From nobody Wed May 14 01:09:18 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1526406273498320.42289821717225;
 Tue, 15 May 2018 10:44:33 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B04A118BDF1;
	Tue, 15 May 2018 17:44:30 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 797CC100194B;
	Tue, 15 May 2018 17:44:30 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2DB653D380;
	Tue, 15 May 2018 17:44:30 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
	[10.11.54.3])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w4FHhtHd004357 for <libvir-list@listman.util.phx.redhat.com>;
	Tue, 15 May 2018 13:43:55 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 9AB65112D197; Tue, 15 May 2018 17:43:55 +0000 (UTC)
Received: from t460.redhat.com (unknown [10.33.36.6])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 25C2E112D198;
	Tue, 15 May 2018 17:43:55 +0000 (UTC)
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Tue, 15 May 2018 18:43:36 +0100
Message-Id: <20180515174337.11287-21-berrange@redhat.com>
In-Reply-To: <20180515174337.11287-1-berrange@redhat.com>
References: <20180515174337.11287-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v2 20/21] nwfilter: wire up new APIs for creating
	and deleting nwfilter bindings
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]);
 Tue, 15 May 2018 17:44:32 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0

This allows the virsh commands nwfilter-binding-create and
nwfilter-binding-delete to be used.

Note using these commands lets you delete filters that were
previously created automatically by the virt drivers, or add
filters for VM nics that were not there before. Generally it
is expected these new APIs will only be used by virt drivers.
It is the admin's responsibility to not shoot themselves in
the foot.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/nwfilter/nwfilter_driver.c | 77 ++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 6544261b38..c3c52ae5f3 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -782,6 +782,81 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr bindin=
g,
 }
=20
=20
+static virNWFilterBindingPtr
+nwfilterBindingCreateXML(virConnectPtr conn,
+                         const char *xml,
+                         unsigned int flags)
+{
+    virNWFilterBindingObjPtr obj;
+    virNWFilterBindingDefPtr def;
+    virNWFilterBindingPtr ret =3D NULL;
+
+    virCheckFlags(0, NULL);
+
+    def =3D virNWFilterBindingDefParseString(xml);
+    if (!def)
+        return NULL;
+
+    if (virNWFilterBindingCreateXMLEnsureACL(conn, def) < 0)
+        goto cleanup;
+
+    obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, def->=
portdevname);
+    if (obj) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("Filter already present for NIC %s"), def->portde=
vname);
+        goto cleanup;
+    }
+
+    obj =3D virNWFilterBindingObjListAdd(driver->bindings,
+                                       def);
+    if (!obj)
+        goto cleanup;
+    def =3D NULL;
+
+    if (!(ret =3D virGetNWFilterBinding(conn, obj->def->portdevname, obj->=
def->filter)))
+        goto cleanup;
+
+    if (virNWFilterInstantiateFilter(driver, obj->def) < 0) {
+        virNWFilterBindingObjListRemove(driver->bindings, obj);
+        virObjectUnref(ret);
+        ret =3D NULL;
+        goto cleanup;
+    }
+    virNWFilterBindingObjSave(obj, driver->bindingDir);
+
+ cleanup:
+    virNWFilterBindingDefFree(def);
+    virNWFilterBindingObjEndAPI(&obj);
+
+    return ret;
+}
+
+
+static int
+nwfilterBindingDelete(virNWFilterBindingPtr binding)
+{
+    virNWFilterBindingObjPtr obj;
+    int ret =3D -1;
+
+    obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, bindi=
ng->portdev);
+    if (!obj)
+        return -1;
+
+    if (virNWFilterBindingDeleteEnsureACL(binding->conn, obj->def) < 0)
+        goto cleanup;
+
+    virNWFilterTeardownFilter(obj->def);
+    virNWFilterBindingObjDelete(obj, driver->bindingDir);
+    virNWFilterBindingObjListRemove(driver->bindings, obj);
+
+    ret =3D 0;
+
+ cleanup:
+    virNWFilterBindingObjEndAPI(&obj);
+    return ret;
+}
+
+
 static virNWFilterDriver nwfilterDriver =3D {
     .name =3D "nwfilter",
     .connectNumOfNWFilters =3D nwfilterConnectNumOfNWFilters, /* 0.8.0 */
@@ -795,6 +870,8 @@ static virNWFilterDriver nwfilterDriver =3D {
     .nwfilterBindingLookupByPortDev =3D nwfilterBindingLookupByPortDev, /*=
 4.4.0 */
     .connectListAllNWFilterBindings =3D nwfilterConnectListAllNWFilterBind=
ings, /* 4.4.0 */
     .nwfilterBindingGetXMLDesc =3D nwfilterBindingGetXMLDesc, /* 4.4.0 */
+    .nwfilterBindingCreateXML =3D nwfilterBindingCreateXML, /* 4.4.0 */
+    .nwfilterBindingDelete =3D nwfilterBindingDelete, /* 4.4.0 */
 };
=20
=20
--=20
2.17.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list