Merge remote-tracking branch 'origin/pr/34'

StickMounting.md

@@ -12,7 +12,9 @@ How to Mount USB Sticks to AppVMs
 
 Qubes supports the ability to attach a USB stick (or just one or more of its partitions) to any AppVM easily, no matter which VM actually handles the USB controller. (The USB controller may be assigned on the **Devices** tab of an AppVM's settings page in Qubes VM Manager or by using the [qvm-pci command](/doc/AssigningDevices/).)
 
-As of Qubes R2 Beta 3, USB stick mounting has been integrated into the Qubes VM Manger GUI. Simply insert your USB stick, right-click the desired AppVM in the Qubes VM Manager list, click **Attach/detach block devices**, and select your desired action and device. This, however, only works for the whole device. If you would like to attach individual partitions you must use the command-line tool (shown below). The reason for this is that when attaching a single partition, it used to be that Nautilus file manager would not see it and automatically mount it (see [this ticket](https://github.com/QubesOS/qubes-issues/issues/623)). This problem, however, seems to be resolved (see [this issue comment](https://github.com/QubesOS/qubes-issues/issues/1072#issuecomment-124270051)). If for some reason it does not show up in nautilus for you and you still need to attach just a single partition to a device, you will need to mount it manually; the device will show up as /dev/xvdi (or /dev/xvdj if there is already one device attached--/dev/xvdk and so on).
+As of Qubes R2 Beta 3, USB stick mounting has been integrated into the Qubes VM Manager GUI. Simply insert your USB stick, right-click the desired AppVM in the Qubes VM Manager list, click **Attach/detach block devices**, and select your desired action and device. This, however, only works for the whole device. 
+If you would like to attach individual partitions you must use the command-line tool (shown below). The reason for this is that when attaching a single partition, it used to be that Nautilus file manager would not see it and automatically mount it (see [this ticket](https://github.com/QubesOS/qubes-issues/issues/623)). This problem, however, seems to be resolved (see [this issue comment](https://github.com/QubesOS/qubes-issues/issues/1072#issuecomment-124270051)). 
+If for some reason the device does not appear in nautilus and you still need to attach just a single partition to a device, you will need to mount it manually; the device will show up as /dev/xvdi (or /dev/xvdj if there is already one device attached - if two, /dev/xvdk and so on).
 
 The command-line tool you may use to mount whole USB sticks or their partitions is `qvm-block`. This tool can be used to assign a USB stick to an AppVM as follows:
 
@@ -23,21 +25,27 @@ The command-line tool you may use to mount whole USB sticks or their partitions
         qvm-block -l
 
     This will list all available block devices connected to any USB controller
-    in your system, no matter in which VM hosts the controller. The name of the
+    in your system, no matter which VM hosts the controller. The name of the
     VM hosting the USB controller is displayed before the colon in the device
     name. The string after the colon is the name of the device used within the
-    VM.
+    VM. Like this: 
+
+    dom0:sdb1     Cruzer () 4GiB
+
+    usbVM:sdb1    Disk () 2GiB
 
     **Note:** If your device is not listed here, you may refresh the list by calling (from the VM to which device is connected):
 
         sudo udevadm trigger --action=change
 
 
-1.  Assuming our USB stick is sdb, we attach the device to an AppVM like so:
+1.  Assuming our USB stick is attached to dom0 and is sdb, we attach the device to an AppVM like so:
 
-       qvm-block -a personal dom0:sdb
+      `qvm-block -a personal dom0:sdb`
    
-    This will attach the device as "/dev/xvdi", if not already taken by another attached device, in the AppVM. You may also mount one partition at a time by using the same command with the partition number after sdb.
+    This will attach the device to the AppVM as "/dev/xvdi", if not already taken by another attached device, or "/dev/xvdj" etc. 
+
+    You may also mount one partition at a time by using the same command with the partition number after sdb.
 
     **Warning: when working with single partitions, it is possible to assign the same partition to multiple VMs.** For example, you could attach sdb1 to VM1 and then sdb to VM2. It is up to the user not to make this mistake. Xen block device framework currently does not provide an easy way around this. Point 2 of [this ticket comment](https://github.com/QubesOS/qubes-issues/issues/1072#issuecomment-124119309) gives details on this.
 
@@ -78,7 +86,7 @@ this steps:
        sys-usb:sda DataTraveler_2.0 () 246 MiB (attached to 'testvm' as 'xvdi')
        [user@dom0 ~]$ xl block-attach testvm phy:/dev/sda backend=sys-usb xvdi
 
-   In above example all `xl block-attach` parameters can be deducted from
+   In above example all `xl block-attach` parameters can be deduced from
    `qvm-block` output. In order:
 
    * `testvm` - name of target VM to which device was attached - listed in brackets by `qvm-block` command

UserFaq.md

@@ -39,7 +39,8 @@ Qubes Users' FAQ
     2.  [My keyboard layout settings are not behaving correctly. What should I do?](#my-keyboard-layout-settings-are-not-behaving-correctly-what-should-i-do)
     3.  [My dom0 and/or TemplateVM update stalls when attempting to update via …](#my-dom0-andor-templatevm-update-stalls-when-attempting-to-update-via-the-gui-tool-what-should-i-do)
     4.  [How do I run a Windows HVM in non-seamless mode (i.e., as a single window)?](#how-do-i-run-a-windows-hvm-in-non-seamless-mode-ie-as-a-single-window)
-    5.  [I assigned a PCI device to an AppVM, then unassigned it/shut down the …](#i-assigned-a-pci-device-to-an-appvm-then-unassigned-itshut-down-the-appvm-why-isnt-the-device-available-in-dom0)
+    5.  [I created a usbVM and assigned usb controllers to it. Now the usbVM wont boot.](#i-created-a-usbvm-and-assigned-usb-controllers-to-it-now-the-usbvm-wont-boot)
+    6.  [I assigned a PCI device to an AppVM, then unassigned it/shut down the …](#i-assigned-a-pci-device-to-an-appvm-then-unassigned-itshut-down-the-appvm-why-isnt-the-device-available-in-dom0)
 
 General Questions
 -----------------
@@ -187,6 +188,27 @@ In your TemplateVMs, open a terminal and run `sudo yum upgrade`.
 
 Enable "debug mode" in the AppVM's settings, either by checking the box labelled "Run in debug mode" in the Qubes VM Manager AppVM settings menu or by running the [qvm-prefs command](/doc/Dom0Tools/QvmPrefs/).)
 
+
+### I created a usbVM and assigned usb controllers to it. Now the usbVM wont boot.
+
+
+This is probably because one of the controllers does not support reset. In Qubes R2 any such errors were ignored but in Qubes R3.0 they are not. 
+A device that does not support reset is not safe and generally should not be assigned to a VM.
+
+Most likely the offending controller is a USB3.0 device. You can remove this controller from the usbVM, and see if this allows the VM to boot.
+Alternatively you may be able to disable USB 3.0 in the BIOS.
+
+Another solution would be to set the pci_strictreset option using qvm-prefs in dom0:
+
+`qvm-prefs usbVM -s pci_strictreset false`
+
+This option allows the VM to ignore the error and the VM will start.
+Please review the note on [this page](https://www.qubes-os.org/doc/Dom0Tools/QvmPrefs/) and be aware of the potential risk.
+
+
+
+
+
 ### I assigned a PCI device to an AppVM, then unassigned it/shut down the AppVM. Why isn't the device available in dom0?
 
 This is an intended feature. A device which was previously assigned to a less trusted AppVM could attack dom0 if it were automatically reassigned there. In order to re-enable the device in dom0, either: