Merge branch 'hvm-for-master'

Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-sync-clock
	version_dom0
	vm-systemd/qubes-sysinit.sh
This commit is contained in:
Marek Marczykowski 2012-10-17 21:41:03 +02:00
commit a9fd8ec5dd
7 changed files with 99 additions and 81 deletions

View File

@ -32,6 +32,17 @@ void perror_wrapper(char * msg)
errno=prev; errno=prev;
} }
void set_nonblock(int fd)
{
int fl = fcntl(fd, F_GETFL, 0);
fcntl(fd, F_SETFL, fl | O_NONBLOCK);
}
void set_block(int fd)
{
int fl = fcntl(fd, F_GETFL, 0);
fcntl(fd, F_SETFL, fl & ~O_NONBLOCK);
}
int write_all(int fd, void *buf, int size) int write_all(int fd, void *buf, int size)
{ {
@ -42,7 +53,6 @@ int write_all(int fd, void *buf, int size)
if (ret == -1 && errno == EINTR) if (ret == -1 && errno == EINTR)
continue; continue;
if (ret <= 0) { if (ret <= 0) {
perror_wrapper("write");
return 0; return 0;
} }
written += ret; written += ret;
@ -65,9 +75,14 @@ int read_all(int fd, void *buf, int size)
return 0; return 0;
} }
if (ret < 0) { if (ret < 0) {
perror_wrapper("read"); if (errno != EAGAIN)
perror_wrapper("read");
return 0; return 0;
} }
if (got_read == 0) {
// force blocking operation on further reads
set_block(fd);
}
got_read += ret; got_read += ret;
} }
// fprintf(stderr, "read %d bytes\n", size); // fprintf(stderr, "read %d bytes\n", size);

View File

@ -1,3 +1,5 @@
int write_all(int fd, void *buf, int size); int write_all(int fd, void *buf, int size);
int read_all(int fd, void *buf, int size); int read_all(int fd, void *buf, int size);
int copy_fd_all(int fdout, int fdin); int copy_fd_all(int fdout, int fdin);
void set_nonblock(int fd);
void set_block(int fd);

View File

@ -9,6 +9,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <ioall.h> #include <ioall.h>
#include <unistd.h> #include <unistd.h>
#include <errno.h>
#include <gui-fatal.h> #include <gui-fatal.h>
#include "filecopy.h" #include "filecopy.h"
#include "crc32.h" #include "crc32.h"
@ -49,6 +50,37 @@ void do_notify_progress(long long total, int flag)
} }
} }
void wait_for_result()
{
struct result_header hdr;
if (!read_all(0, &hdr, sizeof(hdr))) {
if (errno == EAGAIN) {
// no result sent and stdin still open
return;
} else {
// other read error or EOF
exit(1); // hopefully remote has produced error message
}
}
if (hdr.error_code != 0) {
switch (hdr.error_code) {
case EEXIST:
gui_fatal("File copy: not overwriting existing file. Clean incoming dir, and retry copy");
break;
case EINVAL:
gui_fatal("File copy: Corrupted data from packer");
break;
default:
gui_fatal("File copy: %s",
strerror(hdr.error_code));
}
}
if (hdr.crc32 != crc32_sum) {
gui_fatal("File transfer failed: checksum mismatch");
}
}
void notify_progress(int size, int flag) void notify_progress(int size, int flag)
{ {
static long long total = 0; static long long total = 0;
@ -56,6 +88,11 @@ void notify_progress(int size, int flag)
total += size; total += size;
if (total > prev_total + PROGRESS_NOTIFY_DELTA if (total > prev_total + PROGRESS_NOTIFY_DELTA
|| (flag != PROGRESS_FLAG_NORMAL)) { || (flag != PROGRESS_FLAG_NORMAL)) {
// check for possible error from qfile-unpacker; if error occured,
// exit() will be called, so don't bother with current state
// (notify_progress can be called as callback from copy_file())
if (flag == PROGRESS_FLAG_NORMAL)
wait_for_result();
do_notify_progress(total, flag); do_notify_progress(total, flag);
prev_total = total; prev_total = total;
} }
@ -64,8 +101,11 @@ void notify_progress(int size, int flag)
void write_headers(struct file_header *hdr, char *filename) void write_headers(struct file_header *hdr, char *filename)
{ {
if (!write_all_with_crc(1, hdr, sizeof(*hdr)) if (!write_all_with_crc(1, hdr, sizeof(*hdr))
|| !write_all_with_crc(1, filename, hdr->namelen)) || !write_all_with_crc(1, filename, hdr->namelen)) {
set_block(0);
wait_for_result();
exit(1); exit(1);
}
} }
int single_file_processor(char *filename, struct stat *st) int single_file_processor(char *filename, struct stat *st)
@ -89,13 +129,15 @@ int single_file_processor(char *filename, struct stat *st)
hdr.filelen = st->st_size; hdr.filelen = st->st_size;
write_headers(&hdr, filename); write_headers(&hdr, filename);
ret = copy_file(1, fd, hdr.filelen, &crc32_sum); ret = copy_file(1, fd, hdr.filelen, &crc32_sum);
// if COPY_FILE_WRITE_ERROR, hopefully remote will produce a message
if (ret != COPY_FILE_OK) { if (ret != COPY_FILE_OK) {
if (ret != COPY_FILE_WRITE_ERROR) if (ret != COPY_FILE_WRITE_ERROR)
gui_fatal("Copying file %s: %s", filename, gui_fatal("Copying file %s: %s", filename,
copy_file_status_to_str(ret)); copy_file_status_to_str(ret));
else else {
set_block(0);
wait_for_result();
exit(1); exit(1);
}
} }
close(fd); close(fd);
} }
@ -109,9 +151,14 @@ int single_file_processor(char *filename, struct stat *st)
gui_fatal("readlink %s", filename); gui_fatal("readlink %s", filename);
hdr.filelen = st->st_size + 1; hdr.filelen = st->st_size + 1;
write_headers(&hdr, filename); write_headers(&hdr, filename);
if (!write_all_with_crc(1, name, st->st_size + 1)) if (!write_all_with_crc(1, name, st->st_size + 1)) {
set_block(0);
wait_for_result();
exit(1); exit(1);
}
} }
// check for possible error from qfile-unpacker
wait_for_result();
return 0; return 0;
} }
@ -147,7 +194,6 @@ int do_fs_walk(char *file)
void notify_end_and_wait_for_result() void notify_end_and_wait_for_result()
{ {
struct result_header hdr;
struct file_header end_hdr; struct file_header end_hdr;
/* nofity end of transfer */ /* nofity end of transfer */
@ -156,17 +202,8 @@ void notify_end_and_wait_for_result()
end_hdr.filelen = 0; end_hdr.filelen = 0;
write_all_with_crc(1, &end_hdr, sizeof(end_hdr)); write_all_with_crc(1, &end_hdr, sizeof(end_hdr));
/* wait for result */ set_block(0);
if (!read_all(0, &hdr, sizeof(hdr))) { wait_for_result();
exit(1); // hopefully remote has produced error message
}
if (hdr.error_code != 0) {
gui_fatal("Error writing files: %s",
strerror(hdr.error_code));
}
if (hdr.crc32 != crc32_sum) {
gui_fatal("File transfer failed: checksum mismatch");
}
} }
char *get_abs_path(char *cwd, char *pathname) char *get_abs_path(char *cwd, char *pathname)
@ -186,6 +223,8 @@ int main(int argc, char **argv)
char *sep; char *sep;
signal(SIGPIPE, SIG_IGN); signal(SIGPIPE, SIG_IGN);
// this will allow checking for possible feedback packet in the middle of transfer
set_nonblock(0);
notify_progress(0, PROGRESS_FLAG_INIT); notify_progress(0, PROGRESS_FLAG_INIT);
crc32_sum = 0; crc32_sum = 0;
cwd = getcwd(NULL, 0); cwd = getcwd(NULL, 0);

View File

@ -29,32 +29,14 @@ int prepare_creds_return_uid(char *username)
return pwd->pw_uid; return pwd->pw_uid;
} }
void wait_for_child(int statusfd) extern int do_unpack(void);
{
int status;
if (read(statusfd, &status, sizeof status)!=sizeof status)
gui_fatal("File copy error: Internal error reading status from unpacker");
errno = status;
switch (status) {
case LEGAL_EOF: break;
case 0: gui_fatal("File copy: Connection terminated unexpectedly"); break;
case EINVAL: gui_fatal("File copy: Corrupted data from packer"); break;
case EEXIST: gui_fatal("File copy: not overwriting existing file. Clean ~/incoming, and retry copy"); break;
default: gui_fatal("File copy");
}
}
extern void do_unpack(int);
int main(int argc, char ** argv) int main(int argc, char ** argv)
{ {
char *incoming_dir; char *incoming_dir;
int pipefds[2];
int uid; int uid;
char *remote_domain; char *remote_domain;
pipe(pipefds);
uid = prepare_creds_return_uid("user"); uid = prepare_creds_return_uid("user");
remote_domain = getenv("QREXEC_REMOTE_DOMAIN"); remote_domain = getenv("QREXEC_REMOTE_DOMAIN");
@ -67,23 +49,8 @@ int main(int argc, char ** argv)
mkdir(incoming_dir, 0700); mkdir(incoming_dir, 0700);
if (chdir(incoming_dir)) if (chdir(incoming_dir))
gui_fatal("Error chdir to %s", incoming_dir); gui_fatal("Error chdir to %s", incoming_dir);
switch (fork()) { if (chroot(incoming_dir)) //impossible
case -1: gui_fatal("Error chroot to %s", incoming_dir);
perror("fork");
exit(1);
case 0:
if (chroot(incoming_dir)) //impossible
gui_fatal("Error chroot to %s", incoming_dir);
setuid(uid);
close(pipefds[0]);
do_unpack(pipefds[1]);
exit(0);
default:;
}
setuid(uid); setuid(uid);
close(pipefds[1]); return do_unpack();
wait_for_child(pipefds[0]);
return 0;
} }

View File

@ -3,4 +3,4 @@
## Please use a single # to start your custom comments ## Please use a single # to start your custom comments
$anyvm $anyvm ask,user=root $anyvm $anyvm ask

View File

@ -35,14 +35,24 @@ int read_all_with_crc(int fd, void *buf, int size) {
return ret; return ret;
} }
int global_status_fd; void send_status_and_crc(int code) {
void do_exit(int code) struct result_header hdr;
{ int saved_errno;
int codebuf = code;
write(global_status_fd, &codebuf, sizeof codebuf); saved_errno = errno;
exit(0); hdr.error_code = code;
hdr.crc32 = crc32_sum;
if (!write_all(1, &hdr, sizeof(hdr)))
perror("write status");
errno = saved_errno;
} }
void do_exit(int code)
{
close(0);
send_status_and_crc(code);
exit(code);
}
void fix_times_and_perms(struct file_header *untrusted_hdr, void fix_times_and_perms(struct file_header *untrusted_hdr,
char *untrusted_name) char *untrusted_name)
@ -130,20 +140,8 @@ void process_one_file(struct file_header *untrusted_hdr)
do_exit(EINVAL); do_exit(EINVAL);
} }
void send_status_and_crc() { int do_unpack()
struct result_header hdr;
int saved_errno;
saved_errno = errno;
hdr.error_code = errno;
hdr.crc32 = crc32_sum;
write_all(1, &hdr, sizeof(hdr));
errno = saved_errno;
}
void do_unpack(int fd)
{ {
global_status_fd = fd;
struct file_header untrusted_hdr; struct file_header untrusted_hdr;
/* initialize checksum */ /* initialize checksum */
crc32_sum = 0; crc32_sum = 0;
@ -158,9 +156,6 @@ void do_unpack(int fd)
if (files_limit && total_files > files_limit) if (files_limit && total_files > files_limit)
do_exit(EDQUOT); do_exit(EDQUOT);
} }
send_status_and_crc(); send_status_and_crc(errno);
if (errno) return errno;
do_exit(errno);
else
do_exit(LEGAL_EOF);
} }

View File

@ -405,7 +405,7 @@ rm -rf $RPM_BUILD_ROOT
/usr/lib/qubes/meminfo-writer /usr/lib/qubes/meminfo-writer
/usr/lib/qubes/network-manager-prepare-conf-dir /usr/lib/qubes/network-manager-prepare-conf-dir
/usr/lib/qubes/qfile-agent /usr/lib/qubes/qfile-agent
/usr/lib/qubes/qfile-unpacker %attr(4755,root,root) /usr/lib/qubes/qfile-unpacker
/usr/lib/qubes/qopen-in-vm /usr/lib/qubes/qopen-in-vm
/usr/lib/qubes/qrexec_agent /usr/lib/qubes/qrexec_agent
/usr/lib/qubes/qrexec_client_vm /usr/lib/qubes/qrexec_client_vm