External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-22 19:32:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

nwfilter: Check for filter presence before open connect during teardown

Browse Source 
https://bugzilla.redhat.com/show_bug.cgi?id=1608275

Instantiation of an nwfilter binding is only allowed when
the net->filter is defined for the network; however, the
teardown of the binding does not make this check. This
leaves open the possibility that the teardown could be
called during guest shutdown/teardown in session mode
resulting in the following error being logged:

    error : nwfilterConnectOpen:383 : internal error: unexpected
    nwfilter URI path '/session', try nwfilter:///system

So before going through the teardown processing, let's
be sure the network had a filter and then attempt to
get a connection. For session mode it's not even possible
create an nwfilter binding.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
John Ferlan 2018-08-27 10:39:39 -04:00
parent e773e1cbbc
commit dbfe8acae5
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/conf/domain_nwfilter.c
View File

@ -149,9 +149,12 @@ virDomainConfNWFilterTeardownImpl(virConnectPtr conn,
void void
virDomainConfNWFilterTeardown(virDomainNetDefPtr net) virDomainConfNWFilterTeardown(virDomainNetDefPtr net)
{ {
virConnectPtr conn = virGetConnectNWFilter(); virConnectPtr conn;
if (!conn) if (!net->filter)
return;
if (!(conn = virGetConnectNWFilter()))
return; return;
virDomainConfNWFilterTeardownImpl(conn, net); virDomainConfNWFilterTeardownImpl(conn, net);
@ -163,14 +166,19 @@ void
virDomainConfVMNWFilterTeardown(virDomainObjPtr vm) virDomainConfVMNWFilterTeardown(virDomainObjPtr vm)
{ {
size_t i; size_t i;
virConnectPtr conn = virGetConnectNWFilter(); virConnectPtr conn = NULL;
if (!conn) for (i = 0; i < vm->def->nnets; i++) {
return; virDomainNetDefPtr net = vm->def->nets[i];
if (!net->filter)
continue;
for (i = 0; i < vm->def->nnets; i++) if (!conn && !(conn = virGetConnectNWFilter()))
virDomainConfNWFilterTeardownImpl(conn, vm->def->nets[i]); return;
virDomainConfNWFilterTeardownImpl(conn, net);
}
virObjectUnref(conn); virObjectUnref(conn);
} }