From 2cdba05c99688229eaeced52503d43db955f9006 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Sun, 15 Sep 2019 03:41:33 +0200 Subject: [PATCH] Add an extension preventing starting a VM while it's being restored Do not allow starting a VM while the restoring management VM has still control over it. Specifically, that restoring VM will not be able to start just restored VM. QubesOS/qubes-issues#5310 --- qubes/ext/backup_restore.py | 39 +++++++++++++++++++++++++++++++++++++ rpm_spec/core-dom0.spec.in | 1 + setup.py | 2 ++ 3 files changed, 42 insertions(+) create mode 100644 qubes/ext/backup_restore.py diff --git a/qubes/ext/backup_restore.py b/qubes/ext/backup_restore.py new file mode 100644 index 00000000..97746efe --- /dev/null +++ b/qubes/ext/backup_restore.py @@ -0,0 +1,39 @@ +# -*- encoding: utf8 -*- +# +# The Qubes OS Project, http://www.qubes-os.org +# +# Copyright (C) 2019 Marek Marczykowski-Górecki +# +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, see . + +""" +Backup restore related functionality. Specifically: + - prevent starting a domain currently being restored +""" + +import qubes.api +import qubes.ext +import qubes.vm.adminvm + + +class BackupRestoreExtension(qubes.ext.Extension): + # pylint: disable=too-few-public-methods + @qubes.ext.handler('domain-pre-start') + def on_domain_pre_start(self, vm, event, **kwargs): + """Prevent starting a VM during restore""" + # pylint: disable=unused-argument,no-self-use + if 'backup-restore-in-progress' in vm.tags: + raise qubes.exc.QubesVMError( + vm, 'Restore of this domain in progress, cannot start') diff --git a/rpm_spec/core-dom0.spec.in b/rpm_spec/core-dom0.spec.in index 05674aca..ac0fcabd 100644 --- a/rpm_spec/core-dom0.spec.in +++ b/rpm_spec/core-dom0.spec.in @@ -416,6 +416,7 @@ done %{python3_sitelib}/qubes/ext/__pycache__/* %{python3_sitelib}/qubes/ext/__init__.py %{python3_sitelib}/qubes/ext/admin.py +%{python3_sitelib}/qubes/ext/backup_restore.py %{python3_sitelib}/qubes/ext/block.py %{python3_sitelib}/qubes/ext/core_features.py %{python3_sitelib}/qubes/ext/gui.py diff --git a/setup.py b/setup.py index 1a606caf..e6fdd8e1 100644 --- a/setup.py +++ b/setup.py @@ -61,6 +61,8 @@ if __name__ == '__main__': ], 'qubes.ext': [ 'qubes.ext.admin = qubes.ext.admin:AdminExtension', + 'qubes.ext.backup_restore = ' + 'qubes.ext.backup_restore:BackupRestoreExtension', 'qubes.ext.core_features = qubes.ext.core_features:CoreFeatures', 'qubes.ext.gui = qubes.ext.gui:GUI', 'qubes.ext.audio = qubes.ext.audio:AUDIO',