This helps to bring down the frame size of virNWFilterRuleDefFixup, as it
exceeds 8192 bytes when libvirt is build with sanitizers enabled, in debug
mode, on clang.
Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
---
src/conf/nwfilter_conf.c | 132 +++++++++++++++------------------------
1 file changed, 52 insertions(+), 80 deletions(-)
diff --git a/src/conf/nwfilter_conf.c b/src/conf/nwfilter_conf.c
index 62334edeec..2448e4b70b 100644
--- a/src/conf/nwfilter_conf.c
+++ b/src/conf/nwfilter_conf.c
@@ -2190,6 +2190,7 @@ static void
virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
{
ethHdrDataDef *ethHdr;
+ ipHdrDataDef *ipHdr;
#define COPY_NEG_SIGN(A, B) \
(A).flags = ((A).flags & ~NWFILTER_ENTRY_ITEM_FLAG_IS_NEG) | \
@@ -2234,18 +2235,16 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
break;
case VIR_NWFILTER_RULE_PROTOCOL_IP:
- COPY_NEG_SIGN(rule->p.ipHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.ipHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.ipHdrFilter.ipHdr.dataDstIPMask,
- rule->p.ipHdrFilter.ipHdr.dataDstIPAddr);
+ ipHdr = &rule->p.ipHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
virNWFilterRuleDefFixupIPSet(&rule->p.ipHdrFilter.ipHdr);
break;
case VIR_NWFILTER_RULE_PROTOCOL_IPV6:
- COPY_NEG_SIGN(rule->p.ipv6HdrFilter.ipHdr.dataSrcIPMask,
- rule->p.ipv6HdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.ipv6HdrFilter.ipHdr.dataDstIPMask,
- rule->p.ipv6HdrFilter.ipHdr.dataDstIPAddr);
+ ipHdr = &rule->p.ipv6HdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
COPY_NEG_SIGN(rule->p.ipv6HdrFilter.dataICMPTypeEnd,
rule->p.ipv6HdrFilter.dataICMPTypeStart);
COPY_NEG_SIGN(rule->p.ipv6HdrFilter.dataICMPCodeStart,
@@ -2262,14 +2261,11 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
case VIR_NWFILTER_RULE_PROTOCOL_TCP:
case VIR_NWFILTER_RULE_PROTOCOL_TCPoIPV6:
- COPY_NEG_SIGN(rule->p.tcpHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.tcpHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.tcpHdrFilter.ipHdr.dataDstIPMask,
- rule->p.tcpHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.tcpHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.tcpHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.tcpHdrFilter.ipHdr.dataDstIPTo,
- rule->p.tcpHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.tcpHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
COPY_NEG_SIGN(rule->p.tcpHdrFilter.portData.dataSrcPortEnd,
rule->p.tcpHdrFilter.portData.dataSrcPortStart);
COPY_NEG_SIGN(rule->p.tcpHdrFilter.portData.dataDstPortStart,
@@ -2281,14 +2277,11 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
case VIR_NWFILTER_RULE_PROTOCOL_UDP:
case VIR_NWFILTER_RULE_PROTOCOL_UDPoIPV6:
- COPY_NEG_SIGN(rule->p.udpHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.udpHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.udpHdrFilter.ipHdr.dataDstIPMask,
- rule->p.udpHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.udpHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.udpHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.udpHdrFilter.ipHdr.dataDstIPTo,
- rule->p.udpHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.udpHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
COPY_NEG_SIGN(rule->p.udpHdrFilter.portData.dataSrcPortEnd,
rule->p.udpHdrFilter.portData.dataSrcPortStart);
COPY_NEG_SIGN(rule->p.udpHdrFilter.portData.dataDstPortStart,
@@ -2300,53 +2293,41 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
case VIR_NWFILTER_RULE_PROTOCOL_UDPLITE:
case VIR_NWFILTER_RULE_PROTOCOL_UDPLITEoIPV6:
- COPY_NEG_SIGN(rule->p.udpliteHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.udpliteHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.udpliteHdrFilter.ipHdr.dataDstIPMask,
- rule->p.udpliteHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.udpliteHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.udpliteHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.udpliteHdrFilter.ipHdr.dataDstIPTo,
- rule->p.udpliteHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.udpliteHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
virNWFilterRuleDefFixupIPSet(&rule->p.udpliteHdrFilter.ipHdr);
break;
case VIR_NWFILTER_RULE_PROTOCOL_ESP:
case VIR_NWFILTER_RULE_PROTOCOL_ESPoIPV6:
- COPY_NEG_SIGN(rule->p.espHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.espHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.espHdrFilter.ipHdr.dataDstIPMask,
- rule->p.espHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.espHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.espHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.espHdrFilter.ipHdr.dataDstIPTo,
- rule->p.espHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.espHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
virNWFilterRuleDefFixupIPSet(&rule->p.espHdrFilter.ipHdr);
break;
case VIR_NWFILTER_RULE_PROTOCOL_AH:
case VIR_NWFILTER_RULE_PROTOCOL_AHoIPV6:
- COPY_NEG_SIGN(rule->p.ahHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.ahHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.ahHdrFilter.ipHdr.dataDstIPMask,
- rule->p.ahHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.ahHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.ahHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.ahHdrFilter.ipHdr.dataDstIPTo,
- rule->p.ahHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.ahHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
virNWFilterRuleDefFixupIPSet(&rule->p.ahHdrFilter.ipHdr);
break;
case VIR_NWFILTER_RULE_PROTOCOL_SCTP:
case VIR_NWFILTER_RULE_PROTOCOL_SCTPoIPV6:
- COPY_NEG_SIGN(rule->p.sctpHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.sctpHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.sctpHdrFilter.ipHdr.dataDstIPMask,
- rule->p.sctpHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.sctpHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.sctpHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.sctpHdrFilter.ipHdr.dataDstIPTo,
- rule->p.sctpHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.sctpHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
COPY_NEG_SIGN(rule->p.sctpHdrFilter.portData.dataSrcPortEnd,
rule->p.sctpHdrFilter.portData.dataSrcPortStart);
COPY_NEG_SIGN(rule->p.sctpHdrFilter.portData.dataDstPortStart,
@@ -2358,14 +2339,11 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
case VIR_NWFILTER_RULE_PROTOCOL_ICMP:
case VIR_NWFILTER_RULE_PROTOCOL_ICMPV6:
- COPY_NEG_SIGN(rule->p.icmpHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.icmpHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.icmpHdrFilter.ipHdr.dataDstIPMask,
- rule->p.icmpHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.icmpHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.icmpHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.icmpHdrFilter.ipHdr.dataDstIPTo,
- rule->p.icmpHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.icmpHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
COPY_NEG_SIGN(rule->p.icmpHdrFilter.dataICMPCode,
rule->p.icmpHdrFilter.dataICMPType);
virNWFilterRuleDefFixupIPSet(&rule->p.icmpHdrFilter.ipHdr);
@@ -2373,25 +2351,19 @@ virNWFilterRuleDefFixup(virNWFilterRuleDef *rule)
case VIR_NWFILTER_RULE_PROTOCOL_ALL:
case VIR_NWFILTER_RULE_PROTOCOL_ALLoIPV6:
- COPY_NEG_SIGN(rule->p.allHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.allHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.allHdrFilter.ipHdr.dataDstIPMask,
- rule->p.allHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.allHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.allHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.allHdrFilter.ipHdr.dataDstIPTo,
- rule->p.allHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.allHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
break;
case VIR_NWFILTER_RULE_PROTOCOL_IGMP:
- COPY_NEG_SIGN(rule->p.igmpHdrFilter.ipHdr.dataSrcIPMask,
- rule->p.igmpHdrFilter.ipHdr.dataSrcIPAddr);
- COPY_NEG_SIGN(rule->p.igmpHdrFilter.ipHdr.dataDstIPMask,
- rule->p.igmpHdrFilter.ipHdr.dataDstIPAddr);
- COPY_NEG_SIGN(rule->p.igmpHdrFilter.ipHdr.dataSrcIPTo,
- rule->p.igmpHdrFilter.ipHdr.dataSrcIPFrom);
- COPY_NEG_SIGN(rule->p.igmpHdrFilter.ipHdr.dataDstIPTo,
- rule->p.igmpHdrFilter.ipHdr.dataDstIPFrom);
+ ipHdr = &rule->p.igmpHdrFilter.ipHdr;
+ COPY_NEG_SIGN(ipHdr->dataSrcIPMask, ipHdr->dataSrcIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataDstIPMask, ipHdr->dataDstIPAddr);
+ COPY_NEG_SIGN(ipHdr->dataSrcIPTo, ipHdr->dataSrcIPFrom);
+ COPY_NEG_SIGN(ipHdr->dataDstIPTo, ipHdr->dataDstIPFrom);
virNWFilterRuleDefFixupIPSet(&rule->p.igmpHdrFilter.ipHdr);
break;
--
2.31.1
