Disable HWP / HWPX conversion on MacOS M1 / Qubes

The HWP / HWPX conversion feature does not work on the following
platforms:

* MacOS with Apple Silicon CPU
* Native Qubes OS

For this reason, we need to:

1. Disable it on the GUI side, by not allowing the user to select these
   files.
2. Throw an error on the isolation provider side, in case the user
   directly attempts to convert the file (either through CLI or via
   "Open With").

Refs #494
Refs #498

CHANGELOG.md

@@ -14,6 +14,9 @@ since 0.4.1, and this project adheres to [Semantic Versioning](https://semver.or
 - Inform about new updates on MacOS/Windows platforms, by periodically checking
   our GitHub releases page ([issue #189](https://github.com/freedomofpress/dangerzone/issues/189))
 - Feature: Add support for HWP/HWPX files (Hancom Office) ([issue #243](https://github.com/freedomofpress/dangerzone/issues/243), thanks to [@OctopusET](https://github.com/OctopusET))
+  * **NOTE:** This feature is not yet supported on MacOS with Apple Silicon CPU
+    or Qubes OS ([issue #494](https://github.com/freedomofpress/dangerzone/issues/494),
+     [issue #498](https://github.com/freedomofpress/dangerzone/issues/498))
 - Allow users to change their document selection from the UI ([issue #428](https://github.com/freedomofpress/dangerzone/issues/428))
 - Add a note in our README for MacOS 11+ users blocked by SIP ([PR #401](https://github.com/freedomofpress/dangerzone/pull/401), thanks to [@keywordnew](https://github.com/keywordnew))
 - Platform support: Alpha integration with Qubes OS ([issue #411](https://github.com/freedomofpress/dangerzone/issues/411))

README.md

@@ -37,6 +37,9 @@ Dangerzone can convert these types of document into safe PDFs:
 - ODF Presentation (`.odp`)
 - ODF Graphics (`.odg`)
 - Hancom HWP (Hangul Word Processor) (`.hwp`, `.hwpx`)
+  * Not supported on
+    [MacOS with Apple Silicon CPU](https://github.com/freedomofpress/dangerzone/issues/498)
+    or [Qubes OS](https://github.com/freedomofpress/dangerzone/issues/494)
 - Jpeg (`.jpg`, `.jpeg`)
 - GIF (`.gif`)
 - PNG (`.png`)

dangerzone/conversion/doc_to_pixels.py

@@ -10,6 +10,7 @@ Here are the steps, with progress bar percentages:
 import asyncio
 import glob
 import os
+import platform
 import re
 import shutil
 import sys
@@ -17,7 +18,7 @@ from typing import Dict, Optional
 
 import magic
 
-from .common import DangerzoneConverter, run_command
+from .common import DangerzoneConverter, run_command, running_on_qubes
 
 
 class DocumentToPixels(DangerzoneConverter):
@@ -162,6 +163,19 @@ class DocumentToPixels(DangerzoneConverter):
             pdf_filename = "/tmp/input_file"
         elif conversion["type"] == "libreoffice":
             libreoffice_ext = conversion.get("libreoffice_ext", None)
+            # Disable conversion for HWP/HWPX on specific platforms. See:
+            #
+            #     https://github.com/freedomofpress/dangerzone/issues/494
+            #     https://github.com/freedomofpress/dangerzone/issues/498
+            if libreoffice_ext == "h2orestart.oxt" and platform.machine() in (
+                "arm64",
+                "aarch64",
+            ):
+                raise ValueError(
+                    "HWP / HWPX formats are not supported in ARM architectures"
+                )
+            if libreoffice_ext == "h2orestart.oxt" and running_on_qubes():
+                raise ValueError("HWP / HWPX formats are not supported in Qubes")
             if libreoffice_ext:
                 await self.install_libreoffice_ext(libreoffice_ext)
             self.update_progress("Converting to PDF using LibreOffice")

dangerzone/gui/main_window.py

@@ -24,7 +24,7 @@ from .. import errors
 from ..document import SAFE_EXTENSION, Document
 from ..isolation_provider.container import Container, NoContainerTechException
 from ..isolation_provider.dummy import Dummy
-from ..isolation_provider.qubes import Qubes
+from ..isolation_provider.qubes import Qubes, is_qubes_native_conversion
 from ..util import get_resource_path, get_subprocess_startupinfo, get_version
 from .logic import Alert, CollapsibleBox, DangerzoneGui, UpdateDialog
 from .updater import UpdateReport
@@ -551,9 +551,19 @@ class DocSelectionWidget(QtWidgets.QWidget):
         self.file_dialog = QtWidgets.QFileDialog()
         self.file_dialog.setWindowTitle("Open Documents")
         self.file_dialog.setFileMode(QtWidgets.QFileDialog.ExistingFiles)
+
+        # XXX: We disable loading HWP/HWPX files on Qubes or MacOS M1 platforms, because
+        # H2ORestart does not work there. See:
+        #
+        # https://github.com/freedomofpress/dangerzone/issues/494
+        # https://github.com/freedomofpress/dangerzone/issues/498
+        hwp_filters = "*.hwp *.hwpx"
+        if platform.machine() in ("arm64", "aarch64") or is_qubes_native_conversion():
+            hwp_filters = ""
+
         self.file_dialog.setNameFilters(
             [
-                "Documents (*.pdf *.docx *.doc *.docm *.xlsx *.xls *.pptx *.ppt *.odt *.odg *.odp *.ods *.hwp *.hwpx *.jpg *.jpeg *.gif *.png *.tif *.tiff)"
+                f"Documents (*.pdf *.docx *.doc *.docm *.xlsx *.xls *.pptx *.ppt *.odt *.odg *.odp *.ods {hwp_filters} *.jpg *.jpeg *.gif *.png *.tif *.tiff)"
             ]
         )
 

tests/test_cli.py

@@ -4,6 +4,7 @@ import base64
 import contextlib
 import copy
 import os
+import platform
 import re
 import shutil
 import sys
@@ -19,6 +20,7 @@ from strip_ansi import strip_ansi
 
 from dangerzone.cli import cli_main, display_banner
 from dangerzone.document import ARCHIVE_SUBDIR, SAFE_EXTENSION
+from dangerzone.isolation_provider.qubes import is_qubes_native_conversion
 
 from . import TestBase, for_each_doc, for_each_external_doc, sample_pdf
 
@@ -302,6 +304,8 @@ class TestCliConversion(TestCliBasic):
 class TestExtraFormats(TestCli):
     @for_each_external_doc("*hwp*")
     def test_hancom_office(self, doc: str) -> None:
+        if platform.machine() in ("arm64", "aarch64") or is_qubes_native_conversion():
+            pytest.skip("HWP / HWPX formats are not supported on this platform")
         with tempfile.NamedTemporaryFile("wb", delete=False) as decoded_doc:
             with open(doc, "rb") as encoded_doc:
                 decoded_doc.write(base64.b64decode(encoded_doc.read()))