[libvirt] [PATCH] nwfilter: cleanup return codes in nwfilter subsystem
Stefan Berger
stefanb at linux.vnet.ibm.com
Fri Dec 9 02:19:56 UTC 2011
On 12/08/2011 06:19 PM, Eric Blake wrote:
> On 11/23/2011 02:19 PM, Stefan Berger wrote:
>> This patch cleans up return codes in the nwfilter subsystem.
>> [...]
> Resuming where I left off last time...
>
>> Index: libvirt-acl/src/conf/nwfilter_params.c
>> @@ -505,25 +505,25 @@ virNWFilterHashTablePut(virNWFilterHashT
>> if (copyName) {
>> name = strdup(name);
>> if (!name)
>> - return 1;
>> + return -1;
> virNWFilterDetermineMissingVarsRec() has an unchecked call to this
> function, meaning that an OOM error can go undetected in that call site.
>
putting a virReportOOMError() into this one...
> All other calls to this function look sanely converted.
>
>> @@ -640,7 +640,7 @@ virNWFilterHashTablePutAll(virNWFilterHa
>> return 0;
>>
>> err_exit:
>> - return 1;
>> + return -1;
> All callers look sanely converted.
>
>> Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
>> ===================================================================
>> --- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.c
>> +++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
>> @@ -106,7 +106,7 @@ virNWFilterRuleInstAddData(virNWFilterRu
> Comment prior to the function needs an update.
>
Thanks. Fixed.
>> {
>> if (VIR_REALLOC_N(res->data, res->ndata+1)< 0) {
>> virReportOOMError();
>> - return 1;
>> + return -1;
> All callers look sanely converted.
>
>> @@ -151,28 +151,28 @@ virNWFilterVarHashmapAddStdValues(virNWF
>> if (macaddr) {
>> val = virNWFilterVarValueCreateSimple(macaddr);
>> if (!val)
>> - return 1;
>> + return -1;
> Comment prior to the function needs an update. All callers correctly
> converted.
Fixed.
>> @@ -649,7 +649,7 @@ virNWFilterInstantiate(virNWFilterTechDr
>> virNWFilterHashTablePtr missing_vars = virNWFilterHashTableCreate(0);
>> if (!missing_vars) {
>> virReportOOMError();
>> - rc = 1;
>> + rc = -1;
> This one calls through a callback that I did not audit:
> rc = techdriver->applyNewRules(ifname, nptrs, ptrs);
ebiptablesApplyNewRules is being called. The whole ebiptables driver has
only -1 as failure codes now. So should be ok.
> but assuming the callback is okay (or that you change things to ensure
> rc is -1 even if the callback returns positive), then clients of this
> look okay.
>
>> @@ -792,7 +792,7 @@ __virNWFilterInstantiateFilter(bool tear
>> _("Could not get access to ACL tech "
>> "driver '%s'"),
>> drvname);
>> - return 1;
>> + return -1;
> Ultimately called via virNWFilterInstantiateFilterLate, in turn called
> by nwfilter_learnipaddr.c:learnIPAddressThread, which collects the
> return value and prints it in a VIR_DEBUG but does nothing if the value
> was negative. Is that a problem?
Well, if the instantiation for any reason fails, then the code currently
'downs' the interface. I didn't know how else it should react since this
path is invoked in a thread and tearing down the VM would be too severe.
> Also called by the .instantiateFilter callback installed by
> nwfilter_driver.c, which feeds virDomainConfNWFilterInstantiate, and all
> callers look clean.
>
>> @@ -1012,7 +1012,7 @@ int virNWFilterRollbackUpdateFilter(cons
>> _("Could not get access to ACL tech "
>> "driver '%s'"),
>> drvname);
>> - return 1;
>> + return -1;
> Should this function be static? No one outside of gentech_driver calls
> it. At any rate, callers inside the file are sane.
>
Yes, indeed. I changed it now to be static.
>> @@ -1038,7 +1038,7 @@ virNWFilterTearOldFilter(virDomainNetDef
>> _("Could not get access to ACL tech "
>> "driver '%s'"),
>> drvname);
>> - return 1;
>> + return -1;
> Same comments about static, and sane usage.
>
Also changed this one.@@ -530,7 +527,7 @@ learnIPAddressThread(void *arg)
>> break;
>> default:
>> if (techdriver->applyBasicRules(req->ifname,
>> - req->macaddr)) {
>> + req->macaddr)< 0) {
> I didn't audit where this callback came from, but assume it was okay.
>
ebtablesApplyBasicRules now returns -1 in case of failure, so it's ok.
>> @@ -3111,7 +3123,7 @@ ebtablesApplyBasicRules(const char *ifna
>> virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>> _("cannot create rules since ebtables tool is "
>> "missing."));
>> - return 1;
>> + return -1;
> Comment before function needs touch up. Otherwise looks sane.
>
Fixed. Thanks.
>> @@ -4086,7 +4100,7 @@ ebiptablesDriverInit(bool privileged)
>> _("firewall tools were not found or "
>> "cannot be used"));
>> ebiptablesDriverShutdown();
>> - return ENOTSUP;
>> + return -ENOTSUP;
> Looks sane.
>
> Overall, I found one or two nits between my two-stage review, but they
> seemed easy to fix.
>
> ACK. Up to you if you want to post a delta to this patch for your
> touchups, or just go ahead and commit, since I know you have other
> patches backed up behind this one.
>
I went ahead and pushed the patch. Thanks for this thorough review with
all the cross-checking and looking through the function descriptions.
Cheers!
Stefan
More information about the libvir-list
mailing list