Re: [Qemu-devel] [PATCH v7 RESEND 02/11] init/cleanup of netfilter object

[Yang Hongyang]

On 08/23/2015 10:17 PM, Thomas Huth wrote:

On 21/08/15 00:43, Yang Hongyang wrote:

QTAILQ_ENTRY global_list but used by filter layer, so that we can
manage all filters together.
QTAILQ_ENTRY next used by netdev, filter belongs to the specific netdev is
in this queue.
This is mostly the same with init/cleanup of netdev object.

Signed-off-by: Yang Hongyang <yan...@cn.fujitsu.com>
---
v7: add check for vhost

[...]

diff --git a/net/filter.c b/net/filter.c
index 4e40f08..9183cd8 100644
--- a/net/filter.c
+++ b/net/filter.c
@@ -6,10 +6,158 @@
   */

  #include "qemu-common.h"
+#include "qapi-visit.h"
+#include "qapi/qmp/qerror.h"
+#include "qemu/error-report.h"
+#include "qapi-visit.h"
+#include "qapi/opts-visitor.h"
+#include "qapi/dealloc-visitor.h"
+#include "qemu/config-file.h"
+
  #include "net/filter.h"
+#include "net/net.h"

Don't you need to include "net/vhost_net.h" here, too, to get the
prototype of get_vhost_nest() for using it in the function below?

Yes, it's wired that this patchset can be successfuly bulid on my test
machine...will add in the next version. thank you.

+static int net_filter_init1(const NetFilter *netfilter, Error **errp)
+{
+    NetClientState *ncs[MAX_QUEUE_NUM];
+    const char *name = netfilter->id;
+    const char *netdev_id = netfilter->netdev;
+    const char *chain_str = NULL;
+    const NetFilterOptions *opts = netfilter->opts;
+    int chain, queues, i;
+
+    if (!net_filter_init_fun[opts->kind]) {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "type",
+                   "a net filter type");
+        return -1;
+    }
+
+    if (netfilter->has_chain) {
+        chain_str = netfilter->chain;
+        if (!strcmp(chain_str, "in")) {
+            chain = NET_FILTER_IN;
+        } else if (!strcmp(chain_str, "out")) {
+            chain = NET_FILTER_OUT;
+        } else if (!strcmp(chain_str, "all")) {
+            chain = NET_FILTER_ALL;
+        } else {
+            error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "chain",
+                       "netfilter chain (in/out/all)");
+            return -1;
+        }
+    } else {
+        /* default */
+        chain = NET_FILTER_ALL;
+    }
+
+    queues = qemu_find_net_clients_except(netdev_id, ncs,
+                                          NET_CLIENT_OPTIONS_KIND_NIC,
+                                          MAX_QUEUE_NUM);
+    if (queues < 1) {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "netdev",
+                   "a network backend id");
+        return -1;
+    }
+
+    if (get_vhost_net(ncs[0])) {
+        error_setg(errp, "vhost is not supported");
+        return -1;
+    }
+
+    for (i = 0; i < queues; i++) {
+        if (net_filter_init_fun[opts->kind](opts, name,
+                                            chain, ncs[i], errp) < 0) {
+            if (errp && !*errp) {
+                error_setg(errp, QERR_DEVICE_INIT_FAILED,
+                           NetFilterOptionsKind_lookup[opts->kind]);
+            }
+            return -1;
+        }
+    }
+
+    return 0;
+}

  Thomas

.

--
Thanks,
Yang.