From nobody Thu Sep 19 00:17:39 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1715967507696278.80775885476953;
 Fri, 17 May 2024 10:38:27 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 9191C1A1F; Fri, 17 May 2024 13:38:26 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 2B45D1D00;
	Fri, 17 May 2024 13:30:41 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id 0C8F81799; Fri, 17 May 2024 13:30:13 -0400 (EDT)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id DF1B7178A
	for <devel@lists.libvirt.org>; Fri, 17 May 2024 13:30:10 -0400 (EDT)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-678-2ggpFo3cNTOo1SBR3aNXAA-1; Fri, 17 May 2024 13:30:09 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com
 [10.11.54.2])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1EDD6101A525
	for <devel@lists.libvirt.org>; Fri, 17 May 2024 17:30:09 +0000 (UTC)
Received: from vhost3.router.laine.org (unknown [10.22.16.223])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 07F3E40C6EB7
	for <devel@lists.libvirt.org>; Fri, 17 May 2024 17:30:09 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE
	autolearn=unavailable autolearn_force=no version=3.4.4
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1715967010;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=GCs9jwdrx6kJR/ot3JKdn7CQbX4XmBEyfBwRWMbR0gU=;
	b=gryiLmUHfrRdc7vuCUe1ynTputQIsbtkxqxMfjs4mW4cBiZuCW5dj1/UrNjB6dVg5WAZQd
	54ToEhU66DGf9rn11s5EOddHOnhKYmzbE9NiirCTV8keW4KLDfaP4V3kO8n0Zx56fcGWpi
	FZP+O2a9PUBfEbGnj7OoLQCSvoeDHiE=
X-MC-Unique: 2ggpFo3cNTOo1SBR3aNXAA-1
From: Laine Stump <laine@redhat.com>
To: devel@lists.libvirt.org
Subject: [PATCH v5 09/30] util: determine ignoreErrors value when creating
 virFirewallCmd, not when applying
Date: Fri, 17 May 2024 13:29:46 -0400
Message-ID: <20240517173007.8125-10-laine@redhat.com>
In-Reply-To: <20240517173007.8125-1-laine@redhat.com>
References: <20240517173007.8125-1-laine@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.2
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: EYKGJI4EUQHWRR23B2IK3FDHVO5TYMEI
X-Message-ID-Hash: EYKGJI4EUQHWRR23B2IK3FDHVO5TYMEI
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/EYKGJI4EUQHWRR23B2IK3FDHVO5TYMEI/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1715967509710100001
Content-Type: text/plain; charset="utf-8"

We know at the time a virFirewallCmd is created (with
virFirewallAddCmd*()) whether or not we will later want to ignore
errors encountered when attempting to apply that command - if
ignoreErrors is set in the AddCmd or if the group has already had
VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS set, then we ignore the errors.

Rather than setting the fwCmd->ignoreErrors only according to the arg
sent to virFirewallAddCmdFull(), and then later (at ApplyCmd-time)
combining that with the group transactionFlags setting (and passing it
all the way down the call chain), just combine the two flags right
away and store this final value in fwCmd->ignoreErrors when the
virFirewallCmd is created (thus avoiding the need to look at anything
other than fwCmd->ignoreErrors at the time the command is applied). Once
that is done, we can simply grab ignoreErrors from the object down in
virFirewallApply() rather than cluttering up the argument list on the
entire call chain.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/util/virfirewall.c | 28 +++++++++++++---------------
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/src/util/virfirewall.c b/src/util/virfirewall.c
index a57a79d4ce..56d43bfdde 100644
--- a/src/util/virfirewall.c
+++ b/src/util/virfirewall.c
@@ -211,14 +211,19 @@ virFirewallAddCmdFullV(virFirewall *firewall,
     fwCmd->layer =3D layer;
     fwCmd->queryCB =3D cb;
     fwCmd->queryOpaque =3D opaque;
-    fwCmd->ignoreErrors =3D ignoreErrors;
=20
     while ((str =3D va_arg(args, char *)) !=3D NULL)
         ADD_ARG(fwCmd, str);
=20
     if (group->addingRollback) {
+        fwCmd->ignoreErrors =3D true; /* always ignore errors when rolling=
 back */
         VIR_APPEND_ELEMENT_COPY(group->rollback, group->nrollback, fwCmd);
     } else {
+        /* when not rolling back, ignore errors if this group (transaction)
+         * was started with VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS *or*
+         * if this specific rule was created with ignoreErrors =3D=3D true
+         */
+        fwCmd->ignoreErrors =3D ignoreErrors || (group->actionFlags & VIR_=
FIREWALL_TRANSACTION_IGNORE_ERRORS);
         VIR_APPEND_ELEMENT_COPY(group->action, group->naction, fwCmd);
     }
=20
@@ -466,8 +471,7 @@ virFirewallCmdToString(const char *cmd,
=20
 static int
 virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
-                          bool ignoreErrors,
-                          char **output)
+                           char **output)
 {
     size_t i;
     const char *bin =3D virFirewallLayerCommandTypeToString(fwCmd->layer);
@@ -511,7 +515,7 @@ virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
         return -1;
=20
     if (status !=3D 0) {
-        if (ignoreErrors) {
+        if (fwCmd->ignoreErrors) {
             VIR_DEBUG("Ignoring error running command");
         } else {
             virReportError(VIR_ERR_INTERNAL_ERROR,
@@ -528,22 +532,18 @@ virFirewallApplyCmdDirect(virFirewallCmd *fwCmd,
=20
 static int
 virFirewallApplyCmd(virFirewall *firewall,
-                    virFirewallCmd *fwCmd,
-                    bool ignoreErrors)
+                    virFirewallCmd *fwCmd)
 {
     g_autofree char *output =3D NULL;
     g_auto(GStrv) lines =3D NULL;
=20
-    if (fwCmd->ignoreErrors)
-        ignoreErrors =3D fwCmd->ignoreErrors;
-
     if (fwCmd->argsLen =3D=3D 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("Can't apply empty firewall command"));
         return -1;
     }
=20
-    if (virFirewallApplyCmdDirect(fwCmd, ignoreErrors, &output) < 0)
+    if (virFirewallApplyCmdDirect(fwCmd, &output) < 0)
         return -1;
=20
     if (fwCmd->queryCB && output) {
@@ -570,7 +570,7 @@ virFirewallApplyGroup(virFirewall *firewall,
                       size_t idx)
 {
     virFirewallGroup *group =3D firewall->groups[idx];
-    bool ignoreErrors =3D (group->actionFlags & VIR_FIREWALL_TRANSACTION_I=
GNORE_ERRORS);
+
     size_t i;
=20
     VIR_INFO("Starting transaction for firewall=3D%p group=3D%p flags=3D0x=
%x",
@@ -578,9 +578,7 @@ virFirewallApplyGroup(virFirewall *firewall,
     firewall->currentGroup =3D idx;
     group->addingRollback =3D false;
     for (i =3D 0; i < group->naction; i++) {
-        if (virFirewallApplyCmd(firewall,
-                                group->action[i],
-                                ignoreErrors) < 0)
+        if (virFirewallApplyCmd(firewall, group->action[i]) < 0)
             return -1;
     }
     return 0;
@@ -598,7 +596,7 @@ virFirewallRollbackGroup(virFirewall *firewall,
     firewall->currentGroup =3D idx;
     group->addingRollback =3D true;
     for (i =3D 0; i < group->nrollback; i++)
-        ignore_value(virFirewallApplyCmd(firewall, group->rollback[i], tru=
e));
+        ignore_value(virFirewallApplyCmd(firewall, group->rollback[i]));
 }
=20
=20
--=20
2.45.0