[lxc-devel] [lxc/master] network: clear ifindeces

Sun Oct 1 05:47:34 UTC 2017

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 538 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20171001/09df1b6f/attachment.bin>
-------------- next part --------------
From 3a6eab1044e7e4cc6b47e905a67a840da1b83f0c Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 1 Oct 2017 07:12:51 +0200
Subject: [PATCH 1/3] network: use single helper to delete networks

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/network.c | 31 ++++++++++++++++++-------------
 src/lxc/network.h |  3 +--
 src/lxc/start.c   | 19 ++-----------------
 3 files changed, 21 insertions(+), 32 deletions(-)

diff --git a/src/lxc/network.c b/src/lxc/network.c
index 4469fdda8..634aa5c29 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -2299,10 +2299,6 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 	 * \0
 	 */
 	char netns_path[6 + LXC_NUMSTRLEN64 + 4 + LXC_NUMSTRLEN64 + 1];
-	bool deleted_all = true;
-
-	if (handler->am_root)
-		return true;
 
 	*netns_path = '\0';
 
@@ -2362,7 +2358,6 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 						     handler->name, netdev,
 						     netns_path);
 		if (ret < 0) {
-			deleted_all = false;
 			WARN("Failed to remove port \"%s\" from openvswitch "
 			     "bridge \"%s\"", hostveth, netdev->link);
 			continue;
@@ -2371,7 +2366,7 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 		     netdev->link);
 	}
 
-	return deleted_all;
+	return true;
 }
 
 int lxc_create_network_priv(struct lxc_handler *handler)
@@ -2479,10 +2474,6 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 	int ret;
 	struct lxc_list *iterator;
 	struct lxc_list *network = &handler->conf->network;
-	bool deleted_all = true;
-
-	if (!handler->am_root)
-		return true;
 
 	lxc_list_for_each(iterator, network) {
 		char *hostveth = NULL;
@@ -2524,7 +2515,6 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 					netdev->name[0] != '\0' ? netdev->name : "(null)",
 					netdev->ifindex);
 		} else if (ret < 0) {
-			deleted_all = false;
 			WARN("Failed to remove interface \"%s\" with "
 					"index %d: %s",
 					netdev->name[0] != '\0' ? netdev->name : "(null)",
@@ -2550,7 +2540,6 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 
 		ret = lxc_netdev_delete_by_name(hostveth);
 		if (ret < 0) {
-			deleted_all = false;
 			WARN("Failed to remove interface \"%s\" from \"%s\": %s",
 			     hostveth, netdev->link, strerror(-ret));
 			continue;
@@ -2574,7 +2563,7 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 		netdev->priv.veth_attr.veth1[0] = '\0';
 	}
 
-	return deleted_all;
+	return true;
 }
 
 int lxc_requests_empty_network(struct lxc_handler *handler)
@@ -3094,3 +3083,19 @@ int lxc_network_recv_name_and_ifindex_from_child(struct lxc_handler *handler)
 
 	return 0;
 }
+
+bool lxc_delete_network(struct lxc_handler *handler)
+{
+	bool bret;
+
+	if (handler->am_root)
+		bret = lxc_delete_network_priv(handler);
+	else
+		bret = lxc_delete_network_unpriv(handler);
+	if (!bret)
+		DEBUG("Failed to delete network devices");
+	else
+		DEBUG("Deleted network devices");
+
+	return bret;
+}
diff --git a/src/lxc/network.h b/src/lxc/network.h
index 833bfe6f3..6415947eb 100644
--- a/src/lxc/network.h
+++ b/src/lxc/network.h
@@ -266,8 +266,7 @@ extern int lxc_network_move_created_netdev_priv(const char *lxcpath,
 						char *lxcname,
 						struct lxc_list *network,
 						pid_t pid);
-extern bool lxc_delete_network_priv(struct lxc_handler *handler);
-extern bool lxc_delete_network_unpriv(struct lxc_handler *handler);
+extern bool lxc_delete_network(struct lxc_handler *handler);
 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
 extern int lxc_create_network_unpriv(const char *lxcpath, char *lxcname,
 				     struct lxc_list *network, pid_t pid);
diff --git a/src/lxc/start.c b/src/lxc/start.c
index b838e579d..f3c112637 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -1401,12 +1401,7 @@ static int lxc_spawn(struct lxc_handler *handler)
 		cgroup_disconnect();
 
 	if (handler->clone_flags & CLONE_NEWNET) {
-		DEBUG("Tearing down network devices");
-		if (!lxc_delete_network_priv(handler))
-			DEBUG("Failed tearing down network devices");
-
-		if (!lxc_delete_network_unpriv(handler))
-			DEBUG("Failed tearing down network devices");
+		(void)lxc_delete_network(handler);
 	}
 
 out_abort:
@@ -1518,17 +1513,7 @@ int __lxc_start(const char *name, struct lxc_handler *handler,
 	err =  lxc_error_set_and_log(handler->pid, status);
 
 out_fini:
-	DEBUG("Tearing down network devices");
-	if (!lxc_delete_network_priv(handler))
-		DEBUG("Failed tearing down network devices");
-
-	if (!lxc_delete_network_unpriv(handler))
-		DEBUG("Failed tearing down network devices");
-
-	if (handler->netnsfd >= 0) {
-		close(handler->netnsfd);
-		handler->netnsfd = -1;
-	}
+	(void)lxc_delete_network(handler);
 
 out_detach_blockdev:
 	detach_block_device(handler->conf);

From c825d0e0d34c9dd486e84fe8ab35d43f45ab203f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 1 Oct 2017 07:27:00 +0200
Subject: [PATCH 2/3] network: non-functional changes

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/network.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/lxc/network.c b/src/lxc/network.c
index 634aa5c29..967d96946 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -2510,20 +2510,21 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 		ret = lxc_netdev_delete_by_index(netdev->ifindex);
 		if (-ret == ENODEV) {
 			INFO("Interface \"%s\" with index %d already "
-					"deleted or existing in different network "
-					"namespace",
-					netdev->name[0] != '\0' ? netdev->name : "(null)",
-					netdev->ifindex);
+			     "deleted or existing in different network "
+			     "namespace",
+			     netdev->name[0] != '\0' ? netdev->name : "(null)",
+			     netdev->ifindex);
 		} else if (ret < 0) {
 			WARN("Failed to remove interface \"%s\" with "
-					"index %d: %s",
-					netdev->name[0] != '\0' ? netdev->name : "(null)",
-					netdev->ifindex, strerror(-ret));
 			continue;
+			     "index %d: %s",
+			     netdev->name[0] != '\0' ? netdev->name : "(null)",
+			     netdev->ifindex, strerror(-ret));
+			     continue;
 		}
 		INFO("Removed interface \"%s\" with index %d",
-				netdev->name[0] != '\0' ? netdev->name : "(null)",
-				netdev->ifindex);
+		     netdev->name[0] != '\0' ? netdev->name : "(null)",
+		     netdev->ifindex);
 
 		if (netdev->type != LXC_NET_VETH)
 			continue;

From ea9670fabc821eedcc774ef9783e5171cc1fc7cc Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Sun, 1 Oct 2017 07:27:34 +0200
Subject: [PATCH 3/3] network: clear ifindeces

We need to clear any ifindeces we recorded so liblxc won't have cached stale
data which would cause it to fail on reboot we're we don't re-read the on-disk
config file.

Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
 src/lxc/network.c | 51 ++++++++++++++++++++++++++++++++++++++-------------
 1 file changed, 38 insertions(+), 13 deletions(-)

diff --git a/src/lxc/network.c b/src/lxc/network.c
index 967d96946..3df49aa72 100644
--- a/src/lxc/network.c
+++ b/src/lxc/network.c
@@ -2334,7 +2334,7 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 				TRACE("Renamed interface with index %d to its "
 				      "initial name \"%s\"",
 				      netdev->ifindex, netdev->link);
-			continue;
+			goto clear_ifindices;
 		}
 
 		ret = netdev_deconf[netdev->type](handler, netdev);
@@ -2342,17 +2342,17 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 			WARN("Failed to deconfigure network device");
 
 		if (netdev->type != LXC_NET_VETH)
-			continue;
+			goto clear_ifindices;
 
 		if (netdev->link[0] == '\0' || !is_ovs_bridge(netdev->link))
-			continue;
+			goto clear_ifindices;
 
 		if (netdev->priv.veth_attr.pair[0] != '\0')
 			hostveth = netdev->priv.veth_attr.pair;
 		else
 			hostveth = netdev->priv.veth_attr.veth1;
 		if (hostveth[0] == '\0')
-			continue;
+			goto clear_ifindices;
 
 		ret = lxc_delete_network_unpriv_exec(handler->lxcpath,
 						     handler->name, netdev,
@@ -2360,10 +2360,23 @@ bool lxc_delete_network_unpriv(struct lxc_handler *handler)
 		if (ret < 0) {
 			WARN("Failed to remove port \"%s\" from openvswitch "
 			     "bridge \"%s\"", hostveth, netdev->link);
-			continue;
+			goto clear_ifindices;
 		}
 		INFO("Removed interface \"%s\" from \"%s\"", hostveth,
 		     netdev->link);
+
+clear_ifindices:
+		/* We need to clear any ifindeces we recorded so liblxc won't
+		 * have cached stale data which would cause it to fail on reboot
+		 * we're we don't re-read the on-disk config file.
+		 */
+		netdev->ifindex = 0;
+		if (netdev->type == LXC_NET_PHYS) {
+			netdev->priv.phys_attr.ifindex = 0;
+		} else if (netdev->type == LXC_NET_VETH) {
+			netdev->priv.veth_attr.veth1[0] = '\0';
+			netdev->priv.veth_attr.ifindex = 0;
+		}
 	}
 
 	return true;
@@ -2496,7 +2509,7 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 				      "\"%s\" to its initial name \"%s\"",
 				      netdev->ifindex, netdev->name,
 				      netdev->link);
-			continue;
+			goto clear_ifindices;
 		}
 
 		ret = netdev_deconf[netdev->type](handler, netdev);
@@ -2516,18 +2529,17 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 			     netdev->ifindex);
 		} else if (ret < 0) {
 			WARN("Failed to remove interface \"%s\" with "
-			continue;
 			     "index %d: %s",
 			     netdev->name[0] != '\0' ? netdev->name : "(null)",
 			     netdev->ifindex, strerror(-ret));
-			     continue;
+			goto clear_ifindices;
 		}
 		INFO("Removed interface \"%s\" with index %d",
 		     netdev->name[0] != '\0' ? netdev->name : "(null)",
 		     netdev->ifindex);
 
 		if (netdev->type != LXC_NET_VETH)
-			continue;
+			goto clear_ifindices;
 
 		/* Explicitly delete host veth device to prevent lingering
 		 * devices. We had issues in LXD around this.
@@ -2537,19 +2549,21 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 		else
 			hostveth = netdev->priv.veth_attr.veth1;
 		if (hostveth[0] == '\0')
-			continue;
+			goto clear_ifindices;
 
 		ret = lxc_netdev_delete_by_name(hostveth);
 		if (ret < 0) {
 			WARN("Failed to remove interface \"%s\" from \"%s\": %s",
 			     hostveth, netdev->link, strerror(-ret));
-			continue;
+			goto clear_ifindices;
 		}
 		INFO("Removed interface \"%s\" from \"%s\"", hostveth, netdev->link);
 
 		if (netdev->link[0] == '\0' || !is_ovs_bridge(netdev->link)) {
 			netdev->priv.veth_attr.veth1[0] = '\0';
-			continue;
+			netdev->ifindex = 0;
+			netdev->priv.veth_attr.ifindex = 0;
+			goto clear_ifindices;
 		}
 
 		/* Delete the openvswitch port. */
@@ -2561,7 +2575,18 @@ bool lxc_delete_network_priv(struct lxc_handler *handler)
 			INFO("Removed port \"%s\" from openvswitch bridge \"%s\"",
 			     hostveth, netdev->link);
 
-		netdev->priv.veth_attr.veth1[0] = '\0';
+clear_ifindices:
+		/* We need to clear any ifindeces we recorded so liblxc won't
+		 * have cached stale data which would cause it to fail on reboot
+		 * we're we don't re-read the on-disk config file.
+		 */
+		netdev->ifindex = 0;
+		if (netdev->type == LXC_NET_PHYS) {
+			netdev->priv.phys_attr.ifindex = 0;
+		} else if (netdev->type == LXC_NET_VETH) {
+			netdev->priv.veth_attr.veth1[0] = '\0';
+			netdev->priv.veth_attr.ifindex = 0;
+		}
 	}
 
 	return true;
