From: Eric Blake <eblake@redhat.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com, famz@redhat.com, armbru@redhat.com,
wenchaoqemu@gmail.com, lcapitulino@redhat.com
Subject: [Qemu-devel] [PATCH v5 23/28] qapi: More rigorous checking for type safety bypass
Date: Tue, 24 Mar 2015 14:03:48 -0600 [thread overview]
Message-ID: <1427227433-5030-24-git-send-email-eblake@redhat.com> (raw)
In-Reply-To: <1427227433-5030-1-git-send-email-eblake@redhat.com>
Now that we have a way to validate every type, we can also be
stricter about enforcing that callers that want to bypass
type safety in generated code. Prior to this patch, it didn't
matter what value was associated with the key 'gen', but it
looked odd that 'gen':'yes' could result in bypassing the
generated code. These changes also enforce the changes made
earlier in the series for documentation and consolidation of
using '**' as the wildcard type, as well as 'gen':false as the
canonical spelling for requesting type bypass.
Signed-off-by: Eric Blake <eblake@redhat.com>
---
scripts/qapi.py | 23 ++++++++++++++++++-----
tests/qapi-schema/type-bypass-bad-gen.err | 1 +
tests/qapi-schema/type-bypass-bad-gen.exit | 2 +-
tests/qapi-schema/type-bypass-bad-gen.json | 2 +-
tests/qapi-schema/type-bypass-bad-gen.out | 3 ---
tests/qapi-schema/type-bypass-no-gen.err | 1 +
tests/qapi-schema/type-bypass-no-gen.exit | 2 +-
tests/qapi-schema/type-bypass-no-gen.json | 2 +-
tests/qapi-schema/type-bypass-no-gen.out | 3 ---
9 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/scripts/qapi.py b/scripts/qapi.py
index 9421431..800e8e4 100644
--- a/scripts/qapi.py
+++ b/scripts/qapi.py
@@ -321,13 +321,14 @@ def check_name(expr_info, source, name, allow_optional = False):
"%s uses invalid name '%s'" % (source, name))
def check_type(expr_info, source, data, allow_array = False,
- allowed_metas = [], allow_dict = True, allow_optional = False):
+ allowed_metas = [], allow_dict = True, allow_optional = False,
+ allow_star = False):
global all_names
if data is None:
return
- if data == '**':
+ if allow_star and data == '**':
return
# Check if array type for data is okay
@@ -343,6 +344,10 @@ def check_type(expr_info, source, data, allow_array = False,
# Check if type name for data is okay
if isinstance(data, str):
+ if data == '**':
+ raise QAPIExprError(expr_info,
+ "%s uses '**' but did not request 'gen':false"
+ % source)
if not data in all_names:
raise QAPIExprError(expr_info,
"%s uses unknown type '%s'"
@@ -367,19 +372,23 @@ def check_type(expr_info, source, data, allow_array = False,
allow_array=True,
allowed_metas=['built-in', 'union', 'alternate', 'struct',
'enum'],
- allow_dict=True, allow_optional=True)
+ allow_dict=True, allow_optional=True, allow_star=allow_star)
def check_command(expr, expr_info):
name = expr['command']
+ allow_star = expr.has_key('gen')
+
check_type(expr_info, "'data' for command '%s'" % name,
expr.get('data'),
- allowed_metas=['union', 'struct'], allow_optional=True)
+ allowed_metas=['union', 'struct'], allow_optional=True,
+ allow_star=allow_star)
returns_meta = ['union', 'struct']
if name in returns_whitelist:
returns_meta += ['built-in', 'alternate', 'enum']
check_type(expr_info, "'returns' for command '%s'" % name,
expr.get('returns'), allow_array=True,
- allowed_metas=returns_meta, allow_optional=True)
+ allowed_metas=returns_meta, allow_optional=True,
+ allow_star=allow_star)
def check_event(expr, expr_info):
global events
@@ -574,6 +583,10 @@ def check_keys(expr_elem, meta, required, optional=[]):
raise QAPIExprError(info,
"%s '%s' has unknown key '%s'"
% (meta, name, key))
+ if (key == 'gen' or key == 'success-response') and value != False:
+ raise QAPIExprError(info,
+ "'%s' of %s '%s' should only use false value"
+ % (key, meta, name))
for key in required:
if not expr.has_key(key):
raise QAPIExprError(info,
diff --git a/tests/qapi-schema/type-bypass-bad-gen.err b/tests/qapi-schema/type-bypass-bad-gen.err
index e69de29..a83c3c6 100644
--- a/tests/qapi-schema/type-bypass-bad-gen.err
+++ b/tests/qapi-schema/type-bypass-bad-gen.err
@@ -0,0 +1 @@
+tests/qapi-schema/type-bypass-bad-gen.json:2: 'gen' of command 'foo' should only use false value
diff --git a/tests/qapi-schema/type-bypass-bad-gen.exit b/tests/qapi-schema/type-bypass-bad-gen.exit
index 573541a..d00491f 100644
--- a/tests/qapi-schema/type-bypass-bad-gen.exit
+++ b/tests/qapi-schema/type-bypass-bad-gen.exit
@@ -1 +1 @@
-0
+1
diff --git a/tests/qapi-schema/type-bypass-bad-gen.json b/tests/qapi-schema/type-bypass-bad-gen.json
index bb70bee..e8dec34 100644
--- a/tests/qapi-schema/type-bypass-bad-gen.json
+++ b/tests/qapi-schema/type-bypass-bad-gen.json
@@ -1,2 +1,2 @@
-# FIXME: 'gen' should only appear with value false
+# 'gen' should only appear with value false
{ 'command': 'foo', 'gen': 'whatever' }
diff --git a/tests/qapi-schema/type-bypass-bad-gen.out b/tests/qapi-schema/type-bypass-bad-gen.out
index e678f2c..e69de29 100644
--- a/tests/qapi-schema/type-bypass-bad-gen.out
+++ b/tests/qapi-schema/type-bypass-bad-gen.out
@@ -1,3 +0,0 @@
-[OrderedDict([('command', 'foo'), ('gen', 'whatever')])]
-[]
-[]
diff --git a/tests/qapi-schema/type-bypass-no-gen.err b/tests/qapi-schema/type-bypass-no-gen.err
index e69de29..20cef0a 100644
--- a/tests/qapi-schema/type-bypass-no-gen.err
+++ b/tests/qapi-schema/type-bypass-no-gen.err
@@ -0,0 +1 @@
+tests/qapi-schema/type-bypass-no-gen.json:2: Member 'arg' of 'data' for command 'unsafe' uses '**' but did not request 'gen':false
diff --git a/tests/qapi-schema/type-bypass-no-gen.exit b/tests/qapi-schema/type-bypass-no-gen.exit
index 573541a..d00491f 100644
--- a/tests/qapi-schema/type-bypass-no-gen.exit
+++ b/tests/qapi-schema/type-bypass-no-gen.exit
@@ -1 +1 @@
-0
+1
diff --git a/tests/qapi-schema/type-bypass-no-gen.json b/tests/qapi-schema/type-bypass-no-gen.json
index af87c19..49b5742 100644
--- a/tests/qapi-schema/type-bypass-no-gen.json
+++ b/tests/qapi-schema/type-bypass-no-gen.json
@@ -1,2 +1,2 @@
-# FIXME: type bypass should only work with 'gen':false
+# type bypass only works with 'gen':'no'
{ 'command': 'unsafe', 'data': { 'arg': '**' }, 'returns': '**' }
diff --git a/tests/qapi-schema/type-bypass-no-gen.out b/tests/qapi-schema/type-bypass-no-gen.out
index 8b2a9ac..e69de29 100644
--- a/tests/qapi-schema/type-bypass-no-gen.out
+++ b/tests/qapi-schema/type-bypass-no-gen.out
@@ -1,3 +0,0 @@
-[OrderedDict([('command', 'unsafe'), ('data', OrderedDict([('arg', '**')])), ('returns', '**')])]
-[]
-[]
--
2.1.0
next prev parent reply other threads:[~2015-03-24 20:04 UTC|newest]
Thread overview: 124+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-24 20:03 [Qemu-devel] [PATCH v5 00/28] drop qapi nested structs Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 01/28] qapi: Document type-safety considerations Eric Blake
2015-03-25 18:31 ` Markus Armbruster
2015-03-25 20:11 ` Eric Blake
2015-03-25 21:15 ` Eric Blake
2015-03-26 9:09 ` Markus Armbruster
2015-03-26 7:52 ` Markus Armbruster
2015-03-30 15:23 ` Eric Blake
2015-03-26 8:09 ` Markus Armbruster
2015-03-31 15:09 ` Kevin Wolf
2015-03-31 17:07 ` Eric Blake
2015-03-31 17:15 ` Kevin Wolf
2015-04-01 15:29 ` Markus Armbruster
2015-04-01 15:36 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 02/28] qapi: Fix generation of 'size' builtin type Eric Blake
2015-03-26 9:52 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 03/28] qapi: Require ASCII in schema Eric Blake
2015-03-24 20:33 ` Eric Blake
2015-03-26 9:54 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 04/28] qapi: Add some enum tests Eric Blake
2015-03-26 10:01 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 05/28] qapi: Better error messages for bad enums Eric Blake
2015-03-26 10:08 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 06/28] qapi: Add some union tests Eric Blake
2015-03-26 13:18 ` Markus Armbruster
2015-03-26 15:04 ` Eric Blake
2015-03-27 12:30 ` Markus Armbruster
2015-03-27 19:47 ` Eric Blake
2015-03-31 17:13 ` Kevin Wolf
2015-03-31 18:15 ` Eric Blake
2015-03-31 18:31 ` Eric Blake
2015-03-31 18:34 ` Kevin Wolf
2015-03-31 20:46 ` Markus Armbruster
2015-04-01 8:23 ` Kevin Wolf
2015-04-01 9:14 ` Markus Armbruster
2015-03-26 13:23 ` Markus Armbruster
2015-03-26 13:51 ` Eric Blake
2015-03-26 15:58 ` Markus Armbruster
2015-03-30 22:45 ` Eric Blake
2015-03-31 23:40 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 07/28] qapi: Simplify tests of simple unions Eric Blake
2015-03-26 13:41 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 08/28] qapi: Better error messages for bad unions Eric Blake
2015-03-24 20:38 ` Eric Blake
2015-03-26 14:20 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 09/28] qapi: Prepare for catching more semantic parse errors Eric Blake
2015-03-26 14:22 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 10/28] qapi: Segregate anonymous unions into alternates in generator Eric Blake
2015-03-26 14:47 ` Markus Armbruster
2015-03-26 15:26 ` Eric Blake
2015-03-27 12:32 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 11/28] qapi: Rename anonymous union type in test Eric Blake
2015-03-26 14:55 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 12/28] qapi: Introduce 'alternate' to replace anonymous union Eric Blake
2015-03-24 20:41 ` Eric Blake
2015-03-26 15:42 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 13/28] qapi: Add some expr tests Eric Blake
2015-03-26 15:55 ` Markus Armbruster
2015-03-26 19:02 ` Eric Blake
2015-03-27 12:38 ` Markus Armbruster
2015-03-27 19:39 ` Eric Blake
2015-03-29 8:27 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 14/28] qapi: Better error messages for bad expressions Eric Blake
2015-03-26 16:27 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 15/28] qapi: Add tests of redefined expressions Eric Blake
2015-03-26 17:05 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 16/28] qapi: Better error messages for duplicated expressions Eric Blake
2015-03-26 17:21 ` Markus Armbruster
2015-03-27 7:52 ` Markus Armbruster
2015-03-27 19:53 ` Eric Blake
2015-03-29 8:38 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 17/28] qapi: Allow true, false and null in schema json Eric Blake
2015-03-26 17:32 ` Markus Armbruster
2015-03-31 15:23 ` Kevin Wolf
2015-03-31 20:09 ` Markus Armbruster
2015-04-01 8:31 ` Kevin Wolf
2015-04-01 9:33 ` Markus Armbruster
2015-04-01 9:58 ` Kevin Wolf
2015-04-01 11:03 ` Markus Armbruster
2015-04-01 11:17 ` Kevin Wolf
2015-04-01 14:51 ` Markus Armbruster
2015-04-01 12:17 ` Eric Blake
2015-04-01 14:55 ` Markus Armbruster
2015-04-01 15:43 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 18/28] qapi: Unify type bypass and add tests Eric Blake
2015-03-26 17:38 ` Markus Armbruster
2015-03-26 19:05 ` Eric Blake
2015-03-27 12:40 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 19/28] qapi: Add some type check tests Eric Blake
2015-03-26 17:58 ` Markus Armbruster
2015-03-26 19:07 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 20/28] qapi: More rigourous checking of types Eric Blake
2015-03-27 8:23 ` Markus Armbruster
2015-03-27 20:03 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 21/28] qapi: Require valid names Eric Blake
2015-03-27 8:48 ` Markus Armbruster
2015-03-27 20:15 ` Eric Blake
2015-03-29 10:17 ` Markus Armbruster
2015-03-29 14:23 ` Markus Armbruster
2015-03-27 17:14 ` Markus Armbruster
2015-03-27 20:17 ` Eric Blake
2015-03-29 9:06 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 22/28] qapi: Whitelist commands that don't return dictionary Eric Blake
2015-03-27 9:11 ` Markus Armbruster
2015-03-27 20:20 ` Eric Blake
2015-03-27 16:19 ` Markus Armbruster
2015-03-27 20:29 ` Eric Blake
2015-03-29 10:22 ` Markus Armbruster
2015-03-24 20:03 ` Eric Blake [this message]
2015-03-27 9:45 ` [Qemu-devel] [PATCH v5 23/28] qapi: More rigorous checking for type safety bypass Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 24/28] qapi: Merge UserDefTwo and UserDefNested in tests Eric Blake
2015-03-27 9:52 ` Markus Armbruster
2015-03-27 20:30 ` Eric Blake
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 25/28] qapi: Drop tests for inline nested structs Eric Blake
2015-03-27 10:30 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 26/28] qapi: Drop inline nested type in query-version Eric Blake
2015-03-27 10:34 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 27/28] qapi: Drop inline nested types in query-pci Eric Blake
2015-03-27 10:37 ` Markus Armbruster
2015-03-24 20:03 ` [Qemu-devel] [PATCH v5 28/28] qapi: Drop support for inline nested types Eric Blake
2015-03-27 10:45 ` Markus Armbruster
2015-03-27 12:50 ` [Qemu-devel] [PATCH v5 00/28] drop qapi nested structs Markus Armbruster
2015-03-29 16:03 ` Markus Armbruster
2015-03-31 4:30 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1427227433-5030-24-git-send-email-eblake@redhat.com \
--to=eblake@redhat.com \
--cc=armbru@redhat.com \
--cc=famz@redhat.com \
--cc=kwolf@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=wenchaoqemu@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.