Change monitor blacklist into whitelist (#90)

This way we have tighter control over what interfaces are monitored, which are
essentially just PIFs (eth*) and VIFs (vifx.y). Recently, we have had to extend
the blacklist several times, because devices with different names appeared,
which we do not want to monitor.

Signed-off-by: Rob Hoes <[email protected]>

Author: robhoes

networkd/network_monitor_thread.ml

@@ -25,15 +25,9 @@ open D
 (** Table for bonds status. *)
 let bonds_status : (string, (int * int)) Hashtbl.t = Hashtbl.create 10
 
-let monitor_blacklist = ref [
-	"dummy";
-	"xenbr";
-	"xapi";
-	"ovs-system";
-	"xenapi";
-	"lo";
-	"bond";
-	"pvs";
+let monitor_whitelist = ref [
+	"eth";
+	"vif"; (* This includes "tap" owing to the use of standardise_name below *)
 ]
 
 let xapi_rpc request =
@@ -110,14 +104,21 @@ let get_link_stats () =
 	let cache = Link.cache_alloc s in
 	let links = Link.cache_to_list cache in
 	let links =
+		let is_whitelisted name =
+			List.exists (fun s -> String.startswith s name) !monitor_whitelist
+		in
+		let is_vlan name =
+			String.startswith "eth" name && String.contains name '.'
+		in
 		List.map (fun link ->
 			(standardise_name (Link.get_name link)), link
 		) links |>
-		List.filter (fun (name,link) ->
-			let is_monitor_blacklisted = List.exists (fun s -> String.startswith s name) !monitor_blacklist ||
-						(String.startswith "eth" name && String.contains name '.') in
-			not is_monitor_blacklisted
-		) in
+		(* Only keep interfaces with prefixes on the whitelist, and exclude VLAN
+		   devices (ethx.y). *)
+		List.filter (fun (name, _) ->
+			is_whitelisted name && not (is_vlan name)
+		)
+	in
 
 	let devs = List.map (fun (name,link) ->
 		let convert x = Int64.of_int (Unsigned.UInt64.to_int x) in

networkd/networkd.ml

@@ -51,7 +51,7 @@ let resources = [
 ]
 
 let options = [
-	"monitor_blacklist", Arg.String (fun x -> Network_monitor_thread.monitor_blacklist := String.split ',' x), (fun () -> String.concat "," !Network_monitor_thread.monitor_blacklist), "List of prefixes of interface names that are not to be monitored";
+	"monitor_whitelist", Arg.String (fun x -> Network_monitor_thread.monitor_whitelist := String.split ',' x), (fun () -> String.concat "," !Network_monitor_thread.monitor_whitelist), "List of prefixes of interface names that are to be monitored";
 	"mac-table-size", Arg.Set_int Network_utils.mac_table_size, (fun () -> string_of_int !Network_utils.mac_table_size), "Default value for the mac-table-size openvswitch parameter (see ovs-vswitchd.conf.db.5)";
 	"enic-workaround-until-version", Arg.Set_string Network_server.enic_workaround_until_version, (fun () -> !Network_server.enic_workaround_until_version), "The version till enic driver workaround will be applied or the version set to an empty string for not applying the workaround.";
 	"pvs-proxy-socket", Arg.Set_string Network_server.PVS_proxy.path, (fun () -> !Network_server.PVS_proxy.path), "Path to the Unix domain socket for the PVS-proxy daemon";