Merge remote-tracking branch 'origin/pr/514'

* origin/pr/514:
  qmemman: drop support for old meminfo format
  Tighten xenstore access for meminfo-writer
  tests: fix pretending VM is running
  reduce default SWIOTLB size when no PCI devs are used

qubes/config.py

@@ -52,7 +52,7 @@
     'libvirt_uri': 'xen:///',
     'memory': 400,
     'hvm_memory': 400,
-    'kernelopts': "",
+    'kernelopts': "swiotlb=2048",
     'kernelopts_pcidevs': "",
     'kernelopts_common': ('root=/dev/mapper/dmroot ro nomodeset console=hvc0 '
              'rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 '),

qubes/qmemman/algo.py

@@ -42,65 +42,9 @@ def sanitize_and_parse_meminfo(untrusted_meminfo):
     if untrusted_meminfo.isdigit():
         return int(untrusted_meminfo) * 1024
 
-    untrusted_meminfo = untrusted_meminfo.decode('ascii', errors='strict')
-    # not new syntax - try the old one
-    untrusted_dict = {}
-    # split meminfo contents into lines
-    untrusted_lines = untrusted_meminfo.split("\n")
-    for untrusted_lines_iterator in untrusted_lines:
-        # split a single meminfo line into words
-        untrusted_words = untrusted_lines_iterator.split()
-        if len(untrusted_words) >= 2:
-            untrusted_dict[untrusted_words[0].rstrip(":")] = \
-                untrusted_words[1]
-
-    # sanitize start
-    if not is_meminfo_suspicious(untrusted_dict):
-        # sanitize end
-        meminfo = untrusted_dict
-        return (meminfo['MemTotal'] -
-                meminfo['MemFree'] - meminfo['Cached'] - meminfo['Buffers'] +
-                meminfo['SwapTotal'] - meminfo['SwapFree']) * 1024
-
     return None
 
 
-def is_meminfo_suspicious(untrusted_meminfo):
-    log.debug('is_meminfo_suspicious(untrusted_meminfo=%r)', untrusted_meminfo)
-    ret = False
-
-    # check whether the required keys exist and are not negative
-    try:
-        for i in ('MemTotal', 'MemFree', 'Buffers', 'Cached',
-        'SwapTotal', 'SwapFree'):
-            if not untrusted_meminfo[i].isdigit():
-                ret = True
-            else:
-                val = int(untrusted_meminfo[i])
-                if val < 0:
-                    ret = True
-                untrusted_meminfo[i] = val
-    except:
-        ret = True
-
-    if untrusted_meminfo['SwapTotal'] < untrusted_meminfo['SwapFree']:
-        ret = True
-    if untrusted_meminfo['MemTotal'] < \
-                            untrusted_meminfo['MemFree'] + \
-                            untrusted_meminfo['Cached'] + untrusted_meminfo[
-                'Buffers']:
-        ret = True
-    # we could also impose some limits on all the above values
-    # but it has little purpose - all the domain can gain by passing e.g.
-    # very large SwapTotal is that it will be assigned all free Xen memory
-    # it can be achieved with legal values, too, and it will not allow to
-    # starve existing domains, by design
-    if ret:
-        log.warning('suspicious meminfo untrusted_meminfo={!r}'.format(
-            untrusted_meminfo))
-    return ret
-
-
 # called when a domain updates its 'meminfo' xenstore key
 def refresh_meminfo_for_domain(domain, untrusted_xenstore_key):
     domain.mem_used = sanitize_and_parse_meminfo(untrusted_xenstore_key)

qubes/tests/vm/qubesvm.py

@@ -771,7 +771,7 @@ def test_600_libvirt_xml_pv(self):
             <type arch="x86_64" machine="xenpv">linux</type>
             <kernel>/tmp/kernel/vmlinuz</kernel>
             <initrd>/tmp/kernel/initramfs</initrd>
-            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0</cmdline>
+            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 swiotlb=2048</cmdline>
         </os>
         <features>
         </features>
@@ -900,7 +900,7 @@ def test_600_libvirt_xml_hvm_dom0_kernel(self):
             <loader type="rom">hvmloader</loader>
             <boot dev="cdrom" />
             <boot dev="hd" />
-            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0</cmdline>
+            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 swiotlb=2048</cmdline>
         </os>
         <features>
             <pae/>
@@ -967,7 +967,7 @@ def test_600_libvirt_xml_hvm_dom0_kernel_kernelopts(self):
             <loader type="rom">hvmloader</loader>
             <boot dev="cdrom" />
             <boot dev="hd" />
-            <cmdline>kernel &lt;text&gt;&#39;&#34;&amp; specific options</cmdline>
+            <cmdline>kernel &lt;text&gt;&#39;&#34;&amp; specific options swiotlb=2048</cmdline>
         </os>
         <features>
             <pae/>
@@ -1031,7 +1031,7 @@ def test_600_libvirt_xml_pvh(self):
             <type arch="x86_64" machine="xenpvh">xenpvh</type>
             <kernel>/tmp/kernel/vmlinuz</kernel>
             <initrd>/tmp/kernel/initramfs</initrd>
-            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0</cmdline>
+            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 swiotlb=2048</cmdline>
         </os>
         <features>
             <pae/>
@@ -1101,7 +1101,7 @@ def test_600_libvirt_xml_pvh_no_membalance(self):
             <type arch="x86_64" machine="xenpvh">xenpvh</type>
             <kernel>/tmp/kernel/vmlinuz</kernel>
             <initrd>/tmp/kernel/initramfs</initrd>
-            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0</cmdline>
+            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 swiotlb=2048</cmdline>
         </os>
         <features>
             <pae/>
@@ -1340,7 +1340,7 @@ def test_600_libvirt_xml_hvm_cdrom_dom0_kernel_boot(self):
             <loader type="rom">hvmloader</loader>
             <boot dev="cdrom" />
             <boot dev="hd" />
-            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0</cmdline>
+            <cmdline>root=/dev/mapper/dmroot ro nomodeset console=hvc0 rd_NO_PLYMOUTH rd.plymouth.enable=0 plymouth.enable=0 swiotlb=2048</cmdline>
         </os>
         <features>
             <pae/>
@@ -1710,6 +1710,7 @@ def test_621_qdb_vm_with_network(self, mock_qubesdb, mock_urandom,
         # pretend the VM is running...
         vm._qubesprop_xid = 3
         netvm.kernel = None
+        netvm._qubesprop_xid = 4
         test_qubesdb = TestQubesDB()
         mock_qubesdb.write.side_effect = test_qubesdb.write
         mock_qubesdb.rm.side_effect = test_qubesdb.rm
@@ -1855,6 +1856,7 @@ def test_622_qdb_guivm_keyboard_layout(self, mock_qubesdb, mock_urandom,
         vm.netvm = None
         vm.guivm = guivm
         vm.is_running = lambda: True
+        vm._qubesprop_xid = 2
         guivm.keyboard_layout = 'fr++'
         guivm.is_running = lambda: True
         guivm._libvirt_domain = unittest.mock.Mock(**{'ID.return_value': 2})
@@ -1905,6 +1907,7 @@ def test_623_qdb_audiovm(self, mock_qubesdb, mock_urandom,
         vm.netvm = None
         vm.audiovm = audiovm
         vm.is_running = lambda: True
+        vm._qubesprop_xid = 2
         audiovm.is_running = lambda: True
         audiovm._libvirt_domain = unittest.mock.Mock(**{'ID.return_value': 2})
         vm.events_enabled = True
@@ -1978,6 +1981,7 @@ def test_625_qdb_keyboard_layout_change(self, mock_qubesdb, mock_urandom,
         vm.netvm = None
         vm.guivm = guivm
         vm.is_running = lambda: True
+        vm._qubesprop_xid = 2
         guivm.keyboard_layout = 'fr++'
         guivm.is_running = lambda: True
         guivm._libvirt_domain = unittest.mock.Mock(**{'ID.return_value': 2})

qubes/vm/qubesvm.py

@@ -2270,10 +2270,12 @@ def create_qdb_entries(self):
 
         # TODO: Currently the whole qmemman is quite Xen-specific, so stay with
         # xenstore for it until decided otherwise
-        if qmemman_present:
+        if qmemman_present and self.maxmem:
+            xs_basedir = f"/local/domain/{self.xid}"
+            self.app.vmm.xs.write('',
+                                  f"{xs_basedir}/memory/meminfo", "")
             self.app.vmm.xs.set_permissions('',
-                                            '/local/domain/{}/memory'.format(
-                                                self.xid),
+                                            f"{xs_basedir}/memory/meminfo",
                                             [{'dom': self.xid}])
 
         self.fire_event('domain-qdb-create')