From: "Daniel P. Berrange" <berrange@redhat.com>
To: Fam Zheng <famz@redhat.com>
Cc: peter.maydell@linaro.org, mjt@tls.msk.ru, qemu-devel@nongnu.org,
alex@alex.org.uk, pbonzini@redhat.com, vilanova@ac.upc.edu,
rth@twiddle.net
Subject: Re: [Qemu-devel] [PATCH v8 6/9] module: add configurable module whitelist
Date: Fri, 13 Sep 2013 10:03:58 +0100 [thread overview]
Message-ID: <20130913090358.GA19404@redhat.com> (raw)
In-Reply-To: <1379061534-19171-7-git-send-email-famz@redhat.com>
On Fri, Sep 13, 2013 at 04:38:51PM +0800, Fam Zheng wrote:
> Accept configure option "--enable-modules=L", to restrict qemu to only
> load whitelisted modules.
>
> Signed-off-by: Fam Zheng <famz@redhat.com>
> ---
> configure | 12 +++++++++++-
> rules.mak | 7 ++++++-
> scripts/create_config | 7 +++++++
> util/module.c | 16 ++++++++++++++++
> 4 files changed, 40 insertions(+), 2 deletions(-)
>
> diff --git a/configure b/configure
> index 3043059..01e3665 100755
> --- a/configure
> +++ b/configure
> @@ -652,7 +652,9 @@ for opt do
> ;;
> --disable-debug-info)
> ;;
> - --enable-modules) modules="yes"
> + --enable-modules|--enable-modules=*)
> + modules="yes"
> + module_list=`echo "$optarg" | sed -e 's/,/ /g'`
> ;;
> --cpu=*)
> ;;
> @@ -1060,6 +1062,8 @@ echo " --sysconfdir=PATH install config in PATH$confsuffix"
> echo " --localstatedir=PATH install local state in PATH (set at runtime on win32)"
> echo " --with-confsuffix=SUFFIX suffix for QEMU data inside datadir and sysconfdir [$confsuffix]"
> echo " --enable-modules enable modules support"
> +echo " --enable-modules=L enable modules and provide a whitelist"
> +echo " Available modules: curl iscsi gluster ssh rbd"
> echo " --enable-debug-tcg enable TCG debugging"
> echo " --disable-debug-tcg disable TCG debugging (default)"
> echo " --enable-debug-info enable debugging information (default)"
> @@ -3590,6 +3594,9 @@ if test "$slirp" = "yes" ; then
> echo "smbd $smbd"
> fi
> echo "module support $modules"
> +if test -n "$module_list"; then
> + echo "module whitelist $module_list"
> +fi
> echo "host CPU $cpu"
> echo "host big endian $bigendian"
> echo "target list $target_list"
> @@ -3711,6 +3718,9 @@ echo "ARCH=$ARCH" >> $config_host_mak
> echo "CONFIG_FINGERPRINT=$(date +%s$$$RANDOM)" >> $config_host_mak
> if test "$modules" = "yes"; then
> echo "CONFIG_MODULES=y" >> $config_host_mak
> + if test -n "$module_list"; then
> + echo "CONFIG_MODULE_WHITELIST=$module_list" >> $config_host_mak
> + fi
> fi
> case "$cpu" in
> arm|i386|x86_64|x32|ppc|aarch64)
> diff --git a/rules.mak b/rules.mak
> index 0670366..e5529da 100644
> --- a/rules.mak
> +++ b/rules.mak
> @@ -165,13 +165,18 @@ $(if $(nested-dirs),
> $(call unnest-vars-1))
> endef
>
> +is-whitelisted = $(if $(CONFIG_MODULE_WHITELIST),$(strip \
> + $(filter $(CONFIG_MODULE_WHITELIST),$(basename $(notdir $1)))),\
> + yes)
> define add-modules
> $(foreach o,$(filter %.o,$($1)),
> $(eval $(patsubst %.o,%.mo,$o): $o) \
> $(eval $(patsubst %.o,%.mo,$o)-objs := $o))
> $(foreach o,$(filter %.mo,$($1)),$(eval \
> $o: $($o-objs)))
> -$(eval modules-m += $(patsubst %.o,%.mo,$($1)))
> +$(eval t := $(patsubst %.o,%.mo,$($1)))
> +$(foreach o,$t,$(if $(call is-whitelisted,$o),$(eval \
> + modules-m += $o)))
> endef
>
> define unnest-vars
> diff --git a/scripts/create_config b/scripts/create_config
> index ecc5d4d..ab430c7 100755
> --- a/scripts/create_config
> +++ b/scripts/create_config
> @@ -37,6 +37,13 @@ case $line in
> CONFIG_MODULES=*)
> echo "#define CONFIG_MODULES \"${line#*=}\""
> ;;
> + CONFIG_MODULE_WHITELIST=*)
> + echo "#define CONFIG_MODULE_WHITELIST\\"
> + for mod in ${line#*=}; do
> + echo " \"${mod}\",\\"
> + done
> + echo " NULL"
> + ;;
> CONFIG_AUDIO_DRIVERS=*)
> drivers=${line#*=}
> echo "#define CONFIG_AUDIO_DRIVERS \\"
> diff --git a/util/module.c b/util/module.c
> index 9135c14..cb882f0 100644
> --- a/util/module.c
> +++ b/util/module.c
> @@ -124,7 +124,14 @@ void module_load(module_load_type type)
> const char *path;
> char *fname = NULL;
> DIR *dp;
> +#ifdef CONFIG_MODULE_WHITELIST
> + const char **mp;
> + const char *module_whitelist[] = {
> + CONFIG_MODULE_WHITELIST
> + };
> +#else
> struct dirent *ep = NULL;
> +#endif
>
> if (!g_module_supported()) {
> return;
> @@ -149,10 +156,19 @@ void module_load(module_load_type type)
> fprintf(stderr, "Failed to open dir %s\n", path);
> return;
> }
> +#ifdef CONFIG_MODULE_WHITELIST
> + for (mp = &module_whitelist[0]; *mp; mp++) {
> + fname = g_strdup_printf("%s%s" HOST_DSOSUF, path, *mp);
> + module_load_file(fname);
> + g_free(fname);
> + }
> +#else
> for (ep = readdir(dp); ep; ep = readdir(dp)) {
> fname = g_strdup_printf("%s%s", path, ep->d_name);
> module_load_file(fname);
> g_free(fname);
> }
> #endif
Having two code paths here is silly. Even if the user does not specify
a whitelist to configure, we know exactly what modules the QEMU source
tree contains. We *never* have any need to use readdir here.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
next prev parent reply other threads:[~2013-09-13 9:04 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-13 8:38 [Qemu-devel] [PATCH v8 0/9] Shared Library Module Support Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 1/9] ui/Makefile.objs: delete unnecessary cocoa.o dependency Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 2/9] make.rule: fix $(obj) to a real relative path Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 3/9] rule.mak: allow per object cflags and libs Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 4/9] build-sys: introduce common-obj-m and block-obj-m for DSO Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 5/9] module: implement module loading function Fam Zheng
2013-09-13 9:56 ` Alex Bligh
2013-09-13 10:02 ` Paolo Bonzini
2013-09-13 10:38 ` Alex Bligh
2013-09-13 10:05 ` Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 6/9] module: add configurable module whitelist Fam Zheng
2013-09-13 9:03 ` Daniel P. Berrange [this message]
2013-09-13 9:57 ` Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 7/9] Makefile: install modules with "make install" Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 8/9] .gitignore: ignore module related files (dll, so, mo) Fam Zheng
2013-09-13 8:38 ` [Qemu-devel] [PATCH v8 9/9] block: convert block drivers linked with libs to modules Fam Zheng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130913090358.GA19404@redhat.com \
--to=berrange@redhat.com \
--cc=alex@alex.org.uk \
--cc=famz@redhat.com \
--cc=mjt@tls.msk.ru \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
--cc=vilanova@ac.upc.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.