From nobody Mon Feb  9 18:19:07 2026
Delivered-To: importer@patchew.org
Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied
 by domain of lists.libvirt.org) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain
 of lists.libvirt.org)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1714024868900111.17033419072084;
 Wed, 24 Apr 2024 23:01:08 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id A09DB22B9; Thu, 25 Apr 2024 02:01:07 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 40C9C2300;
	Thu, 25 Apr 2024 01:39:57 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id B6377222C; Thu, 25 Apr 2024 01:38:46 -0400 (EDT)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 6937621DB
	for <devel@lists.libvirt.org>; Thu, 25 Apr 2024 01:38:39 -0400 (EDT)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-111-QnQzp3SQOdSl0RpZKhlqOA-1; Thu, 25 Apr 2024 01:38:37 -0400
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4B10718065AB
	for <devel@lists.libvirt.org>; Thu, 25 Apr 2024 05:38:37 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.32.67])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 3390A5C5CC8
	for <devel@lists.libvirt.org>; Thu, 25 Apr 2024 05:38:37 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No,
 score=-0.7 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,
	RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable
	autolearn_force=no version=3.4.4
X-MC-Unique: QnQzp3SQOdSl0RpZKhlqOA-1
From: Laine Stump <laine@redhat.com>
To: devel@lists.libvirt.org
Subject: [PATCH v3 20/27] conf: add a virFirewall object to virNetworkObj
Date: Thu, 25 Apr 2024 01:38:26 -0400
Message-ID: <20240425053833.1066517-21-laine@redhat.com>
In-Reply-To: <20240425053833.1066517-1-laine@redhat.com>
References: <20240425053833.1066517-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Message-ID-Hash: VJSKVKTWGIGGCVLDGFYGDBUVGEBD4PKM
X-Message-ID-Hash: VJSKVKTWGIGGCVLDGFYGDBUVGEBD4PKM
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/VJSKVKTWGIGGCVLDGFYGDBUVGEBD4PKM/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZM-MESSAGEID: 1714024872144100001

This virFirewall object will store the list of actions required to
remove the firewall that was added for the currently active instance
of the network, so it has been named "fwRemoval" (and when parsed into
XML, the <firewall> element will have the name "fwRemoval").

There are no uses of the fwRemoval object in the virNetworkObj yet,
but everything is in place to add it to the XML when formatted, parse
it from the XML when reading network status, and free the virFirewall
object when the virNetworkObj is freed.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
Change from V2:
* add name=3D'fwRemoval' to the network status <firewall> so it
  can be positively identified in the XML

 src/conf/virnetworkobj.c | 46 ++++++++++++++++++++++++++++++++++++++++
 src/conf/virnetworkobj.h | 11 ++++++++++
 src/libvirt_private.syms |  3 +++
 3 files changed, 60 insertions(+)

diff --git a/src/conf/virnetworkobj.c b/src/conf/virnetworkobj.c
index d5aa121e20..fef4c69004 100644
--- a/src/conf/virnetworkobj.c
+++ b/src/conf/virnetworkobj.c
@@ -55,6 +55,11 @@ struct _virNetworkObj {
=20
     unsigned int taint;
=20
+    /* fwRemoval contains all commands needed to remove the firewall
+     * that was added for this network.
+     */
+    virFirewall *fwRemoval;
+
     /* Immutable pointer, self locking APIs */
     virMacMap *macmap;
=20
@@ -239,6 +244,30 @@ virNetworkObjSetFloorSum(virNetworkObj *obj,
 }
=20
=20
+virFirewall **
+virNetworkObjGetFwRemovalPtr(virNetworkObj *obj)
+{
+    return &obj->fwRemoval;
+}
+
+
+virFirewall *
+virNetworkObjGetFwRemoval(virNetworkObj *obj)
+{
+    return obj->fwRemoval;
+}
+
+
+void
+virNetworkObjSetFwRemoval(virNetworkObj *obj,
+                          virFirewall *fwRemoval)
+{
+    obj->fwRemoval =3D fwRemoval;
+    /* give it a name so it's identifiable in the XML */
+    virFirewallSetName(fwRemoval, "fwRemoval");
+}
+
+
 void
 virNetworkObjSetMacMap(virNetworkObj *obj,
                        virMacMap **macmap)
@@ -444,6 +473,7 @@ virNetworkObjDispose(void *opaque)
     virNetworkDefFree(obj->newDef);
     virBitmapFree(obj->classIdMap);
     virObjectUnref(obj->macmap);
+    virFirewallFree(obj->fwRemoval);
 }
=20
=20
@@ -792,6 +822,9 @@ virNetworkObjFormat(virNetworkObj *obj,
     if (virNetworkDefFormatBuf(&buf, obj->def, xmlopt, flags) < 0)
         return NULL;
=20
+    if (obj->fwRemoval && virFirewallFormat(&buf, obj->fwRemoval) < 0)
+        return NULL;
+
     virBufferAdjustIndent(&buf, -2);
     virBufferAddLit(&buf, "</networkstatus>");
=20
@@ -826,6 +859,7 @@ virNetworkLoadState(virNetworkObjList *nets,
     g_autofree char *configFile =3D NULL;
     g_autoptr(virNetworkDef) def =3D NULL;
     virNetworkObj *obj =3D NULL;
+    g_autoptr(virFirewall) fwRemoval =3D NULL;
     g_autoptr(xmlDoc) xml =3D NULL;
     xmlNodePtr node =3D NULL;
     g_autoptr(xmlXPathContext) ctxt =3D NULL;
@@ -868,6 +902,7 @@ virNetworkLoadState(virNetworkObjList *nets,
         g_autofree char *classIdStr =3D NULL;
         g_autofree char *floor_sum =3D NULL;
         g_autofree xmlNodePtr *nodes =3D NULL;
+        xmlNodePtr fwNode;
=20
         ctxt->node =3D node;
         if ((classIdStr =3D virXPathString("string(./class_id[1]/@bitmap)",
@@ -902,6 +937,15 @@ virNetworkLoadState(virNetworkObjList *nets,
                 taint |=3D (1 << flag);
             }
         }
+        if ((fwNode =3D virXPathNode("./firewall", ctxt))) {
+            g_autoptr(virFirewall) fwTmp =3D NULL;
+
+            if (virFirewallParseXML(&fwTmp, fwNode, ctxt) < 0)
+                return NULL;
+
+            if (STREQ_NULLABLE(virFirewallGetName(fwTmp), "fwRemoval"))
+                fwRemoval =3D g_steal_pointer(&fwTmp);
+        }
     }
=20
     /* create the object */
@@ -910,6 +954,8 @@ virNetworkLoadState(virNetworkObjList *nets,
=20
     def =3D NULL;
=20
+    virNetworkObjSetFwRemoval(obj, g_steal_pointer(&fwRemoval));
+
     /* assign status data stored in the network object */
     if (classIdMap) {
         virBitmapFree(obj->classIdMap);
diff --git a/src/conf/virnetworkobj.h b/src/conf/virnetworkobj.h
index d3847d3422..d35e495961 100644
--- a/src/conf/virnetworkobj.h
+++ b/src/conf/virnetworkobj.h
@@ -23,6 +23,7 @@
=20
 #include "network_conf.h"
 #include "virnetworkportdef.h"
+#include "virfirewall.h"
=20
 typedef struct _virNetworkObj virNetworkObj;
=20
@@ -76,6 +77,16 @@ void
 virNetworkObjSetFloorSum(virNetworkObj *obj,
                          unsigned long long floor_sum);
=20
+virFirewall **
+virNetworkObjGetFwRemovalPtr(virNetworkObj *obj);
+
+virFirewall *
+virNetworkObjGetFwRemoval(virNetworkObj *obj);
+
+void
+virNetworkObjSetFwRemoval(virNetworkObj *obj,
+                          virFirewall *fwRemoval);
+
 void
 virNetworkObjSetMacMap(virNetworkObj *obj,
                        virMacMap **macmap);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 9ba1edb37e..83abbece4c 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1300,6 +1300,8 @@ virNetworkObjGetClassIdMap;
 virNetworkObjGetDef;
 virNetworkObjGetDnsmasqPid;
 virNetworkObjGetFloorSum;
+virNetworkObjGetFwRemoval;
+virNetworkObjGetFwRemovalPtr;
 virNetworkObjGetMacMap;
 virNetworkObjGetMetadata;
 virNetworkObjGetNewDef;
@@ -1331,6 +1333,7 @@ virNetworkObjSetDef;
 virNetworkObjSetDefTransient;
 virNetworkObjSetDnsmasqPid;
 virNetworkObjSetFloorSum;
+virNetworkObjSetFwRemoval;
 virNetworkObjSetMacMap;
 virNetworkObjSetMetadata;
 virNetworkObjTaint;
--=20
2.44.0
_______________________________________________
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-leave@lists.libvirt.org