Re: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
On Tue, 10/03 18:24, Ian Jackson wrote:
> no-re...@patchew.org writes ("Re: [Qemu-devel] [PATCH RFC 0/6] xen:
> xen-domid-restrict improvements"):
> > This series seems to have some coding style problems. See output below for
> > more information:
>
> Thanks for this automatic mail. I have sorted out most of these.
> However:
>
> > ERROR: consider using qemu_strtoul in preference to strtoul
> > #41: FILE: os-posix.c:159:
> > +lv = strtoul(optarg, , 0);
>
> In one of these two cases, it is not possible to use qemu_strtoul
> because the expected terminator is '.'. I have added a comment about
> this.
Thanks for taking a look at the report and helping explain. Yes, so the error is
false positive, let's ignore it.
Fam
Re: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
no-re...@patchew.org writes ("Re: [Qemu-devel] [PATCH RFC 0/6] xen:
xen-domid-restrict improvements"):
> This series seems to have some coding style problems. See output below for
> more information:
Thanks for this automatic mail. I have sorted out most of these.
However:
> ERROR: consider using qemu_strtoul in preference to strtoul
> #41: FILE: os-posix.c:159:
> +lv = strtoul(optarg, , 0);
In one of these two cases, it is not possible to use qemu_strtoul
because the expected terminator is '.'. I have added a comment about
this.
Ian.
Re: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
Hi,
This series seems to have some coding style problems. See output below for
more information:
Subject: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
Message-id: 1505498999-17427-1-git-send-email-ian.jack...@eu.citrix.com
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0
git config --local diff.renamelimit 0
git config --local diff.renames True
commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done
exit $failed
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
d0bf857e06 os-posix: Provide new -runasid option
569ba00e8f xen: destroy_hvm_domain: Try xendevicemodel_shutdown
1ef23a12d2 xen: destroy_hvm_domain: Move reason into a variable
af7aac4055 xen: restrict: use xentoolcore_restrict_all
b84c49e46a xen: defer call to xen_restrict until running
293b6b0146 xen: link against xentoolcore
=== OUTPUT BEGIN ===
Checking PATCH 1/6: xen: link against xentoolcore...
Checking PATCH 2/6: xen: defer call to xen_restrict until running...
Checking PATCH 3/6: xen: restrict: use xentoolcore_restrict_all...
Checking PATCH 4/6: xen: destroy_hvm_domain: Move reason into a variable...
Checking PATCH 5/6: xen: destroy_hvm_domain: Try xendevicemodel_shutdown...
ERROR: braces {} are necessary for all arms of this statement
#27: FILE: hw/i386/xen/xen-hvm.c:1395:
+if (!rc)
[...]
total: 1 errors, 0 warnings, 18 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 6/6: os-posix: Provide new -runasid option...
ERROR: consider using qemu_strtoul in preference to strtoul
#41: FILE: os-posix.c:159:
+lv = strtoul(optarg, , 0);
ERROR: do not use assignment in if condition
#42: FILE: os-posix.c:160:
+if (errno || *ep != '.' || (user_uid = lv) != lv
ERROR: spaces required around that '+' (ctx:VxV)
#48: FILE: os-posix.c:166:
+lv = strtoul(ep+1, , 0);
^
ERROR: consider using qemu_strtoul in preference to strtoul
#48: FILE: os-posix.c:166:
+lv = strtoul(ep+1, , 0);
ERROR: do not use assignment in if condition
#49: FILE: os-posix.c:167:
+if (errno || *ep || (user_gid = lv) != lv
ERROR: space required after that ',' (ctx:WxV)
#51: FILE: os-posix.c:169:
+fprintf(stderr ,"Could not obtain gid from \"%s\"", optarg);
^
total: 6 errors, 0 warnings, 79 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===
Test command exited with code: 1
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-de...@freelists.org
Re: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
Hi, This series failed automatic build test. Please find the testing commands and their output below. If you have docker installed, you can probably reproduce it locally. Subject: [Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements Message-id: 1505498999-17427-1-git-send-email-ian.jack...@eu.citrix.com Type: series === TEST SCRIPT BEGIN === #!/bin/bash set -e git submodule update --init dtc # Let docker tests dump environment info export SHOW_ENV=1 export J=8 time make docker-test-quick@centos6 time make docker-test-build@min-glib time make docker-test-mingw@fedora === TEST SCRIPT END === Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384 From https://github.com/patchew-project/qemu * [new tag] patchew/1505498999-17427-1-git-send-email-ian.jack...@eu.citrix.com -> patchew/1505498999-17427-1-git-send-email-ian.jack...@eu.citrix.com Switched to a new branch 'test' d0bf857e06 os-posix: Provide new -runasid option 569ba00e8f xen: destroy_hvm_domain: Try xendevicemodel_shutdown 1ef23a12d2 xen: destroy_hvm_domain: Move reason into a variable af7aac4055 xen: restrict: use xentoolcore_restrict_all b84c49e46a xen: defer call to xen_restrict until running 293b6b0146 xen: link against xentoolcore === OUTPUT BEGIN === Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc' Cloning into '/var/tmp/patchew-tester-tmp-b93ibrpf/src/dtc'... Submodule path 'dtc': checked out '558cd81bdd432769b59bff01240c44f82cfb1a9d' BUILD centos6 make[1]: Entering directory '/var/tmp/patchew-tester-tmp-b93ibrpf/src' ARCHIVE qemu.tgz ARCHIVE dtc.tgz COPYRUNNER RUN test-quick in qemu:centos6 Packages installed: SDL-devel-1.2.14-7.el6_7.1.x86_64 bison-2.4.1-5.el6.x86_64 bzip2-devel-1.0.5-7.el6_0.x86_64 ccache-3.1.6-2.el6.x86_64 csnappy-devel-0-6.20150729gitd7bc683.el6.x86_64 flex-2.5.35-9.el6.x86_64 gcc-4.4.7-18.el6.x86_64 git-1.7.1-8.el6.x86_64 glib2-devel-2.28.8-9.el6.x86_64 libepoxy-devel-1.2-3.el6.x86_64 libfdt-devel-1.4.0-1.el6.x86_64 librdmacm-devel-1.0.21-0.el6.x86_64 lzo-devel-2.03-3.1.el6_5.1.x86_64 make-3.81-23.el6.x86_64 mesa-libEGL-devel-11.0.7-4.el6.x86_64 mesa-libgbm-devel-11.0.7-4.el6.x86_64 package g++ is not installed pixman-devel-0.32.8-1.el6.x86_64 spice-glib-devel-0.26-8.el6.x86_64 spice-server-devel-0.12.4-16.el6.x86_64 tar-1.23-15.el6_8.x86_64 vte-devel-0.25.1-9.el6.x86_64 xen-devel-4.6.3-15.el6.x86_64 zlib-devel-1.2.3-29.el6.x86_64 Environment variables: PACKAGES=bison bzip2-devel ccache csnappy-devel flex g++ gcc git glib2-devel libepoxy-devel libfdt-devel librdmacm-devel lzo-devel make mesa-libEGL-devel mesa-libgbm-devel pixman-devel SDL-devel spice-glib-devel spice-server-devel tar vte-devel xen-devel zlib-devel HOSTNAME=324cd3b04cae TERM=xterm MAKEFLAGS= -j8 HISTSIZE=1000 J=8 USER=root LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36: CCACHE_DIR=/var/tmp/ccache EXTRA_CONFIGURE_OPTS= V= SHOW_ENV=1 MAIL=/var/spool/mail/root PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PWD=/ LANG=en_US.UTF-8 TARGET_LIST= HISTCONTROL=ignoredups SHLVL=1 HOME=/root TEST_DIR=/tmp/qemu-test LOGNAME=root LESSOPEN=||/usr/bin/lesspipe.sh %s FEATURES= dtc DEBUG= G_BROKEN_FILENAMES=1 CCACHE_HASHDIR= _=/usr/bin/env Configure options: --enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/var/tmp/qemu-build/install No C++ compiler available; disabling C++ specific optional code Install prefix/var/tmp/qemu-build/install BIOS directory/var/tmp/qemu-build/install/share/qemu binary directory /var/tmp/qemu-build/install/bin library directory /var/tmp/qemu-build/install/lib module directory /
[Qemu-devel] [PATCH RFC 0/6] xen: xen-domid-restrict improvements
I have been working on trying to get qemu, when running as a Xen device model, to _actually_ not have power equivalent to root. I think I have achieved this, with some limitations (which will be discussed in my series against xen.git, which I am about to post). However, there are changes to qemu needed. In particular * The -xen-domid-restrict option does not work properly right now. It only restricts a small subset of the descriptors qemu has open. I am introducing a new library call in the Xen libraries for this, xentoolcore_restrict_all. * We need to call a different function on domain shutdown. * Additionally, in the future, we intend to be able to set aside a uid range for these qemus to run in, and that involves being able to tell qemu to drop privilege by numeric uid and gid. This series is only an RFC because right now it won't compile against older versions of Xen. There is "configure" work needed. I would appreciate some help and/or advice and have CC'd some people who touched this area recently... Thanks for your attention. Ian.
