1515533 – Libvirt should report correct error info when prefix is set out of range

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1515533 - Libvirt should report correct error info when prefix is set out of range

Summary: Libvirt should report correct error info when prefix is set out of range

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	7.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Michal Privoznik
QA Contact:	chhu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-11-21 02:31 UTC by Jingjing Shao
Modified:	2018-10-30 09:51 UTC (History)
CC List:	5 users (show)
Fixed In Version:	libvirt-4.5.0-2.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-10-30 09:50:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:3113	0	None	None	None	2018-10-30 09:51:23 UTC

Description Jingjing Shao 2017-11-21 02:31:53 UTC

Description:
Libvirt should report currect error info when prefix is set out of range

Versions:
libvirt-3.9.0-2.virtcov.el7.x86_64
qemu-kvm-rhev-2.10.0-6.el7.x86_64

How reproducible:
100%

Steps:
1.Prepare a guest with the xml info as below
   <interface type='user'>
      <mac address='00:11:22:33:44:55'/>
      <ip address='172.17.2.0' family='ipv4' prefix='2'/>  
      <model type='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>

2.Start the guest and get the error as below  "Invalid netmask provided (must be in range 4-32)"

# virsh start rhel
error: Failed to start domain rhel
error: internal error: process exited while connecting to monitor: 2017-11-20T11:36:57.028599Z qemu-kvm: -chardev pty,id=charserial0: char device redirected to /dev/pts/2 (label charserial0)
2017-11-20T11:36:57.040856Z qemu-kvm: -netdev user,net=172.17.2.0/2,id=hostnet0: Invalid netmask provided (must be in range 4-32)


3.Change the prefix = 28
# virsh edit rhel
error: XML error: prefix too long


Expected result:
The error info of prefix should be range 4-27 Description:
Libvirt should report currect error info when prefix is set out of range

Versions:
libvirt-3.9.0-2.virtcov.el7.x86_64
qemu-kvm-rhev-2.10.0-6.el7.x86_64

How reproducible:
100%

Steps:
1.Prepare a guest with the xml info as below
   <interface type='user'>
      <mac address='00:11:22:33:44:55'/>
      <ip address='172.17.2.0' family='ipv4' prefix='2'/>  
      <model type='virtio'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>

2.Start the guest and get the error as below  "Invalid netmask provided (must be in range 4-32)"
# virsh start rhel
error: Failed to start domain rhel
error: internal error: process exited while connecting to monitor: 2017-11-20T11:36:57.028599Z qemu-kvm: -chardev pty,id=charserial0: char device redirected to /dev/pts/2 (label charserial0)
2017-11-20T11:36:57.040856Z qemu-kvm: -netdev user,net=172.17.2.0/2,id=hostnet0: Invalid netmask provided (must be in range 4-32)


3.Change the prefix = 28
# virsh edit rhel
error: XML error: prefix too long


Expected result:
The error info of prefix should be range 4-27  or the prefix can support "4-32"


Actual result:
As the step2 shows


Addtional info:


Actual result:
As the step2 shows


Addtional info:

Comment 2 Michal Privoznik 2018-02-06 11:00:28 UTC

Patch proposed on the upstream list:

https://www.redhat.com/archives/libvir-list/2018-February/msg00266.html

Comment 3 Michal Privoznik 2018-02-14 12:45:27 UTC

The patch is pushed upstream:

commit b62b8090b2ad4524a5bf9d40d0d1c17a9d57f5a0
Author:     Michal Privoznik <mprivozn>
AuthorDate: Tue Feb 6 10:21:56 2018 +0100
Commit:     Michal Privoznik <mprivozn>
CommitDate: Wed Feb 14 13:43:47 2018 +0100

    qemu: Check for down limit of SLIRP prefix too
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1515533
    
    We're already checking if IPv4 prefix isn't too long. But we are
    not checking if it isn't too short. QEMU supports prefixes longer
    than 4 (including). I haven't find anything similar related to
    IPv6 in qemu sources.
    
    Signed-off-by: Michal Privoznik <mprivozn>
    Reviewed-by: John Ferlan <jferlan>

v4.0.0-230-gb62b8090b

Comment 5 chhu 2018-06-15 07:08:23 UTC

Verified on packages:
libvirt-4.4.0-2.el7.x86_64
qemu-kvm-rhev-2.12.0-3.el7.x86_64
kernel-3.10.0-902.el7.x86_64

Test steps:
1. Prepare a guest with the xml as below:
    <interface type='user'>
      <mac address='00:11:22:33:44:55'/>
      <ip address='172.17.2.0' family='ipv4' prefix='2'/>
      <model type='rtl8139'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/>
    </interface>

2. Try to define the guest, got error:
# virsh define r7.xml
error: Failed to define domain from r7.xml
error: XML error: invalid prefix, must be in range of 4-27

3. Change the prefix to '28', get the same error.
4. Change the prefix to '4', define and start the guest successfully,
login to the guest, ifcfg list the inteface:

ens11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 00:11:22:33:44:55  txqueuelen 1000  (Ethernet)
        RX packets 14  bytes 1344 (1.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

5. Destory the guest, use virsh edit, change the prefix to '-1','aa','28' will get error.


According to above steps, change the bug status to VERIFIED.

Comment 6 chhu 2018-06-29 08:51:39 UTC

Hi, Michal

I did more testing and found that I can't define the guest without giving the prefix in xml now, the prefix is optionally before, more details are as below, would you like to do some modification here or modify the doc ? Thank you!  

1. Tested on packages:
libvirt-4.4.0-2.virtcov.el7.x86_64
qemu-kvm-rhev-2.12.0-5.el7.x86_64

Test steps:
1. Try to define a guest with xml below, get error.
   <interface type='user'>
     <mac address='52:54:00:01:55:fe'/>
     <ip address='100.100.100.20' family='ipv4'/>
     <ip address='2001:db8:ac10:fd01::' family='ipv6'/>
     <model type='rtl8139'/>
     <alias name='net0'/>
   </interface>

# virsh define r7.xml
error: Failed to define domain from r7.xml
error: XML error: invalid prefix, must be in range of 4-27


2. Test on rhel7.5 packages:
libvirt-3.9.0-14.el7_5.6.x86_64

We can define and start a guest without 'prefix' in xml.
# virsh define r7.xml
Domain r7 defined from r7.xml

# virsh start r7
Domain r7 started

# virsh dumpxml r7|grep interface -A 8
    <interface type='user'>
      <mac address='52:54:00:01:55:fe'/>
      <ip address='100.100.100.20' family='ipv4'/>
      <ip address='2001:db8:ac10:fd01::' family='ipv6'/>
      <model type='rtl8139'/>
      <alias name='net0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>

3. Info in libvirt.org
https://libvirt.org/formatdomain.html#mtu

Provides a virtual LAN with NAT to the outside world. The virtual network has DHCP & DNS services and will give the guest VM addresses starting from 10.0.2.15. The default router will be 10.0.2.2 and the DNS server will be 10.0.2.3. This networking is the only option for unprivileged users who need their VMs to have outgoing access. Since 3.8.0 it is possible to override the default network address by including an ip element specifying an IPv4 address in its one mandatory attribute, address. Optionally, a second ip element with a family attribute set to "ipv6" can be specified to add an IPv6 address to the interface. address. Optionally, address prefix can be specified. 



Regards,
chhu

Comment 7 Michal Privoznik 2018-06-29 14:57:06 UTC

(In reply to chhu from comment #6)
> Hi, Michal
> 

Oops, yes. I've posted a patch here:

https://www.redhat.com/archives/libvir-list/2018-June/msg01860.html

Michal

Comment 8 chhu 2018-07-09 05:11:12 UTC

Change the bug status according to comment 7.

Comment 9 Jiri Denemark 2018-07-09 07:55:23 UTC

Fixed upstream by

commit a6fbbce73e2965edde45ece7c034e4b39bb8405d
Refs: v4.5.0-12-ga6fbbce73e
Author:     Michal Privoznik <mprivozn>
AuthorDate: Fri Jun 29 16:48:55 2018 +0200
Commit:     Michal Privoznik <mprivozn>
CommitDate: Tue Jul 3 04:56:29 2018 +0200

    qemuDomainDeviceDefValidateNetwork: Check for range only if IP prefix set

    https://bugzilla.redhat.com/show_bug.cgi?id=1515533

    The @prefix attribute to <ip/> element for interface type user is
    optional. Therefore, if left out it has value of zero in which
    case we should not check whether it falls into <4, 27> range.
    Otherwise we fail parsing domain XML for no good reason.

    Broken by commit b62b8090b2ad4524a5bf9d40d0d1c17a9d57f5a0.

    Signed-off-by: Michal Privoznik <mprivozn>

Comment 10 Michal Privoznik 2018-07-09 10:08:01 UTC

To POST:

http://post-office.corp.redhat.com/archives/rhvirt-patches/2018-July/msg00179.html

Comment 11 chhu 2018-09-13 08:47:00 UTC

Verified on packages:
libvirt-4.5.0-9.el7.x86_64

Test steps:
1. Prepare a guest with the xml as below:
    <interface type='user'>
      <mac address='00:11:22:33:44:55'/>
      <ip address='172.17.2.0' family='ipv4' prefix='2'/>
      <model type='rtl8139'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x0b' function='0x0'/>
    </interface>

2. Try to define the guest, got error:
# virsh define r7.xml
error: Failed to define domain from r7.xml
error: XML error: invalid prefix, must be in range of 4-27

3. Change the prefix to '28', get the same error.
4. Change the prefix to '4', define and start the guest successfully,
login to the guest, ifcfg list the interface:
# ifconfig
ens11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 160.0.2.15  netmask 240.0.0.0  broadcast 175.255.255.255
        inet6 fec0::211:22ff:fe33:4455  prefixlen 64  scopeid 0x40<site>
        inet6 fe80::211:22ff:fe33:4455  prefixlen 64  scopeid 0x20<link>
        ether 00:11:22:33:44:55  txqueuelen 1000  (Ethernet)
        RX packets 24  bytes 4013 (3.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 58  bytes 5600 (5.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


5. Destory the guest, use virsh edit, change the prefix to '-1','aa','28' will get error.

6. Virsh edit xml, without giving the prefix in xml, then start the guest successfully. login to the guest, check the interface:
# ifconfig
ens11: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.2.15  netmask 255.240.0.0  broadcast 172.31.255.255
        inet6 fec0::211:22ff:fe33:4455  prefixlen 64  scopeid 0x40<site>
        inet6 fe80::211:22ff:fe33:4455  prefixlen 64  scopeid 0x20<link>
        ether 00:11:22:33:44:55  txqueuelen 1000  (Ethernet)
        RX packets 23  bytes 4090 (3.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 58  bytes 5618 (5.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

7. Destroy, and undefine the guest, create guest without giving the prefix in xml successfully, login to the guest, check the interface is with ipaddress.


According to above test steps, set the bug status to "VERIFIED".

Comment 13 errata-xmlrpc 2018-10-30 09:50:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:3113

Note You need to log in before you can comment on or make changes to this bug.