render / rpms / libvirt

Forked from rpms/libvirt 5 months ago
Clone
Source Code
GIT

Blame SOURCES/libvirt-nwfilter-fix-adding-std-MAC-and-IP-values-to-filter-binding.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale libvirt-hyperscale-10.4.0 upgrade-hyperscale-libvirt
  1.   c8-sig-altarch-stream-rhel
  2.   SOURCES
  3.   libvirt-nwfilter-fix-adding-std-MAC-and-IP-values-to-filter-binding.patch
Blob History Raw
Pablo Greco 40546a 
From a8234641ad57553aa054bded71ed97c94f3100f1 Mon Sep 17 00:00:00 2001
Pablo Greco 40546a 
Message-Id: <a8234641ad57553aa054bded71ed97c94f3100f1@dist-git>
Pablo Greco 40546a 
From: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Pablo Greco 40546a 
Date: Wed, 5 Jun 2019 14:51:10 +0200
Pablo Greco 40546a 
Subject: [PATCH] nwfilter: fix adding std MAC and IP values to filter binding
Pablo Greco 40546a 
MIME-Version: 1.0
Pablo Greco 40546a 
Content-Type: text/plain; charset=UTF-8
Pablo Greco 40546a 
Content-Transfer-Encoding: 8bit
Pablo Greco 40546a
Pablo Greco 40546a 
Commit d1a7c08eb changed filter instantiation code to ignore MAC and IP
Pablo Greco 40546a 
variables explicitly specified for filter binding. It just replaces
Pablo Greco 40546a 
explicit values with values associated with the binding. Before the
Pablo Greco 40546a 
commit virNWFilterCreateVarsFrom was used so that explicit value
Pablo Greco 40546a 
take precedence. Let's bring old behavior back.
Pablo Greco 40546a
Pablo Greco 40546a 
This is useful. For example if domain has two interfaces it makes
Pablo Greco 40546a 
sense to list both mac adresses in MAC var of every interface
Pablo Greco 40546a 
filterref. So that if guest make a bond of these interfaces
Pablo Greco 40546a 
and start sending frames with one of the mac adresses from
Pablo Greco 40546a 
both interfaces we can pass outgress traffic from both
Pablo Greco 40546a 
interfaces too.
Pablo Greco 40546a
Pablo Greco 40546a 
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Pablo Greco 40546a 
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Pablo Greco 40546a 
(cherry picked from commit 01e11ebcb6e8f24662b7c67b70134c192785691c)
Pablo Greco 40546a
Pablo Greco 40546a 
https://bugzilla.redhat.com/show_bug.cgi?id=1691356
Pablo Greco 40546a
Pablo Greco 40546a 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Pablo Greco 40546a 
Acked-by: Daniel P. Berrangé <berrange@redhat.com>
Pablo Greco 40546a 
---
Pablo Greco 40546a 
 src/nwfilter/nwfilter_gentech_driver.c | 92 +++++++++-----------------
Pablo Greco 40546a 
 1 file changed, 32 insertions(+), 60 deletions(-)
Pablo Greco 40546a
Pablo Greco 40546a 
diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c
Pablo Greco 40546a 
index e5dea91f83..ece5d28f41 100644
Pablo Greco 40546a 
--- a/src/nwfilter/nwfilter_gentech_driver.c
Pablo Greco 40546a 
+++ b/src/nwfilter/nwfilter_gentech_driver.c
Pablo Greco 40546a 
@@ -128,60 +128,6 @@ virNWFilterRuleInstFree(virNWFilterRuleInstPtr inst)
Pablo Greco 40546a 
 }
Pablo Greco 40546a
Pablo Greco 40546a
Pablo Greco 40546a 
-/**
Pablo Greco 40546a 
- * virNWFilterVarHashmapAddStdValues:
Pablo Greco 40546a 
- * @tables: pointer to hash tabel to add values to
Pablo Greco 40546a 
- * @macaddr: The string of the MAC address to add to the hash table,
Pablo Greco 40546a 
- *    may be NULL
Pablo Greco 40546a 
- * @ipaddr: The string of the IP address to add to the hash table;
Pablo Greco 40546a 
- *    may be NULL
Pablo Greco 40546a 
- *
Pablo Greco 40546a 
- * Returns 0 in case of success, -1 in case an error happened with
Pablo Greco 40546a 
- * error having been reported.
Pablo Greco 40546a 
- *
Pablo Greco 40546a 
- * Adds a couple of standard keys (MAC, IP) to the hash table.
Pablo Greco 40546a 
- */
Pablo Greco 40546a 
-static int
Pablo Greco 40546a 
-virNWFilterVarHashmapAddStdValues(virHashTablePtr table,
Pablo Greco 40546a 
-                                  const char *macaddr,
Pablo Greco 40546a 
-                                  const virNWFilterVarValue *ipaddr)
Pablo Greco 40546a 
-{
Pablo Greco 40546a 
-    virNWFilterVarValue *val;
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-    if (macaddr) {
Pablo Greco 40546a 
-        val = virNWFilterVarValueCreateSimpleCopyValue(macaddr);
Pablo Greco 40546a 
-        if (!val)
Pablo Greco 40546a 
-            return -1;
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-        if (virHashUpdateEntry(table,
Pablo Greco 40546a 
-                               NWFILTER_STD_VAR_MAC,
Pablo Greco 40546a 
-                               val) < 0) {
Pablo Greco 40546a 
-            virNWFilterVarValueFree(val);
Pablo Greco 40546a 
-            virReportError(VIR_ERR_INTERNAL_ERROR,
Pablo Greco 40546a 
-                           "%s", _("Could not add variable 'MAC' to hashmap"));
Pablo Greco 40546a 
-            return -1;
Pablo Greco 40546a 
-        }
Pablo Greco 40546a 
-    }
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-    if (ipaddr) {
Pablo Greco 40546a 
-        val = virNWFilterVarValueCopy(ipaddr);
Pablo Greco 40546a 
-        if (!val)
Pablo Greco 40546a 
-            return -1;
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-        if (virHashUpdateEntry(table,
Pablo Greco 40546a 
-                               NWFILTER_STD_VAR_IP,
Pablo Greco 40546a 
-                               val) < 0) {
Pablo Greco 40546a 
-            virNWFilterVarValueFree(val);
Pablo Greco 40546a 
-            virReportError(VIR_ERR_INTERNAL_ERROR,
Pablo Greco 40546a 
-                           "%s", _("Could not add variable 'IP' to hashmap"));
Pablo Greco 40546a 
-            return -1;
Pablo Greco 40546a 
-        }
Pablo Greco 40546a 
-    }
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-    return 0;
Pablo Greco 40546a 
-}
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-
Pablo Greco 40546a 
 /**
Pablo Greco 40546a 
  * Convert a virHashTable into a string of comma-separated
Pablo Greco 40546a 
  * variable names.
Pablo Greco 40546a 
@@ -707,6 +653,28 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver,
Pablo Greco 40546a 
 }
Pablo Greco 40546a
Pablo Greco 40546a
Pablo Greco 40546a 
+static int
Pablo Greco 40546a 
+virNWFilterVarHashmapAddStdValue(virHashTablePtr table,
Pablo Greco 40546a 
+                                 const char *var,
Pablo Greco 40546a 
+                                 const char *value)
Pablo Greco 40546a 
+{
Pablo Greco 40546a 
+    virNWFilterVarValue *val;
Pablo Greco 40546a 
+
Pablo Greco 40546a 
+    if (virHashLookup(table, var))
Pablo Greco 40546a 
+        return 0;
Pablo Greco 40546a 
+
Pablo Greco 40546a 
+    if (!(val = virNWFilterVarValueCreateSimpleCopyValue(value)))
Pablo Greco 40546a 
+        return -1;
Pablo Greco 40546a 
+
Pablo Greco 40546a 
+    if (virHashAddEntry(table, var, val) < 0) {
Pablo Greco 40546a 
+        virNWFilterVarValueFree(val);
Pablo Greco 40546a 
+        return -1;
Pablo Greco 40546a 
+    }
Pablo Greco 40546a 
+
Pablo Greco 40546a 
+    return 0;
Pablo Greco 40546a 
+}
Pablo Greco 40546a 
+
Pablo Greco 40546a 
+
Pablo Greco 40546a 
 /*
Pablo Greco 40546a 
  * Call this function while holding the NWFilter filter update lock
Pablo Greco 40546a 
  */
Pablo Greco 40546a 
@@ -719,7 +687,7 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver,
Pablo Greco 40546a 
                                    bool forceWithPendingReq,
Pablo Greco 40546a 
                                    bool *foundNewFilter)
Pablo Greco 40546a 
 {
Pablo Greco 40546a 
-    int rc;
Pablo Greco 40546a 
+    int rc = -1;
Pablo Greco 40546a 
     const char *drvname = EBIPTABLES_DRIVER_ID;
Pablo Greco 40546a 
     virNWFilterTechDriverPtr techdriver;
Pablo Greco 40546a 
     virNWFilterObjPtr obj;
Pablo Greco 40546a 
@@ -745,14 +713,18 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver,
Pablo Greco 40546a 
         return -1;
Pablo Greco 40546a
Pablo Greco 40546a 
     virMacAddrFormat(&binding->mac, vmmacaddr);
Pablo Greco 40546a 
+    if (virNWFilterVarHashmapAddStdValue(binding->filterparams,
Pablo Greco 40546a 
+                                         NWFILTER_STD_VAR_MAC,
Pablo Greco 40546a 
+                                         vmmacaddr) < 0)
Pablo Greco 40546a 
+        goto err_exit;
Pablo Greco 40546a
Pablo Greco 40546a 
     ipaddr = virNWFilterIPAddrMapGetIPAddr(binding->portdevname);
Pablo Greco 40546a 
-
Pablo Greco 40546a 
-    if (virNWFilterVarHashmapAddStdValues(binding->filterparams,
Pablo Greco 40546a 
-                                          vmmacaddr, ipaddr) < 0) {
Pablo Greco 40546a 
-        rc = -1;
Pablo Greco 40546a 
+    if (ipaddr &&
Pablo Greco 40546a 
+        virNWFilterVarHashmapAddStdValue(binding->filterparams,
Pablo Greco 40546a 
+                                         NWFILTER_STD_VAR_IP,
Pablo Greco 40546a 
+                                         virNWFilterVarValueGetSimple(ipaddr)) < 0)
Pablo Greco 40546a 
         goto err_exit;
Pablo Greco 40546a 
-    }
Pablo Greco 40546a 
+
Pablo Greco 40546a
Pablo Greco 40546a 
     filter = virNWFilterObjGetDef(obj);
Pablo Greco 40546a
Pablo Greco 40546a 
--
Pablo Greco 40546a 
2.22.0
Pablo Greco 40546a

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation