Rafal Wojtczuk
31e7e96056
Switch to routed VM network (instead of bridging)
...
No headache from layer 2 attacks.
2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
64e8013dc2
Unify dom0 and netvm sysconfig/iptables
...
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
22df517425
qmemman: detect domain list change by watching /vm, not /local/domain
...
The latter triggers on every memory/meminfo key update, which needlessly
adds xenstore requests.
2010-09-06 10:46:36 +02:00
Rafal Wojtczuk
1c337db989
qmemman: make meminfo-writer a C program
2010-09-03 16:23:09 +02:00
Rafal Wojtczuk
7dcb7cb196
qmemman: don't use xenapi, use hypercalls to do mem-set
2010-09-03 16:19:48 +02:00
Rafal Wojtczuk
10408d61db
qmemman: when low on memory, do not make a VM go below prefmem
...
Now the balance() has two different cases: enough memory and low_on_memory.
In the former, distribute memory proportianally; in the former, dont do this, as this
makes a VM go below prefmem.
2010-09-01 12:40:02 +02:00
Rafal Wojtczuk
80771763cf
qmemman: limit total memory transfer, not each one
2010-09-01 10:39:39 +02:00
Rafal Wojtczuk
c66e0848f3
qmemman: limit domain memory to 2G to workaround for xen xml-rpc limitation
...
File "/usr/lib64/python2.6/xmlrpclib.py", line 710, in dump_int
raise OverflowError, "int exceeds XML-RPC limits"
OverflowError: int exceeds XML-RPC limits
How crappy.
2010-08-31 16:19:01 +02:00
Rafal Wojtczuk
de2619fbed
qmemman: wrap xenapi.memset within try/except
...
It can fail e.g. when a domain is being shutdown with a pretty
message like
File "/usr/lib64/python2.6/site-packages/xen/xend/XendDomainInfo.py", line 1322, in setMemoryTarget
(target * 1024))
Error: (1, 'Operation not permitted')
2010-08-31 15:53:24 +02:00
Rafal Wojtczuk
eb6755e93c
qmemman: fix locking
...
We want balance() to wait on a lock even after balloon() has finished,
until socket client has closed.
2010-08-30 14:50:48 +02:00
Rafal Wojtczuk
2eba4c1c15
I will test before commit. I will test before commit. I will...
2010-08-30 12:01:42 +02:00
Rafal Wojtczuk
f3561b7aad
Fix restore completion detection in appvm/qubes_core
2010-08-30 11:43:30 +02:00
Rafal Wojtczuk
62487c0f1e
Memory management across VMs, first release
2010-08-30 11:40:19 +02:00
Rafal Wojtczuk
8a022d7904
core.git/dom0/pendrive_swapper/README
2010-08-03 09:03:32 +02:00
Rafal Wojtczuk
cee9d6b4d6
Added comments to nonobvious code fragments
2010-08-03 07:12:59 +02:00
Joanna Rutkowska
8317c2ca18
appvm/qubes_add_pendrive_script: set HOME, and pass -M to mimeopen
2010-07-30 16:01:58 +02:00
Joanna Rutkowska
f4198057f8
appvm/qubes_core: do not set hostname for DispVM
2010-07-30 16:01:15 +02:00
Joanna Rutkowska
4d26334709
dom0/init.d/qubes_core: set Dom0 mem to 1600M
2010-07-30 16:00:18 +02:00
Joanna Rutkowska
557984f4b9
minor ident fixes
2010-07-30 15:59:43 +02:00
Joanna Rutkowska
0f378864fe
version 1.2.2
2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
4cf0a61858
Before restoring DVM, check for available xen memory
...
As we already do xm mem-set 0 800 in qubes_core, this is a
correct check. Now, there should be no errors from qubes_restore
in normal circumstances.
2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
a5f11913be
xenlinux netvm requires modprobe netbk
2010-07-27 16:08:09 +02:00
Joanna Rutkowska
68903cd9d4
appvm/init.d/qubes_core: a few more comments and cleanup
2010-07-27 12:52:26 +02:00
Joanna Rutkowska
c6cd630acf
appvm/init.d/qubes_core: make /home avilable for DispVM template
2010-07-27 12:51:54 +02:00
Joanna Rutkowska
3856f7cdbd
qvm-create-default-dvm: use gray label for dvm-template (be consitent with VM template label)
2010-07-27 12:47:18 +02:00
Joanna Rutkowska
0cfa61d681
version 1.2.1
2010-07-21 13:46:44 +02:00
Joanna Rutkowska
56755b2f11
Makefile: call make clean in dom0/restore
2010-07-21 13:46:31 +02:00
Joanna Rutkowska
fd619b605c
Merge branch 'dispvm'
2010-07-21 13:26:38 +02:00
Rafal Wojtczuk
b81983f1dc
appvm/xorg-preload-apps.conf was missing
2010-07-21 13:21:00 +02:00
Rafal Wojtczuk
b578aab5d5
qubes_prepare_saved_domain.sh: Check exit code of xm save
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
aa894b5700
qvm-create-default-dvm script
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d46bf2a270
Pathnames cleanup
...
Move internal scripts to /usr/lib/qubes plus a couple of similar.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
11b8a0409f
DVM: execute user script before save
...
qubes_prepare_saved_domain.sh now takes optional second argument, the
filename. The content of the file will be copied (via xenstore) to DVM
and executed just before save. This makes it possible to preload memory
with useful apps.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c0f34ba9b
DVM: manage savefiles
...
Instead of hardcoded savefile name, use a symlink in
/var/run/qubes. Tools should set this symlink to a correct
savefile. Also, test whether the savefile is older than the
template root.img.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
6ee594f972
Update qubes.xml with DVM
...
Also, pass correct parameters to DVM's qubes_guid (taken from
qubes.xml).
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
de4ff20448
dvm: dont send back the file if not modified
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
e1320483f9
qfilexchgd: handle 'killme' command
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
2991f20d6b
dvm: graceful exit from add_pendrive on error
...
If something goes wrong, tell qfileexchgd to kill us, instead of
plain exiting. Works with dropped privs, and lets qfileexchgd
use dvm-debug switch to delay dvm kill.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c122f670e
qfilexchgd: pass correct transaction_seq for delayed transaction
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
203b3fd70b
dvm: reserve a bit more ram in dom0
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
4398bad1e1
dvm: notify user when opening a document in dvm failed
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
2e927cce68
dvm: correct PATH and permissions
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
c71a1694d2
Make the message about DVM creation failure more verbose
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
a343272481
Make br0 forward traffic delay short
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
726e5808c6
Allow to call "umount" via qubes_penctl
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
55555d8bed
Always detach xvdh, even on error
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d93e6dd86b
add syslog.h to qubes_restore.c
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
a9047d63be
add qvm-dvm.desktop to rpm files section
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0462be5043
qvm-dvm.desktop entry
2010-07-21 12:57:01 +02:00
Rafal Wojtczuk
897a5ab05e
core-appvm requires mimeopen now
2010-07-21 12:57:01 +02:00