QubesOS/qubes-linux-utils
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
mm_0207537b
qubes-linux-utils/udev/udev-block-add-change
Marek Marczykowski-Górecki 764b0f3f07
udev: major cleanup in block devices handling 
1. Do not detach device forcefully when it's removed. This breaks
libvirt (which thinks the device is still there). After this change, it
is possible to detach device using libvirt, even if it was already
removed physically from backend domain (unless it is dom0 - in which
case it is still broken). So, this is partial fix for
QubesOS/qubes-issues#1082.

2. Do not trigger "change" udev event when only QubesDB state needs to
be updated - this leads to massive udev events queue, and heavy I/O
usage - for example scanning all LVM many times. In some cases it even
caused infinite event queue.

3. Do not use QUBES_EXPOSED udev property - it was needed a while back
before QubesDB, because concurrent xenstore accesses are expensive
(because of transactions). It isn't the problem on QubesDB.

4. Cache information about device-mapper, so it is possible to
reconstruct it at device remove - when the actual device cannot be
queried anymore. This is specifically about list of lower layer devices
used.

5. Allow excluding loop devices pointing at a file in directory marked
with ".qubes-exclude-block-devices" file. This is more generic than
hardcoding /var/lib/qubes.

QubesOS/qubes-issues#3084
Fixes QubesOS/qubes-issues#3073
QubesOS/qubes-issues#1082
2017-09-12 04:25:34 +02:00

171 lines
4.3 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
shopt -s nullglob
export LC_CTYPE=en_US.UTF-8
NAME=${DEVNAME#/dev/}
DESC="`echo "${ID_MODEL} (${ID_FS_LABEL})" | iconv -f utf8 -t ascii//TRANSLIT`"
SIZE=$[ $(cat /sys/$DEVPATH/size) * 512 ]
MODE=w
QDB_KEY="/qubes-block-devices/$NAME"
xs_remove() {
if is_attached /sys$DEVPATH; then
return 0
fi
if qubesdb-read -q "$QDB_KEY/desc" >/dev/null; then
qubesdb-rm "$QDB_KEY/"
qubesdb-write /qubes-block-devices ''
fi
}
is_used() {
local sys_devpath=$1
local devname=$(grep ^DEVNAME= $sys_devpath/uevent | cut -f 2 -d =)
# mounted; or enabled swap
if lsblk -dnr -o MOUNTPOINT "/dev/$devname" | grep -q .; then
return 0
fi
# part of other device-mapper
if [ -n "`ls -A $sys_devpath/holders 2> /dev/null`" ]; then
return 0
fi
# open device-mapper device
if [ -f "$sys_devpath/dm/name" ] && \
/sbin/dmsetup info "$(cat $sys_devpath/dm/name)" |\
grep -q "^Open count:.*[1-9]"; then
return 0
fi
return 1
}
refresh_another() {
# launch this script for other device
local devpath=$1
local launch_env=$(udevadm info -q all -x -p "$devpath" \
| grep ^E: | cut -d ' ' -f 2-)
env -i PATH=$PATH $launch_env $0
}
# communicate with xenstored through socket in dom0
# trying to access xenstore before xenstored is started, hang forever (in
# non-killable state), so better fail ('-s' in VM if /proc/xen isn't mounted
# yet) than hang dom0 boot
if [ ! -r /proc/xen/capabilities ] || grep -q control_d /proc/xen/capabilities; then
XENSTORE_LS="xenstore-ls -s"
else
XENSTORE_LS="xenstore-ls"
fi
is_attached() {
dev_hex=$(stat -c %t:%T /dev/$(basename $1))
if [ -z "$dev_hex" -o "$dev_hex" = "0:0" ]; then
return 1
fi
$XENSTORE_LS backend/vbd | grep -q "physical-device = \"$dev_hex\""
}
# update info about parent devices, if any:
if [ -f /sys$DEVPATH/partition ]; then
parent=$(dirname $(readlink -f /sys$DEVPATH))
refresh_another /$(realpath --relative-to=/sys $parent)
# if parent device is already attached, skip its partitions
if is_attached $parent; then
xs_remove
exit 0
fi
fi
# and underlying devices of device-mapper (if any)
for dev in /sys$DEVPATH/slaves/*; do
refresh_another /$(realpath --relative-to=/sys $dev)
done
# cache slave devices for remove event
if [ -n "$DM_NAME" ]; then
ls -1 /sys$DEVPATH/slaves/ > /var/run/qubes/block-slave-cache-$NAME
fi
# then take care of this device:
# udev rules already excluded this device:
if [ "$DM_UDEV_DISABLE_DISK_RULES_FLAG" = "1" ]; then
xs_remove
exit 0
fi
# device itself is already used
if is_used /sys$DEVPATH; then
xs_remove
exit 0
fi
# or one of its partitions is used
# or already attached (prevent attaching both device and its partition(s) at
# the same time)
for part in /sys$DEVPATH/$NAME*; do
if [ -d $part ]; then
if is_used $part || is_attached $part; then
xs_remove
exit 0
fi
fi
done
# or "empty" loop device
if [ "$MAJOR" -eq 7 -a ! -d /sys/$DEVPATH/loop ]; then
xs_remove
exit 0
fi
# ... and loop devices from excluded directories
if [[ "$NAME" = 'loop'* ]]; then
backing_file=$(cat /sys/block/${NAME%p*}/loop/backing_file)
if [ -n "$backing_file" ]; then
dir_to_check=$(dirname "$backing_file")
while [ "$dir_to_check" != "/" -a "$dir_to_check" != "." ]; do
if [ -e "$dir_to_check/.qubes-exclude-block-devices" ]; then
xs_remove
exit 0
fi
dir_to_check=$(dirname "$dir_to_check")
done
fi
fi
# Check if device is read-only
if [ "`cat /sys/$DEVPATH/ro`" -eq 1 ]; then
MODE=r
fi
# Special case for CD
if [ "$ID_TYPE" = "cd" ]; then
if [ "$ID_CDROM_MEDIA" != "1" ]; then
# Hide empty cdrom drive
xs_remove
exit 0
fi
MODE=r
fi
# Special description for loop devices
if [ -d /sys/$DEVPATH/loop ]; then
DESC=$(cat /sys/$DEVPATH/loop/backing_file)
fi
# and for device-mapper
if [ -n "$DM_NAME" ]; then
DESC="$DM_NAME"
fi
# The last one is meant to trigger watches
qubesdb-write \
"$QDB_KEY/desc" "$DESC" \
"$QDB_KEY/size" "$SIZE" \
"$QDB_KEY/mode" "$MODE" \
/qubes-block-devices ''
# Make sure that block backend is loaded
/sbin/modprobe xen-blkback 2> /dev/null || /sbin/modprobe blkbk
Reference in New Issue View Git Blame Copy Permalink