[Xen-devel] [PATCH] Disallow bogus MAC addresses when creating new VIF devices

[Michal Novotny <minovotn@xxxxxxxxxx>]

Hello everybody,
I have created a patch to disallow bogus MAC addresses when attaching 
new network interface. This checks the device type in device_create() 
function and when it's 'vif' interface, it finds mac address and tries 
to match it using regular expression. If the expression can't be matched 
(ie. no valid MAC address has been provided), the error is returned and 
entry about attempt to create a virtual network device with bogus MAC 
address is written to the log file.
Signed-off-by: Michal Novotny <minovotn@xxxxxxxxxx>

diff -r 0477f9061c8a tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py   Fri Mar 20 17:42:46 2009 +0000
+++ b/tools/python/xen/xend/XendDomainInfo.py   Mon Mar 23 11:39:53 2009 +0100
@@ -723,6 +723,13 @@
         dev_config_dict = self.info['devices'][dev_uuid][1]
         log.debug("XendDomainInfo.device_create: %s" % 
scrub_password(dev_config_dict))
 
+        if dev_type == 'vif':
+            for x in dev_config:
+                if x != 'vif' and x[0] == 'mac':
+                    if not re.match('^([0-9a-f]{2}:){5}[0-9a-f]{2}$', x[1], 
re.I):
+                        log.error("Virtual network interface creation error - 
invalid MAC Address entered: %s", x[1])
+                        raise VmError("Cannot create a new virtual network 
interface - MAC address is not valid!");
+
         if self.domid is not None:
             try:
                 dev_config_dict['devid'] = devid = \

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel