mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-07-02 16:02:37 +00:00
vmm: config: Reject reserved fd from network config
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
This commit is contained in:
Rob Bradford
Sebastien Boeuf
parent
e0c0d0e142
commit
86e4067437
|
|
@ -117,6 +117,8 @@ pub enum ValidationError {
|
||||||
VnetQueueLowerThan2,
|
VnetQueueLowerThan2,
|
||||||
/// The input queue number for virtio_net must match the number of input fds
|
/// The input queue number for virtio_net must match the number of input fds
|
||||||
VnetQueueFdMismatch,
|
VnetQueueFdMismatch,
|
||||||
|
/// Using reserved fd
|
||||||
|
VnetReservedFd,
|
||||||
// Hugepages not turned on
|
// Hugepages not turned on
|
||||||
HugePageSizeWithoutHugePages,
|
HugePageSizeWithoutHugePages,
|
||||||
// Huge page size is not power of 2
|
// Huge page size is not power of 2
|
||||||
|
|
@ -153,6 +155,7 @@ impl fmt::Display for ValidationError {
|
||||||
f,
|
f,
|
||||||
"Number of queues to virtio_net does not match the number of input FDs"
|
"Number of queues to virtio_net does not match the number of input FDs"
|
||||||
),
|
),
|
||||||
|
VnetReservedFd => write!(f, "Reserved fd number (<= 2)"),
|
||||||
HugePageSizeWithoutHugePages => {
|
HugePageSizeWithoutHugePages => {
|
||||||
write!(f, "Huge page size specified but huge pages not enabled")
|
write!(f, "Huge page size specified but huge pages not enabled")
|
||||||
}
|
}
|
||||||
|
|
@ -1075,6 +1078,7 @@ impl NetConfig {
|
||||||
config.validate().map_err(Error::Validation)?;
|
config.validate().map_err(Error::Validation)?;
|
||||||
Ok(config)
|
Ok(config)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn validate(&self) -> ValidationResult<()> {
|
pub fn validate(&self) -> ValidationResult<()> {
|
||||||
if self.num_queues < 2 {
|
if self.num_queues < 2 {
|
||||||
return Err(ValidationError::VnetQueueLowerThan2);
|
return Err(ValidationError::VnetQueueLowerThan2);
|
||||||
|
|
@ -1084,6 +1088,14 @@ impl NetConfig {
|
||||||
return Err(ValidationError::VnetQueueFdMismatch);
|
return Err(ValidationError::VnetQueueFdMismatch);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if let Some(fds) = self.fds.as_ref() {
|
||||||
|
for fd in fds {
|
||||||
|
if *fd <= 2 {
|
||||||
|
return Err(ValidationError::VnetReservedFd);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -2595,6 +2607,13 @@ mod tests {
|
||||||
still_valid_config.memory.shared = true;
|
still_valid_config.memory.shared = true;
|
||||||
assert!(still_valid_config.validate().is_ok());
|
assert!(still_valid_config.validate().is_ok());
|
||||||
|
|
||||||
|
let mut invalid_config = valid_config.clone();
|
||||||
|
invalid_config.net = Some(vec![NetConfig {
|
||||||
|
fds: Some(vec![0]),
|
||||||
|
..Default::default()
|
||||||
|
}]);
|
||||||
|
assert!(invalid_config.validate().is_err());
|
||||||
|
|
||||||
let mut invalid_config = valid_config.clone();
|
let mut invalid_config = valid_config.clone();
|
||||||
invalid_config.fs = Some(vec![FsConfig {
|
invalid_config.fs = Some(vec![FsConfig {
|
||||||
..Default::default()
|
..Default::default()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user