[libvirt] [PATCH] add a default event handle, to passthough the new events come from qemu
by shaohef@linux.vnet.ibm.com
From: Shaohe Feng <shaohef(a)linux.vnet.ibm.com>
Basically, this feature can go along with qemu monitor passthrough.
That way, if we use new commands in the monitor that generate new events, we want
some way to receive those new events too.
In order to test this patch, see the attached python test case. When domains are started,
it will be able to catch RESUME events.
Signed-off-by: Shaohe Feng <shaohef(a)linux.vnet.ibm.com>
---
daemon/remote.c | 34 ++++++++++++++++++++++
include/libvirt/libvirt.h.in | 14 +++++++++
python/libvirt-override-virConnect.py | 12 ++++++++
python/libvirt-override.c | 50 +++++++++++++++++++++++++++++++++
src/conf/domain_event.c | 46 ++++++++++++++++++++++++++++++
src/conf/domain_event.h | 5 +++
src/libvirt_private.syms | 2 +
src/qemu/qemu_monitor.c | 9 ++++++
src/qemu/qemu_monitor.h | 6 ++++
src/qemu/qemu_monitor_json.c | 31 ++++++++++++++++++++
src/qemu/qemu_process.c | 23 +++++++++++++++
src/remote/remote_driver.c | 31 ++++++++++++++++++++
src/remote/remote_protocol.x | 8 ++++-
src/remote_protocol-structs | 5 +++
14 files changed, 275 insertions(+), 1 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 245d41c..ef7d513 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -426,6 +426,38 @@ mem_error:
return -1;
}
+static int remoteRelayDomainEventDefault(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virDomainPtr dom,
+ const char *rawEvent,
+ void *opaque)
+{
+ virNetServerClientPtr client = opaque;
+ remote_domain_event_default_event_msg data;
+
+ if (!client)
+ return -1;
+
+ VIR_DEBUG("Relaying domain default event event %s %d %s",
+ dom->name, dom->id, rawEvent);
+
+ /* build return data */
+ memset(&data, 0, sizeof data);
+ data.rawEvent = (char*)strdup(rawEvent);
+ if (data.rawEvent == NULL)
+ goto mem_error;
+ make_nonnull_domain(&data.dom, dom);
+ remoteDispatchDomainEventSend(client, remoteProgram,
+ REMOTE_PROC_DOMAIN_EVENT_DEFAULT_EVENT,
+ (xdrproc_t)xdr_remote_domain_event_default_event_msg, &data);
+
+ return 0;
+
+mem_error:
+ virReportOOMError();
+ VIR_FREE(data.rawEvent);
+ return -1;
+}
+
static int remoteRelayDomainEventControlError(virConnectPtr conn ATTRIBUTE_UNUSED,
virDomainPtr dom,
@@ -461,6 +493,8 @@ static virConnectDomainEventGenericCallback domainEventCallbacks[] = {
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventIOErrorReason),
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventControlError),
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventBlockJob),
+ VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventDefault),
+
};
verify(ARRAY_CARDINALITY(domainEventCallbacks) == VIR_DOMAIN_EVENT_ID_LAST);
diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
index 07617be..5ccf8c7 100644
--- a/include/libvirt/libvirt.h.in
+++ b/include/libvirt/libvirt.h.in
@@ -2975,6 +2975,19 @@ typedef void (*virConnectDomainEventBlockJobCallback)(virConnectPtr conn,
int type,
int status,
void *opaque);
+/**
+ * virConnectDomainEventDefaultCallback:
+ * @conn: connection object
+ * @dom: domain on which the event occurred
+ * @rawEvent: the content of the unknow or un-implementation event
+ *
+ * The callback signature to use when registering for an event of type
+ * VIR_DOMAIN_EVENT_ID_DEFAULT with virConnectDomainEventRegisterAny()
+ */
+typedef void (*virConnectDomainEventDefaultCallback)(virConnectPtr conn,
+ virDomainPtr dom,
+ const char *rawEvent,
+ void *opaque);
/**
* VIR_DOMAIN_EVENT_CALLBACK:
@@ -2995,6 +3008,7 @@ typedef enum {
VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON = 6, /* virConnectDomainEventIOErrorReasonCallback */
VIR_DOMAIN_EVENT_ID_CONTROL_ERROR = 7, /* virConnectDomainEventGenericCallback */
VIR_DOMAIN_EVENT_ID_BLOCK_JOB = 8, /* virConnectDomainEventBlockJobCallback */
+ VIR_DOMAIN_EVENT_ID_DEFAULT = 9, /* virConnectDomainEventDefaultCallback */
/*
* NB: this enum value will increase over time as new events are
diff --git a/python/libvirt-override-virConnect.py b/python/libvirt-override-virConnect.py
index 65b5342..f00cbb9 100644
--- a/python/libvirt-override-virConnect.py
+++ b/python/libvirt-override-virConnect.py
@@ -125,6 +125,18 @@
except AttributeError:
pass
+ def dispatchDomainEventDefaultCallback(self, dom, path, cbData):
+ """Dispatches events to python user Default event callbacks
+ """
+ try:
+ cb = cbData["cb"]
+ opaque = cbData["opaque"]
+
+ cb(self, virDomain(self, _obj=dom), path, opaque)
+ return 0
+ except AttributeError:
+ pass
+
def domainEventDeregisterAny(self, callbackID):
"""Removes a Domain Event Callback. De-registering for a
domain callback will disable delivery of this event type """
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index d65423d..c674390 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -4329,6 +4329,53 @@ libvirt_virConnectDomainEventBlockJobCallback(virConnectPtr conn ATTRIBUTE_UNUSE
return ret;
}
+static int
+libvirt_virConnectDomainEventDefaultCallback(virConnectPtr conn ATTRIBUTE_UNUSED,
+ virDomainPtr dom,
+ const char *rawEvent,
+ void *opaque)
+{
+ PyObject *pyobj_cbData = (PyObject*)opaque;
+ PyObject *pyobj_dom;
+ PyObject *pyobj_ret;
+ PyObject *pyobj_conn;
+ PyObject *dictKey;
+ int ret = -1;
+
+ LIBVIRT_ENSURE_THREAD_STATE;
+
+ /* Create a python instance of this virDomainPtr */
+ virDomainRef(dom);
+ pyobj_dom = libvirt_virDomainPtrWrap(dom);
+ Py_INCREF(pyobj_cbData);
+
+ dictKey = libvirt_constcharPtrWrap("conn");
+ pyobj_conn = PyDict_GetItem(pyobj_cbData, dictKey);
+ Py_DECREF(dictKey);
+
+ /* Call the Callback Dispatcher */
+ pyobj_ret = PyObject_CallMethod(pyobj_conn,
+ (char*)"dispatchDomainEventDefaultCallback",
+ (char*)"OsO",
+ pyobj_dom, rawEvent, pyobj_cbData);
+
+ Py_DECREF(pyobj_cbData);
+ Py_DECREF(pyobj_dom);
+
+ if (!pyobj_ret) {
+#if DEBUG_ERROR
+ printf("%s - ret:%p\n", __FUNCTION__, pyobj_ret);
+#endif
+ PyErr_Print();
+ } else {
+ Py_DECREF(pyobj_ret);
+ ret = 0;
+ }
+
+ LIBVIRT_RELEASE_THREAD_STATE;
+ return ret;
+}
+
static PyObject *
libvirt_virConnectDomainEventRegisterAny(ATTRIBUTE_UNUSED PyObject * self,
PyObject * args)
@@ -4386,6 +4433,9 @@ libvirt_virConnectDomainEventRegisterAny(ATTRIBUTE_UNUSED PyObject * self,
case VIR_DOMAIN_EVENT_ID_BLOCK_JOB:
cb = VIR_DOMAIN_EVENT_CALLBACK(libvirt_virConnectDomainEventBlockJobCallback);
break;
+ case VIR_DOMAIN_EVENT_ID_DEFAULT:
+ cb = VIR_DOMAIN_EVENT_CALLBACK(libvirt_virConnectDomainEventDefaultCallback);
+ break;
}
if (!cb) {
diff --git a/src/conf/domain_event.c b/src/conf/domain_event.c
index 3189346..04f44fb 100644
--- a/src/conf/domain_event.c
+++ b/src/conf/domain_event.c
@@ -88,6 +88,9 @@ struct _virDomainEvent {
int type;
int status;
} blockJob;
+ struct {
+ char *rawEvent;
+ }defaultEvent;
} data;
};
@@ -509,6 +512,9 @@ void virDomainEventFree(virDomainEventPtr event)
case VIR_DOMAIN_EVENT_ID_BLOCK_JOB:
VIR_FREE(event->data.blockJob.path);
break;
+ case VIR_DOMAIN_EVENT_ID_DEFAULT:
+ VIR_FREE(event->data.defaultEvent.rawEvent);
+ break;
}
VIR_FREE(event->dom.name);
@@ -923,6 +929,40 @@ virDomainEventPtr virDomainEventBlockJobNewFromDom(virDomainPtr dom,
path, type, status);
}
+static virDomainEventPtr
+virDomainEventDefaultNew(int id, const char *name, unsigned char *uuid,
+ const char *rawEvent)
+{
+ virDomainEventPtr ev =
+ virDomainEventNewInternal(VIR_DOMAIN_EVENT_ID_DEFAULT,
+ id, name, uuid);
+ if (ev) {
+ if (!(ev->data.defaultEvent.rawEvent = strdup(rawEvent))) {
+ virReportOOMError();
+ VIR_FREE(ev->dom.name);
+ VIR_FREE(ev);
+ return NULL;
+ }
+ }
+
+ return ev;
+}
+
+virDomainEventPtr virDomainEventDefaultNewFromObj(virDomainObjPtr obj,
+ const char *rawEvent)
+{
+
+ return virDomainEventDefaultNew(obj->def->id, obj->def->name,
+ obj->def->uuid, rawEvent);
+}
+
+virDomainEventPtr virDomainEventDefaultNewFromDom(virDomainPtr dom,
+ const char *rawEvent)
+{
+ return virDomainEventDefaultNew(dom->id, dom->name, dom->uuid,
+ rawEvent);
+}
+
virDomainEventPtr virDomainEventControlErrorNewFromDom(virDomainPtr dom)
{
virDomainEventPtr ev =
@@ -1083,6 +1123,12 @@ void virDomainEventDispatchDefaultFunc(virConnectPtr conn,
cbopaque);
break;
+ case VIR_DOMAIN_EVENT_ID_DEFAULT:
+ ((virConnectDomainEventDefaultCallback)cb)(conn, dom,
+ event->data.defaultEvent.rawEvent,
+ cbopaque);
+ break;
+
default:
VIR_WARN("Unexpected event ID %d", event->eventID);
break;
diff --git a/src/conf/domain_event.h b/src/conf/domain_event.h
index b06be16..401f781 100644
--- a/src/conf/domain_event.h
+++ b/src/conf/domain_event.h
@@ -178,6 +178,11 @@ virDomainEventPtr virDomainEventBlockJobNewFromDom(virDomainPtr dom,
int type,
int status);
+virDomainEventPtr virDomainEventDefaultNewFromObj(virDomainObjPtr obj,
+ const char *rawEvent);
+virDomainEventPtr virDomainEventDefaultNewFromDom(virDomainPtr dom,
+ const char *rawEvent);
+
int virDomainEventQueuePush(virDomainEventQueuePtr evtQueue,
virDomainEventPtr event);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 1ac486f..1dcfc3e 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -457,6 +457,8 @@ virDomainWatchdogModelTypeToString;
# domain_event.h
virDomainEventBlockJobNewFromObj;
virDomainEventBlockJobNewFromDom;
+virDomainEventDefaultNewFromObj;
+virDomainEventDefaultNewFromDom;
virDomainEventCallbackListAdd;
virDomainEventCallbackListAddID;
virDomainEventCallbackListCount;
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index c9dd69e..a2b4036 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -976,6 +976,15 @@ int qemuMonitorEmitBlockJob(qemuMonitorPtr mon,
return ret;
}
+int qemuMonitorEmitDefaultEvent(qemuMonitorPtr mon,
+ const char *rawEvent)
+{
+ int ret = -1;
+ VIR_DEBUG("mon=%p", mon);
+ QEMU_MONITOR_CALLBACK(mon, ret, domainDefaultEvent, mon->vm,
+ rawEvent);
+ return ret;
+}
int qemuMonitorSetCapabilities(qemuMonitorPtr mon)
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index 3ec78ad..23a03e5 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -123,6 +123,9 @@ struct _qemuMonitorCallbacks {
const char *diskAlias,
int type,
int status);
+ int (*domainDefaultEvent)(qemuMonitorPtr mon,
+ virDomainObjPtr vm,
+ const char *rawEvent)
};
@@ -194,6 +197,9 @@ int qemuMonitorEmitBlockJob(qemuMonitorPtr mon,
int type,
int status);
+int qemuMonitorEmitDefaultEvent(qemuMonitorPtr mon,
+ const char *rawEvent);
+
int qemuMonitorStartCPUs(qemuMonitorPtr mon,
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 3d383c8..dab03cd 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -58,6 +58,7 @@ static void qemuMonitorJSONHandleVNCConnect(qemuMonitorPtr mon, virJSONValuePtr
static void qemuMonitorJSONHandleVNCInitialize(qemuMonitorPtr mon, virJSONValuePtr data);
static void qemuMonitorJSONHandleVNCDisconnect(qemuMonitorPtr mon, virJSONValuePtr data);
static void qemuMonitorJSONHandleBlockJob(qemuMonitorPtr mon, virJSONValuePtr data);
+static void qemuMonitorJSONHandleDefaultEvent(qemuMonitorPtr mon, virJSONValuePtr data);
struct {
const char *type;
@@ -74,6 +75,7 @@ struct {
{ "VNC_INITIALIZED", qemuMonitorJSONHandleVNCInitialize, },
{ "VNC_DISCONNECTED", qemuMonitorJSONHandleVNCDisconnect, },
{ "BLOCK_JOB_COMPLETED", qemuMonitorJSONHandleBlockJob, },
+ { "DEFAULT_UNKNOW_EVENT", qemuMonitorJSONHandleDefaultEvent, },
};
@@ -83,6 +85,7 @@ qemuMonitorJSONIOProcessEvent(qemuMonitorPtr mon,
{
const char *type;
int i;
+ int findEventFlag = -1;
VIR_DEBUG("mon=%p obj=%p", mon, obj);
type = virJSONValueObjectGetString(obj, "event");
@@ -98,9 +101,24 @@ qemuMonitorJSONIOProcessEvent(qemuMonitorPtr mon,
VIR_DEBUG("handle %s handler=%p data=%p", type,
eventHandlers[i].handler, data);
(eventHandlers[i].handler)(mon, data);
+ findEventFlag = 0;
break;
}
}
+ if (findEventFlag != 0) {
+ if (!STREQ(eventHandlers[ARRAY_CARDINALITY(eventHandlers)-1].type, "DEFAULT_UNKNOW_EVENT")) {
+ VIR_ERROR("the last element is not the default event handler");
+ }
+ else {
+ char *event = NULL;
+ event = virJSONValueToString(obj);
+ if (event != NULL){
+ VIR_DEBUG("Unknow event,call default event handler %s",event);
+ free(event);
+ }
+ (eventHandlers[ARRAY_CARDINALITY(eventHandlers)-1].handler)(mon, obj);
+ }
+ }
return 0;
}
@@ -720,6 +738,19 @@ out:
}
+static void qemuMonitorJSONHandleDefaultEvent(qemuMonitorPtr mon, virJSONValuePtr data)
+{
+ char *defaultEventStr = NULL;
+ defaultEventStr = virJSONValueToString(data);
+ if (defaultEventStr == NULL){
+ VIR_ERROR("Can not get string form JSONValue");
+ return;
+ }
+ qemuMonitorEmitDefaultEvent(mon, defaultEventStr);
+ free(defaultEventStr);
+}
+
+
int
qemuMonitorJSONHumanCommandWithFd(qemuMonitorPtr mon,
const char *cmd_str,
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index a7fe86c..46881eb 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -713,6 +713,28 @@ qemuProcessHandleBlockJob(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
}
static int
+qemuProcessHandleDefaultEvent(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
+ virDomainObjPtr vm,
+ const char *rawEvent)
+{
+ struct qemud_driver *driver = qemu_driver;
+ virDomainEventPtr event = NULL;
+
+ virDomainObjLock(vm);
+ event = virDomainEventDefaultNewFromObj(vm, rawEvent);
+
+ virDomainObjUnlock(vm);
+
+ if (event) {
+ qemuDriverLock(driver);
+ qemuDomainEventQueue(driver, event);
+ qemuDriverUnlock(driver);
+ }
+
+ return 0;
+}
+
+static int
qemuProcessHandleGraphics(qemuMonitorPtr mon ATTRIBUTE_UNUSED,
virDomainObjPtr vm,
int phase,
@@ -829,6 +851,7 @@ static qemuMonitorCallbacks monitorCallbacks = {
.domainIOError = qemuProcessHandleIOError,
.domainGraphics = qemuProcessHandleGraphics,
.domainBlockJob = qemuProcessHandleBlockJob,
+ .domainDefaultEvent = qemuProcessHandleDefaultEvent,
};
static int
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 2b2f41e..9648661 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -228,6 +228,11 @@ remoteDomainBuildEventBlockJob(virNetClientProgramPtr prog,
virNetClientPtr client,
void *evdata, void *opaque);
+static void
+remoteDomainBuildEventDefaultEvent(virNetClientProgramPtr prog,
+ virNetClientPtr client,
+ void *evdata, void *opaque);
+
static virNetClientProgramEvent remoteDomainEvents[] = {
{ REMOTE_PROC_DOMAIN_EVENT_RTC_CHANGE,
remoteDomainBuildEventRTCChange,
@@ -265,6 +270,10 @@ static virNetClientProgramEvent remoteDomainEvents[] = {
remoteDomainBuildEventBlockJob,
sizeof(remote_domain_event_block_job_msg),
(xdrproc_t)xdr_remote_domain_event_block_job_msg },
+ { REMOTE_PROC_DOMAIN_EVENT_DEFAULT_EVENT,
+ remoteDomainBuildEventDefaultEvent,
+ sizeof(remote_domain_event_default_event_msg),
+ (xdrproc_t)xdr_remote_domain_event_default_event_msg },
};
enum virDrvOpenRemoteFlags {
@@ -3220,6 +3229,28 @@ remoteDomainBuildEventBlockJob(virNetClientProgramPtr prog ATTRIBUTE_UNUSED,
}
static void
+remoteDomainBuildEventDefaultEvent(virNetClientProgramPtr prog ATTRIBUTE_UNUSED,
+ virNetClientPtr client ATTRIBUTE_UNUSED,
+ void *evdata, void *opaque)
+{
+ virConnectPtr conn = opaque;
+ struct private_data *priv = conn->privateData;
+ remote_domain_event_default_event_msg *msg = evdata;
+ virDomainPtr dom;
+ virDomainEventPtr event = NULL;
+
+ dom = get_nonnull_domain(conn, msg->dom);
+ if (!dom)
+ return;
+
+ event = virDomainEventDefaultNewFromDom(dom, msg->rawEvent);
+
+ virDomainFree(dom);
+
+ remoteDomainEventQueue(priv, event);
+}
+
+static void
remoteDomainBuildEventGraphics(virNetClientProgramPtr prog ATTRIBUTE_UNUSED,
virNetClientPtr client ATTRIBUTE_UNUSED,
void *evdata, void *opaque)
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
index c8a92fd..81c6a4e 100644
--- a/src/remote/remote_protocol.x
+++ b/src/remote/remote_protocol.x
@@ -2010,6 +2010,11 @@ struct remote_domain_event_block_job_msg {
int status;
};
+struct remote_domain_event_default_event_msg {
+ remote_nonnull_domain dom;
+ remote_nonnull_string rawEvent;
+};
+
struct remote_domain_managed_save_args {
remote_nonnull_domain dom;
unsigned int flags;
@@ -2525,7 +2530,8 @@ enum remote_procedure {
REMOTE_PROC_DOMAIN_MIGRATE_GET_MAX_SPEED = 242, /* autogen autogen */
REMOTE_PROC_DOMAIN_BLOCK_STATS_FLAGS = 243, /* skipgen skipgen */
REMOTE_PROC_DOMAIN_SNAPSHOT_GET_PARENT = 244, /* autogen autogen */
- REMOTE_PROC_DOMAIN_RESET = 245 /* autogen autogen */
+ REMOTE_PROC_DOMAIN_RESET = 245, /* autogen autogen */
+ REMOTE_PROC_DOMAIN_EVENT_DEFAULT_EVENT = 246 /* skipgen skipgen */
/*
* Notice how the entries are grouped in sets of 10 ?
diff --git a/src/remote_protocol-structs b/src/remote_protocol-structs
index 69175cc..7d0d0d4 100644
--- a/src/remote_protocol-structs
+++ b/src/remote_protocol-structs
@@ -1509,6 +1509,10 @@ struct remote_domain_event_block_job_msg {
int type;
int status;
};
+struct remote_domain_event_default_event_msg {
+ remote_nonnull_domain dom;
+ remote_nonnull_string rawEvent;
+};
struct remote_domain_managed_save_args {
remote_nonnull_domain dom;
u_int flags;
@@ -1971,4 +1975,5 @@ enum remote_procedure {
REMOTE_PROC_DOMAIN_BLOCK_STATS_FLAGS = 243,
REMOTE_PROC_DOMAIN_SNAPSHOT_GET_PARENT = 244,
REMOTE_PROC_DOMAIN_RESET = 245,
+ REMOTE_PROC_DOMAIN_EVENT_DEFAULT_EVENT = 246,
};
--
1.7.6
12 years, 11 months
- 9
- 15
[libvirt] [PATCH RESEND] qemu: Do not free the device from activePciHostdevs if it's in use
by Osier Yang
* src/qemu/qemu_hostdev.c (qemuDomainReAttachHostdevDevices):
pciDeviceListFree(pcidevs) in the end free()s the device even if
it's in use by other domain, which can cause rase.
How to reproduce:
<script>
virsh nodedev-dettach pci_0000_00_19_0
virsh start test
virsh attach-device test hostdev.xml
virsh start test2
for i in {1..5}; do
echo "[ -- ${i}th time --]"
virsh nodedev-reattach pci_0000_00_19_0
done
echo "clean up"
virsh destroy test
virsh nodedev-reattach pci_0000_00_19_0
</script>
Device pci_0000_00_19_0 dettached
Domain test started
Device attached successfully
error: Failed to start domain test2
error: Requested operation is not valid: PCI device 0000:00:19.0 is in use by domain test
[ -- 1th time --]
Device pci_0000_00_19_0 re-attached
[ -- 2th time --]
Device pci_0000_00_19_0 re-attached
[ -- 3th time --]
Device pci_0000_00_19_0 re-attached
[ -- 4th time --]
Device pci_0000_00_19_0 re-attached
[ -- 5th time --]
Device pci_0000_00_19_0 re-attached
clean up
Domain test destroyed
Device pci_0000_00_19_0 re-attached
The patch also fixes another problem, there won't be error like
"qemuDomainReAttachHostdevDevices: Not reattaching active
device 0000:00:19.0" in daemon log if some device is in active.
As pciResetDevice and pciReattachDevice won't be called for
the device anymore. This is sensiable as we already reported
error when preparing the device if it's active. Blindly trying
to pciResetDevice & pciReattachDevice on the device and getting
an error is just redundant.
---
src/qemu/qemu_hostdev.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c
index 9137388..60401f0 100644
--- a/src/qemu/qemu_hostdev.c
+++ b/src/qemu/qemu_hostdev.c
@@ -414,8 +414,10 @@ void qemuDomainReAttachHostdevDevices(struct qemud_driver *driver,
*/
activeDev = pciDeviceListFind(driver->activePciHostdevs, dev);
if (activeDev &&
- STRNEQ_NULLABLE(name, pciDeviceGetUsedBy(activeDev)))
+ STRNEQ_NULLABLE(name, pciDeviceGetUsedBy(activeDev))) {
+ pciDeviceListSteal(pcidevs, dev);
continue;
+ }
/* pciDeviceListFree() will take care of freeing the dev. */
pciDeviceListSteal(driver->activePciHostdevs, dev);
--
1.7.7.3
12 years, 11 months
- 2
- 2
[libvirt] [PATCH RESEND] qemu: Honor the original properties of PCI device when detaching
by Osier Yang
This patch fixes two problems:
1) The device will be reattached to host even if it's not
managed, as there is a "pciDeviceSetManaged".
2) The device won't be reattached to host with original
driver properly. As it doesn't honor the device original
properties which are maintained by driver->activePciHostdevs.
---
src/qemu/qemu_hotplug.c | 17 +++++++++--------
1 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 96c0070..19e4a41 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1960,6 +1960,7 @@ int qemuDomainDetachHostPciDevice(struct qemud_driver *driver,
qemuDomainObjPrivatePtr priv = vm->privateData;
int i, ret;
pciDevice *pci;
+ pciDevice *activePci;
for (i = 0 ; i < vm->def->nhostdevs ; i++) {
if (vm->def->hostdevs[i]->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS ||
@@ -2019,16 +2020,16 @@ int qemuDomainDetachHostPciDevice(struct qemud_driver *driver,
detach->source.subsys.u.pci.bus,
detach->source.subsys.u.pci.slot,
detach->source.subsys.u.pci.function);
- if (!pci)
- ret = -1;
- else {
- pciDeviceSetManaged(pci, detach->managed);
- pciDeviceListDel(driver->activePciHostdevs, pci);
- if (pciResetDevice(pci, driver->activePciHostdevs, NULL) < 0)
+ if (pci) {
+ activePci = pciDeviceListSteal(driver->activePciHostdevs, pci);
+ if (pciResetDevice(activePci, driver->activePciHostdevs, NULL))
+ qemuReattachPciDevice(activePci, driver);
+ else
ret = -1;
- pciDeviceReAttachInit(pci);
- qemuReattachPciDevice(pci, driver);
pciFreeDevice(pci);
+ pciFreeDevice(activePci);
+ } else {
+ ret = -1;
}
if (qemuCapsGet(priv->qemuCaps, QEMU_CAPS_DEVICE) &&
--
1.7.7.3
12 years, 11 months
- 2
- 2
[libvirt] [PATCH 0/4] Add support for QEMU guest agent control
by Daniel P. Berrange
The QEMU guest agent "/usr/bin/qemu-ga" has some handy functions
for controlling the guest, not least, shutdown/reboot and filesystem
freeze/thaw.
In Fedora 15/16 the semantics of the ACPI power button have been
changed to suspend-to-RAM which breaks our current shutdown
implementation.
By adding support for the agent we gain a more predictable way
to shutdown / reboot guests.
NB: the code currently has the same "flaw" as the monitor, in
so much as we wait forever for a guest agent reply. We need to
add a timeout ability to the agent code
12 years, 11 months
- 3
- 17
[libvirt] [test-API][PATCH 1/2] Add support for spice graphics
by Nan Zhang
* utils/Python/xmlgenerator.py: This extends graphics element for spice
XML composing, and support sub-elements settings for audio, images,
streaming and so on:
<graphics type='spice' autoport='yes'>
<image compression='auto_glz'/>
<jpeg compression='auto'/>
<zlib compression='auto'/>
<playback compression='on'/>
<streaming mode='filter'/>
<clipboard copypaste='no'/>
</graphics>
* utils/Python/xmlbuilder.py: Add 2 methods add_graphics() and
build_graphics() to XmlBuilder class.
---
utils/Python/xmlbuilder.py | 36 +++++++++++++++++++++++-
utils/Python/xmlgenerator.py | 62 +++++++++++++++++++++++++++++++++++++----
2 files changed, 91 insertions(+), 7 deletions(-)
diff --git a/utils/Python/xmlbuilder.py b/utils/Python/xmlbuilder.py
index 5a0f8c8..739eccb 100644
--- a/utils/Python/xmlbuilder.py
+++ b/utils/Python/xmlbuilder.py
@@ -64,6 +64,13 @@ class XmlBuilder:
hostdev_node, domain.getElementsByTagName("console")[0])
return hostdev
+ def add_graphics(self, params, domain):
+ graphics = xmlgenerator.graphics_xml(params)
+ graphics_node = domain.importNode(graphics.childNodes[0], True)
+ domain.getElementsByTagName("devices")[0].insertBefore(
+ graphics_node, domain.getElementsByTagName("console")[0])
+ return graphics
+
def build_domain_install(self, params):
domain = xmlgenerator.domain_xml(params, True)
self.add_disk(params, domain)
@@ -151,6 +158,12 @@ class XmlBuilder:
self.write_toxml(hostdev)
return hostdev.toxml()
+ def build_graphics(self, params):
+ graphics = xmlgenerator.graphics_xml(params)
+ if __DEBUG__:
+ self.write_toxml(graphics)
+ return graphics.toxml()
+
def build_pool(self, params):
pool = xmlgenerator.pool_xml(params)
if __DEBUG__:
@@ -242,6 +255,20 @@ if __name__ == "__main__":
interfacexml = xmlobj.build_interface(params)
+ #--------------------------
+ # get graphics xml string
+ #--------------------------
+ print '=' * 30, 'graphics xml', '=' * 30
+ params['graphtype'] = 'spice'
+ params['image'] = 'auto_glz'
+ params['jpeg'] = 'auto'
+ params['zlib'] = 'auto'
+ params['playback'] = 'on'
+ params['streaming'] = 'filter'
+ params['clipboard'] = 'no'
+
+ graphicsxml = xmlobj.build_graphics(params)
+
#---------------------
# get pool xml string
#---------------------
@@ -297,6 +324,13 @@ if __name__ == "__main__":
params['memory'] = '1048576'
params['vcpu'] = '2'
params['inputbus'] = 'usb'
+ params['graphtype'] = 'spice'
+ params['image'] = 'auto_glz'
+ params['jpeg'] = 'auto'
+ params['zlib'] = 'auto'
+ params['playback'] = 'on'
+ params['streaming'] = 'filter'
+ params['clipboard'] = 'no'
params['sound'] = 'ac97'
params['bootcd'] = '/iso/rhel5.iso'
@@ -367,7 +401,7 @@ if __name__ == "__main__":
#----------------------------------------
# get domain snapshot xml string
#----------------------------------------
- params['name'] = 'hello'
+ params['snapshotname'] = 'hello'
params['description'] = 'hello snapshot'
snapshot_xml = xmlobj.build_domain_snapshot(params)
diff --git a/utils/Python/xmlgenerator.py b/utils/Python/xmlgenerator.py
index d57dd33..460f2e5 100644
--- a/utils/Python/xmlgenerator.py
+++ b/utils/Python/xmlgenerator.py
@@ -233,12 +233,6 @@ def domain_xml(params, install = False):
input_element.setAttribute('bus', 'ps2')
devices_element.appendChild(input_element)
- # <graphics>
- graphics_element = domain.createElement('graphics')
- graphics_element.setAttribute('type', 'vnc')
- graphics_element.setAttribute('port', '-1')
- graphics_element.setAttribute('keymap', 'en-us')
- devices_element.appendChild(graphics_element)
domain_element.appendChild(devices_element)
# <sound>
@@ -253,6 +247,62 @@ def domain_xml(params, install = False):
return domain
+def graphics_xml(params):
+ graphics = xml.dom.minidom.Document()
+ # <graphics>
+ graphics_element = graphics.createElement('graphics')
+ if not params.has_key('graphtype'):
+ params['graphtype'] == 'vnc'
+
+ graphics_element.setAttribute('type', params['graphtype'])
+ graphics.appendChild(graphics_element)
+
+ if params['graphtype'] == 'vnc':
+ graphics_element.setAttribute('port', '-1')
+ graphics_element.setAttribute('keymap', 'en-us')
+ elif params['graphtype'] == 'spice':
+ graphics_element.setAttribute('autoport', 'yes')
+ if params.has_key('image'):
+ image_element = graphics.createElement('image')
+ # image to set image compression (accepts
+ # auto_glz, auto_lz, quic, glz, lz, off)
+ image_element.setAttribute('compression', params['image'])
+ graphics_element.appendChild(image_element)
+ if params.has_key('jpeg'):
+ jpeg_element = graphics.createElement('jpeg')
+ # jpeg for JPEG compression for images over wan (accepts
+ # auto, never, always)
+ jpeg_element.setAttribute('compression', params['jpeg'])
+ graphics_element.appendChild(jpeg_element)
+ if params.has_key('zlib'):
+ zlib_element = graphics.createElement('zlib')
+ # zlib for configuring wan image compression (accepts
+ # auto, never, always)
+ zlib_element.setAttribute('compression', params['zlib'])
+ graphics_element.appendChild(zlib_element)
+ if params.has_key('playback'):
+ playback_element = graphics.createElement('playback')
+ # playback for enabling audio stream compression (accepts on or off)
+ playback_element.setAttribute('compression', params['playback'])
+ graphics_element.appendChild(playback_element)
+ if params.has_key('streaming'):
+ streaming_element = graphics.createElement('streaming')
+ # streamming for settings it's mode attribute to one of
+ # filter, all or off
+ streaming_element.setAttribute('mode', params['streaming'])
+ graphics_element.appendChild(streaming_element)
+ if params.has_key('clipboard'):
+ clipboard_element = graphics.createElement('clipboard')
+ # Copy & Paste functionality is enabled by default, and can
+ # be disabled by setting the copypaste property to no
+ clipboard_element.setAttribute('copypaste', params['clipboard'])
+ graphics_element.appendChild(clipboard_element)
+ else:
+ print 'Wrong graphics type was specified.'
+ sys.exit(1)
+
+ return graphics
+
def disk_xml(params, cdrom = False):
disk = xml.dom.minidom.Document()
# <disk> -- START
--
1.7.4.4
12 years, 11 months
- 2
- 4
[libvirt] (no subject)
by Osier Yang
Hi, all
This is a basic implementation of libvirt Native Linux KVM
Tool driver. Note that this is just made with my own interest
and spare time, it's not an endorsement/effort by Red Hat,
and it isn't supported by Red Hat officially.
Basically, the driver is designed as *stateful*, as KVM tool
doesn't maintain any info about the guest except a socket which
for its own IPC. And it's implemented by using KVM tool binary,
which is name "kvm" currently, along with cgroup controllers
"cpuacct", and "memory" support. And as one of KVM tool's
pricinple is to allow both the non-root and root user to play with.
The driver is designed to support root and non-root too, just
like QEMU does. Example of the connection URI:
virsh -c kvmtool:///system
virsh -c kvmtool:///session
virsh -c kvmtool+unix:///system
virsh -c kvmtool+unix:///session
The implementation can support more or less than 15 virsh commands
currently, including basic domain cycle operations (define/undefine,
start/destroy, suspend/resume, console, setmem, schedinfo, dumpxml,
,autostart, dominfo, etc.)
About the domain configuration:
* "kernel": must be specified as KVM tool only support boots
from the kernel currently (no integration with BIOS app yet).
* "disk": only virtio bus is supported, and device type must be 'disk'.
* "serial/console": only one console is supported, of type serial or
virtio (can extend to support multiple console as long as kvm tool
supports, libvirt already supported mutiple console, see upstream
commit 0873b688c).
* "p9fs": only support specifying the source dir, and mount tag, only
type of 'mount' is supported.
* "memballoon": only virtio is supported, and there is no way
to config the addr.
* Multiple "disk" and "p9fs" is supported.
* Graphics and network are not supported, will explain below.
Please see "[PATCH 7/8]" for an example of the domain config. (which
contains all the XMLs supported by current implementation).
The problems of Native Linux KVM Tool from libvirt p.o.v:
* Some destros package "qemu-kvm" as "kvm", also "kvm" is a long
established name for "KVM" itself, so naming the project as
"kvm" might be not a good idea. I assume it will be named
as "kvmtool" in this implementation, never mind this if you
don't like that, it can be updated easily. :-)
* It still doesn't have an official package yet, even no "make install".
means we have no way to check the dependancy and do the checking
when 'configure'. I assume it will be installed as "/usr/bin/kvmtool"
in this implementation. This is the main reason which can prevents
upstream libvirt accepting the patches I guess.
* Lacks of options for user's configuration, such as "-vnc", there
is no option for user to configure the properties for the "vnc",
such as the port. It hides things, doesn't provide ways to query
the properties too, this causes problems for libvirt to add the
vnc support, as vnc clients such as virt-manager, virt-viewer,
have no way to connect the guest. Even vncviewer can't.
* KVM tool manages the network completely itself (with DHCP support?),
no way to configure, except specify the modes (user|tap|none). I
have not test it yet, but it should need explicit script to setup
the network rules(e.g. NAT) for the guest access outside world.
Anyway, there is no way for libvirt to control the guest network.
* There is a gap about the domain status between KVM tool and libvirt,
it's caused by KVM tool unlink()s the guest socket when user exits
from console (both text and graphic), but libvirt still think the
guest is running.
* KVM tool uses $HOME/.kvm_tool as the state dir, and no way to configure,
I made a small patch to allow KVM tool accept a ENV variable,
which is "KVM_STATE_DIR", it's used across the driver. I made a
simple patch against kvm tool to let the whole patches work. See
"[PATCH] kvm tools.....". As generally we want the state dir of
a driver can be "/var/run/libvirt/kvmtool/..." for root user or
"$HOME/.libvirt/kvmtool/run" for non-root user.
* kvmtoolGetVersion is just broken now, as what "./kvm version" returns
is something like "3.0.rc5.873.gb73216", however, libvirt wants things
like "2.6.40.6-0". This might be not a problem as long as KVM tool
has a official package.
* console connection is implemented by setup ptys in libvirt, stdout/stderr
of kvm tool process is redirected to the master pty, and libvirt connects
to the slave pty. This works fine now, but it might be better if kvm
tool could provide more advanced console mechanisms. Just like QEMU
does?
* Not much ways existed yet for external apps or user to query the guest
informations. But this might be changed soon per KVM tool grows up
quickly.
* It will be quite desireable if kvm tool could report the capabilities,
of which is lacked by QEMU forever (seems so), it causes much pain for
upper layer mgmt apps. See the RFC by Daniel Berrange in QEMU list
for more details:
http://lists.nongnu.org/archive/html/qemu-devel/2010-06/msg00921.html
As a conclusion, it seems to me that KVM tool dosesn't consider too much
about the interface for upper layer management tools, (generally, upper
layer apps will want good interface to set/get), which might be no good
for KVM tool future development.
Thoughts, and opinions? Thanks.
[PATCH 1/7] kvmtool: Add configure support
[PATCH] kvm tools: Introduce an ENV variable for the state dir
[PATCH 2/7] kvmtool: Add documents
[PATCH 3/7] kvmtool: Add new enums and error codes for the driver
[PATCH 4/7] kvmtool: Add hook support for kvmtool domain
[PATCH 5/7] kvmtool: Add new domain type
[PATCH 6/7] conf: Set source type of the stub console
[PATCH 7/7] kvmtool: Implementation for kvm tool driver
Regards,
Osier
12 years, 11 months
- 4
- 25
[libvirt] [PATCH] nwfilter: cleanup return codes in nwfilter subsystem
by Stefan Berger
This patch cleans up return codes in the nwfilter subsystem.
Some functions in nwfilter_conf.c (validators and formatters) are
keeping their bool return for now and I am converting their return
code to true/false.
All other functions now return -1 on failure and 0 on success.
[I searched for all occurences of ' 1;' and checked all 'if ' and
adapted where needed. After that I did a grep for 'NWFilter' in the source
tree.]
---
src/conf/nwfilter_conf.c | 127 ++++++-------
src/conf/nwfilter_params.c | 22 +-
src/nwfilter/nwfilter_driver.c | 2
src/nwfilter/nwfilter_ebiptables_driver.c | 286 +++++++++++++++---------------
src/nwfilter/nwfilter_gentech_driver.c | 78 ++++----
src/nwfilter/nwfilter_learnipaddr.c | 47 ++--
src/qemu/qemu_command.c | 3
src/qemu/qemu_process.c | 2
src/uml/uml_conf.c | 2
9 files changed, 290 insertions(+), 279 deletions(-)
Index: libvirt-acl/src/conf/nwfilter_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -214,23 +214,24 @@ static const char state_str[] = "
* @attr: The attribute to look up
* @res: Pointer to string pointer for result
*
- * Returns 1 if value was found with result returned, 0 otherwise.
+ * Returns 0 if value was found with result returned, -1 otherwise.
*
* lookup a map entry given the integer.
*/
-static bool
+static int
intMapGetByInt(const struct int_map *intmap, int32_t attr, const char **res)
{
int i = 0;
- bool found = 0;
+ int found = false;
+
while (intmap[i].val && !found) {
if (intmap[i].attr == attr) {
*res = intmap[i].val;
- found = 1;
+ found = true;
}
i++;
}
- return found;
+ return (found) ? 0 : -1;
}
@@ -241,26 +242,27 @@ intMapGetByInt(const struct int_map *int
* @casecmp : Whether to ignore case when doing string matching
* @result: Pointer to int for result
*
- * Returns 0 if no entry was found, 1 otherwise.
+ * Returns 0 if entry was found, -1 otherwise.
*
* Do a lookup in the map trying to find an integer key using the string
- * value. Returns 1 if entry was found with result returned, 0 otherwise.
+ * value. Returns 0 if entry was found with result returned, -1 otherwise.
*/
-static bool
+static int
intMapGetByString(const struct int_map *intmap, const char *str, int casecmp,
int32_t *result)
{
int i = 0;
- bool found = 0;
+ bool found = false;
+
while (intmap[i].val && !found) {
if ( (casecmp && STRCASEEQ(intmap[i].val, str)) ||
STREQ (intmap[i].val, str) ) {
*result = intmap[i].attr;
- found = 1;
+ found = true;
}
i++;
}
- return found;
+ return (found) ? 0 : -1;
}
@@ -367,14 +369,14 @@ virNWFilterRuleDefAddVar(virNWFilterRule
if (VIR_REALLOC_N(nwf->vars, nwf->nvars+1) < 0) {
virReportOOMError();
- return 1;
+ return -1;
}
nwf->vars[nwf->nvars] = strdup(var);
if (!nwf->vars[nwf->nvars]) {
virReportOOMError();
- return 1;
+ return -1;
}
item->var = nwf->vars[nwf->nvars++];
@@ -479,7 +481,7 @@ checkMacProtocolID(enum attrDatatype dat
int32_t res = -1;
if (datatype == DATATYPE_STRING) {
- if (intMapGetByString(macProtoMap, value->c, 1, &res) == 0)
+ if (intMapGetByString(macProtoMap, value->c, 1, &res) < 0)
res = -1;
datatype = DATATYPE_UINT16;
} else if (datatype == DATATYPE_UINT16 ||
@@ -492,10 +494,10 @@ checkMacProtocolID(enum attrDatatype dat
if (res != -1) {
nwf->p.ethHdrFilter.dataProtocolID.u.u16 = res;
nwf->p.ethHdrFilter.dataProtocolID.datatype = datatype;
- return 1;
+ return true;
}
- return 0;
+ return false;
}
@@ -509,7 +511,7 @@ macProtocolIDFormatter(virBufferPtr buf,
if (intMapGetByInt(macProtoMap,
nwf->p.ethHdrFilter.dataProtocolID.u.u16,
- &str)) {
+ &str) == 0) {
virBufferAdd(buf, str, -1);
} else {
if (nwf->p.ethHdrFilter.dataProtocolID.datatype == DATATYPE_UINT16)
@@ -517,7 +519,7 @@ macProtocolIDFormatter(virBufferPtr buf,
virBufferAsprintf(buf, asHex ? "0x%x" : "%d",
nwf->p.ethHdrFilter.dataProtocolID.u.u16);
}
- return 1;
+ return true;
}
@@ -550,7 +552,7 @@ checkVlanProtocolID(enum attrDatatype da
int32_t res = -1;
if (datatype == DATATYPE_STRING) {
- if (intMapGetByString(macProtoMap, value->c, 1, &res) == 0)
+ if (intMapGetByString(macProtoMap, value->c, 1, &res) < 0)
res = -1;
datatype = DATATYPE_UINT16;
} else if (datatype == DATATYPE_UINT16 ||
@@ -579,7 +581,7 @@ vlanProtocolIDFormatter(virBufferPtr buf
if (intMapGetByInt(macProtoMap,
nwf->p.vlanHdrFilter.dataVlanEncap.u.u16,
- &str)) {
+ &str) == 0) {
virBufferAdd(buf, str, -1);
} else {
if (nwf->p.vlanHdrFilter.dataVlanEncap.datatype == DATATYPE_UINT16)
@@ -607,7 +609,7 @@ checkValidMask(unsigned char *data, int
checkones = 0;
} else {
if ((data[idx>>3] & mask))
- return 0;
+ return false;
}
idx++;
@@ -615,7 +617,7 @@ checkValidMask(unsigned char *data, int
if (!mask)
mask = 0x80;
}
- return 1;
+ return true;
}
@@ -655,7 +657,7 @@ arpOpcodeValidator(enum attrDatatype dat
int32_t res = -1;
if (datatype == DATATYPE_STRING) {
- if (intMapGetByString(arpOpcodeMap, value->c, 1, &res) == 0)
+ if (intMapGetByString(arpOpcodeMap, value->c, 1, &res) < 0)
res = -1;
datatype = DATATYPE_UINT16;
} else if (datatype == DATATYPE_UINT16 ||
@@ -666,9 +668,9 @@ arpOpcodeValidator(enum attrDatatype dat
if (res != -1) {
nwf->p.arpHdrFilter.dataOpcode.u.u16 = res;
nwf->p.arpHdrFilter.dataOpcode.datatype = datatype;
- return 1;
+ return true;
}
- return 0;
+ return false;
}
@@ -681,12 +683,12 @@ arpOpcodeFormatter(virBufferPtr buf,
if (intMapGetByInt(arpOpcodeMap,
nwf->p.arpHdrFilter.dataOpcode.u.u16,
- &str)) {
+ &str) == 0) {
virBufferAdd(buf, str, -1);
} else {
virBufferAsprintf(buf, "%d", nwf->p.arpHdrFilter.dataOpcode.u.u16);
}
- return 1;
+ return true;
}
@@ -708,15 +710,16 @@ static const struct int_map ipProtoMap[]
};
-static bool checkIPProtocolID(enum attrDatatype datatype,
- union data *value,
- virNWFilterRuleDefPtr nwf,
- nwItemDesc *item ATTRIBUTE_UNUSED)
+static bool
+checkIPProtocolID(enum attrDatatype datatype,
+ union data *value,
+ virNWFilterRuleDefPtr nwf,
+ nwItemDesc *item ATTRIBUTE_UNUSED)
{
int32_t res = -1;
if (datatype == DATATYPE_STRING) {
- if (intMapGetByString(ipProtoMap, value->c, 1, &res) == 0)
+ if (intMapGetByString(ipProtoMap, value->c, 1, &res) < 0)
res = -1;
datatype = DATATYPE_UINT8_HEX;
} else if (datatype == DATATYPE_UINT8 ||
@@ -727,9 +730,9 @@ static bool checkIPProtocolID(enum attrD
if (res != -1) {
nwf->p.ipHdrFilter.ipHdr.dataProtocolID.u.u8 = res;
nwf->p.ipHdrFilter.ipHdr.dataProtocolID.datatype = datatype;
- return 1;
+ return true;
}
- return 0;
+ return false;
}
@@ -743,7 +746,7 @@ formatIPProtocolID(virBufferPtr buf,
if (intMapGetByInt(ipProtoMap,
nwf->p.ipHdrFilter.ipHdr.dataProtocolID.u.u8,
- &str)) {
+ &str) == 0) {
virBufferAdd(buf, str, -1);
} else {
if (nwf->p.ipHdrFilter.ipHdr.dataProtocolID.datatype == DATATYPE_UINT8)
@@ -751,7 +754,7 @@ formatIPProtocolID(virBufferPtr buf,
virBufferAsprintf(buf, asHex ? "0x%x" : "%d",
nwf->p.ipHdrFilter.ipHdr.dataProtocolID.u.u8);
}
- return 1;
+ return true;
}
@@ -762,11 +765,11 @@ dscpValidator(enum attrDatatype datatype
{
uint8_t dscp = val->ui;
if (dscp > 63)
- return 0;
+ return false;
nwf->p.ipHdrFilter.ipHdr.dataDSCP.datatype = datatype;
- return 1;
+ return true;
}
@@ -805,7 +808,7 @@ parseStringItems(const struct int_map *i
}
}
if (!found) {
- rc = 1;
+ rc = -1;
break;
}
}
@@ -874,15 +877,15 @@ stateValidator(enum attrDatatype datatyp
char *input = val->c;
int32_t flags = 0;
- if (parseStateMatch(input, &flags))
- return 0;
+ if (parseStateMatch(input, &flags) < 0)
+ return false;
item->u.u16 = flags;
nwf->flags |= flags;
item->datatype = DATATYPE_UINT16;
- return 1;
+ return true;
}
@@ -1663,13 +1666,11 @@ static const virAttributes virAttr[] = {
};
-static bool
+static int
virNWMACAddressParser(const char *input,
nwMACAddressPtr output)
{
- if (virParseMacAddr(input, &output->addr[0]) == 0)
- return 1;
- return 0;
+ return virParseMacAddr(input, &output->addr[0]);
}
@@ -1714,7 +1715,7 @@ virNWFilterRuleDetailsParse(xmlNodePtr n
flags_set |= NWFILTER_ENTRY_ITEM_FLAG_HAS_VAR;
if (virNWFilterRuleDefAddVar(nwf,
item,
- &prop[1]))
+ &prop[1]) < 0)
rc = -1;
found = 1;
}
@@ -1805,8 +1806,8 @@ virNWFilterRuleDetailsParse(xmlNodePtr n
break;
case DATATYPE_MACADDR:
- if (!virNWMACAddressParser(prop,
- &item->u.macaddr)) {
+ if (virNWMACAddressParser(prop,
+ &item->u.macaddr) < 0) {
rc = -1;
}
found = 1;
@@ -1814,8 +1815,8 @@ virNWFilterRuleDetailsParse(xmlNodePtr n
case DATATYPE_MACMASK:
validator = checkMACMask;
- if (!virNWMACAddressParser(prop,
- &item->u.macaddr)) {
+ if (virNWMACAddressParser(prop,
+ &item->u.macaddr) < 0) {
rc = -1;
}
data.v = &item->u.macaddr;
@@ -2418,8 +2419,8 @@ virNWFilterDefParseXML(xmlXPathContextPt
} else {
/* assign default priority if none can be found via lookup */
if (!name_prefix ||
- !intMapGetByString(chain_priorities, name_prefix, 0,
- &ret->chainPriority)) {
+ intMapGetByString(chain_priorities, name_prefix, 0,
+ &ret->chainPriority) < 0) {
/* assign default chain priority */
ret->chainPriority = (NWFILTER_MAX_FILTER_PRIORITY +
NWFILTER_MIN_FILTER_PRIORITY) / 2;
@@ -2620,7 +2621,7 @@ int virNWFilterSaveConfig(const char *co
if (!(xml = virNWFilterDefFormat(def)))
goto cleanup;
- if (virNWFilterSaveXML(configDir, def, xml))
+ if (virNWFilterSaveXML(configDir, def, xml) < 0)
goto cleanup;
ret = 0;
@@ -2649,7 +2650,7 @@ _virNWFilterDefLoopDetect(virConnectPtr
if (entry->include) {
if (STREQ(filtername, entry->include->filterref)) {
- rc = 1;
+ rc = -1;
break;
}
@@ -2660,8 +2661,8 @@ _virNWFilterDefLoopDetect(virConnectPtr
obj->def, filtername);
virNWFilterObjUnlock(obj);
- if (rc)
- break;
+ if (rc < 0)
+ break;
}
}
}
@@ -2679,7 +2680,7 @@ _virNWFilterDefLoopDetect(virConnectPtr
* Detect a loop introduced through the filters being able to
* reference each other.
*
- * Returns 0 in case no loop was detected, 1 otherwise.
+ * Returns 0 in case no loop was detected, -1 otherwise.
*/
static int
virNWFilterDefLoopDetect(virConnectPtr conn,
@@ -2736,7 +2737,7 @@ virNWFilterTriggerVMFilterRebuild(virCon
};
if (!cb.skipInterfaces)
- return 1;
+ return -1;
for (i = 0; i < nCallbackDriver; i++) {
callbackDrvArray[i]->vmFilterRebuild(conn,
@@ -2778,7 +2779,7 @@ virNWFilterTestUnassignDef(virConnectPtr
nwfilter->wantRemoved = 1;
/* trigger the update on VMs referencing the filter */
if (virNWFilterTriggerVMFilterRebuild(conn))
- rc = 1;
+ rc = -1;
nwfilter->wantRemoved = 0;
@@ -2807,7 +2808,7 @@ virNWFilterObjAssignDef(virConnectPtr co
virNWFilterObjUnlock(nwfilter);
}
- if (virNWFilterDefLoopDetect(conn, nwfilters, def)) {
+ if (virNWFilterDefLoopDetect(conn, nwfilters, def) < 0) {
virNWFilterReportError(VIR_ERR_OPERATION_FAILED,
"%s", _("filter would introduce a loop"));
return NULL;
@@ -3297,8 +3298,8 @@ int virNWFilterConfLayerInit(virHashIter
initialized = true;
- if (virMutexInitRecursive(&updateMutex))
- return 1;
+ if (virMutexInitRecursive(&updateMutex) < 0)
+ return -1;
return 0;
}
Index: libvirt-acl/src/nwfilter/nwfilter_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_driver.c
@@ -384,7 +384,7 @@ nwfilterUndefine(virNWFilterPtr obj) {
goto cleanup;
}
- if (virNWFilterTestUnassignDef(obj->conn, nwfilter)) {
+ if (virNWFilterTestUnassignDef(obj->conn, nwfilter) < 0) {
virNWFilterReportError(VIR_ERR_OPERATION_INVALID,
"%s",
_("nwfilter is in use"));
Index: libvirt-acl/src/conf/nwfilter_params.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_params.c
+++ libvirt-acl/src/conf/nwfilter_params.c
@@ -82,7 +82,7 @@ virNWFilterVarValueCopy(const virNWFilte
}
break;
case NWFILTER_VALUE_TYPE_ARRAY:
- if (VIR_ALLOC_N(res->u.array.values, val->u.array.nValues))
+ if (VIR_ALLOC_N(res->u.array.values, val->u.array.nValues) < 0)
goto err_exit;
res->u.array.nValues = val->u.array.nValues;
for (i = 0; i < val->u.array.nValues; i++) {
@@ -490,7 +490,7 @@ hashDataFree(void *payload, const void *
* @val: The value associated with the key
* @freeName: Whether the name must be freed on table destruction
*
- * Returns 0 on success, 1 on failure.
+ * Returns 0 on success, -1 on failure.
*
* Put an entry into the hashmap replacing and freeing an existing entry
* if one existed.
@@ -505,25 +505,25 @@ virNWFilterHashTablePut(virNWFilterHashT
if (copyName) {
name = strdup(name);
if (!name)
- return 1;
+ return -1;
if (VIR_REALLOC_N(table->names, table->nNames + 1) < 0) {
VIR_FREE(name);
- return 1;
+ return -1;
}
table->names[table->nNames++] = (char *)name;
}
- if (virHashAddEntry(table->hashTable, name, val) != 0) {
+ if (virHashAddEntry(table->hashTable, name, val) < 0) {
if (copyName) {
VIR_FREE(name);
table->nNames--;
}
- return 1;
+ return -1;
}
} else {
- if (virHashUpdateEntry(table->hashTable, name, val) != 0) {
- return 1;
+ if (virHashUpdateEntry(table->hashTable, name, val) < 0) {
+ return -1;
}
}
return 0;
@@ -614,7 +614,7 @@ addToTable(void *payload, const void *na
return;
}
- if (virNWFilterHashTablePut(atts->target, (const char *)name, val, 1) != 0) {
+ if (virNWFilterHashTablePut(atts->target, (const char *)name, val, 1) < 0){
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
_("Could not put variable '%s' into hashmap"),
(const char *)name);
@@ -640,7 +640,7 @@ virNWFilterHashTablePutAll(virNWFilterHa
return 0;
err_exit:
- return 1;
+ return -1;
}
@@ -700,7 +700,7 @@ virNWFilterParseParamAttributes(xmlNodeP
value = virNWFilterParseVarValue(val);
if (!value)
goto skip_entry;
- if (virNWFilterHashTablePut(table, nam, value, 1))
+ if (virNWFilterHashTablePut(table, nam, value, 1) < 0)
goto err_exit;
}
value = NULL;
Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
@@ -106,7 +106,7 @@ virNWFilterRuleInstAddData(virNWFilterRu
{
if (VIR_REALLOC_N(res->data, res->ndata+1) < 0) {
virReportOOMError();
- return 1;
+ return -1;
}
res->data[res->ndata++] = data;
return 0;
@@ -151,28 +151,28 @@ virNWFilterVarHashmapAddStdValues(virNWF
if (macaddr) {
val = virNWFilterVarValueCreateSimple(macaddr);
if (!val)
- return 1;
+ return -1;
if (virHashAddEntry(table->hashTable,
NWFILTER_STD_VAR_MAC,
val) < 0) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Could not add variable 'MAC' to hashmap"));
- return 1;
+ return -1;
}
}
if (ipaddr) {
val = virNWFilterVarValueCopy(ipaddr);
if (!val)
- return 1;
+ return -1;
if (virHashAddEntry(table->hashTable,
NWFILTER_STD_VAR_IP,
val) < 0) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
"%s", _("Could not add variable 'IP' to hashmap"));
- return 1;
+ return -1;
}
}
@@ -200,7 +200,7 @@ virNWFilterCreateVarHashmap(char *macadd
return NULL;
}
- if (virNWFilterVarHashmapAddStdValues(table, macaddr, ipaddr)) {
+ if (virNWFilterVarHashmapAddStdValues(table, macaddr, ipaddr) < 0) {
virNWFilterHashTableFree(table);
return NULL;
}
@@ -339,10 +339,10 @@ virNWFilterCreateVarsFrom(virNWFilterHas
return NULL;
}
- if (virNWFilterHashTablePutAll(vars1, res))
+ if (virNWFilterHashTablePutAll(vars1, res) < 0)
goto err_exit;
- if (virNWFilterHashTablePutAll(vars2, res))
+ if (virNWFilterHashTablePutAll(vars2, res) < 0)
goto err_exit;
return res;
@@ -404,13 +404,13 @@ _virNWFilterInstantiateRec(virNWFilterTe
ifname,
vars);
if (!inst) {
- rc = 1;
+ rc = -1;
break;
}
if (VIR_REALLOC_N(*insts, (*nEntries)+1) < 0) {
virReportOOMError();
- rc = 1;
+ rc = -1;
break;
}
@@ -425,7 +425,7 @@ _virNWFilterInstantiateRec(virNWFilterTe
virNWFilterReportError(VIR_ERR_NO_NWFILTER,
_("Filter '%s' is in use."),
inc->filterref);
- rc = 1;
+ rc = -1;
virNWFilterObjUnlock(obj);
break;
}
@@ -436,7 +436,7 @@ _virNWFilterInstantiateRec(virNWFilterTe
vars);
if (!tmpvars) {
virReportOOMError();
- rc = 1;
+ rc = -1;
virNWFilterObjUnlock(obj);
break;
}
@@ -467,13 +467,13 @@ _virNWFilterInstantiateRec(virNWFilterTe
virNWFilterHashTableFree(tmpvars);
virNWFilterObjUnlock(obj);
- if (rc)
+ if (rc < 0)
break;
} else {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
_("referenced filter '%s' is missing"),
inc->filterref);
- rc = 1;
+ rc = -1;
break;
}
}
@@ -504,7 +504,7 @@ virNWFilterDetermineMissingVarsRec(virNW
if (!virHashLookup(vars->hashTable, rule->vars[j])) {
val = virNWFilterVarValueCreateSimpleCopyValue("1");
if (!val) {
- rc = 1;
+ rc = -1;
break;
}
virNWFilterHashTablePut(missing_vars, rule->vars[j],
@@ -522,7 +522,7 @@ virNWFilterDetermineMissingVarsRec(virNW
virNWFilterReportError(VIR_ERR_NO_NWFILTER,
_("Filter '%s' is in use."),
inc->filterref);
- rc = 1;
+ rc = -1;
virNWFilterObjUnlock(obj);
break;
}
@@ -533,7 +533,7 @@ virNWFilterDetermineMissingVarsRec(virNW
vars);
if (!tmpvars) {
virReportOOMError();
- rc = 1;
+ rc = -1;
virNWFilterObjUnlock(obj);
break;
}
@@ -559,13 +559,13 @@ virNWFilterDetermineMissingVarsRec(virNW
virNWFilterHashTableFree(tmpvars);
virNWFilterObjUnlock(obj);
- if (rc)
+ if (rc < 0)
break;
} else {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
_("referenced filter '%s' is missing"),
inc->filterref);
- rc = 1;
+ rc = -1;
break;
}
}
@@ -592,7 +592,7 @@ virNWFilterRuleInstancesToArray(int nEnt
if (VIR_ALLOC_N((*ptrs), (*nptrs)) < 0) {
virReportOOMError();
- return 1;
+ return -1;
}
(*nptrs) = 0;
@@ -649,7 +649,7 @@ virNWFilterInstantiate(virNWFilterTechDr
virNWFilterHashTablePtr missing_vars = virNWFilterHashTableCreate(0);
if (!missing_vars) {
virReportOOMError();
- rc = 1;
+ rc = -1;
goto err_exit;
}
@@ -658,7 +658,7 @@ virNWFilterInstantiate(virNWFilterTechDr
missing_vars,
useNewFilter,
driver);
- if (rc)
+ if (rc < 0)
goto err_exit;
if (virHashSize(missing_vars->hashTable) == 1) {
@@ -693,7 +693,7 @@ virNWFilterInstantiate(virNWFilterTechDr
useNewFilter, foundNewFilter,
driver);
- if (rc)
+ if (rc < 0)
goto err_exit;
switch (useNewFilter) {
@@ -709,10 +709,10 @@ virNWFilterInstantiate(virNWFilterTechDr
rc = virNWFilterRuleInstancesToArray(nEntries, insts,
&ptrs, &nptrs);
- if (rc)
+ if (rc < 0)
goto err_exit;
- if (virNWFilterLockIface(ifname))
+ if (virNWFilterLockIface(ifname) < 0)
goto err_exit;
rc = techdriver->applyNewRules(ifname, nptrs, ptrs);
@@ -724,7 +724,7 @@ virNWFilterInstantiate(virNWFilterTechDr
virResetLastError();
/* interface changed/disppeared */
techdriver->allTeardown(ifname);
- rc = 1;
+ rc = -1;
}
virNWFilterUnlockIface(ifname);
@@ -752,7 +752,7 @@ err_unresolvable_vars:
VIR_FREE(buf);
}
- rc = 1;
+ rc = -1;
goto err_exit;
}
@@ -792,7 +792,7 @@ __virNWFilterInstantiateFilter(bool tear
_("Could not get access to ACL tech "
"driver '%s'"),
drvname);
- return 1;
+ return -1;
}
VIR_DEBUG("filter name: %s", filtername);
@@ -802,14 +802,14 @@ __virNWFilterInstantiateFilter(bool tear
virNWFilterReportError(VIR_ERR_NO_NWFILTER,
_("Could not find filter '%s'"),
filtername);
- return 1;
+ return -1;
}
if (obj->wantRemoved) {
virNWFilterReportError(VIR_ERR_NO_NWFILTER,
_("Filter '%s' is in use."),
filtername);
- rc = 1;
+ rc = -1;
goto err_exit;
}
@@ -817,7 +817,7 @@ __virNWFilterInstantiateFilter(bool tear
str_macaddr = strdup(vmmacaddr);
if (!str_macaddr) {
virReportOOMError();
- rc = 1;
+ rc = -1;
goto err_exit;
}
@@ -825,7 +825,7 @@ __virNWFilterInstantiateFilter(bool tear
vars1 = virNWFilterCreateVarHashmap(str_macaddr, ipaddr);
if (!vars1) {
- rc = 1;
+ rc = -1;
goto err_exit;
}
@@ -835,7 +835,7 @@ __virNWFilterInstantiateFilter(bool tear
vars = virNWFilterCreateVarsFrom(vars1,
filterparams);
if (!vars) {
- rc = 1;
+ rc = -1;
goto err_exit_vars1;
}
@@ -955,7 +955,7 @@ virNWFilterInstantiateFilterLate(const c
driver,
true,
&foundNewFilter);
- if (rc) {
+ if (rc < 0) {
/* something went wrong... 'DOWN' the interface */
if ((virNetDevValidateConfig(ifname, NULL, ifindex) <= 0) ||
(virNetDevSetOnline(ifname, false) < 0)) {
@@ -1012,7 +1012,7 @@ int virNWFilterRollbackUpdateFilter(cons
_("Could not get access to ACL tech "
"driver '%s'"),
drvname);
- return 1;
+ return -1;
}
/* don't tear anything while the address is being learned */
@@ -1038,7 +1038,7 @@ virNWFilterTearOldFilter(virDomainNetDef
_("Could not get access to ACL tech "
"driver '%s'"),
drvname);
- return 1;
+ return -1;
}
/* don't tear anything while the address is being learned */
@@ -1063,13 +1063,13 @@ _virNWFilterTeardownFilter(const char *i
_("Could not get access to ACL tech "
"driver '%s'"),
drvname);
- return 1;
+ return -1;
}
virNWFilterTerminateLearnReq(ifname);
- if (virNWFilterLockIface(ifname))
- return 1;
+ if (virNWFilterLockIface(ifname) < 0)
+ return -1;
techdriver->allTeardown(ifname);
Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
+++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
@@ -149,7 +149,7 @@ virNWFilterLockIface(const char *ifname)
goto err_exit;
}
- if (virMutexInitRecursive(&ifaceLock->lock)) {
+ if (virMutexInitRecursive(&ifaceLock->lock) < 0) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("mutex initialization failed"));
VIR_FREE(ifaceLock);
@@ -184,7 +184,7 @@ virNWFilterLockIface(const char *ifname)
err_exit:
virMutexUnlock(&ifaceMapLock);
- return 1;
+ return -1;
}
@@ -248,7 +248,7 @@ virNWFilterRegisterLearnReq(virNWFilterI
int
virNWFilterTerminateLearnReq(const char *ifname) {
- int rc = 1;
+ int rc = -1;
int ifindex;
virNWFilterIPAddrLearnReqPtr req;
@@ -336,9 +336,6 @@ virNWFilterAddIpAddrForIfname(const char
goto cleanup;
}
ret = virNWFilterHashTablePut(ipAddressMap, ifname, val, 1);
- /* FIXME: fix when return code of virNWFilterHashTablePut changes */
- if (ret)
- ret = -1;
goto cleanup;
} else {
if (virNWFilterVarValueAddValue(val, addr) < 0)
@@ -494,7 +491,7 @@ learnIPAddressThread(void *arg)
enum howDetect howDetected = 0;
virNWFilterTechDriverPtr techdriver = req->techdriver;
- if (virNWFilterLockIface(req->ifname))
+ if (virNWFilterLockIface(req->ifname) < 0)
goto err_no_lock;
req->status = 0;
@@ -520,7 +517,7 @@ learnIPAddressThread(void *arg)
case DETECT_DHCP:
if (techdriver->applyDHCPOnlyRules(req->ifname,
req->macaddr,
- NULL, false)) {
+ NULL, false) < 0) {
req->status = EINVAL;
goto done;
}
@@ -530,7 +527,7 @@ learnIPAddressThread(void *arg)
break;
default:
if (techdriver->applyBasicRules(req->ifname,
- req->macaddr)) {
+ req->macaddr) < 0) {
req->status = EINVAL;
goto done;
}
@@ -701,7 +698,7 @@ learnIPAddressThread(void *arg)
sa.data.inet4.sin_addr.s_addr = vmaddr;
char *inetaddr;
- if ((inetaddr = virSocketAddrFormat(&sa))!= NULL) {
+ if ((inetaddr = virSocketAddrFormat(&sa)) != NULL) {
if (virNWFilterAddIpAddrForIfname(req->ifname, inetaddr) < 0) {
VIR_ERROR(_("Failed to add IP address %s to IP address "
"cache for interface %s"), inetaddr, req->ifname);
@@ -781,14 +778,14 @@ virNWFilterLearnIPAddress(virNWFilterTec
virNWFilterHashTablePtr ht = NULL;
if (howDetect == 0)
- return 1;
+ return -1;
if ( !techdriver->canApplyBasicRules()) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("IP parameter must be provided since "
"snooping the IP address does not work "
"possibly due to missing tools"));
- return 1;
+ return -1;
}
if (VIR_ALLOC(req) < 0) {
@@ -802,7 +799,7 @@ virNWFilterLearnIPAddress(virNWFilterTec
goto err_free_req;
}
- if (virNWFilterHashTablePutAll(filterparams, ht))
+ if (virNWFilterHashTablePutAll(filterparams, ht) < 0)
goto err_free_ht;
req->filtername = strdup(filtername);
@@ -838,7 +835,7 @@ virNWFilterLearnIPAddress(virNWFilterTec
rc = virNWFilterRegisterLearnReq(req);
- if (rc)
+ if (rc < 0)
goto err_free_req;
if (pthread_create(&req->thread,
@@ -856,7 +853,7 @@ err_free_ht:
err_free_req:
virNWFilterIPAddrLearnReqFree(req);
err_no_req:
- return 1;
+ return -1;
}
#else
@@ -876,7 +873,7 @@ virNWFilterLearnIPAddress(virNWFilterTec
_("IP parameter must be given since libvirt "
"was not compiled with IP address learning "
"support"));
- return 1;
+ return -1;
}
#endif /* HAVE_LIBPCAP */
@@ -895,35 +892,35 @@ virNWFilterLearnInit(void) {
pendingLearnReq = virHashCreate(0, freeLearnReqEntry);
if (!pendingLearnReq) {
- return 1;
+ return -1;
}
- if (virMutexInit(&pendingLearnReqLock)) {
+ if (virMutexInit(&pendingLearnReqLock) < 0) {
virNWFilterLearnShutdown();
- return 1;
+ return -1;
}
ipAddressMap = virNWFilterHashTableCreate(0);
if (!ipAddressMap) {
virReportOOMError();
virNWFilterLearnShutdown();
- return 1;
+ return -1;
}
- if (virMutexInit(&ipAddressMapLock)) {
+ if (virMutexInit(&ipAddressMapLock) < 0) {
virNWFilterLearnShutdown();
- return 1;
+ return -1;
}
ifaceLockMap = virHashCreate(0, freeIfaceLock);
if (!ifaceLockMap) {
virNWFilterLearnShutdown();
- return 1;
+ return -1;
}
- if (virMutexInit(&ifaceMapLock)) {
+ if (virMutexInit(&ifaceMapLock) < 0) {
virNWFilterLearnShutdown();
- return 1;
+ return -1;
}
return 0;
Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -233,15 +233,15 @@ printVar(virNWFilterVarCombIterPtr vars,
val = virNWFilterVarCombIterGetVarValue(vars, item->var);
if (!val) {
/* error has been reported */
- return 1;
+ return -1;
}
if (!virStrcpy(buf, val, bufsize)) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
- _("Buffer to small to print MAC address "
+ _("Buffer too small to print MAC address "
"'%s' into"),
item->var);
- return 1;
+ return -1;
}
*done = 1;
@@ -259,8 +259,8 @@ _printDataType(virNWFilterVarCombIterPtr
int done;
char *data;
- if (printVar(vars, buf, bufsize, item, &done))
- return 1;
+ if (printVar(vars, buf, bufsize, item, &done) < 0)
+ return -1;
if (done)
return 0;
@@ -269,12 +269,12 @@ _printDataType(virNWFilterVarCombIterPtr
case DATATYPE_IPADDR:
data = virSocketAddrFormat(&item->u.ipaddr);
if (!data)
- return 1;
+ return -1;
if (snprintf(buf, bufsize, "%s", data) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("buffer too small for IP address"));
VIR_FREE(data);
- return 1;
+ return -1;
}
VIR_FREE(data);
break;
@@ -282,13 +282,13 @@ _printDataType(virNWFilterVarCombIterPtr
case DATATYPE_IPV6ADDR:
data = virSocketAddrFormat(&item->u.ipaddr);
if (!data)
- return 1;
+ return -1;
if (snprintf(buf, bufsize, "%s", data) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("buffer too small for IPv6 address"));
VIR_FREE(data);
- return 1;
+ return -1;
}
VIR_FREE(data);
break;
@@ -298,7 +298,7 @@ _printDataType(virNWFilterVarCombIterPtr
if (bufsize < VIR_MAC_STRING_BUFLEN) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for MAC address"));
- return 1;
+ return -1;
}
virFormatMacAddr(item->u.macaddr.addr, buf);
@@ -310,7 +310,7 @@ _printDataType(virNWFilterVarCombIterPtr
item->u.u8) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for uint8 type"));
- return 1;
+ return -1;
}
break;
@@ -320,7 +320,7 @@ _printDataType(virNWFilterVarCombIterPtr
item->u.u32) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for uint32 type"));
- return 1;
+ return -1;
}
break;
@@ -330,7 +330,7 @@ _printDataType(virNWFilterVarCombIterPtr
item->u.u16) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for uint16 type"));
- return 1;
+ return -1;
}
break;
@@ -340,14 +340,14 @@ _printDataType(virNWFilterVarCombIterPtr
item->u.u8) >= bufsize) {
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("Buffer too small for uint8 type"));
- return 1;
+ return -1;
}
break;
default:
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
_("Unhandled datatype %x"), item->datatype);
- return 1;
+ return -1;
break;
}
@@ -417,7 +417,7 @@ ebiptablesAddRuleInst(virNWFilterRuleIns
if (VIR_ALLOC(inst) < 0) {
virReportOOMError();
- return 1;
+ return -1;
}
inst->commandTemplate = commandTemplate;
@@ -442,7 +442,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
if (HAS_ENTRY_ITEM(ðHdr->dataSrcMACAddr)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- ðHdr->dataSrcMACAddr))
+ ðHdr->dataSrcMACAddr) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -454,7 +454,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
if (HAS_ENTRY_ITEM(ðHdr->dataSrcMACMask)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- ðHdr->dataSrcMACMask))
+ ðHdr->dataSrcMACMask) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -466,7 +466,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
if (HAS_ENTRY_ITEM(ðHdr->dataDstMACAddr)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- ðHdr->dataDstMACAddr))
+ ðHdr->dataDstMACAddr) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -478,7 +478,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
if (HAS_ENTRY_ITEM(ðHdr->dataDstMACMask)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- ðHdr->dataDstMACMask))
+ ðHdr->dataDstMACMask) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -492,7 +492,7 @@ ebtablesHandleEthHdr(virBufferPtr buf,
err_exit:
virBufferFreeAndReset(buf);
- return 1;
+ return -1;
}
@@ -895,7 +895,7 @@ iptablesHandleSrcMacAddr(virBufferPtr bu
if (printDataType(vars,
macaddr, sizeof(macaddr),
- srcMacAddr))
+ srcMacAddr) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -909,7 +909,7 @@ iptablesHandleSrcMacAddr(virBufferPtr bu
err_exit:
virBufferFreeAndReset(buf);
- return 1;
+ return -1;
}
@@ -940,7 +940,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataSrcIPAddr))
+ &ipHdr->dataSrcIPAddr) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -953,7 +953,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
number, sizeof(number),
- &ipHdr->dataSrcIPMask))
+ &ipHdr->dataSrcIPMask) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -964,7 +964,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataSrcIPFrom))
+ &ipHdr->dataSrcIPFrom) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -977,7 +977,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataSrcIPTo))
+ &ipHdr->dataSrcIPTo) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -990,7 +990,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataDstIPAddr))
+ &ipHdr->dataDstIPAddr) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1003,7 +1003,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
number, sizeof(number),
- &ipHdr->dataDstIPMask))
+ &ipHdr->dataDstIPMask) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1015,7 +1015,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataDstIPFrom))
+ &ipHdr->dataDstIPFrom) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1028,7 +1028,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &ipHdr->dataDstIPTo))
+ &ipHdr->dataDstIPTo) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1041,7 +1041,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
if (printDataType(vars,
number, sizeof(number),
- &ipHdr->dataDSCP))
+ &ipHdr->dataDSCP) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1057,7 +1057,7 @@ iptablesHandleIpHdr(virBufferPtr buf,
} else {
if (printDataType(vars,
number, sizeof(number),
- &ipHdr->dataConnlimitAbove))
+ &ipHdr->dataConnlimitAbove) < 0)
goto err_exit;
/* place connlimit after potential -m state --state ...
@@ -1085,7 +1085,7 @@ err_exit:
virBufferFreeAndReset(buf);
virBufferFreeAndReset(afterStateMatch);
- return 1;
+ return -1;
}
@@ -1106,7 +1106,7 @@ iptablesHandlePortData(virBufferPtr buf,
if (HAS_ENTRY_ITEM(&portData->dataSrcPortStart)) {
if (printDataType(vars,
portstr, sizeof(portstr),
- &portData->dataSrcPortStart))
+ &portData->dataSrcPortStart) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1118,7 +1118,7 @@ iptablesHandlePortData(virBufferPtr buf,
if (HAS_ENTRY_ITEM(&portData->dataSrcPortEnd)) {
if (printDataType(vars,
portstr, sizeof(portstr),
- &portData->dataSrcPortEnd))
+ &portData->dataSrcPortEnd) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1130,7 +1130,7 @@ iptablesHandlePortData(virBufferPtr buf,
if (HAS_ENTRY_ITEM(&portData->dataDstPortStart)) {
if (printDataType(vars,
portstr, sizeof(portstr),
- &portData->dataDstPortStart))
+ &portData->dataDstPortStart) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1142,7 +1142,7 @@ iptablesHandlePortData(virBufferPtr buf,
if (HAS_ENTRY_ITEM(&portData->dataDstPortEnd)) {
if (printDataType(vars,
portstr, sizeof(portstr),
- &portData->dataDstPortEnd))
+ &portData->dataDstPortEnd) < 0)
goto err_exit;
virBufferAsprintf(buf,
@@ -1154,7 +1154,7 @@ iptablesHandlePortData(virBufferPtr buf,
return 0;
err_exit:
- return 1;
+ return -1;
}
@@ -1244,7 +1244,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.tcpHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1253,7 +1253,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.tcpHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPFlags)) {
@@ -1268,13 +1268,13 @@ _iptablesCreateRuleInstance(int directio
if (iptablesHandlePortData(&buf,
vars,
&rule->p.tcpHdrFilter.portData,
- directionIn))
+ directionIn) < 0)
goto err_exit;
if (HAS_ENTRY_ITEM(&rule->p.tcpHdrFilter.dataTCPOption)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.tcpHdrFilter.dataTCPOption))
+ &rule->p.tcpHdrFilter.dataTCPOption) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -1299,7 +1299,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.udpHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1308,13 +1308,13 @@ _iptablesCreateRuleInstance(int directio
&rule->p.udpHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
if (iptablesHandlePortData(&buf,
vars,
&rule->p.udpHdrFilter.portData,
- directionIn))
+ directionIn) < 0)
goto err_exit;
break;
@@ -1332,7 +1332,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.udpliteHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1341,7 +1341,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.udpliteHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
break;
@@ -1360,7 +1360,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.espHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1369,7 +1369,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.espHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
break;
@@ -1388,7 +1388,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.ahHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1397,7 +1397,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.ahHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
break;
@@ -1416,7 +1416,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.sctpHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1425,13 +1425,13 @@ _iptablesCreateRuleInstance(int directio
&rule->p.sctpHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
if (iptablesHandlePortData(&buf,
vars,
&rule->p.sctpHdrFilter.portData,
- directionIn))
+ directionIn) < 0)
goto err_exit;
break;
@@ -1452,7 +1452,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.icmpHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1461,7 +1461,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.icmpHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
if (HAS_ENTRY_ITEM(&rule->p.icmpHdrFilter.dataICMPType)) {
@@ -1479,7 +1479,7 @@ _iptablesCreateRuleInstance(int directio
if (printDataType(vars,
number, sizeof(number),
- &rule->p.icmpHdrFilter.dataICMPType))
+ &rule->p.icmpHdrFilter.dataICMPType) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -1491,7 +1491,7 @@ _iptablesCreateRuleInstance(int directio
if (HAS_ENTRY_ITEM(&rule->p.icmpHdrFilter.dataICMPCode)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.icmpHdrFilter.dataICMPCode))
+ &rule->p.icmpHdrFilter.dataICMPCode) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -1514,7 +1514,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.igmpHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1523,7 +1523,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.igmpHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
break;
@@ -1542,7 +1542,7 @@ _iptablesCreateRuleInstance(int directio
vars,
&rule->p.allHdrFilter.dataSrcMACAddr,
directionIn,
- &srcMacSkipped))
+ &srcMacSkipped) < 0)
goto err_exit;
if (iptablesHandleIpHdr(&buf,
@@ -1551,7 +1551,7 @@ _iptablesCreateRuleInstance(int directio
&rule->p.allHdrFilter.ipHdr,
directionIn,
&skipRule, &skipMatch,
- &prefix))
+ &prefix) < 0)
goto err_exit;
break;
@@ -1664,7 +1664,7 @@ printStateMatchFlags(int32_t flags, char
if (virBufferError(&buf)) {
virBufferFreeAndReset(&buf);
virReportOOMError();
- return 1;
+ return -1;
}
*bufptr = virBufferContentAndReset(&buf);
return 0;
@@ -1704,8 +1704,8 @@ iptablesCreateRuleInstanceStateCtrl(virN
}
if (create && (rule->flags & IPTABLES_STATE_FLAGS)) {
- if (printStateMatchFlags(rule->flags, &matchState))
- return 1;
+ if (printStateMatchFlags(rule->flags, &matchState) < 0)
+ return -1;
}
chainPrefix[1] = CHAINPREFIX_HOST_IN_TEMP;
@@ -1723,7 +1723,7 @@ iptablesCreateRuleInstanceStateCtrl(virN
maySkipICMP);
VIR_FREE(matchState);
- if (rc)
+ if (rc < 0)
return rc;
}
@@ -1736,8 +1736,8 @@ iptablesCreateRuleInstanceStateCtrl(virN
}
if (create && (rule->flags & IPTABLES_STATE_FLAGS)) {
- if (printStateMatchFlags(rule->flags, &matchState))
- return 1;
+ if (printStateMatchFlags(rule->flags, &matchState) < 0)
+ return -1;
}
chainPrefix[1] = CHAINPREFIX_HOST_OUT_TEMP;
@@ -1756,7 +1756,7 @@ iptablesCreateRuleInstanceStateCtrl(virN
VIR_FREE(matchState);
- if (rc)
+ if (rc < 0)
return rc;
}
@@ -1769,8 +1769,8 @@ iptablesCreateRuleInstanceStateCtrl(virN
create = false;
} else {
if ((rule->flags & IPTABLES_STATE_FLAGS)) {
- if (printStateMatchFlags(rule->flags, &matchState))
- return 1;
+ if (printStateMatchFlags(rule->flags, &matchState) < 0)
+ return -1;
}
}
@@ -1852,7 +1852,7 @@ iptablesCreateRuleInstance(virNWFilterDe
"RETURN",
isIPv6,
maySkipICMP);
- if (rc)
+ if (rc < 0)
return rc;
@@ -1874,7 +1874,7 @@ iptablesCreateRuleInstance(virNWFilterDe
"ACCEPT",
isIPv6,
maySkipICMP);
- if (rc)
+ if (rc < 0)
return rc;
maySkipICMP = directionIn;
@@ -1963,13 +1963,13 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.ethHdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
if (HAS_ENTRY_ITEM(&rule->p.ethHdrFilter.dataProtocolID)) {
if (printDataTypeAsHex(vars,
number, sizeof(number),
- &rule->p.ethHdrFilter.dataProtocolID))
+ &rule->p.ethHdrFilter.dataProtocolID) < 0)
goto err_exit;
virBufferAsprintf(&buf,
" -p %s %s",
@@ -1988,7 +1988,7 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.vlanHdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
virBufferAddLit(&buf,
@@ -1998,7 +1998,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.STRUCT.ITEM)) { \
if (printDataType(vars, \
field, sizeof(field), \
- &rule->p.STRUCT.ITEM)) \
+ &rule->p.STRUCT.ITEM) < 0) \
goto err_exit; \
virBufferAsprintf(&buf, \
" " CLI " %s %s", \
@@ -2010,7 +2010,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.STRUCT.ITEM)) { \
if (printDataType(vars, \
field, sizeof(field), \
- &rule->p.STRUCT.ITEM)) \
+ &rule->p.STRUCT.ITEM) < 0) \
goto err_exit; \
virBufferAsprintf(&buf, \
" " CLI " %s %s", \
@@ -2019,7 +2019,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.STRUCT.ITEM_HI)) { \
if (printDataType(vars, \
field, sizeof(field), \
- &rule->p.STRUCT.ITEM_HI)) \
+ &rule->p.STRUCT.ITEM_HI) < 0) \
goto err_exit; \
virBufferAsprintf(&buf, SEP "%s", field); \
} \
@@ -2055,7 +2055,7 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.stpHdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
virBufferAddLit(&buf, " -d " NWFILTER_MAC_BGA);
@@ -2092,7 +2092,7 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.arpHdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
virBufferAsprintf(&buf, " -p 0x%x",
@@ -2103,7 +2103,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataHWType)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.arpHdrFilter.dataHWType))
+ &rule->p.arpHdrFilter.dataHWType) < 0)
goto err_exit;
virBufferAsprintf(&buf,
" --arp-htype %s %s",
@@ -2114,7 +2114,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataOpcode)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.arpHdrFilter.dataOpcode))
+ &rule->p.arpHdrFilter.dataOpcode) < 0)
goto err_exit;
virBufferAsprintf(&buf,
" --arp-opcode %s %s",
@@ -2125,7 +2125,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataProtocolType)) {
if (printDataTypeAsHex(vars,
number, sizeof(number),
- &rule->p.arpHdrFilter.dataProtocolType))
+ &rule->p.arpHdrFilter.dataProtocolType) < 0)
goto err_exit;
virBufferAsprintf(&buf,
" --arp-ptype %s %s",
@@ -2136,7 +2136,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcIPAddr)) {
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &rule->p.arpHdrFilter.dataARPSrcIPAddr))
+ &rule->p.arpHdrFilter.dataARPSrcIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2149,7 +2149,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstIPAddr)) {
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &rule->p.arpHdrFilter.dataARPDstIPAddr))
+ &rule->p.arpHdrFilter.dataARPDstIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2162,7 +2162,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPSrcMACAddr)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- &rule->p.arpHdrFilter.dataARPSrcMACAddr))
+ &rule->p.arpHdrFilter.dataARPSrcMACAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2175,7 +2175,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataARPDstMACAddr)) {
if (printDataType(vars,
macaddr, sizeof(macaddr),
- &rule->p.arpHdrFilter.dataARPDstMACAddr))
+ &rule->p.arpHdrFilter.dataARPDstMACAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2201,7 +2201,7 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.ipHdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
virBufferAddLit(&buf,
@@ -2210,7 +2210,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr)) {
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr))
+ &rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2222,7 +2222,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataSrcIPMask)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.ipHdr.dataSrcIPMask))
+ &rule->p.ipHdrFilter.ipHdr.dataSrcIPMask)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
"/%s",
@@ -2234,7 +2235,7 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
ipaddr, sizeof(ipaddr),
- &rule->p.ipHdrFilter.ipHdr.dataDstIPAddr))
+ &rule->p.ipHdrFilter.ipHdr.dataDstIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2246,7 +2247,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataDstIPMask)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.ipHdr.dataDstIPMask))
+ &rule->p.ipHdrFilter.ipHdr.dataDstIPMask)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
"/%s",
@@ -2257,7 +2259,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataProtocolID)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.ipHdr.dataProtocolID))
+ &rule->p.ipHdrFilter.ipHdr.dataProtocolID) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2270,7 +2272,8 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.portData.dataSrcPortStart))
+ &rule->p.ipHdrFilter.portData.dataSrcPortStart)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2282,7 +2285,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataSrcPortEnd)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.portData.dataSrcPortEnd))
+ &rule->p.ipHdrFilter.portData.dataSrcPortEnd)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2295,7 +2299,8 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.portData.dataDstPortStart))
+ &rule->p.ipHdrFilter.portData.dataDstPortStart)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2307,7 +2312,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.portData.dataDstPortEnd)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.portData.dataDstPortEnd))
+ &rule->p.ipHdrFilter.portData.dataDstPortEnd)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2319,7 +2325,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipHdrFilter.ipHdr.dataDSCP)) {
if (printDataTypeAsHex(vars,
number, sizeof(number),
- &rule->p.ipHdrFilter.ipHdr.dataDSCP))
+ &rule->p.ipHdrFilter.ipHdr.dataDSCP) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2337,7 +2343,7 @@ ebtablesCreateRuleInstance(char chainPre
if (ebtablesHandleEthHdr(&buf,
vars,
&rule->p.ipv6HdrFilter.ethHdr,
- reverse))
+ reverse) < 0)
goto err_exit;
virBufferAddLit(&buf,
@@ -2346,7 +2352,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr)) {
if (printDataType(vars,
ipv6addr, sizeof(ipv6addr),
- &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr))
+ &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2358,7 +2364,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask))
+ &rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
"/%s",
@@ -2370,7 +2377,7 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
ipv6addr, sizeof(ipv6addr),
- &rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr))
+ &rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2382,7 +2389,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask))
+ &rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
"/%s",
@@ -2393,7 +2401,7 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.ipHdr.dataProtocolID)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.ipHdr.dataProtocolID))
+ &rule->p.ipv6HdrFilter.ipHdr.dataProtocolID) < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2406,7 +2414,8 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.portData.dataSrcPortStart))
+ &rule->p.ipv6HdrFilter.portData.dataSrcPortStart)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2418,7 +2427,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataSrcPortEnd)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.portData.dataSrcPortEnd))
+ &rule->p.ipv6HdrFilter.portData.dataSrcPortEnd)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2431,7 +2441,8 @@ ebtablesCreateRuleInstance(char chainPre
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.portData.dataDstPortStart))
+ &rule->p.ipv6HdrFilter.portData.dataDstPortStart)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2443,7 +2454,8 @@ ebtablesCreateRuleInstance(char chainPre
if (HAS_ENTRY_ITEM(&rule->p.ipv6HdrFilter.portData.dataDstPortEnd)) {
if (printDataType(vars,
number, sizeof(number),
- &rule->p.ipv6HdrFilter.portData.dataDstPortEnd))
+ &rule->p.ipv6HdrFilter.portData.dataDstPortEnd)
+ < 0)
goto err_exit;
virBufferAsprintf(&buf,
@@ -2510,7 +2522,7 @@ err_exit:
* Convert a single rule into its representation for later instantiation
*
* Returns 0 in case of success with the result stored in the data structure
- * pointed to by res, != 0 otherwise.
+ * pointed to by res, -1 otherwise
*/
static int
ebiptablesCreateRuleInstance(enum virDomainNetType nettype ATTRIBUTE_UNUSED,
@@ -2542,7 +2554,7 @@ ebiptablesCreateRuleInstance(enum virDom
vars,
res,
rule->tt == VIR_NWFILTER_RULE_DIRECTION_INOUT);
- if (rc)
+ if (rc < 0)
return rc;
}
@@ -2596,7 +2608,7 @@ ebiptablesCreateRuleInstance(enum virDom
case VIR_NWFILTER_RULE_PROTOCOL_LAST:
virNWFilterReportError(VIR_ERR_OPERATION_FAILED,
"%s", _("illegal protocol type"));
- rc = 1;
+ rc = -1;
break;
}
@@ -2621,7 +2633,7 @@ ebiptablesCreateRuleInstanceIterate(
*/
vciter = virNWFilterVarCombIterCreate(vars, rule->vars, rule->nvars);
if (!vciter)
- return 1;
+ return -1;
do {
rc = ebiptablesCreateRuleInstance(nettype,
@@ -2630,7 +2642,7 @@ ebiptablesCreateRuleInstanceIterate(
ifname,
vciter,
res);
- if (rc)
+ if (rc < 0)
break;
vciter = virNWFilterVarCombIterNext(vciter);
} while (vciter != NULL);
@@ -3111,7 +3123,7 @@ ebtablesApplyBasicRules(const char *ifna
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot create rules since ebtables tool is "
"missing."));
- return 1;
+ return -1;
}
virFormatMacAddr(macaddr, macaddr_str);
@@ -3170,7 +3182,7 @@ tear_down_tmpebchains:
"%s",
_("Some rules could not be created."));
- return 1;
+ return -1;
}
@@ -3186,7 +3198,7 @@ tear_down_tmpebchains:
* names (true) or also perform the renaming to their final names as
* part of this call (false)
*
- * Returns 0 on success, 1 on failure with the rules removed
+ * Returns 0 on success, -1 on failure with the rules removed
*
* Apply filtering rules so that the VM can only send and receive
* DHCP traffic and nothing else.
@@ -3207,13 +3219,15 @@ ebtablesApplyDHCPOnlyRules(const char *i
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot create rules since ebtables tool is "
"missing."));
- return 1;
+ return -1;
}
if (dhcpserver) {
virBufferAsprintf(&buf, " --ip-src %s", dhcpserver);
- if (virBufferError(&buf))
- return 1;
+ if (virBufferError(&buf)) {
+ virBufferFreeAndReset(&buf);
+ return -1;
+ }
srcIPParam = virBufferContentAndReset(&buf);
}
@@ -3298,7 +3312,7 @@ tear_down_tmpebchains:
VIR_FREE(srcIPParam);
- return 1;
+ return -1;
}
@@ -3307,7 +3321,7 @@ tear_down_tmpebchains:
*
* @ifname: name of the backend-interface to which to apply the rules
*
- * Returns 0 on success, 1 on failure with the rules removed
+ * Returns 0 on success, -1 on failure with the rules removed
*
* Apply filtering rules so that the VM cannot receive or send traffic.
*/
@@ -3322,7 +3336,7 @@ ebtablesApplyDropAllRules(const char *if
virNWFilterReportError(VIR_ERR_INTERNAL_ERROR, "%s",
_("cannot create rules since ebtables tool is "
"missing."));
- return 1;
+ return -1;
}
ebiptablesAllTeardown(ifname);
@@ -3368,7 +3382,7 @@ tear_down_tmpebchains:
"%s",
_("Some rules could not be created."));
- return 1;
+ return -1;
}
@@ -3575,13 +3589,13 @@ ebiptablesApplyNewRules(const char *ifna
const char *name = inst[i]->neededProtocolChain;
if (inst[i]->chainprefix == CHAINPREFIX_HOST_IN_TEMP) {
if (virHashUpdateEntry(chains_in_set, name,
- &inst[i]->chainPriority)) {
+ &inst[i]->chainPriority) < 0) {
virReportOOMError();
goto exit_free_sets;
}
} else {
if (virHashUpdateEntry(chains_out_set, name,
- &inst[i]->chainPriority)) {
+ &inst[i]->chainPriority) < 0) {
virReportOOMError();
goto exit_free_sets;
}
@@ -3606,9 +3620,9 @@ ebiptablesApplyNewRules(const char *ifna
/* create needed chains */
if (ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_in_set , 1,
- &ebtChains, &nEbtChains) ||
+ &ebtChains, &nEbtChains) < 0 ||
ebtablesCreateTmpRootAndSubChains(&buf, ifname, chains_out_set, 0,
- &ebtChains, &nEbtChains)) {
+ &ebtChains, &nEbtChains) < 0) {
goto tear_down_tmpebchains;
}
@@ -3809,7 +3823,7 @@ exit_free_sets:
VIR_FREE(errmsg);
- return 1;
+ return -1;
}
@@ -3905,7 +3919,7 @@ ebiptablesTearOldRules(const char *ifnam
*
* Remove all rules one after the other
*
- * Return 0 on success, 1 if execution of one or more cleanup
+ * Return 0 on success, -1 if execution of one or more cleanup
* commands failed.
*/
static int
@@ -3927,14 +3941,14 @@ ebiptablesRemoveRules(const char *ifname
'D', -1,
0);
- if (ebiptablesExecCLI(&buf, &cli_status, NULL))
+ if (ebiptablesExecCLI(&buf, &cli_status, NULL) < 0)
goto err_exit;
if (cli_status) {
virNWFilterReportError(VIR_ERR_BUILD_FIREWALL,
"%s",
_("error while executing CLI commands"));
- rc = 1;
+ rc = -1;
}
err_exit:
@@ -4022,8 +4036,8 @@ ebiptablesDriverInit(bool privileged)
if (!privileged)
return 0;
- if (virMutexInit(&execCLIMutex))
- return EINVAL;
+ if (virMutexInit(&execCLIMutex) < 0)
+ return -EINVAL;
gawk_cmd_path = virFindFileInPath("gawk");
grep_cmd_path = virFindFileInPath("grep");
@@ -4086,7 +4100,7 @@ ebiptablesDriverInit(bool privileged)
_("firewall tools were not found or "
"cannot be used"));
ebiptablesDriverShutdown();
- return ENOTSUP;
+ return -ENOTSUP;
}
ebiptables_driver.flags = TECHDRV_FLAG_INITIALIZED;
Index: libvirt-acl/src/uml/uml_conf.c
===================================================================
--- libvirt-acl.orig/src/uml/uml_conf.c
+++ libvirt-acl/src/uml/uml_conf.c
@@ -143,7 +143,7 @@ umlConnectTapDevice(virConnectPtr conn,
}
if (net->filter) {
- if (virDomainConfNWFilterInstantiate(conn, net)) {
+ if (virDomainConfNWFilterInstantiate(conn, net) < 0) {
if (template_ifname)
VIR_FREE(net->ifname);
goto error;
Index: libvirt-acl/src/qemu/qemu_process.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_process.c
+++ libvirt-acl/src/qemu/qemu_process.c
@@ -2321,7 +2321,7 @@ qemuProcessFiltersInstantiate(virConnect
for (i = 0 ; i < def->nnets ; i++) {
virDomainNetDefPtr net = def->nets[i];
if ((net->filter) && (net->ifname)) {
- if (virDomainConfNWFilterInstantiate(conn, net)) {
+ if (virDomainConfNWFilterInstantiate(conn, net) < 0) {
err = 1;
break;
}
Index: libvirt-acl/src/qemu/qemu_command.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_command.c
+++ libvirt-acl/src/qemu/qemu_command.c
@@ -275,8 +275,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr
if (tapfd >= 0) {
if ((net->filter) && (net->ifname)) {
- err = virDomainConfNWFilterInstantiate(conn, net);
- if (err)
+ if (virDomainConfNWFilterInstantiate(conn, net) < 0);
VIR_FORCE_CLOSE(tapfd);
}
}
12 years, 11 months
- 2
- 4
[libvirt] [PATCH 1/2] nwfilter: Pass the VM's UUID into the nwfilter subsystem
by Stefan Berger
A preparatory patch for DHCP snooping where we want to be able to
differentiate between a VM's interface using the tuple of
<VM UUID, Interface MAC address>. We assume that MAC addresses could
possibly be re-used between different networks (VLANs) thus do not only
want to rely on the MAC address to identify an interface.
At the current 'final destination' in virNWFilterInstantiate I am leaving
the vmuuid parameter as ATTRIBUTE_UNUSED until the DHCP snooping patches arrive.
(we may not post the DHCP snooping patches for 0.9.8, though)
Mostly this is a pretty trivial patch. On the lowest layers, in lxc_driver
and uml_conf, I am passing the virDomainDefPtr around until I am passing
only the VM's uuid into the NWFilter calls.
---
src/conf/domain_nwfilter.c | 3 ++-
src/conf/domain_nwfilter.h | 2 ++
src/lxc/lxc_driver.c | 5 ++++-
src/nwfilter/nwfilter_driver.c | 6 ++++--
src/nwfilter/nwfilter_gentech_driver.c | 27 +++++++++++++++++++--------
src/nwfilter/nwfilter_gentech_driver.h | 5 ++++-
src/nwfilter/nwfilter_learnipaddr.c | 3 ++-
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_process.c | 2 +-
src/uml/uml_conf.c | 11 +++++++----
10 files changed, 46 insertions(+), 20 deletions(-)
Index: libvirt-acl/src/nwfilter/nwfilter_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_driver.c
@@ -443,8 +443,10 @@ cleanup:
static int
nwfilterInstantiateFilter(virConnectPtr conn,
- virDomainNetDefPtr net) {
- return virNWFilterInstantiateFilter(conn, net);
+ const unsigned char *vmuuid,
+ virDomainNetDefPtr net)
+{
+ return virNWFilterInstantiateFilter(conn, vmuuid, net);
}
Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
@@ -607,6 +607,7 @@ virNWFilterRuleInstancesToArray(int nEnt
/**
* virNWFilterInstantiate:
+ * @vmuuid: The UUID of the VM
* @techdriver: The driver to use for instantiation
* @filter: The filter to instantiate
* @ifname: The name of the interface to apply the rules to
@@ -625,7 +626,8 @@ virNWFilterRuleInstancesToArray(int nEnt
* Call this function while holding the NWFilter filter update lock
*/
static int
-virNWFilterInstantiate(virNWFilterTechDriverPtr techdriver,
+virNWFilterInstantiate(const unsigned char *vmuuid ATTRIBUTE_UNUSED,
+ virNWFilterTechDriverPtr techdriver,
enum virDomainNetType nettype,
virNWFilterDefPtr filter,
const char *ifname,
@@ -761,7 +763,8 @@ err_unresolvable_vars:
* Call this function while holding the NWFilter filter update lock
*/
static int
-__virNWFilterInstantiateFilter(bool teardownOld,
+__virNWFilterInstantiateFilter(const unsigned char *vmuuid,
+ bool teardownOld,
const char *ifname,
int ifindex,
const char *linkdev,
@@ -853,7 +856,8 @@ __virNWFilterInstantiateFilter(bool tear
break;
}
- rc = virNWFilterInstantiate(techdriver,
+ rc = virNWFilterInstantiate(vmuuid,
+ techdriver,
nettype,
filter,
ifname,
@@ -883,6 +887,7 @@ err_exit:
static int
_virNWFilterInstantiateFilter(virConnectPtr conn,
+ const unsigned char *vmuuid,
const virDomainNetDefPtr net,
bool teardownOld,
enum instCase useNewFilter,
@@ -908,7 +913,8 @@ _virNWFilterInstantiateFilter(virConnect
goto cleanup;
}
- rc = __virNWFilterInstantiateFilter(teardownOld,
+ rc = __virNWFilterInstantiateFilter(vmuuid,
+ teardownOld,
net->ifname,
ifindex,
linkdev,
@@ -929,7 +935,8 @@ cleanup:
int
-virNWFilterInstantiateFilterLate(const char *ifname,
+virNWFilterInstantiateFilterLate(const unsigned char *vmuuid,
+ const char *ifname,
int ifindex,
const char *linkdev,
enum virDomainNetType nettype,
@@ -943,7 +950,8 @@ virNWFilterInstantiateFilterLate(const c
virNWFilterLockFilterUpdates();
- rc = __virNWFilterInstantiateFilter(true,
+ rc = __virNWFilterInstantiateFilter(vmuuid,
+ true,
ifname,
ifindex,
linkdev,
@@ -973,11 +981,12 @@ virNWFilterInstantiateFilterLate(const c
int
virNWFilterInstantiateFilter(virConnectPtr conn,
+ const unsigned char *vmuuid,
const virDomainNetDefPtr net)
{
bool foundNewFilter = false;
- return _virNWFilterInstantiateFilter(conn, net,
+ return _virNWFilterInstantiateFilter(conn, vmuuid, net,
1,
INSTANTIATE_ALWAYS,
&foundNewFilter);
@@ -986,12 +995,13 @@ virNWFilterInstantiateFilter(virConnectP
int
virNWFilterUpdateInstantiateFilter(virConnectPtr conn,
+ const unsigned char *vmuuid,
const virDomainNetDefPtr net,
bool *skipIface)
{
bool foundNewFilter = false;
- int rc = _virNWFilterInstantiateFilter(conn, net,
+ int rc = _virNWFilterInstantiateFilter(conn, vmuuid, net,
0,
INSTANTIATE_FOLLOW_NEWFILTER,
&foundNewFilter);
@@ -1108,6 +1118,7 @@ virNWFilterDomainFWUpdateCB(void *payloa
switch (cb->step) {
case STEP_APPLY_NEW:
cb->err = virNWFilterUpdateInstantiateFilter(cb->conn,
+ vm->uuid,
net,
&skipIface);
if (cb->err == 0 && skipIface) {
Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.h
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.h
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.h
@@ -38,15 +38,18 @@ enum instCase {
int virNWFilterInstantiateFilter(virConnectPtr conn,
+ const unsigned char *vmuuid,
const virDomainNetDefPtr net);
int virNWFilterUpdateInstantiateFilter(virConnectPtr conn,
+ const unsigned char *vmuuid,
const virDomainNetDefPtr net,
bool *skipIface);
int virNWFilterRollbackUpdateFilter(const virDomainNetDefPtr net);
int virNWFilterTearOldFilter(const virDomainNetDefPtr net);
-int virNWFilterInstantiateFilterLate(const char *ifname,
+int virNWFilterInstantiateFilterLate(const unsigned char *vmuuid,
+ const char *ifname,
int ifindex,
const char *linkdev,
enum virDomainNetType nettype,
Index: libvirt-acl/src/conf/domain_nwfilter.h
===================================================================
--- libvirt-acl.orig/src/conf/domain_nwfilter.h
+++ libvirt-acl/src/conf/domain_nwfilter.h
@@ -24,6 +24,7 @@
# define DOMAIN_NWFILTER_H
typedef int (*virDomainConfInstantiateNWFilter)(virConnectPtr conn,
+ const unsigned char *vmuuid,
virDomainNetDefPtr net);
typedef void (*virDomainConfTeardownNWFilter)(virDomainNetDefPtr net);
@@ -36,6 +37,7 @@ typedef virDomainConfNWFilterDriver *vir
void virDomainConfNWFilterRegister(virDomainConfNWFilterDriverPtr driver);
int virDomainConfNWFilterInstantiate(virConnectPtr conn,
+ const unsigned char *vmuuid,
virDomainNetDefPtr net);
void virDomainConfNWFilterTeardown(virDomainNetDefPtr net);
void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm);
Index: libvirt-acl/src/uml/uml_conf.c
===================================================================
--- libvirt-acl.orig/src/uml/uml_conf.c
+++ libvirt-acl/src/uml/uml_conf.c
@@ -117,6 +117,7 @@ virCapsPtr umlCapsInit(void) {
static int
umlConnectTapDevice(virConnectPtr conn,
+ virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *bridge)
{
@@ -143,7 +144,7 @@ umlConnectTapDevice(virConnectPtr conn,
}
if (net->filter) {
- if (virDomainConfNWFilterInstantiate(conn, net) < 0) {
+ if (virDomainConfNWFilterInstantiate(conn, vm->uuid, net) < 0) {
if (template_ifname)
VIR_FREE(net->ifname);
goto error;
@@ -160,6 +161,7 @@ error:
static char *
umlBuildCommandLineNet(virConnectPtr conn,
+ virDomainDefPtr vm,
virDomainNetDefPtr def,
int idx)
{
@@ -225,7 +227,7 @@ umlBuildCommandLineNet(virConnectPtr con
goto error;
}
- if (umlConnectTapDevice(conn, def, bridge) < 0) {
+ if (umlConnectTapDevice(conn, vm, def, bridge) < 0) {
VIR_FREE(bridge);
goto error;
}
@@ -236,7 +238,8 @@ umlBuildCommandLineNet(virConnectPtr con
}
case VIR_DOMAIN_NET_TYPE_BRIDGE:
- if (umlConnectTapDevice(conn, def, def->data.bridge.brname) < 0)
+ if (umlConnectTapDevice(conn, vm, def,
+ def->data.bridge.brname) < 0)
goto error;
/* ethNNN=tuntap,tapname,macaddr,gateway */
@@ -429,7 +432,7 @@ virCommandPtr umlBuildCommandLine(virCon
}
for (i = 0 ; i < vm->def->nnets ; i++) {
- char *ret = umlBuildCommandLineNet(conn, vm->def->nets[i], i);
+ char *ret = umlBuildCommandLineNet(conn, vm->def, vm->def->nets[i], i);
if (!ret)
goto error;
virCommandAddArg(cmd, ret);
Index: libvirt-acl/src/lxc/lxc_driver.c
===================================================================
--- libvirt-acl.orig/src/lxc/lxc_driver.c
+++ libvirt-acl/src/lxc/lxc_driver.c
@@ -1183,6 +1183,7 @@ static void lxcVmCleanup(lxc_driver_t *d
static int lxcSetupInterfaceBridged(virConnectPtr conn,
+ virDomainDefPtr vm,
virDomainNetDefPtr net,
const char *brname,
unsigned int *nveths,
@@ -1227,7 +1228,7 @@ static int lxcSetupInterfaceBridged(virC
}
if (net->filter &&
- virDomainConfNWFilterInstantiate(conn, net) < 0)
+ virDomainConfNWFilterInstantiate(conn, vm->uuid, net) < 0)
goto cleanup;
ret = 0;
@@ -1347,6 +1348,7 @@ static int lxcSetupInterfaces(virConnect
goto cleanup;
if (lxcSetupInterfaceBridged(conn,
+ def,
def->nets[i],
brname,
nveths,
@@ -1365,6 +1367,7 @@ static int lxcSetupInterfaces(virConnect
goto cleanup;
}
if (lxcSetupInterfaceBridged(conn,
+ def,
def->nets[i],
brname,
nveths,
Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
+++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
@@ -704,7 +704,8 @@ learnIPAddressThread(void *arg)
"cache for interface %s"), inetaddr, req->ifname);
}
- ret = virNWFilterInstantiateFilterLate(req->ifname,
+ ret = virNWFilterInstantiateFilterLate(NULL,
+ req->ifname,
req->ifindex,
req->linkdev,
req->nettype,
Index: libvirt-acl/src/conf/domain_nwfilter.c
===================================================================
--- libvirt-acl.orig/src/conf/domain_nwfilter.c
+++ libvirt-acl/src/conf/domain_nwfilter.c
@@ -37,9 +37,10 @@ virDomainConfNWFilterRegister(virDomainC
int
virDomainConfNWFilterInstantiate(virConnectPtr conn,
+ const unsigned char *vmuuid,
virDomainNetDefPtr net) {
if (nwfilterDriver != NULL)
- return nwfilterDriver->instantiateFilter(conn, net);
+ return nwfilterDriver->instantiateFilter(conn, vmuuid, net);
/* driver module not available -- don't indicate failure */
return 0;
}
Index: libvirt-acl/src/qemu/qemu_command.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_command.c
+++ libvirt-acl/src/qemu/qemu_command.c
@@ -275,7 +275,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr
if (tapfd >= 0) {
if ((net->filter) && (net->ifname)) {
- if (virDomainConfNWFilterInstantiate(conn, net) < 0)
+ if (virDomainConfNWFilterInstantiate(conn, def->uuid, net) < 0)
VIR_FORCE_CLOSE(tapfd);
}
}
Index: libvirt-acl/src/qemu/qemu_process.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_process.c
+++ libvirt-acl/src/qemu/qemu_process.c
@@ -2321,7 +2321,7 @@ qemuProcessFiltersInstantiate(virConnect
for (i = 0 ; i < def->nnets ; i++) {
virDomainNetDefPtr net = def->nets[i];
if ((net->filter) && (net->ifname)) {
- if (virDomainConfNWFilterInstantiate(conn, net) < 0) {
+ if (virDomainConfNWFilterInstantiate(conn, def->uuid, net) < 0) {
err = 1;
break;
}
12 years, 11 months
- 2
- 2
[libvirt] RPM spec file patch
by Chris Picton
Hi
Please accept the following patch to the rpm spec file.
It allows me to enable specific options (like openvz) at the build
comand line, even if they have been disabled by OS feature selection.
eg for an openvz build on centos 6
rpmbuild -bb \
--define 'rhel 6' \
--without dtrace \
--without sanlock \
--without netcf \
--with openvz \
libvirt.spec
Regards
Chris
(Not subscribed to the mailing list)
12 years, 11 months
- 2
- 3
[libvirt] virDomainBlockJobAbort and block_job_cancel
by Stefan Hajnoczi
Block job cancellation waits until the job has been cancelled before
returning. This allows clients to know that the operation has been
cancelled successfully. Unfortunately, these semantics are not really
possible with today's QEMU and libvirt code.
A command that waits for block I/O completion may wait for many
minutes. During this time the monitor is unavailable. While the QMP
protocol may in theory support multiple in-flight commands, both QEMU
and libvirt's implemenations are geared towards one command at a time.
So in practice a hung cancellation command would make the monitor
unavailable - we need to avoid this.
This means block_job_cancel cannot wait until the job is cancelled or
it risks hanging the monitor if there is a block I/O timeout. We need
a solution that reflects this in QEMU and libvirt, here is what I
propose:
block_job_cancel returns immediately upon marking the job cancelled.
The job may still be finishing block I/O but will cancel itself at
some point in the future. When the job actually completes it raises
the new BLOCK_JOB_CANCELLED event.
This means that virDomainBlockJobAbort() returns to the client without
a guarantee that the job has completed. If the client enumerates jobs
it may still see a job that has not finished cancelling. The client
must register a handler for the BLOCK_JOB_CANCELLED event if it wants
to know when the job really goes away. The BLOCK_JOB_CANCELLED event
has the same fields as the BLOCK_JOB_COMPLETED event, except it lacks
the optional "error" message field.
The impact on clients is that they need to add a BLOCK_JOB_CANCELLED
handler if they really want to wait. Most clients today (not many
exist) will be fine without waiting for cancellation.
Any objections or thoughts on this?
Stefan
12 years, 11 months
- 4
- 8