External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-06 09:55:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu/lxc: plumb isolatedPort from config down through bridge attachment

Browse Source 
This patch pushes the isolatedPort setting from the <interface> down
all the way to the callers of virNetDevBridgeAddPort(), and sets
BR_ISOLATED on the port (using virNetDevBridgePortSetIsolated()) after
the port has been successfully added to the bridge.

Signed-off-by: Laine Stump <laine@redhat.com>

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Laine Stump 2020-02-13 12:57:47 -05:00
parent de7c347d9b
commit 2b8fd7334d
9 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/bhyve/bhyve_command.c
View File

@ -95,6 +95,7 @@ bhyveBuildNetArgStr(virConnectPtr conn,
def->uuid, NULL, NULL, 0, def->uuid, NULL, NULL, 0,
virDomainNetGetActualVirtPortProfile(net), virDomainNetGetActualVirtPortProfile(net),
virDomainNetGetActualVlan(net), virDomainNetGetActualVlan(net),
virDomainNetGetActualPortOptionsIsolated(net),
NULL, 0, NULL, NULL, 0, NULL,
VIR_NETDEV_TAP_CREATE_IFUP | VIR_NETDEV_TAP_CREATE_PERSIST) < 0) { VIR_NETDEV_TAP_CREATE_IFUP | VIR_NETDEV_TAP_CREATE_PERSIST) < 0) {
goto cleanup; goto cleanup;

1
src/conf/domain_conf.c
View File

@ -31232,6 +31232,7 @@ virDomainNetNotifyActualDevice(virConnectPtr conn,
&iface->mac, dom->uuid, &iface->mac, dom->uuid,
virDomainNetGetActualVirtPortProfile(iface), virDomainNetGetActualVirtPortProfile(iface),
virDomainNetGetActualVlan(iface), virDomainNetGetActualVlan(iface),
virDomainNetGetActualPortOptionsIsolated(iface),
iface->mtu, NULL)); iface->mtu, NULL));
} }
} }

10
src/lxc/lxc_process.c
View File

@ -303,6 +303,16 @@ virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
} else { } else {
if (virNetDevBridgeAddPort(brname, parentVeth) < 0) if (virNetDevBridgeAddPort(brname, parentVeth) < 0)
return NULL; return NULL;
if (virDomainNetGetActualPortOptionsIsolated(net) == VIR_TRISTATE_BOOL_YES &&
virNetDevBridgePortSetIsolated(brname, parentVeth, true) < 0) {
virErrorPtr err;
virErrorPreserveLast(&err);
ignore_value(virNetDevBridgeRemovePort(brname, parentVeth));
virErrorRestore(&err);
return NULL;
}
} }
} }

1
src/network/bridge_driver.c
View File

@ -2489,6 +2489,7 @@ networkStartNetworkVirtual(virNetworkDriverStatePtr driver,
if (virNetDevTapCreateInBridgePort(def->bridge, if (virNetDevTapCreateInBridgePort(def->bridge,
&macTapIfName, &def->mac, &macTapIfName, &def->mac,
NULL, NULL, &tapfd, 1, NULL, NULL, NULL, NULL, &tapfd, 1, NULL, NULL,
VIR_TRISTATE_BOOL_NO,
NULL, def->mtu, NULL, NULL, def->mtu, NULL,
VIR_NETDEV_TAP_CREATE_USE_MAC_FOR_BRIDGE | VIR_NETDEV_TAP_CREATE_USE_MAC_FOR_BRIDGE |
VIR_NETDEV_TAP_CREATE_IFUP | VIR_NETDEV_TAP_CREATE_IFUP |

16
src/qemu/qemu_hotplug.c
View File

@ -3350,12 +3350,28 @@ qemuDomainChangeNetBridge(virDomainObjPtr vm,
} }
ret = virNetDevBridgeAddPort(newbridge, olddev->ifname); ret = virNetDevBridgeAddPort(newbridge, olddev->ifname);
if (ret == 0 &&
virDomainNetGetActualPortOptionsIsolated(newdev) == VIR_TRISTATE_BOOL_YES) {
ret = virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true);
if (ret < 0) {
virErrorPtr err;
virErrorPreserveLast(&err);
ignore_value(virNetDevBridgeRemovePort(newbridge, olddev->ifname));
virErrorRestore(&err);
}
}
virDomainAuditNet(vm, NULL, newdev, "attach", ret == 0); virDomainAuditNet(vm, NULL, newdev, "attach", ret == 0);
if (ret < 0) { if (ret < 0) {
virErrorPtr err; virErrorPtr err;
virErrorPreserveLast(&err); virErrorPreserveLast(&err);
ret = virNetDevBridgeAddPort(oldbridge, olddev->ifname); ret = virNetDevBridgeAddPort(oldbridge, olddev->ifname);
if (ret == 0 &&
virDomainNetGetActualPortOptionsIsolated(olddev) == VIR_TRISTATE_BOOL_YES) {
ignore_value(virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true));
}
virDomainAuditNet(vm, NULL, olddev, "attach", ret == 0); virDomainAuditNet(vm, NULL, olddev, "attach", ret == 0);
virErrorRestore(&err); virErrorRestore(&err);
return -1; return -1;

1
src/qemu/qemu_interface.c
View File

@ -568,6 +568,7 @@ qemuInterfaceBridgeConnect(virDomainDefPtr def,
def->uuid, tunpath, tapfd, *tapfdSize, def->uuid, tunpath, tapfd, *tapfdSize,
virDomainNetGetActualVirtPortProfile(net), virDomainNetGetActualVirtPortProfile(net),
virDomainNetGetActualVlan(net), virDomainNetGetActualVlan(net),
virDomainNetGetActualPortOptionsIsolated(net),
net->coalesce, 0, NULL, net->coalesce, 0, NULL,
tap_create_flags) < 0) { tap_create_flags) < 0) {
virDomainAuditNetDevice(def, net, tunpath, false); virDomainAuditNetDevice(def, net, tunpath, false);

17
src/util/virnetdevtap.c
View File

@ -505,6 +505,7 @@ virNetDevTapAttachBridge(const char *tapname,
const unsigned char *vmuuid, const unsigned char *vmuuid,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU) unsigned int *actualMTU)
{ {
@ -545,6 +546,16 @@ virNetDevTapAttachBridge(const char *tapname,
} else { } else {
if (virNetDevBridgeAddPort(brname, tapname) < 0) if (virNetDevBridgeAddPort(brname, tapname) < 0)
return -1; return -1;
if (isolatedPort == VIR_TRISTATE_BOOL_YES &&
virNetDevBridgePortSetIsolated(brname, tapname, true) < 0) {
virErrorPtr err;
virErrorPreserveLast(&err);
ignore_value(virNetDevBridgeRemovePort(brname, tapname));
virErrorRestore(&err);
return -1;
}
} }
return 0; return 0;
@ -574,6 +585,7 @@ virNetDevTapReattachBridge(const char *tapname,
const unsigned char *vmuuid, const unsigned char *vmuuid,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU) unsigned int *actualMTU)
{ {
@ -611,6 +623,7 @@ virNetDevTapReattachBridge(const char *tapname,
macaddr, vmuuid, macaddr, vmuuid,
virtPortProfile, virtPortProfile,
virtVlan, virtVlan,
isolatedPort,
mtu, actualMTU) < 0) mtu, actualMTU) < 0)
return -1; return -1;
@ -660,6 +673,7 @@ int virNetDevTapCreateInBridgePort(const char *brname,
size_t tapfdSize, size_t tapfdSize,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
virNetDevCoalescePtr coalesce, virNetDevCoalescePtr coalesce,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU, unsigned int *actualMTU,
@ -697,7 +711,8 @@ int virNetDevTapCreateInBridgePort(const char *brname,
goto error; goto error;
if (virNetDevTapAttachBridge(*ifname, brname, macaddr, vmuuid, if (virNetDevTapAttachBridge(*ifname, brname, macaddr, vmuuid,
virtPortProfile, virtVlan, mtu, actualMTU) < 0) { virtPortProfile, virtVlan,
isolatedPort, mtu, actualMTU) < 0) {
goto error; goto error;
} }

3
src/util/virnetdevtap.h
View File

@ -65,6 +65,7 @@ virNetDevTapAttachBridge(const char *tapname,
const unsigned char *vmuuid, const unsigned char *vmuuid,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU) unsigned int *actualMTU)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
@ -77,6 +78,7 @@ virNetDevTapReattachBridge(const char *tapname,
const unsigned char *vmuuid, const unsigned char *vmuuid,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU) unsigned int *actualMTU)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
@ -91,6 +93,7 @@ int virNetDevTapCreateInBridgePort(const char *brname,
size_t tapfdSize, size_t tapfdSize,
const virNetDevVPortProfile *virtPortProfile, const virNetDevVPortProfile *virtPortProfile,
const virNetDevVlan *virtVlan, const virNetDevVlan *virtVlan,
virTristateBool isolatedPort,
virNetDevCoalescePtr coalesce, virNetDevCoalescePtr coalesce,
unsigned int mtu, unsigned int mtu,
unsigned int *actualMTU, unsigned int *actualMTU,

1
tests/bhyvexml2argvmock.c
View File

@ -28,6 +28,7 @@ int virNetDevTapCreateInBridgePort(const char *brname G_GNUC_UNUSED,
size_t tapfdSize G_GNUC_UNUSED, size_t tapfdSize G_GNUC_UNUSED,
const virNetDevVPortProfile *virtPortProfile G_GNUC_UNUSED, const virNetDevVPortProfile *virtPortProfile G_GNUC_UNUSED,
const virNetDevVlan *virtVlan G_GNUC_UNUSED, const virNetDevVlan *virtVlan G_GNUC_UNUSED,
virTristateBool isolatedPort G_GNUC_UNUSED,
virNetDevCoalescePtr coalesce G_GNUC_UNUSED, virNetDevCoalescePtr coalesce G_GNUC_UNUSED,
unsigned int mtu G_GNUC_UNUSED, unsigned int mtu G_GNUC_UNUSED,
unsigned int *actualMTU G_GNUC_UNUSED, unsigned int *actualMTU G_GNUC_UNUSED,