nl80211 device can't be moved to another namespace due to e389f2afd8509(start: unify and simplify network creation), and lxc community has fixed this issue with:
commit 3dd7829433f63b2ec1323a1f237efa7d67ea6e2b lxc upstream This patch is grabbing the commit above, and should be abandoned with lxc uprev afterwards. See more details here: https://github.com/lxc/lxc/issues/3105 Signed-off-by: Yunguo Wei <yunguo....@windriver.com> --- ...k-restore-ability-to-move-nl80211-devices.patch | 94 ++++++++++++++++++++++ recipes-containers/lxc/lxc_3.2.1.bb | 1 + 2 files changed, 95 insertions(+) create mode 100644 recipes-containers/lxc/files/network-restore-ability-to-move-nl80211-devices.patch diff --git a/recipes-containers/lxc/files/network-restore-ability-to-move-nl80211-devices.patch b/recipes-containers/lxc/files/network-restore-ability-to-move-nl80211-devices.patch new file mode 100644 index 0000000..aa1aecd --- /dev/null +++ b/recipes-containers/lxc/files/network-restore-ability-to-move-nl80211-devices.patch @@ -0,0 +1,94 @@ +From 3dd7829433f63b2ec1323a1f237efa7d67ea6e2b Mon Sep 17 00:00:00 2001 +From: Christian Brauner <christian.brau...@ubuntu.com> +Date: Fri, 26 Jul 2019 08:20:02 +0200 +Subject: [PATCH] network: restore ability to move nl80211 devices + +Closes #3105. +Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com> +--- + src/lxc/network.c | 31 +++++++++++++++++-------------- + 1 file changed, 17 insertions(+), 14 deletions(-) + +diff --git a/src/lxc/network.c b/src/lxc/network.c +index 9755116..7684f95 100644 +--- a/src/lxc/network.c ++++ b/src/lxc/network.c +@@ -1248,22 +1248,21 @@ static int lxc_netdev_rename_by_name_in_netns(pid_t pid, const char *old, + static int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid, + const char *newname) + { +- char *cmd; ++ __do_free char *cmd = NULL; + pid_t fpid; +- int err = -1; + + /* Move phyN into the container. TODO - do this using netlink. + * However, IIUC this involves a bit more complicated work to talk to + * the 80211 module, so for now just call out to iw. + */ + cmd = on_path("iw", NULL); +- if (!cmd) +- goto out1; +- free(cmd); ++ if (!cmd) { ++ return -1; ++ } + + fpid = fork(); + if (fpid < 0) +- goto out1; ++ return -1; + + if (fpid == 0) { + char pidstr[30]; +@@ -1274,21 +1273,18 @@ static int lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid, + } + + if (wait_for_pid(fpid)) +- goto out1; ++ return -1; + +- err = 0; + if (newname) +- err = lxc_netdev_rename_by_name_in_netns(pid, ifname, newname); ++ return lxc_netdev_rename_by_name_in_netns(pid, ifname, newname); + +-out1: +- free(physname); +- return err; ++ return 0; + } + + int lxc_netdev_move_by_name(const char *ifname, pid_t pid, const char* newname) + { ++ __do_free char *physname = NULL; + int index; +- char *physname; + + if (!ifname) + return -EINVAL; +@@ -3279,13 +3275,20 @@ int lxc_network_move_created_netdev_priv(struct lxc_handler *handler) + return 0; + + lxc_list_for_each(iterator, network) { ++ __do_free char *physname = NULL; + int ret; + struct lxc_netdev *netdev = iterator->elem; + + if (!netdev->ifindex) + continue; + +- ret = lxc_netdev_move_by_index(netdev->ifindex, pid, NULL); ++ if (netdev->type == LXC_NET_PHYS) ++ physname = is_wlan(netdev->link); ++ ++ if (physname) ++ ret = lxc_netdev_move_wlan(physname, netdev->link, pid, NULL); ++ else ++ ret = lxc_netdev_move_by_index(netdev->ifindex, pid, NULL); + if (ret) { + errno = -ret; + SYSERROR("Failed to move network device \"%s\" with ifindex %d to network namespace %d", +-- +2.7.4 + diff --git a/recipes-containers/lxc/lxc_3.2.1.bb b/recipes-containers/lxc/lxc_3.2.1.bb index 585ab8f..4b8f10b 100644 --- a/recipes-containers/lxc/lxc_3.2.1.bb +++ b/recipes-containers/lxc/lxc_3.2.1.bb @@ -43,6 +43,7 @@ SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \ file://template-make-busybox-template-compatible-with-core-.patch \ file://tests-our-init-is-not-busybox.patch \ file://tests-add-no-validate-when-using-download-template.patch \ + file://network-restore-ability-to-move-nl80211-devices.patch \ file://dnsmasq.conf \ file://lxc-net \ " -- 2.7.4 -- _______________________________________________ meta-virtualization mailing list meta-virtualization@yoctoproject.org https://lists.yoctoproject.org/listinfo/meta-virtualization