* [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
@ 2016-08-15 14:22 Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 01/11] qdict: implement a qdict_crumple method for un-flattening a dict Daniel P. Berrange
` (12 more replies)
0 siblings, 13 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
This is a followup of previously posted work in 2.6 cycle:
v1: https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg04618.html
v2: https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg01454.html
v3: https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg02498.html
v4: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01661.html
v5: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00485.html
v6: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg03876.html
v7: https://lists.gnu.org/archive/html/qemu-devel/2016-07/msg00919.html
v8: https://lists.gnu.org/archive/html/qemu-devel/2016-07/msg03115.html
Many years ago I was responsible for adding the 'qemu_acl' type
and associated HMP commands. Looking back at it now, it is quite
a poor facility with a couple of bad limitations. First, the
responsibility for creating the ACLs was left with the QEMU network
service (VNC server was only thing ever doing it). This meant you
could not share ACLs across multiple services. Second, there was
no way to populate ACLs on the command line, you had no choice but
to use the HMP commands. Third, the API was hardcoded around the
idea of an in-QEMU implementation, leaving no scope for plugging
in alternative implementations backed by, for example, LDAP or PAM.
This series introduces a much better authorization API design
to QEMU that addresses all these problems, and maintains back
compatibility. It of course is based on the QOM framework, so
that immediately gives us ability to create objects via the
CLI, HMP or QMP. There is an abstract base clss "QAuthZ" which
defines the basic API for QEMU network services to use, and a
specific implementation "QAuthZ" simple which replicates the
functionality of 'qemu_acl'. It is thus possible to add other
impls, without changing any other part of QEMU in the future.
Finally, the user is responsible for creating the ACL objects,
so they can have one ACL associated with all their TLS enabled
network services.
There was only one small problem with this, specifically the
-object CLI arg and HMP 'object_add' command had no way to let
the user specify non-scalar properties for objects. eg if an
object had a property which is a list of structs, you are out
of luck if you want to create it without using QMP.
hus the first six patches do some work around QAPI / QOM
to make it possible to specify non-scalar properties with
the -object CLI arg and HMP 'object_add' command. See the
respective patches for illustration of the syntax used. Some
of Max's recent block patches also depend on the qdict_crumple
method in patch 1.
The patches 7 and 8 introduce the new base class and simple
implementation.
Patch 9 kills the old qemu_acl code, updating any existing
callers of it to use the QAuthZSimple QOM class instead.
Patch 10 introduces a more flexible authorization impl that
delegates to PAM, allowing dynamic configuration to use
fancy stuff like LDAP for authorization.
Previously there were further patches adding ACL support for
chardevs, migration, nbd, etc. These will be posted later
once this core code is merged, so they can flow via the
respective maintainer's trees
Changed in v10:
- Fixed stupid build mistake
Changed in v9:
- Rename QmpInputVisitor -> QObjectInputVisitor (Markus/Eric)
- Rename QmpOutputVisitor -> QObjectOutputVisitor (Markus/Eric)
- Drop "strict" param from qobject_string_visitor_new() (Marus)
- Misc docs typos
- Add a visitor able to use strict or string types (for Eric's
netdev series)
- Add a authorization API implementation that uses PAM
Changed in v8:
- Rebase due to merge of Visitor API changes (Eric)
Changed in v7:
- Misc typos in API docs (Marc-André)
- Fix parsing of properties using type_size visitor (Marc-André)
- Mark based auth class as abstract (Marc-André)
- Fix QAPI version annotations to say 2.7 (Marc-André)
Changed in v6:
- Switch from while() to for() loop for iterating over
- Avoid redundant strdup (Markus)
- Rewrap comments at 70 chars (Markus)
- Change qdict_list_size() to qdict_is_list() (Markus)
- Misc docs changes (Markus)
- Change QmpInputVisitor so the code for handling the
string types is separate from code using native
scalar types (Paolo)
- Centralize code parsing bool strings (Markus)
- Centralize code parsing int strings (Markus)
Changed in v5:
- Resolved conflicts with Eric's visitor refactoring which
made it stricter about struct begin/end calls
- Added support for ACLs to migration code now its TLS
support is merged.
- Fixed typos in example in commit message
Changed in v4:
- Ensure examples use shell escaping for '*' (Eric)
- Add more tests for crumple impl (Eric)
- Raise error if sasl-acl/tls-acl are requested but
sasl/tls auth are not enabled (Eric)
- Document return codes for auth check more clearly (Eric)
- Don't silently turn a glob match into a strcmp
- Other misc small typos/fixes (Eric)
Changed in v3:
- Created separate qdict_list_size method (Max)
- Added unit tests for case of empty dict (Max)
- Fix variable names to use underscore separator (Max)
- Fix potential free of uninitialized variables (Max)
- Use QObject APIs for casts, instead of C type casts (Max)
Changed in v2:
- Adapt to changes in qapi visitor APIs
- Add a 'bool recursive' flag to qdict_crumple (Max)
- Fix memory leaks in qdict_crumple (Max)
- Split out key splitting code from qdict_crumple (Max)
- Use saner variable names in qdict_crumple (Max)
- Added some tests for bad inputs to qdict_crumple
Daniel P. Berrange (11):
qdict: implement a qdict_crumple method for un-flattening a dict
option: make parse_option_bool/number non-static
qapi: rename QmpInputVisitor to QObjectInputVisitor
qapi: rename QmpOutputVisitor to QObjectOutputVisitor
qapi: add a QmpInputVisitor that does string conversion
qom: support arbitrary non-scalar properties with -object
util: add QAuthZ object as an authorization base class
util: add QAuthZSimple object type for a simple access control list
acl: delete existing ACL implementation
util: add QAuthZPAM object type for authorizing using PAM
qmp: add support for mixed typed input visitor
MAINTAINERS | 7 +
Makefile | 9 +-
Makefile.objs | 2 +
Makefile.target | 2 +
block/qapi.c | 4 +-
blockdev.c | 4 +-
configure | 36 ++
crypto/tlssession.c | 28 +-
docs/qapi-code-gen.txt | 4 +-
hmp.c | 16 +-
include/qapi/qmp-input-visitor.h | 30 -
include/qapi/qmp/qdict.h | 1 +
include/qapi/qobject-input-visitor.h | 85 +++
...p-output-visitor.h => qobject-output-visitor.h} | 10 +-
include/qemu/acl.h | 66 ---
include/qemu/authz-pam.h | 98 ++++
include/qemu/authz-simple.h | 115 ++++
include/qemu/authz.h | 89 +++
include/qemu/option.h | 4 +
include/qom/object_interfaces.h | 10 +-
monitor.c | 184 ++++--
qapi-schema.json | 6 +-
qapi/Makefile.objs | 4 +-
qapi/opts-visitor.c | 19 +-
qapi/qapi-clone-visitor.c | 2 +-
qapi/qmp-input-visitor.c | 412 --------------
qapi/qmp-output-visitor.c | 256 ---------
qapi/qobject-input-visitor.c | 624 +++++++++++++++++++++
qapi/qobject-output-visitor.c | 254 +++++++++
qapi/util.json | 47 ++
qemu-img.c | 8 +-
qmp.c | 6 +-
qobject/qdict.c | 283 ++++++++++
qom/object_interfaces.c | 47 +-
qom/qom-qobject.c | 8 +-
scripts/qapi-commands.py | 8 +-
scripts/qapi-event.py | 4 +-
tests/.gitignore | 7 +-
tests/Makefile.include | 25 +-
tests/check-qdict.c | 241 ++++++++
tests/check-qnull.c | 8 +-
tests/check-qom-proplist.c | 314 ++++++++++-
tests/test-authz-simple.c | 172 ++++++
tests/test-crypto-tlssession.c | 15 +-
tests/test-io-channel-tls.c | 16 +-
tests/test-qmp-commands.c | 4 +-
...-input-strict.c => test-qobject-input-strict.c} | 4 +-
...nput-visitor.c => test-qobject-input-visitor.c} | 154 ++++-
...put-visitor.c => test-qobject-output-visitor.c} | 4 +-
tests/test-string-input-visitor.c | 2 +-
tests/test-string-output-visitor.c | 2 +-
tests/test-visitor-serialization.c | 8 +-
ui/vnc-auth-sasl.c | 2 +-
ui/vnc-auth-sasl.h | 4 +-
ui/vnc.c | 11 +-
util/Makefile.objs | 7 +-
util/acl.c | 179 ------
util/authz-pam.c | 148 +++++
util/authz-simple.c | 314 +++++++++++
util/authz.c | 47 ++
util/qemu-option.c | 27 +-
util/qemu-sockets.c | 4 +-
62 files changed, 3354 insertions(+), 1157 deletions(-)
delete mode 100644 include/qapi/qmp-input-visitor.h
create mode 100644 include/qapi/qobject-input-visitor.h
rename include/qapi/{qmp-output-visitor.h => qobject-output-visitor.h} (66%)
delete mode 100644 include/qemu/acl.h
create mode 100644 include/qemu/authz-pam.h
create mode 100644 include/qemu/authz-simple.h
create mode 100644 include/qemu/authz.h
delete mode 100644 qapi/qmp-input-visitor.c
delete mode 100644 qapi/qmp-output-visitor.c
create mode 100644 qapi/qobject-input-visitor.c
create mode 100644 qapi/qobject-output-visitor.c
create mode 100644 qapi/util.json
create mode 100644 tests/test-authz-simple.c
rename tests/{test-qmp-input-strict.c => test-qobject-input-strict.c} (99%)
rename tests/{test-qmp-input-visitor.c => test-qobject-input-visitor.c} (86%)
rename tests/{test-qmp-output-visitor.c => test-qobject-output-visitor.c} (99%)
delete mode 100644 util/acl.c
create mode 100644 util/authz-pam.c
create mode 100644 util/authz-simple.c
create mode 100644 util/authz.c
--
2.7.4
^ permalink raw reply [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 01/11] qdict: implement a qdict_crumple method for un-flattening a dict
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 02/11] option: make parse_option_bool/number non-static Daniel P. Berrange
` (11 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The qdict_flatten() method will take a dict whose elements are
further nested dicts/lists and flatten them by concatenating
keys.
The qdict_crumple() method aims to do the reverse, taking a flat
qdict, and turning it into a set of nested dicts/lists. It will
apply nesting based on the key name, with a '.' indicating a
new level in the hierarchy. If the keys in the nested structure
are all numeric, it will create a list, otherwise it will create
a dict.
If the keys are a mixture of numeric and non-numeric, or the
numeric keys are not in strictly ascending order, an error will
be reported.
As an example, a flat dict containing
{
'foo.0.bar': 'one',
'foo.0.wizz': '1',
'foo.1.bar': 'two',
'foo.1.wizz': '2'
}
will get turned into a dict with one element 'foo' whose
value is a list. The list elements will each in turn be
dicts.
{
'foo': [
{ 'bar': 'one', 'wizz': '1' },
{ 'bar': 'two', 'wizz': '2' }
],
}
If the key is intended to contain a literal '.', then it must
be escaped as '..'. ie a flat dict
{
'foo..bar': 'wizz',
'bar.foo..bar': 'eek',
'bar.hello': 'world'
}
Will end up as
{
'foo.bar': 'wizz',
'bar': {
'foo.bar': 'eek',
'hello': 'world'
}
}
The intent of this function is that it allows a set of QemuOpts
to be turned into a nested data structure that mirrors the nesting
used when the same object is defined over QMP.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
include/qapi/qmp/qdict.h | 1 +
qobject/qdict.c | 283 +++++++++++++++++++++++++++++++++++++++++++++++
tests/check-qdict.c | 241 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 525 insertions(+)
diff --git a/include/qapi/qmp/qdict.h b/include/qapi/qmp/qdict.h
index 71b8eb0..8a3ac13 100644
--- a/include/qapi/qmp/qdict.h
+++ b/include/qapi/qmp/qdict.h
@@ -73,6 +73,7 @@ void qdict_flatten(QDict *qdict);
void qdict_extract_subqdict(QDict *src, QDict **dst, const char *start);
void qdict_array_split(QDict *src, QList **dst);
int qdict_array_entries(QDict *src, const char *subqdict);
+QObject *qdict_crumple(QDict *src, bool recursive, Error **errp);
void qdict_join(QDict *dest, QDict *src, bool overwrite);
diff --git a/qobject/qdict.c b/qobject/qdict.c
index 60f158c..a075eb1 100644
--- a/qobject/qdict.c
+++ b/qobject/qdict.c
@@ -17,6 +17,7 @@
#include "qapi/qmp/qbool.h"
#include "qapi/qmp/qstring.h"
#include "qapi/qmp/qobject.h"
+#include "qapi/error.h"
#include "qemu/queue.h"
#include "qemu-common.h"
#include "qemu/cutils.h"
@@ -683,6 +684,288 @@ void qdict_array_split(QDict *src, QList **dst)
}
}
+
+/**
+ * qdict_split_flat_key:
+ * @key: the key string to split
+ * @prefix: non-NULL pointer to hold extracted prefix
+ * @suffix: non-NULL pointer to remaining suffix
+ *
+ * Given a flattened key such as 'foo.0.bar', split it into two parts
+ * at the first '.' separator. Allows double dot ('..') to escape the
+ * normal separator.
+ *
+ * eg
+ * 'foo.0.bar' -> prefix='foo' and suffix='0.bar'
+ * 'foo..0.bar' -> prefix='foo.0' and suffix='bar'
+ *
+ * The '..' sequence will be unescaped in the returned 'prefix'
+ * string. The 'suffix' string will be left in escaped format, so it
+ * can be fed back into the qdict_split_flat_key() key as the input
+ * later.
+ *
+ * The caller is responsible for freeing the string returned in @prefix
+ * using g_free().
+ */
+static void qdict_split_flat_key(const char *key, char **prefix,
+ const char **suffix)
+{
+ const char *separator;
+ size_t i, j;
+
+ /* Find first '.' separator, but if there is a pair '..'
+ * that acts as an escape, so skip over '..' */
+ separator = NULL;
+ do {
+ if (separator) {
+ separator += 2;
+ } else {
+ separator = key;
+ }
+ separator = strchr(separator, '.');
+ } while (separator && separator[1] == '.');
+
+ if (separator) {
+ *prefix = g_strndup(key,
+ separator - key);
+ *suffix = separator + 1;
+ } else {
+ *prefix = g_strdup(key);
+ *suffix = NULL;
+ }
+
+ /* Unescape the '..' sequence into '.' */
+ for (i = 0, j = 0; (*prefix)[i] != '\0'; i++, j++) {
+ if ((*prefix)[i] == '.') {
+ assert((*prefix)[i + 1] == '.');
+ i++;
+ }
+ (*prefix)[j] = (*prefix)[i];
+ }
+ (*prefix)[j] = '\0';
+}
+
+
+/**
+ * qdict_is_list:
+ * @maybe_list: dict to check if keys represent list elements.
+ *
+ * Determine whether all keys in @maybe_list are valid list elements.
+ * If @maybe_list is non-zero in length and all the keys look like
+ * valid list indexes, this will return 1. If @maybe_list is zero
+ * length or all keys are non-numeric then it will return 0 to indicate
+ * it is a normal qdict. If there is a mix of numeric and non-numeric
+ * keys, or the list indexes are non-contiguous, an error is reported.
+ *
+ * Returns: 1 if a valid list, 0 if a dict, -1 on error
+ */
+static int qdict_is_list(QDict *maybe_list, Error **errp)
+{
+ const QDictEntry *ent;
+ ssize_t len = 0;
+ ssize_t max = -1;
+ int is_list = -1;
+ int64_t val;
+
+ for (ent = qdict_first(maybe_list); ent != NULL;
+ ent = qdict_next(maybe_list, ent)) {
+
+ if (qemu_strtoll(ent->key, NULL, 10, &val) == 0) {
+ if (is_list == -1) {
+ is_list = 1;
+ } else if (!is_list) {
+ error_setg(errp,
+ "Cannot crumple a dictionary with a mix of list "
+ "and non-list keys");
+ return -1;
+ }
+ len++;
+ if (val > max) {
+ max = val;
+ }
+ } else {
+ if (is_list == -1) {
+ is_list = 0;
+ } else if (is_list) {
+ error_setg(errp,
+ "Cannot crumple a dictionary with a mix of list "
+ "and non-list keys");
+ return -1;
+ }
+ }
+ }
+
+ if (is_list == -1) {
+ assert(!qdict_size(maybe_list));
+ is_list = 0;
+ }
+
+ if (len != (max + 1)) {
+ error_setg(errp, "List indexes are not contiguous, "
+ "saw %zd elements but %zd largest index",
+ len, max);
+ return -1;
+ }
+
+ return is_list;
+}
+
+/**
+ * qdict_crumple:
+ * @src: the original flat dictionary (only scalar values) to crumple
+ * @recursive: true to recursively crumple nested dictionaries
+ *
+ * Takes a flat dictionary whose keys use '.' separator to indicate
+ * nesting, and values are scalars, and crumples it into a nested
+ * structure. If the @recursive parameter is false, then only the
+ * first level of structure implied by the keys will be crumpled. If
+ * @recursive is true, then the input will be recursively crumpled to
+ * expand all levels of structure in the keys.
+ *
+ * To include a literal '.' in a key name, it must be escaped as '..'
+ *
+ * For example, an input of:
+ *
+ * { 'foo.0.bar': 'one', 'foo.0.wizz': '1',
+ * 'foo.1.bar': 'two', 'foo.1.wizz': '2' }
+ *
+ * will result in any output of:
+ *
+ * {
+ * 'foo': [
+ * { 'bar': 'one', 'wizz': '1' },
+ * { 'bar': 'two', 'wizz': '2' }
+ * ],
+ * }
+ *
+ * The following scenarios in the input dict will result in an
+ * error being returned:
+ *
+ * - Any values in @src are non-scalar types
+ * - If keys in @src imply that a particular level is both a
+ * list and a dict. eg, "foo.0.bar" and "foo.eek.bar".
+ * - If keys in @src imply that a particular level is a list,
+ * but the indexes are non-contigous. eg "foo.0.bar" and
+ * "foo.2.bar" without any "foo.1.bar" present.
+ * - If keys in @src represent list indexes, but are not in
+ * the "%zu" format. eg "foo.+0.bar"
+ *
+ * Returns: either a QDict or QList for the nested data structure, or NULL
+ * on error
+ */
+QObject *qdict_crumple(QDict *src, bool recursive, Error **errp)
+{
+ const QDictEntry *ent;
+ QDict *two_level, *multi_level = NULL;
+ QObject *dst = NULL, *child;
+ size_t i;
+ char *prefix = NULL;
+ const char *suffix = NULL;
+ int is_list;
+
+ two_level = qdict_new();
+
+ /* Step 1: split our totally flat dict into a two level dict */
+ for (ent = qdict_first(src); ent != NULL; ent = qdict_next(src, ent)) {
+ if (qobject_type(ent->value) == QTYPE_QDICT ||
+ qobject_type(ent->value) == QTYPE_QLIST) {
+ error_setg(errp, "Value %s is not a scalar",
+ ent->key);
+ goto error;
+ }
+
+ qdict_split_flat_key(ent->key, &prefix, &suffix);
+
+ child = qdict_get(two_level, prefix);
+ if (suffix) {
+ if (child) {
+ if (qobject_type(child) != QTYPE_QDICT) {
+ error_setg(errp, "Key %s prefix is already set as a scalar",
+ prefix);
+ goto error;
+ }
+ } else {
+ child = QOBJECT(qdict_new());
+ qdict_put_obj(two_level, prefix, child);
+ }
+ qobject_incref(ent->value);
+ qdict_put_obj(qobject_to_qdict(child), suffix, ent->value);
+ } else {
+ if (child) {
+ error_setg(errp, "Key %s prefix is already set as a dict",
+ prefix);
+ goto error;
+ }
+ qobject_incref(ent->value);
+ qdict_put_obj(two_level, prefix, ent->value);
+ }
+
+ g_free(prefix);
+ prefix = NULL;
+ }
+
+ /* Step 2: optionally process the two level dict recursively
+ * into a multi-level dict */
+ if (recursive) {
+ multi_level = qdict_new();
+ for (ent = qdict_first(two_level); ent != NULL;
+ ent = qdict_next(two_level, ent)) {
+
+ if (qobject_type(ent->value) == QTYPE_QDICT) {
+ child = qdict_crumple(qobject_to_qdict(ent->value),
+ recursive, errp);
+ if (!child) {
+ goto error;
+ }
+
+ qdict_put_obj(multi_level, ent->key, child);
+ } else {
+ qobject_incref(ent->value);
+ qdict_put_obj(multi_level, ent->key, ent->value);
+ }
+ }
+ QDECREF(two_level);
+ } else {
+ multi_level = two_level;
+ }
+ two_level = NULL;
+
+ /* Step 3: detect if we need to turn our dict into list */
+ is_list = qdict_is_list(multi_level, errp);
+ if (is_list < 0) {
+ goto error;
+ }
+
+ if (is_list) {
+ dst = QOBJECT(qlist_new());
+
+ for (i = 0; i < qdict_size(multi_level); i++) {
+ char *key = g_strdup_printf("%zu", i);
+
+ child = qdict_get(multi_level, key);
+ g_free(key);
+ assert(child);
+
+ qobject_incref(child);
+ qlist_append_obj(qobject_to_qlist(dst), child);
+ }
+ QDECREF(multi_level);
+ multi_level = NULL;
+ } else {
+ dst = QOBJECT(multi_level);
+ }
+
+ return dst;
+
+ error:
+ g_free(prefix);
+ QDECREF(multi_level);
+ QDECREF(two_level);
+ qobject_decref(dst);
+ return NULL;
+}
+
+
/**
* qdict_array_entries(): Returns the number of direct array entries if the
* sub-QDict of src specified by the prefix in subqdict (or src itself for
diff --git a/tests/check-qdict.c b/tests/check-qdict.c
index 42da1e6..be4a132 100644
--- a/tests/check-qdict.c
+++ b/tests/check-qdict.c
@@ -14,6 +14,7 @@
#include "qapi/qmp/qint.h"
#include "qapi/qmp/qdict.h"
#include "qapi/qmp/qstring.h"
+#include "qapi/error.h"
#include "qemu-common.h"
/*
@@ -595,6 +596,235 @@ static void qdict_join_test(void)
QDECREF(dict2);
}
+
+static void qdict_crumple_test_nonrecursive(void)
+{
+ QDict *src, *dst, *rules, *vnc;
+ QObject *child, *res;
+
+ src = qdict_new();
+ qdict_put(src, "vnc.listen.addr", qstring_from_str("127.0.0.1"));
+ qdict_put(src, "vnc.listen.port", qstring_from_str("5901"));
+ qdict_put(src, "rule.0.match", qstring_from_str("fred"));
+ qdict_put(src, "rule.0.policy", qstring_from_str("allow"));
+ qdict_put(src, "rule.1.match", qstring_from_str("bob"));
+ qdict_put(src, "rule.1.policy", qstring_from_str("deny"));
+
+ res = qdict_crumple(src, false, &error_abort);
+
+ g_assert_cmpint(qobject_type(res), ==, QTYPE_QDICT);
+
+ dst = qobject_to_qdict(res);
+
+ g_assert_cmpint(qdict_size(dst), ==, 2);
+
+ child = qdict_get(dst, "vnc");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QDICT);
+ vnc = qdict_get_qdict(dst, "vnc");
+
+ g_assert_cmpint(qdict_size(vnc), ==, 2);
+
+ g_assert_cmpstr("127.0.0.1", ==, qdict_get_str(vnc, "listen.addr"));
+ g_assert_cmpstr("5901", ==, qdict_get_str(vnc, "listen.port"));
+
+ child = qdict_get(dst, "rule");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QDICT);
+ rules = qdict_get_qdict(dst, "rule");
+
+ g_assert_cmpint(qdict_size(rules), ==, 4);
+
+ g_assert_cmpstr("fred", ==, qdict_get_str(rules, "0.match"));
+ g_assert_cmpstr("allow", ==, qdict_get_str(rules, "0.policy"));
+ g_assert_cmpstr("bob", ==, qdict_get_str(rules, "1.match"));
+ g_assert_cmpstr("deny", ==, qdict_get_str(rules, "1.policy"));
+
+ QDECREF(src);
+ QDECREF(dst);
+}
+
+
+static void qdict_crumple_test_listtop(void)
+{
+ QDict *src, *rule;
+ QList *rules;
+ QObject *res;
+
+ src = qdict_new();
+ qdict_put(src, "0.match.name", qstring_from_str("Fred"));
+ qdict_put(src, "0.match.email", qstring_from_str("fred@example.com"));
+ qdict_put(src, "0.policy", qstring_from_str("allow"));
+ qdict_put(src, "1.match.name", qstring_from_str("Bob"));
+ qdict_put(src, "1.match.email", qstring_from_str("bob@example.com"));
+ qdict_put(src, "1.policy", qstring_from_str("deny"));
+
+ res = qdict_crumple(src, false, &error_abort);
+
+ g_assert_cmpint(qobject_type(res), ==, QTYPE_QLIST);
+
+ rules = qobject_to_qlist(res);
+
+ g_assert_cmpint(qlist_size(rules), ==, 2);
+
+ g_assert_cmpint(qobject_type(qlist_peek(rules)), ==, QTYPE_QDICT);
+ rule = qobject_to_qdict(qlist_pop(rules));
+ g_assert_cmpint(qdict_size(rule), ==, 3);
+
+ g_assert_cmpstr("Fred", ==, qdict_get_str(rule, "match.name"));
+ g_assert_cmpstr("fred@example.com", ==, qdict_get_str(rule, "match.email"));
+ g_assert_cmpstr("allow", ==, qdict_get_str(rule, "policy"));
+ QDECREF(rule);
+
+ g_assert_cmpint(qobject_type(qlist_peek(rules)), ==, QTYPE_QDICT);
+ rule = qobject_to_qdict(qlist_pop(rules));
+ g_assert_cmpint(qdict_size(rule), ==, 3);
+
+ g_assert_cmpstr("Bob", ==, qdict_get_str(rule, "match.name"));
+ g_assert_cmpstr("bob@example.com", ==, qdict_get_str(rule, "match.email"));
+ g_assert_cmpstr("deny", ==, qdict_get_str(rule, "policy"));
+ QDECREF(rule);
+
+ QDECREF(src);
+ qobject_decref(res);
+}
+
+
+static void qdict_crumple_test_recursive(void)
+{
+ QDict *src, *dst, *rule, *vnc, *acl, *listen;
+ QObject *child, *res;
+ QList *rules;
+
+ src = qdict_new();
+ qdict_put(src, "vnc.listen.addr", qstring_from_str("127.0.0.1"));
+ qdict_put(src, "vnc.listen.port", qstring_from_str("5901"));
+ qdict_put(src, "vnc.acl.rules.0.match", qstring_from_str("fred"));
+ qdict_put(src, "vnc.acl.rules.0.policy", qstring_from_str("allow"));
+ qdict_put(src, "vnc.acl.rules.1.match", qstring_from_str("bob"));
+ qdict_put(src, "vnc.acl.rules.1.policy", qstring_from_str("deny"));
+ qdict_put(src, "vnc.acl.default", qstring_from_str("deny"));
+
+ res = qdict_crumple(src, true, &error_abort);
+
+ g_assert_cmpint(qobject_type(res), ==, QTYPE_QDICT);
+
+ dst = qobject_to_qdict(res);
+
+ g_assert_cmpint(qdict_size(dst), ==, 1);
+
+ child = qdict_get(dst, "vnc");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QDICT);
+ vnc = qobject_to_qdict(child);
+
+ child = qdict_get(vnc, "listen");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QDICT);
+ listen = qobject_to_qdict(child);
+ g_assert_cmpstr("127.0.0.1", ==, qdict_get_str(listen, "addr"));
+ g_assert_cmpstr("5901", ==, qdict_get_str(listen, "port"));
+
+ child = qdict_get(vnc, "acl");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QDICT);
+ acl = qobject_to_qdict(child);
+
+ child = qdict_get(acl, "rules");
+ g_assert_cmpint(qobject_type(child), ==, QTYPE_QLIST);
+ rules = qobject_to_qlist(child);
+ g_assert_cmpint(qlist_size(rules), ==, 2);
+
+ rule = qobject_to_qdict(qlist_pop(rules));
+ g_assert_cmpint(qdict_size(rule), ==, 2);
+ g_assert_cmpstr("fred", ==, qdict_get_str(rule, "match"));
+ g_assert_cmpstr("allow", ==, qdict_get_str(rule, "policy"));
+ QDECREF(rule);
+
+ rule = qobject_to_qdict(qlist_pop(rules));
+ g_assert_cmpint(qdict_size(rule), ==, 2);
+ g_assert_cmpstr("bob", ==, qdict_get_str(rule, "match"));
+ g_assert_cmpstr("deny", ==, qdict_get_str(rule, "policy"));
+ QDECREF(rule);
+
+ QDECREF(src);
+ QDECREF(dst);
+}
+
+
+static void qdict_crumple_test_empty(void)
+{
+ QDict *src, *dst;
+
+ src = qdict_new();
+
+ dst = (QDict *)qdict_crumple(src, true, &error_abort);
+
+ g_assert_cmpint(qdict_size(dst), ==, 0);
+
+ QDECREF(src);
+ QDECREF(dst);
+}
+
+
+static void qdict_crumple_test_bad_inputs(void)
+{
+ QDict *src;
+ Error *error = NULL;
+
+ src = qdict_new();
+ /* rule.0 can't be both a string and a dict */
+ qdict_put(src, "rule.0", qstring_from_str("fred"));
+ qdict_put(src, "rule.0.policy", qstring_from_str("allow"));
+
+ g_assert(qdict_crumple(src, true, &error) == NULL);
+ g_assert(error != NULL);
+ error_free(error);
+ error = NULL;
+ QDECREF(src);
+
+ src = qdict_new();
+ /* rule can't be both a list and a dict */
+ qdict_put(src, "rule.0", qstring_from_str("fred"));
+ qdict_put(src, "rule.a", qstring_from_str("allow"));
+
+ g_assert(qdict_crumple(src, true, &error) == NULL);
+ g_assert(error != NULL);
+ error_free(error);
+ error = NULL;
+ QDECREF(src);
+
+ src = qdict_new();
+ /* The input should be flat, ie no dicts or lists */
+ qdict_put(src, "rule.a", qdict_new());
+ qdict_put(src, "rule.b", qstring_from_str("allow"));
+
+ g_assert(qdict_crumple(src, true, &error) == NULL);
+ g_assert(error != NULL);
+ error_free(error);
+ error = NULL;
+ QDECREF(src);
+
+
+ src = qdict_new();
+ /* List indexes must not have gaps */
+ qdict_put(src, "rule.0", qdict_new());
+ qdict_put(src, "rule.3", qstring_from_str("allow"));
+
+ g_assert(qdict_crumple(src, true, &error) == NULL);
+ g_assert(error != NULL);
+ error_free(error);
+ error = NULL;
+ QDECREF(src);
+
+
+ src = qdict_new();
+ /* List indexes must be in %zu format */
+ qdict_put(src, "rule.0", qdict_new());
+ qdict_put(src, "rule.+1", qstring_from_str("allow"));
+
+ g_assert(qdict_crumple(src, true, &error) == NULL);
+ g_assert(error != NULL);
+ error_free(error);
+ error = NULL;
+ QDECREF(src);
+}
+
/*
* Errors test-cases
*/
@@ -742,6 +972,17 @@ int main(int argc, char **argv)
g_test_add_func("/errors/put_exists", qdict_put_exists_test);
g_test_add_func("/errors/get_not_exists", qdict_get_not_exists_test);
+ g_test_add_func("/public/crumple/nonrecursive",
+ qdict_crumple_test_nonrecursive);
+ g_test_add_func("/public/crumple/recursive",
+ qdict_crumple_test_recursive);
+ g_test_add_func("/public/crumple/listtop",
+ qdict_crumple_test_listtop);
+ g_test_add_func("/public/crumple/empty",
+ qdict_crumple_test_empty);
+ g_test_add_func("/public/crumple/bad_inputs",
+ qdict_crumple_test_bad_inputs);
+
/* The Big one */
if (g_test_slow()) {
g_test_add_func("/stress/test", qdict_stress_test);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 02/11] option: make parse_option_bool/number non-static
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 01/11] qdict: implement a qdict_crumple method for un-flattening a dict Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 03/11] qapi: rename QmpInputVisitor to QObjectInputVisitor Daniel P. Berrange
` (10 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The opts-visitor.c opts_type_bool() method has code for
parsing a string to set a bool value, as does the
qemu-option.c parse_option_bool() method, except it
handles fewer cases.
To enable consistency across the codebase, extend
parse_option_bool() to handle "yes", "no", "y" and
"n", and make it non-static. Convert the opts
visitor to call this method directly.
Also make parse_option_number() non-static to allow
for similar reuse later.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
include/qemu/option.h | 4 ++++
qapi/opts-visitor.c | 19 +------------------
util/qemu-option.c | 27 ++++++++++++++++-----------
3 files changed, 21 insertions(+), 29 deletions(-)
diff --git a/include/qemu/option.h b/include/qemu/option.h
index 1f9e3f9..2a5266f 100644
--- a/include/qemu/option.h
+++ b/include/qemu/option.h
@@ -37,6 +37,10 @@ int get_param_value(char *buf, int buf_size,
const char *tag, const char *str);
+void parse_option_bool(const char *name, const char *value, bool *ret,
+ Error **errp);
+void parse_option_number(const char *name, const char *value,
+ uint64_t *ret, Error **errp);
void parse_option_size(const char *name, const char *value,
uint64_t *ret, Error **errp);
bool has_help_option(const char *param);
diff --git a/qapi/opts-visitor.c b/qapi/opts-visitor.c
index 1048bbc..084f7cc 100644
--- a/qapi/opts-visitor.c
+++ b/qapi/opts-visitor.c
@@ -334,7 +334,6 @@ opts_type_str(Visitor *v, const char *name, char **obj, Error **errp)
}
-/* mimics qemu-option.c::parse_option_bool() */
static void
opts_type_bool(Visitor *v, const char *name, bool *obj, Error **errp)
{
@@ -346,23 +345,7 @@ opts_type_bool(Visitor *v, const char *name, bool *obj, Error **errp)
return;
}
- if (opt->str) {
- if (strcmp(opt->str, "on") == 0 ||
- strcmp(opt->str, "yes") == 0 ||
- strcmp(opt->str, "y") == 0) {
- *obj = true;
- } else if (strcmp(opt->str, "off") == 0 ||
- strcmp(opt->str, "no") == 0 ||
- strcmp(opt->str, "n") == 0) {
- *obj = false;
- } else {
- error_setg(errp, QERR_INVALID_PARAMETER_VALUE, opt->name,
- "on|yes|y|off|no|n");
- return;
- }
- } else {
- *obj = true;
- }
+ parse_option_bool(opt->name, opt->str, obj, errp);
processed(ov, name);
}
diff --git a/util/qemu-option.c b/util/qemu-option.c
index 3467dc2..6fc9ccb 100644
--- a/util/qemu-option.c
+++ b/util/qemu-option.c
@@ -125,25 +125,30 @@ int get_param_value(char *buf, int buf_size,
return get_next_param_value(buf, buf_size, tag, &str);
}
-static void parse_option_bool(const char *name, const char *value, bool *ret,
- Error **errp)
+void parse_option_bool(const char *name, const char *value, bool *ret,
+ Error **errp)
{
if (value != NULL) {
- if (!strcmp(value, "on")) {
- *ret = 1;
- } else if (!strcmp(value, "off")) {
- *ret = 0;
+ if (strcmp(value, "on") == 0 ||
+ strcmp(value, "yes") == 0 ||
+ strcmp(value, "y") == 0) {
+ *ret = true;
+ } else if (strcmp(value, "off") == 0 ||
+ strcmp(value, "no") == 0 ||
+ strcmp(value, "n") == 0) {
+ *ret = false;
} else {
- error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
- name, "'on' or 'off'");
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name,
+ "on|yes|y|off|no|n");
+ return;
}
} else {
- *ret = 1;
+ *ret = true;
}
}
-static void parse_option_number(const char *name, const char *value,
- uint64_t *ret, Error **errp)
+void parse_option_number(const char *name, const char *value,
+ uint64_t *ret, Error **errp)
{
char *postfix;
uint64_t number;
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 03/11] qapi: rename QmpInputVisitor to QObjectInputVisitor
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 01/11] qdict: implement a qdict_crumple method for un-flattening a dict Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 02/11] option: make parse_option_bool/number non-static Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 04/11] qapi: rename QmpOutputVisitor to QObjectOutputVisitor Daniel P. Berrange
` (9 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The QmpInputVisitor has no direct dependancy on QMP. It is
valid to use it anywhere that one has a QObject. Rename it
to better reflect its functionality as a generic QObject
to QAPI convertor.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
docs/qapi-code-gen.txt | 2 +-
...qmp-input-visitor.h => qobject-input-visitor.h} | 10 +-
monitor.c | 2 +-
qapi/Makefile.objs | 2 +-
...qmp-input-visitor.c => qobject-input-visitor.c} | 171 +++++++++++----------
qmp.c | 4 +-
qom/qom-qobject.c | 4 +-
scripts/qapi-commands.py | 4 +-
tests/.gitignore | 4 +-
tests/Makefile.include | 12 +-
tests/check-qnull.c | 4 +-
tests/test-qmp-commands.c | 4 +-
...-input-strict.c => test-qobject-input-strict.c} | 4 +-
...nput-visitor.c => test-qobject-input-visitor.c} | 4 +-
tests/test-string-input-visitor.c | 2 +-
tests/test-visitor-serialization.c | 4 +-
util/qemu-sockets.c | 2 +-
17 files changed, 121 insertions(+), 118 deletions(-)
rename include/qapi/{qmp-input-visitor.h => qobject-input-visitor.h} (63%)
rename qapi/{qmp-input-visitor.c => qobject-input-visitor.c} (56%)
rename tests/{test-qmp-input-strict.c => test-qobject-input-strict.c} (99%)
rename tests/{test-qmp-input-visitor.c => test-qobject-input-visitor.c} (99%)
diff --git a/docs/qapi-code-gen.txt b/docs/qapi-code-gen.txt
index de298dc..a011872 100644
--- a/docs/qapi-code-gen.txt
+++ b/docs/qapi-code-gen.txt
@@ -1024,7 +1024,7 @@ Example:
Visitor *v;
UserDefOneList *arg1 = NULL;
- v = qmp_input_visitor_new(QOBJECT(args), true);
+ v = qobject_input_visitor_new(QOBJECT(args), true);
visit_start_struct(v, NULL, NULL, 0, &err);
if (err) {
goto out;
diff --git a/include/qapi/qmp-input-visitor.h b/include/qapi/qobject-input-visitor.h
similarity index 63%
rename from include/qapi/qmp-input-visitor.h
rename to include/qapi/qobject-input-visitor.h
index f3ff5f3..cde328d 100644
--- a/include/qapi/qmp-input-visitor.h
+++ b/include/qapi/qobject-input-visitor.h
@@ -11,20 +11,20 @@
*
*/
-#ifndef QMP_INPUT_VISITOR_H
-#define QMP_INPUT_VISITOR_H
+#ifndef QOBJECT_INPUT_VISITOR_H
+#define QOBJECT_INPUT_VISITOR_H
#include "qapi/visitor.h"
#include "qapi/qmp/qobject.h"
-typedef struct QmpInputVisitor QmpInputVisitor;
+typedef struct QObjectInputVisitor QObjectInputVisitor;
/*
- * Return a new input visitor that converts QMP to QAPI.
+ * Return a new input visitor that converts a QObject to a QAPI object.
*
* Set @strict to reject a parse that doesn't consume all keys of a
* dictionary; otherwise excess input is ignored.
*/
-Visitor *qmp_input_visitor_new(QObject *obj, bool strict);
+Visitor *qobject_input_visitor_new(QObject *obj, bool strict);
#endif
diff --git a/monitor.c b/monitor.c
index 5c00373..b151934 100644
--- a/monitor.c
+++ b/monitor.c
@@ -998,7 +998,7 @@ EventInfoList *qmp_query_events(Error **errp)
* directly into QObject instead of first parsing it with
* visit_type_SchemaInfoList() into a SchemaInfoList, then marshal it
* to QObject with generated output marshallers, every time. Instead,
- * we do it in test-qmp-input-visitor.c, just to make sure
+ * we do it in test-qobject-input-visitor.c, just to make sure
* qapi-introspect.py's output actually conforms to the schema.
*/
static void qmp_query_qmp_schema(QDict *qdict, QObject **ret_data,
diff --git a/qapi/Makefile.objs b/qapi/Makefile.objs
index 7ea4aeb..6ec7bdc 100644
--- a/qapi/Makefile.objs
+++ b/qapi/Makefile.objs
@@ -1,4 +1,4 @@
-util-obj-y = qapi-visit-core.o qapi-dealloc-visitor.o qmp-input-visitor.o
+util-obj-y = qapi-visit-core.o qapi-dealloc-visitor.o qobject-input-visitor.o
util-obj-y += qmp-output-visitor.o qmp-registry.o qmp-dispatch.o
util-obj-y += string-input-visitor.o string-output-visitor.o
util-obj-y += opts-visitor.o qapi-clone-visitor.o
diff --git a/qapi/qmp-input-visitor.c b/qapi/qobject-input-visitor.c
similarity index 56%
rename from qapi/qmp-input-visitor.c
rename to qapi/qobject-input-visitor.c
index 64dd392..5ff3db3 100644
--- a/qapi/qmp-input-visitor.c
+++ b/qapi/qobject-input-visitor.c
@@ -14,7 +14,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/visitor-impl.h"
#include "qemu/queue.h"
#include "qemu-common.h"
@@ -34,7 +34,7 @@ typedef struct StackObject
QSLIST_ENTRY(StackObject) node;
} StackObject;
-struct QmpInputVisitor
+struct QObjectInputVisitor
{
Visitor visitor;
@@ -49,14 +49,14 @@ struct QmpInputVisitor
bool strict;
};
-static QmpInputVisitor *to_qiv(Visitor *v)
+static QObjectInputVisitor *to_qiv(Visitor *v)
{
- return container_of(v, QmpInputVisitor, visitor);
+ return container_of(v, QObjectInputVisitor, visitor);
}
-static QObject *qmp_input_get_object(QmpInputVisitor *qiv,
- const char *name,
- bool consume)
+static QObject *qobject_input_get_object(QObjectInputVisitor *qiv,
+ const char *name,
+ bool consume)
{
StackObject *tos;
QObject *qobj;
@@ -97,8 +97,9 @@ static void qdict_add_key(const char *key, QObject *obj, void *opaque)
g_hash_table_insert(h, (gpointer) key, NULL);
}
-static const QListEntry *qmp_input_push(QmpInputVisitor *qiv, QObject *obj,
- void *qapi, Error **errp)
+static const QListEntry *qobject_input_push(QObjectInputVisitor *qiv,
+ QObject *obj, void *qapi,
+ Error **errp)
{
GHashTable *h;
StackObject *tos = g_new0(StackObject, 1);
@@ -120,9 +121,9 @@ static const QListEntry *qmp_input_push(QmpInputVisitor *qiv, QObject *obj,
}
-static void qmp_input_check_struct(Visitor *v, Error **errp)
+static void qobject_input_check_struct(Visitor *v, Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
+ QObjectInputVisitor *qiv = to_qiv(v);
StackObject *tos = QSLIST_FIRST(&qiv->stack);
assert(tos && !tos->entry);
@@ -140,7 +141,7 @@ static void qmp_input_check_struct(Visitor *v, Error **errp)
}
}
-static void qmp_input_stack_object_free(StackObject *tos)
+static void qobject_input_stack_object_free(StackObject *tos)
{
if (tos->h) {
g_hash_table_unref(tos->h);
@@ -149,21 +150,21 @@ static void qmp_input_stack_object_free(StackObject *tos)
g_free(tos);
}
-static void qmp_input_pop(Visitor *v, void **obj)
+static void qobject_input_pop(Visitor *v, void **obj)
{
- QmpInputVisitor *qiv = to_qiv(v);
+ QObjectInputVisitor *qiv = to_qiv(v);
StackObject *tos = QSLIST_FIRST(&qiv->stack);
assert(tos && tos->qapi == obj);
QSLIST_REMOVE_HEAD(&qiv->stack, node);
- qmp_input_stack_object_free(tos);
+ qobject_input_stack_object_free(tos);
}
-static void qmp_input_start_struct(Visitor *v, const char *name, void **obj,
- size_t size, Error **errp)
+static void qobject_input_start_struct(Visitor *v, const char *name, void **obj,
+ size_t size, Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, true);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
Error *err = NULL;
if (obj) {
@@ -175,7 +176,7 @@ static void qmp_input_start_struct(Visitor *v, const char *name, void **obj,
return;
}
- qmp_input_push(qiv, qobj, obj, &err);
+ qobject_input_push(qiv, qobj, obj, &err);
if (err) {
error_propagate(errp, err);
return;
@@ -187,11 +188,12 @@ static void qmp_input_start_struct(Visitor *v, const char *name, void **obj,
}
-static void qmp_input_start_list(Visitor *v, const char *name,
- GenericList **list, size_t size, Error **errp)
+static void qobject_input_start_list(Visitor *v, const char *name,
+ GenericList **list, size_t size,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, true);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
const QListEntry *entry;
if (!qobj || qobject_type(qobj) != QTYPE_QLIST) {
@@ -203,7 +205,7 @@ static void qmp_input_start_list(Visitor *v, const char *name,
return;
}
- entry = qmp_input_push(qiv, qobj, list, errp);
+ entry = qobject_input_push(qiv, qobj, list, errp);
if (list) {
if (entry) {
*list = g_malloc0(size);
@@ -213,10 +215,10 @@ static void qmp_input_start_list(Visitor *v, const char *name,
}
}
-static GenericList *qmp_input_next_list(Visitor *v, GenericList *tail,
- size_t size)
+static GenericList *qobject_input_next_list(Visitor *v, GenericList *tail,
+ size_t size)
{
- QmpInputVisitor *qiv = to_qiv(v);
+ QObjectInputVisitor *qiv = to_qiv(v);
StackObject *so = QSLIST_FIRST(&qiv->stack);
if (!so->entry) {
@@ -227,12 +229,12 @@ static GenericList *qmp_input_next_list(Visitor *v, GenericList *tail,
}
-static void qmp_input_start_alternate(Visitor *v, const char *name,
- GenericAlternate **obj, size_t size,
- bool promote_int, Error **errp)
+static void qobject_input_start_alternate(Visitor *v, const char *name,
+ GenericAlternate **obj, size_t size,
+ bool promote_int, Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, false);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, false);
if (!qobj) {
*obj = NULL;
@@ -246,11 +248,11 @@ static void qmp_input_start_alternate(Visitor *v, const char *name,
}
}
-static void qmp_input_type_int64(Visitor *v, const char *name, int64_t *obj,
- Error **errp)
+static void qobject_input_type_int64(Visitor *v, const char *name, int64_t *obj,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QInt *qint = qobject_to_qint(qmp_input_get_object(qiv, name, true));
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QInt *qint = qobject_to_qint(qobject_input_get_object(qiv, name, true));
if (!qint) {
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
@@ -261,12 +263,12 @@ static void qmp_input_type_int64(Visitor *v, const char *name, int64_t *obj,
*obj = qint_get_int(qint);
}
-static void qmp_input_type_uint64(Visitor *v, const char *name, uint64_t *obj,
- Error **errp)
+static void qobject_input_type_uint64(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
{
/* FIXME: qobject_to_qint mishandles values over INT64_MAX */
- QmpInputVisitor *qiv = to_qiv(v);
- QInt *qint = qobject_to_qint(qmp_input_get_object(qiv, name, true));
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QInt *qint = qobject_to_qint(qobject_input_get_object(qiv, name, true));
if (!qint) {
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
@@ -277,11 +279,11 @@ static void qmp_input_type_uint64(Visitor *v, const char *name, uint64_t *obj,
*obj = qint_get_int(qint);
}
-static void qmp_input_type_bool(Visitor *v, const char *name, bool *obj,
- Error **errp)
+static void qobject_input_type_bool(Visitor *v, const char *name, bool *obj,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QBool *qbool = qobject_to_qbool(qmp_input_get_object(qiv, name, true));
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QBool *qbool = qobject_to_qbool(qobject_input_get_object(qiv, name, true));
if (!qbool) {
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
@@ -292,11 +294,12 @@ static void qmp_input_type_bool(Visitor *v, const char *name, bool *obj,
*obj = qbool_get_bool(qbool);
}
-static void qmp_input_type_str(Visitor *v, const char *name, char **obj,
- Error **errp)
+static void qobject_input_type_str(Visitor *v, const char *name, char **obj,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QString *qstr = qobject_to_qstring(qmp_input_get_object(qiv, name, true));
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
if (!qstr) {
*obj = NULL;
@@ -308,11 +311,11 @@ static void qmp_input_type_str(Visitor *v, const char *name, char **obj,
*obj = g_strdup(qstring_get_str(qstr));
}
-static void qmp_input_type_number(Visitor *v, const char *name, double *obj,
- Error **errp)
+static void qobject_input_type_number(Visitor *v, const char *name, double *obj,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, true);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
QInt *qint;
QFloat *qfloat;
@@ -332,20 +335,20 @@ static void qmp_input_type_number(Visitor *v, const char *name, double *obj,
"number");
}
-static void qmp_input_type_any(Visitor *v, const char *name, QObject **obj,
- Error **errp)
+static void qobject_input_type_any(Visitor *v, const char *name, QObject **obj,
+ Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, true);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
qobject_incref(qobj);
*obj = qobj;
}
-static void qmp_input_type_null(Visitor *v, const char *name, Error **errp)
+static void qobject_input_type_null(Visitor *v, const char *name, Error **errp)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, true);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
if (qobject_type(qobj) != QTYPE_QNULL) {
error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
@@ -353,10 +356,10 @@ static void qmp_input_type_null(Visitor *v, const char *name, Error **errp)
}
}
-static void qmp_input_optional(Visitor *v, const char *name, bool *present)
+static void qobject_input_optional(Visitor *v, const char *name, bool *present)
{
- QmpInputVisitor *qiv = to_qiv(v);
- QObject *qobj = qmp_input_get_object(qiv, name, false);
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, false);
if (!qobj) {
*present = false;
@@ -366,43 +369,43 @@ static void qmp_input_optional(Visitor *v, const char *name, bool *present)
*present = true;
}
-static void qmp_input_free(Visitor *v)
+static void qobject_input_free(Visitor *v)
{
- QmpInputVisitor *qiv = to_qiv(v);
+ QObjectInputVisitor *qiv = to_qiv(v);
while (!QSLIST_EMPTY(&qiv->stack)) {
StackObject *tos = QSLIST_FIRST(&qiv->stack);
QSLIST_REMOVE_HEAD(&qiv->stack, node);
- qmp_input_stack_object_free(tos);
+ qobject_input_stack_object_free(tos);
}
qobject_decref(qiv->root);
g_free(qiv);
}
-Visitor *qmp_input_visitor_new(QObject *obj, bool strict)
+Visitor *qobject_input_visitor_new(QObject *obj, bool strict)
{
- QmpInputVisitor *v;
+ QObjectInputVisitor *v;
v = g_malloc0(sizeof(*v));
v->visitor.type = VISITOR_INPUT;
- v->visitor.start_struct = qmp_input_start_struct;
- v->visitor.check_struct = qmp_input_check_struct;
- v->visitor.end_struct = qmp_input_pop;
- v->visitor.start_list = qmp_input_start_list;
- v->visitor.next_list = qmp_input_next_list;
- v->visitor.end_list = qmp_input_pop;
- v->visitor.start_alternate = qmp_input_start_alternate;
- v->visitor.type_int64 = qmp_input_type_int64;
- v->visitor.type_uint64 = qmp_input_type_uint64;
- v->visitor.type_bool = qmp_input_type_bool;
- v->visitor.type_str = qmp_input_type_str;
- v->visitor.type_number = qmp_input_type_number;
- v->visitor.type_any = qmp_input_type_any;
- v->visitor.type_null = qmp_input_type_null;
- v->visitor.optional = qmp_input_optional;
- v->visitor.free = qmp_input_free;
+ v->visitor.start_struct = qobject_input_start_struct;
+ v->visitor.check_struct = qobject_input_check_struct;
+ v->visitor.end_struct = qobject_input_pop;
+ v->visitor.start_list = qobject_input_start_list;
+ v->visitor.next_list = qobject_input_next_list;
+ v->visitor.end_list = qobject_input_pop;
+ v->visitor.start_alternate = qobject_input_start_alternate;
+ v->visitor.type_int64 = qobject_input_type_int64;
+ v->visitor.type_uint64 = qobject_input_type_uint64;
+ v->visitor.type_bool = qobject_input_type_bool;
+ v->visitor.type_str = qobject_input_type_str;
+ v->visitor.type_number = qobject_input_type_number;
+ v->visitor.type_any = qobject_input_type_any;
+ v->visitor.type_null = qobject_input_type_null;
+ v->visitor.optional = qobject_input_optional;
+ v->visitor.free = qobject_input_free;
v->strict = strict;
v->root = obj;
diff --git a/qmp.c b/qmp.c
index b6d531e..ffc8828 100644
--- a/qmp.c
+++ b/qmp.c
@@ -30,7 +30,7 @@
#include "qom/qom-qobject.h"
#include "qapi/qmp/qerror.h"
#include "qapi/qmp/qobject.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "hw/boards.h"
#include "qom/object_interfaces.h"
#include "hw/mem/pc-dimm.h"
@@ -666,7 +666,7 @@ void qmp_object_add(const char *type, const char *id,
}
}
- v = qmp_input_visitor_new(props, true);
+ v = qobject_input_visitor_new(props, true);
obj = user_creatable_add_type(type, id, pdict, v, errp);
visit_free(v);
if (obj) {
diff --git a/qom/qom-qobject.c b/qom/qom-qobject.c
index c225abc..81959e0 100644
--- a/qom/qom-qobject.c
+++ b/qom/qom-qobject.c
@@ -15,7 +15,7 @@
#include "qom/object.h"
#include "qom/qom-qobject.h"
#include "qapi/visitor.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/qmp-output-visitor.h"
void object_property_set_qobject(Object *obj, QObject *value,
@@ -23,7 +23,7 @@ void object_property_set_qobject(Object *obj, QObject *value,
{
Visitor *v;
/* TODO: Should we reject, rather than ignore, excess input? */
- v = qmp_input_visitor_new(value, false);
+ v = qobject_input_visitor_new(value, false);
object_property_set(obj, v, name, errp);
visit_free(v);
}
diff --git a/scripts/qapi-commands.py b/scripts/qapi-commands.py
index a06a2c4..3010163 100644
--- a/scripts/qapi-commands.py
+++ b/scripts/qapi-commands.py
@@ -117,7 +117,7 @@ def gen_marshal(name, arg_type, boxed, ret_type):
Visitor *v;
%(c_name)s arg = {0};
- v = qmp_input_visitor_new(QOBJECT(args), true);
+ v = qobject_input_visitor_new(QOBJECT(args), true);
visit_start_struct(v, NULL, NULL, 0, &err);
if (err) {
goto out;
@@ -279,7 +279,7 @@ fdef.write(mcgen('''
#include "qapi/qmp/dispatch.h"
#include "qapi/visitor.h"
#include "qapi/qmp-output-visitor.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/dealloc-visitor.h"
#include "%(prefix)sqapi-types.h"
#include "%(prefix)sqapi-visit.h"
diff --git a/tests/.gitignore b/tests/.gitignore
index dbb5263..4ec0a1a 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -57,8 +57,8 @@ test-qht-par
test-qmp-commands
test-qmp-commands.h
test-qmp-event
-test-qmp-input-strict
-test-qmp-input-visitor
+test-qobject-input-strict
+test-qobject-input-visitor
test-qmp-introspect.[ch]
test-qmp-marshal.c
test-qmp-output-visitor
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 14be491..5ac61b7 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -24,9 +24,9 @@ check-unit-y += tests/test-qmp-output-visitor$(EXESUF)
gcov-files-test-qmp-output-visitor-y = qapi/qmp-output-visitor.c
check-unit-y += tests/test-clone-visitor$(EXESUF)
gcov-files-test-clone-visitor-y = qapi/qapi-clone-visitor.c
-check-unit-y += tests/test-qmp-input-visitor$(EXESUF)
-gcov-files-test-qmp-input-visitor-y = qapi/qmp-input-visitor.c
-check-unit-y += tests/test-qmp-input-strict$(EXESUF)
+check-unit-y += tests/test-qobject-input-visitor$(EXESUF)
+gcov-files-test-qobject-input-visitor-y = qapi/qobject-input-visitor.c
+check-unit-y += tests/test-qobject-input-strict$(EXESUF)
check-unit-y += tests/test-qmp-commands$(EXESUF)
gcov-files-test-qmp-commands-y = qapi/qmp-dispatch.c
check-unit-y += tests/test-string-input-visitor$(EXESUF)
@@ -415,7 +415,7 @@ test-obj-y = tests/check-qint.o tests/check-qstring.o tests/check-qdict.o \
tests/test-coroutine.o tests/test-string-output-visitor.o \
tests/test-string-input-visitor.o tests/test-qmp-output-visitor.o \
tests/test-clone-visitor.o \
- tests/test-qmp-input-visitor.o tests/test-qmp-input-strict.o \
+ tests/test-qobject-input-visitor.o tests/test-qobject-input-strict.o \
tests/test-qmp-commands.o tests/test-visitor-serialization.o \
tests/test-x86-cpuid.o tests/test-mul64.o tests/test-int128.o \
tests/test-opts-visitor.o tests/test-qmp-event.o \
@@ -514,8 +514,8 @@ tests/test-string-input-visitor$(EXESUF): tests/test-string-input-visitor.o $(te
tests/test-qmp-event$(EXESUF): tests/test-qmp-event.o $(test-qapi-obj-y)
tests/test-qmp-output-visitor$(EXESUF): tests/test-qmp-output-visitor.o $(test-qapi-obj-y)
tests/test-clone-visitor$(EXESUF): tests/test-clone-visitor.o $(test-qapi-obj-y)
-tests/test-qmp-input-visitor$(EXESUF): tests/test-qmp-input-visitor.o $(test-qapi-obj-y)
-tests/test-qmp-input-strict$(EXESUF): tests/test-qmp-input-strict.o $(test-qapi-obj-y)
+tests/test-qobject-input-visitor$(EXESUF): tests/test-qobject-input-visitor.o $(test-qapi-obj-y)
+tests/test-qobject-input-strict$(EXESUF): tests/test-qobject-input-strict.o $(test-qapi-obj-y)
tests/test-qmp-commands$(EXESUF): tests/test-qmp-commands.o tests/test-qmp-marshal.o $(test-qapi-obj-y)
tests/test-visitor-serialization$(EXESUF): tests/test-visitor-serialization.o $(test-qapi-obj-y)
tests/test-opts-visitor$(EXESUF): tests/test-opts-visitor.o $(test-qapi-obj-y)
diff --git a/tests/check-qnull.c b/tests/check-qnull.c
index dc906b1..eeb803a 100644
--- a/tests/check-qnull.c
+++ b/tests/check-qnull.c
@@ -10,7 +10,7 @@
#include "qapi/qmp/qobject.h"
#include "qemu-common.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/qmp-output-visitor.h"
#include "qapi/error.h"
@@ -47,7 +47,7 @@ static void qnull_visit_test(void)
g_assert(qnull_.refcnt == 1);
obj = qnull();
- v = qmp_input_visitor_new(obj, true);
+ v = qobject_input_visitor_new(obj, true);
qobject_decref(obj);
visit_type_null(v, NULL, &error_abort);
visit_free(v);
diff --git a/tests/test-qmp-commands.c b/tests/test-qmp-commands.c
index 261fd9e..ffb145f 100644
--- a/tests/test-qmp-commands.c
+++ b/tests/test-qmp-commands.c
@@ -4,7 +4,7 @@
#include "test-qmp-commands.h"
#include "qapi/qmp/dispatch.h"
#include "qemu/module.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "tests/test-qapi-types.h"
#include "tests/test-qapi-visit.h"
@@ -229,7 +229,7 @@ static void test_dealloc_partial(void)
ud2_dict = qdict_new();
qdict_put_obj(ud2_dict, "string0", QOBJECT(qstring_from_str(text)));
- v = qmp_input_visitor_new(QOBJECT(ud2_dict), true);
+ v = qobject_input_visitor_new(QOBJECT(ud2_dict), true);
visit_type_UserDefTwo(v, NULL, &ud2, &err);
visit_free(v);
QDECREF(ud2_dict);
diff --git a/tests/test-qmp-input-strict.c b/tests/test-qobject-input-strict.c
similarity index 99%
rename from tests/test-qmp-input-strict.c
rename to tests/test-qobject-input-strict.c
index 814550a..546f8af 100644
--- a/tests/test-qmp-input-strict.c
+++ b/tests/test-qobject-input-strict.c
@@ -15,7 +15,7 @@
#include "qemu-common.h"
#include "qapi/error.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "test-qapi-types.h"
#include "test-qapi-visit.h"
#include "qapi/qmp/types.h"
@@ -53,7 +53,7 @@ static Visitor *validate_test_init_internal(TestInputVisitorData *data,
data->obj = qobject_from_jsonv(json_string, ap);
g_assert(data->obj);
- data->qiv = qmp_input_visitor_new(data->obj, true);
+ data->qiv = qobject_input_visitor_new(data->obj, true);
g_assert(data->qiv);
return data->qiv;
}
diff --git a/tests/test-qmp-input-visitor.c b/tests/test-qobject-input-visitor.c
similarity index 99%
rename from tests/test-qmp-input-visitor.c
rename to tests/test-qobject-input-visitor.c
index f583dce..02895f0 100644
--- a/tests/test-qmp-input-visitor.c
+++ b/tests/test-qobject-input-visitor.c
@@ -14,7 +14,7 @@
#include "qemu-common.h"
#include "qapi/error.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "test-qapi-types.h"
#include "test-qapi-visit.h"
#include "qapi/qmp/types.h"
@@ -49,7 +49,7 @@ static Visitor *visitor_input_test_init_internal(TestInputVisitorData *data,
data->obj = qobject_from_jsonv(json_string, ap);
g_assert(data->obj);
- data->qiv = qmp_input_visitor_new(data->obj, false);
+ data->qiv = qobject_input_visitor_new(data->obj, false);
g_assert(data->qiv);
return data->qiv;
}
diff --git a/tests/test-string-input-visitor.c b/tests/test-string-input-visitor.c
index d837ebe..9bdcd74 100644
--- a/tests/test-string-input-visitor.c
+++ b/tests/test-string-input-visitor.c
@@ -4,7 +4,7 @@
* Copyright (C) 2012 Red Hat Inc.
*
* Authors:
- * Paolo Bonzini <pbonzini@redhat.com> (based on test-qmp-input-visitor)
+ * Paolo Bonzini <pbonzini@redhat.com> (based on test-qobject-input-visitor)
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
diff --git a/tests/test-visitor-serialization.c b/tests/test-visitor-serialization.c
index dba4670..51df428 100644
--- a/tests/test-visitor-serialization.c
+++ b/tests/test-visitor-serialization.c
@@ -20,7 +20,7 @@
#include "qapi/error.h"
#include "qapi/qmp/types.h"
#include "qapi/qmp/qjson.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/qmp-output-visitor.h"
#include "qapi/string-input-visitor.h"
#include "qapi/string-output-visitor.h"
@@ -1040,7 +1040,7 @@ static void qmp_deserialize(void **native_out, void *datap,
obj = qobject_from_json(qstring_get_str(output_json));
QDECREF(output_json);
- d->qiv = qmp_input_visitor_new(obj, true);
+ d->qiv = qobject_input_visitor_new(obj, true);
qobject_decref(obj_orig);
qobject_decref(obj);
visit(d->qiv, native_out, errp);
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index 2aed799..dd9ad44 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -21,7 +21,7 @@
#include "qapi/error.h"
#include "qemu/sockets.h"
#include "qemu/main-loop.h"
-#include "qapi/qmp-input-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/qmp-output-visitor.h"
#include "qapi-visit.h"
#include "qemu/cutils.h"
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 04/11] qapi: rename QmpOutputVisitor to QObjectOutputVisitor
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (2 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 03/11] qapi: rename QmpInputVisitor to QObjectInputVisitor Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 05/11] qapi: add a QmpInputVisitor that does string conversion Daniel P. Berrange
` (8 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The QmpOutputVisitor has no direct dependancy on QMP. It is
valid to use it anywhere that one wants a QObject. Rename it
to better reflect its functionality as a generic QAPI
to QObject convertor.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
block/qapi.c | 4 +-
blockdev.c | 4 +-
docs/qapi-code-gen.txt | 2 +-
...p-output-visitor.h => qobject-output-visitor.h} | 10 +-
qapi/Makefile.objs | 2 +-
qapi/qapi-clone-visitor.c | 2 +-
qapi/qmp-output-visitor.c | 256 ---------------------
qapi/qobject-output-visitor.c | 254 ++++++++++++++++++++
qemu-img.c | 8 +-
qom/object_interfaces.c | 2 +-
qom/qom-qobject.c | 4 +-
scripts/qapi-commands.py | 4 +-
scripts/qapi-event.py | 4 +-
tests/.gitignore | 2 +-
tests/Makefile.include | 8 +-
tests/check-qnull.c | 4 +-
...put-visitor.c => test-qobject-output-visitor.c} | 4 +-
tests/test-string-output-visitor.c | 2 +-
tests/test-visitor-serialization.c | 4 +-
util/qemu-sockets.c | 2 +-
20 files changed, 290 insertions(+), 292 deletions(-)
rename include/qapi/{qmp-output-visitor.h => qobject-output-visitor.h} (66%)
delete mode 100644 qapi/qmp-output-visitor.c
create mode 100644 qapi/qobject-output-visitor.c
rename tests/{test-qmp-output-visitor.c => test-qobject-output-visitor.c} (99%)
diff --git a/block/qapi.c b/block/qapi.c
index 6f947e3..f35c89f 100644
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -29,7 +29,7 @@
#include "block/write-threshold.h"
#include "qmp-commands.h"
#include "qapi-visit.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/qmp/types.h"
#include "sysemu/block-backend.h"
#include "qemu/cutils.h"
@@ -691,7 +691,7 @@ void bdrv_image_info_specific_dump(fprintf_function func_fprintf, void *f,
ImageInfoSpecific *info_spec)
{
QObject *obj, *data;
- Visitor *v = qmp_output_visitor_new(&obj);
+ Visitor *v = qobject_output_visitor_new(&obj);
visit_type_ImageInfoSpecific(v, NULL, &info_spec, &error_abort);
visit_complete(v, &obj);
diff --git a/blockdev.c b/blockdev.c
index 2161400..2d388d6 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -43,7 +43,7 @@
#include "qapi/qmp/types.h"
#include "qapi-visit.h"
#include "qapi/qmp/qerror.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/util.h"
#include "sysemu/sysemu.h"
#include "block/block_int.h"
@@ -3907,7 +3907,7 @@ void qmp_blockdev_add(BlockdevOptions *options, Error **errp)
BlockDriverState *bs;
BlockBackend *blk = NULL;
QObject *obj;
- Visitor *v = qmp_output_visitor_new(&obj);
+ Visitor *v = qobject_output_visitor_new(&obj);
QDict *qdict;
Error *local_err = NULL;
diff --git a/docs/qapi-code-gen.txt b/docs/qapi-code-gen.txt
index a011872..dd19172 100644
--- a/docs/qapi-code-gen.txt
+++ b/docs/qapi-code-gen.txt
@@ -1005,7 +1005,7 @@ Example:
Error *err = NULL;
Visitor *v;
- v = qmp_output_visitor_new(ret_out);
+ v = qobject_output_visitor_new(ret_out);
visit_type_UserDefOne(v, "unused", &ret_in, &err);
if (!err) {
visit_complete(v, ret_out);
diff --git a/include/qapi/qmp-output-visitor.h b/include/qapi/qobject-output-visitor.h
similarity index 66%
rename from include/qapi/qmp-output-visitor.h
rename to include/qapi/qobject-output-visitor.h
index 040fdda..358c959 100644
--- a/include/qapi/qmp-output-visitor.h
+++ b/include/qapi/qobject-output-visitor.h
@@ -11,20 +11,20 @@
*
*/
-#ifndef QMP_OUTPUT_VISITOR_H
-#define QMP_OUTPUT_VISITOR_H
+#ifndef QOBJECT_OUTPUT_VISITOR_H
+#define QOBJECT_OUTPUT_VISITOR_H
#include "qapi/visitor.h"
#include "qapi/qmp/qobject.h"
-typedef struct QmpOutputVisitor QmpOutputVisitor;
+typedef struct QObjectOutputVisitor QObjectOutputVisitor;
/*
- * Create a new QMP output visitor.
+ * Create a new QOBJECT output visitor.
*
* If everything else succeeds, pass @result to visit_complete() to
* collect the result of the visit.
*/
-Visitor *qmp_output_visitor_new(QObject **result);
+Visitor *qobject_output_visitor_new(QObject **result);
#endif
diff --git a/qapi/Makefile.objs b/qapi/Makefile.objs
index 6ec7bdc..33906ff 100644
--- a/qapi/Makefile.objs
+++ b/qapi/Makefile.objs
@@ -1,5 +1,5 @@
util-obj-y = qapi-visit-core.o qapi-dealloc-visitor.o qobject-input-visitor.o
-util-obj-y += qmp-output-visitor.o qmp-registry.o qmp-dispatch.o
+util-obj-y += qobject-output-visitor.o qmp-registry.o qmp-dispatch.o
util-obj-y += string-input-visitor.o string-output-visitor.o
util-obj-y += opts-visitor.o qapi-clone-visitor.o
util-obj-y += qmp-event.o
diff --git a/qapi/qapi-clone-visitor.c b/qapi/qapi-clone-visitor.c
index 0bb8216..34086cb 100644
--- a/qapi/qapi-clone-visitor.c
+++ b/qapi/qapi-clone-visitor.c
@@ -110,7 +110,7 @@ static void qapi_clone_type_str(Visitor *v, const char *name, char **obj,
assert(qcv->depth);
/*
* Pointer was already cloned by g_memdup; create fresh copy.
- * Note that as long as qmp-output-visitor accepts NULL instead of
+ * Note that as long as qobject-output-visitor accepts NULL instead of
* "", then we must do likewise. However, we want to obey the
* input visitor semantics of never producing NULL when the empty
* string is intended.
diff --git a/qapi/qmp-output-visitor.c b/qapi/qmp-output-visitor.c
deleted file mode 100644
index 9e3b67c..0000000
--- a/qapi/qmp-output-visitor.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * Core Definitions for QAPI/QMP Command Registry
- *
- * Copyright (C) 2012-2016 Red Hat, Inc.
- * Copyright IBM, Corp. 2011
- *
- * Authors:
- * Anthony Liguori <aliguori@us.ibm.com>
- *
- * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
- * See the COPYING.LIB file in the top-level directory.
- *
- */
-
-#include "qemu/osdep.h"
-#include "qapi/qmp-output-visitor.h"
-#include "qapi/visitor-impl.h"
-#include "qemu/queue.h"
-#include "qemu-common.h"
-#include "qapi/qmp/types.h"
-
-typedef struct QStackEntry
-{
- QObject *value;
- void *qapi; /* sanity check that caller uses same pointer */
- QSLIST_ENTRY(QStackEntry) node;
-} QStackEntry;
-
-struct QmpOutputVisitor
-{
- Visitor visitor;
- QSLIST_HEAD(, QStackEntry) stack; /* Stack of unfinished containers */
- QObject *root; /* Root of the output visit */
- QObject **result; /* User's storage location for result */
-};
-
-#define qmp_output_add(qov, name, value) \
- qmp_output_add_obj(qov, name, QOBJECT(value))
-#define qmp_output_push(qov, value, qapi) \
- qmp_output_push_obj(qov, QOBJECT(value), qapi)
-
-static QmpOutputVisitor *to_qov(Visitor *v)
-{
- return container_of(v, QmpOutputVisitor, visitor);
-}
-
-/* Push @value onto the stack of current QObjects being built */
-static void qmp_output_push_obj(QmpOutputVisitor *qov, QObject *value,
- void *qapi)
-{
- QStackEntry *e = g_malloc0(sizeof(*e));
-
- assert(qov->root);
- assert(value);
- e->value = value;
- e->qapi = qapi;
- QSLIST_INSERT_HEAD(&qov->stack, e, node);
-}
-
-/* Pop a value off the stack of QObjects being built, and return it. */
-static QObject *qmp_output_pop(QmpOutputVisitor *qov, void *qapi)
-{
- QStackEntry *e = QSLIST_FIRST(&qov->stack);
- QObject *value;
-
- assert(e);
- assert(e->qapi == qapi);
- QSLIST_REMOVE_HEAD(&qov->stack, node);
- value = e->value;
- assert(value);
- g_free(e);
- return value;
-}
-
-/* Add @value to the current QObject being built.
- * If the stack is visiting a dictionary or list, @value is now owned
- * by that container. Otherwise, @value is now the root. */
-static void qmp_output_add_obj(QmpOutputVisitor *qov, const char *name,
- QObject *value)
-{
- QStackEntry *e = QSLIST_FIRST(&qov->stack);
- QObject *cur = e ? e->value : NULL;
-
- if (!cur) {
- /* Don't allow reuse of visitor on more than one root */
- assert(!qov->root);
- qov->root = value;
- } else {
- switch (qobject_type(cur)) {
- case QTYPE_QDICT:
- assert(name);
- qdict_put_obj(qobject_to_qdict(cur), name, value);
- break;
- case QTYPE_QLIST:
- assert(!name);
- qlist_append_obj(qobject_to_qlist(cur), value);
- break;
- default:
- g_assert_not_reached();
- }
- }
-}
-
-static void qmp_output_start_struct(Visitor *v, const char *name, void **obj,
- size_t unused, Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- QDict *dict = qdict_new();
-
- qmp_output_add(qov, name, dict);
- qmp_output_push(qov, dict, obj);
-}
-
-static void qmp_output_end_struct(Visitor *v, void **obj)
-{
- QmpOutputVisitor *qov = to_qov(v);
- QObject *value = qmp_output_pop(qov, obj);
- assert(qobject_type(value) == QTYPE_QDICT);
-}
-
-static void qmp_output_start_list(Visitor *v, const char *name,
- GenericList **listp, size_t size,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- QList *list = qlist_new();
-
- qmp_output_add(qov, name, list);
- qmp_output_push(qov, list, listp);
-}
-
-static GenericList *qmp_output_next_list(Visitor *v, GenericList *tail,
- size_t size)
-{
- return tail->next;
-}
-
-static void qmp_output_end_list(Visitor *v, void **obj)
-{
- QmpOutputVisitor *qov = to_qov(v);
- QObject *value = qmp_output_pop(qov, obj);
- assert(qobject_type(value) == QTYPE_QLIST);
-}
-
-static void qmp_output_type_int64(Visitor *v, const char *name, int64_t *obj,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- qmp_output_add(qov, name, qint_from_int(*obj));
-}
-
-static void qmp_output_type_uint64(Visitor *v, const char *name, uint64_t *obj,
- Error **errp)
-{
- /* FIXME: QMP outputs values larger than INT64_MAX as negative */
- QmpOutputVisitor *qov = to_qov(v);
- qmp_output_add(qov, name, qint_from_int(*obj));
-}
-
-static void qmp_output_type_bool(Visitor *v, const char *name, bool *obj,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- qmp_output_add(qov, name, qbool_from_bool(*obj));
-}
-
-static void qmp_output_type_str(Visitor *v, const char *name, char **obj,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- if (*obj) {
- qmp_output_add(qov, name, qstring_from_str(*obj));
- } else {
- qmp_output_add(qov, name, qstring_from_str(""));
- }
-}
-
-static void qmp_output_type_number(Visitor *v, const char *name, double *obj,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- qmp_output_add(qov, name, qfloat_from_double(*obj));
-}
-
-static void qmp_output_type_any(Visitor *v, const char *name, QObject **obj,
- Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- qobject_incref(*obj);
- qmp_output_add_obj(qov, name, *obj);
-}
-
-static void qmp_output_type_null(Visitor *v, const char *name, Error **errp)
-{
- QmpOutputVisitor *qov = to_qov(v);
- qmp_output_add_obj(qov, name, qnull());
-}
-
-/* Finish building, and return the root object.
- * The root object is never null. The caller becomes the object's
- * owner, and should use qobject_decref() when done with it. */
-static void qmp_output_complete(Visitor *v, void *opaque)
-{
- QmpOutputVisitor *qov = to_qov(v);
-
- /* A visit must have occurred, with each start paired with end. */
- assert(qov->root && QSLIST_EMPTY(&qov->stack));
- assert(opaque == qov->result);
-
- qobject_incref(qov->root);
- *qov->result = qov->root;
- qov->result = NULL;
-}
-
-static void qmp_output_free(Visitor *v)
-{
- QmpOutputVisitor *qov = to_qov(v);
- QStackEntry *e;
-
- while (!QSLIST_EMPTY(&qov->stack)) {
- e = QSLIST_FIRST(&qov->stack);
- QSLIST_REMOVE_HEAD(&qov->stack, node);
- g_free(e);
- }
-
- qobject_decref(qov->root);
- g_free(qov);
-}
-
-Visitor *qmp_output_visitor_new(QObject **result)
-{
- QmpOutputVisitor *v;
-
- v = g_malloc0(sizeof(*v));
-
- v->visitor.type = VISITOR_OUTPUT;
- v->visitor.start_struct = qmp_output_start_struct;
- v->visitor.end_struct = qmp_output_end_struct;
- v->visitor.start_list = qmp_output_start_list;
- v->visitor.next_list = qmp_output_next_list;
- v->visitor.end_list = qmp_output_end_list;
- v->visitor.type_int64 = qmp_output_type_int64;
- v->visitor.type_uint64 = qmp_output_type_uint64;
- v->visitor.type_bool = qmp_output_type_bool;
- v->visitor.type_str = qmp_output_type_str;
- v->visitor.type_number = qmp_output_type_number;
- v->visitor.type_any = qmp_output_type_any;
- v->visitor.type_null = qmp_output_type_null;
- v->visitor.complete = qmp_output_complete;
- v->visitor.free = qmp_output_free;
-
- *result = NULL;
- v->result = result;
-
- return &v->visitor;
-}
diff --git a/qapi/qobject-output-visitor.c b/qapi/qobject-output-visitor.c
new file mode 100644
index 0000000..df43cb8
--- /dev/null
+++ b/qapi/qobject-output-visitor.c
@@ -0,0 +1,254 @@
+/*
+ * Core Definitions for QAPI/QMP Command Registry
+ *
+ * Copyright (C) 2012-2016 Red Hat, Inc.
+ * Copyright IBM, Corp. 2011
+ *
+ * Authors:
+ * Anthony Liguori <aliguori@us.ibm.com>
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/qobject-output-visitor.h"
+#include "qapi/visitor-impl.h"
+#include "qemu/queue.h"
+#include "qemu-common.h"
+#include "qapi/qmp/types.h"
+
+typedef struct QStackEntry {
+ QObject *value;
+ void *qapi; /* sanity check that caller uses same pointer */
+ QSLIST_ENTRY(QStackEntry) node;
+} QStackEntry;
+
+struct QObjectOutputVisitor {
+ Visitor visitor;
+ QSLIST_HEAD(, QStackEntry) stack; /* Stack of unfinished containers */
+ QObject *root; /* Root of the output visit */
+ QObject **result; /* User's storage location for result */
+};
+
+#define qobject_output_add(qov, name, value) \
+ qobject_output_add_obj(qov, name, QOBJECT(value))
+#define qobject_output_push(qov, value, qapi) \
+ qobject_output_push_obj(qov, QOBJECT(value), qapi)
+
+static QObjectOutputVisitor *to_qov(Visitor *v)
+{
+ return container_of(v, QObjectOutputVisitor, visitor);
+}
+
+/* Push @value onto the stack of current QObjects being built */
+static void qobject_output_push_obj(QObjectOutputVisitor *qov, QObject *value,
+ void *qapi)
+{
+ QStackEntry *e = g_malloc0(sizeof(*e));
+
+ assert(qov->root);
+ assert(value);
+ e->value = value;
+ e->qapi = qapi;
+ QSLIST_INSERT_HEAD(&qov->stack, e, node);
+}
+
+/* Pop a value off the stack of QObjects being built, and return it. */
+static QObject *qobject_output_pop(QObjectOutputVisitor *qov, void *qapi)
+{
+ QStackEntry *e = QSLIST_FIRST(&qov->stack);
+ QObject *value;
+
+ assert(e);
+ assert(e->qapi == qapi);
+ QSLIST_REMOVE_HEAD(&qov->stack, node);
+ value = e->value;
+ assert(value);
+ g_free(e);
+ return value;
+}
+
+/* Add @value to the current QObject being built.
+ * If the stack is visiting a dictionary or list, @value is now owned
+ * by that container. Otherwise, @value is now the root. */
+static void qobject_output_add_obj(QObjectOutputVisitor *qov, const char *name,
+ QObject *value)
+{
+ QStackEntry *e = QSLIST_FIRST(&qov->stack);
+ QObject *cur = e ? e->value : NULL;
+
+ if (!cur) {
+ /* Don't allow reuse of visitor on more than one root */
+ assert(!qov->root);
+ qov->root = value;
+ } else {
+ switch (qobject_type(cur)) {
+ case QTYPE_QDICT:
+ assert(name);
+ qdict_put_obj(qobject_to_qdict(cur), name, value);
+ break;
+ case QTYPE_QLIST:
+ assert(!name);
+ qlist_append_obj(qobject_to_qlist(cur), value);
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ }
+}
+
+static void qobject_output_start_struct(Visitor *v, const char *name,
+ void **obj, size_t unused, Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ QDict *dict = qdict_new();
+
+ qobject_output_add(qov, name, dict);
+ qobject_output_push(qov, dict, obj);
+}
+
+static void qobject_output_end_struct(Visitor *v, void **obj)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ QObject *value = qobject_output_pop(qov, obj);
+ assert(qobject_type(value) == QTYPE_QDICT);
+}
+
+static void qobject_output_start_list(Visitor *v, const char *name,
+ GenericList **listp, size_t size,
+ Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ QList *list = qlist_new();
+
+ qobject_output_add(qov, name, list);
+ qobject_output_push(qov, list, listp);
+}
+
+static GenericList *qobject_output_next_list(Visitor *v, GenericList *tail,
+ size_t size)
+{
+ return tail->next;
+}
+
+static void qobject_output_end_list(Visitor *v, void **obj)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ QObject *value = qobject_output_pop(qov, obj);
+ assert(qobject_type(value) == QTYPE_QLIST);
+}
+
+static void qobject_output_type_int64(Visitor *v, const char *name,
+ int64_t *obj, Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_output_add(qov, name, qint_from_int(*obj));
+}
+
+static void qobject_output_type_uint64(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
+{
+ /* FIXME: QOBJECT outputs values larger than INT64_MAX as negative */
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_output_add(qov, name, qint_from_int(*obj));
+}
+
+static void qobject_output_type_bool(Visitor *v, const char *name, bool *obj,
+ Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_output_add(qov, name, qbool_from_bool(*obj));
+}
+
+static void qobject_output_type_str(Visitor *v, const char *name, char **obj,
+ Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ if (*obj) {
+ qobject_output_add(qov, name, qstring_from_str(*obj));
+ } else {
+ qobject_output_add(qov, name, qstring_from_str(""));
+ }
+}
+
+static void qobject_output_type_number(Visitor *v, const char *name,
+ double *obj, Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_output_add(qov, name, qfloat_from_double(*obj));
+}
+
+static void qobject_output_type_any(Visitor *v, const char *name,
+ QObject **obj, Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_incref(*obj);
+ qobject_output_add_obj(qov, name, *obj);
+}
+
+static void qobject_output_type_null(Visitor *v, const char *name, Error **errp)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ qobject_output_add_obj(qov, name, qnull());
+}
+
+/* Finish building, and return the root object.
+ * The root object is never null. The caller becomes the object's
+ * owner, and should use qobject_decref() when done with it. */
+static void qobject_output_complete(Visitor *v, void *opaque)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+
+ /* A visit must have occurred, with each start paired with end. */
+ assert(qov->root && QSLIST_EMPTY(&qov->stack));
+ assert(opaque == qov->result);
+
+ qobject_incref(qov->root);
+ *qov->result = qov->root;
+ qov->result = NULL;
+}
+
+static void qobject_output_free(Visitor *v)
+{
+ QObjectOutputVisitor *qov = to_qov(v);
+ QStackEntry *e;
+
+ while (!QSLIST_EMPTY(&qov->stack)) {
+ e = QSLIST_FIRST(&qov->stack);
+ QSLIST_REMOVE_HEAD(&qov->stack, node);
+ g_free(e);
+ }
+
+ qobject_decref(qov->root);
+ g_free(qov);
+}
+
+Visitor *qobject_output_visitor_new(QObject **result)
+{
+ QObjectOutputVisitor *v;
+
+ v = g_malloc0(sizeof(*v));
+
+ v->visitor.type = VISITOR_OUTPUT;
+ v->visitor.start_struct = qobject_output_start_struct;
+ v->visitor.end_struct = qobject_output_end_struct;
+ v->visitor.start_list = qobject_output_start_list;
+ v->visitor.next_list = qobject_output_next_list;
+ v->visitor.end_list = qobject_output_end_list;
+ v->visitor.type_int64 = qobject_output_type_int64;
+ v->visitor.type_uint64 = qobject_output_type_uint64;
+ v->visitor.type_bool = qobject_output_type_bool;
+ v->visitor.type_str = qobject_output_type_str;
+ v->visitor.type_number = qobject_output_type_number;
+ v->visitor.type_any = qobject_output_type_any;
+ v->visitor.type_null = qobject_output_type_null;
+ v->visitor.complete = qobject_output_complete;
+ v->visitor.free = qobject_output_free;
+
+ *result = NULL;
+ v->result = result;
+
+ return &v->visitor;
+}
diff --git a/qemu-img.c b/qemu-img.c
index f204d041..a6e9c1e 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -25,7 +25,7 @@
#include "qemu-version.h"
#include "qapi/error.h"
#include "qapi-visit.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/qmp/qerror.h"
#include "qapi/qmp/qjson.h"
#include "qemu/cutils.h"
@@ -492,7 +492,7 @@ static void dump_json_image_check(ImageCheck *check, bool quiet)
{
QString *str;
QObject *obj;
- Visitor *v = qmp_output_visitor_new(&obj);
+ Visitor *v = qobject_output_visitor_new(&obj);
visit_type_ImageCheck(v, NULL, &check, &error_abort);
visit_complete(v, &obj);
@@ -2183,7 +2183,7 @@ static void dump_json_image_info_list(ImageInfoList *list)
{
QString *str;
QObject *obj;
- Visitor *v = qmp_output_visitor_new(&obj);
+ Visitor *v = qobject_output_visitor_new(&obj);
visit_type_ImageInfoList(v, NULL, &list, &error_abort);
visit_complete(v, &obj);
@@ -2199,7 +2199,7 @@ static void dump_json_image_info(ImageInfo *info)
{
QString *str;
QObject *obj;
- Visitor *v = qmp_output_visitor_new(&obj);
+ Visitor *v = qobject_output_visitor_new(&obj);
visit_type_ImageInfo(v, NULL, &info, &error_abort);
visit_complete(v, &obj);
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index bf59846..ded4d84 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -3,7 +3,7 @@
#include "qom/object_interfaces.h"
#include "qemu/module.h"
#include "qapi-visit.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/opts-visitor.h"
void user_creatable_complete(Object *obj, Error **errp)
diff --git a/qom/qom-qobject.c b/qom/qom-qobject.c
index 81959e0..447e4a0 100644
--- a/qom/qom-qobject.c
+++ b/qom/qom-qobject.c
@@ -16,7 +16,7 @@
#include "qom/qom-qobject.h"
#include "qapi/visitor.h"
#include "qapi/qobject-input-visitor.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
void object_property_set_qobject(Object *obj, QObject *value,
const char *name, Error **errp)
@@ -35,7 +35,7 @@ QObject *object_property_get_qobject(Object *obj, const char *name,
Error *local_err = NULL;
Visitor *v;
- v = qmp_output_visitor_new(&ret);
+ v = qobject_output_visitor_new(&ret);
object_property_get(obj, v, name, &local_err);
if (!local_err) {
visit_complete(v, &ret);
diff --git a/scripts/qapi-commands.py b/scripts/qapi-commands.py
index 3010163..bf8372f 100644
--- a/scripts/qapi-commands.py
+++ b/scripts/qapi-commands.py
@@ -68,7 +68,7 @@ static void qmp_marshal_output_%(c_name)s(%(c_type)s ret_in, QObject **ret_out,
Error *err = NULL;
Visitor *v;
- v = qmp_output_visitor_new(ret_out);
+ v = qobject_output_visitor_new(ret_out);
visit_type_%(c_name)s(v, "unused", &ret_in, &err);
if (!err) {
visit_complete(v, ret_out);
@@ -278,7 +278,7 @@ fdef.write(mcgen('''
#include "qapi/qmp/types.h"
#include "qapi/qmp/dispatch.h"
#include "qapi/visitor.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/qobject-input-visitor.h"
#include "qapi/dealloc-visitor.h"
#include "%(prefix)sqapi-types.h"
diff --git a/scripts/qapi-event.py b/scripts/qapi-event.py
index 38d8211..f4eb7f8 100644
--- a/scripts/qapi-event.py
+++ b/scripts/qapi-event.py
@@ -98,7 +98,7 @@ def gen_event_send(name, arg_type, boxed):
if arg_type and not arg_type.is_empty():
ret += mcgen('''
- v = qmp_output_visitor_new(&obj);
+ v = qobject_output_visitor_new(&obj);
''')
if not arg_type.is_implicit():
ret += mcgen('''
@@ -209,7 +209,7 @@ fdef.write(mcgen('''
#include "qemu-common.h"
#include "%(prefix)sqapi-event.h"
#include "%(prefix)sqapi-visit.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/qmp-event.h"
''',
diff --git a/tests/.gitignore b/tests/.gitignore
index 4ec0a1a..576b87b 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -61,7 +61,7 @@ test-qobject-input-strict
test-qobject-input-visitor
test-qmp-introspect.[ch]
test-qmp-marshal.c
-test-qmp-output-visitor
+test-qobject-output-visitor
test-rcu-list
test-rfifolock
test-string-input-visitor
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 5ac61b7..716fafd 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -20,8 +20,8 @@ check-unit-y += tests/check-qnull$(EXESUF)
gcov-files-check-qnull-y = qobject/qnull.c
check-unit-y += tests/check-qjson$(EXESUF)
gcov-files-check-qjson-y = qobject/qjson.c
-check-unit-y += tests/test-qmp-output-visitor$(EXESUF)
-gcov-files-test-qmp-output-visitor-y = qapi/qmp-output-visitor.c
+check-unit-y += tests/test-qobject-output-visitor$(EXESUF)
+gcov-files-test-qobject-output-visitor-y = qapi/qobject-output-visitor.c
check-unit-y += tests/test-clone-visitor$(EXESUF)
gcov-files-test-clone-visitor-y = qapi/qapi-clone-visitor.c
check-unit-y += tests/test-qobject-input-visitor$(EXESUF)
@@ -413,7 +413,7 @@ test-obj-y = tests/check-qint.o tests/check-qstring.o tests/check-qdict.o \
tests/check-qlist.o tests/check-qfloat.o tests/check-qnull.o \
tests/check-qjson.o \
tests/test-coroutine.o tests/test-string-output-visitor.o \
- tests/test-string-input-visitor.o tests/test-qmp-output-visitor.o \
+ tests/test-string-input-visitor.o tests/test-qobject-output-visitor.o \
tests/test-clone-visitor.o \
tests/test-qobject-input-visitor.o tests/test-qobject-input-strict.o \
tests/test-qmp-commands.o tests/test-visitor-serialization.o \
@@ -512,7 +512,7 @@ $(SRC_PATH)/tests/qapi-schema/qapi-schema-test.json $(SRC_PATH)/scripts/qapi-int
tests/test-string-output-visitor$(EXESUF): tests/test-string-output-visitor.o $(test-qapi-obj-y)
tests/test-string-input-visitor$(EXESUF): tests/test-string-input-visitor.o $(test-qapi-obj-y)
tests/test-qmp-event$(EXESUF): tests/test-qmp-event.o $(test-qapi-obj-y)
-tests/test-qmp-output-visitor$(EXESUF): tests/test-qmp-output-visitor.o $(test-qapi-obj-y)
+tests/test-qobject-output-visitor$(EXESUF): tests/test-qobject-output-visitor.o $(test-qapi-obj-y)
tests/test-clone-visitor$(EXESUF): tests/test-clone-visitor.o $(test-qapi-obj-y)
tests/test-qobject-input-visitor$(EXESUF): tests/test-qobject-input-visitor.o $(test-qapi-obj-y)
tests/test-qobject-input-strict$(EXESUF): tests/test-qobject-input-strict.o $(test-qapi-obj-y)
diff --git a/tests/check-qnull.c b/tests/check-qnull.c
index eeb803a..b50bb8a 100644
--- a/tests/check-qnull.c
+++ b/tests/check-qnull.c
@@ -11,7 +11,7 @@
#include "qapi/qmp/qobject.h"
#include "qemu-common.h"
#include "qapi/qobject-input-visitor.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/error.h"
/*
@@ -52,7 +52,7 @@ static void qnull_visit_test(void)
visit_type_null(v, NULL, &error_abort);
visit_free(v);
- v = qmp_output_visitor_new(&obj);
+ v = qobject_output_visitor_new(&obj);
visit_type_null(v, NULL, &error_abort);
visit_complete(v, &obj);
g_assert(obj == &qnull_);
diff --git a/tests/test-qmp-output-visitor.c b/tests/test-qobject-output-visitor.c
similarity index 99%
rename from tests/test-qmp-output-visitor.c
rename to tests/test-qobject-output-visitor.c
index 513d71f..8f46c71 100644
--- a/tests/test-qmp-output-visitor.c
+++ b/tests/test-qobject-output-visitor.c
@@ -14,7 +14,7 @@
#include "qemu-common.h"
#include "qapi/error.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "test-qapi-types.h"
#include "test-qapi-visit.h"
#include "qapi/qmp/types.h"
@@ -28,7 +28,7 @@ typedef struct TestOutputVisitorData {
static void visitor_output_setup(TestOutputVisitorData *data,
const void *unused)
{
- data->ov = qmp_output_visitor_new(&data->obj);
+ data->ov = qobject_output_visitor_new(&data->obj);
g_assert(data->ov);
}
diff --git a/tests/test-string-output-visitor.c b/tests/test-string-output-visitor.c
index 444844a..e736db3 100644
--- a/tests/test-string-output-visitor.c
+++ b/tests/test-string-output-visitor.c
@@ -4,7 +4,7 @@
* Copyright (C) 2012 Red Hat Inc.
*
* Authors:
- * Paolo Bonzini <pbonzini@redhat.com> (based on test-qmp-output-visitor)
+ * Paolo Bonzini <pbonzini@redhat.com> (based on test-qobject-output-visitor)
*
* This work is licensed under the terms of the GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
diff --git a/tests/test-visitor-serialization.c b/tests/test-visitor-serialization.c
index 51df428..66b2b1c 100644
--- a/tests/test-visitor-serialization.c
+++ b/tests/test-visitor-serialization.c
@@ -21,7 +21,7 @@
#include "qapi/qmp/types.h"
#include "qapi/qmp/qjson.h"
#include "qapi/qobject-input-visitor.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi/string-input-visitor.h"
#include "qapi/string-output-visitor.h"
#include "qapi-types.h"
@@ -1022,7 +1022,7 @@ static void qmp_serialize(void *native_in, void **datap,
{
QmpSerializeData *d = g_malloc0(sizeof(*d));
- d->qov = qmp_output_visitor_new(&d->obj);
+ d->qov = qobject_output_visitor_new(&d->obj);
visit(d->qov, &native_in, errp);
*datap = d;
}
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index dd9ad44..3a11e43 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -22,7 +22,7 @@
#include "qemu/sockets.h"
#include "qemu/main-loop.h"
#include "qapi/qobject-input-visitor.h"
-#include "qapi/qmp-output-visitor.h"
+#include "qapi/qobject-output-visitor.h"
#include "qapi-visit.h"
#include "qemu/cutils.h"
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 05/11] qapi: add a QmpInputVisitor that does string conversion
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (3 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 04/11] qapi: rename QmpOutputVisitor to QObjectOutputVisitor Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 06/11] qom: support arbitrary non-scalar properties with -object Daniel P. Berrange
` (7 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
Currently the QmpInputVisitor assumes that all scalar
values are directly represented as their final types.
ie it assumes an 'int' is using QInt, and a 'bool' is
using QBool.
This adds an alternative constructor for QmpInputVisitor
that will set it up such that it expects a QString for
all scalar types instead.
This makes it possible to use QmpInputVisitor with a
QDict produced from QemuOpts, where everything is in
string format.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
include/qapi/qobject-input-visitor.h | 41 +++++++++-
qapi/qobject-input-visitor.c | 115 +++++++++++++++++++++++++-
tests/test-qobject-input-visitor.c | 152 ++++++++++++++++++++++++++++++++++-
3 files changed, 298 insertions(+), 10 deletions(-)
diff --git a/include/qapi/qobject-input-visitor.h b/include/qapi/qobject-input-visitor.h
index cde328d..aa911cb 100644
--- a/include/qapi/qobject-input-visitor.h
+++ b/include/qapi/qobject-input-visitor.h
@@ -19,12 +19,45 @@
typedef struct QObjectInputVisitor QObjectInputVisitor;
-/*
- * Return a new input visitor that converts a QObject to a QAPI object.
+/**
+ * qobject_input_visitor_new:
+ * @obj: the input object to visit
+ * @strict: whether to require that all input keys are consumed
+ *
+ * Create a new input visitor that converts a QObject to a QAPI object.
+ *
+ * Any scalar values in the @obj input data structure should be in the
+ * required type already. i.e. if visiting a bool, the value should
+ * already be a QBool instance.
*
- * Set @strict to reject a parse that doesn't consume all keys of a
- * dictionary; otherwise excess input is ignored.
+ * If @strict is set to true, then an error will be reported if any
+ * dict keys are not consumed during visitation.
+ *
+ * The returned input visitor should be released by calling
+ * visit_free() when no longer required.
+ *
+ * Returns: a new input visitor
*/
Visitor *qobject_input_visitor_new(QObject *obj, bool strict);
+/**
+ * qobject_string_input_visitor_new:
+ * @obj: the input object to visit
+ *
+ * Create a new input visitor that converts a QObject to a QAPI object.
+ *
+ * Any scalar values in the @obj input data structure should always be
+ * represented as strings. i.e. if visiting a boolean, the value should
+ * be a QString whose contents represent a valid boolean.
+ *
+ * The visitor always operates in strict mode, requiring all dict keys
+ * to be consumed during visitation.
+ *
+ * The returned input visitor should be released by calling
+ * visit_free() when no longer required.
+ *
+ * Returns: a new input visitor
+ */
+Visitor *qobject_string_input_visitor_new(QObject *obj);
+
#endif
diff --git a/qapi/qobject-input-visitor.c b/qapi/qobject-input-visitor.c
index 5ff3db3..b79c229 100644
--- a/qapi/qobject-input-visitor.c
+++ b/qapi/qobject-input-visitor.c
@@ -20,6 +20,7 @@
#include "qemu-common.h"
#include "qapi/qmp/types.h"
#include "qapi/qmp/qerror.h"
+#include "qemu/cutils.h"
#define QIV_STACK_SIZE 1024
@@ -263,6 +264,18 @@ static void qobject_input_type_int64(Visitor *v, const char *name, int64_t *obj,
*obj = qint_get_int(qint);
}
+static void qobject_input_type_int64_str(Visitor *v, const char *name,
+ int64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
+ uint64_t ret;
+
+ parse_option_number(name, qstr ? qstr->string : NULL, &ret, errp);
+ *obj = ret;
+}
+
static void qobject_input_type_uint64(Visitor *v, const char *name,
uint64_t *obj, Error **errp)
{
@@ -279,6 +292,16 @@ static void qobject_input_type_uint64(Visitor *v, const char *name,
*obj = qint_get_int(qint);
}
+static void qobject_input_type_uint64_str(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
+
+ parse_option_number(name, qstr ? qstr->string : NULL, obj, errp);
+}
+
static void qobject_input_type_bool(Visitor *v, const char *name, bool *obj,
Error **errp)
{
@@ -294,6 +317,16 @@ static void qobject_input_type_bool(Visitor *v, const char *name, bool *obj,
*obj = qbool_get_bool(qbool);
}
+static void qobject_input_type_bool_str(Visitor *v, const char *name, bool *obj,
+ Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
+
+ parse_option_bool(name, qstr ? qstr->string : NULL, obj, errp);
+}
+
static void qobject_input_type_str(Visitor *v, const char *name, char **obj,
Error **errp)
{
@@ -312,8 +345,8 @@ static void qobject_input_type_str(Visitor *v, const char *name, char **obj,
}
static void qobject_input_type_number(Visitor *v, const char *name, double *obj,
- Error **errp)
-{
+ Error **errp){
+
QObjectInputVisitor *qiv = to_qiv(v);
QObject *qobj = qobject_input_get_object(qiv, name, true);
QInt *qint;
@@ -335,6 +368,26 @@ static void qobject_input_type_number(Visitor *v, const char *name, double *obj,
"number");
}
+static void qobject_input_type_number_str(Visitor *v, const char *name,
+ double *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
+ char *endp;
+
+ if (qstr && qstr->string) {
+ errno = 0;
+ *obj = strtod(qstr->string, &endp);
+ if (errno == 0 && endp != qstr->string && *endp == '\0') {
+ return;
+ }
+ }
+
+ error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+ "number");
+}
+
static void qobject_input_type_any(Visitor *v, const char *name, QObject **obj,
Error **errp)
{
@@ -356,6 +409,32 @@ static void qobject_input_type_null(Visitor *v, const char *name, Error **errp)
}
}
+static void qobject_input_type_size_str(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QString *qstr = qobject_to_qstring(qobject_input_get_object(qiv, name,
+ true));
+ int64_t val;
+ char *endptr;
+
+ if (qstr && qstr->string) {
+ val = qemu_strtosz_suffix(qstr->string, &endptr,
+ QEMU_STRTOSZ_DEFSUFFIX_B);
+ if (val < 0 || *endptr) {
+ error_setg(errp, QERR_INVALID_PARAMETER_VALUE, name,
+ "a size value representible as a non-negative int64");
+ return;
+ }
+
+ *obj = val;
+ return;
+ }
+
+ error_setg(errp, QERR_INVALID_PARAMETER_TYPE, name ? name : "null",
+ "size");
+}
+
static void qobject_input_optional(Visitor *v, const char *name, bool *present)
{
QObjectInputVisitor *qiv = to_qiv(v);
@@ -413,3 +492,35 @@ Visitor *qobject_input_visitor_new(QObject *obj, bool strict)
return &v->visitor;
}
+
+Visitor *qobject_string_input_visitor_new(QObject *obj)
+{
+ QObjectInputVisitor *v;
+
+ v = g_malloc0(sizeof(*v));
+
+ v->visitor.type = VISITOR_INPUT;
+ v->visitor.start_struct = qobject_input_start_struct;
+ v->visitor.check_struct = qobject_input_check_struct;
+ v->visitor.end_struct = qobject_input_pop;
+ v->visitor.start_list = qobject_input_start_list;
+ v->visitor.next_list = qobject_input_next_list;
+ v->visitor.end_list = qobject_input_pop;
+ v->visitor.start_alternate = qobject_input_start_alternate;
+ v->visitor.type_int64 = qobject_input_type_int64_str;
+ v->visitor.type_uint64 = qobject_input_type_uint64_str;
+ v->visitor.type_bool = qobject_input_type_bool_str;
+ v->visitor.type_str = qobject_input_type_str;
+ v->visitor.type_number = qobject_input_type_number_str;
+ v->visitor.type_any = qobject_input_type_any;
+ v->visitor.type_null = qobject_input_type_null;
+ v->visitor.type_size = qobject_input_type_size_str;
+ v->visitor.optional = qobject_input_optional;
+ v->visitor.free = qobject_input_free;
+ v->strict = true;
+
+ v->root = obj;
+ qobject_incref(obj);
+
+ return &v->visitor;
+}
diff --git a/tests/test-qobject-input-visitor.c b/tests/test-qobject-input-visitor.c
index 02895f0..1f60ad8 100644
--- a/tests/test-qobject-input-visitor.c
+++ b/tests/test-qobject-input-visitor.c
@@ -41,6 +41,7 @@ static void visitor_input_teardown(TestInputVisitorData *data,
function so that the JSON string used by the tests are kept in the test
functions (and not in main()). */
static Visitor *visitor_input_test_init_internal(TestInputVisitorData *data,
+ bool strict, bool autocast,
const char *json_string,
va_list *ap)
{
@@ -49,11 +50,31 @@ static Visitor *visitor_input_test_init_internal(TestInputVisitorData *data,
data->obj = qobject_from_jsonv(json_string, ap);
g_assert(data->obj);
- data->qiv = qobject_input_visitor_new(data->obj, false);
+ if (autocast) {
+ assert(strict);
+ data->qiv = qobject_string_input_visitor_new(data->obj);
+ } else {
+ data->qiv = qobject_input_visitor_new(data->obj, strict);
+ }
g_assert(data->qiv);
return data->qiv;
}
+static GCC_FMT_ATTR(4, 5)
+Visitor *visitor_input_test_init_full(TestInputVisitorData *data,
+ bool strict, bool autocast,
+ const char *json_string, ...)
+{
+ Visitor *v;
+ va_list ap;
+
+ va_start(ap, json_string);
+ v = visitor_input_test_init_internal(data, strict, autocast,
+ json_string, &ap);
+ va_end(ap);
+ return v;
+}
+
static GCC_FMT_ATTR(2, 3)
Visitor *visitor_input_test_init(TestInputVisitorData *data,
const char *json_string, ...)
@@ -62,7 +83,8 @@ Visitor *visitor_input_test_init(TestInputVisitorData *data,
va_list ap;
va_start(ap, json_string);
- v = visitor_input_test_init_internal(data, json_string, &ap);
+ v = visitor_input_test_init_internal(data, true, false,
+ json_string, &ap);
va_end(ap);
return v;
}
@@ -77,7 +99,8 @@ Visitor *visitor_input_test_init(TestInputVisitorData *data,
static Visitor *visitor_input_test_init_raw(TestInputVisitorData *data,
const char *json_string)
{
- return visitor_input_test_init_internal(data, json_string, NULL);
+ return visitor_input_test_init_internal(data, true, false,
+ json_string, NULL);
}
static void test_visitor_in_int(TestInputVisitorData *data,
@@ -109,6 +132,33 @@ static void test_visitor_in_int_overflow(TestInputVisitorData *data,
error_free_or_abort(&err);
}
+static void test_visitor_in_int_autocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ int64_t res = 0, value = -42;
+ Visitor *v;
+
+ v = visitor_input_test_init_full(data, true, true,
+ "\"-42\"");
+
+ visit_type_int(v, NULL, &res, &error_abort);
+ g_assert_cmpint(res, ==, value);
+}
+
+static void test_visitor_in_int_noautocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ int64_t res = 0;
+ Visitor *v;
+ Error *err = NULL;
+
+ v = visitor_input_test_init(data, "\"-42\"");
+
+ visit_type_int(v, NULL, &res, &err);
+ g_assert(err != NULL);
+ error_free(err);
+}
+
static void test_visitor_in_bool(TestInputVisitorData *data,
const void *unused)
{
@@ -121,6 +171,32 @@ static void test_visitor_in_bool(TestInputVisitorData *data,
g_assert_cmpint(res, ==, true);
}
+static void test_visitor_in_bool_autocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ bool res = false;
+ Visitor *v;
+
+ v = visitor_input_test_init_full(data, true, true, "\"yes\"");
+
+ visit_type_bool(v, NULL, &res, &error_abort);
+ g_assert_cmpint(res, ==, true);
+}
+
+static void test_visitor_in_bool_noautocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ bool res = false;
+ Visitor *v;
+ Error *err = NULL;
+
+ v = visitor_input_test_init(data, "\"true\"");
+
+ visit_type_bool(v, NULL, &res, &err);
+ g_assert(err != NULL);
+ error_free(err);
+}
+
static void test_visitor_in_number(TestInputVisitorData *data,
const void *unused)
{
@@ -133,6 +209,58 @@ static void test_visitor_in_number(TestInputVisitorData *data,
g_assert_cmpfloat(res, ==, value);
}
+static void test_visitor_in_number_autocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ double res = 0, value = 3.14;
+ Visitor *v;
+
+ v = visitor_input_test_init_full(data, true, true, "\"3.14\"");
+
+ visit_type_number(v, NULL, &res, &error_abort);
+ g_assert_cmpfloat(res, ==, value);
+}
+
+static void test_visitor_in_number_noautocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ double res = 0;
+ Visitor *v;
+ Error *err = NULL;
+
+ v = visitor_input_test_init(data, "\"3.14\"");
+
+ visit_type_number(v, NULL, &res, &err);
+ g_assert(err != NULL);
+ error_free(err);
+}
+
+static void test_visitor_in_size_autocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ uint64_t res, value = 500 * 1024 * 1024;
+ Visitor *v;
+
+ v = visitor_input_test_init_full(data, true, true, "\"500M\"");
+
+ visit_type_size(v, NULL, &res, &error_abort);
+ g_assert_cmpfloat(res, ==, value);
+}
+
+static void test_visitor_in_size_noautocast(TestInputVisitorData *data,
+ const void *unused)
+{
+ uint64_t res = 0;
+ Visitor *v;
+ Error *err = NULL;
+
+ v = visitor_input_test_init(data, "\"500M\"");
+
+ visit_type_size(v, NULL, &res, &err);
+ g_assert(err != NULL);
+ error_free(err);
+}
+
static void test_visitor_in_string(TestInputVisitorData *data,
const void *unused)
{
@@ -289,7 +417,7 @@ static void test_visitor_in_null(TestInputVisitorData *data,
* when input is not null.
*/
- v = visitor_input_test_init(data, "{ 'a': null, 'b': '' }");
+ v = visitor_input_test_init_full(data, false, false, "{ 'a': null, 'b': '' }");
visit_start_struct(v, NULL, NULL, 0, &error_abort);
visit_type_null(v, "a", &error_abort);
visit_type_str(v, "a", &tmp, &err);
@@ -841,10 +969,26 @@ int main(int argc, char **argv)
&in_visitor_data, test_visitor_in_int);
input_visitor_test_add("/visitor/input/int_overflow",
&in_visitor_data, test_visitor_in_int_overflow);
+ input_visitor_test_add("/visitor/input/int_autocast",
+ &in_visitor_data, test_visitor_in_int_autocast);
+ input_visitor_test_add("/visitor/input/int_noautocast",
+ &in_visitor_data, test_visitor_in_int_noautocast);
input_visitor_test_add("/visitor/input/bool",
&in_visitor_data, test_visitor_in_bool);
+ input_visitor_test_add("/visitor/input/bool_autocast",
+ &in_visitor_data, test_visitor_in_bool_autocast);
+ input_visitor_test_add("/visitor/input/bool_noautocast",
+ &in_visitor_data, test_visitor_in_bool_noautocast);
input_visitor_test_add("/visitor/input/number",
&in_visitor_data, test_visitor_in_number);
+ input_visitor_test_add("/visitor/input/number_autocast",
+ &in_visitor_data, test_visitor_in_number_autocast);
+ input_visitor_test_add("/visitor/input/number_noautocast",
+ &in_visitor_data, test_visitor_in_number_noautocast);
+ input_visitor_test_add("/visitor/input/size_autocast",
+ &in_visitor_data, test_visitor_in_size_autocast);
+ input_visitor_test_add("/visitor/input/size_noautocast",
+ &in_visitor_data, test_visitor_in_size_noautocast);
input_visitor_test_add("/visitor/input/string",
&in_visitor_data, test_visitor_in_string);
input_visitor_test_add("/visitor/input/enum",
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 06/11] qom: support arbitrary non-scalar properties with -object
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (4 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 05/11] qapi: add a QmpInputVisitor that does string conversion Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 07/11] util: add QAuthZ object as an authorization base class Daniel P. Berrange
` (6 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The current -object command line syntax only allows for
creation of objects with scalar properties, or a list
with a fixed scalar element type. Objects which have
properties that are represented as structs in the QAPI
schema cannot be created using -object.
This is a design limitation of the way the OptsVisitor
is written. It simply iterates over the QemuOpts values
as a flat list. The support for lists is enabled by
allowing the same key to be repeated in the opts string.
It is not practical to extend the OptsVisitor to support
more complex data structures while also maintaining
the existing list handling behaviour that is relied upon
by other areas of QEMU.
Fortunately there is no existing object that implements
the UserCreatable interface that relies on the list
handling behaviour, so it is possible to swap out the
OptsVisitor for a different visitor implementation, so
-object supports non-scalar properties, thus leaving
other users of OptsVisitor unaffected.
The previously added qdict_crumple() method is able to
take a qdict containing a flat set of properties and
turn that into a arbitrarily nested set of dicts and
lists. By combining qemu_opts_to_qdict and qdict_crumple()
together, we can turn the opt string into a data structure
that is practically identical to that passed over QMP
when defining an object. The only difference is that all
the scalar values are represented as strings, rather than
strings, ints and bools. This is sufficient to let us
replace the OptsVisitor with the QMPInputVisitor for
use with -object.
Thus -object can now support non-scalar properties,
for example the QMP object
{
"execute": "object-add",
"arguments": {
"qom-type": "demo",
"id": "demo0",
"parameters": {
"foo": [
{ "bar": "one", "wizz": "1" },
{ "bar": "two", "wizz": "2" }
]
}
}
}
Would be creatable via the CLI now using
$QEMU \
-object demo,id=demo0,\
foo.0.bar=one,foo.0.wizz=1,\
foo.1.bar=two,foo.1.wizz=2
Notice that this syntax is intentionally compatible
with that currently used by block drivers.
This is also wired up to work for the 'object_add' command
in the HMP monitor with the same syntax.
(hmp) object_add demo,id=demo0,\
foo.0.bar=one,foo.0.wizz=1,\
foo.1.bar=two,foo.1.wizz=2
NB indentation should not be used with HMP commands, this
is just for convenient formatting in this commit message.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
hmp.c | 16 +-
include/qom/object_interfaces.h | 10 +-
qmp.c | 2 +-
qom/object_interfaces.c | 45 ++++--
tests/check-qom-proplist.c | 314 +++++++++++++++++++++++++++++++++++++++-
5 files changed, 358 insertions(+), 29 deletions(-)
diff --git a/hmp.c b/hmp.c
index cc2056e..f1f75d0 100644
--- a/hmp.c
+++ b/hmp.c
@@ -25,7 +25,7 @@
#include "qemu/sockets.h"
#include "monitor/monitor.h"
#include "monitor/qdev.h"
-#include "qapi/opts-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/qmp/qerror.h"
#include "qapi/string-output-visitor.h"
#include "qapi/util.h"
@@ -1693,20 +1693,14 @@ void hmp_netdev_del(Monitor *mon, const QDict *qdict)
void hmp_object_add(Monitor *mon, const QDict *qdict)
{
Error *err = NULL;
- QemuOpts *opts;
Visitor *v;
Object *obj = NULL;
+ QDict *pdict = qdict_clone_shallow(qdict);
- opts = qemu_opts_from_qdict(qemu_find_opts("object"), qdict, &err);
- if (err) {
- hmp_handle_error(mon, &err);
- return;
- }
-
- v = opts_visitor_new(opts);
- obj = user_creatable_add(qdict, v, &err);
+ v = qobject_string_input_visitor_new(QOBJECT(pdict));
+ obj = user_creatable_add(pdict, v, &err);
visit_free(v);
- qemu_opts_del(opts);
+ QDECREF(pdict);
if (err) {
hmp_handle_error(mon, &err);
diff --git a/include/qom/object_interfaces.h b/include/qom/object_interfaces.h
index 8b17f4d..2466e53 100644
--- a/include/qom/object_interfaces.h
+++ b/include/qom/object_interfaces.h
@@ -96,18 +96,24 @@ Object *user_creatable_add(const QDict *qdict,
* user_creatable_add_type:
* @type: the object type name
* @id: the unique ID for the object
+ * @nested: whether to recurse into the visitor for properties
* @qdict: the object properties
* @v: the visitor
* @errp: if an error occurs, a pointer to an area to store the error
*
* Create an instance of the user creatable object @type, placing
* it in the object composition tree with name @id, initializing
- * it with properties from @qdict
+ * it with properties from @qdict.
+ *
+ * If the visitor is already positioned to read the properties
+ * in @qdict, @nested should be false. Conversely, if it is
+ * necessary to open/close a struct to read the properties in
+ * @qdict, @nested should be true.
*
* Returns: the newly created object or NULL on error
*/
Object *user_creatable_add_type(const char *type, const char *id,
- const QDict *qdict,
+ bool nested, const QDict *qdict,
Visitor *v, Error **errp);
/**
diff --git a/qmp.c b/qmp.c
index ffc8828..a530272 100644
--- a/qmp.c
+++ b/qmp.c
@@ -667,7 +667,7 @@ void qmp_object_add(const char *type, const char *id,
}
v = qobject_input_visitor_new(props, true);
- obj = user_creatable_add_type(type, id, pdict, v, errp);
+ obj = user_creatable_add_type(type, id, true, pdict, v, errp);
visit_free(v);
if (obj) {
object_unref(obj);
diff --git a/qom/object_interfaces.c b/qom/object_interfaces.c
index ded4d84..3a157af 100644
--- a/qom/object_interfaces.c
+++ b/qom/object_interfaces.c
@@ -4,6 +4,7 @@
#include "qemu/module.h"
#include "qapi-visit.h"
#include "qapi/qobject-output-visitor.h"
+#include "qapi/qobject-input-visitor.h"
#include "qapi/opts-visitor.h"
void user_creatable_complete(Object *obj, Error **errp)
@@ -63,12 +64,16 @@ Object *user_creatable_add(const QDict *qdict,
if (local_err) {
goto out_visit;
}
- visit_check_struct(v, &local_err);
+
+ obj = user_creatable_add_type(type, id, false, pdict, v, &local_err);
if (local_err) {
goto out_visit;
}
- obj = user_creatable_add_type(type, id, pdict, v, &local_err);
+ visit_check_struct(v, &local_err);
+ if (local_err) {
+ goto out_visit;
+ }
out_visit:
visit_end_struct(v, NULL);
@@ -87,7 +92,7 @@ out:
Object *user_creatable_add_type(const char *type, const char *id,
- const QDict *qdict,
+ bool nested, const QDict *qdict,
Visitor *v, Error **errp)
{
Object *obj;
@@ -114,9 +119,11 @@ Object *user_creatable_add_type(const char *type, const char *id,
assert(qdict);
obj = object_new(type);
- visit_start_struct(v, NULL, NULL, 0, &local_err);
- if (local_err) {
- goto out;
+ if (nested) {
+ visit_start_struct(v, NULL, NULL, 0, &local_err);
+ if (local_err) {
+ goto out;
+ }
}
for (e = qdict_first(qdict); e; e = qdict_next(qdict, e)) {
object_property_set(obj, v, e->key, &local_err);
@@ -124,12 +131,14 @@ Object *user_creatable_add_type(const char *type, const char *id,
break;
}
}
- if (!local_err) {
- visit_check_struct(v, &local_err);
- }
- visit_end_struct(v, NULL);
- if (local_err) {
- goto out;
+ if (nested) {
+ if (!local_err) {
+ visit_check_struct(v, &local_err);
+ }
+ visit_end_struct(v, NULL);
+ if (local_err) {
+ goto out;
+ }
}
object_property_add_child(object_get_objects_root(),
@@ -158,13 +167,21 @@ Object *user_creatable_add_opts(QemuOpts *opts, Error **errp)
{
Visitor *v;
QDict *pdict;
+ QObject *pobj;
Object *obj = NULL;
- v = opts_visitor_new(opts);
pdict = qemu_opts_to_qdict(opts, NULL);
- obj = user_creatable_add(pdict, v, errp);
+ pobj = qdict_crumple(pdict, true, errp);
+ if (!pobj) {
+ goto cleanup;
+ }
+ v = qobject_string_input_visitor_new(pobj);
+
+ obj = user_creatable_add((QDict *)pobj, v, errp);
visit_free(v);
+ qobject_decref(pobj);
+ cleanup:
QDECREF(pdict);
return obj;
}
diff --git a/tests/check-qom-proplist.c b/tests/check-qom-proplist.c
index 42defe7..b2a27f1 100644
--- a/tests/check-qom-proplist.c
+++ b/tests/check-qom-proplist.c
@@ -23,6 +23,14 @@
#include "qapi/error.h"
#include "qom/object.h"
#include "qemu/module.h"
+#include "qapi/visitor.h"
+#include "qom/object_interfaces.h"
+#include "qemu/option.h"
+#include "qemu/config-file.h"
+#include "qapi/qmp/qjson.h"
+#include "qapi/qobject-input-visitor.h"
+#include "qapi-visit.h"
+#include "qapi/dealloc-visitor.h"
#define TYPE_DUMMY "qemu-dummy"
@@ -30,6 +38,11 @@
typedef struct DummyObject DummyObject;
typedef struct DummyObjectClass DummyObjectClass;
+typedef struct DummyPerson DummyPerson;
+typedef struct DummyAddr DummyAddr;
+typedef struct DummyAddrList DummyAddrList;
+typedef struct DummySizeList DummySizeList;
+
#define DUMMY_OBJECT(obj) \
OBJECT_CHECK(DummyObject, (obj), TYPE_DUMMY)
@@ -50,12 +63,35 @@ static const char *const dummy_animal_map[DUMMY_LAST + 1] = {
[DUMMY_LAST] = NULL,
};
+
+struct DummyAddr {
+ char *ip;
+ int64_t prefix;
+ bool ipv6only;
+};
+
+struct DummyAddrList {
+ DummyAddrList *next;
+ struct DummyAddr *value;
+};
+
+struct DummyPerson {
+ char *name;
+ int64_t age;
+};
+
struct DummyObject {
Object parent_obj;
bool bv;
DummyAnimal av;
char *sv;
+
+ intList *sizes;
+
+ DummyPerson *person;
+
+ DummyAddrList *addrs;
};
struct DummyObjectClass {
@@ -117,6 +153,157 @@ static char *dummy_get_sv(Object *obj,
return g_strdup(dobj->sv);
}
+static void visit_type_DummyPerson_fields(Visitor *v, DummyPerson **obj,
+ Error **errp)
+{
+ Error *err = NULL;
+
+ visit_type_str(v, "name", &(*obj)->name, &err);
+ if (err) {
+ goto out;
+ }
+ visit_type_int(v, "age", &(*obj)->age, &err);
+ if (err) {
+ goto out;
+ }
+
+out:
+ error_propagate(errp, err);
+}
+
+static void visit_type_DummyPerson(Visitor *v, const char *name,
+ DummyPerson **obj, Error **errp)
+{
+ Error *err = NULL;
+
+ visit_start_struct(v, name, (void **)obj, sizeof(DummyPerson), &err);
+ if (err) {
+ goto out;
+ }
+ if (!*obj) {
+ goto out_obj;
+ }
+ visit_type_DummyPerson_fields(v, obj, &err);
+ error_propagate(errp, err);
+ err = NULL;
+out_obj:
+ visit_end_struct(v, (void **)obj);
+out:
+ error_propagate(errp, err);
+}
+
+static void visit_type_DummyAddr_members(Visitor *v, DummyAddr **obj,
+ Error **errp)
+{
+ Error *err = NULL;
+
+ visit_type_str(v, "ip", &(*obj)->ip, &err);
+ if (err) {
+ goto out;
+ }
+ visit_type_int(v, "prefix", &(*obj)->prefix, &err);
+ if (err) {
+ goto out;
+ }
+ visit_type_bool(v, "ipv6only", &(*obj)->ipv6only, &err);
+ if (err) {
+ goto out;
+ }
+
+out:
+ error_propagate(errp, err);
+}
+
+static void visit_type_DummyAddr(Visitor *v, const char *name,
+ DummyAddr **obj, Error **errp)
+{
+ Error *err = NULL;
+
+ visit_start_struct(v, name, (void **)obj, sizeof(DummyAddr), &err);
+ if (err) {
+ goto out;
+ }
+ if (!*obj) {
+ goto out_obj;
+ }
+ visit_type_DummyAddr_members(v, obj, &err);
+ error_propagate(errp, err);
+ err = NULL;
+out_obj:
+ visit_end_struct(v, (void **)obj);
+out:
+ error_propagate(errp, err);
+}
+
+static void qapi_free_DummyAddrList(DummyAddrList *obj);
+
+static void visit_type_DummyAddrList(Visitor *v, const char *name,
+ DummyAddrList **obj, Error **errp)
+{
+ Error *err = NULL;
+ DummyAddrList *tail;
+ size_t size = sizeof(**obj);
+
+ visit_start_list(v, name, (GenericList **)obj, size, &err);
+ if (err) {
+ goto out;
+ }
+
+ for (tail = *obj; tail;
+ tail = (DummyAddrList *)visit_next_list(v,
+ (GenericList *)tail,
+ size)) {
+ visit_type_DummyAddr(v, NULL, &tail->value, &err);
+ if (err) {
+ break;
+ }
+ }
+
+ visit_end_list(v, (void **)obj);
+ if (err && visit_is_input(v)) {
+ qapi_free_DummyAddrList(*obj);
+ *obj = NULL;
+ }
+out:
+ error_propagate(errp, err);
+}
+
+static void qapi_free_DummyAddrList(DummyAddrList *obj)
+{
+ Visitor *v;
+
+ if (!obj) {
+ return;
+ }
+
+ v = qapi_dealloc_visitor_new();
+ visit_type_DummyAddrList(v, NULL, &obj, NULL);
+ visit_free(v);
+}
+
+static void dummy_set_sizes(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ DummyObject *dobj = DUMMY_OBJECT(obj);
+
+ visit_type_intList(v, name, &dobj->sizes, errp);
+}
+
+static void dummy_set_person(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ DummyObject *dobj = DUMMY_OBJECT(obj);
+
+ visit_type_DummyPerson(v, name, &dobj->person, errp);
+}
+
+static void dummy_set_addrs(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ DummyObject *dobj = DUMMY_OBJECT(obj);
+
+ visit_type_DummyAddrList(v, name, &dobj->addrs, errp);
+}
static void dummy_init(Object *obj)
{
@@ -126,9 +313,16 @@ static void dummy_init(Object *obj)
NULL);
}
+static void
+dummy_complete(UserCreatable *uc, Error **errp)
+{
+}
static void dummy_class_init(ObjectClass *cls, void *data)
{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(cls);
+ ucc->complete = dummy_complete;
+
object_class_property_add_bool(cls, "bv",
dummy_get_bv,
dummy_set_bv,
@@ -143,12 +337,34 @@ static void dummy_class_init(ObjectClass *cls, void *data)
dummy_get_av,
dummy_set_av,
NULL);
+ object_class_property_add(cls, "sizes",
+ "int[]",
+ NULL,
+ dummy_set_sizes,
+ NULL, NULL, NULL);
+ object_class_property_add(cls, "person",
+ "DummyPerson",
+ NULL,
+ dummy_set_person,
+ NULL, NULL, NULL);
+ object_class_property_add(cls, "addrs",
+ "DummyAddrList",
+ NULL,
+ dummy_set_addrs,
+ NULL, NULL, NULL);
}
static void dummy_finalize(Object *obj)
{
DummyObject *dobj = DUMMY_OBJECT(obj);
+ Visitor *v;
+
+ v = qapi_dealloc_visitor_new();
+ visit_type_intList(v, NULL, &dobj->sizes, NULL);
+ visit_type_DummyAddrList(v, NULL, &dobj->addrs, NULL);
+ visit_type_DummyPerson(v, NULL, &dobj->person, NULL);
+ visit_free(v);
g_free(dobj->sv);
}
@@ -162,6 +378,10 @@ static const TypeInfo dummy_info = {
.instance_finalize = dummy_finalize,
.class_size = sizeof(DummyObjectClass),
.class_init = dummy_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
};
@@ -457,7 +677,9 @@ static void test_dummy_iterator(void)
ObjectProperty *prop;
ObjectPropertyIterator iter;
- bool seenbv = false, seensv = false, seenav = false, seentype;
+ bool seenbv = false, seensv = false, seenav = false,
+ seentype = false, seenaddrs = false, seenperson = false,
+ seensizes = false;
object_property_iter_init(&iter, OBJECT(dobj));
while ((prop = object_property_iter_next(&iter))) {
@@ -470,6 +692,12 @@ static void test_dummy_iterator(void)
} else if (g_str_equal(prop->name, "type")) {
/* This prop comes from the base Object class */
seentype = true;
+ } else if (g_str_equal(prop->name, "addrs")) {
+ seenaddrs = true;
+ } else if (g_str_equal(prop->name, "person")) {
+ seenperson = true;
+ } else if (g_str_equal(prop->name, "sizes")) {
+ seensizes = true;
} else {
g_printerr("Found prop '%s'\n", prop->name);
g_assert_not_reached();
@@ -479,6 +707,9 @@ static void test_dummy_iterator(void)
g_assert(seenav);
g_assert(seensv);
g_assert(seentype);
+ g_assert(seenaddrs);
+ g_assert(seenperson);
+ g_assert(seensizes);
object_unparent(OBJECT(dobj));
}
@@ -497,11 +728,90 @@ static void test_dummy_delchild(void)
object_unparent(OBJECT(dev));
}
+
+static QemuOptsList dummy_opts = {
+ .name = "object",
+ .implied_opt_name = "qom-type",
+ .head = QTAILQ_HEAD_INITIALIZER(dummy_opts.head),
+ .desc = {
+ { }
+ },
+};
+
+static void test_dummy_create_complex(DummyObject *dummy)
+{
+ g_assert(dummy->person != NULL);
+ g_assert_cmpstr(dummy->person->name, ==, "fred");
+ g_assert_cmpint(dummy->person->age, ==, 52);
+
+ g_assert(dummy->sizes != NULL);
+ g_assert_cmpint(dummy->sizes->value, ==, 12);
+ g_assert_cmpint(dummy->sizes->next->value, ==, 65);
+ g_assert_cmpint(dummy->sizes->next->next->value, ==, 8139);
+
+ g_assert(dummy->addrs != NULL);
+ g_assert_cmpstr(dummy->addrs->value->ip, ==, "127.0.0.1");
+ g_assert_cmpint(dummy->addrs->value->prefix, ==, 24);
+ g_assert(dummy->addrs->value->ipv6only);
+ g_assert_cmpstr(dummy->addrs->next->value->ip, ==, "0.0.0.0");
+ g_assert_cmpint(dummy->addrs->next->value->prefix, ==, 16);
+ g_assert(!dummy->addrs->next->value->ipv6only);
+}
+
+
+static void test_dummy_createopts(void)
+{
+ const char *optstr = "qemu-dummy,id=dummy0,bv=yes,av=alligator,sv=hiss,"
+ "person.name=fred,person.age=52,sizes.0=12,sizes.1=65,sizes.2=8139,"
+ "addrs.0.ip=127.0.0.1,addrs.0.prefix=24,addrs.0.ipv6only=yes,"
+ "addrs.1.ip=0.0.0.0,addrs.1.prefix=16,addrs.1.ipv6only=no";
+ QemuOpts *opts;
+ DummyObject *dummy;
+
+ opts = qemu_opts_parse_noisily(&dummy_opts,
+ optstr, true);
+ g_assert(opts != NULL);
+
+ dummy = DUMMY_OBJECT(user_creatable_add_opts(opts, &error_abort));
+
+ test_dummy_create_complex(dummy);
+
+ object_unparent(OBJECT(dummy));
+ object_unref(OBJECT(dummy));
+}
+
+
+static void test_dummy_createqmp(void)
+{
+ const char *jsonstr =
+ "{ 'qom-type': 'qemu-dummy', 'id': 'dummy0', "
+ " 'bv': true, 'av': 'alligator', 'sv': 'hiss', "
+ " 'person': { 'name': 'fred', 'age': 52 }, "
+ " 'sizes': [12, 65, 8139], "
+ " 'addrs': [ { 'ip': '127.0.0.1', 'prefix': 24, 'ipv6only': true }, "
+ " { 'ip': '0.0.0.0', 'prefix': 16, 'ipv6only': false } ] }";
+ QObject *obj = qobject_from_json(jsonstr);
+ Visitor *v = qobject_input_visitor_new(obj, true);
+ DummyObject *dummy;
+ g_assert(obj);
+ dummy = DUMMY_OBJECT(user_creatable_add(qobject_to_qdict(obj), v,
+ &error_abort));
+
+ test_dummy_create_complex(dummy);
+ visit_free(v);
+ object_unparent(OBJECT(dummy));
+ object_unref(OBJECT(dummy));
+ qobject_decref(obj);
+}
+
int main(int argc, char **argv)
{
g_test_init(&argc, &argv, NULL);
module_call_init(MODULE_INIT_QOM);
+
+ qemu_add_opts(&dummy_opts);
+
type_register_static(&dummy_info);
type_register_static(&dummy_dev_info);
type_register_static(&dummy_bus_info);
@@ -513,6 +823,8 @@ int main(int argc, char **argv)
g_test_add_func("/qom/proplist/getenum", test_dummy_getenum);
g_test_add_func("/qom/proplist/iterator", test_dummy_iterator);
g_test_add_func("/qom/proplist/delchild", test_dummy_delchild);
+ g_test_add_func("/qom/proplist/createopts", test_dummy_createopts);
+ g_test_add_func("/qom/proplist/createqmp", test_dummy_createqmp);
return g_test_run();
}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 07/11] util: add QAuthZ object as an authorization base class
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (5 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 06/11] qom: support arbitrary non-scalar properties with -object Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 08/11] util: add QAuthZSimple object type for a simple access control list Daniel P. Berrange
` (5 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The current qemu_acl module provides a simple access control
list facility inside QEMU, which is used via a set of monitor
commands acl_show, acl_policy, acl_add, acl_remove & acl_reset.
Note there is no ability to create ACLs - the network services
(eg VNC server) were expected to create ACLs that they want to
check.
There is also no way to define ACLs on the command line, nor
potentially integrate with external authorization systems like
polkit, pam, ldap lookup, etc.
The QAuthZ object defines a minimal abstract QOM class that can
be subclassed for creating different authorization providers.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
MAINTAINERS | 7 +++++
Makefile | 1 +
Makefile.objs | 2 ++
Makefile.target | 2 ++
include/qemu/authz.h | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++
util/Makefile.objs | 2 ++
util/authz.c | 47 +++++++++++++++++++++++++++
7 files changed, 150 insertions(+)
create mode 100644 include/qemu/authz.h
create mode 100644 util/authz.c
diff --git a/MAINTAINERS b/MAINTAINERS
index b6fb84e..a6bb1db 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1330,6 +1330,13 @@ F: include/qemu/throttle.h
F: util/throttle.c
L: qemu-block@nongnu.org
+Authorization
+M: Daniel P. Berrange <berrange@redhat.com>
+S: Maintained
+F: util/authz*
+F: include/qemu/authz*
+F: tests/test-authz-*
+
Usermode Emulation
------------------
Overall
diff --git a/Makefile b/Makefile
index 50b4b3a..cd67cf2 100644
--- a/Makefile
+++ b/Makefile
@@ -148,6 +148,7 @@ endif
dummy := $(call unnest-vars,, \
stub-obj-y \
util-obj-y \
+ util-qom-obj-y \
qga-obj-y \
ivshmem-client-obj-y \
ivshmem-server-obj-y \
diff --git a/Makefile.objs b/Makefile.objs
index 6d5ddcf..400f939 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -4,6 +4,8 @@ stub-obj-y = stubs/ crypto/
util-obj-y = util/ qobject/ qapi/
util-obj-y += qmp-introspect.o qapi-types.o qapi-visit.o qapi-event.o
+util-qom-obj-y += util/
+
#######################################################################
# block-obj-y is code used by both qemu system emulation and qemu-img
diff --git a/Makefile.target b/Makefile.target
index a440bcb..118c502 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -173,6 +173,7 @@ include $(SRC_PATH)/Makefile.objs
dummy := $(call unnest-vars,,target-obj-y)
target-obj-y-save := $(target-obj-y)
dummy := $(call unnest-vars,.., \
+ util-qom-obj-y \
block-obj-y \
block-obj-m \
crypto-obj-y \
@@ -185,6 +186,7 @@ target-obj-y := $(target-obj-y-save)
all-obj-y += $(common-obj-y)
all-obj-y += $(target-obj-y)
all-obj-y += $(qom-obj-y)
+all-obj-y += $(util-qom-obj-y)
all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y)
all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y)
all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y)
diff --git a/include/qemu/authz.h b/include/qemu/authz.h
new file mode 100644
index 0000000..a000aa6
--- /dev/null
+++ b/include/qemu/authz.h
@@ -0,0 +1,89 @@
+/*
+ * QEMU authorization framework
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef QAUTHZ_H__
+#define QAUTHZ_H__
+
+#include "qemu-common.h"
+#include "qapi/error.h"
+#include "qom/object.h"
+
+
+#define TYPE_QAUTHZ "authz"
+
+#define QAUTHZ_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QAuthZClass, (klass), \
+ TYPE_QAUTHZ)
+#define QAUTHZ_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QAuthZClass, (obj), \
+ TYPE_QAUTHZ)
+#define QAUTHZ(obj) \
+ INTERFACE_CHECK(QAuthZ, (obj), \
+ TYPE_QAUTHZ)
+
+typedef struct QAuthZ QAuthZ;
+typedef struct QAuthZClass QAuthZClass;
+
+/**
+ * QAuthZ:
+ *
+ * The QAuthZ class defines an API contract to be used
+ * for providing an authorization driver for services
+ * with user identities.
+ */
+
+struct QAuthZ {
+ Object parent_obj;
+};
+
+
+struct QAuthZClass {
+ ObjectClass parent_class;
+
+ bool (*is_allowed)(QAuthZ *authz,
+ const char *identity,
+ Error **errp);
+};
+
+
+/**
+ * qauthz_is_allowed:
+ * @authz: the authorization object
+ * @identity: the user identity to authorize
+ * @errp: pointer to a NULL initialized error object
+ *
+ * Check if a user @identity is authorized. If an error
+ * occurs this method will return false to indicate
+ * denial, as well as setting @errp to contain the details.
+ * Callers are recommended to treat the denial and error
+ * scenarios identically. Specifically the error info in
+ * @errp should never be fed back to the user being
+ * authorized, it is merely for benefit of administrator
+ * debugging.
+ *
+ * Returns: true if @identity is authorized, false if denied or if
+ * an error occurred.
+ */
+bool qauthz_is_allowed(QAuthZ *authz,
+ const char *identity,
+ Error **errp);
+
+#endif /* QAUTHZ_H__ */
+
diff --git a/util/Makefile.objs b/util/Makefile.objs
index 96cb1e0..006ac63 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -35,3 +35,5 @@ util-obj-y += log.o
util-obj-y += qdist.o
util-obj-y += qht.o
util-obj-y += range.o
+
+util-qom-obj-y += authz.o
diff --git a/util/authz.c b/util/authz.c
new file mode 100644
index 0000000..727e8b3
--- /dev/null
+++ b/util/authz.c
@@ -0,0 +1,47 @@
+/*
+ * QEMU authorization framework
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/authz.h"
+
+bool qauthz_is_allowed(QAuthZ *authz,
+ const char *identity,
+ Error **errp)
+{
+ QAuthZClass *cls = QAUTHZ_GET_CLASS(authz);
+
+ return cls->is_allowed(authz, identity, errp);
+}
+
+static const TypeInfo authz_info = {
+ .parent = TYPE_OBJECT,
+ .name = TYPE_QAUTHZ,
+ .instance_size = sizeof(QAuthZ),
+ .class_size = sizeof(QAuthZClass),
+ .abstract = true,
+};
+
+static void qauthz_register_types(void)
+{
+ type_register_static(&authz_info);
+}
+
+type_init(qauthz_register_types)
+
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 08/11] util: add QAuthZSimple object type for a simple access control list
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (6 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 07/11] util: add QAuthZ object as an authorization base class Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 09/11] acl: delete existing ACL implementation Daniel P. Berrange
` (4 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
Add a QAuthZSimple object type that implements the QAuthZ
interface. This simple built-in implementation maintains
a trivial access control list with a sequence of match
rules and a final default policy. This replicates the
functionality currently provided by the qemu_acl module.
To create an instance of this object via the QMP monitor,
the syntax used would be
{
"execute": "object-add",
"arguments": {
"qom-type": "authz-simple",
"id": "auth0",
"parameters": {
"rules": [
{ "match": "fred", "policy": "allow", "format": "exact" },
{ "match": "bob", "policy": "allow", "format": "exact" },
{ "match": "danb", "policy": "deny", "format": "glob" },
{ "match": "dan*", "policy": "allow", "format": "exact" },
],
"policy": "deny"
}
}
}
Or via the -object command line
$QEMU \
-object authz-simple,id=acl0,policy=deny,\
rules.0.match=fred,rules.0.policy=allow,rules.0.format=exact,\
rules.1.match=bob,rules.1.policy=allow,rules.1.format=exact,\
rules.2.match=danb,rules.2.policy=deny,rules.2.format=glob,\
rules.3.match=dan\*,rules.3.policy=allow,rules.3.format=exact
This sets up an authorization rule that allows 'fred',
'bob' and anyone whose name starts with 'dan', except
for 'danb'. Everyone unmatched is denied.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
Makefile | 2 +-
include/qemu/authz-simple.h | 115 ++++++++++++++++
qapi-schema.json | 6 +-
qapi/util.json | 47 +++++++
tests/.gitignore | 1 +
tests/Makefile.include | 3 +
tests/test-authz-simple.c | 172 ++++++++++++++++++++++++
util/Makefile.objs | 1 +
util/authz-simple.c | 314 ++++++++++++++++++++++++++++++++++++++++++++
9 files changed, 659 insertions(+), 2 deletions(-)
create mode 100644 include/qemu/authz-simple.h
create mode 100644 qapi/util.json
create mode 100644 tests/test-authz-simple.c
create mode 100644 util/authz-simple.c
diff --git a/Makefile b/Makefile
index cd67cf2..b60cae0 100644
--- a/Makefile
+++ b/Makefile
@@ -293,7 +293,7 @@ qapi-modules = $(SRC_PATH)/qapi-schema.json $(SRC_PATH)/qapi/common.json \
$(SRC_PATH)/qapi/block.json $(SRC_PATH)/qapi/block-core.json \
$(SRC_PATH)/qapi/event.json $(SRC_PATH)/qapi/introspect.json \
$(SRC_PATH)/qapi/crypto.json $(SRC_PATH)/qapi/rocker.json \
- $(SRC_PATH)/qapi/trace.json
+ $(SRC_PATH)/qapi/trace.json $(SRC_PATH)/qapi/util.json
qapi-types.c qapi-types.h :\
$(qapi-modules) $(SRC_PATH)/scripts/qapi-types.py $(qapi-py)
diff --git a/include/qemu/authz-simple.h b/include/qemu/authz-simple.h
new file mode 100644
index 0000000..30e78bd
--- /dev/null
+++ b/include/qemu/authz-simple.h
@@ -0,0 +1,115 @@
+/*
+ * QEMU simple authorization driver
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef QAUTHZ_SIMPLE_H__
+#define QAUTHZ_SIMPLE_H__
+
+#include "qemu/authz.h"
+
+
+#define TYPE_QAUTHZ_SIMPLE "authz-simple"
+
+#define QAUTHZ_SIMPLE_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QAuthZSimpleClass, (klass), \
+ TYPE_QAUTHZ_SIMPLE)
+#define QAUTHZ_SIMPLE_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QAuthZSimpleClass, (obj), \
+ TYPE_QAUTHZ_SIMPLE)
+#define QAUTHZ_SIMPLE(obj) \
+ INTERFACE_CHECK(QAuthZSimple, (obj), \
+ TYPE_QAUTHZ_SIMPLE)
+
+typedef struct QAuthZSimple QAuthZSimple;
+typedef struct QAuthZSimpleClass QAuthZSimpleClass;
+
+
+/**
+ * QAuthZSimple:
+ *
+ * This authorization driver provides a simple mechanism
+ * for granting access by matching user names against a
+ * list of globs. Each match rule has an associated policy
+ * and a catch all policy applies if no rule matches
+ *
+ * To create an instance of this class via QMP:
+ *
+ * {
+ * "execute": "object-add",
+ * "arguments": {
+ * "qom-type": "authz-simple",
+ * "id": "auth0",
+ * "parameters": {
+ * "rules": [
+ * { "match": "fred", "policy": "allow", "format": "exact" },
+ * { "match": "bob", "policy": "allow", "format": "exact" },
+ * { "match": "danb", "policy": "deny", "format": "exact" },
+ * { "match": "dan*", "policy": "allow", "format": "glob" }
+ * ],
+ * "policy": "deny"
+ * }
+ * }
+ * }
+ *
+ * Or via the CLI:
+ *
+ * $QEMU \
+ * -object authz-simple,id=acl0,policy=deny, \
+ * match.0.name=fred,match.0.policy=allow,format=exact, \
+ * match.1.name=bob,match.1.policy=allow,format=exact, \
+ * match.2.name=danb,match.2.policy=deny,format=exact, \
+ * match.3.name=dan\*,match.3.policy=allow,format=exact
+ *
+ */
+struct QAuthZSimple {
+ QAuthZ parent_obj;
+
+ QAuthZSimplePolicy policy;
+ QAuthZSimpleRuleList *rules;
+};
+
+
+struct QAuthZSimpleClass {
+ QAuthZClass parent_class;
+};
+
+
+QAuthZSimple *qauthz_simple_new(const char *id,
+ QAuthZSimplePolicy policy,
+ Error **errp);
+
+ssize_t qauthz_simple_append_rule(QAuthZSimple *auth,
+ const char *match,
+ QAuthZSimplePolicy policy,
+ QAuthZSimpleFormat format,
+ Error **errp);
+
+ssize_t qauthz_simple_insert_rule(QAuthZSimple *auth,
+ const char *match,
+ QAuthZSimplePolicy policy,
+ QAuthZSimpleFormat format,
+ size_t index,
+ Error **errp);
+
+ssize_t qauthz_simple_delete_rule(QAuthZSimple *auth,
+ const char *match);
+
+
+#endif /* QAUTHZ_SIMPLE_H__ */
+
diff --git a/qapi-schema.json b/qapi-schema.json
index 5658723..765676d 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -5,6 +5,9 @@
# QAPI common definitions
{ 'include': 'qapi/common.json' }
+# QAPI util definitions
+{ 'include': 'qapi/util.json' }
+
# QAPI crypto definitions
{ 'include': 'qapi/crypto.json' }
@@ -3761,7 +3764,8 @@
# Since 2.5
##
{ 'struct': 'DummyForceArrays',
- 'data': { 'unused': ['X86CPUFeatureWordInfo'] } }
+ 'data': { 'unused1': ['X86CPUFeatureWordInfo'],
+ 'unused2': ['QAuthZSimpleRule'] } }
##
diff --git a/qapi/util.json b/qapi/util.json
new file mode 100644
index 0000000..6652867
--- /dev/null
+++ b/qapi/util.json
@@ -0,0 +1,47 @@
+# -*- Mode: Python -*-
+#
+# QAPI util definitions
+
+##
+# QAuthZSimplePolicy:
+#
+# The authorization policy result
+#
+# @deny: deny access
+# @allow: allow access
+#
+# Since: 2.7
+##
+{ 'enum': 'QAuthZSimplePolicy',
+ 'prefix': 'QAUTHZ_SIMPLE_POLICY',
+ 'data': ['deny', 'allow']}
+
+##
+# QAuthZSimpleFormat:
+#
+# The authorization policy result
+#
+# @exact: an exact string match
+# @glob: string with ? and * shell wildcard support
+#
+# Since: 2.7
+##
+{ 'enum': 'QAuthZSimpleFormat',
+ 'prefix': 'QAUTHZ_SIMPLE_FORMAT',
+ 'data': ['exact', 'glob']}
+
+##
+# QAuthZSimpleRule:
+#
+# A single authorization rule.
+#
+# @match: a glob to match against a user identity
+# @policy: the result to return if @match evaluates to true
+# @format: (optional) the format of the @match rule (default 'exact')
+#
+# Since: 2.7
+##
+{ 'struct': 'QAuthZSimpleRule',
+ 'data': {'match': 'str',
+ 'policy': 'QAuthZSimplePolicy',
+ '*format': 'QAuthZSimpleFormat'}}
diff --git a/tests/.gitignore b/tests/.gitignore
index 576b87b..d30a5d3 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -10,6 +10,7 @@ check-qom-proplist
qht-bench
rcutorture
test-aio
+test-authz-simple
test-base64
test-bitops
test-blockjob-txn
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 716fafd..9f81bb9 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -112,6 +112,7 @@ check-unit-y += tests/test-crypto-xts$(EXESUF)
check-unit-y += tests/test-crypto-block$(EXESUF)
gcov-files-test-logging-y = tests/test-logging.c
check-unit-y += tests/test-logging$(EXESUF)
+check-unit-y += tests/test-authz-simple$(EXESUF)
check-block-$(CONFIG_POSIX) += tests/qemu-iotests-quick.sh
@@ -480,6 +481,8 @@ tests/test-timed-average$(EXESUF): tests/test-timed-average.o qemu-timer.o \
$(test-util-obj-y)
tests/test-base64$(EXESUF): tests/test-base64.o \
libqemuutil.a libqemustub.a
+tests/test-authz-simple$(EXESUF): tests/test-authz-simple.o \
+ libqemuutil.a libqemustub.a $(util-qom-obj-y) $(qom-obj-y)
tests/test-logging$(EXESUF): tests/test-logging.o $(test-util-obj-y)
diff --git a/tests/test-authz-simple.c b/tests/test-authz-simple.c
new file mode 100644
index 0000000..e9aea6d
--- /dev/null
+++ b/tests/test-authz-simple.c
@@ -0,0 +1,172 @@
+/*
+ * QEMU simple authorization object
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include <glib.h>
+
+#include "qemu/authz-simple.h"
+
+static void test_authz_default_deny(void)
+{
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
+
+ g_assert(!qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
+
+ object_unparent(OBJECT(auth));
+}
+
+static void test_authz_default_allow(void)
+{
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ &error_abort);
+
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
+
+ object_unparent(OBJECT(auth));
+}
+
+static void test_authz_explicit_deny(void)
+{
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ &error_abort);
+
+ qauthz_simple_append_rule(auth, "fred", QAUTHZ_SIMPLE_POLICY_DENY,
+ QAUTHZ_SIMPLE_FORMAT_EXACT, &error_abort);
+
+ g_assert(!qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
+
+ object_unparent(OBJECT(auth));
+}
+
+static void test_authz_explicit_allow(void)
+{
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
+
+ qauthz_simple_append_rule(auth, "fred", QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_EXACT, &error_abort);
+
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
+
+ object_unparent(OBJECT(auth));
+}
+
+
+static void test_authz_complex(void)
+{
+#ifndef CONFIG_FNMATCH
+ Error *local_err = NULL;
+#endif
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
+
+ qauthz_simple_append_rule(auth, "fred", QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_EXACT, &error_abort);
+ qauthz_simple_append_rule(auth, "bob", QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_EXACT, &error_abort);
+ qauthz_simple_append_rule(auth, "dan", QAUTHZ_SIMPLE_POLICY_DENY,
+ QAUTHZ_SIMPLE_FORMAT_EXACT, &error_abort);
+#ifdef CONFIG_FNMATCH
+ qauthz_simple_append_rule(auth, "dan*", QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_GLOB, &error_abort);
+
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "bob", &error_abort));
+ g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "danb", &error_abort));
+#else
+ g_assert(qauthz_simple_append_rule(auth, "dan*",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_GLOB,
+ &local_err) < 0);
+ g_assert(local_err != NULL);
+ error_free(local_err);
+#endif
+
+ object_unparent(OBJECT(auth));
+}
+
+static void test_authz_add_remove(void)
+{
+ QAuthZSimple *auth = qauthz_simple_new("auth0",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ &error_abort);
+
+ g_assert_cmpint(qauthz_simple_append_rule(auth, "fred",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_EXACT,
+ &error_abort),
+ ==, 0);
+ g_assert_cmpint(qauthz_simple_append_rule(auth, "bob",
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_EXACT,
+ &error_abort),
+ ==, 1);
+ g_assert_cmpint(qauthz_simple_append_rule(auth, "dan",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ QAUTHZ_SIMPLE_FORMAT_EXACT,
+ &error_abort),
+ ==, 2);
+ g_assert_cmpint(qauthz_simple_append_rule(auth, "frank",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ QAUTHZ_SIMPLE_FORMAT_EXACT,
+ &error_abort),
+ ==, 3);
+
+ g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
+
+ g_assert_cmpint(qauthz_simple_delete_rule(auth, "dan"),
+ ==, 2);
+
+ g_assert(qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
+
+ g_assert_cmpint(qauthz_simple_insert_rule(auth, "dan",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ QAUTHZ_SIMPLE_FORMAT_EXACT,
+ 2,
+ &error_abort),
+ ==, 2);
+
+ g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
+
+ object_unparent(OBJECT(auth));
+}
+
+int main(int argc, char **argv)
+{
+ g_test_init(&argc, &argv, NULL);
+
+ module_call_init(MODULE_INIT_QOM);
+
+ g_test_add_func("/auth/simple/default/deny", test_authz_default_deny);
+ g_test_add_func("/auth/simple/default/allow", test_authz_default_allow);
+ g_test_add_func("/auth/simple/explicit/deny", test_authz_explicit_deny);
+ g_test_add_func("/auth/simple/explicit/allow", test_authz_explicit_allow);
+ g_test_add_func("/auth/simple/complex", test_authz_complex);
+ g_test_add_func("/auth/simple/add-remove", test_authz_add_remove);
+
+ return g_test_run();
+}
diff --git a/util/Makefile.objs b/util/Makefile.objs
index 006ac63..f71a7b6 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -37,3 +37,4 @@ util-obj-y += qht.o
util-obj-y += range.o
util-qom-obj-y += authz.o
+util-qom-obj-y += authz-simple.o
diff --git a/util/authz-simple.c b/util/authz-simple.c
new file mode 100644
index 0000000..a26177f
--- /dev/null
+++ b/util/authz-simple.c
@@ -0,0 +1,314 @@
+/*
+ * QEMU simple authorization driver
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/authz-simple.h"
+#include "qom/object_interfaces.h"
+#include "qapi-visit.h"
+
+#ifdef CONFIG_FNMATCH
+#include <fnmatch.h>
+#endif
+
+static bool qauthz_simple_is_allowed(QAuthZ *authz,
+ const char *identity,
+ Error **errp)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(authz);
+ QAuthZSimpleRuleList *rules = sauthz->rules;
+
+ while (rules) {
+ QAuthZSimpleRule *rule = rules->value;
+ QAuthZSimpleFormat format = rule->has_format ? rule->format :
+ QAUTHZ_SIMPLE_FORMAT_EXACT;
+
+ switch (format) {
+ case QAUTHZ_SIMPLE_FORMAT_EXACT:
+ if (strcmp(rule->match, identity) == 0) {
+ return rule->policy == QAUTHZ_SIMPLE_POLICY_ALLOW;
+ }
+ break;
+#ifdef CONFIG_FNMATCH
+ case QAUTHZ_SIMPLE_FORMAT_GLOB:
+ if (fnmatch(rule->match, identity, 0) == 0) {
+ return rule->policy == QAUTHZ_SIMPLE_POLICY_ALLOW;
+ }
+ break;
+#else
+ return false;
+#endif
+ default:
+ return false;
+ }
+ rules = rules->next;
+ }
+
+ return sauthz->policy == QAUTHZ_SIMPLE_POLICY_ALLOW;
+}
+
+
+static void
+qauthz_simple_prop_set_policy(Object *obj,
+ int value,
+ Error **errp G_GNUC_UNUSED)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
+
+ sauthz->policy = value;
+}
+
+
+static int
+qauthz_simple_prop_get_policy(Object *obj,
+ Error **errp G_GNUC_UNUSED)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
+
+ return sauthz->policy;
+}
+
+
+static void
+qauthz_simple_prop_get_rules(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
+
+ visit_type_QAuthZSimpleRuleList(v, name, &sauthz->rules, errp);
+}
+
+static void
+qauthz_simple_prop_set_rules(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
+ QAuthZSimpleRuleList *oldrules;
+#ifndef CONFIG_FNMATCH
+ QAuthZSimpleRuleList *rules;
+#endif
+
+ oldrules = sauthz->rules;
+ visit_type_QAuthZSimpleRuleList(v, name, &sauthz->rules, errp);
+
+#ifndef CONFIG_FNMATCH
+ rules = sauthz->rules;
+ while (rules) {
+ QAuthZSimpleRule *rule = rules->value;
+ if (rule->has_format &&
+ rule->format == QAUTHZ_SIMPLE_FORMAT_GLOB) {
+ error_setg(errp, "Glob format not supported on this platform");
+ qapi_free_QAuthZSimpleRuleList(sauthz->rules);
+ sauthz->rules = oldrules;
+ return;
+ }
+ }
+#endif
+
+ qapi_free_QAuthZSimpleRuleList(oldrules);
+}
+
+
+static void
+qauthz_simple_complete(UserCreatable *uc, Error **errp)
+{
+}
+
+
+static void
+qauthz_simple_finalize(Object *obj)
+{
+ QAuthZSimple *sauthz = QAUTHZ_SIMPLE(obj);
+
+ qapi_free_QAuthZSimpleRuleList(sauthz->rules);
+}
+
+
+static void
+qauthz_simple_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+ QAuthZClass *authz = QAUTHZ_CLASS(oc);
+
+ ucc->complete = qauthz_simple_complete;
+ authz->is_allowed = qauthz_simple_is_allowed;
+
+ object_class_property_add_enum(oc, "policy",
+ "QAuthZSimplePolicy",
+ QAuthZSimplePolicy_lookup,
+ qauthz_simple_prop_get_policy,
+ qauthz_simple_prop_set_policy,
+ NULL);
+
+ object_class_property_add(oc, "rules", "QAuthZSimpleRule",
+ qauthz_simple_prop_get_rules,
+ qauthz_simple_prop_set_rules,
+ NULL, NULL, NULL);
+}
+
+
+QAuthZSimple *qauthz_simple_new(const char *id,
+ QAuthZSimplePolicy policy,
+ Error **errp)
+{
+ return QAUTHZ_SIMPLE(
+ object_new_with_props(TYPE_QAUTHZ_SIMPLE,
+ object_get_objects_root(),
+ id, errp,
+ "policy", QAuthZSimplePolicy_lookup[policy],
+ NULL));
+}
+
+
+ssize_t qauthz_simple_append_rule(QAuthZSimple *auth,
+ const char *match,
+ QAuthZSimplePolicy policy,
+ QAuthZSimpleFormat format,
+ Error **errp)
+{
+ QAuthZSimpleRule *rule;
+ QAuthZSimpleRuleList *rules, *tmp;
+ size_t i = 0;
+
+#ifndef CONFIG_FNMATCH
+ if (format == QAUTHZ_SIMPLE_FORMAT_GLOB) {
+ error_setg(errp, "Glob format not supported on this platform");
+ return -1;
+ }
+#endif
+
+ rule = g_new0(QAuthZSimpleRule, 1);
+ rule->policy = policy;
+ rule->match = g_strdup(match);
+ rule->format = format;
+ rule->has_format = true;
+
+ tmp = g_new0(QAuthZSimpleRuleList, 1);
+ tmp->value = rule;
+
+ rules = auth->rules;
+ if (rules) {
+ while (rules->next) {
+ i++;
+ rules = rules->next;
+ }
+ rules->next = tmp;
+ return i + 1;
+ } else {
+ auth->rules = tmp;
+ return 0;
+ }
+}
+
+
+ssize_t qauthz_simple_insert_rule(QAuthZSimple *auth,
+ const char *match,
+ QAuthZSimplePolicy policy,
+ QAuthZSimpleFormat format,
+ size_t index,
+ Error **errp)
+{
+ QAuthZSimpleRule *rule;
+ QAuthZSimpleRuleList *rules, *tmp;
+ size_t i = 0;
+
+#ifndef CONFIG_FNMATCH
+ if (format == QAUTHZ_SIMPLE_FORMAT_GLOB) {
+ error_setg(errp, "Glob format not supported on this platform");
+ return -1;
+ }
+#endif
+
+ rule = g_new0(QAuthZSimpleRule, 1);
+ rule->policy = policy;
+ rule->match = g_strdup(match);
+ rule->format = format;
+ rule->has_format = true;
+
+ tmp = g_new0(QAuthZSimpleRuleList, 1);
+ tmp->value = rule;
+
+ rules = auth->rules;
+ if (rules && index > 0) {
+ while (rules->next && i < (index - 1)) {
+ i++;
+ rules = rules->next;
+ }
+ tmp->next = rules->next;
+ rules->next = tmp;
+ return i + 1;
+ } else {
+ tmp->next = auth->rules;
+ auth->rules = tmp;
+ return 0;
+ }
+}
+
+
+ssize_t qauthz_simple_delete_rule(QAuthZSimple *auth, const char *match)
+{
+ QAuthZSimpleRule *rule;
+ QAuthZSimpleRuleList *rules, *prev;
+ size_t i = 0;
+
+ prev = NULL;
+ rules = auth->rules;
+ while (rules) {
+ rule = rules->value;
+ if (g_str_equal(rule->match, match)) {
+ if (prev) {
+ prev->next = rules->next;
+ } else {
+ auth->rules = rules->next;
+ }
+ rules->next = NULL;
+ qapi_free_QAuthZSimpleRuleList(rules);
+ return i;
+ }
+ prev = rules;
+ rules = rules->next;
+ i++;
+ }
+
+ return -1;
+}
+
+
+static const TypeInfo qauthz_simple_info = {
+ .parent = TYPE_QAUTHZ,
+ .name = TYPE_QAUTHZ_SIMPLE,
+ .instance_size = sizeof(QAuthZSimple),
+ .instance_finalize = qauthz_simple_finalize,
+ .class_size = sizeof(QAuthZSimpleClass),
+ .class_init = qauthz_simple_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+
+static void
+qauthz_simple_register_types(void)
+{
+ type_register_static(&qauthz_simple_info);
+}
+
+
+type_init(qauthz_simple_register_types);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 09/11] acl: delete existing ACL implementation
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (7 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 08/11] util: add QAuthZSimple object type for a simple access control list Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 10/11] util: add QAuthZPAM object type for authorizing using PAM Daniel P. Berrange
` (3 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
The 'qemu_acl' type was a previous non-QOM based attempt to
provide an authorization facility in QEMU. Because it is
non-QOM based it cannot be created via the command line and
requires special monitor commands to manipulate it.
The new QAuthZ and QAuthZSimple QOM classes provide a superset
of the functionality in qemu_acl, so the latter can now be
deleted. The HMP 'acl_*' monitor commands are converted to
use the new QAuthZSimple data type instead in order to provide
backwards compatibility, but their use is discouraged.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
Makefile | 6 +-
crypto/tlssession.c | 28 +++++--
include/qemu/acl.h | 66 ---------------
monitor.c | 182 +++++++++++++++++++++++++++--------------
tests/Makefile.include | 2 +-
tests/test-crypto-tlssession.c | 15 ++--
tests/test-io-channel-tls.c | 16 ++--
ui/vnc-auth-sasl.c | 2 +-
ui/vnc-auth-sasl.h | 4 +-
ui/vnc.c | 11 ++-
util/Makefile.objs | 1 -
util/acl.c | 179 ----------------------------------------
12 files changed, 181 insertions(+), 331 deletions(-)
delete mode 100644 include/qemu/acl.h
delete mode 100644 util/acl.c
diff --git a/Makefile b/Makefile
index b60cae0..4a8e931 100644
--- a/Makefile
+++ b/Makefile
@@ -254,9 +254,9 @@ util/module.o-cflags = -D'CONFIG_BLOCK_MODULES=$(block-modules)'
qemu-img.o: qemu-img-cmds.h
-qemu-img$(EXESUF): qemu-img.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a
-qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a
-qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) libqemuutil.a libqemustub.a
+qemu-img$(EXESUF): qemu-img.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
+qemu-nbd$(EXESUF): qemu-nbd.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
+qemu-io$(EXESUF): qemu-io.o $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(util-qom-obj-y) libqemuutil.a libqemustub.a
qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o libqemuutil.a libqemustub.a
diff --git a/crypto/tlssession.c b/crypto/tlssession.c
index 2de42c6..2edf5ab 100644
--- a/crypto/tlssession.c
+++ b/crypto/tlssession.c
@@ -23,7 +23,7 @@
#include "crypto/tlscredsanon.h"
#include "crypto/tlscredsx509.h"
#include "qapi/error.h"
-#include "qemu/acl.h"
+#include "qemu/authz.h"
#include "trace.h"
#ifdef CONFIG_GNUTLS
@@ -220,6 +220,7 @@ qcrypto_tls_session_check_certificate(QCryptoTLSSession *session,
unsigned int nCerts, i;
time_t now;
gnutls_x509_crt_t cert = NULL;
+ Error *err = NULL;
now = time(NULL);
if (now == ((time_t)-1)) {
@@ -308,16 +309,33 @@ qcrypto_tls_session_check_certificate(QCryptoTLSSession *session,
goto error;
}
if (session->aclname) {
- qemu_acl *acl = qemu_acl_find(session->aclname);
- int allow;
- if (!acl) {
+ QAuthZ *acl;
+ Object *obj;
+ Object *container;
+ bool allow;
+
+ container = object_get_objects_root();
+ obj = object_resolve_path_component(container,
+ session->aclname);
+ if (!obj) {
error_setg(errp, "Cannot find ACL %s",
session->aclname);
goto error;
}
- allow = qemu_acl_party_is_allowed(acl, session->peername);
+ if (!object_dynamic_cast(obj, TYPE_QAUTHZ)) {
+ error_setg(errp, "Object '%s' is not a QAuthZ subclass",
+ session->aclname);
+ goto error;
+ }
+ acl = QAUTHZ(obj);
+
+ allow = qauthz_is_allowed(acl, session->peername, &err);
+ if (err) {
+ error_propagate(errp, err);
+ goto error;
+ }
if (!allow) {
error_setg(errp, "TLS x509 ACL check for %s is denied",
session->peername);
diff --git a/include/qemu/acl.h b/include/qemu/acl.h
deleted file mode 100644
index 7c44119..0000000
--- a/include/qemu/acl.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * QEMU access control list management
- *
- * Copyright (C) 2009 Red Hat, Inc
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
- * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-#ifndef QEMU_ACL_H
-#define QEMU_ACL_H
-
-#include "qemu/queue.h"
-
-typedef struct qemu_acl_entry qemu_acl_entry;
-typedef struct qemu_acl qemu_acl;
-
-struct qemu_acl_entry {
- char *match;
- int deny;
-
- QTAILQ_ENTRY(qemu_acl_entry) next;
-};
-
-struct qemu_acl {
- char *aclname;
- unsigned int nentries;
- QTAILQ_HEAD(,qemu_acl_entry) entries;
- int defaultDeny;
-};
-
-qemu_acl *qemu_acl_init(const char *aclname);
-
-qemu_acl *qemu_acl_find(const char *aclname);
-
-int qemu_acl_party_is_allowed(qemu_acl *acl,
- const char *party);
-
-void qemu_acl_reset(qemu_acl *acl);
-
-int qemu_acl_append(qemu_acl *acl,
- int deny,
- const char *match);
-int qemu_acl_insert(qemu_acl *acl,
- int deny,
- const char *match,
- int index);
-int qemu_acl_remove(qemu_acl *acl,
- const char *match);
-
-#endif /* QEMU_ACL_H */
diff --git a/monitor.c b/monitor.c
index b151934..9ee394b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -51,7 +51,7 @@
#include "qemu/timer.h"
#include "migration/migration.h"
#include "sysemu/kvm.h"
-#include "qemu/acl.h"
+#include "qemu/authz-simple.h"
#include "sysemu/tpm.h"
#include "qapi/qmp/qerror.h"
#include "qapi/qmp/types.h"
@@ -59,6 +59,7 @@
#include "qapi/qmp/json-streamer.h"
#include "qapi/qmp/json-parser.h"
#include "qom/object_interfaces.h"
+#include "qapi/util.h"
#include "cpu.h"
#include "trace.h"
#include "trace/control.h"
@@ -1629,61 +1630,88 @@ static void hmp_wavcapture(Monitor *mon, const QDict *qdict)
QLIST_INSERT_HEAD (&capture_head, s, entries);
}
-static qemu_acl *find_acl(Monitor *mon, const char *name)
+static QAuthZSimple *find_auth(Monitor *mon, const char *name)
{
- qemu_acl *acl = qemu_acl_find(name);
+ Object *obj;
+ Object *container;
- if (!acl) {
+ container = object_get_objects_root();
+ obj = object_resolve_path_component(container, name);
+ if (!obj) {
monitor_printf(mon, "acl: unknown list '%s'\n", name);
+ return NULL;
}
- return acl;
+
+ return QAUTHZ_SIMPLE(obj);
}
static void hmp_acl_show(Monitor *mon, const QDict *qdict)
{
const char *aclname = qdict_get_str(qdict, "aclname");
- qemu_acl *acl = find_acl(mon, aclname);
- qemu_acl_entry *entry;
- int i = 0;
-
- if (acl) {
- monitor_printf(mon, "policy: %s\n",
- acl->defaultDeny ? "deny" : "allow");
- QTAILQ_FOREACH(entry, &acl->entries, next) {
- i++;
- monitor_printf(mon, "%d: %s %s\n", i,
- entry->deny ? "deny" : "allow", entry->match);
- }
+ QAuthZSimple *auth = find_auth(mon, aclname);
+ QAuthZSimpleRuleList *rules;
+ size_t i = 0;
+
+ if (!auth) {
+ return;
+ }
+
+ monitor_printf(mon, "policy: %s\n",
+ QAuthZSimplePolicy_lookup[auth->policy]);
+
+ rules = auth->rules;
+ while (rules) {
+ QAuthZSimpleRule *rule = rules->value;
+ i++;
+ monitor_printf(mon, "%zu: %s %s\n", i,
+ QAuthZSimplePolicy_lookup[rule->policy],
+ rule->match);
+ rules = rules->next;
}
}
static void hmp_acl_reset(Monitor *mon, const QDict *qdict)
{
const char *aclname = qdict_get_str(qdict, "aclname");
- qemu_acl *acl = find_acl(mon, aclname);
+ QAuthZSimple *auth = find_auth(mon, aclname);
- if (acl) {
- qemu_acl_reset(acl);
- monitor_printf(mon, "acl: removed all rules\n");
+ if (!auth) {
+ return;
}
+
+ auth->policy = QAUTHZ_SIMPLE_POLICY_DENY;
+ qapi_free_QAuthZSimpleRuleList(auth->rules);
+ auth->rules = NULL;
+ monitor_printf(mon, "acl: removed all rules\n");
}
static void hmp_acl_policy(Monitor *mon, const QDict *qdict)
{
const char *aclname = qdict_get_str(qdict, "aclname");
const char *policy = qdict_get_str(qdict, "policy");
- qemu_acl *acl = find_acl(mon, aclname);
+ QAuthZSimple *auth = find_auth(mon, aclname);
+ int val;
+ Error *err = NULL;
- if (acl) {
- if (strcmp(policy, "allow") == 0) {
- acl->defaultDeny = 0;
+ if (!auth) {
+ return;
+ }
+
+ val = qapi_enum_parse(QAuthZSimplePolicy_lookup,
+ policy,
+ QAUTHZ_SIMPLE_POLICY__MAX,
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &err);
+ if (err) {
+ error_free(err);
+ monitor_printf(mon, "acl: unknown policy '%s', "
+ "expected 'deny' or 'allow'\n", policy);
+ } else {
+ auth->policy = val;
+ if (auth->policy == QAUTHZ_SIMPLE_POLICY_ALLOW) {
monitor_printf(mon, "acl: policy set to 'allow'\n");
- } else if (strcmp(policy, "deny") == 0) {
- acl->defaultDeny = 1;
- monitor_printf(mon, "acl: policy set to 'deny'\n");
} else {
- monitor_printf(mon, "acl: unknown policy '%s', "
- "expected 'deny' or 'allow'\n", policy);
+ monitor_printf(mon, "acl: policy set to 'deny'\n");
}
}
}
@@ -1692,30 +1720,61 @@ static void hmp_acl_add(Monitor *mon, const QDict *qdict)
{
const char *aclname = qdict_get_str(qdict, "aclname");
const char *match = qdict_get_str(qdict, "match");
- const char *policy = qdict_get_str(qdict, "policy");
+ const char *policystr = qdict_get_str(qdict, "policy");
int has_index = qdict_haskey(qdict, "index");
int index = qdict_get_try_int(qdict, "index", -1);
- qemu_acl *acl = find_acl(mon, aclname);
- int deny, ret;
-
- if (acl) {
- if (strcmp(policy, "allow") == 0) {
- deny = 0;
- } else if (strcmp(policy, "deny") == 0) {
- deny = 1;
- } else {
- monitor_printf(mon, "acl: unknown policy '%s', "
- "expected 'deny' or 'allow'\n", policy);
- return;
- }
- if (has_index)
- ret = qemu_acl_insert(acl, deny, match, index);
- else
- ret = qemu_acl_append(acl, deny, match);
- if (ret < 0)
- monitor_printf(mon, "acl: unable to add acl entry\n");
- else
- monitor_printf(mon, "acl: added rule at position %d\n", ret);
+ QAuthZSimple *auth = find_auth(mon, aclname);
+ Error *err = NULL;
+ QAuthZSimplePolicy policy;
+ QAuthZSimpleFormat format;
+ size_t i = 0;
+
+ if (!auth) {
+ return;
+ }
+
+ policy = qapi_enum_parse(QAuthZSimplePolicy_lookup,
+ policystr,
+ QAUTHZ_SIMPLE_POLICY__MAX,
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &err);
+ if (err) {
+ error_free(err);
+ monitor_printf(mon, "acl: unknown policy '%s', "
+ "expected 'deny' or 'allow'\n", policystr);
+ return;
+ }
+
+#ifdef CONFIG_FNMATCH
+ if (strchr(match, '*')) {
+ format = QAUTHZ_SIMPLE_FORMAT_GLOB;
+ } else {
+ format = QAUTHZ_SIMPLE_FORMAT_EXACT;
+ }
+#else
+ /* Historically we silently degraded to plain strcmp
+ * when fnmatch() was missing */
+ format = QAUTHZ_SIMPLE_FORMAT_EXACT;
+#endif
+
+ if (has_index && index == 0) {
+ monitor_printf(mon, "acl: unable to add acl entry\n");
+ return;
+ }
+
+ if (has_index) {
+ i = qauthz_simple_insert_rule(auth, match, policy,
+ format, index - 1, &err);
+ } else {
+ i = qauthz_simple_append_rule(auth, match, policy,
+ format, &err);
+ }
+ if (err) {
+ monitor_printf(mon, "acl: unable to add rule: %s",
+ error_get_pretty(err));
+ error_free(err);
+ } else {
+ monitor_printf(mon, "acl: added rule at position %zu\n", i + 1);
}
}
@@ -1723,15 +1782,18 @@ static void hmp_acl_remove(Monitor *mon, const QDict *qdict)
{
const char *aclname = qdict_get_str(qdict, "aclname");
const char *match = qdict_get_str(qdict, "match");
- qemu_acl *acl = find_acl(mon, aclname);
- int ret;
+ QAuthZSimple *auth = find_auth(mon, aclname);
+ ssize_t i = 0;
- if (acl) {
- ret = qemu_acl_remove(acl, match);
- if (ret < 0)
- monitor_printf(mon, "acl: no matching acl entry\n");
- else
- monitor_printf(mon, "acl: removed rule at position %d\n", ret);
+ if (!auth) {
+ return;
+ }
+
+ i = qauthz_simple_delete_rule(auth, match);
+ if (i >= 0) {
+ monitor_printf(mon, "acl: removed rule at position %zu\n", i + 1);
+ } else {
+ monitor_printf(mon, "acl: no matching acl entry\n");
}
}
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 9f81bb9..37dfd84 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -434,7 +434,7 @@ test-qom-obj-y = $(qom-obj-y) $(test-util-obj-y)
test-qapi-obj-y = tests/test-qapi-visit.o tests/test-qapi-types.o \
tests/test-qapi-event.o tests/test-qmp-introspect.o \
$(test-qom-obj-y)
-test-crypto-obj-y = $(crypto-obj-y) $(test-qom-obj-y)
+test-crypto-obj-y = $(crypto-obj-y) $(util-qom-obj-y) $(test-qom-obj-y)
test-io-obj-y = $(io-obj-y) $(test-crypto-obj-y)
test-block-obj-y = $(block-obj-y) $(test-io-obj-y)
diff --git a/tests/test-crypto-tlssession.c b/tests/test-crypto-tlssession.c
index 1a4a066..b7463e7 100644
--- a/tests/test-crypto-tlssession.c
+++ b/tests/test-crypto-tlssession.c
@@ -26,7 +26,7 @@
#include "qom/object_interfaces.h"
#include "qapi/error.h"
#include "qemu/sockets.h"
-#include "qemu/acl.h"
+#include "qemu/authz-simple.h"
#ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT
@@ -111,7 +111,7 @@ static void test_crypto_tls_session(const void *opaque)
QCryptoTLSCreds *serverCreds;
QCryptoTLSSession *clientSess = NULL;
QCryptoTLSSession *serverSess = NULL;
- qemu_acl *acl;
+ QAuthZSimple *auth;
const char * const *wildcards;
int channel[2];
bool clientShake = false;
@@ -170,11 +170,15 @@ static void test_crypto_tls_session(const void *opaque)
&err);
g_assert(serverCreds != NULL);
- acl = qemu_acl_init("tlssessionacl");
- qemu_acl_reset(acl);
+ auth = qauthz_simple_new("tlssessionacl",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
wildcards = data->wildcards;
while (wildcards && *wildcards) {
- qemu_acl_append(acl, 0, *wildcards);
+ qauthz_simple_append_rule(auth, *wildcards,
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_GLOB,
+ &error_abort);
wildcards++;
}
@@ -264,6 +268,7 @@ static void test_crypto_tls_session(const void *opaque)
object_unparent(OBJECT(serverCreds));
object_unparent(OBJECT(clientCreds));
+ object_unparent(OBJECT(auth));
qcrypto_tls_session_free(serverSess);
qcrypto_tls_session_free(clientSess);
diff --git a/tests/test-io-channel-tls.c b/tests/test-io-channel-tls.c
index 3c361a7..ff472a0 100644
--- a/tests/test-io-channel-tls.c
+++ b/tests/test-io-channel-tls.c
@@ -28,7 +28,7 @@
#include "io/channel-socket.h"
#include "io-channel-helpers.h"
#include "crypto/tlscredsx509.h"
-#include "qemu/acl.h"
+#include "qemu/authz-simple.h"
#include "qom/object_interfaces.h"
#ifdef QCRYPTO_HAVE_TLS_TEST_SUPPORT
@@ -115,7 +115,7 @@ static void test_io_channel_tls(const void *opaque)
QIOChannelTLS *serverChanTLS;
QIOChannelSocket *clientChanSock;
QIOChannelSocket *serverChanSock;
- qemu_acl *acl;
+ QAuthZSimple *auth;
const char * const *wildcards;
int channel[2];
struct QIOChannelTLSHandshakeData clientHandshake = { false, false };
@@ -166,11 +166,15 @@ static void test_io_channel_tls(const void *opaque)
&err);
g_assert(serverCreds != NULL);
- acl = qemu_acl_init("channeltlsacl");
- qemu_acl_reset(acl);
+ auth = qauthz_simple_new("channeltlsacl",
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
wildcards = data->wildcards;
while (wildcards && *wildcards) {
- qemu_acl_append(acl, 0, *wildcards);
+ qauthz_simple_append_rule(auth, *wildcards,
+ QAUTHZ_SIMPLE_POLICY_ALLOW,
+ QAUTHZ_SIMPLE_FORMAT_GLOB,
+ &error_abort);
wildcards++;
}
@@ -256,6 +260,8 @@ static void test_io_channel_tls(const void *opaque)
object_unref(OBJECT(serverChanSock));
object_unref(OBJECT(clientChanSock));
+ object_unparent(OBJECT(auth));
+
close(channel[0]);
close(channel[1]);
}
diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index 5ae29c1..b1064a7 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -150,7 +150,7 @@ static int vnc_auth_sasl_check_access(VncState *vs)
return 0;
}
- allow = qemu_acl_party_is_allowed(vs->vd->sasl.acl, vs->sasl.username);
+ allow = qauthz_is_allowed(vs->vd->sasl.acl, vs->sasl.username, NULL);
VNC_DEBUG("SASL client %s %s by ACL\n", vs->sasl.username,
allow ? "allowed" : "denied");
diff --git a/ui/vnc-auth-sasl.h b/ui/vnc-auth-sasl.h
index cb42745..12b099b 100644
--- a/ui/vnc-auth-sasl.h
+++ b/ui/vnc-auth-sasl.h
@@ -30,7 +30,7 @@
typedef struct VncStateSASL VncStateSASL;
typedef struct VncDisplaySASL VncDisplaySASL;
-#include "qemu/acl.h"
+#include "qemu/authz.h"
#include "qemu/main-loop.h"
struct VncStateSASL {
@@ -59,7 +59,7 @@ struct VncStateSASL {
};
struct VncDisplaySASL {
- qemu_acl *acl;
+ QAuthZ *acl;
};
void vnc_sasl_client_cleanup(VncState *vs);
diff --git a/ui/vnc.c b/ui/vnc.c
index 853b57e..c3935b8 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -33,7 +33,7 @@
#include "qemu/error-report.h"
#include "qemu/sockets.h"
#include "qemu/timer.h"
-#include "qemu/acl.h"
+#include "qemu/authz-simple.h"
#include "qemu/config-file.h"
#include "qapi/qmp/qerror.h"
#include "qapi/qmp/types.h"
@@ -3757,7 +3757,9 @@ void vnc_display_open(const char *id, Error **errp)
} else {
vs->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vs->id);
}
- qemu_acl_init(vs->tlsaclname);
+ qauthz_simple_new(vs->tlsaclname,
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort);
}
#ifdef CONFIG_VNC_SASL
if (acl && sasl) {
@@ -3768,7 +3770,10 @@ void vnc_display_open(const char *id, Error **errp)
} else {
aclname = g_strdup_printf("vnc.%s.username", vs->id);
}
- vs->sasl.acl = qemu_acl_init(aclname);
+ vs->sasl.acl =
+ QAUTHZ(qauthz_simple_new(aclname,
+ QAUTHZ_SIMPLE_POLICY_DENY,
+ &error_abort));
g_free(aclname);
}
#endif
diff --git a/util/Makefile.objs b/util/Makefile.objs
index f71a7b6..08b5f91 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -13,7 +13,6 @@ util-obj-y += envlist.o path.o module.o
util-obj-$(call lnot,$(CONFIG_INT128)) += host-utils.o
util-obj-y += bitmap.o bitops.o hbitmap.o
util-obj-y += fifo8.o
-util-obj-y += acl.o
util-obj-y += error.o qemu-error.o
util-obj-y += id.o
util-obj-y += iov.o qemu-config.o qemu-sockets.o uri.o notify.o
diff --git a/util/acl.c b/util/acl.c
deleted file mode 100644
index c105add..0000000
--- a/util/acl.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/*
- * QEMU access control list management
- *
- * Copyright (C) 2009 Red Hat, Inc
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
- * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- * THE SOFTWARE.
- */
-
-
-#include "qemu/osdep.h"
-#include "qemu-common.h"
-#include "qemu/acl.h"
-
-#ifdef CONFIG_FNMATCH
-#include <fnmatch.h>
-#endif
-
-
-static unsigned int nacls = 0;
-static qemu_acl **acls = NULL;
-
-
-
-qemu_acl *qemu_acl_find(const char *aclname)
-{
- int i;
- for (i = 0 ; i < nacls ; i++) {
- if (strcmp(acls[i]->aclname, aclname) == 0)
- return acls[i];
- }
-
- return NULL;
-}
-
-qemu_acl *qemu_acl_init(const char *aclname)
-{
- qemu_acl *acl;
-
- acl = qemu_acl_find(aclname);
- if (acl)
- return acl;
-
- acl = g_malloc(sizeof(*acl));
- acl->aclname = g_strdup(aclname);
- /* Deny by default, so there is no window of "open
- * access" between QEMU starting, and the user setting
- * up ACLs in the monitor */
- acl->defaultDeny = 1;
-
- acl->nentries = 0;
- QTAILQ_INIT(&acl->entries);
-
- acls = g_realloc(acls, sizeof(*acls) * (nacls +1));
- acls[nacls] = acl;
- nacls++;
-
- return acl;
-}
-
-int qemu_acl_party_is_allowed(qemu_acl *acl,
- const char *party)
-{
- qemu_acl_entry *entry;
-
- QTAILQ_FOREACH(entry, &acl->entries, next) {
-#ifdef CONFIG_FNMATCH
- if (fnmatch(entry->match, party, 0) == 0)
- return entry->deny ? 0 : 1;
-#else
- /* No fnmatch, so fallback to exact string matching
- * instead of allowing wildcards */
- if (strcmp(entry->match, party) == 0)
- return entry->deny ? 0 : 1;
-#endif
- }
-
- return acl->defaultDeny ? 0 : 1;
-}
-
-
-void qemu_acl_reset(qemu_acl *acl)
-{
- qemu_acl_entry *entry, *next_entry;
-
- /* Put back to deny by default, so there is no window
- * of "open access" while the user re-initializes the
- * access control list */
- acl->defaultDeny = 1;
- QTAILQ_FOREACH_SAFE(entry, &acl->entries, next, next_entry) {
- QTAILQ_REMOVE(&acl->entries, entry, next);
- g_free(entry->match);
- g_free(entry);
- }
- acl->nentries = 0;
-}
-
-
-int qemu_acl_append(qemu_acl *acl,
- int deny,
- const char *match)
-{
- qemu_acl_entry *entry;
-
- entry = g_malloc(sizeof(*entry));
- entry->match = g_strdup(match);
- entry->deny = deny;
-
- QTAILQ_INSERT_TAIL(&acl->entries, entry, next);
- acl->nentries++;
-
- return acl->nentries;
-}
-
-
-int qemu_acl_insert(qemu_acl *acl,
- int deny,
- const char *match,
- int index)
-{
- qemu_acl_entry *tmp;
- int i = 0;
-
- if (index <= 0)
- return -1;
- if (index > acl->nentries) {
- return qemu_acl_append(acl, deny, match);
- }
-
- QTAILQ_FOREACH(tmp, &acl->entries, next) {
- i++;
- if (i == index) {
- qemu_acl_entry *entry;
- entry = g_malloc(sizeof(*entry));
- entry->match = g_strdup(match);
- entry->deny = deny;
-
- QTAILQ_INSERT_BEFORE(tmp, entry, next);
- acl->nentries++;
- break;
- }
- }
-
- return i;
-}
-
-int qemu_acl_remove(qemu_acl *acl,
- const char *match)
-{
- qemu_acl_entry *entry;
- int i = 0;
-
- QTAILQ_FOREACH(entry, &acl->entries, next) {
- i++;
- if (strcmp(entry->match, match) == 0) {
- QTAILQ_REMOVE(&acl->entries, entry, next);
- acl->nentries--;
- g_free(entry->match);
- g_free(entry);
- return i;
- }
- }
- return -1;
-}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 10/11] util: add QAuthZPAM object type for authorizing using PAM
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (8 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 09/11] acl: delete existing ACL implementation Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 11/11] qmp: add support for mixed typed input visitor Daniel P. Berrange
` (2 subsequent siblings)
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
Add an authorization backend that talks to PAM to check
whether the user identity is allowed. This only uses the
PAM account validation facility, which is essentially
just a check to see if the provided username is permitted
access. It doesn't use the authentication or session
parts of PAM, since that's dealt with by the relevant
part of QEMU (eg VNC server).
Consider starting QEMU with a VNC server and telling it to
use TLS with x509 client certificates and configuring it to
use an ACL to validate the x509 distinguished name. IN this
example we're telling it to use PAM for the ACL impl with
a service name of "qemu-vnc"
$ qemu-system-x86_64 \
-object tls-creds-x509,id=tls0,dir=/home/berrange/security/qemutls,\
endpoint=server,verify-peer=yes \
-object authz-pam,id=acl0,service=qemu-vnc \
-vnc :1,tls-creds=tls0,tls-acl=acl0
This requires an /etc/pam/qemu-vnc file to be created with
the auth rules. A very simple file based whitelist can be
setup using
$ cat > /etc/pam/qemu-vnc <<EOF
account requisite pam_listfile.so item=user sense=allow file=/etc/qemu/vnc.allow
EOF
The /etc/qemu/vnc.allow file simply contains one username
per line. Any username not in the file is denied. The
usernames in this example are the x509 distinguished name
from the client's x509 cert.
$ cat > /etc/qemu/vnc.allow <<EOF
CN=laptop.berrange.com,O=Berrange Home,L=London,ST=London,C=GB
EOF
More interesting would be to configure PAM to use an LDAP
backend, so that the QEMU authorization check data can be
centralized instead of requiring each compute host to have
file maintained.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
configure | 36 ++++++++++++
include/qemu/authz-pam.h | 98 +++++++++++++++++++++++++++++++
util/Makefile.objs | 3 +
util/authz-pam.c | 148 +++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 285 insertions(+)
create mode 100644 include/qemu/authz-pam.h
create mode 100644 util/authz-pam.c
diff --git a/configure b/configure
index 8d84919..ec1d9b1 100755
--- a/configure
+++ b/configure
@@ -312,6 +312,7 @@ nettle=""
nettle_kdf="no"
gcrypt=""
gcrypt_kdf="no"
+pam=""
vte=""
virglrenderer=""
tpm="yes"
@@ -1112,6 +1113,10 @@ for opt do
;;
--enable-gcrypt) gcrypt="yes"
;;
+ --disable-pam) pam="no"
+ ;;
+ --enable-pam) pam="yes"
+ ;;
--enable-rdma) rdma="yes"
;;
--disable-rdma) rdma="no"
@@ -1332,6 +1337,7 @@ disabled with --disable-FEATURE, default is enabled if available:
gnutls GNUTLS cryptography support
nettle nettle cryptography support
gcrypt libgcrypt cryptography support
+ pam PAM access control
sdl SDL UI
--with-sdlabi select preferred SDL ABI 1.2 or 2.0
gtk gtk UI
@@ -2396,6 +2402,32 @@ fi
##########################################
+# PAM probe
+
+if test "x$pam" != "no"; then
+ cat > $TMPC <<EOF
+#include <security/pam_appl.h>
+#include <stdio.h>
+int main(void) {
+ const char *service_name = "qemu";
+ const char *user = "frank";
+ const struct pam_conv *pam_conv = NULL;
+ pam_handle_t *pamh = NULL;
+ pam_start(service_name, user, pam_conv, &pamh);
+}
+EOF
+ if compile_prog "" "-lpam" ; then
+ pam=yes
+ else
+ if test "$pam" = "yes"; then
+ feature_not_found "PAM" "Install pam-devel"
+ else
+ pam=no
+ fi
+ fi
+fi
+
+##########################################
# getifaddrs (for tests/test-io-channel-socket )
have_ifaddrs_h=yes
@@ -4819,6 +4851,7 @@ echo "libgcrypt kdf $gcrypt_kdf"
echo "nettle $nettle $(echo_version $nettle $nettle_version)"
echo "nettle kdf $nettle_kdf"
echo "libtasn1 $tasn1"
+echo "PAM $pam"
echo "curses support $curses"
echo "virgl support $virglrenderer"
echo "curl support $curl"
@@ -5198,6 +5231,9 @@ fi
if test "$tasn1" = "yes" ; then
echo "CONFIG_TASN1=y" >> $config_host_mak
fi
+if test "$pam" = "yes" ; then
+ echo "CONFIG_PAM=y" >> $config_host_mak
+fi
if test "$have_ifaddrs_h" = "yes" ; then
echo "HAVE_IFADDRS_H=y" >> $config_host_mak
fi
diff --git a/include/qemu/authz-pam.h b/include/qemu/authz-pam.h
new file mode 100644
index 0000000..dba0289
--- /dev/null
+++ b/include/qemu/authz-pam.h
@@ -0,0 +1,98 @@
+/*
+ * QEMU pam authorization driver
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef QAUTHZ_PAM_H__
+#define QAUTHZ_PAM_H__
+
+#include "qemu/authz.h"
+
+
+#define TYPE_QAUTHZ_PAM "authz-pam"
+
+#define QAUTHZ_PAM_CLASS(klass) \
+ OBJECT_CLASS_CHECK(QAuthZPamClass, (klass), \
+ TYPE_QAUTHZ_PAM)
+#define QAUTHZ_PAM_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(QAuthZPamClass, (obj), \
+ TYPE_QAUTHZ_PAM)
+#define QAUTHZ_PAM(obj) \
+ INTERFACE_CHECK(QAuthZPam, (obj), \
+ TYPE_QAUTHZ_PAM)
+
+typedef struct QAuthZPam QAuthZPam;
+typedef struct QAuthZPamClass QAuthZPamClass;
+
+
+/**
+ * QAuthZPam:
+ *
+ * This authorization driver provides a pam mechanism
+ * for granting access by matching user names against a
+ * list of globs. Each match rule has an associated policy
+ * and a catch all policy applies if no rule matches
+ *
+ * To create an instance of this class via QMP:
+ *
+ * {
+ * "execute": "object-add",
+ * "arguments": {
+ * "qom-type": "authz-pam",
+ * "id": "auth0",
+ * "parameters": {
+ * "rules": [
+ * { "match": "fred", "policy": "allow", "format": "exact" },
+ * { "match": "bob", "policy": "allow", "format": "exact" },
+ * { "match": "danb", "policy": "deny", "format": "exact" },
+ * { "match": "dan*", "policy": "allow", "format": "glob" }
+ * ],
+ * "policy": "deny"
+ * }
+ * }
+ * }
+ *
+ * Or via the CLI:
+ *
+ * $QEMU \
+ * -object authz-pam,id=acl0,policy=deny, \
+ * match.0.name=fred,match.0.policy=allow,format=exact, \
+ * match.1.name=bob,match.1.policy=allow,format=exact, \
+ * match.2.name=danb,match.2.policy=deny,format=exact, \
+ * match.3.name=dan\*,match.3.policy=allow,format=exact
+ *
+ */
+struct QAuthZPam {
+ QAuthZ parent_obj;
+
+ char *service;
+};
+
+
+struct QAuthZPamClass {
+ QAuthZClass parent_class;
+};
+
+
+QAuthZPam *qauthz_pam_new(const char *id,
+ const char *service,
+ Error **errp);
+
+
+#endif /* QAUTHZ_PAM_H__ */
+
diff --git a/util/Makefile.objs b/util/Makefile.objs
index 08b5f91..dfb8e42 100644
--- a/util/Makefile.objs
+++ b/util/Makefile.objs
@@ -36,4 +36,7 @@ util-obj-y += qht.o
util-obj-y += range.o
util-qom-obj-y += authz.o
+util-qom-obj-$(CONFIG_PAM) += authz-pam.o
util-qom-obj-y += authz-simple.o
+
+authz-pam.o-libs = -lpam
diff --git a/util/authz-pam.c b/util/authz-pam.c
new file mode 100644
index 0000000..d38527e
--- /dev/null
+++ b/util/authz-pam.c
@@ -0,0 +1,148 @@
+/*
+ * QEMU pam authorization driver
+ *
+ * Copyright (c) 2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/authz-pam.h"
+#include "qom/object_interfaces.h"
+#include "qapi-visit.h"
+
+ #include <security/pam_appl.h>
+
+
+static bool qauthz_pam_is_allowed(QAuthZ *authz,
+ const char *identity,
+ Error **errp)
+{
+ QAuthZPam *pauthz = QAUTHZ_PAM(authz);
+ const struct pam_conv pam_conversation = { 0 };
+ pam_handle_t *pamh = NULL;
+ int ret;
+
+ ret = pam_start(pauthz->service,
+ identity,
+ &pam_conversation,
+ &pamh);
+ if (ret != PAM_SUCCESS) {
+ error_setg(errp, "Unable to start PAM transaction: %s",
+ pam_strerror(NULL, ret));
+ return false;
+ }
+
+ ret = pam_acct_mgmt(pamh, PAM_SILENT);
+ if (ret != PAM_SUCCESS) {
+ error_setg(errp, "Unable to authorize user '%s': %s",
+ identity, pam_strerror(pamh, ret));
+ goto cleanup;
+ }
+
+ cleanup:
+ pam_end(pamh, ret);
+ return ret == PAM_SUCCESS;
+}
+
+
+static void
+qauthz_pam_prop_set_service(Object *obj,
+ const char *service,
+ Error **errp G_GNUC_UNUSED)
+{
+ QAuthZPam *pauthz = QAUTHZ_PAM(obj);
+
+ g_free(pauthz->service);
+ pauthz->service = g_strdup(service);
+}
+
+
+static char *
+qauthz_pam_prop_get_service(Object *obj,
+ Error **errp G_GNUC_UNUSED)
+{
+ QAuthZPam *pauthz = QAUTHZ_PAM(obj);
+
+ return g_strdup(pauthz->service);
+}
+
+
+static void
+qauthz_pam_complete(UserCreatable *uc, Error **errp)
+{
+}
+
+
+static void
+qauthz_pam_finalize(Object *obj)
+{
+ QAuthZPam *pauthz = QAUTHZ_PAM(obj);
+
+ g_free(pauthz->service);
+}
+
+
+static void
+qauthz_pam_class_init(ObjectClass *oc, void *data)
+{
+ UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
+ QAuthZClass *authz = QAUTHZ_CLASS(oc);
+
+ ucc->complete = qauthz_pam_complete;
+ authz->is_allowed = qauthz_pam_is_allowed;
+
+ object_class_property_add_str(oc, "service",
+ qauthz_pam_prop_get_service,
+ qauthz_pam_prop_set_service,
+ NULL);
+}
+
+
+QAuthZPam *qauthz_pam_new(const char *id,
+ const char *service,
+ Error **errp)
+{
+ return QAUTHZ_PAM(
+ object_new_with_props(TYPE_QAUTHZ_PAM,
+ object_get_objects_root(),
+ id, errp,
+ "service", service,
+ NULL));
+}
+
+
+static const TypeInfo qauthz_pam_info = {
+ .parent = TYPE_QAUTHZ,
+ .name = TYPE_QAUTHZ_PAM,
+ .instance_size = sizeof(QAuthZPam),
+ .instance_finalize = qauthz_pam_finalize,
+ .class_size = sizeof(QAuthZPamClass),
+ .class_init = qauthz_pam_class_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+
+static void
+qauthz_pam_register_types(void)
+{
+ type_register_static(&qauthz_pam_info);
+}
+
+
+type_init(qauthz_pam_register_types);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH v10 11/11] qmp: add support for mixed typed input visitor
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (9 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 10/11] util: add QAuthZPAM object type for authorizing using PAM Daniel P. Berrange
@ 2016-08-15 14:22 ` Daniel P. Berrange
2016-08-15 14:44 ` [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API no-reply
2016-08-15 14:46 ` no-reply
12 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-15 14:22 UTC (permalink / raw)
To: qemu-devel
Cc: Markus Armbruster, Max Reitz, Marc-André Lureau,
Paolo Bonzini, Andreas Färber, Eric Blake,
Daniel P. Berrange
Add a qmp_mixed_input_visitor_new() method which returns
a QMP input visitor that accepts either strings or the
native data types.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
include/qapi/qobject-input-visitor.h | 22 ++++++++
qapi/qobject-input-visitor.c | 98 ++++++++++++++++++++++++++++++++++++
2 files changed, 120 insertions(+)
diff --git a/include/qapi/qobject-input-visitor.h b/include/qapi/qobject-input-visitor.h
index aa911cb..d9fe1d4 100644
--- a/include/qapi/qobject-input-visitor.h
+++ b/include/qapi/qobject-input-visitor.h
@@ -60,4 +60,26 @@ Visitor *qobject_input_visitor_new(QObject *obj, bool strict);
*/
Visitor *qobject_string_input_visitor_new(QObject *obj);
+/**
+ * qobject_mixed_input_visitor_new:
+ * @obj: the input object to visit
+ * @strict: whether to require that all input keys are consumed
+ *
+ * Create a new input visitor that converts a QObject to a QAPI object.
+ *
+ * Any scalar values in the @obj input data structure can either be
+ * represented as the native data type, or as strings. ie if visiting
+ * a boolean, the value can be a QBoolean or a QString whose contents
+ * represent a valid boolean.
+ *
+ * If @strict is set to true, then an error will be reported if any
+ * dict keys are not consumed during visitation.
+ *
+ * The returned input visitor should be released by calling
+ * visit_free() when no longer required.
+ *
+ * Returns: a new input visitor
+ */
+Visitor *qobject_mixed_input_visitor_new(QObject *obj, bool strict);
+
#endif
diff --git a/qapi/qobject-input-visitor.c b/qapi/qobject-input-visitor.c
index b79c229..d71c195 100644
--- a/qapi/qobject-input-visitor.c
+++ b/qapi/qobject-input-visitor.c
@@ -276,6 +276,19 @@ static void qobject_input_type_int64_str(Visitor *v, const char *name,
*obj = ret;
}
+static void qobject_input_type_int64_mixed(Visitor *v, const char *name,
+ int64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
+
+ if (qobj && qobj->type == QTYPE_QSTRING) {
+ qobject_input_type_int64_str(v, name, obj, errp);
+ } else {
+ qobject_input_type_int64(v, name, obj, errp);
+ }
+}
+
static void qobject_input_type_uint64(Visitor *v, const char *name,
uint64_t *obj, Error **errp)
{
@@ -302,6 +315,19 @@ static void qobject_input_type_uint64_str(Visitor *v, const char *name,
parse_option_number(name, qstr ? qstr->string : NULL, obj, errp);
}
+static void qobject_input_type_uint64_mixed(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
+
+ if (qobj && qobj->type == QTYPE_QSTRING) {
+ qobject_input_type_uint64_str(v, name, obj, errp);
+ } else {
+ qobject_input_type_uint64(v, name, obj, errp);
+ }
+}
+
static void qobject_input_type_bool(Visitor *v, const char *name, bool *obj,
Error **errp)
{
@@ -327,6 +353,19 @@ static void qobject_input_type_bool_str(Visitor *v, const char *name, bool *obj,
parse_option_bool(name, qstr ? qstr->string : NULL, obj, errp);
}
+static void qobject_input_type_bool_mixed(Visitor *v, const char *name,
+ bool *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
+
+ if (qobj && qobj->type == QTYPE_QSTRING) {
+ qobject_input_type_bool_str(v, name, obj, errp);
+ } else {
+ qobject_input_type_bool(v, name, obj, errp);
+ }
+}
+
static void qobject_input_type_str(Visitor *v, const char *name, char **obj,
Error **errp)
{
@@ -388,6 +427,19 @@ static void qobject_input_type_number_str(Visitor *v, const char *name,
"number");
}
+static void qobject_input_type_number_mixed(Visitor *v, const char *name,
+ double *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
+
+ if (qobj && qobj->type == QTYPE_QSTRING) {
+ qobject_input_type_number_str(v, name, obj, errp);
+ } else {
+ qobject_input_type_number(v, name, obj, errp);
+ }
+}
+
static void qobject_input_type_any(Visitor *v, const char *name, QObject **obj,
Error **errp)
{
@@ -435,6 +487,20 @@ static void qobject_input_type_size_str(Visitor *v, const char *name,
"size");
}
+static void qobject_input_type_size_mixed(Visitor *v, const char *name,
+ uint64_t *obj, Error **errp)
+{
+ QObjectInputVisitor *qiv = to_qiv(v);
+ QObject *qobj = qobject_input_get_object(qiv, name, true);
+
+ if (qobj && qobj->type == QTYPE_QSTRING) {
+ qobject_input_type_size_str(v, name, obj, errp);
+ } else {
+ qobject_input_type_uint64(v, name, obj, errp);
+ }
+}
+
+
static void qobject_input_optional(Visitor *v, const char *name, bool *present)
{
QObjectInputVisitor *qiv = to_qiv(v);
@@ -524,3 +590,35 @@ Visitor *qobject_string_input_visitor_new(QObject *obj)
return &v->visitor;
}
+
+Visitor *qobject_mixed_input_visitor_new(QObject *obj, bool strict)
+{
+ QObjectInputVisitor *v;
+
+ v = g_malloc0(sizeof(*v));
+
+ v->visitor.type = VISITOR_INPUT;
+ v->visitor.start_struct = qobject_input_start_struct;
+ v->visitor.check_struct = qobject_input_check_struct;
+ v->visitor.end_struct = qobject_input_pop;
+ v->visitor.start_list = qobject_input_start_list;
+ v->visitor.next_list = qobject_input_next_list;
+ v->visitor.end_list = qobject_input_pop;
+ v->visitor.start_alternate = qobject_input_start_alternate;
+ v->visitor.type_int64 = qobject_input_type_int64_mixed;
+ v->visitor.type_uint64 = qobject_input_type_uint64_mixed;
+ v->visitor.type_bool = qobject_input_type_bool_mixed;
+ v->visitor.type_str = qobject_input_type_str;
+ v->visitor.type_number = qobject_input_type_number_mixed;
+ v->visitor.type_any = qobject_input_type_any;
+ v->visitor.type_null = qobject_input_type_null;
+ v->visitor.type_size = qobject_input_type_size_mixed;
+ v->visitor.optional = qobject_input_optional;
+ v->visitor.free = qobject_input_free;
+ v->strict = strict;
+
+ v->root = obj;
+ qobject_incref(obj);
+
+ return &v->visitor;
+}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (10 preceding siblings ...)
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 11/11] qmp: add support for mixed typed input visitor Daniel P. Berrange
@ 2016-08-15 14:44 ` no-reply
2016-08-15 14:46 ` no-reply
12 siblings, 0 replies; 16+ messages in thread
From: no-reply @ 2016-08-15 14:44 UTC (permalink / raw)
To: berrange
Cc: famz, qemu-devel, armbru, mreitz, marcandre.lureau, pbonzini, afaerber
Hi,
Your series seems to have some coding style problems. See output below for
more information:
Message-id: 1471270945-19975-1-git-send-email-berrange@redhat.com
Subject: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0
commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git show --no-patch --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done
exit $failed
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
* [new tag] patchew/1471270945-19975-1-git-send-email-berrange@redhat.com -> patchew/1471270945-19975-1-git-send-email-berrange@redhat.com
Switched to a new branch 'test'
2b42606 qmp: add support for mixed typed input visitor
03ccf4a util: add QAuthZPAM object type for authorizing using PAM
681b2e7 acl: delete existing ACL implementation
3c99fc6 util: add QAuthZSimple object type for a simple access control list
5517080 util: add QAuthZ object as an authorization base class
0393e1c qom: support arbitrary non-scalar properties with -object
f63ef93 qapi: add a QmpInputVisitor that does string conversion
650ee1f qapi: rename QmpOutputVisitor to QObjectOutputVisitor
2a1a17d qapi: rename QmpInputVisitor to QObjectInputVisitor
d0ded29 option: make parse_option_bool/number non-static
3aebeb5 qdict: implement a qdict_crumple method for un-flattening a dict
=== OUTPUT BEGIN ===
Checking PATCH 1/11: qdict: implement a qdict_crumple method for un-flattening a dict...
Checking PATCH 2/11: option: make parse_option_bool/number non-static...
Checking PATCH 3/11: qapi: rename QmpInputVisitor to QObjectInputVisitor...
ERROR: open brace '{' following struct go on the same line
#572: FILE: qapi/qobject-input-visitor.c:27:
+typedef struct StackObject
+{
ERROR: open brace '{' following struct go on the same line
#583: FILE: qapi/qobject-input-visitor.c:38:
+struct QObjectInputVisitor
+{
WARNING: line over 80 characters
#2480: FILE: tests/test-qobject-input-strict.c:94:
+ v = validate_test_init(data, "{ 'integer': -42, 'boolean': true, 'string': 'foo' }");
ERROR: line over 90 characters
#2508: FILE: tests/test-qobject-input-strict.c:122:
+ v = validate_test_init(data, "[ { 'string': 'string0', 'integer': 42 }, { 'string': 'string1', 'integer': 43 }, { 'string': 'string2', 'integer': 44 } ]");
ERROR: line over 90 characters
#2561: FILE: tests/test-qobject-input-strict.c:175:
+ v = validate_test_init(data, "{ 'integer': -42, 'boolean': true, 'string': 'foo', 'extra': 42 }");
ERROR: line over 90 characters
#2575: FILE: tests/test-qobject-input-strict.c:189:
+ v = validate_test_init(data, "{ 'string0': 'string0', 'dict1': { 'string1': 'string1', 'dict2': { 'userdef1': { 'integer': 42, 'string': 'string', 'extra': [42, 23, {'foo':'bar'}] }, 'string2': 'string2'}}}");
ERROR: line over 90 characters
#2589: FILE: tests/test-qobject-input-strict.c:203:
+ v = validate_test_init(data, "[ { 'string': 'string0', 'integer': 42 }, { 'string': 'string1', 'integer': 43 }, { 'string': 'string2', 'integer': 44, 'extra': 'ggg' } ]");
WARNING: line over 80 characters
#2618: FILE: tests/test-qobject-input-strict.c:232:
+ v = validate_test_init(data, "{ 'string': 'c', 'integer': 41, 'boolean': true }");
ERROR: line over 90 characters
#2633: FILE: tests/test-qobject-input-strict.c:247:
+ v = validate_test_init(data, "{ 'integer': 42, 'string': 'c', 'string1': 'd', 'string2': 'e' }");
ERROR: line over 90 characters
#2677: FILE: tests/test-qobject-input-strict.c:291:
+ void (*test_func)(TestInputVisitorData *data, const void *user_data))
ERROR: line over 90 characters
#2900: FILE: tests/test-qobject-input-visitor.c:173:
+ v = visitor_input_test_init(data, "{ 'integer': -42, 'boolean': true, 'string': 'foo' }");
ERROR: line over 90 characters
#2941: FILE: tests/test-qobject-input-visitor.c:214:
+ v = visitor_input_test_init(data, "[ { 'string': 'string0', 'integer': 42 }, { 'string': 'string1', 'integer': 43 }, { 'string': 'string2', 'integer': 44 } ]");
ERROR: line over 90 characters
#2981: FILE: tests/test-qobject-input-visitor.c:254:
+ v = visitor_input_test_init(data, "{ 'integer': -42, 'boolean': true, 'string': 'foo' }");
ERROR: line over 90 characters
#3478: FILE: tests/test-qobject-input-visitor.c:751:
+ void (*test_func)(TestInputVisitorData *data, const void *user_data))
total: 12 errors, 2 warnings, 1864 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 4/11: qapi: rename QmpOutputVisitor to QObjectOutputVisitor...
ERROR: line over 90 characters
#2555: FILE: tests/test-qobject-output-visitor.c:792:
+ void (*test_func)(TestOutputVisitorData *data, const void *user_data))
total: 1 errors, 0 warnings, 1384 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 5/11: qapi: add a QmpInputVisitor that does string conversion...
WARNING: line over 80 characters
#448: FILE: tests/test-qobject-input-visitor.c:420:
+ v = visitor_input_test_init_full(data, false, false, "{ 'a': null, 'b': '' }");
total: 0 errors, 1 warnings, 423 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 6/11: qom: support arbitrary non-scalar properties with -object...
Checking PATCH 7/11: util: add QAuthZ object as an authorization base class...
Checking PATCH 8/11: util: add QAuthZSimple object type for a simple access control list...
Checking PATCH 9/11: acl: delete existing ACL implementation...
Checking PATCH 10/11: util: add QAuthZPAM object type for authorizing using PAM...
Checking PATCH 11/11: qmp: add support for mixed typed input visitor...
=== OUTPUT END ===
Test command exited with code: 1
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
` (11 preceding siblings ...)
2016-08-15 14:44 ` [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API no-reply
@ 2016-08-15 14:46 ` no-reply
2016-08-16 1:21 ` Fam Zheng
12 siblings, 1 reply; 16+ messages in thread
From: no-reply @ 2016-08-15 14:46 UTC (permalink / raw)
To: berrange
Cc: famz, qemu-devel, armbru, mreitz, marcandre.lureau, pbonzini, afaerber
Hi,
Your series failed automatic build test. Please find the testing commands and
their output below. If you have docker installed, you can probably reproduce it
locally.
Message-id: 1471270945-19975-1-git-send-email-berrange@redhat.com
Subject: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
make J=8 docker-test-quick@centos6
# we need CURL DPRINTF patch
# http://patchew.org/QEMU/1470027888-24381-1-git-send-email-famz%40redhat.com/
#make J=8 docker-test-mingw@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
2b42606 qmp: add support for mixed typed input visitor
03ccf4a util: add QAuthZPAM object type for authorizing using PAM
681b2e7 acl: delete existing ACL implementation
3c99fc6 util: add QAuthZSimple object type for a simple access control list
5517080 util: add QAuthZ object as an authorization base class
0393e1c qom: support arbitrary non-scalar properties with -object
f63ef93 qapi: add a QmpInputVisitor that does string conversion
650ee1f qapi: rename QmpOutputVisitor to QObjectOutputVisitor
2a1a17d qapi: rename QmpInputVisitor to QObjectInputVisitor
d0ded29 option: make parse_option_bool/number non-static
3aebeb5 qdict: implement a qdict_crumple method for un-flattening a dict
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into 'dtc'...
Submodule path 'dtc': checked out '65cc4d2748a2c2e6f27f1cf39e07a5dbabd80ebf'
BUILD centos6
ARCHIVE qemu.tgz
ARCHIVE dtc.tgz
COPY RUNNER
RUN test-quick in centos6
No C++ compiler available; disabling C++ specific optional code
Install prefix /tmp/qemu-test/src/tests/docker/install
BIOS directory /tmp/qemu-test/src/tests/docker/install/share/qemu
binary directory /tmp/qemu-test/src/tests/docker/install/bin
library directory /tmp/qemu-test/src/tests/docker/install/lib
module directory /tmp/qemu-test/src/tests/docker/install/lib/qemu
libexec directory /tmp/qemu-test/src/tests/docker/install/libexec
include directory /tmp/qemu-test/src/tests/docker/install/include
config directory /tmp/qemu-test/src/tests/docker/install/etc
local state directory /tmp/qemu-test/src/tests/docker/install/var
Manual directory /tmp/qemu-test/src/tests/docker/install/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path /tmp/qemu-test/src
C compiler cc
Host C compiler cc
C++ compiler
Objective-C compiler cc
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -g
QEMU_CFLAGS -I/usr/include/pixman-1 -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-all
LDFLAGS -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -g
make make
install install
python python -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
tcg debug enabled no
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
pixman system
SDL support yes (1.2.14)
GTK support no
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support no
GNUTLS rnd no
libgcrypt no
libgcrypt kdf no
nettle no
nettle kdf no
libtasn1 no
PAM no
curses support no
virgl support no
curl support no
mingw32 support no
Audio drivers oss
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
VNC support yes
VNC SASL support no
VNC JPEG support no
VNC PNG support no
xen support no
brlapi support no
bluez support no
Documentation no
PIE yes
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support yes
Install blobs yes
KVM support yes
RDMA support no
TCG interpreter no
fdt support yes
preadv support yes
fdatasync yes
madvise yes
posix_madvise yes
uuid support no
libcap-ng support no
vhost-net support yes
vhost-scsi support yes
Trace backends log
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info no
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
GlusterFS support no
Archipelago support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support no
TPM passthrough yes
QOM debugging yes
vhdx no
lzo support no
snappy support no
bzip2 support no
NUMA host support no
tcmalloc support no
jemalloc support no
avx2 optimization no
GEN x86_64-softmmu/config-devices.mak.tmp
GEN aarch64-softmmu/config-devices.mak.tmp
GEN config-host.h
GEN qemu-options.def
GEN qmp-commands.h
GEN qapi-types.h
GEN qapi-visit.h
GEN qapi-event.h
GEN x86_64-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN qmp-introspect.h
GEN tests/test-qapi-types.h
GEN tests/test-qapi-visit.h
GEN tests/test-qmp-commands.h
GEN tests/test-qapi-event.h
GEN tests/test-qmp-introspect.h
GEN config-all-devices.mak
GEN trace/generated-events.h
GEN trace/generated-tracers.h
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
CC tests/qemu-iotests/socket_scm_helper.o
GEN qga/qapi-generated/qga-qapi-types.h
GEN qga/qapi-generated/qga-qapi-visit.h
GEN qga/qapi-generated/qga-qmp-commands.h
GEN qga/qapi-generated/qga-qapi-types.c
GEN qga/qapi-generated/qga-qapi-visit.c
GEN qmp-introspect.c
GEN qga/qapi-generated/qga-qmp-marshal.c
GEN qapi-types.c
GEN qapi-visit.c
GEN qapi-event.c
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qobject-input-visitor.o
CC qapi/qobject-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qint.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qlist.o
CC qobject/qfloat.o
CC qobject/qbool.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
GEN trace/generated-events.c
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/compatfd.o
CC util/event_notifier-posix.o
CC util/mmap-alloc.o
CC util/oslib-posix.o
CC util/qemu-openpty.o
CC util/qemu-thread-posix.o
CC util/memfd.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/bitmap.o
CC util/bitops.o
CC util/hbitmap.o
CC util/fifo8.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/hexdump.o
CC util/crc32c.o
CC util/throttle.o
CC util/getauxval.o
CC util/readline.o
CC util/rfifolock.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-ucontext.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
/tmp/qemu-test/src/util/qht.c: In function ‘qht_reset_size’:
/tmp/qemu-test/src/util/qht.c:413: warning: ‘new’ may be used uninitialized in this function
CC stubs/cpu-get-clock.o
CC stubs/clock-warp.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/fdset-add-fd.o
CC stubs/fdset-find-fd.o
CC stubs/fdset-get-fd.o
CC stubs/fdset-remove-fd.o
CC stubs/gdbstub.o
CC stubs/get-fd.o
CC stubs/get-next-serial.o
CC stubs/get-vm-name.o
CC stubs/iothread-lock.o
CC stubs/machine-init-done.o
CC stubs/is-daemonized.o
CC stubs/migr-blocker.o
CC stubs/mon-is-qmp.o
CC stubs/mon-printf.o
CC stubs/monitor-init.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/replay-user.o
CC stubs/reset.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/cpus.o
CC stubs/kvm.o
CC stubs/qmp_pc_dimm_device_list.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/vhost.o
CC stubs/iohandler.o
CC stubs/smbios_type_38.o
CC stubs/ipmi.o
CC stubs/pc_madt_cpu_entry.o
CC contrib/ivshmem-client/ivshmem-client.o
CC contrib/ivshmem-client/main.o
CC contrib/ivshmem-server/ivshmem-server.o
CC contrib/ivshmem-server/main.o
CC qemu-nbd.o
CC async.o
CC thread-pool.o
CC block.o
CC blockjob.o
CC main-loop.o
CC iohandler.o
CC qemu-timer.o
CC aio-posix.o
CC qemu-io-cmds.o
CC block/raw_bsd.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qed.o
CC block/qcow2-cache.o
CC block/qed-gencb.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/raw-posix.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC block/dmg.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-glib.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-platform.o
CC crypto/pbkdf.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC crypto/block-luks.o
CC io/channel.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-tls.o
CC io/channel-watch.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/qom-qobject.o
CC qom/object_interfaces.o
CC util/authz.o
CC util/authz-pam.o
CC util/authz-simple.o
GEN qemu-img-cmds.h
CC qemu-io.o
CC qemu-bridge-helper.o
CC blockdev.o
CC blockdev-nbd.o
CC iothread.o
/tmp/qemu-test/src/util/authz-pam.c:26:32: warning: security/pam_appl.h: No such file or directory
/tmp/qemu-test/src/util/authz-pam.c: In function ‘qauthz_pam_is_allowed’:
/tmp/qemu-test/src/util/authz-pam.c:34: error: variable ‘pam_conversation’ has initializer but incomplete type
/tmp/qemu-test/src/util/authz-pam.c:34: warning: excess elements in struct initializer
/tmp/qemu-test/src/util/authz-pam.c:34: warning: (near initialization for ‘pam_conversation’)
/tmp/qemu-test/src/util/authz-pam.c:34: error: storage size of ‘pam_conversation’ isn’t known
/tmp/qemu-test/src/util/authz-pam.c:35: error: ‘pam_handle_t’ undeclared (first use in this function)
/tmp/qemu-test/src/util/authz-pam.c:35: error: (Each undeclared identifier is reported only once
/tmp/qemu-test/src/util/authz-pam.c:35: error: for each function it appears in.)
/tmp/qemu-test/src/util/authz-pam.c:35: error: ‘pamh’ undeclared (first use in this function)
/tmp/qemu-test/src/util/authz-pam.c:38: warning: implicit declaration of function ‘pam_start’
/tmp/qemu-test/src/util/authz-pam.c:38: warning: nested extern declaration of ‘pam_start’
/tmp/qemu-test/src/util/authz-pam.c:42: error: ‘PAM_SUCCESS’ undeclared (first use in this function)
/tmp/qemu-test/src/util/authz-pam.c:43: warning: implicit declaration of function ‘pam_strerror’
/tmp/qemu-test/src/util/authz-pam.c:43: warning: nested extern declaration of ‘pam_strerror’
/tmp/qemu-test/src/util/authz-pam.c:43: warning: format ‘%s’ expects type ‘char *’, but argument 6 has type ‘int’
/tmp/qemu-test/src/util/authz-pam.c:48: warning: implicit declaration of function ‘pam_acct_mgmt’
/tmp/qemu-test/src/util/authz-pam.c:48: warning: nested extern declaration of ‘pam_acct_mgmt’
/tmp/qemu-test/src/util/authz-pam.c:48: error: ‘PAM_SILENT’ undeclared (first use in this function)
/tmp/qemu-test/src/util/authz-pam.c:56: warning: implicit declaration of function ‘pam_end’
/tmp/qemu-test/src/util/authz-pam.c:56: warning: nested extern declaration of ‘pam_end’
/tmp/qemu-test/src/util/authz-pam.c:34: warning: unused variable ‘pam_conversation’
make: *** [util/authz-pam.o] Error 1
make: *** Waiting for unfinished jobs....
tests/docker/Makefile.include:104: recipe for target 'docker-run-test-quick@centos6' failed
make: *** [docker-run-test-quick@centos6] Error 1
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
2016-08-15 14:46 ` no-reply
@ 2016-08-16 1:21 ` Fam Zheng
2016-08-16 8:29 ` Daniel P. Berrange
0 siblings, 1 reply; 16+ messages in thread
From: Fam Zheng @ 2016-08-16 1:21 UTC (permalink / raw)
To: qemu-devel; +Cc: berrange, armbru, mreitz, marcandre.lureau, pbonzini, afaerber
On Mon, 08/15 07:46, no-reply@ec2-52-6-146-230.compute-1.amazonaws.com wrote:
> /tmp/qemu-test/src/util/authz-pam.c:26:32: warning: security/pam_appl.h: No such file or directory
Hi Daniel,
I think there is an unfortunate CONFIG_ var collision you probably want to
avoid:
$ git grep CONFIG_PAM
configure: echo "CONFIG_PAM=y" >> $config_host_mak
default-configs/i386-softmmu.mak:CONFIG_PAM=y
default-configs/x86_64-softmmu.mak:CONFIG_PAM=y
util/Makefile.objs:$(warning $(CONFIG_PAM))
util/Makefile.objs:util-qom-obj-$(CONFIG_PAM) += authz-pam.o
Fam
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API
2016-08-16 1:21 ` Fam Zheng
@ 2016-08-16 8:29 ` Daniel P. Berrange
0 siblings, 0 replies; 16+ messages in thread
From: Daniel P. Berrange @ 2016-08-16 8:29 UTC (permalink / raw)
To: Fam Zheng
Cc: qemu-devel, armbru, mreitz, marcandre.lureau, pbonzini, afaerber
On Tue, Aug 16, 2016 at 09:21:40AM +0800, Fam Zheng wrote:
> On Mon, 08/15 07:46, no-reply@ec2-52-6-146-230.compute-1.amazonaws.com wrote:
> > /tmp/qemu-test/src/util/authz-pam.c:26:32: warning: security/pam_appl.h: No such file or directory
>
> Hi Daniel,
>
> I think there is an unfortunate CONFIG_ var collision you probably want to
> avoid:
>
> $ git grep CONFIG_PAM
> configure: echo "CONFIG_PAM=y" >> $config_host_mak
> default-configs/i386-softmmu.mak:CONFIG_PAM=y
> default-configs/x86_64-softmmu.mak:CONFIG_PAM=y
Fun, those don't appear to have been used anywhere. In fact I see 4 config
options in default-configs are appear unused
$ for i in `grep -h -E '^CONFIG' default-configs/* | sed -e 's/=.*//' | sort | uniq`
do
echo -n "$i: "
git grep $i | grep -v default-configs | wc -l
done | grep ": 0"
CONFIG_IPMI_EXTERN: 0
CONFIG_ISA_MMIO: 0
CONFIG_PAM: 0
CONFIG_PIIX_PCI: 0
so I'll send a patch to delete those
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2016-08-16 8:29 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-08-15 14:22 [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 01/11] qdict: implement a qdict_crumple method for un-flattening a dict Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 02/11] option: make parse_option_bool/number non-static Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 03/11] qapi: rename QmpInputVisitor to QObjectInputVisitor Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 04/11] qapi: rename QmpOutputVisitor to QObjectOutputVisitor Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 05/11] qapi: add a QmpInputVisitor that does string conversion Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 06/11] qom: support arbitrary non-scalar properties with -object Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 07/11] util: add QAuthZ object as an authorization base class Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 08/11] util: add QAuthZSimple object type for a simple access control list Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 09/11] acl: delete existing ACL implementation Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 10/11] util: add QAuthZPAM object type for authorizing using PAM Daniel P. Berrange
2016-08-15 14:22 ` [Qemu-devel] [PATCH v10 11/11] qmp: add support for mixed typed input visitor Daniel P. Berrange
2016-08-15 14:44 ` [Qemu-devel] [PATCH v10 00/11] Provide a QOM-based authorization API no-reply
2016-08-15 14:46 ` no-reply
2016-08-16 1:21 ` Fam Zheng
2016-08-16 8:29 ` Daniel P. Berrange
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.