From nobody Mon Sep 16 20:20:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1682911284; cv=none; d=zohomail.com; s=zohoarc; b=ZWBiY352aHKYFJV+ejNeeMhtQ6eYqHVkQKiKHdAUce5xzUeGhjMaEaMm/16g/iNUTSyH4sJkNoBJ49SHkS3A5BdHZnrrgZatOGrr51WTFFm3z4QbnI4wD++7Q9NiNvpS2/w0gPeQ5+F2X2dUZD8dEHgJCSPcu7A8feBUWx/a/b0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1682911284; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=blYS+D/WWzztTB1DWwadIdXqRai/6e0dj0S+mStoVm8=; b=iwargTXublZ5fM1UOSqG8YBbL53k4uJX0v7dzoyLkqB1i9TekyGa2lX8M9g0vS5vmlFs/FBUv/hT6FQQtlHNIJTmJ3ipo/yL2Em39G5xNc4loOXnBOrZLZIzsyG9beaeFPmaDiRWOMGsyZADAojjCi6uddRZNaBbDFYJhNFgPGs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1682911284102804.1409066009608; Sun, 30 Apr 2023 20:21:24 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-416-fiyD15cXNkmxo7XYniKv4A-1; Sun, 30 Apr 2023 23:20:13 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4A1FB1C075B7; Mon, 1 May 2023 03:20:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 338591121314; Mon, 1 May 2023 03:20:10 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 1E30C19465A2; Mon, 1 May 2023 03:20:08 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A02571946588 for ; Mon, 1 May 2023 03:19:44 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 72F0740BB04; Mon, 1 May 2023 03:19:44 +0000 (UTC) Received: from vhost3.router.laine.org (unknown [10.22.8.105]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5A4FD4750B3 for ; Mon, 1 May 2023 03:19:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1682911283; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=blYS+D/WWzztTB1DWwadIdXqRai/6e0dj0S+mStoVm8=; b=PZoRJrEMpJj4bKOLe3w3Y6oQawx3YbprFmwCKuRrMhe2KbrosrdI3kpabgqXb60bu3d4Mf Qj2I313Q1cadhm2sEcW1T2upDX2k4mVgxCR0mulzNCGNnTTBfwa4i/qbxBX0R53uA3Y69b 56QFOcWhPzekqLFHFpXjSMo/XQeIGoQ= X-MC-Unique: fiyD15cXNkmxo7XYniKv4A-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Laine Stump To: libvir-list@redhat.com Subject: [libvirt PATCH 03/28] util: determine ignoreErrors value when creating rule, not when applying Date: Sun, 30 Apr 2023 23:19:18 -0400 Message-Id: <20230501031943.288145-4-laine@redhat.com> In-Reply-To: <20230501031943.288145-1-laine@redhat.com> References: <20230501031943.288145-1-laine@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1682911285577100001 Content-Type: text/plain; charset="utf-8"; x-default="true" We know at the time a virFirewallRule is created (with virFirewallAddRule*()) whether or not we will later want to ignore errors encountered when attempting to apply that rule - if ignoreErrors is set in the AddRule or if the group has already had VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS set, then we ignore the errors. Rather than setting the rule->ignoreErrors rule only according to the arg sent to virFirewallAddRuleFull(), and then later (at ApplyRule-time) combining that with the group transactionFlags setting (and passing it all the way down the call chain), just combine the two flags right away and store this final value in rule->ignoreErrors when the rule is created (thus avoiding the need to look at anything other than rule->ignoreErrors at the time the rule is applied). And since we now have an API for retrieving the setting of ignoreErrors from a rule, just grab that with the API down in vir*ApplyRule() rather than cluttering up the argument list on the entire call chain. Signed-off-by: Laine Stump Reviewed-by: Daniel P. Berrang=C3=A9 --- src/util/virfirewall.c | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c index 15c8db3702..e3ba8f7846 100644 --- a/src/util/virfirewall.c +++ b/src/util/virfirewall.c @@ -211,14 +211,20 @@ virFirewallAddRuleFullV(virFirewall *firewall, rule->layer =3D layer; rule->queryCB =3D cb; rule->queryOpaque =3D opaque; - rule->ignoreErrors =3D ignoreErrors; =20 while ((str =3D va_arg(args, char *)) !=3D NULL) ADD_ARG(rule, str); =20 if (group->addingRollback) { + rule->ignoreErrors =3D true; /* always ignore errors when rolling = back */ VIR_APPEND_ELEMENT_COPY(group->rollback, group->nrollback, rule); } else { + /* when not rolling back, ignore errors if this group (transaction) + * was started with VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS *or* + * if this specific rule was created with ignoreErrors =3D=3D true + */ + rule->ignoreErrors =3D ignoreErrors + || (group->actionFlags & VIR_FIREWALL_TRANSACTION_IGNORE_ERROR= S); VIR_APPEND_ELEMENT_COPY(group->action, group->naction, rule); } =20 @@ -496,7 +502,6 @@ virFirewallRuleToString(const char *cmd, =20 static int virFirewallApplyRuleDirect(virFirewallRule *rule, - bool ignoreErrors, char **output) { size_t i; @@ -541,7 +546,7 @@ virFirewallApplyRuleDirect(virFirewallRule *rule, return -1; =20 if (status !=3D 0) { - if (ignoreErrors) { + if (virFirewallRuleGetIgnoreErrors(rule)) { VIR_DEBUG("Ignoring error running command"); } else { virReportError(VIR_ERR_INTERNAL_ERROR, @@ -558,16 +563,12 @@ virFirewallApplyRuleDirect(virFirewallRule *rule, =20 static int virFirewallApplyRule(virFirewall *firewall, - virFirewallRule *rule, - bool ignoreErrors) + virFirewallRule *rule) { g_autofree char *output =3D NULL; g_auto(GStrv) lines =3D NULL; =20 - if (rule->ignoreErrors) - ignoreErrors =3D rule->ignoreErrors; - - if (virFirewallApplyRuleDirect(rule, ignoreErrors, &output) < 0) + if (virFirewallApplyRuleDirect(rule, &output) < 0) return -1; =20 if (rule->queryCB && output) { @@ -594,7 +595,7 @@ virFirewallApplyGroup(virFirewall *firewall, size_t idx) { virFirewallGroup *group =3D firewall->groups[idx]; - bool ignoreErrors =3D (group->actionFlags & VIR_FIREWALL_TRANSACTION_I= GNORE_ERRORS); + size_t i; =20 VIR_INFO("Starting transaction for firewall=3D%p group=3D%p flags=3D0x= %x", @@ -602,9 +603,7 @@ virFirewallApplyGroup(virFirewall *firewall, firewall->currentGroup =3D idx; group->addingRollback =3D false; for (i =3D 0; i < group->naction; i++) { - if (virFirewallApplyRule(firewall, - group->action[i], - ignoreErrors) < 0) + if (virFirewallApplyRule(firewall, group->action[i]) < 0) return -1; } return 0; @@ -621,11 +620,8 @@ virFirewallRollbackGroup(virFirewall *firewall, VIR_INFO("Starting rollback for group %p", group); firewall->currentGroup =3D idx; group->addingRollback =3D true; - for (i =3D 0; i < group->nrollback; i++) { - ignore_value(virFirewallApplyRule(firewall, - group->rollback[i], - true)); - } + for (i =3D 0; i < group->nrollback; i++) + ignore_value(virFirewallApplyRule(firewall, group->rollback[i])); } =20 =20 --=20 2.39.2