Commit Graph

76 Commits

Author SHA1 Message Date
Marek Marczykowski
2ddd53e1e4 vm: support for magic QUBESRPC command
Previously dom0 had to know full path of qubes_rpc_multiplexer in VM, which can
differ between VMs (eg totally different on Windows). This commit enables dom0
to magic keyword instead of full path.
2012-06-23 00:37:47 +02:00
Marek Marczykowski
1732679b18 vm/qrexec: removed obsolete "directly:" command prefix support
This was used for launching DispVM editor in pre-qrexec-RPC times.
2012-06-05 21:21:52 +02:00
Marek Marczykowski
63d7cb5231 qrexec: describe msg types in header file 2012-05-31 03:09:22 +02:00
Marek Marczykowski
adc0b6eff5 vm(+dom0): major rearrage VM files in repo; merge core-*vm packages 2012-01-06 21:31:12 +01:00
Marek Marczykowski
b8b5cf0a17 vm: force meminfo-writer to wait for the first user process (#392)
meminfo-writer will wait for SIGUSR1 - send by qrexec-agent on the first
qvm-run from dom0.
2011-12-26 23:39:25 +01:00
Marek Marczykowski
ce82303c16 dom0/qrexec: add missing space 2011-10-28 00:19:29 +02:00
Marek Marczykowski
1b42142e05 dom0/qrexec: change qrexec startup timeout to 60s (#373) 2011-10-18 00:09:34 +02:00
Marek Marczykowski
ede96353af dom0/qrexec: Add always allow option in qrexec confirmation dialog (#278) 2011-10-12 00:08:28 +02:00
Joanna Rutkowska
7d5609a80a dom0: qrexec_daemon: use 30s connect timeout instead of 120s 2011-09-09 16:34:41 +02:00
Marek Marczykowski
e2aeceb230 qrexec: Use pselect instead of select (#241)
Details here: http://wiki.qubes-os.org/trac/ticket/241
2011-09-01 14:56:19 +02:00
Rafal Wojtczuk
850cf003ce Add comments to policy files. 2011-07-25 01:49:25 +02:00
Rafal Wojtczuk
259d08a83e qrexec: use $anyvm and $dispvm symbols 2011-07-25 01:49:25 +02:00
Rafal Wojtczuk
abd8b79864 qrexec: impose startup time limit for qrexec_daemon 2011-07-25 01:49:24 +02:00
Marek Marczykowski
3e2c427953 gitignore 2011-07-10 12:47:09 +02:00
Rafal Wojtczuk
af92ce3e48 qrexec: added qrexec/README.rpc file
Short introduction to the new features.
2011-07-07 11:14:04 +02:00
Rafal Wojtczuk
2600134e3b qrexec: tiny corrections to rpc autostart code 2011-07-07 10:38:15 +02:00
Rafal Wojtczuk
77f21e08a4 qrexec: corrected stupid typo 2011-07-07 10:06:45 +02:00
Rafal Wojtczuk
65fe9e1b93 qrexec: manually autostart target rpc domain
option 2) from the previous commit comment
2011-07-07 10:05:41 +02:00
Rafal Wojtczuk
11c1cb0aa2 qrexec: temporarily disable auto executing domains upon rpc request
There are two problems with qvm-run -a:
1) even with -q flag, it spits to stdout (actually, "xl create" does it), and
this garbage is received by rpc client
2) even with -q flag, it steals input (actually, "qrexec ... wait for session")

These two can be manually fixed (by passing /dev/null appropriately); hovewer,
this is prone to disaster if qvm-run is enhanced/broken later.

We could do
if is_domain_running() ; then
	run qrexec client
else
	qvm-run -a domain true </dev/null >/dev/null
	run qrexec client
fi
which looks safer; but is_domain_running() is a bit expensive even in "running"
case - we need to xl_context.list_domains anyway.

Gotta decide on one of these.
2011-07-07 09:13:51 +02:00
Rafal Wojtczuk
c80ee3b231 qrexec: allow for more options in the policy files 2011-07-06 18:34:00 +02:00
Rafal Wojtczuk
7b39b15f6d qrexec: enforce strict character set in TRIGGER_EXEC message 2011-07-06 17:07:40 +02:00
Rafal Wojtczuk
ab6aeb0bca qrexec: in qrexec_client_vm, need to preserve absolute exe name before execv 2011-07-06 16:51:56 +02:00
Rafal Wojtczuk
b3ce35b5e2 qrexec: change qrexec_client_vm syntax to be nicer to read
Now the local_program is just before arguments, which is nicer.
2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
7d79a15c4b qrexec: support for rpc with dom0 as target 2011-07-06 13:56:57 +02:00
Rafal Wojtczuk
2fdf9761c7 qrexec: adjust DispVM code to the new qrexec API
Note, we have qvm-open-in-vm totally for free.
2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b7e8c2708c qrexec: adjust intervm file copy code to the new qrexec API 2011-07-06 10:17:58 +02:00
Rafal Wojtczuk
5b78e8f983 qrexec: dup old stdin/out fds, pass the dup-ed fds in SAVED_FD_%d env var 2011-07-05 20:01:28 +02:00
Rafal Wojtczuk
ecf200dca3 qrexec: last two missing pieces of the new rpc infrastructure 2011-07-05 18:35:03 +02:00
Rafal Wojtczuk
1e355f11d2 qrexec: in agent, use nonzero "fake" pid for existing process
Because 0 means invalid entry.
Also make sure that the rest of code handles -1 pid fine.
2011-07-05 13:04:34 +02:00
Rafal Wojtczuk
2c23891856 Revert "qrexec: in agent, use nonzero "fake" pid for existing process"
This reverts commit 9e77e8831e.
2011-07-05 12:58:27 +02:00
Rafal Wojtczuk
9e77e8831e qrexec: in agent, use nonzero "fake" pid for existing process
Because 0 means invalid entry.
2011-07-05 12:49:06 +02:00
Rafal Wojtczuk
9ac98a77b9 qrexec: in agent, handle CONNECT_EXISTING the way convenient for client 2011-07-05 12:46:33 +02:00
Rafal Wojtczuk
703cedc708 qrexec: fixed qrexec_client getopt handling 2011-07-05 11:04:44 +02:00
Rafal Wojtczuk
9c7eb81a23 qrexec: add qrexec_client_vm.c 2011-07-05 11:03:31 +02:00
Rafal Wojtczuk
b4f28152b8 qrexec: CONNECT_EXISTING command handling in daemon and client 2011-07-04 20:55:25 +02:00
Rafal Wojtczuk
c05b26763a qrexec: new communication scheme, agent<->server part
1) Instead of a set of predefined commands, we send MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING msg with a parameter (e.g. "org.qubes-os.vm.Filecopy")
defining required action
2) qrexec_daemon just forks qrexec_policy, that will take care of actually
allowing and executing required action
3) after MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING, qrexec_agent does not
execute a command - it justs uses already established file descriptors to
send data to/from. Thus, there is no need to use ~/.xxxxxspool - a command line
tool can have direct access to remote fds.
2011-07-04 18:56:56 +02:00
Rafal Wojtczuk
732a90443e qrexec: move daemon-specific code out of unix_server.c
So that agent can use code in unix_server.c
2011-07-04 17:06:29 +02:00
Marek Marczykowski
83d211836a dom0+vm: Trigger appmenus sync after yum transaction (#45), NEW QREXEC COMMAND
After yum transaction (install/upgrade/remove),
yum-plugin-post-transaction-actions will execute script which trigger
qvm-sync-appmenus in dom0 (through qrexec).
THIS INTRODUCE NEW PREDEFINED COMMAND IN QREXEC
2011-06-12 01:46:24 +02:00
Marek Marczykowski
986f4a888c Merge branch 'r1-beta1-fixes'
Conflicts:
	dom0/qvm-core/qubes.py
	version_dom0
	version_vm
2011-05-24 00:20:39 +02:00
Rafal Wojtczuk
e7d2eefecd qrexec: fix stdout flush on process exit
In case a child of qrexec_daemon has exited and there is still data in its
stdout pipe, we need to flush it to the peer. Previously, the case when the
peer is blocked was not handled; it is now. The bug impact was premature EOF.
2011-05-23 15:35:40 +02:00
Rafal Wojtczuk
c677f1cc4e qrexec and qfile-*: compile with -pie
For full ASLR.
2011-05-10 12:19:28 +02:00
Marek Marczykowski
ef517e5e66 Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-05-09 13:57:21 +02:00
Rafal Wojtczuk
8733c0ef77 qrexec_daemon: fixed typo in msg name 2011-05-09 13:31:38 +02:00
Marek Marczykowski
3d92e50792 Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-05-09 12:25:14 +02:00
Rafal Wojtczuk
d84289f983 qrexec - indentation 2011-05-04 13:00:39 +02:00
Rafal Wojtczuk
b4fb7a4b5d qrexec: added two I/O error checks, even though it is redundant in these cases 2011-05-04 12:56:52 +02:00
Rafal Wojtczuk
d68183da0c qrexec: added comments, made identifiers more verbose 2011-05-04 12:52:54 +02:00
Rafal Wojtczuk
675d4ce25b qrexec_daemon: add explicite sanitize routine
It sanitizes messages from agent, the only untrusted input. No new
checks have been added, just moved the code.
2011-05-04 10:53:43 +02:00
Marek Marczykowski
3f310e5f3e Adopt vchan to xen-libs-4.1.0 API.
Add #ifdefs to support new and old API
2011-04-19 01:21:48 +02:00
Rafal Wojtczuk
b7698de251 qrexec_daemon: print dots when waiting for agent 2011-03-31 11:23:44 +02:00