Document qubes.PostInstall service, `/etc/qubes/post-install.d`, qvm-features-request

[marmarek]

Document mechanism used by VMs (especially templates) to announce what "features" it support. This apply to things like:

• gui agent / seamless mode
• being updates proxy
• handling firewall rules set for VM by dom0 (qvm-firewall/qubes-firewall)
• having own clock synchronization mechanism (request dom0 to not send dom0 time to it)

This is about #1637

[marmarek]

@adrelanos can you list what dom0 changes you'd like for better privacy in Whonix VMs (both WS and GW)?

[adrelanos]

@adrelanos can you list what dom0 changes you'd like for better privacy in Whonix VMs (both WS and GW)?

That's a pretty broad question.

Generally, not just dom0:

• Whonix related tickets: https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+whonix+label%3A%22C%3A+Whonix%22
• privacy related tickets: https://github.com/QubesOS/qubes-issues/issues?q=is%3Aissue+is%3Aopen+whonix+label%3Aprivacy

dom0 specific:

• Disable speaker output for Whonix WS-based AppVMs by default - https://github.com/QubesOS/qubes-issues/issues/2724
• Whonix default VM settings fixes - salt management - https://github.com/QubesOS/qubes-issues/issues/1954
• clocksource issue - https://github.com/QubesOS/qubes-issues/issues/2044
• somehow sort out default VM screen resolution - https://github.com/QubesOS/qubes-issues/issues/1856
• Anti-Keystroke Fingerprinting - https://github.com/QubesOS/qubes-issues/issues/1850
• set random clock offset for Qubes-Whonix VMs using mgmt to prevent clock correlation attacks - https://phabricator.whonix.org/T440
• prevent dom0 telling Qubes-Whonix VMs the time by using the mgmt stack for that - https://phabricator.whonix.org/T397
• make sure Qubes-Whonix has no access to clocksource=xen - https://phabricator.whonix.org/T389
• forward randomness from /dev/random to VMs in Qubes - https://phabricator.whonix.org/T31
• enforce maximum system resources a virtual machine may use - https://phabricator.whonix.org/T12

---

• https://phabricator.whonix.org/T541
• (see also https://www.whonix.org/wiki/Advanced_Deanonymization_Attacks)

Block clflush and tsc instructions. Remove all timers. Avoid multi-threading VMs. Alternatively use non-interleaved NUMA with pinned vCPUs.

---

• https://phabricator.whonix.org/T539
• (see also https://www.whonix.org/wiki/Advanced_Deanonymization_Attacks)

Pin vCPUs to separate pCPUs. Block tsc instructions. Remove all timers.

[qubesos-bot]

Automated announcement from builder-github

The package qubes-core-dom0-4.0.33-1.fc25 has been pushed to the r4.0 testing repository for dom0. To test this update, please install it with the following command:

sudo qubes-dom0-update --enablerepo=qubes-dom0-current-testing

Changes included in this update

[qubesos-bot]

Automated announcement from builder-github

The package qubes-core-dom0-4.0.37-1.fc25 has been pushed to the r4.0 stable repository for dom0. To install this update, please use the standard update command:

sudo qubes-dom0-update

Or update dom0 via Qubes Manager.

Changes included in this update