[libvirt] [PATCH] config: report error when script given for inappropriate interface type

Eric Blake eblake at redhat.com
Sat Jan 7 13:05:42 UTC 2012 

On 01/06/2012 11:16 AM, Laine Stump wrote:
> This fixes https://bugzilla.redhat.com/show_bug.cgi?id=638633
> 

> 
> Currently the qemu, xen, libxml, and uml drivers recognize the script
> parameter and do something with it (the uml driver only to report that
> it isn't supported). Those drivers have been updated to log a
> CONFIG_UNSUPPORTED error when a script is specified for an interface
> type that's inappropriate for that particular hypervisor.
> 
> (NB: There was earlier discussion of solving this problem by adding a
> VALIDATE flag to all libvirt APIs that accept XML, which would cause
> the XML to be validated against the RNG files. One statement during
> that discussion was that the RNG shouldn't contain hypervisor-specific
> things, though, and a proper solution to this problem would require
> that (again, because a script for an interface of type "bridge" is
> accepted by xen, but not by qemu).

The idea for a VALIDATE flag is still independently useful, but I agree
with your assessment that it would not fix this particular case, because
the .rng does not distinguish between hypervisor-specific restrictions.

> +++ b/src/qemu/qemu_domain.c
> @@ -1167,10 +1167,12 @@ void qemuDomainObjCheckNetTaint(struct qemud_driver *driver,
>                                  virDomainNetDefPtr net,
>                                  int logFD)
>  {
> -    if ((net->type == VIR_DOMAIN_NET_TYPE_ETHERNET &&
> -         net->data.ethernet.script != NULL) ||
> -        (net->type == VIR_DOMAIN_NET_TYPE_BRIDGE &&
> -         net->data.bridge.script != NULL))
> +    /* script is only useful for NET_TYPE_ETHERNET (qemu) and
> +     * NET_TYPE_BRIDGE (xen), but could be (incorrectly) specified for
> +     * any interface type. In any case, it's adding user sauce into
> +     * the soup, so it should taint the domain.

Unusual that the comment mentions xen from inside the qemu directory,
but the comment is accurate, and I don't know of any better place to
stick it.

ACK.

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120107/069d6832/attachment-0001.sig>

More information about the libvir-list mailing list