runvar access: Introduce access control machinery

This will allow us to trap accesses, during test host setup, to
runvars which weren't included in ithe calculation of the sharing
scope.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>

diff --git a/Osstest/TestSupport.pm b/Osstest/TestSupport.pm
index ce13d3a62b50f88c9bb739f8ec8cf14a00a342d7..b1eca0a906e22e49f95cf912f83a4c37392130d0 100644 (file)
--- a/Osstest/TestSupport.pm
+++ b/Osstest/TestSupport.pm
@@ -33,6 +33,7 @@ use File::Basename;
 use IO::Handle;
 use Carp;
 use Digest::SHA;
+use File::FnMatch qw(:fnmatch);
 
 BEGIN {
     use Exporter ();
@@ -141,6 +142,8 @@ BEGIN {
                       target_core_dump_setup
                       sha256file host_shared_mark_ready
                       gitcache_setup
+
+                     @accessible_runvar_pats
                       );
     %EXPORT_TAGS = ( );
 
@@ -156,6 +159,10 @@ our %timeout= qw(RebootDown   100
 our $logm_handle= new IO::File ">& STDERR" or die $!;
 our $logm_prefix= '';
 
+# When runvar_access_restrict is called, it will limit reading
+# of non-synth runvars to ones which match these glob patterns.
+our @accessible_runvar_pats = qw(test-host-setup-runvars-will-appear-here);
+
 #---------- test script startup ----------
 
 sub tsreadconfig () {
@@ -3164,4 +3171,50 @@ END
                                  'home-osstest-gitconfig');
 }
 
+sub runvar_access_restrict () {
+    # restricts runvars to those in @accessible_runvar_pats
+    return if "@accessible_runvar_pats" eq "*";
+    return if tied %r;
+    tie %r, 'RunvarMonitor', %r;
+}
+
+sub runvar_access_check ($$) {
+    my ($key, $what) = @_;
+    return if grep { fnmatch $_, $key } @accessible_runvar_pats;
+    my $m = "reuse-uncontrolled runvar $what '$key'\n".
+            " (controlled runvars are @accessible_runvar_pats)";
+    confess $m unless $ENV{OSSTEST_UNCONTROLLED_SHARE_RUNVAR_WARNONLY};
+    Carp::cluck $m;
+}
+
+package RunvarMonitor;
+use Carp;
+use Osstest;
+use Osstest::TestSupport;
+
+sub TIEHASH {
+    my $self = shift;
+    logm("reuse: restricting runvars to @accessible_runvar_pats");
+    return bless { @_ }, $self;
+}
+
+sub _ok {
+    my $self = shift;
+    my $key = shift;
+    Osstest::TestSupport::runvar_access_check($key, 'access');
+}
+
+sub FIRSTKEY {
+    confess
+      "reuse-uncontrolled runvar scanning - change to use runvar_glob!";
+}
+sub FETCH { my ($self, $key) = @_; $self->_ok($key); $self->{$key} }
+sub EXISTS { my ($self, $key) = @_; $self->_ok($key); exists $self->{$key} }
+sub STORE { my ($self, $key, $val) = @_; $self->{$key} = $val; }
+sub DELETE { my ($self, $key) = @_; delete $self->{$key}; }
+
+sub CLEAR { confess }
+sub SCALAR { confess }
+sub UNTIE { confess }
+
 1;

diff --git a/README b/README
index ba4bea1d44622a06a4133f2f6042bef61e678c48..a929010cba60249681a7dc952d8057c48a8e3fd3 100644 (file)
--- a/README
+++ b/README
@@ -297,7 +297,7 @@ To run osstest in standalone mode:
      curl
      netcat
      chiark-utils-bin
-     libxml-libxml-perl
+     libxml-libxml-perl libfile-fnmatch-perl
      dctrl-tools
      libnet-snmp-perl (if you are going to use Masterswitch PDUs)