mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-25 07:05:28 +00:00
nwfilter: fix loadable module support
Following Daniel Berrange's multiple helpful suggestions for improving this patch and introducing another driver interface, I now wrote the below patch where the nwfilter driver registers the functions to instantiate and teardown the nwfilters with a function in conf/domain_nwfilter.c called virDomainConfNWFilterRegister. Previous helper functions that were called from qemu_driver.c and qemu_conf.c were move into conf/domain_nwfilter.h with slight renaming done for consistency. Those functions now call the function expored by domain_nwfilter.c, which in turn call the functions of the new driver interface, if available.
This commit is contained in:
parent
c7a33939bc
commit
cab5a52aa2
@ -97,7 +97,8 @@ DRIVER_SOURCES = \
|
|||||||
# Domain driver generic impl APIs
|
# Domain driver generic impl APIs
|
||||||
DOMAIN_CONF_SOURCES = \
|
DOMAIN_CONF_SOURCES = \
|
||||||
conf/capabilities.c conf/capabilities.h \
|
conf/capabilities.c conf/capabilities.h \
|
||||||
conf/domain_conf.c conf/domain_conf.h
|
conf/domain_conf.c conf/domain_conf.h \
|
||||||
|
conf/domain_nwfilter.c conf/domain_nwfilter.h
|
||||||
|
|
||||||
DOMAIN_EVENT_SOURCES = \
|
DOMAIN_EVENT_SOURCES = \
|
||||||
conf/domain_event.c conf/domain_event.h
|
conf/domain_event.c conf/domain_event.h
|
||||||
|
61
src/conf/domain_nwfilter.c
Normal file
61
src/conf/domain_nwfilter.c
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
/*
|
||||||
|
* domain_nwfilter.c:
|
||||||
|
*
|
||||||
|
* Copyright (C) 2010 IBM Corporation
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2.1 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
*
|
||||||
|
* Author: Stefan Berger <stefanb@us.ibm.com>
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "internal.h"
|
||||||
|
|
||||||
|
#include "datatypes.h"
|
||||||
|
#include "domain_conf.h"
|
||||||
|
#include "domain_nwfilter.h"
|
||||||
|
|
||||||
|
static virDomainConfNWFilterDriverPtr nwfilterDriver;
|
||||||
|
|
||||||
|
void
|
||||||
|
virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver) {
|
||||||
|
nwfilterDriver = driver;
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
virDomainConfNWFilterInstantiate(virConnectPtr conn,
|
||||||
|
virDomainNetDefPtr net) {
|
||||||
|
if (nwfilterDriver != NULL)
|
||||||
|
return nwfilterDriver->instantiateFilter(conn, net);
|
||||||
|
/* driver module not available -- don't indicate failure */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
virDomainConfNWFilterTeardown(virDomainNetDefPtr net) {
|
||||||
|
if (nwfilterDriver != NULL)
|
||||||
|
nwfilterDriver->teardownFilter(net);
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
virDomainConfVMNWFilterTeardown(virDomainObjPtr vm) {
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (nwfilterDriver != NULL) {
|
||||||
|
for (i = 0; i < vm->def->nnets; i++)
|
||||||
|
virDomainConfNWFilterTeardown(vm->def->nets[i]);
|
||||||
|
}
|
||||||
|
}
|
43
src/conf/domain_nwfilter.h
Normal file
43
src/conf/domain_nwfilter.h
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
/*
|
||||||
|
* domain_nwfilter.h:
|
||||||
|
*
|
||||||
|
* Copyright (C) 2010 IBM Corporation
|
||||||
|
* Copyright (C) 2010 Red Hat, Inc.
|
||||||
|
*
|
||||||
|
* This library is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU Lesser General Public
|
||||||
|
* License as published by the Free Software Foundation; either
|
||||||
|
* version 2.1 of the License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This library is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
* Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public
|
||||||
|
* License along with this library; if not, write to the Free Software
|
||||||
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
*
|
||||||
|
* Author: Stefan Berger <stefanb@us.ibm.com>
|
||||||
|
*/
|
||||||
|
#ifndef DOMAIN_NWFILTER_H
|
||||||
|
# define DOMAIN_NWFILTER_H
|
||||||
|
|
||||||
|
typedef int (*virDomainConfInstantiateNWFilter)(virConnectPtr conn,
|
||||||
|
virDomainNetDefPtr net);
|
||||||
|
typedef void (*virDomainConfTeardownNWFilter)(virDomainNetDefPtr net);
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
virDomainConfInstantiateNWFilter instantiateFilter;
|
||||||
|
virDomainConfTeardownNWFilter teardownFilter;
|
||||||
|
} virDomainConfNWFilterDriver;
|
||||||
|
typedef virDomainConfNWFilterDriver *virDomainConfNWFilterDriverPtr;
|
||||||
|
|
||||||
|
void virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver);
|
||||||
|
|
||||||
|
int virDomainConfNWFilterInstantiate(virConnectPtr conn,
|
||||||
|
virDomainNetDefPtr net);
|
||||||
|
void virDomainConfNWFilterTeardown(virDomainNetDefPtr net);
|
||||||
|
void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm);
|
||||||
|
|
||||||
|
#endif /* DOMAIN_NWFILTER_H */
|
@ -264,6 +264,11 @@ virDomainEventDispatchDefaultFunc;
|
|||||||
virDomainEventDispatch;
|
virDomainEventDispatch;
|
||||||
virDomainEventQueueDispatch;
|
virDomainEventQueueDispatch;
|
||||||
|
|
||||||
|
# domain_nwfilter.h
|
||||||
|
virDomainConfNWFilterRegister;
|
||||||
|
virDomainConfNWFilterInstantiate;
|
||||||
|
virDomainConfNWFilterTeardown;
|
||||||
|
virDomainConfVMNWFilterTeardown;
|
||||||
|
|
||||||
# ebtables.h
|
# ebtables.h
|
||||||
ebtablesAddForwardAllowIn;
|
ebtablesAddForwardAllowIn;
|
||||||
|
@ -33,6 +33,7 @@
|
|||||||
#include "datatypes.h"
|
#include "datatypes.h"
|
||||||
#include "memory.h"
|
#include "memory.h"
|
||||||
#include "domain_conf.h"
|
#include "domain_conf.h"
|
||||||
|
#include "domain_nwfilter.h"
|
||||||
#include "nwfilter_driver.h"
|
#include "nwfilter_driver.h"
|
||||||
#include "nwfilter_gentech_driver.h"
|
#include "nwfilter_gentech_driver.h"
|
||||||
|
|
||||||
@ -410,6 +411,20 @@ cleanup:
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static int
|
||||||
|
nwfilterInstantiateFilter(virConnectPtr conn,
|
||||||
|
virDomainNetDefPtr net) {
|
||||||
|
return virNWFilterInstantiateFilter(conn, net);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
nwfilterTeardownFilter(virDomainNetDefPtr net) {
|
||||||
|
if ((net->ifname) && (net->filter))
|
||||||
|
virNWFilterTeardownFilter(net);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static virNWFilterDriver nwfilterDriver = {
|
static virNWFilterDriver nwfilterDriver = {
|
||||||
.name = "nwfilter",
|
.name = "nwfilter",
|
||||||
.open = nwfilterOpen,
|
.open = nwfilterOpen,
|
||||||
@ -432,8 +447,16 @@ static virStateDriver stateDriver = {
|
|||||||
.active = nwfilterDriverActive,
|
.active = nwfilterDriverActive,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
static virDomainConfNWFilterDriver domainNWFilterDriver = {
|
||||||
|
.instantiateFilter = nwfilterInstantiateFilter,
|
||||||
|
.teardownFilter = nwfilterTeardownFilter,
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
int nwfilterRegister(void) {
|
int nwfilterRegister(void) {
|
||||||
virRegisterNWFilterDriver(&nwfilterDriver);
|
virRegisterNWFilterDriver(&nwfilterDriver);
|
||||||
virRegisterStateDriver(&stateDriver);
|
virRegisterStateDriver(&stateDriver);
|
||||||
|
virDomainConfNWFilterRegister(&domainNWFilterDriver);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -67,21 +67,4 @@ void virNWFilterDomainFWUpdateCB(void *payload,
|
|||||||
const char *name ATTRIBUTE_UNUSED,
|
const char *name ATTRIBUTE_UNUSED,
|
||||||
void *data);
|
void *data);
|
||||||
|
|
||||||
|
|
||||||
/* tear down an interface's filter before tearing down the interface */
|
|
||||||
static inline void
|
|
||||||
virNWFilterTearNWFilter(virDomainNetDefPtr net) {
|
|
||||||
if ((net->filter) && (net->ifname))
|
|
||||||
virNWFilterTeardownFilter(net);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static inline void
|
|
||||||
virNWFilterTearVMNWFilters(virDomainObjPtr vm) {
|
|
||||||
int i;
|
|
||||||
|
|
||||||
for (i = 0; i < vm->def->nnets; i++)
|
|
||||||
virNWFilterTearNWFilter(vm->def->nets[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -54,7 +54,7 @@
|
|||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "macvtap.h"
|
#include "macvtap.h"
|
||||||
#include "cpu/cpu.h"
|
#include "cpu/cpu.h"
|
||||||
#include "nwfilter/nwfilter_gentech_driver.h"
|
#include "domain_nwfilter.h"
|
||||||
|
|
||||||
#define VIR_FROM_THIS VIR_FROM_QEMU
|
#define VIR_FROM_THIS VIR_FROM_QEMU
|
||||||
|
|
||||||
@ -1514,9 +1514,10 @@ int qemudExtractVersion(struct qemud_driver *driver) {
|
|||||||
/**
|
/**
|
||||||
* qemudPhysIfaceConnect:
|
* qemudPhysIfaceConnect:
|
||||||
* @conn: pointer to virConnect object
|
* @conn: pointer to virConnect object
|
||||||
|
* @driver: pointer to the qemud_driver
|
||||||
* @net: pointer to he VM's interface description with direct device type
|
* @net: pointer to he VM's interface description with direct device type
|
||||||
* @linkdev: The name of the physical interface to link the macvtap to
|
* @qemuCmdFlags: flags for qemu
|
||||||
* @brmode: The mode to put the macvtap device into
|
* @vmuuid: The UUID of the VM (needed by 802.1Qbh)
|
||||||
*
|
*
|
||||||
* Returns a filedescriptor on success or -1 in case of error.
|
* Returns a filedescriptor on success or -1 in case of error.
|
||||||
*/
|
*/
|
||||||
@ -1555,7 +1556,7 @@ qemudPhysIfaceConnect(virConnectPtr conn,
|
|||||||
|
|
||||||
if (rc >= 0) {
|
if (rc >= 0) {
|
||||||
if ((net->filter) && (net->ifname)) {
|
if ((net->filter) && (net->ifname)) {
|
||||||
err = virNWFilterInstantiateFilter(conn, net);
|
err = virDomainConfNWFilterInstantiate(conn, net);
|
||||||
if (err) {
|
if (err) {
|
||||||
close(rc);
|
close(rc);
|
||||||
rc = -1;
|
rc = -1;
|
||||||
@ -1688,7 +1689,7 @@ qemudNetworkIfaceConnect(virConnectPtr conn,
|
|||||||
|
|
||||||
if (tapfd >= 0) {
|
if (tapfd >= 0) {
|
||||||
if ((net->filter) && (net->ifname)) {
|
if ((net->filter) && (net->ifname)) {
|
||||||
err = virNWFilterInstantiateFilter(conn, net);
|
err = virDomainConfNWFilterInstantiate(conn, net);
|
||||||
if (err) {
|
if (err) {
|
||||||
close(tapfd);
|
close(tapfd);
|
||||||
tapfd = -1;
|
tapfd = -1;
|
||||||
@ -4207,7 +4208,7 @@ int qemudBuildCommandLine(virConnectPtr conn,
|
|||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
|
if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
|
||||||
virNWFilterTearNWFilter(net);
|
virDomainConfNWFilterTeardown(net);
|
||||||
close(tapfd);
|
close(tapfd);
|
||||||
goto no_memory;
|
goto no_memory;
|
||||||
}
|
}
|
||||||
@ -4226,7 +4227,7 @@ int qemudBuildCommandLine(virConnectPtr conn,
|
|||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
|
if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
|
||||||
virNWFilterTearNWFilter(net);
|
virDomainConfNWFilterTeardown(net);
|
||||||
close(tapfd);
|
close(tapfd);
|
||||||
goto no_memory;
|
goto no_memory;
|
||||||
}
|
}
|
||||||
@ -4766,7 +4767,7 @@ int qemudBuildCommandLine(virConnectPtr conn,
|
|||||||
virReportOOMError();
|
virReportOOMError();
|
||||||
error:
|
error:
|
||||||
for (i = 0; i <= last_good_net; i++)
|
for (i = 0; i <= last_good_net; i++)
|
||||||
virNWFilterTearNWFilter(def->nets[i]);
|
virDomainConfNWFilterTeardown(def->nets[i]);
|
||||||
if (vmfds &&
|
if (vmfds &&
|
||||||
*vmfds) {
|
*vmfds) {
|
||||||
for (i = 0; i < *nvmfds; i++)
|
for (i = 0; i < *nvmfds; i++)
|
||||||
|
@ -81,7 +81,7 @@
|
|||||||
#include "xml.h"
|
#include "xml.h"
|
||||||
#include "cpu/cpu.h"
|
#include "cpu/cpu.h"
|
||||||
#include "macvtap.h"
|
#include "macvtap.h"
|
||||||
#include "nwfilter/nwfilter_gentech_driver.h"
|
#include "domain_nwfilter.h"
|
||||||
#include "hooks.h"
|
#include "hooks.h"
|
||||||
#include "storage_file.h"
|
#include "storage_file.h"
|
||||||
|
|
||||||
@ -3577,7 +3577,7 @@ static int qemudStartVMDaemon(virConnectPtr conn,
|
|||||||
VIR_FREE(progenv);
|
VIR_FREE(progenv);
|
||||||
|
|
||||||
if (ret == -1) /* The VM failed to start; tear filters before taps */
|
if (ret == -1) /* The VM failed to start; tear filters before taps */
|
||||||
virNWFilterTearVMNWFilters(vm);
|
virDomainConfVMNWFilterTeardown(vm);
|
||||||
|
|
||||||
if (vmfds) {
|
if (vmfds) {
|
||||||
for (i = 0 ; i < nvmfds ; i++) {
|
for (i = 0 ; i < nvmfds ; i++) {
|
||||||
@ -3669,7 +3669,7 @@ static void qemudShutdownVMDaemon(struct qemud_driver *driver,
|
|||||||
* reporting so we don't squash a legit error. */
|
* reporting so we don't squash a legit error. */
|
||||||
orig_err = virSaveLastError();
|
orig_err = virSaveLastError();
|
||||||
|
|
||||||
virNWFilterTearVMNWFilters(vm);
|
virDomainConfVMNWFilterTeardown(vm);
|
||||||
|
|
||||||
if (driver->macFilter) {
|
if (driver->macFilter) {
|
||||||
def = vm->def;
|
def = vm->def;
|
||||||
@ -7646,7 +7646,7 @@ cleanup:
|
|||||||
VIR_WARN0("Unable to release PCI address on NIC");
|
VIR_WARN0("Unable to release PCI address on NIC");
|
||||||
|
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
virNWFilterTearNWFilter(net);
|
virDomainConfNWFilterTeardown(net);
|
||||||
|
|
||||||
VIR_FREE(nicstr);
|
VIR_FREE(nicstr);
|
||||||
VIR_FREE(netstr);
|
VIR_FREE(netstr);
|
||||||
@ -8615,7 +8615,7 @@ qemudDomainDetachNetDevice(struct qemud_driver *driver,
|
|||||||
}
|
}
|
||||||
qemuDomainObjExitMonitorWithDriver(driver, vm);
|
qemuDomainObjExitMonitorWithDriver(driver, vm);
|
||||||
|
|
||||||
virNWFilterTearNWFilter(detach);
|
virDomainConfNWFilterTeardown(detach);
|
||||||
|
|
||||||
#if WITH_MACVTAP
|
#if WITH_MACVTAP
|
||||||
if (detach->type == VIR_DOMAIN_NET_TYPE_DIRECT) {
|
if (detach->type == VIR_DOMAIN_NET_TYPE_DIRECT) {
|
||||||
|
Loading…
Reference in New Issue
Block a user