From patchwork Tue May 21 09:56:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 1102647 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 457WPz4N6Qz9s6w for ; Tue, 21 May 2019 19:56:55 +1000 (AEST) Received: from localhost ([127.0.0.1]:50404 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hT1Vt-0004QP-59 for incoming@patchwork.ozlabs.org; Tue, 21 May 2019 05:56:53 -0400 Received: from eggs.gnu.org ([209.51.188.92]:43979) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hT1VR-0004Ow-6G for qemu-devel@nongnu.org; Tue, 21 May 2019 05:56:26 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hT1VQ-0002Q4-1K for qemu-devel@nongnu.org; Tue, 21 May 2019 05:56:25 -0400 Received: from mx1.redhat.com ([209.132.183.28]:40504) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hT1VP-0002Ms-Pn for qemu-devel@nongnu.org; Tue, 21 May 2019 05:56:23 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C2D94356E9 for ; Tue, 21 May 2019 09:56:15 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-26.ams2.redhat.com [10.36.112.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id AD72E600C6; Tue, 21 May 2019 09:56:14 +0000 (UTC) From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Tue, 21 May 2019 10:56:13 +0100 Message-Id: <20190521095613.16584-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 21 May 2019 09:56:15 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2] authz: optimize linking of objects for authorization services X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" The core authorization API is a dependancy of the crypto code for the TLS servers. The TLS server code is pulled into anything which links to the crypto objects, which is every QEMU tool. This in turns means that every tool ended up linking to the authz code, which in turn pulls in the PAM library dep. This splits the authz code so that everything links to the base object which defines the API. Only the system emulators and qemu-nbd link to the object classes providing the implementations of the authz object API. This has the effect of removing the PAM library dep from qemu-img, qemu-io and other helper tools. Signed-off-by: Daniel P. Berrangé Reviewed-by: Richard Henderson --- In v2: - Now with 100% less unit test failures due to missing objs :-) Makefile | 5 +++-- Makefile.objs | 1 + Makefile.target | 3 ++- authz/Makefile.objs | 9 +++++---- tests/Makefile.include | 6 +++--- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index 66d5c65156..508a3e014b 100644 --- a/Makefile +++ b/Makefile @@ -396,6 +396,7 @@ endif dummy := $(call unnest-vars,, \ stub-obj-y \ authz-obj-y \ + authz-impl-obj-y \ chardev-obj-y \ util-obj-y \ qga-obj-y \ @@ -444,7 +445,7 @@ qemu-options.def: $(SRC_PATH)/qemu-options.hx $(SRC_PATH)/scripts/hxtool SUBDIR_RULES=$(patsubst %,subdir-%, $(TARGET_DIRS)) SOFTMMU_SUBDIR_RULES=$(filter %-softmmu,$(SUBDIR_RULES)) -$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) +$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) $(authz-impl-obj-y) $(SOFTMMU_SUBDIR_RULES): $(block-obj-y) $(SOFTMMU_SUBDIR_RULES): $(crypto-obj-y) $(SOFTMMU_SUBDIR_RULES): $(io-obj-y) @@ -512,7 +513,7 @@ COMMON_LDADDS = libqemuutil.a qemu-img.o: qemu-img-cmds.h qemu-img$(EXESUF): qemu-img.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) -qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) +qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(authz-impl-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-io$(EXESUF): qemu-io.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o $(COMMON_LDADDS) diff --git a/Makefile.objs b/Makefile.objs index cf065de5ed..929c3ea045 100644 --- a/Makefile.objs +++ b/Makefile.objs @@ -9,6 +9,7 @@ chardev-obj-y = chardev/ # authz-obj-y is code used by both qemu system emulation and qemu-img authz-obj-y = authz/ +authz-impl-obj-y = authz/ ####################################################################### # block-obj-y is code used by both qemu system emulation and qemu-img diff --git a/Makefile.target b/Makefile.target index ae02495951..da32dac316 100644 --- a/Makefile.target +++ b/Makefile.target @@ -176,6 +176,7 @@ all-obj-y := $(obj-y) include $(SRC_PATH)/Makefile.objs dummy := $(call unnest-vars,.., \ authz-obj-y \ + authz-impl-obj-y \ block-obj-y \ block-obj-m \ chardev-obj-y \ @@ -187,7 +188,7 @@ dummy := $(call unnest-vars,.., \ common-obj-m) all-obj-y += $(common-obj-y) all-obj-y += $(qom-obj-y) -all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) +all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) $(authz-impl-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y) $(chardev-obj-y) all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y) diff --git a/authz/Makefile.objs b/authz/Makefile.objs index ed7b273596..e4c22447db 100644 --- a/authz/Makefile.objs +++ b/authz/Makefile.objs @@ -1,7 +1,8 @@ authz-obj-y += base.o -authz-obj-y += simple.o -authz-obj-y += list.o -authz-obj-y += listfile.o -authz-obj-$(CONFIG_AUTH_PAM) += pamacct.o + +authz-impl-obj-y += simple.o +authz-impl-obj-y += list.o +authz-impl-obj-y += listfile.o +authz-impl-obj-$(CONFIG_AUTH_PAM) += pamacct.o pamacct.o-libs = -lpam diff --git a/tests/Makefile.include b/tests/Makefile.include index 60de085ee1..0b0688b687 100644 --- a/tests/Makefile.include +++ b/tests/Makefile.include @@ -496,10 +496,10 @@ test-qapi-obj-y = tests/test-qapi-types.o \ tests/test-qapi-visit-sub-sub-module.o \ tests/test-qapi-introspect.o \ $(test-qom-obj-y) -benchmark-crypto-obj-y = $(authz-obj-y) $(crypto-obj-y) $(test-qom-obj-y) -test-crypto-obj-y = $(authz-obj-y) $(crypto-obj-y) $(test-qom-obj-y) +benchmark-crypto-obj-y = $(authz-obj-y) $(authz-impl-obj-y) $(crypto-obj-y) $(test-qom-obj-y) +test-crypto-obj-y = $(authz-obj-y) $(authz-impl-obj-y) $(crypto-obj-y) $(test-qom-obj-y) test-io-obj-y = $(io-obj-y) $(test-crypto-obj-y) -test-authz-obj-y = $(test-qom-obj-y) $(authz-obj-y) +test-authz-obj-y = $(test-qom-obj-y) $(authz-obj-y) $(authz-impl-obj-y) test-block-obj-y = $(block-obj-y) $(test-io-obj-y) tests/iothread.o tests/check-qnum$(EXESUF): tests/check-qnum.o $(test-util-obj-y)