mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-30 13:58:14 +00:00
Code Issues Releases Wiki Activity

Eliminate "whitelist" and "blacklist" terms.

Browse Source 
There is one remaining use under datapath.  That change should happen
upstream in Linux first according to our usual policy.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean@ovn.org>
This commit is contained in:
Ben Pfaff
2020-06-17 14:22:47 -07:00
parent 807152a4dd
commit 8205fbc8f5
28 changed files with 105 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Documentation/howto/ipsec.rst
View File

@@ -162,7 +162,7 @@ undesirable situation.
`ipsec_skb_mark`. By setting the ipsec_skb_mark as 0/1, OVS IPsec prevents `ipsec_skb_mark`. By setting the ipsec_skb_mark as 0/1, OVS IPsec prevents
all unencrypted tunnel packets leaving the host since the default skb_mark all unencrypted tunnel packets leaving the host since the default skb_mark
value for tunnel packets are 0. This affects all OVS tunnels including those value for tunnel packets are 0. This affects all OVS tunnels including those
without IPsec being set up. You can install OpenFlow rules to whitelist without IPsec being set up. You can install OpenFlow rules to enable
those non-IPsec tunnels by setting the skb_mark of the tunnel traffic as those non-IPsec tunnels by setting the skb_mark of the tunnel traffic as
non-zero value. non-zero value.

8
Documentation/howto/selinux.rst
View File

@@ -67,8 +67,8 @@ differently than SELinux.
SELinux and Open vSwitch are moving targets. What this means is that, if you SELinux and Open vSwitch are moving targets. What this means is that, if you
solely rely on your Linux distribution's SELinux policy, then this policy might solely rely on your Linux distribution's SELinux policy, then this policy might
not have correctly anticipated that a newer Open vSwitch version needs extra not have correctly anticipated that a newer Open vSwitch version needs extra
white list rules. However, if you solely rely on SELinux policy that ships rules to allow behavior. However, if you solely rely on SELinux policy that
with Open vSwitch, then Open vSwitch developers might not have correctly ships with Open vSwitch, then Open vSwitch developers might not have correctly
anticipated the feature set that your SELinux implementation supports. anticipated the feature set that your SELinux implementation supports.
Installation Installation
@@ -136,8 +136,8 @@ Then verify that this module was indeed loaded::
openvswitch 1.1.1 openvswitch 1.1.1
If you still see Permission denied errors, then take a look into If you still see Permission denied errors, then take a look into
``selinux/openvswitch.te.in`` file in the OVS source tree and try to add white ``selinux/openvswitch.te.in`` file in the OVS source tree and try to add allow
list rules. This is really simple, just run SELinux audit2allow tool:: rules. This is really simple, just run SELinux audit2allow tool::
$ grep "openvswitch_t" /var/log/audit/audit.log | audit2allow -M ovslocal $ grep "openvswitch_t" /var/log/audit/audit.log | audit2allow -M ovslocal

2
Documentation/topics/datapath.rst
View File

@@ -261,5 +261,5 @@ Implement the headers and codes for compatibility with older kernel in
function should be prefixed with ``rpl_``. Otherwise, the function should be function should be prefixed with ``rpl_``. Otherwise, the function should be
prefixed with ``ovs_``. For special case when it is not possible to follow prefixed with ``ovs_``. For special case when it is not possible to follow
this rule (e.g., the ``pskb_expand_head()`` function), the function name must this rule (e.g., the ``pskb_expand_head()`` function), the function name must
be added to ``linux/compat/build-aux/export-check-whitelist``, otherwise, the be added to ``linux/compat/build-aux/export-check-allowlist``, otherwise, the
compilation check ``check-export-symbol`` will fail. compilation check ``check-export-symbol`` will fail.

9
Documentation/topics/ovsdb-replication.rst
View File

@@ -91,7 +91,7 @@ When sending a monitor request the standby server is doing the following:
4. For each database with the same schema in both the active and standby 4. For each database with the same schema in both the active and standby
servers: construct and send a monitor request message specifying the tables servers: construct and send a monitor request message specifying the tables
that will be monitored (i.e all the tables on the database except the ones that will be monitored (i.e all the tables on the database except the ones
blacklisted [*]). explicitly excluded [*]).
5. Set the standby database to the current state of the active database. 5. Set the standby database to the current state of the active database.
@@ -100,10 +100,9 @@ receive notifications of changes occurring to the tables specified in the
request. The process of handling this notifications is detailed in the next request. The process of handling this notifications is detailed in the next
section. section.
[*] A set of tables that will be excluded from replication can be configure as [*] A set of tables that will be excluded from replication can be configured
a blacklist of tables via the command line option via the command line option ``--sync-exclude-tables=db:table[,db:table]...``,
``--sync-exclude-tables=db:table[,db:table]...``, where db corresponds to the where db corresponds to the database where the table resides.
database where the table resides.
Replication Process Replication Process
------------------- -------------------

10
Makefile.am
View File

@@ -276,7 +276,7 @@ static-check:
fi fi
.PHONY: static-check .PHONY: static-check
# Check that assert.h is not used outside a whitelist of files. # Check that assert.h is not used (outside a small set of files).
ALL_LOCAL += check-assert-h-usage ALL_LOCAL += check-assert-h-usage
check-assert-h-usage: check-assert-h-usage:
@if test -e $(srcdir)/.git && (git --version) >/dev/null 2>&1 && \ @if test -e $(srcdir)/.git && (git --version) >/dev/null 2>&1 && \
@@ -323,7 +323,7 @@ check-tabs:
if test -e .git && (git --version) >/dev/null 2>&1 && \ if test -e .git && (git --version) >/dev/null 2>&1 && \
grep -ln "^ " \ grep -ln "^ " \
`git ls-files \ `git ls-files \
| grep -v -f build-aux/initial-tab-whitelist` /dev/null \ | grep -v -f build-aux/initial-tab-allowed-files` /dev/null \
| $(EGREP) -v ':[ ]*/?\*'; \ | $(EGREP) -v ':[ ]*/?\*'; \
then \ then \
echo "See above for files that use tabs for indentation."; \ echo "See above for files that use tabs for indentation."; \
@@ -336,16 +336,16 @@ ALL_LOCAL += thread-safety-check
thread-safety-check: thread-safety-check:
@cd $(srcdir); \ @cd $(srcdir); \
if test -e .git && (git --version) >/dev/null 2>&1 && \ if test -e .git && (git --version) >/dev/null 2>&1 && \
grep -n -f build-aux/thread-safety-blacklist \ grep -n -f build-aux/thread-safety-forbidden \
`git ls-files | grep '\.[ch]$$' \ `git ls-files | grep '\.[ch]$$' \
| $(EGREP) -v '^datapath|^lib/sflow|^third-party'` /dev/null \ | $(EGREP) -v '^datapath|^lib/sflow|^third-party'` /dev/null \
| $(EGREP) -v ':[ ]*/?\*'; \ | $(EGREP) -v ':[ ]*/?\*'; \
then \ then \
echo "See above for list of calls to functions that are"; \ echo "See above for list of calls to functions that are"; \
echo "blacklisted due to thread safety issues"; \ echo "forbidden due to thread safety issues"; \
exit 1; \ exit 1; \
fi fi
EXTRA_DIST += build-aux/thread-safety-blacklist EXTRA_DIST += build-aux/thread-safety-forbidden
.PHONY: thread-safety-check .PHONY: thread-safety-check
# Check that "ip" is used in preference to "ifconfig", because # Check that "ip" is used in preference to "ifconfig", because

2
build-aux/automake.mk
View File

@@ -5,7 +5,7 @@ EXTRA_DIST += \
build-aux/dist-docs \ build-aux/dist-docs \
build-aux/dpdkstrip.py \ build-aux/dpdkstrip.py \
build-aux/generate-dhparams-c \ build-aux/generate-dhparams-c \
build-aux/initial-tab-whitelist \ build-aux/initial-tab-allowed-files \
build-aux/sodepends.py \ build-aux/sodepends.py \
build-aux/soexpand.py \ build-aux/soexpand.py \
build-aux/text2c \ build-aux/text2c \

0
build-aux/initial-tab-whitelist → build-aux/initial-tab-allowed-files
View File

0
build-aux/thread-safety-blacklist → build-aux/thread-safety-forbidden
View File

2
datapath/Makefile.am
View File

@@ -42,7 +42,7 @@ COMPAT_EXPORTS := $(shell $(COMPAT_GET_EXPORTS))
# Checks that all EXPORT_SYMBOL_GPL() export 'rpl_' or 'ovs_' prefixed functions. # Checks that all EXPORT_SYMBOL_GPL() export 'rpl_' or 'ovs_' prefixed functions.
check-export-symbol: check-export-symbol:
@for fun_ in $(COMPAT_FUNCTIONS); do \ @for fun_ in $(COMPAT_FUNCTIONS); do \
if ! grep -- $${fun_} $(top_srcdir)/datapath/linux/compat/build-aux/export-check-whitelist > /dev/null; then \ if ! grep -- $${fun_} $(top_srcdir)/datapath/linux/compat/build-aux/export-check-allow-list > /dev/null; then \
if ! echo $${fun_} | grep -q -E '^(rpl|ovs)_'; then \ if ! echo $${fun_} | grep -q -E '^(rpl|ovs)_'; then \
echo "error: $${fun_}() needs to be prefixed with 'rpl_' or 'ovs_'."; \ echo "error: $${fun_}() needs to be prefixed with 'rpl_' or 'ovs_'."; \
exit 1; \ exit 1; \

2
datapath/linux/Modules.mk
View File

@@ -120,4 +120,4 @@ openvswitch_headers += \
linux/compat/include/linux/netfilter.h \ linux/compat/include/linux/netfilter.h \
linux/compat/include/linux/overflow.h \ linux/compat/include/linux/overflow.h \
linux/compat/include/linux/rbtree.h linux/compat/include/linux/rbtree.h
EXTRA_DIST += linux/compat/build-aux/export-check-whitelist EXTRA_DIST += linux/compat/build-aux/export-check-allow-list

0
datapath/linux/compat/build-aux/export-check-whitelist → datapath/linux/compat/build-aux/export-check-allow-list
View File

2
include/openvswitch/automake.mk
View File

@@ -72,7 +72,7 @@ endif
# header file has the proper extern declaration for use with C++. # header file has the proper extern declaration for use with C++.
# #
# Some header files don't declare any external functions, so they # Some header files don't declare any external functions, so they
# don't really need extern "C". We only white list a couple of these # don't really need extern "C". We only permit a couple of these
# below, which are the ones that seem unlikely to ever declare # below, which are the ones that seem unlikely to ever declare
# external functions. For the rest, we add extern "C" anyway; it # external functions. For the rest, we add extern "C" anyway; it
# doesn't hurt. # doesn't hurt.

2
lib/daemon.man
View File

@@ -58,7 +58,7 @@ This option has no effect when \fB\-\-detach\fR is not specified.
.TP .TP
\fB\-\-no\-self\-confinement\fR \fB\-\-no\-self\-confinement\fR
By default daemon will try to self-confine itself to work with By default daemon will try to self-confine itself to work with
files under well-know, at build-time whitelisted directories. It files under well-known directories determined during build. It
is better to stick with this default behavior and not to use this is better to stick with this default behavior and not to use this
flag unless some other Access Control is used to confine daemon. flag unless some other Access Control is used to confine daemon.
Note that in contrast to other access control implementations that Note that in contrast to other access control implementations that

2
lib/daemon.xml
View File

@@ -82,7 +82,7 @@
<dt><code>--no-self-confinement</code></dt> <dt><code>--no-self-confinement</code></dt>
<dd> <dd>
By default this daemon will try to self-confine itself to work with files By default this daemon will try to self-confine itself to work with files
under well-known directories whitelisted at build time. It is better to under well-known directories determined at build time. It is better to
stick with this default behavior and not to use this flag unless some other stick with this default behavior and not to use this flag unless some other
Access Control is used to confine daemon. Note that in contrast to other Access Control is used to confine daemon. Note that in contrast to other
access control implementations that are typically enforced from access control implementations that are typically enforced from

14
lib/dpif.c
View File

@@ -79,9 +79,9 @@ struct registered_dpif_class {
int refcount; int refcount;
}; };
static struct shash dpif_classes = SHASH_INITIALIZER(&dpif_classes); static struct shash dpif_classes = SHASH_INITIALIZER(&dpif_classes);
static struct sset dpif_blacklist = SSET_INITIALIZER(&dpif_blacklist); static struct sset dpif_disallowed = SSET_INITIALIZER(&dpif_disallowed);
/* Protects 'dpif_classes', including the refcount, and 'dpif_blacklist'. */ /* Protects 'dpif_classes', including the refcount, and 'dpif_disallowed'. */
static struct ovs_mutex dpif_mutex = OVS_MUTEX_INITIALIZER; static struct ovs_mutex dpif_mutex = OVS_MUTEX_INITIALIZER;
/* Rate limit for individual messages going to or from the datapath, output at /* Rate limit for individual messages going to or from the datapath, output at
@@ -134,8 +134,8 @@ dp_register_provider__(const struct dpif_class *new_class)
struct registered_dpif_class *registered_class; struct registered_dpif_class *registered_class;
int error; int error;
if (sset_contains(&dpif_blacklist, new_class->type)) { if (sset_contains(&dpif_disallowed, new_class->type)) {
VLOG_DBG("attempted to register blacklisted provider: %s", VLOG_DBG("attempted to register disallowed provider: %s",
new_class->type); new_class->type);
return EINVAL; return EINVAL;
} }
@@ -219,13 +219,13 @@ dp_unregister_provider(const char *type)
return error; return error;
} }
/* Blacklists a provider. Causes future calls of dp_register_provider() with /* Disallows a provider. Causes future calls of dp_register_provider() with
* a dpif_class which implements 'type' to fail. */ * a dpif_class which implements 'type' to fail. */
void void
dp_blacklist_provider(const char *type) dp_disallow_provider(const char *type)
{ {
ovs_mutex_lock(&dpif_mutex); ovs_mutex_lock(&dpif_mutex);
sset_add(&dpif_blacklist, type); sset_add(&dpif_disallowed, type);
ovs_mutex_unlock(&dpif_mutex); ovs_mutex_unlock(&dpif_mutex);
} }

2
lib/dpif.h
View File

@@ -400,7 +400,7 @@ struct sset;
int dp_register_provider(const struct dpif_class *); int dp_register_provider(const struct dpif_class *);
int dp_unregister_provider(const char *type); int dp_unregister_provider(const char *type);
void dp_blacklist_provider(const char *type); void dp_disallow_provider(const char *type);
void dp_enumerate_types(struct sset *types); void dp_enumerate_types(struct sset *types);
const char *dpif_normalize_type(const char *); const char *dpif_normalize_type(const char *);

4
lib/ovsdb-idl.h
View File

@@ -100,12 +100,12 @@ const struct ovsdb_idl_table_class *ovsdb_idl_table_class_from_column(
* The client may choose any subset of the columns and tables to replicate, * The client may choose any subset of the columns and tables to replicate,
* specifying it one of two ways: * specifying it one of two ways:
* *
* - As a blacklist (adding the columns or tables to replicate). To do so, * - As a deny list (adding the columns or tables to replicate). To do so,
* the client passes false as 'monitor_everything_by_default' to * the client passes false as 'monitor_everything_by_default' to
* ovsdb_idl_create() and then calls ovsdb_idl_add_column() and * ovsdb_idl_create() and then calls ovsdb_idl_add_column() and
* ovsdb_idl_add_table() for the desired columns and, if necessary, tables. * ovsdb_idl_add_table() for the desired columns and, if necessary, tables.
* *
* - As a whitelist (replicating all columns and tables except those * - As an allow list (replicating all columns and tables except those
* explicitly removed). To do so, the client passes true as * explicitly removed). To do so, the client passes true as
* 'monitor_everything_by_default' to ovsdb_idl_create() and then calls * 'monitor_everything_by_default' to ovsdb_idl_create() and then calls
* ovsdb_idl_omit() to remove columns. * ovsdb_idl_omit() to remove columns.

8
ovsdb/ovsdb-server.c
View File

@@ -1391,7 +1391,7 @@ ovsdb_server_set_sync_exclude_tables(struct unixctl_conn *conn,
{ {
struct server_config *config = config_; struct server_config *config = config_;
char *err = set_blacklist_tables(argv[1], true); char *err = set_excluded_tables(argv[1], true);
if (!err) { if (!err) {
free(*config->sync_exclude); free(*config->sync_exclude);
*config->sync_exclude = xstrdup(argv[1]); *config->sync_exclude = xstrdup(argv[1]);
@@ -1403,7 +1403,7 @@ ovsdb_server_set_sync_exclude_tables(struct unixctl_conn *conn,
config->all_dbs, server_uuid, config->all_dbs, server_uuid,
*config->replication_probe_interval); *config->replication_probe_interval);
} }
err = set_blacklist_tables(argv[1], false); err = set_excluded_tables(argv[1], false);
} }
unixctl_command_reply(conn, err); unixctl_command_reply(conn, err);
free(err); free(err);
@@ -1415,7 +1415,7 @@ ovsdb_server_get_sync_exclude_tables(struct unixctl_conn *conn,
const char *argv[] OVS_UNUSED, const char *argv[] OVS_UNUSED,
void *arg_ OVS_UNUSED) void *arg_ OVS_UNUSED)
{ {
char *reply = get_blacklist_tables(); char *reply = get_excluded_tables();
unixctl_command_reply(conn, reply); unixctl_command_reply(conn, reply);
free(reply); free(reply);
} }
@@ -1853,7 +1853,7 @@ parse_options(int argc, char *argv[],
break; break;
case OPT_SYNC_EXCLUDE: { case OPT_SYNC_EXCLUDE: {
char *err = set_blacklist_tables(optarg, false); char *err = set_excluded_tables(optarg, false);
if (err) { if (err) {
ovs_fatal(0, "%s", err); ovs_fatal(0, "%s", err);
} }

72
ovsdb/replication.c
View File

@@ -68,11 +68,11 @@ static struct ovsdb_error *execute_update(struct ovsdb_txn *txn,
struct json *new); struct json *new);
/* Maps from db name to sset of table names. */ /* Maps from db name to sset of table names. */
static struct shash blacklist_tables = SHASH_INITIALIZER(&blacklist_tables); static struct shash excluded_tables = SHASH_INITIALIZER(&excluded_tables);
static void blacklist_tables_clear(void); static void excluded_tables_clear(void);
static void blacklist_tables_add(const char *database, const char *table); static void excluded_tables_add(const char *database, const char *table);
static bool blacklist_tables_find(const char *database, const char* table); static bool excluded_tables_find(const char *database, const char *table);
/* Keep track of request IDs of all outstanding OVSDB requests. */ /* Keep track of request IDs of all outstanding OVSDB requests. */
@@ -131,7 +131,7 @@ replication_init(const char *sync_from_, const char *exclude_tables,
sync_from = xstrdup(sync_from_); sync_from = xstrdup(sync_from_);
/* Caller should have verified that the 'exclude_tables' is /* Caller should have verified that the 'exclude_tables' is
* parseable. An error here is unexpected. */ * parseable. An error here is unexpected. */
ovs_assert(!set_blacklist_tables(exclude_tables, false)); ovs_assert(!set_excluded_tables(exclude_tables, false));
replication_dbs_destroy(); replication_dbs_destroy();
@@ -407,38 +407,38 @@ replication_wait(void)
} }
} }
/* Parse 'blacklist' to rebuild 'blacklist_tables'. If 'dryrun' is false, the /* Parse 'excluded' to rebuild 'excluded_tables'. If 'dryrun' is false, the
* current black list tables will be wiped out, regardless of whether * current set of excluded tables will be wiped out, regardless of whether
* 'blacklist' can be parsed. If 'dryrun' is true, only parses 'blacklist' and * 'excluded' can be parsed. If 'dryrun' is true, only parses 'excluded' and
* reports any errors, without modifying the blacklist. * reports any errors, without modifying the list of exclusions.
* *
* On error, returns the error string, which the caller is * On error, returns the error string, which the caller is
* responsible for freeing. Returns NULL otherwise. */ * responsible for freeing. Returns NULL otherwise. */
char * OVS_WARN_UNUSED_RESULT char * OVS_WARN_UNUSED_RESULT
set_blacklist_tables(const char *blacklist, bool dryrun) set_excluded_tables(const char *excluded, bool dryrun)
{ {
struct sset set = SSET_INITIALIZER(&set); struct sset set = SSET_INITIALIZER(&set);
char *err = NULL; char *err = NULL;
if (blacklist) { if (excluded) {
const char *longname; const char *longname;
if (!dryrun) { if (!dryrun) {
/* Can only add to an empty shash. */ /* Can only add to an empty shash. */
blacklist_tables_clear(); excluded_tables_clear();
} }
sset_from_delimited_string(&set, blacklist, " ,"); sset_from_delimited_string(&set, excluded, " ,");
SSET_FOR_EACH (longname, &set) { SSET_FOR_EACH (longname, &set) {
char *database = xstrdup(longname), *table = NULL; char *database = xstrdup(longname), *table = NULL;
strtok_r(database, ":", &table); strtok_r(database, ":", &table);
if (table && !dryrun) { if (table && !dryrun) {
blacklist_tables_add(database, table); excluded_tables_add(database, table);
} }
free(database); free(database);
if (!table) { if (!table) {
err = xasprintf("Can't parse black list table: %s", longname); err = xasprintf("Can't parse excluded table: %s", longname);
goto done; goto done;
} }
} }
@@ -447,19 +447,19 @@ set_blacklist_tables(const char *blacklist, bool dryrun)
done: done:
sset_destroy(&set); sset_destroy(&set);
if (err && !dryrun) { if (err && !dryrun) {
/* On error, destroy the partially built 'blacklist_tables'. */ /* On error, destroy the partially built 'excluded_tables'. */
blacklist_tables_clear(); excluded_tables_clear();
} }
return err; return err;
} }
char * OVS_WARN_UNUSED_RESULT char * OVS_WARN_UNUSED_RESULT
get_blacklist_tables(void) get_excluded_tables(void)
{ {
struct shash_node *node; struct shash_node *node;
struct sset set = SSET_INITIALIZER(&set); struct sset set = SSET_INITIALIZER(&set);
SHASH_FOR_EACH (node, &blacklist_tables) { SHASH_FOR_EACH (node, &excluded_tables) {
const char *database = node->name; const char *database = node->name;
const char *table; const char *table;
struct sset *tables = node->data; struct sset *tables = node->data;
@@ -489,35 +489,35 @@ get_blacklist_tables(void)
} }
static void static void
blacklist_tables_clear(void) excluded_tables_clear(void)
{ {
struct shash_node *node; struct shash_node *node;
SHASH_FOR_EACH (node, &blacklist_tables) { SHASH_FOR_EACH (node, &excluded_tables) {
struct sset *tables = node->data; struct sset *tables = node->data;
sset_destroy(tables); sset_destroy(tables);
} }
shash_clear_free_data(&blacklist_tables); shash_clear_free_data(&excluded_tables);
} }
static void static void
blacklist_tables_add(const char *database, const char *table) excluded_tables_add(const char *database, const char *table)
{ {
struct sset *tables = shash_find_data(&blacklist_tables, database); struct sset *tables = shash_find_data(&excluded_tables, database);
if (!tables) { if (!tables) {
tables = xmalloc(sizeof *tables); tables = xmalloc(sizeof *tables);
sset_init(tables); sset_init(tables);
shash_add(&blacklist_tables, database, tables); shash_add(&excluded_tables, database, tables);
} }
sset_add(tables, table); sset_add(tables, table);
} }
static bool static bool
blacklist_tables_find(const char *database, const char *table) excluded_tables_find(const char *database, const char *table)
{ {
struct sset *tables = shash_find_data(&blacklist_tables, database); struct sset *tables = shash_find_data(&excluded_tables, database);
return tables && sset_contains(tables, table); return tables && sset_contains(tables, table);
} }
@@ -531,8 +531,8 @@ disconnect_active_server(void)
void void
replication_destroy(void) replication_destroy(void)
{ {
blacklist_tables_clear(); excluded_tables_clear();
shash_destroy(&blacklist_tables); shash_destroy(&excluded_tables);
if (sync_from) { if (sync_from) {
free(sync_from); free(sync_from);
@@ -558,8 +558,8 @@ reset_database(struct ovsdb *db)
struct shash_node *table_node; struct shash_node *table_node;
SHASH_FOR_EACH (table_node, &db->tables) { SHASH_FOR_EACH (table_node, &db->tables) {
/* Delete all rows if the table is not blacklisted. */ /* Delete all rows if the table is not excluded. */
if (!blacklist_tables_find(db->schema->name, table_node->name)) { if (!excluded_tables_find(db->schema->name, table_node->name)) {
struct ovsdb_table *table = table_node->data; struct ovsdb_table *table = table_node->data;
struct ovsdb_row *row, *next; struct ovsdb_row *row, *next;
HMAP_FOR_EACH_SAFE (row, next, hmap_node, &table->rows) { HMAP_FOR_EACH_SAFE (row, next, hmap_node, &table->rows) {
@@ -572,7 +572,7 @@ reset_database(struct ovsdb *db)
} }
/* Create a monitor request for 'db'. The monitor request will include /* Create a monitor request for 'db'. The monitor request will include
* any tables from 'blacklisted_tables' * any tables from 'excluded_tables'
* *
* Caller is responsible for disposing 'request'. * Caller is responsible for disposing 'request'.
*/ */
@@ -590,8 +590,8 @@ create_monitor_request(struct ovsdb_schema *schema)
for (int j = 0; j < n; j++) { for (int j = 0; j < n; j++) {
struct ovsdb_table_schema *table = nodes[j]->data; struct ovsdb_table_schema *table = nodes[j]->data;
/* Monitor all tables not blacklisted. */ /* Monitor all tables not excluded. */
if (!blacklist_tables_find(db_name, table->name)) { if (!excluded_tables_find(db_name, table->name)) {
add_monitored_table(table, monitor_request); add_monitored_table(table, monitor_request);
} }
} }
@@ -914,10 +914,10 @@ replication_status(void)
} }
ds_chomp(&ds, ','); ds_chomp(&ds, ',');
if (!shash_is_empty(&blacklist_tables)) { if (!shash_is_empty(&excluded_tables)) {
ds_put_char(&ds, '\n'); ds_put_char(&ds, '\n');
ds_put_cstr(&ds, "exclude: "); ds_put_cstr(&ds, "exclude: ");
ds_put_and_free_cstr(&ds, get_blacklist_tables()); ds_put_and_free_cstr(&ds, get_excluded_tables());
} }
break; break;
} }

10
ovsdb/replication.h
View File

@@ -39,9 +39,9 @@ struct ovsdb;
* replication_get_last_error() should be call within the main loop * replication_get_last_error() should be call within the main loop
* whenever OVSDB server runs in the backup mode. * whenever OVSDB server runs in the backup mode.
* *
* - set_blacklist_tables(), get_blacklist_tables(), * - set_excluded_tables(), get_excluded_tables(), disconnect_active_server()
* disconnect_active_server() and replication_usage() are support functions * and replication_usage() are support functions used mainly by unixctl
* used mainly by uinxctl commands. * commands.
*/ */
#define REPLICATION_DEFAULT_PROBE_INTERVAL 60000 #define REPLICATION_DEFAULT_PROBE_INTERVAL 60000
@@ -58,9 +58,9 @@ int replication_get_last_error(void);
char *replication_status(void); char *replication_status(void);
void replication_set_probe_interval(int); void replication_set_probe_interval(int);
char *set_blacklist_tables(const char *blacklist, bool dryrun) char *set_excluded_tables(const char *excluded, bool dryrun)
OVS_WARN_UNUSED_RESULT; OVS_WARN_UNUSED_RESULT;
char *get_blacklist_tables(void) OVS_WARN_UNUSED_RESULT; char *get_excluded_tables(void) OVS_WARN_UNUSED_RESULT;
void disconnect_active_server(void); void disconnect_active_server(void);
#endif /* ovsdb/replication.h */ #endif /* ovsdb/replication.h */

4
tests/ofproto-macros.at
View File

@@ -304,11 +304,11 @@ add_pmd_of_ports () {
m4_divert_pop([PREPARE_TESTS]) m4_divert_pop([PREPARE_TESTS])
# OVS_VSWITCHD_STOP([WHITELIST]) # OVS_VSWITCHD_STOP([ALLOWLIST])
# #
# Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files # Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files
# for messages with severity WARN or higher and signaling an error if any # for messages with severity WARN or higher and signaling an error if any
# is present. The optional WHITELIST may contain shell-quoted "sed" # is present. The optional ALLOWLIST may contain shell-quoted "sed"
# commands to delete any warnings that are actually expected, e.g.: # commands to delete any warnings that are actually expected, e.g.:
# #
# OVS_VSWITCHD_STOP(["/expected error/d"]) # OVS_VSWITCHD_STOP(["/expected error/d"])

6
tests/system-kmod-macros.at
View File

@@ -29,16 +29,16 @@ m4_define([OVS_TRAFFIC_VSWITCHD_START],
AT_CHECK([ovs-vsctl -- _ADD_BR([br0]) -- $1 m4_if([$2], [], [], [| uuidfilt])], [0], [$2]) AT_CHECK([ovs-vsctl -- _ADD_BR([br0]) -- $1 m4_if([$2], [], [], [| uuidfilt])], [0], [$2])
]) ])
# OVS_TRAFFIC_VSWITCHD_STOP([WHITELIST], [extra_cmds]) # OVS_TRAFFIC_VSWITCHD_STOP([ALLOWLIST], [extra_cmds])
# #
# Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files # Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files
# for messages with severity WARN or higher and signaling an error if any # for messages with severity WARN or higher and signaling an error if any
# is present. The optional WHITELIST may contain shell-quoted "sed" # is present. The optional ALLOWLIST may contain shell-quoted "sed"
# commands to delete any warnings that are actually expected, e.g.: # commands to delete any warnings that are actually expected, e.g.:
# #
# OVS_TRAFFIC_VSWITCHD_STOP(["/expected error/d"]) # OVS_TRAFFIC_VSWITCHD_STOP(["/expected error/d"])
# #
# 'extra_cmds' are shell commands to be executed afte OVS_VSWITCHD_STOP() is # 'extra_cmds' are shell commands to be executed after OVS_VSWITCHD_STOP() is
# invoked. They can be used to perform additional cleanups such as name space # invoked. They can be used to perform additional cleanups such as name space
# removal. # removal.
m4_define([OVS_TRAFFIC_VSWITCHD_STOP], m4_define([OVS_TRAFFIC_VSWITCHD_STOP],

6
tests/system-userspace-macros.at
View File

@@ -21,16 +21,16 @@ m4_define([OVS_TRAFFIC_VSWITCHD_START],
AT_CHECK([ovs-vsctl -- _ADD_BR([br0]) -- $1 m4_if([$2], [], [], [| uuidfilt])], [0], [$2]) AT_CHECK([ovs-vsctl -- _ADD_BR([br0]) -- $1 m4_if([$2], [], [], [| uuidfilt])], [0], [$2])
]) ])
# OVS_TRAFFIC_VSWITCHD_STOP([WHITELIST], [extra_cmds]) # OVS_TRAFFIC_VSWITCHD_STOP([ALLOWLIST], [extra_cmds])
# #
# Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files # Gracefully stops ovs-vswitchd and ovsdb-server, checking their log files
# for messages with severity WARN or higher and signaling an error if any # for messages with severity WARN or higher and signaling an error if any
# is present. The optional WHITELIST may contain shell-quoted "sed" # is present. The optional ALLOWLIST may contain shell-quoted "sed"
# commands to delete any warnings that are actually expected, e.g.: # commands to delete any warnings that are actually expected, e.g.:
# #
# OVS_TRAFFIC_VSWITCHD_STOP(["/expected error/d"]) # OVS_TRAFFIC_VSWITCHD_STOP(["/expected error/d"])
# #
# 'extra_cmds' are shell commands to be executed afte OVS_VSWITCHD_STOP() is # 'extra_cmds' are shell commands to be executed after OVS_VSWITCHD_STOP() is
# invoked. They can be used to perform additional cleanups such as name space # invoked. They can be used to perform additional cleanups such as name space
# removal. # removal.
m4_define([OVS_TRAFFIC_VSWITCHD_STOP], m4_define([OVS_TRAFFIC_VSWITCHD_STOP],

3
tests/test-classifier.c
View File

@@ -14,7 +14,8 @@
* limitations under the License. * limitations under the License.
*/ */
/* "White box" tests for classifier. /* Tests for classifier, written with knowledge of and to advantage of the
* classifier's internal structure.
* *
* With very few exceptions, these tests obtain complete coverage of every * With very few exceptions, these tests obtain complete coverage of every
* basic block and every branch in the classifier implementation, e.g. a clean * basic block and every branch in the classifier implementation, e.g. a clean

8
utilities/checkpatch.py
View File

@@ -190,13 +190,13 @@ skip_signoff_check = False
# name, as they may have legitimate reasons to have longer lines. # name, as they may have legitimate reasons to have longer lines.
# #
# Python isn't checked as flake8 performs these checks during build. # Python isn't checked as flake8 performs these checks during build.
line_length_blacklist = re.compile( line_length_ignore_list = re.compile(
r'\.(am|at|etc|in|m4|mk|patch|py)$|debian/rules') r'\.(am|at|etc|in|m4|mk|patch|py)$|debian/rules')
# Don't enforce a requirement that leading whitespace be all spaces on # Don't enforce a requirement that leading whitespace be all spaces on
# files that include these characters in their name, since these kinds # files that include these characters in their name, since these kinds
# of files need lines with leading tabs. # of files need lines with leading tabs.
leading_whitespace_blacklist = re.compile(r'\.(mk|am|at)$|debian/rules') leading_whitespace_ignore_list = re.compile(r'\.(mk|am|at)$|debian/rules')
def is_subtracted_line(line): def is_subtracted_line(line):
@@ -523,11 +523,11 @@ file_checks = [
checks = [ checks = [
{'regex': None, {'regex': None,
'match_name': lambda x: not line_length_blacklist.search(x), 'match_name': lambda x: not line_length_ignore_list.search(x),
'check': lambda x: line_length_check(x)}, 'check': lambda x: line_length_check(x)},
{'regex': None, {'regex': None,
'match_name': lambda x: not leading_whitespace_blacklist.search(x), 'match_name': lambda x: not leading_whitespace_ignore_list.search(x),
'check': lambda x: not leading_whitespace_is_spaces(x), 'check': lambda x: not leading_whitespace_is_spaces(x),
'print': lambda: print_warning("Line has non-spaces leading whitespace")}, 'print': lambda: print_warning("Line has non-spaces leading whitespace")},

27
vswitchd/bridge.c
View File

@@ -3909,49 +3909,48 @@ bridge_configure_remotes(struct bridge *br,
&& (!strncmp(c->target, "punix:", 6) && (!strncmp(c->target, "punix:", 6)
|| !strncmp(c->target, "unix:", 5))) { || !strncmp(c->target, "unix:", 5))) {
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
char *whitelist; char *allowed;
if (!strncmp(c->target, "unix:", 5)) { if (!strncmp(c->target, "unix:", 5)) {
/* Connect to a listening socket */ /* Connect to a listening socket */
whitelist = xasprintf("unix:%s/", ovs_rundir()); allowed = xasprintf("unix:%s/", ovs_rundir());
if (strchr(c->target, '/') && if (strchr(c->target, '/') &&
!equal_pathnames(c->target, whitelist, !equal_pathnames(c->target, allowed, strlen(allowed))) {
strlen(whitelist))) {
/* Absolute path specified, but not in ovs_rundir */ /* Absolute path specified, but not in ovs_rundir */
VLOG_ERR_RL(&rl, "bridge %s: Not connecting to socket " VLOG_ERR_RL(&rl, "bridge %s: Not connecting to socket "
"controller \"%s\" due to possibility for " "controller \"%s\" due to possibility for "
"remote exploit. Instead, specify socket " "remote exploit. Instead, specify socket "
"in whitelisted \"%s\" or connect to " "in permitted directory \"%s\" or connect to "
"\"unix:%s/%s.mgmt\" (which is always " "\"unix:%s/%s.mgmt\" (which is always "
"available without special configuration).", "available without special configuration).",
br->name, c->target, whitelist, br->name, c->target, allowed,
ovs_rundir(), br->name); ovs_rundir(), br->name);
free(whitelist); free(allowed);
continue; continue;
} }
} else { } else {
whitelist = xasprintf("punix:%s/%s.", allowed = xasprintf("punix:%s/%s.",
ovs_rundir(), br->name); ovs_rundir(), br->name);
if (!equal_pathnames(c->target, whitelist, strlen(whitelist)) if (!equal_pathnames(c->target, allowed, strlen(allowed))
|| strchr(c->target + strlen(whitelist), '/')) { || strchr(c->target + strlen(allowed), '/')) {
/* Prevent remote ovsdb-server users from accessing /* Prevent remote ovsdb-server users from accessing
* arbitrary Unix domain sockets and overwriting arbitrary * arbitrary Unix domain sockets and overwriting arbitrary
* local files. */ * local files. */
VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket " VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
"controller \"%s\" due to possibility of " "controller \"%s\" due to possibility of "
"overwriting local files. Instead, specify " "overwriting local files. Instead, specify "
"path in whitelisted format \"%s*\" or " "path in permitted format \"%s*\" or "
"connect to \"unix:%s/%s.mgmt\" (which is " "connect to \"unix:%s/%s.mgmt\" (which is "
"always available without special " "always available without special "
"configuration).", "configuration).",
br->name, c->target, whitelist, br->name, c->target, allowed,
ovs_rundir(), br->name); ovs_rundir(), br->name);
free(whitelist); free(allowed);
continue; continue;
} }
} }
free(whitelist); free(allowed);
} }
bridge_configure_local_iface_netdev(br, c); bridge_configure_local_iface_netdev(br, c);

2
vswitchd/ovs-vswitchd.c
View File

@@ -228,7 +228,7 @@ parse_options(int argc, char *argv[], char **unixctl_pathp)
break; break;
case OPT_DISABLE_SYSTEM: case OPT_DISABLE_SYSTEM:
dp_blacklist_provider("system"); dp_disallow_provider("system");
break; break;
case OPT_DISABLE_SYSTEM_ROUTE: case OPT_DISABLE_SYSTEM_ROUTE:

2
vswitchd/vswitch.xml
View File

@@ -1072,7 +1072,7 @@
Drop all unencrypted tunneled packets in which the Drop all unencrypted tunneled packets in which the
least-significant bit of <code>skb_mark</code> is 0. This would least-significant bit of <code>skb_mark</code> is 0. This would
be a useful policy if no unencrypted tunneled traffic should exit be a useful policy if no unencrypted tunneled traffic should exit
the system without being specially whitelisted by setting the system without being specially permitted by setting
<code>skb_mark</code> to 1. <code>skb_mark</code> to 1.
</dd> </dd>