Make AppVM/DispVM root volume rw to avoid CoW-on-CoW

QubesOS · Jan 27, 2018 · 958d6c7 · 958d6c7
1 parent a9fdd77
commit 958d6c7
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 6 deletions.
diff --git a/doc/qubes-storage.rst b/doc/qubes-storage.rst
@@ -9,14 +9,18 @@ possible to register additional 3rd-party drivers.
 Domain's storage volumes:
 
  - `root` - this is where operating system is installed. The volume is
-   available read-write to :py:class:`~qubes.vm.templatevm.TemplateVM` and
-   :py:class:`~qubes.vm.standalonevm.StandaloneVM`, and read-only to others
-   (:py:class:`~qubes.vm.appvm.AppVM` and :py:class:`~qubes.vm.dispvm.DispVM`).
+   available read-write to all domain classes. It could be made read-only for
+   :py:class:`~qubes.vm.appvm.AppVM` and :py:class:`~qubes.vm.dispvm.DispVM` to
+   implement an untrusted storage domain in the future, but doing so will cause
+   such VMs to set up a device-mapper based copy-on-write layer that redirects
+   writes to the `volatile` volume. Whose storage driver may already do CoW,
+   leading to an inefficient CoW-on-CoW setup. For this reason, `root` is
+   currently read-write in all cases.
  - `private` - this is where domain's data live. The volume is available
    read-write to all domain classes (including :py:class:`~qubes.vm.dispvm.DispVM`,
    but data written there is discarded on domain shutdown).
  - `volatile` - this is used for any data that do not to persist. This include
-   swap, copy-on-write layer for `root` volume etc.
+   swap, copy-on-write layer for a future read-only `root` volume etc.
  - `kernel` - domain boot files - operating system kernel, initial ramdisk,
    kernel modules etc. This volume is provided read-only and should be provided by
    a storage pool respecting :py:attr:`qubes.vm.qubesvm.QubesVM.kernel` property.

diff --git a/qubes/vm/appvm.py b/qubes/vm/appvm.py
@@ -45,7 +45,7 @@ class AppVM(qubes.vm.qubesvm.QubesVM):
                 'name': 'root',
                 'snap_on_start': True,
                 'save_on_stop': False,
-                'rw': False,
+                'rw': True,
                 'source': None,
             },
             'private': {

diff --git a/qubes/vm/dispvm.py b/qubes/vm/dispvm.py
@@ -47,7 +47,7 @@ def __init__(self, app, xml, *args, **kwargs):
                 'name': 'root',
                 'snap_on_start': True,
                 'save_on_stop': False,
-                'rw': False,
+                'rw': True,
                 'source': None,
             },
             'private': {