mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-03 03:25:20 +00:00
nwfilter: convert virt drivers to use public API for nwfilter bindings
Remove the callbacks that the nwfilter driver registers with the domain object config layer. Instead make the current helper methods call into the public API for creating/deleting nwfilter bindings. Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
2d9318b6ce
commit
f14c37ce4c
@ -28,45 +28,146 @@
|
||||
#include "datatypes.h"
|
||||
#include "domain_conf.h"
|
||||
#include "domain_nwfilter.h"
|
||||
#include "virnwfilterbindingdef.h"
|
||||
#include "virerror.h"
|
||||
#include "viralloc.h"
|
||||
#include "virstring.h"
|
||||
#include "virlog.h"
|
||||
|
||||
|
||||
VIR_LOG_INIT("conf.domain_nwfilter");
|
||||
|
||||
#define VIR_FROM_THIS VIR_FROM_NWFILTER
|
||||
|
||||
static virDomainConfNWFilterDriverPtr nwfilterDriver;
|
||||
|
||||
void
|
||||
virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver)
|
||||
static virNWFilterBindingDefPtr
|
||||
virNWFilterBindingDefForNet(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net)
|
||||
{
|
||||
nwfilterDriver = driver;
|
||||
virNWFilterBindingDefPtr ret;
|
||||
|
||||
if (VIR_ALLOC(ret) < 0)
|
||||
return NULL;
|
||||
|
||||
if (VIR_STRDUP(ret->ownername, vmname) < 0)
|
||||
goto error;
|
||||
|
||||
memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid));
|
||||
|
||||
if (VIR_STRDUP(ret->portdevname, net->ifname) < 0)
|
||||
goto error;
|
||||
|
||||
if (net->type == VIR_DOMAIN_NET_TYPE_DIRECT &&
|
||||
VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0)
|
||||
goto error;
|
||||
|
||||
ret->mac = net->mac;
|
||||
|
||||
if (VIR_STRDUP(ret->filter, net->filter) < 0)
|
||||
goto error;
|
||||
|
||||
if (!(ret->filterparams = virNWFilterHashTableCreate(0)))
|
||||
goto error;
|
||||
|
||||
if (net->filterparams &&
|
||||
virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) < 0)
|
||||
goto error;
|
||||
|
||||
return ret;
|
||||
|
||||
error:
|
||||
virNWFilterBindingDefFree(ret);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virDomainConfNWFilterInstantiate(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net,
|
||||
bool ignoreExists)
|
||||
{
|
||||
virConnectPtr conn = virGetConnectNWFilter();
|
||||
virNWFilterBindingDefPtr def = NULL;
|
||||
virNWFilterBindingPtr binding = NULL;
|
||||
char *xml;
|
||||
int ret = -1;
|
||||
|
||||
VIR_DEBUG("vmname=%s portdev=%s filter=%s ignoreExists=%d",
|
||||
vmname, NULLSTR(net->ifname), NULLSTR(net->filter), ignoreExists);
|
||||
|
||||
if (!conn)
|
||||
goto cleanup;
|
||||
|
||||
if (ignoreExists) {
|
||||
binding = virNWFilterBindingLookupByPortDev(conn, net->ifname);
|
||||
if (binding) {
|
||||
ret = 0;
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
|
||||
if (!(def = virNWFilterBindingDefForNet(vmname, vmuuid, net)))
|
||||
goto cleanup;
|
||||
|
||||
if (!(xml = virNWFilterBindingDefFormat(def)))
|
||||
goto cleanup;
|
||||
|
||||
if (!(binding = virNWFilterBindingCreateXML(conn, xml, 0)))
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
VIR_FREE(xml);
|
||||
virNWFilterBindingDefFree(def);
|
||||
virObjectUnref(binding);
|
||||
virObjectUnref(conn);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
virDomainConfNWFilterTeardownImpl(virConnectPtr conn,
|
||||
virDomainNetDefPtr net)
|
||||
{
|
||||
if (nwfilterDriver != NULL)
|
||||
return nwfilterDriver->instantiateFilter(vmname, vmuuid, net);
|
||||
virNWFilterBindingPtr binding;
|
||||
|
||||
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
|
||||
_("No network filter driver available"));
|
||||
return -1;
|
||||
binding = virNWFilterBindingLookupByPortDev(conn, net->ifname);
|
||||
if (!binding)
|
||||
return;
|
||||
|
||||
virNWFilterBindingDelete(binding);
|
||||
|
||||
virObjectUnref(binding);
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
virDomainConfNWFilterTeardown(virDomainNetDefPtr net)
|
||||
{
|
||||
if (nwfilterDriver != NULL)
|
||||
nwfilterDriver->teardownFilter(net);
|
||||
virConnectPtr conn = virGetConnectNWFilter();
|
||||
|
||||
if (!conn)
|
||||
return;
|
||||
|
||||
virDomainConfNWFilterTeardownImpl(conn, net);
|
||||
|
||||
virObjectUnref(conn);
|
||||
}
|
||||
|
||||
void
|
||||
virDomainConfVMNWFilterTeardown(virDomainObjPtr vm)
|
||||
{
|
||||
size_t i;
|
||||
virConnectPtr conn = virGetConnectNWFilter();
|
||||
|
||||
if (!conn)
|
||||
return;
|
||||
|
||||
|
||||
if (nwfilterDriver != NULL) {
|
||||
for (i = 0; i < vm->def->nnets; i++)
|
||||
virDomainConfNWFilterTeardown(vm->def->nets[i]);
|
||||
}
|
||||
virDomainConfNWFilterTeardownImpl(conn, vm->def->nets[i]);
|
||||
|
||||
virObjectUnref(conn);
|
||||
}
|
||||
|
@ -23,22 +23,10 @@
|
||||
#ifndef DOMAIN_NWFILTER_H
|
||||
# define DOMAIN_NWFILTER_H
|
||||
|
||||
typedef int (*virDomainConfInstantiateNWFilter)(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net);
|
||||
typedef void (*virDomainConfTeardownNWFilter)(virDomainNetDefPtr net);
|
||||
|
||||
typedef struct {
|
||||
virDomainConfInstantiateNWFilter instantiateFilter;
|
||||
virDomainConfTeardownNWFilter teardownFilter;
|
||||
} virDomainConfNWFilterDriver;
|
||||
typedef virDomainConfNWFilterDriver *virDomainConfNWFilterDriverPtr;
|
||||
|
||||
void virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver);
|
||||
|
||||
int virDomainConfNWFilterInstantiate(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net);
|
||||
virDomainNetDefPtr net,
|
||||
bool ignoreExists);
|
||||
void virDomainConfNWFilterTeardown(virDomainNetDefPtr net);
|
||||
void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm);
|
||||
|
||||
|
@ -651,7 +651,6 @@ virDomainQemuMonitorEventStateRegisterID;
|
||||
|
||||
# conf/domain_nwfilter.h
|
||||
virDomainConfNWFilterInstantiate;
|
||||
virDomainConfNWFilterRegister;
|
||||
virDomainConfNWFilterTeardown;
|
||||
virDomainConfVMNWFilterTeardown;
|
||||
|
||||
|
@ -303,7 +303,7 @@ virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
|
||||
}
|
||||
|
||||
if (net->filter &&
|
||||
virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net) < 0)
|
||||
virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net, false) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = containerVeth;
|
||||
|
@ -655,65 +655,6 @@ nwfilterGetXMLDesc(virNWFilterPtr nwfilter,
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
nwfilterInstantiateFilter(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net)
|
||||
{
|
||||
virNWFilterBindingObjPtr obj;
|
||||
virNWFilterBindingDefPtr def;
|
||||
int ret;
|
||||
|
||||
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, net->ifname);
|
||||
if (obj) {
|
||||
virNWFilterBindingObjEndAPI(&obj);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!(def = virNWFilterBindingDefForNet(vmname, vmuuid, net)))
|
||||
return -1;
|
||||
|
||||
obj = virNWFilterBindingObjListAdd(driver->bindings,
|
||||
def);
|
||||
if (!obj) {
|
||||
virNWFilterBindingDefFree(def);
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = virNWFilterInstantiateFilter(driver, def);
|
||||
|
||||
if (ret >= 0)
|
||||
virNWFilterBindingObjSave(obj, driver->bindingDir);
|
||||
else
|
||||
virNWFilterBindingObjListRemove(driver->bindings, obj);
|
||||
|
||||
virNWFilterBindingObjEndAPI(&obj);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
nwfilterTeardownFilter(virDomainNetDefPtr net)
|
||||
{
|
||||
virNWFilterBindingObjPtr obj;
|
||||
virNWFilterBindingDefPtr def;
|
||||
if (!net->ifname)
|
||||
return;
|
||||
|
||||
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, net->ifname);
|
||||
if (!obj)
|
||||
return;
|
||||
|
||||
def = virNWFilterBindingObjGetDef(obj);
|
||||
virNWFilterTeardownFilter(def);
|
||||
virNWFilterBindingObjDelete(obj, driver->bindingDir);
|
||||
|
||||
virNWFilterBindingObjListRemove(driver->bindings, obj);
|
||||
virNWFilterBindingObjEndAPI(&obj);
|
||||
}
|
||||
|
||||
|
||||
static virNWFilterBindingPtr
|
||||
nwfilterBindingLookupByPortDev(virConnectPtr conn,
|
||||
const char *portdev)
|
||||
@ -724,8 +665,11 @@ nwfilterBindingLookupByPortDev(virConnectPtr conn,
|
||||
|
||||
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings,
|
||||
portdev);
|
||||
if (!obj)
|
||||
if (!obj) {
|
||||
virReportError(VIR_ERR_NO_NWFILTER_BINDING,
|
||||
_("no nwfilter binding for port dev '%s'"), portdev);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
def = virNWFilterBindingObjGetDef(obj);
|
||||
if (virNWFilterBindingLookupByPortDevEnsureACL(conn, def) < 0)
|
||||
@ -772,8 +716,11 @@ nwfilterBindingGetXMLDesc(virNWFilterBindingPtr binding,
|
||||
|
||||
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings,
|
||||
binding->portdev);
|
||||
if (!obj)
|
||||
if (!obj) {
|
||||
virReportError(VIR_ERR_NO_NWFILTER_BINDING,
|
||||
_("no nwfilter binding for port dev '%s'"), binding->portdev);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
def = virNWFilterBindingObjGetDef(obj);
|
||||
if (virNWFilterBindingGetXMLDescEnsureACL(binding->conn, def) < 0)
|
||||
@ -852,8 +799,11 @@ nwfilterBindingDelete(virNWFilterBindingPtr binding)
|
||||
int ret = -1;
|
||||
|
||||
obj = virNWFilterBindingObjListFindByPortDev(driver->bindings, binding->portdev);
|
||||
if (!obj)
|
||||
if (!obj) {
|
||||
virReportError(VIR_ERR_NO_NWFILTER_BINDING,
|
||||
_("no nwfilter binding for port dev '%s'"), binding->portdev);
|
||||
return -1;
|
||||
}
|
||||
|
||||
def = virNWFilterBindingObjGetDef(obj);
|
||||
if (virNWFilterBindingDeleteEnsureACL(binding->conn, def) < 0)
|
||||
@ -914,13 +864,6 @@ static virStateDriver stateDriver = {
|
||||
.stateReload = nwfilterStateReload,
|
||||
};
|
||||
|
||||
|
||||
static virDomainConfNWFilterDriver domainNWFilterDriver = {
|
||||
.instantiateFilter = nwfilterInstantiateFilter,
|
||||
.teardownFilter = nwfilterTeardownFilter,
|
||||
};
|
||||
|
||||
|
||||
int nwfilterRegister(void)
|
||||
{
|
||||
if (virRegisterConnectDriver(&nwfilterConnectDriver, false) < 0)
|
||||
@ -929,6 +872,5 @@ int nwfilterRegister(void)
|
||||
return -1;
|
||||
if (virRegisterStateDriver(&stateDriver) < 0)
|
||||
return -1;
|
||||
virDomainConfNWFilterRegister(&domainNWFilterDriver);
|
||||
return 0;
|
||||
}
|
||||
|
@ -1082,45 +1082,3 @@ virNWFilterBuildAll(virNWFilterDriverStatePtr driver,
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
virNWFilterBindingDefPtr
|
||||
virNWFilterBindingDefForNet(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net)
|
||||
{
|
||||
virNWFilterBindingDefPtr ret;
|
||||
|
||||
if (VIR_ALLOC(ret) < 0)
|
||||
return NULL;
|
||||
|
||||
if (VIR_STRDUP(ret->ownername, vmname) < 0)
|
||||
goto error;
|
||||
|
||||
memcpy(ret->owneruuid, vmuuid, sizeof(ret->owneruuid));
|
||||
|
||||
if (VIR_STRDUP(ret->portdevname, net->ifname) < 0)
|
||||
goto error;
|
||||
|
||||
if (net->type == VIR_DOMAIN_NET_TYPE_DIRECT &&
|
||||
VIR_STRDUP(ret->linkdevname, net->data.direct.linkdev) < 0)
|
||||
goto error;
|
||||
|
||||
ret->mac = net->mac;
|
||||
|
||||
if (VIR_STRDUP(ret->filter, net->filter) < 0)
|
||||
goto error;
|
||||
|
||||
if (!(ret->filterparams = virNWFilterHashTableCreate(0)))
|
||||
goto error;
|
||||
|
||||
if (net->filterparams &&
|
||||
virNWFilterHashTablePutAll(net->filterparams, ret->filterparams) < 0)
|
||||
goto error;
|
||||
|
||||
return ret;
|
||||
|
||||
error:
|
||||
virNWFilterBindingDefFree(ret);
|
||||
return NULL;
|
||||
}
|
||||
|
@ -57,8 +57,4 @@ virHashTablePtr virNWFilterCreateVarHashmap(const char *macaddr,
|
||||
int virNWFilterBuildAll(virNWFilterDriverStatePtr driver,
|
||||
bool newFilters);
|
||||
|
||||
virNWFilterBindingDefPtr virNWFilterBindingDefForNet(const char *vmname,
|
||||
const unsigned char *vmuuid,
|
||||
virDomainNetDefPtr net);
|
||||
|
||||
#endif
|
||||
|
@ -3009,7 +3009,7 @@ qemuDomainChangeNetFilter(virDomainObjPtr vm,
|
||||
|
||||
if (newdev->filter &&
|
||||
virDomainConfNWFilterInstantiate(vm->def->name,
|
||||
vm->def->uuid, newdev) < 0) {
|
||||
vm->def->uuid, newdev, false) < 0) {
|
||||
virErrorPtr errobj;
|
||||
|
||||
virReportError(VIR_ERR_OPERATION_FAILED,
|
||||
@ -3018,7 +3018,7 @@ qemuDomainChangeNetFilter(virDomainObjPtr vm,
|
||||
olddev->ifname);
|
||||
virErrorPreserveLast(&errobj);
|
||||
ignore_value(virDomainConfNWFilterInstantiate(vm->def->name,
|
||||
vm->def->uuid, olddev));
|
||||
vm->def->uuid, olddev, false));
|
||||
virErrorRestore(&errobj);
|
||||
return -1;
|
||||
}
|
||||
|
@ -467,7 +467,7 @@ qemuInterfaceEthernetConnect(virDomainDefPtr def,
|
||||
goto cleanup;
|
||||
|
||||
if (net->filter &&
|
||||
virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0) {
|
||||
virDomainConfNWFilterInstantiate(def->name, def->uuid, net, false) < 0) {
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -586,7 +586,7 @@ qemuInterfaceBridgeConnect(virDomainDefPtr def,
|
||||
goto cleanup;
|
||||
|
||||
if (net->filter &&
|
||||
virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0) {
|
||||
virDomainConfNWFilterInstantiate(def->name, def->uuid, net, false) < 0) {
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
|
@ -3018,14 +3018,14 @@ qemuProcessNotifyNets(virDomainDefPtr def)
|
||||
}
|
||||
|
||||
static int
|
||||
qemuProcessFiltersInstantiate(virDomainDefPtr def)
|
||||
qemuProcessFiltersInstantiate(virDomainDefPtr def, bool ignoreExists)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < def->nnets; i++) {
|
||||
virDomainNetDefPtr net = def->nets[i];
|
||||
if ((net->filter) && (net->ifname)) {
|
||||
if (virDomainConfNWFilterInstantiate(def->name, def->uuid, net) < 0)
|
||||
if (virDomainConfNWFilterInstantiate(def->name, def->uuid, net, ignoreExists) < 0)
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
@ -7650,7 +7650,7 @@ qemuProcessReconnect(void *opaque)
|
||||
|
||||
qemuProcessNotifyNets(obj->def);
|
||||
|
||||
if (qemuProcessFiltersInstantiate(obj->def))
|
||||
if (qemuProcessFiltersInstantiate(obj->def, true))
|
||||
goto error;
|
||||
|
||||
if (qemuProcessRefreshDisks(driver, obj, QEMU_ASYNC_JOB_NONE) < 0)
|
||||
|
@ -283,6 +283,7 @@ static int daemonErrorLogFilter(virErrorPtr err, int priority)
|
||||
case VIR_ERR_NO_NODE_DEVICE:
|
||||
case VIR_ERR_NO_INTERFACE:
|
||||
case VIR_ERR_NO_NWFILTER:
|
||||
case VIR_ERR_NO_NWFILTER_BINDING:
|
||||
case VIR_ERR_NO_SECRET:
|
||||
case VIR_ERR_NO_DOMAIN_SNAPSHOT:
|
||||
case VIR_ERR_OPERATION_INVALID:
|
||||
|
@ -137,7 +137,7 @@ umlConnectTapDevice(virDomainDefPtr vm,
|
||||
}
|
||||
|
||||
if (net->filter) {
|
||||
if (virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net) < 0) {
|
||||
if (virDomainConfNWFilterInstantiate(vm->name, vm->uuid, net, false) < 0) {
|
||||
if (template_ifname)
|
||||
VIR_FREE(net->ifname);
|
||||
goto error;
|
||||
|
Loading…
Reference in New Issue
Block a user