From nobody Thu Nov 28 10:56:16 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15248431308421023.0124902684227; Fri, 27 Apr 2018 08:32:10 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 5D05932D7446; Fri, 27 Apr 2018 15:32:07 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 03FCD7E4D8; Fri, 27 Apr 2018 15:32:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2D3EF4CAA3; Fri, 27 Apr 2018 15:32:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w3RFPQFg032319 for ; Fri, 27 Apr 2018 11:25:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 9368783B71; Fri, 27 Apr 2018 15:25:26 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.42.22.189]) by smtp.corp.redhat.com (Postfix) with ESMTP id 27BF7AB583; Fri, 27 Apr 2018 15:25:26 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Fri, 27 Apr 2018 16:25:10 +0100 Message-Id: <20180427152513.28928-12-berrange@redhat.com> In-Reply-To: <20180427152513.28928-1-berrange@redhat.com> References: <20180427152513.28928-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH 11/14] nwfilter: convert DHCP address snooping code to virNWFilterBinding X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Fri, 27 Apr 2018 15:32:09 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Use the virNWFilterBinding struct in the DHCP address snooping code directly. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/nwfilter/nwfilter_dhcpsnoop.c | 150 +++++++++++++----------------= ---- src/nwfilter/nwfilter_dhcpsnoop.h | 7 +- src/nwfilter/nwfilter_gentech_driver.c | 7 +- 3 files changed, 61 insertions(+), 103 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcp= snoop.c index dc4e3cb834..e67cea40ab 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -135,13 +135,9 @@ struct _virNWFilterSnoopReq { int refctr; =20 virNWFilterTechDriverPtr techdriver; - char *ifname; + virNWFilterBindingPtr binding; int ifindex; - char *linkdev; char ifkey[VIR_IFKEY_LEN]; - virMacAddr macaddr; - char *filtername; - virHashTablePtr vars; virNWFilterDriverStatePtr driver; /* start and end of lease list, ordered by lease time */ virNWFilterSnoopIPLeasePtr start; @@ -473,10 +469,10 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIP= LeasePtr ipl, =20 req =3D ipl->snoopReq; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (virNWFilterIPAddrMapAddIPAddr(req->ifname, ipaddr) < 0) + if (virNWFilterIPAddrMapAddIPAddr(req->binding->portdevname, ipaddr) <= 0) goto exit_snooprequnlock; =20 if (!instantiate) { @@ -486,16 +482,9 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIPL= easePtr ipl, =20 /* instantiate the filters */ =20 - if (req->ifname) { - virNWFilterBinding binding =3D { - .portdevname =3D req->ifname, - .linkdevname =3D req->linkdev, - .mac =3D req->macaddr, - .filter =3D req->filtername, - .filterparams =3D req->vars, - }; + if (req->binding->portdevname) { rc =3D virNWFilterInstantiateFilterLate(req->driver, - &binding, + req->binding, req->ifindex); } =20 @@ -636,10 +625,7 @@ virNWFilterSnoopReqFree(virNWFilterSnoopReqPtr req) virNWFilterSnoopReqLeaseDel(req, &ipl->ipAddress, false, false); =20 /* free all req data */ - VIR_FREE(req->ifname); - VIR_FREE(req->linkdev); - VIR_FREE(req->filtername); - virHashFree(req->vars); + virNWFilterBindingFree(req->binding); =20 virMutexDestroy(&req->lock); virCondDestroy(&req->threadStatusCond); @@ -870,28 +856,23 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr re= q, if (update_leasefile) virNWFilterSnoopLeaseFileSave(ipl); =20 - ipAddrLeft =3D virNWFilterIPAddrMapDelIPAddr(req->ifname, ipstr); + ipAddrLeft =3D virNWFilterIPAddrMapDelIPAddr(req->binding->portdevname= , ipstr); =20 if (!req->threadkey || !instantiate) goto skip_instantiate; =20 if (ipAddrLeft) { - virNWFilterBinding binding =3D { - .portdevname =3D req->ifname, - .linkdevname =3D req->linkdev, - .mac =3D req->macaddr, - .filter =3D req->filtername, - .filterparams =3D req->vars, - }; ret =3D virNWFilterInstantiateFilterLate(req->driver, - &binding, + req->binding, req->ifindex); } else { virNWFilterVarValuePtr dhcpsrvrs =3D - virHashLookup(req->vars, NWFILTER_VARNAME_DHCPSERVER); + virHashLookup(req->binding->filterparams, + NWFILTER_VARNAME_DHCPSERVER); =20 if (req->techdriver && - req->techdriver->applyDHCPOnlyRules(req->ifname, &req->macaddr, + req->techdriver->applyDHCPOnlyRules(req->binding->portdevname, + &req->binding->mac, dhcpsrvrs, false) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("virNWFilterSnoopListDel failed")); @@ -1021,7 +1002,7 @@ virNWFilterSnoopDHCPDecode(virNWFilterSnoopReqPtr req, * inside the DHCP response */ if (!fromVM) { - if (virMacAddrCmpRaw(&req->macaddr, + if (virMacAddrCmpRaw(&req->binding->mac, (unsigned char *)&pd->d_chaddr) !=3D 0) return -2; } @@ -1178,7 +1159,7 @@ static void virNWFilterDHCPDecodeWorker(void *jobdata= , void *opaque) =20 virReportError(VIR_ERR_INTERNAL_ERROR, _("Instantiation of rules failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); } virAtomicIntDecAndTest(job->qCtr); VIR_FREE(job); @@ -1387,13 +1368,14 @@ virNWFilterDHCPSnoopThread(void *req0) =20 /* whoever started us increased the reference counter for the req for = us */ =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname && req->threadkey) { + if (req->binding->portdevname && req->threadkey) { for (i =3D 0; i < ARRAY_CARDINALITY(pcapConf); i++) { pcapConf[i].handle =3D - virNWFilterSnoopDHCPOpen(req->ifname, &req->macaddr, + virNWFilterSnoopDHCPOpen(req->binding->portdevname, + &req->binding->mac, pcapConf[i].filter, pcapConf[i].dir); if (!pcapConf[i].handle) { @@ -1402,7 +1384,7 @@ virNWFilterDHCPSnoopThread(void *req0) } fds[i].fd =3D pcap_fileno(pcapConf[i].handle); } - tmp =3D virNetDevGetIndex(req->ifname, &ifindex); + tmp =3D virNetDevGetIndex(req->binding->portdevname, &ifindex); ignore_value(VIR_STRDUP(threadkey, req->threadkey)); worker =3D virThreadPoolNew(1, 1, 0, virNWFilterDHCPDecodeWorker, @@ -1467,11 +1449,11 @@ virNWFilterDHCPSnoopThread(void *req0) /* error reading from socket */ tmp =3D -1; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname) - tmp =3D virNetDevValidateConfig(req->ifname, NULL, ifi= ndex); + if (req->binding->portdevname) + tmp =3D virNetDevValidateConfig(req->binding->portdevn= ame, NULL, ifindex); =20 virNWFilterSnoopReqUnlock(req); =20 @@ -1484,16 +1466,17 @@ virNWFilterDHCPSnoopThread(void *req0) pcap_close(pcapConf[i].handle); pcapConf[i].handle =3D NULL; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 virReportError(VIR_ERR_INTERNAL_ERROR, _("interface '%s' failing; " "reopening"), - req->ifname); - if (req->ifname) + req->binding->portdevname); + if (req->binding->portdevname) pcapConf[i].handle =3D - virNWFilterSnoopDHCPOpen(req->ifname, &req->ma= caddr, + virNWFilterSnoopDHCPOpen(req->binding->portdev= name, + &req->binding->mac, pcapConf[i].filter, pcapConf[i].dir); =20 @@ -1519,7 +1502,7 @@ virNWFilterDHCPSnoopThread(void *req0) last_displayed_queue =3D time(0); VIR_WARN("Worker thread for interface '%s' has a " "job queue that is too long", - req->ifname); + req->binding->portdevname); } continue; } @@ -1532,7 +1515,7 @@ virNWFilterDHCPSnoopThread(void *req0) if (time(0) - last_displayed > 10) { last_displayed =3D time(0); VIR_WARN("Too many DHCP packets on interface '%s'= ", - req->ifname); + req->binding->portdevname); } continue; } @@ -1543,7 +1526,7 @@ virNWFilterDHCPSnoopThread(void *req0) &pcapConf[i].qCtr) <= 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Job submission failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->port= devname); error =3D true; break; } @@ -1554,15 +1537,15 @@ virNWFilterDHCPSnoopThread(void *req0) /* protect IfNameToKey */ virNWFilterSnoopLock(); =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 virNWFilterSnoopCancel(&req->threadkey); =20 ignore_value(virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, - req->ifname)); + req->binding->portdevname)); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); =20 virNWFilterSnoopReqUnlock(req); virNWFilterSnoopUnlock(); @@ -1595,12 +1578,7 @@ virNWFilterSnoopIFKeyFMT(char *ifkey, const unsigned= char *vmuuid, =20 int virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr techdriver, - const char *ifname, - const char *linkdev, - const unsigned char *vmuuid, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, + virNWFilterBindingPtr binding, virNWFilterDriverStatePtr driver) { virNWFilterSnoopReqPtr req; @@ -1611,7 +1589,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virNWFilterVarValuePtr dhcpsrvrs; bool threadPuts =3D false; =20 - virNWFilterSnoopIFKeyFMT(ifkey, vmuuid, macaddr); + virNWFilterSnoopIFKeyFMT(ifkey, binding->owneruuid, &binding->mac); =20 req =3D virNWFilterSnoopReqGetByIFKey(ifkey); isnewreq =3D (req =3D=3D NULL); @@ -1620,9 +1598,8 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virNWFilterSnoopReqPut(req); return 0; } - /* a recycled req may still have filtername and vars */ - VIR_FREE(req->filtername); - virHashFree(req->vars); + virNWFilterBindingFree(req->binding); + req->binding =3D NULL; } else { req =3D virNWFilterSnoopReqNew(ifkey); if (!req) @@ -1631,17 +1608,9 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tec= hdriver, =20 req->driver =3D driver; req->techdriver =3D techdriver; - tmp =3D virNetDevGetIndex(ifname, &req->ifindex); - virMacAddrSet(&req->macaddr, macaddr); - req->vars =3D virNWFilterHashTableCreate(0); - req->linkdev =3D NULL; - - if (VIR_STRDUP(req->ifname, ifname) < 0 || - VIR_STRDUP(req->filtername, filtername) < 0 || - VIR_STRDUP(req->linkdev, linkdev) < 0) + if ((tmp =3D virNetDevGetIndex(binding->portdevname, &req->ifindex)) <= 0) goto exit_snoopreqput; - - if (!req->vars || tmp < 0) + if (!(req->binding =3D virNWFilterBindingCopy(binding))) goto exit_snoopreqput; =20 /* check that all tools are available for applying the filters (late) = */ @@ -1653,10 +1622,11 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, goto exit_snoopreqput; } =20 - dhcpsrvrs =3D virHashLookup(filterparams, + dhcpsrvrs =3D virHashLookup(binding->filterparams, NWFILTER_VARNAME_DHCPSERVER); =20 - if (techdriver->applyDHCPOnlyRules(req->ifname, &req->macaddr, + if (techdriver->applyDHCPOnlyRules(req->binding->portdevname, + &req->binding->mac, dhcpsrvrs, false) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("applyDHCPOnlyRules " @@ -1664,20 +1634,14 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, goto exit_snoopreqput; } =20 - if (virNWFilterHashTablePutAll(filterparams, req->vars) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("virNWFilterDHCPSnoopReq: can't copy variables" - " on if %s"), ifkey); - goto exit_snoopreqput; - } - virNWFilterSnoopLock(); =20 - if (virHashAddEntry(virNWFilterSnoopState.ifnameToKey, ifname, + if (virHashAddEntry(virNWFilterSnoopState.ifnameToKey, + req->binding->portdevname, req->ifkey) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq ifname map failed" - " on interface \"%s\" key \"%s\""), ifname, + " on interface \"%s\" key \"%s\""), binding->port= devname, ifkey); goto exit_snoopunlock; } @@ -1686,7 +1650,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, virHashAddEntry(virNWFilterSnoopState.snoopReqs, ifkey, req) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq req add failed on" - " interface \"%s\" ifkey \"%s\""), ifname, + " interface \"%s\" ifkey \"%s\""), binding->portd= evname, ifkey); goto exit_rem_ifnametokey; } @@ -1698,7 +1662,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, req) !=3D 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("virNWFilterDHCPSnoopReq virThreadCreate " - "failed on interface '%s'"), ifname); + "failed on interface '%s'"), binding->portdevname= ); goto exit_snoopreq_unlock; } =20 @@ -1710,14 +1674,14 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr te= chdriver, if (!req->threadkey) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Activation of snoop request failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); goto exit_snoopreq_unlock; } =20 if (virNWFilterSnoopReqRestore(req) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Restoring of leases failed on " - "interface '%s'"), req->ifname); + "interface '%s'"), req->binding->portdevname); goto exit_snoop_cancel; } =20 @@ -1746,7 +1710,7 @@ virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr tech= driver, exit_snoopreq_unlock: virNWFilterSnoopReqUnlock(req); exit_rem_ifnametokey: - virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, ifname); + virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, binding->portdev= name); exit_snoopunlock: virNWFilterSnoopUnlock(); exit_snoopreqput: @@ -2054,21 +2018,21 @@ virNWFilterSnoopRemAllReqIter(const void *payload, { virNWFilterSnoopReqPtr req =3D (virNWFilterSnoopReqPtr)payload; =20 - /* protect req->ifname */ + /* protect req->binding->portdevname */ virNWFilterSnoopReqLock(req); =20 - if (req->ifname) { + if (req->binding->portdevname) { ignore_value(virHashRemoveEntry(virNWFilterSnoopState.ifnameToKey, - req->ifname)); + req->binding->portdevname)); =20 /* * Remove all IP addresses known to be associated with this * interface so that a new thread will be started on this * interface */ - virNWFilterIPAddrMapDelIPAddr(req->ifname, NULL); + virNWFilterIPAddrMapDelIPAddr(req->binding->portdevname, NULL); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); } =20 virNWFilterSnoopReqUnlock(req); @@ -2171,13 +2135,13 @@ virNWFilterDHCPSnoopEnd(const char *ifname) goto cleanup; } =20 - /* protect req->ifname & req->threadkey */ + /* protect req->binding->portdevname & req->threadkey */ virNWFilterSnoopReqLock(req); =20 /* keep valid lease req; drop interface association */ virNWFilterSnoopCancel(&req->threadkey); =20 - VIR_FREE(req->ifname); + VIR_FREE(req->binding->portdevname); =20 virNWFilterSnoopReqUnlock(req); =20 diff --git a/src/nwfilter/nwfilter_dhcpsnoop.h b/src/nwfilter/nwfilter_dhcp= snoop.h index a5925de40a..0c047fd5a1 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.h +++ b/src/nwfilter/nwfilter_dhcpsnoop.h @@ -30,12 +30,7 @@ int virNWFilterDHCPSnoopInit(void); void virNWFilterDHCPSnoopShutdown(void); int virNWFilterDHCPSnoopReq(virNWFilterTechDriverPtr techdriver, - const char *ifname, - const char *linkdev, - const unsigned char *vmuuid, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, + virNWFilterBindingPtr binding, virNWFilterDriverStatePtr driver); void virNWFilterDHCPSnoopEnd(const char *ifname); #endif /* __NWFILTER_DHCPSNOOP_H */ diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index 514315f781..0dc51d16c5 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -645,10 +645,9 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr tech= driver, goto err_unresolvable_vars; } if (STRCASEEQ(learning, "dhcp")) { - rc =3D virNWFilterDHCPSnoopReq(techdriver, binding->portde= vname, - binding->linkdevname, - binding->owneruuid, &binding-= >mac, - filter->name, binding->filter= params, driver); + rc =3D virNWFilterDHCPSnoopReq(techdriver, + binding, + driver); goto err_exit; } else if (STRCASEEQ(learning, "any")) { if (!virNWFilterHasLearnReq(ifindex)) { --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list