From patchwork Tue May 21 09:32:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 10953227 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 65979924 for ; Tue, 21 May 2019 09:33:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 567F9289BF for ; Tue, 21 May 2019 09:33:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4AA95289C4; Tue, 21 May 2019 09:33:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BE486289BF for ; Tue, 21 May 2019 09:33:48 +0000 (UTC) Received: from localhost ([127.0.0.1]:50107 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hT19X-00040F-HR for patchwork-qemu-devel@patchwork.kernel.org; Tue, 21 May 2019 05:33:47 -0400 Received: from eggs.gnu.org ([209.51.188.92]:39451) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hT18M-0003Pk-1O for qemu-devel@nongnu.org; Tue, 21 May 2019 05:32:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hT18J-0000He-Tf for qemu-devel@nongnu.org; Tue, 21 May 2019 05:32:34 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56226) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hT18J-0000Ge-MG for qemu-devel@nongnu.org; Tue, 21 May 2019 05:32:31 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4707D8FAC1 for ; Tue, 21 May 2019 09:32:30 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-26.ams2.redhat.com [10.36.112.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6C5947D8A3; Tue, 21 May 2019 09:32:29 +0000 (UTC) From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Date: Tue, 21 May 2019 10:32:27 +0100 Message-Id: <20190521093227.4661-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 21 May 2019 09:32:30 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] authz: optimize linking of objects for authorization services X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The core authorization API is a dependancy of the crypto code for the TLS servers. The TLS server code is pulled into anything which links to the crypto objects, which is every QEMU tool. This in turns means that every tool ended up linking to the authz code, which in turn pulls in the PAM library dep. This splits the authz code so that everything links to the base object which defines the API. Only the system emulators and qemu-nbd link to the object classes providing the implementations of the authz object API. This has the effect of removing the PAM library dep from qemu-img, qemu-io and other helper tools. Signed-off-by: Daniel P. Berrangé --- Makefile | 5 +++-- Makefile.objs | 1 + Makefile.target | 3 ++- authz/Makefile.objs | 9 +++++---- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 66d5c65156..508a3e014b 100644 --- a/Makefile +++ b/Makefile @@ -396,6 +396,7 @@ endif dummy := $(call unnest-vars,, \ stub-obj-y \ authz-obj-y \ + authz-impl-obj-y \ chardev-obj-y \ util-obj-y \ qga-obj-y \ @@ -444,7 +445,7 @@ qemu-options.def: $(SRC_PATH)/qemu-options.hx $(SRC_PATH)/scripts/hxtool SUBDIR_RULES=$(patsubst %,subdir-%, $(TARGET_DIRS)) SOFTMMU_SUBDIR_RULES=$(filter %-softmmu,$(SUBDIR_RULES)) -$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) +$(SOFTMMU_SUBDIR_RULES): $(authz-obj-y) $(authz-impl-obj-y) $(SOFTMMU_SUBDIR_RULES): $(block-obj-y) $(SOFTMMU_SUBDIR_RULES): $(crypto-obj-y) $(SOFTMMU_SUBDIR_RULES): $(io-obj-y) @@ -512,7 +513,7 @@ COMMON_LDADDS = libqemuutil.a qemu-img.o: qemu-img-cmds.h qemu-img$(EXESUF): qemu-img.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) -qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) +qemu-nbd$(EXESUF): qemu-nbd.o $(authz-obj-y) $(authz-impl-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-io$(EXESUF): qemu-io.o $(authz-obj-y) $(block-obj-y) $(crypto-obj-y) $(io-obj-y) $(qom-obj-y) $(COMMON_LDADDS) qemu-bridge-helper$(EXESUF): qemu-bridge-helper.o $(COMMON_LDADDS) diff --git a/Makefile.objs b/Makefile.objs index cf065de5ed..929c3ea045 100644 --- a/Makefile.objs +++ b/Makefile.objs @@ -9,6 +9,7 @@ chardev-obj-y = chardev/ # authz-obj-y is code used by both qemu system emulation and qemu-img authz-obj-y = authz/ +authz-impl-obj-y = authz/ ####################################################################### # block-obj-y is code used by both qemu system emulation and qemu-img diff --git a/Makefile.target b/Makefile.target index ae02495951..da32dac316 100644 --- a/Makefile.target +++ b/Makefile.target @@ -176,6 +176,7 @@ all-obj-y := $(obj-y) include $(SRC_PATH)/Makefile.objs dummy := $(call unnest-vars,.., \ authz-obj-y \ + authz-impl-obj-y \ block-obj-y \ block-obj-m \ chardev-obj-y \ @@ -187,7 +188,7 @@ dummy := $(call unnest-vars,.., \ common-obj-m) all-obj-y += $(common-obj-y) all-obj-y += $(qom-obj-y) -all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) +all-obj-$(CONFIG_SOFTMMU) += $(authz-obj-y) $(authz-impl-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(block-obj-y) $(chardev-obj-y) all-obj-$(CONFIG_USER_ONLY) += $(crypto-aes-obj-y) all-obj-$(CONFIG_SOFTMMU) += $(crypto-obj-y) diff --git a/authz/Makefile.objs b/authz/Makefile.objs index ed7b273596..e4c22447db 100644 --- a/authz/Makefile.objs +++ b/authz/Makefile.objs @@ -1,7 +1,8 @@ authz-obj-y += base.o -authz-obj-y += simple.o -authz-obj-y += list.o -authz-obj-y += listfile.o -authz-obj-$(CONFIG_AUTH_PAM) += pamacct.o + +authz-impl-obj-y += simple.o +authz-impl-obj-y += list.o +authz-impl-obj-y += listfile.o +authz-impl-obj-$(CONFIG_AUTH_PAM) += pamacct.o pamacct.o-libs = -lpam