Merge pull request #3069 from brauner/2019-07-01/network_creation

start: unify network creation

Merge pull request #3069 from brauner/2019-07-01/network_creation
4f71ecb8 · Stéphane Graber · GitHub · c83ad424 · 1871e646 · 4f71ecb8
Unverified Commit 4f71ecb8 authored Jul 02, 2019 by Stéphane Graber Committed by GitHub Jul 02, 2019
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 43 additions and 73 deletions

conf.c src/lxc/conf.c +12 -9

network.c src/lxc/network.c +0 -0

network.h src/lxc/network.h +7 -8

start.c src/lxc/start.c +24 -56

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -3563,16 +3563,19 @@ int lxc_setup(struct lxc_handler *handler)
 	if (ret < 0)
 		return -1;
-	ret = lxc_setup_network_in_child_namespaces(lxc_conf, &lxc_conf->network);
+	if (handler->ns_clone_flags & CLONE_NEWNET) {
-	if (ret < 0) {
+		ret = lxc_setup_network_in_child_namespaces(lxc_conf,
-		ERROR("Failed to setup network");
+							    &lxc_conf->network);
-		return -1;
+		if (ret < 0) {
-	}
+			ERROR("Failed to setup network");
+			return -1;
+		}
-	ret = lxc_network_send_name_and_ifindex_to_parent(handler);
+		ret = lxc_network_send_name_and_ifindex_to_parent(handler);
-	if (ret < 0) {
+		if (ret < 0) {
-		ERROR("Failed to send network device names and ifindices to parent");
+			ERROR("Failed to send network device names and ifindices to parent");
-		return -1;
+			return -1;
+		}
 	}
 	if (lxc_conf->autodev > 0) {

--- a/src/lxc/network.c
+++ b/src/lxc/network.c
--- a/src/lxc/network.h
+++ b/src/lxc/network.h
@@ -147,7 +147,10 @@ union netdev_p {
 * @flags             : flag of the network device (IFF_UP, ... )
 * @link              : lxc.net.[i].link, name of bridge or host iface to attach
 *                      if any
- * @name              : lxc.net.[i].name, name of iface on the container side
+ * @name	      : lxc.net.[i].name, name of iface on the container side
+ * @created_name      : the name with which this interface got created before
+ *			being renamed to final_name.
+ *			Currenly only used for veth devices.
 * @hwaddr            : mac address
 * @mtu               : maximum transmission unit
 * @priv              : information specific to the specificed network type
@@ -176,6 +179,7 @@ struct lxc_netdev {
 	char link[IFNAMSIZ];
 	bool l2proxy;
 	char name[IFNAMSIZ];
+	char created_name[IFNAMSIZ];
 	char *hwaddr;
 	char *mtu;
 	union netdev_p priv;
@@ -267,15 +271,9 @@ extern char *lxc_mkifname(char *template);
 extern const char *lxc_net_type_to_str(int type);
 extern int setup_private_host_hw_addr(char *veth1);
 extern int netdev_get_mtu(int ifindex);
-extern int lxc_create_network_priv(struct lxc_handler *handler);
+extern int lxc_network_move_created_netdev_priv(struct lxc_handler *handler);
-extern int lxc_network_move_created_netdev_priv(const char *lxcpath,
-						const char *lxcname,
-						struct lxc_list *network,
-						pid_t pid);
 extern void lxc_delete_network(struct lxc_handler *handler);
 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
-extern int lxc_create_network_unpriv(const char *lxcpath, const char *lxcname,
-				     struct lxc_list *network, pid_t pid, unsigned int hook_version);
 extern int lxc_requests_empty_network(struct lxc_handler *handler);
 extern int lxc_restore_phys_nics_to_netns(struct lxc_handler *handler);
 extern int lxc_setup_network_in_child_namespaces(const struct lxc_conf *conf,
@@ -286,5 +284,6 @@ extern int lxc_network_send_name_and_ifindex_to_parent(struct lxc_handler *handl
 extern int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler);
 extern int lxc_netns_set_nsid(int netns_fd);
 extern int lxc_netns_get_nsid(__s32 fd);
+extern int lxc_create_network(struct lxc_handler *handler);
 #endif /* __LXC_NETWORK_H */
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1193,10 +1193,12 @@ static int do_start(void *data)
 	if (ret < 0)
 		goto out_error;
-	ret = lxc_network_recv_veth_names_from_parent(handler);
+	if (handler->ns_clone_flags & CLONE_NEWNET) {
-	if (ret < 0) {
+		ret = lxc_network_recv_veth_names_from_parent(handler);
-		ERROR("Failed to receive veth names from parent");
+		if (ret < 0) {
-		goto out_warn_father;
+			ERROR("Failed to receive veth names from parent");
+			goto out_warn_father;
+		}
 	}
 	/* If we are in a new user namespace, become root there to have
@@ -1695,31 +1697,6 @@ static int lxc_spawn(struct lxc_handler *handler)
 	if (ret < 0)
 		goto out_sync_fini;
-	if (handler->ns_clone_flags & CLONE_NEWNET) {
-		if (!lxc_list_empty(&conf->network)) {
-			/* Find gateway addresses from the link device, which is
-			 * no longer accessible inside the container. Do this
-			 * before creating network interfaces, since goto
-			 * out_delete_net does not work before lxc_clone.
-			 */
-			ret = lxc_find_gateway_addresses(handler);
-			if (ret < 0) {
-				ERROR("Failed to find gateway addresses");
-				goto out_sync_fini;
-			}
-			/* That should be done before the clone because we will
-			 * fill the netdev index and use them in the child.
-			 */
-			ret = lxc_create_network_priv(handler);
-			if (ret < 0) {
-				ERROR("Failed to create the network");
-				goto out_delete_net;
-			}
-		}
-	}
 	if (!cgroup_ops->payload_create(cgroup_ops, handler)) {
 		ERROR("Failed creating cgroups");
 		goto out_delete_net;
@@ -1780,6 +1757,14 @@ static int lxc_spawn(struct lxc_handler *handler)
 			goto out_delete_net;
 	}
+	ret = snprintf(pidstr, 20, "%d", handler->pid);
+	if (ret < 0 || ret >= 20)
+		goto out_delete_net;
+	ret = setenv("LXC_PID", pidstr, 1);
+	if (ret < 0)
+		SYSERROR("Failed to set environment variable: LXC_PID=%s", pidstr);
 	for (i = 0; i < LXC_NS_MAX; i++)
 		if (handler->ns_on_clone_flags & ns_info[i].clone_flag)
 			INFO("Cloned %s", ns_info[i].flag_name);
@@ -1848,29 +1833,19 @@ static int lxc_spawn(struct lxc_handler *handler)
 	/* Create the network configuration. */
 	if (handler->ns_clone_flags & CLONE_NEWNET) {
-		ret = lxc_network_move_created_netdev_priv(handler->lxcpath,
+		ret = lxc_create_network(handler);
-							   handler->name,
-							   &conf->network,
-							   handler->pid);
 		if (ret < 0) {
-			ERROR("Failed to create the configured network");
+			ERROR("Failed to create the network");
 			goto out_delete_net;
 		}
-		ret = lxc_create_network_unpriv(handler->lxcpath, handler->name,
+		ret = lxc_network_send_veth_names_to_child(handler);
-						&conf->network, handler->pid, conf->hooks_version);
 		if (ret < 0) {
-			ERROR("Failed to create the configured network");
+			ERROR("Failed to send veth names to child");
 			goto out_delete_net;
 		}
 	}
-	ret = lxc_network_send_veth_names_to_child(handler);
-	if (ret < 0) {
-		ERROR("Failed to send veth names to child");
-		goto out_delete_net;
-	}
 	if (!lxc_list_empty(&conf->procs)) {
 		ret = setup_proc_filesystem(&conf->procs, handler->pid);
 		if (ret < 0)
@@ -1916,14 +1891,6 @@ static int lxc_spawn(struct lxc_handler *handler)
 		}
 	}
-	ret = snprintf(pidstr, 20, "%d", handler->pid);
-	if (ret < 0 || ret >= 20)
-		goto out_delete_net;
-	ret = setenv("LXC_PID", pidstr, 1);
-	if (ret < 0)
-		SYSERROR("Failed to set environment variable: LXC_PID=%s", pidstr);
 	/* Run any host-side start hooks */
 	ret = run_lxc_hooks(name, "start-host", conf, NULL);
 	if (ret < 0) {
@@ -1941,11 +1908,12 @@ static int lxc_spawn(struct lxc_handler *handler)
 	if (ret < 0)
 		goto out_delete_net;
-	ret = lxc_network_recv_name_and_ifindex_from_child(handler);
+	if (handler->ns_clone_flags & CLONE_NEWNET) {
-	if (ret < 0) {
+		ret = lxc_network_recv_name_and_ifindex_from_child(handler);
-		ERROR("Failed to receive names and ifindices for network "
+		if (ret < 0) {
-		      "devices from child");
+			ERROR("Failed to receive names and ifindices for network devices from child");
-		goto out_delete_net;
+			goto out_delete_net;
+		}
 	}
 	/* Now all networks are created, network devices are moved into place,