From nobody Sun May 5 00:13:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1490516759995541.6893664714709; Sun, 26 Mar 2017 01:25:59 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9ADB5C05490A; Sun, 26 Mar 2017 08:25:59 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6C371BA889; Sun, 26 Mar 2017 08:25:59 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 21E1C18523CA; Sun, 26 Mar 2017 08:25:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v2PI13kd001292 for ; Sat, 25 Mar 2017 14:01:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8D31482782; Sat, 25 Mar 2017 18:01:03 +0000 (UTC) Received: from vhost2.laine.org (ovpn-116-59.phx2.redhat.com [10.3.116.59]) by smtp.corp.redhat.com (Postfix) with ESMTP id 48173784AE for ; Sat, 25 Mar 2017 18:01:01 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 9ADB5C05490A Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=laine.org Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 9ADB5C05490A From: Laine Stump To: libvir-list@redhat.com Date: Sat, 25 Mar 2017 14:00:56 -0400 Message-Id: <20170325180056.23219-1-laine@laine.org> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH] network: better validation of devices in hostdev network pool X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Sun, 26 Mar 2017 08:26:00 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This adds a few validations to the devices listed for a hostdev network: * devices must be listed by PCI address, not by netdev name * listing a device by PCI address is valid only for hostdev networks, not for other types of network (e.g. macvtap passthrough). * each device in a hostdev pool must be an SR-IOV VF Resolves: https://bugzilla.redhat.com/1004676 --- src/network/bridge_driver.c | 47 +++++++++++++++++++++++++++++++++++++++++= +--- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 3a7a249..3270dc5 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -3224,14 +3224,55 @@ networkValidate(virNetworkDriverStatePtr driver, * the type of each. */ for (i =3D 0; i < def->forward.nifs; i++) { - switch ((virNetworkForwardHostdevDeviceType) - def->forward.ifs[i].type) { + virNetworkForwardIfDefPtr iface =3D &def->forward.ifs[i]; + char *sysfs_path =3D NULL; + + switch ((virNetworkForwardHostdevDeviceType) iface->type) { case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NETDEV: usesInterface =3D true; + + if (def->forward.type =3D=3D VIR_NETWORK_FORWARD_HOSTDEV) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("hostdev network '%s' lists '%s' " + "in the device pool, but hostdev " + "networks require all devices to " + "be listed by PCI address, not " + "network device name"), + def->name, iface->device.dev); + return -1; + } break; - case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_PCI: + + case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_PCI: { usesAddress =3D true; + + if (def->forward.type !=3D VIR_NETWORK_FORWARD_HOSTDEV) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("network '%s' has forward mode '%s' " + " but lists a device by PCI address " + "in the device pool. This is only " + "supported for networks with forward " + "mode 'hostdev'"), + def->name, + virNetworkForwardTypeToString(def->forward.= type)); + return -1; + } + + if (virPCIDeviceAddressGetSysfsFile(&iface->device.pci, &sysfs= _path) < 0) + return -1; + + if (!virPCIIsVirtualFunction(sysfs_path)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("device '%s' in network '%s' is not " + "an SR-IOV Virtual Function"), + sysfs_path, def->name); + VIR_FREE(sysfs_path); + return -1; + } + VIR_FREE(sysfs_path); break; + } + case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_NONE: case VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_LAST: break; --=20 2.9.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list