Documentation on combined sys-usb/net VM
236 views
Skip to first unread message
Jasper Weiss
Jun 25, 2016, 3:17:56 AM6/25/16
to qubes-devel
When installing Qubes 3.2 it has an additional option to combine the sys-usb VM with the sys-net VM. This is great because they're bot untrusted anyway. However I skipped that option, and there doesn't seem to be a command to setup the combined usb/net VM manually.
This page has some documentation on how to enable the sys-usb VM/Qube but it doesn't mention anything about combining it with the sys-net VM yet.
I tried creating it manually but it doesn't seem to work. I removed the default sys-net VM and configured a new netVM with the networking and USB controller devices attached. But even after rebooting Qubes it fails to start because of some PCIe error.
This page has some documentation on how to enable the sys-usb VM/Qube but it doesn't mention anything about combining it with the sys-net VM yet.
I tried creating it manually but it doesn't seem to work. I removed the default sys-net VM and configured a new netVM with the networking and USB controller devices attached. But even after rebooting Qubes it fails to start because of some PCIe error.
Jasper Weiss
Jun 25, 2016, 3:32:53 AM6/25/16
to qubes-devel
Here's the exact error I'm getting:
Error starting VM 'set-net': internal error: Unable to reset PCI device 0000:00:14:0: no FLR, PM reset or bus reset available
This happens even after rebooting Qubes which usually solves these type of errors. I think dom0 already attached itself to the device on boot so the netVM isn't able to. I'm not sure why it doesn't happen when creating the USB Qube using:
Error starting VM 'set-net': internal error: Unable to reset PCI device 0000:00:14:0: no FLR, PM reset or bus reset available
This happens even after rebooting Qubes which usually solves these type of errors. I think dom0 already attached itself to the device on boot so the netVM isn't able to. I'm not sure why it doesn't happen when creating the USB Qube using:
qubesctl top.enable qvm.sys-usbqubesctl state.highstate
Marek Marczykowski-Górecki
Jun 25, 2016, 7:51:57 AM6/25/16
to Jasper Weiss, qubes-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
There is VM property "pci_strictreset", described here:
https://www.qubes-os.org/doc/user-faq/#i-created-a-usbvm-and-assigned-usb-controllers-to-it-now-the-usbvm-wont-boot
Anyway, you can use similar approach to create combined USB VM and
NetVM:
qubesctl top.enable qvm.sys-net-with-usb
qubesctl state.highstate
To do this, you need to disable qvm.sys-usb (`qubesctl top.disable
qvm.sys-usb`) and remove `sys-usb` manually first.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXbnBVAAoJENuP0xzK19csfOEH/RvTLcMCEaW//BrRq/aJ8X0l
3HERyKk1sB5nsK2TUbz3UA8OB3kJJsVcAWcBU7HtKza3QDEo6E0jTkBonaHszsro
oln3iKmoEa5n0zwmLtPSK83U99028CAF28wGPYamjknJphPv0hk7xrOuRThxbPl1
NLoZ+AWuyw6Im/5Mwixnp685JP6ZcOZhAW73/chHcX3ErqDTdfkkkwl+1q7QZiTq
7VesUrVjGekVQ7x0KuTkj3grbkZbrJ6Zivg1FzPHmh2PjyVc4nMxuDU+t5JUe9uk
D6DFOyiMAST+ZHQw6s6noBv0nV/AIJ9odChXOky6SUEvcVKSbXeQo4UeP5lfklY=
=URvg
-----END PGP SIGNATURE-----
Hash: SHA256
https://www.qubes-os.org/doc/user-faq/#i-created-a-usbvm-and-assigned-usb-controllers-to-it-now-the-usbvm-wont-boot
Anyway, you can use similar approach to create combined USB VM and
NetVM:
qubesctl top.enable qvm.sys-net-with-usb
qubesctl state.highstate
To do this, you need to disable qvm.sys-usb (`qubesctl top.disable
qvm.sys-usb`) and remove `sys-usb` manually first.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXbnBVAAoJENuP0xzK19csfOEH/RvTLcMCEaW//BrRq/aJ8X0l
3HERyKk1sB5nsK2TUbz3UA8OB3kJJsVcAWcBU7HtKza3QDEo6E0jTkBonaHszsro
oln3iKmoEa5n0zwmLtPSK83U99028CAF28wGPYamjknJphPv0hk7xrOuRThxbPl1
NLoZ+AWuyw6Im/5Mwixnp685JP6ZcOZhAW73/chHcX3ErqDTdfkkkwl+1q7QZiTq
7VesUrVjGekVQ7x0KuTkj3grbkZbrJ6Zivg1FzPHmh2PjyVc4nMxuDU+t5JUe9uk
D6DFOyiMAST+ZHQw6s6noBv0nV/AIJ9odChXOky6SUEvcVKSbXeQo4UeP5lfklY=
=URvg
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages