Commit Graph

26 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
32b0c659a1
qrexec: use exec_qubes_rpc_if_requested() from qubes-utils
This avoids duplicating service call parsing in multiple places. For
dom0 part it was in qrexec-policy tool.
Also, add execl() error handling.
2018-02-16 04:22:48 +01:00
BaN-Co
3a176fa658
Fix fall through
It's necessary to add the break at the end of "case -1" statement else the compiler will treat it as fall through and GCC 7 will throw an error because of -Werror=implicit-fallthrough=.
2018-01-09 15:36:37 +07:00
Frédéric Pierret
69d230d065
fix fallthrough: add specific error message with respect to 'select' return value 2017-09-26 23:05:09 +02:00
Marek Marczykowski-Górecki
ad2a976924
Merge branch 'core3-devel' 2017-05-18 01:26:20 +02:00
Rusty Bird
c7ad14320f
qrexec-client: Also allow the bell character 2016-08-17 13:10:13 +00:00
Rusty Bird
e005836286
qrexec-client: Filter terminal output much more strictly
qrexec-client -t/-T (and therefore, qvm-run --pass-io) only handled the
escape character, \033. Everything else, such as Unicode and obscure
control characters, was passed through from the VM to the dom0 terminal.

Instead, replace all bytes except for a benign subset of ASCII. That's
still enough to allow progress bars to be drawn (tested using
"wget --progress=bar:force" and "pv --force").
2016-08-17 02:41:38 +02:00
Marek Marczykowski-Górecki
849b295384
qrexec: add option to wait for VM-VM connection termination
Normally when qrexec-client setup VM-VM connection it exits
immediatelly. But it may be useful to wait for the connection to
terminate - for example to cleanup DispVM.

qrexec-daemon (the one that allocated vchan port) do receive such
notification, so expose such option to qrexec-client.

QubesOS/qubes-issues#2253
2016-08-17 02:41:22 +02:00
Marek Marczykowski-Górecki
f8d8368b10
qrexec: add timeout for data vchan connection
When qrexec-agent crashes for any reason (for example
QubesOS/qubes-issues#1389), it will never connect back and qrexec-client
will wait forever. In worst case it may happen while holding qubes.xml
write lock (in case of DispVM startup) effectively locking the whole
system.

Fixes QubesOS/qubes-issues#1636
2016-02-22 22:24:04 +01:00
Marek Marczykowski-Górecki
0c288aa355
qrexec: implement buffered write to child stdin to prevent deadlock
Otherwise if the child process isn't reading its stdin at that time, it
would deadlock the whole qrexec connection (for example preventing
reading the data from the child, which may be a cause of that deadlock).

QubesOS/qubes-issues#1347
2015-10-30 14:16:53 +01:00
Marek Marczykowski-Górecki
1288a13520 qrexec: do not terminate before sending all the data
Make sure that all the data from local process is sent (including final
EOF), before handling its exit code - which would include terminating
qrexec-client process.
2015-06-23 02:44:59 +02:00
Marek Marczykowski-Górecki
d6f0cfcbad qrexec: fix waiting for qrexec-agent data connection
In case of vchan server libvchan_is_open() returns VCHAN_WAITING (2) when
client is not yet connected.
2015-04-20 05:46:47 +02:00
Marek Marczykowski-Górecki
18d079a99a qrexec: fix compiler warnings 2015-03-20 12:16:19 +01:00
Marek Marczykowski-Górecki
04816e014b qrexec: do not exit from qrexec-client until local process exit code is sent 2015-03-17 22:55:15 +01:00
Marek Marczykowski-Górecki
e76007fe20 qrexec: periodically check if remote domain/process still exists 2015-02-22 18:25:14 +01:00
Marek Marczykowski-Górecki
5645b4c307 qrexec: wait for remote exit code, even when both stdin/out are closed 2015-02-17 03:57:17 +01:00
Marek Marczykowski-Górecki
61eb2e7764 qrexec: fix handling of remote exit code 2015-02-11 16:11:38 +01:00
Marek Marczykowski-Górecki
1d017449d0 qrexec: fix compile warnings 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
6efbbb88da qrexec: new protocol - direct data vchan connections 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
0ba692c85a code style: change tabs to spaces 2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
6e47f12118 Revert "qrexec: fix deadlock in qrexec-client"
This reverts commit 79abec9038.

The problem will not be applicable in new protocol, where vchan
connection is directly between VMs, so there is no longer two connected
qrexec-clients - always one end of data flow in qrexec-client is vchan,
which provide information about amount of data to read or buffer
space to write (lack of the later in case of pipes was a cause of the
original problem).
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
79abec9038 qrexec: fix deadlock in qrexec-client
When VM-VM qrexec service is called, two qrexec-clients are connected in
dom0. If both VMs are sending data simultaneously it can happen that
both qrexec-client processes will call write(2) and none of them will be
reading -> deadlock.
Solve it by handling I/O in two separate threads (one for reading from
VM, another for writing), at any time qrexec-client is ready to accept
data from either direction.
2014-07-01 03:24:46 +02:00
Marek Marczykowski-Górecki
0be6f8431f qrexec: add support for filtering terminal escape chars 2014-04-15 03:12:53 +02:00
Vincent Penquerc'h
36c8885ff2 Fix some potential aliasing issues 2014-02-16 11:44:30 +01:00
Marek Marczykowski-Górecki
433a942bc3 qrexec: register callback for qrexec-lib
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
2014-02-07 05:35:24 +01:00
Vincent Penquerc'h
951e51d274 core-admin-linux: misc const/etc fixups 2014-01-06 17:54:47 +01:00
Marek Marczykowski
158bfff3cf Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:24:17 +01:00