[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [v2 3/3] Prevent updates while IP address learn thread is running



Prevent updating and tearing down of filter while the IP
address learning thread is running and has its own filtering
rules applied.

Signed-off-by: Stefan Berger <stefanb us ibm com>

Index: libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_gentech_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_gentech_driver.c
@@ -610,6 +610,8 @@ virNWFilterInstantiate(virConnectPtr con
     } else if (virHashSize(missing_vars->hashTable) > 1) {
         rc = 1;
         goto err_exit;
+    } else if (virNWFilterLookupLearnReq(ifindex) == NULL) {
+        goto err_exit;
     }
 
     rc = _virNWFilterInstantiateRec(conn,
@@ -890,7 +892,9 @@ int virNWFilterRollbackUpdateFilter(virC
                                     const virDomainNetDefPtr net)
 {
     const char *drvname = EBIPTABLES_DRIVER_ID;
+    int ifindex;
     virNWFilterTechDriverPtr techdriver;
+
     techdriver = virNWFilterTechDriverForName(drvname);
     if (!techdriver) {
         virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
@@ -900,6 +904,11 @@ int virNWFilterRollbackUpdateFilter(virC
         return 1;
     }
 
+    /* don't tear anything while the address is being learned */
+    if (ifaceGetIndex(true, net->ifname, &ifindex) == 0 &&
+        virNWFilterLookupLearnReq(ifindex) != NULL)
+        return 0;
+
     return techdriver->tearNewRules(conn, net->ifname);
 }
 
@@ -909,7 +918,9 @@ virNWFilterTearOldFilter(virConnectPtr c
                          virDomainNetDefPtr net)
 {
     const char *drvname = EBIPTABLES_DRIVER_ID;
+    int ifindex;
     virNWFilterTechDriverPtr techdriver;
+
     techdriver = virNWFilterTechDriverForName(drvname);
     if (!techdriver) {
         virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
@@ -919,6 +930,11 @@ virNWFilterTearOldFilter(virConnectPtr c
         return 1;
     }
 
+    /* don't tear anything while the address is being learned */
+    if (ifaceGetIndex(true, net->ifname, &ifindex) == 0 &&
+        virNWFilterLookupLearnReq(ifindex) != NULL)
+        return 0;
+
     return techdriver->tearOldRules(conn, net->ifname);
 }
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]