Introduce a function that rebuilds all running VMs' filters. Call
this function when reloading the nwfilter driver.
This addresses a problem introduced by the 2nd patch that typically
causes no filters to be reinstantiate anymore upon driver reload
since their XML has not changed. Yet the current behavior is that
upon a SIGHUP all filters get reinstantiated.
---
src/conf/nwfilter_conf.c | 23 +++++++++++++++++++++++
src/conf/nwfilter_conf.h | 3 +++
src/libvirt_private.syms | 1 +
src/nwfilter/nwfilter_driver.c | 2 ++
src/nwfilter/nwfilter_gentech_driver.c | 12 +++++++++++-
5 files changed, 40 insertions(+), 1 deletion(-)
Index: libvirt-iterator/src/conf/nwfilter_conf.c
===================================================================
--- libvirt-iterator.orig/src/conf/nwfilter_conf.c
+++ libvirt-iterator/src/conf/nwfilter_conf.c
@@ -2723,6 +2723,29 @@ virNWFilterCallbackDriversUnlock(void)
static virHashIterator virNWFilterDomainFWUpdateCB;
+/**
+ * virNWFilterInstFiltersOnAllVMs:
+ * Apply all filters on all running VMs. Don't terminate in case of an
+ * error. This should be called upon reloading of the driver.
+ */
+int
+virNWFilterInstFiltersOnAllVMs(virConnectPtr conn)
+{
+ int i;
+ struct domUpdateCBStruct cb = {
+ .conn = conn,
+ .err = 0, /* ignored here */
+ .step = STEP_APPLY_CURRENT,
+ .skipInterfaces = NULL, /* not needed */
+ };
+
+ for (i = 0; i < nCallbackDriver; i++)
+ callbackDrvArray[i]->vmFilterRebuild(conn,
+ virNWFilterDomainFWUpdateCB,
+ &cb);
+
+ return 0;
+}
static int
virNWFilterTriggerVMFilterRebuild(virConnectPtr conn)
Index: libvirt-iterator/src/conf/nwfilter_conf.h
===================================================================
--- libvirt-iterator.orig/src/conf/nwfilter_conf.h
+++ libvirt-iterator/src/conf/nwfilter_conf.h
@@ -577,6 +577,7 @@ enum UpdateStep {
STEP_APPLY_NEW,
STEP_TEAR_NEW,
STEP_TEAR_OLD,
+ STEP_APPLY_CURRENT,
};
struct domUpdateCBStruct {
@@ -722,6 +723,8 @@ void virNWFilterUnlockFilterUpdates(void
int virNWFilterConfLayerInit(virHashIterator domUpdateCB);
void virNWFilterConfLayerShutdown(void);
+int virNWFilterInstFiltersOnAllVMs(virConnectPtr conn);
+
# define virNWFilterReportError(code, fmt...) \
virReportErrorHelper(VIR_FROM_NWFILTER, code, __FILE__, \
__FUNCTION__, __LINE__, fmt)
Index: libvirt-iterator/src/nwfilter/nwfilter_driver.c
===================================================================
--- libvirt-iterator.orig/src/nwfilter/nwfilter_driver.c
+++ libvirt-iterator/src/nwfilter/nwfilter_driver.c
@@ -162,6 +162,8 @@ nwfilterDriverReload(void) {
virNWFilterCallbackDriversUnlock();
nwfilterDriverUnlock(driverState);
+ virNWFilterInstFiltersOnAllVMs(conn);
+
virConnectClose(conn);
}
Index: libvirt-iterator/src/libvirt_private.syms
===================================================================
--- libvirt-iterator.orig/src/libvirt_private.syms
+++ libvirt-iterator/src/libvirt_private.syms
@@ -811,6 +811,7 @@ virNWFilterConfLayerShutdown;
virNWFilterDefFormat;
virNWFilterDefFree;
virNWFilterDefParseString;
+virNWFilterInstFiltersOnAllVMs;
virNWFilterJumpTargetTypeToString;
virNWFilterLoadAllConfigs;
virNWFilterLockFilterUpdates;
Index: libvirt-iterator/src/nwfilter/nwfilter_gentech_driver.c
===================================================================
--- libvirt-iterator.orig/src/nwfilter/nwfilter_gentech_driver.c
+++ libvirt-iterator/src/nwfilter/nwfilter_gentech_driver.c
@@ -1122,7 +1122,7 @@ virNWFilterDomainFWUpdateCB(void *payloa
virDomainObjPtr obj = payload;
virDomainDefPtr vm = obj->def;
struct domUpdateCBStruct *cb = data;
- int i;
+ int i, err;
bool skipIface;
virDomainObjLock(obj);
@@ -1156,6 +1156,16 @@ virNWFilterDomainFWUpdateCB(void *payloa
cb->err = virNWFilterTearOldFilter(net);
}
break;
+
+ case STEP_APPLY_CURRENT:
+ err = virNWFilterInstantiateFilter(cb->conn,
+ vm->uuid,
+ net);
+ if (err)
+ virNWFilterReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Failure while applying current filter on "
+ "VM %s"), vm->name);
+ break;
}
if (cb->err)
break;
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list