| Message ID | 20190521093227.4661-1-berrange@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | authz: optimize linking of objects for authorization services | expand |
Patchew URL: https://patchew.org/QEMU/20190521093227.4661-1-berrange@redhat.com/ Hi, This series failed the asan build test. Please find the testing commands and their output below. If you have Docker installed, you can probably reproduce it locally. === TEST SCRIPT BEGIN === #!/bin/bash time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1 === TEST SCRIPT END === /tmp/qemu-test/src/tests/test-crypto-tlssession.c:288: undefined reference to `qauthz_list_new' /usr/bin/ld: /tmp/qemu-test/src/tests/test-crypto-tlssession.c:293: undefined reference to `qauthz_list_append_rule' clang++ -L/tmp/qemu-test/build/dtc/libfdt -I/usr/include/pixman-1 -I/tmp/qemu-test/src/dtc/libfdt -Werror -DHAS_LIBSSH2_SFTP_FSYNC -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -fPIE -DPIE -m64 -mcx16 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -std=gnu99 -Wno-string-plus-int -Wno-typedef-redefinition -Wno-initializer-overrides -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/include/p11-kit-1 -I/usr/include/libpng16 -I/usr/include/spice-1 -I/usr/include/spice-server -I/usr/include/cacard -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/nss3 -I/usr/include/nspr4 -pthread -I/usr/include/libmount -I/usr/include/blkid -I/usr/include/uuid -I/usr/include/pixman-1 -I/tmp/qemu-test/src/tests -fsanitize=undefined -fsanitize=address -g -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -g -o tests/test-io-channel-socket tests/test-io-channel-socket.o tests/io-channel-helpers.o tests/socket-helpers.o io/channel.o io/channel-buffer.o io/channel-command.o io/channel-file.o io/channel-socket.o io/channel-tls.o io/channel-watch.o io/channel-websock.o io/channel-util.o io/dns-resolver.o io/net-listener.o io/task.o authz/base.o crypto/init.o crypto/hash.o crypto/hash-nettle.o crypto/hmac.o crypto/hmac-nettle.o crypto/aes.o crypto/desrfb.o crypto/cipher.o crypto/tlscreds.o crypto/tlscredsanon.o crypto/tlscredspsk.o crypto/tlscredsx509.o crypto/tlssession.o crypto/secret.o crypto/random-gnutls.o crypto/pbkdf.o crypto/pbkdf-nettle.o crypto/ivgen.o crypto/ivgen-essiv.o crypto/ivgen-plain.o crypto/ivgen-plain64.o crypto/afsplit.o crypto/xts.o crypto/block.o crypto/block-qcow.o crypto/block-luks.o qom/object.o qom/container.o qom/qom-qobject.o qom/object_interfaces.o libqemuutil.a -lm -lz -lgthread-2.0 -pthread -lglib-2.0 -lrt -lz -lutil -lcap-ng -lnettle -lgnutls clang-7: error: linker command failed with exit code 1 (use -v to see invocation) make: *** [/tmp/qemu-test/src/rules.mak:124: tests/test-crypto-tlssession] Error 1 make: *** Waiting for unfinished jobs.... /usr/bin/ld: tests/test-authz-simple.o: in function `test_authz_simple': /tmp/qemu-test/src/tests/test-authz-simple.c:29: undefined reference to `qauthz_simple_new' clang-7: error: linker command failed with exit code 1 (use -v to see invocation) make: *** [/tmp/qemu-test/src/rules.mak:124: tests/test-authz-simple] Error 1 /usr/bin/ld: tests/test-authz-list.o: in function `test_authz_default_deny': /tmp/qemu-test/src/tests/test-authz-list.c:27: undefined reference to `qauthz_list_new' --- /usr/bin/ld: /tmp/qemu-test/src/tests/test-authz-list.c:120: undefined reference to `qauthz_list_append_rule' /usr/bin/ld: /tmp/qemu-test/src/tests/test-authz-list.c:128: undefined reference to `qauthz_list_delete_rule' /usr/bin/ld: /tmp/qemu-test/src/tests/test-authz-list.c:133: undefined reference to `qauthz_list_insert_rule' clang-7: error: linker command failed with exit code 1 (use -v to see invocation) make: *** [/tmp/qemu-test/src/rules.mak:124: tests/test-authz-list] Error 1 /usr/bin/ld: tests/test-authz-listfile.o: in function `test_authz_default_deny': /tmp/qemu-test/src/tests/test-authz-listfile.c:52: undefined reference to `qauthz_list_file_new' --- /tmp/qemu-test/src/tests/test-authz-listfile.c:115: undefined reference to `qauthz_list_file_new' /usr/bin/ld: tests/test-authz-listfile.o: in function `test_authz_complex': /tmp/qemu-test/src/tests/test-authz-listfile.c:149: undefined reference to `qauthz_list_file_new' clang-7: error: linker command failed with exit code 1 (use -v to see invocation) make: *** [/tmp/qemu-test/src/rules.mak:124: tests/test-authz-listfile] Error 1 Traceback (most recent call last): File "./tests/docker/docker.py", line 615, in <module> The full log is available at http://patchew.org/logs/20190521093227.4661-1-berrange@redhat.com/testing.asan/?type=message. --- Email generated automatically by Patchew [https://patchew.org/]. Please send your feedback to patchew-devel@redhat.com
On 5/21/19 5:32 AM, Daniel P. Berrangé wrote: > The core authorization API is a dependancy of the crypto code for the > TLS servers. The TLS server code is pulled into anything which links > to the crypto objects, which is every QEMU tool. This in turns means > that every tool ended up linking to the authz code, which in turn > pulls in the PAM library dep. > > This splits the authz code so that everything links to the base object > which defines the API. Only the system emulators and qemu-nbd link to > the object classes providing the implementations of the authz object > API. This has the effect of removing the PAM library dep from qemu-img, > qemu-io and other helper tools. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > --- > Makefile | 5 +++-- > Makefile.objs | 1 + > Makefile.target | 3 ++- > authz/Makefile.objs | 9 +++++---- > 4 files changed, 11 insertions(+), 7 deletions(-) No changes to tests/? Surely that means some tests no longer link? r~
On 5/21/19 10:39 AM, Richard Henderson wrote: > On 5/21/19 5:32 AM, Daniel P. Berrangé wrote: >> The core authorization API is a dependancy of the crypto code for the >> TLS servers. The TLS server code is pulled into anything which links >> to the crypto objects, which is every QEMU tool. This in turns means >> that every tool ended up linking to the authz code, which in turn >> pulls in the PAM library dep. >> >> This splits the authz code so that everything links to the base object >> which defines the API. Only the system emulators and qemu-nbd link to >> the object classes providing the implementations of the authz object >> API. This has the effect of removing the PAM library dep from qemu-img, >> qemu-io and other helper tools. >> >> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> >> --- >> Makefile | 5 +++-- >> Makefile.objs | 1 + >> Makefile.target | 3 ++- >> authz/Makefile.objs | 9 +++++---- >> 4 files changed, 11 insertions(+), 7 deletions(-) > > No changes to tests/? Surely that means some tests no longer link? Or I could notice your v2, farther down in my mailbox... ;-) r~
diff --git a/Makefile b/Makefile index 66d5c65156..508a3e014b 100644 --- a/Makefile +++ b/Makefile @@ -396,6 +396,7 @@ endif dummy := $(call unnest-vars,, \ stub-obj-y \ authz-obj-y \ + authz-impl-obj-y \ chardev-obj-y \ util-obj-y \ qga-obj-y \ @@ -444,7 +445,7 @@ qemu-options.def: $(SRC_PATH)/qemu-options.hx $(SRC_PATH)/scripts/hxtool SUBDIR_RULES=$(patsubst %,subdir-%, $(TARGET_DIRS)) SOFTMMU_SUBDIR_RULES=$(filter %-softmmu,$(SUBDIR_RULES)) -$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) +$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) $(authz-impl-obj-y) $(SOFTMMU_SUBDIR_RULES): $(block-obj-y) $(SOFTMMU_SUBDIR_RULES): $(crypto-obj-y) $(SOFTMMU_SUBDIR_RULES): $(io-obj-y) @@ -512,7 +513,7 @@ COMMON_LDADDS = libqemuutil.a qemu-img.o: qemu-img-cmds.h qemu-img$(EXESUF): qemu-img.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) -qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) +qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(authz-impl-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-io$(EXESUF): qemu-io.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o $(COMMON_LDADDS) diff --git a/Makefile.objs b/Makefile.objs index cf065de5ed..929c3ea045 100644 --- a/Makefile.objs +++ b/Makefile.objs @@ -9,6 +9,7 @@ chardev-obj-y = chardev/ # authz-obj-y is code used by both qemu system emulation and qemu-img authz-obj-y = authz/ +authz-impl-obj-y = authz/ ####################################################################### # block-obj-y is code used by both qemu system emulation and qemu-img diff --git a/Makefile.target b/Makefile.target index ae02495951..da32dac316 100644 --- a/Makefile.target +++ b/Makefile.target @@ -176,6 +176,7 @@ all-obj-y := $(obj-y) include $(SRC_PATH)/Makefile.objs dummy := $(call unnest-vars,.., \ authz-obj-y \ + authz-impl-obj-y \ block-obj-y \ block-obj-m \ chardev-obj-y \ @@ -187,7 +188,7 @@ dummy := $(call unnest-vars,.., \ common-obj-m) all-obj-y += $(common-obj-y) all-obj-y += $(qom-obj-y) -all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) +all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) $(authz-impl-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y) $(chardev-obj-y) all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y) diff --git a/authz/Makefile.objs b/authz/Makefile.objs index ed7b273596..e4c22447db 100644 --- a/authz/Makefile.objs +++ b/authz/Makefile.objs @@ -1,7 +1,8 @@ authz-obj-y += base.o -authz-obj-y += simple.o -authz-obj-y += list.o -authz-obj-y += listfile.o -authz-obj-$(CONFIG_AUTH_PAM) += pamacct.o + +authz-impl-obj-y += simple.o +authz-impl-obj-y += list.o +authz-impl-obj-y += listfile.o +authz-impl-obj-$(CONFIG_AUTH_PAM) += pamacct.o pamacct.o-libs = -lpam
The core authorization API is a dependancy of the crypto code for the TLS servers. The TLS server code is pulled into anything which links to the crypto objects, which is every QEMU tool. This in turns means that every tool ended up linking to the authz code, which in turn pulls in the PAM library dep. This splits the authz code so that everything links to the base object which defines the API. Only the system emulators and qemu-nbd link to the object classes providing the implementations of the authz object API. This has the effect of removing the PAM library dep from qemu-img, qemu-io and other helper tools. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- Makefile | 5 +++-- Makefile.objs | 1 + Makefile.target | 3 ++- authz/Makefile.objs | 9 +++++---- 4 files changed, 11 insertions(+), 7 deletions(-)