Commit Graph

53 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
880c190587
systemd: prevent killing VM-daemons on service restart/stop
Kill only main qubesd process, not all the control group (which include
all qrexec-daemon and qubesdb-daemon processes).
2017-05-18 11:11:18 +02:00
Marek Marczykowski-Górecki
207d497bfe
Remove block-cleaner-daemon
This service currently does more harm (desync libvirt state with
reality) than good. Since we have qubesd, we may come back to
implementing it properly using libvirt events.
2017-05-17 01:33:30 +02:00
Marek Marczykowski-Górecki
eaf5c27b27
Merge branch 'core3-devel'
This concludes over two years of rewriting Qubes' core.
Thank God it's now merged to master. --@woju

QubesOS/qubes-issues#1825
2017-05-12 19:59:14 +02:00
Marek Marczykowski-Górecki
81162a699b
Remove unused helper scripts 2017-05-12 18:43:35 +02:00
Marek Marczykowski-Górecki
2e7f483a60
Remove old pvusb handling code 2017-05-12 18:43:35 +02:00
Marek Marczykowski-Górecki
8992e71f85
Remove core2 code
This all either have been migrated to core3, or is not needed anymore.

There is still qvm-tools directory with a few tools that needs to be
migrated, or installed as is.
2017-05-12 18:36:29 +02:00
Marek Marczykowski-Górecki
a3da85bfda
qubespolicy: run GUI code inside user session and expose it as dbus object
This way it will work independently from where qrexec-policy tool will
be called (in most cases - from a system service, as root).
This is also very similar architecture to what we'll need when moving to
GUI domain - there GUI part will also be separated from policy
evaluation logic.

QubesOS/qubes-issues#910
2017-04-07 17:07:30 +02:00
M. Vefa Bicakci
5e2bd5ea64
qubes-core.service: Do not shut down/reboot before all VMs have shut down
Prior to this commit, the qubes-core.service inherited systemd's default
timeout value of 90 seconds. With slow hard disk drives, this caused the
dom0 shut-down sequence to proceed even if some VMs were still not fully
shut down at the time of dom0 shut down.

This commit aims to avoid this issue by setting the service stop timeout to
180 seconds.

Signed-off-by: M. Vefa Bicakci <m.v.b@runbox.com>
2017-03-16 12:11:14 +01:00
Marek Marczykowski-Górecki
c5a8135fdb
fix misplaced comment 2017-02-27 02:37:51 +01:00
Marek Marczykowski-Górecki
b89689e278
storage: implement two-layers of dm-snapshot in block-snapshot script
Have dm-snapshot of dm-snapshot. The first layer is to "cache" changes
done by base volume holder (TemplateVM in case of root.img), the second
layer is to hold changes do by snapshot volume holder (AppVM in case of
root.img). In case of Linux VMs the second layer is normally done inside
of VM (original volume is exposed read-only). But this does not work for
non-Linux VMs, orr even Linux but without qubes-specific startup
scripts.

This is first part of the change - actual construction of two layers of
dm-snapshot, not plugged in to core scripts yet.

QubesOS/qubes-issues#2256
2017-02-14 23:59:07 +01:00
Wojtek Porczyk
0be3b1fbb1 qubes/tools/qubesd: initial version 2017-02-07 17:07:53 +01:00
Marek Marczykowski-Górecki
28475f7214
systemd: adjust qubes-prefs options
As the service is called as root, it needs --force-root.

QubesOS/qubes-issues#2412
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
d954bb82a3
block-snapshot: set qubes.xml path for test VMs
Since it is running with totally different environment, QUBES_XML_PATH
isn't passed from test runner. Apply heuristic based on VM name.
2016-08-09 05:14:11 +02:00
Marek Marczykowski-Górecki
3ff7281e97
systemd: don't setup xenstore dom0 entries
Should be done by xen-init-dom0 upstream service.
2016-08-08 01:18:26 +02:00
Marek Marczykowski-Górecki
4e022382a5
Merge remote-tracking branch 'origin/master' into core3-devel 2016-08-08 00:11:46 +02:00
Marek Marczykowski-Górecki
2908992741
prepare-volatile-img.sh: create volatile.img group accessible
Otherwise qvm-create-default-dvm may fail to include it in
saved-cows.tar, which will lead to DispVM being not really disposable.

Fixes QubesOS/qubes-issues#2200
2016-08-07 16:07:30 +02:00
HW42
09b49feea6
prepare-volatile-img.sh: don't run as root
This is no longer necessary since volatile.img is formated inside the
VM. This also fixes DispVM creation if the user sets a restrictive umask
for root. Maybe related to #2200.
2016-08-07 00:41:59 +02:00
Wojtek Porczyk
9eafa57539 Merge remote-tracking branch 'marmarek/master' into core3-devel
The following list is bollocks. There were many, many more.

Conflicts:
    core-modules/003QubesTemplateVm.py
    core-modules/005QubesNetVm.py
    core/qubes.py
    core/storage/__init__.py
    core/storage/xen.py
    doc/qvm-tools/qvm-pci.rst
    doc/qvm-tools/qvm-prefs.rst
    qubes/tools/qmemmand.py
    qvm-tools/qvm-create
    qvm-tools/qvm-prefs
    qvm-tools/qvm-start
    tests/__init__.py
    vm-config/xen-vm-template-hvm.xml

This commit took 2 days (26-27.01.2016) and put our friendship to test.
    --Wojtek and Marek
2016-03-03 01:13:51 +01:00
Marek Marczykowski-Górecki
169eac6412
systemd: do not fail qubes-vm@ service when the VM is already running
Fixes QubesOS/qubes-issues#1528
2015-12-26 11:34:40 +01:00
Marek Marczykowski-Górecki
a30e8d1f33
systemd: fix starting VMs _before_ allowing user login
systemd-user-sessions.service is specicically for that, do not use hack
(plymouth-quit.service), which doesn't work when the service is
disabled.

Fixes QubesOS/qubes-issues#1250
2015-12-23 19:08:01 +01:00
Marek Marczykowski-Górecki
de275cc917
core: leave volatile.img structure creation for the VM
This is already handled by a script in initramfs.

Fixes QubesOS/qubes-issues#1308
2015-11-25 01:35:04 +01:00
Marek Marczykowski-Górecki
bae493d015
Kill remaining qubesdb-daemon instances after shutting down all the VMs
It may happen (especially when VM doesn't close cleanly and needs to be
killed) that qubesdb-daemon will not notice VM shutdown immediately.
Normally it would stop after 60s timeout, but speed it up in case of
system shutdown

QubesOS/qubes-issues#1425
2015-11-15 02:06:19 +01:00
Marek Marczykowski-Górecki
46cbb4a133
Prevent stopping xenconsoled before shutting down all the VMs
Otherwise still running VMs will hang, consuming 100% CPU.

QubesOS/qubes-issues#1425
2015-11-14 23:29:21 +01:00
Marek Marczykowski-Górecki
06f5922da6
Adjust dom0 sched-credit weight based on default libvirt value for VMs
While default value for VMs is normally 256, libvirt set it to
(hardcoded) 1000. So adjust dom0 accordingly.

Fixes QubesOS/qubes-issues#1404
2015-11-11 04:30:01 +01:00
Wojtek Porczyk
c538d536c8 core3: move qmemman
This is part of fixing qvm-start.

qmemman was moved with minimal touching, mainly module names.

Moved function parsing human-readable sizes from core2. This function is
wrong, because it treats k/M/G as 1024-based, but leave it for now.
2015-10-05 12:46:14 +02:00
Marek Marczykowski-Górecki
d27d22a3cf
Merge remote-tracking branch 'qubesos/pr/5'
* qubesos/pr/5:
  fix VM autostart race condition

Fixes qubesos/qubes-issues#1075

Conflicts:
	linux/aux-tools/prepare-volatile-img.sh
2015-08-01 22:04:18 +02:00
Marek Marczykowski-Górecki
c4a28a943a
prepare-volatile-img: ensure that /usr/sbin in in the PATH
Build environment of LiveUSB does not contain /usr/sbin in path.
2015-08-01 22:02:07 +02:00
Marek Marczykowski-Górecki
90393c33f2
core: add offline mode to qvm-create, qvm-prefs
This is required to create VMs in process of building Live system, where
libvirt isn't running.

Additionally there is no udev in the build environment, so needs to
manually create /dev/loop*p* based on sysfs info.
2015-08-01 21:58:38 +02:00
Marek Marczykowski-Górecki
c9a670cbd1 linux/block-snapshot: fix handling root.img being already block device 2015-05-27 23:52:57 +02:00
Marek Marczykowski-Górecki
2856b6a836 Wait for udev to create loopXpY device when preparing volatile.img 2015-05-13 04:12:42 +02:00
Marek Marczykowski-Górecki
48945a9d37 linux/systemd: prevent user login before VMs autostart
When user logins, login script will try to connect all guid to all the
running VMs. If VMs are still booting at this stage, will never
automatically get its guid (until user tries to start some program
there). This can for example lead to lack of nm-applet icon.
2015-04-12 03:11:03 +02:00
Marek Marczykowski-Górecki
d76bd0ad1d Use partitioned loop device instead of device-mapper to prepare volatile.img
There was a lot problems with device-mapper, at least it asynchronous
creation, races with udev, problems with cleanup.
2015-04-03 11:24:37 +02:00
Marek Marczykowski-Górecki
98ab523da4 Wait for udev to process all the events during volatile.img preparation
Otherwise it could happen that the device will still be opened by udev,
so can't be freed by kpartx
2015-03-30 21:30:58 +02:00
Marek Marczykowski-Górecki
063e2617d6 Cleanup after failed volatile.img preparation 2015-03-30 16:18:52 +02:00
Marek Marczykowski-Górecki
668a2ac62b linux: set sgid for /var/run/qubes
This is much simpler than ensuring proper group set in every qubes
tool.
2015-03-19 10:31:50 +01:00
Marek Marczykowski-Górecki
bc9e4d1fe5 linux/block-snapshot: improve support for HVM domain
Handle stubdomains (the same device will be removed twice).
Use target domain name instead of stubdomain name for committing
template changes.
2015-02-22 14:44:09 +01:00
Marek Marczykowski-Górecki
fc439edf2f linux/block-snapshot: call qvm-template-commit in offline mode
When called from libvirt->libxl, there is libvirt lock taken on that
domain. Because of that, we can't access libvirt domain, so basically
any runtime information. Without that --offline-mode, script waited on
the lock and then was killed by libxl after a timeout - before actually
committing the changes.
2015-02-22 04:01:18 +01:00
Marek Marczykowski-Górecki
5d9fa977e2 Ensure that qvm-shutdown is called while libvirtd is still running 2015-02-09 03:47:45 +01:00
Marek Marczykowski-Górecki
2554d6aee3 Ensure that qubes-netvm.service is started after libvirtd 2015-02-02 04:49:56 +01:00
Marek Marczykowski-Górecki
c74fda802c Use tmpfile.d to create /var/run subdirs
This way it will be done much earlier, so qubes-db can be started before
qubes-core.service - which will solve startup dependency loop problem.
2015-02-02 04:48:42 +01:00
Marek Marczykowski-Górecki
8d0863d40f storage: Force sync after preparing volatile.img
This makes possible to release d-m partitions devices sooner (so avoid
race with kpartx).
2014-11-19 12:50:28 +01:00
Marek Marczykowski-Górecki
d5cb05fdc6 Move dispvm+qmemman service files to relevant directories
Remove them from global services dir.
2014-11-19 12:50:25 +01:00
Marek Marczykowski-Górecki
0009805041 rpm+makefile: move build/install code to Makefile files
This makes build "scripts" not tied to Fedora-specific files. Especially
ease porting to other platforms.
2014-11-19 12:50:24 +01:00
Marek Marczykowski-Górecki
7484ddfd2b startup-misc: populate local domain id
Apparently libvirt doesn't do it.
2014-11-19 12:50:24 +01:00
Marek Marczykowski
f159f3e168 Use QubesDB instead of Xenstore.
Mostly done. Things still using xenstore/not working at all:
 - DispVM
 - qubesutils.py (especially qvm-block and qvm-usb code)
 - external IP change notification for ProxyVM (should be done via RPC
   service)
2014-11-19 12:48:28 +01:00
Marek Marczykowski
a880483092 Migration to libvirt - core part
Still not all code migrated, added appropriate TODO/FIXME comments.
2014-11-19 12:47:00 +01:00
Marek Marczykowski
4a4fb5e243 qmemman: change process model from forking to single process + sd_notify
Forking daemon after initializing hypervisor connection can cause
problems (and actually does in case of libvirt).
To notify systemd when daemon is ready use notify socket (previously it
was termination of parent process).
2014-11-19 12:47:00 +01:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
6b4c96d195 Improve block devices detection during system startup
Not only refresh the info about mounted devices, but also check for
others - detected before xenstored was running. Because of recent change
in udev rules (adding flock) it shouldn't deadlock now.
2014-01-13 05:00:01 +01:00
Marek Marczykowski-Górecki
bba989e0a6 Move meminfo-writer to linux-utils repo
It is common for both dom0 and VM, and also quite linux-specific
(other OSes will need other implementation). So move to linux-specific
repo (not dom0-specific).
2014-01-05 05:36:50 +01:00