Mitigate GUI DoS (part 2: qvm-xkill)

Can close windows of a VM while it's paused, and can not accidentally harm dom0 by errant clicking. Discussion in https://github.com/QubesOS/qubes-issues/issues/881 Thanks to rustybird for suggested implementation.
8 years ago · be1d984364
parent 73ba5f805b
commit be1d984364
2 changed files with 13 additions and 0 deletions
--- a/10
+++ b/10
@ -0,0 +1,10 @@
+#!/bin/sh
+
+set -e
+
+ID=$(xdotool selectwindow)
+
+xprop -id "$ID" _QUBES_VMNAME | grep -q ' = ' \
+  || { echo "${0##* /}: Not killing dom0 window $ID" >&2; exit 1; }
+
+xdotool windowkill "$ID"
--- a/rpm_spec/core-dom0-linux.spec
+++ b/rpm_spec/core-dom0-linux.spec
@ -48,6 +48,7 @@ BuildRequires:  qubes-libvchan-devel
 Requires:	qubes-core-dom0
 Requires:	qubes-utils >= 3.1.3
 Requires:	%{name}-kernel-install
+Requires:	xdotool

 %define _builddir %(pwd)

@ -159,6 +160,7 @@ install -m 644 -D system-config/75-qubes-dom0.preset \
    $RPM_BUILD_ROOT/usr/lib/systemd/system-preset/75-qubes-dom0.preset
 install -m 644 -D system-config/99-qubes-default-disable.preset \
    $RPM_BUILD_ROOT/usr/lib/systemd/system-preset/99-qubes-default-disable.preset
+install -m 755 qvm-xkill $RPM_BUILD_ROOT/usr/bin/

 # file copy to VM
 install -m 755 file-copy-vm/qfile-dom0-agent $RPM_BUILD_ROOT/usr/lib/qubes/
@ -283,6 +285,7 @@ chmod -x /etc/grub.d/10_linux
 %config(noreplace) /etc/profile.d/zz-disable-lesspipe
 /usr/lib/systemd/system-preset/75-qubes-dom0.preset
 /usr/lib/systemd/system-preset/99-qubes-default-disable.preset
+/usr/bin/qvm-xkill
 # Man
 %{_mandir}/man1/qvm-*.1*
 %{_mandir}/man1/qubes-*.1*