<optional>
<ref name="vlan"/>
</optional>
+ <optional>
+ <ref name="portOptions"/>
+ </optional>
<optional>
<element name="teaming">
<choice>
<optional>
<ref name="vlan"/>
</optional>
+ <optional>
+ <ref name="portOptions"/>
+ </optional>
<!-- <ip> element -->
<zeroOrMore>
</attribute>
</element>
</define>
+
+ <define name="portOptions">
+ <element name="port">
+ <optional>
+ <attribute name="isolated">
+ <ref name="virYesNo"/>
+ </attribute>
+ </optional>
+ </element>
+ </define>
+
</grammar>
<optional>
<ref name="vlan"/>
</optional>
+ <optional>
+ <ref name="portOptions"/>
+ </optional>
<optional>
<ref name="plug"/>
</optional>
if (vlanNode && virNetDevVlanParse(vlanNode, ctxt, &actual->vlan) < 0)
goto error;
+ if (virNetworkPortOptionsParseXML(ctxt, &actual->isolatedPort) < 0)
+ goto error;
+
*def = g_steal_pointer(&actual);
ret = 0;
error:
goto error;
}
+ if (virNetworkPortOptionsParseXML(ctxt, &def->isolatedPort) < 0)
+ goto error;
+
cleanup:
virDomainActualNetDefFree(actual);
virHashFree(filterparams);
return -1;
if (virNetDevBandwidthFormat(virDomainNetGetActualBandwidth(def), 0, buf) < 0)
return -1;
+ virNetworkPortOptionsFormat(virDomainNetGetActualPortOptionsIsolated(def), buf);
return 0;
}
return -1;
if (virNetDevBandwidthFormat(def->bandwidth, 0, buf) < 0)
return -1;
+ virNetworkPortOptionsFormat(def->isolatedPort, buf);
/* ONLY for internal status storage - format the ActualNetDef
* as a subelement of <interface> so that no persistent config
}
+virTristateBool
+virDomainNetGetActualPortOptionsIsolated(const virDomainNetDef *iface)
+{
+ if (iface->type == VIR_DOMAIN_NET_TYPE_NETWORK &&
+ iface->data.network.actual) {
+ return iface->data.network.actual->isolatedPort;
+ }
+ return iface->isolatedPort;
+}
+
+
bool
virDomainNetGetActualTrustGuestRxFilters(const virDomainNetDef *iface)
{
virNetDevBandwidthPtr bandwidth;
virNetDevVlan vlan;
int trustGuestRxFilters; /* enum virTristateBool */
+ virTristateBool isolatedPort;
unsigned int class_id; /* class ID for bandwidth 'floor' */
};
virNetDevBandwidthPtr bandwidth;
virNetDevVlan vlan;
int trustGuestRxFilters; /* enum virTristateBool */
+ virTristateBool isolatedPort;
int linkstate;
unsigned int mtu;
virNetDevCoalescePtr coalesce;
virDomainNetGetActualBandwidth(const virDomainNetDef *iface);
const virNetDevVlan *virDomainNetGetActualVlan(const virDomainNetDef *iface);
bool virDomainNetGetActualTrustGuestRxFilters(const virDomainNetDef *iface);
+virTristateBool
+virDomainNetGetActualPortOptionsIsolated(const virDomainNetDef *iface);
const char *virDomainNetGetModelString(const virDomainNetDef *net);
int virDomainNetSetModelString(virDomainNetDefPtr et,
const char *model);
}
+int
+virNetworkPortOptionsParseXML(xmlXPathContextPtr ctxt,
+ virTristateBool *isolatedPort)
+{
+ g_autofree char *str = NULL;
+ int tmp = VIR_TRISTATE_BOOL_ABSENT;
+
+ if ((str = virXPathString("string(./port/@isolated)", ctxt))) {
+ if ((tmp = virTristateBoolTypeFromString(str)) <= 0) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("unknown port isolated value '%s'"), str);
+ return -1;
+ }
+ }
+
+ *isolatedPort = tmp;
+ return 0;
+}
+
+
static int
virNetworkPortGroupParseXML(virPortGroupDefPtr def,
xmlNodePtr node,
if (vlanNode && virNetDevVlanParse(vlanNode, ctxt, &def->vlan) < 0)
goto error;
+ if (virNetworkPortOptionsParseXML(ctxt, &def->isolatedPort) < 0)
+ goto error;
+
/* Parse bridge information */
def->bridge = virXPathString("string(./bridge[1]/@name)", ctxt);
def->bridgeZone = virXPathString("string(./bridge[1]/@zone)", ctxt);
return 0;
}
+void
+virNetworkPortOptionsFormat(virTristateBool isolatedPort,
+ virBufferPtr buf)
+{
+ if (isolatedPort != VIR_TRISTATE_BOOL_ABSENT)
+ virBufferAsprintf(buf, "<port isolated='%s'/>\n",
+ virTristateBoolTypeToString(isolatedPort));
+}
static int
virPortGroupDefFormat(virBufferPtr buf,
return -1;
if (virNetDevBandwidthFormat(def->bandwidth, 0, buf) < 0)
return -1;
+ virNetworkPortOptionsFormat(def->isolatedPort, buf);
for (i = 0; i < def->nips; i++) {
if (virNetworkIPDefFormat(buf, &def->ips[i]) < 0)
virNetDevBandwidthPtr bandwidth;
virNetDevVlan vlan;
int trustGuestRxFilters; /* enum virTristateBool */
+ virTristateBool isolatedPort;
/* Application-specific custom metadata */
xmlNodePtr metadata;
void
virNetworkSetBridgeMacAddr(virNetworkDefPtr def);
+int
+virNetworkPortOptionsParseXML(xmlXPathContextPtr ctxt,
+ virTristateBool *isolatedPort);
+
+void
+virNetworkPortOptionsFormat(virTristateBool isolatedPort,
+ virBufferPtr buf);
+
VIR_ENUM_DECL(virNetworkForward);
#define VIR_CONNECT_LIST_NETWORKS_FILTERS_ACTIVE \
if (vlanNode && virNetDevVlanParse(vlanNode, ctxt, &def->vlan) < 0)
return NULL;
+ if (virNetworkPortOptionsParseXML(ctxt, &def->isolatedPort) < 0)
+ return NULL;
trustGuestRxFilters
= virXPathString("string(./rxfilters/@trustGuest)", ctxt);
virNetDevBandwidthFormat(def->bandwidth, def->class_id, buf);
if (virNetDevVlanFormat(&def->vlan, buf) < 0)
return -1;
+ virNetworkPortOptionsFormat(def->isolatedPort, buf);
if (def->trustGuestRxFilters)
virBufferAsprintf(buf, "<rxfilters trustGuest='%s'/>\n",
virTristateBoolTypeToString(def->trustGuestRxFilters));
unsigned int class_id; /* class ID for bandwidth 'floor' */
virNetDevVlan vlan;
int trustGuestRxFilters; /* enum virTristateBool */
+ virTristateBool isolatedPort;
int plugtype; /* virNetworkPortPlugType */
union {
virDomainNetGetActualDirectDev;
virDomainNetGetActualDirectMode;
virDomainNetGetActualHostdev;
+virDomainNetGetActualPortOptionsIsolated;
virDomainNetGetActualTrustGuestRxFilters;
virDomainNetGetActualType;
virDomainNetGetActualVirtPortProfile;
--- /dev/null
+<network>
+ <name>port-isolation-test</name>
+ <uuid>81ff0d90-c91e-6742-64da-4a736edb9a9b</uuid>
+ <bridge name="br0"/>
+ <forward mode="bridge"/>
+ <port isolated="yes"/>
+</network>
--- /dev/null
+<network>
+ <name>port-isolation-test</name>
+ <uuid>81ff0d90-c91e-6742-64da-4a736edb9a9b</uuid>
+ <forward mode='bridge'/>
+ <bridge name='br0'/>
+ <port isolated='yes'/>
+</network>
DO_TEST("metadata");
DO_TEST("set-mtu");
DO_TEST("dnsmasq-options");
+ DO_TEST("isolated-ports");
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}
--- /dev/null
+<domain type='qemu'>
+ <name>q35-test</name>
+ <uuid>11dbdcdd-4c3b-482b-8903-9bdb8c0a2774</uuid>
+ <memory unit='KiB'>2097152</memory>
+ <currentMemory unit='KiB'>2097152</currentMemory>
+ <vcpu placement='static' cpuset='0-1'>2</vcpu>
+ <os>
+ <type arch='x86_64' machine='q35'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='block' device='disk'>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='sda' bus='sata'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='pci' index='0' model='pcie-root'/>
+ <interface type='network'>
+ <mac address='52:54:00:d6:c0:0b'/>
+ <source network='default'/>
+ <port isolated='yes'/>
+ <model type='virtio'/>
+ </interface>
+ <video>
+ <model type='qxl' ram='65536' vram='32768' vgamem='8192' heads='1'/>
+ </video>
+ <memballoon model='none'/>
+ </devices>
+</domain>
--- /dev/null
+<domain type='qemu'>
+ <name>q35-test</name>
+ <uuid>11dbdcdd-4c3b-482b-8903-9bdb8c0a2774</uuid>
+ <memory unit='KiB'>2097152</memory>
+ <currentMemory unit='KiB'>2097152</currentMemory>
+ <vcpu placement='static' cpuset='0-1'>2</vcpu>
+ <os>
+ <type arch='x86_64' machine='q35'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <cpu mode='custom' match='exact' check='none'>
+ <model fallback='forbid'>qemu64</model>
+ </cpu>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='sda' bus='sata'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='pci' index='0' model='pcie-root'/>
+ <controller type='usb' index='0' model='qemu-xhci'>
+ <address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
+ </controller>
+ <controller type='sata' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+ </controller>
+ <controller type='pci' index='1' model='pcie-root-port'>
+ <model name='pcie-root-port'/>
+ <target chassis='1' port='0x10'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
+ </controller>
+ <controller type='pci' index='2' model='pcie-root-port'>
+ <model name='pcie-root-port'/>
+ <target chassis='2' port='0x11'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
+ </controller>
+ <controller type='pci' index='3' model='pcie-root-port'>
+ <model name='pcie-root-port'/>
+ <target chassis='3' port='0x12'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
+ </controller>
+ <interface type='network'>
+ <mac address='52:54:00:d6:c0:0b'/>
+ <source network='default'/>
+ <port isolated='yes'/>
+ <model type='virtio'/>
+ <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+ </interface>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <video>
+ <model type='qxl' ram='65536' vram='32768' vgamem='8192' heads='1' primary='yes'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
+ </video>
+ <memballoon model='none'/>
+ </devices>
+</domain>
DO_TEST("net-virtio-teaming-network",
QEMU_CAPS_VIRTIO_NET_FAILOVER,
QEMU_CAPS_DEVICE_VFIO_PCI);
+ DO_TEST_CAPS_LATEST("net-isolated-port");
DO_TEST("net-hostdev", NONE);
DO_TEST("net-hostdev-bootorder", NONE);
DO_TEST("net-hostdev-vfio", QEMU_CAPS_DEVICE_VFIO_PCI);
projects / libvirt.git / commitdiff