package mirage-qubes
Library
Module
Module type
Parameter
Class
Class type
QubesOS qrexec agent protocol. See: https://www.qubes-os.org/doc/qrexec3/
module Client_flow : sig ... end
type handler = user:string -> string -> Flow.t -> int Lwt.t
A handler gets a command-line and a two-way connection to the requesting client each time the remote client sends a MSG_EXEC_CMDLINE request. The "exit code" from the handler is returned to the client.
type client =
[ `Ok of Client_flow.t | `Closed | `Permission_denied | `Error of string ] ->
unit Lwt.t
client
is a callback for unikernel-initiated qrexec calls. The callback is called exactly once, and is given either a flow if successful, `Closed
if the control channel has been closed, `Permission_denied
if dom0 says so, or an error.
val connect : domid:int -> unit -> t Lwt.t
connect ~domid ()
is a qrexec agent to which a client in domid
has connected. Internally, it creates a server endpoint and places the endpoint information in XenStore, then waits for a client to connect.
listen t handler
is a thread that reads incoming requests from t
and handles each one asynchronously with handler
. The loop ends if the client disconnects.
qrexec t ~vm ~service ~client
initiates a qrexec call to vm
's service service
, and calls client
with the result. If the control channel to dom0 is closed the result is `Closed
. Otherwise `Ok
is returned. Argument vm
must have length less than 32 while service
must have length less than 64. Otherwise Invalid_argument
is raised.
val disconnect : t -> unit Lwt.t
Close the underlying vchan. This will cause any listening thread to finish.