[libvirt] [PATCH v4 6/6] nwfilter: convert virt drivers to use public API for nwfilter bindings
Daniel P. Berrangé
berrange at redhat.com
Tue Jun 26 10:23:30 UTC 2018
Remove the callbacks that the nwfilter driver registers with the domain
object config layer. Instead make the current helper methods call into
the public API for creating/deleting nwfilter bindings.
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
src/conf/domain_nwfilter.c | 135 +++++++++++++++++++++----
src/conf/domain_nwfilter.h | 16 +--
src/libvirt_private.syms | 1 -
src/lxc/lxc_process.c | 2 +-
src/nwfilter/nwfilter_driver.c | 82 +++------------
src/nwfilter/nwfilter_gentech_driver.c | 42 --------
src/nwfilter/nwfilter_gentech_driver.h | 4 -
src/qemu/qemu_hotplug.c | 4 +-
src/qemu/qemu_interface.c | 4 +-
src/qemu/qemu_process.c | 6 +-
src/remote/remote_daemon.c | 1 +
src/uml/uml_conf.c | 2 +-
12 files changed, 142 insertions(+), 157 deletions(-)
diff --git a/src/conf/domain_nwfilter.c b/src/conf/domain_nwfilter.c
index 7570e0ae83..948b32481e 100644
--- a/src/conf/domain_nwfilter.c
+++ b/src/conf/domain_nwfilter.c
@@ -28,45 +28,146 @@
#include "datatypes.h"
#include "domain_conf.h"
#include "domain_nwfilter.h"
+#include "virnwfilterbindingdef.h"
#include "virerror.h"
+#include "viralloc.h"
+#include "virstring.h"
+#include "virlog.h"
-#define VIR_FROM_THIS VIR_FROM_NWFILTER
-static virDomainConfNWFilterDriverPtr nwfilterDriver;
+VIR_LOG_INIT("conf.domain_nwfilter");
-void
-virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver)
+#define VIR_FROM_THIS VIR_FROM_NWFILTER
+
+static virNWFilterBindingDefPtr
+virNWFilterBindingDefForNet(const char *vmname,
+ const unsigned char *vmuuid,
+ virDomainNetDefPtr net)
{
- nwfilterDriver = driver;
+ virNWFilterBindingDefPtr ret;
+
+ if (VIR_ALLOC(ret) < 0)
+ return NULL;
+
+ if (VIR_STRDUP(ret->ownername, vmname) < 0)
+ goto error;
+
+ memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid));
+
+ if (VIR_STRDUP(ret->portdevname, net->ifname) < 0)
+ goto error;
+
+ if (net->type == VIR_DOMAIN_NET_TYPE_DIRECT &&
+ VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0)
+ goto error;
+
+ ret->mac = net->mac;
+
+ if (VIR_STRDUP(ret->filter, net->filter) < 0)
+ goto error;
+
+ if (!(ret->filterparams = virNWFilterHashTableCreate(0)))
+ goto error;
+
+ if (net->filterparams &&
+ virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) < 0)
+ goto error;
+
+ return ret;
+
+ error:
+ virNWFilterBindingDefFree(ret);
+ return NULL;
}
+
int
virDomainConfNWFilterInstantiate(const char *vmname,
const unsigned char *vmuuid,
- virDomainNetDefPtr net)
+ virDomainNetDefPtr net,
+ bool ignoreExists)
{
- if (nwfilterDriver != NULL)
- return nwfilterDriver->instantiateFilter(vmname, vmuuid, net);
+ virConnectPtr conn = virGetConnectNWFilter();
+ virNWFilterBindingDefPtr def = NULL;
+ virNWFilterBindingPtr binding = NULL;
+ char *xml;
+ int ret = -1;
+
+ VIR_DEBUG("vmname=%s portdev=%s filter=%s ignoreExists=%d",
+ vmname, NULLSTR(net->ifname), NULLSTR(net->filter), ignoreExists);
+
+ if (!conn)
+ goto cleanup;
+
+ if (ignoreExists) {
+ binding = virNWFilterBindingLookupByPortDev(conn, net->ifname);
+ if (binding) {
+ ret = 0;
+ goto cleanup;
+ }
+ }
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
- _("No network filter driver available"));
- return -1;
+ if (!(def = virNWFilterBindingDefForNet(vmname, vmuuid, net)))
+ goto cleanup;
+
+ if (!(xml = virNWFilterBindingDefFormat(def)))
+ goto cleanup;
+
+ if (!(binding = virNWFilterBindingCreateXML(conn, xml, 0)))
+ goto cleanup;
+
+ ret = 0;
+
+ cleanup:
+ VIR_FREE(xml);
+ virNWFilterBindingDefFree(def);
+ virObjectUnref(binding);
+ virObjectUnref(conn);
+ return ret;
}
+
+static void
+virDomainConfNWFilterTeardownImpl(virConnectPtr conn,
+ virDomainNetDefPtr net)
+{
+ virNWFilterBindingPtr binding;
+
+ binding = virNWFilterBindingLookupByPortDev(conn, net->ifname);
+ if (!binding)
+ return;
+
+ virNWFilterBindingDelete(binding);
+
+ virObjectUnref(binding);
+}
+
+
void
virDomainConfNWFilterTeardown(virDomainNetDefPtr net)
{
- if (nwfilterDriver != NULL)
- nwfilterDriver->teardownFilter(net);
+ virConnectPtr conn = virGetConnectNWFilter();
+
+ if (!conn)
+ return;
+
+ virDomainConfNWFilterTeardownImpl(conn, net);
+
+ virObjectUnref(conn);
}
void
virDomainConfVMNWFilterTeardown(virDomainObjPtr vm)
{
size_t i;
+ virConnectPtr conn = virGetConnectNWFilter();
- if (nwfilterDriver != NULL) {
- for (i = 0; i < vm->def->nnets; i++)
- virDomainConfNWFilterTeardown(vm->def->nets[i]);
- }
+ if (!conn)
+ return;
+
+
+ for (i = 0; i < vm->def->nnets; i++)
+ virDomainConfNWFilterTeardownImpl(conn, vm->def->nets[i]);
+
+ virObjectUnref(conn);
}
diff --git a/src/conf/domain_nwfilter.h b/src/conf/domain_nwfilter.h
index 857cac6c2a..6bda228fc8 100644
--- a/src/conf/domain_nwfilter.h
+++ b/src/conf/domain_nwfilter.h
@@ -23,22 +23,10 @@
#ifndef DOMAIN_NWFILTER_H
# define DOMAIN_NWFILTER_H
-typedef int (*virDomainConfInstantiateNWFilter)(const char *vmname,
- const unsigned char *vmuuid,
- virDomainNetDefPtr net);
-typedef void (*virDomainConfTeardownNWFilter)(virDomainNetDefPtr net);
-
-typedef struct {
- virDomainConfInstantiateNWFilter instantiateFilter;
- virDomainConfTeardownNWFilter teardownFilter;
-} virDomainConfNWFilterDriver;
-typedef virDomainConfNWFilterDriver *virDomainConfNWFilterDriverPtr;
-
-void virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver);
-
int virDomainConfNWFilterInstantiate(const char *vmname,
const unsigned char *vmuuid,
- virDomainNetDefPtr net);
+ virDomainNetDefPtr net,
+ bool ignoreExists);
void virDomainConfNWFilterTeardown(virDomainNetDefPtr net);
void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 42547e64ed..f81333baf6 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -651,7 +651,6 @@ virDomainQemuMonitorEventStateRegisterID;
# conf/domain_nwfilter.h
virDomainConfNWFilterInstantiate;
-virDomainConfNWFilterRegister;
virDomainConfNWFilterTeardown;
virDomainConfVMNWFilterTeardown;
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index 60ae7daaed..14502e12fe 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -303,7 +303,7 @@ virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
}
if (net->filter &&
- virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net) < 0)
+ virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net, false) < 0)
goto cleanup;
ret = containerVeth;
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 83a2e19dbe..d385b46f5f 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -655,65 +655,6 @@ nwfilterGetXMLDesc(virNWFilterPtr nwfilter,
}
-static int
-nwfilterInstantiateFilter(const char *vmname,
- const unsigned char *vmuuid,
- virDomainNetDefPtr net)
-{
- virNWFilterBindingObjPtr obj;
- virNWFilterBindingDefPtr def;
- int ret;
-
- obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, net->ifname);
- if (obj) {
- virNWFilterBindingObjEndAPI(&obj);
- return 0;
- }
-
- if (!(def = virNWFilterBindingDefForNet(vmname, vmuuid, net)))
- return -1;
-
- obj = virNWFilterBindingObjListAdd(driver->bindings,
- def);
- if (!obj) {
- virNWFilterBindingDefFree(def);
- return -1;
- }
-
- ret = virNWFilterInstantiateFilter(driver, def);
-
- if (ret >= 0)
- virNWFilterBindingObjSave(obj, driver->bindingDir);
- else
- virNWFilterBindingObjListRemove(driver->bindings, obj);
-
- virNWFilterBindingObjEndAPI(&obj);
-
- return ret;
-}
-
-
-static void
-nwfilterTeardownFilter(virDomainNetDefPtr net)
-{
- virNWFilterBindingObjPtr obj;
- virNWFilterBindingDefPtr def;
- if (!net->ifname)
- return;
-
- obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, net->ifname);
- if (!obj)
- return;
-
- def = virNWFilterBindingObjGetDef(obj);
- virNWFilterTeardownFilter(def);
- virNWFilterBindingObjDelete(obj, driver->bindingDir);
-
- virNWFilterBindingObjListRemove(driver->bindings, obj);
- virNWFilterBindingObjEndAPI(&obj);
-}
-
-
static virNWFilterBindingPtr
nwfilterBindingLookupByPortDev(virConnectPtr conn,
const char *portdev)
@@ -724,8 +665,11 @@ nwfilterBindingLookupByPortDev(virConnectPtr conn,
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings,
portdev);
- if (!obj)
+ if (!obj) {
+ virReportError(VIR_ERR_NO_NWFILTER_BINDING,
+ _("no nwfilter binding for port dev '%s'"), portdev);
goto cleanup;
+ }
def = virNWFilterBindingObjGetDef(obj);
if (virNWFilterBindingLookupByPortDevEnsureACL(conn, def) < 0)
@@ -772,8 +716,11 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr binding,
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings,
binding->portdev);
- if (!obj)
+ if (!obj) {
+ virReportError(VIR_ERR_NO_NWFILTER_BINDING,
+ _("no nwfilter binding for port dev '%s'"), binding->portdev);
goto cleanup;
+ }
def = virNWFilterBindingObjGetDef(obj);
if (virNWFilterBindingGetXMLDescEnsureACL(binding->conn, def) < 0)
@@ -852,8 +799,11 @@ nwfilterBindingDelete(virNWFilterBindingPtr binding)
int ret = -1;
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, binding->portdev);
- if (!obj)
+ if (!obj) {
+ virReportError(VIR_ERR_NO_NWFILTER_BINDING,
+ _("no nwfilter binding for port dev '%s'"), binding->portdev);
return -1;
+ }
def = virNWFilterBindingObjGetDef(obj);
if (virNWFilterBindingDeleteEnsureACL(binding->conn, def) < 0)
@@ -914,13 +864,6 @@ static virStateDriver stateDriver = {
.stateReload = nwfilterStateReload,
};
-
-static virDomainConfNWFilterDriver domainNWFilterDriver = {
- .instantiateFilter = nwfilterInstantiateFilter,
- .teardownFilter = nwfilterTeardownFilter,
-};
-
-
int nwfilterRegister(void)
{
if (virRegisterConnectDriver(&nwfilterConnectDriver, false) < 0)
@@ -929,6 +872,5 @@ int nwfilterRegister(void)
return -1;
if (virRegisterStateDriver(&stateDriver) < 0)
return -1;
- virDomainConfNWFilterRegister(&domainNWFilterDriver);
return 0;
}
diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c
index d208d0188e..e5dea91f83 100644
--- a/src/nwfilter/nwfilter_gentech_driver.c
+++ b/src/nwfilter/nwfilter_gentech_driver.c
@@ -1082,45 +1082,3 @@ virNWFilterBuildAll(virNWFilterDriverStatePtr driver,
}
return ret;
}
-
-
-virNWFilterBindingDefPtr
-virNWFilterBindingDefForNet(const char *vmname,
- const unsigned char *vmuuid,
- virDomainNetDefPtr net)
-{
- virNWFilterBindingDefPtr ret;
-
- if (VIR_ALLOC(ret) < 0)
- return NULL;
-
- if (VIR_STRDUP(ret->ownername, vmname) < 0)
- goto error;
-
- memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid));
-
- if (VIR_STRDUP(ret->portdevname, net->ifname) < 0)
- goto error;
-
- if (net->type == VIR_DOMAIN_NET_TYPE_DIRECT &&
- VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0)
- goto error;
-
- ret->mac = net->mac;
-
- if (VIR_STRDUP(ret->filter, net->filter) < 0)
- goto error;
-
- if (!(ret->filterparams = virNWFilterHashTableCreate(0)))
- goto error;
-
- if (net->filterparams &&
- virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) < 0)
- goto error;
-
- return ret;
-
- error:
- virNWFilterBindingDefFree(ret);
- return NULL;
-}
diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter_gentech_driver.h
index 481fdd2413..2cd19c90fc 100644
--- a/src/nwfilter/nwfilter_gentech_driver.h
+++ b/src/nwfilter/nwfilter_gentech_driver.h
@@ -57,8 +57,4 @@ virHashTablePtr virNWFilterCreateVarHashmap(const char *macaddr,
int virNWFilterBuildAll(virNWFilterDriverStatePtr driver,
bool newFilters);
-virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname,
- const unsigned char *vmuuid,
- virDomainNetDefPtr net);
-
#endif
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 7a1bbc7c8c..58cb0539e1 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -3009,7 +3009,7 @@ qemuDomainChangeNetFilter(virDomainObjPtr vm,
if (newdev->filter &&
virDomainConfNWFilterInstantiate(vm->def->name,
- vm->def->uuid, newdev) < 0) {
+ vm->def->uuid, newdev, false) < 0) {
virErrorPtr errobj;
virReportError(VIR_ERR_OPERATION_FAILED,
@@ -3018,7 +3018,7 @@ qemuDomainChangeNetFilter(virDomainObjPtr vm,
olddev->ifname);
virErrorPreserveLast(&errobj);
ignore_value(virDomainConfNWFilterInstantiate(vm->def->name,
- vm->def->uuid, olddev));
+ vm->def->uuid, olddev, false));
virErrorRestore(&errobj);
return -1;
}
diff --git a/src/qemu/qemu_interface.c b/src/qemu/qemu_interface.c
index 5d54a85c53..a3f13093f5 100644
--- a/src/qemu/qemu_interface.c
+++ b/src/qemu/qemu_interface.c
@@ -467,7 +467,7 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def,
goto cleanup;
if (net->filter &&
- virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0) {
+ virDomainConfNWFilterInstantiate(def->name, def->uuid, net, false) < 0) {
goto cleanup;
}
@@ -586,7 +586,7 @@ qemuInterfaceBridgeConnect(virDomainDefPtr def,
goto cleanup;
if (net->filter &&
- virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0) {
+ virDomainConfNWFilterInstantiate(def->name, def->uuid, net, false) < 0) {
goto cleanup;
}
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 7e9ad01e61..ac32dafcbe 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3018,14 +3018,14 @@ qemuProcessNotifyNets(virDomainDefPtr def)
}
static int
-qemuProcessFiltersInstantiate(virDomainDefPtr def)
+qemuProcessFiltersInstantiate(virDomainDefPtr def, bool ignoreExists)
{
size_t i;
for (i = 0; i < def->nnets; i++) {
virDomainNetDefPtr net = def->nets[i];
if ((net->filter) && (net->ifname)) {
- if (virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0)
+ if (virDomainConfNWFilterInstantiate(def->name, def->uuid, net, ignoreExists) < 0)
return 1;
}
}
@@ -7650,7 +7650,7 @@ qemuProcessReconnect(void *opaque)
qemuProcessNotifyNets(obj->def);
- if (qemuProcessFiltersInstantiate(obj->def))
+ if (qemuProcessFiltersInstantiate(obj->def, true))
goto error;
if (qemuProcessRefreshDisks(driver, obj, QEMU_ASYNC_JOB_NONE) < 0)
diff --git a/src/remote/remote_daemon.c b/src/remote/remote_daemon.c
index 21ab22499d..9f3a5f38ad 100644
--- a/src/remote/remote_daemon.c
+++ b/src/remote/remote_daemon.c
@@ -283,6 +283,7 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority)
case VIR_ERR_NO_NODE_DEVICE:
case VIR_ERR_NO_INTERFACE:
case VIR_ERR_NO_NWFILTER:
+ case VIR_ERR_NO_NWFILTER_BINDING:
case VIR_ERR_NO_SECRET:
case VIR_ERR_NO_DOMAIN_SNAPSHOT:
case VIR_ERR_OPERATION_INVALID:
diff --git a/src/uml/uml_conf.c b/src/uml/uml_conf.c
index 9c548f0e80..f116e619ef 100644
--- a/src/uml/uml_conf.c
+++ b/src/uml/uml_conf.c
@@ -137,7 +137,7 @@ umlConnectTapDevice(virDomainDefPtr vm,
}
if (net->filter) {
- if (virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net) < 0) {
+ if (virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net, false) < 0) {
if (template_ifname)
VIR_FREE(net->ifname);
goto error;
--
2.17.1
More information about the libvir-list
mailing list