[PATCH v9 00/23] Dynamic configuration update implementation

[Stefano Brivio <sbrivio@redhat.com>]

Changes in v9:
 * Rework Makefile changes and solve conflicts so that we can drop the
   dependency on "Improvements to static checker invocation"
 * In 8/23, drop the "experimental" note from the man page
 * In 10/23, switch to protocol version 1, add basil to the magic sauce
 * In 11/23, initialise struct pesto_pif_info sent by the server
   (details in commit message)
 * In 15/23, add description for -s / --show to pesto.1 as well
 * In 18/23, make comments about redundant checks more verbose
 * In 19/23, make it clear that tables handled by fwd_rule_del() can't
   refer to any open socket, add a TODO to fwd_rule_clear() in that
   sense as well, and use pif_conf_by_name() in pesto to find the
   table we need to clear
 * Add 19/23 to 23/23 (LSM policies, packaging stuff) to make pesto
   ready for shipping

Changes in v8:
 * Implement --add, --delete, and --clear in 19/19, to add forwarding
   rules instead of replacing tables, delete existing rules, and
   explicitly clear tables
 * Address Laurent's comments for 15/19 and 17/19
 * In 10/19, instead of passing SOCK_NONBLOCK to accept4(), explicitly
   set O_NONBLOCK on the listening socket. Using SOCK_NONBLOCK doesn't
   do what we want, as it results in setting O_NONBLOCK on the new
   socket rather than on the listening one
 * Note: 18/19 is left as it is, I didn't address pending comments
   yet
 * Note: this doesn't include yet changes for AppArmor and SELinux
   policies, as well as changes for the template Fedora spec file.
   I'm still working on them

Changes in v7:
 * Addressed comments from Laurent in 6/18, 8/18, 9/18, 10/18, 11/18,
   12/18, 14/18, 15/18 (details in commit messages of single patches,
   before my Signed-off-by)
 * Note: this doesn't include yet --add and --delete, I'm still
   working on that

Changes in v6:
 * Addressed comments from Jon in 10/18, 11/18, 14/18, and 16/18
 * Dodged all warnings from static checkers (Coverity Scan and
   clang-tidy) with changes in 10/18, 11/18, 16/18, and with a
   new patch, 18/18
 * This does *not* include yet the implementation of --add and
   --delete switches for pesto as I originally intended, I'm
   rather far from being done with those. At the moment I just
   have a "mode selection" implementation for command line
   parsing but merging rules to / removing rules from / clearing
   the current table is something I barely started (and what I
   have at the moment isn't really valuable anyway)

David wrote:

---
Here's the next draft of dynamic configuration updates.  This now can
successfully update rules, though I've not tested it very extensively.

Patches 1..8/18 are preliminary reworks that make sense even without
pesto - feel free to apply if you're happy with them.  I don't think
the rest should be applied yet; we need to at least harden it so passt
can't be blocked indefinitely by a client which sends a partial update
then waits.

Based on my earlier series reworking static checking invocation.

TODO:
 - Don't allow a client which sends a partial configuration then
   blocks also block passt
 - Allow pesto to clear existing configuration, not just add
 - Allow pesto selectively delete existing rules, not just add

Changes in v5:
 * If multiple clients connect at once, they're now blocked until the
   first one finishes, instead of later ones being discarded
Changes in v4:
 * Merged with remainder of forward rule parsing rework series
   * Fix some bugs in rule checking pointed out by Laurent
 * Significantly cleaned up option parsing code
 * Changed from replacing all existing rules to adding new rules
   (clear and remove still TBD)
 * Somewhat simplified protocol (pif names and rules sent in a single
   pass)
 * pesto is now allocation free
 * Fixed commit message and style nits pointed out by Stefano
Changes in v3:
 * Removed already applied ASSERT() rename
 * Renamed serialisation functions
 * Incorporated Stefano's extensions, reworked and fixed
 * Several additional cleanups / preliminary reworks
Changes in v2:
 * Removed already applied cleanups
 * Reworked assert() patch to handle -DNDEBUG properly
 * Numerous extra patches:
   * Factored out serialisation helpers and use them for migration as
     well
   * Reworked to allow ip.[ch] and inany.[ch] to be shared with pesto
   * Reworks to share some forwarding rule datatypes with pesto
   * Implemented sending pif names and current ruleset to pesto
---

David Gibson (17):
  conf, fwd: Stricter rule checking in fwd_rule_add()
  fwd_rule: Move ephemeral port probing to fwd_rule.c
  fwd, conf: Move rule parsing code to fwd_rule.[ch]
  fwd_rule: Move conflict checking back within fwd_rule_add()
  fwd: Generalise fwd_rules_info()
  pif: Limit pif names to 128 bytes
  fwd_rule: Fix some format specifiers
  pesto: Introduce stub configuration tool
  pesto, log: Share log.h (but not log.c) with pesto tool
  pesto, conf: Have pesto connect to passt and check versions
  pesto: Expose list of pifs to pesto and display them
  ip: Prepare ip.[ch] for sharing with pesto tool
  inany: Prepare inany.[ch] for sharing with pesto tool
  pesto: Read current ruleset from passt/pasta and optionally display it
  pesto: Parse and add new rules from command line
  pesto, conf: Send updated rules from pesto back to passt/pasta
  conf, fwd: Allow switching to new rules received from pesto

Stefano Brivio (6):
  fwd_rule: Fix static checkers warnings in fwd_rule_add()
  pesto, conf, fwd_rule: Add options and modes to add, delete, clear
    rules
  apparmor: Add policy file for pesto
  selinux: Add file context and type enforcement for pesto
  fedora: Install pesto, its SELinux policy, and the man page from the
    spec file
  hooks: Copy static build of pesto and related man page to server

 .gitignore                     |   2 +
 Makefile                       |  35 +-
 common.h                       | 116 ++++++
 conf.c                         | 696 +++++++++++++++------------------
 conf.h                         |   2 +
 contrib/apparmor/usr.bin.pesto |  23 ++
 contrib/fedora/passt.spec      |  14 +-
 contrib/selinux/pesto.fc       |  11 +
 contrib/selinux/pesto.te       |  95 +++++
 epoll_type.h                   |   4 +
 flow.c                         |   4 +-
 fwd.c                          | 169 ++------
 fwd.h                          |  41 +-
 fwd_rule.c                     | 691 ++++++++++++++++++++++++++++++--
 fwd_rule.h                     |  68 +++-
 hooks/pre-push                 |   1 +
 inany.c                        |  19 +-
 inany.h                        |  17 +-
 ip.c                           |  56 +--
 ip.h                           |   4 +-
 lineread.c                     |   2 +-
 log.h                          |  53 ++-
 passt.1                        |   5 +
 passt.c                        |   8 +
 passt.h                        |   8 +
 pesto.1                        | 275 +++++++++++++
 pesto.c                        | 522 +++++++++++++++++++++++++
 pesto.h                        |  54 +++
 pif.c                          |   2 +-
 pif.h                          |   7 +-
 serialise.c                    |   7 +
 serialise.h                    |   1 +
 siphash.h                      |  13 +
 tap.c                          |  52 +++
 util.h                         | 110 +-----
 35 files changed, 2393 insertions(+), 794 deletions(-)
 create mode 100644 common.h
 create mode 100644 contrib/apparmor/usr.bin.pesto
 create mode 100644 contrib/selinux/pesto.fc
 create mode 100644 contrib/selinux/pesto.te
 create mode 100644 pesto.1
 create mode 100644 pesto.c
 create mode 100644 pesto.h

-- 
2.43.0