Commit Graph

227 Commits

Author SHA1 Message Date
Marek Marczykowski
d6181d21cf Merge commit 'e2d52a27e810522c41720bb17b1f4f52f1fe2e6a'
Conflicts:
	dom0/qvm-core/qubes.py
	fwvm/init.d/qubes_firewall
2011-03-11 23:32:13 +01:00
Marek Marczykowski
65a758029e Revert "Requiest external_ip permission at start, not create"
This reverts commit 53b8e5aacf.
2011-03-11 23:21:23 +01:00
Tomasz Sterna
dc8325f564 Use DNS IPs in firewall rules 2011-03-11 19:39:26 +01:00
Marek Marczykowski
2a72b293c4 ProxyVM type in qvm-ls 2011-03-11 02:44:11 +01:00
Marek Marczykowski
53b8e5aacf Requiest external_ip permission at start, not create 2011-03-11 02:22:26 +01:00
Marek Marczykowski
344b257d87 Missing coma 2011-03-11 02:12:23 +01:00
Marek Marczykowski
48613fb911 Check if netvm is set for ProxyVM before using it... 2011-03-11 02:11:05 +01:00
Marek Marczykowski
41800eb879 Store default_fw_netvm in qubes.xml 2011-03-11 02:10:51 +01:00
Marek Marczykowski
5c2e676fa1 Set netvm reference only after NetVMs/ProxyVMs load - ProxyVM 2011-03-11 02:00:42 +01:00
Marek Marczykowski
a3d8778841 arameters for add_new_*, variables loaded from qubes.xml
Cow based VMs doesn't have root_img param, but private_img.
2011-03-11 01:59:56 +01:00
Marek Marczykowski
8928e55215 Swap COW for all CowVMs, not only AppVM 2011-03-11 01:55:29 +01:00
Marek Marczykowski
3043a391e0 'templete' typo again 2011-03-11 01:52:09 +01:00
Marek Marczykowski
969b14b5ed qvm-create: support for netvm and proxyvm
Move PCI config from qvm-add-netvm to qvm-core.
Remove qvm-add-netvm as useless when netvm is template-based
2011-03-11 01:48:27 +01:00
Marek Marczykowski
c7a832a279 NetVM, AppVM, ProxyVM from single template - VM side
Modify VM packages to:
- do not conflicts
- starts services if its VM type need it

Added core-proxyvm (firewall) and core-commonvm (common parts) packages.
2011-03-11 01:38:04 +01:00
Marek Marczykowski
4c14652245 Add preparing_dvm param to TemplateVM.start (to start it as any other VM) 2011-03-10 17:24:56 +01:00
Marek Marczykowski
9895665f2c fwvm -> proxyvm rename fix 2011-03-10 16:16:39 +01:00
Marek Marczykowski
a21e0d37c6 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core
Conflicts:
	dom0/qvm-core/qubes.py
2011-03-10 16:05:48 +01:00
Marek Marczykowski
a10abc5c9d Merge tag 'smk_a8cef51b' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-ls
2011-03-10 14:14:48 +01:00
Tomasz Sterna
ae2d170a7e Fixed external_ip permissions setting and netvm_domid entry handling. 2011-03-10 13:38:49 +01:00
Tomasz Sterna
afbdfe8ae4 Store netvm domid in FwVM. 2011-03-09 20:38:29 +01:00
Tomasz Sterna
58a4b4c82b Implemented qubes_netvm_external_ip feature. 2011-03-09 20:38:29 +01:00
Tomasz Sterna
87ff30fe26 Fixed xenstore-chmod call syntax 2011-03-09 19:47:08 +01:00
Tomasz Sterna
6ad91617a7 Store the state of FwVM rules 2011-03-09 18:07:22 +01:00
Tomasz Sterna
fd8ecca9bd Create qubes_iptables_error xenstore file in FwVM and set its permissions. 2011-03-09 17:51:05 +01:00
Tomasz Sterna
ca81f0103d Update firewall rules on VM start 2011-03-09 17:51:05 +01:00
Marek Marczykowski
1914854e88 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/marmarek/core
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-prefs
	dom0/qvm-tools/qvm-template-commit
2011-03-09 17:23:32 +01:00
Marek Marczykowski
e35fccef35 Fix AppVm constructior 2011-03-09 15:24:54 +01:00
Rafal Wojtczuk
a7cc09071f Make qubes_restore rexec-aware. 2011-03-08 13:03:55 +01:00
Rafal Wojtczuk
eb7821771e In qvm-start, check $DISPLAY existence, too. 2011-03-07 16:05:36 +01:00
Rafal Wojtczuk
62d0127647 Integrate qrexec with qvm-run. 2011-03-07 15:58:04 +01:00
Marek Marczykowski
c1bd86142c NetVM and ProxyVM based on template: part 1 (core) 2011-03-06 17:06:45 +01:00
Marek Marczykowski
13c3a04755 Fix typo 'templete' 2011-03-06 14:06:24 +01:00
Tomasz Sterna
e9bd19299f Update firewall iptables file during VM start 2011-03-06 14:06:24 +01:00
Tomasz Sterna
f33fcff372 Implemented iptables rules file generator 2011-03-06 14:06:24 +01:00
Tomasz Sterna
0c1b6ca4b0 Store firewal rules in Python data structure 2011-03-06 14:06:24 +01:00
Tomasz Sterna
aa536fdbda Properly set FwVM xenstore files 2011-03-06 14:06:24 +01:00
Tomasz Sterna
bd05975a53 Removed trailing whitespace 2011-03-06 14:06:24 +01:00
Tomasz Sterna
8e465a13b5 Implemented firewall_conf storage 2011-03-06 14:06:24 +01:00
Tomasz Sterna
026a109d1f Fixed setting netvm of FWVM 2011-03-06 14:06:24 +01:00
Tomasz Sterna
60caf9af7f Refactored QubesVm.is_*vm() methods 2011-03-06 14:06:24 +01:00
Tomasz Sterna
cba89a8747 Show FirewallVMs in qvm-ls 2011-03-06 14:06:24 +01:00
Tomasz Sterna
d207ecacea Implemented QubesFirewallVm subclass of QubesNetVm 2011-03-06 14:06:24 +01:00
Marek Marczykowski
24c0778154 gitignore files - add build products 2011-03-06 14:06:24 +01:00
Marek Marczykowski
b778fa3210 Add typo in qvm-template-commit
As in original classes...
2011-03-06 14:06:24 +01:00
Marek Marczykowski
14aaccbc5f Update TemplateVM with running AppVM: part 2
- support for template modify in qvm-core
- tool for commit changes to template
2011-03-06 14:06:15 +01:00
Rafal Wojtczuk
d6f327492d Start qrexec daemon and agent 2011-03-04 17:19:51 +01:00
Tomasz Sterna
a8cef51b67 Use new, simplified firewall rules data scheme 2011-03-03 22:40:36 +01:00
Tomasz Sterna
0a8249d83f Update firewall iptables file during VM start 2011-03-02 15:04:11 +01:00
Tomasz Sterna
45f84b1713 Implemented iptables rules file generator 2011-03-02 15:03:21 +01:00
Tomasz Sterna
6083384e6d Store firewal rules in Python data structure 2011-03-02 15:02:46 +01:00
Tomasz Sterna
353f04e186 Properly set FwVM xenstore files 2011-03-02 15:01:30 +01:00
Tomasz Sterna
d758eb8258 Removed trailing whitespace 2011-03-02 15:00:19 +01:00
Marek Marczykowski
c3bf11062f gitignore files - add build products 2011-03-02 11:58:22 +01:00
Marek Marczykowski
143f1519a8 Add typo in qvm-template-commit
As in original classes...
2011-03-02 11:52:19 +01:00
Marek Marczykowski
6db640dbfe Update TemplateVM with running AppVM: part 2
- support for template modify in qvm-core
- tool for commit changes to template
2011-03-02 11:33:22 +01:00
Tomasz Sterna
a450e51126 Implemented firewall_conf storage 2011-02-21 18:13:27 +01:00
Tomasz Sterna
a088e14244 Fixed setting netvm of FWVM 2011-02-11 00:34:46 +01:00
Tomasz Sterna
053ca36ca8 Refactored QubesVm.is_*vm() methods 2011-02-11 00:34:46 +01:00
Tomasz Sterna
4297c1284a Show FirewallVMs in qvm-ls 2011-02-09 21:21:41 +01:00
Tomasz Sterna
8c82361f5e Implemented QubesFirewallVm subclass of QubesNetVm 2011-02-09 21:21:14 +01:00
Joanna Rutkowska
a5c4a1626e qvm-backup-restore: support for --skip-conflicting option 2010-12-18 07:25:47 +01:00
Joanna Rutkowska
751e0b380a qvm-backup: support --exclude option 2010-11-28 16:30:26 +01:00
Rafal Wojtczuk
1fccf9c309 Use delayed_transaction_seq from sender, not receiver.
Apparently, qvm-copy-to-vm when receiver already has an incoming pendrive
worked only by coincidence.
2010-10-28 12:39:03 +02:00
Rafal Wojtczuk
7c1babe8aa Do not error when qvm-get-default-netvm returns empty string.
It happens when installing qubes-core-dom0 for the first time.
2010-10-06 10:55:32 +02:00
Joanna Rutkowska
18dc0b67c7 dom0: do not do mem-set for dom0 in init.d/qubes_core 2010-10-04 15:20:41 +02:00
Joanna Rutkowska
e91ee0acb3 dom0 init.d/qubes_core: kill some processes on stop() 2010-10-04 15:20:09 +02:00
Rafal Wojtczuk
862bd1f11c DVM: do not mem-set 400
qmemman will do the job automagically.
2010-09-30 18:26:35 +02:00
Rafal Wojtczuk
28fbb48845 Attach/detach pci devices from netvm upon resume/suspend 2010-09-30 18:22:26 +02:00
Rafal Wojtczuk
ece96ba3fb Make qfilexchgd listen for change in /vm to detect vm start/stop
... instead of watching /local/domain, which changes whenever meminfo-wwriter
pushes data.
2010-09-27 17:42:34 +02:00
Rafal Wojtczuk
90e3f4ffd8 Add reset_vm_configs.py script 2010-09-27 16:58:02 +02:00
Rafal Wojtczuk
2244ea95bf Separate create_config_file() function in qubes.py 2010-09-27 16:53:17 +02:00
Joanna Rutkowska
ba59ac733e Merge branch 'qmemman' of git://qubes-os.org/rafal/core
Conflicts:
	dom0/qvm-core/qubes.py
2010-09-23 12:31:25 +02:00
Rafal Wojtczuk
11eafede31 Make qubes_prepare_saved_domain.sh output less scary for [normal] users 2010-09-22 11:15:22 +02:00
Rafal Wojtczuk
0217dba40e Completed dvm->setupdvm name transition 2010-09-22 10:24:57 +02:00
Rafal Wojtczuk
7aa55affcf renamed: qubes_dvm -> qubes_setupdvm 2010-09-22 10:22:45 +02:00
Rafal Wojtczuk
2a4abafd1b Removed empty function from qubes_dvm 2010-09-22 10:21:54 +02:00
Rafal Wojtczuk
4e067aa503 Slightly change the savefile update notification message. 2010-09-21 22:28:14 +02:00
Rafal Wojtczuk
c0656720ab DVM: if needed, qfileexchgd will recreate DVM savefile
It would be nice to have some progress notification, as dvm setup is
slow.
2010-09-21 22:23:38 +02:00
Rafal Wojtczuk
e13e5027c3 qubes_dvm init.d script
We want to set up a default dvm if needed at boot time; for this,
the default netvm must have been already started. Therefore, we
need a qubes_dvm script, that executes after qubes_netvm.
2010-09-21 21:46:11 +02:00
Rafal Wojtczuk
c22a6ebb84 DVM: make qvm-get-default-template use the default template, if asked
Via options --default-template and --default-script
2010-09-21 18:40:15 +02:00
Rafal Wojtczuk
c0cac005ec Tiny logging fix in qfileexchgd
...that is impossible to happen, naturally.
2010-09-21 16:00:40 +02:00
Rafal Wojtczuk
ca1122cd6a Add QubesDisposableVm and use class 2010-09-21 15:59:22 +02:00
Rafal Wojtczuk
6afdffa96f qvm-dom0-network-via-netvm script (ticket #20) 2010-09-21 13:36:46 +02:00
Rafal Wojtczuk
885d747272 qmmemman: force static_memory_max to be as much as total RAM
Not including netvm, it causes some issues with it.
2010-09-20 11:24:56 +02:00
Joanna Rutkowska
4e7ce5f90c qubes.py: another small fix to QubesHost :) 2010-09-16 20:11:35 +02:00
Joanna Rutkowska
8292c25713 Merge branch 'qmemman' of git://qubes-os.org/rafal/core 2010-09-16 20:01:40 +02:00
Joanna Rutkowska
157a18c244 qubes.py: a small fix to QubesHost 2010-09-16 18:47:05 +02:00
Joanna Rutkowska
268789fc4c dom0/qvm-core/qubes.py: added QubesHost class 2010-09-16 17:52:52 +02:00
Rafal Wojtczuk
c411519220 qmemman: do not trim the mem-set value too much
We used to mem-set the domain to 0.995*calculated_value; 5 promils of 4GB
is ca 19MB, and it is too visible. Use 0.999 instead of 0.995
2010-09-16 16:40:09 +02:00
Rafal Wojtczuk
eea01fba3b qmemman: in is_balance_req_significant(), account for Xen free memory 2010-09-16 16:00:07 +02:00
Rafal Wojtczuk
e476531b0e Leave XEN_FREE_MEM_LEFT of Xen free memory.
Needed for driver domain, to be able to get contiguous memory for
its drivers.
2010-09-16 15:57:11 +02:00
Joanna Rutkowska
0f1700ef3d Merge branch 'comment1' of git://qubes-os.org/rafal/core
Conflicts:
	dom0/restore/qubes_restore.c
2010-09-16 15:55:35 +02:00
Joanna Rutkowska
70f8a7401c Make 'make clean' clean all the object files 2010-09-15 15:36:04 +02:00
Joanna Rutkowska
9b8c018bc2 Merge branch 'qmemman' of git://qubes-os.org/rafal/core 2010-09-13 15:05:13 +02:00
Rafal Wojtczuk
0c1f21a28e qmemman: when a AppVM is low on memory, allow small adjustments
A small AppVM (say, with 100MB total) can go below prefmem, and
still not be assigned memory, because of the MIN_TOTAL_MEMORY_TRANSFER
threshold.
So, if AppVM is below prefmem, allow for smaller mem-sets.
2010-09-10 11:35:30 +02:00
Rafal Wojtczuk
f6e3607d2d qmemman: offload some processing to meminfo-writer
Make meminfo-writer compute used memory, and report to qmemman only if
it has changed significantly enough. As it is written in C, its code is
much faster that qmemman-server; also in the idle case, it saves on xenstore
communication overhead. Allows to send updates up to 10 times per second,
with CPU load on the VM below 0.1%.
2010-09-09 17:51:53 +02:00
Rafal Wojtczuk
51e14fc8bb qmemman: trigger do_balance() on receiving /proc/meminfo data 2010-09-09 12:36:18 +02:00
Rafal Wojtczuk
f4e46b63a4 qmemman: in client code, set FD_CLOEXEC on qmmemman.socket 2010-09-09 12:33:48 +02:00
Rafal Wojtczuk
7545789a26 qmemman: now parse_meminfo takes a single argument 2010-09-09 11:30:02 +02:00
Rafal Wojtczuk
9c609a23bf qmemman: move /proc/meminfo parsing to qmemman_algo
Just cosmetics, to make code layout more coherent.
2010-09-09 11:24:04 +02:00