From nobody Thu Jul  3 17:25:26 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1528979615676341.40099954628795;
 Thu, 14 Jun 2018 05:33:35 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 530AC356DB;
	Thu, 14 Jun 2018 12:33:34 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 1D8D89817F;
	Thu, 14 Jun 2018 12:33:34 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id C659B41F6A;
	Thu, 14 Jun 2018 12:33:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
	[10.11.54.4])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w5ECXSI3008840 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 14 Jun 2018 08:33:28 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 8763F2024CBB; Thu, 14 Jun 2018 12:33:28 +0000 (UTC)
Received: from t460.redhat.com (unknown [10.33.36.44])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 115052024CBD;
	Thu, 14 Jun 2018 12:33:27 +0000 (UTC)
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 14 Jun 2018 13:33:08 +0100
Message-Id: <20180614123309.15659-20-berrange@redhat.com>
In-Reply-To: <20180614123309.15659-1-berrange@redhat.com>
References: <20180614123309.15659-1-berrange@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v3 19/20] nwfilter: wire up new APIs for creating
	and deleting nwfilter bindings
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]);
 Thu, 14 Jun 2018 12:33:34 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0

This allows the virsh commands nwfilter-binding-create and
nwfilter-binding-delete to be used.

Note using these commands lets you delete filters that were
previously created automatically by the virt drivers, or add
filters for VM nics that were not there before. Generally it
is expected these new APIs will only be used by virt drivers.
It is the admin's responsibility to not shoot themselves in
the foot.

Signed-off-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
---
 src/nwfilter/nwfilter_driver.c | 79 ++++++++++++++++++++++++++++++++++
 1 file changed, 79 insertions(+)

diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 6bfb584b09..2b6856a36c 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -788,6 +788,83 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr bindin=
g,
 }
=20
=20
+static virNWFilterBindingPtr
+nwfilterBindingCreateXML(virConnectPtr conn,
+                         const char *xml,
+                         unsigned int flags)
+{
+    virNWFilterBindingObjPtr obj;
+    virNWFilterBindingDefPtr def;
+    virNWFilterBindingPtr ret =3D NULL;
+
+    virCheckFlags(0, NULL);
+
+    def =3D virNWFilterBindingDefParseString(xml);
+    if (!def)
+        return NULL;
+
+    if (virNWFilterBindingCreateXMLEnsureACL(conn, def) < 0)
+        goto cleanup;
+
+    obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, def->=
portdevname);
+    if (obj) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("Filter already present for NIC %s"), def->portde=
vname);
+        goto cleanup;
+    }
+
+    obj =3D virNWFilterBindingObjListAdd(driver->bindings,
+                                       def);
+    if (!obj)
+        goto cleanup;
+
+    if (!(ret =3D virGetNWFilterBinding(conn, def->portdevname, def->filte=
r)))
+        goto cleanup;
+
+    if (virNWFilterInstantiateFilter(driver, def) < 0) {
+        virNWFilterBindingObjListRemove(driver->bindings, obj);
+        virObjectUnref(ret);
+        ret =3D NULL;
+        goto cleanup;
+    }
+    virNWFilterBindingObjSave(obj, driver->bindingDir);
+
+ cleanup:
+    if (!obj)
+        virNWFilterBindingDefFree(def);
+    virNWFilterBindingObjEndAPI(&obj);
+
+    return ret;
+}
+
+
+static int
+nwfilterBindingDelete(virNWFilterBindingPtr binding)
+{
+    virNWFilterBindingObjPtr obj;
+    virNWFilterBindingDefPtr def;
+    int ret =3D -1;
+
+    obj =3D virNWFilterBindingObjListFindByPortDev(driver->bindings, bindi=
ng->portdev);
+    if (!obj)
+        return -1;
+
+    def =3D virNWFilterBindingObjGetDef(obj);
+    if (virNWFilterBindingDeleteEnsureACL(binding->conn, def) < 0)
+        goto cleanup;
+
+    virNWFilterTeardownFilter(def);
+    virNWFilterBindingObjDelete(obj, driver->bindingDir);
+    virNWFilterBindingObjListRemove(driver->bindings, obj);
+
+    ret =3D 0;
+
+ cleanup:
+    virNWFilterBindingObjEndAPI(&obj);
+    return ret;
+}
+
+
 static virNWFilterDriver nwfilterDriver =3D {
     .name =3D "nwfilter",
     .connectNumOfNWFilters =3D nwfilterConnectNumOfNWFilters, /* 0.8.0 */
@@ -801,6 +878,8 @@ static virNWFilterDriver nwfilterDriver =3D {
     .nwfilterBindingLookupByPortDev =3D nwfilterBindingLookupByPortDev, /*=
 4.5.0 */
     .connectListAllNWFilterBindings =3D nwfilterConnectListAllNWFilterBind=
ings, /* 4.5.0 */
     .nwfilterBindingGetXMLDesc =3D nwfilterBindingGetXMLDesc, /* 4.5.0 */
+    .nwfilterBindingCreateXML =3D nwfilterBindingCreateXML, /* 4.5.0 */
+    .nwfilterBindingDelete =3D nwfilterBindingDelete, /* 4.5.0 */
 };
=20
=20
--=20
2.17.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list