Merge pull request #3319 from brauner/2020-03-21/fixes

src/lxc/cmd/lxc_user_nic.c

@@ -727,15 +727,21 @@ static char *get_nic_if_avail(int fd, struct alloted_s *names, int pid,
 		return NULL;
 
         uid = getuid();
-	/* for POSIX integer uids the network device name schema is vethUID_XXXXX */
+	/*
+	 * For POSIX integer uids the network device name schema is
+	 * vethUID_XXXX.
+	 * With four random characters passed to
+	 * lxc_ifname_alnum_case_sensitive() we get 62^4 = 14776336
+	 * combinations per uid. That's plenty of network devices for now.
+	 */
 	if (uid > 0 && uid <= 65536)
-		ret = snprintf(nicname, sizeof(nicname), "veth%d_XXXXX", uid);
+		ret = snprintf(nicname, sizeof(nicname), "veth%d_XXXX", uid);
 	else
 		ret = snprintf(nicname, sizeof(nicname), "vethXXXXXX");
 	if (ret < 0 || (size_t)ret >= sizeof(nicname))
 		return NULL;
 
-	if (!lxc_mkifname(nicname))
+	if (!lxc_ifname_alnum_case_sensitive(nicname))
 		return NULL;
 
 	ret = create_nic(nicname, br, pid, cnic);

src/lxc/criu.c

@@ -903,7 +903,7 @@ static bool restore_net_info(struct lxc_container *c)
 
 		if (netdev->priv.veth_attr.pair[0] == '\0' &&
 		    netdev->priv.veth_attr.veth1[0] == '\0') {
-			if (!lxc_mkifname(template))
+			if (!lxc_ifname_alnum_case_sensitive(template))
 				goto out_unlock;
 
 			(void)strlcpy(netdev->priv.veth_attr.veth1, template, IFNAMSIZ);

src/lxc/network.c

@@ -261,7 +261,7 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 		if (err < 0 || (size_t)err >= sizeof(veth1buf))
 			return -1;
 
-		veth1 = lxc_mkifname(veth1buf);
+		veth1 = lxc_ifname_alnum_case_sensitive(veth1buf);
 		if (!veth1)
 			return -1;
 
@@ -273,7 +273,7 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd
 	if (err < 0 || (size_t)err >= sizeof(veth2buf))
 		return -1;
 
-	veth2 = lxc_mkifname(veth2buf);
+	veth2 = lxc_ifname_alnum_case_sensitive(veth2buf);
 	if (!veth2)
 		return -1;
 
@@ -470,7 +470,7 @@ static int instantiate_macvlan(struct lxc_handler *handler, struct lxc_netdev *n
 	if (err < 0 || (size_t)err >= sizeof(peer))
 		return -1;
 
-	if (!lxc_mkifname(peer))
+	if (!lxc_ifname_alnum_case_sensitive(peer))
 		return -1;
 
 	err = lxc_macvlan_create(netdev->link, peer,
@@ -625,7 +625,7 @@ static int instantiate_ipvlan(struct lxc_handler *handler, struct lxc_netdev *ne
 	if (err < 0 || (size_t)err >= sizeof(peer))
 		return -1;
 
-	if (!lxc_mkifname(peer))
+	if (!lxc_ifname_alnum_case_sensitive(peer))
 		return -1;
 
 	err = lxc_ipvlan_create(netdev->link, peer, netdev->priv.ipvlan_attr.mode,
@@ -2446,9 +2446,9 @@ const char *lxc_net_type_to_str(int type)
 	return lxc_network_types[type];
 }
 
-static const char padchar[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+static const char padchar[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
 
-char *lxc_mkifname(char *template)
+char *lxc_ifname_alnum_case_sensitive(char *template)
 {
 	int ret;
 	struct netns_ifaddrs *ifa, *ifaddr;

src/lxc/network.h

@@ -251,10 +251,12 @@ extern int lxc_ip_forwarding_on(const char *name, int family);
 /* Disable IP forwarding. */
 extern int lxc_ip_forwarding_off(const char *name, int family);
 
-/* Generate a new unique network interface name.
- * Allocated memory must be freed by caller.
+/*
+ * Generate a new unique network interface name.
+ *
+ * Allows for 62^n unique combinations.
  */
-extern char *lxc_mkifname(char *template);
+extern char *lxc_ifname_alnum_case_sensitive(char *template);
 
 extern const char *lxc_net_type_to_str(int type);
 extern int setup_private_host_hw_addr(char *veth1);