The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/1773
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Christian Brauner <[email protected]>
From 8da62485e8ae00819761a3f67386d496e2bb21ac Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Thu, 31 Aug 2017 22:58:30 +0200 Subject: [PATCH 1/4] network: retrieve the host's veth device ifindex - Retrieve the host's veth device ifindex in the host's network namespace. - Add a note why we retrieve the container's veth device ifindex in the host's network namespace. Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/network.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/lxc/network.c b/src/lxc/network.c index 6c867c654..f10dd3f3e 100644 --- a/src/lxc/network.c +++ b/src/lxc/network.c @@ -140,6 +140,18 @@ static int instantiate_veth(struct lxc_handler *handler, struct lxc_netdev *netd goto out_delete; } + /* Retrieve ifindex of the host's veth device. */ + netdev->priv.veth_attr.ifindex = if_nametoindex(veth1); + if (!netdev->priv.veth_attr.ifindex) { + ERROR("Failed to retrieve ifindex for \"%s\"", veth1); + goto out_delete; + } + + /* Note that we're retrieving the container's ifindex in the host's + * network namespace because we need it to move the device from the + * host's network namespace to the container's network namespace later + * on. + */ netdev->ifindex = if_nametoindex(veth2); if (!netdev->ifindex) { ERROR("Failed to retrieve ifindex for \"%s\"", veth2); From d0b915aab9c73022bc1aec29d344b9ae96483f6c Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Thu, 31 Aug 2017 23:01:46 +0200 Subject: [PATCH 2/4] start: non-functional changes Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/start.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/lxc/start.c b/src/lxc/start.c index bc5daa764..86d823552 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -1208,14 +1208,13 @@ void resolve_clone_flags(struct lxc_handler *handler) */ static int lxc_spawn(struct lxc_handler *handler) { - int failed_before_rename = 0; + int i, flags, nveths; const char *name = handler->name; - bool cgroups_connected = false; - int saved_ns_fd[LXC_NS_MAX]; - int preserve_mask = 0, i, flags; - int netpipepair[2], nveths; bool wants_to_map_ids; + int netpipepair[2], saved_ns_fd[LXC_NS_MAX]; struct lxc_list *id_map; + int failed_before_rename = 0, preserve_mask = 0; + bool cgroups_connected = false; netpipe = -1; id_map = &handler->conf->id_map; From 8424b4e14b7f5c34ed6229d1001cd766a6bdc648 Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Thu, 31 Aug 2017 23:08:28 +0200 Subject: [PATCH 3/4] lxc-user-nic: free memory and check for error - check for error on ifindex retrieval - free allocated memory Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/lxc_user_nic.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c index 1853e0412..7541e4b8a 100644 --- a/src/lxc/lxc_user_nic.c +++ b/src/lxc/lxc_user_nic.c @@ -453,6 +453,8 @@ static int get_mtu(char *name) int idx; idx = if_nametoindex(name); + if (idx < 0) + return -1; return netdev_get_mtu(idx); } @@ -1215,6 +1217,12 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } host_veth_ifidx = if_nametoindex(nicname); + if (!host_veth_ifidx) { + free(newname); + free(nicname); + usernic_error("Failed to get netdev index: %s\n", strerror(errno)); + exit(EXIT_FAILURE); + } /* Write names of veth pairs and their ifindeces to stout: * (e.g. eth0:731:veth9MT2L4:730) From 99573f4aeab96a8554ddb08c683769d16dda5332 Mon Sep 17 00:00:00 2001 From: Christian Brauner <[email protected]> Date: Thu, 31 Aug 2017 23:13:44 +0200 Subject: [PATCH 4/4] lxc-user-nic: initialize vars to silence gcc-7 Signed-off-by: Christian Brauner <[email protected]> --- src/lxc/lxc_user_nic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_user_nic.c b/src/lxc/lxc_user_nic.c index 7541e4b8a..9164e44dc 100644 --- a/src/lxc/lxc_user_nic.c +++ b/src/lxc/lxc_user_nic.c @@ -1055,10 +1055,10 @@ static bool is_privileged_over_netns(int netns_fd) int main(int argc, char *argv[]) { - int container_veth_ifidx, fd, host_veth_ifidx, n, pid, request, ret; + int fd, n, pid, request, ret; char *me, *newname; struct user_nic_args args; - int netns_fd = -1; + int container_veth_ifidx = -1, host_veth_ifidx = -1, netns_fd = -1; char *cnic = NULL, *nicname = NULL; struct alloted_s *alloted = NULL;
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
