/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure that VM LVM volumes are not parsed by dom0 tools #2319

Open
marmarek opened this Issue Sep 14, 2016 · 0 comments

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 4.1
2 participants
@marmarek @andrewdavidwong
@marmarek
Member

marmarek commented Sep 14, 2016

This scanning include:

  • udev (blkid and friends)
  • lvm tools (vgscan etc)
  • looking for partition table

This all should be easy to blacklist using appropriate udev rule, similar to this:
https://github.com/QubesOS/qubes-core-admin-linux/blob/master/system-config/00-qubes-ignore-devices.rules
QubesOS/qubes-core-admin-linux@ae7656e

It needs to be included in:

  • installed dom0
  • installer/recovery boot image

@marmarek marmarek added C: installer C: other P: major task labels Sep 14, 2016

@marmarek marmarek added this to the Release 4.0 milestone Sep 14, 2016

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 6, 2017

@marmarek
WIP storage/lvm: prefix VM LVM volumes with 'vm-' 
This will allow filtering them out in udev rules - to not parse any of
it.

QubesOS/qubes-issues#2319
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
257e56c

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 9, 2017

@marmarek
storage/lvm: prefix VM LVM volumes with 'vm-' 
This will allow filtering them out in udev rules - to not parse any of
it.

QubesOS/qubes-issues#2319
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
fd5386c

@qubesos-bot qubesos-bot referenced this issue in QubesOS/updates-status Jul 4, 2017

Closed

core-admin v4.0.1 (r4.0) #100

marmarek added a commit to marmarek/qubes-linux-utils that referenced this issue Jul 6, 2017

@marmarek
udev: don't list in qvm-block any device marked to be ignored by udev 
Not only device-mapper one.
This especially include loop devices for VM disk images.

QubesOS/qubes-issues#2319
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
0d4c561

marmarek added a commit to marmarek/qubes-core-admin-linux that referenced this issue Jul 6, 2017

@marmarek
udev: exclude LVM volumes for VM images 
QubesOS/qubes-issues#2319
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
6ffac09

This was referenced Jul 6, 2017

Closed
Closed

@andrewdavidwong andrewdavidwong modified the milestones: Release 4.0, Release 4.1 Mar 31, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment