[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 10/11] tools/ocaml/xenstored: validate config file before live update

  • To: Edwin Torok <edvin.torok@xxxxxxxxxx>
  • From: Christian Lindig <christian.lindig@xxxxxxxxxx>
  • Date: Mon, 19 Dec 2022 09:37:08 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zUrxbQRu8xi4bZH+EYtKrxfnZJckc1/W43AOesxT4aU=; b=IzJ4BtM0tkVlLgx7MAn5UvBAgv35+3S3EBffWM9cwBTPgsj8OgBPSaGGdM4SGHr7dzQaMez+jkANSwV6jrXMZNAq02Fw7qBRMBN614E7g8NFtCE9S7kDOU2yUbWJ8Ng0Kh7PtdBCnibdpChlO1v8S67R8TEoYt4mKvmT9lI07oEXj7uQErTdm3Cxs81KEYlrMjf5+MHDFq2lVnkuK6aVOivji+v6YzWRi7whZf1gXjrMMfNc4bmJzT3hrur/D4jT+xNhaBjGHM5HqsCLR4QPSolsrYRle4APcGAQ8XNzaQTA+we0fXZsDDf3xGQ/hC18pFTq45UbHQ69hCQSu5zkmw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mOUdziiJPLWVy5S5vPA8wpuDINnsoBuKed0xF2Gx4h2vpEjRq0S2z5yb67W69dXykSBh6A89C3WJWSEKpreXLL+nSgwa9H9bwSQyvgY9N+0Z/o8UWvCKTPjdiWKkiKhW+XBcbctleblK77sQJ4yiKXMw7Q4fFPjM/3MJIEyxIxihbKSPJOqMLKwL01AjtK9rv13RG1LJg7LqhPuGd+aT4YZ1Ep6LrerV8EaxrJlvBakKD+DUqO64VFA4uChap3r25uWqzVDSkC/jQ1jdaTHdsPq/3gTPc1DbiE7uuLj+BbMrOsSNuI0WwDk9PM2Wl1w78fCm2TgKut8M0l+9Xaz5bw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, David Scott <dave@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>
  • Delivery-date: Mon, 19 Dec 2022 09:37:43 +0000
  • Ironport-data: A9a23:m4U+0aIRPGuyTJq0FE+R85QlxSXFcZb7ZxGr2PjKsXjdYENS0mMFm 2dNCzrSOfmKZjP3KdlzOozi/U8D68CEydNnTQtlqX01Q3x08seUXt7xwmUcnc+xBpaaEB84t ZV2hv3odp1coqr0/0/1WlTZhSAgk/rOHv+kUrWs1hlZHWdMUD0mhQ9oh9k3i4tphcnRKw6Ws Jb5rta31GWNglaYCUpJrfPdwP9TlK6q4mlB5AVvPakjUGL2zBH5MrpOfcldEFOgKmVkNrbSb /rOyri/4lTY838FYj9yuu+mGqGiaue60Tmm0hK6aYD76vRxjnVaPpIAHOgdcS9qZwChxLid/ jnvWauYEm/FNoWU8AgUvoIx/ytWZcWq85efSZSzXFD6I+QrvBIAzt03ZHzaM7H09c59HSZy0 +c4KQkma064irPq47KGENFz05FLwMnDZOvzu1lG5BSAVLMKZM6GRK/Ho9hFwD03m8ZCW+7EY NYUYiZuaxKGZABTPlAQC9Q1m+LAanvXKmUE7g7K4/dopTGMl2Sd05C0WDbRUteKX8ROgkeRo CTC/mL1Ax4yP92D0zuVtHmrg4cjmAurCNpLTuTorJaGhnW/4lQ0OjYrXmep/9/+0RaaeOx7N Gwbr39GQa8asRbDosPGdw21pjuIswARX/JUEvYm80edx6zM+QGbC2MYCDlbZ7QOuMYoSBQw2 1SOntevAiZg2JWKTVqN+7HSqim9URX5NkcHbC4ACAcAvd/qpdhqigqVF4k4VqmoktfyBDf8h SiQqzQzjKkSishN0Lin+VfAgHSnoZ2hohMJ2zg7l1mNtmtRDLNJraT0gbQHxZ6s9Lqkc2Q=
  • Ironport-hdrordr: A9a23:s24ggKq2yvq+GN0VeVkrzC0aV5v5L9V00zEX/kB9WHVpm5Oj+v xGzc5w6farsl0ssRAb6La90cy7LU80mqQFhbX5UY3SPjUO21HYT72Kj7GSugEIcheWnoEytZ uIG5IOcOEYZmIK6voSjjPIdurI9OP3i5xAyN2uvEtFfEVPUeVN/g15AgGUHglfQxRHP4MwEN 656tBcrzStVHwLZoDjb0N1KtTrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S zukhD/5I+kr/anoyWspVP73tBzop/M29FDDMuDhow8LSjtsB+hYMBbV7iLrFkO0Z+SAAJBqr jxiiZlG/42x2Laf2mzrxeo8RLnyiwS53jrzkLdqWf/oOTiLQhKQfZptMZ8SF/0+kAgtNZz3O ZgxGSCradaChvGgWDU+8XIbRd3jUC5yEBS2tL7t0YvHLf2VYUh5LD3vXklZqvoJRiKn7zPxd MeRP01555tACynhj7izyVSKeeXLwgO9ye9MzU/U/OuokJrdVBCvjolLZ8k7wc9HdQGOu1529 g=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHZEXvyCby50r0CD0WQ9S77gzQLM6509/OA
  • Thread-topic: [PATCH v4 10/11] tools/ocaml/xenstored: validate config file before live update

> On 16 Dec 2022, at 18:25, Edwin Török <edvin.torok@xxxxxxxxxx> wrote:
> 
> The configuration file can contain typos or various errors that could prevent
> live update from succeeding (e.g. a flag only valid on a different version).
> Unknown entries in the config file would be ignored on startup normally,
> add a strict --config-test that live-update can use to check that the config 
> file
> is valid *for the new binary*.

Is the configuration tested, checked, or validated? If feel “check" or 
“validate" would convey better what is happening.


> For compatibility with running old code during live update recognize
> --live --help as an equivalent to --config-test.
> 
> Signed-off-by: Edwin Török <edvin.torok@xxxxxxxxxx

Acked-by: Christian Lindig <christian.lindig@xxxxxxxxxx>


> >
> ---
> Changes since v2:
> * repost of lost patch from 2021: 
> https://patchwork.kernel.org/project/xen-devel/patch/a53934dfa8ef984bffa858cc573cc7a6445bbdc0.1620755942.git.edvin.torok@xxxxxxxxxx/
> ---
> tools/ocaml/xenstored/parse_arg.ml | 26 ++++++++++++++++++++++++++
> tools/ocaml/xenstored/xenstored.ml | 11 +++++++++--
> 2 files changed, 35 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/ocaml/xenstored/parse_arg.ml 
> b/tools/ocaml/xenstored/parse_arg.ml
> index 1a85b14ef5..b159b91f00 100644
> --- a/tools/ocaml/xenstored/parse_arg.ml
> +++ b/tools/ocaml/xenstored/parse_arg.ml
> @@ -26,8 +26,14 @@ type config =
>     restart: bool;
>     live_reload: bool;
>     disable_socket: bool;
> +    config_test: bool;
>   }
> 
> +let get_config_filename config_file =
> +  match config_file with
> +  | Some name -> name
> +  | None      -> Define.default_config_dir ^ "/oxenstored.conf"

I’d use Filename.concat.

> +
> let do_argv =
>   let pidfile = ref "" and tracefile = ref "" (* old xenstored compatibility 
> *)
>   and domain_init = ref true
> @@ -38,6 +44,8 @@ let do_argv =
>   and restart = ref false
>   and live_reload = ref false
>   and disable_socket = ref false
> +  and config_test = ref false
> +  and help = ref false
>   in
> 
>   let speclist =
> @@ -55,10 +63,27 @@ let do_argv =
>       ("-T", Arg.Set_string tracefile, ""); (* for compatibility *)
>       ("--restart", Arg.Set restart, "Read database on starting");
>       ("--live", Arg.Set live_reload, "Read live dump on startup");
> +      ("--config-test", Arg.Set config_test, "Test validity of config file");

I see the logic how this flag was named but feel starting with a verb 
(“validate”, “check”, “test”) leads to a clearer invocation pattern.

>       ("--disable-socket", Arg.Unit (fun () -> disable_socket := true), 
> "Disable socket");
> +      ("--help", Arg.Set help, "Display this list of options")
>     ] in
>   let usage_msg = "usage : xenstored [--config-file <filename>] 
> [--no-domain-init] [--help] [--no-fork] [--reraise-top-level] [--restart] 
> [--disable-socket]" in
>   Arg.parse speclist (fun _ -> ()) usage_msg;
> +  let () =
> +    if !help then begin
> +      if !live_reload then
> +        (*
> +          Transform --live --help into --config-test for backward compat with
> +          running code during live update.
> +          Caller will validate config and exit
> +        *)
> +        config_test := true
> +      else begin
> +        Arg.usage_string speclist usage_msg |> print_endline;
> +        exit 0
> +      end
> +    end
> +  in
>   {
>     domain_init = !domain_init;
>     activate_access_log = !activate_access_log;
> @@ -70,4 +95,5 @@ let do_argv =
>     restart = !restart;
>     live_reload = !live_reload;
>     disable_socket = !disable_socket;
> +    config_test = !config_test;
>   }
> diff --git a/tools/ocaml/xenstored/xenstored.ml 
> b/tools/ocaml/xenstored/xenstored.ml
> index 366437b396..1aaa3e995e 100644
> --- a/tools/ocaml/xenstored/xenstored.ml
> +++ b/tools/ocaml/xenstored/xenstored.ml
> @@ -88,7 +88,7 @@ let default_pidfile = Paths.xen_run_dir ^ "/xenstored.pid"
> 
> let ring_scan_interval = ref 20
> 
> -let parse_config filename =
> +let parse_config ?(strict=false) filename =
>   let pidfile = ref default_pidfile in
>   let options = [
>     ("merge-activate", Config.Set_bool Transaction.do_coalesce);
> @@ -129,11 +129,12 @@ let parse_config filename =
>     ("xenstored-port", Config.Set_string Domains.xenstored_port); ] in
>   begin try Config.read filename options (fun _ _ -> raise Not_found)
>     with
> -    | Config.Error err -> List.iter (fun (k, e) ->
> +    | Config.Error err as e -> List.iter (fun (k, e) ->
>         match e with
>         | "unknown key" -> eprintf "config: unknown key %s\n" k
>         | _             -> eprintf "config: %s: %s\n" k e
>       ) err;
> +      if strict then raise e
>     | Sys_error m -> eprintf "error: config: %s\n" m;
>   end;
>   !pidfile
> @@ -358,6 +359,12 @@ let tweak_gc () =
> let () =
>   Printexc.set_uncaught_exception_handler Logging.fallback_exception_handler;
>   let cf = do_argv in
> +  if cf.config_test then begin
> +    let path = config_filename cf in
> +    let _pidfile:string = parse_config ~strict:true path in
> +    Printf.printf "Configuration valid at %s\n%!" path;
> +    exit 0
> +  end;
>   let pidfile =
>     if Sys.file_exists (config_filename cf) then
>       parse_config (config_filename cf)
> -- 
> 2.34.1
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.