123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223 |
- #!/usr/bin/python2.6
- #
- # The Qubes OS Project, http://www.qubes-os.org
- #
- # Copyright (C) 2010 Rafal Wojtczuk <rafal@invisiblethingslab.com>
- #
- # This program is free software; you can redistribute it and/or
- # modify it under the terms of the GNU General Public License
- # as published by the Free Software Foundation; either version 2
- # of the License, or (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program; if not, write to the Free Software
- # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- #
- #
- import xen.lowlevel.xs
- import os
- import sys
- import subprocess
- import daemon
- import time
- from qubes.qubes import QubesVmCollection
- from qubes.qubes import QubesException
- from qubes.qubes import QubesDaemonPidfile
- filename_seq = 50
- pen_cmd = '/usr/lib/qubes/qubes_pencmd'
- def get_next_filename_seq():
- global filename_seq
- filename_seq = filename_seq + 1
- return str(filename_seq)
- def logproc(msg):
- f = file('/var/log/qubes/qfileexchgd', 'a')
- f.write(msg+'\n')
- f.close()
- def get_req_node(domain_id):
- return '/local/domain/'+domain_id+'/device/qpen'
- def get_name_node(domain_id):
- return '/local/domain/'+domain_id+'/name'
- def only_in_first_list(l1, l2):
- ret=[]
- for i in l1:
- if not i in l2:
- ret.append(i)
- return ret
- class WatchType:
- def __init__(self, fn, param):
- self.fn = fn
- self.param = param
- class DomainState:
- def __init__(self, domain, dict):
- self.rcv_state = 'idle'
- self.send_state = 'idle'
- self.domain_id = domain
- self.domdict = dict
- self.send_seq = None
- self.rcv_seq = None
- self.waiting_sender = None
- def handle_request(self, request):
- req_ok = False
- if request is None:
- return
- tmp = request.split()
- rq = tmp[0]
- if len(tmp) > 1:
- arg = tmp[1]
- else:
- arg = None
- if rq == 'new' and self.send_state == 'idle':
- self.send_seq = get_next_filename_seq()
- retcode = subprocess.call([pen_cmd, 'new', self.domain_id, self.send_seq])
- logproc( 'Give domain ' + self.domain_id + ' a clean pendrive, retcode= ' + str(retcode))
- if retcode == 0:
- self.send_state = 'has_clean_pendrive'
- req_ok = True
- if rq == 'send' and self.send_state == 'has_clean_pendrive' and arg is not None:
- logproc( 'send from ' + self.domain_id + ' to ' + arg)
- if self.handle_transfer(arg):
- self.send_state = 'idle'
- req_ok = True;
- if rq == 'umount' and self.rcv_state == 'has_loaded_pendrive':
- retcode = subprocess.call([pen_cmd, 'umount', self.domain_id, self.rcv_seq])
- if retcode == 0:
- self.rcv_state = 'idle'
- self.rcv_seq = None
- logproc( 'set state of ' + self.domain_id + ' loaded->idle retcode=' + str(retcode))
- req_ok = True
- if rq == 'umount' and self.rcv_state == 'waits_to_umount':
- req_ok = True
- retcode = subprocess.call([pen_cmd, 'umount', self.domain_id, self.rcv_seq])
- if retcode != 0:
- return
- assert(self.waiting_sender != None)
- self.rcv_state = 'idle'
- self.rcv_seq = None
- tmp = self.waiting_sender
- self.waiting_sender = None
- if tmp.send_state == 'has_clean_pendrive':
- if tmp.handle_transfer(self.name):
- tmp.send_state = 'idle'
- if not req_ok:
- logproc( 'request ' + request + ' not served due to nonmatching state')
- def ask_to_umount(self, vmname):
- q = 'VM ' + vmname + ' has already an incoming pendrive, and thus '
- q+= 'cannot accept another one. If you intend to unmount its current '
- q+= 'pendrive and retry this transfer, press Yes. '
- q+= 'Otherwise press No to fail this transfer.'
- retcode = subprocess.call(['/usr/bin/kdialog', '--yesno', q, '--title', 'Some additional action required'])
- if retcode == 0:
- return True
- else:
- return False
- def handle_transfer(self, vmname):
- qvm_collection = QubesVmCollection()
- qvm_collection.lock_db_for_reading()
- qvm_collection.load()
- qvm_collection.unlock_db()
- vm = qvm_collection.get_vm_by_name(vmname)
- if vm is None:
- logproc( 'Domain ' + vmname + ' does not exist ?')
- return False
- if not vm.is_running():
- logproc( 'Domain ' + vmname + ' is not running ?')
- return False
- target=self.domdict[str(vm.get_xid())]
- if target.rcv_state != 'idle':
- if self.ask_to_umount(vmname):
- target.rcv_state='waits_to_umount'
- target.waiting_sender=self
- logproc( 'target domain ' + target.domain_id + ' is not idle, now ' + target.rcv_state)
- return False
- retcode = subprocess.call(['/usr/bin/kdialog', '--yesno', 'Do you authorize pendrive transfer from ' + self.name + ' to ' + vmname + '?' , '--title', 'Security confirmation'])
- logproc('handle_transfer: kdialog retcode=' + str(retcode))
- if retcode != 0:
- return False
- target.rcv_state='has_loaded_pendrive'
- retcode = subprocess.call([pen_cmd, 'send', self.domain_id, target.domain_id, self.send_seq])
- target.rcv_seq = self.send_seq
- self.send_seq = None
- logproc( 'set state of ' + target.domain_id + ' to has_loaded_pendrive, retcode=' + str(retcode))
- return True
- class XS_Watcher:
- def __init__(self):
- self.handle = xen.lowlevel.xs.xs()
- self.handle.watch('/local/domain', WatchType(XS_Watcher.dom_list_change, None))
- self.domdict = {}
- def dom_list_change(self, param):
- curr = self.handle.ls('', '/local/domain')
- if curr == None:
- return
- for i in only_in_first_list(curr, self.domdict.keys()):
- newdom = DomainState(i, self.domdict)
- newdom.watch_token = WatchType(XS_Watcher.request, newdom)
- newdom.watch_name = WatchType(XS_Watcher.namechange, newdom)
- self.domdict[i] = newdom
- self.handle.watch(get_req_node(i), newdom.watch_token)
- self.handle.watch(get_name_node(i), newdom.watch_name)
- newdom.name = ''
- logproc( 'added domain ' + i)
- for i in only_in_first_list(self.domdict.keys(), curr):
- self.handle.unwatch(get_req_node(i), self.domdict[i].watch_token)
- self.handle.unwatch(get_name_node(i), self.domdict[i].watch_name)
- self.domdict.pop(i)
- logproc( 'removed domain ' + i)
- def request(self, domain_param):
- ret = self.handle.read('', get_req_node(domain_param.domain_id))
- domain_param.handle_request(ret)
- def namechange(self, domain_param):
- ret = self.handle.read('', get_name_node(domain_param.domain_id))
- if ret!= '' and ret!=None:
- domain_param.name = ret
- logproc( 'Name for domain xid ' + domain_param.domain_id + ' is ' + ret )
- def watch_loop(self):
- sys.stderr = file('/var/log/qubes/qfileexchgd.errors', 'a')
- while True:
- result = self.handle.read_watch()
- token = result[1]
- token.fn(self, token.param)
- def main():
- lock = QubesDaemonPidfile ("qfileexchgd")
- if lock.pidfile_exists():
- if lock.pidfile_is_stale():
- lock.remove_pidfile()
- print "Removed stale pidfile (has the previous daemon instance crashed?)."
- else:
- exit (0)
- context = daemon.DaemonContext(
- working_directory = "/var/run/qubes",
- pidfile = lock)
- with context:
- XS_Watcher().watch_loop()
- main()
|