Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'origin/pr/398'

Browse Source 
* origin/pr/398:
  api: improve handling of removed VMs just before the call (try 2)
This commit is contained in:
Marek Marczykowski-Górecki 2021-05-30 03:44:46 +02:00
commit e258dd0864
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
qubes/api/__init__.py
View File

@ -118,20 +118,21 @@ class AbstractQubesAPI:
#: :py:class:`qubes.Qubes` object #: :py:class:`qubes.Qubes` object
self.app = app self.app = app
#: source qube
self.src = self.app.domains[src.decode('ascii')]
try: try:
vm = src.decode('ascii')
#: source qube
self.src = self.app.domains[vm]
vm = dest.decode('ascii')
#: destination qube #: destination qube
self.dest = self.app.domains[dest.decode('ascii')] self.dest = self.app.domains[vm]
except KeyError: except KeyError:
# normally this should filtered out by qrexec policy, but there are # normally this should filtered out by qrexec policy, but there are
# two cases it might not be: # two cases it might not be:
# 1. The call comes from dom0, which bypasses qrexec policy # 1. The call comes from dom0, which bypasses qrexec policy
# 2. Domain was removed between checking the policy and here # 2. Domain was removed between checking the policy and here
# For uniform handling on the client side, treat this as permission # we inform the client accordingly
# denied error too raise qubes.exc.QubesVMNotFoundError(vm)
raise PermissionDenied
#: argument #: argument
self.arg = arg.decode('ascii') self.arg = arg.decode('ascii')