Provide an easy way for users to have an audio qube (for wired USB audio devices)

DemiMarie commented 1 year ago

The problem you're addressing (if any)

Users like @rapenne-s want to use USB audio devices. Using wireless audio is very risky, but using wired USB audio is quite safe if other devices passed to sys-usb are trusted. However, right now, making sys-usb an AudioVM requires either:

Patching some Salt states.
Making magic changes to system configuration.

The solution you'd like

Make it easy to enable and disable using sys-usb as an AudioVM.

The value to a user, and who that user might be

@rapenne-s (and others) won’t have to ask the Qubes developers why using USB passthrough for sound devices doesn’t work (#8495) because using sys-usb as AudioVM will work.

andrewdavidwong commented 8 months ago

Possible duplicate of #1590.

ben-grande commented 8 months ago

Make it easy to enable and disable using sys-usb as an AudioVM.

Tag sys-usb with audiovm (for Qrexec policy)
Enable sys-usb service audiovm
Install necessary packages in sys-usb template
Autostart in sys-usb the volumeicon and qvm-start-daemon programs, it may be needed to place it in disposable template if the qube is disposable
Change the audio client preference audiovm to sys-usb
Add dom0 qrexec policy that can have sys-usb as source of call or target with @tag:audiovm-sys-usb

I am doing this with Salt, not yet finished, what I am not doing is automatically switching the client audiovm preference, this still requires user intervention. I see the biggest problem is with the policy:

## Soundcard audio
admin.vm.List * sys-audio @tag:audiovm-sys-audio allow target=dom0
## USB audio
admin.vm.List * sys-usb @tag:audiovm-sys-usb allow target=dom0
## All types of audio
admin.vm.List * @tag:audiovm @adminvm allow target=dom0

Notice that for every new AudioVM, the same rules with different values have to be added to avoid an audiovm being able to now information about audio clients from other AudioVMs. It would be nice if Qrexec supported something like @self replacing it by the calling qube name:

admin.Events * @tag:audiovm @self allow target=dom0
admin.Events * @tag:audiovm @adminvm allow target=dom0
admin.Events * @tag:audiovm @tag:audiovm-@self allow target=dom0

I know the @self tag is a change to the Qrexec policy, but it is a change that would make the policy easier to manage for the audio use case, especially useful when the user has multiple USBVMs, they will have different names.

DemiMarie commented 8 months ago

@ben-grande I suggest filing a feature request for that.

QubesOS / qubes-issues