mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-21 21:25:25 +00:00
9d40698116
We need to modify check-file-access.py to be usable as wrapper for libvirt tests. This way we can run the tests using this command: meson test --setup access which will run all tests using check-file-access.py as a wrapper. With autotools all file access are written into single file for all tests and compared once the whole test suite is done. With Meson we will compare the file access after every single test because it is used as wrapper now. That requires writing the file access into separate files for every single test as they are executed in parallel. Since the wrapper is used for all tests in Meson including tests outside of tests directory we have to check for presence of the output file. We should also cleanup after ourselves. Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Neal Gompa <ngompa13@gmail.com>
142 lines
4.2 KiB
Python
Executable File
142 lines
4.2 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
#
|
|
# Copyright (C) 2016-2019 Red Hat, Inc.
|
|
#
|
|
# This library is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU Lesser General Public
|
|
# License as published by the Free Software Foundation; either
|
|
# version 2.1 of the License, or (at your option) any later version.
|
|
#
|
|
# This library is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# Lesser General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Lesser General Public
|
|
# License along with this library. If not, see
|
|
# <http://www.gnu.org/licenses/>.
|
|
#
|
|
# This script is supposed to check test_file_access.txt file and
|
|
# warn about file accesses outside our working tree.
|
|
#
|
|
#
|
|
|
|
import os
|
|
import re
|
|
import sys
|
|
import tempfile
|
|
|
|
abs_builddir = os.environ.get('abs_builddir', '')
|
|
abs_srcdir = os.environ.get('abs_srcdir', '')
|
|
|
|
access_fd, access_file = tempfile.mkstemp(dir=abs_builddir,
|
|
prefix='file-access-',
|
|
suffix='.txt')
|
|
permitted_file = os.path.join(abs_srcdir, 'permitted_file_access.txt')
|
|
|
|
os.environ['VIR_TEST_FILE_ACCESS_OUTPUT'] = access_file
|
|
|
|
test = ' '.join(sys.argv[1:])
|
|
|
|
ret = os.system(test)
|
|
|
|
if ret != 0 or os.read(access_fd, 10) == b'':
|
|
os.close(access_fd)
|
|
os.remove(access_file)
|
|
sys.exit(ret)
|
|
|
|
known_actions = ["open", "fopen", "access", "stat", "lstat", "connect"]
|
|
|
|
files = []
|
|
permitted = []
|
|
|
|
with os.fdopen(access_fd, "r") as fh:
|
|
for line in fh:
|
|
line = line.rstrip("\n")
|
|
|
|
m = re.search(r'''^(\S*):\s*(\S*):\s*(\S*)(\s*:\s*(.*))?$''', line)
|
|
if m is not None:
|
|
rec = {
|
|
"path": m.group(1),
|
|
"action": m.group(2),
|
|
"progname": m.group(3),
|
|
"testname": m.group(5),
|
|
}
|
|
files.append(rec)
|
|
else:
|
|
raise Exception("Malformed line %s" % line)
|
|
|
|
with open(permitted_file, "r") as fh:
|
|
for line in fh:
|
|
line = line.rstrip("\n")
|
|
|
|
if re.search(r'''^\s*#.*$''', line):
|
|
continue # comment
|
|
if line == "":
|
|
continue
|
|
|
|
m = re.search(r'''^(\S*):\s*(\S*)(:\s*(\S*)(\s*:\s*(.*))?)?$''', line)
|
|
if m is not None and m.group(2) in known_actions:
|
|
# $path: $action: $progname: $testname
|
|
rec = {
|
|
"path": m.group(1),
|
|
"action": m.group(3),
|
|
"progname": m.group(4),
|
|
"testname": m.group(6),
|
|
}
|
|
permitted.append(rec)
|
|
else:
|
|
m = re.search(r'''^(\S*)(:\s*(\S*)(\s*:\s*(.*))?)?$''', line)
|
|
if m is not None:
|
|
# $path: $progname: $testname
|
|
rec = {
|
|
"path": m.group(1),
|
|
"action": None,
|
|
"progname": m.group(3),
|
|
"testname": m.group(5),
|
|
}
|
|
permitted.append(rec)
|
|
else:
|
|
raise Exception("Malformed line %s" % line)
|
|
|
|
|
|
# Now we should check if %traces is included in $permitted. For
|
|
# now checking just keys is sufficient
|
|
err = False
|
|
for file in files:
|
|
match = False
|
|
|
|
for rule in permitted:
|
|
if not re.match("^" + rule["path"] + "$", file["path"]):
|
|
continue
|
|
|
|
if (rule["action"] is not None and
|
|
not re.match("^" + rule["action"] + "$", file["action"])):
|
|
continue
|
|
|
|
if (rule["progname"] is not None and
|
|
not re.match("^" + rule["progname"] + "$", file["progname"])):
|
|
continue
|
|
|
|
if (rule["testname"] is not None and
|
|
file["testname"] is not None and
|
|
not re.match("^" + rule["testname"] + "$", file["testname"])):
|
|
continue
|
|
|
|
match = True
|
|
|
|
if not match:
|
|
err = True
|
|
print("%s: %s: %s" %
|
|
(file["path"], file["action"], file["progname"]),
|
|
end="")
|
|
if file["testname"] is not None:
|
|
print(": %s" % file["testname"], end="")
|
|
print("")
|
|
|
|
os.remove(access_file)
|
|
|
|
if err:
|
|
sys.exit(1)
|
|
sys.exit(0)
|