[PATCH v2 01/11] nwfilter_conf: Add schema and parser logic for nwfilter metadata

Tuesday, 10 October 2023

Adds three new elements <title>, <description> and <metadata>

Signed-off-by: K Shiva Kiran <shiva_kr(a)riseup.net&gt;
---
 docs/formatnwfilter.rst                    | 31 ++++++++++++++++++++++
 src/conf/nwfilter_conf.c                   | 30 +++++++++++++++++++++
 src/conf/nwfilter_conf.h                   |  5 ++++
 src/conf/schemas/nwfilter.rng              |  9 +++++++
 tests/nwfilterxml2xmlin/metadata-test.xml  | 12 +++++++++
 tests/nwfilterxml2xmlout/metadata-test.xml | 10 +++++++
 tests/nwfilterxml2xmltest.c                |  1 +
 7 files changed, 98 insertions(+)
 create mode 100644 tests/nwfilterxml2xmlin/metadata-test.xml
 create mode 100644 tests/nwfilterxml2xmlout/metadata-test.xml

diff --git a/docs/formatnwfilter.rst b/docs/formatnwfilter.rst
index 434da5b1fd..94a35abfce 100644
--- a/docs/formatnwfilter.rst
+++ b/docs/formatnwfilter.rst
@@ -419,6 +419,37 @@ better organized for more efficient processing by the firewall
subsystem of the
 underlying host. Currently the system only supports the chains
 ``root,       ipv4, ipv6, arp and rarp``.
 
+General Metadata
+~~~~~~~~~~~~~~~~
+
+::
+
+  <filter name='clean-traffic' filter='arp'>
+    <uuid>6ef53069-ba34-94a0-d33d-17751b9b8cb1</uuid>
+    <title>A short description - title - of the filter</title>
+     <description>Some human readable description</description>
+     <metadata>
+       <app1:foo xmlns:app1="http://app1.org/app1/">..</app1:foo>
+       <app2:bar xmlns:app2="http://app1.org/app2/">..</app2:bar>
+     </metadata>
+     ...
+  </filter>
+
+``title``
+   The optional element ``title`` provides space for a short description of the
+   filter. The title should not contain any newlines. :since:`Since 9.9.0` .
+``description``
+   The content of the ``description`` element provides a human readable
+   description of the filter. This data is not used by libvirt in any
+   way, it can contain any information the user wants. :since:`Since 9.9.0`
+``metadata``
+   The ``metadata`` node can be used by applications to store custom metadata in
+   the form of XML nodes/trees. Applications must use custom namespaces on their
+   XML nodes/trees, with only one top-level element per namespace (if the
+   application needs structure, they should have sub-elements to their namespace
+   element). :since:`Since 9.9.0`
+
+
 References to other filters
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c
index 35f6efbbe2..d03f78af4d 100644
--- a/src/conf/nwfilter_conf.c
+++ b/src/conf/nwfilter_conf.c
@@ -327,6 +327,10 @@ virNWFilterDefFree(virNWFilterDef *def)
     g_free(def->filterEntries);
     g_free(def->chainsuffix);
 
+    g_free(def->title);
+    g_free(def->description);
+    xmlFreeNode(def->metadata);
+
     g_free(def);
 }
 
@@ -2516,6 +2520,7 @@ virNWFilterDefParseXML(xmlXPathContextPtr ctxt)
     virNWFilterEntry *entry;
     int chain_priority;
     const char *name_prefix;
+    xmlNodePtr metadataNode = NULL;
 
     ret = g_new0(virNWFilterDef, 1);
 
@@ -2582,6 +2587,23 @@ virNWFilterDefParseXML(xmlXPathContextPtr ctxt)
         }
     }
 
+    /* Extract short description of filter (title) */
+    ret->title = virXPathString("string(./title[1])", ctxt);
+    if (ret->title && strchr(ret->title, '\n')) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("Network filter title can't contain newlines"));
+        return NULL;
+    }
+
+    /* Extract documentation if present */
+    ret->description = virXPathString("string(./description[1])", ctxt);
+
+    /* Extract custom metadata */
+    if ((metadataNode = virXPathNode("./metadata[1]", ctxt)) != NULL) {
+        ret->metadata = xmlCopyNode(metadataNode, 1);
+        virXMLNodeSanitizeNamespaces(ret->metadata);
+    }
+
     curr = curr->children;
 
     while (curr != NULL) {
@@ -2873,6 +2895,14 @@ virNWFilterDefFormat(const virNWFilterDef *def)
     virUUIDFormat(def->uuid, uuid);
     virBufferAsprintf(&buf, "<uuid>%s</uuid>\n", uuid);
 
+    virBufferEscapeString(&buf, "<title>%s</title>\n",
def->title);
+
+    virBufferEscapeString(&buf,
"<description>%s</description>\n",
+                          def->description);
+
+    if (virXMLFormatMetadata(&buf, def->metadata) < 0)
+        return NULL;
+
     for (i = 0; i < def->nentries; i++) {
         if (virNWFilterEntryFormat(&buf, def->filterEntries[i]) < 0)
             return NULL;
diff --git a/src/conf/nwfilter_conf.h b/src/conf/nwfilter_conf.h
index 22c2fb51f0..34de6eab3d 100644
--- a/src/conf/nwfilter_conf.h
+++ b/src/conf/nwfilter_conf.h
@@ -517,6 +517,11 @@ struct _virNWFilterDef {
 
     size_t nentries;
     virNWFilterEntry **filterEntries;
+
+    /* User-defined metadata */
+    char* title;
+    char* description;
+    xmlNodePtr metadata;
 };
 
 
diff --git a/src/conf/schemas/nwfilter.rng b/src/conf/schemas/nwfilter.rng
index 262bd551e3..c56bbac732 100644
--- a/src/conf/schemas/nwfilter.rng
+++ b/src/conf/schemas/nwfilter.rng
@@ -14,6 +14,15 @@
             <ref name="UUID"/>
           </element>
         </optional>
+        <optional>
+          <ref name="title"/>
+        </optional>
+        <optional>
+          <ref name="description"/>
+        </optional>
+        <optional>
+          <ref name="metadata"/>
+        </optional>
         <zeroOrMore>
           <choice>
             <element name="filterref">
diff --git a/tests/nwfilterxml2xmlin/metadata-test.xml
b/tests/nwfilterxml2xmlin/metadata-test.xml
new file mode 100644
index 0000000000..db2c7d2828
--- /dev/null
+++ b/tests/nwfilterxml2xmlin/metadata-test.xml
@@ -0,0 +1,12 @@
+<filter name='testcase' chain='root'>
+  <uuid>81ff0d90-c91e-6742-64da-4a736edb9a8e</uuid>
+  <title>This is a title</title>
+  <description>This is a description.
+It can contain newlines.</description>
+
+  <!-- intentional mis-indentation -->
+  <metadata>
+      <app1:foo xmlns:app1="http://foo.org/">fooish</app1:foo>
+  <app2:bar xmlns:app2="http://bar.com/"
maman="baz">barish</app2:bar>
+  </metadata>
+</filter>
diff --git a/tests/nwfilterxml2xmlout/metadata-test.xml
b/tests/nwfilterxml2xmlout/metadata-test.xml
new file mode 100644
index 0000000000..fe8bdfee01
--- /dev/null
+++ b/tests/nwfilterxml2xmlout/metadata-test.xml
@@ -0,0 +1,10 @@
+<filter name='testcase' chain='root'>
+  <uuid>81ff0d90-c91e-6742-64da-4a736edb9a8e</uuid>
+  <title>This is a title</title>
+  <description>This is a description.
+It can contain newlines.</description>
+  <metadata>
+    <app1:foo xmlns:app1="http://foo.org/">fooish</app1:foo>
+    <app2:bar xmlns:app2="http://bar.com/"
maman="baz">barish</app2:bar>
+  </metadata>
+</filter>
diff --git a/tests/nwfilterxml2xmltest.c b/tests/nwfilterxml2xmltest.c
index c2481481ee..6a378a853a 100644
--- a/tests/nwfilterxml2xmltest.c
+++ b/tests/nwfilterxml2xmltest.c
@@ -130,6 +130,7 @@ mymain(void)
     DO_TEST("iter-test3", false);
 
     DO_TEST("ipset-test", false);
+    DO_TEST("metadata-test", false);
 
     return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
 }
-- 
2.42.0


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[PATCH v2 01/11] nwfilter_conf: Add schema and parser logic for nwfilter metadata