1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 17:34:18 +03:00

conf: Restrict use of <portForward> to the passt backend

That's already the case in practice, but it's a better
experience for the user if we reject this configuration
outright instead of silently ignoring part of it.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
This commit is contained in:
Andrea Bolognani 2023-04-18 11:08:03 +02:00
parent f1998a63e3
commit 985f78e804
4 changed files with 31 additions and 0 deletions

View File

@ -2097,6 +2097,15 @@ virDomainNetDefValidate(const virDomainNetDef *net)
}
}
if (net->nPortForwards > 0 &&
(net->type != VIR_DOMAIN_NET_TYPE_USER ||
(net->type == VIR_DOMAIN_NET_TYPE_USER &&
net->backend.type != VIR_DOMAIN_NET_BACKEND_PASST))) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("The <portForward> element can only be used with <interface type='user'> and its 'passt' backend"));
return -1;
}
switch (net->type) {
case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
if (!virDomainNetIsVirtioModel(net)) {

View File

@ -0,0 +1 @@
unsupported configuration: The <portForward> element can only be used with <interface type='user'> and its 'passt' backend

View File

@ -0,0 +1,20 @@
<domain type='qemu'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219136</memory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64' machine='pc'>hvm</type>
<boot dev='hd'/>
</os>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<interface type='user'>
<mac address='00:11:22:33:44:55'/>
<portForward proto='tcp'>
<range start='443' to='344'/>
</portForward>
<model type='virtio'/>
</interface>
</devices>
</domain>

View File

@ -1413,6 +1413,7 @@ mymain(void)
DO_TEST_NOCAPS("net-user-addr");
DO_TEST_CAPS_LATEST("net-user-passt");
DO_TEST_CAPS_VER("net-user-passt", "7.2.0");
DO_TEST_CAPS_LATEST_PARSE_ERROR("net-user-slirp-portforward");
DO_TEST_NOCAPS("net-virtio");
DO_TEST_NOCAPS("net-virtio-device");
DO_TEST_NOCAPS("net-virtio-disable-offloads");