Coverity complained that because the cfg->macFilter call checked
net->ifname != NULL before calling ebtablesRemoveForwardAllowIn, then
the virNetDevOpenvswitchRemovePort call should have the same check.
However, if I move the ebtables call prior to the check for TYPE_DIRECT
(where there is a VIR_FREE(net->ifname)), then it seems Coverity is
happy. Since firewall info is tacked on last during setup, removing
it in the opposite order of initialization seems to be natural anyway
Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
---
src/qemu/qemu_hotplug.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index f2740f4..ff0eaf8 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2786,6 +2786,12 @@ qemuDomainRemoveNetDevice(virQEMUDriverPtr driver,
qemuDomainReleaseDeviceAddress(vm, &net->info, NULL);
virDomainConfNWFilterTeardown(net);
+ if (cfg->macFilter && (net->ifname != NULL)) {
+ ignore_value(ebtablesRemoveForwardAllowIn(driver->ebtables,
+ net->ifname,
+ &net->mac));
+ }
+
if (virDomainNetGetActualType(net) == VIR_DOMAIN_NET_TYPE_DIRECT) {
ignore_value(virNetDevMacVLanDeleteWithVPortProfile(
net->ifname, &net->mac,
@@ -2796,12 +2802,6 @@ qemuDomainRemoveNetDevice(virQEMUDriverPtr driver,
VIR_FREE(net->ifname);
}
- if (cfg->macFilter && (net->ifname != NULL)) {
- ignore_value(ebtablesRemoveForwardAllowIn(driver->ebtables,
- net->ifname,
- &net->mac));
- }
-
vport = virDomainNetGetActualVirtPortProfile(net);
if (vport && vport->virtPortType == VIR_NETDEV_VPORT_PROFILE_OPENVSWITCH)
ignore_value(virNetDevOpenvswitchRemovePort(
--
1.9.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list