Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,938 Commits 1 Branch 0 Tags 20 MiB
3f5a34f635
Commit Graph

1938 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
3f5a34f635 Revert "dom0/qrexec: use default user from VM settings" 
This reverts commit b1ccc9a510e465b8b59f12bafb7735664c4101d0.
This can be handled by qrexec_daemon itself.

Conflicts:

	qrexec/qrexec_policy
 2012-08-30 17:47:32 +02:00
Marek Marczykowski
46fd664ba3 dom0/qrexec: implement default user handling in qrexec_daemon 
This will simplify using qrexec from utilities which doen't load qubes.xml
normally (like qrexec_policy, gui daemon).
 2012-08-30 17:44:52 +02:00
Marek Marczykowski
4e2f47d95c dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-08-27 00:53:58 +02:00
Marek Marczykowski
3bce6047b5 dom0/qrexec: properly process data after client terminated one way of transfer 
Instead of removing client from list at EPIPE error from write, assume that
client does not wish read future data, but still can write something.
 2012-08-27 00:49:45 +02:00
Marek Marczykowski
f79101d114 dom0/qrexec: fix the case when client disconnected while sending cmdline 
Previously there was not cleaned up entry in clients table. Not critical, as
will be reset to known state at new client connect, but still fix it.
 2012-08-27 00:48:36 +02:00
Marek Marczykowski
89ab002db1 dom0/qrexec: minor FD leak fix 
qrexec_client will be shortly terminated after that, but still fix it.
 2012-08-27 00:48:36 +02:00
Marek Marczykowski
d1882bb9fc vm/filecopy: close stdin when no more data will be read 
This will allow qrexec_agent drop the data instead of buffering it.
 2012-08-27 00:48:35 +02:00
Marek Marczykowski
4ae822846d vm/filecopy: add one missing write() error checking 2012-08-27 00:48:35 +02:00
Marek Marczykowski
6984c4d795 vm/qrexec: better handle the case when child process closes its stdin 
Instead of assuming process termination (because of write returned EPIPE), just
do not write to the process pipe, but still process the data in opposite
direction until EOF received.
 2012-08-27 00:48:22 +02:00
Marek Marczykowski
798d239c15 vm/qrexec: fix race between child cleanup and select call 
reap_children() can close FD, which was already added to FD_SET for select.
This can lead to EBADF and agent termination.
 2012-08-27 00:20:25 +02:00
Marek Marczykowski
1c04920833 vm/qrexec: log exit code in "sending exit code" message 2012-08-27 00:18:35 +02:00
Marek Marczykowski
6305e6cbe1 dom0/qvm-block: rework device name parsing to better support c0p1 name style 2012-08-26 14:41:35 +02:00
Marek Marczykowski
fefb6d9cff vm+dom0/filecopy-unpacker: send errors to qfile-agent istead of local message (#239) 
Because unpacker no longer require GUI access, there is no need for separate
process for error reporting. Which greatly simplify the code.
 2012-08-25 02:09:45 +02:00
Marek Marczykowski
cec58c048a vm/filecopy-agent: check for unpacker errors during transfer (#239) 
If unpacker encounter error it sends result header immediately - detect it as
soon as possible and do not send rest of file(s).
 2012-08-25 01:26:19 +02:00
Marek Marczykowski
87511f3112 vm/filecopy: support nonblocking fd in read_all 
This will be needed to (non blocking) check if data is available on pipe -
especially to receive possible error from the other end (which will be
introduced sometime later).
 2012-08-25 01:22:00 +02:00
Marek Marczykowski
62f626e68f vm/filecopy: close unused fds in parent process 2012-08-25 01:19:47 +02:00
Marek Marczykowski
c9a43f66ed dom0/qrexec: do not exit client before all data in both direction transfered 
When qrexec_client cannot write to its stdout, this doesn't necessary mean that
there is no data in opposite direction.
Simple example is RPC service: when process in destination VM closes its stdin,
it can still send some data to triggering VM.
 2012-08-25 01:17:50 +02:00
Marek Marczykowski
77b2758c93 vm/qubes-rpc: move set_(non)?block to ioall.c as can be used not only in qrexec 2012-08-25 01:11:22 +02:00
Marek Marczykowski
e03eab7137 vm/filecopy: remove duplicated error reporting 
Each write_all is check for errors (when it makes sense) with own perror call,
so don't dupplicate messages.
 2012-08-25 01:06:25 +02:00
Marek Marczykowski
ab52153ab2 win/vchan: remove outstanding evtchn events on libvchan_wait 
Windows evtchn driver can double fire on one event (details in
xenpci/evtchn_device_interface.c:EvtChn_EvtIoWrite). Less intrusive way of
fixing it is just remove all events from queue on libvchan_wait (to prevent
queue fill).
This won't hurt because we are interested in events only sent
after xc_evtchn_unmask call which is one line below.
 2012-08-23 21:39:41 +02:00
Marek Marczykowski
c0455ac641 Merge branch 'master' into hvm 
Conflicts:
	dom0/qvm-tools/qvm-create
	version_dom0
 2012-08-23 11:11:59 +02:00
Marek Marczykowski
1cd3ef3456 dom0/qvm-tools: catch exceptions while settting VM name (#656) 2012-08-23 04:02:50 +02:00
Marek Marczykowski
536eb00b9c dom0/core: verify VM name for not-allowed characters (#656) 2012-08-23 04:01:55 +02:00
Marek Marczykowski
dde1b5b2f5 dom0/qrexec: use QUBESRPC instead of direct multiplexer path 2012-08-23 03:59:31 +02:00
Marek Marczykowski
b7f5c6ac0b dom0/qvm-tools: catch exceptions while settting VM name (#656) 2012-08-23 03:48:03 +02:00
Marek Marczykowski
85565af560 dom0/core: verify VM name for not-allowed characters (#656) 2012-08-23 03:45:06 +02:00
Marek Marczykowski
4fcaf3e7b7 Revert "win: unmask evtchn before checking if libvchan_wait is needed" 
This reverts commit f7ce10db8f76f752cf9d65b420de352e70bdb048.
This should be fixed by doing 0-length reads in qrexec main loop (instead of
real read of fired port number).
 2012-08-23 01:58:44 +02:00
Marek Marczykowski
7c1dfe9266 dom0/qrexec: implement standalone policy evaluation (#12 pro) 
This change will allow to use the same policy mechanism to control clipboard
copy between domains.
 2012-08-18 22:08:26 +02:00
Marek Marczykowski
11e142adb3 dom0/qrexec: use default user from VM settings 2012-08-18 21:42:54 +02:00
Marek Marczykowski
d0f20e9e59 Merge remote-tracking branch 'joanna-pro/hvm' into hvm 2012-08-18 21:24:01 +02:00
Marek Marczykowski
7745e23137 dom0/qrexec: use QUBESRPC instead of direct multiplexer path 2012-08-18 21:21:20 +02:00
Marek Marczykowski
a98020eca7 dom0+vm/qfile-copy: use setuid instead of policy setting to allow chroot 
This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
 2012-08-18 21:17:07 +02:00
Marek Marczykowski
b05d035ff2 Merge remote-tracking branch 'alex/hvm' into hvm 2012-08-17 17:44:37 +02:00
Marek Marczykowski
cc23d3cb3d dom0/qubes_rpc: mark untrusted variables (#654) 2012-08-16 16:56:55 +02:00
Marek Marczykowski
26fca20d45 dom0/qmemman: fix reporting to qubes-manager 
When VM is shutting down, xenstore entries (especially 'name') can be deleted
before qmemman remove VM from its list. So check if name is defined before
reporting to qubes-manager.
 2012-08-16 16:56:55 +02:00
Marek Marczykowski
9b3a77bc1d dom0: move RPC services to separate directory (#654) 
This makes more clear which code have contact with untrusted data from VM.
 2012-08-16 16:56:16 +02:00
Joanna Rutkowska
ba85ca2df2 version 1.7.43 2012-08-10 14:45:19 +02:00
Marek Marczykowski
f41759a8b7 vm: ignore additional actions in *.desktop files (#631) 2012-08-10 11:08:05 +02:00
Marek Marczykowski
cb39325e6f vm: ignore additional actions in *.desktop files (#631) 2012-08-10 11:06:58 +02:00
Marek Marczykowski
a67bf1f1c0 Merge branch 'master' into hvm 2012-08-06 15:00:02 +02:00
Marek Marczykowski
038933789d vm/updates-proxy: fix regexp (#643) 2012-08-06 14:59:10 +02:00
Marek Marczykowski
4f56cf420a dom0/core: add missing "cleanup_dispvms" file (#648) 2012-08-06 14:57:30 +02:00
Marek Marczykowski
e1404a2d4f dom0/qvm-run: do not break --all when run in one VM failed 2012-08-04 04:15:33 +02:00
Marek Marczykowski
fa17c541af dom0: cleanup dead DispVMs at system startup (#648) 2012-08-04 00:57:34 +02:00
Marek Marczykowski
7677854fd2 dom0/core: make verbose parameter of create_appmenus optional 2012-08-04 00:37:14 +02:00
Marek Marczykowski
71c5ce14ef Merge remote-tracking branch 'alex/hvm' into hvm 2012-08-03 02:06:09 +02:00
Marek Marczykowski
ec47c5eb81 win: unmask evtchn before checking if libvchan_wait is needed 
This should prevent the race, when evtchn is signalled between condition check
and libvchan_wait call.
 2012-08-03 02:02:26 +02:00
Marek Marczykowski
847fe81dcd dom0/qvm-run: do not break --all when run in one VM failed 2012-08-01 01:01:37 +02:00
Marek Marczykowski
e6c8bf81fd Merge branch 'master' into hvm 
Conflicts:
	version_dom0
 2012-08-01 00:55:05 +02:00
Marek Marczykowski
b7d2667b1d vm/kernel-placeholder: simplify upgrade 2012-07-30 23:16:05 +02:00