Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement UUID support in qrexec #135

Merged
merged 1 commit into from
Oct 9, 2024
Merged

Implement UUID support in qrexec #135

merged 1 commit into from
Oct 9, 2024

Conversation

DemiMarie
Copy link
Contributor

@DemiMarie DemiMarie commented Jan 15, 2024
edited
Loading

Open questions:

  • How should dom0 be informed of the intended call target? Should it be SERVICE-NAME REMOTE-DOMAIN-NAME uuid UUID-OF-TARGET or SERVICE-NAME REMOTE-DOMAIN-NAME name @uuid:UUID-OF-TARGET?
  • Should the target be informed of the source VM’s UUID? This allows race-free “boomerang” calls, but requires an API change.
  • Probably more
    Fixes: Consider UUID syntax in qrexec policy qubes-issues#8510

@DemiMarie
Copy link
Contributor Author

PipelineRetryFailed

1 similar comment
@DemiMarie
Copy link
Contributor Author

PipelineRetryFailed

@marmarek
Copy link
Member 

* [ ]  Should the target be informed of the source VM’s UUID?  This allows race-free “boomerang” calls, but requires an API change.

Definitely not instead of the name, as most(?) services needs actually the source name (things like subdir in QubesIncoming, or split-gpg prompt). As for extra data, its usefulness would also be limited (generally, the source qube is running during the connection, and the name cannot be changed while qube is running). And adding extra info to the protocol would be an API change anyway so needs to wait for R4.3.

@DemiMarie
Copy link
Contributor Author

DemiMarie commented Feb 12, 2024
edited
Loading

This version is quite a bit simpler than I thought, but it has no fallback to the name if the UUID symlink is not present, and doesn’t set up the UUID symlink itself. Therefore, it does not work.

Would it be possible to use an environment variable @marmarek? That could help avoid circular dependencies during upgrade. Of course, an alternative is to use snapshots to make the entire upgrade atomic, which is probably a better solution as so many things can fail.

marmarek
marmarek requested changes Feb 12, 2024
View reviewed changes
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
@marmarek
Copy link
Member

Forcing updating core-admin and core-qrexec at the same time via dependency is okay. There is no need to handle new qubesd starting old qrexec-daemon. Since it isn't necessary, I'd prefer to simply use a command line parameter for UUID, which is much cleaner than giving name via cmdline and UUID via environment.
And also, it's qrexec-daemon who should maintain the UUID symlink, since it maintain the other symlink already (again - consistency).
What might be useful (mostly for testing, as actual release upgrade needs reboot anyway) is to keep working with already running old qrexec-daemon - which basically means a fallback to name-based symlink.

@DemiMarie DemiMarie marked this pull request as ready for review February 17, 2024 01:28
marmarek
marmarek requested changes Feb 19, 2024
View reviewed changes
daemon/qrexec-daemon.c Outdated Show resolved Hide resolved
qrexec/policy/parser.py Show resolved Hide resolved
daemon/qrexec-daemon.c Outdated Show resolved Hide resolved
daemon/qrexec-daemon.c Outdated Show resolved Hide resolved
@ben-grande ben-grande mentioned this pull request Mar 15, 2024
Closed
marmarek
marmarek reviewed Apr 16, 2024
View reviewed changes
daemon/qrexec-daemon.c Outdated Show resolved Hide resolved
@DemiMarie DemiMarie requested a review from marmarek April 19, 2024 19:49
marmarek
marmarek reviewed Apr 20, 2024
View reviewed changes
daemon/qrexec-daemon.c Outdated Show resolved Hide resolved
@DemiMarie DemiMarie force-pushed the uuid branch 2 times, most recently from 63b1172 to 1261d12 Compare July 28, 2024 02:33
marmarek
marmarek requested changes Jul 28, 2024
View reviewed changes
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
qrexec/policy/parser.py Outdated Show resolved Hide resolved
marmarek
marmarek requested changes Jul 30, 2024
View reviewed changes
Copy link
Member

@marmarek marmarek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In addition to previous not addressed comments:

qrexec/policy/parser.py Outdated Show resolved Hide resolved
@qubesos-bot qubesos-bot mentioned this pull request Jul 31, 2024
Merged
This was referenced Aug 11, 2024
Merged
Merged
@marmarek
Copy link
Member

pylint complains (minor thing)

@DemiMarie
Implement UUID support in qrexec
578de59 
This allows using UUIDs in qrexec policy, using the syntax uuid:VM_UUID.
This works anywhere a VM name is expected.  Since ':' is not allowed in
VM names, there is no ambiguity.  This requires the corresponding change
to qubes-core-admin so that qubesd supports UUIDs in the admin and
internal APIs.

Fixes: QubesOS/qubes-issues#8510
This was referenced Aug 21, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
This was referenced Sep 13, 2024
Merged
Merged
@marmarek marmarek merged commit 257c462 into QubesOS:main Oct 9, 2024
2 of 4 checks passed
@DemiMarie DemiMarie deleted the uuid branch October 14, 2024 01:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ben-grande ben-grande ben-grande left review comments

@marmarek marmarek marmarek approved these changes

Assignees
No one assigned
Labels
openqa-group-2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Consider UUID syntax in qrexec policy
4 participants
@DemiMarie @marmarek @qubesos-bot @ben-grande