[libvirt] [PATCH v3 11/20] nwfilter: convert IP address learning code to virNWFilterBindingDefPtr
Daniel P. Berrangé
berrange at redhat.com
Thu Jun 14 12:33:00 UTC 2018
Use the virNWFilterBindingDefPTr struct in the IP address learning code
directly.
Reviewed-by: John Ferlan <jferlan at redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
src/nwfilter/nwfilter_gentech_driver.c | 7 +-
src/nwfilter/nwfilter_learnipaddr.c | 106 +++++++------------------
src/nwfilter/nwfilter_learnipaddr.h | 7 +-
3 files changed, 32 insertions(+), 88 deletions(-)
diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c
index 23e9998f53..ce45587a44 100644
--- a/src/nwfilter/nwfilter_gentech_driver.c
+++ b/src/nwfilter/nwfilter_gentech_driver.c
@@ -626,12 +626,9 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver,
} else if (STRCASEEQ(learning, "any")) {
if (!virNWFilterHasLearnReq(ifindex)) {
rc = virNWFilterLearnIPAddress(techdriver,
- binding->portdevname,
+ binding,
ifindex,
- binding->linkdevname,
- &binding->mac,
- filter->name,
- binding->filterparams, driver,
+ driver,
DETECT_DHCP|DETECT_STATIC);
}
goto err_exit;
diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_learnipaddr.c
index d76d13d8d4..55ed0bfc09 100644
--- a/src/nwfilter/nwfilter_learnipaddr.c
+++ b/src/nwfilter/nwfilter_learnipaddr.c
@@ -138,12 +138,8 @@ typedef struct _virNWFilterIPAddrLearnReq virNWFilterIPAddrLearnReq;
typedef virNWFilterIPAddrLearnReq *virNWFilterIPAddrLearnReqPtr;
struct _virNWFilterIPAddrLearnReq {
virNWFilterTechDriverPtr techdriver;
- char ifname[IF_NAMESIZE];
int ifindex;
- char linkdev[IF_NAMESIZE];
- virMacAddr macaddr;
- char *filtername;
- virHashTablePtr filterparams;
+ virNWFilterBindingDefPtr binding;
virNWFilterDriverStatePtr driver;
int howDetect; /* bitmask of enum howDetect */
@@ -233,8 +229,7 @@ virNWFilterIPAddrLearnReqFree(virNWFilterIPAddrLearnReqPtr req)
if (!req)
return;
- VIR_FREE(req->filtername);
- virHashFree(req->filterparams);
+ virNWFilterBindingDefFree(req->binding);
VIR_FREE(req);
}
@@ -405,8 +400,9 @@ learnIPAddressThread(void *arg)
virNWFilterIPAddrLearnReqPtr req = arg;
uint32_t vmaddr = 0, bcastaddr = 0;
unsigned int ethHdrSize;
- char *listen_if = (strlen(req->linkdev) != 0) ? req->linkdev
- : req->ifname;
+ char *listen_if = (req->binding->linkdevname ?
+ req->binding->linkdevname :
+ req->binding->portdevname);
int dhcp_opts_len;
char macaddr[VIR_MAC_STRING_BUFLEN];
virBuffer buf = VIR_BUFFER_INITIALIZER;
@@ -417,13 +413,13 @@ learnIPAddressThread(void *arg)
virNWFilterTechDriverPtr techdriver = req->techdriver;
struct pollfd fds[1];
- if (virNWFilterLockIface(req->ifname) < 0)
+ if (virNWFilterLockIface(req->binding->portdevname) < 0)
goto err_no_lock;
req->status = 0;
/* anything change to the VM's interface -- check at least once */
- if (virNetDevValidateConfig(req->ifname, NULL, req->ifindex) <= 0) {
+ if (virNetDevValidateConfig(req->binding->portdevname, NULL, req->ifindex) <= 0) {
virResetLastError();
req->status = ENODEV;
goto done;
@@ -440,11 +436,11 @@ learnIPAddressThread(void *arg)
fds[0].fd = pcap_fileno(handle);
fds[0].events = POLLIN | POLLERR;
- virMacAddrFormat(&req->macaddr, macaddr);
+ virMacAddrFormat(&req->binding->mac, macaddr);
if (req->howDetect == DETECT_DHCP) {
- if (techdriver->applyDHCPOnlyRules(req->ifname,
- &req->macaddr,
+ if (techdriver->applyDHCPOnlyRules(req->binding->portdevname,
+ &req->binding->mac,
NULL, false) < 0) {
VIR_DEBUG("Unable to apply DHCP only rules");
req->status = EINVAL;
@@ -452,8 +448,8 @@ learnIPAddressThread(void *arg)
}
virBufferAddLit(&buf, "src port 67 and dst port 68");
} else {
- if (techdriver->applyBasicRules(req->ifname,
- &req->macaddr) < 0) {
+ if (techdriver->applyBasicRules(req->binding->portdevname,
+ &req->binding->mac) < 0) {
VIR_DEBUG("Unable to apply basic rules");
req->status = EINVAL;
goto done;
@@ -524,7 +520,7 @@ learnIPAddressThread(void *arg)
}
/* Again, already handled above, but lets be sure */
- if (virNetDevValidateConfig(req->ifname, NULL, req->ifindex) <= 0) {
+ if (virNetDevValidateConfig(req->binding->portdevname, NULL, req->ifindex) <= 0) {
virResetLastError();
req->status = ENODEV;
showError = false;
@@ -556,7 +552,7 @@ learnIPAddressThread(void *arg)
continue;
}
- if (virMacAddrCmpRaw(&req->macaddr, ether_hdr->ether_shost) == 0) {
+ if (virMacAddrCmpRaw(&req->binding->mac, ether_hdr->ether_shost) == 0) {
/* packets from the VM */
if (etherType == ETHERTYPE_IP &&
@@ -595,7 +591,7 @@ learnIPAddressThread(void *arg)
break;
}
}
- } else if (virMacAddrCmpRaw(&req->macaddr,
+ } else if (virMacAddrCmpRaw(&req->binding->mac,
ether_hdr->ether_dhost) == 0 ||
/* allow Broadcast replies from DHCP server */
virMacAddrIsBroadcastRaw(ether_hdr->ether_dhost)) {
@@ -625,7 +621,7 @@ learnIPAddressThread(void *arg)
((char *)udphdr + sizeof(udphdr));
if (dhcp->op == 2 /* BOOTREPLY */ &&
virMacAddrCmpRaw(
- &req->macaddr,
+ &req->binding->mac,
&dhcp->chaddr[0]) == 0) {
dhcp_opts_len = header.len -
(ethHdrSize + iphdr->ihl * 4 +
@@ -669,28 +665,19 @@ learnIPAddressThread(void *arg)
* Also it is safe to unlock interface here because we stopped
* capturing and applied necessary rules on the interface, while
* instantiating a new filter doesn't require a locked interface.*/
- virNWFilterUnlockIface(req->ifname);
+ virNWFilterUnlockIface(req->binding->portdevname);
if ((inetaddr = virSocketAddrFormat(&sa)) != NULL) {
- virNWFilterBindingDef binding = {
- .portdevname = req->ifname,
- .linkdevname = req->linkdev,
- .mac = req->macaddr,
- .filter = req->filtername,
- .filterparams = req->filterparams,
- .ownername = NULL,
- .owneruuid = {0},
- };
- if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) {
+ if (virNWFilterIPAddrMapAddIPAddr(req->binding->portdevname, inetaddr) < 0) {
VIR_ERROR(_("Failed to add IP address %s to IP address "
- "cache for interface %s"), inetaddr, req->ifname);
+ "cache for interface %s"), inetaddr, req->binding->portdevname);
}
ret = virNWFilterInstantiateFilterLate(req->driver,
- &binding,
+ req->binding,
req->ifindex);
VIR_DEBUG("Result from applying firewall rules on "
- "%s with IP addr %s : %d", req->ifname, inetaddr, ret);
+ "%s with IP addr %s : %d", req->binding->portdevname, inetaddr, ret);
VIR_FREE(inetaddr);
}
} else {
@@ -698,13 +685,13 @@ learnIPAddressThread(void *arg)
virReportSystemError(req->status,
_("encountered an error on interface %s "
"index %d"),
- req->ifname, req->ifindex);
+ req->binding->portdevname, req->ifindex);
- techdriver->applyDropAllRules(req->ifname);
- virNWFilterUnlockIface(req->ifname);
+ techdriver->applyDropAllRules(req->binding->portdevname);
+ virNWFilterUnlockIface(req->binding->portdevname);
}
- VIR_DEBUG("pcap thread terminating for interface %s", req->ifname);
+ VIR_DEBUG("pcap thread terminating for interface %s", req->binding->portdevname);
err_no_lock:
@@ -737,19 +724,14 @@ learnIPAddressThread(void *arg)
*/
int
virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver,
- const char *ifname,
+ virNWFilterBindingDefPtr binding,
int ifindex,
- const char *linkdev,
- const virMacAddr *macaddr,
- const char *filtername,
- virHashTablePtr filterparams,
virNWFilterDriverStatePtr driver,
int howDetect)
{
int rc;
virThread thread;
virNWFilterIPAddrLearnReqPtr req = NULL;
- virHashTablePtr ht = NULL;
if (howDetect == 0)
return -1;
@@ -765,37 +747,11 @@ virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver,
if (VIR_ALLOC(req) < 0)
goto err_no_req;
- ht = virNWFilterHashTableCreate(0);
- if (ht == NULL)
+ if (!(req->binding = virNWFilterBindingDefCopy(binding)))
goto err_free_req;
- if (virNWFilterHashTablePutAll(filterparams, ht) < 0)
- goto err_free_ht;
-
- if (VIR_STRDUP(req->filtername, filtername) < 0)
- goto err_free_ht;
-
- if (virStrcpyStatic(req->ifname, ifname) == NULL) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Destination buffer for ifname ('%s') "
- "not large enough"), ifname);
- goto err_free_ht;
- }
-
- if (linkdev) {
- if (virStrcpyStatic(req->linkdev, linkdev) == NULL) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Destination buffer for linkdev ('%s') "
- "not large enough"), linkdev);
- goto err_free_ht;
- }
- }
-
req->ifindex = ifindex;
- virMacAddrSet(&req->macaddr, macaddr);
req->driver = driver;
- req->filterparams = ht;
- ht = NULL;
req->howDetect = howDetect;
req->techdriver = techdriver;
@@ -814,8 +770,6 @@ virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver,
err_dereg_req:
virNWFilterDeregisterLearnReq(ifindex);
- err_free_ht:
- virHashFree(ht);
err_free_req:
virNWFilterIPAddrLearnReqFree(req);
err_no_req:
@@ -826,12 +780,8 @@ virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver,
int
virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver ATTRIBUTE_UNUSED,
- const char *ifname ATTRIBUTE_UNUSED,
+ virNWFilterBindingDefPtr binding ATTRIBUTE_UNUSED,
int ifindex ATTRIBUTE_UNUSED,
- const char *linkdev ATTRIBUTE_UNUSED,
- const virMacAddr *macaddr ATTRIBUTE_UNUSED,
- const char *filtername ATTRIBUTE_UNUSED,
- virHashTablePtr filterparams ATTRIBUTE_UNUSED,
virNWFilterDriverStatePtr driver ATTRIBUTE_UNUSED,
int howDetect ATTRIBUTE_UNUSED)
{
diff --git a/src/nwfilter/nwfilter_learnipaddr.h b/src/nwfilter/nwfilter_learnipaddr.h
index 753aabc594..7f17244100 100644
--- a/src/nwfilter/nwfilter_learnipaddr.h
+++ b/src/nwfilter/nwfilter_learnipaddr.h
@@ -28,6 +28,7 @@
# include "conf/nwfilter_params.h"
# include "nwfilter_tech_driver.h"
+# include "virnwfilterbindingdef.h"
# include <net/if.h>
enum howDetect {
@@ -36,12 +37,8 @@ enum howDetect {
};
int virNWFilterLearnIPAddress(virNWFilterTechDriverPtr techdriver,
- const char *ifname,
+ virNWFilterBindingDefPtr binding,
int ifindex,
- const char *linkdev,
- const virMacAddr *macaddr,
- const char *filtername,
- virHashTablePtr filterparams,
virNWFilterDriverStatePtr driver,
int howDetect);
--
2.17.0
More information about the libvir-list
mailing list