Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use QubesDB for knowing if mic is allowed or not #145

Merged
merged 2 commits into from
Aug 8, 2024
Merged

Use QubesDB for knowing if mic is allowed or not #145

merged 2 commits into from
Aug 8, 2024

Conversation

fepitre
Copy link
Member

@fepitre fepitre commented Jul 5, 2024
edited
Loading

Integration tests: QubesOS/qubes-core-admin#608

@fepitre fepitre force-pushed the qb-audio-input branch 2 times, most recently from 2cae4a0 to d6b1aea Compare July 5, 2024 14:48
@fepitre fepitre marked this pull request as ready for review July 8, 2024 11:56
marmarek
marmarek requested changes Jul 8, 2024
View reviewed changes
qubesguidaemon/mic.py Outdated Show resolved Hide resolved
This was referenced Jul 8, 2024
Merged
Merged
@qubesos-bot
Copy link

qubesos-bot commented Jul 8, 2024
edited
Loading

OpenQA test summary

Complete test suite and dependencies: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024080713-4.3&flavor=pull-requests

Test run included the following:

New failures, excluding unstable

Compared to: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2024070519-4.3&flavor=update

Failed tests

9 failures

  • system_tests_pvgrub_salt_storage

    • TC_41_HVMGrub_debian-12-xfce: test_000_standalone_vm (error)
      qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

    • TC_41_HVMGrub_debian-12-xfce: test_010_template_based_vm (error)
      qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

    • [unstable] TC_41_HVMGrub_fedora-40-xfce: test_000_standalone_vm (error)
      qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

    • TC_41_HVMGrub_fedora-40-xfce: test_010_template_based_vm (error)
      qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

  • system_tests_extra

    • [unstable] TC_00_QVCTest_debian-12-xfce: test_020_webcam (failure)
      self.assertEqual(len(img1), len(... AssertionError: 12441600 != 460800

    • TC_00_QVCTest_whonix-gateway-17: test_010_screenshare (failure)
      self.assertNotEqual(vm.run('test -e /dev/vid... AssertionError: 0 == 0

  • system_tests_usbproxy

  • system_tests_network_updates

Fixed failures

Compared to: https://openqa.qubes-os.org/tests/105374#dependencies

7 fixed

  • system_tests_splitgpg

  • system_tests_extra

    • TC_00_QVCTest_fedora-40-xfce: test_020_webcam (failure + cleanup)
      AssertionError: 'qubes-video-companion webcam' exited early (0): b'...

    • TC_00_QVCTest_whonix-gateway-17: test_020_webcam (failure + cleanup)
      AssertionError: 'qubes-video-companion webcam' exited early (0): b'...

    • TC_00_QVCTest_whonix-workstation-17: test_020_webcam (failure + cleanup)
      AssertionError: 'qubes-video-companion webcam' exited early (0): b'...

  • system_tests_usbproxy

  • system_tests_network_updates

    • TC_11_QvmTemplateMgmtVM_debian-12-xfce: test_000_template_list (failure)
      AssertionError: libvirt event impl drain timeout

Unstable tests

  • system_tests_audio@hw1

    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_226_audio_playback_pipewire (1/5 times with errors)
    • job 107016 AssertionError: too short audio, expected 10s, got 9.09077097505668...

  • system_tests_whonix@hw7

    whonix_torbrowser/ (1/5 times with errors)
    whonix_torbrowser/ (1/5 times with errors)
    whonix_torbrowser/Failed (1/5 times with errors)
    • job 108052 # Test died: no candidate needle with tag(s) 'tor-browser-ipcheck-o...

  • system_tests_suspend@hw1

    suspend/ (1/5 times with errors)
    suspend/Failed (1/5 times with errors)
    • job 107593 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
    suspend/wait_serial (1/5 times with errors)
    • job 107593 # wait_serial expected: qr/2E8vz-\d+-/...

  • system_tests_whonix

    whonix_torbrowser/ (1/5 times with errors)
    whonix_torbrowser/ (1/5 times with errors)
    whonix_torbrowser/Failed (1/5 times with errors)
    • job 108052 # Test died: no candidate needle with tag(s) 'tor-browser-ipcheck-o...

  • system_tests_suspend

    suspend/ (1/5 times with errors)
    suspend/Failed (1/5 times with errors)
    • job 107593 # Test died: no candidate needle with tag(s) 'xscreensaver-prompt' ...
    suspend/wait_serial (1/5 times with errors)
    • job 107593 # wait_serial expected: qr/2E8vz-\d+-/...

  • system_tests_pvgrub_salt_storage

    TC_41_HVMGrub_fedora-40-xfce/test_000_standalone_vm (4/5 times with errors)
    • job 105874 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 106585 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 107590 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...
    • job 108080 qubes.exc.QubesVMError: Cannot connect to qrexec agent for 120 seco...

  • system_tests_splitgpg

    TC_10_Thunderbird_whonix-workstation-17/test_020_send_receive_inline_with_attachment (2/5 times with errors)
    • job 105876 dogtail.tree.SearchError: descendent of [application | Thunderbird]...
    • job 106587 dogtail.tree.SearchError: descendent of [application | Thunderbird]...

  • system_tests_extra

    TC_00_QVCTest_debian-12-xfce/test_020_webcam (1/5 times with errors)
    • job 107031 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    TC_00_QVCTest_fedora-40-xfce/test_020_webcam (4/5 times with errors)
    • job 105868 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 106579 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 107031 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 108074 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    TC_00_QVCTest_whonix-gateway-17/test_020_webcam (5/5 times with errors)
    • job 105868 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 106579 self.assertNotEqual(vm.run('test -e /dev/vid... AssertionError: 0 == 0
    • job 107031 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 107584 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 108074 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    TC_00_QVCTest_whonix-workstation-17/test_020_webcam (3/5 times with errors)
    • job 105868 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...
    • job 106579 self.assertNotEqual(vm.run('test -e /dev/vid... AssertionError: 0 == 0
    • job 107031 AssertionError: 'qubes-video-companion webcam' exited early (0): b'...

  • system_tests_network_updates

    TC_10_QvmTemplate_whonix-gateway-17/test_010_template_install (1/5 times with errors)
    • job 105873 AssertionError: libvirt event impl drain timeout

  • system_tests_audio

    TC_20_AudioVM_PipeWire_whonix-workstation-17/test_226_audio_playback_pipewire (1/5 times with errors)
    • job 107016 AssertionError: too short audio, expected 10s, got 9.09077097505668...

  • system_tests_basic_vm_qrexec_gui_ext4

    TC_20_NonAudio_whonix-workstation-17-pool/test_115_qrexec_filecopy_no_agent (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_130_qrexec_filemove_disk_full (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_140_qrexec_filecopy_unsafe_name (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_141_qrexec_filecopy_unsafe_symlink (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_200_timezone (1/5 times with errors)
    TC_20_NonAudio_whonix-workstation-17-pool/test_210_time_sync (1/5 times with errors)
    TC_20_NonAudio_whonix-workstation-17-pool/test_250_resize_private_img (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...
    TC_20_NonAudio_whonix-workstation-17-pool/test_300_bug_1028_gui_memory_pinning (1/5 times with errors)
    • job 108693 libvirt.libvirtError: internal error: libxenlight failed to create ...

This was referenced Jul 8, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
marmarek
marmarek reviewed Jul 9, 2024
View reviewed changes
qubesguidaemon/mic.py Outdated Show resolved Hide resolved
@fepitre fepitre force-pushed the qb-audio-input branch 2 times, most recently from 8d9b603 to 0bf326e Compare July 9, 2024 13:36
@qubesos-bot qubesos-bot mentioned this pull request Jul 9, 2024
Merged
@marmarek
Copy link
Member

marmarek commented Jul 9, 2024

Unfortunately error message doesn't tell what value was there actually...

First test passed and only later one failed. I think it's about stale entry from previous VM startup. Remove it in domain-qdb-create event handler (it's part of domain startup).

@marmarek
Copy link
Member

marmarek commented Jul 9, 2024

And also this issue

@marmarek
Copy link
Member

marmarek commented Jul 9, 2024

This is the actual test. My guess is _configure_audio_recording doesn't handle recording with audiovm, it looks to call pactl only in dom0. common_audio_record_unmuted looks to also support only recording with dom0 as audiovm... It might be enough to prepend qvm-run -p ... to those commands in case of audiovm.

@fepitre
Copy link
Member Author

fepitre commented Jul 10, 2024

Unfortunately error message doesn't tell what value was there actually...

Yes, I thought it would be a bad idea to display it, I will adapt it.

@fepitre fepitre force-pushed the qb-audio-input branch 3 times, most recently from 4e58879 to 353cc16 Compare July 17, 2024 10:08
@fepitre fepitre force-pushed the qb-audio-input branch 5 times, most recently from b64f11f to 844ce83 Compare July 17, 2024 13:24
This was referenced Jul 17, 2024
Merged
Merged
Merged
Closed
@fepitre fepitre force-pushed the qb-audio-input branch 3 times, most recently from a093fb7 to 69c3ce8 Compare July 20, 2024 10:31
marmarek
marmarek requested changes Jul 20, 2024
View reviewed changes
pulse/pacat-simple-vchan.c Show resolved Hide resolved
pulse/pacat-simple-vchan.c Show resolved Hide resolved
@fepitre fepitre force-pushed the qb-audio-input branch 4 times, most recently from 65b1f19 to 088a717 Compare July 21, 2024 14:45
@marmarek
Copy link
Member

https://openqa.qubes-os.org/tests/107154#step/update_guivm/22

Jul 21 13:05:34 dom0 qubesd[1412]: unhandled exception while calling src=b'dom0' meth=b'admin.vm.Start' dest=b'sys-gui-vnc' arg=b'' len(untrusted_payload)=0
Jul 21 13:05:34 dom0 qubesd[1412]: Traceback (most recent call last):
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/api/__init__.py", line 291, in respond
Jul 21 13:05:34 dom0 qubesd[1412]:     response = await self.mgmt.execute(
Jul 21 13:05:34 dom0 qubesd[1412]:                ^^^^^^^^^^^^^^^^^^^^^^^^
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/api/admin.py", line 866, in vm_start
Jul 21 13:05:34 dom0 qubesd[1412]:     await self.dest.start()
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/vm/qubesvm.py", line 1277, in start
Jul 21 13:05:34 dom0 qubesd[1412]:     self.create_qdb_entries()
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/vm/qubesvm.py", line 2397, in create_qdb_entries
Jul 21 13:05:34 dom0 qubesd[1412]:     self.fire_event('domain-qdb-create')
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/events.py", line 195, in fire_event
Jul 21 13:05:34 dom0 qubesd[1412]:     sync_effects, async_effects = self._fire_event(event, kwargs,
Jul 21 13:05:34 dom0 qubesd[1412]:                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubes/events.py", line 164, in _fire_event
Jul 21 13:05:34 dom0 qubesd[1412]:     effect = func(self, event, **kwargs)
Jul 21 13:05:34 dom0 qubesd[1412]:              ^^^^^^^^^^^^^^^^^^^^^^^^^^^
Jul 21 13:05:34 dom0 qubesd[1412]:   File "/usr/lib/python3.11/site-packages/qubesguidaemon/mic.py", line 226, in on_domain_qdb_create
Jul 21 13:05:34 dom0 qubesd[1412]:     vm.audiovm.untrusted_qdb.rm("/audio-input-config/{}".format(vm.name))
Jul 21 13:05:34 dom0 qubesd[1412]:     ^^^^^^^^^^^^^^^^^^^^^^^^
Jul 21 13:05:34 dom0 qubesd[1412]: AttributeError: 'NoneType' object has no attribute 'untrusted_qdb'

Since it accesses vm.audiovm.untrusted_qdb, it needs to check if it's running, similar to other places.

This was referenced Jul 21, 2024
Merged
Merged
@fepitre
Use QubesDB to authorize usage of mic and retrieve its status
c6acd17 
/audio-input-config/<qube> set authorization of mic by <qube>

/audio-input/<qubes> gives daemon status if mic is enabled

/audio-input-request/<qubes> notifies that an application requests mic
This was referenced Jul 24, 2024
Merged
Merged
Merged
Merged
@qubesos-bot qubesos-bot mentioned this pull request Jul 31, 2024
Merged
@marmarek marmarek merged commit cb98818 into QubesOS:main Aug 8, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marmarek marmarek marmarek approved these changes

Assignees
No one assigned
Labels
openqa-pending
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fepitre @qubesos-bot @marmarek