1. Patchew
  2. Libvirt
  3. View series

[libvirt] [PATCH] qemu: Check for down limit of SLIRP prefix too

Michal Privoznik posted 1 patch 6 years, 2 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/752bd86905f0467865022c7bb4b3c35d739a9a22.1517914784.git.mprivozn@redhat.com
src/qemu/qemu_domain.c | 6 ++++++
1 file changed, 6 insertions(+)
[libvirt] [PATCH] qemu: Check for down limit of SLIRP prefix too
Posted by Michal Privoznik 6 years, 2 months ago 
https://bugzilla.redhat.com/show_bug.cgi?id=1515533

We're already checking if IPv4 prefix isn't too long. But we are
not checking if it isn't too short. QEMU supports prefixes longer
than 4 (including). I haven't find anything similar related to
IPv6 in qemu sources.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index df433c2f0..4fc4db68b 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -3744,6 +3744,12 @@ qemuDomainDeviceDefValidateNetwork(const virDomainNetDef *net)
                                    _("prefix too long"));
                     return -1;
                 }
+
+                if (ip->prefix < 4) {
+                    virReportError(VIR_ERR_XML_ERROR, "%s",
+                                   _("prefix too short"));
+                    return -1;
+                }
             }
 
             if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET6)) {
-- 
2.13.6

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: Check for down limit of SLIRP prefix too
Posted by John Ferlan 6 years, 2 months ago 

On 02/06/2018 05:59 AM, Michal Privoznik wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=1515533
> 
> We're already checking if IPv4 prefix isn't too long. But we are
> not checking if it isn't too short. QEMU supports prefixes longer
> than 4 (including). I haven't find anything similar related to
> IPv6 in qemu sources.
> 
> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
> ---
>  src/qemu/qemu_domain.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
> index df433c2f0..4fc4db68b 100644
> --- a/src/qemu/qemu_domain.c
> +++ b/src/qemu/qemu_domain.c
> @@ -3744,6 +3744,12 @@ qemuDomainDeviceDefValidateNetwork(const virDomainNetDef *net)
>                                     _("prefix too long"));
>                      return -1;
>                  }
> +
> +                if (ip->prefix < 4) {
> +                    virReportError(VIR_ERR_XML_ERROR, "%s",
> +                                   _("prefix too short"));
> +                    return -1;
> +                }

Why not just mimic what QEMU essentially does in
net/slirp.c/net_slirp_init with a:

    if (ip->prefix < 4 || ip->prefix > 27) {
        virReportError(VIR_ERR_XLM_ERROR, "%s",
                       _("invalid prefix, must be in range of 4-27"));
        return -1;
    }

Perhaps even a note in formatdomain.html.in that the supported range for
the prefix is hypervisor dependent (but I'm not requiring that).

I trust that the details can be worked out, so

Reviewed-by: John Ferlan <jferlan@redhat.com>

for the concept/code

John

>              }
>  
>              if (VIR_SOCKET_ADDR_IS_FAMILY(&ip->address, AF_INET6)) {
> 

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.