mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-07-31 22:17:17 +00:00
77f72a8615
Although <interface type='ethernet'> has always been able to use an
existing tap device, this is just a coincidence due to the fact that
the same ioctl is used to create a new tap device or get a handle to
an existing device.
Even then, once we have the handle to the device, we still insist on
doing extra setup to it (setting the MAC address and IFF_UP). That
*might* be okay if libvirtd is running as a privileged process, but if
libvirtd is running as an unprivileged user, those attempted
modifications to the tap device will fail (yes, even if the tap is set
to be owned by the user running libvirtd). We could avoid this if we
knew that the device already existed, but as stated above, an existing
device and new device are both accessed in the same manner, and
anyway, we need to preserve existing behavior for those who are
already using pre-existing devices with privileged libvirtd (and
allowing/expecting libvirt to configure the pre-existing device).
In order to cleanly support the idea of using a pre-existing and
pre-configured tap device, this patch introduces a new optional
attribute "managed" for the interface <target> element. This
attribute is only valid for <interface type='ethernet'> (since all
other interface types have mandatory config that doesn't apply in the
case where we expect the tap device to be setup before we
get it). The syntax would look something like this:
<interface type='ethernet'>
<target dev='mytap0' managed='no'/>
...
</interface>
This patch just adds managed to the grammar and parser for <target>,
but has no functionality behind it.
(NB: when managed='no' (the default when not specified is 'yes'), the
target dev is always a name explicitly provided, so we don't
auto-remove it from the config just because it starts with "vnet"
(VIR_NET_GENERATED_TAP_PREFIX); this makes it possible to use the
same pattern of names that libvirt itself uses when it automatically
creates the tap devices.)
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
||
|---|---|---|
| .. | ||
| basictypes.rng | ||
| capability.rng | ||
| cputypes.rng | ||
| domain.rng | ||
| domaincaps.rng | ||
| domaincheckpoint.rng | ||
| domaincommon.rng | ||
| domainsnapshot.rng | ||
| interface.rng | ||
| network.rng | ||
| networkcommon.rng | ||
| networkport.rng | ||
| nodedev.rng | ||
| nwfilter_params.rng | ||
| nwfilter.rng | ||
| nwfilterbinding.rng | ||
| secret.rng | ||
| storagecommon.rng | ||
| storagepool.rng | ||
| storagepoolcaps.rng | ||
| storagevol.rng | ||