From b044b867e4516944584c11508e60b933c11beb43 Mon Sep 17 00:00:00 2001 From: Ali Mirjamali Date: Fri, 16 Aug 2024 23:53:00 +0330 Subject: [PATCH] Validate default_kernel global property on set fixes: https://github.com/QubesOS/qubes-issues/issues/8992 --- qubes/app.py | 10 ++++++++++ run-tests | 12 ++++++++++++ 2 files changed, 22 insertions(+) diff --git a/qubes/app.py b/qubes/app.py index 2a00355b7..2bf939dab 100644 --- a/qubes/app.py +++ b/qubes/app.py @@ -1593,3 +1593,13 @@ def on_property_set_default_dispvm(self, event, name, newvalue, # resetting dispvm to its default value vm.fire_event('property-reset:default_dispvm', name='default_dispvm', oldvalue=oldvalue) + + @qubes.events.handler('property-pre-set:default_kernel') + # pylint: disable-next=invalid-name + def on_property_pre_set_default_kernel(self, event, name, newvalue, + oldvalue=None): + # pylint: disable=unused-argument + kernels = [kernel.vid for kernel in self.pools['linux-kernel'].volumes] + if not newvalue in kernels: + raise qubes.exc.QubesException( + 'Invalid kernel: {} !'.format(newvalue)) diff --git a/run-tests b/run-tests index b0928686b..408cf5945 100755 --- a/run-tests +++ b/run-tests @@ -19,6 +19,13 @@ if sudo --non-interactive "$name/ci/lvm-manage" setup-lvm vg$$/pool; then CLEANUP_LVM=yes fi +CLEANUP_KERNEL_POOL= +if [ ! -d "/var/lib/qubes/vm-kernels" ]; then + sudo mkdir --parents /var/lib/qubes/vm-kernels/dummy + sudo mkdir --parents /var/lib/qubes/vm-kernels/1.0 + CLEANUP_KERNEL_POOL=yes +fi + : "${PYTHON:=python3}" : "${TESTPYTHONPATH:=test-packages}" @@ -32,6 +39,11 @@ export PYTHONPATH "${PYTHON}" setup.py egg_info --egg-base "${TESTPYTHONPATH}" "${PYTHON}" -m coverage run --rcfile=ci/coveragerc -m qubes.tests.run "$@" retcode=$? +if [ -n "$CLEANUP_KERNEL_POOL" ]; then + sudo rmdir /var/lib/qubes/vm-kernels/dummy + sudo rmdir /var/lib/qubes/vm-kernels/1.0 + sudo rmdir /var/lib/qubes/vm-kernels +fi if [ -n "$CLEANUP_LVM" ]; then sudo --non-interactive $(dirname "$0")/ci/lvm-manage cleanup-lvm "$DEFAULT_LVM_POOL" fi