2de5a8e894
If kernel package ships default-kernelopts-common.txt file, use that instead of hardcoded Linux-specific options. For Linux kernel it may include xen_scrub_pages=0 option, but only if initrd shipped with this kernel re-enable this option later. QubesOS/qubes-issues#4839 QubesOS/qubes-issues#4736
191 lines
7.4 KiB
XML
191 lines
7.4 KiB
XML
<domain type="xen">
|
|
{% block basic %}
|
|
<name>{{ vm.name }}</name>
|
|
<uuid>{{ vm.uuid }}</uuid>
|
|
{% if ((vm.virt_mode == 'hvm' and vm.devices['pci'].persistent() | list)
|
|
or vm.maxmem == 0) -%}
|
|
<memory unit="MiB">{{ vm.memory }}</memory>
|
|
{% else -%}
|
|
<memory unit="MiB">{{ vm.maxmem }}</memory>
|
|
{% endif -%}
|
|
<currentMemory unit="MiB">{{ vm.memory }}</currentMemory>
|
|
<vcpu placement="static">{{ vm.vcpus }}</vcpu>
|
|
{% endblock %}
|
|
{% block cpu %}
|
|
{% if vm.virt_mode != 'pv' %}
|
|
<cpu mode='host-passthrough'>
|
|
<!-- disable nested HVM -->
|
|
<feature name='vmx' policy='disable'/>
|
|
<feature name='svm' policy='disable'/>
|
|
<!-- disable SMAP inside VM, because of Linux bug -->
|
|
<feature name='smap' policy='disable'/>
|
|
</cpu>
|
|
{% endif %}
|
|
{% endblock %}
|
|
<os>
|
|
{% block os %}
|
|
{% if vm.virt_mode == 'hvm' %}
|
|
<type arch="x86_64" machine="xenfv">hvm</type>
|
|
<!--
|
|
For the libxl backend libvirt switches between OVMF (UEFI)
|
|
and SeaBIOS based on the loader type. This has nothing to
|
|
do with the hvmloader binary.
|
|
-->
|
|
<loader type="{{ "pflash" if vm.features.check_with_template('uefi', False) else "rom" }}">hvmloader</loader>
|
|
<boot dev="cdrom" />
|
|
<boot dev="hd" />
|
|
{% else %}
|
|
{% if vm.virt_mode == 'pvh' %}
|
|
<type arch="x86_64" machine="xenfv">pvh</type>
|
|
{% else %}
|
|
<type arch="x86_64" machine="xenpv">linux</type>
|
|
{% endif %}
|
|
<kernel>{{ vm.storage.kernels_dir }}/vmlinuz</kernel>
|
|
<initrd>{{ vm.storage.kernels_dir }}/initramfs</initrd>
|
|
{% endif %}
|
|
{% if vm.kernel %}
|
|
{% if vm.features.check_with_template('no-default-kernelopts', False) -%}
|
|
<cmdline>{{ vm.kernelopts }}</cmdline>
|
|
{% else -%}
|
|
<cmdline>{{ vm.kernelopts_common }}{{ vm.kernelopts }}</cmdline>
|
|
{% endif -%}
|
|
{% endif %}
|
|
{% endblock %}
|
|
</os>
|
|
|
|
<features>
|
|
{% block features %}
|
|
{% if vm.virt_mode != 'pv' %}
|
|
<pae/>
|
|
<acpi/>
|
|
<apic/>
|
|
<viridian/>
|
|
{% endif %}
|
|
|
|
{% if vm.devices['pci'].persistent() | list
|
|
and vm.features.get('pci-e820-host', True) %}
|
|
<xen>
|
|
<e820_host state="on"/>
|
|
</xen>
|
|
{% endif %}
|
|
{% endblock %}
|
|
</features>
|
|
|
|
{% block clock %}
|
|
{% if vm.virt_mode == 'hvm' %}
|
|
{% set timezone = vm.features.check_with_template('timezone', 'localtime').lower() %}
|
|
{% if timezone == 'localtime' %}
|
|
<clock offset="variable" adjustment="0" basis="localtime" />
|
|
{% elif timezone.isdigit() %}
|
|
<clock offset="variable" adjustment="{{ timezone }}" basis="UTC" />
|
|
{% else %}
|
|
<clock offset="variable" adjustment="0" basis="UTC" />
|
|
{% endif %}
|
|
{% else %}
|
|
<clock offset='utc' adjustment='reset'>
|
|
<timer name="tsc" mode="native"/>
|
|
</clock>
|
|
{% endif %}
|
|
{% endblock %}
|
|
|
|
{% block on %}
|
|
<on_poweroff>destroy</on_poweroff>
|
|
<on_reboot>destroy</on_reboot>
|
|
<on_crash>destroy</on_crash>
|
|
{% endblock %}
|
|
|
|
<devices>
|
|
{% block devices %}
|
|
{% set i = 0 %}
|
|
{# TODO Allow more volumes out of the box #}
|
|
{% set dd = ['e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
|
|
'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y']
|
|
%}
|
|
{% for device in vm.block_devices %}
|
|
<disk type="block" device="{{ device.devtype }}">
|
|
<driver name="phy" />
|
|
<source dev="{{ device.path }}" />
|
|
{% if device.name == 'root' %}
|
|
<target dev="xvda" />
|
|
{% elif device.name == 'private' %}
|
|
<target dev="xvdb" />
|
|
{% elif device.name == 'volatile' %}
|
|
<target dev="xvdc" />
|
|
{% elif device.name == 'kernel' %}
|
|
<target dev="xvdd" />
|
|
{% else %}
|
|
<target dev="xvd{{dd[i]}}" />
|
|
{% set i = i + 1 %}
|
|
{% endif %}
|
|
|
|
{% if not device.rw %}
|
|
<readonly />
|
|
{% endif %}
|
|
|
|
{% if device.domain %}
|
|
<backenddomain name="{{ device.domain }}" />
|
|
{% endif %}
|
|
|
|
{% if device.script %}
|
|
<script path="{{ device.script }}" />
|
|
{% endif %}
|
|
</disk>
|
|
{% endfor %}
|
|
|
|
{# start external devices from xvdi #}
|
|
{% set i = 4 %}
|
|
{% for assignment in vm.devices.block.assignments(True) %}
|
|
{% set device = assignment.device %}
|
|
{% set options = assignment.options %}
|
|
{% include 'libvirt/devices/block.xml' %}
|
|
{% endfor %}
|
|
|
|
{% if vm.netvm %}
|
|
{% include 'libvirt/devices/net.xml' with context %}
|
|
{% endif %}
|
|
|
|
{% for assignment in vm.devices.pci.assignments(True) %}
|
|
{% set device = assignment.device %}
|
|
{% set options = assignment.options %}
|
|
{% include 'libvirt/devices/pci.xml' %}
|
|
{% endfor %}
|
|
|
|
{% if vm.virt_mode == 'hvm' %}
|
|
<!-- server_ip is the address of stubdomain. It hosts it's own DNS server. -->
|
|
<emulator
|
|
{% if vm.features.check_with_template('linux-stubdom', True) %}
|
|
type="stubdom-linux"
|
|
{% else %}
|
|
type="stubdom"
|
|
{% endif %}
|
|
{% if vm.netvm and not
|
|
vm.features.check_with_template('linux-stubdom', True) %}
|
|
cmdline="-net lwip,client_ip={{ vm.ip -}}
|
|
,server_ip={{ vm.dns[1] -}}
|
|
,dns={{ vm.netvm.gateway -}}
|
|
,gw={{ vm.netvm.gateway -}}
|
|
,netmask={{ vm.netmask }}"
|
|
{% endif %}
|
|
{% if vm.stubdom_mem %}
|
|
memory="{{ vm.stubdom_mem * 1024 -}}"
|
|
{% endif %}
|
|
/>
|
|
<input type="tablet" bus="usb"/>
|
|
<video>
|
|
<model type="{{ vm.features.check_with_template('video-model', 'vga') }}"/>
|
|
</video>
|
|
{% if vm.features.check_with_template('linux-stubdom', True) %}
|
|
{# TODO only add qubes gui if gui-agent is not installed in HVM #}
|
|
<graphics type="qubes"/>
|
|
{% endif %}
|
|
{% else %}
|
|
<console type="pty">
|
|
<target type="xen" port="0"/>
|
|
</console>
|
|
{% endif %}
|
|
{% endblock %}
|
|
</devices>
|
|
</domain>
|
|
|
|
<!-- vim: set ft=jinja ts=4 sts=4 sw=4 et tw=80 : -->
|