From nobody Wed May 14 01:07:08 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1526406235699372.4345240686862; Tue, 15 May 2018 10:43:55 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8B3B13002614; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 507CA5D6B4; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 07EA4180B5B3; Tue, 15 May 2018 17:43:53 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4FHhnpb004269 for ; Tue, 15 May 2018 13:43:49 -0400 Received: by smtp.corp.redhat.com (Postfix) id 168571002973; Tue, 15 May 2018 17:43:49 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.6]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9532610A7E3B; Tue, 15 May 2018 17:43:48 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Tue, 15 May 2018 18:43:27 +0100 Message-Id: <20180515174337.11287-12-berrange@redhat.com> In-Reply-To: <20180515174337.11287-1-berrange@redhat.com> References: <20180515174337.11287-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 11/21] nwfilter: convert the gentech driver code to use virNWFilterBindingDefPtr X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 15 May 2018 17:43:54 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Use the virNWFilterBindingDefPtr struct in the gentech driver code directly. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: John Ferlan --- src/nwfilter/nwfilter_dhcpsnoop.c | 35 +++-- src/nwfilter/nwfilter_driver.c | 22 ++- src/nwfilter/nwfilter_gentech_driver.c | 209 +++++++++++++------------ src/nwfilter/nwfilter_gentech_driver.h | 22 ++- src/nwfilter/nwfilter_learnipaddr.c | 16 +- 5 files changed, 167 insertions(+), 137 deletions(-) diff --git a/src/nwfilter/nwfilter_dhcpsnoop.c b/src/nwfilter/nwfilter_dhcp= snoop.c index aff062ca7c..f24fec1638 100644 --- a/src/nwfilter/nwfilter_dhcpsnoop.c +++ b/src/nwfilter/nwfilter_dhcpsnoop.c @@ -497,15 +497,18 @@ virNWFilterSnoopIPLeaseInstallRule(virNWFilterSnoopIP= LeasePtr ipl, =20 /* instantiate the filters */ =20 - if (req->ifname) + if (req->ifname) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->vars, + }; rc =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->vars); + &binding, + req->ifindex); + } =20 exit_snooprequnlock: virNWFilterSnoopReqUnlock(req); @@ -884,14 +887,16 @@ virNWFilterSnoopReqLeaseDel(virNWFilterSnoopReqPtr re= q, goto skip_instantiate; =20 if (ipAddrLeft) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->vars, + }; ret =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->vars); + &binding, + req->ifindex); } else { virNWFilterVarValuePtr dhcpsrvrs =3D virHashLookup(req->vars, NWFILTER_VARNAME_DHCPSERVER); diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c index d17a8ec00b..b57e5dd00d 100644 --- a/src/nwfilter/nwfilter_driver.c +++ b/src/nwfilter/nwfilter_driver.c @@ -38,6 +38,7 @@ #include "domain_conf.h" #include "domain_nwfilter.h" #include "nwfilter_driver.h" +#include "virnwfilterbindingdef.h" #include "nwfilter_gentech_driver.h" #include "configmake.h" #include "virfile.h" @@ -642,19 +643,34 @@ nwfilterGetXMLDesc(virNWFilterPtr nwfilter, =20 =20 static int -nwfilterInstantiateFilter(const char *vmname ATTRIBUTE_UNUSED, +nwfilterInstantiateFilter(const char *vmname, const unsigned char *vmuuid, virDomainNetDefPtr net) { - return virNWFilterInstantiateFilter(driver, vmuuid, net); + virNWFilterBindingDefPtr binding; + int ret; + + if (!(binding =3D virNWFilterBindingDefForNet(vmname, vmuuid, net))) + return -1; + ret =3D virNWFilterInstantiateFilter(driver, binding); + virNWFilterBindingDefFree(binding); + return ret; } =20 =20 static void nwfilterTeardownFilter(virDomainNetDefPtr net) { + virNWFilterBindingDef binding =3D { + .portdevname =3D net->ifname, + .linkdevname =3D (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT ? + net->data.direct.linkdev : NULL), + .mac =3D net->mac, + .filter =3D net->filter, + .filterparams =3D net->filterparams, + }; if ((net->ifname) && (net->filter)) - virNWFilterTeardownFilter(net); + virNWFilterTeardownFilter(&binding); } =20 =20 diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter= _gentech_driver.c index af4411d4db..dc925dee16 100644 --- a/src/nwfilter/nwfilter_gentech_driver.c +++ b/src/nwfilter/nwfilter_gentech_driver.c @@ -577,12 +577,9 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr f= ilter, =20 /** * virNWFilterDoInstantiate: - * @vmuuid: The UUID of the VM * @techdriver: The driver to use for instantiation + * @binding: description of port to bind the filter to * @filter: The filter to instantiate - * @ifname: The name of the interface to apply the rules to - * @vars: A map holding variable names and values used for instantiating - * the filter and its subfilters. * @forceWithPendingReq: Ignore the check whether a pending learn request * is active; 'true' only when the rules are applied late * @@ -596,17 +593,13 @@ virNWFilterDetermineMissingVarsRec(virNWFilterDefPtr = filter, * Call this function while holding the NWFilter filter update lock */ static int -virNWFilterDoInstantiate(const unsigned char *vmuuid, - virNWFilterTechDriverPtr techdriver, +virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver, + virNWFilterBindingDefPtr binding, virNWFilterDefPtr filter, - const char *ifname, int ifindex, - const char *linkdev, - virHashTablePtr vars, enum instCase useNewFilter, bool *foundNewFilter, bool teardownOld, - const virMacAddr *macaddr, virNWFilterDriverStatePtr driver, bool forceWithPendingReq) { @@ -628,14 +621,14 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, } =20 rc =3D virNWFilterDetermineMissingVarsRec(filter, - vars, + binding->filterparams, missing_vars, useNewFilter, driver); if (rc < 0) goto err_exit; =20 - lv =3D virHashLookup(vars, NWFILTER_VARNAME_CTRL_IP_LEARNING); + lv =3D virHashLookup(binding->filterparams, NWFILTER_VARNAME_CTRL_IP_L= EARNING); if (lv) learning =3D virNWFilterVarValueGetNthValue(lv, 0); else @@ -652,19 +645,20 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, goto err_unresolvable_vars; } if (STRCASEEQ(learning, "dhcp")) { - rc =3D virNWFilterDHCPSnoopReq(techdriver, ifname, linkdev, - vmuuid, macaddr, - filter->name, vars, driver); + rc =3D virNWFilterDHCPSnoopReq(techdriver, binding->portde= vname, + binding->linkdevname, + binding->owneruuid, &binding-= >mac, + filter->name, binding->filter= params, driver); goto err_exit; } else if (STRCASEEQ(learning, "any")) { if (!virNWFilterHasLearnReq(ifindex)) { rc =3D virNWFilterLearnIPAddress(techdriver, - ifname, + binding->portdevname, ifindex, - linkdev, - macaddr, + binding->linkdevname, + &binding->mac, filter->name, - vars, driver, + binding->filterparams, = driver, DETECT_DHCP|DETECT_STAT= IC); } goto err_exit; @@ -688,7 +682,7 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, =20 rc =3D virNWFilterDefToInst(driver, filter, - vars, + binding->filterparams, useNewFilter, foundNewFilter, &inst); =20 @@ -705,22 +699,22 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, } =20 if (instantiate) { - if (virNWFilterLockIface(ifname) < 0) + if (virNWFilterLockIface(binding->portdevname) < 0) goto err_exit; =20 - rc =3D techdriver->applyNewRules(ifname, inst.rules, inst.nrules); + rc =3D techdriver->applyNewRules(binding->portdevname, inst.rules,= inst.nrules); =20 if (teardownOld && rc =3D=3D 0) - techdriver->tearOldRules(ifname); + techdriver->tearOldRules(binding->portdevname); =20 - if (rc =3D=3D 0 && (virNetDevValidateConfig(ifname, NULL, ifindex)= <=3D 0)) { + if (rc =3D=3D 0 && (virNetDevValidateConfig(binding->portdevname, = NULL, ifindex) <=3D 0)) { virResetLastError(); /* interface changed/disppeared */ - techdriver->allTeardown(ifname); + techdriver->allTeardown(binding->portdevname); rc =3D -1; } =20 - virNWFilterUnlockIface(ifname); + virNWFilterUnlockIface(binding->portdevname); } =20 err_exit: @@ -749,14 +743,9 @@ virNWFilterDoInstantiate(const unsigned char *vmuuid, */ static int virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, bool teardownOld, - const char *ifname, + virNWFilterBindingDefPtr binding, int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams, enum instCase useNewFilter, bool forceWithPendingReq, bool *foundNewFilter) @@ -765,7 +754,6 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverSta= tePtr driver, const char *drvname =3D EBIPTABLES_DRIVER_ID; virNWFilterTechDriverPtr techdriver; virNWFilterObjPtr obj; - virHashTablePtr vars, vars1; virNWFilterDefPtr filter; virNWFilterDefPtr newFilter; char vmmacaddr[VIR_MAC_STRING_BUFLEN] =3D {0}; @@ -781,29 +769,22 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, return -1; } =20 - VIR_DEBUG("filter name: %s", filtername); + VIR_DEBUG("filter name: %s", binding->filter); =20 if (!(obj =3D virNWFilterObjListFindInstantiateFilter(driver->nwfilter= s, - filtername))) + binding->filter))) return -1; =20 - virMacAddrFormat(macaddr, vmmacaddr); + virMacAddrFormat(&binding->mac, vmmacaddr); =20 - ipaddr =3D virNWFilterIPAddrMapGetIPAddr(ifname); + ipaddr =3D virNWFilterIPAddrMapGetIPAddr(binding->portdevname); =20 - vars1 =3D virNWFilterCreateVarHashmap(vmmacaddr, ipaddr); - if (!vars1) { + if (virNWFilterVarHashmapAddStdValues(binding->filterparams, + vmmacaddr, ipaddr) < 0) { rc =3D -1; goto err_exit; } =20 - vars =3D virNWFilterCreateVarsFrom(vars1, - filterparams); - if (!vars) { - rc =3D -1; - goto err_exit_vars1; - } - filter =3D virNWFilterObjGetDef(obj); =20 switch (useNewFilter) { @@ -819,17 +800,11 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, break; } =20 - rc =3D virNWFilterDoInstantiate(vmuuid, techdriver, filter, - ifname, ifindex, linkdev, - vars, useNewFilter, foundNewFilter, - teardownOld, macaddr, driver, + rc =3D virNWFilterDoInstantiate(techdriver, binding, filter, + ifindex, useNewFilter, foundNewFilter, + teardownOld, driver, forceWithPendingReq); =20 - virHashFree(vars); - - err_exit_vars1: - virHashFree(vars1); - err_exit: virNWFilterObjUnlock(obj); =20 @@ -839,15 +814,11 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverS= tatePtr driver, =20 static int virNWFilterInstantiateFilterInternal(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool teardownOld, enum instCase useNewFilter, bool *foundNewFilter) { - const char *linkdev =3D (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT) - ? net->data.direct.linkdev - : NULL; int ifindex; int rc; =20 @@ -856,8 +827,8 @@ virNWFilterInstantiateFilterInternal(virNWFilterDriverS= tatePtr driver, /* after grabbing the filter update lock check for the interface; if it's not there anymore its filters will be or are being removed (while holding the lock) and we don't want to build new ones */ - if (virNetDevExists(net->ifname) !=3D 1 || - virNetDevGetIndex(net->ifname, &ifindex) < 0) { + if (virNetDevExists(binding->portdevname) !=3D 1 || + virNetDevGetIndex(binding->portdevname, &ifindex) < 0) { /* interfaces / VMs can disappear during filter instantiation; don't mark it as an error */ virResetLastError(); @@ -865,10 +836,10 @@ virNWFilterInstantiateFilterInternal(virNWFilterDrive= rStatePtr driver, goto cleanup; } =20 - rc =3D virNWFilterInstantiateFilterUpdate(driver, vmuuid, teardownOld, - net->ifname, ifindex, linkdev, - &net->mac, net->filter, - net->filterparams, useNewFilte= r, + rc =3D virNWFilterInstantiateFilterUpdate(driver, teardownOld, + binding, + ifindex, + useNewFilter, false, foundNewFilter); =20 cleanup: @@ -880,13 +851,8 @@ virNWFilterInstantiateFilterInternal(virNWFilterDriver= StatePtr driver, =20 int virNWFilterInstantiateFilterLate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const char *ifname, - int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams) + virNWFilterBindingDefPtr binding, + int ifindex) { int rc; bool foundNewFilter =3D false; @@ -894,18 +860,17 @@ virNWFilterInstantiateFilterLate(virNWFilterDriverSta= tePtr driver, virNWFilterReadLockFilterUpdates(); virMutexLock(&updateMutex); =20 - rc =3D virNWFilterInstantiateFilterUpdate(driver, vmuuid, true, - ifname, ifindex, linkdev, - macaddr, filtername, filterpar= ams, + rc =3D virNWFilterInstantiateFilterUpdate(driver, true, + binding, ifindex, INSTANTIATE_ALWAYS, true, &foundNewFilter); if (rc < 0) { /* something went wrong... 'DOWN' the interface */ - if ((virNetDevValidateConfig(ifname, NULL, ifindex) <=3D 0) || - (virNetDevSetOnline(ifname, false) < 0)) { + if ((virNetDevValidateConfig(binding->portdevname, NULL, ifindex) = <=3D 0) || + (virNetDevSetOnline(binding->portdevname, false) < 0)) { virResetLastError(); /* assuming interface disappeared... */ - _virNWFilterTeardownFilter(ifname); + _virNWFilterTeardownFilter(binding->portdevname); } } =20 @@ -918,12 +883,11 @@ virNWFilterInstantiateFilterLate(virNWFilterDriverSta= tePtr driver, =20 int virNWFilterInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net) + virNWFilterBindingDefPtr binding) { bool foundNewFilter =3D false; =20 - return virNWFilterInstantiateFilterInternal(driver, vmuuid, net, + return virNWFilterInstantiateFilterInternal(driver, binding, 1, INSTANTIATE_ALWAYS, &foundNewFilter); @@ -932,13 +896,12 @@ virNWFilterInstantiateFilter(virNWFilterDriverStatePt= r driver, =20 int virNWFilterUpdateInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool *skipIface) { bool foundNewFilter =3D false; =20 - int rc =3D virNWFilterInstantiateFilterInternal(driver, vmuuid, net, + int rc =3D virNWFilterInstantiateFilterInternal(driver, binding, 0, INSTANTIATE_FOLLOW_NEWFI= LTER, &foundNewFilter); @@ -948,7 +911,7 @@ virNWFilterUpdateInstantiateFilter(virNWFilterDriverSta= tePtr driver, } =20 static int -virNWFilterRollbackUpdateFilter(const virDomainNetDef *net) +virNWFilterRollbackUpdateFilter(virNWFilterBindingDefPtr binding) { const char *drvname =3D EBIPTABLES_DRIVER_ID; int ifindex; @@ -964,17 +927,17 @@ virNWFilterRollbackUpdateFilter(const virDomainNetDef= *net) } =20 /* don't tear anything while the address is being learned */ - if (virNetDevGetIndex(net->ifname, &ifindex) < 0) + if (virNetDevGetIndex(binding->portdevname, &ifindex) < 0) virResetLastError(); else if (virNWFilterHasLearnReq(ifindex)) return 0; =20 - return techdriver->tearNewRules(net->ifname); + return techdriver->tearNewRules(binding->portdevname); } =20 =20 static int -virNWFilterTearOldFilter(virDomainNetDefPtr net) +virNWFilterTearOldFilter(virNWFilterBindingDefPtr binding) { const char *drvname =3D EBIPTABLES_DRIVER_ID; int ifindex; @@ -990,12 +953,12 @@ virNWFilterTearOldFilter(virDomainNetDefPtr net) } =20 /* don't tear anything while the address is being learned */ - if (virNetDevGetIndex(net->ifname, &ifindex) < 0) + if (virNetDevGetIndex(binding->portdevname, &ifindex) < 0) virResetLastError(); else if (virNWFilterHasLearnReq(ifindex)) return 0; =20 - return techdriver->tearOldRules(net->ifname); + return techdriver->tearOldRules(binding->portdevname); } =20 =20 @@ -1032,11 +995,11 @@ _virNWFilterTeardownFilter(const char *ifname) =20 =20 int -virNWFilterTeardownFilter(const virDomainNetDef *net) +virNWFilterTeardownFilter(virNWFilterBindingDefPtr binding) { int ret; virMutexLock(&updateMutex); - ret =3D _virNWFilterTeardownFilter(net->ifname); + ret =3D _virNWFilterTeardownFilter(binding->portdevname); virMutexUnlock(&updateMutex); return ret; } @@ -1057,12 +1020,16 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, if (virDomainObjIsActive(obj)) { for (i =3D 0; i < vm->nnets; i++) { virDomainNetDefPtr net =3D vm->nets[i]; - if ((net->filter) && (net->ifname)) { + virNWFilterBindingDefPtr binding; + + if ((net->filter) && (net->ifname) && + (binding =3D virNWFilterBindingDefForNet( + vm->name, vm->uuid, net))) { + switch (cb->step) { case STEP_APPLY_NEW: ret =3D virNWFilterUpdateInstantiateFilter(cb->opaque, - vm->uuid, - net, + binding, &skipIface); if (ret =3D=3D 0 && skipIface) { /* filter tree unchanged -- no update needed */ @@ -1074,24 +1041,24 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, =20 case STEP_TEAR_NEW: if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterRollbackUpdateFilter(net); + ret =3D virNWFilterRollbackUpdateFilter(binding); break; =20 case STEP_TEAR_OLD: if (!virHashLookup(cb->skipInterfaces, net->ifname)) - ret =3D virNWFilterTearOldFilter(net); + ret =3D virNWFilterTearOldFilter(binding); break; =20 case STEP_APPLY_CURRENT: ret =3D virNWFilterInstantiateFilter(cb->opaque, - vm->uuid, - net); + binding); if (ret) virReportError(VIR_ERR_INTERNAL_ERROR, _("Failure while applying current f= ilter on " "VM %s"), vm->name); break; } + virNWFilterBindingDefFree(binding); if (ret) break; } @@ -1101,3 +1068,45 @@ virNWFilterDomainFWUpdateCB(virDomainObjPtr obj, virObjectUnlock(obj); return ret; } + + +virNWFilterBindingDefPtr +virNWFilterBindingDefForNet(const char *vmname, + const unsigned char *vmuuid, + virDomainNetDefPtr net) +{ + virNWFilterBindingDefPtr ret; + + if (VIR_ALLOC(ret) < 0) + return NULL; + + if (VIR_STRDUP(ret->ownername, vmname) < 0) + goto error; + + memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid)); + + if (VIR_STRDUP(ret->portdevname, net->ifname) < 0) + goto error; + + if (net->type =3D=3D VIR_DOMAIN_NET_TYPE_DIRECT && + VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0) + goto error; + + ret->mac =3D net->mac; + + if (VIR_STRDUP(ret->filter, net->filter) < 0) + goto error; + + if (!(ret->filterparams =3D virNWFilterHashTableCreate(0))) + goto error; + + if (net->filterparams && + virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) <= 0) + goto error; + + return ret; + + error: + virNWFilterBindingDefFree(ret); + return NULL; +} diff --git a/src/nwfilter/nwfilter_gentech_driver.h b/src/nwfilter/nwfilter= _gentech_driver.h index 9e43a159c3..6b51096a0d 100644 --- a/src/nwfilter/nwfilter_gentech_driver.h +++ b/src/nwfilter/nwfilter_gentech_driver.h @@ -25,6 +25,7 @@ # define __NWFILTER_GENTECH_DRIVER_H =20 # include "virnwfilterobj.h" +# include "virnwfilterbindingdef.h" # include "nwfilter_tech_driver.h" =20 virNWFilterTechDriverPtr virNWFilterTechDriverForName(const char *name); @@ -39,23 +40,16 @@ enum instCase { =20 =20 int virNWFilterInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net); + virNWFilterBindingDefPtr binding); int virNWFilterUpdateInstantiateFilter(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const virDomainNetDef *net, + virNWFilterBindingDefPtr binding, bool *skipIface); =20 int virNWFilterInstantiateFilterLate(virNWFilterDriverStatePtr driver, - const unsigned char *vmuuid, - const char *ifname, - int ifindex, - const char *linkdev, - const virMacAddr *macaddr, - const char *filtername, - virHashTablePtr filterparams); + virNWFilterBindingDefPtr binding, + int ifindex); =20 -int virNWFilterTeardownFilter(const virDomainNetDef *net); +int virNWFilterTeardownFilter(virNWFilterBindingDefPtr binding); =20 virHashTablePtr virNWFilterCreateVarHashmap(const char *macaddr, const virNWFilterVarValue *val= ue); @@ -63,4 +57,8 @@ virHashTablePtr virNWFilterCreateVarHashmap(const char *m= acaddr, int virNWFilterDomainFWUpdateCB(virDomainObjPtr vm, void *data); =20 +virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname, + const unsigned char *= vmuuid, + virDomainNetDefPtr ne= t); + #endif diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_le= arnipaddr.c index cc3bfd971c..5080b73004 100644 --- a/src/nwfilter/nwfilter_learnipaddr.c +++ b/src/nwfilter/nwfilter_learnipaddr.c @@ -643,19 +643,21 @@ learnIPAddressThread(void *arg) virNWFilterUnlockIface(req->ifname); =20 if ((inetaddr =3D virSocketAddrFormat(&sa)) !=3D NULL) { + virNWFilterBindingDef binding =3D { + .portdevname =3D req->ifname, + .linkdevname =3D req->linkdev, + .mac =3D req->macaddr, + .filter =3D req->filtername, + .filterparams =3D req->filterparams, + }; if (virNWFilterIPAddrMapAddIPAddr(req->ifname, inetaddr) < 0) { VIR_ERROR(_("Failed to add IP address %s to IP address " "cache for interface %s"), inetaddr, req->ifname= ); } =20 ret =3D virNWFilterInstantiateFilterLate(req->driver, - NULL, - req->ifname, - req->ifindex, - req->linkdev, - &req->macaddr, - req->filtername, - req->filterparams); + &binding, + req->ifindex); VIR_DEBUG("Result from applying firewall rules on " "%s with IP addr %s : %d", req->ifname, inetaddr, re= t); VIR_FREE(inetaddr); --=20 2.17.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list