https://bugzilla.redhat.com/show_bug.cgi?id=1608275 Instantiation of an nwfilter binding is only allowed when the net->filter is defined for the network; however, the teardown of the binding does not make this check. This leaves open the possibility that the teardown could be called during guest shutdown/teardown in session mode resulting in the following error being logged: error : nwfilterConnectOpen:383 : internal error: unexpected nwfilter URI path '/session', try nwfilter:///system So before going through the teardown processing, let's be sure the network had a filter and then attempt to get a connection. For session mode it's not even possible create an nwfilter binding. Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> --- src/conf/domain_nwfilter.c | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/src/conf/domain_nwfilter.c b/src/conf/domain_nwfilter.c index f39c8a1f9b..e75fb598e8 100644 --- a/src/conf/domain_nwfilter.c +++ b/src/conf/domain_nwfilter.c @@ -149,9 +149,12 @@ virDomainConfNWFilterTeardownImpl(virConnectPtr conn, void virDomainConfNWFilterTeardown(virDomainNetDefPtr net) { - virConnectPtr conn = virGetConnectNWFilter(); + virConnectPtr conn; - if (!conn) + if (!net->filter) + return; + + if (!(conn = virGetConnectNWFilter())) return; virDomainConfNWFilterTeardownImpl(conn, net); @@ -163,14 +166,19 @@ void virDomainConfVMNWFilterTeardown(virDomainObjPtr vm) { size_t i; - virConnectPtr conn = virGetConnectNWFilter(); + virConnectPtr conn = NULL; - if (!conn) - return; + for (i = 0; i < vm->def->nnets; i++) { + virDomainNetDefPtr net = vm->def->nets[i]; + if (!net->filter) + continue; - for (i = 0; i < vm->def->nnets; i++) - virDomainConfNWFilterTeardownImpl(conn, vm->def->nets[i]); + if (!conn && !(conn = virGetConnectNWFilter())) + return; + + virDomainConfNWFilterTeardownImpl(conn, net); + } virObjectUnref(conn); } -- 2.17.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
