Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement connection timeout on the VM-side of qrexec #8476

Closed
marmarek opened this issue Sep 1, 2023 · 11 comments · Fixed by QubesOS/qubes-core-qrexec#124
Closed

Implement connection timeout on the VM-side of qrexec #8476

marmarek opened this issue Sep 1, 2023 · 11 comments · Fixed by QubesOS/qubes-core-qrexec#124
Labels
C: core P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. pr submitted A pull request has been submitted for this issue. r4.2-host-stable r4.2-vm-bookworm-stable r4.2-vm-bullseye-stable r4.2-vm-centos-stream8-stable r4.2-vm-fc37-stable r4.2-vm-fc38-stable
Milestone
Release 4.2

Comments

@marmarek
Copy link
Member

marmarek commented Sep 1, 2023

How to file a helpful issue

The problem you're addressing (if any)

If remote VM fails to establish (already allowed by the policy) connection, the local side (qrexec-client-vm) will wait indefinitely. Similarly, if the calling side (qrexec-client-vm) do not finish connection setup (gets killed early? or maybe the whole VM goes down?), there will be a process waiting on the remote side (either qrexec-fork-server child, or qrexec-agent child).

There is built-in handling for remote domain dying, but due to XSA-115 fix it stopped working. While restoring this functionality is a matter of a simple configuration, it doesn't cover all the cases, so it isn't enough.

The solution you'd like

Implement connection timeout, similar to what qrexec-client in dom0 has.

The value to a user, and who that user might be

Less long-lasting issues even if something goes wrong for a short time.
@marmarek marmarek added T: enhancement P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. labels Sep 1, 2023
@marmarek
Copy link
Member Author

marmarek commented Sep 2, 2023

This will make #5343 much less severe. Recover will involve just waiting few seconds.

marmarek added a commit to marmarek/qubes-core-qrexec that referenced this issue Sep 2, 2023
@marmarek
Add connection timeout on the VM side too
2f6ff36 
If remote VM fails to establish (already allowed by the policy)
connection, the local side (qrexec-client-vm) will wait indefinitely.
Similarly, if the calling side (qrexec-client-vm) do not finish
connection setup (gets killed early? or maybe the whole VM goes down?),
there will be a process waiting on the remote side (either
qrexec-fork-server child, or qrexec-agent child).

Solve this issue by adding connection timeout similar to what
qrexec-client (in dom0) does. Since both libvchan_server_init() and
libvchan_client_init() are involved, add new function that can handle
both.

This code is shared between qrexec-client-vm and qrexec-fork-server, so
both are covered.

Fixes QubesOS/qubes-issues#8476
@marmarek marmarek mentioned this issue Sep 2, 2023
Merged
Closed
@andrewdavidwong andrewdavidwong added the pr submitted A pull request has been submitted for this issue. label Sep 2, 2023
@andrewdavidwong andrewdavidwong added this to the Release 4.2 milestone Sep 2, 2023
@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing bullseye-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 testing repository for the Debian template.
To test this update, first enable the testing repository in /etc/apt/sources.list.d/qubes-*.list by uncommenting the line containing bookworm-testing (or appropriate equivalent for your template version), then use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 testing repository for the CentOS centos-stream8 template.
To test this update, please install it with the following command:

sudo yum update --enablerepo=qubes-vm-r4.2-current-testing

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The component core-qrexec (including package core-qrexec) has been pushed to the r4.2 testing repository for the Fedora template.
To test this update, please install it with the following command:

sudo dnf update --enablerepo=qubes-vm-r4.2-current-testing

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The component core-qrexec (including package core-qrexec) has been pushed to the r4.2 testing repository for the Fedora template.
To test this update, please install it with the following command:

sudo dnf update --enablerepo=qubes-vm-r4.2-current-testing

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 stable repository for the CentOS centos-stream8 template.
To install this update, please use the standard update command:

sudo yum update

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 stable repository for the Debian template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The package core-qrexec has been pushed to the r4.2 stable repository for the Debian template.
To install this update, please use the standard update command:

sudo apt-get update && sudo apt-get dist-upgrade

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The component core-qrexec (including package core-qrexec) has been pushed to the r4.2 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo dnf update

Changes included in this update

@qubesos-bot
Copy link

Automated announcement from builder-github

The component core-qrexec (including package core-qrexec) has been pushed to the r4.2 stable repository for the Fedora template.
To install this update, please use the standard update command:

sudo dnf update

Changes included in this update

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: core P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. pr submitted A pull request has been submitted for this issue. r4.2-host-stable r4.2-vm-bookworm-stable r4.2-vm-bullseye-stable r4.2-vm-centos-stream8-stable r4.2-vm-fc37-stable r4.2-vm-fc38-stable
Projects
None yet
Milestone
Release 4.2
Development

Successfully merging a pull request may close this issue.

Add connection timeout on the VM side too marmarek/qubes-core-qrexec
3 participants
@marmarek @andrewdavidwong @qubesos-bot