Qubes/core-admin
1
0
複製 0
程式碼 問題管理 合併請求 版本發佈 Wiki Activity
2,779 Commit 1 分支 0 Tag 20 MiB
b242680cc1
Commit Graph

103 次程式碼提交

作者 SHA1 備註 提交日期
Marek Marczykowski-Górecki
aa958eeff6 core: really quiet mode if vm.start() 
Pass '-q' option to gui-daemon and qrexec-daemon.
 2014-10-25 01:45:01 +02:00
Victor Lopez
bf2173073b Linux VM specific: maxmem limited by init mem 
Check maxmem taking into account the minimum init memory that allows
that requested maximum memory.

Explanation:
Linux kernel needs space for memory-related structures created at boot.
If init_mem is just 400MB, then max_mem can't balloon above 4.3GB (at
which poing it yields "add_memory() failed: -17" messages and apps
crash), regardless of the max_mem_size value.

Based on Marek's findings and my tests on a 16GB PC, using several
processes like:
   stress -m 1 --vm-bytes 1g --vm-hang 100

result in the following points:
init_mem  ==> actual max memory
400             4300
700             7554
800             8635
1024            11051
1200            12954
1300            14038
1500            14045 <== probably capped on my 16GB system

The actual ratio of max_mem_size/init_mem is surprisingly constant at
10.79

If less init memory is set than that ratio allows, then the set
maxmem is unreachable and the VM becomes unstable (app crashes)

Based on qubes-devel discussion titled "Qubes Dom0 init memory against
Xen best practices?" at:
https://groups.google.com/d/msg/qubes-devel/VRqkFj1IOtA/UgMgnwfxVSIJ
 2014-10-06 04:02:07 +02:00
Marek Marczykowski-Górecki
ed15e15f50 core: make create_on_disk verbose parameter optional 2014-10-01 03:50:55 +02:00
Marek Marczykowski-Górecki
9ad4e15c66 core: inherit default_user from template 2014-09-16 01:46:41 +02:00
Marek Marczykowski-Górecki
17cf9f7a9b Remove duplicated line 2014-09-16 01:33:40 +02:00
Marek Marczykowski-Górecki
355ed640b2 hvm: reserve memory for stubdom 
Previously it was allocated from 50MB memory margin left by qmemman.
Which wasn't reliable enough.
 2014-09-16 01:18:55 +02:00
Wojciech Zygmunt Porczyk
d7958625c6 core+modules: provide meaingful repr()s for some classes 2014-08-11 16:34:33 +02:00
Marek Marczykowski-Górecki
279dc78a02 core: do not reject already existing VMs with invalid name 
It would break the system when the rules for names change. Warn instead.
 2014-07-28 01:07:02 +02:00
Marek Marczykowski-Górecki
98540ac513 core: reject VM names longer than 31 chars 2014-07-28 01:00:51 +02:00
Wojciech Zygmunt Porczyk
b2162b1af9 Forbid renaming of RPM-borne VMs (mainly templates) (#839) 
User can still clone VM and remove old via rpm/yum.
 2014-06-26 13:55:35 +02:00
Marek Marczykowski-Górecki
44f38fe076 Declare file encoding for all python files, fill missing copyright headers 
Without that, python do not accept UTF-8 even in comments.
 2014-05-18 21:03:27 +02:00
Marek Marczykowski-Górecki
6566d4f57c core: allow clone_attrs() to not fail on errors 
... and continue setting other properties. Currently not used, but can
be considered for backup-restore (to restore as much properties as
possible).
 2014-05-12 19:47:48 +02:00
Marek Marczykowski-Górecki
86bae8d276 core: verify kernel property when its modified 
Do not assume that frontend have verified that setting.
 2014-05-12 19:45:30 +02:00
Marek Marczykowski-Górecki
e5feb3169a core: cleanup remains of failed domain startup (#825) 2014-05-10 21:23:04 +02:00
Wojciech Zygmunt Porczyk
8ef5f4c665 QubesTemplateVm: fire post-rename hooks 2014-05-07 14:15:15 +02:00
Wojciech Zygmunt Porczyk
a63a8069b1 QubesVm: setter hook passes old value 
This is part of #827 bug.
 2014-05-05 22:23:43 +02:00
Wojciech Zygmunt Porczyk
72f74b6b76 QubesVm: add attribute setter hook mechanism 
This is part of #827 bug.
 2014-05-05 16:40:44 +02:00
Marek Marczykowski-Górecki
dfb6b384cb core: fix typo in firewall.xml root element 2014-05-05 05:22:25 +02:00
Marek Marczykowski-Górecki
14f3094036 core: fix resize of root.img for HVM template (#837) 2014-04-29 02:13:16 +02:00
Marek Marczykowski-Górecki
8ac5981fdd Merge remote-tracking branch 'woju/bug-822' 2014-04-28 14:31:29 +02:00
Wojciech Zygmunt Porczyk
8c26f19103 core-modules: remove duplicate get_disk_usage 2014-04-28 13:33:18 +02:00
Wojciech Zygmunt Porczyk
ee059df63e qubesutils.py: get_disk_usage 
get_disk_usage is moved from code-modules and backup.py and rewritten not to
call external du

This commit is part of #822 fix.
 2014-04-24 21:50:12 +02:00
Marek Marczykowski-Górecki
cac866ed1b core: not not fail network reconnect on HVM without qrexec installed 2014-04-24 12:57:41 +02:00
Marek Marczykowski-Górecki
047cbb3443 core: fix tempate HVM creation 2014-04-23 04:17:40 +02:00
Marek Marczykowski-Górecki
113fe3391d core: fix vm.is_outdated() for template-based HVM 
HVM template can't be started while any its VM is running, so VM is
never outdated.
 2014-04-18 01:34:09 +02:00
Marek Marczykowski-Górecki
ca1be8683c core: Fix creation of template-based HVM 2014-04-18 01:23:39 +02:00
Marek Marczykowski-Górecki
1ac3f81848 core: increase default netvm memory to 300MB (#818) 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
f4deddbbdf core: do not run commands on paused VM 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
b17bf72b8a hvm: do not kill stubdom GUI in debug mode 2014-04-16 12:54:24 +02:00
Marek Marczykowski-Górecki
ac7746feed qvm-run: add color output and filtering escape sequences 
This makes VM output clearly distinguishable
 2014-04-15 03:19:48 +02:00
Marek Marczykowski-Górecki
5704b41a45 hvm: seamless_gui_mode setting, including runtime change support (#810) 2014-04-01 01:12:35 +02:00
Marek Marczykowski-Górecki
12d897cd3e hvm: fix startup of HVM without Qubes Tools 
Do not pollute environment of calling process, otherwise all VMs started
from Qubes Manager afterwards will get QREXEC_STARTUP_NOWAIT, which
will cause wait_for_session not working.
 2014-04-01 01:07:57 +02:00
Marek Marczykowski-Górecki
2eaf649eed core: add simple 'run_service' function 2014-04-01 01:07:23 +02:00
Marek Marczykowski-Górecki
72d277c56b core: add QubesVm.get_prefmem (#788) 
Expose 'prefmem' property used by qmemman.
 2014-03-31 03:45:16 +02:00
Marek Marczykowski-Górecki
242590902a firewall: minor improvements 
Do not require ports specified in rule - useful for "any" protocol where
ports doesn't have sense.
 2014-03-28 02:55:35 +01:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
d1fbd9c59d proxyvm: use "conntrack" iptables module instead of deprecated "state" 2014-03-27 17:16:36 +01:00
Marek Marczykowski-Górecki
04f86c7059 core: use functions instead of evals for storing attributes to qubes.xml 2014-03-27 17:15:15 +01:00
Marek Marczykowski-Górecki
e9fe890acb core: rewrite "eval" to "func" attribute handlers 2014-03-26 04:41:28 +01:00
Marek Marczykowski-Górecki
5141aba741 core: support functions instead of evals in attribute config 
eval still supported, but once all the code will be converted to
functions, the support will be removed.
 2014-03-26 04:40:45 +01:00
Marek Marczykowski-Górecki
91428ebaa1 core: method to resize root.img (#699) 2014-03-21 18:43:13 +01:00
Marek Marczykowski-Górecki
9768b38ffc core: handle errors with xenstore access during VM shutdown 
When netvm and firewallvm is shut down, netvm handling code will
try to revoke firewallvm access to external IP. But if netvm shutdown
happens in the meantime, xenstore will throw ENOENT error.
 2014-03-13 18:32:13 +01:00
Marek Marczykowski-Górecki
840dc38730 core: do not mark DispVMs as included in backups 2014-03-10 04:29:59 +01:00
Marek Marczykowski-Górecki
09652cb0f8 core: store date of last backup for each VM 2014-03-10 04:29:14 +01:00
Marek Marczykowski-Górecki
c5e2ba03bd core: notify xenstored about domain resume 
Otherwise it will not fire further domain suspend/death watches against
this domain - so xl will not cleanup the domain.
 2014-03-05 03:39:49 +01:00
Marek Marczykowski-Górecki
f7b43d1f34 hvm: check for qrexec presence 2014-03-01 15:17:41 +01:00
Marek Marczykowski-Górecki
17e0a62a10 hvm: fix drive option parse 2014-03-01 15:17:17 +01:00
Marek Marczykowski-Górecki
9e3cd62d12 hvm: move 'drive' parameter *parsing* to property setter 2014-02-17 00:55:59 +01:00
Marek Marczykowski-Górecki
6fece6347f core: call xl destroy as root 
In case the VM has PCI devices, it need to access sysfs (as root).
 2014-02-16 11:15:06 +01:00
Marek Marczykowski-Górecki
1e2459c210 core: include 'default_user' in cloned attributes 2014-02-10 12:59:46 +01:00