[libvirt] [PATCH 02/27] network: restrict usage of port management APIs

Daniel P. Berrangé berrange at redhat.com
Tue Jan 29 15:02:26 UTC 2019 

On Tue, Jan 08, 2019 at 05:15:48PM +0100, Michal Privoznik wrote:
> On 12/24/18 3:58 PM, Daniel P. Berrangé wrote:
> > The port allocation APIs are currently called unconditionally for all
> > types of NIC, but (mostly) only do anything for NICs with type=network.
> > 
> > The exception is the port allocate API which does some validation even
> > for NICs with type!=network. Relying on this validation is flawed,
> > however, since the network driver may not even be installed. IOW virt
> > drivers must not delegate validation to the network driver for NICs
> > with type != network.
> > 
> > This change allows us to report errors when the virtual network driver
> > is not registered.
> > 
> > Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> > ---
> >  src/conf/domain_conf.c      | 12 +++----
> >  src/libxl/libxl_domain.c    |  6 ++--
> >  src/libxl/libxl_driver.c    |  9 +++--
> >  src/lxc/lxc_driver.c        |  6 ++--
> >  src/lxc/lxc_process.c       | 10 ++++--
> >  src/network/bridge_driver.c | 66 ++++++++++++++++++-------------------
> >  src/qemu/qemu_hotplug.c     | 17 ++++++----
> >  src/qemu/qemu_process.c     |  9 +++--
> >  8 files changed, 76 insertions(+), 59 deletions(-)
> > 
> 
> 
> > diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
> > index 33c806630b..7a6b40d9b8 100644
> > --- a/src/lxc/lxc_process.c
> > +++ b/src/lxc/lxc_process.c
> 
> > @@ -547,6 +548,10 @@ static int virLXCProcessSetupInterfaces(virConnectPtr conn,
> >          if (virLXCProcessValidateInterface(net) < 0)
> >              goto cleanup;
> >  
> > +        if (net->type == VIR_DOMAIN_NET_TYPE_NETWORK &&
> > +            virDomainNetAllocateActualDevice(def, net) < 0)
> > +            goto cleanup;
> > +
> >          if (virDomainNetAllocateActualDevice(def, net) < 0)
> >              goto cleanup;
> 
> This looks fishy. Even though you fix it later in the series.

Well spotted, that is clearly nonsense !


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

More information about the libvir-list mailing list