rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-nwfilter-fix-adding-std-MAC-and-IP-values-to-filter-binding.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   25aafcd906f87e2833d18c85071d9ee3858b03dd
  2.   SOURCES
  3.   libvirt-nwfilter-fix-adding-std-MAC-and-IP-values-to-filter-binding.patch
Blob History Raw
99cbc7 
From f6e6fee82c36159f5f4b52c3926c95b1f6e40e5d Mon Sep 17 00:00:00 2001
99cbc7 
Message-Id: <f6e6fee82c36159f5f4b52c3926c95b1f6e40e5d@dist-git>
99cbc7 
From: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
99cbc7 
Date: Tue, 30 Apr 2019 18:00:59 +0100
99cbc7 
Subject: [PATCH] nwfilter: fix adding std MAC and IP values to filter binding
99cbc7 
MIME-Version: 1.0
99cbc7 
Content-Type: text/plain; charset=UTF-8
99cbc7 
Content-Transfer-Encoding: 8bit
99cbc7
99cbc7 
Commit d1a7c08eb changed filter instantiation code to ignore MAC and IP
99cbc7 
variables explicitly specified for filter binding. It just replaces
99cbc7 
explicit values with values associated with the binding. Before the
99cbc7 
commit virNWFilterCreateVarsFrom was used so that explicit value
99cbc7 
take precedence. Let's bring old behavior back.
99cbc7
99cbc7 
This is useful. For example if domain has two interfaces it makes
99cbc7 
sense to list both mac adresses in MAC var of every interface
99cbc7 
filterref. So that if guest make a bond of these interfaces
99cbc7 
and start sending frames with one of the mac adresses from
99cbc7 
both interfaces we can pass outgress traffic from both
99cbc7 
interfaces too.
99cbc7
99cbc7 
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
99cbc7 
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
99cbc7 
(cherry picked from commit 01e11ebcb6e8f24662b7c67b70134c192785691c)
99cbc7
99cbc7 
https://bugzilla.redhat.com/show_bug.cgi?id=1691358
99cbc7
99cbc7 
Message-Id: <20190430170059.25891-1-berrange@redhat.com>
99cbc7 
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
99cbc7 
---
99cbc7 
 src/nwfilter/nwfilter_gentech_driver.c | 92 +++++++++-----------------
99cbc7 
 1 file changed, 32 insertions(+), 60 deletions(-)
99cbc7
99cbc7 
diff --git a/src/nwfilter/nwfilter_gentech_driver.c b/src/nwfilter/nwfilter_gentech_driver.c
99cbc7 
index e5dea91f83..ece5d28f41 100644
99cbc7 
--- a/src/nwfilter/nwfilter_gentech_driver.c
99cbc7 
+++ b/src/nwfilter/nwfilter_gentech_driver.c
99cbc7 
@@ -128,60 +128,6 @@ virNWFilterRuleInstFree(virNWFilterRuleInstPtr inst)
99cbc7 
 }
99cbc7
99cbc7
99cbc7 
-/**
99cbc7 
- * virNWFilterVarHashmapAddStdValues:
99cbc7 
- * @tables: pointer to hash tabel to add values to
99cbc7 
- * @macaddr: The string of the MAC address to add to the hash table,
99cbc7 
- *    may be NULL
99cbc7 
- * @ipaddr: The string of the IP address to add to the hash table;
99cbc7 
- *    may be NULL
99cbc7 
- *
99cbc7 
- * Returns 0 in case of success, -1 in case an error happened with
99cbc7 
- * error having been reported.
99cbc7 
- *
99cbc7 
- * Adds a couple of standard keys (MAC, IP) to the hash table.
99cbc7 
- */
99cbc7 
-static int
99cbc7 
-virNWFilterVarHashmapAddStdValues(virHashTablePtr table,
99cbc7 
-                                  const char *macaddr,
99cbc7 
-                                  const virNWFilterVarValue *ipaddr)
99cbc7 
-{
99cbc7 
-    virNWFilterVarValue *val;
99cbc7 
-
99cbc7 
-    if (macaddr) {
99cbc7 
-        val = virNWFilterVarValueCreateSimpleCopyValue(macaddr);
99cbc7 
-        if (!val)
99cbc7 
-            return -1;
99cbc7 
-
99cbc7 
-        if (virHashUpdateEntry(table,
99cbc7 
-                               NWFILTER_STD_VAR_MAC,
99cbc7 
-                               val) < 0) {
99cbc7 
-            virNWFilterVarValueFree(val);
99cbc7 
-            virReportError(VIR_ERR_INTERNAL_ERROR,
99cbc7 
-                           "%s", _("Could not add variable 'MAC' to hashmap"));
99cbc7 
-            return -1;
99cbc7 
-        }
99cbc7 
-    }
99cbc7 
-
99cbc7 
-    if (ipaddr) {
99cbc7 
-        val = virNWFilterVarValueCopy(ipaddr);
99cbc7 
-        if (!val)
99cbc7 
-            return -1;
99cbc7 
-
99cbc7 
-        if (virHashUpdateEntry(table,
99cbc7 
-                               NWFILTER_STD_VAR_IP,
99cbc7 
-                               val) < 0) {
99cbc7 
-            virNWFilterVarValueFree(val);
99cbc7 
-            virReportError(VIR_ERR_INTERNAL_ERROR,
99cbc7 
-                           "%s", _("Could not add variable 'IP' to hashmap"));
99cbc7 
-            return -1;
99cbc7 
-        }
99cbc7 
-    }
99cbc7 
-
99cbc7 
-    return 0;
99cbc7 
-}
99cbc7 
-
99cbc7 
-
99cbc7 
 /**
99cbc7 
  * Convert a virHashTable into a string of comma-separated
99cbc7 
  * variable names.
99cbc7 
@@ -707,6 +653,28 @@ virNWFilterDoInstantiate(virNWFilterTechDriverPtr techdriver,
99cbc7 
 }
99cbc7
99cbc7
99cbc7 
+static int
99cbc7 
+virNWFilterVarHashmapAddStdValue(virHashTablePtr table,
99cbc7 
+                                 const char *var,
99cbc7 
+                                 const char *value)
99cbc7 
+{
99cbc7 
+    virNWFilterVarValue *val;
99cbc7 
+
99cbc7 
+    if (virHashLookup(table, var))
99cbc7 
+        return 0;
99cbc7 
+
99cbc7 
+    if (!(val = virNWFilterVarValueCreateSimpleCopyValue(value)))
99cbc7 
+        return -1;
99cbc7 
+
99cbc7 
+    if (virHashAddEntry(table, var, val) < 0) {
99cbc7 
+        virNWFilterVarValueFree(val);
99cbc7 
+        return -1;
99cbc7 
+    }
99cbc7 
+
99cbc7 
+    return 0;
99cbc7 
+}
99cbc7 
+
99cbc7 
+
99cbc7 
 /*
99cbc7 
  * Call this function while holding the NWFilter filter update lock
99cbc7 
  */
99cbc7 
@@ -719,7 +687,7 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver,
99cbc7 
                                    bool forceWithPendingReq,
99cbc7 
                                    bool *foundNewFilter)
99cbc7 
 {
99cbc7 
-    int rc;
99cbc7 
+    int rc = -1;
99cbc7 
     const char *drvname = EBIPTABLES_DRIVER_ID;
99cbc7 
     virNWFilterTechDriverPtr techdriver;
99cbc7 
     virNWFilterObjPtr obj;
99cbc7 
@@ -745,14 +713,18 @@ virNWFilterInstantiateFilterUpdate(virNWFilterDriverStatePtr driver,
99cbc7 
         return -1;
99cbc7
99cbc7 
     virMacAddrFormat(&binding->mac, vmmacaddr);
99cbc7 
+    if (virNWFilterVarHashmapAddStdValue(binding->filterparams,
99cbc7 
+                                         NWFILTER_STD_VAR_MAC,
99cbc7 
+                                         vmmacaddr) < 0)
99cbc7 
+        goto err_exit;
99cbc7
99cbc7 
     ipaddr = virNWFilterIPAddrMapGetIPAddr(binding->portdevname);
99cbc7 
-
99cbc7 
-    if (virNWFilterVarHashmapAddStdValues(binding->filterparams,
99cbc7 
-                                          vmmacaddr, ipaddr) < 0) {
99cbc7 
-        rc = -1;
99cbc7 
+    if (ipaddr &&
99cbc7 
+        virNWFilterVarHashmapAddStdValue(binding->filterparams,
99cbc7 
+                                         NWFILTER_STD_VAR_IP,
99cbc7 
+                                         virNWFilterVarValueGetSimple(ipaddr)) < 0)
99cbc7 
         goto err_exit;
99cbc7 
-    }
99cbc7 
+
99cbc7
99cbc7 
     filter = virNWFilterObjGetDef(obj);
99cbc7
99cbc7 
--
99cbc7 
2.21.0
99cbc7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation