2016-03-05 10:57:58 +01:00
|
|
|
#
|
|
|
|
# The Qubes OS Project, https://www.qubes-os.org/
|
|
|
|
#
|
|
|
|
# Copyright (C) 2010-2016 Joanna Rutkowska <joanna@invisiblethingslab.com>
|
|
|
|
# Copyright (C) 2013-2016 Marek Marczykowski-Górecki
|
|
|
|
# <marmarek@invisiblethingslab.com>
|
|
|
|
# Copyright (C) 2014-2016 Wojtek Porczyk <woju@invisiblethingslab.com>
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License along
|
|
|
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
#
|
|
|
|
|
|
|
|
import os
|
2016-03-17 11:52:52 +01:00
|
|
|
import re
|
2016-03-05 10:57:58 +01:00
|
|
|
import subprocess
|
|
|
|
|
|
|
|
import qubes.config
|
|
|
|
import qubes.ext
|
|
|
|
|
2016-03-17 11:52:52 +01:00
|
|
|
|
|
|
|
# "LVDS connected 1024x768+0+0 (normal left inverted right) 304mm x 228mm"
|
2017-02-23 22:31:55 +01:00
|
|
|
REGEX_OUTPUT = re.compile(r'''
|
2016-03-17 11:52:52 +01:00
|
|
|
(?x) # ignore whitespace
|
|
|
|
^ # start of string
|
|
|
|
(?P<output>[A-Za-z0-9\-]*)[ ] # LVDS VGA etc
|
2016-09-29 14:11:33 +02:00
|
|
|
(?P<connect>(dis)?connected) # dis/connected
|
|
|
|
([ ]
|
2016-03-17 11:52:52 +01:00
|
|
|
(?P<primary>(primary)?)[ ]?
|
|
|
|
(( # a group
|
|
|
|
(?P<width>\d+)x # either 1024x768+0+0
|
|
|
|
(?P<height>\d+)[+]
|
|
|
|
(?P<x>\d+)[+]
|
|
|
|
(?P<y>\d+)
|
|
|
|
)|[\D]) # or not a digit
|
2016-08-08 04:02:25 +02:00
|
|
|
([ ]\(.*\))?[ ]? # ignore options
|
|
|
|
( # 304mm x 228mm
|
|
|
|
(?P<width_mm>\d+)mm[ ]x[ ]
|
|
|
|
(?P<height_mm>\d+)mm
|
|
|
|
)?
|
2016-03-17 11:52:52 +01:00
|
|
|
.* # ignore rest of line
|
2016-09-29 14:11:33 +02:00
|
|
|
)? # everything after (dis)connect is optional
|
2016-03-17 11:52:52 +01:00
|
|
|
''')
|
|
|
|
|
|
|
|
|
|
|
|
def get_monitor_layout():
|
|
|
|
outputs = []
|
|
|
|
|
|
|
|
for line in subprocess.Popen(
|
|
|
|
['xrandr', '-q'], stdout=subprocess.PIPE).stdout:
|
2017-02-23 22:31:55 +01:00
|
|
|
line = line.decode()
|
|
|
|
if not line.startswith("Screen") and not line.startswith(" "):
|
2016-03-17 11:52:52 +01:00
|
|
|
output_params = REGEX_OUTPUT.match(line).groupdict()
|
|
|
|
if output_params['width']:
|
2016-08-08 04:02:25 +02:00
|
|
|
phys_size = ""
|
|
|
|
if output_params['width_mm']:
|
|
|
|
# don't provide real values for privacy reasons - see
|
|
|
|
# #1951 for details
|
|
|
|
dpi = (int(output_params['width']) * 254 /
|
|
|
|
int(output_params['width_mm']) / 10)
|
|
|
|
if dpi > 300:
|
|
|
|
dpi = 300
|
|
|
|
elif dpi > 200:
|
|
|
|
dpi = 200
|
|
|
|
elif dpi > 150:
|
|
|
|
dpi = 150
|
|
|
|
else:
|
|
|
|
# if lower, don't provide this info to the VM at all
|
|
|
|
dpi = 0
|
|
|
|
if dpi:
|
|
|
|
# now calculate dimensions based on approximate DPI
|
|
|
|
phys_size = " {} {}".format(
|
|
|
|
int(output_params['width']) * 254 / dpi / 10,
|
|
|
|
int(output_params['height']) * 254 / dpi / 10,
|
|
|
|
)
|
|
|
|
outputs.append("%s %s %s %s%s\n" % (
|
2016-03-17 11:52:52 +01:00
|
|
|
output_params['width'],
|
|
|
|
output_params['height'],
|
|
|
|
output_params['x'],
|
2016-08-08 04:02:25 +02:00
|
|
|
output_params['y'],
|
|
|
|
phys_size,
|
|
|
|
))
|
2016-03-17 11:52:52 +01:00
|
|
|
return outputs
|
|
|
|
|
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
class GUI(qubes.ext.Extension):
|
2016-09-06 13:32:31 +02:00
|
|
|
@staticmethod
|
|
|
|
def kde_guid_args(vm):
|
|
|
|
'''Return KDE-specific arguments for guid, if applicable'''
|
|
|
|
|
|
|
|
guid_cmd = []
|
|
|
|
# Avoid using environment variables for checking the current session,
|
|
|
|
# because this script may be called with cleared env (like with sudo).
|
|
|
|
if subprocess.check_output(
|
|
|
|
['xprop', '-root', '-notype', 'KDE_SESSION_VERSION']) == \
|
|
|
|
'KDE_SESSION_VERSION = 5\n':
|
|
|
|
# native decoration plugins is used, so adjust window properties
|
|
|
|
# accordingly
|
|
|
|
guid_cmd += ['-T'] # prefix window titles with VM name
|
|
|
|
# get owner of X11 session
|
|
|
|
session_owner = None
|
|
|
|
for line in subprocess.check_output(['xhost']).splitlines():
|
2017-02-21 00:46:58 +01:00
|
|
|
if line == b'SI:localuser:root':
|
2016-09-06 13:32:31 +02:00
|
|
|
pass
|
2017-02-21 00:46:58 +01:00
|
|
|
elif line.startswith(b'SI:localuser:'):
|
2016-09-06 13:32:31 +02:00
|
|
|
session_owner = line.split(":")[2]
|
|
|
|
if session_owner is not None:
|
|
|
|
data_dir = os.path.expanduser(
|
|
|
|
'~{}/.local/share'.format(session_owner))
|
|
|
|
else:
|
|
|
|
# fallback to current user
|
|
|
|
data_dir = os.path.expanduser('~/.local/share')
|
|
|
|
|
|
|
|
guid_cmd += ['-p',
|
|
|
|
'_KDE_NET_WM_COLOR_SCHEME=s:{}'.format(
|
|
|
|
os.path.join(data_dir,
|
|
|
|
'qubes-kde', vm.label.name + '.colors'))]
|
|
|
|
return guid_cmd
|
|
|
|
|
|
|
|
|
2016-03-14 22:16:52 +01:00
|
|
|
@qubes.ext.handler('domain-start', 'domain-cmd-pre-run')
|
|
|
|
def start_guid(self, vm, event, preparing_dvm=False, start_guid=True,
|
2016-03-05 10:57:58 +01:00
|
|
|
extra_guid_args=None, **kwargs):
|
|
|
|
'''Launch gui daemon.
|
|
|
|
|
|
|
|
GUI daemon securely displays windows from domain.
|
|
|
|
''' # pylint: disable=no-self-use,unused-argument
|
|
|
|
|
2017-01-18 03:26:32 +01:00
|
|
|
|
|
|
|
if not start_guid or preparing_dvm:
|
2016-03-05 10:57:58 +01:00
|
|
|
return
|
|
|
|
|
2016-04-27 15:24:10 +02:00
|
|
|
if self.is_guid_running(vm):
|
2016-03-17 11:52:52 +01:00
|
|
|
return
|
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
if not vm.features.check_with_template('gui', not vm.hvm):
|
|
|
|
vm.log.debug('Not starting gui daemon, disabled by features')
|
|
|
|
return
|
|
|
|
|
|
|
|
if not os.getenv('DISPLAY'):
|
|
|
|
vm.log.error('Not starting gui daemon, no DISPLAY set')
|
|
|
|
return
|
|
|
|
|
2017-01-18 03:26:32 +01:00
|
|
|
display = os.getenv('DISPLAY')
|
|
|
|
if not display.startswith(':'):
|
|
|
|
vm.log.error('Expected local $DISPLAY, got \'{}\''.format(display))
|
|
|
|
return
|
|
|
|
|
|
|
|
display_num = display[1:].partition('.')[0]
|
|
|
|
shmid_path = '/var/run/qubes/shm.id.{}'.format(display_num)
|
|
|
|
if not os.path.exists(shmid_path):
|
|
|
|
vm.log.error(
|
|
|
|
'Not starting gui daemon, no {} file'.format(shmid_path))
|
|
|
|
return
|
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
vm.log.info('Starting gui daemon')
|
|
|
|
|
|
|
|
guid_cmd = [qubes.config.system_path['qubes_guid_path'],
|
|
|
|
'-d', str(vm.xid), '-N', vm.name,
|
|
|
|
'-c', vm.label.color,
|
|
|
|
'-i', vm.label.icon_path,
|
|
|
|
'-l', str(vm.label.index)]
|
2016-03-16 18:07:49 +01:00
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
if extra_guid_args is not None:
|
|
|
|
guid_cmd += extra_guid_args
|
|
|
|
|
|
|
|
if vm.debug:
|
|
|
|
guid_cmd += ['-v', '-v']
|
|
|
|
|
|
|
|
# elif not verbose:
|
|
|
|
else:
|
|
|
|
guid_cmd += ['-q']
|
|
|
|
|
2016-03-16 18:07:49 +01:00
|
|
|
if vm.hvm:
|
|
|
|
guid_cmd += ['-Q', '-n']
|
|
|
|
|
2016-06-02 22:02:06 +02:00
|
|
|
stubdom_guid_pidfile = '/var/run/qubes/guid-running.{}'.format(
|
|
|
|
self.get_stubdom_xid(vm))
|
2016-03-16 18:07:49 +01:00
|
|
|
if not vm.debug and os.path.exists(stubdom_guid_pidfile):
|
|
|
|
# Terminate stubdom guid once "real" gui agent connects
|
2016-06-02 22:02:06 +02:00
|
|
|
stubdom_guid_pid = \
|
|
|
|
open(stubdom_guid_pidfile, 'r').read().strip()
|
2016-03-16 18:07:49 +01:00
|
|
|
guid_cmd += ['-K', stubdom_guid_pid]
|
|
|
|
|
2016-09-06 13:32:31 +02:00
|
|
|
guid_cmd += self.kde_guid_args(vm)
|
|
|
|
|
2016-03-16 18:07:49 +01:00
|
|
|
try:
|
2016-09-06 13:34:26 +02:00
|
|
|
vm.start_daemon(guid_cmd)
|
2016-03-16 18:07:49 +01:00
|
|
|
except subprocess.CalledProcessError:
|
2016-03-05 10:57:58 +01:00
|
|
|
raise qubes.exc.QubesVMError(vm,
|
|
|
|
'Cannot start qubes-guid for domain {!r}'.format(vm.name))
|
|
|
|
|
2016-03-17 11:52:52 +01:00
|
|
|
vm.fire_event('monitor-layout-change')
|
2016-03-05 10:57:58 +01:00
|
|
|
|
|
|
|
|
2016-03-16 18:07:49 +01:00
|
|
|
@staticmethod
|
|
|
|
def get_stubdom_xid(vm):
|
|
|
|
if vm.xid < 0:
|
|
|
|
return -1
|
|
|
|
|
|
|
|
if vm.app.vmm.xs is None:
|
|
|
|
return -1
|
|
|
|
|
|
|
|
stubdom_xid_str = vm.app.vmm.xs.read('',
|
|
|
|
'/local/domain/{}/image/device-model-domid'.format(vm.xid))
|
|
|
|
if stubdom_xid_str is None or not stubdom_xid_str.isdigit():
|
|
|
|
return -1
|
|
|
|
|
|
|
|
return int(stubdom_xid_str)
|
|
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def send_gui_mode(vm):
|
|
|
|
vm.run_service('qubes.SetGuiMode',
|
|
|
|
input=('SEAMLESS'
|
|
|
|
if vm.features.get('gui-seamless', False)
|
|
|
|
else 'FULLSCREEN'))
|
|
|
|
|
|
|
|
|
|
|
|
@qubes.ext.handler('domain-spawn')
|
|
|
|
def on_domain_spawn(self, vm, event, start_guid=True, **kwargs):
|
2016-06-02 22:02:06 +02:00
|
|
|
# pylint: disable=unused-argument
|
2016-03-16 18:07:49 +01:00
|
|
|
if not start_guid:
|
|
|
|
return
|
|
|
|
|
|
|
|
if not vm.hvm:
|
|
|
|
return
|
|
|
|
|
|
|
|
if not os.getenv('DISPLAY'):
|
|
|
|
vm.log.error('Not starting gui daemon, no DISPLAY set')
|
|
|
|
return
|
|
|
|
|
|
|
|
guid_cmd = [qubes.config.system_path['qubes_guid_path'],
|
|
|
|
'-d', str(self.get_stubdom_xid(vm)),
|
|
|
|
'-t', str(vm.xid),
|
|
|
|
'-N', vm.name,
|
|
|
|
'-c', vm.label.color,
|
|
|
|
'-i', vm.label.icon_path,
|
|
|
|
'-l', str(vm.label.index),
|
|
|
|
]
|
|
|
|
|
|
|
|
if vm.debug:
|
|
|
|
guid_cmd += ['-v', '-v']
|
|
|
|
else:
|
|
|
|
guid_cmd += ['-q']
|
|
|
|
|
2016-09-06 13:32:31 +02:00
|
|
|
guid_cmd += self.kde_guid_args(vm)
|
|
|
|
|
2016-03-16 18:07:49 +01:00
|
|
|
try:
|
2016-09-06 13:34:26 +02:00
|
|
|
vm.start_daemon(guid_cmd)
|
2016-06-02 22:02:06 +02:00
|
|
|
except subprocess.CalledProcessError:
|
2016-03-16 18:07:49 +01:00
|
|
|
raise qubes.exc.QubesVMError(vm, 'Cannot start gui daemon')
|
|
|
|
|
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
@qubes.ext.handler('monitor-layout-change')
|
2017-02-21 14:09:06 +01:00
|
|
|
def on_monitor_layout_change(self, vm, event, layout=None):
|
2016-06-02 22:02:06 +02:00
|
|
|
# pylint: disable=no-self-use,unused-argument
|
2016-03-05 10:57:58 +01:00
|
|
|
if vm.features.check_with_template('no-monitor-layout', False) \
|
|
|
|
or not vm.is_running():
|
|
|
|
return
|
|
|
|
|
2017-02-21 14:09:06 +01:00
|
|
|
if layout is None:
|
|
|
|
layout = get_monitor_layout()
|
|
|
|
if not layout:
|
2016-03-17 11:52:52 +01:00
|
|
|
return
|
|
|
|
|
2016-03-05 10:57:58 +01:00
|
|
|
pipe = vm.run('QUBESRPC qubes.SetMonitorLayout dom0',
|
|
|
|
passio_popen=True, wait=True)
|
|
|
|
|
2017-02-21 00:46:58 +01:00
|
|
|
pipe.stdin.write(''.join(layout).encode())
|
2016-03-05 10:57:58 +01:00
|
|
|
pipe.stdin.close()
|
|
|
|
pipe.wait()
|
2016-04-19 15:59:25 +02:00
|
|
|
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def is_guid_running(vm):
|
|
|
|
'''Check whether gui daemon for this domain is available.
|
|
|
|
|
|
|
|
:returns: :py:obj:`True` if guid is running, \
|
|
|
|
:py:obj:`False` otherwise.
|
|
|
|
:rtype: bool
|
|
|
|
'''
|
2016-04-27 15:24:10 +02:00
|
|
|
xid = vm.xid
|
2016-04-19 15:59:25 +02:00
|
|
|
if xid < 0:
|
|
|
|
return False
|
|
|
|
if not os.path.exists('/var/run/qubes/guid-running.{}'.format(xid)):
|
|
|
|
return False
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
@qubes.ext.handler('domain-is-fully-usable')
|
|
|
|
def on_domain_is_fully_usable(self, vm, event):
|
2016-06-02 22:02:06 +02:00
|
|
|
# pylint: disable=unused-argument
|
2016-04-19 15:59:25 +02:00
|
|
|
if not self.is_guid_running(vm):
|
|
|
|
yield False
|