Commit Graph

119 Commits

Author SHA1 Message Date
Frédéric Pierret (fepitre)
bdc3c6588b
services: fixes from Marek's comments 2020-03-08 09:51:30 +01:00
Frédéric Pierret (fepitre)
9a6ff177ce
tests: add/remove services in dom0 2020-02-20 23:07:49 +01:00
Frédéric Pierret (fepitre)
0b8e5400a3
config: specify dom0 services path 2020-02-20 15:56:48 +01:00
Frédéric Pierret (fepitre)
a7e7166f7a
services: handle dom0 write permission errors 2020-02-20 15:55:04 +01:00
Frédéric Pierret (fepitre)
d0a8b49cc9
services: handle /var/run/qubes/'SERVICE NAME' for dom0 2020-02-20 15:55:04 +01:00
Frédéric Pierret (fepitre)
6f2f57caea
services: make PEP8 happier 2020-02-20 15:55:03 +01:00
Pawel Marczewski
08d83fb241
Support qubes.VMExec call
The feature is advertised by core-agent so that it can be used
instead of VMShell.

See QubesOS/qubes-issues#4850.
2020-01-24 16:57:13 +01:00
Marek Marczykowski-Górecki
74e956e1f1
ext/pci: handle 'qubes-close' event
Move cache cleanup to 'qubes-close' event handler, instead of doing it
specifically in tests.
2020-01-11 03:54:30 +01:00
Marek Marczykowski-Górecki
6c7af109e5
ext/block: prefer connecting cdrom as xvdd
Only first 4 disks can be emulated as IDE disks by QEMU. Specifically,
CDROM must be one of those first 4 disks, otherwise it will be
ignored. This is especially important if one wants to boot the VM from
that CDROM.
Since xvdd normally is a kernel-related volume (boot image, modules) it
makes perfect sense to re-use it for CDROM. It is either set for kernel
volume (in which case, VM should boot from it and not the CDROM), or
(possibly bootable) CDROM.

This needs to be done in two places:
 - BlockExtension for dynamic attach
 - libvirt xen.xml - for before-boot attach

In theory the latter would be enough, but it would be quite confusing
that device will get different options depending on when it's attached
(in addition to whether the kernel is set - introduced here).

This all also means, xvdd not always is a "system disk". Adjust listing
connected disks accordingly.
2019-11-19 14:03:21 +01:00
Frédéric Pierret (fepitre)
2ccdd4ee8e
gui: make pylint happy 2019-11-11 11:27:40 +01:00
Frédéric Pierret (fepitre)
728766d191
default_guivm: fire property-set on default_guivm 2019-11-09 16:10:16 +01:00
Frédéric Pierret (fepitre)
78d0d2cabb
gui: set guivm windows prefix 2019-11-07 18:11:32 +01:00
Frédéric Pierret (fepitre)
5ee2f5d889
gui: simplify setting guivm xid and keyboard layout 2019-10-20 17:35:43 +02:00
Frédéric Pierret (fepitre)
d2d1ffb806
Make pylint happier 2019-10-20 16:40:40 +02:00
Frédéric Pierret (fepitre)
9734921d9c
gui: set keyboard layout from feature 2019-10-20 13:22:31 +02:00
Frédéric Pierret (fepitre)
27aad9bd38
Handle GuiVM properties 2019-10-20 13:22:31 +02:00
Frédéric Pierret (fepitre)
a52cb6bb91
Make PEP8 happier 2019-10-20 13:22:29 +02:00
Rusty Bird
fe97a15d11
factor out utils.coro_maybe() 2019-06-28 10:29:24 +00:00
Wojtek Porczyk
17704c8d0a
qubes/ext/gui: set videoram qdb entries
This is for adjusting videoram size. See
QubesOS/qubes-gui-agent-linux@d222e16003
2018-12-20 18:28:40 +01:00
Marek Marczykowski-Górecki
3728230e3c
Merge branch 'maxmem' 2018-12-09 18:38:21 +01:00
Marek Marczykowski-Górecki
087a02c7f4
ext/services: add automatic migration meminfo-writer=False -> maxmem=0
Migrate meminfo-writer=False service setting to maxmem=0 as a method to
disable dynamic memory management. Remove the service from vm.features
dict in the process.

Additionally, translate any attempt to set the service.meminfo-writer
feature to either setting maxmem=0 or resetting it to the default (which
is memory balancing enabled if supported by given domain). This is to at
least partially not break existing tools using service.meminfo-writer as
a way to control dynamic memory management. This code does _not_ support
reading service.meminfo-writer feature state to get the current state of
dynamic memory management, as it would require synchronizing with all
the factors affecting its value. One of main reasons for migrating to
maxmem=0 approach is to avoid the need of such synchronization.

QubesOS/qubes-issues#4480
2018-11-21 02:13:25 +01:00
Marek Marczykowski-Górecki
4dc8631010
Use maxmem=0 to disable qmemman, add more automation to it
Use maxmem=0 for disabling dynamic memory balance, instead of cryptic
service.meminfo-writer feature. Under the hood, meminfo-writer service
is also set based on maxmem property (directly in qubesdb, not
vm.features dict).
Having this as a property (not "feature"), allow to have sensible
handling of default value. Specifically, disable it automatically if
otherwise it would crash a VM. This is the case for:
 - domain with PCI devices (PoD is not supported by Xen then)
 - domain without balloon driver and/or meminfo-writer service

The check for the latter is heuristic (assume presence of 'qrexec' also
can indicate balloon driver support), but it is true for currently
supported systems.

This also allows more reliable control of libvirt config: do not set
memory != maxmem, unless qmemman is enabled.

memory != maxmem only makes sense if qmemman for given domain is
enabled.  Besides wasting some domain resources for extra page tables
etc, for HVM domains this is harmful, because maxmem-memory difference
is made of Popupate-on-Demand pool, which - when depleted - will kill
the domain. This means domain without balloon driver will die as soon
as will try to use more than initial memory - but without balloon driver
it sees maxmem memory and doesn't know about the lower limit.

Fixes QubesOS/qubes-issues#4135
2018-11-21 02:13:25 +01:00
Marek Marczykowski-Górecki
0eab082d85
ext/core-features: make 'template-postinstall' event async
It makes a lot of sense to call long-running operations in that event
handler, including calling back into the VM. Allow that by using
fire_event_async, not just fire_event.

Also, document the event.
2018-11-15 18:25:29 +01:00
Marek Marczykowski-Górecki
64f290c9ba
ext/pci: fix error message about missing device
Print human readable device name, instead of "<PCIDevice at ...".

QubesOS/qubes-issues#4461
2018-11-01 22:28:50 +01:00
Marek Marczykowski-Górecki
00ca0459d9
ext/pci: use correct backend domain for getting PCIDevice instance
In practice backend_domain is ignored (all PCI devices belongs to dom0),
but lets fix this anyway.
2018-11-01 22:21:50 +01:00
Marek Marczykowski-Górecki
8be70c9e4d
ext/services: allow for os=Linux feature request from VM
It's weird to set it for Windows, but not Linux.
2018-10-27 16:44:53 +02:00
Marek Marczykowski-Górecki
d1f5cb5d15
ext/services: mechanism for advertising supported services
Support 'supported-service.*' features requests coming from VMs. Set
such features directly (allow only value '1') and remove any not
reported in given call. This way uninstalling package providing given
service will automatically remove related 'supported-service...'
feature.

Fixes QubesOS/qubes-issues#4402
2018-10-23 16:47:39 +02:00
Marek Marczykowski-Górecki
133219f6d3
Do not generate R3 compat firewall rules if R4 format is supported
R3 format had limitation of ~40 rules per VM. Do not generate compat
rules (possibly hitting that limitation) if new format, free of that
limitation is supported.

Fixes QubesOS/qubes-issues#1570
Fixes QubesOS/qubes-issues#4228
2018-10-15 06:05:05 +02:00
Marek Marczykowski-Górecki
b72b81fb9e
Merge remote-tracking branch 'qubesos/pr/224'
* qubesos/pr/224:
  Fix error on non ASCII PCI IDs upon qvm-device list

Fixed code style.
2018-09-02 03:36:00 +02:00
Galland
6f04c8d65b
Fix error on non ASCII PCI IDs upon qvm-device list
solves https://github.com/QubesOS/qubes-issues/issues/4229
2018-08-21 03:08:17 +02:00
Marek Marczykowski-Górecki
0e089ca38d
ext/windows: copy private.img on windows TemplateBasedVM creation
This is a workaround for missing private.img initialization in Qubes
Windows Tools.

QubesOS/qubes-issues#3585
2018-07-17 05:25:31 +02:00
Marek Marczykowski-Górecki
af7d54d388
Update windows-related feature requests
Handle 'os' feature - if it's Windows, then set rpc-clipboard feature.
Handle 'gui-emulated' feature - request for specifically stubdomain GUI.
With 'gui' feature it is only possible to enable gui-agent based on, or
disable GUI completely.
Handle 'default-user' - verify it for weird characters and set
'default_user' property (if wasn't already set).

QubesOS/qubes-issues#3585
2018-07-16 22:02:58 +02:00
Marek Marczykowski-Górecki
be2465c1f9
Fix issues found by pylint 2.0
Resolve:
 - no-else-return
 - useless-object-inheritance
 - useless-return
 - consider-using-set-comprehension
 - consider-using-in
 - logging-not-lazy

Ignore:
 - not-an-iterable - false possitives for asyncio coroutines

Ignore all the above in qubespolicy/__init__.py, as the file will be
moved to separate repository (core-qrexec) - it already has a copy
there, don't desynchronize them.
2018-07-15 23:51:15 +02:00
Marek Marczykowski-Górecki
74eb3f3208
Merge remote-tracking branch 'qubesos/pr/185'
* qubesos/pr/185:
  vm: remove doc for non-existing event `monitor-layout-change`
  vm: include tag/feature name in event name
  events: add support for wildcard event handlers
2018-01-22 15:32:57 +01:00
Marek Marczykowski-Górecki
241f1d1d3b
tests: do not leak open file 2018-01-15 15:57:30 +01:00
Marek Marczykowski-Górecki
50d34755fa
vm: include tag/feature name in event name
Rename events:
 - domain-feature-set -> domain-feature-set:feature
 - domain-feature-delete -> domain-feature-delete:feature
 - domain-tag-add -> domain-tag-add:tag
 - domain-tag-delete -> domain-tag-delete:tag

Make it consistent with property-* events. It makes more sense to
include tag/feature name in event name, so handler can watch a single
tag/feature - which is the most common case. Otherwise, most handlers
would begin with `if feature == '...'` anyway, wasting time on most
events.

In cases where multiple features/tags should be handled by a single
handler, it is now possible to register a handler with wildcard, for
example `domain-feature-set:*`.
2018-01-06 15:05:34 +01:00
Marek Marczykowski-Górecki
384a792b8a
typo in docstring 2017-12-05 17:39:34 +01:00
Marek Marczykowski-Górecki
749e8497e3
api/admin: exclude regex attribute from DeviceInfo structure
DeviceInfo may contain 'regex' attribute - it isn't intended to be
reported through Admin API. Also, mark 'libvirt_regex' attribute as
private.
2017-12-05 17:39:32 +01:00
Marek Marczykowski-Górecki
3217c3ac4e
Merge remote-tracking branch 'qubesos/pr/156'
* qubesos/pr/156:
  tests: Add unit tests for pvh virt_mode
  Don't allow attached PCI devices and virt_mode = 'pvh'
2017-11-20 22:40:53 +01:00
Marek Marczykowski-Górecki
2164a8d7b8
Change license to LGPL v2.1+
See this thread for reasoning and acceptance from contributors:
https://groups.google.com/d/topic/qubes-devel/G7KzrfU0lWY/discussion
"Changing qubes-core-admin license to LGPL v2.1+"
2017-10-12 00:11:50 +02:00
HW42
67c06eb428 Don't allow attached PCI devices and virt_mode = 'pvh' 2017-10-11 21:10:43 +02:00
Marek Marczykowski-Górecki
451cc339c7
ext/block: accept any boolean value for 'read-only' option
Be consistent with other parts of the Admin API. Especially ...Attach
accept "standard" boolean values for persistent= option.
2017-10-04 15:24:53 +02:00
Marek Marczykowski-Górecki
3548ee1163
ext/block: properly list devtype=cdrom option 2017-09-29 11:52:59 +02:00
Marek Marczykowski-Górecki
fd5aaa8866
block: fix handling non-existing devices
Don't yield None as DeviceInfo object. The device-get: event handlers
are expecte to yield anything only when there is a device.
2017-09-29 11:52:59 +02:00
Marek Marczykowski-Górecki
f6d10ec243
block: improve handling device name and description
Don't fail when device have no description. Also, handle device name
consistently - there is already name_re defined.
2017-09-29 11:52:59 +02:00
Marek Marczykowski-Górecki
3f33a7bc2c
fix and enable ServicesExtension
This extension is responsible for communicating service.* features to
VMs - in other words, qvm-service framework

Fixes QubesOS/qubes-issues#3019
2017-08-14 02:30:52 +02:00
Marek Marczykowski-Górecki
22f2fe6d69
block: add support for devtype option
QubesOS/qubes-issues#2951
2017-08-01 15:20:36 +02:00
Marek Marczykowski-Górecki
8a8674bb57
ext/core_features: add handling 'qubes-firewall' feature request
VM (template) can announce whether it support enforcing firewall rules
or not.

Fixes QubesOS/qubes-issues#2003
2017-07-30 18:34:43 +02:00
Marek Marczykowski-Górecki
36f1a3abaf
Merge branch 'services'
* services:
  tests: check clockvm-related handlers
  doc: include list of extensions
  qubesvm: fix docstring
  ext/services: move exporting 'service.*' features to extensions
  app: update handling features/service os ClockVM
2017-07-29 05:09:32 +02:00
Marek Marczykowski-Górecki
1a6728cb12
ext/services: move exporting 'service.*' features to extensions
This means core code will not publish any features by default.
2017-07-28 16:32:47 +02:00