[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH v3 00/20] nwfilter: refactor the driver to make it independent of virt drivers



 v1: https://www.redhat.com/archives/libvir-list/2018-April/msg02616.html
 v2: https://www.redhat.com/archives/libvir-list/2018-May/msg01145.html

Today the nwfilter driver is entangled with the virt drivers in both
directions. At various times when rebuilding filters nwfilter will call
out to the virt driver to iterate over running guest's NICs. This has
caused very complicated lock ordering rules to be required. If we are to
split the virt drivers out into separate daemons we need to get rid of
this coupling since we don't want the separate daemons calling each
other, as that risks deadlock if all of the RPC workers are busy.

The obvious way to solve this is to have the nwfilter driver remember
all the filters it has active, avoiding the need to iterate over running
guests.

Still todo

 - Document the new XML format

Changed in v3:

  - Updated API version numbers
  - Use accessors for virNWFilterBindingObjPtr struct
  - Other fixes John mentioned

Changed in v2:

 - The virNWFilterBindingPtr was renamed virNWFilterBindingDefPtr
 - New virNWFilterBindingObjPtr & virNWFilterBindingObjListPtr
   structs added to track the objects in the driver
 - New virNWFilterBindingPtr  public API type was added
 - New public APIs for listing filter bindings, querying XML, and
   creating/deleting them
 - Convert the virt drivers to use the public API for creating
   and deleting bindings
 - Persistent active bindings out to disk so they're preserved
   across restarts
 - Added RNG schema and XML-2-XML test
 - New virsh commands for listing/querying XML/creating/deleting
   bindings

Daniel P. Berrangé (20):
  conf: change virNWFilterBindingPtr to virNWFilterBindingDefPtr
  conf: add missing virxml.h include for nwfilter_params.h
  conf: move virNWFilterBindingDefPtr into its own files
  conf: add support for parsing/formatting virNWFilterBindingDefPtr
  schemas: add schema for nwfilter binding XML document
  nwfilter: export port binding concept in the public API
  access: add nwfilter binding object permissions
  remote: add support for nwfilter binding objects
  virsh: add nwfilter binding commands
  nwfilter: convert the gentech driver code to use
    virNWFilterBindingDefPtr
  nwfilter: convert IP address learning code to virNWFilterBindingDefPtr
  nwfilter: convert DHCP address snooping code to
    virNWFilterBindingDefPtr
  conf: report an error if nic needs filtering by no driver is present
  conf: introduce a virNWFilterBindingObjPtr struct
  conf: introduce a virNWFilterBindingObjListPtr struct
  nwfilter: keep track of active filter bindings
  nwfilter: remove virt driver callback layer for rebuilding filters
  nwfilter: wire up new APIs for listing and querying filter bindings
  nwfilter: wire up new APIs for creating and deleting nwfilter bindings
  nwfilter: convert virt drivers to use public API for nwfilter bindings

 docs/schemas/domaincommon.rng                 |  27 +-
 docs/schemas/nwfilter.rng                     |  29 +-
 docs/schemas/nwfilter_params.rng              |  32 ++
 docs/schemas/nwfilterbinding.rng              |  49 ++
 include/libvirt/libvirt-nwfilter.h            |  39 ++
 include/libvirt/virterror.h                   |   2 +
 src/access/viraccessdriver.h                  |   5 +
 src/access/viraccessdrivernop.c               |  10 +
 src/access/viraccessdriverpolkit.c            |  21 +
 src/access/viraccessdriverstack.c             |  24 +
 src/access/viraccessmanager.c                 |  15 +
 src/access/viraccessmanager.h                 |   5 +
 src/access/viraccessperm.c                    |   7 +-
 src/access/viraccessperm.h                    |  38 ++
 src/conf/Makefile.inc.am                      |   6 +
 src/conf/domain_nwfilter.c                    | 125 ++++-
 src/conf/domain_nwfilter.h                    |  13 -
 src/conf/nwfilter_conf.c                      | 188 +------
 src/conf/nwfilter_conf.h                      |  68 +--
 src/conf/nwfilter_params.h                    |   1 +
 src/conf/virnwfilterbindingdef.c              | 280 ++++++++++
 src/conf/virnwfilterbindingdef.h              |  65 +++
 src/conf/virnwfilterbindingobj.c              | 299 +++++++++++
 src/conf/virnwfilterbindingobj.h              |  69 +++
 src/conf/virnwfilterbindingobjlist.c          | 487 ++++++++++++++++++
 src/conf/virnwfilterbindingobjlist.h          |  69 +++
 src/conf/virnwfilterobj.c                     |   4 +-
 src/conf/virnwfilterobj.h                     |   4 +
 src/datatypes.c                               |  67 +++
 src/datatypes.h                               |  31 ++
 src/driver-nwfilter.h                         |  30 ++
 src/libvirt-nwfilter.c                        | 305 +++++++++++
 src/libvirt_private.syms                      |  45 +-
 src/libvirt_public.syms                       |   9 +
 src/lxc/lxc_driver.c                          |  28 -
 src/nwfilter/nwfilter_dhcpsnoop.c             | 158 +++---
 src/nwfilter/nwfilter_dhcpsnoop.h             |   7 +-
 src/nwfilter/nwfilter_driver.c                | 218 ++++++--
 src/nwfilter/nwfilter_gentech_driver.c        | 337 ++++++------
 src/nwfilter/nwfilter_gentech_driver.h        |  22 +-
 src/nwfilter/nwfilter_learnipaddr.c           | 104 ++--
 src/nwfilter/nwfilter_learnipaddr.h           |   7 +-
 src/qemu/qemu_driver.c                        |  25 -
 src/remote/remote_daemon_dispatch.c           |  15 +
 src/remote/remote_driver.c                    |  20 +
 src/remote/remote_protocol.x                  |  90 +++-
 src/remote_protocol-structs                   |  43 ++
 src/rpc/gendispatch.pl                        |  15 +-
 src/uml/uml_driver.c                          |  29 --
 src/util/virerror.c                           |  12 +
 tests/Makefile.am                             |   7 +
 .../filter-vars.xml                           |  11 +
 .../virnwfilterbindingxml2xmldata/simple.xml  |   9 +
 tests/virnwfilterbindingxml2xmltest.c         | 112 ++++
 tests/virschematest.c                         |   1 +
 tools/virsh-completer.c                       |  45 ++
 tools/virsh-completer.h                       |   4 +
 tools/virsh-nwfilter.c                        | 317 ++++++++++++
 tools/virsh-nwfilter.h                        |   8 +
 59 files changed, 3283 insertions(+), 829 deletions(-)
 create mode 100644 docs/schemas/nwfilter_params.rng
 create mode 100644 docs/schemas/nwfilterbinding.rng
 create mode 100644 src/conf/virnwfilterbindingdef.c
 create mode 100644 src/conf/virnwfilterbindingdef.h
 create mode 100644 src/conf/virnwfilterbindingobj.c
 create mode 100644 src/conf/virnwfilterbindingobj.h
 create mode 100644 src/conf/virnwfilterbindingobjlist.c
 create mode 100644 src/conf/virnwfilterbindingobjlist.h
 create mode 100644 tests/virnwfilterbindingxml2xmldata/filter-vars.xml
 create mode 100644 tests/virnwfilterbindingxml2xmldata/simple.xml
 create mode 100644 tests/virnwfilterbindingxml2xmltest.c

-- 
2.17.0


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]