From nobody Wed May 14 21:44:47 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1516974242927963.1826868652466;
 Fri, 26 Jan 2018 05:44:02 -0800 (PST)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id A59458F92C;
	Fri, 26 Jan 2018 13:44:00 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 5189F60F9D;
	Fri, 26 Jan 2018 13:44:00 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id B80CD3FB19;
	Fri, 26 Jan 2018 13:43:59 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w0QDZlad025182 for <libvir-list@listman.util.phx.redhat.com>;
	Fri, 26 Jan 2018 08:35:47 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id CD25B75A0E; Fri, 26 Jan 2018 13:35:47 +0000 (UTC)
Received: from t460.redhat.com (unknown [10.33.36.55])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 1C50B5C7C6;
	Fri, 26 Jan 2018 13:35:46 +0000 (UTC)
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Fri, 26 Jan 2018 13:35:31 +0000
Message-Id: <20180126133537.31883-5-berrange@redhat.com>
In-Reply-To: <20180126133537.31883-1-berrange@redhat.com>
References: <20180126133537.31883-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH 04/10] network: allow opening with
	network:///system and network:///session URIs
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]);
 Fri, 26 Jan 2018 13:44:01 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0

Allow the possibility of opening a connection to only the network
driver, by defining network:///system and network:///session URIs
and registering a fake hypervisor driver that supports them.

The hypervisor drivers can now directly open a network driver
connection at time of need, instead of having to pass around a
virConnectPtr through many functions. This will facilitate the later
change to support separate daemons for each driver.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---
 src/network/bridge_driver.c          | 95 ++++++++++++++++++++++++++++++++=
++++
 src/network/bridge_driver_platform.h |  3 ++
 2 files changed, 98 insertions(+)

diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 7f21381bd4..7aea8079d4 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -671,6 +671,8 @@ networkStateInitialize(bool privileged,
         goto error;
     }
=20
+    network_driver->privileged =3D privileged;
+
     /* configuration/state paths are one of
      * ~/.config/libvirt/... (session/unprivileged)
      * /etc/libvirt/... && /var/(run|lib)/libvirt/... (system/privileged).
@@ -868,6 +870,80 @@ networkStateCleanup(void)
 }
=20
=20
+static virDrvOpenStatus networkConnectOpen(virConnectPtr conn,
+                                           virConnectAuthPtr auth ATTRIBUT=
E_UNUSED,
+                                           virConfPtr conf ATTRIBUTE_UNUSE=
D,
+                                           unsigned int flags)
+{
+    virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
+
+    /* Verify uri was specified */
+    if (conn->uri =3D=3D NULL) {
+        /* Only hypervisor drivers are permitted to auto-open on NULL uri =
*/
+        return VIR_DRV_OPEN_DECLINED;
+    } else {
+        if (STRNEQ_NULLABLE(conn->uri->scheme, "network"))
+            return VIR_DRV_OPEN_DECLINED;
+
+        /* Leave for remote driver */
+        if (conn->uri->server !=3D NULL)
+            return VIR_DRV_OPEN_DECLINED;
+
+        if (network_driver =3D=3D NULL) {
+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                           _("network state driver is not active"));
+            return VIR_DRV_OPEN_ERROR;
+        }
+
+        if (network_driver->privileged) {
+            if (STRNEQ(conn->uri->path, "/system")) {
+                virReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("unexpected network URI path '%s', try ne=
twork:///system"),
+                               conn->uri->path);
+                return VIR_DRV_OPEN_ERROR;
+            }
+        } else {
+            if (STRNEQ(conn->uri->path, "/session")) {
+                virReportError(VIR_ERR_INTERNAL_ERROR,
+                               _("unexpected network URI path '%s', try ne=
twork:///session"),
+                               conn->uri->path);
+                return VIR_DRV_OPEN_ERROR;
+            }
+        }
+    }
+
+    if (virConnectOpenEnsureACL(conn) < 0)
+        return VIR_DRV_OPEN_ERROR;
+
+    return VIR_DRV_OPEN_SUCCESS;
+}
+
+static int networkConnectClose(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+    return 0;
+}
+
+
+static int networkConnectIsSecure(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+    /* Trivially secure, since always inside the daemon */
+    return 1;
+}
+
+
+static int networkConnectIsEncrypted(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+    /* Not encrypted, but remote driver takes care of that */
+    return 0;
+}
+
+
+static int networkConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+    return 1;
+}
+
+
 /* networkKillDaemon:
  *
  * kill the specified pid/name, and wait a bit to make sure it's dead.
@@ -5699,6 +5775,23 @@ static virNetworkDriver networkDriver =3D {
     .networkGetDHCPLeases =3D networkGetDHCPLeases, /* 1.2.6 */
 };
=20
+
+static virHypervisorDriver networkHypervisorDriver =3D {
+    .name =3D "network",
+    .connectOpen =3D networkConnectOpen, /* 4.1.0 */
+    .connectClose =3D networkConnectClose, /* 4.1.0 */
+    .connectIsEncrypted =3D networkConnectIsEncrypted, /* 4.1.0 */
+    .connectIsSecure =3D networkConnectIsSecure, /* 4.1.0 */
+    .connectIsAlive =3D networkConnectIsAlive, /* 4.1.0 */
+};
+
+
+static virConnectDriver networkConnectDriver =3D {
+    .hypervisorDriver =3D &networkHypervisorDriver,
+    .networkDriver =3D &networkDriver,
+};
+
+
 static virStateDriver networkStateDriver =3D {
     .name =3D "bridge",
     .stateInitialize  =3D networkStateInitialize,
@@ -5710,6 +5803,8 @@ static virStateDriver networkStateDriver =3D {
 int
 networkRegister(void)
 {
+    if (virRegisterConnectDriver(&networkConnectDriver, false) < 0)
+        return -1;
     if (virSetSharedNetworkDriver(&networkDriver) < 0)
         return -1;
     if (virRegisterStateDriver(&networkStateDriver) < 0)
diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driv=
er_platform.h
index f04c0c48b4..706000df4e 100644
--- a/src/network/bridge_driver_platform.h
+++ b/src/network/bridge_driver_platform.h
@@ -34,6 +34,9 @@
 struct _virNetworkDriverState {
     virMutex lock;
=20
+    /* Read-only */
+    bool privileged;
+
     /* Immutable pointer, self-locking APIs */
     virNetworkObjListPtr networks;
=20
--=20
2.14.3

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list