diff --git a/vmm/src/device_manager.rs b/vmm/src/device_manager.rs index d6e2adc48..39d919ec5 100644 --- a/vmm/src/device_manager.rs +++ b/vmm/src/device_manager.rs @@ -2406,26 +2406,31 @@ impl DeviceManager { .map_err(DeviceManagerError::CreateVirtioNet)?, )) } else if let Some(fds) = &net_cfg.fds { - Arc::new(Mutex::new( - virtio_devices::Net::from_tap_fds( - id.clone(), - fds, - Some(net_cfg.mac), - net_cfg.mtu, - self.force_iommu | net_cfg.iommu, - net_cfg.queue_size, - self.seccomp_action.clone(), - net_cfg.rate_limiter_config, - self.exit_evt - .try_clone() - .map_err(DeviceManagerError::EventFd)?, - state, - net_cfg.offload_tso, - net_cfg.offload_ufo, - net_cfg.offload_csum, - ) - .map_err(DeviceManagerError::CreateVirtioNet)?, - )) + let net = virtio_devices::Net::from_tap_fds( + id.clone(), + fds, + Some(net_cfg.mac), + net_cfg.mtu, + self.force_iommu | net_cfg.iommu, + net_cfg.queue_size, + self.seccomp_action.clone(), + net_cfg.rate_limiter_config, + self.exit_evt + .try_clone() + .map_err(DeviceManagerError::EventFd)?, + state, + net_cfg.offload_tso, + net_cfg.offload_ufo, + net_cfg.offload_csum, + ) + .map_err(DeviceManagerError::CreateVirtioNet)?; + + // SAFETY: 'fds' are valid because TAP devices are created successfully + unsafe { + self.config.lock().unwrap().add_preserved_fds(fds.clone()); + } + + Arc::new(Mutex::new(net)) } else { Arc::new(Mutex::new( virtio_devices::Net::new(