Hi Andrew,
This looks pretty cool and I'm glad you decided to split your code into
two parts, so that the one with the stinkin' bluez code is kept outside
of dom0 :) You should definitely replace you "qvm-run -p" call with a
simple qrexec service -- in that case you would not need to constantly
poll for the magic state file changes in the VM, but instead write a
trivial script that would just receive the info in Dom0 when your
monitoring code sends something to it. You can read more about how to
write qrexec code e.g. here:
http://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html
As you write I think it would also be nice to have (perhaps as an
option) a somehow more robust BT device authentication mechanism. I
recall somebody on the list was trying to write support for token based
login authentication (so, a similar thing to your essentially: a program
in a select usbvm handles the token device, and sends the OTP password
to the dom0 via qrexec, the dom0 then pipes it to (perhaps)
gdm/screenlocker). It would be nice to combine those two efforts.
However, for using this to unlock the screenlocker in Dom0, the decision
should be made by Dom0, not by the monitor running in some AppVM. So,
just like written above, the monitor should only be sending out the OTP
password via qrexec to Dom0 process.
Of course various usual comments about coding style apply, such as:
don't hardcode e.g. appvm name in the code, adhere to our indent policy,
etc. Generally, please follow this:
http://wiki.qubes-os.org/trac/wiki/CodingStyle
Cheers,
joanna.