From nobody Fri Apr 26 02:17:17 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=virtuozzo.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1553153538924466.42448806745824; Thu, 21 Mar 2019 00:32:18 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 256F23082AF0; Thu, 21 Mar 2019 07:32:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F1A4B60BF4; Thu, 21 Mar 2019 07:32:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 788FF3FB11; Thu, 21 Mar 2019 07:32:16 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x2L7WFsI009447 for ; Thu, 21 Mar 2019 03:32:15 -0400 Received: by smtp.corp.redhat.com (Postfix) id 72ECB60BF4; Thu, 21 Mar 2019 07:32:15 +0000 (UTC) Received: from mx1.redhat.com (ext-mx15.extmail.prod.ext.phx2.redhat.com [10.5.110.44]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6C9BD60BF2 for ; Thu, 21 Mar 2019 07:32:13 +0000 (UTC) Received: from relay.sw.ru (relay.sw.ru [185.231.240.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DE178308339B for ; Thu, 21 Mar 2019 07:32:10 +0000 (UTC) Received: from [10.94.3.220] (helo=dim-vz7.qa.sw.ru) by relay.sw.ru with esmtp (Exim 4.91) (envelope-from ) id 1h6sBN-0003jw-25 for libvir-list@redhat.com; Thu, 21 Mar 2019 10:32:09 +0300 From: Nikolay Shirokovskiy To: libvir-list@redhat.com Date: Thu, 21 Mar 2019 10:32:07 +0300 Message-Id: <1553153527-459981-1-git-send-email-nshirokovskiy@virtuozzo.com> X-Greylist: Sender passed SPF test, ACL 242 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 21 Mar 2019 07:32:11 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 21 Mar 2019 07:32:11 +0000 (UTC) for IP:'185.231.240.75' DOMAIN:'relay.sw.ru' HELO:'relay.sw.ru' FROM:'nshirokovskiy@virtuozzo.com' RCPT:'' X-RedHat-Spam-Score: -0.001 (SPF_PASS) 185.231.240.75 relay.sw.ru 185.231.240.75 relay.sw.ru X-Scanned-By: MIMEDefang 2.84 on 10.5.110.44 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] nwfilter: fix adding std MAC and IP values to filter binding X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 21 Mar 2019 07:32:17 +0000 (UTC) Content-Type: text/plain; charset="utf-8" Commit d1a7c08eb changed filter instantiation code to ignore MAC and IP variables explicitly specified for filter binding. It just replaces explicit values with values associated with the binding. Before the commit virNWFilterCreateVarsFrom was used so that explicit value take precedence. Let's bring old behavior back. This is useful. For example if domain has two interfaces it makes sense to list both mac adresses in MAC var of every interface filterref. So that if guest make a bond of these interfaces and start sending frames with one of the mac adresses from both interfaces we can pass outgress traffic from both interfaces too. Signed-off-by: Nikolay Shirokovskiy Reviewed-by: Daniel P. Berrang=C3=A9 --- src/nwfilter/nwfilter_gentech_driver.c | 92 ++++++++++++------------------= ---- 1 file changed, 32 insertions(+), 60 deletions(-) diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index 655f088..6d68189 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -127,60 +127,6 @@ virNWFilterRuleInstFree(virNWFilterRuleInstPtr inst) =20 =20 /** - * virNWFilterVarHashmapAddStdValues: - * @tables: pointer to hash tabel to add values to - * @macaddr: The string of the MAC address to add to the hash table, - * may be NULL - * @ipaddr: The string of the IP address to add to the hash table; - * may be NULL - * - * Returns 0 in case of success, -1 in case an error happened with - * error having been reported. - * - * Adds a couple of standard keys (MAC, IP) to the hash table. - */ -static int -virNWFilterVarHashmapAddStdValues(virHashTablePtr table, - const char *macaddr, - const virNWFilterVarValue *ipaddr) -{ - virNWFilterVarValue *val; - - if (macaddr) { - val =3D virNWFilterVarValueCreateSimpleCopyValue(macaddr); - if (!val) - return -1; - - if (virHashUpdateEntry(table, - NWFILTER_STD_VAR_MAC, - val) < 0) { - virNWFilterVarValueFree(val); - virReportError(VIR_ERR_INTERNAL_ERROR, - "%s", _("Could not add variable 'MAC' to hashma= p")); - return -1; - } - } - - if (ipaddr) { - val =3D virNWFilterVarValueCopy(ipaddr); - if (!val) - return -1; - - if (virHashUpdateEntry(table, - NWFILTER_STD_VAR_IP, - val) < 0) { - virNWFilterVarValueFree(val); - virReportError(VIR_ERR_INTERNAL_ERROR, - "%s", _("Could not add variable 'IP' to hashmap= ")); - return -1; - } - } - - return 0; -} - - -/** * Convert a virHashTable into a string of comma-separated * variable names. */ @@ -705,6 +651,28 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr tech= driver, } =20 =20 +static int +virNWFilterVarHashmapAddStdValue(virHashTablePtr table, + const char *var, + const char *value) +{ + virNWFilterVarValue *val; + + if (virHashLookup(table, var)) + return 0; + + if (!(val =3D virNWFilterVarValueCreateSimpleCopyValue(value))) + return -1; + + if (virHashAddEntry(table, var, val) < 0) { + virNWFilterVarValueFree(val); + return -1; + } + + return 0; +} + + /* * Call this function while holding the NWFilter filter update lock */ @@ -717,7 +685,7 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverSta= tePtr driver, bool forceWithPendingReq, bool *foundNewFilter) { - int rc; + int rc =3D -1; const char *drvname =3D EBIPTABLES_DRIVER_ID; virNWFilterTechDriverPtr techdriver; virNWFilterObjPtr obj; @@ -743,14 +711,18 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, return -1; =20 virMacAddrFormat(&binding->mac, vmmacaddr); + if (virNWFilterVarHashmapAddStdValue(binding->filterparams, + NWFILTER_STD_VAR_MAC, + vmmacaddr) < 0) + goto err_exit; =20 ipaddr =3D virNWFilterIPAddrMapGetIPAddr(binding->portdevname); - - if (virNWFilterVarHashmapAddStdValues(binding->filterparams, - vmmacaddr, ipaddr) < 0) { - rc =3D -1; + if (ipaddr && + virNWFilterVarHashmapAddStdValue(binding->filterparams, + NWFILTER_STD_VAR_IP, + virNWFilterVarValueGetSimple(ipad= dr)) < 0) goto err_exit; - } + =20 filter =3D virNWFilterObjGetDef(obj); =20 --=20 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list