mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-21 22:03:49 +03:00
qemu/lxc: plumb isolatedPort from config down through bridge attachment
This patch pushes the isolatedPort setting from the <interface> down all the way to the callers of virNetDevBridgeAddPort(), and sets BR_ISOLATED on the port (using virNetDevBridgePortSetIsolated()) after the port has been successfully added to the bridge. Signed-off-by: Laine Stump <laine@redhat.com> Signed-off-by: Laine Stump <laine@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Laine Stump
parent
de7c347d9b
commit
2b8fd7334d
@ -95,6 +95,7 @@ bhyveBuildNetArgStr(virConnectPtr conn,
|
||||
def->uuid, NULL, NULL, 0,
|
||||
virDomainNetGetActualVirtPortProfile(net),
|
||||
virDomainNetGetActualVlan(net),
|
||||
virDomainNetGetActualPortOptionsIsolated(net),
|
||||
NULL, 0, NULL,
|
||||
VIR_NETDEV_TAP_CREATE_IFUP | VIR_NETDEV_TAP_CREATE_PERSIST) < 0) {
|
||||
goto cleanup;
|
||||
|
||||
@ -31232,6 +31232,7 @@ virDomainNetNotifyActualDevice(virConnectPtr conn,
|
||||
&iface->mac, dom->uuid,
|
||||
virDomainNetGetActualVirtPortProfile(iface),
|
||||
virDomainNetGetActualVlan(iface),
|
||||
virDomainNetGetActualPortOptionsIsolated(iface),
|
||||
iface->mtu, NULL));
|
||||
}
|
||||
}
|
||||
|
||||
@ -303,6 +303,16 @@ virLXCProcessSetupInterfaceTap(virDomainDefPtr vm,
|
||||
} else {
|
||||
if (virNetDevBridgeAddPort(brname, parentVeth) < 0)
|
||||
return NULL;
|
||||
|
||||
if (virDomainNetGetActualPortOptionsIsolated(net) == VIR_TRISTATE_BOOL_YES &&
|
||||
virNetDevBridgePortSetIsolated(brname, parentVeth, true) < 0) {
|
||||
virErrorPtr err;
|
||||
|
||||
virErrorPreserveLast(&err);
|
||||
ignore_value(virNetDevBridgeRemovePort(brname, parentVeth));
|
||||
virErrorRestore(&err);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -2489,6 +2489,7 @@ networkStartNetworkVirtual(virNetworkDriverStatePtr driver,
|
||||
if (virNetDevTapCreateInBridgePort(def->bridge,
|
||||
&macTapIfName, &def->mac,
|
||||
NULL, NULL, &tapfd, 1, NULL, NULL,
|
||||
VIR_TRISTATE_BOOL_NO,
|
||||
NULL, def->mtu, NULL,
|
||||
VIR_NETDEV_TAP_CREATE_USE_MAC_FOR_BRIDGE |
|
||||
VIR_NETDEV_TAP_CREATE_IFUP |
|
||||
|
||||
@ -3350,12 +3350,28 @@ qemuDomainChangeNetBridge(virDomainObjPtr vm,
|
||||
}
|
||||
|
||||
ret = virNetDevBridgeAddPort(newbridge, olddev->ifname);
|
||||
if (ret == 0 &&
|
||||
virDomainNetGetActualPortOptionsIsolated(newdev) == VIR_TRISTATE_BOOL_YES) {
|
||||
|
||||
ret = virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true);
|
||||
if (ret < 0) {
|
||||
virErrorPtr err;
|
||||
|
||||
virErrorPreserveLast(&err);
|
||||
ignore_value(virNetDevBridgeRemovePort(newbridge, olddev->ifname));
|
||||
virErrorRestore(&err);
|
||||
}
|
||||
}
|
||||
virDomainAuditNet(vm, NULL, newdev, "attach", ret == 0);
|
||||
if (ret < 0) {
|
||||
virErrorPtr err;
|
||||
|
||||
virErrorPreserveLast(&err);
|
||||
ret = virNetDevBridgeAddPort(oldbridge, olddev->ifname);
|
||||
if (ret == 0 &&
|
||||
virDomainNetGetActualPortOptionsIsolated(olddev) == VIR_TRISTATE_BOOL_YES) {
|
||||
ignore_value(virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true));
|
||||
}
|
||||
virDomainAuditNet(vm, NULL, olddev, "attach", ret == 0);
|
||||
virErrorRestore(&err);
|
||||
return -1;
|
||||
|
||||
@ -568,6 +568,7 @@ qemuInterfaceBridgeConnect(virDomainDefPtr def,
|
||||
def->uuid, tunpath, tapfd, *tapfdSize,
|
||||
virDomainNetGetActualVirtPortProfile(net),
|
||||
virDomainNetGetActualVlan(net),
|
||||
virDomainNetGetActualPortOptionsIsolated(net),
|
||||
net->coalesce, 0, NULL,
|
||||
tap_create_flags) < 0) {
|
||||
virDomainAuditNetDevice(def, net, tunpath, false);
|
||||
|
||||
@ -505,6 +505,7 @@ virNetDevTapAttachBridge(const char *tapname,
|
||||
const unsigned char *vmuuid,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU)
|
||||
{
|
||||
@ -545,6 +546,16 @@ virNetDevTapAttachBridge(const char *tapname,
|
||||
} else {
|
||||
if (virNetDevBridgeAddPort(brname, tapname) < 0)
|
||||
return -1;
|
||||
|
||||
if (isolatedPort == VIR_TRISTATE_BOOL_YES &&
|
||||
virNetDevBridgePortSetIsolated(brname, tapname, true) < 0) {
|
||||
virErrorPtr err;
|
||||
|
||||
virErrorPreserveLast(&err);
|
||||
ignore_value(virNetDevBridgeRemovePort(brname, tapname));
|
||||
virErrorRestore(&err);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
@ -574,6 +585,7 @@ virNetDevTapReattachBridge(const char *tapname,
|
||||
const unsigned char *vmuuid,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU)
|
||||
{
|
||||
@ -611,6 +623,7 @@ virNetDevTapReattachBridge(const char *tapname,
|
||||
macaddr, vmuuid,
|
||||
virtPortProfile,
|
||||
virtVlan,
|
||||
isolatedPort,
|
||||
mtu, actualMTU) < 0)
|
||||
return -1;
|
||||
|
||||
@ -660,6 +673,7 @@ int virNetDevTapCreateInBridgePort(const char *brname,
|
||||
size_t tapfdSize,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
virNetDevCoalescePtr coalesce,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU,
|
||||
@ -697,7 +711,8 @@ int virNetDevTapCreateInBridgePort(const char *brname,
|
||||
goto error;
|
||||
|
||||
if (virNetDevTapAttachBridge(*ifname, brname, macaddr, vmuuid,
|
||||
virtPortProfile, virtVlan, mtu, actualMTU) < 0) {
|
||||
virtPortProfile, virtVlan,
|
||||
isolatedPort, mtu, actualMTU) < 0) {
|
||||
goto error;
|
||||
}
|
||||
|
||||
|
||||
@ -65,6 +65,7 @@ virNetDevTapAttachBridge(const char *tapname,
|
||||
const unsigned char *vmuuid,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU)
|
||||
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
|
||||
@ -77,6 +78,7 @@ virNetDevTapReattachBridge(const char *tapname,
|
||||
const unsigned char *vmuuid,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU)
|
||||
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3)
|
||||
@ -91,6 +93,7 @@ int virNetDevTapCreateInBridgePort(const char *brname,
|
||||
size_t tapfdSize,
|
||||
const virNetDevVPortProfile *virtPortProfile,
|
||||
const virNetDevVlan *virtVlan,
|
||||
virTristateBool isolatedPort,
|
||||
virNetDevCoalescePtr coalesce,
|
||||
unsigned int mtu,
|
||||
unsigned int *actualMTU,
|
||||
|
||||
@ -28,6 +28,7 @@ int virNetDevTapCreateInBridgePort(const char *brname G_GNUC_UNUSED,
|
||||
size_t tapfdSize G_GNUC_UNUSED,
|
||||
const virNetDevVPortProfile *virtPortProfile G_GNUC_UNUSED,
|
||||
const virNetDevVlan *virtVlan G_GNUC_UNUSED,
|
||||
virTristateBool isolatedPort G_GNUC_UNUSED,
|
||||
virNetDevCoalescePtr coalesce G_GNUC_UNUSED,
|
||||
unsigned int mtu G_GNUC_UNUSED,
|
||||
unsigned int *actualMTU G_GNUC_UNUSED,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user