ITQC/containernetworking-plugins
24
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 34 Wiki Activity

Merge pull request #405 from mars1024/feat/vlan_mtu_validation

Browse Source 
vlan: add MTU validation to loadNetConf
This commit is contained in:
Bryan Boreham 2019-11-06 16:29:57 +00:00 committed by GitHub
commit 825fbd8a95
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 89 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
plugins/main/vlan/vlan.go
View File

@ -58,9 +58,27 @@ func loadConf(bytes []byte) (*NetConf, string, error) {
if n.VlanId < 0 || n.VlanId > 4094 { if n.VlanId < 0 || n.VlanId > 4094 {
return nil, "", fmt.Errorf("invalid VLAN ID %d (must be between 0 and 4095 inclusive)", n.VlanId) return nil, "", fmt.Errorf("invalid VLAN ID %d (must be between 0 and 4095 inclusive)", n.VlanId)
} }
// check existing and MTU of master interface
masterMTU, err := getMTUByName(n.Master)
if err != nil {
return nil, "", err
}
if n.MTU < 0 || n.MTU > masterMTU {
return nil, "", fmt.Errorf("invalid MTU %d, must be [0, master MTU(%d)]", n.MTU, masterMTU)
}
return n, n.CNIVersion, nil return n, n.CNIVersion, nil
} }
func getMTUByName(ifName string) (int, error) {
link, err := netlink.LinkByName(ifName)
if err != nil {
return 0, err
}
return link.Attrs().MTU, nil
}
func createVlan(conf *NetConf, ifName string, netns ns.NetNS) (*current.Interface, error) { func createVlan(conf *NetConf, ifName string, netns ns.NetNS) (*current.Interface, error) {
vlan := &current.Interface{} vlan := &current.Interface{}
@ -76,10 +94,6 @@ func createVlan(conf *NetConf, ifName string, netns ns.NetNS) (*current.Interfac
return nil, err return nil, err
} }
if conf.MTU <= 0 {
conf.MTU = m.Attrs().MTU
}
v := &netlink.Vlan{ v := &netlink.Vlan{
LinkAttrs: netlink.LinkAttrs{ LinkAttrs: netlink.LinkAttrs{
MTU: conf.MTU, MTU: conf.MTU,

71
plugins/main/vlan/vlan_test.go
View File

@ -408,4 +408,75 @@ var _ = Describe("vlan Operations", func() {
}) })
Expect(err).NotTo(HaveOccurred()) Expect(err).NotTo(HaveOccurred())
}) })
Describe("fails to create vlan link with invalid MTU", func() {
conf := `{
"cniVersion": "0.3.1",
"name": "mynet",
"type": "vlan",
"master": "%s",
"mtu": %d,
"ipam": {
"type": "host-local",
"subnet": "10.1.2.0/24"
}
}`
BeforeEach(func() {
var err error
err = originalNS.Do(func(ns.NetNS) error {
defer GinkgoRecover()
// set master link's MTU to 1500
link, err := netlink.LinkByName(MASTER_NAME)
Expect(err).NotTo(HaveOccurred())
err = netlink.LinkSetMTU(link, 1500)
Expect(err).NotTo(HaveOccurred())
return nil
})
Expect(err).NotTo(HaveOccurred())
})
It("fails to create vlan link with greater MTU than master interface", func() {
var err error
args := &skel.CmdArgs{
ContainerID: "dummy",
Netns: "/var/run/netns/test",
IfName: "eth0",
StdinData: []byte(fmt.Sprintf(conf, MASTER_NAME, 1600)),
}
_ = originalNS.Do(func(netNS ns.NetNS) error {
defer GinkgoRecover()
_, _, err = testutils.CmdAddWithArgs(args, func() error {
return cmdAdd(args)
})
Expect(err).To(Equal(fmt.Errorf("invalid MTU 1600, must be [0, master MTU(1500)]")))
return nil
})
})
It("fails to create vlan link with negative MTU", func() {
var err error
args := &skel.CmdArgs{
ContainerID: "dummy",
Netns: "/var/run/netns/test",
IfName: "eth0",
StdinData: []byte(fmt.Sprintf(conf, MASTER_NAME, -100)),
}
_ = originalNS.Do(func(netNS ns.NetNS) error {
defer GinkgoRecover()
_, _, err = testutils.CmdAddWithArgs(args, func() error {
return cmdAdd(args)
})
Expect(err).To(Equal(fmt.Errorf("invalid MTU -100, must be [0, master MTU(1500)]")))
return nil
})
})
})
}) })