Re: [Qemu-devel] [PATCH v10 06/10] netfilter: add an API to pass the packet to next filter

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Wang <jasowang@redhat.com>
To: Yang Hongyang <yanghy@cn.fujitsu.com>, qemu-devel@nongnu.org
Cc: thuth@redhat.com, lizhijian@cn.fujitsu.com, armbru@redhat.com,
	stefanha@redhat.com, zhang.zhanghailiang@huawei.com
Subject: Re: [Qemu-devel] [PATCH v10 06/10] netfilter: add an API to pass the packet to next filter
Date: Wed, 16 Sep 2015 17:29:07 +0800	[thread overview]
Message-ID: <55F93663.1050805@redhat.com> (raw)
In-Reply-To: <1441783481-17698-7-git-send-email-yanghy@cn.fujitsu.com>



On 09/09/2015 03:24 PM, Yang Hongyang wrote:
> add an API qemu_netfilter_pass_to_next() to pass the packet
> to next filter.
>
> Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
> Reviewed-by: Thomas Huth <thuth@redhat.com>
> ---
> v10: adjust as a NetQueueDeliverFunc
> v9: fix a bug when curr filter chain is all
> v5: fold params to NetPacket struct
> ---
>  include/net/filter.h |  7 ++++++
>  net/filter.c         | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 67 insertions(+)
>
> diff --git a/include/net/filter.h b/include/net/filter.h
> index 4557cb9..ed2bb66 100644
> --- a/include/net/filter.h
> +++ b/include/net/filter.h
> @@ -57,4 +57,11 @@ struct NetFilterState {
>      QTAILQ_ENTRY(NetFilterState) next;
>  };
>  
> +/* pass the packet to the next filter */
> +ssize_t qemu_netfilter_pass_to_next(NetClientState *sender,
> +                                    unsigned flags,
> +                                    const struct iovec *iov,
> +                                    int iovcnt,
> +                                    void *opaque);
> +
>  #endif /* QEMU_NET_FILTER_H */
> diff --git a/net/filter.c b/net/filter.c
> index 5192c6d..086f271 100644
> --- a/net/filter.c
> +++ b/net/filter.c
> @@ -14,9 +14,69 @@
>  #include "net/net.h"
>  #include "net/vhost_net.h"
>  #include "qom/object_interfaces.h"
> +#include "qemu/iov.h"
>  
>  static QTAILQ_HEAD(, NetFilterState) net_filters;
>  
> +ssize_t qemu_netfilter_pass_to_next(NetClientState *sender,
> +                                    unsigned flags,
> +                                    const struct iovec *iov,
> +                                    int iovcnt,
> +                                    void *opaque)
> +{
> +    int ret = 0;
> +    int chain;
> +    NetFilterState *nf = opaque;
> +    NetFilterState *next = QTAILQ_NEXT(nf, next);
> +
> +    if (!sender || !sender->peer) {
> +        /* no receiver, or sender been deleted, no need to pass it further */
> +        goto out;
> +    }
> +
> +    if (nf->chain == NET_FILTER_CHAIN_ALL) {
> +        if (sender == nf->netdev) {
> +            /* This packet is sent by netdev itself */
> +            chain = NET_FILTER_CHAIN_OUT;
> +        } else {
> +            chain = NET_FILTER_CHAIN_IN;
> +        }
> +    } else {
> +        chain = nf->chain;
> +    }
> +
> +    while (next) {
> +        if (next->chain == chain || next->chain == NET_FILTER_CHAIN_ALL) {
> +            /*
> +             * if qemu_netfilter_pass_to_next been called, means that
> +             * the packet has been hold by filter and has already retured size
> +             * to the sender, so sent_cb shouldn't be called later, just
> +             * pass NULL to next.
> +             */
> +            ret = NETFILTER_GET_CLASS(OBJECT(next))->receive_iov(
> +                                    next, sender, flags, iov, iovcnt, NULL);
> +            if (ret) {
> +                return ret;
> +            }
> +        }
> +        next = QTAILQ_NEXT(next, next);
> +    }

Nitpick:

Kind of codes duplication with filter_receive(). May consider to unify
them it you want to send next version.

> +
> +    /*
> +     * We have gone through all filters, pass it to receiver.
> +     * Do the valid check again incase sender or receiver been
> +     * deleted while we go through filters.
> +     */
> +    if (sender && sender->peer) {
> +        return qemu_net_queue_send_iov(sender->peer->incoming_queue,
> +                                       sender, flags, iov, iovcnt, NULL);
> +    }
> +
> +out:
> +    /* no receiver, or sender been deleted */
> +    return iov_size(iov, iovcnt);
> +}
> +
>  static char *netfilter_get_netdev_id(Object *obj, Error **errp)
>  {
>      NetFilterState *nf = NETFILTER(obj);

next prev parent reply	other threads:[~2015-09-16  9:29 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-09-09  7:24 [Qemu-devel] [PATCH v10 00/10] Add a netfilter object and netbuffer filter Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 01/10] qmp: delete qemu opts when delete an object Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 02/10] init/cleanup of netfilter object Yang Hongyang
2015-09-14  8:54   ` Daniel P. Berrange
2015-09-14  8:56     ` Daniel P. Berrange
2015-09-14  9:05     ` Yang Hongyang
2015-09-16  9:28   ` Jason Wang
2015-09-16 11:11     ` Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 03/10] netfilter: hook packets before net queue send Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 04/10] net: merge qemu_deliver_packet and qemu_deliver_packet_iov Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 05/10] net/queue: introduce NetQueueDeliverFunc Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 06/10] netfilter: add an API to pass the packet to next filter Yang Hongyang
2015-09-16  9:29   ` Jason Wang [this message]
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 07/10] netfilter: print filter info associate with the netdev Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 08/10] net/queue: export qemu_net_queue_append_iov Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 09/10] netfilter: add a netbuffer filter Yang Hongyang
2015-09-14  9:04   ` Daniel P. Berrange
2015-09-14  9:53     ` Yang Hongyang
2015-09-16  9:42   ` Jason Wang
2015-09-16 11:19     ` Yang Hongyang
2015-09-09  7:24 ` [Qemu-devel] [PATCH v10 10/10] tests: add test cases for netfilter object Yang Hongyang
2015-09-14  5:09 ` [Qemu-devel] [PATCH v10 00/10] Add a netfilter object and netbuffer filter Yang Hongyang
2015-09-14  5:22   ` Jason Wang
2015-09-14  5:36     ` Yang Hongyang
2015-09-16  9:48       ` Jason Wang
2015-09-16 11:22         ` Yang Hongyang
2015-09-14  9:05   ` Daniel P. Berrange
2015-09-14  9:14     ` Yang Hongyang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55F93663.1050805@redhat.com \
    --to=jasowang@redhat.com \
    --cc=armbru@redhat.com \
    --cc=lizhijian@cn.fujitsu.com \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@redhat.com \
    --cc=thuth@redhat.com \
    --cc=yanghy@cn.fujitsu.com \
    --cc=zhang.zhanghailiang@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.