From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406344238588.7105795300794; Tue, 15 May 2018 10:45:44 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 744AF30DB29F; Tue, 15 May 2018 17:45:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 491B83001654; Tue, 15 May 2018 17:45:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F36C53D382; Tue, 15 May 2018 17:45:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhfYC004184 for ; Tue, 15 May 2018 13:43:41 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5BDB2112D197; Tue, 15 May 2018 17:43:41 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id DB097112D198; Tue, 15 May 2018 17:43:40 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:17 +0100 Message-Id: <20180515174337.11287-2-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 01/21] util: fix misleading command for virObjectLock X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 15 May 2018 17:45:43 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 It only accepts a virObjecLockable, not a virObjecRWLockable Signed-off-by: Daniel P. Berrang=C3=A9 --- src/util/virobject.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/virobject.c b/src/util/virobject.c index 9fb0328d58..a597ff4f54 100644 --- a/src/util/virobject.c +++ b/src/util/virobject.c @@ -408,7 +408,7 @@ virObjectGetRWLockableObj(void *anyobj) =20 /** * virObjectLock: - * @anyobj: any instance of virObjectLockable or virObjectRWLockable + * @anyobj: any instance of virObjectLockable * * Acquire a lock on @anyobj. The lock must be released by * virObjectUnlock. --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406349188339.3561672608422; Tue, 15 May 2018 10:45:49 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9F74EB272D; Tue, 15 May 2018 17:45:47 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6A50394330; Tue, 15 May 2018 17:45:47 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1519B3D380; Tue, 15 May 2018 17:45:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhg4S004190 for ; Tue, 15 May 2018 13:43:42 -0400 Received: by smtp.corp.redhat.com (Postfix) id 168AE112D197; Tue, 15 May 2018 17:43:42 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 95496112D198; Tue, 15 May 2018 17:43:41 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:18 +0100 Message-Id: <20180515174337.11287-3-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 02/21] conf: change virNWFilterBindingPtr to virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 15 May 2018 17:45:48 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 We are going to want to expose the NWFilter binding concept in the public API, so the virNWFilterBindingPtr type needs to be used there. Our internal type will shortly gain an XML representation, so rename it to virNWFilterBindingDefPtr which follows our normal conventions. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/nwfilter_conf.c | 24 ++++++++++++------------ src/conf/nwfilter_conf.h | 12 ++++++------ src/libvirt_private.syms | 4 ++-- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c index 452daa214a..6422f6b8ea 100644 --- a/src/conf/nwfilter_conf.c +++ b/src/conf/nwfilter_conf.c @@ -3268,25 +3268,25 @@ virNWFilterRuleIsProtocolEthernet(virNWFilterRuleDe= fPtr rule) =20 =20 void -virNWFilterBindingFree(virNWFilterBindingPtr binding) +virNWFilterBindingDefFree(virNWFilterBindingDefPtr def) { - if (!binding) + if (!def) return; =20 - VIR_FREE(binding->ownername); - VIR_FREE(binding->portdevname); - VIR_FREE(binding->linkdevname); - VIR_FREE(binding->filter); - virHashFree(binding->filterparams); + VIR_FREE(def->ownername); + VIR_FREE(def->portdevname); + VIR_FREE(def->linkdevname); + VIR_FREE(def->filter); + virHashFree(def->filterparams); =20 - VIR_FREE(binding); + VIR_FREE(def); } =20 =20 -virNWFilterBindingPtr -virNWFilterBindingCopy(virNWFilterBindingPtr src) +virNWFilterBindingDefPtr +virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src) { - virNWFilterBindingPtr ret; + virNWFilterBindingDefPtr ret; =20 if (VIR_ALLOC(ret) < 0) return NULL; @@ -3316,6 +3316,6 @@ virNWFilterBindingCopy(virNWFilterBindingPtr src) return ret; =20 error: - virNWFilterBindingFree(ret); + virNWFilterBindingDefFree(ret); return NULL; } diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h index 6fcbba4bd5..c72171f2f2 100644 --- a/src/conf/nwfilter_conf.h +++ b/src/conf/nwfilter_conf.h @@ -545,10 +545,10 @@ struct _virNWFilterDef { virNWFilterEntryPtr *filterEntries; }; =20 -typedef struct virNWFilterBinding virNWFilterBinding; -typedef virNWFilterBinding *virNWFilterBindingPtr; +typedef struct _virNWFilterBindingDef virNWFilterBindingDef; +typedef virNWFilterBindingDef *virNWFilterBindingDefPtr; =20 -struct virNWFilterBinding { +struct _virNWFilterBindingDef { char *ownername; unsigned char owneruuid[VIR_UUID_BUFLEN]; char *portdevname; @@ -664,9 +664,9 @@ bool virNWFilterRuleIsProtocolEthernet(virNWFilterRuleDefPtr rule); =20 void -virNWFilterBindingFree(virNWFilterBindingPtr binding); -virNWFilterBindingPtr -virNWFilterBindingCopy(virNWFilterBindingPtr src); +virNWFilterBindingDefFree(virNWFilterBindingDefPtr binding); +virNWFilterBindingDefPtr +virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src); =20 VIR_ENUM_DECL(virNWFilterRuleAction); VIR_ENUM_DECL(virNWFilterRuleDirection); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b03596ad4d..80062df3f7 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -781,8 +781,8 @@ virDomainNumatuneSpecifiedMaxNode; =20 =20 # conf/nwfilter_conf.h -virNWFilterBindingCopy; -virNWFilterBindingFree; +virNWFilterBindingDefCopy; +virNWFilterBindingDefFree; virNWFilterCallbackDriversLock; virNWFilterCallbackDriversUnlock; virNWFilterChainSuffixTypeToString; --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406358094208.96525475601038; Tue, 15 May 2018 10:45:58 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B116D31179BE; Tue, 15 May 2018 17:45:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 728A76313A; Tue, 15 May 2018 17:45:56 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1CCB34BB78; Tue, 15 May 2018 17:45:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhg1P004199 for ; Tue, 15 May 2018 13:43:43 -0400 Received: by smtp.corp.redhat.com (Postfix) id C3E70112D197; Tue, 15 May 2018 17:43:42 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4F4F0112D198; Tue, 15 May 2018 17:43:42 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:19 +0100 Message-Id: <20180515174337.11287-4-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 03/21] conf: add missing virxml.h include for nwfilter_params.h X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 15 May 2018 17:45:57 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 The nwfilter_params.h header references the xmlNodePtr type, so must include the virxml.h header to get the libxml2 types defined. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/nwfilter_params.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/conf/nwfilter_params.h b/src/conf/nwfilter_params.h index 9bdf65c033..f7355c37df 100644 --- a/src/conf/nwfilter_params.h +++ b/src/conf/nwfilter_params.h @@ -26,6 +26,7 @@ # include "virhash.h" # include "virbuffer.h" # include "virmacaddr.h" +# include "virxml.h" =20 typedef enum { NWFILTER_VALUE_TYPE_SIMPLE, --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406231000166.00240941013544; Tue, 15 May 2018 10:43:51 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E1DCF31179BE; Tue, 15 May 2018 17:43:48 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 221445D6B4; Tue, 15 May 2018 17:43:48 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1AFA3180B5AA; Tue, 15 May 2018 17:43:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhhsq004209 for ; Tue, 15 May 2018 13:43:43 -0400 Received: by smtp.corp.redhat.com (Postfix) id 7D3FB1002973; Tue, 15 May 2018 17:43:43 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 08A9F10A7E3B; Tue, 15 May 2018 17:43:42 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:20 +0100 Message-Id: <20180515174337.11287-5-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 04/21] conf: move virNWFilterBindingDefPtr into its own files X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 15 May 2018 17:43:49 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 There's no code sharing between virNWFilterDef and virNWFilterBindingDefPtr types, so it is clearer if they live in separate source files and headers. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/Makefile.inc.am | 2 + src/conf/nwfilter_conf.c | 54 --------------------- src/conf/nwfilter_conf.h | 17 ------- src/conf/virnwfilterbindingdef.c | 83 ++++++++++++++++++++++++++++++++ src/conf/virnwfilterbindingdef.h | 47 ++++++++++++++++++ src/libvirt_private.syms | 7 ++- 6 files changed, 137 insertions(+), 73 deletions(-) create mode 100644 src/conf/virnwfilterbindingdef.c create mode 100644 src/conf/virnwfilterbindingdef.h diff --git a/src/conf/Makefile.inc.am b/src/conf/Makefile.inc.am index 6d7b0f076b..f5fb323233 100644 --- a/src/conf/Makefile.inc.am +++ b/src/conf/Makefile.inc.am @@ -85,6 +85,8 @@ NWFILTER_CONF_SOURCES =3D \ conf/nwfilter_conf.h \ conf/virnwfilterobj.c \ conf/virnwfilterobj.h \ + conf/virnwfilterbindingdef.c \ + conf/virnwfilterbindingdef.h \ $(NULL) =20 STORAGE_CONF_SOURCES =3D \ diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c index 6422f6b8ea..de26a6d034 100644 --- a/src/conf/nwfilter_conf.c +++ b/src/conf/nwfilter_conf.c @@ -3265,57 +3265,3 @@ virNWFilterRuleIsProtocolEthernet(virNWFilterRuleDef= Ptr rule) return true; return false; } - - -void -virNWFilterBindingDefFree(virNWFilterBindingDefPtr def) -{ - if (!def) - return; - - VIR_FREE(def->ownername); - VIR_FREE(def->portdevname); - VIR_FREE(def->linkdevname); - VIR_FREE(def->filter); - virHashFree(def->filterparams); - - VIR_FREE(def); -} - - -virNWFilterBindingDefPtr -virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src) -{ - virNWFilterBindingDefPtr ret; - - if (VIR_ALLOC(ret) < 0) - return NULL; - - if (VIR_STRDUP(ret->ownername, src->ownername) < 0) - goto error; - - memcpy(ret->owneruuid, src->owneruuid, sizeof(ret->owneruuid)); - - if (VIR_STRDUP(ret->portdevname, src->portdevname) < 0) - goto error; - - if (VIR_STRDUP(ret->linkdevname, src->linkdevname) < 0) - goto error; - - ret->mac =3D src->mac; - - if (VIR_STRDUP(ret->filter, src->filter) < 0) - goto error; - - if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) - goto error; - - if (virNWFilterHashTablePutAll(src->filterparams, ret->filterparams) <= 0) - goto error; - - return ret; - - error: - virNWFilterBindingDefFree(ret); - return NULL; -} diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h index c72171f2f2..08fc07c55c 100644 --- a/src/conf/nwfilter_conf.h +++ b/src/conf/nwfilter_conf.h @@ -545,19 +545,6 @@ struct _virNWFilterDef { virNWFilterEntryPtr *filterEntries; }; =20 -typedef struct _virNWFilterBindingDef virNWFilterBindingDef; -typedef virNWFilterBindingDef *virNWFilterBindingDefPtr; - -struct _virNWFilterBindingDef { - char *ownername; - unsigned char owneruuid[VIR_UUID_BUFLEN]; - char *portdevname; - char *linkdevname; - virMacAddr mac; - char *filter; - virHashTablePtr filterparams; -}; - =20 typedef enum { STEP_APPLY_NEW, @@ -663,10 +650,6 @@ virNWFilterRuleIsProtocolIPv6(virNWFilterRuleDefPtr ru= le); bool virNWFilterRuleIsProtocolEthernet(virNWFilterRuleDefPtr rule); =20 -void -virNWFilterBindingDefFree(virNWFilterBindingDefPtr binding); -virNWFilterBindingDefPtr -virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src); =20 VIR_ENUM_DECL(virNWFilterRuleAction); VIR_ENUM_DECL(virNWFilterRuleDirection); diff --git a/src/conf/virnwfilterbindingdef.c b/src/conf/virnwfilterbinding= def.c new file mode 100644 index 0000000000..c7533d4063 --- /dev/null +++ b/src/conf/virnwfilterbindingdef.c @@ -0,0 +1,83 @@ +/* + * virnwfilterbindingdef.c: network filter binding XML processing + * + * Copyright (C) 2018 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#include + +#include "viralloc.h" +#include "virerror.h" +#include "virstring.h" +#include "nwfilter_params.h" +#include "virnwfilterbindingdef.h" + + +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +void +virNWFilterBindingDefFree(virNWFilterBindingDefPtr def) +{ + if (!def) + return; + + VIR_FREE(def->ownername); + VIR_FREE(def->portdevname); + VIR_FREE(def->linkdevname); + VIR_FREE(def->filter); + virHashFree(def->filterparams); + + VIR_FREE(def); +} + + +virNWFilterBindingDefPtr +virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src) +{ + virNWFilterBindingDefPtr ret; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + if (VIR_STRDUP(ret->ownername, src->ownername) < 0) + goto error; + + memcpy(ret->owneruuid, src->owneruuid, sizeof(ret->owneruuid)); + + if (VIR_STRDUP(ret->portdevname, src->portdevname) < 0) + goto error; + + if (VIR_STRDUP(ret->linkdevname, src->linkdevname) < 0) + goto error; + + ret->mac =3D src->mac; + + if (VIR_STRDUP(ret->filter, src->filter) < 0) + goto error; + + if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) + goto error; + + if (virNWFilterHashTablePutAll(src->filterparams, ret->filterparams) <= 0) + goto error; + + return ret; + + error: + virNWFilterBindingDefFree(ret); + return NULL; +} diff --git a/src/conf/virnwfilterbindingdef.h b/src/conf/virnwfilterbinding= def.h new file mode 100644 index 0000000000..e3b18af151 --- /dev/null +++ b/src/conf/virnwfilterbindingdef.h @@ -0,0 +1,47 @@ +/* + * virnwfilterbindingdef.h: network filter binding XML processing + * + * Copyright (C) 2018 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + */ +#ifndef VIR_NWFILTER_BINDING_DEF_H +# define VIR_NWFILTER_BINDING_DEF_H + +# include "internal.h" +# include "virmacaddr.h" +# include "virhash.h" + +typedef struct _virNWFilterBindingDef virNWFilterBindingDef; +typedef virNWFilterBindingDef *virNWFilterBindingDefPtr; + +struct _virNWFilterBindingDef { + char *ownername; + unsigned char owneruuid[VIR_UUID_BUFLEN]; + char *portdevname; + char *linkdevname; + virMacAddr mac; + char *filter; + virHashTablePtr filterparams; +}; + + +void +virNWFilterBindingDefFree(virNWFilterBindingDefPtr binding); +virNWFilterBindingDefPtr +virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src); + +#endif /* VIR_NWFILTER_BINDING_DEF_H */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 80062df3f7..fb754fbfea 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -781,8 +781,6 @@ virDomainNumatuneSpecifiedMaxNode; =20 =20 # conf/nwfilter_conf.h -virNWFilterBindingDefCopy; -virNWFilterBindingDefFree; virNWFilterCallbackDriversLock; virNWFilterCallbackDriversUnlock; virNWFilterChainSuffixTypeToString; @@ -1043,6 +1041,11 @@ virNodeDeviceObjListNumOfDevices; virNodeDeviceObjListRemove; =20 =20 +# conf/virnwfilterbindingdef.h +virNWFilterBindingDefCopy; +virNWFilterBindingDefFree; + + # conf/virnwfilterobj.h virNWFilterObjGetDef; virNWFilterObjGetNewDef; --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406241466752.8999219408219; Tue, 15 May 2018 10:44:01 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0A17D30C0701; Tue, 15 May 2018 17:44:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CAB59600C0; Tue, 15 May 2018 17:43:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7C0244BB79; Tue, 15 May 2018 17:43:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhi7k004218 for ; Tue, 15 May 2018 13:43:44 -0400 Received: by smtp.corp.redhat.com (Postfix) id 37C3A112D198; Tue, 15 May 2018 17:43:44 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id B634910A7E3D; Tue, 15 May 2018 17:43:43 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:21 +0100 Message-Id: <20180515174337.11287-6-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 05/21] conf: add support for parsing/formatting virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Tue, 15 May 2018 17:44:00 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 A typical XML representation of the virNWFilterBindingDefPtr struct looks like this: f25arm7 12ac8b8c-4f23-4248-ae42-fdcd50c400fd Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/virnwfilterbindingdef.c | 196 ++++++++++++++++++ src/conf/virnwfilterbindingdef.h | 18 ++ src/libvirt_private.syms | 5 + tests/Makefile.am | 7 + .../filter-vars.xml | 11 + .../virnwfilterbindingxml2xmldata/simple.xml | 9 + tests/virnwfilterbindingxml2xmltest.c | 113 ++++++++++ 7 files changed, 359 insertions(+) create mode 100644 tests/virnwfilterbindingxml2xmldata/filter-vars.xml create mode 100644 tests/virnwfilterbindingxml2xmldata/simple.xml create mode 100644 tests/virnwfilterbindingxml2xmltest.c diff --git a/src/conf/virnwfilterbindingdef.c b/src/conf/virnwfilterbinding= def.c index c7533d4063..23c040ab05 100644 --- a/src/conf/virnwfilterbindingdef.c +++ b/src/conf/virnwfilterbindingdef.c @@ -25,6 +25,7 @@ #include "virstring.h" #include "nwfilter_params.h" #include "virnwfilterbindingdef.h" +#include "viruuid.h" =20 =20 #define VIR_FROM_THIS VIR_FROM_NWFILTER @@ -81,3 +82,198 @@ virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src) virNWFilterBindingDefFree(ret); return NULL; } + + +static virNWFilterBindingDefPtr +virNWFilterBindingDefParseXML(xmlXPathContextPtr ctxt) +{ + virNWFilterBindingDefPtr ret; + char *uuid =3D NULL; + char *mac =3D NULL; + xmlNodePtr node; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + ret->portdevname =3D virXPathString("string(./portdev/@name)", ctxt); + if (!ret->portdevname) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no port dev name")); + goto cleanup; + } + + if (virXPathNode("./linkdev", ctxt)) { + ret->linkdevname =3D virXPathString("string(./linkdev/@name)", ctx= t); + if (!ret->linkdevname) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no link dev name")); + goto cleanup; + } + } + + ret->ownername =3D virXPathString("string(./owner/name)", ctxt); + if (!ret->ownername) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no owner name")); + goto cleanup; + } + + uuid =3D virXPathString("string(./owner/uuid)", ctxt); + if (!uuid) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no owner UUID")); + goto cleanup; + } + + if (virUUIDParse(uuid, ret->owneruuid) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unable to parse UUID '%s'"), uuid); + VIR_FREE(uuid); + goto cleanup; + } + VIR_FREE(uuid); + + mac =3D virXPathString("string(./mac/@address)", ctxt); + if (!mac) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no MAC address")); + goto cleanup; + } + + if (virMacAddrParse(mac, &ret->mac) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unable to parse MAC '%s'"), mac); + VIR_FREE(mac); + goto cleanup; + } + VIR_FREE(mac); + + ret->filter =3D virXPathString("string(./filterref/@filter)", ctxt); + if (!ret->filter) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding has no filter reference")); + goto cleanup; + } + + node =3D virXPathNode("./filterref", ctxt); + if (node && + !(ret->filterparams =3D virNWFilterParseParamAttributes(node))) + goto cleanup; + + return ret; + + cleanup: + virNWFilterBindingDefFree(ret); + return NULL; +} + + +virNWFilterBindingDefPtr +virNWFilterBindingDefParseNode(xmlDocPtr xml, + xmlNodePtr root) +{ + xmlXPathContextPtr ctxt =3D NULL; + virNWFilterBindingDefPtr def =3D NULL; + + if (STRNEQ((const char *)root->name, "filterbinding")) { + virReportError(VIR_ERR_XML_ERROR, + "%s", + _("unknown root element for nwfilter binding")); + goto cleanup; + } + + ctxt =3D xmlXPathNewContext(xml); + if (ctxt =3D=3D NULL) { + virReportOOMError(); + goto cleanup; + } + + ctxt->node =3D root; + def =3D virNWFilterBindingDefParseXML(ctxt); + + cleanup: + xmlXPathFreeContext(ctxt); + return def; +} + + +static virNWFilterBindingDefPtr +virNWFilterBindingDefParse(const char *xmlStr, + const char *filename) +{ + virNWFilterBindingDefPtr def =3D NULL; + xmlDocPtr xml; + + if ((xml =3D virXMLParse(filename, xmlStr, _("(nwfilterbinding_definit= ion)")))) { + def =3D virNWFilterBindingDefParseNode(xml, xmlDocGetRootElement(x= ml)); + xmlFreeDoc(xml); + } + + return def; +} + + +virNWFilterBindingDefPtr +virNWFilterBindingDefParseString(const char *xmlStr) +{ + return virNWFilterBindingDefParse(xmlStr, NULL); +} + + +virNWFilterBindingDefPtr +virNWFilterBindingDefParseFile(const char *filename) +{ + return virNWFilterBindingDefParse(NULL, filename); +} + +char * +virNWFilterBindingDefFormat(const virNWFilterBindingDef *def) +{ + virBuffer buf =3D VIR_BUFFER_INITIALIZER; + + if (virNWFilterBindingDefFormatBuf(&buf, def) < 0) { + virBufferFreeAndReset(&buf); + return NULL; + } + + if (virBufferCheckError(&buf) < 0) + return NULL; + + return virBufferContentAndReset(&buf); +} + + +int +virNWFilterBindingDefFormatBuf(virBufferPtr buf, + const virNWFilterBindingDef *def) +{ + char uuid[VIR_UUID_STRING_BUFLEN]; + char mac[VIR_MAC_STRING_BUFLEN]; + + virBufferAddLit(buf, "\n"); + + virBufferAdjustIndent(buf, 2); + + virBufferAddLit(buf, "\n"); + virBufferAdjustIndent(buf, 2); + virBufferEscapeString(buf, "%s\n", def->ownername); + virUUIDFormat(def->owneruuid, uuid); + virBufferAsprintf(buf, "%s\n", uuid); + virBufferAdjustIndent(buf, -2); + virBufferAddLit(buf, "\n"); + + virBufferEscapeString(buf, "\n", def->portdevnam= e); + if (def->linkdevname) + virBufferEscapeString(buf, "\n", def->linkde= vname); + + virMacAddrFormat(&def->mac, mac); + virBufferAsprintf(buf, "\n", mac); + + if (virNWFilterFormatParamAttributes(buf, def->filterparams, def->filt= er) < 0) + return -1; + + virBufferAdjustIndent(buf, -2); + virBufferAddLit(buf, "\n"); + + return 0; +} diff --git a/src/conf/virnwfilterbindingdef.h b/src/conf/virnwfilterbinding= def.h index e3b18af151..af7fab6064 100644 --- a/src/conf/virnwfilterbindingdef.h +++ b/src/conf/virnwfilterbindingdef.h @@ -24,6 +24,7 @@ # include "internal.h" # include "virmacaddr.h" # include "virhash.h" +# include "virbuffer.h" =20 typedef struct _virNWFilterBindingDef virNWFilterBindingDef; typedef virNWFilterBindingDef *virNWFilterBindingDefPtr; @@ -44,4 +45,21 @@ virNWFilterBindingDefFree(virNWFilterBindingDefPtr bindi= ng); virNWFilterBindingDefPtr virNWFilterBindingDefCopy(virNWFilterBindingDefPtr src); =20 +virNWFilterBindingDefPtr +virNWFilterBindingDefParseNode(xmlDocPtr xml, + xmlNodePtr root); + +virNWFilterBindingDefPtr +virNWFilterBindingDefParseString(const char *xml); + +virNWFilterBindingDefPtr +virNWFilterBindingDefParseFile(const char *filename); + +char * +virNWFilterBindingDefFormat(const virNWFilterBindingDef *def); + +int +virNWFilterBindingDefFormatBuf(virBufferPtr buf, + const virNWFilterBindingDef *def); + #endif /* VIR_NWFILTER_BINDING_DEF_H */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index fb754fbfea..03145c70d5 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1043,7 +1043,12 @@ virNodeDeviceObjListRemove; =20 # conf/virnwfilterbindingdef.h virNWFilterBindingDefCopy; +virNWFilterBindingDefFormat; +virNWFilterBindingDefFormatBuf; virNWFilterBindingDefFree; +virNWFilterBindingDefParseFile; +virNWFilterBindingDefParseNode; +virNWFilterBindingDefParseString; =20 =20 # conf/virnwfilterobj.h diff --git a/tests/Makefile.am b/tests/Makefile.am index 621480dd0c..036335e770 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -156,6 +156,7 @@ EXTRA_DIST =3D \ virmock.h \ virnetdaemondata \ virnetdevtestdata \ + virnwfilterbindingxml2xmldata \ virpcitestdata \ virscsidata \ virsh-uriprecedence \ @@ -352,6 +353,7 @@ test_programs +=3D storagebackendsheepdogtest endif WITH_STORAGE_SHEEPDOG =20 test_programs +=3D nwfilterxml2xmltest +test_programs +=3D virnwfilterbindingxml2xmltest =20 if WITH_NWFILTER test_programs +=3D nwfilterebiptablestest @@ -855,6 +857,11 @@ nwfilterxml2xmltest_SOURCES =3D \ testutils.c testutils.h nwfilterxml2xmltest_LDADD =3D $(LDADDS) =20 +virnwfilterbindingxml2xmltest_SOURCES =3D \ + virnwfilterbindingxml2xmltest.c \ + testutils.c testutils.h +virnwfilterbindingxml2xmltest_LDADD =3D $(LDADDS) + if WITH_NWFILTER nwfilterebiptablestest_SOURCES =3D \ nwfilterebiptablestest.c \ diff --git a/tests/virnwfilterbindingxml2xmldata/filter-vars.xml b/tests/vi= rnwfilterbindingxml2xmldata/filter-vars.xml new file mode 100644 index 0000000000..dcff9640ce --- /dev/null +++ b/tests/virnwfilterbindingxml2xmldata/filter-vars.xml @@ -0,0 +1,11 @@ + + + memtest + d54df46f-1ab5-4a22-8618-4560ef5fac2c + + + + + + + diff --git a/tests/virnwfilterbindingxml2xmldata/simple.xml b/tests/virnwfi= lterbindingxml2xmldata/simple.xml new file mode 100644 index 0000000000..4577729a3c --- /dev/null +++ b/tests/virnwfilterbindingxml2xmldata/simple.xml @@ -0,0 +1,9 @@ + + + memtest + d54df46f-1ab5-4a22-8618-4560ef5fac2c + + + + + diff --git a/tests/virnwfilterbindingxml2xmltest.c b/tests/virnwfilterbindi= ngxml2xmltest.c new file mode 100644 index 0000000000..96edbdcf59 --- /dev/null +++ b/tests/virnwfilterbindingxml2xmltest.c @@ -0,0 +1,113 @@ +/* + * virnwfilterbindingxml2xmltest.h: network filter binding XML testing + * + * Copyright (C) 2018 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + */ + +#include + +#include +#include +#include +#include + +#include +#include + +#include "internal.h" +#include "testutils.h" +#include "virxml.h" +#include "virnwfilterbindingdef.h" +#include "testutilsqemu.h" +#include "virstring.h" + +#define VIR_FROM_THIS VIR_FROM_NONE + +static int +testCompareXMLToXMLFiles(const char *xml) +{ + char *actual =3D NULL; + int ret =3D -1; + virNWFilterBindingDefPtr dev =3D NULL; + + virResetLastError(); + + if (!(dev =3D virNWFilterBindingDefParseFile(xml))) { + goto fail; + } + + if (!(actual =3D virNWFilterBindingDefFormat(dev))) + goto fail; + + if (virTestCompareToFile(actual, xml) < 0) + goto fail; + + ret =3D 0; + + fail: + VIR_FREE(actual); + virNWFilterBindingDefFree(dev); + return ret; +} + +typedef struct test_parms { + const char *name; +} test_parms; + +static int +testCompareXMLToXMLHelper(const void *data) +{ + int result =3D -1; + const test_parms *tp =3D data; + char *xml =3D NULL; + + if (virAsprintf(&xml, "%s/virnwfilterbindingxml2xmldata/%s.xml", + abs_srcdir, tp->name) < 0) { + goto cleanup; + } + + result =3D testCompareXMLToXMLFiles(xml); + + cleanup: + VIR_FREE(xml); + + return result; +} + +static int +mymain(void) +{ + int ret =3D 0; + +#define DO_TEST(NAME) \ + do { \ + test_parms tp =3D { \ + .name =3D NAME, \ + }; \ + if (virTestRun("NWFilter XML-2-XML " NAME, \ + testCompareXMLToXMLHelper, (&tp)) < 0) \ + ret =3D -1; \ + } while (0) + + DO_TEST("simple"); + DO_TEST("filter-vars"); + + return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; +} + +VIR_TEST_MAIN(mymain) --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406367779387.2128515934388; Tue, 15 May 2018 10:46:07 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 09E9831760EE; Tue, 15 May 2018 17:46:06 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C5FDE30001DA; Tue, 15 May 2018 17:46:05 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6EA2A3D380; Tue, 15 May 2018 17:46:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhjnm004223 for ; Tue, 15 May 2018 13:43:45 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0FEF9112D198; Tue, 15 May 2018 17:43:45 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 70043112D19A; Tue, 15 May 2018 17:43:44 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:22 +0100 Message-Id: <20180515174337.11287-7-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 06/21] schemas: add schema for nwfilter binding XML document X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Tue, 15 May 2018 17:46:06 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- docs/schemas/domaincommon.rng | 27 +----------------- docs/schemas/nwfilter.rng | 29 +------------------ docs/schemas/nwfilter_params.rng | 32 +++++++++++++++++++++ docs/schemas/nwfilterbinding.rng | 49 ++++++++++++++++++++++++++++++++ tests/virschematest.c | 1 + 5 files changed, 84 insertions(+), 54 deletions(-) create mode 100644 docs/schemas/nwfilter_params.rng create mode 100644 docs/schemas/nwfilterbinding.rng diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index ff539607cc..f1661d29b6 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -5,6 +5,7 @@ + =20 + + + + + + + + + + + + + + + + + + + + + [a-zA-Z0-9_]+ + + + + + [a-zA-Z0-9_\.:]+ + + + + diff --git a/docs/schemas/nwfilterbinding.rng b/docs/schemas/nwfilterbindin= g.rng new file mode 100644 index 0000000000..dcfc67fdd6 --- /dev/null +++ b/docs/schemas/nwfilterbinding.rng @@ -0,0 +1,49 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/tests/virschematest.c b/tests/virschematest.c index 2d35833919..5bae022111 100644 --- a/tests/virschematest.c +++ b/tests/virschematest.c @@ -230,6 +230,7 @@ mymain(void) "networkxml2xmlout", "networkxml2confdata"); DO_TEST_DIR("nodedev.rng", "nodedevschemadata"); DO_TEST_DIR("nwfilter.rng", "nwfilterxml2xmlout"); + DO_TEST_DIR("nwfilterbinding.rng", "virnwfilterbindingxml2xmldata"); DO_TEST_DIR("secret.rng", "secretxml2xmlin"); DO_TEST_DIR("storagepool.rng", "storagepoolxml2xmlin", "storagepoolxml= 2xmlout", "storagepoolschemadata"); --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152640637693678.21067930225092; Tue, 15 May 2018 10:46:16 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 76665C0092DE; Tue, 15 May 2018 17:46:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3E257100191B; Tue, 15 May 2018 17:46:15 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E89E84BB79; Tue, 15 May 2018 17:46:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhkuX004230 for ; Tue, 15 May 2018 13:43:46 -0400 Received: by smtp.corp.redhat.com (Postfix) id 23F5D1002973; Tue, 15 May 2018 17:43:46 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 57B6810A7E3B; Tue, 15 May 2018 17:43:45 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:23 +0100 Message-Id: <20180515174337.11287-8-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 07/21] nwfilter: export port binding concept in the public API X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 15 May 2018 17:46:16 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 When the daemons are split there will need to be a way for the virt drivers and/or network driver to create and delete bindings between network ports and network filters. This defines a set of public APIs that are suitable for managing this facility. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- include/libvirt/libvirt-nwfilter.h | 39 ++++ include/libvirt/virterror.h | 2 + src/datatypes.c | 67 +++++++ src/datatypes.h | 31 +++ src/driver-nwfilter.h | 30 +++ src/libvirt-nwfilter.c | 305 +++++++++++++++++++++++++++++ src/libvirt_private.syms | 1 + src/libvirt_public.syms | 13 ++ src/util/virerror.c | 12 ++ 9 files changed, 500 insertions(+) diff --git a/include/libvirt/libvirt-nwfilter.h b/include/libvirt/libvirt-n= wfilter.h index 9f01c175a9..20e6d1ff9a 100644 --- a/include/libvirt/libvirt-nwfilter.h +++ b/include/libvirt/libvirt-nwfilter.h @@ -43,6 +43,23 @@ typedef struct _virNWFilter virNWFilter; */ typedef virNWFilter *virNWFilterPtr; =20 +/** + * virNWFilterBinding: + * + * a virNWFilterBinding is a private structure representing a network + * filter binding to a port + */ +typedef struct _virNWFilterBinding virNWFilterBinding; + +/** + * virNWFilterBindingPtr: + * + * a virNWFilterBindingPtr is pointer to a virNWFilterBinding private + * structure, this is the type used to reference a network filter + * port binding in the API. + */ +typedef virNWFilterBinding *virNWFilterBindingPtr; + =20 /* * List NWFilters @@ -92,4 +109,26 @@ int virNWFilterGetUUIDString (virNW= FilterPtr nwfilter, char * virNWFilterGetXMLDesc (virNWFilterPtr nwfilter, unsigned int flags); =20 + +virNWFilterBindingPtr virNWFilterBindingLookupByPortDev(virConnectPtr co= nn, + const char *port= dev); + +const char * virNWFilterBindingGetPortDev(virNWFilterBindingPtr= binding); +const char * virNWFilterBindingGetFilterName(virNWFilterBinding= Ptr binding); + +int virConnectListAllNWFilterBindings(virConnectPtr co= nn, + virNWFilterBindi= ngPtr **bindings, + unsigned int fla= gs); + +virNWFilterBindingPtr virNWFilterBindingCreateXML(virConnectPtr conn, + const char *xml, + unsigned int flags); + +char * virNWFilterBindingGetXMLDesc(virNWFilterBindingPtr= binding, + unsigned int flags); + +int virNWFilterBindingDelete(virNWFilterBindingPtr bin= ding); +int virNWFilterBindingRef(virNWFilterBindingPtr bindin= g); +int virNWFilterBindingFree(virNWFilterBindingPtr bindi= ng); + #endif /* __VIR_LIBVIRT_NWFILTER_H__ */ diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h index 3e7c7a02c7..02bc141f1c 100644 --- a/include/libvirt/virterror.h +++ b/include/libvirt/virterror.h @@ -321,6 +321,8 @@ typedef enum { to guest-sync command (DEPRECAT= ED)*/ VIR_ERR_LIBSSH =3D 98, /* error in libssh transport dri= ver */ VIR_ERR_DEVICE_MISSING =3D 99, /* fail to find the desired devi= ce */ + VIR_ERR_INVALID_NWFILTER_BINDING =3D 100, /* invalid nwfilter binding= */ + VIR_ERR_NO_NWFILTER_BINDING =3D 101, /* no nwfilter binding */ } virErrorNumber; =20 /** diff --git a/src/datatypes.c b/src/datatypes.c index 09b8eea5a2..878a1c5b5f 100644 --- a/src/datatypes.c +++ b/src/datatypes.c @@ -41,6 +41,7 @@ virClassPtr virInterfaceClass; virClassPtr virNetworkClass; virClassPtr virNodeDeviceClass; virClassPtr virNWFilterClass; +virClassPtr virNWFilterBindingClass; virClassPtr virSecretClass; virClassPtr virStreamClass; virClassPtr virStorageVolClass; @@ -54,6 +55,7 @@ static void virInterfaceDispose(void *obj); static void virNetworkDispose(void *obj); static void virNodeDeviceDispose(void *obj); static void virNWFilterDispose(void *obj); +static void virNWFilterBindingDispose(void *obj); static void virSecretDispose(void *obj); static void virStreamDispose(void *obj); static void virStorageVolDispose(void *obj); @@ -89,6 +91,7 @@ virDataTypesOnceInit(void) DECLARE_CLASS(virNetwork); DECLARE_CLASS(virNodeDevice); DECLARE_CLASS(virNWFilter); + DECLARE_CLASS(virNWFilterBinding); DECLARE_CLASS(virSecret); DECLARE_CLASS(virStream); DECLARE_CLASS(virStorageVol); @@ -830,6 +833,70 @@ virNWFilterDispose(void *obj) } =20 =20 +/** + * virGetNWFilterBinding: + * @conn: the hypervisor connection + * @portdev: pointer to the network filter port device name + * @filtername: name of the network filter + * + * Allocates a new network filter binding object. When the object is no lo= nger + * needed, virObjectUnref() must be called in order to not leak data. + * + * Returns a pointer to the network filter binding object, or NULL on erro= r. + */ +virNWFilterBindingPtr +virGetNWFilterBinding(virConnectPtr conn, const char *portdev, + const char *filtername) +{ + virNWFilterBindingPtr ret =3D NULL; + + if (virDataTypesInitialize() < 0) + return NULL; + + virCheckConnectGoto(conn, error); + virCheckNonNullArgGoto(portdev, error); + + if (!(ret =3D virObjectNew(virNWFilterBindingClass))) + goto error; + + if (VIR_STRDUP(ret->portdev, portdev) < 0) + goto error; + + if (VIR_STRDUP(ret->filtername, filtername) < 0) + goto error; + + ret->conn =3D virObjectRef(conn); + + return ret; + + error: + virObjectUnref(ret); + return NULL; +} + + +/** + * virNWFilterBindingDispose: + * @obj: the network filter binding to release + * + * Unconditionally release all memory associated with a nwfilter binding. + * The nwfilter binding object must not be used once this method returns. + * + * It will also unreference the associated connection object, + * which may also be released if its ref count hits zero. + */ +static void +virNWFilterBindingDispose(void *obj) +{ + virNWFilterBindingPtr binding =3D obj; + + VIR_DEBUG("release binding %p %s", binding, binding->portdev); + + VIR_FREE(binding->portdev); + virObjectUnref(binding->conn); +} + + /** * virGetDomainSnapshot: * @domain: the domain to snapshot diff --git a/src/datatypes.h b/src/datatypes.h index 192c86be80..e1b38706dc 100644 --- a/src/datatypes.h +++ b/src/datatypes.h @@ -36,6 +36,7 @@ extern virClassPtr virInterfaceClass; extern virClassPtr virNetworkClass; extern virClassPtr virNodeDeviceClass; extern virClassPtr virNWFilterClass; +extern virClassPtr virNWFilterBindingClass; extern virClassPtr virSecretClass; extern virClassPtr virStreamClass; extern virClassPtr virStorageVolClass; @@ -277,6 +278,20 @@ extern virClassPtr virAdmClientClass; } \ } while (0) =20 +# define virCheckNWFilterBindingReturn(obj, retval) \ + do { \ + virNWFilterBindingPtr _nw =3D (obj); \ + if (!virObjectIsClass(_nw, virNWFilterBindingClass) || \ + !virObjectIsClass(_nw->conn, virConnectClass)) { \ + virReportErrorHelper(VIR_FROM_NWFILTER, \ + VIR_ERR_INVALID_NWFILTER_BINDING, \ + __FILE__, __FUNCTION__, __LINE__, \ + __FUNCTION__); \ + virDispatchError(NULL); \ + return retval; \ + } \ + } while (0) + # define virCheckDomainSnapshotReturn(obj, retval) \ do { \ virDomainSnapshotPtr _snap =3D (obj); \ @@ -676,6 +691,19 @@ struct _virNWFilter { }; =20 =20 +/** +* _virNWFilterBinding: +* +* Internal structure associated to a network filter port binding +*/ +struct _virNWFilterBinding { + virObject parent; + virConnectPtr conn; /* pointer back to the connection= */ + char *portdev; /* the network filter port device= name */ + char *filtername; /* the network filter name */ +}; + + /* * Helper APIs for allocating new object instances */ @@ -712,6 +740,9 @@ virStreamPtr virGetStream(virConnectPtr conn); virNWFilterPtr virGetNWFilter(virConnectPtr conn, const char *name, const unsigned char *uuid); +virNWFilterBindingPtr virGetNWFilterBinding(virConnectPtr conn, + const char *portdev, + const char *filtername); virDomainSnapshotPtr virGetDomainSnapshot(virDomainPtr domain, const char *name); =20 diff --git a/src/driver-nwfilter.h b/src/driver-nwfilter.h index cb49542f92..2c3e480a32 100644 --- a/src/driver-nwfilter.h +++ b/src/driver-nwfilter.h @@ -57,6 +57,31 @@ typedef char * (*virDrvNWFilterGetXMLDesc)(virNWFilterPtr nwfilter, unsigned int flags); =20 +typedef virNWFilterBindingPtr +(*virDrvNWFilterBindingLookupByPortDev)(virConnectPtr conn, + const char *portdev); + +typedef int +(*virDrvConnectListAllNWFilterBindings)(virConnectPtr conn, + virNWFilterBindingPtr **bindings, + unsigned int flags); + +typedef virNWFilterBindingPtr +(*virDrvNWFilterBindingCreateXML)(virConnectPtr conn, + const char *xml, + unsigned int flags); + +typedef char * +(*virDrvNWFilterBindingGetXMLDesc)(virNWFilterBindingPtr binding, + unsigned int flags); + +typedef int +(*virDrvNWFilterBindingDelete)(virNWFilterBindingPtr binding); +typedef int +(*virDrvNWFilterBindingRef)(virNWFilterBindingPtr binding); +typedef int +(*virDrvNWFilterBindingFree)(virNWFilterBindingPtr binding); + =20 typedef struct _virNWFilterDriver virNWFilterDriver; typedef virNWFilterDriver *virNWFilterDriverPtr; @@ -77,6 +102,11 @@ struct _virNWFilterDriver { virDrvNWFilterDefineXML nwfilterDefineXML; virDrvNWFilterUndefine nwfilterUndefine; virDrvNWFilterGetXMLDesc nwfilterGetXMLDesc; + virDrvConnectListAllNWFilterBindings connectListAllNWFilterBindings; + virDrvNWFilterBindingLookupByPortDev nwfilterBindingLookupByPortDev; + virDrvNWFilterBindingCreateXML nwfilterBindingCreateXML; + virDrvNWFilterBindingDelete nwfilterBindingDelete; + virDrvNWFilterBindingGetXMLDesc nwfilterBindingGetXMLDesc; }; =20 =20 diff --git a/src/libvirt-nwfilter.c b/src/libvirt-nwfilter.c index 948c30deef..e572d46c18 100644 --- a/src/libvirt-nwfilter.c +++ b/src/libvirt-nwfilter.c @@ -513,3 +513,308 @@ virNWFilterRef(virNWFilterPtr nwfilter) virObjectRef(nwfilter); return 0; } + + +/** + * virConnectListAllNWFilterBindings: + * @conn: Pointer to the hypervisor connection. + * @bindings: Pointer to a variable to store the array containing the netw= ork + * filter objects or NULL if the list is not required (just ret= urns + * number of network filters). + * @flags: extra flags; not used yet, so callers should always pass 0 + * + * Collect the list of network filters, and allocate an array to store tho= se + * objects. + * + * Returns the number of network filters found or -1 and sets @filters to = NULL + * in case of error. On success, the array stored into @filters is guaran= teed to + * have an extra allocated element set to NULL but not included in the ret= urn count, + * to make iteration easier. The caller is responsible for calling + * virNWFilterFree() on each array element, then calling free() on @filter= s. + */ +int +virConnectListAllNWFilterBindings(virConnectPtr conn, + virNWFilterBindingPtr **bindings, + unsigned int flags) +{ + VIR_DEBUG("conn=3D%p, bindings=3D%p, flags=3D0x%x", conn, bindings, fl= ags); + + virResetLastError(); + + if (bindings) + *bindings =3D NULL; + + virCheckConnectReturn(conn, -1); + + if (conn->nwfilterDriver && + conn->nwfilterDriver->connectListAllNWFilterBindings) { + int ret; + ret =3D conn->nwfilterDriver->connectListAllNWFilterBindings(conn,= bindings, flags); + if (ret < 0) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(conn); + return -1; +} + + +/** + * virNWFilterBindingLookupByPortDev: + * @conn: pointer to the hypervisor connection + * @portdev: name for the network port device + * + * Try to lookup a network filter binding on the given hypervisor based + * on network port device name. + * + * virNWFilterBindingFree should be used to free the resources after the + * binding object is no longer needed. + * + * Returns a new binding object or NULL in case of failure. If the + * network filter cannot be found, then VIR_ERR_NO_NWFILTER_BINDING + * error is raised. + */ +virNWFilterBindingPtr +virNWFilterBindingLookupByPortDev(virConnectPtr conn, const char *portdev) +{ + VIR_DEBUG("conn=3D%p, name=3D%s", conn, NULLSTR(portdev)); + + virResetLastError(); + + virCheckConnectReturn(conn, NULL); + virCheckNonNullArgGoto(portdev, error); + + if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterBindingLooku= pByPortDev) { + virNWFilterBindingPtr ret; + ret =3D conn->nwfilterDriver->nwfilterBindingLookupByPortDev(conn,= portdev); + if (!ret) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(conn); + return NULL; +} + + +/** + * virNWFilterBindingFree: + * @binding: a binding object + * + * Free the binding object. The running instance is kept alive. + * The data structure is freed and should not be used thereafter. + * + * Returns 0 in case of success and -1 in case of failure. + */ +int +virNWFilterBindingFree(virNWFilterBindingPtr binding) +{ + VIR_DEBUG("binding=3D%p", binding); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, -1); + + virObjectUnref(binding); + return 0; +} + + +/** + * virNWFilterBindingGetPortDev: + * @binding: a binding object + * + * Get the port dev name for the network filter binding + * + * Returns a pointer to the name or NULL, the string need not be deallocat= ed + * its lifetime will be the same as the binding object. + */ +const char * +virNWFilterBindingGetPortDev(virNWFilterBindingPtr binding) +{ + VIR_DEBUG("binding=3D%p", binding); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, NULL); + + return binding->portdev; +} + + +/** + * virNWFilterBindingGetFilterName: + * @binding: a binding object + * + * Get the filter name for the network filter binding + * + * Returns a pointer to the name or NULL, the string need not be deallocat= ed + * its lifetime will be the same as the binding object. + */ +const char * +virNWFilterBindingGetFilterName(virNWFilterBindingPtr binding) +{ + VIR_DEBUG("binding=3D%p", binding); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, NULL); + + return binding->filtername; +} + + +/** + * virNWFilterBindingCreateXML: + * @conn: pointer to the hypervisor connection + * @xml: an XML description of the binding + * @flags: currently unused, pass 0 + * + * Define a new network filter, based on an XML description + * similar to the one returned by virNWFilterGetXMLDesc() + * + * virNWFilterFree should be used to free the resources after the + * binding object is no longer needed. + * + * Returns a new binding object or NULL in case of failure + */ +virNWFilterBindingPtr +virNWFilterBindingCreateXML(virConnectPtr conn, const char *xml, unsigned = int flags) +{ + VIR_DEBUG("conn=3D%p, xml=3D%s", conn, NULLSTR(xml)); + + virResetLastError(); + + virCheckConnectReturn(conn, NULL); + virCheckNonNullArgGoto(xml, error); + virCheckReadOnlyGoto(conn->flags, error); + + if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterBindingCreat= eXML) { + virNWFilterBindingPtr ret; + ret =3D conn->nwfilterDriver->nwfilterBindingCreateXML(conn, xml, = flags); + if (!ret) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(conn); + return NULL; +} + + +/** + * virNWFilterBindingDelete: + * @binding: a binding object + * + * Delete the binding object. This does not free the + * associated virNWFilterBindingPtr object. + * + * Returns 0 in case of success and -1 in case of failure. + */ +int +virNWFilterBindingDelete(virNWFilterBindingPtr binding) +{ + virConnectPtr conn; + VIR_DEBUG("binding=3D%p", binding); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, -1); + conn =3D binding->conn; + + virCheckReadOnlyGoto(conn->flags, error); + + if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterBindingDelet= e) { + int ret; + ret =3D conn->nwfilterDriver->nwfilterBindingDelete(binding); + if (ret < 0) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(binding->conn); + return -1; +} + + +/** + * virNWFilterBindingGetXMLDesc: + * @binding: a binding object + * @flags: extra flags; not used yet, so callers should always pass 0 + * + * Provide an XML description of the network filter. The description may be + * reused later to redefine the network filter with virNWFilterCreateXML(). + * + * Returns a 0 terminated UTF-8 encoded XML instance, or NULL in case of e= rror. + * the caller must free() the returned value. + */ +char * +virNWFilterBindingGetXMLDesc(virNWFilterBindingPtr binding, unsigned int f= lags) +{ + virConnectPtr conn; + VIR_DEBUG("binding=3D%p, flags=3D0x%x", binding, flags); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, NULL); + conn =3D binding->conn; + + if (conn->nwfilterDriver && conn->nwfilterDriver->nwfilterBindingGetXM= LDesc) { + char *ret; + ret =3D conn->nwfilterDriver->nwfilterBindingGetXMLDesc(binding, f= lags); + if (!ret) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(binding->conn); + return NULL; +} + + +/** + * virNWFilterBindingRef: + * @binding: the binding to hold a reference on + * + * Increment the reference count on the binding. For each + * additional call to this method, there shall be a corresponding + * call to virNWFilterFree to release the reference count, once + * the caller no longer needs the reference to this object. + * + * This method is typically useful for applications where multiple + * threads are using a connection, and it is required that the + * connection remain open until all threads have finished using + * it. ie, each new thread using an binding would increment + * the reference count. + * + * Returns 0 in case of success, -1 in case of failure. + */ +int +virNWFilterBindingRef(virNWFilterBindingPtr binding) +{ + VIR_DEBUG("binding=3D%p refs=3D%d", binding, + binding ? binding->parent.u.s.refs : 0); + + virResetLastError(); + + virCheckNWFilterBindingReturn(binding, -1); + + virObjectRef(binding); + return 0; +} diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 03145c70d5..0ce685b6f2 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1193,6 +1193,7 @@ virGetInterface; virGetNetwork; virGetNodeDevice; virGetNWFilter; +virGetNWFilterBinding; virGetSecret; virGetStoragePool; virGetStorageVol; diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index 95df3a0dbc..cc73fd8528 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -785,4 +785,17 @@ LIBVIRT_4.1.0 { virStoragePoolLookupByTargetPath; } LIBVIRT_3.9.0; =20 +LIBVIRT_4.4.0 { + global: + virNWFilterBindingLookupByPortDev; + virConnectListAllNWFilterBindings; + virNWFilterBindingCreateXML; + virNWFilterBindingGetXMLDesc; + virNWFilterBindingDelete; + virNWFilterBindingRef; + virNWFilterBindingFree; + virNWFilterBindingGetPortDev; + virNWFilterBindingGetFilterName; +} LIBVIRT_4.1.0; + # .... define new API here using predicted next version number .... diff --git a/src/util/virerror.c b/src/util/virerror.c index c000b00436..074e217849 100644 --- a/src/util/virerror.c +++ b/src/util/virerror.c @@ -1459,6 +1459,18 @@ virErrorMsg(virErrorNumber error, const char *info) else errmsg =3D _("device not found: %s"); break; + case VIR_ERR_INVALID_NWFILTER_BINDING: + if (info =3D=3D NULL) + errmsg =3D _("Invalid network filter binding"); + else + errmsg =3D _("Invalid network filter binding: %s"); + break; + case VIR_ERR_NO_NWFILTER_BINDING: + if (info =3D=3D NULL) + errmsg =3D _("Network filter binding not found"); + else + errmsg =3D _("Network filter binding not found: %s"); + break; } return errmsg; } --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406249123904.7109188421716; Tue, 15 May 2018 10:44:09 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9682F30CDD15; Tue, 15 May 2018 17:44:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 63B6130012DC; Tue, 15 May 2018 17:44:05 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 187034BB78; Tue, 15 May 2018 17:44:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhlAl004240 for ; Tue, 15 May 2018 13:43:47 -0400 Received: by smtp.corp.redhat.com (Postfix) id E7A74112D197; Tue, 15 May 2018 17:43:46 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6C96C112D198; Tue, 15 May 2018 17:43:46 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:24 +0100 Message-Id: <20180515174337.11287-9-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 08/21] access: add nwfilter binding object permissions X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Tue, 15 May 2018 17:44:07 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/access/viraccessdriver.h | 5 ++++ src/access/viraccessdrivernop.c | 10 ++++++++ src/access/viraccessdriverpolkit.c | 21 ++++++++++++++++ src/access/viraccessdriverstack.c | 24 ++++++++++++++++++ src/access/viraccessmanager.c | 15 ++++++++++++ src/access/viraccessmanager.h | 5 ++++ src/access/viraccessperm.c | 7 +++++- src/access/viraccessperm.h | 39 ++++++++++++++++++++++++++++++ src/rpc/gendispatch.pl | 3 ++- 9 files changed, 127 insertions(+), 2 deletions(-) diff --git a/src/access/viraccessdriver.h b/src/access/viraccessdriver.h index e3050b6439..3b25f36cab 100644 --- a/src/access/viraccessdriver.h +++ b/src/access/viraccessdriver.h @@ -47,6 +47,10 @@ typedef int (*virAccessDriverCheckNWFilterDrv)(virAccess= ManagerPtr manager, const char *driverName, virNWFilterDefPtr nwfilter, virAccessPermNWFilter av); +typedef int (*virAccessDriverCheckNWFilterBindingDrv)(virAccessManagerPtr = manager, + const char *driverNa= me, + virNWFilterBindingDe= fPtr binding, + virAccessPermNWFilte= rBinding av); typedef int (*virAccessDriverCheckSecretDrv)(virAccessManagerPtr manager, const char *driverName, virSecretDefPtr secret, @@ -80,6 +84,7 @@ struct _virAccessDriver { virAccessDriverCheckNetworkDrv checkNetwork; virAccessDriverCheckNodeDeviceDrv checkNodeDevice; virAccessDriverCheckNWFilterDrv checkNWFilter; + virAccessDriverCheckNWFilterBindingDrv checkNWFilterBinding; virAccessDriverCheckSecretDrv checkSecret; virAccessDriverCheckStoragePoolDrv checkStoragePool; virAccessDriverCheckStorageVolDrv checkStorageVol; diff --git a/src/access/viraccessdrivernop.c b/src/access/viraccessdriverno= p.c index 86ceef37c2..98ef9206c5 100644 --- a/src/access/viraccessdrivernop.c +++ b/src/access/viraccessdrivernop.c @@ -75,6 +75,15 @@ virAccessDriverNopCheckNWFilter(virAccessManagerPtr mana= ger ATTRIBUTE_UNUSED, return 1; /* Allow */ } =20 +static int +virAccessDriverNopCheckNWFilterBinding(virAccessManagerPtr manager ATTRIBU= TE_UNUSED, + const char *driverName ATTRIBUTE_UN= USED, + virNWFilterBindingDefPtr binding AT= TRIBUTE_UNUSED, + virAccessPermNWFilterBinding perm A= TTRIBUTE_UNUSED) +{ + return 1; /* Allow */ +} + static int virAccessDriverNopCheckSecret(virAccessManagerPtr manager ATTRIBUTE_UNUSED, const char *driverName ATTRIBUTE_UNUSED, @@ -112,6 +121,7 @@ virAccessDriver accessDriverNop =3D { .checkNetwork =3D virAccessDriverNopCheckNetwork, .checkNodeDevice =3D virAccessDriverNopCheckNodeDevice, .checkNWFilter =3D virAccessDriverNopCheckNWFilter, + .checkNWFilterBinding =3D virAccessDriverNopCheckNWFilterBinding, .checkSecret =3D virAccessDriverNopCheckSecret, .checkStoragePool =3D virAccessDriverNopCheckStoragePool, .checkStorageVol =3D virAccessDriverNopCheckStorageVol, diff --git a/src/access/viraccessdriverpolkit.c b/src/access/viraccessdrive= rpolkit.c index 48a83f66d7..6954d74a15 100644 --- a/src/access/viraccessdriverpolkit.c +++ b/src/access/viraccessdriverpolkit.c @@ -276,6 +276,26 @@ virAccessDriverPolkitCheckNWFilter(virAccessManagerPtr= manager, attrs); } =20 +static int +virAccessDriverPolkitCheckNWFilterBinding(virAccessManagerPtr manager, + const char *driverName, + virNWFilterBindingDefPtr binding, + virAccessPermNWFilterBinding per= m) +{ + const char *attrs[] =3D { + "connect_driver", driverName, + "nwfilter_binding_portdev", binding->portdevname, + "nwfilter_binding_linkdev", binding->linkdevname, + "nwfilter_binding_filter", binding->filter, + NULL, + }; + + return virAccessDriverPolkitCheck(manager, + "nwfilter_binding", + virAccessPermNWFilterBindingTypeToSt= ring(perm), + attrs); +} + static int virAccessDriverPolkitCheckSecret(virAccessManagerPtr manager, const char *driverName, @@ -409,6 +429,7 @@ virAccessDriver accessDriverPolkit =3D { .checkNetwork =3D virAccessDriverPolkitCheckNetwork, .checkNodeDevice =3D virAccessDriverPolkitCheckNodeDevice, .checkNWFilter =3D virAccessDriverPolkitCheckNWFilter, + .checkNWFilterBinding =3D virAccessDriverPolkitCheckNWFilterBinding, .checkSecret =3D virAccessDriverPolkitCheckSecret, .checkStoragePool =3D virAccessDriverPolkitCheckStoragePool, .checkStorageVol =3D virAccessDriverPolkitCheckStorageVol, diff --git a/src/access/viraccessdriverstack.c b/src/access/viraccessdriver= stack.c index b43a743027..0ffc6abaf3 100644 --- a/src/access/viraccessdriverstack.c +++ b/src/access/viraccessdriverstack.c @@ -197,6 +197,29 @@ virAccessDriverStackCheckNWFilter(virAccessManagerPtr = manager, return ret; } =20 +static int +virAccessDriverStackCheckNWFilterBinding(virAccessManagerPtr manager, + const char *driverName, + virNWFilterBindingDefPtr binding, + virAccessPermNWFilterBinding perm) +{ + virAccessDriverStackPrivatePtr priv =3D virAccessManagerGetPrivateData= (manager); + int ret =3D 1; + size_t i; + + for (i =3D 0; i < priv->managersLen; i++) { + int rv; + /* We do not short-circuit on first denial - always check all driv= ers */ + rv =3D virAccessManagerCheckNWFilterBinding(priv->managers[i], dri= verName, binding, perm); + if (rv =3D=3D 0 && ret !=3D -1) + ret =3D 0; + else if (rv < 0) + ret =3D -1; + } + + return ret; +} + static int virAccessDriverStackCheckSecret(virAccessManagerPtr manager, const char *driverName, @@ -277,6 +300,7 @@ virAccessDriver accessDriverStack =3D { .checkNetwork =3D virAccessDriverStackCheckNetwork, .checkNodeDevice =3D virAccessDriverStackCheckNodeDevice, .checkNWFilter =3D virAccessDriverStackCheckNWFilter, + .checkNWFilterBinding =3D virAccessDriverStackCheckNWFilterBinding, .checkSecret =3D virAccessDriverStackCheckSecret, .checkStoragePool =3D virAccessDriverStackCheckStoragePool, .checkStorageVol =3D virAccessDriverStackCheckStorageVol, diff --git a/src/access/viraccessmanager.c b/src/access/viraccessmanager.c index b048a367e3..e7b5bf38da 100644 --- a/src/access/viraccessmanager.c +++ b/src/access/viraccessmanager.c @@ -296,6 +296,21 @@ int virAccessManagerCheckNWFilter(virAccessManagerPtr = manager, return virAccessManagerSanitizeError(ret); } =20 +int virAccessManagerCheckNWFilterBinding(virAccessManagerPtr manager, + const char *driverName, + virNWFilterBindingDefPtr binding, + virAccessPermNWFilterBinding perm) +{ + int ret =3D 0; + VIR_DEBUG("manager=3D%p(name=3D%s) driver=3D%s binding=3D%p perm=3D%d", + manager, manager->drv->name, driverName, binding, perm); + + if (manager->drv->checkNWFilterBinding) + ret =3D manager->drv->checkNWFilterBinding(manager, driverName, bi= nding, perm); + + return virAccessManagerSanitizeError(ret); +} + int virAccessManagerCheckSecret(virAccessManagerPtr manager, const char *driverName, virSecretDefPtr secret, diff --git a/src/access/viraccessmanager.h b/src/access/viraccessmanager.h index e7eb15d30c..4fc86a1ff2 100644 --- a/src/access/viraccessmanager.h +++ b/src/access/viraccessmanager.h @@ -29,6 +29,7 @@ # include "conf/storage_conf.h" # include "conf/secret_conf.h" # include "conf/interface_conf.h" +# include "conf/virnwfilterbindingdef.h" # include "access/viraccessperm.h" =20 typedef struct _virAccessManager virAccessManager; @@ -73,6 +74,10 @@ int virAccessManagerCheckNWFilter(virAccessManagerPtr ma= nager, const char *driverName, virNWFilterDefPtr nwfilter, virAccessPermNWFilter perm); +int virAccessManagerCheckNWFilterBinding(virAccessManagerPtr manager, + const char *driverName, + virNWFilterBindingDefPtr binding, + virAccessPermNWFilterBinding perm= ); int virAccessManagerCheckSecret(virAccessManagerPtr manager, const char *driverName, virSecretDefPtr secret, diff --git a/src/access/viraccessperm.c b/src/access/viraccessperm.c index 0f58290173..d7cbb70b7b 100644 --- a/src/access/viraccessperm.c +++ b/src/access/viraccessperm.c @@ -29,7 +29,7 @@ VIR_ENUM_IMPL(virAccessPermConnect, "search_domains", "search_networks", "search_storage_pools", "search_node_devices", "search_interfaces", "search_secrets", - "search_nwfilters", + "search_nwfilters", "search_nwfilter_bindings", "detect_storage_pools", "pm_control", "interface_transaction"); =20 @@ -66,6 +66,11 @@ VIR_ENUM_IMPL(virAccessPermNWFilter, "getattr", "read", "write", "save", "delete"); =20 +VIR_ENUM_IMPL(virAccessPermNWFilterBinding, + VIR_ACCESS_PERM_NWFILTER_BINDING_LAST, + "getattr", "read", + "create", "delete"); + VIR_ENUM_IMPL(virAccessPermSecret, VIR_ACCESS_PERM_SECRET_LAST, "getattr", "read", "write", diff --git a/src/access/viraccessperm.h b/src/access/viraccessperm.h index 1817da73bc..0ea1f7a489 100644 --- a/src/access/viraccessperm.h +++ b/src/access/viraccessperm.h @@ -94,6 +94,13 @@ typedef enum { */ VIR_ACCESS_PERM_CONNECT_SEARCH_NWFILTERS, =20 + /** + * @desc: List network filter bindings + * @message: Listing network filter bindings requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_CONNECT_SEARCH_NWFILTER_BINDINGS, + =20 /** * @desc: Detect storage pools @@ -486,6 +493,37 @@ typedef enum { VIR_ACCESS_PERM_NWFILTER_LAST } virAccessPermNWFilter; =20 +typedef enum { + + /** + * @desc: Access network filter + * @message: Accessing network filter requires authorization + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NWFILTER_BINDING_GETATTR, + + /** + * @desc: Read network filter binding + * @message: Reading network filter configuration requires authorizati= on + * @anonymous: 1 + */ + VIR_ACCESS_PERM_NWFILTER_BINDING_READ, + + /** + * @desc: Create network filter binding + * @message: Creating network filter binding requires authorization + */ + VIR_ACCESS_PERM_NWFILTER_BINDING_CREATE, + + /** + * @desc: Delete network filter binding + * @message: Deleting network filter binding requires authorization + */ + VIR_ACCESS_PERM_NWFILTER_BINDING_DELETE, + + VIR_ACCESS_PERM_NWFILTER_BINDING_LAST +} virAccessPermNWFilterBinding; + typedef enum { =20 /** @@ -657,6 +695,7 @@ VIR_ENUM_DECL(virAccessPermInterface); VIR_ENUM_DECL(virAccessPermNetwork); VIR_ENUM_DECL(virAccessPermNodeDevice); VIR_ENUM_DECL(virAccessPermNWFilter); +VIR_ENUM_DECL(virAccessPermNWFilterBinding); VIR_ENUM_DECL(virAccessPermSecret); VIR_ENUM_DECL(virAccessPermStoragePool); VIR_ENUM_DECL(virAccessPermStorageVol); diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl index b8b83b6b40..480ebe7b00 100755 --- a/src/rpc/gendispatch.pl +++ b/src/rpc/gendispatch.pl @@ -2033,7 +2033,8 @@ elsif ($mode eq "client") { "storage_conf.h", "nwfilter_conf.h", "node_device_conf.h", - "interface_conf.h" + "interface_conf.h", + "virnwfilterbindingdef.h", ); foreach my $hdr (@headers) { print "#include \"$hdr\"\n"; --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406252929691.4785566058264; Tue, 15 May 2018 10:44:12 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5C459C0D18BC; Tue, 15 May 2018 17:44:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 27F9C94320; Tue, 15 May 2018 17:44:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DA2844BB78; Tue, 15 May 2018 17:44:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhlaH004248 for ; Tue, 15 May 2018 13:43:47 -0400 Received: by smtp.corp.redhat.com (Postfix) id A3590112D197; Tue, 15 May 2018 17:43:47 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2E717112D198; Tue, 15 May 2018 17:43:47 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:25 +0100 Message-Id: <20180515174337.11287-10-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 09/21] remote: add support for nwfilter binding objects X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Tue, 15 May 2018 17:44:12 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/remote/remote_daemon_dispatch.c | 15 +++++ src/remote/remote_driver.c | 20 +++++++ src/remote/remote_protocol.x | 90 ++++++++++++++++++++++++++++- src/remote_protocol-structs | 43 ++++++++++++++ src/rpc/gendispatch.pl | 12 ++-- 5 files changed, 173 insertions(+), 7 deletions(-) diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon= _dispatch.c index a8a5932d71..26ccc8d4b6 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -90,6 +90,7 @@ static virStoragePoolPtr get_nonnull_storage_pool(virConn= ectPtr conn, remote_non static virStorageVolPtr get_nonnull_storage_vol(virConnectPtr conn, remote= _nonnull_storage_vol vol); static virSecretPtr get_nonnull_secret(virConnectPtr conn, remote_nonnull_= secret secret); static virNWFilterPtr get_nonnull_nwfilter(virConnectPtr conn, remote_nonn= ull_nwfilter nwfilter); +static virNWFilterBindingPtr get_nonnull_nwfilter_binding(virConnectPtr co= nn, remote_nonnull_nwfilter_binding binding); static virDomainSnapshotPtr get_nonnull_domain_snapshot(virDomainPtr dom, = remote_nonnull_domain_snapshot snapshot); static virNodeDevicePtr get_nonnull_node_device(virConnectPtr conn, remote= _nonnull_node_device dev); static void make_nonnull_domain(remote_nonnull_domain *dom_dst, virDomainP= tr dom_src); @@ -100,6 +101,7 @@ static void make_nonnull_storage_vol(remote_nonnull_sto= rage_vol *vol_dst, virSto static void make_nonnull_node_device(remote_nonnull_node_device *dev_dst, = virNodeDevicePtr dev_src); static void make_nonnull_secret(remote_nonnull_secret *secret_dst, virSecr= etPtr secret_src); static void make_nonnull_nwfilter(remote_nonnull_nwfilter *net_dst, virNWF= ilterPtr nwfilter_src); +static void make_nonnull_nwfilter_binding(remote_nonnull_nwfilter_binding = *binding_dst, virNWFilterBindingPtr binding_src); static void make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *s= napshot_dst, virDomainSnapshotPtr snapshot_src); =20 static int @@ -6998,6 +7000,12 @@ get_nonnull_nwfilter(virConnectPtr conn, remote_nonn= ull_nwfilter nwfilter) return virGetNWFilter(conn, nwfilter.name, BAD_CAST nwfilter.uuid); } =20 +static virNWFilterBindingPtr +get_nonnull_nwfilter_binding(virConnectPtr conn, remote_nonnull_nwfilter_b= inding binding) +{ + return virGetNWFilterBinding(conn, binding.portdev, binding.filtername= ); +} + static virDomainSnapshotPtr get_nonnull_domain_snapshot(virDomainPtr dom, remote_nonnull_domain_snapsh= ot snapshot) { @@ -7070,6 +7078,13 @@ make_nonnull_nwfilter(remote_nonnull_nwfilter *nwfil= ter_dst, virNWFilterPtr nwfi memcpy(nwfilter_dst->uuid, nwfilter_src->uuid, VIR_UUID_BUFLEN); } =20 +static void +make_nonnull_nwfilter_binding(remote_nonnull_nwfilter_binding *binding_dst= , virNWFilterBindingPtr binding_src) +{ + ignore_value(VIR_STRDUP_QUIET(binding_dst->portdev, binding_src->portd= ev)); + ignore_value(VIR_STRDUP_QUIET(binding_dst->filtername, binding_src->fi= ltername)); +} + static void make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *snapshot_dst,= virDomainSnapshotPtr snapshot_src) { diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 95437b4365..13eafa67d1 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -141,6 +141,7 @@ static int remoteAuthPolkit(virConnectPtr conn, struct = private_data *priv, static virDomainPtr get_nonnull_domain(virConnectPtr conn, remote_nonnull_= domain domain); static virNetworkPtr get_nonnull_network(virConnectPtr conn, remote_nonnul= l_network network); static virNWFilterPtr get_nonnull_nwfilter(virConnectPtr conn, remote_nonn= ull_nwfilter nwfilter); +static virNWFilterBindingPtr get_nonnull_nwfilter_binding(virConnectPtr co= nn, remote_nonnull_nwfilter_binding binding); static virInterfacePtr get_nonnull_interface(virConnectPtr conn, remote_no= nnull_interface iface); static virStoragePoolPtr get_nonnull_storage_pool(virConnectPtr conn, remo= te_nonnull_storage_pool pool); static virStorageVolPtr get_nonnull_storage_vol(virConnectPtr conn, remote= _nonnull_storage_vol vol); @@ -156,6 +157,7 @@ static void make_nonnull_node_device(remote_nonnull_node_device *dev_dst, virNodeDevic= ePtr dev_src); static void make_nonnull_secret(remote_nonnull_secret *secret_dst, virSecr= etPtr secret_src); static void make_nonnull_nwfilter(remote_nonnull_nwfilter *nwfilter_dst, v= irNWFilterPtr nwfilter_src); +static void make_nonnull_nwfilter_binding(remote_nonnull_nwfilter_binding = *binding_dst, virNWFilterBindingPtr binding_src); static void make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *s= napshot_dst, virDomainSnapshotPtr snapshot_src); =20 /*----------------------------------------------------------------------*/ @@ -8138,6 +8140,12 @@ get_nonnull_nwfilter(virConnectPtr conn, remote_nonn= ull_nwfilter nwfilter) return virGetNWFilter(conn, nwfilter.name, BAD_CAST nwfilter.uuid); } =20 +static virNWFilterBindingPtr +get_nonnull_nwfilter_binding(virConnectPtr conn, remote_nonnull_nwfilter_b= inding binding) +{ + return virGetNWFilterBinding(conn, binding.portdev, binding.filtername= ); +} + static virDomainSnapshotPtr get_nonnull_domain_snapshot(virDomainPtr domain, remote_nonnull_domain_sna= pshot snapshot) { @@ -8205,6 +8213,13 @@ make_nonnull_nwfilter(remote_nonnull_nwfilter *nwfil= ter_dst, virNWFilterPtr nwfi memcpy(nwfilter_dst->uuid, nwfilter_src->uuid, VIR_UUID_BUFLEN); } =20 +static void +make_nonnull_nwfilter_binding(remote_nonnull_nwfilter_binding *binding_dst= , virNWFilterBindingPtr binding_src) +{ + binding_dst->portdev =3D binding_src->portdev; + binding_dst->filtername =3D binding_src->filtername; +} + static void make_nonnull_domain_snapshot(remote_nonnull_domain_snapshot *snapshot_dst,= virDomainSnapshotPtr snapshot_src) { @@ -8583,6 +8598,11 @@ static virNWFilterDriver nwfilter_driver =3D { .connectNumOfNWFilters =3D remoteConnectNumOfNWFilters, /* 0.8.0= */ .connectListNWFilters =3D remoteConnectListNWFilters, /* 0.8.0 = */ .connectListAllNWFilters =3D remoteConnectListAllNWFilters, /* 0.1= 0.2 */ + .connectListAllNWFilterBindings =3D remoteConnectListAllNWFilterBindin= gs, /* 4.4.0 */ + .nwfilterBindingLookupByPortDev =3D remoteNWFilterBindingLookupByPortD= ev, /* 4.4.0 */ + .nwfilterBindingCreateXML =3D remoteNWFilterBindingCreateXML, /* 4.4.0= */ + .nwfilterBindingDelete =3D remoteNWFilterBindingDelete, /* 4.4.0 */ + .nwfilterBindingGetXMLDesc =3D remoteNWFilterBindingGetXMLDesc, /* 4.4= .0 */ }; =20 static virConnectDriver connect_driver =3D { diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 296a087181..347ab7fa32 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -94,6 +94,9 @@ const REMOTE_NODE_DEVICE_CAPS_LIST_MAX =3D 65536; /* Upper limit on lists of network filters. */ const REMOTE_NWFILTER_LIST_MAX =3D 16384; =20 +/* Upper limit on lists of network filter bindings. */ +const REMOTE_NWFILTER_BINDING_LIST_MAX =3D 16384; + /* Upper limit on list of scheduler parameters. */ const REMOTE_DOMAIN_SCHEDULER_PARAMETERS_MAX =3D 16; =20 @@ -275,6 +278,12 @@ struct remote_nonnull_nwfilter { remote_uuid uuid; }; =20 +/* A network filter binding which may not be NULL. */ +struct remote_nonnull_nwfilter_binding { + remote_nonnull_string portdev; + remote_nonnull_string filtername; +}; + /* An interface which may not be NULL. */ struct remote_nonnull_interface { remote_nonnull_string name; @@ -316,6 +325,7 @@ struct remote_nonnull_domain_snapshot { typedef remote_nonnull_domain *remote_domain; typedef remote_nonnull_network *remote_network; typedef remote_nonnull_nwfilter *remote_nwfilter; +typedef remote_nonnull_nwfilter_binding *remote_nwfilter_binding; typedef remote_nonnull_storage_pool *remote_storage_pool; typedef remote_nonnull_storage_vol *remote_storage_vol; typedef remote_nonnull_node_device *remote_node_device; @@ -3448,6 +3458,48 @@ struct remote_domain_set_lifecycle_action_args { unsigned int flags; }; =20 +/* nwfilter binding */ + +struct remote_nwfilter_binding_lookup_by_port_dev_args { + remote_nonnull_string name; +}; + +struct remote_nwfilter_binding_lookup_by_port_dev_ret { + remote_nonnull_nwfilter_binding nwfilter; +}; + +struct remote_nwfilter_binding_create_xml_args { + remote_nonnull_string xml; + unsigned int flags; +}; + +struct remote_nwfilter_binding_create_xml_ret { + remote_nonnull_nwfilter_binding nwfilter; +}; + +struct remote_nwfilter_binding_delete_args { + remote_nonnull_nwfilter_binding nwfilter; +}; + +struct remote_nwfilter_binding_get_xml_desc_args { + remote_nonnull_nwfilter_binding nwfilter; + unsigned int flags; +}; + +struct remote_nwfilter_binding_get_xml_desc_ret { + remote_nonnull_string xml; +}; + +struct remote_connect_list_all_nwfilter_bindings_args { + int need_results; + unsigned int flags; +}; + +struct remote_connect_list_all_nwfilter_bindings_ret { /* insert@1 */ + remote_nonnull_nwfilter_binding bindings; + unsigned int ret; +}; + /*----- Protocol. -----*/ =20 /* Define the program number, protocol version and procedure numbers here.= */ @@ -6135,5 +6187,41 @@ enum remote_procedure { * @priority: high * @acl: storage_pool:getattr */ - REMOTE_PROC_STORAGE_POOL_LOOKUP_BY_TARGET_PATH =3D 391 + REMOTE_PROC_STORAGE_POOL_LOOKUP_BY_TARGET_PATH =3D 391, + + /** + * @generate: both + * @priority: high + * @acl: nwfilter_binding:getattr + */ + REMOTE_PROC_NWFILTER_BINDING_LOOKUP_BY_PORT_DEV =3D 392, + + /** + * @generate: both + * @priority: high + * @acl: nwfilter_binding:read + */ + REMOTE_PROC_NWFILTER_BINDING_GET_XML_DESC =3D 393, + + /** + * @generate: both + * @priority: high + * @acl: nwfilter_binding:create + */ + REMOTE_PROC_NWFILTER_BINDING_CREATE_XML =3D 394, + + /** + * @generate: both + * @priority: high + * @acl: nwfilter_binding:delete + */ + REMOTE_PROC_NWFILTER_BINDING_DELETE =3D 395, + + /** + * @generate: both + * @priority: high + * @acl: connect:search_nwfilter_bindings + * @aclfilter: nwfilter_binding:getattr + */ + REMOTE_PROC_CONNECT_LIST_ALL_NWFILTER_BINDINGS =3D 396 }; diff --git a/src/remote_protocol-structs b/src/remote_protocol-structs index fe163db73f..6deb79dff0 100644 --- a/src/remote_protocol-structs +++ b/src/remote_protocol-structs @@ -21,6 +21,10 @@ struct remote_nonnull_nwfilter { remote_nonnull_string name; remote_uuid uuid; }; +struct remote_nonnull_nwfilter_binding { + remote_nonnull_string portdev; + remote_nonnull_string filtername; +}; struct remote_nonnull_interface { remote_nonnull_string name; remote_nonnull_string mac; @@ -2877,6 +2881,40 @@ struct remote_domain_set_lifecycle_action_args { u_int action; u_int flags; }; +struct remote_nwfilter_binding_lookup_by_port_dev_args { + remote_nonnull_string name; +}; +struct remote_nwfilter_binding_lookup_by_port_dev_ret { + remote_nonnull_nwfilter_binding nwfilter; +}; +struct remote_nwfilter_binding_create_xml_args { + remote_nonnull_string xml; + u_int flags; +}; +struct remote_nwfilter_binding_create_xml_ret { + remote_nonnull_nwfilter_binding nwfilter; +}; +struct remote_nwfilter_binding_delete_args { + remote_nonnull_nwfilter_binding nwfilter; +}; +struct remote_nwfilter_binding_get_xml_desc_args { + remote_nonnull_nwfilter_binding nwfilter; + u_int flags; +}; +struct remote_nwfilter_binding_get_xml_desc_ret { + remote_nonnull_string xml; +}; +struct remote_connect_list_all_nwfilter_bindings_args { + int need_results; + u_int flags; +}; +struct remote_connect_list_all_nwfilter_bindings_ret { + struct { + u_int bindings_len; + remote_nonnull_nwfilter_binding * bindings_val; + } bindings; + u_int ret; +}; enum remote_procedure { REMOTE_PROC_CONNECT_OPEN =3D 1, REMOTE_PROC_CONNECT_CLOSE =3D 2, @@ -3269,4 +3307,9 @@ enum remote_procedure { REMOTE_PROC_DOMAIN_MANAGED_SAVE_DEFINE_XML =3D 389, REMOTE_PROC_DOMAIN_SET_LIFECYCLE_ACTION =3D 390, REMOTE_PROC_STORAGE_POOL_LOOKUP_BY_TARGET_PATH =3D 391, + REMOTE_PROC_NWFILTER_BINDING_LOOKUP_BY_PORT_DEV =3D 392, + REMOTE_PROC_NWFILTER_BINDING_GET_XML_DESC =3D 393, + REMOTE_PROC_NWFILTER_BINDING_CREATE_XML =3D 394, + REMOTE_PROC_NWFILTER_BINDING_DELETE =3D 395, + REMOTE_PROC_CONNECT_LIST_ALL_NWFILTER_BINDINGS =3D 396, }; diff --git a/src/rpc/gendispatch.pl b/src/rpc/gendispatch.pl index 480ebe7b00..0c4648c0fb 100755 --- a/src/rpc/gendispatch.pl +++ b/src/rpc/gendispatch.pl @@ -557,7 +557,7 @@ elsif ($mode eq "server") { if ($args_member =3D~ m/^remote_nonnull_string name;/ and = $has_node_device) { # ignore the name arg for node devices next - } elsif ($args_member =3D~ m/^remote_nonnull_(domain|netwo= rk|storage_pool|storage_vol|interface|secret|nwfilter) (\S+);/) { + } elsif ($args_member =3D~ m/^remote_nonnull_(domain|netwo= rk|storage_pool|storage_vol|interface|secret|nwfilter|nwfilter_binding) (\S= +);/) { my $type_name =3D name_to_TypeName($1); =20 push(@vars_list, "vir${type_name}Ptr $2 =3D NULL"); @@ -722,7 +722,7 @@ elsif ($mode eq "server") { if (!$modern_ret_as_list) { push(@ret_list, "ret->$3 =3D tmp.$3;"); } - } elsif ($ret_member =3D~ m/(?:admin|remote)_nonnull_(= secret|nwfilter|node_device|interface|network|storage_vol|storage_pool|doma= in_snapshot|domain|server|client) (\S+)<(\S+)>;/) { + } elsif ($ret_member =3D~ m/(?:admin|remote)_nonnull_(= secret|nwfilter|nwfilter_binding|node_device|interface|network|storage_vol|= storage_pool|domain_snapshot|domain|server|client) (\S+)<(\S+)>;/) { $modern_ret_struct_name =3D $1; $single_ret_list_error_msg_type =3D $1; $single_ret_list_name =3D $2; @@ -780,7 +780,7 @@ elsif ($mode eq "server") { $single_ret_var =3D $1; $single_ret_by_ref =3D 0; $single_ret_check =3D " =3D=3D NULL"; - } elsif ($ret_member =3D~ m/^remote_nonnull_(domain|networ= k|storage_pool|storage_vol|interface|node_device|secret|nwfilter|domain_sna= pshot) (\S+);/) { + } elsif ($ret_member =3D~ m/^remote_nonnull_(domain|networ= k|storage_pool|storage_vol|interface|node_device|secret|nwfilter|nwfilter_b= inding|domain_snapshot) (\S+);/) { my $type_name =3D name_to_TypeName($1); =20 if ($call->{ProcName} eq "DomainCreateWithFlags") { @@ -1325,7 +1325,7 @@ elsif ($mode eq "client") { $priv_src =3D "dev->conn"; push(@args_list, "virNodeDevicePtr dev"); push(@setters_list, "args.name =3D dev->name;"); - } elsif ($args_member =3D~ m/^remote_nonnull_(domain|netwo= rk|storage_pool|storage_vol|interface|secret|nwfilter|domain_snapshot) (\S+= );/) { + } elsif ($args_member =3D~ m/^remote_nonnull_(domain|netwo= rk|storage_pool|storage_vol|interface|secret|nwfilter|nwfilter_binding|doma= in_snapshot) (\S+);/) { my $name =3D $1; my $arg_name =3D $2; my $type_name =3D name_to_TypeName($name); @@ -1518,7 +1518,7 @@ elsif ($mode eq "client") { } =20 push(@ret_list, "memcpy(result->$3, ret.$3, sizeof= (result->$3));"); - } elsif ($ret_member =3D~ m/(?:admin|remote)_nonnull_(= secret|nwfilter|node_device|interface|network|storage_vol|storage_pool|doma= in_snapshot|domain|server|client) (\S+)<(\S+)>;/) { + } elsif ($ret_member =3D~ m/(?:admin|remote)_nonnull_(= secret|nwfilter|nwfilter_binding|node_device|interface|network|storage_vol|= storage_pool|domain_snapshot|domain|server|client) (\S+)<(\S+)>;/) { my $proc_name =3D name_to_TypeName($1); =20 if ($structprefix eq "admin") { @@ -1571,7 +1571,7 @@ elsif ($mode eq "client") { push(@ret_list, "VIR_FREE(ret.$1);"); $single_ret_var =3D "char *rv =3D NULL"; $single_ret_type =3D "char *"; - } elsif ($ret_member =3D~ m/^remote_nonnull_(domain|networ= k|storage_pool|storage_vol|node_device|interface|secret|nwfilter|domain_sna= pshot) (\S+);/) { + } elsif ($ret_member =3D~ m/^remote_nonnull_(domain|networ= k|storage_pool|storage_vol|node_device|interface|secret|nwfilter|nwfilter_b= inding|domain_snapshot) (\S+);/) { my $name =3D $1; my $arg_name =3D $2; my $type_name =3D name_to_TypeName($name); --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406387817454.85885395251285; Tue, 15 May 2018 10:46:27 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DA7A2C19AE39; Tue, 15 May 2018 17:46:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 258862B4C2; Tue, 15 May 2018 17:46:25 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 80A53180124E; Tue, 15 May 2018 17:46:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhmXU004258 for ; Tue, 15 May 2018 13:43:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5D37B112D19A; Tue, 15 May 2018 17:43:48 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id DC57E112D198; Tue, 15 May 2018 17:43:47 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:26 +0100 Message-Id: <20180515174337.11287-11-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 10/21] virsh: add nwfilter binding commands X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Tue, 15 May 2018 17:46:26 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 $ virsh nwfilter-binding-list Port Dev Filter ------------------------------------------------------------------ vnet0 clean-traffic vnet1 clean-traffic $ virsh nwfilter-binding-dumpxml vnet1 f25arm7 12ac8b8c-4f23-4248-ae42-fdcd50c400fd Signed-off-by: Daniel P. Berrang=C3=A9 --- tools/virsh-completer.c | 45 ++++++ tools/virsh-completer.h | 4 + tools/virsh-nwfilter.c | 318 ++++++++++++++++++++++++++++++++++++++++ tools/virsh-nwfilter.h | 8 + 4 files changed, 375 insertions(+) diff --git a/tools/virsh-completer.c b/tools/virsh-completer.c index e3b8234b41..b1737130b4 100644 --- a/tools/virsh-completer.c +++ b/tools/virsh-completer.c @@ -427,6 +427,51 @@ virshNWFilterNameCompleter(vshControl *ctl, } =20 =20 +char ** +virshNWFilterBindingNameCompleter(vshControl *ctl, + const vshCmd *cmd ATTRIBUTE_UNUSED, + unsigned int flags) +{ + virshControlPtr priv =3D ctl->privData; + virNWFilterBindingPtr *bindings =3D NULL; + int nbindings =3D 0; + size_t i =3D 0; + char **ret =3D NULL; + + virCheckFlags(0, NULL); + + if (!priv->conn || virConnectIsAlive(priv->conn) <=3D 0) + return NULL; + + if ((nbindings =3D virConnectListAllNWFilterBindings(priv->conn, &bind= ings, flags)) < 0) + return NULL; + + if (VIR_ALLOC_N(ret, nbindings + 1) < 0) + goto error; + + for (i =3D 0; i < nbindings; i++) { + const char *name =3D virNWFilterBindingGetPortDev(bindings[i]); + + if (VIR_STRDUP(ret[i], name) < 0) + goto error; + + virNWFilterBindingFree(bindings[i]); + } + VIR_FREE(bindings); + + return ret; + + error: + for (; i < nbindings; i++) + virNWFilterBindingFree(bindings[i]); + VIR_FREE(bindings); + for (i =3D 0; i < nbindings; i++) + VIR_FREE(ret[i]); + VIR_FREE(ret); + return NULL; +} + + char ** virshSecretUUIDCompleter(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED, diff --git a/tools/virsh-completer.h b/tools/virsh-completer.h index fa443d3ad7..3abced765c 100644 --- a/tools/virsh-completer.h +++ b/tools/virsh-completer.h @@ -62,6 +62,10 @@ char ** virshNWFilterNameCompleter(vshControl *ctl, const vshCmd *cmd, unsigned int flags); =20 +char ** virshNWFilterBindingNameCompleter(vshControl *ctl, + const vshCmd *cmd, + unsigned int flags); + char ** virshSecretUUIDCompleter(vshControl *ctl, const vshCmd *cmd, unsigned int flags); diff --git a/tools/virsh-nwfilter.c b/tools/virsh-nwfilter.c index 06a002dffd..881afc5dda 100644 --- a/tools/virsh-nwfilter.c +++ b/tools/virsh-nwfilter.c @@ -443,6 +443,300 @@ cmdNWFilterEdit(vshControl *ctl, const vshCmd *cmd) return ret; } =20 +virNWFilterBindingPtr +virshCommandOptNWFilterBindingBy(vshControl *ctl, const vshCmd *cmd, + const char **name, unsigned int flags) +{ + virNWFilterBindingPtr binding =3D NULL; + const char *n =3D NULL; + const char *optname =3D "binding"; + virshControlPtr priv =3D ctl->privData; + + virCheckFlags(0, NULL); + + if (vshCommandOptStringReq(ctl, cmd, optname, &n) < 0) + return NULL; + + vshDebug(ctl, VSH_ERR_INFO, "%s: found option <%s>: %s\n", + cmd->def->name, optname, n); + + if (name) + *name =3D n; + + vshDebug(ctl, VSH_ERR_DEBUG, "%s: <%s> trying as nwfilter binding port= dev\n", + cmd->def->name, optname); + binding =3D virNWFilterBindingLookupByPortDev(priv->conn, n); + + if (!binding) + vshError(ctl, _("failed to get nwfilter binding '%s'"), n); + + return binding; +} + +/* + * "nwfilter-binding-create" command + */ +static const vshCmdInfo info_nwfilter_binding_create[] =3D { + {.name =3D "help", + .data =3D N_("create a network filter binding from an XML file") + }, + {.name =3D "desc", + .data =3D N_("Create a new network filter binding.") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_nwfilter_binding_create[] =3D { + VIRSH_COMMON_OPT_FILE(N_("file containing an XML network " + "filter binding description")), + {.name =3D NULL} +}; + +static bool +cmdNWFilterBindingCreate(vshControl *ctl, const vshCmd *cmd) +{ + virNWFilterBindingPtr binding; + const char *from =3D NULL; + bool ret =3D true; + char *buffer; + virshControlPtr priv =3D ctl->privData; + + if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0) + return false; + + if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0) + return false; + + binding =3D virNWFilterBindingCreateXML(priv->conn, buffer, 0); + VIR_FREE(buffer); + + if (binding !=3D NULL) { + vshPrintExtra(ctl, _("Network filter binding on %s created from %s= \n"), + virNWFilterBindingGetPortDev(binding), from); + virNWFilterBindingFree(binding); + } else { + vshError(ctl, _("Failed to create network filter from %s"), from); + ret =3D false; + } + return ret; +} + +/* + * "nwfilter-binding-delete" command + */ +static const vshCmdInfo info_nwfilter_binding_delete[] =3D { + {.name =3D "help", + .data =3D N_("delete a network filter binding") + }, + {.name =3D "desc", + .data =3D N_("Delete a given network filter binding.") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_nwfilter_binding_delete[] =3D { + {.name =3D "binding", + .type =3D VSH_OT_DATA, + .flags =3D VSH_OFLAG_REQ, + .help =3D N_("network filter binding port dev"), + .completer =3D virshNWFilterBindingNameCompleter, + }, + {.name =3D NULL} +}; + +static bool +cmdNWFilterBindingDelete(vshControl *ctl, const vshCmd *cmd) +{ + virNWFilterBindingPtr binding; + bool ret =3D true; + const char *portdev; + + if (!(binding =3D virshCommandOptNWFilterBinding(ctl, cmd, &portdev))) + return false; + + if (virNWFilterBindingDelete(binding) =3D=3D 0) { + vshPrintExtra(ctl, _("Network filter binding on %s deleted\n"), po= rtdev); + } else { + vshError(ctl, _("Failed to delete network filter binding on %s"), = portdev); + ret =3D false; + } + + virNWFilterBindingFree(binding); + return ret; +} + +/* + * "nwfilter-binding-dumpxml" command + */ +static const vshCmdInfo info_nwfilter_binding_dumpxml[] =3D { + {.name =3D "help", + .data =3D N_("network filter information in XML") + }, + {.name =3D "desc", + .data =3D N_("Output the network filter information as an XML dump to= stdout.") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_nwfilter_binding_dumpxml[] =3D { + {.name =3D "binding", + .type =3D VSH_OT_DATA, + .flags =3D VSH_OFLAG_REQ, + .help =3D N_("network filter binding portdev"), + .completer =3D virshNWFilterBindingNameCompleter, + }, + {.name =3D NULL} +}; + +static bool +cmdNWFilterBindingDumpXML(vshControl *ctl, const vshCmd *cmd) +{ + virNWFilterBindingPtr binding; + bool ret =3D true; + char *dump; + + if (!(binding =3D virshCommandOptNWFilterBinding(ctl, cmd, NULL))) + return false; + + dump =3D virNWFilterBindingGetXMLDesc(binding, 0); + if (dump !=3D NULL) { + vshPrint(ctl, "%s", dump); + VIR_FREE(dump); + } else { + ret =3D false; + } + + virNWFilterBindingFree(binding); + return ret; +} + +static int +virshNWFilterBindingSorter(const void *a, const void *b) +{ + virNWFilterBindingPtr *fa =3D (virNWFilterBindingPtr *) a; + virNWFilterBindingPtr *fb =3D (virNWFilterBindingPtr *) b; + + if (*fa && !*fb) + return -1; + + if (!*fa) + return *fb !=3D NULL; + + return vshStrcasecmp(virNWFilterBindingGetPortDev(*fa), + virNWFilterBindingGetPortDev(*fb)); +} + +struct virshNWFilterBindingList { + virNWFilterBindingPtr *bindings; + size_t nbindings; +}; +typedef struct virshNWFilterBindingList *virshNWFilterBindingListPtr; + +static void +virshNWFilterBindingListFree(virshNWFilterBindingListPtr list) +{ + size_t i; + + if (list && list->bindings) { + for (i =3D 0; i < list->nbindings; i++) { + if (list->bindings[i]) + virNWFilterBindingFree(list->bindings[i]); + } + VIR_FREE(list->bindings); + } + VIR_FREE(list); +} + +static virshNWFilterBindingListPtr +virshNWFilterBindingListCollect(vshControl *ctl, + unsigned int flags) +{ + virshNWFilterBindingListPtr list =3D vshMalloc(ctl, sizeof(*list)); + size_t i; + int ret; + bool success =3D false; + size_t deleted =3D 0; + int nbindings =3D 0; + char **names =3D NULL; + virshControlPtr priv =3D ctl->privData; + + /* try the list with flags support (0.10.2 and later) */ + if ((ret =3D virConnectListAllNWFilterBindings(priv->conn, + &list->bindings, + flags)) < 0) { + /* there was an error during the call */ + vshError(ctl, "%s", _("Failed to list network filter bindings")); + goto cleanup; + } + + list->nbindings =3D ret; + + /* sort the list */ + if (list->bindings && list->nbindings) + qsort(list->bindings, list->nbindings, + sizeof(*list->bindings), virshNWFilterBindingSorter); + + /* truncate the list for not found filter objects */ + if (deleted) + VIR_SHRINK_N(list->bindings, list->nbindings, deleted); + + success =3D true; + + cleanup: + for (i =3D 0; nbindings !=3D -1 && i < nbindings; i++) + VIR_FREE(names[i]); + VIR_FREE(names); + + if (!success) { + virshNWFilterBindingListFree(list); + list =3D NULL; + } + + return list; +} + +/* + * "nwfilter-binding-list" command + */ +static const vshCmdInfo info_nwfilter_binding_list[] =3D { + {.name =3D "help", + .data =3D N_("list network filter bindings") + }, + {.name =3D "desc", + .data =3D N_("Returns list of network filter bindings.") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_nwfilter_binding_list[] =3D { + {.name =3D NULL} +}; + +static bool +cmdNWFilterBindingList(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED) +{ + size_t i; + virshNWFilterBindingListPtr list =3D NULL; + + if (!(list =3D virshNWFilterBindingListCollect(ctl, 0))) + return false; + + vshPrintExtra(ctl, " %-36s %-20s \n", _("Port Dev"), _("Filter")); + vshPrintExtra(ctl, "---------------------------------" + "---------------------------------\n"); + + for (i =3D 0; i < list->nbindings; i++) { + virNWFilterBindingPtr binding =3D list->bindings[i]; + + vshPrint(ctl, " %-20s %-20s\n", + virNWFilterBindingGetPortDev(binding), + virNWFilterBindingGetFilterName(binding)); + } + + virshNWFilterBindingListFree(list); + return true; +} + const vshCmdDef nwfilterCmds[] =3D { {.name =3D "nwfilter-define", .handler =3D cmdNWFilterDefine, @@ -474,5 +768,29 @@ const vshCmdDef nwfilterCmds[] =3D { .info =3D info_nwfilter_undefine, .flags =3D 0 }, + {.name =3D "nwfilter-binding-create", + .handler =3D cmdNWFilterBindingCreate, + .opts =3D opts_nwfilter_binding_create, + .info =3D info_nwfilter_binding_create, + .flags =3D 0 + }, + {.name =3D "nwfilter-binding-delete", + .handler =3D cmdNWFilterBindingDelete, + .opts =3D opts_nwfilter_binding_delete, + .info =3D info_nwfilter_binding_delete, + .flags =3D 0 + }, + {.name =3D "nwfilter-binding-dumpxml", + .handler =3D cmdNWFilterBindingDumpXML, + .opts =3D opts_nwfilter_binding_dumpxml, + .info =3D info_nwfilter_binding_dumpxml, + .flags =3D 0 + }, + {.name =3D "nwfilter-binding-list", + .handler =3D cmdNWFilterBindingList, + .opts =3D opts_nwfilter_binding_list, + .info =3D info_nwfilter_binding_list, + .flags =3D 0 + }, {.name =3D NULL} }; diff --git a/tools/virsh-nwfilter.h b/tools/virsh-nwfilter.h index 2b76a7c849..d8ca0e3960 100644 --- a/tools/virsh-nwfilter.h +++ b/tools/virsh-nwfilter.h @@ -32,11 +32,19 @@ virNWFilterPtr virshCommandOptNWFilterBy(vshControl *ctl, const vshCmd *cmd, const char **name, unsigned int flags); =20 +virNWFilterBindingPtr +virshCommandOptNWFilterBindingBy(vshControl *ctl, const vshCmd *cmd, + const char **name, unsigned int flags); + /* default is lookup by Name and UUID */ # define virshCommandOptNWFilter(_ctl, _cmd, _name) \ virshCommandOptNWFilterBy(_ctl, _cmd, _name, \ VIRSH_BYUUID | VIRSH_BYNAME) =20 +/* default is lookup by port dev */ +# define virshCommandOptNWFilterBinding(_ctl, _cmd, _name) \ + virshCommandOptNWFilterBindingBy(_ctl, _cmd, _name, 0) + extern const vshCmdDef nwfilterCmds[]; =20 #endif /* VIRSH_NWFILTER_H */ --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406235699372.4345240686862; Tue, 15 May 2018 10:43:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8B3B13002614; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 507CA5D6B4; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 07EA4180B5B3; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhnpb004269 for ; Tue, 15 May 2018 13:43:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id 168571002973; Tue, 15 May 2018 17:43:49 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9532610A7E3B; Tue, 15 May 2018 17:43:48 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:27 +0100 Message-Id: <20180515174337.11287-12-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 11/21] nwfilter: convert the gentech driver code to use virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 15 May 2018 17:43:54 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Use the virNWFilterBindingDefPtr struct in the gentech driver code directly. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_dhcpsnoop.c | 35 +++-- src/nwfilter/nwfilter_driver.c | 22 ++- src/nwfilter/nwfilter_gentech_driver.c | 209 +++++++++++++------------ src/nwfilter/nwfilter_gentech_driver.h | 22 ++- src/nwfilter/nwfilter_learnipaddr.c | 16 +- 5 files changed, 167 insertions(+), 137 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcp= snoop.c index aff062ca7c..f24fec1638 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -497,15 +497,18 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIP= LeasePtr ipl, =20 /* instantiate the filters */ =20 - if (req->ifname) + if (req->ifname) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->vars, + }; rc =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->vars); + &binding, + req->ifindex); + } =20 exit_snooprequnlock: virNWFilterSnoopReqUnlock(req); @@ -884,14 +887,16 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr re= q, goto skip_instantiate; =20 if (ipAddrLeft) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->vars, + }; ret =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->vars); + &binding, + req->ifindex); } else { virNWFilterVarValuePtr dhcpsrvrs =3D virHashLookup(req->vars, NWFILTER_VARNAME_DHCPSERVER); diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index d17a8ec00b..b57e5dd00d 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -38,6 +38,7 @@ #include "domain_conf.h" #include "domain_nwfilter.h" #include "nwfilter_driver.h" +#include "virnwfilterbindingdef.h" #include "nwfilter_gentech_driver.h" #include "configmake.h" #include "virfile.h" @@ -642,19 +643,34 @@ nwfilterGetXMLDesc(virNWFilterPtr nwfilter, =20 =20 static int -nwfilterInstantiateFilter(const char *vmname ATTRIBUTE_UNUSED, +nwfilterInstantiateFilter(const char *vmname, const unsigned char *vmuuid, virDomainNetDefPtr net) { - return virNWFilterInstantiateFilter(driver, vmuuid, net); + virNWFilterBindingDefPtr binding; + int ret; + + if (!(binding =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) + return -1; + ret =3D virNWFilterInstantiateFilter(driver, binding); + virNWFilterBindingDefFree(binding); + return ret; } =20 =20 static void nwfilterTeardownFilter(virDomainNetDefPtr net) { + virNWFilterBindingDef binding =3D { + .portdevname =3D net->ifname, + .linkdevname =3D (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT ? + net->data.direct.linkdev : NULL), + .mac =3D net->mac, + .filter =3D net->filter, + .filterparams =3D net->filterparams, + }; if ((net->ifname) && (net->filter)) - virNWFilterTeardownFilter(net); + virNWFilterTeardownFilter(&binding); } =20 =20 diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index af4411d4db..dc925dee16 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -577,12 +577,9 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr f= ilter, =20 /** * virNWFilterDoInstantiate: - * @vmuuid: The UUID of the VM * @techdriver: The driver to use for instantiation + * @binding: description of port to bind the filter to * @filter: The filter to instantiate - * @ifname: The name of the interface to apply the rules to - * @vars: A map holding variable names and values used for instantiating - * the filter and its subfilters. * @forceWithPendingReq: Ignore the check whether a pending learn request * is active; 'true' only when the rules are applied late * @@ -596,17 +593,13 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr = filter, * Call this function while holding the NWFilter filter update lock */ static int -virNWFilterDoInstantiate(const unsigned char *vmuuid, - virNWFilterTechDriverPtr techdriver, +virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver, + virNWFilterBindingDefPtr binding, virNWFilterDefPtr filter, - const char *ifname, int ifindex, - const char *linkdev, - virHashTablePtr vars, enum instCase useNewFilter, bool *foundNewFilter, bool teardownOld, - const virMacAddr *macaddr, virNWFilterDriverStatePtr driver, bool forceWithPendingReq) { @@ -628,14 +621,14 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, } =20 rc =3D virNWFilterDetermineMissingVarsRec(filter, - vars, + binding->filterparams, missing_vars, useNewFilter, driver); if (rc < 0) goto err_exit; =20 - lv =3D virHashLookup(vars, NWFILTER_VARNAME_CTRL_IP_LEARNING); + lv =3D virHashLookup(binding->filterparams, NWFILTER_VARNAME_CTRL_IP_L= EARNING); if (lv) learning =3D virNWFilterVarValueGetNthValue(lv, 0); else @@ -652,19 +645,20 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, goto err_unresolvable_vars; } if (STRCASEEQ(learning, "dhcp")) { - rc =3D virNWFilterDHCPSnoopReq(techdriver, ifname, linkdev, - vmuuid, macaddr, - filter->name, vars, driver); + rc =3D virNWFilterDHCPSnoopReq(techdriver, binding->portde= vname, + binding->linkdevname, + binding->owneruuid, &binding-= >mac, + filter->name, binding->filter= params, driver); goto err_exit; } else if (STRCASEEQ(learning, "any")) { if (!virNWFilterHasLearnReq(ifindex)) { rc =3D virNWFilterLearnIPAddress(techdriver, - ifname, + binding->portdevname, ifindex, - linkdev, - macaddr, + binding->linkdevname, + &binding->mac, filter->name, - vars, driver, + binding->filterparams, = driver, DETECT_DHCP|DETECT_STAT= IC); } goto err_exit; @@ -688,7 +682,7 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, =20 rc =3D virNWFilterDefToInst(driver, filter, - vars, + binding->filterparams, useNewFilter, foundNewFilter, &inst); =20 @@ -705,22 +699,22 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, } =20 if (instantiate) { - if (virNWFilterLockIface(ifname) < 0) + if (virNWFilterLockIface(binding->portdevname) < 0) goto err_exit; =20 - rc =3D techdriver->applyNewRules(ifname, inst.rules, inst.nrules); + rc =3D techdriver->applyNewRules(binding->portdevname, inst.rules,= inst.nrules); =20 if (teardownOld && rc =3D=3D 0) - techdriver->tearOldRules(ifname); + techdriver->tearOldRules(binding->portdevname); =20 - if (rc =3D=3D 0 && (virNetDevValidateConfig(ifname, NULL, ifindex)= <=3D 0)) { + if (rc =3D=3D 0 && (virNetDevValidateConfig(binding->portdevname, = NULL, ifindex) <=3D 0)) { virResetLastError(); /* interface changed/disppeared */ - techdriver->allTeardown(ifname); + techdriver->allTeardown(binding->portdevname); rc =3D -1; } =20 - virNWFilterUnlockIface(ifname); + virNWFilterUnlockIface(binding->portdevname); } =20 err_exit: @@ -749,14 +743,9 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, */ static int virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, bool teardownOld, - const char *ifname, + virNWFilterBindingDefPtr binding, int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, enum instCase useNewFilter, bool forceWithPendingReq, bool *foundNewFilter) @@ -765,7 +754,6 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverSta= tePtr driver, const char *drvname =3D EBIPTABLES_DRIVER_ID; virNWFilterTechDriverPtr techdriver; virNWFilterObjPtr obj; - virHashTablePtr vars, vars1; virNWFilterDefPtr filter; virNWFilterDefPtr newFilter; char vmmacaddr[VIR_MAC_STRING_BUFLEN] =3D {0}; @@ -781,29 +769,22 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, return -1; } =20 - VIR_DEBUG("filter name: %s", filtername); + VIR_DEBUG("filter name: %s", binding->filter); =20 if (!(obj =3D virNWFilterObjListFindInstantiateFilter(driver->nwfilter= s, - filtername))) + binding->filter))) return -1; =20 - virMacAddrFormat(macaddr, vmmacaddr); + virMacAddrFormat(&binding->mac, vmmacaddr); =20 - ipaddr =3D virNWFilterIPAddrMapGetIPAddr(ifname); + ipaddr =3D virNWFilterIPAddrMapGetIPAddr(binding->portdevname); =20 - vars1 =3D virNWFilterCreateVarHashmap(vmmacaddr, ipaddr); - if (!vars1) { + if (virNWFilterVarHashmapAddStdValues(binding->filterparams, + vmmacaddr, ipaddr) < 0) { rc =3D -1; goto err_exit; } =20 - vars =3D virNWFilterCreateVarsFrom(vars1, - filterparams); - if (!vars) { - rc =3D -1; - goto err_exit_vars1; - } - filter =3D virNWFilterObjGetDef(obj); =20 switch (useNewFilter) { @@ -819,17 +800,11 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, break; } =20 - rc =3D virNWFilterDoInstantiate(vmuuid, techdriver, filter, - ifname, ifindex, linkdev, - vars, useNewFilter, foundNewFilter, - teardownOld, macaddr, driver, + rc =3D virNWFilterDoInstantiate(techdriver, binding, filter, + ifindex, useNewFilter, foundNewFilter, + teardownOld, driver, forceWithPendingReq); =20 - virHashFree(vars); - - err_exit_vars1: - virHashFree(vars1); - err_exit: virNWFilterObjUnlock(obj); =20 @@ -839,15 +814,11 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, =20 static int virNWFilterInstantiateFilterInternal(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool teardownOld, enum instCase useNewFilter, bool *foundNewFilter) { - const char *linkdev =3D (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT) - ? net->data.direct.linkdev - : NULL; int ifindex; int rc; =20 @@ -856,8 +827,8 @@ virNWFilterInstantiateFilterInternal(virNWFilterDriverS= tatePtr driver, /* after grabbing the filter update lock check for the interface; if it's not there anymore its filters will be or are being removed (while holding the lock) and we don't want to build new ones */ - if (virNetDevExists(net->ifname) !=3D 1 || - virNetDevGetIndex(net->ifname, &ifindex) < 0) { + if (virNetDevExists(binding->portdevname) !=3D 1 || + virNetDevGetIndex(binding->portdevname, &ifindex) < 0) { /* interfaces / VMs can disappear during filter instantiation; don't mark it as an error */ virResetLastError(); @@ -865,10 +836,10 @@ virNWFilterInstantiateFilterInternal(virNWFilterDrive= rStatePtr driver, goto cleanup; } =20 - rc =3D virNWFilterInstantiateFilterUpdate(driver, vmuuid, teardownOld, - net->ifname, ifindex, linkdev, - &net->mac, net->filter, - net->filterparams, useNewFilte= r, + rc =3D virNWFilterInstantiateFilterUpdate(driver, teardownOld, + binding, + ifindex, + useNewFilter, false, foundNewFilter); =20 cleanup: @@ -880,13 +851,8 @@ virNWFilterInstantiateFilterInternal(virNWFilterDriver= StatePtr driver, =20 int virNWFilterInstantiateFilterLate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const char *ifname, - int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams) + virNWFilterBindingDefPtr binding, + int ifindex) { int rc; bool foundNewFilter =3D false; @@ -894,18 +860,17 @@ virNWFilterInstantiateFilterLate(virNWFilterDriverSta= tePtr driver, virNWFilterReadLockFilterUpdates(); virMutexLock(&updateMutex); =20 - rc =3D virNWFilterInstantiateFilterUpdate(driver, vmuuid, true, - ifname, ifindex, linkdev, - macaddr, filtername, filterpar= ams, + rc =3D virNWFilterInstantiateFilterUpdate(driver, true, + binding, ifindex, INSTANTIATE_ALWAYS, true, &foundNewFilter); if (rc < 0) { /* something went wrong... 'DOWN' the interface */ - if ((virNetDevValidateConfig(ifname, NULL, ifindex) <=3D 0) || - (virNetDevSetOnline(ifname, false) < 0)) { + if ((virNetDevValidateConfig(binding->portdevname, NULL, ifindex) = <=3D 0) || + (virNetDevSetOnline(binding->portdevname, false) < 0)) { virResetLastError(); /* assuming interface disappeared... */ - _virNWFilterTeardownFilter(ifname); + _virNWFilterTeardownFilter(binding->portdevname); } } =20 @@ -918,12 +883,11 @@ virNWFilterInstantiateFilterLate(virNWFilterDriverSta= tePtr driver, =20 int virNWFilterInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net) + virNWFilterBindingDefPtr binding) { bool foundNewFilter =3D false; =20 - return virNWFilterInstantiateFilterInternal(driver, vmuuid, net, + return virNWFilterInstantiateFilterInternal(driver, binding, 1, INSTANTIATE_ALWAYS, &foundNewFilter); @@ -932,13 +896,12 @@ virNWFilterInstantiateFilter(virNWFilterDriverStatePt= r driver, =20 int virNWFilterUpdateInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool *skipIface) { bool foundNewFilter =3D false; =20 - int rc =3D virNWFilterInstantiateFilterInternal(driver, vmuuid, net, + int rc =3D virNWFilterInstantiateFilterInternal(driver, binding, 0, INSTANTIATE_FOLLOW_NEWFI= LTER, &foundNewFilter); @@ -948,7 +911,7 @@ virNWFilterUpdateInstantiateFilter(virNWFilterDriverSta= tePtr driver, } =20 static int -virNWFilterRollbackUpdateFilter(const virDomainNetDef *net) +virNWFilterRollbackUpdateFilter(virNWFilterBindingDefPtr binding) { const char *drvname =3D EBIPTABLES_DRIVER_ID; int ifindex; @@ -964,17 +927,17 @@ virNWFilterRollbackUpdateFilter(const virDomainNetDef= *net) } =20 /* don't tear anything while the address is being learned */ - if (virNetDevGetIndex(net->ifname, &ifindex) < 0) + if (virNetDevGetIndex(binding->portdevname, &ifindex) < 0) virResetLastError(); else if (virNWFilterHasLearnReq(ifindex)) return 0; =20 - return techdriver->tearNewRules(net->ifname); + return techdriver->tearNewRules(binding->portdevname); } =20 =20 static int -virNWFilterTearOldFilter(virDomainNetDefPtr net) +virNWFilterTearOldFilter(virNWFilterBindingDefPtr binding) { const char *drvname =3D EBIPTABLES_DRIVER_ID; int ifindex; @@ -990,12 +953,12 @@ virNWFilterTearOldFilter(virDomainNetDefPtr net) } =20 /* don't tear anything while the address is being learned */ - if (virNetDevGetIndex(net->ifname, &ifindex) < 0) + if (virNetDevGetIndex(binding->portdevname, &ifindex) < 0) virResetLastError(); else if (virNWFilterHasLearnReq(ifindex)) return 0; =20 - return techdriver->tearOldRules(net->ifname); + return techdriver->tearOldRules(binding->portdevname); } =20 =20 @@ -1032,11 +995,11 @@ _virNWFilterTeardownFilter(const char *ifname) =20 =20 int -virNWFilterTeardownFilter(const virDomainNetDef *net) +virNWFilterTeardownFilter(virNWFilterBindingDefPtr binding) { int ret; virMutexLock(&updateMutex); - ret =3D _virNWFilterTeardownFilter(net->ifname); + ret =3D _virNWFilterTeardownFilter(binding->portdevname); virMutexUnlock(&updateMutex); return ret; } @@ -1057,12 +1020,16 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, if (virDomainObjIsActive(obj)) { for (i =3D 0; i < vm->nnets; i++) { virDomainNetDefPtr net =3D vm->nets[i]; - if ((net->filter) && (net->ifname)) { + virNWFilterBindingDefPtr binding; + + if ((net->filter) && (net->ifname) && + (binding =3D virNWFilterBindingDefForNet( + vm->name, vm->uuid, net))) { + switch (cb->step) { case STEP_APPLY_NEW: ret =3D virNWFilterUpdateInstantiateFilter(cb->opaque, - vm->uuid, - net, + binding, &skipIface); if (ret =3D=3D 0 && skipIface) { /* filter tree unchanged -- no update needed */ @@ -1074,24 +1041,24 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, =20 case STEP_TEAR_NEW: if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterRollbackUpdateFilter(net); + ret =3D virNWFilterRollbackUpdateFilter(binding); break; =20 case STEP_TEAR_OLD: if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterTearOldFilter(net); + ret =3D virNWFilterTearOldFilter(binding); break; =20 case STEP_APPLY_CURRENT: ret =3D virNWFilterInstantiateFilter(cb->opaque, - vm->uuid, - net); + binding); if (ret) virReportError(VIR_ERR_INTERNAL_ERROR, _("Failure while applying current f= ilter on " "VM %s"), vm->name); break; } + virNWFilterBindingDefFree(binding); if (ret) break; } @@ -1101,3 +1068,45 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, virObjectUnlock(obj); return ret; } + + +virNWFilterBindingDefPtr +virNWFilterBindingDefForNet(const char *vmname, + const unsigned char *vmuuid, + virDomainNetDefPtr net) +{ + virNWFilterBindingDefPtr ret; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + if (VIR_STRDUP(ret->ownername, vmname) < 0) + goto error; + + memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid)); + + if (VIR_STRDUP(ret->portdevname, net->ifname) < 0) + goto error; + + if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT && + VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0) + goto error; + + ret->mac =3D net->mac; + + if (VIR_STRDUP(ret->filter, net->filter) < 0) + goto error; + + if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) + goto error; + + if (net->filterparams && + virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) <= 0) + goto error; + + return ret; + + error: + virNWFilterBindingDefFree(ret); + return NULL; +} diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter= _gentech_driver.h index 9e43a159c3..6b51096a0d 100644 --- a/src/nwfilter/nwfilter_gentech_driver.h +++ b/src/nwfilter/nwfilter_gentech_driver.h @@ -25,6 +25,7 @@ # define __NWFILTER_GENTECH_DRIVER_H =20 # include "virnwfilterobj.h" +# include "virnwfilterbindingdef.h" # include "nwfilter_tech_driver.h" =20 virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name); @@ -39,23 +40,16 @@ enum instCase { =20 =20 int virNWFilterInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net); + virNWFilterBindingDefPtr binding); int virNWFilterUpdateInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool *skipIface); =20 int virNWFilterInstantiateFilterLate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const char *ifname, - int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams); + virNWFilterBindingDefPtr binding, + int ifindex); =20 -int virNWFilterTeardownFilter(const virDomainNetDef *net); +int virNWFilterTeardownFilter(virNWFilterBindingDefPtr binding); =20 virHashTablePtr virNWFilterCreateVarHashmap(const char *macaddr, const virNWFilterVarValue *val= ue); @@ -63,4 +57,8 @@ virHashTablePtr virNWFilterCreateVarHashmap(const char *m= acaddr, int virNWFilterDomainFWUpdateCB(virDomainObjPtr vm, void *data); =20 +virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname, + const unsigned char *= vmuuid, + virDomainNetDefPtr ne= t); + #endif diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_le= arnipaddr.c index cc3bfd971c..5080b73004 100644 --- a/src/nwfilter/nwfilter_learnipaddr.c +++ b/src/nwfilter/nwfilter_learnipaddr.c @@ -643,19 +643,21 @@ learnIPAddressThread(void *arg) virNWFilterUnlockIface(req->ifname); =20 if ((inetaddr =3D virSocketAddrFormat(&sa)) !=3D NULL) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->filterparams, + }; if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) { VIR_ERROR(_("Failed to add IP address %s to IP address " "cache for interface %s"), inetaddr, req->ifname= ); } =20 ret =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->filterparams); + &binding, + req->ifindex); VIR_DEBUG("Result from applying firewall rules on " "%s with IP addr %s : %d", req->ifname, inetaddr, re= t); VIR_FREE(inetaddr); --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406257121621.8189518567663; Tue, 15 May 2018 10:44:17 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1F6213184ECC; Tue, 15 May 2018 17:44:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D4FF81001925; Tue, 15 May 2018 17:44:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 86411180BACF; Tue, 15 May 2018 17:44:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhnIx004279 for ; Tue, 15 May 2018 13:43:50 -0400 Received: by smtp.corp.redhat.com (Postfix) id C406B112D19A; Tue, 15 May 2018 17:43:49 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4F582112D198; Tue, 15 May 2018 17:43:49 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:28 +0100 Message-Id: <20180515174337.11287-13-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 12/21] nwfilter: convert IP address learning code to virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Tue, 15 May 2018 17:44:16 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Use the virNWFilterBindingDefPTr struct in the IP address learning code directly. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_gentech_driver.c | 7 +- src/nwfilter/nwfilter_learnipaddr.c | 98 +++++++------------------- src/nwfilter/nwfilter_learnipaddr.h | 7 +- 3 files changed, 31 insertions(+), 81 deletions(-) diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index dc925dee16..80b80d3a28 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -653,12 +653,9 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr tech= driver, } else if (STRCASEEQ(learning, "any")) { if (!virNWFilterHasLearnReq(ifindex)) { rc =3D virNWFilterLearnIPAddress(techdriver, - binding->portdevname, + binding, ifindex, - binding->linkdevname, - &binding->mac, - filter->name, - binding->filterparams, = driver, + driver, DETECT_DHCP|DETECT_STAT= IC); } goto err_exit; diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_le= arnipaddr.c index 5080b73004..2149b4af69 100644 --- a/src/nwfilter/nwfilter_learnipaddr.c +++ b/src/nwfilter/nwfilter_learnipaddr.c @@ -137,12 +137,8 @@ typedef struct _virNWFilterIPAddrLearnReq virNWFilterI= PAddrLearnReq; typedef virNWFilterIPAddrLearnReq *virNWFilterIPAddrLearnReqPtr; struct _virNWFilterIPAddrLearnReq { virNWFilterTechDriverPtr techdriver; - char ifname[IF_NAMESIZE]; int ifindex; - char linkdev[IF_NAMESIZE]; - virMacAddr macaddr; - char *filtername; - virHashTablePtr filterparams; + virNWFilterBindingDefPtr binding; virNWFilterDriverStatePtr driver; enum howDetect howDetect; =20 @@ -232,8 +228,7 @@ virNWFilterIPAddrLearnReqFree(virNWFilterIPAddrLearnReq= Ptr req) if (!req) return; =20 - VIR_FREE(req->filtername); - virHashFree(req->filterparams); + virNWFilterBindingDefFree(req->binding); =20 VIR_FREE(req); } @@ -404,8 +399,9 @@ learnIPAddressThread(void *arg) virNWFilterIPAddrLearnReqPtr req =3D arg; uint32_t vmaddr =3D 0, bcastaddr =3D 0; unsigned int ethHdrSize; - char *listen_if =3D (strlen(req->linkdev) !=3D 0) ? req->linkdev - : req->ifname; + char *listen_if =3D (req->binding->linkdevname ? + req->binding->linkdevname : + req->binding->portdevname); int dhcp_opts_len; char macaddr[VIR_MAC_STRING_BUFLEN]; virBuffer buf =3D VIR_BUFFER_INITIALIZER; @@ -415,13 +411,13 @@ learnIPAddressThread(void *arg) enum howDetect howDetected =3D 0; virNWFilterTechDriverPtr techdriver =3D req->techdriver; =20 - if (virNWFilterLockIface(req->ifname) < 0) + if (virNWFilterLockIface(req->binding->portdevname) < 0) goto err_no_lock; =20 req->status =3D 0; =20 /* anything change to the VM's interface -- check at least once */ - if (virNetDevValidateConfig(req->ifname, NULL, req->ifindex) <=3D 0) { + if (virNetDevValidateConfig(req->binding->portdevname, NULL, req->ifin= dex) <=3D 0) { virResetLastError(); req->status =3D ENODEV; goto done; @@ -435,12 +431,12 @@ learnIPAddressThread(void *arg) goto done; } =20 - virMacAddrFormat(&req->macaddr, macaddr); + virMacAddrFormat(&req->binding->mac, macaddr); =20 switch (req->howDetect) { case DETECT_DHCP: - if (techdriver->applyDHCPOnlyRules(req->ifname, - &req->macaddr, + if (techdriver->applyDHCPOnlyRules(req->binding->portdevname, + &req->binding->mac, NULL, false) < 0) { req->status =3D EINVAL; goto done; @@ -448,8 +444,8 @@ learnIPAddressThread(void *arg) virBufferAddLit(&buf, "src port 67 and dst port 68"); break; case DETECT_STATIC: - if (techdriver->applyBasicRules(req->ifname, - &req->macaddr) < 0) { + if (techdriver->applyBasicRules(req->binding->portdevname, + &req->binding->mac) < 0) { req->status =3D EINVAL; goto done; } @@ -495,7 +491,7 @@ learnIPAddressThread(void *arg) } =20 /* check whether VM's dev is still there */ - if (virNetDevValidateConfig(req->ifname, NULL, req->ifindex) <= =3D 0) { + if (virNetDevValidateConfig(req->binding->portdevname, NULL, r= eq->ifindex) <=3D 0) { virResetLastError(); req->status =3D ENODEV; showError =3D false; @@ -527,7 +523,7 @@ learnIPAddressThread(void *arg) continue; } =20 - if (virMacAddrCmpRaw(&req->macaddr, ether_hdr->ether_shost) = =3D=3D 0) { + if (virMacAddrCmpRaw(&req->binding->mac, ether_hdr->ether_shos= t) =3D=3D 0) { /* packets from the VM */ =20 if (etherType =3D=3D ETHERTYPE_IP && @@ -566,7 +562,7 @@ learnIPAddressThread(void *arg) break; } } - } else if (virMacAddrCmpRaw(&req->macaddr, + } else if (virMacAddrCmpRaw(&req->binding->mac, ether_hdr->ether_dhost) =3D=3D 0 || /* allow Broadcast replies from DHCP server */ virMacAddrIsBroadcastRaw(ether_hdr->ether_dhost)) { @@ -596,7 +592,7 @@ learnIPAddressThread(void *arg) ((char *)udphdr + sizeof(udphdr)); if (dhcp->op =3D=3D 2 /* BOOTREPLY */ && virMacAddrCmpRaw( - &req->macaddr, + &req->binding->mac, &dhcp->chaddr[0]) =3D=3D 0) { dhcp_opts_len =3D header.len - (ethHdrSize + iphdr->ihl * 4 + @@ -640,26 +636,19 @@ learnIPAddressThread(void *arg) * Also it is safe to unlock interface here because we stopped * capturing and applied necessary rules on the interface, while * instantiating a new filter doesn't require a locked interface.*/ - virNWFilterUnlockIface(req->ifname); + virNWFilterUnlockIface(req->binding->portdevname); =20 if ((inetaddr =3D virSocketAddrFormat(&sa)) !=3D NULL) { - virNWFilterBindingDef binding =3D { - .portdevname =3D req->ifname, - .linkdevname =3D req->linkdev, - .mac =3D req->macaddr, - .filter =3D req->filtername, - .filterparams =3D req->filterparams, - }; - if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) { + if (virNWFilterIPAddrMapAddIPAddr(req->binding->portdevname, i= netaddr) < 0) { VIR_ERROR(_("Failed to add IP address %s to IP address " - "cache for interface %s"), inetaddr, req->ifname= ); + "cache for interface %s"), inetaddr, req->bindin= g->portdevname); } =20 ret =3D virNWFilterInstantiateFilterLate(req->driver, - &binding, + req->binding, req->ifindex); VIR_DEBUG("Result from applying firewall rules on " - "%s with IP addr %s : %d", req->ifname, inetaddr, re= t); + "%s with IP addr %s : %d", req->binding->portdevname= , inetaddr, ret); VIR_FREE(inetaddr); } } else { @@ -667,13 +656,13 @@ learnIPAddressThread(void *arg) virReportSystemError(req->status, _("encountered an error on interface %s " "index %d"), - req->ifname, req->ifindex); + req->binding->portdevname, req->ifindex); =20 - techdriver->applyDropAllRules(req->ifname); - virNWFilterUnlockIface(req->ifname); + techdriver->applyDropAllRules(req->binding->portdevname); + virNWFilterUnlockIface(req->binding->portdevname); } =20 - VIR_DEBUG("pcap thread terminating for interface %s", req->ifname); + VIR_DEBUG("pcap thread terminating for interface %s", req->binding->po= rtdevname); =20 =20 err_no_lock: @@ -706,19 +695,14 @@ learnIPAddressThread(void *arg) */ int virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver, - const char *ifname, + virNWFilterBindingDefPtr binding, int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, virNWFilterDriverStatePtr driver, enum howDetect howDetect) { int rc; virThread thread; virNWFilterIPAddrLearnReqPtr req =3D NULL; - virHashTablePtr ht =3D NULL; =20 if (howDetect =3D=3D 0) return -1; @@ -734,37 +718,11 @@ virNWFilterLearnIPAddress(virNWFilterTechDriverPtr te= chdriver, if (VIR_ALLOC(req) < 0) goto err_no_req; =20 - ht =3D virNWFilterHashTableCreate(0); - if (ht =3D=3D NULL) + if (!(req->binding =3D virNWFilterBindingDefCopy(binding))) goto err_free_req; =20 - if (virNWFilterHashTablePutAll(filterparams, ht) < 0) - goto err_free_ht; - - if (VIR_STRDUP(req->filtername, filtername) < 0) - goto err_free_ht; - - if (virStrcpyStatic(req->ifname, ifname) =3D=3D NULL) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Destination buffer for ifname ('%s') " - "not large enough"), ifname); - goto err_free_ht; - } - - if (linkdev) { - if (virStrcpyStatic(req->linkdev, linkdev) =3D=3D NULL) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Destination buffer for linkdev ('%s') " - "not large enough"), linkdev); - goto err_free_ht; - } - } - req->ifindex =3D ifindex; - virMacAddrSet(&req->macaddr, macaddr); req->driver =3D driver; - req->filterparams =3D ht; - ht =3D NULL; req->howDetect =3D howDetect; req->techdriver =3D techdriver; =20 @@ -783,8 +741,6 @@ virNWFilterLearnIPAddress(virNWFilterTechDriverPtr tech= driver, =20 err_dereg_req: virNWFilterDeregisterLearnReq(ifindex); - err_free_ht: - virHashFree(ht); err_free_req: virNWFilterIPAddrLearnReqFree(req); err_no_req: diff --git a/src/nwfilter/nwfilter_learnipaddr.h b/src/nwfilter/nwfilter_le= arnipaddr.h index 06fea5bff8..412855e66c 100644 --- a/src/nwfilter/nwfilter_learnipaddr.h +++ b/src/nwfilter/nwfilter_learnipaddr.h @@ -28,6 +28,7 @@ =20 # include "conf/nwfilter_params.h" # include "nwfilter_tech_driver.h" +# include "virnwfilterbindingdef.h" # include =20 enum howDetect { @@ -36,12 +37,8 @@ enum howDetect { }; =20 int virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver, - const char *ifname, + virNWFilterBindingDefPtr binding, int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, virNWFilterDriverStatePtr driver, enum howDetect howDetect); =20 --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406262369227.00547972921595; Tue, 15 May 2018 10:44:22 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A4E8A30C7420; Tue, 15 May 2018 17:44:20 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6EB2A6313B; Tue, 15 May 2018 17:44:20 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 19F113FA56; Tue, 15 May 2018 17:44:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhoXt004289 for ; Tue, 15 May 2018 13:43:50 -0400 Received: by smtp.corp.redhat.com (Postfix) id 82E39112D197; Tue, 15 May 2018 17:43:50 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 08447112D198; Tue, 15 May 2018 17:43:49 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:29 +0100 Message-Id: <20180515174337.11287-14-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 13/21] nwfilter: convert DHCP address snooping code to virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Tue, 15 May 2018 17:44:21 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Use the virNWFilterBindingDefPtr struct in the DHCP address snooping code directly. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_dhcpsnoop.c | 150 ++++++++++--------------- src/nwfilter/nwfilter_dhcpsnoop.h | 7 +- src/nwfilter/nwfilter_gentech_driver.c | 7 +- 3 files changed, 61 insertions(+), 103 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcp= snoop.c index f24fec1638..f6bcc3bcc7 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -135,13 +135,9 @@ struct _virNWFilterSnoopReq { int refctr; =20 virNWFilterTechDriverPtr techdriver; - char *ifname; + virNWFilterBindingDefPtr binding; int ifindex; - char *linkdev; char ifkey[VIR_IFKEY_LEN]; - virMacAddr macaddr; - char *filtername; - virHashTablePtr vars; virNWFilterDriverStatePtr driver; /* start and end of lease list, ordered by lease time */ virNWFilterSnoopIPLeasePtr start; @@ -484,10 +480,10 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIP= LeasePtr ipl, =20 req =3D ipl->snoopReq; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (virNWFilterIPAddrMapAddIPAddr(req->ifname, ipaddr) < 0) + if (virNWFilterIPAddrMapAddIPAddr(req->binding->portdevname, ipaddr) <= 0) goto exit_snooprequnlock; =20 if (!instantiate) { @@ -497,16 +493,9 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPL= easePtr ipl, =20 /* instantiate the filters */ =20 - if (req->ifname) { - virNWFilterBindingDef binding =3D { - .portdevname =3D req->ifname, - .linkdevname =3D req->linkdev, - .mac =3D req->macaddr, - .filter =3D req->filtername, - .filterparams =3D req->vars, - }; + if (req->binding->portdevname) { rc =3D virNWFilterInstantiateFilterLate(req->driver, - &binding, + req->binding, req->ifindex); } =20 @@ -647,10 +636,7 @@ virNWFilterSnoopReqFree(virNWFilterSnoopReqPtr req) virNWFilterSnoopReqLeaseDel(req, &ipl->ipAddress, false, false); =20 /* free all req data */ - VIR_FREE(req->ifname); - VIR_FREE(req->linkdev); - VIR_FREE(req->filtername); - virHashFree(req->vars); + virNWFilterBindingDefFree(req->binding); =20 virMutexDestroy(&req->lock); virCondDestroy(&req->threadStatusCond); @@ -881,28 +867,23 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr re= q, if (update_leasefile) virNWFilterSnoopLeaseFileSave(ipl); =20 - ipAddrLeft =3D virNWFilterIPAddrMapDelIPAddr(req->ifname, ipstr); + ipAddrLeft =3D virNWFilterIPAddrMapDelIPAddr(req->binding->portdevname= , ipstr); =20 if (!req->threadkey || !instantiate) goto skip_instantiate; =20 if (ipAddrLeft) { - virNWFilterBindingDef binding =3D { - .portdevname =3D req->ifname, - .linkdevname =3D req->linkdev, - .mac =3D req->macaddr, - .filter =3D req->filtername, - .filterparams =3D req->vars, - }; ret =3D virNWFilterInstantiateFilterLate(req->driver, - &binding, + req->binding, req->ifindex); } else { virNWFilterVarValuePtr dhcpsrvrs =3D - virHashLookup(req->vars, NWFILTER_VARNAME_DHCPSERVER); + virHashLookup(req->binding->filterparams, + NWFILTER_VARNAME_DHCPSERVER); =20 if (req->techdriver && - req->techdriver->applyDHCPOnlyRules(req->ifname, &req->macaddr, + req->techdriver->applyDHCPOnlyRules(req->binding->portdevname, + &req->binding->mac, dhcpsrvrs, false) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("virNWFilterSnoopListDel failed")); @@ -1032,7 +1013,7 @@ virNWFilterSnoopDHCPDecode(virNWFilterSnoopReqPtr req, * inside the DHCP response */ if (!fromVM) { - if (virMacAddrCmpRaw(&req->macaddr, + if (virMacAddrCmpRaw(&req->binding->mac, (unsigned char *)&pd->d_chaddr) !=3D 0) return -2; } @@ -1194,7 +1175,7 @@ static void virNWFilterDHCPDecodeWorker(void *jobdata= , void *opaque) =20 virReportError(VIR_ERR_INTERNAL_ERROR, _("Instantiation of rules failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); } virAtomicIntDecAndTest(job->qCtr); VIR_FREE(job); @@ -1403,13 +1384,14 @@ virNWFilterDHCPSnoopThread(void *req0) =20 /* whoever started us increased the reference counter for the req for = us */ =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname && req->threadkey) { + if (req->binding->portdevname && req->threadkey) { for (i =3D 0; i < ARRAY_CARDINALITY(pcapConf); i++) { pcapConf[i].handle =3D - virNWFilterSnoopDHCPOpen(req->ifname, &req->macaddr, + virNWFilterSnoopDHCPOpen(req->binding->portdevname, + &req->binding->mac, pcapConf[i].filter, pcapConf[i].dir); if (!pcapConf[i].handle) { @@ -1418,7 +1400,7 @@ virNWFilterDHCPSnoopThread(void *req0) } fds[i].fd =3D pcap_fileno(pcapConf[i].handle); } - tmp =3D virNetDevGetIndex(req->ifname, &ifindex); + tmp =3D virNetDevGetIndex(req->binding->portdevname, &ifindex); ignore_value(VIR_STRDUP(threadkey, req->threadkey)); worker =3D virThreadPoolNew(1, 1, 0, virNWFilterDHCPDecodeWorker, @@ -1483,11 +1465,11 @@ virNWFilterDHCPSnoopThread(void *req0) /* error reading from socket */ tmp =3D -1; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname) - tmp =3D virNetDevValidateConfig(req->ifname, NULL, ifi= ndex); + if (req->binding->portdevname) + tmp =3D virNetDevValidateConfig(req->binding->portdevn= ame, NULL, ifindex); =20 virNWFilterSnoopReqUnlock(req); =20 @@ -1500,16 +1482,17 @@ virNWFilterDHCPSnoopThread(void *req0) pcap_close(pcapConf[i].handle); pcapConf[i].handle =3D NULL; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 virReportError(VIR_ERR_INTERNAL_ERROR, _("interface '%s' failing; " "reopening"), - req->ifname); - if (req->ifname) + req->binding->portdevname); + if (req->binding->portdevname) pcapConf[i].handle =3D - virNWFilterSnoopDHCPOpen(req->ifname, &req->ma= caddr, + virNWFilterSnoopDHCPOpen(req->binding->portdev= name, + &req->binding->mac, pcapConf[i].filter, pcapConf[i].dir); =20 @@ -1535,7 +1518,7 @@ virNWFilterDHCPSnoopThread(void *req0) last_displayed_queue =3D time(0); VIR_WARN("Worker thread for interface '%s' has a " "job queue that is too long", - req->ifname); + req->binding->portdevname); } continue; } @@ -1548,7 +1531,7 @@ virNWFilterDHCPSnoopThread(void *req0) if (time(0) - last_displayed > 10) { last_displayed =3D time(0); VIR_WARN("Too many DHCP packets on interface '%s'= ", - req->ifname); + req->binding->portdevname); } continue; } @@ -1559,7 +1542,7 @@ virNWFilterDHCPSnoopThread(void *req0) &pcapConf[i].qCtr) <= 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Job submission failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->port= devname); error =3D true; break; } @@ -1570,15 +1553,15 @@ virNWFilterDHCPSnoopThread(void *req0) /* protect IfNameToKey */ virNWFilterSnoopLock(); =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 virNWFilterSnoopCancel(&req->threadkey); =20 ignore_value(virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, - req->ifname)); + req->binding->portdevname)); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); =20 virNWFilterSnoopReqUnlock(req); virNWFilterSnoopUnlock(); @@ -1611,12 +1594,7 @@ virNWFilterSnoopIFKeyFMT(char *ifkey, const unsigned= char *vmuuid, =20 int virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr techdriver, - const char *ifname, - const char *linkdev, - const unsigned char *vmuuid, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, + virNWFilterBindingDefPtr binding, virNWFilterDriverStatePtr driver) { virNWFilterSnoopReqPtr req; @@ -1627,7 +1605,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virNWFilterVarValuePtr dhcpsrvrs; bool threadPuts =3D false; =20 - virNWFilterSnoopIFKeyFMT(ifkey, vmuuid, macaddr); + virNWFilterSnoopIFKeyFMT(ifkey, binding->owneruuid, &binding->mac); =20 req =3D virNWFilterSnoopReqGetByIFKey(ifkey); isnewreq =3D (req =3D=3D NULL); @@ -1636,9 +1614,8 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virNWFilterSnoopReqPut(req); return 0; } - /* a recycled req may still have filtername and vars */ - VIR_FREE(req->filtername); - virHashFree(req->vars); + virNWFilterBindingDefFree(req->binding); + req->binding =3D NULL; } else { req =3D virNWFilterSnoopReqNew(ifkey); if (!req) @@ -1647,17 +1624,9 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tec= hdriver, =20 req->driver =3D driver; req->techdriver =3D techdriver; - tmp =3D virNetDevGetIndex(ifname, &req->ifindex); - virMacAddrSet(&req->macaddr, macaddr); - req->vars =3D virNWFilterHashTableCreate(0); - req->linkdev =3D NULL; - - if (VIR_STRDUP(req->ifname, ifname) < 0 || - VIR_STRDUP(req->filtername, filtername) < 0 || - VIR_STRDUP(req->linkdev, linkdev) < 0) + if ((tmp =3D virNetDevGetIndex(binding->portdevname, &req->ifindex)) <= 0) goto exit_snoopreqput; - - if (!req->vars || tmp < 0) + if (!(req->binding =3D virNWFilterBindingDefCopy(binding))) goto exit_snoopreqput; =20 /* check that all tools are available for applying the filters (late) = */ @@ -1669,10 +1638,11 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, goto exit_snoopreqput; } =20 - dhcpsrvrs =3D virHashLookup(filterparams, + dhcpsrvrs =3D virHashLookup(binding->filterparams, NWFILTER_VARNAME_DHCPSERVER); =20 - if (techdriver->applyDHCPOnlyRules(req->ifname, &req->macaddr, + if (techdriver->applyDHCPOnlyRules(req->binding->portdevname, + &req->binding->mac, dhcpsrvrs, false) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("applyDHCPOnlyRules " @@ -1680,20 +1650,14 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, goto exit_snoopreqput; } =20 - if (virNWFilterHashTablePutAll(filterparams, req->vars) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("virNWFilterDHCPSnoopReq: can't copy variables" - " on if %s"), ifkey); - goto exit_snoopreqput; - } - virNWFilterSnoopLock(); =20 - if (virHashAddEntry(virNWFilterSnoopState.ifnameToKey, ifname, + if (virHashAddEntry(virNWFilterSnoopState.ifnameToKey, + req->binding->portdevname, req->ifkey) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq ifname map failed" - " on interface \"%s\" key \"%s\""), ifname, + " on interface \"%s\" key \"%s\""), binding->port= devname, ifkey); goto exit_snoopunlock; } @@ -1702,7 +1666,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virHashAddEntry(virNWFilterSnoopState.snoopReqs, ifkey, req) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq req add failed on" - " interface \"%s\" ifkey \"%s\""), ifname, + " interface \"%s\" ifkey \"%s\""), binding->portd= evname, ifkey); goto exit_rem_ifnametokey; } @@ -1714,7 +1678,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, req) !=3D 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq virThreadCreate " - "failed on interface '%s'"), ifname); + "failed on interface '%s'"), binding->portdevname= ); goto exit_snoopreq_unlock; } =20 @@ -1726,14 +1690,14 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, if (!req->threadkey) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Activation of snoop request failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); goto exit_snoopreq_unlock; } =20 if (virNWFilterSnoopReqRestore(req) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Restoring of leases failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); goto exit_snoop_cancel; } =20 @@ -1762,7 +1726,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, exit_snoopreq_unlock: virNWFilterSnoopReqUnlock(req); exit_rem_ifnametokey: - virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, ifname); + virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, binding->portdev= name); exit_snoopunlock: virNWFilterSnoopUnlock(); exit_snoopreqput: @@ -2070,21 +2034,21 @@ virNWFilterSnoopRemAllReqIter(const void *payload, { virNWFilterSnoopReqPtr req =3D (virNWFilterSnoopReqPtr)payload; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname) { + if (req->binding->portdevname) { ignore_value(virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, - req->ifname)); + req->binding->portdevname)); =20 /* * Remove all IP addresses known to be associated with this * interface so that a new thread will be started on this * interface */ - virNWFilterIPAddrMapDelIPAddr(req->ifname, NULL); + virNWFilterIPAddrMapDelIPAddr(req->binding->portdevname, NULL); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); } =20 virNWFilterSnoopReqUnlock(req); @@ -2187,13 +2151,13 @@ virNWFilterDHCPSnoopEnd(const char *ifname) goto cleanup; } =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 /* keep valid lease req; drop interface association */ virNWFilterSnoopCancel(&req->threadkey); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); =20 virNWFilterSnoopReqUnlock(req); =20 diff --git a/src/nwfilter/nwfilter_dhcpsnoop.h b/src/nwfilter/nwfilter_dhcp= snoop.h index a5925de40a..c693e1adbd 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.h +++ b/src/nwfilter/nwfilter_dhcpsnoop.h @@ -30,12 +30,7 @@ int virNWFilterDHCPSnoopInit(void); void virNWFilterDHCPSnoopShutdown(void); int virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr techdriver, - const char *ifname, - const char *linkdev, - const unsigned char *vmuuid, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, + virNWFilterBindingDefPtr binding, virNWFilterDriverStatePtr driver); void virNWFilterDHCPSnoopEnd(const char *ifname); #endif /* __NWFILTER_DHCPSNOOP_H */ diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index 80b80d3a28..30ae3970fb 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -645,10 +645,9 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr tech= driver, goto err_unresolvable_vars; } if (STRCASEEQ(learning, "dhcp")) { - rc =3D virNWFilterDHCPSnoopReq(techdriver, binding->portde= vname, - binding->linkdevname, - binding->owneruuid, &binding-= >mac, - filter->name, binding->filter= params, driver); + rc =3D virNWFilterDHCPSnoopReq(techdriver, + binding, + driver); goto err_exit; } else if (STRCASEEQ(learning, "any")) { if (!virNWFilterHasLearnReq(ifindex)) { --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406267461360.00406003465173; Tue, 15 May 2018 10:44:27 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D7EF330CFAF8; Tue, 15 May 2018 17:44:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A0195201635A; Tue, 15 May 2018 17:44:25 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 566CE3D3D3; Tue, 15 May 2018 17:44:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhpb4004295 for ; Tue, 15 May 2018 13:43:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3E0B2112D19A; Tue, 15 May 2018 17:43:51 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id BCFCD112D198; Tue, 15 May 2018 17:43:50 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:30 +0100 Message-Id: <20180515174337.11287-15-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 14/21] conf: report an error if nic needs filtering by no driver is present X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 15 May 2018 17:44:26 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 If a includes a filter name but the nwfilter driver is not present we silently do nothing. This is very bad, because an application that thinks it is protected by malicious guest traffic will in fact be vulnerable. Reporting an error gives the administrator the ability to know there is a problem and fix it. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/domain_nwfilter.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_nwfilter.c b/src/conf/domain_nwfilter.c index e360aceeba..7570e0ae83 100644 --- a/src/conf/domain_nwfilter.c +++ b/src/conf/domain_nwfilter.c @@ -28,6 +28,9 @@ #include "datatypes.h" #include "domain_conf.h" #include "domain_nwfilter.h" +#include "virerror.h" + +#define VIR_FROM_THIS VIR_FROM_NWFILTER =20 static virDomainConfNWFilterDriverPtr nwfilterDriver; =20 @@ -44,8 +47,10 @@ virDomainConfNWFilterInstantiate(const char *vmname, { if (nwfilterDriver !=3D NULL) return nwfilterDriver->instantiateFilter(vmname, vmuuid, net); - /* driver module not available -- don't indicate failure */ - return 0; + + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("No network filter driver available")); + return -1; } =20 void --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406245477730.4361168164255; Tue, 15 May 2018 10:44:05 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8E4A59C0DC; Tue, 15 May 2018 17:44:03 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 577D0600C0; Tue, 15 May 2018 17:44:03 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 04F91180B5B2; Tue, 15 May 2018 17:44:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhqHt004303 for ; Tue, 15 May 2018 13:43:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0E59E112D197; Tue, 15 May 2018 17:43:52 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 769CF10A7E3B; Tue, 15 May 2018 17:43:51 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:31 +0100 Message-Id: <20180515174337.11287-16-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 15/21] conf: introduce a virNWFilterBindingObjPtr struct X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 15 May 2018 17:44:04 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Introduce a new struct to act as the stateful owner of the virNWFilterBindingDefPtr objects. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/conf/Makefile.inc.am | 2 + src/conf/virnwfilterbindingobj.c | 260 +++++++++++++++++++++++++++++++ src/conf/virnwfilterbindingobj.h | 60 +++++++ src/libvirt_private.syms | 10 ++ 4 files changed, 332 insertions(+) create mode 100644 src/conf/virnwfilterbindingobj.c create mode 100644 src/conf/virnwfilterbindingobj.h diff --git a/src/conf/Makefile.inc.am b/src/conf/Makefile.inc.am index f5fb323233..3d55ba688d 100644 --- a/src/conf/Makefile.inc.am +++ b/src/conf/Makefile.inc.am @@ -87,6 +87,8 @@ NWFILTER_CONF_SOURCES =3D \ conf/virnwfilterobj.h \ conf/virnwfilterbindingdef.c \ conf/virnwfilterbindingdef.h \ + conf/virnwfilterbindingobj.c \ + conf/virnwfilterbindingobj.h \ $(NULL) =20 STORAGE_CONF_SOURCES =3D \ diff --git a/src/conf/virnwfilterbindingobj.c b/src/conf/virnwfilterbinding= obj.c new file mode 100644 index 0000000000..15aaf89b5c --- /dev/null +++ b/src/conf/virnwfilterbindingobj.c @@ -0,0 +1,260 @@ +/* + * virnwfilterbindingobj.c: network filter binding XML processing + * + * Copyright (C) 2018 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#include + +#include "viralloc.h" +#include "virerror.h" +#include "virstring.h" +#include "nwfilter_params.h" +#include "virnwfilterbindingobj.h" +#include "viruuid.h" +#include "virfile.h" + + +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +static virClassPtr virNWFilterBindingObjClass; +static void virNWFilterBindingObjDispose(void *obj); + +static int virNWFilterBindingObjOnceInit(void) +{ + if (!VIR_CLASS_NEW(virNWFilterBindingObj, virClassForObjectLockable())) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObj) + +virNWFilterBindingObjPtr +virNWFilterBindingObjNew(void) +{ + if (virNWFilterBindingObjInitialize() < 0) + return NULL; + + return virObjectNew(virNWFilterBindingObjClass); +} + +void +virNWFilterBindingObjDispose(void *obj) +{ + virNWFilterBindingObjPtr bobj =3D obj; + + virNWFilterBindingDefFree(bobj->def); +} + + +/** + * virNWFilterBindingnObjEndAPI: + * @obj: binding object + * + * Finish working with a binding object in an API. This function + * clears whatever was left of a domain that was gathered using + * virNWFilterBindingObjListFindByPortDev(). Currently that means + * only unlocking and decrementing the reference counter of that + * object. And in order to make sure the caller does not access + * the object, the pointer is cleared. + */ +void +virNWFilterBindingObjEndAPI(virNWFilterBindingObjPtr *obj) +{ + if (!*obj) + return; + + virObjectUnlock(*obj); + virObjectUnref(*obj); + *obj =3D NULL; +} + + +char * +virNWFilterBindingObjConfigFile(const char *dir, + const char *name) +{ + char *ret; + + ignore_value(virAsprintf(&ret, "%s/%s.xml", dir, name)); + return ret; +} + + +int +virNWFilterBindingObjSave(const virNWFilterBindingObj *obj, + const char *statusDir) +{ + char *filename; + char *xml =3D NULL; + int ret =3D -1; + + if (!(filename =3D virNWFilterBindingObjConfigFile(statusDir, + obj->def->portdevname= ))) + return -1; + + if (!(xml =3D virNWFilterBindingObjFormat(obj))) + goto cleanup; + + if (virFileMakePath(statusDir) < 0) { + virReportSystemError(errno, + _("cannot create config directory '%s'"), + statusDir); + goto cleanup; + } + + ret =3D virXMLSaveFile(filename, + obj->def->portdevname, "nwfilter-binding-create", + xml); + + cleanup: + VIR_FREE(xml); + VIR_FREE(filename); + return ret; +} + + +int +virNWFilterBindingObjDelete(const virNWFilterBindingObj *obj, + const char *statusDir) +{ + char *filename; + int ret =3D -1; + + if (!(filename =3D virNWFilterBindingObjConfigFile(statusDir, + obj->def->portdevname= ))) + return -1; + + if (unlink(filename) < 0 && + errno !=3D ENOENT) { + virReportSystemError(errno, + _("Unable to remove status '%s' for nwfilter = binding %s'"), + filename, obj->def->portdevname); + goto cleanup; + } + + ret =3D 0; + + cleanup: + VIR_FREE(filename); + return ret; +} + + +static virNWFilterBindingObjPtr +virNWFilterBindingObjParseXML(xmlDocPtr doc, + xmlXPathContextPtr ctxt) +{ + virNWFilterBindingObjPtr ret; + xmlNodePtr node; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + if (!(node =3D virXPathNode("./filterbinding", ctxt))) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("filter binding status missing binding")); + goto cleanup; + } + + if (!(ret->def =3D virNWFilterBindingDefParseNode(doc, node))) + goto cleanup; + + return ret; + + cleanup: + virObjectUnref(ret); + return NULL; +} + + +static virNWFilterBindingObjPtr +virNWFilterBindingObjParseNode(xmlDocPtr doc, + xmlNodePtr root) +{ + xmlXPathContextPtr ctxt =3D NULL; + virNWFilterBindingObjPtr obj =3D NULL; + + if (STRNEQ((const char *)root->name, "filterbindingb")) { + virReportError(VIR_ERR_XML_ERROR, + "%s", + _("unknown root element for nw filter")); + goto cleanup; + } + + ctxt =3D xmlXPathNewContext(doc); + if (ctxt =3D=3D NULL) { + virReportOOMError(); + goto cleanup; + } + + ctxt->node =3D root; + obj =3D virNWFilterBindingObjParseXML(doc, ctxt); + + cleanup: + xmlXPathFreeContext(ctxt); + return obj; +} + + +static virNWFilterBindingObjPtr +virNWFilterBindingObjParse(const char *xmlStr, + const char *filename) +{ + virNWFilterBindingObjPtr obj =3D NULL; + xmlDocPtr xml; + + if ((xml =3D virXMLParse(filename, xmlStr, _("(nwfilterbinding_status)= ")))) { + obj =3D virNWFilterBindingObjParseNode(xml, xmlDocGetRootElement(x= ml)); + xmlFreeDoc(xml); + } + + return obj; +} + + + +virNWFilterBindingObjPtr +virNWFilterBindingObjParseFile(const char *filename) +{ + return virNWFilterBindingObjParse(NULL, filename); +} + + +char * +virNWFilterBindingObjFormat(const virNWFilterBindingObj *obj) +{ + virBuffer buf =3D VIR_BUFFER_INITIALIZER; + + virBufferAddLit(&buf, "\n"); + + virBufferAdjustIndent(&buf, 2); + + if (virNWFilterBindingDefFormatBuf(&buf, obj->def) < 0) { + virBufferFreeAndReset(&buf); + return NULL; + } + + virBufferAdjustIndent(&buf, -2); + virBufferAddLit(&buf, "\n"); + + if (virBufferCheckError(&buf) < 0) + return NULL; + + return virBufferContentAndReset(&buf); +} diff --git a/src/conf/virnwfilterbindingobj.h b/src/conf/virnwfilterbinding= obj.h new file mode 100644 index 0000000000..e0f1806ca0 --- /dev/null +++ b/src/conf/virnwfilterbindingobj.h @@ -0,0 +1,60 @@ +/* + * virnwfilterbindingobj.h: network filter binding XML processing + * + * Copyright (C) 2018 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + */ +#ifndef VIR_NWFILTER_BINDING_OBJ_H +# define VIR_NWFILTER_BINDING_OBJ_H + +# include "internal.h" +# include "virnwfilterbindingdef.h" +# include "virobject.h" + +typedef struct _virNWFilterBindingObj virNWFilterBindingObj; +typedef virNWFilterBindingObj *virNWFilterBindingObjPtr; + +struct _virNWFilterBindingObj { + virObjectLockable parent; + + bool removing; + virNWFilterBindingDefPtr def; +}; + +virNWFilterBindingObjPtr +virNWFilterBindingObjNew(void); + +void virNWFilterBindingObjEndAPI(virNWFilterBindingObjPtr *obj); + +char *virNWFilterBindingObjConfigFile(const char *dir, + const char *name); + +int +virNWFilterBindingObjSave(const virNWFilterBindingObj *obj, + const char *statusDir); + +int +virNWFilterBindingObjDelete(const virNWFilterBindingObj *obj, + const char *statusDir); + +virNWFilterBindingObjPtr +virNWFilterBindingObjParseFile(const char *filename); + +char * +virNWFilterBindingObjFormat(const virNWFilterBindingObj *obj); + +#endif /* VIR_NWFILTER_BINDING_OBJ_H */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 0ce685b6f2..92ad2e983f 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1051,6 +1051,16 @@ virNWFilterBindingDefParseNode; virNWFilterBindingDefParseString; =20 =20 +# conf/virnwfilterbindingobj.h +virNWFilterBindingObjConfigFile; +virNWFilterBindingObjDelete; +virNWFilterBindingObjEndAPI; +virNWFilterBindingObjFormat; +virNWFilterBindingObjNew; +virNWFilterBindingObjParseFile; +virNWFilterBindingObjSave; + + # conf/virnwfilterobj.h virNWFilterObjGetDef; virNWFilterObjGetNewDef; --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406251815500.44087750773485; Tue, 15 May 2018 10:44:11 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EB4B9A467B; Tue, 15 May 2018 17:44:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C0B5A26DE7; Tue, 15 May 2018 17:44:08 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 295DF4BB78; Tue, 15 May 2018 17:44:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhqW6004313 for ; Tue, 15 May 2018 13:43:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id BDEEE1002973; Tue, 15 May 2018 17:43:52 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4700810A7E3D; Tue, 15 May 2018 17:43:52 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:32 +0100 Message-Id: <20180515174337.11287-17-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 16/21] conf: introduce a virNWFilterBindingObjListPtr struct X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Tue, 15 May 2018 17:44:10 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Introduce a new struct to act as the manager of a collection of virNWFilterBindingObjPtr objects. --- src/conf/Makefile.inc.am | 2 + src/conf/virnwfilterbindingobjlist.c | 475 +++++++++++++++++++++++++++ src/conf/virnwfilterbindingobjlist.h | 66 ++++ src/libvirt_private.syms | 11 + 4 files changed, 554 insertions(+) create mode 100644 src/conf/virnwfilterbindingobjlist.c create mode 100644 src/conf/virnwfilterbindingobjlist.h diff --git a/src/conf/Makefile.inc.am b/src/conf/Makefile.inc.am index 3d55ba688d..af23810640 100644 --- a/src/conf/Makefile.inc.am +++ b/src/conf/Makefile.inc.am @@ -89,6 +89,8 @@ NWFILTER_CONF_SOURCES =3D \ conf/virnwfilterbindingdef.h \ conf/virnwfilterbindingobj.c \ conf/virnwfilterbindingobj.h \ + conf/virnwfilterbindingobjlist.c \ + conf/virnwfilterbindingobjlist.h \ $(NULL) =20 STORAGE_CONF_SOURCES =3D \ diff --git a/src/conf/virnwfilterbindingobjlist.c b/src/conf/virnwfilterbin= dingobjlist.c new file mode 100644 index 0000000000..bf0869a216 --- /dev/null +++ b/src/conf/virnwfilterbindingobjlist.c @@ -0,0 +1,475 @@ +/* + * virnwfilterbindingobjlist.c: binding objects list utilities + * + * Copyright (C) 2006-2018 Red Hat, Inc. + * Copyright (C) 2006-2008 Daniel P. Berrange + * Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + * Author: Daniel P. Berrange + */ + +#include + +#include "internal.h" +#include "datatypes.h" +#include "virnwfilterbindingobjlist.h" +#include "viralloc.h" +#include "virfile.h" +#include "virlog.h" +#include "virstring.h" + +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +VIR_LOG_INIT("conf.virnwfilterbindingobjlist"); + +static virClassPtr virNWFilterBindingObjListClass; +static void virNWFilterBindingObjListDispose(void *obj); + +struct _virNWFilterBindingObjList { + virObjectRWLockable parent; + + /* port dev name -> virNWFilterBindingObj mapping + * for O(1), lockless lookup-by-port dev */ + virHashTable *objs; +}; + + +static int virNWFilterBindingObjListOnceInit(void) +{ + if (!VIR_CLASS_NEW(virNWFilterBindingObjList, virClassForObjectRWLocka= ble())) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(virNWFilterBindingObjList) + +virNWFilterBindingObjListPtr virNWFilterBindingObjListNew(void) +{ + virNWFilterBindingObjListPtr bindings; + + if (virNWFilterBindingObjListInitialize() < 0) + return NULL; + + if (!(bindings =3D virObjectRWLockableNew(virNWFilterBindingObjListCla= ss))) + return NULL; + + if (!(bindings->objs =3D virHashCreate(50, virObjectFreeHashData))) { + virObjectUnref(bindings); + return NULL; + } + + return bindings; +} + +static void virNWFilterBindingObjListDispose(void *obj) +{ + virNWFilterBindingObjListPtr bindings =3D obj; + + virHashFree(bindings->objs); +} + + +static virNWFilterBindingObjPtr +virNWFilterBindingObjListFindByPortDevLocked(virNWFilterBindingObjListPtr = bindings, + const char *name) +{ + virNWFilterBindingObjPtr obj; + + obj =3D virHashLookup(bindings->objs, name); + virObjectRef(obj); + if (obj) { + virObjectLock(obj); + if (obj->removing) { + virObjectUnlock(obj); + virObjectUnref(obj); + obj =3D NULL; + } + } + return obj; +} + + +/** + * @bindings: NWFilterBinding object list + * @name: Name to search the bindings->objs table + * + * Lookup the @name in the bindings->objs hash table and return a + * locked and ref counted binding object if found. Caller is expected + * to use the virNWFilterBindingObjEndAPI when done with the object. + */ +virNWFilterBindingObjPtr +virNWFilterBindingObjListFindByPortDev(virNWFilterBindingObjListPtr bindin= gs, + const char *name) +{ + virNWFilterBindingObjPtr obj; + + virObjectRWLockRead(bindings); + obj =3D virNWFilterBindingObjListFindByPortDevLocked(bindings, name); + virObjectRWUnlock(bindings); + + return obj; +} + + +/** + * @bindings: NWFilterBinding object list pointer + * @binding: NWFilterBinding object to be added + * + * Upon entry @binding should have at least 1 ref and be locked. + * + * Add the @binding into the @bindings->objs hash + * tables. Once successfully added into a table, increase the + * reference count since upon removal in virHashRemoveEntry + * the virObjectUnref will be called since the hash tables were + * configured to call virObjectFreeHashData when the object is + * removed from the hash table. + * + * Returns 0 on success with 3 references and locked + * -1 on failure with 1 reference and locked + */ +static int +virNWFilterBindingObjListAddObjLocked(virNWFilterBindingObjListPtr binding= s, + virNWFilterBindingObjPtr binding) +{ + if (virHashAddEntry(bindings->objs, binding->def->portdevname, binding= ) < 0) + return -1; + virObjectRef(binding); + + return 0; +} + + +/* + * virNWFilterBindingObjListAddLocked: + * + * The returned @binding from this function will be locked and ref + * counted. The caller is expected to use virNWFilterBindingObjEndAPI + * when it completes usage. + */ +static virNWFilterBindingObjPtr +virNWFilterBindingObjListAddLocked(virNWFilterBindingObjListPtr bindings, + virNWFilterBindingDefPtr def) +{ + virNWFilterBindingObjPtr binding; + + /* See if a BINDING with matching portdev already exists */ + if ((binding =3D virNWFilterBindingObjListFindByPortDevLocked(bindings= , def->portdevname))) { + virReportError(VIR_ERR_OPERATION_FAILED, + _("binding '%s' already exists"), + def->portdevname); + return NULL; + } + + if (!(binding =3D virNWFilterBindingObjNew())) + goto cleanup; + binding->def =3D def; + + if (virNWFilterBindingObjListAddObjLocked(bindings, binding) < 0) + goto error; + + cleanup: + return binding; + + error: + virNWFilterBindingObjEndAPI(&binding); + return NULL; +} + + +virNWFilterBindingObjPtr virNWFilterBindingObjListAdd(virNWFilterBindingOb= jListPtr bindings, + virNWFilterBindingDe= fPtr def) +{ + virNWFilterBindingObjPtr ret; + + virObjectRWLockWrite(bindings); + ret =3D virNWFilterBindingObjListAddLocked(bindings, def); + virObjectRWUnlock(bindings); + return ret; +} + + +/* The caller must hold lock on 'bindings' in addition to 'virNWFilterBind= ingObjListRemove' + * requirements + * + * Can be used to remove current element while iterating with + * virNWFilterBindingObjListForEach + */ +void +virNWFilterBindingObjListRemoveLocked(virNWFilterBindingObjListPtr binding= s, + virNWFilterBindingObjPtr binding) +{ + virHashRemoveEntry(bindings->objs, binding->def->portdevname); +} + + +/** + * @bindings: Pointer to the binding object list + * @binding: NWFilterBinding pointer from either after Add or FindBy* API = where the + * @binding was successfully added to both the bindings->objs + * hash tables that now would need to be removed. + * + * The caller must hold a lock on the driver owning 'bindings', + * and must also have locked and ref counted 'binding', to ensure + * no one else is either waiting for 'binding' or still using it. + * + * When this function returns, @binding will be removed from the hash + * tables and returned with lock and refcnt that was present upon entry. + */ +void +virNWFilterBindingObjListRemove(virNWFilterBindingObjListPtr bindings, + virNWFilterBindingObjPtr binding) +{ + binding->removing =3D true; + virObjectRef(binding); + virObjectUnlock(binding); + virObjectRWLockWrite(bindings); + virObjectLock(binding); + virNWFilterBindingObjListRemoveLocked(bindings, binding); + virObjectUnref(binding); + virObjectRWUnlock(bindings); +} + + +static virNWFilterBindingObjPtr +virNWFilterBindingObjListLoadStatus(virNWFilterBindingObjListPtr bindings, + const char *statusDir, + const char *name) +{ + char *statusFile =3D NULL; + virNWFilterBindingObjPtr obj =3D NULL; + + if ((statusFile =3D virNWFilterBindingObjConfigFile(statusDir, name)) = =3D=3D NULL) + goto error; + + if (!(obj =3D virNWFilterBindingObjParseFile(statusFile))) + goto error; + + if (virHashLookup(bindings->objs, obj->def->portdevname) !=3D NULL) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("unexpected binding %s already exists"), + obj->def->portdevname); + goto error; + } + + if (virNWFilterBindingObjListAddObjLocked(bindings, obj) < 0) + goto error; + + VIR_FREE(statusFile); + return obj; + + error: + virNWFilterBindingObjEndAPI(&obj); + VIR_FREE(statusFile); + return NULL; +} + + +int +virNWFilterBindingObjListLoadAllConfigs(virNWFilterBindingObjListPtr bindi= ngs, + const char *configDir) +{ + DIR *dir; + struct dirent *entry; + int ret =3D -1; + int rc; + + VIR_INFO("Scanning for configs in %s", configDir); + + if ((rc =3D virDirOpenIfExists(&dir, configDir)) <=3D 0) + return rc; + + virObjectRWLockWrite(bindings); + + while ((ret =3D virDirRead(dir, &entry, configDir)) > 0) { + virNWFilterBindingObjPtr binding; + + if (!virFileStripSuffix(entry->d_name, ".xml")) + continue; + + /* NB: ignoring errors, so one malformed config doesn't + kill the whole process */ + VIR_INFO("Loading config file '%s.xml'", entry->d_name); + binding =3D virNWFilterBindingObjListLoadStatus(bindings, + configDir, + entry->d_name); + if (binding) { + virNWFilterBindingObjEndAPI(&binding); + } else { + VIR_ERROR(_("Failed to load config for binding '%s'"), entry->= d_name); + } + } + + VIR_DIR_CLOSE(dir); + virObjectRWUnlock(bindings); + return ret; +} + + +struct virNWFilterBindingListIterData { + virNWFilterBindingObjListIterator callback; + void *opaque; + int ret; +}; + + +static int +virNWFilterBindingObjListHelper(void *payload, + const void *name ATTRIBUTE_UNUSED, + void *opaque) +{ + struct virNWFilterBindingListIterData *data =3D opaque; + + if (data->callback(payload, data->opaque) < 0) + data->ret =3D -1; + return 0; +} + + +int +virNWFilterBindingObjListForEach(virNWFilterBindingObjListPtr bindings, + virNWFilterBindingObjListIterator callbac= k, + void *opaque) +{ + struct virNWFilterBindingListIterData data =3D { + callback, opaque, 0, + }; + virObjectRWLockRead(bindings); + virHashForEach(bindings->objs, virNWFilterBindingObjListHelper, &data); + virObjectRWUnlock(bindings); + return data.ret; +} + + +struct virNWFilterBindingListData { + virNWFilterBindingObjPtr *bindings; + size_t nbindings; +}; + + +static int +virNWFilterBindingObjListCollectIterator(void *payload, + const void *name ATTRIBUTE_UNUSED, + void *opaque) +{ + struct virNWFilterBindingListData *data =3D opaque; + + data->bindings[data->nbindings++] =3D virObjectRef(payload); + return 0; +} + + +static void +virNWFilterBindingObjListFilter(virNWFilterBindingObjPtr **list, + size_t *nbindings, + virConnectPtr conn, + virNWFilterBindingObjListACLFilter filter) +{ + size_t i =3D 0; + + while (i < *nbindings) { + virNWFilterBindingObjPtr binding =3D (*list)[i]; + + virObjectLock(binding); + + /* do not list the object if: + * 1) it's being removed. + * 2) connection does not have ACL to see it + * 3) it doesn't match the filter + */ + if (binding->removing || + (filter && !filter(conn, binding->def))) { + virObjectUnlock(binding); + virObjectUnref(binding); + VIR_DELETE_ELEMENT(*list, i, *nbindings); + continue; + } + + virObjectUnlock(binding); + i++; + } +} + + +static int +virNWFilterBindingObjListCollect(virNWFilterBindingObjListPtr domlist, + virConnectPtr conn, + virNWFilterBindingObjPtr **bindings, + size_t *nbindings, + virNWFilterBindingObjListACLFilter filter) +{ + struct virNWFilterBindingListData data =3D { NULL, 0 }; + + virObjectRWLockRead(domlist); + sa_assert(domlist->objs); + if (VIR_ALLOC_N(data.bindings, virHashSize(domlist->objs)) < 0) { + virObjectRWUnlock(domlist); + return -1; + } + + virHashForEach(domlist->objs, virNWFilterBindingObjListCollectIterator= , &data); + virObjectRWUnlock(domlist); + + virNWFilterBindingObjListFilter(&data.bindings, &data.nbindings, conn,= filter); + + *nbindings =3D data.nbindings; + *bindings =3D data.bindings; + + return 0; +} + + +int +virNWFilterBindingObjListExport(virNWFilterBindingObjListPtr bindings, + virConnectPtr conn, + virNWFilterBindingPtr **bindinglist, + virNWFilterBindingObjListACLFilter filter) +{ + virNWFilterBindingObjPtr *bindingobjs =3D NULL; + size_t nbindings =3D 0; + size_t i; + int ret =3D -1; + + if (virNWFilterBindingObjListCollect(bindings, conn, &bindingobjs, &nb= indings, filter) < 0) + return -1; + + if (bindinglist) { + if (VIR_ALLOC_N(*bindinglist, nbindings + 1) < 0) + goto cleanup; + + for (i =3D 0; i < nbindings; i++) { + virNWFilterBindingObjPtr binding =3D bindingobjs[i]; + + virObjectLock(binding); + (*bindinglist)[i] =3D virGetNWFilterBinding(conn, binding->def= ->portdevname, binding->def->filter); + virObjectUnlock(binding); + + if (!(*bindinglist)[i]) + goto cleanup; + } + } + + ret =3D nbindings; + + cleanup: + virObjectListFreeCount(bindingobjs, nbindings); + if (ret < 0) { + virObjectListFreeCount(*bindinglist, nbindings); + *bindinglist =3D NULL; + } + return ret; +} diff --git a/src/conf/virnwfilterbindingobjlist.h b/src/conf/virnwfilterbin= dingobjlist.h new file mode 100644 index 0000000000..252da90baa --- /dev/null +++ b/src/conf/virnwfilterbindingobjlist.h @@ -0,0 +1,66 @@ +/* + * virnwfilterbindingobjlist.h: domain objects list utilities + * + * Copyright (C) 2006-2018 Red Hat, Inc. + * Copyright (C) 2006-2008 Daniel P. Berrange + * Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + * + * Author: Daniel P. Berrange + */ + +#ifndef __VIRNWFILTERBINDINGOBJ_H__ +# define __VIRNWFILTERBINDINGOBJT_H__ + +# include "virnwfilterbindingobj.h" + +typedef struct _virNWFilterBindingObjList virNWFilterBindingObjList; +typedef virNWFilterBindingObjList *virNWFilterBindingObjListPtr; + +virNWFilterBindingObjListPtr virNWFilterBindingObjListNew(void); + +virNWFilterBindingObjPtr virNWFilterBindingObjListFindByPortDev(virNWFilte= rBindingObjListPtr bindings, + const char= *name); + +virNWFilterBindingObjPtr virNWFilterBindingObjListAdd(virNWFilterBindingOb= jListPtr bindings, + virNWFilterBindingDe= fPtr def); + +void virNWFilterBindingObjListRemove(virNWFilterBindingObjListPtr bindings, + virNWFilterBindingObjPtr binding); +void virNWFilterBindingObjListRemoveLocked(virNWFilterBindingObjListPtr bi= ndings, + virNWFilterBindingObjPtr bindin= g); + +int virNWFilterBindingObjListLoadAllConfigs(virNWFilterBindingObjListPtr b= indings, + const char *configDir); + + +typedef int (*virNWFilterBindingObjListIterator)(virNWFilterBindingObjPtr = binding, + void *opaque); + +int virNWFilterBindingObjListForEach(virNWFilterBindingObjListPtr bindings, + virNWFilterBindingObjListIterator cal= lback, + void *opaque); + +typedef bool (*virNWFilterBindingObjListACLFilter)(virConnectPtr conn, + virNWFilterBindingDefPt= r def); + +int virNWFilterBindingObjListExport(virNWFilterBindingObjListPtr bindings, + virConnectPtr conn, + virNWFilterBindingPtr **bindinglist, + virNWFilterBindingObjListACLFilter fil= ter); + + +#endif /* __VIRNWFILTERBINDINGOBJLIST_H__ */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 92ad2e983f..b6754140bd 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1061,6 +1061,17 @@ virNWFilterBindingObjParseFile; virNWFilterBindingObjSave; =20 =20 +# conf/virnwfilterbindingobjlist.h +virNWFilterBindingObjListAdd; +virNWFilterBindingObjListExport; +virNWFilterBindingObjListFindByPortDev; +virNWFilterBindingObjListForEach; +virNWFilterBindingObjListLoadAllConfigs; +virNWFilterBindingObjListNew; +virNWFilterBindingObjListRemove; +virNWFilterBindingObjListRemoveLocked; + + # conf/virnwfilterobj.h virNWFilterObjGetDef; virNWFilterObjGetNewDef; --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406255067138.0222377258093; Tue, 15 May 2018 10:44:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 988A92ED2DE; Tue, 15 May 2018 17:44:13 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 614DB30012BF; Tue, 15 May 2018 17:44:13 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D912A3FCFB; Tue, 15 May 2018 17:44:12 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhre8004325 for ; Tue, 15 May 2018 13:43:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 783BA112D19D; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0316F112D198; Tue, 15 May 2018 17:43:52 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:33 +0100 Message-Id: <20180515174337.11287-18-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 17/21] nwfilter: keep track of active filter bindings X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Tue, 15 May 2018 17:44:14 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Currently the nwfilter driver does not keep any record of what filter bindings it has active. This means that when it needs to recreate filters, it has to rely on triggering callbacks provided by the virt drivers. This introduces a hash table recording the virNWFilterBinding objects so the driver has a record of all active filters. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/virnwfilterobj.h | 4 ++ src/nwfilter/nwfilter_driver.c | 83 ++++++++++++++++++++++++---------- 2 files changed, 64 insertions(+), 23 deletions(-) diff --git a/src/conf/virnwfilterobj.h b/src/conf/virnwfilterobj.h index 433b0402d0..4a54dd50da 100644 --- a/src/conf/virnwfilterobj.h +++ b/src/conf/virnwfilterobj.h @@ -22,6 +22,7 @@ # include "internal.h" =20 # include "nwfilter_conf.h" +# include "virnwfilterbindingobjlist.h" =20 typedef struct _virNWFilterObj virNWFilterObj; typedef virNWFilterObj *virNWFilterObjPtr; @@ -37,7 +38,10 @@ struct _virNWFilterDriverState { =20 virNWFilterObjListPtr nwfilters; =20 + virNWFilterBindingObjListPtr bindings; + char *configDir; + char *bindingDir; }; =20 virNWFilterDefPtr diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index b57e5dd00d..67e07d2dec 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -38,7 +38,6 @@ #include "domain_conf.h" #include "domain_nwfilter.h" #include "nwfilter_driver.h" -#include "virnwfilterbindingdef.h" #include "nwfilter_gentech_driver.h" #include "configmake.h" #include "virfile.h" @@ -174,7 +173,6 @@ nwfilterStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) { - char *base =3D NULL; DBusConnection *sysbus =3D NULL; =20 if (virDBusHasSystemBus() && @@ -191,6 +189,9 @@ nwfilterStateInitialize(bool privileged, if (!(driver->nwfilters =3D virNWFilterObjListNew())) goto error; =20 + if (!(driver->bindings =3D virNWFilterBindingObjListNew())) + goto error; + if (!privileged) return 0; =20 @@ -230,30 +231,35 @@ nwfilterStateInitialize(bool privileged, goto error; } =20 - if (VIR_STRDUP(base, SYSCONFDIR "/libvirt") < 0) + if (VIR_STRDUP(driver->configDir, SYSCONFDIR "/libvirt/nwfilter") < 0) goto error; =20 - if (virAsprintf(&driver->configDir, - "%s/nwfilter", base) =3D=3D -1) + if (virFileMakePathWithMode(driver->configDir, S_IRWXU) < 0) { + virReportSystemError(errno, _("cannot create config directory '%s'= "), + driver->configDir); goto error; + } =20 - VIR_FREE(base); + if (VIR_STRDUP(driver->bindingDir, LOCALSTATEDIR "/run/libvirt/nwfilte= r-binding") < 0) + goto error; =20 - if (virFileMakePathWithMode(driver->configDir, S_IRWXU) < 0) { + if (virFileMakePathWithMode(driver->bindingDir, S_IRWXU) < 0) { virReportSystemError(errno, _("cannot create config directory '%s'= "), - driver->configDir); + driver->bindingDir); goto error; } =20 if (virNWFilterObjListLoadAllConfigs(driver->nwfilters, driver->config= Dir) < 0) goto error; =20 + if (virNWFilterBindingObjListLoadAllConfigs(driver->bindings, driver->= bindingDir) < 0) + goto error; + nwfilterDriverUnlock(); =20 return 0; =20 error: - VIR_FREE(base); nwfilterDriverUnlock(); nwfilterStateCleanup(); =20 @@ -333,9 +339,12 @@ nwfilterStateCleanup(void) nwfilterDriverRemoveDBusMatches(); =20 VIR_FREE(driver->configDir); + VIR_FREE(driver->bindingDir); nwfilterDriverUnlock(); } =20 + virObjectUnref(driver->bindings); + /* free inactive nwfilters */ virNWFilterObjListFree(driver->nwfilters); =20 @@ -647,13 +656,38 @@ nwfilterInstantiateFilter(const char *vmname, const unsigned char *vmuuid, virDomainNetDefPtr net) { - virNWFilterBindingDefPtr binding; + virNWFilterBindingObjPtr obj; + virNWFilterBindingDefPtr def; int ret; =20 - if (!(binding =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, net->= ifname); + if (obj) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Filter already present for NIC %s"), net->ifname= ); + virNWFilterBindingObjEndAPI(&obj); + return -1; + } + + if (!(def =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) + return -1; + + obj =3D virNWFilterBindingObjListAdd(driver->bindings, + def); + if (!obj) { + virNWFilterBindingDefFree(def); return -1; - ret =3D virNWFilterInstantiateFilter(driver, binding); - virNWFilterBindingDefFree(binding); + } + def =3D NULL; + + ret =3D virNWFilterInstantiateFilter(driver, obj->def); + + if (ret < 0) + virNWFilterBindingObjListRemove(driver->bindings, obj); + + virNWFilterBindingObjSave(obj, driver->bindingDir); + + virNWFilterBindingObjEndAPI(&obj); + return ret; } =20 @@ -661,16 +695,19 @@ nwfilterInstantiateFilter(const char *vmname, static void nwfilterTeardownFilter(virDomainNetDefPtr net) { - virNWFilterBindingDef binding =3D { - .portdevname =3D net->ifname, - .linkdevname =3D (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT ? - net->data.direct.linkdev : NULL), - .mac =3D net->mac, - .filter =3D net->filter, - .filterparams =3D net->filterparams, - }; - if ((net->ifname) && (net->filter)) - virNWFilterTeardownFilter(&binding); + virNWFilterBindingObjPtr obj; + if (!net->ifname) + return; + + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, net->= ifname); + if (!obj) + return; + + virNWFilterTeardownFilter(obj->def); + virNWFilterBindingObjDelete(obj, driver->bindingDir); + + virNWFilterBindingObjListRemove(driver->bindings, obj); + virNWFilterBindingObjEndAPI(&obj); } =20 =20 --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15264062599924.506853882525434; Tue, 15 May 2018 10:44:19 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2412247DDF; Tue, 15 May 2018 17:44:18 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D92CB60182; Tue, 15 May 2018 17:44:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8EB03180BAD3; Tue, 15 May 2018 17:44:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhsmq004336 for ; Tue, 15 May 2018 13:43:54 -0400 Received: by smtp.corp.redhat.com (Postfix) id 32B4D1002973; Tue, 15 May 2018 17:43:54 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id B0AB610A7E3B; Tue, 15 May 2018 17:43:53 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:34 +0100 Message-Id: <20180515174337.11287-19-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 18/21] nwfilter: remove virt driver callback layer for rebuilding filters X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 15 May 2018 17:44:18 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Now that the nwfilter driver keeps a list of bindings that it has created, there is no need for the complex virt driver callbacks. It is possible to simply iterate of the list of recorded filter bindings. This means that rebuilding filters no longer has to acquire any locks on the virDomainObj objects, as they're never touched. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/nwfilter_conf.c | 169 +++++++------------------ src/conf/nwfilter_conf.h | 51 +------- src/conf/virnwfilterobj.c | 4 +- src/libvirt_private.syms | 7 +- src/lxc/lxc_driver.c | 28 ---- src/nwfilter/nwfilter_driver.c | 21 +-- src/nwfilter/nwfilter_gentech_driver.c | 164 +++++++++++++++--------- src/nwfilter/nwfilter_gentech_driver.h | 4 +- src/qemu/qemu_driver.c | 25 ---- src/uml/uml_driver.c | 29 ----- 10 files changed, 173 insertions(+), 329 deletions(-) diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c index de26a6d034..29aacba98d 100644 --- a/src/conf/nwfilter_conf.c +++ b/src/conf/nwfilter_conf.c @@ -2819,121 +2819,6 @@ virNWFilterSaveConfig(const char *configDir, } =20 =20 -int nCallbackDriver; -#define MAX_CALLBACK_DRIVER 10 -static virNWFilterCallbackDriverPtr callbackDrvArray[MAX_CALLBACK_DRIVER]; - -void -virNWFilterRegisterCallbackDriver(virNWFilterCallbackDriverPtr cbd) -{ - if (nCallbackDriver < MAX_CALLBACK_DRIVER) - callbackDrvArray[nCallbackDriver++] =3D cbd; -} - - -void -virNWFilterUnRegisterCallbackDriver(virNWFilterCallbackDriverPtr cbd) -{ - size_t i =3D 0; - - while (i < nCallbackDriver && callbackDrvArray[i] !=3D cbd) - i++; - - if (i < nCallbackDriver) { - memmove(&callbackDrvArray[i], &callbackDrvArray[i+1], - (nCallbackDriver - i - 1) * sizeof(callbackDrvArray[i])); - callbackDrvArray[i] =3D 0; - nCallbackDriver--; - } -} - - -void -virNWFilterCallbackDriversLock(void) -{ - size_t i; - - for (i =3D 0; i < nCallbackDriver; i++) - callbackDrvArray[i]->vmDriverLock(); -} - - -void -virNWFilterCallbackDriversUnlock(void) -{ - size_t i; - - for (i =3D 0; i < nCallbackDriver; i++) - callbackDrvArray[i]->vmDriverUnlock(); -} - - -static virDomainObjListIterator virNWFilterDomainFWUpdateCB; -static void *virNWFilterDomainFWUpdateOpaque; - -/** - * virNWFilterInstFiltersOnAllVMs: - * Apply all filters on all running VMs. Don't terminate in case of an - * error. This should be called upon reloading of the driver. - */ -int -virNWFilterInstFiltersOnAllVMs(void) -{ - size_t i; - struct domUpdateCBStruct cb =3D { - .opaque =3D virNWFilterDomainFWUpdateOpaque, - .step =3D STEP_APPLY_CURRENT, - .skipInterfaces =3D NULL, /* not needed */ - }; - - for (i =3D 0; i < nCallbackDriver; i++) - callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdateCB, - &cb); - - return 0; -} - - -int -virNWFilterTriggerVMFilterRebuild(void) -{ - size_t i; - int ret =3D 0; - struct domUpdateCBStruct cb =3D { - .opaque =3D virNWFilterDomainFWUpdateOpaque, - .step =3D STEP_APPLY_NEW, - .skipInterfaces =3D virHashCreate(0, NULL), - }; - - if (!cb.skipInterfaces) - return -1; - - for (i =3D 0; i < nCallbackDriver; i++) { - if (callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, - &cb) < 0) - ret =3D -1; - } - - if (ret < 0) { - cb.step =3D STEP_TEAR_NEW; /* rollback */ - - for (i =3D 0; i < nCallbackDriver; i++) - callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, - &cb); - } else { - cb.step =3D STEP_TEAR_OLD; /* switch over */ - - for (i =3D 0; i < nCallbackDriver; i++) - callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, - &cb); - } - - virHashFree(cb.skipInterfaces); - - return ret; -} - - int virNWFilterDeleteDef(const char *configDir, virNWFilterDefPtr def) @@ -3204,16 +3089,18 @@ virNWFilterDefFormat(const virNWFilterDef *def) return NULL; } =20 +static virNWFilterTriggerRebuildCallback rebuildCallback; +static void *rebuildOpaque; =20 int -virNWFilterConfLayerInit(virDomainObjListIterator domUpdateCB, +virNWFilterConfLayerInit(virNWFilterTriggerRebuildCallback cb, void *opaque) { if (initialized) return -1; =20 - virNWFilterDomainFWUpdateCB =3D domUpdateCB; - virNWFilterDomainFWUpdateOpaque =3D opaque; + rebuildCallback =3D cb; + rebuildOpaque =3D opaque; =20 initialized =3D true; =20 @@ -3233,8 +3120,50 @@ virNWFilterConfLayerShutdown(void) virRWLockDestroy(&updateLock); =20 initialized =3D false; - virNWFilterDomainFWUpdateOpaque =3D NULL; - virNWFilterDomainFWUpdateCB =3D NULL; + rebuildCallback =3D NULL; + rebuildOpaque =3D NULL; +} + +int +virNWFilterTriggerRebuild(void) +{ +#if 0 + size_t i; + int ret =3D 0; + struct domUpdateCBStruct cb =3D { + .opaque =3D virNWFilterDomainFWUpdateOpaque, + .step =3D STEP_APPLY_NEW, + .skipInterfaces =3D virHashCreate(0, NULL), + }; + + if (!cb.skipInterfaces) + return -1; + + for (i =3D 0; i < nCallbackDriver; i++) { + if (callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, + &cb) < 0) + ret =3D -1; + } + + if (ret < 0) { + cb.step =3D STEP_TEAR_NEW; /* rollback */ + + for (i =3D 0; i < nCallbackDriver; i++) + callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, + &cb); + } else { + cb.step =3D STEP_TEAR_OLD; /* switch over */ + + for (i =3D 0; i < nCallbackDriver; i++) + callbackDrvArray[i]->vmFilterRebuild(virNWFilterDomainFWUpdate= CB, + &cb); + } + + virHashFree(cb.skipInterfaces); + + return ret; +#endif + return rebuildCallback(rebuildOpaque); } =20 =20 diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h index 08fc07c55c..9f8ad51bf2 100644 --- a/src/conf/nwfilter_conf.h +++ b/src/conf/nwfilter_conf.h @@ -546,20 +546,6 @@ struct _virNWFilterDef { }; =20 =20 -typedef enum { - STEP_APPLY_NEW, - STEP_TEAR_NEW, - STEP_TEAR_OLD, - STEP_APPLY_CURRENT, -} UpdateStep; - -struct domUpdateCBStruct { - void *opaque; - UpdateStep step; - virHashTablePtr skipInterfaces; -}; - - void virNWFilterRuleDefFree(virNWFilterRuleDefPtr def); =20 @@ -567,7 +553,7 @@ void virNWFilterDefFree(virNWFilterDefPtr def); =20 int -virNWFilterTriggerVMFilterRebuild(void); +virNWFilterTriggerRebuild(void); =20 int virNWFilterDeleteDef(const char *configDir, @@ -599,44 +585,15 @@ virNWFilterReadLockFilterUpdates(void); void virNWFilterUnlockFilterUpdates(void); =20 +typedef int (*virNWFilterTriggerRebuildCallback)(void *opaque); + int -virNWFilterConfLayerInit(virDomainObjListIterator domUpdateCB, +virNWFilterConfLayerInit(virNWFilterTriggerRebuildCallback cb, void *opaque); =20 void virNWFilterConfLayerShutdown(void); =20 -int -virNWFilterInstFiltersOnAllVMs(void); - -typedef int -(*virNWFilterRebuild)(virDomainObjListIterator domUpdateCB, - void *data); - -typedef void -(*virNWFilterVoidCall)(void); - -typedef struct _virNWFilterCallbackDriver virNWFilterCallbackDriver; -typedef virNWFilterCallbackDriver *virNWFilterCallbackDriverPtr; -struct _virNWFilterCallbackDriver { - const char *name; - - virNWFilterRebuild vmFilterRebuild; - virNWFilterVoidCall vmDriverLock; - virNWFilterVoidCall vmDriverUnlock; -}; - -void -virNWFilterRegisterCallbackDriver(virNWFilterCallbackDriverPtr); - -void -virNWFilterUnRegisterCallbackDriver(virNWFilterCallbackDriverPtr); - -void -virNWFilterCallbackDriversLock(void); - -void -virNWFilterCallbackDriversUnlock(void); =20 char * virNWFilterPrintTCPFlags(uint8_t flags); diff --git a/src/conf/virnwfilterobj.c b/src/conf/virnwfilterobj.c index 87d7e72703..0136a0d56c 100644 --- a/src/conf/virnwfilterobj.c +++ b/src/conf/virnwfilterobj.c @@ -276,7 +276,7 @@ virNWFilterObjTestUnassignDef(virNWFilterObjPtr obj) =20 obj->wantRemoved =3D true; /* trigger the update on VMs referencing the filter */ - if (virNWFilterTriggerVMFilterRebuild() < 0) + if (virNWFilterTriggerRebuild() < 0) rc =3D -1; =20 obj->wantRemoved =3D false; @@ -358,7 +358,7 @@ virNWFilterObjListAssignDef(virNWFilterObjListPtr nwfil= ters, =20 obj->newDef =3D def; /* trigger the update on VMs referencing the filter */ - if (virNWFilterTriggerVMFilterRebuild() < 0) { + if (virNWFilterTriggerRebuild() < 0) { obj->newDef =3D NULL; virNWFilterObjUnlock(obj); return NULL; diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index b6754140bd..a34f899379 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -781,8 +781,6 @@ virDomainNumatuneSpecifiedMaxNode; =20 =20 # conf/nwfilter_conf.h -virNWFilterCallbackDriversLock; -virNWFilterCallbackDriversUnlock; virNWFilterChainSuffixTypeToString; virNWFilterConfLayerInit; virNWFilterConfLayerShutdown; @@ -791,12 +789,10 @@ virNWFilterDefFree; virNWFilterDefParseFile; virNWFilterDefParseString; virNWFilterDeleteDef; -virNWFilterInstFiltersOnAllVMs; virNWFilterJumpTargetTypeToString; virNWFilterPrintStateMatchFlags; virNWFilterPrintTCPFlags; virNWFilterReadLockFilterUpdates; -virNWFilterRegisterCallbackDriver; virNWFilterRuleActionTypeToString; virNWFilterRuleDirectionTypeToString; virNWFilterRuleIsProtocolEthernet; @@ -804,9 +800,8 @@ virNWFilterRuleIsProtocolIPv4; virNWFilterRuleIsProtocolIPv6; virNWFilterRuleProtocolTypeToString; virNWFilterSaveConfig; -virNWFilterTriggerVMFilterRebuild; +virNWFilterTriggerRebuild; virNWFilterUnlockFilterUpdates; -virNWFilterUnRegisterCallbackDriver; virNWFilterWriteLockFilterUpdates; =20 =20 diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index a2e29a2121..8cb8d907ff 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -66,7 +66,6 @@ #include "virfdstream.h" #include "domain_audit.h" #include "domain_nwfilter.h" -#include "nwfilter_conf.h" #include "virinitctl.h" #include "virnetdev.h" #include "virnetdevtap.h" @@ -95,31 +94,6 @@ static int lxcStateInitialize(bool privileged, static int lxcStateCleanup(void); virLXCDriverPtr lxc_driver =3D NULL; =20 -/* callbacks for nwfilter */ -static int -lxcVMFilterRebuild(virDomainObjListIterator iter, void *data) -{ - return virDomainObjListForEach(lxc_driver->domains, iter, data); -} - -static void -lxcVMDriverLock(void) -{ - lxcDriverLock(lxc_driver); -} - -static void -lxcVMDriverUnlock(void) -{ - lxcDriverUnlock(lxc_driver); -} - -static virNWFilterCallbackDriver lxcCallbackDriver =3D { - .name =3D "LXC", - .vmFilterRebuild =3D lxcVMFilterRebuild, - .vmDriverLock =3D lxcVMDriverLock, - .vmDriverUnlock =3D lxcVMDriverUnlock, -}; =20 /** * lxcDomObjFromDomain: @@ -1677,7 +1651,6 @@ static int lxcStateInitialize(bool privileged, NULL, NULL) < 0) goto cleanup; =20 - virNWFilterRegisterCallbackDriver(&lxcCallbackDriver); virObjectUnref(caps); return 0; =20 @@ -1750,7 +1723,6 @@ static int lxcStateCleanup(void) if (lxc_driver =3D=3D NULL) return -1; =20 - virNWFilterUnRegisterCallbackDriver(&lxcCallbackDriver); virObjectUnref(lxc_driver->domains); virObjectUnref(lxc_driver->domainEventState); =20 diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 67e07d2dec..caccecadda 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -163,6 +163,14 @@ nwfilterDriverInstallDBusMatches(DBusConnection *sysbu= s ATTRIBUTE_UNUSED) =20 #endif /* HAVE_FIREWALLD */ =20 +static int virNWFilterTriggerRebuildImpl(void *opaque) +{ + virNWFilterDriverStatePtr nwdriver =3D opaque; + + return virNWFilterBuildAll(nwdriver, true); +} + + /** * nwfilterStateInitialize: * @@ -207,7 +215,7 @@ nwfilterStateInitialize(bool privileged, if (virNWFilterTechDriversInit(privileged) < 0) goto err_dhcpsnoop_shutdown; =20 - if (virNWFilterConfLayerInit(virNWFilterDomainFWUpdateCB, + if (virNWFilterConfLayerInit(virNWFilterTriggerRebuildImpl, driver) < 0) goto err_techdrivers_shutdown; =20 @@ -302,15 +310,14 @@ nwfilterStateReload(void) =20 nwfilterDriverLock(); virNWFilterWriteLockFilterUpdates(); - virNWFilterCallbackDriversLock(); =20 virNWFilterObjListLoadAllConfigs(driver->nwfilters, driver->configDir); =20 - virNWFilterCallbackDriversUnlock(); virNWFilterUnlockFilterUpdates(); - nwfilterDriverUnlock(); =20 - virNWFilterInstFiltersOnAllVMs(); + virNWFilterBuildAll(driver, false); + + nwfilterDriverUnlock(); =20 return 0; } @@ -547,7 +554,6 @@ nwfilterDefineXML(virConnectPtr conn, =20 nwfilterDriverLock(); virNWFilterWriteLockFilterUpdates(); - virNWFilterCallbackDriversLock(); =20 if (!(def =3D virNWFilterDefParseString(xml))) goto cleanup; @@ -572,7 +578,6 @@ nwfilterDefineXML(virConnectPtr conn, if (obj) virNWFilterObjUnlock(obj); =20 - virNWFilterCallbackDriversUnlock(); virNWFilterUnlockFilterUpdates(); nwfilterDriverUnlock(); return nwfilter; @@ -588,7 +593,6 @@ nwfilterUndefine(virNWFilterPtr nwfilter) =20 nwfilterDriverLock(); virNWFilterWriteLockFilterUpdates(); - virNWFilterCallbackDriversLock(); =20 if (!(obj =3D nwfilterObjFromNWFilter(nwfilter->uuid))) goto cleanup; @@ -615,7 +619,6 @@ nwfilterUndefine(virNWFilterPtr nwfilter) if (obj) virNWFilterObjUnlock(obj); =20 - virNWFilterCallbackDriversUnlock(); virNWFilterUnlockFilterUpdates(); nwfilterDriverUnlock(); return ret; diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index 30ae3970fb..de7361f3dd 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -153,9 +153,9 @@ virNWFilterVarHashmapAddStdValues(virHashTablePtr table, if (!val) return -1; =20 - if (virHashAddEntry(table, - NWFILTER_STD_VAR_MAC, - val) < 0) { + if (virHashUpdateEntry(table, + NWFILTER_STD_VAR_MAC, + val) < 0) { virNWFilterVarValueFree(val); virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Could not add variable 'MAC' to hashma= p")); @@ -168,9 +168,9 @@ virNWFilterVarHashmapAddStdValues(virHashTablePtr table, if (!val) return -1; =20 - if (virHashAddEntry(table, - NWFILTER_STD_VAR_IP, - val) < 0) { + if (virHashUpdateEntry(table, + NWFILTER_STD_VAR_IP, + val) < 0) { virNWFilterVarValueFree(val); virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Could not add variable 'IP' to hashmap= ")); @@ -1000,68 +1000,110 @@ virNWFilterTeardownFilter(virNWFilterBindingDefPtr= binding) return ret; } =20 +enum { + STEP_APPLY_NEW, + STEP_TEAR_NEW, + STEP_TEAR_OLD, + STEP_APPLY_CURRENT, +}; =20 -int -virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, - void *data) +static int +virNWFilterBuildOne(virNWFilterDriverStatePtr driver, + virNWFilterBindingDefPtr binding, + virHashTablePtr skipInterfaces, + int step) { - virDomainDefPtr vm =3D obj->def; - struct domUpdateCBStruct *cb =3D data; - size_t i; bool skipIface; int ret =3D 0; - - virObjectLock(obj); - - if (virDomainObjIsActive(obj)) { - for (i =3D 0; i < vm->nnets; i++) { - virDomainNetDefPtr net =3D vm->nets[i]; - virNWFilterBindingDefPtr binding; - - if ((net->filter) && (net->ifname) && - (binding =3D virNWFilterBindingDefForNet( - vm->name, vm->uuid, net))) { - - switch (cb->step) { - case STEP_APPLY_NEW: - ret =3D virNWFilterUpdateInstantiateFilter(cb->opaque, - binding, - &skipIface); - if (ret =3D=3D 0 && skipIface) { - /* filter tree unchanged -- no update needed */ - ret =3D virHashAddEntry(cb->skipInterfaces, - net->ifname, - (void *)~0); - } - break; - - case STEP_TEAR_NEW: - if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterRollbackUpdateFilter(binding); - break; - - case STEP_TEAR_OLD: - if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterTearOldFilter(binding); - break; - - case STEP_APPLY_CURRENT: - ret =3D virNWFilterInstantiateFilter(cb->opaque, - binding); - if (ret) - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Failure while applying current f= ilter on " - "VM %s"), vm->name); - break; - } - virNWFilterBindingDefFree(binding); - if (ret) - break; - } + VIR_DEBUG("Building filter for portdev=3D%s step=3D%d", binding->portd= evname, step); + + switch (step) { + case STEP_APPLY_NEW: + ret =3D virNWFilterUpdateInstantiateFilter(driver, + binding, + &skipIface); + if (ret =3D=3D 0 && skipIface) { + /* filter tree unchanged -- no update needed */ + ret =3D virHashAddEntry(skipInterfaces, + binding->portdevname, + (void *)~0); } + break; + + case STEP_TEAR_NEW: + if (!virHashLookup(skipInterfaces, binding->portdevname)) + ret =3D virNWFilterRollbackUpdateFilter(binding); + break; + + case STEP_TEAR_OLD: + if (!virHashLookup(skipInterfaces, binding->portdevname)) + ret =3D virNWFilterTearOldFilter(binding); + break; + + case STEP_APPLY_CURRENT: + ret =3D virNWFilterInstantiateFilter(driver, + binding); + break; } =20 - virObjectUnlock(obj); + return ret; +} + + +struct virNWFilterBuildData { + virNWFilterDriverStatePtr driver; + virHashTablePtr skipInterfaces; + int step; +}; + +static int +virNWFilterBuildIter(virNWFilterBindingObjPtr binding, void *opaque) +{ + struct virNWFilterBuildData *data =3D opaque; + + return virNWFilterBuildOne(data->driver, binding->def, + data->skipInterfaces, data->step); +} + +int +virNWFilterBuildAll(virNWFilterDriverStatePtr driver, + bool newFilters) +{ + struct virNWFilterBuildData data =3D { + .driver =3D driver, + }; + int ret =3D 0; + + VIR_DEBUG("Build all filters newFilters=3D%d", newFilters); + + if (newFilters) { + if (!(data.skipInterfaces =3D virHashCreate(0, NULL))) + return -1; + + data.step =3D STEP_APPLY_NEW; + if (virNWFilterBindingObjListForEach(driver->bindings, + virNWFilterBuildIter, + &data) < 0) + ret =3D -1; + + if (ret =3D=3D -1) { + data.step =3D STEP_TEAR_NEW; + virNWFilterBindingObjListForEach(driver->bindings, + virNWFilterBuildIter, + &data); + } else { + data.step =3D STEP_TEAR_OLD; + virNWFilterBindingObjListForEach(driver->bindings, + virNWFilterBuildIter, + &data); + } + } else { + data.step =3D STEP_APPLY_CURRENT; + if (virNWFilterBindingObjListForEach(driver->bindings, + virNWFilterBuildIter, + &data) < 0) + ret =3D -1; + } return ret; } =20 diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter= _gentech_driver.h index 6b51096a0d..481fdd2413 100644 --- a/src/nwfilter/nwfilter_gentech_driver.h +++ b/src/nwfilter/nwfilter_gentech_driver.h @@ -54,8 +54,8 @@ int virNWFilterTeardownFilter(virNWFilterBindingDefPtr bi= nding); virHashTablePtr virNWFilterCreateVarHashmap(const char *macaddr, const virNWFilterVarValue *val= ue); =20 -int virNWFilterDomainFWUpdateCB(virDomainObjPtr vm, - void *data); +int virNWFilterBuildAll(virNWFilterDriverStatePtr driver, + bool newFilters); =20 virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname, const unsigned char *= vmuuid, diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 9037818e2a..edc2d214e4 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -84,7 +84,6 @@ #include "cpu/cpu.h" #include "virsysinfo.h" #include "domain_nwfilter.h" -#include "nwfilter_conf.h" #include "virhook.h" #include "virstoragefile.h" #include "virfile.h" @@ -164,28 +163,6 @@ static int qemuARPGetInterfaces(virDomainObjPtr vm, =20 static virQEMUDriverPtr qemu_driver; =20 - -static void -qemuVMDriverLock(void) -{} -static void -qemuVMDriverUnlock(void) -{} - -static int -qemuVMFilterRebuild(virDomainObjListIterator iter, void *data) -{ - return virDomainObjListForEach(qemu_driver->domains, iter, data); -} - -static virNWFilterCallbackDriver qemuCallbackDriver =3D { - .name =3D QEMU_DRIVER_NAME, - .vmFilterRebuild =3D qemuVMFilterRebuild, - .vmDriverLock =3D qemuVMDriverLock, - .vmDriverUnlock =3D qemuVMDriverUnlock, -}; - - /** * qemuDomObjFromDomain: * @domain: Domain pointer that has to be looked up @@ -940,7 +917,6 @@ qemuStateInitialize(bool privileged, if (!qemu_driver->workerPool) goto error; =20 - virNWFilterRegisterCallbackDriver(&qemuCallbackDriver); return 0; =20 error: @@ -1080,7 +1056,6 @@ qemuStateCleanup(void) if (!qemu_driver) return -1; =20 - virNWFilterUnRegisterCallbackDriver(&qemuCallbackDriver); virThreadPoolFree(qemu_driver->workerPool); virObjectUnref(qemu_driver->config); virObjectUnref(qemu_driver->hostdevMgr); diff --git a/src/uml/uml_driver.c b/src/uml/uml_driver.c index 53ec64e10f..7419310a6d 100644 --- a/src/uml/uml_driver.c +++ b/src/uml/uml_driver.c @@ -55,7 +55,6 @@ #include "datatypes.h" #include "virlog.h" #include "domain_nwfilter.h" -#include "nwfilter_conf.h" #include "virfile.h" #include "virfdstream.h" #include "configmake.h" @@ -145,25 +144,6 @@ static int umlMonitorCommand(const struct uml_driver *= driver, =20 static struct uml_driver *uml_driver; =20 -static int -umlVMFilterRebuild(virDomainObjListIterator iter, void *data) -{ - return virDomainObjListForEach(uml_driver->domains, iter, data); -} - -static void -umlVMDriverLock(void) -{ - umlDriverLock(uml_driver); -} - -static void -umlVMDriverUnlock(void) -{ - umlDriverUnlock(uml_driver); -} - - static virDomainObjPtr umlDomObjFromDomainLocked(struct uml_driver *driver, const unsigned char *uuid) @@ -196,13 +176,6 @@ umlDomObjFromDomain(struct uml_driver *driver, } =20 =20 -static virNWFilterCallbackDriver umlCallbackDriver =3D { - .name =3D "UML", - .vmFilterRebuild =3D umlVMFilterRebuild, - .vmDriverLock =3D umlVMDriverLock, - .vmDriverUnlock =3D umlVMDriverUnlock, -}; - struct umlAutostartData { struct uml_driver *driver; virConnectPtr conn; @@ -609,7 +582,6 @@ umlStateInitialize(bool privileged, =20 VIR_FREE(userdir); =20 - virNWFilterRegisterCallbackDriver(¨CallbackDriver); return 0; =20 out_of_memory: @@ -703,7 +675,6 @@ umlStateCleanup(void) return -1; =20 umlDriverLock(uml_driver); - virNWFilterRegisterCallbackDriver(¨CallbackDriver); if (uml_driver->inotifyWatch !=3D -1) virEventRemoveHandle(uml_driver->inotifyWatch); VIR_FORCE_CLOSE(uml_driver->inotifyFD); --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406265221221.71667033688107; Tue, 15 May 2018 10:44:25 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C6D0E7C09C; Tue, 15 May 2018 17:44:23 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8BC99607AA; Tue, 15 May 2018 17:44:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2BAB7180B5AB; Tue, 15 May 2018 17:44:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhtXI004346 for ; Tue, 15 May 2018 13:43:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id E11F1112D197; Tue, 15 May 2018 17:43:54 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6CA35112D198; Tue, 15 May 2018 17:43:54 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:35 +0100 Message-Id: <20180515174337.11287-20-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 19/21] nwfilter: wire up new APIs for listing and querying filter bindings X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 15 May 2018 17:44:24 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Wire up the ListAll, LookupByPortDev and GetXMLDesc APIs to allow the virsh nwfilter-binding-list & nwfilter-binding-dumpxml commands to work. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_driver.c | 71 ++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index caccecadda..6544261b38 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -714,6 +714,74 @@ nwfilterTeardownFilter(virDomainNetDefPtr net) } =20 =20 +static virNWFilterBindingPtr +nwfilterBindingLookupByPortDev(virConnectPtr conn, + const char *portdev) +{ + virNWFilterBindingPtr ret =3D NULL; + virNWFilterBindingObjPtr obj; + + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, + portdev); + if (!obj) + goto cleanup; + + if (virNWFilterBindingLookupByPortDevEnsureACL(conn, obj->def) < 0) + goto cleanup; + + ret =3D virGetNWFilterBinding(conn, obj->def->portdevname, obj->def->f= ilter); + + cleanup: + virNWFilterBindingObjEndAPI(&obj); + return ret; +} + + +static int +nwfilterConnectListAllNWFilterBindings(virConnectPtr conn, + virNWFilterBindingPtr **bindings, + unsigned int flags) +{ + int ret; + + virCheckFlags(0, -1); + + if (virConnectListAllNWFilterBindingsEnsureACL(conn) < 0) + return -1; + + ret =3D virNWFilterBindingObjListExport(driver->bindings, + conn, + bindings, + virConnectListAllNWFilterBinding= sCheckACL); + + return ret; +} + +static char * +nwfilterBindingGetXMLDesc(virNWFilterBindingPtr binding, + unsigned int flags) +{ + virNWFilterBindingObjPtr obj; + char *ret =3D NULL; + + virCheckFlags(0, NULL); + + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, + binding->portdev); + if (!obj) + goto cleanup; + + if (virNWFilterBindingGetXMLDescEnsureACL(binding->conn, obj->def) < 0) + goto cleanup; + + ret =3D virNWFilterBindingDefFormat(obj->def); + + cleanup: + virNWFilterBindingObjEndAPI(&obj); + return ret; +} + + static virNWFilterDriver nwfilterDriver =3D { .name =3D "nwfilter", .connectNumOfNWFilters =3D nwfilterConnectNumOfNWFilters, /* 0.8.0 */ @@ -724,6 +792,9 @@ static virNWFilterDriver nwfilterDriver =3D { .nwfilterDefineXML =3D nwfilterDefineXML, /* 0.8.0 */ .nwfilterUndefine =3D nwfilterUndefine, /* 0.8.0 */ .nwfilterGetXMLDesc =3D nwfilterGetXMLDesc, /* 0.8.0 */ + .nwfilterBindingLookupByPortDev =3D nwfilterBindingLookupByPortDev, /*= 4.4.0 */ + .connectListAllNWFilterBindings =3D nwfilterConnectListAllNWFilterBind= ings, /* 4.4.0 */ + .nwfilterBindingGetXMLDesc =3D nwfilterBindingGetXMLDesc, /* 4.4.0 */ }; =20 =20 --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406273498320.42289821717225; Tue, 15 May 2018 10:44:33 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B04A118BDF1; Tue, 15 May 2018 17:44:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 797CC100194B; Tue, 15 May 2018 17:44:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2DB653D380; Tue, 15 May 2018 17:44:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhtHd004357 for ; Tue, 15 May 2018 13:43:55 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9AB65112D197; Tue, 15 May 2018 17:43:55 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 25C2E112D198; Tue, 15 May 2018 17:43:55 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:36 +0100 Message-Id: <20180515174337.11287-21-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 20/21] nwfilter: wire up new APIs for creating and deleting nwfilter bindings X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 15 May 2018 17:44:32 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 This allows the virsh commands nwfilter-binding-create and nwfilter-binding-delete to be used. Note using these commands lets you delete filters that were previously created automatically by the virt drivers, or add filters for VM nics that were not there before. Generally it is expected these new APIs will only be used by virt drivers. It is the admin's responsibility to not shoot themselves in the foot. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_driver.c | 77 ++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index 6544261b38..c3c52ae5f3 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -782,6 +782,81 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr bindin= g, } =20 =20 +static virNWFilterBindingPtr +nwfilterBindingCreateXML(virConnectPtr conn, + const char *xml, + unsigned int flags) +{ + virNWFilterBindingObjPtr obj; + virNWFilterBindingDefPtr def; + virNWFilterBindingPtr ret =3D NULL; + + virCheckFlags(0, NULL); + + def =3D virNWFilterBindingDefParseString(xml); + if (!def) + return NULL; + + if (virNWFilterBindingCreateXMLEnsureACL(conn, def) < 0) + goto cleanup; + + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, def->= portdevname); + if (obj) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Filter already present for NIC %s"), def->portde= vname); + goto cleanup; + } + + obj =3D virNWFilterBindingObjListAdd(driver->bindings, + def); + if (!obj) + goto cleanup; + def =3D NULL; + + if (!(ret =3D virGetNWFilterBinding(conn, obj->def->portdevname, obj->= def->filter))) + goto cleanup; + + if (virNWFilterInstantiateFilter(driver, obj->def) < 0) { + virNWFilterBindingObjListRemove(driver->bindings, obj); + virObjectUnref(ret); + ret =3D NULL; + goto cleanup; + } + virNWFilterBindingObjSave(obj, driver->bindingDir); + + cleanup: + virNWFilterBindingDefFree(def); + virNWFilterBindingObjEndAPI(&obj); + + return ret; +} + + +static int +nwfilterBindingDelete(virNWFilterBindingPtr binding) +{ + virNWFilterBindingObjPtr obj; + int ret =3D -1; + + obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, bindi= ng->portdev); + if (!obj) + return -1; + + if (virNWFilterBindingDeleteEnsureACL(binding->conn, obj->def) < 0) + goto cleanup; + + virNWFilterTeardownFilter(obj->def); + virNWFilterBindingObjDelete(obj, driver->bindingDir); + virNWFilterBindingObjListRemove(driver->bindings, obj); + + ret =3D 0; + + cleanup: + virNWFilterBindingObjEndAPI(&obj); + return ret; +} + + static virNWFilterDriver nwfilterDriver =3D { .name =3D "nwfilter", .connectNumOfNWFilters =3D nwfilterConnectNumOfNWFilters, /* 0.8.0 */ @@ -795,6 +870,8 @@ static virNWFilterDriver nwfilterDriver =3D { .nwfilterBindingLookupByPortDev =3D nwfilterBindingLookupByPortDev, /*= 4.4.0 */ .connectListAllNWFilterBindings =3D nwfilterConnectListAllNWFilterBind= ings, /* 4.4.0 */ .nwfilterBindingGetXMLDesc =3D nwfilterBindingGetXMLDesc, /* 4.4.0 */ + .nwfilterBindingCreateXML =3D nwfilterBindingCreateXML, /* 4.4.0 */ + .nwfilterBindingDelete =3D nwfilterBindingDelete, /* 4.4.0 */ }; =20 =20 --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Tue Apr 16 07:48:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406272403602.1109647941795; Tue, 15 May 2018 10:44:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0BAD5145208; Tue, 15 May 2018 17:44:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D1E962016350; Tue, 15 May 2018 17:44:29 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E16F51801250; Tue, 15 May 2018 17:44:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhujT004368 for ; Tue, 15 May 2018 13:43:56 -0400 Received: by smtp.corp.redhat.com (Postfix) id 55666112D19A; Tue, 15 May 2018 17:43:56 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id D3E79112D198; Tue, 15 May 2018 17:43:55 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:37 +0100 Message-Id: <20180515174337.11287-22-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 21/21] nwfilter: convert virt drivers to use public API for nwfilter bindings X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Tue, 15 May 2018 17:44:31 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Remove the callbacks that the nwfilter driver registers with the domain object config layer. Instead make the current helper methods call into the public API for creating/deleting nwfilter bindings. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/conf/domain_nwfilter.c | 124 +++++++++++++++++++++---- src/conf/domain_nwfilter.h | 13 --- src/libvirt_private.syms | 1 - src/nwfilter/nwfilter_driver.c | 83 +++-------------- src/nwfilter/nwfilter_gentech_driver.c | 42 --------- src/nwfilter/nwfilter_gentech_driver.h | 4 - 6 files changed, 120 insertions(+), 147 deletions(-) diff --git a/src/conf/domain_nwfilter.c b/src/conf/domain_nwfilter.c index 7570e0ae83..ed45394918 100644 --- a/src/conf/domain_nwfilter.c +++ b/src/conf/domain_nwfilter.c @@ -28,45 +28,137 @@ #include "datatypes.h" #include "domain_conf.h" #include "domain_nwfilter.h" +#include "virnwfilterbindingdef.h" #include "virerror.h" +#include "viralloc.h" +#include "virstring.h" +#include "virlog.h" =20 -#define VIR_FROM_THIS VIR_FROM_NWFILTER =20 -static virDomainConfNWFilterDriverPtr nwfilterDriver; +VIR_LOG_INIT("conf.domain_nwfilter"); =20 -void -virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver) +#define VIR_FROM_THIS VIR_FROM_NWFILTER + +static virNWFilterBindingDefPtr +virNWFilterBindingDefForNet(const char *vmname, + const unsigned char *vmuuid, + virDomainNetDefPtr net) { - nwfilterDriver =3D driver; + virNWFilterBindingDefPtr ret; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + if (VIR_STRDUP(ret->ownername, vmname) < 0) + goto error; + + memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid)); + + if (VIR_STRDUP(ret->portdevname, net->ifname) < 0) + goto error; + + if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT && + VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0) + goto error; + + ret->mac =3D net->mac; + + if (VIR_STRDUP(ret->filter, net->filter) < 0) + goto error; + + if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) + goto error; + + if (net->filterparams && + virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) <= 0) + goto error; + + return ret; + + error: + virNWFilterBindingDefFree(ret); + return NULL; } =20 + int virDomainConfNWFilterInstantiate(const char *vmname, const unsigned char *vmuuid, virDomainNetDefPtr net) { - if (nwfilterDriver !=3D NULL) - return nwfilterDriver->instantiateFilter(vmname, vmuuid, net); + virConnectPtr conn =3D virGetConnectNWFilter(); + virNWFilterBindingDefPtr def =3D NULL; + virNWFilterBindingPtr binding =3D NULL; + char *xml; + int ret =3D -1; + + VIR_DEBUG("vmname=3D%s portdev=3D%s filter=3D%s", + vmname, NULLSTR(net->ifname), NULLSTR(net->filter)); + + if (!conn) + goto cleanup; + + if (!(def =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) + goto cleanup; + + if (!(xml =3D virNWFilterBindingDefFormat(def))) + goto cleanup; + + if (!(binding =3D virNWFilterBindingCreateXML(conn, xml, 0))) + goto cleanup; + + ret =3D 0; + + cleanup: + VIR_FREE(xml); + virNWFilterBindingDefFree(def); + virObjectUnref(binding); + virObjectUnref(conn); + return ret; +} + + +static void +virDomainConfNWFilterTeardownImpl(virConnectPtr conn, + virDomainNetDefPtr net) +{ + virNWFilterBindingPtr binding; =20 - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", - _("No network filter driver available")); - return -1; + binding =3D virNWFilterBindingLookupByPortDev(conn, net->ifname); + if (!binding) + return; + + virNWFilterBindingDelete(binding); + + virObjectUnref(binding); } =20 + void virDomainConfNWFilterTeardown(virDomainNetDefPtr net) { - if (nwfilterDriver !=3D NULL) - nwfilterDriver->teardownFilter(net); + virConnectPtr conn =3D virGetConnectNWFilter(); + + if (!conn) + return; + + virDomainConfNWFilterTeardownImpl(conn, net); + + virObjectUnref(conn); } =20 void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm) { size_t i; + virConnectPtr conn =3D virGetConnectNWFilter(); + + if (!conn) + return; + + + for (i =3D 0; i < vm->def->nnets; i++) + virDomainConfNWFilterTeardownImpl(conn, vm->def->nets[i]); =20 - if (nwfilterDriver !=3D NULL) { - for (i =3D 0; i < vm->def->nnets; i++) - virDomainConfNWFilterTeardown(vm->def->nets[i]); - } + virObjectUnref(conn); } diff --git a/src/conf/domain_nwfilter.h b/src/conf/domain_nwfilter.h index 857cac6c2a..d2ebeff853 100644 --- a/src/conf/domain_nwfilter.h +++ b/src/conf/domain_nwfilter.h @@ -23,19 +23,6 @@ #ifndef DOMAIN_NWFILTER_H # define DOMAIN_NWFILTER_H =20 -typedef int (*virDomainConfInstantiateNWFilter)(const char *vmname, - const unsigned char *vmuui= d, - virDomainNetDefPtr net); -typedef void (*virDomainConfTeardownNWFilter)(virDomainNetDefPtr net); - -typedef struct { - virDomainConfInstantiateNWFilter instantiateFilter; - virDomainConfTeardownNWFilter teardownFilter; -} virDomainConfNWFilterDriver; -typedef virDomainConfNWFilterDriver *virDomainConfNWFilterDriverPtr; - -void virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver); - int virDomainConfNWFilterInstantiate(const char *vmname, const unsigned char *vmuuid, virDomainNetDefPtr net); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a34f899379..f1f7f19014 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -645,7 +645,6 @@ virDomainQemuMonitorEventStateRegisterID; =20 # conf/domain_nwfilter.h virDomainConfNWFilterInstantiate; -virDomainConfNWFilterRegister; virDomainConfNWFilterTeardown; virDomainConfVMNWFilterTeardown; =20 diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index c3c52ae5f3..9ee5c57d9f 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -654,66 +654,6 @@ nwfilterGetXMLDesc(virNWFilterPtr nwfilter, } =20 =20 -static int -nwfilterInstantiateFilter(const char *vmname, - const unsigned char *vmuuid, - virDomainNetDefPtr net) -{ - virNWFilterBindingObjPtr obj; - virNWFilterBindingDefPtr def; - int ret; - - obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, net->= ifname); - if (obj) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("Filter already present for NIC %s"), net->ifname= ); - virNWFilterBindingObjEndAPI(&obj); - return -1; - } - - if (!(def =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) - return -1; - - obj =3D virNWFilterBindingObjListAdd(driver->bindings, - def); - if (!obj) { - virNWFilterBindingDefFree(def); - return -1; - } - def =3D NULL; - - ret =3D virNWFilterInstantiateFilter(driver, obj->def); - - if (ret < 0) - virNWFilterBindingObjListRemove(driver->bindings, obj); - - virNWFilterBindingObjSave(obj, driver->bindingDir); - - virNWFilterBindingObjEndAPI(&obj); - - return ret; -} - - -static void -nwfilterTeardownFilter(virDomainNetDefPtr net) -{ - virNWFilterBindingObjPtr obj; - if (!net->ifname) - return; - - obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, net->= ifname); - if (!obj) - return; - - virNWFilterTeardownFilter(obj->def); - virNWFilterBindingObjDelete(obj, driver->bindingDir); - - virNWFilterBindingObjListRemove(driver->bindings, obj); - virNWFilterBindingObjEndAPI(&obj); -} - - static virNWFilterBindingPtr nwfilterBindingLookupByPortDev(virConnectPtr conn, const char *portdev) @@ -723,8 +663,11 @@ nwfilterBindingLookupByPortDev(virConnectPtr conn, =20 obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, portdev); - if (!obj) + if (!obj) { + virReportError(VIR_ERR_NO_NWFILTER_BINDING, + _("no nwfilter binding for port dev '%s'"), portdev= ); goto cleanup; + } =20 if (virNWFilterBindingLookupByPortDevEnsureACL(conn, obj->def) < 0) goto cleanup; @@ -768,8 +711,11 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr bindin= g, =20 obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, binding->portdev); - if (!obj) + if (!obj) { + virReportError(VIR_ERR_NO_NWFILTER_BINDING, + _("no nwfilter binding for port dev '%s'"), binding= ->portdev); goto cleanup; + } =20 if (virNWFilterBindingGetXMLDescEnsureACL(binding->conn, obj->def) < 0) goto cleanup; @@ -839,8 +785,11 @@ nwfilterBindingDelete(virNWFilterBindingPtr binding) int ret =3D -1; =20 obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, bindi= ng->portdev); - if (!obj) + if (!obj) { + virReportError(VIR_ERR_NO_NWFILTER_BINDING, + _("no nwfilter binding for port dev '%s'"), binding= ->portdev); return -1; + } =20 if (virNWFilterBindingDeleteEnsureACL(binding->conn, obj->def) < 0) goto cleanup; @@ -900,13 +849,6 @@ static virStateDriver stateDriver =3D { .stateReload =3D nwfilterStateReload, }; =20 - -static virDomainConfNWFilterDriver domainNWFilterDriver =3D { - .instantiateFilter =3D nwfilterInstantiateFilter, - .teardownFilter =3D nwfilterTeardownFilter, -}; - - int nwfilterRegister(void) { if (virRegisterConnectDriver(&nwfilterConnectDriver, false) < 0) @@ -915,6 +857,5 @@ int nwfilterRegister(void) return -1; if (virRegisterStateDriver(&stateDriver) < 0) return -1; - virDomainConfNWFilterRegister(&domainNWFilterDriver); return 0; } diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index de7361f3dd..f43decb6ea 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -1106,45 +1106,3 @@ virNWFilterBuildAll(virNWFilterDriverStatePtr driver, } return ret; } - - -virNWFilterBindingDefPtr -virNWFilterBindingDefForNet(const char *vmname, - const unsigned char *vmuuid, - virDomainNetDefPtr net) -{ - virNWFilterBindingDefPtr ret; - - if (VIR_ALLOC(ret) < 0) - return NULL; - - if (VIR_STRDUP(ret->ownername, vmname) < 0) - goto error; - - memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid)); - - if (VIR_STRDUP(ret->portdevname, net->ifname) < 0) - goto error; - - if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT && - VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0) - goto error; - - ret->mac =3D net->mac; - - if (VIR_STRDUP(ret->filter, net->filter) < 0) - goto error; - - if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) - goto error; - - if (net->filterparams && - virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) <= 0) - goto error; - - return ret; - - error: - virNWFilterBindingDefFree(ret); - return NULL; -} diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter= _gentech_driver.h index 481fdd2413..2cd19c90fc 100644 --- a/src/nwfilter/nwfilter_gentech_driver.h +++ b/src/nwfilter/nwfilter_gentech_driver.h @@ -57,8 +57,4 @@ virHashTablePtr virNWFilterCreateVarHashmap(const char *m= acaddr, int virNWFilterBuildAll(virNWFilterDriverStatePtr driver, bool newFilters); =20 -virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname, - const unsigned char *= vmuuid, - virDomainNetDefPtr ne= t); - #endif --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list