qubes-core-admin icon indicating copy to clipboard operation
qubes-core-admin copied to clipboard

Published 20 hours ago verified publisher icon QubesOS

device identity

Open piotrbartman opened this issue 1 year ago • 2 comments

implements: QubesOS/qubes-issues/issues/9325

piotrbartman avatar Aug 20 '24 23:08 piotrbartman

Can you drop commits adding gui, instead of adding+removing gui? the PR is quite big already...

marmarek avatar Aug 20 '24 23:08 marmarek

Codecov Report

Attention: Patch coverage is 74.94253% with 218 lines in your changes missing coverage. Please review.

Project coverage is 69.39%. Comparing base (7b755c7) to head (727133f). Report is 102 commits behind head on main.

Files with missing lines Patch % Lines
qubes/device_protocol.py 74.12% 104 Missing :warning:
qubes/ext/pci.py 64.70% 30 Missing :warning:
qubes/ext/admin.py 22.22% 28 Missing :warning:
qubes/ext/block.py 84.72% 22 Missing :warning:
qubes/devices.py 82.75% 10 Missing :warning:
qubes/vm/__init__.py 62.96% 10 Missing :warning:
qubes/ext/utils.py 90.66% 7 Missing :warning:
qubes/vm/qubesvm.py 0.00% 4 Missing :warning:
qubes/api/admin.py 92.30% 3 Missing :warning:
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #614      +/-   ##
==========================================
+ Coverage   69.32%   69.39%   +0.07%     
==========================================
  Files          58       58              
  Lines       11993    12388     +395     
==========================================
+ Hits         8314     8597     +283     
- Misses       3679     3791     +112
Flag Coverage Δ
unittests 69.39% <74.94%> (+0.07%) :arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov[bot] avatar Aug 28 '24 19:08 codecov[bot]

New Device API

Classes

  • Port: A pair <backend_domain>:<port_id> with devclass (e.g., pci, usb). In the previous version, this was referred to as Device, and port_id was named ident.

  • AnyPort: A class used to handle cases where any port is accepted.

  • VirtualDevice: A pair <port>:<device_id>. This class links a device identified by device_id to a specific port. If both values are specified, the instance represents a device connected to that particular port. If the port is of type AnyPort, it represents a device identified by device_id that can be connected to any port. This is used by DeviceAssignment, which describes what to do with a device identified by device_id when connected anywhere. Similarly, when device_id is *, the instance represents any potential device connected to the given port. As a result, the device is considered "virtual" meaning it may or may not represent an actual device in the system. A device with *:* (any port and any device) is not permitted.

  • DeviceInfo: Derived from VirtualDevice. Extensions should assume that Port is provided, and based on that, device_id should return the same string for the same device, regardless of which port it is connected to. The device_id acts as a device hash and should be "human-readable". It must contain only digits, ASCII letters, spaces, and the following characters: !#$%&()*+,-./:;<>?@[\]^_{|}~. It cannot be empty or equal to *.

  • DeviceAssignment: Represents the relationship between a VirtualDevice and a frontend_domain. There are four modes:

    • manual: The device is manually attached to frontend_domain. This type of assignment does not persist across domain restarts.
    • auto-attach: Any device that matches a VirtualDevice will be automatically attached to the frontend_domain when discovered or during domain startup.
    • ask-to-attach: Functions like auto-attach, but prompts the user for confirmation before attaching. If no GUI is available, the prompt is ignored.
    • required: The device must be available during frontend_domain startup and will be attached before the domain is started.

Device Assignments

If a connected device has multiple assignments to different frontend_domain instances, the user will be asked to choose which domain to connect the device to. If no GUI client is available, the device will not be connected to any domain.

If multiple assignments exist for a connected device with different options but to the same frontend_domain, the most specific assignment will take precedence, according to the following order (from highest to lowest priority):

  1. Assignment specifies both port and device_id.
  2. Assignment specifies only the port.
  3. Assignment specifies only the device_id.

It is important to note that only one matching assignment can exist within each of the categories listed above.

API Changelog

  • New/Renamed Admin Methods for device assignments:

    • admin.vm.device.<devclass>.Assign
    • admin.vm.device.<devclass>.Unassign
    • admin.vm.device.<devclass>.Assigned
    • admin.vm.device.<devclass>.Listadmin.vm.device.<devclass>.Attached
    • admin.vm.device.<devclass>.Set.persistentadmin.vm.device.<devclass>.Set.assignment, which accepts one of the following arguments: auto-attach, ask-to-attach, or required.

  • admin.vm.device.<devclass>.Attach takes as argument serialized assignment (see DeviceAssignment.serialize).

  • admin-permission: event firing changes with new argument set:

    • admin.vm.device.<devclass>.Attach: (device, devclass, persistent, options) → (device, mode, options)
    • admin.vm.device.<devclass>.Detach: (device, devclass) → (device)
    • admin.vm.device.<devclass>.Set.assignment: (device, persistent) → (device, mode); renamed from admin.vm.device.<devclass>.Set.persistent
    • admin.vm.device.<devclass>.Assign: (device, mode, options)
    • admin.vm.device.<devclass>.Unassign: (device)

  • Extensions should provide a class derived from DeviceInfo. This class must provide at least device_id according to the rules listed in the DeviceInfo description.

  • Device extensions are responsible for emitting device-detach:<devclass> events during domain shutdown if any <devclass> device was attached.

  • To support auto-assignment, device extensions need to:

    • Implement async attach_and_notify, which attaches the device and emits device-pre-attach:<devclass> and device-attach:<devclass>.
    • Handle the domain-start event and check if any device should be attached at startup.

piotrbartman avatar Oct 15 '24 22:10 piotrbartman

As for the API changes, looks good. Should it be new file in doc/ here (linked from index and doc/qubes-devices.rst)? Or maybe added to the existing doc/qubes-devices.rst directly?

Just minor thing:

admin.vm.device.{endpoint}.Set.persistent - renamed too, and {endpoint} remained

marmarek avatar Oct 16 '24 11:10 marmarek

OpenQA test summary

Complete test suite and dependencies: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024111612-4.3&flavor=pull-requests

Test run included the following:

  • https://github.com/QubesOS/qubes-core-admin/pull/627 (https://github.com/QubesOS/qubes-core-admin/pull/627/commits/c9c4fbd5a4d80afb981855663b605be100fd8e3f)
  • https://github.com/QubesOS/qubes-core-admin-client/pull/304 (https://github.com/QubesOS/qubes-core-admin-client/pull/304/commits/250fc05020adc8eef0138a4a43af8ec1ea7353af)
  • https://github.com/QubesOS/qubes-desktop-linux-manager/pull/217 (https://github.com/QubesOS/qubes-desktop-linux-manager/pull/217/commits/b149981b06a82233a205d75703caa5baf9e30e65)
  • https://github.com/QubesOS/qubes-app-linux-usb-proxy/pull/45 (https://github.com/QubesOS/qubes-app-linux-usb-proxy/pull/45/commits/2846af8ae718f8cdbd1491c941e9e25ceb605e75)
  • https://github.com/QubesOS/qubes-manager/pull/395 (https://github.com/QubesOS/qubes-manager/pull/395/commits/338c5ed130fc2fc979e72d49466f5566374d5724)
  • https://github.com/QubesOS/qubes-gui-daemon/pull/147 (https://github.com/QubesOS/qubes-gui-daemon/pull/147/commits/c11aa04f5b1bc637e24cd5b8f8626e5bddab80d7)
  • https://github.com/QubesOS/qubes-core-admin/pull/614 (https://github.com/QubesOS/qubes-core-admin/pull/614/commits/727133f0fa36fc4da72272bfb715764d3101ac4e)

New failures, excluding unstable

Compared to: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024091704-4.3&flavor=update

  • system_tests_kde_gui_interactive
    • gui_keyboard_layout: Failed (test died) # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...

Failed tests

5 failures

  • system_tests_kde_gui_interactive

    • gui_keyboard_layout: Failed (test died) # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...

  • system_tests_basic_vm_qrexec_gui_zfs

    • switch_pool: Failed (test died) # Test died: command 'dnf install -y ./zfs-release.rpm' failed at /...

  • system_tests_audio

  • system_tests_suspend@hw1

    • [unstable] suspend: wait_serial (wait serial expected) # wait_serial expected: qr/p5~T5-\d+-/...

    • [unstable] suspend: Failed (test died + timed out) # Test died: command 'true' timed out at /usr/lib/os-autoinst/autot...

Fixed failures

Compared to: https://openqa.qubes-os.org/tests/112766#dependencies

201 fixed

Unstable tests

  • system_tests_suspend

    suspend/ (1/5 times with errors)
    suspend/Failed (1/5 times with errors)
    • job 115081 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
    suspend/wait_serial (1/5 times with errors)
    • job 115081 # wait_serial expected: qr/2E8vz-\d+-/...

  • system_tests_basic_vm_qrexec_gui

    TC_20_NonAudio_whonix-workstation-17/test_140_qrexec_filecopy_unsafe_name (1/5 times with errors)
    • job 115635 libvirt.libvirtError: internal error: libxenlight failed to create ...

  • system_tests_pvgrub_salt_storage

    TC_41_HVMGrub_debian-12-xfce/test_000_standalone_vm (1/5 times with errors)
    • job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    TC_41_HVMGrub_fedora-40-xfce/test_000_standalone_vm (2/5 times with errors)
    • job 114628 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    TC_41_HVMGrub_debian-12-xfce/test_010_template_based_vm (1/5 times with errors)
    • job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    TC_41_HVMGrub_fedora-40-xfce/test_010_template_based_vm (3/5 times with errors)
    • job 114628 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115078 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115648 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

  • system_tests_extra

    TC_00_QVCTest_whonix-workstation-17/test_020_webcam (1/5 times with errors)
    • job 115072 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...

  • system_tests_usbproxy

    TC_20_USBProxy_core3_fedora-40-xfce/test_070_attach_not_installed_front (1/5 times with errors)
    • job 117582 NameError: name 'santizied_stderr' is not defined

  • system_tests_qrexec

    TC_00_Qrexec_fedora-40-xfce/test_065_qrexec_exit_code_vm (1/5 times with errors)
    • job 115649 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_00_Qrexec_fedora-40-xfce/test_080_qrexec_service_argument_allow_default (1/5 times with errors)
    • job 115649 libvirt.libvirtError: internal error: libxenlight failed to create ...

  • system_tests_network_ipv6

    VmIPv6Networking_fedora-40-xfce/test_520_ipv6_simple_proxyvm_nm (1/5 times with errors)
    • job 115076 AssertionError: 1 != 0 : nm-applet window not found

  • system_tests_network_updates

    VmUpdates_fedora-40-xfce/test_000_simple_update (1/5 times with errors)
    • job 116867 AssertionError: 1 not found in [0, 100] : dnf clean all; dnf check-...
    TC_10_QvmTemplate_whonix-gateway-17/test_000_template_list (1/5 times with errors)
    • job 115077 qvm-template: error: No matching templates to list
    VmUpdates_debian-12-xfce/test_020_updates_available_notification (1/5 times with errors)
    • job 117610 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
    VmUpdates_debian-12-xfce/test_120_updates_available_notification_qubes_vm_update (1/5 times with errors)
    • job 115077 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...
    VmUpdates_debian-12-xfce/test_121_updates_available_notification_qubes_vm_update_cli (1/5 times with errors)
    • job 116867 subprocess.CalledProcessError: Command '/usr/lib/qubes/upgrades-sta...

  • system_tests_audio

    TC_20_AudioVM_Pulse_fedora-40-xfce/test_223_audio_play_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_224_audio_rec_muted_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_224_audio_rec_muted_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
    • job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_228_audio_rec_unmuted_pipewire (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.41970521541950...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_250_audio_playback_audiovm_pipewire (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.06471655328798...
    TC_20_AudioVM_PipeWire_debian-12-xfce/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.2878231292517,...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
    • job 115623 AssertionError: too short audio, expected 10s, got 9.34507936507936...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_252_audio_playback_audiovm_switch_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_fedora-40-xfce/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
    • job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_PipeWire_debian-12-xfce/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    TC_20_AudioVM_PipeWire_fedora-40-xfce/test_260_audio_mic_enabled_switch_audiovm (2/5 times with errors)
    • job 116847 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    • job 117586 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
    • job 115623 AssertionError: too short audio, expected 10s, got 9.05353741496598...

  • system_tests_audio@hw1

    TC_20_AudioVM_Pulse_fedora-40-xfce/test_223_audio_play_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_224_audio_rec_muted_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_224_audio_rec_muted_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_225_audio_rec_unmuted_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_225_audio_rec_unmuted_hvm (2/5 times with errors)
    • job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_228_audio_rec_unmuted_pipewire (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.41970521541950...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_250_audio_playback_audiovm_pipewire (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.06471655328798...
    TC_20_AudioVM_PipeWire_debian-12-xfce/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 9.2878231292517,...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_251_audio_playback_audiovm_pipewire_late_start (1/5 times with errors)
    • job 115623 AssertionError: too short audio, expected 10s, got 9.34507936507936...
    TC_20_AudioVM_Pulse_debian-12-xfce/test_252_audio_playback_audiovm_switch_hvm (1/5 times with errors)
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_fedora-40-xfce/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
    • job 115053 libvirt.libvirtError: internal error: libxenlight failed to create ...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_Pulse_whonix-workstation-17/test_252_audio_playback_audiovm_switch_hvm (2/5 times with errors)
    • job 115053 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 115623 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_AudioVM_PipeWire_debian-12-xfce/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
    • job 115053 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    TC_20_AudioVM_PipeWire_fedora-40-xfce/test_260_audio_mic_enabled_switch_audiovm (2/5 times with errors)
    • job 116847 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    • job 117586 AssertionError: too short audio, expected 10s, got 0.00013605442176...
    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_260_audio_mic_enabled_switch_audiovm (1/5 times with errors)
    • job 115623 AssertionError: too short audio, expected 10s, got 9.05353741496598...

  • system_tests_basic_vm_qrexec_gui_ext4

    TC_20_NonAudio_debian-12-xfce-pool/test_105_qrexec_filemove (1/5 times with errors)
    • job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-gateway-17-pool/test_105_qrexec_filemove (1/5 times with errors)
    • job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_130_qrexec_filemove_disk_full (1/5 times with errors)
    • job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_debian-12-xfce-pool/test_141_qrexec_filecopy_unsafe_symlink (1/5 times with errors)
    • job 115067 libvirt.libvirtError: internal error: libxenlight failed to create ...

  • system_tests_basic_vm_qrexec_gui@hw1

    TC_20_NonAudio_whonix-workstation-17/test_140_qrexec_filecopy_unsafe_name (1/5 times with errors)
    • job 115635 libvirt.libvirtError: internal error: libxenlight failed to create ...

  • system_tests_suspend@hw1

    suspend/ (1/5 times with errors)
    suspend/Failed (1/5 times with errors)
    • job 115081 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
    suspend/wait_serial (1/5 times with errors)
    • job 115081 # wait_serial expected: qr/2E8vz-\d+-/...

  • system_tests_basic_vm_qrexec_gui_btrfs

    TC_30_Gui_daemon/test_002_clipboard_300k (1/5 times with errors)
    • job 116856 : Clipboard copy operation failed - content...

qubesos-bot avatar Oct 26 '24 06:10 qubesos-bot

First start of sys-usb fails:

Oct 26 22:49:26 dom0 kernel: xhci_hcd 0000:05:00.3: USB bus 1 deregistered
Oct 26 22:49:26 dom0 kernel: pciback 0000:05:00.3: xen_pciback: seizing device
Oct 26 22:49:26 dom0 kernel: xen: registering gsi 37 triggering 0 polarity 1
Oct 26 22:49:26 dom0 kernel: Already setup the GSI :37
Oct 26 22:49:26 dom0 kernel: xhci_hcd 0000:05:00.4: remove, state 4
Oct 26 22:49:26 dom0 kernel: usb usb4: USB disconnect, device number 1
Oct 26 22:49:26 dom0 kernel: xhci_hcd 0000:05:00.4: USB bus 4 deregistered
Oct 26 22:49:26 dom0 kernel: xhci_hcd 0000:05:00.4: remove, state 1
Oct 26 22:49:26 dom0 kernel: usb usb3: USB disconnect, device number 1
Oct 26 22:49:26 dom0 kernel: usb 3-3: USB disconnect, device number 2
Oct 26 22:49:26 dom0 kernel: audit: type=1137 audit(1729982966.997:111): pid=2308 uid=0 auid=4294967295 ses=4294967295 msg='op="removed-device" device="/devices/pci0000:00/0000:00:08.1/0000:05:00.4/usb4" device_rule=616C6C6F7720696420316436623A30303033206E616D652022784843492048>
Oct 26 22:49:26 dom0 audit[2308]: USER_DEVICE pid=2308 uid=0 auid=4294967295 ses=4294967295 msg='op="removed-device" device="/devices/pci0000:00/0000:00:08.1/0000:05:00.4/usb4" device_rule=616C6C6F7720696420316436623A30303033206E616D6520227848434920486F737420436F6E74726F6C6C657>
Oct 26 22:49:27 dom0 audit[2308]: USER_DEVICE pid=2308 uid=0 auid=4294967295 ses=4294967295 msg='op="removed-device" device="/devices/pci0000:00/0000:00:08.1/0000:05:00.4/usb3/3-3" device_rule=616C6C6F7720696420316436623A30313034206E616D652022436F6D706F73697465204B564D204465766>
Oct 26 22:49:27 dom0 audit[2308]: USER_DEVICE pid=2308 uid=0 auid=4294967295 ses=4294967295 msg='op="removed-device" device="/devices/pci0000:00/0000:00:08.1/0000:05:00.4/usb3/3-4" device_rule=626C6F636B20696420303430383A35333433206E616D65202248502048442043616D65726122207669612>
Oct 26 22:49:27 dom0 audit[2308]: USER_DEVICE pid=2308 uid=0 auid=4294967295 ses=4294967295 msg='op="removed-device" device="/devices/pci0000:00/0000:00:08.1/0000:05:00.4/usb3" device_rule=616C6C6F7720696420316436623A30303032206E616D6520227848434920486F737420436F6E74726F6C6C657>
Oct 26 22:49:27 dom0 kernel: usb 3-4: USB disconnect, device number 3
Oct 26 22:49:27 dom0 kernel: xhci_hcd 0000:05:00.4: USB bus 3 deregistered
Oct 26 22:49:27 dom0 kernel: pciback 0000:05:00.4: xen_pciback: seizing device
Oct 26 22:49:27 dom0 kernel: xen: registering gsi 38 triggering 0 polarity 1
Oct 26 22:49:27 dom0 kernel: Already setup the GSI :38
Oct 26 22:49:27 dom0 qubesd[2321]: vm.sys-usb: Start failed: Node device not found: no node device with matching name 'usb_usb3'
Oct 26 22:49:27 dom0 qubesd[2321]: vm.sys-usb: start failed
Oct 26 22:49:27 dom0 qubesd[2321]: Traceback (most recent call last):
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/api/admin.py", line 868, in vm_start
Oct 26 22:49:27 dom0 qubesd[2321]:     await self.dest.start()
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/vm/dispvm.py", line 253, in start
Oct 26 22:49:27 dom0 qubesd[2321]:     await super().start(**kwargs)
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/vm/qubesvm.py", line 1184, in start
Oct 26 22:49:27 dom0 qubesd[2321]:     for device in ass.devices:
Oct 26 22:49:27 dom0 qubesd[2321]:                   ^^^^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/device_protocol.py", line 1285, in devices
Oct 26 22:49:27 dom0 qubesd[2321]:     for dev in self.backend_domain.devices[self.devclass]:
Oct 26 22:49:27 dom0 qubesd[2321]:                ~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/devices.py", line 438, in get_exposed_devices
Oct 26 22:49:27 dom0 qubesd[2321]:     yield from self._vm.fire_event("device-list:" + self._bus)
Oct 26 22:49:27 dom0 qubesd[2321]:                ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/events.py", line 195, in fire_event
Oct 26 22:49:27 dom0 qubesd[2321]:     sync_effects, async_effects = self._fire_event(event, kwargs,
Oct 26 22:49:27 dom0 qubesd[2321]:                                   ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:         pre_event=pre_event)
Oct 26 22:49:27 dom0 qubesd[2321]:         ^^^^^^^^^^^^^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/events.py", line 168, in _fire_event
Oct 26 22:49:27 dom0 qubesd[2321]:     effects.extend(effect)
Oct 26 22:49:27 dom0 qubesd[2321]:     ~~~~~~~~~~~~~~^^^^^^^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib/python3.13/site-packages/qubes/ext/pci.py", line 358, in on_device_list_pci
Oct 26 22:49:27 dom0 qubesd[2321]:     if "pci" not in dev.listCaps():
Oct 26 22:49:27 dom0 qubesd[2321]:                     ~~~~~~~~~~~~^^
Oct 26 22:49:27 dom0 qubesd[2321]:   File "/usr/lib64/python3.13/site-packages/libvirt.py", line 6624, in listCaps
Oct 26 22:49:27 dom0 qubesd[2321]:     raise libvirtError('virNodeDeviceListCaps() failed')
Oct 26 22:49:27 dom0 qubesd[2321]: libvirt.libvirtError: Node device not found: no node device with matching name 'usb_usb3'
Oct 26 22:49:27 dom0 qvm-start[3421]: Error: Start failed: Node device not found: no node device with matching name 'usb_usb3', see /var/log/libvirt/libxl/libxl-driver.log for details

Retrying sys-usb start works.

This one is weird, but I think it's related to some caching, maybe on libvirt side? See the USB controllers were disconnected from dom0 just above, yet "usb_usb3" was still listed there. I think the cleanest way is to catch this exception in dev.listCaps() call and skip the device (following logic as if caps can't be listed, it isn't "pci"). Alternatively maybe there is some cache flush to be done, but that still may be racy (if you have two usbvms for example)...

nodedev list

taken before starting sys-usb

root@dom0:~# virsh -c xen  nodedev-list
block_sda_SanDisk_SSD_PLUS_240GB_22106H803526
computer
drm_card0
drm_renderD128
net_lo_00_00_00_00_00_00
pci_0000_00_00_0
pci_0000_00_00_2
pci_0000_00_01_0
pci_0000_00_01_2
pci_0000_00_01_3
pci_0000_00_02_0
pci_0000_00_02_1
pci_0000_00_02_4
pci_0000_00_08_0
pci_0000_00_08_1
pci_0000_00_08_2
pci_0000_00_14_0
pci_0000_00_14_3
pci_0000_00_18_0
pci_0000_00_18_1
pci_0000_00_18_2
pci_0000_00_18_3
pci_0000_00_18_4
pci_0000_00_18_5
pci_0000_00_18_6
pci_0000_00_18_7
pci_0000_01_00_0
pci_0000_02_00_0
pci_0000_03_00_0
pci_0000_04_00_0
pci_0000_04_00_1
pci_0000_04_00_2
pci_0000_04_00_3
pci_0000_05_00_0
pci_0000_05_00_1
pci_0000_05_00_2
pci_0000_05_00_3
pci_0000_05_00_4
pci_0000_05_00_5
pci_0000_05_00_6
pci_0000_06_00_0
pci_0000_06_00_1
scsi_2_0_0_0
scsi_generic_sg0
scsi_host0
scsi_host1
scsi_host2
scsi_host3
scsi_target2_0_0
usb_1_0_1_0
usb_1_3
usb_1_4
usb_2_0_1_0
usb_3_0_1_0
usb_3_3
usb_3_3_1_0
usb_3_3_1_1
usb_3_4
usb_4_0_1_0
usb_usb1
usb_usb2
usb_usb3
usb_usb4

marmarek avatar Oct 26 '24 22:10 marmarek

Looking at the traceback a bit closer, here:

Oct 26 22:49:27 dom0 qubesd[2321]: for device in ass.devices:

it tries to get device for a specific assignment (so, it knows which device it wants). Yet it results in

Oct 26 22:49:27 dom0 qubesd[2321]: File "/usr/lib/python3.13/site-packages/qubes/devices.py", line 438, in get_exposed_devices Oct 26 22:49:27 dom0 qubesd[2321]: yield from self._vm.fire_event("device-list:" + self._bus)

... listing all of them. This sounds quite bad performance-wise (quadratic number of calls to whatever device backend it has)

marmarek avatar Oct 27 '24 11:10 marmarek

... listing all of them. This sounds quite bad performance-wise (quadratic number of calls to whatever device backend it has)

This is not entirely true. The property: devices searches all devices only if the assignment requires it (i.e. it included * as port_id). I guess it not a case here, so the last commit should help.

piotrbartman avatar Oct 29 '24 22:10 piotrbartman

Ok, so remaining issue is about the unit tests, for example:

  File "templates/libvirt/xen.xml", line 160, in block 'devices'
    {% for device in assignment.devices %}
    ^^^^^^^^^^^^^^^^^^^^^^^^^
jinja2.exceptions.UndefinedError: 'qubes.device_protocol.DeviceAssignment object' has no attribute 'devices'

And there are also 2 minor pylint compains

marmarek avatar Oct 30 '24 00:10 marmarek

Please note that from our previous diagnosis, mypy complains with your fix * for positional argument:

qubes/ext/utils.py:51: error: Too many positional arguments for "DeviceInfo"  [misc]
qubes/ext/utils.py:59: error: Too many positional arguments for "DeviceInfo"  [misc]
qubes/ext/utils.py:62: error: Too many positional arguments for "DeviceInfo"  [misc]
qubes/ext/utils.py:65: error: Too many positional arguments for "DeviceInfo"  [misc]
Found 4 errors in 1 file (checked 60 source files)

fepitre avatar Oct 30 '24 12:10 fepitre

Note to self: check what happens when starting VM with PCI device that got removed

marmarek avatar Oct 30 '24 13:10 marmarek