From fdf76c6df57b48a7a85292054ed9a99c3943baf8 Mon Sep 17 00:00:00 2001 From: Thomas Parrott Date: Wed, 3 Jun 2020 11:06:49 +0100 Subject: [PATCH] confile: Adds validation for lxc.net.veth.vlan.id Signed-off-by: Thomas Parrott --- src/lxc/confile.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 13ebdd059..b8ae9a48b 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -32,6 +32,7 @@ #include "../include/netns_ifaddrs.h" #include "log.h" #include "lxcseccomp.h" +#include "macro.h" #include "memory_utils.h" #include "network.h" #include "parse.h" @@ -126,6 +127,7 @@ lxc_config_define(net_veth_mode); lxc_config_define(net_veth_pair); lxc_config_define(net_veth_ipv4_route); lxc_config_define(net_veth_ipv6_route); +lxc_config_define(net_veth_vlan_id); lxc_config_define(net_vlan_id); lxc_config_define(no_new_privs); lxc_config_define(personality); @@ -239,6 +241,7 @@ static struct lxc_config_t config_jump_table[] = { { "lxc.net.veth.pair", set_config_net_veth_pair, get_config_net_veth_pair, clr_config_net_veth_pair, }, { "lxc.net.veth.ipv4.route", set_config_net_veth_ipv4_route, get_config_net_veth_ipv4_route, clr_config_net_veth_ipv4_route, }, { "lxc.net.veth.ipv6.route", set_config_net_veth_ipv6_route, get_config_net_veth_ipv6_route, clr_config_net_veth_ipv6_route, }, + { "lxc.net.veth.vlan.id", set_config_net_veth_vlan_id, get_config_net_veth_vlan_id, clr_config_net_veth_vlan_id, }, { "lxc.net.", set_config_net_nic, get_config_net_nic, clr_config_net_nic, }, { "lxc.net", set_config_net, get_config_net, clr_config_net, }, { "lxc.no_new_privs", set_config_no_new_privs, get_config_no_new_privs, clr_config_no_new_privs, }, @@ -487,6 +490,36 @@ static int set_config_net_veth_pair(const char *key, const char *value, return network_ifname(netdev->priv.veth_attr.pair, value, sizeof(netdev->priv.veth_attr.pair)); } +static int set_config_net_veth_vlan_id(const char *key, const char *value, + struct lxc_conf *lxc_conf, void *data) +{ + int ret; + struct lxc_netdev *netdev = data; + + if (!netdev) + return ret_errno(EINVAL); + + if (lxc_config_value_empty(value)) + return clr_config_net_veth_vlan_id(key, lxc_conf, data); + + if (strcmp(value, "none") == 0) { + netdev->priv.veth_attr.vlan_id = BRIDGE_VLAN_NONE; + } else { + unsigned short vlan_id; + ret = get_u16(&vlan_id, value, 0); + if (ret < 0) + return ret_errno(EINVAL); + + if (vlan_id > BRIDGE_VLAN_ID_MAX) + return ret_errno(EINVAL); + + netdev->priv.veth_attr.vlan_id = vlan_id; + } + + netdev->priv.veth_attr.vlan_id_set = true; + return 0; +} + static int set_config_net_macvlan_mode(const char *key, const char *value, struct lxc_conf *lxc_conf, void *data) { @@ -5301,6 +5334,20 @@ static int clr_config_net_veth_pair(const char *key, struct lxc_conf *lxc_conf, return 0; } +static int clr_config_net_veth_vlan_id(const char *key, struct lxc_conf *lxc_conf, + void *data) +{ + struct lxc_netdev *netdev = data; + + if (!netdev) + return ret_errno(EINVAL); + + netdev->priv.veth_attr.vlan_id = 0; + netdev->priv.veth_attr.vlan_id_set = false; + + return 0; +} + static int clr_config_net_script_up(const char *key, struct lxc_conf *lxc_conf, void *data) { @@ -5772,6 +5819,29 @@ static int get_config_net_veth_pair(const char *key, char *retv, int inlen, return fulllen; } +static int get_config_net_veth_vlan_id(const char *key, char *retv, int inlen, + struct lxc_conf *c, void *data) +{ + int len; + int fulllen = 0; + struct lxc_netdev *netdev = data; + + if (!netdev) + return ret_errno(EINVAL); + + if (netdev->type != LXC_NET_VETH) + return 0; + + if (!retv) + inlen = 0; + else + memset(retv, 0, inlen); + + strprint(retv, inlen, "%d", netdev->priv.veth_attr.vlan_id); + + return fulllen; +} + static int get_config_net_script_up(const char *key, char *retv, int inlen, struct lxc_conf *c, void *data) { @@ -6200,6 +6270,7 @@ int lxc_list_net(struct lxc_conf *c, const char *key, char *retv, int inlen) strprint(retv, inlen, "veth.pair\n"); strprint(retv, inlen, "veth.ipv4.route\n"); strprint(retv, inlen, "veth.ipv6.route\n"); + strprint(retv, inlen, "veth.vlan.id\n"); break; case LXC_NET_MACVLAN: strprint(retv, inlen, "macvlan.mode\n"); -- 2.47.2