Skip to content

L
lxc
Commit fdf76c6d by Thomas Parrott
Options

confile: Adds validation for lxc.net.veth.vlan.id

Signed-off-by: 's avatarThomas Parrott <thomas.parrott@canonical.com>
parent c96a27f7
Showing with 71 additions and 0 deletions
src/lxc/confile.c
...@@ -32,6 +32,7 @@ ...@@ -32,6 +32,7 @@
#include "../include/netns_ifaddrs.h" #include "../include/netns_ifaddrs.h"
#include "log.h" #include "log.h"
#include "lxcseccomp.h" #include "lxcseccomp.h"
#include "macro.h"
#include "memory_utils.h" #include "memory_utils.h"
#include "network.h" #include "network.h"
#include "parse.h" #include "parse.h"
...@@ -126,6 +127,7 @@ lxc_config_define(net_veth_mode); ...@@ -126,6 +127,7 @@ lxc_config_define(net_veth_mode);
lxc_config_define(net_veth_pair); lxc_config_define(net_veth_pair);
lxc_config_define(net_veth_ipv4_route); lxc_config_define(net_veth_ipv4_route);
lxc_config_define(net_veth_ipv6_route); lxc_config_define(net_veth_ipv6_route);
lxc_config_define(net_veth_vlan_id);
lxc_config_define(net_vlan_id); lxc_config_define(net_vlan_id);
lxc_config_define(no_new_privs); lxc_config_define(no_new_privs);
lxc_config_define(personality); lxc_config_define(personality);
...@@ -239,6 +241,7 @@ static struct lxc_config_t config_jump_table[] = { ...@@ -239,6 +241,7 @@ static struct lxc_config_t config_jump_table[] = {
{ "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, }, { "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, },
{ "lxc.net.veth.ipv4.route", set_config_net_veth_ipv4_route, get_config_net_veth_ipv4_route, clr_config_net_veth_ipv4_route, }, { "lxc.net.veth.ipv4.route", set_config_net_veth_ipv4_route, get_config_net_veth_ipv4_route, clr_config_net_veth_ipv4_route, },
{ "lxc.net.veth.ipv6.route", set_config_net_veth_ipv6_route, get_config_net_veth_ipv6_route, clr_config_net_veth_ipv6_route, }, { "lxc.net.veth.ipv6.route", set_config_net_veth_ipv6_route, get_config_net_veth_ipv6_route, clr_config_net_veth_ipv6_route, },
{ "lxc.net.veth.vlan.id", set_config_net_veth_vlan_id, get_config_net_veth_vlan_id, clr_config_net_veth_vlan_id, },
{ "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, }, { "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, },
{ "lxc.net", set_config_net, get_config_net, clr_config_net, }, { "lxc.net", set_config_net, get_config_net, clr_config_net, },
{ "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, }, { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, },
...@@ -487,6 +490,36 @@ static int set_config_net_veth_pair(const char *key, const char *value, ...@@ -487,6 +490,36 @@ static int set_config_net_veth_pair(const char *key, const char *value,
return network_ifname(netdev->priv.veth_attr.pair, value, sizeof(netdev->priv.veth_attr.pair)); return network_ifname(netdev->priv.veth_attr.pair, value, sizeof(netdev->priv.veth_attr.pair));
} }
static int set_config_net_veth_vlan_id(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
int ret;
struct lxc_netdev *netdev = data;
if (!netdev)
return ret_errno(EINVAL);
if (lxc_config_value_empty(value))
return clr_config_net_veth_vlan_id(key, lxc_conf, data);
if (strcmp(value, "none") == 0) {
netdev->priv.veth_attr.vlan_id = BRIDGE_VLAN_NONE;
} else {
unsigned short vlan_id;
ret = get_u16(&vlan_id, value, 0);
if (ret < 0)
return ret_errno(EINVAL);
if (vlan_id > BRIDGE_VLAN_ID_MAX)
return ret_errno(EINVAL);
netdev->priv.veth_attr.vlan_id = vlan_id;
}
netdev->priv.veth_attr.vlan_id_set = true;
return 0;
}
static int set_config_net_macvlan_mode(const char *key, const char *value, static int set_config_net_macvlan_mode(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data) struct lxc_conf *lxc_conf, void *data)
{ {
...@@ -5301,6 +5334,20 @@ static int clr_config_net_veth_pair(const char *key, struct lxc_conf *lxc_conf, ...@@ -5301,6 +5334,20 @@ static int clr_config_net_veth_pair(const char *key, struct lxc_conf *lxc_conf,
return 0; return 0;
} }
static int clr_config_net_veth_vlan_id(const char *key, struct lxc_conf *lxc_conf,
void *data)
{
struct lxc_netdev *netdev = data;
if (!netdev)
return ret_errno(EINVAL);
netdev->priv.veth_attr.vlan_id = 0;
netdev->priv.veth_attr.vlan_id_set = false;
return 0;
}
static int clr_config_net_script_up(const char *key, struct lxc_conf *lxc_conf, static int clr_config_net_script_up(const char *key, struct lxc_conf *lxc_conf,
void *data) void *data)
{ {
...@@ -5772,6 +5819,29 @@ static int get_config_net_veth_pair(const char *key, char *retv, int inlen, ...@@ -5772,6 +5819,29 @@ static int get_config_net_veth_pair(const char *key, char *retv, int inlen,
return fulllen; return fulllen;
} }
static int get_config_net_veth_vlan_id(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data)
{
int len;
int fulllen = 0;
struct lxc_netdev *netdev = data;
if (!netdev)
return ret_errno(EINVAL);
if (netdev->type != LXC_NET_VETH)
return 0;
if (!retv)
inlen = 0;
else
memset(retv, 0, inlen);
strprint(retv, inlen, "%d", netdev->priv.veth_attr.vlan_id);
return fulllen;
}
static int get_config_net_script_up(const char *key, char *retv, int inlen, static int get_config_net_script_up(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data) struct lxc_conf *c, void *data)
{ {
...@@ -6200,6 +6270,7 @@ int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen) ...@@ -6200,6 +6270,7 @@ int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen)
strprint(retv, inlen, "veth.pair\n"); strprint(retv, inlen, "veth.pair\n");
strprint(retv, inlen, "veth.ipv4.route\n"); strprint(retv, inlen, "veth.ipv4.route\n");
strprint(retv, inlen, "veth.ipv6.route\n"); strprint(retv, inlen, "veth.ipv6.route\n");
strprint(retv, inlen, "veth.vlan.id\n");
break; break;
case LXC_NET_MACVLAN: case LXC_NET_MACVLAN:
strprint(retv, inlen, "macvlan.mode\n"); strprint(retv, inlen, "macvlan.mode\n");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment