[4.3] qvm-block attach to dom0 not working

zimbo · January 9, 2026, 11:24am

Hi,
recently I updated my QubesOS 4.2.4 to 4.3 in-place. Done all the steps and everything worked so far. What I need to do is attaching a loop device from a qube to dom0. This worked before on Qubes 4.2.4. I just ran qvm-block attach dom0 targetVM:loop1. It gave no output but it was attached.
When I do this now in my 4.3 QubesOS, it indeed runs and exits without errors but the loop device is not attached. What changed? Can we somehow overcome this? I know it can be a security risk but in this case I need this really!

Edit: I tried it with a simple USB thumbdrive: qvm-block attach sys-usb:sda worked perfectly.

I need to attach a loop-device from another qube this seems not to work
Thanks!

Atrate · January 9, 2026, 1:36pm

Could you open a second terminal in dom0, have sudo journalctl -f running there and then try to attach that block device? Some error may show up then in that second terminal.

zimbo · January 9, 2026, 2:04pm

Thank you so much! at first there where a warning thunar-volman is missing. I installed it on dom0. now when I try attaching the loop device, it says:

xenbus:device forefully removed from xenstore
block device .../xvdi has been removed
thunar-volman: Unknown block device type "disk"

Think this is the issue but how to resolve it?

zimbo · January 9, 2026, 2:32pm

Here the exact current message that occours, everytime I try to attach the loop device from my VM to dom0

Jan 09 15:30:41 dom0 kernel: blkfront: xvdi: flush diskcache: enabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled
Jan 09 15:30:41 dom0 kernel: vbd vbd-51840: xenbus: device forcefully removed from xenstore
Jan 09 15:30:42 dom0 systemd-homed[2944]: block device /sys/devices/vbd-51840/block/xvdi has been removed.
Jan 09 15:30:42 dom0 Thunar[12030]: thunar-volman: There is no device with the sysfs path "/sys/devices/vbd-51840/block/xvdi".
Jan 09 15:30:43 dom0 kernel: pcieport 0000:00:1d.6: AER: Correctable error message received from 0000:05:00.0
Jan 09 15:30:43 dom0 kernel: pcieport 0000:05:00.0: PCIe Bus Error: severity=Correctable, type=Data Link Layer, (Receiver ID)
Jan 09 15:30:43 dom0 kernel: pcieport 0000:05:00.0:   device [8086:1576] error status/mask=00000080/00002000
Jan 09 15:30:43 dom0 kernel: pcieport 0000:05:00.0:    [ 7] BadDLLP

zimbo · January 10, 2026, 2:30pm

Tried it with a fresh isntall of qubesOS 4.3 and same issue… nobody can help?

de_dust2 · January 10, 2026, 3:45pm

Have you considered to attach the dm device to another qube instead of dom0? Would this enable you to accomplish what you are attempting to do? If not, why not?

zimbo · January 10, 2026, 3:53pm

Yes, tried that and works perfectly. only for dom0 as target it does not work. I MUST mount the loop device to dom0 it is some custom script to do my daily work, doesn’t matter really

zimbo · January 10, 2026, 4:50pm

Update: Found out using --ro (attaching read-only) works. So

qvm-block attach dom0 sourceVM:loop0 --ro

Works but I need write permissions also

zimbo · January 10, 2026, 9:07pm

tried it for several hours now… this is really frustrating… it worked just perfectly before but now somehow xen seems to be more restrictive or something like that I really don’t know. I updated everything and still same issue. journalctl and dmesg only tell me

dom0 kernel: vbd vbd-51840: xenbus: device forcefully removed from xenstore

This always happen when I run:

qvm-block attach dom0 sourceVM:loop0

with --ro it works but I need write permissions. Attaching with write permissions into another VM works, but I need to attach to dom0. Using other loop numbers does not change anything.

Can anyone please help in any way?

Atrate · January 10, 2026, 9:26pm

At this point, if r/o works and clean 4.3 does not help, I’d make an issue on the Qubes Issue tracker.

quber · January 10, 2026, 9:28pm

You can mount the lvm volumes until the qvm-block command is fixed.

zimbo · January 10, 2026, 9:39pm

Well, this will not help. If really nobody has another idea, I will open an Issue.

de_dust2 · January 10, 2026, 9:59pm

There is probably another way (or two) that you could accomplish what you are trying to do that is different than how you are currently trying to do it.

rustybird · January 11, 2026, 1:08am

Is there anything interesting in the journal/dmesg in the source VM when this happens?

zimbo · January 11, 2026, 7:19am

There is probably another way (or two) that you could accomplish what you are trying to do that is different than how you are currently trying to do it.

I splitted veracrypt to load a VM pool from a veracrypt container file. So I must attach the loop device to dom0.

Is there anything interesting in the journal/dmesg in the source VM when this happens?

No.

zimbo · January 11, 2026, 7:52am

For anyone who has the same issue I opened an issue on the tracker: Cannot attach loop device to dom0 · Issue #10560 · QubesOS/qubes-issues · GitHub

zimbo · January 11, 2026, 8:03pm

If anyone can help with a workaround for now I would really appriciate it…

zimbo · January 13, 2026, 1:57pm

No workaround nothing?