Commit Graph

6 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
a98f505c8f
Use 128k blocks when importing volume data
Cloning volume was handled earlier, now od the same on importing volumes
(any storage).

Fixes QubesOS/qubes-issues#5134
2019-08-01 04:50:25 +02:00
Jean-Philippe Ouellet
21c3c2507e
volume.Import: write data with sufficient privs
Not sure how this ever worked before, if it did.

The device nodes pointed to by /dev/qubes_dom0/* are owned by
root:disk with perms 660, qubes user is not in disk group,
and service is invoked as qubes user, not root.
2017-11-21 03:01:03 -05:00
Marek Marczykowski-Górecki
0327b6cd98
api/admin: hide dd statistics in admin.vm.volume.Import call
But still show errors, if occurs.
2017-11-07 02:57:59 +01:00
Marek Marczykowski-Górecki
b25cf4b085
Add explanation why admin.vm.volume.Import is a custom script
Cc @rootkovska
2017-07-25 05:20:38 +02:00
Wojtek Porczyk
0fdcbfc237 qubes-rpc/admin.vm.volume.Import: fix dd flags
QubesOS/qubes-issues#2622
2017-05-29 17:34:15 +02:00
Marek Marczykowski-Górecki
3cacf290bb
admin: implement admin.vm.volume.Import
Implement this in two parts:
1. Permissions checks, getting a path from appropriate storage pool
2. Actual data import

The first part is done by qubesd in a standard way, but then, instead of
accepting all the data (which may be several GB), return a path to which
a shell script (in practice: `dd` command) will write the data.
Then the script call back to qubesd again to report success/failure and
qubesd response from that call is actually returned to the user.

This way we do not pass all the data through qubesd, but still can
control the process from there in a meaningful way. Note that the last
part (second call to qubesd) may perform all kind of verification (like
a signature check on the data, or so) and can also prevent VM from
starting (hooking also domain-pre-start event) from not verified image.

QubesOS/qubes-issues#2622
2017-05-26 15:08:14 +02:00