mirror of
https://passt.top/passt
synced 2025-01-18 18:35:15 +00:00
netlink: Propagate errors for "dup" operations
We now detect errors on netlink "set" operations while configuring the pasta namespace with --config-net. However in many cases rather than a simple "set" we use a more complex "dup" function to copy configuration from the host to the namespace. We're not yet properly detecting and reporting netlink errors for that case. Change the "dup" operations to propagate netlink errors to their caller, pasta_ns_conf() and report them there. Link: https://bugs.passt.top/show_bug.cgi?id=60 Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [sbrivio: Minor formatting changes in pasta_ns_conf()] Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
5103811e2d
commit
02b30e7871
28
netlink.c
28
netlink.c
@ -413,8 +413,10 @@ int nl_route_set_def(int s, unsigned int ifi, sa_family_t af, void *gw)
|
|||||||
* @s_dst: Netlink socket in destination namespace
|
* @s_dst: Netlink socket in destination namespace
|
||||||
* @ifi_dst: Interface index in destination namespace
|
* @ifi_dst: Interface index in destination namespace
|
||||||
* @af: Address family
|
* @af: Address family
|
||||||
|
*
|
||||||
|
* Return: 0 on success, negative error code on failure
|
||||||
*/
|
*/
|
||||||
void nl_route_dup(int s_src, unsigned int ifi_src,
|
int nl_route_dup(int s_src, unsigned int ifi_src,
|
||||||
int s_dst, unsigned int ifi_dst, sa_family_t af)
|
int s_dst, unsigned int ifi_dst, sa_family_t af)
|
||||||
{
|
{
|
||||||
struct req_t {
|
struct req_t {
|
||||||
@ -477,9 +479,11 @@ void nl_route_dup(int s_src, unsigned int ifi_src,
|
|||||||
|
|
||||||
if (extra) {
|
if (extra) {
|
||||||
err("netlink: Too many routes to duplicate");
|
err("netlink: Too many routes to duplicate");
|
||||||
return;
|
return -E2BIG;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (status < 0)
|
||||||
|
return status;
|
||||||
|
|
||||||
/* Routes might have dependencies between each other, and the kernel
|
/* Routes might have dependencies between each other, and the kernel
|
||||||
* processes RTM_NEWROUTE messages sequentially. For n routes, we might
|
* processes RTM_NEWROUTE messages sequentially. For n routes, we might
|
||||||
@ -493,15 +497,20 @@ void nl_route_dup(int s_src, unsigned int ifi_src,
|
|||||||
NLMSG_OK(nh, status);
|
NLMSG_OK(nh, status);
|
||||||
nh = NLMSG_NEXT(nh, status)) {
|
nh = NLMSG_NEXT(nh, status)) {
|
||||||
uint16_t flags = nh->nlmsg_flags;
|
uint16_t flags = nh->nlmsg_flags;
|
||||||
|
int rc;
|
||||||
|
|
||||||
if (nh->nlmsg_type != RTM_NEWROUTE)
|
if (nh->nlmsg_type != RTM_NEWROUTE)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
nl_do(s_dst, nh, RTM_NEWROUTE,
|
rc = nl_do(s_dst, nh, RTM_NEWROUTE,
|
||||||
(flags & ~NLM_F_DUMP_FILTERED) | NLM_F_CREATE,
|
(flags & ~NLM_F_DUMP_FILTERED) | NLM_F_CREATE,
|
||||||
nh->nlmsg_len);
|
nh->nlmsg_len);
|
||||||
|
if (rc < 0 && rc != -ENETUNREACH && rc != -EEXIST)
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -634,8 +643,10 @@ int nl_addr_set(int s, unsigned int ifi, sa_family_t af,
|
|||||||
* @s_dst: Netlink socket in destination network namespace
|
* @s_dst: Netlink socket in destination network namespace
|
||||||
* @ifi_dst: Interface index in destination namespace
|
* @ifi_dst: Interface index in destination namespace
|
||||||
* @af: Address family
|
* @af: Address family
|
||||||
|
*
|
||||||
|
* Return: 0 on success, negative error code on failure
|
||||||
*/
|
*/
|
||||||
void nl_addr_dup(int s_src, unsigned int ifi_src,
|
int nl_addr_dup(int s_src, unsigned int ifi_src,
|
||||||
int s_dst, unsigned int ifi_dst, sa_family_t af)
|
int s_dst, unsigned int ifi_dst, sa_family_t af)
|
||||||
{
|
{
|
||||||
struct req_t {
|
struct req_t {
|
||||||
@ -650,6 +661,7 @@ void nl_addr_dup(int s_src, unsigned int ifi_src,
|
|||||||
struct nlmsghdr *nh;
|
struct nlmsghdr *nh;
|
||||||
ssize_t status;
|
ssize_t status;
|
||||||
uint16_t seq;
|
uint16_t seq;
|
||||||
|
int rc = 0;
|
||||||
|
|
||||||
seq = nl_send(s_src, &req, RTM_GETADDR, NLM_F_DUMP, sizeof(req));
|
seq = nl_send(s_src, &req, RTM_GETADDR, NLM_F_DUMP, sizeof(req));
|
||||||
nl_foreach_oftype(nh, status, s_src, buf, seq, RTM_NEWADDR) {
|
nl_foreach_oftype(nh, status, s_src, buf, seq, RTM_NEWADDR) {
|
||||||
@ -662,7 +674,7 @@ void nl_addr_dup(int s_src, unsigned int ifi_src,
|
|||||||
|
|
||||||
ifa = (struct ifaddrmsg *)NLMSG_DATA(nh);
|
ifa = (struct ifaddrmsg *)NLMSG_DATA(nh);
|
||||||
|
|
||||||
if (ifa->ifa_scope == RT_SCOPE_LINK ||
|
if (rc < 0 || ifa->ifa_scope == RT_SCOPE_LINK ||
|
||||||
ifa->ifa_index != ifi_src)
|
ifa->ifa_index != ifi_src)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
@ -674,10 +686,14 @@ void nl_addr_dup(int s_src, unsigned int ifi_src,
|
|||||||
rta->rta_type = IFA_UNSPEC;
|
rta->rta_type = IFA_UNSPEC;
|
||||||
}
|
}
|
||||||
|
|
||||||
nl_do(s_dst, nh, RTM_NEWADDR,
|
rc = nl_do(s_dst, nh, RTM_NEWADDR,
|
||||||
(nh->nlmsg_flags & ~NLM_F_DUMP_FILTERED) | NLM_F_CREATE,
|
(nh->nlmsg_flags & ~NLM_F_DUMP_FILTERED) | NLM_F_CREATE,
|
||||||
nh->nlmsg_len);
|
nh->nlmsg_len);
|
||||||
}
|
}
|
||||||
|
if (status < 0)
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -13,13 +13,13 @@ void nl_sock_init(const struct ctx *c, bool ns);
|
|||||||
unsigned int nl_get_ext_if(int s, sa_family_t af);
|
unsigned int nl_get_ext_if(int s, sa_family_t af);
|
||||||
int nl_route_get_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
int nl_route_get_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
||||||
int nl_route_set_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
int nl_route_set_def(int s, unsigned int ifi, sa_family_t af, void *gw);
|
||||||
void nl_route_dup(int s_src, unsigned int ifi_src,
|
int nl_route_dup(int s_src, unsigned int ifi_src,
|
||||||
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
||||||
int nl_addr_get(int s, unsigned int ifi, sa_family_t af,
|
int nl_addr_get(int s, unsigned int ifi, sa_family_t af,
|
||||||
void *addr, int *prefix_len, void *addr_l);
|
void *addr, int *prefix_len, void *addr_l);
|
||||||
int nl_addr_set(int s, unsigned int ifi, sa_family_t af,
|
int nl_addr_set(int s, unsigned int ifi, sa_family_t af,
|
||||||
void *addr, int prefix_len);
|
void *addr, int prefix_len);
|
||||||
void nl_addr_dup(int s_src, unsigned int ifi_src,
|
int nl_addr_dup(int s_src, unsigned int ifi_src,
|
||||||
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
int s_dst, unsigned int ifi_dst, sa_family_t af);
|
||||||
int nl_link_get_mac(int s, unsigned int ifi, void *mac);
|
int nl_link_get_mac(int s, unsigned int ifi, void *mac);
|
||||||
int nl_link_set_mac(int s, unsigned int ifi, void *mac);
|
int nl_link_set_mac(int s, unsigned int ifi, void *mac);
|
||||||
|
11
pasta.c
11
pasta.c
@ -298,8 +298,9 @@ void pasta_ns_conf(struct ctx *c)
|
|||||||
&c->ip4.addr,
|
&c->ip4.addr,
|
||||||
c->ip4.prefix_len);
|
c->ip4.prefix_len);
|
||||||
} else {
|
} else {
|
||||||
nl_addr_dup(nl_sock, c->ifi4,
|
rc = nl_addr_dup(nl_sock, c->ifi4,
|
||||||
nl_sock_ns, c->pasta_ifi, AF_INET);
|
nl_sock_ns, c->pasta_ifi,
|
||||||
|
AF_INET);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rc < 0) {
|
if (rc < 0) {
|
||||||
@ -311,7 +312,7 @@ void pasta_ns_conf(struct ctx *c)
|
|||||||
rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
|
rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
|
||||||
AF_INET, &c->ip4.gw);
|
AF_INET, &c->ip4.gw);
|
||||||
} else {
|
} else {
|
||||||
nl_route_dup(nl_sock, c->ifi4, nl_sock_ns,
|
rc = nl_route_dup(nl_sock, c->ifi4, nl_sock_ns,
|
||||||
c->pasta_ifi, AF_INET);
|
c->pasta_ifi, AF_INET);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -326,7 +327,7 @@ void pasta_ns_conf(struct ctx *c)
|
|||||||
rc = nl_addr_set(nl_sock_ns, c->pasta_ifi,
|
rc = nl_addr_set(nl_sock_ns, c->pasta_ifi,
|
||||||
AF_INET6, &c->ip6.addr, 64);
|
AF_INET6, &c->ip6.addr, 64);
|
||||||
} else {
|
} else {
|
||||||
nl_addr_dup(nl_sock, c->ifi6,
|
rc = nl_addr_dup(nl_sock, c->ifi6,
|
||||||
nl_sock_ns, c->pasta_ifi,
|
nl_sock_ns, c->pasta_ifi,
|
||||||
AF_INET6);
|
AF_INET6);
|
||||||
}
|
}
|
||||||
@ -340,7 +341,7 @@ void pasta_ns_conf(struct ctx *c)
|
|||||||
rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
|
rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
|
||||||
AF_INET6, &c->ip6.gw);
|
AF_INET6, &c->ip6.gw);
|
||||||
} else {
|
} else {
|
||||||
nl_route_dup(nl_sock, c->ifi6,
|
rc = nl_route_dup(nl_sock, c->ifi6,
|
||||||
nl_sock_ns, c->pasta_ifi,
|
nl_sock_ns, c->pasta_ifi,
|
||||||
AF_INET6);
|
AF_INET6);
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user