Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
917 Commits 1 Branch 0 Tags 15 MiB
e2aeceb230
Commit Graph

917 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
e2aeceb230 qrexec: Use pselect instead of select (#241) 
Details here: http://wiki.qubes-os.org/trac/ticket/241
 2011-09-01 14:56:19 +02:00
Marek Marczykowski
577dd2b076 dom0: when cleaning up network devices, wait for actual device destroy 
Otherwise subsequent network-attach will not be noticed by frontend driver.
 2011-09-01 00:01:53 +02:00
Marek Marczykowski
951b2b0b69 dom0: fix clock problems which caused VM hangs during boot (~#253) 
The source of problem was clockevent_program_event returns -ETIME:
------------ kernel/time/clockevents.c:
/**
 * clockevents_program_event - Reprogram the clock event device.
 * @expires:    absolute expiry time (monotonic clock)
 *
 * Returns 0 on success, -ETIME when the event is in the past.
 */
int clockevents_program_event(struct clock_event_device *dev, ktime_t
expires,
                  ktime_t now)
-------------

xen_vcpuop_set_next_event schedules event by getting current time
(xen_clocksource_read()) (*1) adding delta (expires-now) and programming
event with VCPUOP_set_singleshot_timer hypercall. Then xen gets current
time (*2) and in some rare cases this time is after expected timer
expiration... Even after VCPUOP_set_singleshot_timer hypercal,
xen_clocksource_read() reports time slightly in the past comparing to
xen time (reported by NOW() macro).

I think this is because "current" time is calculated different way in *1
and *2. The *1 way is controlled by tsc_mode, which is described here:
http://lxr.xensource.com/lxr/source/docs/misc/tscmode.txt. Default
tsc_mode=0 is "smart" and I think because of that can be slightly before
NOW() time. tsc_mode=2 is almost the same as NOW() macro works.

After all tsc_mode=2 was default in xen-3.4.
 2011-08-31 22:08:24 +02:00
Marek Marczykowski
be5e5a98a1 dom0: use full patch for network script 
xl (apart from xm) doesn't prefix script with dir.
 2011-08-31 22:01:08 +02:00
Marek Marczykowski
f5f69c904e dom0/qvm-run: Add -p as alias for --pass_io 2011-08-31 21:01:24 +02:00
Marek Marczykowski
3cf1af0321 dom0: implement custom kernelopts (#323) 2011-08-31 20:39:26 +02:00
Marek Marczykowski
691545c492 dom0/qvm-prefs: support for vcpus count 2011-08-31 19:41:36 +02:00
Marek Marczykowski
fbce32ae1f dom0/qvm-prefs: info when kernel setting is from template 2011-08-31 18:32:37 +02:00
Marek Marczykowski
dd7edbdfea Merge branch 'prebeta2' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-08-31 18:23:11 +02:00
Marek Marczykowski
dd78871dfd Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-08-31 18:22:00 +02:00
Rafal Wojtczuk
8e7dc52a1f qvm-run (in vm): accept --dispvm argument 2011-08-29 17:34:15 +02:00
Rafal Wojtczuk
9fa0072215 qvm-open-in-*: recognize when the parameter is an url 
and wrap it in html meta refresh tag, so that it will be opened by
the default browser.
 2011-08-29 17:27:48 +02:00
Rafal Wojtczuk
a4708ae9b6 qrexec: implement qvm-run command for AppVMs 
It is build upon qrexec2, qubes.VMShell command. So, in order to e.g.
start firefox in a fresh dispVM, do
qvm-run '$dispvm' firefox http://www.qubes-os.org
 2011-08-29 16:46:44 +02:00
Joanna Rutkowska
c8f6f2e9fe vm: disable forwarding when iptables rules are being (re)applied 2011-08-18 18:47:08 +02:00
Joanna Rutkowska
9d380bdd0d proxyvm: remove unused code 2011-08-18 18:04:38 +02:00
Joanna Rutkowska
203b55ee0a vm: allow user-define hook for IP change event 
This is especially useful for proxy VMs that e.g. run some transparent proxy service such as tor,
and need to rebind it upon IP change (of course this assumes iptables-based transparent redirection
such as DNAT).
 2011-08-18 15:49:49 +02:00
Joanna Rutkowska
f0de081faf proxyvm: allow for user defined hooks after iptables restore 2011-08-18 15:02:30 +02:00
Marek Marczykowski
f145c47aec Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-08-15 10:27:54 +02:00
Joanna Rutkowska
cc5e37df11 version 1.6.19-vm 2011-08-02 19:37:41 +02:00
Joanna Rutkowska
fc5dc8b22d Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-02 19:35:19 +02:00
Rafal Wojtczuk
357759147f setup_ip: turn off sg 
Apparently vif frontend has broken sg implementation; we already worked around
it in init.d script via ethtool; now do the same in setup_ip. It is relevant
when attaching firewallvm to a different netvm on the fly.
 2011-08-02 19:27:45 +02:00
Joanna Rutkowska
af196c01cc version 1.6.18 
Actually, also update version_vm, as qvm-prefs requires
this for dynamic NetVM changing.
 2011-08-02 17:15:41 +02:00
Joanna Rutkowska
ccda3d6642 dom0: make qvm-sync-dom0-clock executable 2011-08-02 14:24:43 +02:00
Joanna Rutkowska
3d0d9aa77d version 1.6.18-dom0 2011-08-02 14:16:03 +02:00
Joanna Rutkowska
9c58c97571 dom0: qubes-watch-updates & qvm-dom0-upgrade: use qvm-sync-dom0-clock 2011-08-02 14:14:50 +02:00
Joanna Rutkowska
49bfe8921c dom0: qvm-sync-dom0-clock 2011-08-02 14:12:03 +02:00
Joanna Rutkowska
9f15bfbeb3 dom0: require gnome-packagekit 2011-08-02 13:08:35 +02:00
Joanna Rutkowska
708263bec4 Revert "Dom0: use kpackagekit for updates GUI" 
This reverts commit 94c0f6c9d3.

Kpackagekit is not so nice-behaving as gpk-update-viewer is,
e.g. it complains there are is no network connectivity, and, perhaps
as a result, doesn't display the list of avilable updates.
 2011-08-02 13:01:42 +02:00
Joanna Rutkowska
d8261b4d9a version 1.6.17-dom0 2011-08-01 16:08:32 +02:00
Joanna Rutkowska
94c0f6c9d3 Dom0: use kpackagekit for updates GUI 2011-08-01 16:07:53 +02:00
Joanna Rutkowska
6537b47baf version 1.6.16-dom0 2011-08-01 15:43:55 +02:00
Joanna Rutkowska
7309cc2f04 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-01 15:41:56 +02:00
Rafal Wojtczuk
d2301ab125 qvm-prefs: allow on the fly netvm switch (#302) 
When changing netvm of a running vm, detach/attach eth0.
Some functionality of qubes_core_netvm thus is duplicated in setup_ip.
REQUIRES http://git.qubes-os.org/?p=rafal/xen.git;a=commit;h=42c72e6173586a807f8f153391e2e57352d362b1
 2011-08-01 15:06:01 +02:00
Rafal Wojtczuk
f264b76a61 qvm-backup: handle standaloneVM properly 
Do not attempt to copy apps.templates; copy apps/ instead.
 2011-08-01 11:14:35 +02:00
Joanna Rutkowska
03cd273183 version 1.6.15-dom0 2011-07-30 14:08:12 +02:00
Joanna Rutkowska
7a6ccae638 Dom0: set metadata_expiry=0 for qubes-dom0-cached repo 
This way the list of dowloaded packages (via qvm-dom0-upgrade) will be immediately seen by yum.
 2011-07-30 14:07:35 +02:00
Joanna Rutkowska
634215ad8e version 1.6.14 2011-07-30 12:34:02 +02:00
Joanna Rutkowska
dfa2777272 dom0: do not require NetworkManager 2011-07-30 12:33:35 +02:00
Joanna Rutkowska
a64ae2aedc version 1.6.14-vm 2011-07-30 11:31:20 +02:00
Joanna Rutkowska
5932699d8f vm: Fix modules blacklisting 2011-07-30 11:30:21 +02:00
Joanna Rutkowska
11ece41ccc version 1.6.13 2011-07-30 11:21:50 +02:00
Joanna Rutkowska
7a12cbd0e8 Dom0: restart ehci_hcd module on resume for all netvms (#299) 2011-07-30 11:20:11 +02:00
Joanna Rutkowska
4dde8f8661 vm: Blacklist unnecessary packge updates 2011-07-30 11:15:47 +02:00
Joanna Rutkowska
71209b5b39 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-07-30 11:01:23 +02:00
Rafal Wojtczuk
8ecd6134d9 firewall: call iptables-restore once per domain (#311) 
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
 2011-07-29 16:50:12 +02:00
Rafal Wojtczuk
4ad919bf6d Correct usage of "date -s" when syncing clock in dom0 
Apparently, "date -s" does not like the output of "date +%s.%N".
While at it, add basic date format sanitization.
 2011-07-29 12:12:15 +02:00
Rafal Wojtczuk
6fc358bd20 dispvm: honour current choice of template for dispvm 
... when auto-refreshing the dispvm savefile.
While at it, also copy dispvm-prerun.sh script in qvm-clone.
 2011-07-26 17:09:59 +02:00
Rafal Wojtczuk
3df2e9783d dispvm: when updating savefile on demand, present zenity progress bar 2011-07-26 16:36:59 +02:00
Joanna Rutkowska
174f5c3c8d version 1.6.12 2011-07-25 15:29:37 +02:00
Marek Marczykowski
002fad72c4 dom0+vm: Polishing qvm-dom0-upgrade (#287) 
Do not print error message when no package downloaded. Also some more covenient
usage when dowloading new packages (implied --resolve --nogui).
 2011-07-25 13:45:36 +02:00