lead to a data loss if the user perform an action based on a incorrect
assumption - like extending size, which actually will shrink the volume.

Fixes QubesOS/qubes-issues#4821
2019-10-31 21:53:35 +01:00
Marek Marczykowski-Górecki
598d059c57
tests: check if storage driver adjust the size on import_volume/clone
Regression test for QubesOS/qubes-issues#4821
2019-10-31 01:17:26 +01:00
Marek Marczykowski-Górecki
5908ab1568
app: fix get_free_xen_memory function
It's app.vmm.xc, not app.xc. Since nobody have noticed it, this function
might be unused...
2019-10-30 15:46:11 +01:00
Marek Marczykowski-Górecki
361550c621
vm: improve error message about missing IOMMU
Handle this case specifically, as way too many users ignore the message
during installation and complain it doesn't work later.

Name the problem explicitly, instead of pointing at libvirt error log.

Fixes QubesOS/qubes-issues#4689
2019-10-30 15:45:52 +01:00
Marek Marczykowski-Górecki
8603571cbc
tests: skip networking tests for minimal templates
Minimal templates don't have networking packages installed by default.
2019-10-28 03:30:49 +01:00
Marek Marczykowski-Górecki
4dac995089
Merge branch 'start-logging'
* start-logging:
  vm: log startup errors in every case
2019-10-23 13:50:25 +02:00
Marek Marczykowski-Górecki
cc56c6f96a
Merge remote-tracking branch 'origin/pr/278'
* origin/pr/278:
  Added admin.pool.UsageDetails API method
  Add metadata info to LVM AdminAPI
2019-10-23 04:36:49 +02:00
Marta Marczykowska-Górecka
2f6497e48d
Added admin.pool.UsageDetails API method
admin.pool.UsageDetails reports the usage data, unlike
admin.pool.Info, which should report the config/unchangeable data.
At the moment admin.Pool.Info still reports usage, to maintain
compatibility, but once all relevant tools are updated,
it should just return configuration data.
2019-10-23 03:04:30 +02:00
Marta Marczykowska-Górecka
04a215fb83
Add metadata info to LVM AdminAPI
Added usage_details method to Pool class
(returns a dictionary with detailed information
on pool usage) and LVM implementation that returns
metadata info.
Needed for QubesOS/qubes-issues#5053
2019-10-22 17:29:01 +02:00
Marek Marczykowski-Górecki
5cc453f097
vm: remove dead (commented out) code
default_user property was re-implemented, remove dead version.
2019-10-22 16:44:02 +02:00
Marek Marczykowski-Górecki
656e36f1ee
Merge remote-tracking branch 'origin/pr/287'
* origin/pr/287:
  app: fix docstrings PEP8 refactor
  tests: remove iptables_header content in test_622_qdb_keyboard_layout
  tests: add test for guivm and keyboard_layout
  gui: simplify setting guivm xid and keyboard layout
  Make pylint happier
  gui: set keyboard layout from feature
  Handle GuiVM properties
  Make PEP8 happier
2019-10-22 14:10:56 +02:00
Frédéric Pierret (fepitre)
7c8556891c
app: fix docstrings PEP8 refactor 2019-10-22 09:26:25 +02:00
Frédéric Pierret (fepitre)
5ee97f4eeb
tests: remove iptables_header content in test_622_qdb_keyboard_layout 2019-10-22 09:26:03 +02:00
Frédéric Pierret (fepitre)
e667639914
tests: add test for guivm and keyboard_layout 2019-10-20 17:36:06 +02:00
Frédéric Pierret (fepitre)
5ee2f5d889
gui: simplify setting guivm xid and keyboard layout 2019-10-20 17:35:43 +02:00
Frédéric Pierret (fepitre)
d2d1ffb806
Make pylint happier 2019-10-20 16:40:40 +02:00
Frédéric Pierret (fepitre)
9734921d9c
gui: set keyboard layout from feature 2019-10-20 13:22:31 +02:00
Frédéric Pierret (fepitre)
27aad9bd38
Handle GuiVM properties 2019-10-20 13:22:31 +02:00
Frédéric Pierret (fepitre)
a52cb6bb91
Make PEP8 happier 2019-10-20 13:22:29 +02:00
Marek Marczykowski-Górecki
a1dabfefa0
tests: fix network re-attach tests
On slow systems (OpenQA), 5s isn't enough. Instead of hardcoding some
timeout, simply wait for the full VM startup.
2019-10-13 05:58:50 +02:00
Marek Marczykowski-Górecki
f0ae8c0454
tests: fix a fix for too short delay in 201_shutdown_event_race test
It's _domain_stopped_lock, not startup_lock.
2019-10-13 05:58:19 +02:00
Marek Marczykowski-Górecki
d5b0a6e5b6
vm: log startup errors in every case 2019-10-10 19:41:02 +02:00
Marek Marczykowski-Górecki
51af2ed27c
vm: add domain-shutdown-failed event
Similar to domain-start-failed, add an event fired when
domain-pre-shutdown was fired but the actual operation failed.
Note it might not catch all the cases, as shutdown() may be called with
wait=False, which means it won't wait fot the actual shutdown. In that
case, timeout won't result in domain-shutdown-failed event.

QubesOS/qubes-issues#5380
2019-10-08 23:35:24 +02:00
Marek Marczykowski-Górecki
0300e895f2
Fix domain-start-failed event documentation. 2019-10-08 23:35:18 +02:00
Marek Marczykowski-Górecki
cc1ac0b859
tests: log stderr of paplay command 2019-09-29 06:43:34 +02:00
Marek Marczykowski-Górecki
7def96c248
tests: register syslog logger, log test start
Move this functionality from our custom runner (qubes.tests.run),
into base test class. This is very useful for correlating logs, so lets
have it with nose2 runner too.
2019-09-29 06:43:34 +02:00
Marek Marczykowski-Górecki
e0e0c7eaf9
tests: remove VM under startup_lock
Prevent starting a VM while it's being removed. Something could try to
start a VM just after it's being killer but before removing it (Whonix
example from previous commit is real-life case). The window specifically
is between kill() call and removing it from collection
(`del app.domains[vm.qid]`). Grab a startup_lock for the whole operation
to prevent it.
2019-09-29 06:14:21 +02:00
Marek Marczykowski-Górecki
732231efb0
vm: refuse to start a VM not present in a collection
Check early (but after grabbing a startup_lock) if VM isn't just
removed. This could happen if someone grabs its reference from other
places (netvm of something else?) or just before removing it.
This commit makes the simple removal from the collection (done as the
first step in admin.vm.Remove implementation) efficient way to block
further VM startups, without introducing extra properties.

For this to be effective, removing from the collection, needs to happen
with the startup_lock held. Modify admin.vm.Remove accordingly.
2019-09-29 06:14:21 +02:00
Marek Marczykowski-Górecki
6cfda328bf
tests: add workaround for Whonix re-starting VMs
Workaround for https://phabricator.whonix.org/T930
For now, unregister all the VMs to be killed manually.
2019-09-29 06:14:21 +02:00
Marek Marczykowski-Górecki
34e2f3a322
tests: fix sorting kernel version
Debian now has 4.9 and 4.19 kernels installed, so `sort -n` sorts them
wrong.
2019-09-27 16:29:21 +02:00
Marek Marczykowski-Górecki
5fa75d73be
Make pylint happy 2019-09-27 16:29:20 +02:00
Marek Marczykowski-Górecki
eb39f69882
api: improve handling destination removed just before the call
There are cases when destination domain doesn't exist when the call gets
to qubesd. Namely:
 1. The call comes from dom0, which bypasses qrexec policy
 2. Domain was removed between checking the policy and here
Handle the the same way as if the domain wouldn't exist at policy
evaluation stage either - i.e. refuse the call.

On the client side it doesn't change much, but on the server call it
avoids ugly, useless tracebacks in system journal.

Fixes QubesOS/qubes-issues#5105
2019-09-27 16:29:20 +02:00
Marek Marczykowski-Górecki
8ecf00bd0e
tests: add helpful decorator to wait before test cleanup
Allow to manual inspect test environment after test fails. This is
similar to --do-not-clean option we had in R3.2.

The decorator should be used only while debugging and should never be
applied to the code committed into repository.
2019-09-27 16:29:19 +02:00
Marek Marczykowski-Górecki
4fa45dbc91
tests: fix (hopefully) too short delay in 201_shutdown_event_race test
Domain shutdown handling may take extended amount of time, especially on
slow machine (all the LVM teardown etc). Take care of it by
synchronizing using vm.startup_lock, instead of increasing constant
delay. This way, the shutdown event handler needs to be started within
3s, not finish in this time.
2019-09-27 16:29:19 +02:00
Marek Marczykowski-Górecki
dfa0626cea
tests: check event handler re-registration after libvirt restart
QubesOS/qubes-issues#5303
2019-09-27 16:29:19 +02:00
Marek Marczykowski-Górecki
8e36a2ac61
app: re-register event handler after libvirt daemon restart
When libvirt daemon is restarted, qubesd attempt to re-connect to the
new instance transparently (through virConnect object wrapper). But the
code lacked re-registering event handlers.
Fix this by adding reconnect callback argument to virConnectWrappper, to
be called after new connection is established. This callback will
additionally get old connection as an argument, if any cleanup is
needed. The old connection is closed just after callback returns.

Use this to re-register event handler, but also unregister old handler
first. While full unregister wont work on since old libvirt daemon
instance is dead already, it will still cleanup client structures.

Since the old libvirt connection is closed now, adjust also domain
reconnection logic, to handle stale connection object. In that case
isAlive() call throws an exception.

Fixes QubesOS/qubes-issues#5303
2019-09-26 01:57:59 +02:00
Marek Marczykowski-Górecki
273238bd2a
tests: fix qrexec abort test
Exit code depends on when exactly the other end was terminated.
2019-09-22 23:30:38 +02:00
Marek Marczykowski-Górecki
784fd966a2
Merge branch 'devel20190819'
* devel20190819:
  tests: make libvirt mockup more robust
  tests: update for not needing custom kernel modules anymore
2019-09-21 02:20:00 +02:00
Marta Marczykowska-Górecka
9d20877a43
Fixed unexpected error on empty default template and incorrect error handling
Qubesd wrongly required default_template global property to be not None.
Furthermore, even without hard failure set, require_property method
raised an exception in case of a property having incorrect None value.
It now logs an error message instead, as designed.

fixes QubesOS/qubes-issues#5326
2019-09-19 20:20:36 +02:00
Marek Marczykowski-Górecki
c5aaf3abd9
tests: make libvirt mockup more robust
If not in offline_mode, return actual mock for libvirt connection object
instead of always raising exception.
2019-09-10 03:34:11 +02:00
Marek Marczykowski-Górecki
05e48748d2
tests: update for not needing custom kernel modules anymore
kernel-devel package isn't needed in VMs anymore.
2019-09-10 03:33:42 +02:00
Marek Marczykowski-Górecki
5d5f102378
Merge remote-tracking branch 'origin/pr/277'
* origin/pr/277:
  admin: add admin.deviceclass.List
  admin: replace single quote to double for docstring
2019-08-08 14:05:00 +02:00
Marek Marczykowski-Górecki
32b0d7df43
Merge remote-tracking branch 'origin/pr/275'
* origin/pr/275:
  api/stats: improve cpu_usage normalization, add cpu_usage_raw
  Use 128k blocks when importing volume data
2019-08-08 14:04:27 +02:00
ejose19
2602df5e19 Fix invalid timezone
This fixes an invalid response generated by get_timezone when the time zones are composed by 3 parts, for example:

America/Argentina/Buenos_Aires
America/Indiana/Indianapolis

Update utils.py
2019-08-06 18:23:00 -03:00
Frédéric Pierret (fepitre)
7ff01b631d
admin: add admin.deviceclass.List
QubesOS/qubes-issues#5213
2019-08-06 11:01:02 +02:00
Frédéric Pierret (fepitre)
7f670614c8
admin: replace single quote to double for docstring 2019-08-06 10:04:30 +02:00
Marek Marczykowski-Górecki
39d64eabc8
api/stats: improve cpu_usage normalization, add cpu_usage_raw
Give raw cpu_time value, instead of normalized one (to number of vcpus),
as documented.
Move the normalization to cpu_usage calculation. At the same time, add
cpu_usage_raw without it, if anyone needs it.

QubesOS/qubes-issues#4531
2019-08-01 04:51:05 +02:00
Brendan Hoar
a5378b5958
Update lvm.py 2019-07-31 19:40:33 -04:00
Marek Marczykowski-Górecki
205f6215b2
Merge remote-tracking branch 'origin/pr/271'
* origin/pr/271:
  Fix too long line
  Prevent 'qubesd' for crashing if any device backend is not available
2019-07-31 17:23:20 +02:00
Marek Marczykowski-Górecki
9e226ab5cf
Merge remote-tracking branch 'origin/pr/273'
* origin/pr/273:
  tests: check importing empty data into ReflinkVolume
  tests: check importing empty data into ThinVolume
  tests: check importing empty data into FileVolume
  tests: improve cleanup after LVM tests
2019-07-31 15:37:13 +02:00
Marek Marczykowski-Górecki
6c8bdfaa4b
Fix too long line 2019-07-31 15:36:03 +02:00
Marek Marczykowski-Górecki
afb0de43d4
tests: check importing empty data into ReflinkVolume
Verify if it really discards old content.

QubesOS/qubes-issues#5192
2019-07-28 22:08:52 +02:00
Marek Marczykowski-Górecki
19186f7840
tests: check importing empty data into ThinVolume
Verify if it really discards old content.

QubesOS/qubes-issues#5192
2019-07-28 22:08:37 +02:00
Marek Marczykowski-Górecki
790c2ad8cb
tests: check importing empty data into FileVolume
Verify if it really discards old content.

QubesOS/qubes-issues#5192
2019-07-28 22:06:30 +02:00
Marek Marczykowski-Górecki
8414d0153f
tests: improve cleanup after LVM tests
Remove test volumes - this way if a test fails, subsequent tests have a
chance to succeed.
2019-07-28 21:41:04 +02:00
Frédéric Pierret (fepitre)
74f8d4531e
Prevent 'qubesd' for crashing if any device backend is not available 2019-07-20 15:27:09 +02:00
Rusty Bird
aa931fdbf7
vm/qubesvm: call storage.remove() *before* removing dir_path
Give the varlibqubes storage pool, which places volume images inside the
VM directory, a chance to remove them (and e.g. to log that).
2019-06-28 10:29:34 +00:00
Rusty Bird
cfa1c7171e
storage: fix typo 2019-06-28 10:29:32 +00:00
Rusty Bird
6e592a56d7
storage/reflink: update comment and whitespace 2019-06-28 10:29:31 +00:00
Rusty Bird
1fe2aff643
storage/reflink: _fsync_path(path_from) in _commit()
During regular VM shutdown, the VM should sync() anyway. (And
admin.vm.volume.Import does fdatasync(), which is also fine.) But let's
be extra careful.
2019-06-28 10:29:30 +00:00
Rusty Bird
df23720e4e
storage/reflink: _fsync_dir() -> _fsync_path()
Make it work when passed a file, too.
2019-06-28 10:29:29 +00:00
Rusty Bird
35b4b915e7
storage/reflink: coroutinize pool setup() 2019-06-28 10:29:27 +00:00
Rusty Bird
1d89acf698
app: setup_pools() must be a coroutine
This is needed as a consequence of d8b6d3ef ("Make add_pool/remove_pool
coroutines, allow Pool.{setup,destroy} as coroutines"), but there hasn't
been any problem so far because no storage driver implemented pool
setup() as a coroutine.
2019-06-28 10:29:26 +00:00
Rusty Bird
5b52d23478
factor out utils.void_coros_maybe() 2019-06-28 10:29:25 +00:00
Rusty Bird
fe97a15d11
factor out utils.coro_maybe() 2019-06-28 10:29:24 +00:00
Marek Marczykowski-Górecki
883d324b6c
Revert "tests: do not use lazy unmount"
Revert to use umount -l in storage tests cleanup. With fixed permissions
in 4234fe51 "tests: fix cleanup after reflink tests", it shouldn't cause
issues anymore, but apparently on some systems test cleanup fails
otherwise.

Reported by @rustybird
This reverts commit b6f77ebfa1.
2019-06-25 05:51:33 +02:00
Rusty Bird
66e44e67de
api/admin: always save after self.dest.storage.resize() 2019-06-23 12:48:01 +00:00
Rusty Bird
2b4b45ead8
storage/reflink: preferably get volume size from image size
There were (at least) five ways for the volume's nominal size and the
volume image file's actual size to desynchronize:

- loading a stale qubes.xml if a crash happened right after resizing the
  image but before saving the updated qubes.xml (-> previously fixed)
- restarting a snap_on_start volume after resizing the volume or its
  source volume (-> previously fixed)
- reverting to a differently sized revision
- importing a volume
- user tinkering with image files

Rather than trying to fix these one by one and hoping that there aren't
any others, override the volume size getter itself to always update from
the image file size. (If the getter is called though the storage API, it
takes the volume lock to avoid clobbering the nominal size when resize()
is running concurrently.)
2019-06-23 12:48:00 +00:00
Rusty Bird
de159a1e1e
storage/reflink: don't run verify() under volume lock 2019-06-23 12:47:59 +00:00
Rusty Bird
4c9c0a88d5
storage/reflink: split @_unblock into @_coroutinized @_locked
And change the volume lock from an asyncio.Lock to a threading.Lock -
locking is now handled before coroutinization.

This will allow the coroutinized resize() and a new *not* coroutinized
size() getter from one of the next commits ("storage/reflink: preferably
get volume size from image size") to both run under the volume lock.
2019-06-23 12:47:58 +00:00
Rusty Bird
ab929baa38
Revert "storage/reflink: update volume size in __init__()"
Fixed more generally in one of the next commits ("storage/reflink:
preferably get volume size from image size").

This reverts commit 9f5d05bfde.
2019-06-23 12:47:57 +00:00
Rusty Bird
58a7e0f158
Revert "storage/reflink: update snap_on_start volume size in start()"
Fixed more generally in one of the next commits ("storage/reflink:
preferably get volume size from image size").

This reverts commit c43df968d5.
2019-06-23 12:47:56 +00:00
Marek Marczykowski-Górecki
fa0ae0c921
Merge remote-tracking branch 'origin/pr/257'
* origin/pr/257:
  tests: AdminVM.run_service*()
  tests: QubesVM.run_service function
  vm/adminvm: add run_service* functions
2019-06-23 03:43:35 +02:00
Marek Marczykowski-Górecki
d5bdb5d5e0
Merge remote-tracking branch 'origin/pr/267'
* origin/pr/267:
  lvm: run blkdiscard before remove
2019-06-23 03:26:30 +02:00
Christopher Laprise
62e3d57120
lvm: run blkdiscard before remove
issue #5077
2019-06-21 18:40:03 -04:00
Marek Marczykowski-Górecki
c468b29490
tests: AdminVM.run_service*() 2019-06-21 20:45:38 +02:00
Marek Marczykowski-Górecki
e352fc25d7
tests: QubesVM.run_service function 2019-06-21 20:45:38 +02:00