WIP: Introduce RelayVM property for RemoteVM

fepitre · fepitre · commit a1a84ccd9e5d · 2025-03-19T10:19:58.000+01:00
diff --git a/qubes/api/internal.py b/qubes/api/internal.py
@@ -49,6 +49,10 @@ class SystemInfoCache:
         "property-reset:icon",
         "property-set:guivm",
         "property-reset:guivm",
+        "property-set:relayvm",
+        "property-reset:relayvm",
+        "property-set:transport_rpc",
+        "property-reset:transport_rpc",
         # technically not changeable, but keep for consistency
         "property-set:uuid",
         "property-reset:uuid",
@@ -125,6 +129,16 @@ def get_system_info(cls, app):
                         if getattr(domain, "guivm", None)
                         else None
                     ),
+                    "relayvm": (
+                        domain.relayvm.name
+                        if getattr(domain, "relayvm", None)
+                        else None
+                    ),
+                    "transport_rpc": (
+                        domain.transport_rpc
+                        if getattr(domain, "transport_rpc", None)
+                        else None
+                    ),
                     "power_state": domain.get_power_state(),
                     "uuid": str(domain.uuid),
                 }
diff --git a/qubes/ext/relay.py b/qubes/ext/relay.py
@@ -0,0 +1,65 @@
+#
+# The Qubes OS Project, https://www.qubes-os.org/
+#
+# Copyright (C) 2024 Frédéric Pierret <frederic.pierret@qubes-os.org>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, see <https://www.gnu.org/licenses/>.
+#
+
+import qubes.ext
+import qubes.vm.remotevm
+
+
+class Relay(qubes.ext.Extension):
+    # pylint: disable=unused-argument
+    @qubes.ext.handler("domain-init", "domain-load")
+    def on_domain_init_load(self, vm, event):
+        if (
+            getattr(vm, "relayvm", None)
+            and "relayvm-" + vm.relayvm.name not in vm.tags
+        ):
+            self.on_property_set(vm, event, name="relayvm", newvalue=vm.relayvm)
+
+    @qubes.ext.handler("domain-start")
+    def on_domain_start(self, vm, event, **kwargs):
+        if not vm.untrusted_qdb:
+            return
+        for domain in vm.app.domains:
+            if getattr(domain, "relayvm", None) and domain.relayvm == vm:
+                vm.untrusted_qdb.write(
+                    f"/remote/{domain.name}", domain.remote_name or domain.name
+                )
+
+    @qubes.ext.handler("property-reset:relayvm", vm=qubes.vm.remotevm.RemoteVM)
+    def on_property_reset(self, subject, event, name, oldvalue=None):
+        newvalue = getattr(subject, "relayvm", None)
+        self.on_property_set(subject, event, name, newvalue, oldvalue)
+
+    @qubes.ext.handler("property-set:relayvm", vm=qubes.vm.remotevm.RemoteVM)
+    def on_property_set(self, subject, event, name, newvalue, oldvalue=None):
+        # Clean other 'relayvm-XXX' tags.
+        # qrexec-client-vm can connect to only one domain
+        tags_list = list(subject.tags)
+        for tag in tags_list:
+            if tag.startswith("relayvm-"):
+                subject.tags.remove(tag)
+
+        if newvalue:
+            relayvm_tag = "relayvm-" + newvalue.name
+            subject.tags.add(relayvm_tag)
+            if newvalue.untrusted_qdb:
+                remote_name = subject.remote_name or subject.name
+                newvalue.untrusted_qdb.write(
+                    f"/remote/{subject.name}", remote_name
+                )
diff --git a/qubes/tests/api_internal.py b/qubes/tests/api_internal.py
@@ -37,6 +37,8 @@ async def coro_f(*args, **kwargs):
 
 
 class TC_00_API_Misc(qubes.tests.QubesTestCase):
+    maxDiff = None
+
     def setUp(self):
         super().setUp()
         self.app = mock.NonCallableMock()
@@ -195,6 +197,8 @@ def test_010_get_system_info(self):
                     "icon": "icon-dom0",
                     "guivm": None,
                     "power_state": "Running",
+                    "relayvm": None,
+                    "transport_rpc": None,
                     "uuid": "00000000-0000-0000-0000-000000000000",
                 },
                 "vm": {
@@ -205,6 +209,8 @@ def test_010_get_system_info(self):
                     "icon": "icon-vm",
                     "guivm": "vm",
                     "power_state": "Halted",
+                    "relayvm": None,
+                    "transport_rpc": None,
                     "uuid": str(TEST_UUID),
                 },
             }
diff --git a/qubes/tests/app.py b/qubes/tests/app.py
@@ -21,6 +21,7 @@
 #
 
 import os
+import unittest
 import unittest.mock as mock
 
 import lxml.etree
@@ -35,6 +36,8 @@
 import logging
 import time
 
+from qubes.tests.vm.qubesvm import TestQubesDB
+
 
 class TestApp(qubes.tests.TestEmitter):
     pass
@@ -919,10 +922,8 @@ def test_116_remotevm_add_and_remove(self):
         remotevm1 = self.app.add_new_vm(
             "RemoteVM", name="remote-vm1", label="blue"
         )
-        remotevm2 = self.app.add_new_vm(
-            "RemoteVM", name="remote-vm2", label="gray"
-        )
-        qubesvm1 = self.app.add_new_vm(
+        self.app.add_new_vm("RemoteVM", name="remote-vm2", label="gray")
+        self.app.add_new_vm(
             "AppVM",
             name="test-vm",
             template=self.template,
@@ -947,6 +948,57 @@ def test_117_remotevm_status(self):
             remotevm1.get_mem(),
         ] == ["Running", 0, 0]
 
+    @unittest.mock.patch("qubes.vm.qubesvm.QubesVM.untrusted_qdb")
+    def test_118_remotevm_set_relayvm(self, mock_qubesdb):
+        class MyTestHolder(qubes.tests.TestEmitter, qubes.PropertyHolder):
+            relayvm = qubes.property("relayvm")
+            transport_rpc = qubes.property("transport_rpc")
+
+        localrelay = self.app.add_new_vm(
+            "AppVM",
+            name="local-relay",
+            template=self.template,
+            label="red",
+        )
+        # add QDB to localrelay
+        test_qubesdb = TestQubesDB()
+        mock_qubesdb.write.side_effect = test_qubesdb.write
+        mock_qubesdb.rm.side_effect = test_qubesdb.rm
+        localrelay.untrusted_qdb = test_qubesdb
+
+        remotevm = self.app.add_new_vm(
+            "RemoteVM", name="remote-vm", label="blue"
+        )
+        remotevm.remote_name = "myawesomevm"
+
+        holder = MyTestHolder(None)
+        holder.relayvm = "local-relay"
+        holder.transport_rpc = "qubesair.SSHProxy"
+        self.assertEqual(holder.relayvm, "local-relay")
+        self.assertEqual(holder.transport_rpc, "qubesair.SSHProxy")
+
+        self.assertEventFired(
+            holder,
+            "property-set:relayvm",
+            kwargs={"name": "relayvm", "newvalue": "local-relay"},
+        )
+
+        self.assertEventFired(
+            holder,
+            "property-set:transport_rpc",
+            kwargs={"name": "transport_rpc", "newvalue": "qubesair.SSHProxy"},
+        )
+
+        # Set RelayVM
+        remotevm.relayvm = localrelay
+        self.assertIn("relayvm-local-relay", remotevm.tags)
+
+        # Read QDB path
+        self.assertEqual(
+            localrelay.untrusted_qdb.read("/remote/remote-vm"),
+            remotevm.remote_name,
+        )
+
     def test_200_remove_template(self):
         appvm = self.app.add_new_vm(
             "AppVM", name="test-vm", template=self.template, label="red"
diff --git a/qubes/vm/remotevm.py b/qubes/vm/remotevm.py
@@ -1,6 +1,6 @@
 # The Qubes OS Project, http://www.qubes-os.org
 #
-# Copyright (C) 2024 Frédéric Pierret (fepitre) <frederic@invisiblethingslab.com>
+# Copyright (C) 2024 Frédéric Pierret <frederic@invisiblethingslab.com>
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -17,11 +17,6 @@
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-import asyncio
-import grp
-import subprocess
-import uuid
-
 import qubes
 import qubes.exc
 import qubes.vm
@@ -30,9 +25,31 @@
 
 class RemoteVM(BaseVM):
 
+    relayvm = qubes.VMProperty(
+        "relayvm",
+        load_stage=4,
+        allow_none=True,
+        default=None,
+        doc="Local qube used as relay.",
+    )
+
+    transport_rpc = qubes.property(
+        "transport_rpc",
+        type=str,
+        default=None,
+        doc="Transport RPC used by the relay.",
+    )
+
+    remote_name = qubes.property(
+        "remote_name",
+        type=str,
+        default=None,
+        doc="Name on the remote host.",
+    )
+
     def __init__(self, app, xml, **kwargs):
         super().__init__(app, xml, **kwargs)
-        self.connected_relay_vm = None
+
         if xml is None:
             self.events_enabled = True
         self.fire_event("domain-init")
diff --git a/rpm_spec/core-dom0.spec.in b/rpm_spec/core-dom0.spec.in
@@ -404,6 +404,7 @@ done
 %{python3_sitelib}/qubes/vm/appvm.py
 %{python3_sitelib}/qubes/vm/dispvm.py
 %{python3_sitelib}/qubes/vm/qubesvm.py
+%{python3_sitelib}/qubes/vm/remotevm.py
 %{python3_sitelib}/qubes/vm/standalonevm.py
 %{python3_sitelib}/qubes/vm/templatevm.py
 
@@ -447,6 +448,7 @@ done
 %{python3_sitelib}/qubes/ext/gui.py
 %{python3_sitelib}/qubes/ext/audio.py
 %{python3_sitelib}/qubes/ext/pci.py
+%{python3_sitelib}/qubes/ext/relay.py
 %{python3_sitelib}/qubes/ext/r3compatibility.py
 %{python3_sitelib}/qubes/ext/services.py
 %{python3_sitelib}/qubes/ext/supported_features.py
diff --git a/setup.py b/setup.py
@@ -62,19 +62,20 @@ def run(self):
             ],
             'qubes.ext': [
                 'qubes.ext.admin = qubes.ext.admin:AdminExtension',
+                'qubes.ext.audio = qubes.ext.audio:AUDIO',
                 'qubes.ext.backup_restore = '
                 'qubes.ext.backup_restore:BackupRestoreExtension',
+                'qubes.ext.block = qubes.ext.block:BlockDeviceExtension',
                 'qubes.ext.core_features = qubes.ext.core_features:CoreFeatures',
                 'qubes.ext.custom_persist = qubes.ext.custom_persist:CustomPersist',
                 'qubes.ext.gui = qubes.ext.gui:GUI',
-                'qubes.ext.audio = qubes.ext.audio:AUDIO',
-                'qubes.ext.r3compatibility = qubes.ext.r3compatibility:R3Compatibility',
                 'qubes.ext.pci = qubes.ext.pci:PCIDeviceExtension',
-                'qubes.ext.block = qubes.ext.block:BlockDeviceExtension',
+                'qubes.ext.r3compatibility = qubes.ext.r3compatibility:R3Compatibility',
+                'qubes.ext.relay = qubes.ext.relay:Relay',
                 'qubes.ext.services = qubes.ext.services:ServicesExtension',
                 'qubes.ext.supported_features = qubes.ext.supported_features:SupportedFeaturesExtension',
-                'qubes.ext.windows = qubes.ext.windows:WindowsFeatures',
                 'qubes.ext.vm_config = qubes.ext.vm_config:VMConfig',
+                'qubes.ext.windows = qubes.ext.windows:WindowsFeatures',
             ],
             'qubes.devices': [
                 'pci = qubes.ext.pci:PCIDevice',
