Xen project Mailing List

Re: [Xen-devel] [PATCH v2 6/6] RFC: tools/dm_restrict: Enable QEMU sandboxing

To: George Dunlap <george.dunlap@xxxxxxxxxx>

From: Ian Jackson <ian.jackson@xxxxxxxxxx>

Date: Mon, 24 Sep 2018 12:21:44 +0100

Cc: Anthony Perard <anthony.perard@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>

Delivery-date: Mon, 24 Sep 2018 11:21:55 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Apropos of our conversation on IRC, I looked at the checker script in detail. > #!/bin/bash > > domain="$1" Just noticed this, but: OMG no `set -e'. You probably want `set -o pipefail' too. > dmpid=$(xenstore-read /local/domain/$domid/image/device-model-pid 2>/dev/null) > if [[ -z "$dmpid" ]] ; then > echo "xenstore-read failed" > exit 1 > fi Why do you throw away the stderr from xenstore-read ? > failed="false" Quotes are not needed here and seem un-idiomatic to me when the RHS is a simple atom. > # TEST: Process / group id ... > # FIXME: deal with other UID configurations? Since the test will fail if you don't do this, I think this is very sub-critical and you could drop the fixme. > # Example input: > # Uid: 1193 1193 1193 1193 > input=$(grep Uid /proc/$dmpid/status) I have commented on this grep, and the subsequent regexpery, already. But also: you check the uid and the gid, but by duplicating the code. Surely this could be a shell function. > echo -n "Process UID: " If this had been me, I would have written begin_test "Process UID" and then > result="PASSED" test_passed > for i in {1..4}; do > if [[ "${BASH_REMATCH[$i]}" != "$tgt_uid" ]] ; then > result="FAILED" > failed="true" In particular, you open-code setting `failed' everywhere. If you miss one then that could hide a test failure. So test_failed But you want to print a reason so test_failed "got $uidorgid $actual_id wanted $tgt_id" As a bonus, doing this now means you can fix the test output format to be more parseable by changing the code in one place. > if [[ "$root" != "$tgt_chroot" ]] ; then > echo "FAILED" You could introduce test_condition 'root directory' "$root" != "$tgt_chroot" which calls test_passed or test_failed as appropriate. If you have it return the same exit status as the test, you can use it for the uids where you would say test_condition "one $uidorgid" $actual_id = $tgt_id || break and the rest of the time you would have to write test_condition 'root directory' "$root" != "$tgt_chroot" ||: > function check_rlimit() { > limit_name=$1 > limit_string=$2 > tgt=$3 > > echo -n "rlimit $limit_name: " > input=$(grep "^$limit_string" /proc/$dmpid/limits) ... > if [[ "$input" =~ > ^$limit_string[[:space:]]*([^[:space:]]+)[[:space:]]*([^[:space:]]+)[[:space:]]*[^[:space:]]+ > ]] ; then Because of the unfortunate format of /proc/PID/limits, you do can't just do the fields=($input) trick but fields=(${input#* }) DTRT. Thanks, Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.