Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qubes/vm: add validators for many properties

Browse Source
This commit is contained in:
Marek Marczykowski-Górecki 2016-05-21 03:51:21 +02:00 committed by Wojtek Porczyk
parent 36644f3710
commit 2bb73ab0a1
2 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
qubes/vm/mix/net.py
View File

@ -26,14 +26,24 @@
import libvirt import libvirt
import lxml.etree import lxml.etree
import re
import qubes import qubes
import qubes.events import qubes.events
import qubes.exc import qubes.exc
def _setter_mac(self, prop, value):
if not isinstance(value, basestring):
raise ValueError('MAC address must be a string')
value = value.lower()
if re.match(r"^([0-9a-f][0-9a-f]:){5}[0-9a-f][0-9a-f]$", value) is None:
raise ValueError('Invalid MAC address value')
return value
class NetVMMixin(qubes.events.Emitter): class NetVMMixin(qubes.events.Emitter):
mac = qubes.property('mac', type=str, mac = qubes.property('mac', type=str,
default='00:16:3E:5E:6C:00', default='00:16:3E:5E:6C:00',
setter=_setter_mac,
ls_width=17, ls_width=17,
doc='MAC address of the NIC emulated inside VM') doc='MAC address of the NIC emulated inside VM')

14
qubes/vm/qubesvm.py
View File

@ -93,6 +93,10 @@ def _setter_name(self, prop, value):
except AttributeError: except AttributeError:
pass pass
if value in self.app.domains:
raise qubes.exc.QubesException(
'VM named {} alread exists'.format(value))
return value return value
@ -125,6 +129,12 @@ def _setter_label(self, prop, value):
return self.app.get_label(value) return self.app.get_label(value)
def _setter_positive_int(self, prop, value):
value = int(value)
if value <= 0:
raise ValueError('Value must be positive')
return value
class QubesVM(qubes.vm.mix.net.NetVMMixin, qubes.vm.BaseVM): class QubesVM(qubes.vm.mix.net.NetVMMixin, qubes.vm.BaseVM):
'''Base functionality of Qubes VM shared between all VMs.''' '''Base functionality of Qubes VM shared between all VMs.'''
@ -185,11 +195,13 @@ class QubesVM(qubes.vm.mix.net.NetVMMixin, qubes.vm.BaseVM):
package manager.''') package manager.''')
memory = qubes.property('memory', type=int, memory = qubes.property('memory', type=int,
setter=_setter_positive_int,
default=(lambda self: default=(lambda self:
qubes.config.defaults['hvm_memory' if self.hvm else 'memory']), qubes.config.defaults['hvm_memory' if self.hvm else 'memory']),
doc='Memory currently available for this VM.') doc='Memory currently available for this VM.')
maxmem = qubes.property('maxmem', type=int, maxmem = qubes.property('maxmem', type=int,
setter=_setter_positive_int,
default=(lambda self: self.app.host.memory_total / 1024 / 2), default=(lambda self: self.app.host.memory_total / 1024 / 2),
doc='''Maximum amount of memory available for this VM (for the purpose doc='''Maximum amount of memory available for this VM (for the purpose
of the memory balancer).''') of the memory balancer).''')
@ -202,6 +214,7 @@ class QubesVM(qubes.vm.mix.net.NetVMMixin, qubes.vm.BaseVM):
# FIXME self.app.host could not exist - only self.app.vm required by API # FIXME self.app.host could not exist - only self.app.vm required by API
vcpus = qubes.property('vcpus', vcpus = qubes.property('vcpus',
type=int, type=int,
setter=_setter_positive_int,
default=(lambda self: self.app.host.no_cpus), default=(lambda self: self.app.host.no_cpus),
ls_width=2, ls_width=2,
doc='FIXME') doc='FIXME')
@ -252,6 +265,7 @@ class QubesVM(qubes.vm.mix.net.NetVMMixin, qubes.vm.BaseVM):
# return self._default_user # return self._default_user
qrexec_timeout = qubes.property('qrexec_timeout', type=int, default=60, qrexec_timeout = qubes.property('qrexec_timeout', type=int, default=60,
setter=_setter_positive_int,
ls_width=3, ls_width=3,
doc='''Time in seconds after which qrexec connection attempt is deemed doc='''Time in seconds after which qrexec connection attempt is deemed
failed. Operating system inside VM should be able to boot in this failed. Operating system inside VM should be able to boot in this