Error out when custom tap device path makes no sense

It is only usable for NETWORK and BRIDGE type interfaces.
Error out when trying to start a domain where the custom
tap device path is specified for interfaces of other types,
or when the daemon is not privileged.

Note that this cannot be checked at definition time, because
the comparison is against actual type.

https://bugzilla.redhat.com/show_bug.cgi?id=1147195
This commit is contained in:
Ján Tomko 2015-02-05 13:40:11 +01:00
parent 84f741812f
commit 8e724e9f3e
2 changed files with 19 additions and 3 deletions

View File

@ -4144,8 +4144,9 @@ qemu-kvm -net nic,model=? /dev/null
For tuning the backend of the network, the <code>backend</code> element For tuning the backend of the network, the <code>backend</code> element
can be used. The <code>vhost</code> attribute can override the default vhost can be used. The <code>vhost</code> attribute can override the default vhost
device path (<code>/dev/vhost-net</code>) for devices with <code>virtio</code> model. device path (<code>/dev/vhost-net</code>) for devices with <code>virtio</code> model.
Supported attributes are <code>tap</code> and <code>vhost</code>, The <code>tap</code> attribute overrides the tun/tap device path (default:
allowing to override the default devices for creating tap and vhost devices. <code>/dev/net/tun</code>) for network and bridge interfaces. This does not work
in session mode.
</p> </p>
<h5><a name="elementsNICSTargetOverride">Overriding the target element</a></h5> <h5><a name="elementsNICSTargetOverride">Overriding the target element</a></h5>

View File

@ -299,8 +299,14 @@ qemuNetworkIfaceConnect(virDomainDefPtr def,
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
const char *tunpath = "/dev/net/tun"; const char *tunpath = "/dev/net/tun";
if (net->backend.tap) if (net->backend.tap) {
tunpath = net->backend.tap; tunpath = net->backend.tap;
if (!cfg->privileged) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("cannot use custom tap device in session mode"));
goto cleanup;
}
}
if (!(brname = virDomainNetGetActualBridgeName(net))) { if (!(brname = virDomainNetGetActualBridgeName(net))) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Missing bridge name")); virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Missing bridge name"));
@ -7721,6 +7727,15 @@ qemuBuildInterfaceCommandLine(virCommandPtr cmd,
return -1; return -1;
} }
if (net->backend.tap &&
!(actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
actualType == VIR_DOMAIN_NET_TYPE_BRIDGE)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Custom tap device path is not supported for: %s"),
virDomainNetTypeToString(actualType));
return -1;
}
if (actualType == VIR_DOMAIN_NET_TYPE_NETWORK || if (actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
actualType == VIR_DOMAIN_NET_TYPE_BRIDGE) { actualType == VIR_DOMAIN_NET_TYPE_BRIDGE) {
tapfdSize = net->driver.virtio.queues; tapfdSize = net->driver.virtio.queues;