From 7a6e4b284f56f76d72764409c8ac3e58e24adbc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Thu, 6 Dec 2018 20:28:35 +0100 Subject: [PATCH] vm/mix/net: prevent setting provides_network=false if qube is still used Add symmetric check to the one in 'netvm' property. Fixes QubesOS/qubes-issues#4552 --- qubes/tests/vm/mix/net.py | 13 +++++++++++++ qubes/vm/mix/net.py | 12 +++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/qubes/tests/vm/mix/net.py b/qubes/tests/vm/mix/net.py index f9bcbb6b..a8b1e1f5 100644 --- a/qubes/tests/vm/mix/net.py +++ b/qubes/tests/vm/mix/net.py @@ -141,3 +141,16 @@ class TC_00_NetVMMixin( self.assertPropertyInvalidValue(vm, 'ip', 'zzzz') self.assertPropertyInvalidValue(vm, 'ip', '1:2:3:4:5:6:7:8:0:a:b:c:d:e:f:0') + + def test_170_provides_network_netvm(self): + vm = self.get_vm() + vm2 = self.get_vm('test2', qid=3) + self.assertPropertyDefaultValue(vm, 'provides_network', False) + self.assertPropertyInvalidValue(vm2, 'netvm', vm) + self.assertPropertyValue(vm, 'provides_network', True, True, 'True') + self.assertPropertyValue(vm2, 'netvm', vm, vm, 'test-inst-test') + # used by other vm + self.assertPropertyInvalidValue(vm, 'provides_network', False) + self.assertPropertyValue(vm2, 'netvm', None, None, '') + self.assertPropertyValue(vm2, 'netvm', '', None, '') + self.assertPropertyValue(vm, 'provides_network', False, False, 'False') diff --git a/qubes/vm/mix/net.py b/qubes/vm/mix/net.py index 98a2e6a2..e19780d4 100644 --- a/qubes/vm/mix/net.py +++ b/qubes/vm/mix/net.py @@ -80,6 +80,16 @@ def _setter_netvm(self, prop, value): 'Loops in network are unsupported') return value +def _setter_provides_network(self, prop, value): + value = qubes.property.bool(self, prop, value) + if not value: + if list(self.connected_vms): + raise qubes.exc.QubesValueError( + 'The qube is still used by other qubes, change theirs ' + '\'netvm\' first') + + return value + class NetVMMixin(qubes.events.Emitter): ''' Mixin containing network functionality ''' @@ -105,7 +115,7 @@ class NetVMMixin(qubes.events.Emitter): NetVM.''') provides_network = qubes.property('provides_network', default=False, - type=bool, setter=qubes.property.bool, + type=bool, setter=_setter_provides_network, doc='''If this domain can act as network provider (formerly known as NetVM or ProxyVM)''')