From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@gmail.com>
Cc: QEMU <qemu-devel@nongnu.org>,
Markus Armbruster <armbru@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>,
philmd@redhat.com
Subject: Re: [Qemu-devel] [PATCH v6 08/11] authz: add QAuthZList object type for an access control list
Date: Tue, 13 Nov 2018 17:29:30 +0000 [thread overview]
Message-ID: <20181113172930.GL14591@redhat.com> (raw)
In-Reply-To: <CAJ+F1C+Wcp5jueeP-smg88sbc5KssULKKG7gF6kEXYGtqdANKw@mail.gmail.com>
On Thu, Nov 08, 2018 at 02:23:43AM +0400, Marc-André Lureau wrote:
> Hi
>
> On Fri, Oct 19, 2018 at 5:45 PM Daniel P. Berrangé <berrange@redhat.com> wrote
> > ---
> > Makefile | 7 +-
> > Makefile.objs | 4 +
> > qapi/authz.json | 58 ++++++++
> > qapi/qapi-schema.json | 1 +
> > include/authz/list.h | 106 ++++++++++++++
> > authz/list.c | 309 ++++++++++++++++++++++++++++++++++++++++
> > tests/test-authz-list.c | 171 ++++++++++++++++++++++
> > .gitignore | 4 +
> > MAINTAINERS | 1 +
> > authz/Makefile.objs | 1 +
> > authz/trace-events | 4 +
> > tests/Makefile.include | 4 +
> > 12 files changed, 669 insertions(+), 1 deletion(-)
> > create mode 100644 qapi/authz.json
> > create mode 100644 include/authz/list.h
> > create mode 100644 authz/list.c
> > create mode 100644 tests/test-authz-list.c
> >
> > diff --git a/qapi/authz.json b/qapi/authz.json
> > new file mode 100644
> > index 0000000000..607839c627
> > --- /dev/null
> > +++ b/qapi/authz.json
> > @@ -0,0 +1,58 @@
> > +# -*- Mode: Python -*-
> > +#
> > +# QAPI authz definitions
> > +
> > +##
> > +# @QAuthZListPolicy:
> > +#
> > +# The authorization policy result
> > +#
> > +# @deny: deny access
> > +# @allow: allow access
> > +#
> > +# Since: 3.0
>
> obviously, you'll have to update to 3.2
4.0 in fact since we bump at the start of each year
> > +##
> > +# @QAuthZListRuleListHack:
> > +#
> > +# Not exposed via QMP; hack to generate QAuthZListRuleList
> > +# for use internally by the code.
>
> Well, this will probably end in the documentation (it's already in the
> .json, which is one source of documentation ;).
>
> What about adding a 'gen-list' field, or a 'pragma' listing the
> structs that should have list code generated?
I'll leave that for future motivated contributors, as I'm just
following pre-existing best practice here.
> > +static bool qauthz_list_is_allowed(QAuthZ *authz,
> > + const char *identity,
> > + Error **errp)
> > +{
> > + QAuthZList *lauthz = QAUTHZ_LIST(authz);
> > + QAuthZListRuleList *rules = lauthz->rules;
> > +
> > + while (rules) {
> > + QAuthZListRule *rule = rules->value;
> > + QAuthZListFormat format = rule->has_format ? rule->format :
> > + QAUTHZ_LIST_FORMAT_EXACT;
> > +
> > + trace_qauthz_list_check_rule(authz, rule->match, identity,
> > + format, rule->policy);
> > + switch (format) {
> > + case QAUTHZ_LIST_FORMAT_EXACT:
> > + if (strcmp(rule->match, identity) == 0) {
>
> g_str_equal() ?
Yes.
>
> > + return rule->policy == QAUTHZ_LIST_POLICY_ALLOW;
> > + }
> > + break;
> > +#ifdef CONFIG_FNMATCH
> > + case QAUTHZ_LIST_FORMAT_GLOB:
> > + if (fnmatch(rule->match, identity, 0) == 0) {
>
> Would GPatternSpec be a good alternative?
Excellent, I didn't know about it
> > + return rule->policy == QAUTHZ_LIST_POLICY_ALLOW;
> > + }
> > + break;
> > +#else
> > + return false;
> > +#endif
> > + default:
>
>
> No g_warn_if_reached() ?Then perhaps add a comment why.
I guess we could.
> > +ssize_t qauthz_list_delete_rule(QAuthZList *auth, const char *match)
> > +{
> > + QAuthZListRule *rule;
> > + QAuthZListRuleList *rules, *prev;
> > + size_t i = 0;
> > +
> > + prev = NULL;
> > + rules = auth->rules;
> > + while (rules) {
> > + rule = rules->value;
> > + if (g_str_equal(rule->match, match)) {
> > + if (prev) {
> > + prev->next = rules->next;
> > + } else {
> > + auth->rules = rules->next;
> > + }
> > + rules->next = NULL;
> > + qapi_free_QAuthZListRuleList(rules);
> > + return i;
>
> What's the point in returning the old index? Maybe true/false along
> with an Error would be more convenient?
It is required for the conversion of the existing acl_remove API
in the HMP monitor.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2018-11-13 17:30 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-19 13:38 [Qemu-devel] [PATCH v6 00/11] Add a standard authorization framework Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 01/11] util: add helper APIs for dealing with inotify in portable manner Daniel P. Berrangé
2018-11-07 18:08 ` Marc-André Lureau
2018-11-12 16:49 ` Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 02/11] qom: don't require user creatable objects to be registered Daniel P. Berrangé
2018-11-07 18:09 ` Marc-André Lureau
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 03/11] hw/usb: don't set IN_ISDIR for inotify watch in MTP driver Daniel P. Berrangé
2018-11-07 18:10 ` Marc-André Lureau
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 04/11] hw/usb: fix const-ness for string params " Daniel P. Berrangé
2018-11-07 18:11 ` Marc-André Lureau
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 05/11] hw/usb: switch MTP to use new inotify APIs Daniel P. Berrangé
2018-11-07 18:26 ` Marc-André Lureau
2018-11-13 17:07 ` Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 06/11] authz: add QAuthZ object as an authorization base class Daniel P. Berrangé
2018-11-07 22:23 ` Marc-André Lureau
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 07/11] authz: add QAuthZSimple object type for easy whitelist auth checks Daniel P. Berrangé
2018-10-22 23:54 ` Philippe Mathieu-Daudé
2018-11-07 22:23 ` Marc-André Lureau
2018-11-13 17:11 ` Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 08/11] authz: add QAuthZList object type for an access control list Daniel P. Berrangé
2018-10-23 10:18 ` Philippe Mathieu-Daudé
2018-11-07 22:23 ` Marc-André Lureau
2018-11-07 22:38 ` Eric Blake
2018-11-13 17:29 ` Daniel P. Berrangé [this message]
2018-11-08 8:18 ` Marc-André Lureau
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 09/11] authz: add QAuthZListFile object type for a file " Daniel P. Berrangé
2018-10-22 23:56 ` Philippe Mathieu-Daudé
2018-11-07 22:23 ` Marc-André Lureau
2018-11-15 10:33 ` Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 10/11] authz: add QAuthZPAM object type for authorizing using PAM Daniel P. Berrangé
2018-11-07 22:23 ` Marc-André Lureau
2018-11-15 10:32 ` Daniel P. Berrangé
2018-10-19 13:38 ` [Qemu-devel] [PATCH v6 11/11] authz: delete existing ACL implementation Daniel P. Berrangé
2018-10-23 11:14 ` Philippe Mathieu-Daudé
2018-11-08 8:15 ` Marc-André Lureau
2018-11-14 16:45 ` Daniel P. Berrangé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181113172930.GL14591@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=dgilbert@redhat.com \
--cc=kraxel@redhat.com \
--cc=marcandre.lureau@gmail.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).