[pve-devel] applied: [PATCH cluster v3 1/1] mac_prefix: do not allow multicast prefixes
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Mar 14 09:30:08 CET 2019
On 3/12/19 4:07 PM, Stoiko Ivanov wrote:
> MAC-addresses having the LSB of the first octet set, are considered
> multicast-addresses (see [0,1]). LXC (the kernel) does not allow
> such a mac-address to be set for a device, thus preventing containers from
> starting if a multicast prefix is set (reported in [2] by Alexandre)
>
> This patch introduces 'mac-prefix' (permitting only unicast prefixes) via
> register_format and uses it instead of the pattern.
>
> [0] https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html
> [1] https://en.wikipedia.org/wiki/MAC_address
> [2] https://pve.proxmox.com/pipermail/pve-devel/2019-March/035996.html
>
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
> data/PVE/Cluster.pm | 12 +++++++++++-
> 1 file changed, 11 insertions(+), 1 deletion(-)
>
> diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
> index e52bf9d..5c71c1c 100644
> --- a/data/PVE/Cluster.pm
> +++ b/data/PVE/Cluster.pm
> @@ -1348,6 +1348,16 @@ my $ha_format = {
> }
> };
>
> +PVE::JSONSchema::register_format('mac-prefix', \&pve_verify_mac_prefix);
> +sub pve_verify_mac_prefix {
> + my ($mac_prefix, $noerr) = @_;
> +
> + if ($mac_prefix !~ m/^[a-f0-9][02468ace](?::[a-f0-9]{2}){0,2}:?$/i) {
> + return undef if $noerr;
> + die "value is not a valid unicast MAC address prefix\n";
> + }
> + return $mac_prefix;
> +}
>
> my $datacenter_schema = {
> type => "object",
> @@ -1440,7 +1450,7 @@ my $datacenter_schema = {
> mac_prefix => {
> optional => 1,
> type => 'string',
> - pattern => qr/[a-f0-9]{2}(?::[a-f0-9]{2}){0,2}:?/i,
> + format => 'mac-prefix',
> description => 'Prefix for autogenerated MAC addresses.',
> },
> bwlimit => PVE::JSONSchema::get_standard_option('bwlimit'),
>
applied, thanks!
More information about the pve-devel
mailing list