From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Marc-André Lureau" <marcandre.lureau@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Konstantin Kostiuk" <kkostiuk@redhat.com>,
"Thomas Huth" <thuth@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>
Subject: Re: [PATCH v2 00/22] qga: clean up command source locations and conditionals
Date: Tue, 2 Jul 2024 19:00:17 +0100 [thread overview]
Message-ID: <ZoRAMXeKDObGnl4h@redhat.com> (raw)
In-Reply-To: <20240613150127.1361931-1-berrange@redhat.com>
Ping: for any review comments from QGA maintainers ?
On Thu, Jun 13, 2024 at 04:01:05PM +0100, Daniel P. Berrangé wrote:
> This series is a side effect of other work I started, to attempt to
> make the QGA safe to use in confidential VMs by automatically
> restricting the permitted commands. Since this cleanup stands on
> its own, I'm sending it now.
>
> The QGA codebase has a very complicated maze of #ifdefs to create
> stubs for the various commands that cannot be implemented on certain
> platforms. It then has further logic to dynamically disable the stub
> commands at runtime, except this is not consistently applied, so
> some commands remain enabled despite being merely stubs.
>
> The resulting code is hard to follow, when trying to understand exactly
> what commands are available under what circumstances, and when changing
> impls it is easy to get the #ifdefs wrong, resulting in stubs getting
> missed on platforms without a real impl. In some cases, we have multiple
> stubs for the same command, due to the maze of #ifdefs.
>
> The QAPI schema language has support for many years for expressing
> conditions against commands when declaring them. This results in the
> QAPI code generator omitting their implementation entirely at build
> time. This has mutliple benefits
>
> * The unsupported commands are guaranteed to not exist at runtime
> * No stubs need ever be defined in the code
> * The generated QAPI reference manual documents the build conditions
>
> This series is broadly split into three parts
>
> * Moving tonnes of Linux only commands out of commands-posix.c
> into commands-linux.c to remove many #ifdefs.
> * Adding 'if' conditions in the QAPI schema to reflect the
> build conditions, removing many more #ifdefs
> * Sanitizing the logic for disabling/enabling commands at
> runtime to guarantee consistency
>
> Changed in v2:
>
> - Make FSFreeze error reporting distinguish inability to enable
> VSS from user config choice
>
> - Fully remove ga_command_init_blockedrpcs() methods. No more
> special case disabling of commands. Either they're disabled
> at build time, or disabled by user config, or by well defined
> rule ie not permitted during FS freeze.
>
> - Apply rules later in startup to avoid crash from NULL config
> pointer
>
> - Document changed error messages in commit messages
>
> - Add -c / --config command line parameter
>
> - Fix mistaken enabling of fsfreeze hooks on win32
>
> - Remove pointless 'blockrpcs_key' variable
>
> - Allow concurrent setting of allow and block lists for
> RPC commands
>
> Daniel P. Berrangé (22):
> qga: drop blocking of guest-get-memory-block-size command
> qga: move linux vcpu command impls to commands-linux.c
> qga: move linux suspend command impls to commands-linux.c
> qga: move linux fs/disk command impls to commands-linux.c
> qga: move linux disk/cpu stats command impls to commands-linux.c
> qga: move linux memory block command impls to commands-linux.c
> qga: move CONFIG_FSFREEZE/TRIM to be meson defined options
> qga: conditionalize schema for commands unsupported on Windows
> qga: conditionalize schema for commands unsupported on non-Linux POSIX
> qga: conditionalize schema for commands requiring getifaddrs
> qga: conditionalize schema for commands requiring linux/win32
> qga: conditionalize schema for commands only supported on Windows
> qga: conditionalize schema for commands requiring fsfreeze
> qga: conditionalize schema for commands requiring fstrim
> qga: conditionalize schema for commands requiring libudev
> qga: conditionalize schema for commands requiring utmpx
> qga: conditionalize schema for commands not supported on other UNIX
> qga: don't disable fsfreeze commands if vss_init fails
> qga: move declare of QGAConfig struct to top of file
> qga: remove pointless 'blockrpcs_key' variable
> qga: allow configuration file path via the cli
> qga: centralize logic for disabling/enabling commands
>
> docs/interop/qemu-ga.rst | 19 +
> meson.build | 16 +
> qga/commands-bsd.c | 24 -
> qga/commands-common.h | 9 -
> qga/commands-linux.c | 1805 +++++++++++++++++++++++++++++
> qga/commands-posix.c | 2373 +++-----------------------------------
> qga/commands-win32.c | 78 +-
> qga/main.c | 216 ++--
> qga/qapi-schema.json | 153 ++-
> 9 files changed, 2234 insertions(+), 2459 deletions(-)
>
> --
> 2.45.1
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-07-02 18:01 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-13 15:01 [PATCH v2 00/22] qga: clean up command source locations and conditionals Daniel P. Berrangé
2024-06-13 15:01 ` [PATCH v2 01/22] qga: drop blocking of guest-get-memory-block-size command Daniel P. Berrangé
2024-07-12 9:33 ` Konstantin Kostiuk
2024-06-13 15:01 ` [PATCH v2 02/22] qga: move linux vcpu command impls to commands-linux.c Daniel P. Berrangé
2024-07-03 8:45 ` Philippe Mathieu-Daudé
2024-07-12 8:30 ` Konstantin Kostiuk
2024-06-13 15:01 ` [PATCH v2 03/22] qga: move linux suspend " Daniel P. Berrangé
2024-07-03 8:45 ` Philippe Mathieu-Daudé
2024-07-12 8:29 ` Konstantin Kostiuk
2024-06-13 15:01 ` [PATCH v2 04/22] qga: move linux fs/disk " Daniel P. Berrangé
2024-07-03 8:46 ` Philippe Mathieu-Daudé
2024-07-12 8:29 ` Konstantin Kostiuk
2024-06-13 15:01 ` [PATCH v2 05/22] qga: move linux disk/cpu stats " Daniel P. Berrangé
2024-07-03 8:25 ` Philippe Mathieu-Daudé
2024-07-12 8:33 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 06/22] qga: move linux memory block " Daniel P. Berrangé
2024-06-13 15:43 ` [PATCH v2 07/22] qga: move CONFIG_FSFREEZE/TRIM to be meson defined options Daniel P. Berrangé
2024-06-13 15:43 ` [PATCH v2 08/22] qga: conditionalize schema for commands unsupported on Windows Daniel P. Berrangé
2024-07-03 8:30 ` Philippe Mathieu-Daudé
2024-07-12 8:34 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 09/22] qga: conditionalize schema for commands unsupported on non-Linux POSIX Daniel P. Berrangé
2024-07-03 8:31 ` Philippe Mathieu-Daudé
2024-07-12 8:35 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 10/22] qga: conditionalize schema for commands requiring getifaddrs Daniel P. Berrangé
2024-07-03 8:32 ` Philippe Mathieu-Daudé
2024-07-12 8:35 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 11/22] qga: conditionalize schema for commands requiring linux/win32 Daniel P. Berrangé
2024-06-13 15:43 ` [PATCH v2 12/22] qga: conditionalize schema for commands only supported on Windows Daniel P. Berrangé
2024-07-03 8:35 ` Philippe Mathieu-Daudé
2024-07-12 8:37 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 13/22] qga: conditionalize schema for commands requiring fsfreeze Daniel P. Berrangé
2024-07-03 8:37 ` Philippe Mathieu-Daudé
2024-07-12 8:37 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 14/22] qga: conditionalize schema for commands requiring fstrim Daniel P. Berrangé
2024-07-03 8:36 ` Philippe Mathieu-Daudé
2024-07-12 8:38 ` Konstantin Kostiuk
2024-06-13 15:43 ` [PATCH v2 15/22] qga: conditionalize schema for commands requiring libudev Daniel P. Berrangé
2024-07-03 8:37 ` Philippe Mathieu-Daudé
2024-07-12 8:40 ` Konstantin Kostiuk
2024-06-13 15:44 ` [PATCH v2 16/22] qga: conditionalize schema for commands requiring utmpx Daniel P. Berrangé
2024-07-03 8:38 ` Philippe Mathieu-Daudé
2024-07-12 8:43 ` Konstantin Kostiuk
2024-06-13 15:44 ` [PATCH v2 17/22] qga: conditionalize schema for commands not supported on other UNIX Daniel P. Berrangé
2024-07-03 8:39 ` Philippe Mathieu-Daudé
2024-07-12 8:43 ` Konstantin Kostiuk
2024-06-13 15:44 ` [PATCH v2 18/22] qga: don't disable fsfreeze commands if vss_init fails Daniel P. Berrangé
2024-07-03 10:21 ` Manos Pitsidianakis
2024-07-12 12:45 ` Daniel P. Berrangé
2024-06-13 15:44 ` [PATCH v2 19/22] qga: move declare of QGAConfig struct to top of file Daniel P. Berrangé
2024-07-03 8:40 ` Philippe Mathieu-Daudé
2024-07-12 8:44 ` Konstantin Kostiuk
2024-06-13 15:44 ` [PATCH v2 20/22] qga: remove pointless 'blockrpcs_key' variable Daniel P. Berrangé
2024-07-03 8:41 ` Philippe Mathieu-Daudé
2024-07-12 8:46 ` Konstantin Kostiuk
2024-06-13 15:44 ` [PATCH v2 21/22] qga: allow configuration file path via the cli Daniel P. Berrangé
2024-07-03 8:44 ` Philippe Mathieu-Daudé
2024-07-12 9:05 ` Konstantin Kostiuk
2024-07-12 9:18 ` Daniel P. Berrangé
2024-06-13 15:44 ` [PATCH v2 22/22] qga: centralize logic for disabling/enabling commands Daniel P. Berrangé
2024-07-03 10:01 ` Manos Pitsidianakis
2024-07-03 12:09 ` Philippe Mathieu-Daudé
2024-07-12 13:01 ` Daniel P. Berrangé
2024-07-03 8:26 ` [PATCH v2 06/22] qga: move linux memory block command impls to commands-linux.c Philippe Mathieu-Daudé
2024-07-12 8:34 ` Konstantin Kostiuk
2024-06-14 8:34 ` [PATCH v2 00/22] qga: clean up command source locations and conditionals Marc-André Lureau
2024-06-14 9:19 ` Daniel P. Berrangé
2024-07-02 18:00 ` Daniel P. Berrangé [this message]
2024-07-03 6:15 ` Marc-André Lureau
2024-07-03 8:06 ` Daniel P. Berrangé
2024-07-03 8:17 ` Marc-André Lureau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZoRAMXeKDObGnl4h@redhat.com \
--to=berrange@redhat.com \
--cc=kkostiuk@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=michael.roth@amd.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.