[libvirt] [PATCH 02/27] network: restrict usage of port management APIs
Michal Privoznik
mprivozn at redhat.com
Tue Jan 8 16:15:48 UTC 2019
On 12/24/18 3:58 PM, Daniel P. Berrangé wrote:
> The port allocation APIs are currently called unconditionally for all
> types of NIC, but (mostly) only do anything for NICs with type=network.
>
> The exception is the port allocate API which does some validation even
> for NICs with type!=network. Relying on this validation is flawed,
> however, since the network driver may not even be installed. IOW virt
> drivers must not delegate validation to the network driver for NICs
> with type != network.
>
> This change allows us to report errors when the virtual network driver
> is not registered.
>
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
> src/conf/domain_conf.c | 12 +++----
> src/libxl/libxl_domain.c | 6 ++--
> src/libxl/libxl_driver.c | 9 +++--
> src/lxc/lxc_driver.c | 6 ++--
> src/lxc/lxc_process.c | 10 ++++--
> src/network/bridge_driver.c | 66 ++++++++++++++++++-------------------
> src/qemu/qemu_hotplug.c | 17 ++++++----
> src/qemu/qemu_process.c | 9 +++--
> 8 files changed, 76 insertions(+), 59 deletions(-)
>
> diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
> index 33c806630b..7a6b40d9b8 100644
> --- a/src/lxc/lxc_process.c
> +++ b/src/lxc/lxc_process.c
> @@ -547,6 +548,10 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn,
> if (virLXCProcessValidateInterface(net) < 0)
> goto cleanup;
>
> + if (net->type == VIR_DOMAIN_NET_TYPE_NETWORK &&
> + virDomainNetAllocateActualDevice(def, net) < 0)
> + goto cleanup;
> +
> if (virDomainNetAllocateActualDevice(def, net) < 0)
> goto cleanup;
This looks fishy. Even though you fix it later in the series.
Michal
More information about the libvir-list
mailing list