The Qubes OS Project issue tracker
Home Page: https://www.qubes-os.org/doc/issue-tracking/
This repository tracks issues and feature development progress for the Qubes OS Project. Please take a moment to read the following important information:
You can file a new issue or view all issues.
Reported by wikimaster on 6 Apr 2010 17:34 UTC
Migrated-From: https://wiki.qubes-os.org/ticket/13
Reported by joanna on 1 Jul 2010 13:48 UTC
A working netvm. Perhaps we should consider using an HVM Linux for netvm -- this might result in better driver compatibility, since there would not be a problem of mfn!=pfn anymore.
TODO: can we have netbackend in HVM linux?
Migrated-From: https://wiki.qubes-os.org/ticket/49
Reported by joanna on 13 May 2010 18:28 UTC
User should be able to click on "Set default NetVM" menu in the manager, and then should be presented with a list of possible netvms (e.g. Dom0, netvm). The manager should take care about switching the netvm's, in particular should do the equivalents of the following:
Migrated-From: https://wiki.qubes-os.org/ticket/34
Reported by joanna on 6 Apr 2010 17:41 UTC
The currently used pvops0 kernel (2.6.32.9-7.qubes) is based on xen/stable-2.6.32.9 branch and Fedora backported nouveau's patches. This kernel, when run as Dom0 under Xen, doesn't support HW accel for nouveau driver, the default driver for NVidia graphics cards.
The users can still get around the problem, but this requires complicated setup, and also doesn't let the user to use various "desktop effects" in Dom0.
Migrated-From: https://wiki.qubes-os.org/ticket/15
Reported by joanna on 1 Jul 2010 16:53 UTC
On high definition displays (e.g. 1600x900) the dummy driver we use in AppVMs refuses to accept the high resolutions, because hsync param being out of range.
We should figure out a correct way how to set hsync/vsync and modeline params for the vm dummy xorg driver, so that it always happily accept the resolution that the use has in Dom0.
Migrated-From: https://wiki.qubes-os.org/ticket/50
Reported by joanna on 8 Jun 2010 10:11 UTC
Update the template accordingly.
Migrated-From: https://wiki.qubes-os.org/ticket/43
Reported by joanna on 26 Apr 2010 10:59 UTC
Currently we only draw color frames around each appviewer window (the color is specified by the VM's label), but it would be much more desirable to patch the Dom0's Window Manager (KDE) to draw the appviewer's window decorations (i.e. titlebar, frame), in the given color. Besides, having the WM drawing the window frame (instead the appviewer app) would be better, because the frame would not overlap with the window contents (currently this can be observed with a 2px frame and e.g. a terminal application -- the edges are a little cropped).
Migrated-From: https://wiki.qubes-os.org/ticket/26
Reported by joanna on 26 Apr 2010 09:15 UTC
When an app changes its title bar contents, the appviewer ignores the change and keep the original name in the title bar. Some apps dynamically remap the title bar names at startup (e.g. Thunderbird, Dolphin), so it would be nice to have it correctly implemented, so that the user see something meaningful in the task bar.
Migrated-From: https://wiki.qubes-os.org/ticket/25
Reported by joanna on 14 Apr 2010 09:35 UTC
See this report on qubes-devel:
http://groups.google.com/group/qubes-devel/browse_thread/thread/8d3ce942edaabbe1
I can confirm this on my machine too (laptop with a touchpad that emulates mouse events) -- scrolling works for Dom0 apps, but not for AppVM's apps (more specifically only scrolling up works).
Migrated-From: https://wiki.qubes-os.org/ticket/18
Reported by joanna on 6 Apr 2010 17:37 UTC
The currently tried pvops0 kernels seem to have poor support for S3 Sleep. Perhaps we should move on to Xen 4? Or perhaps we should switch to a non-pvops kernel?
Migrated-From: https://wiki.qubes-os.org/ticket/14
Reported by joanna on 2 Jun 2010 10:20 UTC
Migrated-From: https://wiki.qubes-os.org/ticket/41
Reported by joanna on 6 Apr 2010 17:01 UTC
Configure the NetVM's bridge so that VMs cannot send packets to each other.
Migrated-From: https://wiki.qubes-os.org/ticket/4
Reported by joanna on 20 Apr 2010 22:06 UTC
According to this message:
http://groups.google.com/group/qubes-devel/msg/9d23cd9c26127ed7
The XShmPutImage() function, that is used by guid in Dom0 to draw the actual app's pixmap, might attempt to schedule a DMA from the SHM region to video memory. The SHM memory in our case belongs originaly to DomU and is being brought to Dom0 via xc_map_foreign_pages() (see http://qubes-os.org/gitweb/?p=rafal/gui.git;a=blob;f=shmoverride/shmoverride.c;h=77be2127948436013dc8a57ea069901a5d33ec03;hb=HEAD#l48).
If xc_map_foreign_pages() doesn't update IOMMU/VT-d tables so that the mapped pages belong also to Dom0, than the graphics card, that is VT-d assigned to Dom0, would not be able to do DMA read from those pages, and so the XShmPutImage() might not work correctly (not at all in fact).
TODO: check if xc_map_foreign_pages() updates IOMMU/VT-d tables, and if not discuss a way to add such behaviour on xen-devel and implement a patch.
Migrated-From: https://wiki.qubes-os.org/ticket/23
Reported by rafal on 4 Jun 2010 11:25 UTC
It seems that it is normal that /sbin/iptables may fail with the subject error. Get rid of it from shell scripts where possible; use iptables-restore elsewhere.
Migrated-From: https://wiki.qubes-os.org/ticket/42
Reported by joanna on 30 Apr 2010 17:45 UTC
Allow the user to install per-AppVM local apps in /usr/local.
Simple ln -sf /rw/usrlocal /usr/local should do the trick I think.
Migrated-From: https://wiki.qubes-os.org/ticket/27
Reported by wikimaster on 6 Apr 2010 15:13 UTC
An easy to use installer, downloadable as a DVD ISO.
Migrated-From: https://wiki.qubes-os.org/ticket/1
Reported by joanna on 16 May 2010 11:29 UTC
Sometime, when resizing an appviewer window, and especially when starting a new app that does some resizing on start, e.g. Firefox, the Window enters the "unstable" or "oscillation" phase, when its size changes back and forth between the two values tens of times per second. Quite annoying for your eyes, and the only way to get around it seems to be closing the app and starting it again.
Migrated-From: https://wiki.qubes-os.org/ticket/35
Reported by joanna on 13 May 2010 18:22 UTC
User should be able to click the update button in the manager, and it should take care about:
Migrated-From: https://wiki.qubes-os.org/ticket/32
Reported by wikimaster on 6 Apr 2010 17:15 UTC
Retrieve audio buffers from AppVMs via vchan (our library we use for GUI virtualization, based on Xen shared memory AKA Grant Tables) and mix together in Dom0.
Migrated-From: https://wiki.qubes-os.org/ticket/8
Reported by joanna on 19 Apr 2010 14:59 UTC
In the KDE menu in Dom0, some of the apps that normally should be accessible via the "Computer" menu (e.g. System Settings) disappear. They are still accessible via "Applications" -> Settings menu though.
This is strange.
Migrated-From: https://wiki.qubes-os.org/ticket/21
Reported by joanna on 9 May 2010 11:11 UTC
GUI agent exited, the following in the AppVM logs:
update_pixmap (one in 50) for 0x80002b x=1 y=151 w=1260 h=598
update_pixmap (one in 50) for 0x80002b x=1 y=242 w=1260 h=507
update_pixmap (one in 50) for 0x80002b x=1 y=216 w=1260 h=533
CREATE for already existing 0x1a00043
Perhaps we should do just a return instead of exit(1) in process_xevent_createnotify?
Migrated-From: https://wiki.qubes-os.org/ticket/30
Reported by joanna on 6 Apr 2010 17:10 UTC
...and display a warning to the user, that e.g. without IOMMU/VT-d there is no point of having a NetVM, as it cannot be securely isolated on a system without VT-d.
Migrated-From: https://wiki.qubes-os.org/ticket/6
Reported by joanna on 16 May 2010 13:46 UTC
When a user presses one of the modifier keys (Ctrl, Alt, Shift) and then change focus to another appviewer window, belonging to a different AppVM, but still while holding the modifier key, then when returning to the original VM, it will consider the modifier key never been released and would interpret all the subsequent keystrokes as if entered together with the modifier key (that currently is not down).
Proposed solution: Check the status of all the modifier keys when an appviewer window obtains focus, and send key_down messages if necessary.
Migrated-From: https://wiki.qubes-os.org/ticket/36
Reported by joanna on 6 Apr 2010 17:08 UTC
Research options for automatically or semi-automatically handling a situation when a given AppVM needs more storage (private.img) than originally assigned.
Currently if a user wants to extend private storage for an AppVM, the user must do something like this:
cd /var/lib/qubes/appvms/XXX/
mkdir mnt mnt.new
mount -o loop,ro private.img mnt
truncate -s <new_max_size> private-new.img
mkfs.ext4 private-new.img
mount -o loop private-new.img mnt.new
cp -pr mnt/* mnt.new/
umount mnt mnt.new
rm -f private.img mnt mnt.new
mv private-new.img private.img
... which is a bit, well, not user-friendly ;)
Migrated-From: https://wiki.qubes-os.org/ticket/5
Reported by joanna on 6 May 2010 10:56 UTC
Currently xmessage is used by GUId to display some warnings, e.g. when an AppVM opens too many windows. xmessage reminds me the 80's, so should be replaced with e.g. kdialog or zenity. Preferably with kdialog, as we already use it e.g. in the file copying operations. Hard to not prefer a particular WM, sorry.
Migrated-From: https://wiki.qubes-os.org/ticket/28
Reported by joanna on 19 Apr 2010 15:15 UTC
When one attaches a USB disk to an AppVM (via xm block-attach command issued in Dom0) them the USB disk is not mounted by the Dophin File Manager in the AppVM. User must start a shell, switch to root, and then manually mount it. This is inconvenient and should be fixed.
Migrated-From: https://wiki.qubes-os.org/ticket/22
Reported by rafal on 18 May 2010 16:20 UTC
Get rid of dnsmasq from netVM, use DNAT to DNS server instead. We want no open ports on a service VM.
Migrated-From: https://wiki.qubes-os.org/ticket/37
Reported by wikimaster on 6 Apr 2010 17:18 UTC
This will be Desktop Environment-specific (e.g. KDE-specific), so we should probably pick KDE.
Migrated-From: https://wiki.qubes-os.org/ticket/9
Reported by joanna on 21 Apr 2010 09:07 UTC
The user will still be able to start apps via qvm-run -u, but not trivially escalate to root in a VM via su.
Additionally we should configure pam to allow log in via console without any password. This is for debugging and emergency access to the VMs via xm console.
Migrated-From: https://wiki.qubes-os.org/ticket/24
Reported by wikimaster on 6 Apr 2010 16:22 UTC
When copy a directory or a file that has spaces in its name, qvm-copy-to-vm would not copy it.
Migrated-From: https://wiki.qubes-os.org/ticket/2
Reported by joanna on 6 Apr 2010 17:20 UTC
Migrated-From: https://wiki.qubes-os.org/ticket/10
Reported by joanna on 13 May 2010 17:31 UTC
Currently the user must type a command in Dom0 console to connect USB to a VM. We want to offer this functionality from the Qubes Manager.
Migrated-From: https://wiki.qubes-os.org/ticket/31
Reported by joanna on 30 May 2010 13:57 UTC
See details of the ticket #37
Migrated-From: https://wiki.qubes-os.org/ticket/38
Reported by wikimaster on 6 Apr 2010 16:59 UTC
Currently qubes.py prevents starting a VM if the memory available for Dom0 was to go below a defined limit (700MB). On some systems, when Dom0 becomes short on memory (<500MB), and Dom0 starts using the swap file, the overall system performance drops down dramatically. This is most likely caused by the reduced filesystem caching, and is very apparent on systems with fast SSD drives, enabled full disk encryption, and _without_ the AES instruction in the CPU (in which case CPU is heavily loaded doing the crypto).
The QubesVM.start() method calculates the memory that will be left to Dom0 after the start of a new VM using this simple method:
dom0_mem_new = dom0_mem - mem_required
... and if dom0_mem_new is too small it raises an exception, which qvm-run handles and displays a message to the user that she should stop some running VMs before continuing.
However when the users stops a VM, Xen doesn't return the memory back to Dom0. This, in turn, makes it impossible for the user to start any new VM, without rebooting the system.
The proper solution should account for this "hidden" memory that has been freed when a user stopped a VM, and is available to other domains, but has not be returned to Dom0.
Migrated-From: https://wiki.qubes-os.org/ticket/3
Reported by joanna on 9 May 2010 09:53 UTC
Got a flash crash in AppVM (dmesg output):
npviewer.bin[segfault at 8 ip 00007f7259147a9b sp 00007fff1793b6f8 error 4 in libflashplayer.so[7f7258b15000+8d2000](1073]:)
And then the GUI for this particular AppVM has frozen -- i.e. the !AppViewer windows are still present, but are not operational, not only cannot operate their contents, but also cannot close them.
Both guid in Dom0, and gui_agent in the AppVM are still running:
(gdb) bt
#0 0x00007fce51c2c3c3 in __select_nocancel () from /lib64/libc.so.6
#1 0x0000000000405fb3 in wait_for_vchan_or_argfd_once ()
#2 0x000000000040616c in wait_for_vchan_or_argfd ()
#3 0x00000000004055d8 in main ()
(gdb) bt
#0 0x00007f07fafab570 in __read_nocancel () from /lib64/libc.so.6
#1 0x00000000004022d6 in send_pixmap_mfns ()
#2 0x00000000004026e6 in process_xevent_configure ()
#3 0x0000000000402bbf in process_xevent ()
#4 0x00000000004039b4 in main ()
The GUI daemon keeps outputing the following into the logs:
ErrorHandler: BadValue (integer parameter out of range for operation)
Major opcode: 139 (MIT-SHM)
Minor opcode: 3 (X_ShmPutImage)
Value: 0x4fa
Failed serial number: 103729
Current serial number: 103730
even after the freeze, i.e. even now when the !AppViewer windows are not operational, still when I try to e.g. resize them, or just focus on them, I get the above messages in the Dom0 log.
No idea how to reproduce it: got it for the first time after several weeks of flawless operation.
Migrated-From: https://wiki.qubes-os.org/ticket/29
Reported by joanna on 6 Apr 2010 17:12 UTC
Do not load any networking drivers during Dom0 boot.
Migrated-From: https://wiki.qubes-os.org/ticket/7
Reported by joanna on 19 Apr 2010 14:57 UTC
...so that it was possible to e.g. update Dom0 via the NetVM.
See this for some details:
http://groups.google.com/group/qubes-devel/browse_thread/thread/a63ecc79fe87e9d5
Migrated-From: https://wiki.qubes-os.org/ticket/20
Reported by joanna on 30 Jun 2010 10:11 UTC
Xen Makefile downloads and builds some unsigned code, that we don't even use in Qubes (qemu, etc). Those files are downloaded over plaintext connection, so subject to easy subversion by an attacker in the middle. Such an attack might result in a compromised package or developers machine.
It's silly to have a signed xen package, that uses unsigned packages...
Migrated-From: https://wiki.qubes-os.org/ticket/48
Reported by joanna on 13 May 2010 18:24 UTC
User should be able to click "Make backup" in the manager and the system should proceed with the backup, taking care about shutting down each AppVM before backing up its private storage.
User should be able to tell which AppVMs should be part of the backup -- e.g. users might not want to backup the private storage of e.g. "random" VM.
Migrated-From: https://wiki.qubes-os.org/ticket/33
Reported by joanna on 14 Jun 2010 13:16 UTC
... to allow for per-VM software installations. E.g.:
yum install --installroot
rpm -i --root
Migrated-From: https://wiki.qubes-os.org/ticket/46
Reported by joanna on 2 Jun 2010 10:19 UTC
Migrated-From: https://wiki.qubes-os.org/ticket/40
Reported by joanna on 31 May 2010 23:25 UTC
A killer feature! Stay tuned for more details soon ;)
Migrated-From: https://wiki.qubes-os.org/ticket/39
Reported by joanna on 13 Apr 2010 20:06 UTC
None
Migrated-From: https://wiki.qubes-os.org/ticket/17
Reported by joanna on 6 Apr 2010 23:00 UTC
Eventually managed to reproduce it! Logs from Dom0 and VM attached.
The guid in Dom0 exited:
<...>
move menu window ret=1 x=0 y=20 rx=11 ry=74 ox=0 oy=0 origid=0x3400007
xside: win 0x3400007(0x400039) type=4 button=1
xside: win 0x3400007(0x400039) type=5 button=1
handle_configure_from_vm, 1280/752, was 1280/752, ovr=0
libvchan_is_eof
release_all_mapped_mfns running
Obtained 8 stack frames.
/usr/bin/qubes_guid() [[0x404ce8](0x404c38]
/usr/bin/qubes_guid())
/lib64/libc.so.6(exit+0xe2) [[0x405f59](0x7fd840435b82]
/usr/bin/qubes_guid())
/usr/bin/qubes_guid() [[0x4055d8](0x40609e]
/usr/bin/qubes_guid())
/lib64/libc.so.6(__libc_start_main+0xfd) [[0x4025a9](0x7fd84041eb1d]
/usr/bin/qubes_guid())
The gui in the VM's still running:
[~](root@random)# gdb --pid 762
<...>
(gdb) bt
#0 0x00007f3477596570 in __read_nocancel () from /lib64/libc.so.6
#1 0x00007f34778495c2 in read_exact () from /usr/lib64/libxenctrl.so.3.4
#2 0x00007f347784d953 in xc_evtchn_pending ()
from /usr/lib64/libxenctrl.so.3.4
#3 0x00007f3477c87987 in libvchan_wait (ctrl=0xe21010) at io.c:70
#4 0x00007f3477c879f7 in libvchan_write (ctrl=0xe21010,
data=0x7fffe611dc54 ",\266\022", size=236) at io.c:88
#5 0x0000000000403eb2 in write_data_exact ()
#6 0x0000000000403f0c in write_data ()
#7 0x0000000000402372 in send_pixmap_mfns ()
#8 0x00000000004023d7 in process_xevent_map ()
#9 0x0000000000402b7c in process_xevent ()
#10 0x00000000004039b4 in main ()
(gdb)
#0 0x00007f3477596570 in __read_nocancel () from /lib64/libc.so.6
#1 0x00007f34778495c2 in read_exact () from /usr/lib64/libxenctrl.so.3.4
#2 0x00007f347784d953 in xc_evtchn_pending ()
from /usr/lib64/libxenctrl.so.3.4
#3 0x00007f3477c87987 in libvchan_wait (ctrl=0xe21010) at io.c:70
#4 0x00007f3477c879f7 in libvchan_write (ctrl=0xe21010,
data=0x7fffe611dc54 ",\266\022", size=236) at io.c:88
#5 0x0000000000403eb2 in write_data_exact ()
#6 0x0000000000403f0c in write_data ()
#7 0x0000000000402372 in send_pixmap_mfns ()
#8 0x00000000004023d7 in process_xevent_map ()
#9 0x0000000000402b7c in process_xevent ()
#10 0x00000000004039b4 in main ()
Migrated-From: https://wiki.qubes-os.org/ticket/16
Reported by joanna on 6 Apr 2010 17:21 UTC
When an AppViewer window is picked via the Expose-like effect in KDE,
the app in a AppVM doesn't get proper focus, and the user must use Alt-Tab to fix it. This is a bit annoying.
Migrated-From: https://wiki.qubes-os.org/ticket/11
Reported by wikimaster on 6 Apr 2010 17:24 UTC
An applet that can display some other applet from an AppVM, e.g. the NetVM's tray and NetworkManager icon.
Migrated-From: https://wiki.qubes-os.org/ticket/12
Reported by joanna on 16 Jun 2010 13:11 UTC
A simple qvm-backup too that would let people:
The backup function should take into account whether given appvm is updatebable or not (if it is, it should also copy its cow storage). Also, any temaplate vms that are not installed from rpms (i.e. have been cloned) should be backed up.
This is needed now for people to smoothly transition from Alpha 1 to Alpha 2.
Migrated-From: https://wiki.qubes-os.org/ticket/47
Reported by joanna on 8 Jun 2010 12:02 UTC
Generate new app menus for Dom0's start menu whenever the user installs new apps in a template VM.
Migrated-From: https://wiki.qubes-os.org/ticket/45
Reported by joanna on 8 Jun 2010 10:12 UTC
Update yun repo definition to point to qubes-release-1-vm-updates
Migrated-From: https://wiki.qubes-os.org/ticket/44
Reported by joanna on 14 Apr 2010 23:19 UTC
The regexp used by unbind_all_network_devices script ignores devices that have hex digits (a-f) in their BDF addresses. As reported here:
http://groups.google.com/group/qubes-devel/browse_thread/thread/66d517a6c67085f9
Migrated-From: https://wiki.qubes-os.org/ticket/19
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.