Dvmimpl – qubes

Page 1

6/8/2014

DVMimpl – Qubes

DisposableVM implementation in Qubes DisposableVM image preparation DisposableVM is not started like other VMs, by executing equivalent of xl create - it would be too slow. Instead, DisposableVM are started by restore from a savefile. Preparing a savefile is done by /usr/lib/qubes/qubes_prepare_saved_domain.sh script. It takes two mandatory arguments, appvm name (APPVM) and the savefile name, and optional path to "prerun" script. The script executes the following steps: 1. 2. 3. 4. 5.

6. 7. 8. 9.

APPVM is started by qvm-start xenstore key /local/domain/appvm_domain_id/qubes_save_request is created if prerun script was specified, copy it to qubes_save_script xenstore key wait for the qubes_used_mem key to appear (in APPVM) APPVM boots normally, up to the point in /etc/init.d/qubes_core script when the presence of qubes_save_request key is tested. If it exists, then 1. (in APPVM) if exists, prerun script is retrieved from the respective xenstore key and executed. This preloads filesystem cache with useful applications, so that they will start faster. 2. (in APPVM) the amount of used memory is stored to qubes_used_mem xenstore key 3. (in APPVM) busy-waiting for qubes_restore_complete xenstore key to appear when qubes_used_mem key appears, the domain memory is reduced to this amount, to make the savefile smaller. APPVM private image is detached the domain is saved via xl save the COW file volatile.img (cow for for root fs and swap) is packed to saved_cows.tar archive

qubes_prepare_saved_domain.sh script is somehow lowlevel. It is usually called by qvm-create-default-dvm script, that takes care of creating a special AppVM (named template_name-dvm) to be passed to qubes_prepare_saved_domain.sh, as well as copying the savefile to /dev/shm (the latter action is not done if the /var/lib/qubes/dvmdata/dont_use_shm file exists).

Restoring a DisposableVM from the savefile Normally, disposable VM is created when qubes rpc request with target $dispvm is received. Then, as a part of rpc connection setup, the qfile-daemon-dvm program is executed; it executes /usr/lib/qubes/qubes_restore program. It is crucial that this program executes quickly, to make DisposableVM creation overhead bearable for the user. Its main steps are: 1. modify the savefile so that the VM name, VM UUID, MAC address and IP address are unique 2. restore the COW files from the saved_cows.tar http://qubes-os.org/trac/wiki/DVMimpl

1/2

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.