[lxc-devel] [lxc/lxc] bad2f9: network: make callback naming consistent and under...

[Stéphane Graber]

  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: bad2f9131a6b58bd13f2f3b72c479c85912a2030
      https://github.com/lxc/lxc/commit/bad2f9131a6b58bd13f2f3b72c479c85912a2030
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c

  Log Message:
  -----------
  network: make callback naming consistent and understandable

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 071d09345f402420dfbc14cafbaa48fb1f11d954
      https://github.com/lxc/lxc/commit/071d09345f402420dfbc14cafbaa48fb1f11d954
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c

  Log Message:
  -----------
  network: fix coding style in lxc_create_network_unpriv_exec()

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 9dffc40e2a400a208fff7af5dc3151dc1b2c3ca6
      https://github.com/lxc/lxc/commit/9dffc40e2a400a208fff7af5dc3151dc1b2c3ca6
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/confile_utils.c

  Log Message:
  -----------
  confile_utils: ensure memory is zeroed

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 4a037d618e3fbcaa9d27bd6039f252d9a3f61c5b
      https://github.com/lxc/lxc/commit/4a037d618e3fbcaa9d27bd6039f252d9a3f61c5b
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c

  Log Message:
  -----------
  network: fix grammar

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 3392d3794166f4e4ab5eb273e03e52d5865b5e36
      https://github.com/lxc/lxc/commit/3392d3794166f4e4ab5eb273e03e52d5865b5e36
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c

  Log Message:
  -----------
  network: add lxc_network_info struct

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: fdd6be55c1f58ddcfde3443a49ea6884878b343e
      https://github.com/lxc/lxc/commit/fdd6be55c1f58ddcfde3443a49ea6884878b343e
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c
    M src/lxc/network.h

  Log Message:
  -----------
  network: handle name collisions when renaming network devices

LXC moves network devices into the target namespace based on their created
name. The created name can either be randomly generated for e.g. veth
devices or it can be the name of the existing device in the server's
namespaces. This is e.g. the case when moving physical devices. However this
can lead to weird clashes. Consider we have a network namespace that has the
following devices:

4: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default 
qlen 1000
   link/ether 00:16:3e:91:d3:ae brd ff:ff:ff:ff:ff:ff permaddr 00:16:3e:e7:5d:10
   altname enp7s0
5: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default 
qlen 1000
   link/ether 00:16:3e:e7:5d:10 brd ff:ff:ff:ff:ff:ff permaddr 00:16:3e:91:d3:ae
   altname enp8s0

and the user generates the following network config for their container:

 lxc.net.0.type = phys
 lxc.net.0.name = eth1
 lxc.net.0.link = eth2

 lxc.net.1.type = phys
 lxc.net.1.name = eth2
 lxc.net.1.link = eth1

This would cause LXC to move the devices eth1 and eth2 from the server's
network namespace into the container's network namespace:

24: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default 
qlen 1000
    link/ether 00:16:3e:91:d3:ae brd ff:ff:ff:ff:ff:ff permaddr 
00:16:3e:e7:5d:10
    altname enp7s0
25: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default 
qlen 1000
    link/ether 00:16:3e:e7:5d:10 brd ff:ff:ff:ff:ff:ff permaddr 
00:16:3e:91:d3:ae
     altname enp8s0

According to the network config above we now need to rename the network
devices in the container's network namespace. Let's say we start with
renaming eth2 to eth1. This would immediately lead to a clash since the
container's network namespace already contains a network device with that
name. Renaming the other device would have the same problem.

There are multiple ways to fix this but I'm concerned with keeping the logic
somewhat reasonable which is why we simply start creating transient device
names that are unique which we'll use to move and rename the network device
in the container's network namespace at the same time. And then we rename
based on those random devices names to the target name.

Fixes: #3696
Reported-by: Sam Boyles <sam.boy...@alliedtelesis.co.nz>
Reported-by: Blair Steven <blair.ste...@alliedtelesis.co.nz>
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 3a197a1b63d010943fbc88c31d63c05b73f81682
      https://github.com/lxc/lxc/commit/3a197a1b63d010943fbc88c31d63c05b73f81682
  Author: Christian Brauner <christian.brau...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/network.c

  Log Message:
  -----------
  network: use two passes through networks

Consider the following network layout:

 lxc.net.0.type = phys
 lxc.net.0.link = eth2
 lxc.net.0.name = eth%d

 lxc.net.1.type = phys
 lxc.net.1.link = eth1
 lxc.net.1.name = eth0

If we simply follow this order and create the first network first the kernel
will allocate eth0 for the first network but the second network requests
that eth1 be renamed to eth0 in the container's network namespace which
would lead to a clash.

Note, we don't handle cases like:

 lxc.net.0.type = phys
 lxc.net.0.link = eth2
 lxc.net.0.name = eth0

 lxc.net.1.type = phys
 lxc.net.1.link = eth1
 lxc.net.1.name = eth0

That'll brutally fail of course but there's nothing we can do about it. But
this can happen when e.g. a has the following LXD configuration:

devices:
  eth2:
    name: eth0
    nictype: physical
    parent: eth2
    type: nic
  eth3:
    name: eth0
    nictype: physical
    parent: eth3
    type: nic

in the container's config and the default profile has:

devices:
  eth0:
    name: eth0
    network: lxdbr0
    type: nic

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>


  Commit: 88e27cd6419509d7efd75cd5b0ba705094a91b40
      https://github.com/lxc/lxc/commit/88e27cd6419509d7efd75cd5b0ba705094a91b40
  Author: Stéphane Graber <stgra...@ubuntu.com>
  Date:   2021-02-26 (Fri, 26 Feb 2021)

  Changed paths:
    M src/lxc/confile_utils.c
    M src/lxc/network.c
    M src/lxc/network.h

  Log Message:
  -----------
  Merge pull request #3699 from brauner/2021-02-26/network

network: fix networks with switched names


Compare: https://github.com/lxc/lxc/compare/32d40452522d...88e27cd64195
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel