[libvirt] [PATCH 07/10] libxl: prevent attaching multiple netdevs with the same MAC

Jim Fehlig jfehlig at suse.com
Thu Feb 19 20:58:02 UTC 2015


Marek Marczykowski-Górecki wrote:
> On Thu, Feb 19, 2015 at 11:43:15AM -0700, Jim Fehlig wrote:
>   
>> Marek Marczykowski-Górecki wrote:
>>     
>>> It will not be possible to detach such device later. Also improve
>>> logging in such cases.
>>>
>>> Signed-off-by: Marek Marczykowski-Górecki <marmarek at invisiblethingslab.com>
>>> ---
>>>  src/libxl/libxl_driver.c | 41 +++++++++++++++++++++++++++++++++++++++--
>>>  1 file changed, 39 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
>>> index ce3a99b..005cc96 100644
>>> --- a/src/libxl/libxl_driver.c
>>> +++ b/src/libxl/libxl_driver.c
>>> @@ -2787,6 +2787,7 @@ libxlDomainAttachNetDevice(libxlDriverPrivatePtr driver,
>>>      int actualType;
>>>      libxl_device_nic nic;
>>>      int ret = -1;
>>> +    char mac[VIR_MAC_STRING_BUFLEN];
>>>  
>>>      /* preallocate new slot for device */
>>>      if (VIR_REALLOC_N(vm->def->nets, vm->def->nnets + 1) < 0)
>>> @@ -2801,6 +2802,14 @@ libxlDomainAttachNetDevice(libxlDriverPrivatePtr driver,
>>>  
>>>      actualType = virDomainNetGetActualType(net);
>>>  
>>> +    /* -2 means "multiple matches" so then fail also */
>>>   
>>>       
>> No longer true after commit 2fbae1b2.  I think you just want to check if
>> virDomainNetFindIdx() >= 0, meaning the def already contains a net
>> device with the same mac address.
>>     
>
> But here the error is when the device *is* found, so the opposite case
> than already reported as an error by virDomainNetFindIdx.

If you find an idx >= 0, then the domain def already contains a net
device with the same mac address, right?  In that case, you report an
error and return failure from libxlDomainAttachNetDevice().

Regards,
Jim

>  Is it correct
> (harmless) to call virReportError when no error occurred (function
> returns >=0)? Maybe libvirt should check for duplicated devices at
> higher level (-> for all drivers in the same place)?
>
>   
>>> +    if (virDomainNetFindIdx(vm->def, net) != -1) {
>>> +        virReportError(VIR_ERR_OPERATION_FAILED,
>>> +                _("device matching mac address %s already exists"),
>>> +                virMacAddrFormat(&net->mac, mac));
>>> +        return -1;
>>> +    }
>>> +
>>>      if (actualType == VIR_DOMAIN_NET_TYPE_HOSTDEV) {
>>>          /* This is really a "smart hostdev", so it should be attached
>>>           * as a hostdev (the hostdev code will reach over into the
>>> @@ -2879,6 +2888,7 @@ libxlDomainAttachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev)
>>>      virDomainHostdevDefPtr hostdev;
>>>      virDomainHostdevDefPtr found;
>>>      virDomainHostdevSubsysPCIPtr pcisrc;
>>> +    char mac[VIR_MAC_STRING_BUFLEN];
>>>  
>>>      switch (dev->type) {
>>>          case VIR_DOMAIN_DEVICE_DISK:
>>> @@ -2896,6 +2906,12 @@ libxlDomainAttachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev)
>>>  
>>>          case VIR_DOMAIN_DEVICE_NET:
>>>              net = dev->data.net;
>>> +            if (virDomainNetFindIdx(vmdef, net) >= 0) {
>>> +                virReportError(VIR_ERR_INVALID_ARG,
>>> +                               _("network device with mac %s already exists."),
>>> +                               virMacAddrFormat(&net->mac, mac));
>>> +                return -1;
>>> +            }
>>>   
>>>       
>> Ah, like you've done here :-).
>>
>>     
>>>              if (virDomainNetInsert(vmdef, net))
>>>                  return -1;
>>>              dev->data.net = NULL;
>>> @@ -3060,8 +3076,18 @@ libxlDomainDetachNetDevice(libxlDriverPrivatePtr driver,
>>>      char mac[VIR_MAC_STRING_BUFLEN];
>>>      int ret = -1;
>>>  
>>> -    if ((detachidx = virDomainNetFindIdx(vm->def, net)) < 0)
>>> +    if ((detachidx = virDomainNetFindIdx(vm->def, net)) < 0) {
>>> +        if (detachidx == -2) {
>>> +            virReportError(VIR_ERR_OPERATION_FAILED,
>>> +                    _("multiple devices matching mac address %s found"),
>>> +                    virMacAddrFormat(&net->mac, mac));
>>> +        } else {
>>> +            virReportError(VIR_ERR_OPERATION_FAILED,
>>> +                    _("network device %s not found"),
>>> +                    virMacAddrFormat(&net->mac, mac));
>>> +        }
>>>   
>>>       
>> virDomainNetFindIdx() handles the error reporting now.
>>
>>     
>>>          return -1;
>>> +    }
>>>  
>>>      detach = vm->def->nets[detachidx];
>>>  
>>> @@ -3136,6 +3162,7 @@ libxlDomainDetachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev)
>>>      virDomainHostdevDefPtr hostdev, det_hostdev;
>>>      virDomainNetDefPtr net;
>>>      int idx;
>>> +    char mac[VIR_MAC_STRING_BUFLEN];
>>>  
>>>      switch (dev->type) {
>>>          case VIR_DOMAIN_DEVICE_DISK:
>>> @@ -3150,8 +3177,18 @@ libxlDomainDetachDeviceConfig(virDomainDefPtr vmdef, virDomainDeviceDefPtr dev)
>>>  
>>>          case VIR_DOMAIN_DEVICE_NET:
>>>              net = dev->data.net;
>>> -            if ((idx = virDomainNetFindIdx(vmdef, net)) < 0)
>>> +            if ((idx = virDomainNetFindIdx(vmdef, net)) < 0) {
>>> +                if (idx == -2) {
>>> +                    virReportError(VIR_ERR_OPERATION_FAILED,
>>> +                            _("multiple devices matching mac address %s found"),
>>> +                            virMacAddrFormat(&dev->data.net->mac, mac));
>>> +                } else {
>>> +                    virReportError(VIR_ERR_OPERATION_FAILED,
>>> +                            _("network device %s not found"),
>>> +                            virMacAddrFormat(&dev->data.net->mac, mac));
>>> +                }
>>>   
>>>       
>> Same here.
>>
>> Regards,
>> Jim
>>
>>     
>
>   




More information about the libvir-list mailing list