Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add an extension preventing starting a VM while it's being restored

Browse Source 
Do not allow starting a VM while the restoring management VM has still
control over it. Specifically, that restoring VM will not be able to
start just restored VM.

QubesOS/qubes-issues#5310
This commit is contained in:
Marek Marczykowski-Górecki 2019-09-15 03:41:33 +02:00
parent 6f87f310db
commit 2cdba05c99
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
3 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
qubes/ext/backup_restore.py Normal file
View File

@ -0,0 +1,39 @@
# -*- encoding: utf8 -*-
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2019 Marek Marczykowski-Górecki
# <marmarek@invisiblethingslab.com>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, see <https://www.gnu.org/licenses/>.
"""
Backup restore related functionality. Specifically:
- prevent starting a domain currently being restored
"""
import qubes.api
import qubes.ext
import qubes.vm.adminvm
class BackupRestoreExtension(qubes.ext.Extension):
# pylint: disable=too-few-public-methods
@qubes.ext.handler('domain-pre-start')
def on_domain_pre_start(self, vm, event, **kwargs):
"""Prevent starting a VM during restore"""
# pylint: disable=unused-argument,no-self-use
if 'backup-restore-in-progress' in vm.tags:
raise qubes.exc.QubesVMError(
vm, 'Restore of this domain in progress, cannot start')

1
rpm_spec/core-dom0.spec.in
View File

@ -416,6 +416,7 @@ done
%{python3_sitelib}/qubes/ext/__pycache__/* %{python3_sitelib}/qubes/ext/__pycache__/*
%{python3_sitelib}/qubes/ext/__init__.py %{python3_sitelib}/qubes/ext/__init__.py
%{python3_sitelib}/qubes/ext/admin.py %{python3_sitelib}/qubes/ext/admin.py
%{python3_sitelib}/qubes/ext/backup_restore.py
%{python3_sitelib}/qubes/ext/block.py %{python3_sitelib}/qubes/ext/block.py
%{python3_sitelib}/qubes/ext/core_features.py %{python3_sitelib}/qubes/ext/core_features.py
%{python3_sitelib}/qubes/ext/gui.py %{python3_sitelib}/qubes/ext/gui.py

2
setup.py
View File

@ -61,6 +61,8 @@ if __name__ == '__main__':
], ],
'qubes.ext': [ 'qubes.ext': [
'qubes.ext.admin = qubes.ext.admin:AdminExtension', 'qubes.ext.admin = qubes.ext.admin:AdminExtension',
'qubes.ext.backup_restore = '
'qubes.ext.backup_restore:BackupRestoreExtension',
'qubes.ext.core_features = qubes.ext.core_features:CoreFeatures', 'qubes.ext.core_features = qubes.ext.core_features:CoreFeatures',
'qubes.ext.gui = qubes.ext.gui:GUI', 'qubes.ext.gui = qubes.ext.gui:GUI',
'qubes.ext.audio = qubes.ext.audio:AUDIO', 'qubes.ext.audio = qubes.ext.audio:AUDIO',