7:35 a.m.
Allow the possibility of opening a connection to only the network
driver, by defining network:///system and network:///session URIs
and registering a fake hypervisor driver that supports them.
The hypervisor drivers can now directly open a network driver
connection at time of need, instead of having to pass around a
virConnectPtr through many functions. This will facilitate the later
change to support separate daemons for each driver.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/network/bridge_driver.c | 95 ++++++++++++++++++++++++++++++++++++
src/network/bridge_driver_platform.h | 3 ++
2 files changed, 98 insertions(+)
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index 7f21381bd4..7aea8079d4 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -671,6 +671,8 @@ networkStateInitialize(bool privileged,
goto error;
}
+ network_driver->privileged = privileged;
+
/* configuration/state paths are one of
* ~/.config/libvirt/... (session/unprivileged)
* /etc/libvirt/... && /var/(run|lib)/libvirt/... (system/privileged).
@@ -868,6 +870,80 @@ networkStateCleanup(void)
}
+static virDrvOpenStatus networkConnectOpen(virConnectPtr conn,
+ virConnectAuthPtr auth ATTRIBUTE_UNUSED,
+ virConfPtr conf ATTRIBUTE_UNUSED,
+ unsigned int flags)
+{
+ virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR);
+
+ /* Verify uri was specified */
+ if (conn->uri == NULL) {
+ /* Only hypervisor drivers are permitted to auto-open on NULL uri */
+ return VIR_DRV_OPEN_DECLINED;
+ } else {
+ if (STRNEQ_NULLABLE(conn->uri->scheme, "network"))
+ return VIR_DRV_OPEN_DECLINED;
+
+ /* Leave for remote driver */
+ if (conn->uri->server != NULL)
+ return VIR_DRV_OPEN_DECLINED;
+
+ if (network_driver == NULL) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("network state driver is not active"));
+ return VIR_DRV_OPEN_ERROR;
+ }
+
+ if (network_driver->privileged) {
+ if (STRNEQ(conn->uri->path, "/system")) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("unexpected network URI path '%s', try
network:///system"),
+ conn->uri->path);
+ return VIR_DRV_OPEN_ERROR;
+ }
+ } else {
+ if (STRNEQ(conn->uri->path, "/session")) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("unexpected network URI path '%s', try
network:///session"),
+ conn->uri->path);
+ return VIR_DRV_OPEN_ERROR;
+ }
+ }
+ }
+
+ if (virConnectOpenEnsureACL(conn) < 0)
+ return VIR_DRV_OPEN_ERROR;
+
+ return VIR_DRV_OPEN_SUCCESS;
+}
+
+static int networkConnectClose(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+ return 0;
+}
+
+
+static int networkConnectIsSecure(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+ /* Trivially secure, since always inside the daemon */
+ return 1;
+}
+
+
+static int networkConnectIsEncrypted(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+ /* Not encrypted, but remote driver takes care of that */
+ return 0;
+}
+
+
+static int networkConnectIsAlive(virConnectPtr conn ATTRIBUTE_UNUSED)
+{
+ return 1;
+}
+
+
/* networkKillDaemon:
*
* kill the specified pid/name, and wait a bit to make sure it's dead.
@@ -5699,6 +5775,23 @@ static virNetworkDriver networkDriver = {
.networkGetDHCPLeases = networkGetDHCPLeases, /* 1.2.6 */
};
+
+static virHypervisorDriver networkHypervisorDriver = {
+ .name = "network",
+ .connectOpen = networkConnectOpen, /* 4.1.0 */
+ .connectClose = networkConnectClose, /* 4.1.0 */
+ .connectIsEncrypted = networkConnectIsEncrypted, /* 4.1.0 */
+ .connectIsSecure = networkConnectIsSecure, /* 4.1.0 */
+ .connectIsAlive = networkConnectIsAlive, /* 4.1.0 */
+};
+
+
+static virConnectDriver networkConnectDriver = {
+ .hypervisorDriver = &networkHypervisorDriver,
+ .networkDriver = &networkDriver,
+};
+
+
static virStateDriver networkStateDriver = {
.name = "bridge",
.stateInitialize = networkStateInitialize,
@@ -5710,6 +5803,8 @@ static virStateDriver networkStateDriver = {
int
networkRegister(void)
{
+ if (virRegisterConnectDriver(&networkConnectDriver, false) < 0)
+ return -1;
if (virSetSharedNetworkDriver(&networkDriver) < 0)
return -1;
if (virRegisterStateDriver(&networkStateDriver) < 0)
diff --git a/src/network/bridge_driver_platform.h b/src/network/bridge_driver_platform.h
index f04c0c48b4..706000df4e 100644
--- a/src/network/bridge_driver_platform.h
+++ b/src/network/bridge_driver_platform.h
@@ -34,6 +34,9 @@
struct _virNetworkDriverState {
virMutex lock;
+ /* Read-only */
+ bool privileged;
+
/* Immutable pointer, self-locking APIs */
virNetworkObjListPtr networks;
--
2.14.3