Commit Graph

204 Commits

Author SHA1 Message Date
Vincent Penquerc'h
c171f47ba8 vm-file-editor: put temporary files in per domain subdirectories
This avoids the possibility that incoming files may match
an existing file in /tmp (whether from the target VM, or a
third VM that's also sent a file for editing), as well as
possible file leaks between domains.
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
9a4b1efa61 core-agent-linux: misc const/void fixups 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
214365e272 vm-file-editor: hide | in filename 2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
47c657b123 vm-file-editor: close output when done writing 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
81e9f967be vm-file-editor: do not overwite an existing file
Either a housekeeping file from that VM, or a similarly named
one being edited from a third VM.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
11b8f9be20 vm-file-editor: fix potential buffer overflow
If we're being sent something without a zero byte, we
could happily read off the end of the buffer. Interestingly,
the write part was checking for the max bound.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
c9a25b8915 vm-file-editor: fix incorrect time display
It's used only for display, and never parsed, but still.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
a4b3a0c955 qopen-in-vm: ensure we can't mistake a non empty file for an empty one
st_size is off_t, which may be larger than int.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128 qopen-in-vm: fix read overflow
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.

The other side expects a fixed size though, so pad with NULs.

Interestingly, the original code was not vulnerable as it was
callocing enough space.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f qopen-in-vm: close output when we're done writing to it 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
4823490e70 qfile-unpacker: some error checking 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
475421b2e2 core-agent-linux: misc const fixups 2014-01-06 17:57:40 +01:00
Marek Marczykowski-Górecki
a0f3ce9e93 Hide errors from qubes.WaitForSession
Especially "Killed" message, which is normal as 'sleep' is signalled with
SIGKILL once session is ready.
2013-12-15 05:36:43 +01:00
Marek Marczykowski-Górecki
6c3c3e717d tar2qfile: use lseek() to skip unwanted data if possible
When reading from file it is much faster.
2013-11-25 02:28:35 +01:00
Marek Marczykowski-Górecki
3c92cdba22 tar2qfile: use read_all() instead of read()
read() syscall do not guarantee to read as much data as requested. This
is especially important when reading from pipe - remote end can produce
data slower than we are reading them. Use read_all() helper to always
get requested amount of data.
2013-11-25 02:24:21 +01:00
Marek Marczykowski-Górecki
9b859c9ac5 qubes-rpc: save one syscall on each data block
read_all/write_all calls set_* on every call, so this can be
noticeable performance improvement.
2013-11-25 02:11:45 +01:00
Marek Marczykowski-Górecki
4010ddaab5 minor whitespace fix 2013-11-24 04:45:36 +01:00
Marek Marczykowski-Górecki
03923ae548 tar2qfile: disable debug messages 2013-11-24 04:45:14 +01:00
Marek Marczykowski-Górecki
dba3571883 tar2qfile: send EOF marker 2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
584df6986e tar2qfile: fix compile warnings 2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
52d696a0c3 tar2qfile: fix padding handling 2013-11-24 04:44:18 +01:00
Marek Marczykowski-Górecki
3c43f20d9e tar2qfile: terminate parsing when all requested files/dirs found
Assume that all the files of directory are in continuous block (which is
true in case of qvm-backup stream). This will allow to terminate before
getting to the file end - especially useful when only qubes.xml
requested.
2013-11-24 04:43:53 +01:00
Olivier MEDOC
42c40d399b restore: improve error handling 2013-11-23 02:48:50 +01:00
Olivier MEDOC
ae776521b0 tar2qfile: forgot to pass a parameter in tar_read function 2013-11-23 02:48:42 +01:00
Olivier MEDOC
8e853c752c tar2qfile: fixed a bug when file contained in tar is a multiple of 512 bytes 2013-11-23 02:48:42 +01:00
Olivier MEDOC
8a1f87d0ed tar2qfile: starting cleanup to get rid of the stat structure which is not required during conversion 2013-11-23 02:48:42 +01:00
Olivier MEDOC
91b84d863c tar2qfile: add filtering options to tar2qfile 2013-11-23 02:48:41 +01:00
Olivier MEDOC
fa6bb43c62 backup: Use paths sent from dom0 to filter files that should be extracted 2013-11-23 02:45:25 +01:00
Marek Marczykowski-Górecki
8f840e10dc vm-file-editor: add override for mimeinfo *.png entry (#753)
MIME-info database contains multiple entries for *.png, namely image/png
and image/x-apple-ios-png. The later one doesn't have associated handler
program, but this one is selected by mimeopen tool.

Not sure how this tool should behave in case of multiple matches (IOW is
it a bug in File::MimeInfo perl module used by mimeopen).  Instead of
switching to different tool, which probably will break other files
(check #423), add override for this particular file type.
2013-11-14 21:38:27 +01:00
Marek Marczykowski-Górecki
08a78d4c32 qvm-open-in-vm: fix path for URL wrapper 2013-11-14 21:37:16 +01:00
Marek Marczykowski-Górecki
1bd16d981c tar2qfile: ignore EDQUOT error from dom0
dom0 will use quota enforcement to extract only backup header, so this
is normal situation in this tool.
2013-11-09 19:04:24 +01:00
Marek Marczykowski-Górecki
af03425187 tar2qfile: fix compiler warnings
Actually one was real bug:
-				current = ustar_rd(fd, &hdr, &buf, &sb);
+				current = ustar_rd(fd, &hdr, buf, &sb);
The others was mostly invalid printf format string.
2013-11-09 19:02:53 +01:00
Marek Marczykowski-Górecki
639cb51414 Add qubes.{Backup,Restore} services, include them in rpm package 2013-11-09 19:01:57 +01:00
Marek Marczykowski-Górecki
6eaa30a96a qfile-utils: fix global variables declarations 2013-11-09 19:00:37 +01:00
Marek Marczykowski-Górecki
429211ade4 Restore qfile-agent compilation
Must be removed by mistake...
2013-11-09 18:58:46 +01:00
Marek Marczykowski-Górecki
d92cf0dffa Merge remote-tracking branch 'oliv/master' into new-backups 2013-11-09 00:16:39 +01:00
Marek Marczykowski-Górecki
c9eb50cbe4 suspend: empty default list of modules to unload
Now dom0 will initiate real suspend process in VMs with PCI devices, so
workaround with unloading modules no longer needed.
Additionally it looks like unloading ehci-pci causes suspend problems on
some hardware (C200 Series Chipset).
2013-10-24 04:13:27 +02:00
Marek Marczykowski-Górecki
8f2c8d5382 suspend: customizable modules blacklist 2013-10-23 04:34:47 +02:00
Marek Marczykowski-Górecki
503ff804a3 suspend: fix order of modules unload
ehci_hcd is used by ehci_pci, so can't be unloaded first.
2013-10-22 16:51:38 +02:00
Olivier MEDOC
d1559c5413 tar2qfile: send directories headers even if the tar file does not contain any directory headers 2013-10-21 16:02:16 +02:00
Olivier MEDOC
864118cf10 tar2qfile: multiples fixes to match the qfile format requirements 2013-10-10 08:54:44 +02:00
Olivier MEDOC
6938e68ee6 tar2qfile: improved error handling 2013-10-10 08:52:10 +02:00
Olivier MEDOC
fb2f6688e8 rpc: changed qfile agents to use qfile-utils.h 2013-10-10 08:46:57 +02:00
Olivier MEDOC
7efeb57ff2 rpc: moved most of the qfile-agent code to qfile-utils.h/.c 2013-10-10 08:36:24 +02:00
Olivier MEDOC
a05e21ee5f tar2qfile: improved to skip everything but regular files 2013-10-04 16:26:44 +02:00
Olivier MEDOC
c26d4b4d30 rpc: implemented new rpc helper tool 2013-10-04 14:36:00 +02:00
Marek Marczykowski-Górecki
1d41cb4c18 Add qubes.DetachPciDevice for live PCI detach (#708) 2013-09-01 01:28:07 +02:00
Marek Marczykowski-Górecki
c939cc049e qvm-copy-to-vm: show last processed filename on error 2013-08-15 01:23:28 +02:00
Marek Marczykowski-Górecki
3cfd7f57b4 qvm-copy-to-vm: implement --ignore-symlinks option
Can be useful when copying to VM which doesn't support symlinks (or user
doesn't have privilege to create it).
2013-08-14 22:12:46 +02:00
Marek Marczykowski
e54d35b8d1 suspend: Blacklist iwldvm
Some users reports that this module causes problems on resume. So unload
it before suspend and load again at resume.
2013-07-19 03:40:06 +02:00
Marek Marczykowski
6d18b0034b suspend: add ehci_pci to blacklisted modules
Recent kernels have ehci-hcd split into ehci-hcd and ehci-pci, so remove
both of them.
2013-07-19 03:37:12 +02:00
Marek Marczykowski
44fab139f4 Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:23:44 +01:00
Marek Marczykowski
09050236bc The Underscores Revolution: adjust qrexec path 2013-03-14 04:29:19 +01:00
Marek Marczykowski
7686fd5d92 The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00