This effectively stops vswitchd from creating bridges with '/' in the
name. OVS used to print a warning but the bridge was created anyway.
This restriction is implemented because the bridge name is part of a
filesystem path.
This check is no substitute for Mandatory Access Control, but it
certainly helps to catch the error early.
Signed-off-by: Daniele Di Proietto <diproiet...@vmware.com>
---
vswitchd/bridge.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index f8afe55..4b9703f 100644
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1686,6 +1686,7 @@ static void
add_del_bridges(const struct ovsrec_open_vswitch *cfg)
{
struct bridge *br, *next;
+ struct shash_node *node;
struct shash new_br;
size_t i;
@@ -1716,8 +1717,8 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg)
}
/* Add new bridges. */
- for (i = 0; i < cfg->n_bridges; i++) {
- const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
+ SHASH_FOR_EACH(node, &new_br) {
+ const struct ovsrec_bridge *br_cfg = node->data;
struct bridge *br = bridge_lookup(br_cfg->name);
if (!br) {
bridge_create(br_cfg);
--
2.1.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
