bridge: Do not add bridges with '/' in name.

This effectively stops vswitchd from creating bridges with '/' in the
name. OVS used to print a warning but the bridge was created anyway.

This restriction is implemented because the bridge name is part of a
filesystem path.

This check is no substitute for Mandatory Access Control, but it
certainly helps to catch the error early.

Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
[blp@ovn.org added a test]
Acked-by: Ben Pfaff <blp@ovn.org>

diff --git a/tests/ovs-vswitchd.at b/tests/ovs-vswitchd.at
index 4245fc4..848daa3 100644 (file)
--- a/tests/ovs-vswitchd.at
+++ b/tests/ovs-vswitchd.at
@@ -187,3 +187,33 @@ AT_CHECK([ovs-appctl dpif/show | tail -n +3], [0], [dnl
 ])
 OVS_VSWITCHD_STOP
 AT_CLEANUP
+
+dnl ----------------------------------------------------------------------
+AT_SETUP([ovs-vswitchd - do not create sockets with unsafe names])
+OVS_VSWITCHD_START
+
+# On Unix systems, test for sockets with "test -S".
+#
+# On Windows systems, we simulate a socket with a regular file that contains
+# a TCP port number, so use "test -f" there instead.
+if test $IS_WIN32 = yes; then
+   S=f
+else
+   S=S
+fi
+
+# Create a bridge with an ordinary name and make sure that the management
+# socket gets creatd.
+AT_CHECK([ovs-vsctl add-br a -- set bridge a datapath-type=dummy])
+AT_CHECK([test -$S a.mgmt])
+
+# Create a bridge with an unsafe name and make sure that the management
+# socket does not get created.
+mkdir b
+AT_CHECK([ovs-vsctl add-br b/c -- set bridge b/c datapath-type=dummy], [0],
+  [], [ovs-vsctl: Error detected while setting up 'b/c'.  See ovs-vswitchd log for details.
+])
+AT_CHECK([test ! -e b/c.mgmt])
+
+OVS_VSWITCHD_STOP(['/ignoring bridge with invalid name/d'])
+AT_CLEANUP

diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index f8324a2..2ff2322 100644 (file)
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1686,6 +1686,7 @@ static void
 add_del_bridges(const struct ovsrec_open_vswitch *cfg)
 {
     struct bridge *br, *next;
+    struct shash_node *node;
     struct shash new_br;
     size_t i;
 
@@ -1719,8 +1720,8 @@ add_del_bridges(const struct ovsrec_open_vswitch *cfg)
     }
 
     /* Add new bridges. */
-    for (i = 0; i < cfg->n_bridges; i++) {
-        const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
+    SHASH_FOR_EACH(node, &new_br) {
+        const struct ovsrec_bridge *br_cfg = node->data;
         struct bridge *br = bridge_lookup(br_cfg->name);
         if (!br) {
             bridge_create(br_cfg);