qrexec-policy: new DispVM handling - $dispvm:DISP_VM keyword

Add support for `$dispvm:DISP_VM` syntax in target specification. At the
same time update the code for core3 API for handling DispVMs.

QubesOS/qubes-issues#2253
This commit is contained in:
Marek Marczykowski-Górecki 2016-08-17 02:39:16 +02:00
parent 009e2e6adb
commit cce22c9517
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724

View File

@ -143,25 +143,33 @@ def spawn_target_if_necessary(vm):
vm.start() vm.start()
def do_execute(domain, target, user, service_name, process_ident, vm=None): def do_execute(domain, target, user, service_name, process_ident, vm=None):
dispvm = False
if target == "$dispvm": if target == "$dispvm":
cmd = "/usr/lib/qubes/qfile-daemon-dvm " + service_name + " " + \ if domain.default_dispvm is None:
domain + " " + user print >>sys.stderr, "No default DispVM set, aborting!"
os.execl(QREXEC_CLIENT, "qrexec-client", exit(1)
"-d", "dom0", "-c", process_ident, cmd) target = "$dispvm:" + domain.default_dispvm.name
else: if target.startswith("$dispvm:"):
if isinstance(vm, qubes.vm.qubesvm.QubesVM): dispvm_tpl_name = target[len("$dispvm:"):]
spawn_target_if_necessary(vm) vm = qubes.vm.dispvm.DispVM.from_appvm(dispvm_tpl_name)
dispvm = True
# at this point we should also have some VM *object*
assert vm is not None
try:
spawn_target_if_necessary(vm)
if target == "dom0": if target == "dom0":
cmd = QUBES_RPC_MULTIPLEXER_PATH + " " + service_name + " " + \ cmd = QUBES_RPC_MULTIPLEXER_PATH + " " + service_name + " " + \
domain.name domain.name
else: else:
cmd = user + ":QUBESRPC " + service_name + " " + domain.name cmd = user + ":QUBESRPC " + service_name + " " + domain.name
# stderr should be logged in source/target VM qrexec_opts = ["-d", vm.name, "-c", process_ident]
null = open(os.devnull, 'w') if dispvm:
os.dup2(null.fileno(), 2) # wait for qrexec connection end
os.execl(QREXEC_CLIENT, "qrexec-client", qrexec_opts.append("-W")
"-d", target, "-c", process_ident, cmd) subprocess.call([QREXEC_CLIENT] + qrexec_opts + [cmd])
finally:
if dispvm:
vm.cleanup()
def confirm_execution(domain, target, service_name): def confirm_execution(domain, target, service_name):
text = "Do you allow domain \"" + domain + "\" to execute " + service_name text = "Do you allow domain \"" + domain + "\" to execute " + service_name