aboutsummaryrefslogtreecommitdiff
path: root/qapi/Makefile.objs
AgeCommit message (Collapse)Author
2019-02-26authz: add QAuthZList object type for an access control listDaniel P. Berrange
Add a QAuthZList object type that implements the QAuthZ interface. This built-in implementation maintains a trivial access control list with a sequence of match rules and a final default policy. This replicates the functionality currently provided by the qemu_acl module. To create an instance of this object via the QMP monitor, the syntax used would be: { "execute": "object-add", "arguments": { "qom-type": "authz-list", "id": "authz0", "props": { "rules": [ { "match": "fred", "policy": "allow", "format": "exact" }, { "match": "bob", "policy": "allow", "format": "exact" }, { "match": "danb", "policy": "deny", "format": "glob" }, { "match": "dan*", "policy": "allow", "format": "exact" }, ], "policy": "deny" } } } This sets up an authorization rule that allows 'fred', 'bob' and anyone whose name starts with 'dan', except for 'danb'. Everyone unmatched is denied. It is not currently possible to create this via -object, since there is no syntax supported to specify non-scalar properties for objects. This is likely to be addressed by later support for using JSON with -object, or an equivalent approach. In any case the future "authz-listfile" object can be used from the CLI and is likely a better choice, as it allows the ACL to be refreshed automatically on change. Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2019-02-18qapi: New module target.jsonMarkus Armbruster
We can't add appropriate target-specific conditionals to misc.json, because that would make all of misc.json unusable in target-independent code. To keep misc.json target-independent, we need to split off target-dependent target.json. This commit doesn't actually split off anything, it merely creates the empty module. The next few patches will move stuff from misc.json there. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20190214152251.2073-9-armbru@redhat.com>
2019-02-18build: Deal with all of QAPI's .o in qapi/Makefile.objsMarkus Armbruster
Adding QAPI's .o to util-obj-y, common-obj-y and obj-y is spread over three places: Makefile.objs takes care of target-independent generated code, Makefile.target of target-dependent generated code, and qapi/Makefile.objs of (target-independent) hand-written code. Do everything in qapi/Makefile.objs. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20190214152251.2073-8-armbru@redhat.com>
2016-10-25qapi: rename *qmp-*-visitor* to *qobject-*-visitor*Daniel P. Berrange
The QMP visitors have no direct dependency on QMP. It is valid to use them anywhere that one has a QObject. Rename them to better reflect their functionality as a generic QObject to QAPI converter. This is the first of three parts: rename the files. The next two parts will rename C identifiers. The split is necessary to make git rename detection work. Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Split into file and identifier rename, two comments touched up] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-07-06qapi: Add new clone visitorEric Blake
We have a couple places in the code base that want to deep-clone one QAPI object into another, and they were resorting to serializing the struct out to QObject then reparsing it. A much more efficient version can be done by adding a new clone visitor. Since cloning is still relatively uncommon, expose the use of the new visitor via a QAPI_CLONE() macro that takes care of type-punning the underlying function pointer, rather than generating lots of unused functions for types that won't be cloned. And yes, we're relying on the compiler treating all pointers equally, even though a strict C program cannot portably do so - but we're not the first one in the qemu code base to expect it to work (hello, glib!). The choice of adding a fourth visitor type deserves some explanation. On the surface, the clone visitor is mostly an input visitor (it takes arbitrary input - in this case, another QAPI object - and creates a new QAPI object during the course of the visit). But ever since commit da72ab0 consolidated enum visits based on the visitor type, using VISITOR_INPUT would cause us to run visit_type_str(), even though for cloning there is nothing to do (we just copy the enum value across, without regards to its mapping to strings). Also, since our input happens to be a QAPI object, we can also satisfy the internal checks for VISITOR_OUTPUT. So in the end, I settled with a new VISITOR_CLONE, and chose its value such that many internal checks can use 'v->type & mask', sticking to 'v->type == value' where the difference matters. Note that we can only clone objects (including alternates) and lists, not built-ins or enums. The visitor core hides integer width from the actual visitor (since commit 04e070d), and as long as that's the case, we can't clone top-level integers. Then again, those can always be cloned by direct copy, since they are not objects with deep pointers, so it's no real loss. And restricting cloning to just objects and lists is cleaner than restricting it to non-integers. As such, I documented that the clone visitor is for direct use only by code internal to QAPI, and should not be used on incomplete objects (other than a hack to work around the fact that we allow NULL in place of "" in visit_type_str() in other output visitors). Note that as written, the clone visitor will never fail on a complete object. Scalars (including enums) not at the root of the clone copy just fine with no additional effort while visiting the scalar, by virtue of a g_memdup() each time we push another struct onto the stack. Cloning a string requires deduplication of a pointer, which means it can also provide the guarantee of an input visitor of never producing NULL even when still accepting NULL in place of "" the way the QMP output visitor does. Cloning an 'any' type could be possible by incrementing the QObject refcnt, but it's not obvious whether that is better than implementing a QObject deep clone. So for now, we document it as unsupported, and intentionally omit the .type_any() callback to let a developer know their usage needs implementation. Add testsuite coverage for several different clone situations, to ensure that the code is working. I also tested that valgrind was happy with the test. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1465490926-28625-14-git-send-email-eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2014-09-08rename parse_enum_option to qapi_enum_parse and make it publicPeter Lieven
relaxing the license to LGPLv2+ is intentional. Suggested-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Signed-off-by: Peter Lieven <pl@kamp.de> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Benoit Canet <benoit.canet@nodalink.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-06-23qapi: add event helper functionsWenchao Xia
This file holds some functions that do not need to be generated. Signed-off-by: Wenchao Xia <wenchaoqemu@gmail.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2013-01-12build: move base QAPI files to libqemuutil.aPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-10-30build: opts-visitor is not really part of QAPIPaolo Bonzini
It is only used by QEMU itself, do not build it into the tests. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-07-23qapi: introduce OptsVisitorLaszlo Ersek
This visitor supports parsing -option [type=]discriminator[,optarg1=val1][,optarg2=val2][,...] style QemuOpts objects into "native" C structures. After defining the type tree in the qapi schema (see below), a root type traversal with this visitor linked to the underlying QemuOpts object will build the "native" C representation of the option. The type tree in the schema, corresponding to an option with a discriminator, must have the following structure: struct scalar member for non-discriminated optarg 1 [*] list for repeating non-discriminated optarg 2 [*] wrapper struct single scalar member union struct for discriminator case 1 scalar member for optarg 3 [*] list for repeating optarg 4 [*] wrapper struct single scalar member scalar member for optarg 5 [*] struct for discriminator case 2 ... The "type" optarg name is fixed for the discriminator role. Its schema representation is "union of structures", and each discriminator value must correspond to a member name in the union. If the option takes no "type" descriminator, then the type subtree rooted at the union must be absent from the schema (including the union itself). Optarg values can be of scalar types str / bool / integers / size. Members marked with [*] may be defined as optional in the schema, describing an optional optarg. Repeating an optarg is supported; its schema representation must be "list of structure with single mandatory scalar member". If an optarg is not described as repeating in the schema (ie. it is defined as a scalar field instead of a list), its last occurrence will take effect. Ordering between differently named optargs is not preserved. A mandatory list (or an optional one which is reported to be available), corresponding to a repeating optarg, has at least one element after successful parsing. v1->v2: - Update opts_type_size() prototype to uint64_t. - Add opts_type_uint64() for options needing the full uint64_t range. (Internals could be extracted to "cutils.c".) - Allow negative values in opts_type_int(). - Rebase to nested Makefiles. v2->v3: - Factor opts_visitor_insert() out of opts_start_struct() and call it separately for opts_root->id if there's any. - Don't require non-negative values in opts_type_int()'s error message. - g_malloc0() may return NULL for zero-sized requests. Support empty structures by requesting 1 byte for them instead. Signed-off-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-06-07build: move qapi/ objects to nested Makefile.objsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>