Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,121 Commits 1 Branch 0 Tags 34 MiB
923af1c94b
Commit Graph

80 Commits

Author SHA1 Message Date
Vincent Penquerc'h
b21ee1fc42 vm-file-editor: remove temporary file on exit 
This allows editing the same file more than once on the
same (non disposable) VM, as well as keeping /tmp from
ballooning indefinitely.
 2014-05-10 12:42:13 +02:00
Marek Marczykowski-Górecki
969122cf4f suspend: fix dbus-send invocation 2014-05-01 01:10:57 +02:00
Marek Marczykowski-Górecki
bd6ba19407 Enable compiler optimization. 2014-04-22 00:57:36 +02:00
Marek Marczykowski-Górecki
8018b9d3ee Fix compiler warnings. 
Mostly harmless cases of warn_unused_result.
 2014-04-22 00:56:52 +02:00
Marek Marczykowski-Górecki
fe64539789 Implement "Move to VM" action (#725) 2014-03-24 05:19:16 +01:00
Marek Marczykowski-Górecki
0d3ed747b4 suspend-prepare: call NM D-Bus interface directly 
nmcli doesn't seem to have stable API, especially "nmcli nm sleep"
doesn't work anymore in Fedora 20.
 2014-02-21 18:42:12 +01:00
Marek Marczykowski-Górecki
c632f0d067 Add -Wextra -Werror to all C code 2014-02-16 11:34:22 +01:00
Marek Marczykowski-Górecki
3cc9d0f329 Merge branch 'appicons' 
Conflicts:
	rpm_spec/core-vm.spec
 2014-02-07 05:50:07 +01:00
Marek Marczykowski-Górecki
c0c914faab Merge remote-tracking branch 'woju/master' into appicons 2014-02-07 05:48:18 +01:00
Marek Marczykowski-Górecki
75b1e24bab qubes-rpc, qrexec: register callbacks for qrexec-lib 
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
 2014-02-07 05:36:15 +01:00
Marek Marczykowski-Górecki
7953af970d backups: fix buffer overflow in tar2qfile 
Buffer for directory headers history was too small. This can be
exploitable by some attacker capable of controlling backup stream, but
it isn't any security problem. We don't assume this part of backup
system to be trusted, the attacker can at most prevent user from
restoring some data, but will neither gain access to them, or compromise
any other Qubes component. This is equivalent to bug in any other tool
used in backup vm (like FTP client) and the Qubes backup system is
designed specifically to minimize impact of such bugs.
 2014-02-05 15:16:42 +01:00
Wojciech Zygmunt Porczyk
27632a0b3b qubes.GetImageRGBA: bugfixes 
- when icon is not found in hicolor theme, search for in in other themes
- added -follow to find
 2014-02-04 00:36:30 +01:00
Marek Marczykowski-Górecki
39eca94200 backups: fix timestamp in backup filename (once again...) 2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
1e291bbdc6 backups: fix timestamp in backup filename (once again...) 2014-02-02 12:17:43 +01:00
Marek Marczykowski-Górecki
cac25cbe60 Merge remote-tracking branch 'woju/master' into appicons 
Conflicts:
	Makefile
	rpm_spec/core-vm.spec
 2014-01-31 02:12:06 +01:00
Wojciech Zygmunt Porczyk
453ab0f22c qubes.GetImageRGBA for appicons 2014-01-30 16:30:17 +01:00
Marek Marczykowski-Górecki
66ef7696ac backups: change data/time delimiter in filename according to ISO 8601 2014-01-15 04:33:18 +01:00
Marek Marczykowski-Górecki
2b80dfef17 backups: fix backup timestamp 2014-01-13 05:08:05 +01:00
Marek Marczykowski-Górecki
361ab0b266 qubes-rpc: introduce services for browsing VM filesystem 
For now used to select system backup inside of VM.
 2014-01-13 05:07:23 +01:00
Marek Marczykowski-Górecki
6e599567e0 tar2qfile: retry if lseek() returns EAGAIN 
... even though it shouldn't. Apparently it is happening. See #764
comments for details.
 2014-01-10 03:33:55 +01:00
Marek Marczykowski-Górecki
92aac6a92e Remove copy of ioall.c - use the one from linux-utils 2014-01-06 18:32:13 +01:00
Vincent Penquerc'h
df7c431d0b qfile-utils: do not write a random extra byte 
readlink(2) does not write a terminating NUL, and the read side
will already place a NUL after whatever it receives.
While it seems odd that this would be buggy (ie, synlinks on
the ohter side would be pointing to the wrong filename, though
I guess if we're lucky and the stack had a 0 byte at the right
place, symlink(2) would do what was expected), my reading of
the code tells me this patch is right. Needs testing to double
check.
 2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
960c85587f gui-fatal: fix message leak, since the dialog may not be fatal 2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
3e8c0372c2 gui-fatal: use fully qualified paths to kdialog/zenity 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
73adfc88e3 gui-fatal: add \n to message on stderr 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
393553c7bb vm-file-editor: #include <sys/time.h> for gettimeofday 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
c171f47ba8 vm-file-editor: put temporary files in per domain subdirectories 
This avoids the possibility that incoming files may match
an existing file in /tmp (whether from the target VM, or a
third VM that's also sent a file for editing), as well as
possible file leaks between domains.
 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
9a4b1efa61 core-agent-linux: misc const/void fixups 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
214365e272 vm-file-editor: hide | in filename 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
47c657b123 vm-file-editor: close output when done writing 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
81e9f967be vm-file-editor: do not overwite an existing file 
Either a housekeeping file from that VM, or a similarly named
one being edited from a third VM.
 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
11b8f9be20 vm-file-editor: fix potential buffer overflow 
If we're being sent something without a zero byte, we
could happily read off the end of the buffer. Interestingly,
the write part was checking for the max bound.
 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
c9a25b8915 vm-file-editor: fix incorrect time display 
It's used only for display, and never parsed, but still.
 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
a4b3a0c955 qopen-in-vm: ensure we can't mistake a non empty file for an empty one 
st_size is off_t, which may be larger than int.
 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128 qopen-in-vm: fix read overflow 
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.

The other side expects a fixed size though, so pad with NULs.

Interestingly, the original code was not vulnerable as it was
callocing enough space.
 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f qopen-in-vm: close output when we're done writing to it 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
4823490e70 qfile-unpacker: some error checking 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
475421b2e2 core-agent-linux: misc const fixups 2014-01-06 17:57:40 +01:00
Marek Marczykowski-Górecki
a0f3ce9e93 Hide errors from qubes.WaitForSession 
Especially "Killed" message, which is normal as 'sleep' is signalled with
SIGKILL once session is ready.
 2013-12-15 05:36:43 +01:00
Marek Marczykowski-Górecki
6c3c3e717d tar2qfile: use lseek() to skip unwanted data if possible 
When reading from file it is much faster.
 2013-11-25 02:28:35 +01:00
Marek Marczykowski-Górecki
3c92cdba22 tar2qfile: use read_all() instead of read() 
read() syscall do not guarantee to read as much data as requested. This
is especially important when reading from pipe - remote end can produce
data slower than we are reading them. Use read_all() helper to always
get requested amount of data.
 2013-11-25 02:24:21 +01:00
Marek Marczykowski-Górecki
9b859c9ac5 qubes-rpc: save one syscall on each data block 
read_all/write_all calls set_* on every call, so this can be
noticeable performance improvement.
 2013-11-25 02:11:45 +01:00
Marek Marczykowski-Górecki
4010ddaab5 minor whitespace fix 2013-11-24 04:45:36 +01:00
Marek Marczykowski-Górecki
03923ae548 tar2qfile: disable debug messages 2013-11-24 04:45:14 +01:00
Marek Marczykowski-Górecki
dba3571883 tar2qfile: send EOF marker 2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
584df6986e tar2qfile: fix compile warnings 2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
52d696a0c3 tar2qfile: fix padding handling 2013-11-24 04:44:18 +01:00
Marek Marczykowski-Górecki
3c43f20d9e tar2qfile: terminate parsing when all requested files/dirs found 
Assume that all the files of directory are in continuous block (which is
true in case of qvm-backup stream). This will allow to terminate before
getting to the file end - especially useful when only qubes.xml
requested.
 2013-11-24 04:43:53 +01:00
Olivier MEDOC
42c40d399b restore: improve error handling 2013-11-23 02:48:50 +01:00
Olivier MEDOC
ae776521b0 tar2qfile: forgot to pass a parameter in tar_read function 2013-11-23 02:48:42 +01:00