[pve-devel] [PATCH container v3 1/3] enforce unicast MAC for netconfig

[Stoiko Ivanov]

having a container with a multicast mac (see [1]), prevents it from starting
(see [0,3]).

This patch uses the 'mac-addr' standard_option defined in PVE::JSONSchema to
ensure only unicast macaddresses are used for netconfig.

[0] https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html
[1] https://en.wikipedia.org/wiki/MAC_address
[2] https://pve.proxmox.com/pipermail/pve-devel/2019-March/035996.html

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
 src/PVE/LXC/Config.pm | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 7762533..866d787 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -600,13 +600,9 @@ our $netconf_desc = {
 	pattern => '[-_.\w\d]+',
 	optional => 1,
     },
-    hwaddr => {
-	type => 'string',
-	format_description => "XX:XX:XX:XX:XX:XX",
+    hwaddr => get_standard_option('mac-addr', {
         description => 'The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)',
-	pattern => qr/(?:[a-f0-9]{2}:){5}[a-f0-9]{2}/i,
-	optional => 1,
-    },
+	}),
     mtu => {
 	type => 'integer',
 	description => 'Maximum transfer unit of the interface. (lxc.network.mtu)',
-- 
2.11.0