From nobody Fri Dec 19 20:42:09 2025
Delivered-To: importer@patchew.org
Received-SPF: none (zohomail.com: 8.43.85.245 is neither permitted nor denied
 by domain of lists.libvirt.org) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	spf=none (zohomail.com: 8.43.85.245 is neither permitted nor denied by domain
 of lists.libvirt.org)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1714500867372422.49465986531663;
 Tue, 30 Apr 2024 11:14:27 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 46CCB2541; Tue, 30 Apr 2024 14:14:26 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 1768C2479;
	Tue, 30 Apr 2024 13:45:58 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 2688E2368; Tue, 30 Apr 2024 13:44:35 -0400 (EDT)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id A64BB21E9
	for <devel@lists.libvirt.org>; Tue, 30 Apr 2024 13:44:25 -0400 (EDT)
Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73])
 by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-106-nVpI_2t9OWa7BmSwdWngJA-1; Tue,
 30 Apr 2024 13:44:21 -0400
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com
 [10.11.54.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B207729ABA0C
	for <devel@lists.libvirt.org>; Tue, 30 Apr 2024 17:44:21 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.16.229])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 9B98D581C8
	for <devel@lists.libvirt.org>; Tue, 30 Apr 2024 17:44:21 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No,
 score=-0.7 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,
	RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable
	autolearn_force=no version=3.4.4
X-MC-Unique: nVpI_2t9OWa7BmSwdWngJA-1
From: Laine Stump <laine@redhat.com>
To: devel@lists.libvirt.org
Subject: [PATCH v4 09/30] util: determine ignoreErrors value when creating
 virFirewallCmd, not when applying
Date: Tue, 30 Apr 2024 13:43:58 -0400
Message-ID: <20240430174420.371179-10-laine@redhat.com>
In-Reply-To: <20240430174420.371179-1-laine@redhat.com>
References: <20240430174420.371179-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Message-ID-Hash: IGCESBBEXG2IOSXGYAGQTE4RLDCHFBET
X-Message-ID-Hash: IGCESBBEXG2IOSXGYAGQTE4RLDCHFBET
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/IGCESBBEXG2IOSXGYAGQTE4RLDCHFBET/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-ZM-MESSAGEID: 1714500867751100001

We know at the time a virFirewallCmd is created (with
virFirewallAddCmd*()) whether or not we will later want to ignore
errors encountered when attempting to apply that command - if
ignoreErrors is set in the AddCmd or if the group has already had
VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS set, then we ignore the errors.

Rather than setting the fwCmd->ignoreErrors only according to the arg
sent to virFirewallAddCmdFull(), and then later (at ApplyCmd-time)
combining that with the group transactionFlags setting (and passing it
all the way down the call chain), just combine the two flags right
away and store this final value in fwCmd->ignoreErrors when the
virFirewallCmd is created (thus avoiding the need to look at anything
other than fwCmd->ignoreErrors at the time the command is applied). Once
that is done, we can simply grab ignoreErrors from the object down in
virFirewallApply() rather than cluttering up the argument list on the
entire call chain.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/util/virfirewall.c | 28 +++++++++++++---------------
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
index a57a79d4ce..56d43bfdde 100644
--- a/src/util/virfirewall.c
+++ b/src/util/virfirewall.c
@@ -211,14 +211,19 @@ virFirewallAddCmdFullV(virFirewall *firewall,
     fwCmd->layer =3D layer;
     fwCmd->queryCB =3D cb;
     fwCmd->queryOpaque =3D opaque;
-    fwCmd->ignoreErrors =3D ignoreErrors;
=20
     while ((str =3D va_arg(args, char *)) !=3D NULL)
         ADD_ARG(fwCmd, str);
=20
     if (group->addingRollback) {
+        fwCmd->ignoreErrors =3D true; /* always ignore errors when rolling=
 back */
         VIR_APPEND_ELEMENT_COPY(group->rollback, group->nrollback, fwCmd);
     } else {
+        /* when not rolling back, ignore errors if this group (transaction)
+         * was started with VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS *or*
+         * if this specific rule was created with ignoreErrors =3D=3D true
+         */
+        fwCmd->ignoreErrors =3D ignoreErrors || (group->actionFlags & VIR_=
FIREWALL_TRANSACTION_IGNORE_ERRORS);
         VIR_APPEND_ELEMENT_COPY(group->action, group->naction, fwCmd);
     }
=20
@@ -466,8 +471,7 @@ virFirewallCmdToString(const char *cmd,
=20
 static int
 virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
-                          bool ignoreErrors,
-                          char **output)
+                           char **output)
 {
     size_t i;
     const char *bin =3D virFirewallLayerCommandTypeToString(fwCmd->layer);
@@ -511,7 +515,7 @@ virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
         return -1;
=20
     if (status !=3D 0) {
-        if (ignoreErrors) {
+        if (fwCmd->ignoreErrors) {
             VIR_DEBUG("Ignoring error running command");
         } else {
             virReportError(VIR_ERR_INTERNAL_ERROR,
@@ -528,22 +532,18 @@ virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
=20
 static int
 virFirewallApplyCmd(virFirewall *firewall,
-                    virFirewallCmd *fwCmd,
-                    bool ignoreErrors)
+                    virFirewallCmd *fwCmd)
 {
     g_autofree char *output =3D NULL;
     g_auto(GStrv) lines =3D NULL;
=20
-    if (fwCmd->ignoreErrors)
-        ignoreErrors =3D fwCmd->ignoreErrors;
-
     if (fwCmd->argsLen =3D=3D 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("Can't apply empty firewall command"));
         return -1;
     }
=20
-    if (virFirewallApplyCmdDirect(fwCmd, ignoreErrors, &output) < 0)
+    if (virFirewallApplyCmdDirect(fwCmd, &output) < 0)
         return -1;
=20
     if (fwCmd->queryCB && output) {
@@ -570,7 +570,7 @@ virFirewallApplyGroup(virFirewall *firewall,
                       size_t idx)
 {
     virFirewallGroup *group =3D firewall->groups[idx];
-    bool ignoreErrors =3D (group->actionFlags & VIR_FIREWALL_TRANSACTION_I=
GNORE_ERRORS);
+
     size_t i;
=20
     VIR_INFO("Starting transaction for firewall=3D%p group=3D%p flags=3D0x=
%x",
@@ -578,9 +578,7 @@ virFirewallApplyGroup(virFirewall *firewall,
     firewall->currentGroup =3D idx;
     group->addingRollback =3D false;
     for (i =3D 0; i < group->naction; i++) {
-        if (virFirewallApplyCmd(firewall,
-                                group->action[i],
-                                ignoreErrors) < 0)
+        if (virFirewallApplyCmd(firewall, group->action[i]) < 0)
             return -1;
     }
     return 0;
@@ -598,7 +596,7 @@ virFirewallRollbackGroup(virFirewall *firewall,
     firewall->currentGroup =3D idx;
     group->addingRollback =3D true;
     for (i =3D 0; i < group->nrollback; i++)
-        ignore_value(virFirewallApplyCmd(firewall, group->rollback[i], tru=
e));
+        ignore_value(virFirewallApplyCmd(firewall, group->rollback[i]));
 }
=20
=20
--=20
2.44.0
_______________________________________________
Devel mailing list -- devel@lists.libvirt.org
To unsubscribe send an email to devel-leave@lists.libvirt.org