Introduce RemoteVM class

Author: fepitre

qubes/api/admin.py

@@ -370,7 +370,11 @@ def _property_reset(self, dest):
     async def vm_volume_list(self):
         self.enforce(not self.arg)
 
-        volume_names = self.fire_event_for_filter(self.dest.volumes.keys())
+        volume_names = (
+            self.fire_event_for_filter(self.dest.volumes.keys())
+            if isinstance(self.dest, qubes.vm.qubesvm.QubesVM)
+            else []
+        )
         return "".join("{}\n".format(name) for name in volume_names)
 
     @qubes.api.method(
@@ -1262,7 +1266,8 @@ async def _vm_create(
         vm.tags.add("created-by-" + str(self.src))
 
         try:
-            await vm.create_on_disk(pool=pool, pools=pools)
+            if isinstance(vm, qubes.vm.qubesvm.QubesVM):
+                await vm.create_on_disk(pool=pool, pools=pools)
         except:
             del self.app.domains[vm]
             raise
@@ -1310,7 +1315,10 @@ async def vm_remove(self):
             if not self.dest.is_halted():
                 raise qubes.exc.QubesVMNotHaltedError(self.dest)
 
-            if self.dest.installed_by_rpm:
+            if (
+                isinstance(self.dest, qubes.vm.qubesvm.QubesVM)
+                and self.dest.installed_by_rpm
+            ):
                 raise qubes.exc.QubesVMInUseError(
                     self.dest,
                     "VM installed by package manager: " + self.dest.name,

qubes/app.py

@@ -503,15 +503,15 @@ def vms(self):
     def add(self, value, _enable_events=True):
         """Add VM to collection
 
-        :param qubes.vm.LocalVM value: VM to add
+        :param qubes.vm.BaseVM value: VM to add
         :param _enable_events:
         :raises TypeError: when value is of wrong type
         :raises ValueError: when there is already VM which has equal ``qid``
         """
 
         # this violates duck typing, but is needed
         # for VMProperty to function correctly
-        if not isinstance(value, qubes.vm.LocalVM):
+        if not isinstance(value, qubes.vm.BaseVM):
             raise TypeError(
                 "{} holds only LocalVM instances".format(
                     self.__class__.__name__
@@ -545,7 +545,7 @@ def __getitem__(self, key):
                     return vm
             raise KeyError(key)
 
-        if isinstance(key, qubes.vm.LocalVM):
+        if isinstance(key, qubes.vm.BaseVM):
             key = key.uuid
 
         if isinstance(key, uuid.UUID):
@@ -559,10 +559,11 @@ def __getitem__(self, key):
 
     def __delitem__(self, key):
         vm = self[key]
-        if not vm.is_halted():
+        if isinstance(vm, qubes.vm.qubesvm.QubesVM) and not vm.is_halted():
             raise qubes.exc.QubesVMNotHaltedError(vm)
         self.app.fire_event("domain-pre-delete", pre_event=True, vm=vm)
-        vm.libvirt_undefine()
+        if isinstance(vm, qubes.vm.qubesvm.QubesVM):
+            vm.libvirt_undefine()
         del self._dict[vm.qid]
         self.app.fire_event("domain-delete", vm=vm)
         if getattr(vm, "dispid", None):
@@ -1654,8 +1655,11 @@ def on_domain_pre_deleted(self, event, vm):
                             "see 'journalctl -u qubesd -e' in dom0 for "
                             "details".format(vm.name),
                         )
-
-        assignments = vm.get_provided_assignments()
+        self.log.critical(vm)
+        if isinstance(vm, qubes.vm.qubesvm.QubesVM):
+            assignments = vm.get_provided_assignments()
+        else:
+            assignments = []
         if assignments:
             desc = ", ".join(assignment.port_id for assignment in assignments)
             raise qubes.exc.QubesVMInUseError(

qubes/ext/block.py

@@ -31,10 +31,11 @@
 import qubes.device_protocol
 import qubes.devices
 import qubes.ext
+from qubes.devices import Port
 from qubes.ext import utils
 from qubes.storage import Storage
 from qubes.vm.qubesvm import QubesVM
-from qubes.devices import Port
+from qubes.vm.remotevm import RemoteVM
 
 name_re = re.compile(r"\A[a-z0-9-]{1,12}\Z")
 device_re = re.compile(r"\A[a-z0-9/-]{1,64}\Z")
@@ -346,7 +347,7 @@ def on_qdb_change(self, vm, event, path):
     def get_device_attachments(vm_):
         result = {}
         for vm in vm_.app.domains:
-            if not vm.is_running():
+            if not vm.is_running() or isinstance(vm, RemoteVM):
                 continue
 
             if vm.app.vmm.offline_mode:

qubes/tests/app.py

@@ -915,6 +915,38 @@ class MyTestHolder(qubes.tests.TestEmitter, qubes.PropertyHolder):
         self.assertNotIn("audiovm-sys-audio", appvm.tags)
         self.assertNotIn("audiovm-", appvm.tags)
 
+    def test_116_remotevm_add_and_remove(self):
+        remotevm1 = self.app.add_new_vm(
+            "RemoteVM", name="remote-vm1", label="blue"
+        )
+        remotevm2 = self.app.add_new_vm(
+            "RemoteVM", name="remote-vm2", label="gray"
+        )
+        qubesvm1 = self.app.add_new_vm(
+            "AppVM",
+            name="test-vm",
+            template=self.template,
+            label="red",
+        )
+
+        assert remotevm1 in self.app.domains
+        del self.app.domains["remote-vm1"]
+
+        self.assertCountEqual(
+            {d.name for d in self.app.domains},
+            {"dom0", "test-template", "test-vm", "remote-vm2"},
+        )
+
+    def test_117_remotevm_status(self):
+        remotevm1 = self.app.add_new_vm(
+            "RemoteVM", name="remote-vm1", label="blue"
+        )
+        assert [
+            remotevm1.get_power_state(),
+            remotevm1.get_cputime(),
+            remotevm1.get_mem(),
+        ] == ["Running", 0, 0]
+
     def test_200_remove_template(self):
         appvm = self.app.add_new_vm(
             "AppVM", name="test-vm", template=self.template, label="red"

qubes/vm/__init__.py

@@ -269,6 +269,21 @@ def __init__(self, app, xml, features=None, tags=None, **kwargs):
         if hasattr(self, "name"):
             self.init_log()
 
+        #: operations which shouldn't happen simultaneously with qube startup
+        #  (including another startup of the same qube)
+        self.startup_lock = asyncio.Lock()
+
+    def __str__(self):
+        return self.name
+
+    def __hash__(self):
+        return self.qid
+
+    def __lt__(self, other):
+        if not isinstance(other, qubes.vm.BaseVM):
+            return NotImplemented
+        return self.name < other.name
+
     @qubes.stateless_property
     def klass(self):
         """Domain class name"""
@@ -342,6 +357,13 @@ def __repr__(self):
             " ".join(proprepr),
         )
 
+    @qubes.events.handler("domain-init", "domain-load")
+    def on_domain_init_loaded(self, event):
+        # pylint: disable=unused-argument
+        if not hasattr(self, "uuid"):
+            # pylint: disable=attribute-defined-outside-init
+            self.uuid = uuid.uuid4()
+
 
 class LocalVM(BaseVM):
     """Base class for all local VMs
@@ -478,6 +500,8 @@ def get_provided_assignments(
         for domain in self.app.domains:
             if domain == self:
                 continue
+            if getattr(domain, "klass") == "RemoteVM":
+                continue
             for device_collection in domain.devices.values():
                 for assignment in device_collection.get_assigned_devices(
                     required_only

qubes/vm/qubesvm.py

@@ -1142,10 +1142,6 @@ def __init__(self, app, xml, volume_config=None, **kwargs):
 
         # will be initialized after loading all the properties
 
-        #: operations which shouldn't happen simultaneously with qube startup
-        #  (including another startup of the same qube)
-        self.startup_lock = asyncio.Lock()
-
         # fire hooks
         if xml is None:
             self.events_enabled = True
@@ -1159,15 +1155,11 @@ def close(self):
             self._libvirt_domain = None
         super().close()
 
-    def __hash__(self):
-        return self.qid
-
     def __lt__(self, other):
-        if not isinstance(other, qubes.vm.LocalVM):
-            return NotImplemented
         if isinstance(other, qubes.vm.adminvm.AdminVM):
             return False
-        return self.name < other.name
+        else:
+            return super().__lt__(other)
 
     def __xml__(self):
         # pylint: disable=no-member
@@ -1188,10 +1180,7 @@ def __xml__(self):
 
     @qubes.events.handler("domain-init", "domain-load")
     def on_domain_init_loaded(self, event):
-        # pylint: disable=unused-argument
-        if not hasattr(self, "uuid"):
-            # pylint: disable=attribute-defined-outside-init
-            self.uuid = uuid.uuid4()
+        super().on_domain_init_loaded(event)
 
         # Initialize VM image storage class;
         # it might be already initialized by a recursive call from a child VM

qubes/vm/remotevm.py

@@ -0,0 +1,74 @@
+# The Qubes OS Project, http://www.qubes-os.org
+#
+# Copyright (C) 2024 Frédéric Pierret (fepitre) <frederic@invisiblethingslab.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program. If not, see <https://www.gnu.org/licenses/>.
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+import asyncio
+import grp
+import subprocess
+import uuid
+
+import qubes
+import qubes.exc
+import qubes.vm
+from qubes.vm import BaseVM
+
+
+class RemoteVM(BaseVM):
+
+    def __init__(self, app, xml, **kwargs):
+        super().__init__(app, xml, **kwargs)
+        self.connected_relay_vm = None
+        if xml is None:
+            self.events_enabled = True
+        self.fire_event("domain-init")
+
+    def get_mem(self):
+        return 0
+
+    def get_mem_static_max(self):
+        return 0
+
+    def get_cputime(self):
+        return 0
+
+    @staticmethod
+    def is_running():
+        # fixme: handle power management option
+        return True
+
+    @staticmethod
+    def is_halted():
+        # fixme: handle power management option
+        return False
+
+    @staticmethod
+    def get_power_state():
+        # fixme: handle power management option
+        return "Running"
+
+    def start(self, **kwargs):
+        raise qubes.exc.QubesVMNotHaltedError(self, "Cannot start a RemoteVM.")
+
+    def suspend(self):
+        raise qubes.exc.QubesVMError(self, "Cannot suspend a RemoteVM.")
+
+    def shutdown(self):
+        raise qubes.exc.QubesVMError(self, "Cannot shutdown a RemoteVM.")
+
+    def kill(self):
+        raise qubes.exc.QubesVMError(self, "Cannot kill a RemoteVM.")

setup.py

@@ -58,6 +58,7 @@ def run(self):
                 'StandaloneVM = qubes.vm.standalonevm:StandaloneVM',
                 'AdminVM = qubes.vm.adminvm:AdminVM',
                 'DispVM = qubes.vm.dispvm:DispVM',
+                'RemoteVM = qubes.vm.remotevm:RemoteVM',
             ],
             'qubes.ext': [
                 'qubes.ext.admin = qubes.ext.admin:AdminExtension',