Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

qrexec messages should be chunked #19

Closed
reynir opened this issue Jan 5, 2018 · 5 comments
Closed

qrexec messages should be chunked #19

reynir opened this issue Jan 5, 2018 · 5 comments

Comments

@reynir
Copy link
Member

reynir commented Jan 5, 2018

I discovered that messages sent to a qrexec-client-vm were dropped if the message (without header I believe) was more than 4096 bytes long. I spoke with marmarek about this, and was told that longer messages should be split into chunks and sent separately. Furthermore, I was told that you should check if there was space to write before writing the header; otherwise a deadlock could occur because while waiting for more buffer space the other end would wait for the rest of the message. I haven't figured out how to do that in OCaml.

I intend to implement this myself, but I'm stuck and don't have much time lately.
@reynir reynir mentioned this issue Jan 5, 2018
Open
@talex5
Copy link
Collaborator

talex5 commented Jan 5, 2018

This is specifically for the qrexec protocol?

I guess you just need to check the length in
https://github.com/mirage/mirage-qubes/blob/master/lib/rExec.ml#L37
and split it if longer than 4096.

@reynir
Copy link
Member Author

reynir commented Jan 5, 2018

I'm not sure. The qrexec code rejecting longer messages is here. The MAX_DATA_CHUNK constant is defined here. When grepping for MAX_DATA_CHUNK in my local copy of all QubesOS repos I only get results for qrexec, so it could be it's qrexec specific.

Would that handle vchan buffer space? Here's how qrexec checks.

I could implement that as a first approximation at least, and then worry about checking space later.

@talex5
Copy link
Collaborator

talex5 commented Jan 5, 2018
edited
Loading

Well, their API is:

  • You provide an input stream and it copies some of the input to the vchan without blocking. It therefore cares about how much space is available. The caller has to detect when more space is available and call it again until all the data is sent.

Our API is:

  • You provide a string and it transmits all the data when space is available, returning a promise to indicate when it is complete.

It might be more efficient to chunk the data according to the free space, but I suspect it makes little difference.

@reynir
Copy link
Member Author

reynir commented Jan 6, 2018
edited
Loading

I've implemented a first approximation here https://github.com/reynir/mirage-qubes/tree/chunking. I'm not 100% what to do in case `Eof` is returned. The implementation returns Eof and drops any remaining data not sent yet.

I have tested it with reynir/qubes-mirage-ssh-agent#1 and I can now add 30 keys without a problem.

@talex5
Copy link
Collaborator

talex5 commented Jan 7, 2018

That looks right to me.

@reynir reynir mentioned this issue Jan 7, 2018
Merged
@reynir reynir closed this as completed Jan 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@reynir @talex5