From 22e07a786afac03723e6fa5a2f9e609603e7699f Mon Sep 17 00:00:00 2001 From: Ali Mirjamali Date: Fri, 16 Aug 2024 23:53:00 +0330 Subject: [PATCH] Validate default_kernel global property on set fixes: https://github.com/QubesOS/qubes-issues/issues/8992 --- qubes/app.py | 26 ++++++++++++++++++++++++++ run-tests | 16 ++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/qubes/app.py b/qubes/app.py index 2a00355b7..221853580 100644 --- a/qubes/app.py +++ b/qubes/app.py @@ -642,6 +642,25 @@ def _default_pool(app): return pool raise AttributeError('Cannot determine default storage pool') +def _validate_kernel(kernel): + if not kernel: + return + dirname = os.path.join( + qubes.config.qubes_base_dir, + qubes.config.system_path['qubes_kernels_base_dir'], + kernel) + if not os.path.exists(dirname): + raise qubes.exc.QubesPropertyValueError( + self, self.property_get_def(name), kernel, + 'Kernel {!r} not installed'.format( + newvalue)) + for filename in ('vmlinuz',): + if not os.path.exists(os.path.join(dirname, filename)): + raise qubes.exc.QubesPropertyValueError( + self, self.property_get_def(name), kernel, + 'Kernel {!r} not properly installed: ' + 'missing {!r} file'.format( + newvalue, kernel)) def _setter_pool(app, prop, value): if isinstance(value, qubes.storage.Pool): @@ -1593,3 +1612,10 @@ def on_property_set_default_dispvm(self, event, name, newvalue, # resetting dispvm to its default value vm.fire_event('property-reset:default_dispvm', name='default_dispvm', oldvalue=oldvalue) + + @qubes.events.handler('property-pre-set:default_kernel') + # pylint: disable-next=invalid-name + def on_property_pre_set_default_kernel(self, event, name, newvalue, + oldvalue=None): + # pylint: disable=unused-argument + _validate_kernel(newvalue) diff --git a/run-tests b/run-tests index b0928686b..fe3df92ce 100755 --- a/run-tests +++ b/run-tests @@ -19,6 +19,15 @@ if sudo --non-interactive "$name/ci/lvm-manage" setup-lvm vg$$/pool; then CLEANUP_LVM=yes fi +CLEANUP_KERNEL_POOL= +if [ ! -d "/var/lib/qubes/vm-kernels" ]; then + sudo mkdir --parents /var/lib/qubes/vm-kernels/dummy + sudo touch /var/lib/qubes/vm-kernels/dummy/vmlinuz + sudo mkdir --parents /var/lib/qubes/vm-kernels/1.0 + sudo touch /var/lib/qubes/vm-kernels/1.0/vmlinuz + CLEANUP_KERNEL_POOL=yes +fi + : "${PYTHON:=python3}" : "${TESTPYTHONPATH:=test-packages}" @@ -32,6 +41,13 @@ export PYTHONPATH "${PYTHON}" setup.py egg_info --egg-base "${TESTPYTHONPATH}" "${PYTHON}" -m coverage run --rcfile=ci/coveragerc -m qubes.tests.run "$@" retcode=$? +if [ -n "$CLEANUP_KERNEL_POOL" ]; then + sudo rm /var/lib/qubes/vm-kernels/dummy/vmlinuz + sudo rmdir /var/lib/qubes/vm-kernels/dummy + sudo rm /var/lib/qubes/vm-kernels/1.0/vmlinuz + sudo rmdir /var/lib/qubes/vm-kernels/1.0 + sudo rmdir /var/lib/qubes/vm-kernels +fi if [ -n "$CLEANUP_LVM" ]; then sudo --non-interactive $(dirname "$0")/ci/lvm-manage cleanup-lvm "$DEFAULT_LVM_POOL" fi