How Qubes backend - frontend pairs are technically communicating?

ohault · December 21, 2023, 8:56pm

e.g. Are you using ring buffers ?

Can you please document this in the architectural part of the Qubes documentation and website ?

renehoj · December 21, 2023, 8:58pm

ohault · December 21, 2023, 9:14pm

Thank you.

As a suggestion, would it be possible to explicit introduce in a few lines Qrexec concept both on

because it’s really a key architectural concept?

Olivier

gonzalo-bulnes · December 21, 2023, 9:23pm

Welcome @ohault!

The documentation is written in the qubes-doc repository.

If you’re keen on adding those few lines, please do! (And if you paste the pull request link here, I’m happy to take a look at the change to help it through the review line.)

In general, if you find out that the change ends up larger than you’d initially thought, it may be worth opening an issue to discuss it with the team beforehand. All issues are centralized in the qubes-issues repository.

If you’re not familiar with GitHub but would like to update the docs, let me know and we can figure something out.

For additional context: @unman is currently assuming the documentatiom coordinator role. Small changes don’t usually require major coordination, but it may be useful to know nonetheless.

ohault · December 21, 2023, 9:45pm

Qrexec looks like to be about Commands between domains, I’m not sure this mechanism is in charge of dataflow between Qubes OS backend and frontend concepts ?

renehoj · December 21, 2023, 10:28pm

The low level protocol is vchan, but there isn’t a lot of documentation on vchan

You can take a look at https://www.qubes-os.org/doc/qrexec-internals/

and the mirage blog

https://mirage.io/blog/introducing-vchan
https://mirage.io/blog/update-on-vchan

This is probably closer to Xen then Qubes OS

gonzalo-bulnes · December 21, 2023, 10:33pm

Clarification question: are you after this kind of data flows?

qvm-copy relies on the qubes.FileCopy RPC that relies on qfile-unpacker:

github.com

QubesOS/qubes-core-agent-linux/blob/527c0bd529636372e36bb5333032e30c108cf4b0/qubes-rpc/qvm-copy#L103


      
              export FILECOPY_TOTAL_SIZE
          fi
          
          for path; do
              if [ ! -e "$path" ]; then
                  echo "File or directory not found: $path"
                  exit 1
              fi
          done
          
          /usr/lib/qubes/qrexec-client-vm --filter-escape-chars-stderr -- "$VM" qubes.Filecopy /usr/lib/qubes/qfile-agent "$@"
          
          if [ "$OPERATION_TYPE" = "move" ] ; then
              rm -rf -- "$@"
          fi

github.com

QubesOS/qubes-core-agent-linux/blob/527c0bd529636372e36bb5333032e30c108cf4b0/qubes-rpc/qubes.Filecopy#L6


      
          #!/bin/sh
          if [ -f /usr/lib/qubes/qvm_nautilus_bookmark.sh ]
          then
            /usr/lib/qubes/qvm_nautilus_bookmark.sh >/dev/null 2>&1 </dev/null
          fi
          exec /usr/lib/qubes/qfile-unpacker

github.com

QubesOS/qubes-core-agent-linux/blob/527c0bd529636372e36bb5333032e30c108cf4b0/qubes-rpc/qfile-unpacker.c

#define _GNU_SOURCE
#include <grp.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <pwd.h>
#include <sys/stat.h>
#include <sys/mount.h>
#include <sys/wait.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <sys/fsuid.h>
#include <gui-fatal.h>
#include <errno.h>
#include <libqubes-rpc-filecopy.h>

#define INCOMING_DIR_NAME "QubesIncoming"

char *prepare_creds_return_dir(int uid)

This file has been truncated. show original

ohault · December 21, 2023, 11:28pm

Ok thank you, perfectly clear with " This protocol uses shared memory for inter-domain communication, i.e. between two VMs residing in the same Xen host, and uses Xen’s mechanisms – more specifically, [ring buffers] and [event channels]"

It would be worth mentioning this on the main architecture page.

There is only one problem because since Odissey, the architecture is intended to be hypervisor agnostic.