diff options
| author |   mlarkin <mlarkin@openbsd.org> | 2017-10-30 03:37:33 +0000 |
|---|---|---|
| committer | mlarkin <mlarkin@openbsd.org> | 2017-10-30 03:37:33 +0000 |
| commit | a123de80e70000dd7b23647efc493639747902fb (patch) | |
| tree | 843e79bb44e48075a90b4bc5bea98cf82b307176 | |
| parent | sync (diff) | |
| download | wireguard-openbsd-a123de80e70000dd7b23647efc493639747902fb.tar.xz wireguard-openbsd-a123de80e70000dd7b23647efc493639747902fb.zip | |
vmd no longer creates bridges by default. users should create bridges in
/etc/hostname.bridge* files, and specify which bridge to use for a given
virtual switch in vm.conf.
diff from Carlos Cardenas, thanks
| -rw-r--r-- | usr.sbin/vmd/parse.y | 15 | ||||
| -rw-r--r-- | usr.sbin/vmd/priv.c | 25 | ||||
| -rw-r--r-- | usr.sbin/vmd/vm.conf.5 | 10 | ||||
| -rw-r--r-- | usr.sbin/vmd/vmd.h | 4 |
4 files changed, 25 insertions, 29 deletions
diff --git a/usr.sbin/vmd/parse.y b/usr.sbin/vmd/parse.y index 55a9b0c7acc..a0e96545923 100644 --- a/usr.sbin/vmd/parse.y +++ b/usr.sbin/vmd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.29 2017/05/04 08:26:06 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.30 2017/10/30 03:37:33 mlarkin Exp $ */ /* * Copyright (c) 2007-2016 Reyk Floeter <reyk@openbsd.org> @@ -90,7 +90,6 @@ static struct vm_create_params *vcp; static struct vmd_switch *vsw; static struct vmd_if *vif; static struct vmd_vm *vm; -static unsigned int vsw_unit; static char vsw_type[IF_NAMESIZE]; static int vcp_disable; static size_t vcp_nnics; @@ -194,12 +193,17 @@ switch : SWITCH string { vsw->sw_id = env->vmd_nswitches + 1; vsw->sw_name = $2; vsw->sw_flags = VMIFF_UP; - snprintf(vsw->sw_ifname, sizeof(vsw->sw_ifname), - "%s%u", vsw_type, vsw_unit++); TAILQ_INIT(&vsw->sw_ifs); vcp_disable = 0; } '{' optnl switch_opts_l '}' { + if (strnlen(vsw->sw_ifname, + sizeof(vsw->sw_ifname)) == 0) { + yyerror("switch \"%s\" is missing interface name", + vsw->sw_name); + YYERROR; + } + if (vcp_disable) { log_debug("%s:%d: switch \"%s\"" " skipped (disabled)", @@ -244,13 +248,12 @@ switch_opts : disable { vsw->sw_group = $2; } | INTERFACE string { - if (priv_getiftype($2, vsw_type, &vsw_unit) == -1 || + if (priv_getiftype($2, vsw_type, NULL) == -1 || priv_findname(vsw_type, vmd_descsw) == -1) { yyerror("invalid switch interface: %s", $2); free($2); YYERROR; } - vsw_unit++; if (strlcpy(vsw->sw_ifname, $2, sizeof(vsw->sw_ifname)) >= sizeof(vsw->sw_ifname)) { diff --git a/usr.sbin/vmd/priv.c b/usr.sbin/vmd/priv.c index ef42549d105..d585bf75a99 100644 --- a/usr.sbin/vmd/priv.c +++ b/usr.sbin/vmd/priv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: priv.c,v 1.11 2017/08/31 09:00:46 mlarkin Exp $ */ +/* $OpenBSD: priv.c,v 1.12 2017/10/30 03:37:33 mlarkin Exp $ */ /* * Copyright (c) 2016 Reyk Floeter <reyk@openbsd.org> @@ -87,8 +87,8 @@ priv_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) switch (imsg->hdr.type) { case IMSG_VMDOP_PRIV_IFDESCR: - case IMSG_VMDOP_PRIV_IFCREATE: case IMSG_VMDOP_PRIV_IFRDOMAIN: + case IMSG_VMDOP_PRIV_IFEXISTS: case IMSG_VMDOP_PRIV_IFADD: case IMSG_VMDOP_PRIV_IFUP: case IMSG_VMDOP_PRIV_IFDOWN: @@ -118,13 +118,6 @@ priv_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) if (ioctl(env->vmd_fd, SIOCSIFDESCR, &ifr) < 0) log_warn("SIOCSIFDESCR"); break; - case IMSG_VMDOP_PRIV_IFCREATE: - /* Create the bridge if it doesn't exist */ - strlcpy(ifr.ifr_name, vfr.vfr_name, sizeof(ifr.ifr_name)); - if (ioctl(env->vmd_fd, SIOCIFCREATE, &ifr) < 0 && - errno != EEXIST) - log_warn("SIOCIFCREATE"); - break; case IMSG_VMDOP_PRIV_IFRDOMAIN: strlcpy(ifr.ifr_name, vfr.vfr_name, sizeof(ifr.ifr_name)); ifr.ifr_rdomainid = vfr.vfr_id; @@ -145,6 +138,13 @@ priv_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) errno != EEXIST) log_warn("SIOCBRDGADD"); break; + case IMSG_VMDOP_PRIV_IFEXISTS: + /* Determine if bridge/switch exists */ + strlcpy(ifr.ifr_name, vfr.vfr_name, sizeof(ifr.ifr_name)); + if (ioctl(env->vmd_fd, SIOCGIFFLAGS, &ifr) < 0) + fatalx("%s: bridge \"%s\" does not exist", + __func__, vfr.vfr_name); + break; case IMSG_VMDOP_PRIV_IFUP: case IMSG_VMDOP_PRIV_IFDOWN: /* Set the interface status */ @@ -319,10 +319,6 @@ vm_priv_ifconfig(struct privsep *ps, struct vmd_vm *vm) log_debug("%s: interface %s add %s", __func__, vfbr.vfr_name, vfbr.vfr_value); - proc_compose(ps, PROC_PRIV, IMSG_VMDOP_PRIV_IFCREATE, - &vfbr, sizeof(vfbr)); - proc_compose(ps, PROC_PRIV, IMSG_VMDOP_PRIV_IFRDOMAIN, - &vfbr, sizeof(vfbr)); proc_compose(ps, PROC_PRIV, IMSG_VMDOP_PRIV_IFADD, &vfbr, sizeof(vfbr)); } else if (vif->vif_switch != NULL) @@ -398,7 +394,8 @@ vm_priv_brconfig(struct privsep *ps, struct vmd_switch *vsw) sizeof(vfr.vfr_name)) >= sizeof(vfr.vfr_name)) return (-1); - proc_compose(ps, PROC_PRIV, IMSG_VMDOP_PRIV_IFCREATE, + /* ensure bridge/switch exists */ + proc_compose(ps, PROC_PRIV, IMSG_VMDOP_PRIV_IFEXISTS, &vfr, sizeof(vfr)); /* Use the configured rdomain or get it from the process */ diff --git a/usr.sbin/vmd/vm.conf.5 b/usr.sbin/vmd/vm.conf.5 index 0927fbfecf9..6ce21896657 100644 --- a/usr.sbin/vmd/vm.conf.5 +++ b/usr.sbin/vmd/vm.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: vm.conf.5,v 1.22 2017/08/31 06:11:45 jasper Exp $ +.\" $OpenBSD: vm.conf.5,v 1.23 2017/10/30 03:37:33 mlarkin Exp $ .\" .\" Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org> .\" Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: August 31 2017 $ +.Dd $Mdocdate: October 30 2017 $ .Dt VM.CONF 5 .Os .Sh NAME @@ -279,11 +279,6 @@ Set the or .Xr bridge 4 network interface of this switch. -If not specified, -.Ar bridge0 -will be used where the interface unit will be incremented for each switch, -e.g.\& -.Ar bridge0 , bridge1 , ... If the type is changed to .Ar switch0 , it will be used for each following switch. @@ -318,6 +313,7 @@ vm "vm2.example.com" { Create the switch "uplink" with an additional physical network interface: .Bd -literal -offset indent switch "uplink" { + interface bridge0 add em0 } .Ed diff --git a/usr.sbin/vmd/vmd.h b/usr.sbin/vmd/vmd.h index 4b7b5f70495..a82aa8e8107 100644 --- a/usr.sbin/vmd/vmd.h +++ b/usr.sbin/vmd/vmd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: vmd.h,v 1.64 2017/09/11 23:32:34 dlg Exp $ */ +/* $OpenBSD: vmd.h,v 1.65 2017/10/30 03:37:33 mlarkin Exp $ */ /* * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org> @@ -94,7 +94,7 @@ enum imsg_type { IMSG_VMDOP_RELOAD, IMSG_VMDOP_PRIV_IFDESCR, IMSG_VMDOP_PRIV_IFADD, - IMSG_VMDOP_PRIV_IFCREATE, + IMSG_VMDOP_PRIV_IFEXISTS, IMSG_VMDOP_PRIV_IFUP, IMSG_VMDOP_PRIV_IFDOWN, IMSG_VMDOP_PRIV_IFGROUP, |