listener: keep ListenerFactoryContext small#7528
listener: keep ListenerFactoryContext small#7528mattklein123 merged 2 commits intoenvoyproxy:masterfrom
Conversation
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
|
@klarose @jrajahalme @mattklein123 |
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
Thanks, LGTM with some questions.
/wait
| }; | ||
|
|
||
| TEST_F(ListenerManagerImplWithRealFiltersTest, OriginalDstTestFilter) { | ||
| // Static scope required for the io_handle to be in scope for the lambda below |
There was a problem hiding this comment.
I'm a little concerned that we are losing some test coverage that matters here. Are you positive that this is not being used by existing listener filters? I'm not convinced. Can you see who added these tests and ask them?
There was a problem hiding this comment.
I remove the two functions from ListenerFactoryContext and the build is successful. That's the proof that no listener filter in the code tree is using it. Unfortunately I can never verify if private code is using ... and that is the linked issue for
| }; | ||
|
|
||
| TEST_F(ListenerManagerImplWithRealFiltersTest, OriginalDstTestFilter) { | ||
| // Static scope required for the io_handle to be in scope for the lambda below |
There was a problem hiding this comment.
I remove the two functions from ListenerFactoryContext and the build is successful. That's the proof that no listener filter in the code tree is using it. Unfortunately I can never verify if private code is using ... and that is the linked issue for
| fd = socket.ioHandle().fd(); | ||
| return true; | ||
| })); | ||
| context.addListenSocketOption(std::move(option)); |
There was a problem hiding this comment.
@mattklein123 The tricky test is verifying if createFilterFactoryFromProto is called but delegating it to ListenerFactoryContext::addListenSocketOption. This might be reasonable in the past but is not appropriate at this moment.
BTW I think
envoy/source/server/listener_manager_impl.cc
Lines 208 to 217 in 1ca1d13
ListenerFactoryContext
There was a problem hiding this comment.
I'm still concerned that people may have private listener filters that are using this and won't be able to now. Can you see who added the tests that you changed and ask them?
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
|
@jrajahalme The initial socket option changes in original dst listener filter was initiated by you in #2519 Could you confirm that it is not needed at the current code base? |
As noted in #7528 the newly added sanity checking of possibly sensitive file paths prevents legitimate usage of passing bootstrap via a non-CLOEXEC file descriptor from a generator helper that execs Envoy. This PR relaxes the validation such that any path resolving to a canonical path with the prefix /dev/fd/ is considered valid. Risk Level: Low Testing: Unit test case is added that was failing before the change and passes afterwards. In addition I've manually verified that the old behaviour of allowing /dev/fd/ paths works with my dev binary. Fixes #7258 Signed-off-by: Paul Banks <banks@banksco.de>
|
@jrajahalme Sorry to involve you in this PR. It's would be nice to have your confirm. Thanks! |
|
@silentdai Thanks for the heads-up! Unfortunately we currently depend on the functionality being removed here in the Cilium proxy (github.com/cilium/proxy) :-( It will take some time for me to figure out how to replace it with the listener config proto. I think it should be doable, as the option and the value are derived from the listener filter configuration. To expedite this, maybe you could give a hint how to set the Linux SO_MARK (socket mark option) using the listener config proto? |
|
OK, I looked through the |
|
@silentdai Changed Cilium to set the option in listener config instead (cilium/cilium/pull/8581), so I'm fine with this PR being merged :-) |
|
@jrajahalme Thanks! Will take a look at https://github.com/cilium/proxy/tree/master/cilium as well when I make further changes. |
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
|
@lambdai @mattklein123 This change is now coming to haunt me... I need to add a listen socket option that has a non-standard implementation, so that the current Listener config options are not enough. Would there be any appetite for reverting this change? |
3 participants
Signed-off-by: Yuchen Dai silentdai@gmail.com
Description:
ListenerFactoryContextis mainly used byNetworkFilterandListenerFilterto accessListener.Code base evolved and there is no use case to add listen socket options.
Instead, listener options should be added by Listener config proto
The existing usage are left in listener test to inject failure, probably fit the code in the past but should never seen in current code flow.
Risk Level: LOW
Testing: Modified tests
Fixes #7467