tap: More detailed error reporting in tap_ns_tun()
There are several possible failure points in tap_ns_tun(), but if anything goes wrong, we just set tun_ns_fd to -1 resulting in the same error message. Add more detailed error reporting to the various failure points. At the same time, we know this is only called from tap_sock_tun_init() which will terminate pasta if we fail, so we can simplify things a little because we don't need to close() the fd on the failure paths. Link: https://bugs.passt.top/show_bug.cgi?id=69 Link: https://github.com/containers/podman/issues/19428 Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
6920adda0d
commit
7bc9b66fc2
1 changed files with 16 additions and 9 deletions
25
tap.c
25
tap.c
|
@ -1171,7 +1171,7 @@ static int tun_ns_fd = -1;
|
||||||
* tap_ns_tun() - Get tuntap fd in namespace
|
* tap_ns_tun() - Get tuntap fd in namespace
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
*
|
*
|
||||||
* Return: 0
|
* Return: 0 on success, exits on failure
|
||||||
*
|
*
|
||||||
* #syscalls:pasta ioctl openat
|
* #syscalls:pasta ioctl openat
|
||||||
*/
|
*/
|
||||||
|
@ -1180,17 +1180,24 @@ static int tap_ns_tun(void *arg)
|
||||||
struct ifreq ifr = { .ifr_flags = IFF_TAP | IFF_NO_PI };
|
struct ifreq ifr = { .ifr_flags = IFF_TAP | IFF_NO_PI };
|
||||||
int flags = O_RDWR | O_NONBLOCK | O_CLOEXEC;
|
int flags = O_RDWR | O_NONBLOCK | O_CLOEXEC;
|
||||||
struct ctx *c = (struct ctx *)arg;
|
struct ctx *c = (struct ctx *)arg;
|
||||||
|
int fd, rc;
|
||||||
|
|
||||||
|
tun_ns_fd = -1;
|
||||||
memcpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
|
memcpy(ifr.ifr_name, c->pasta_ifn, IFNAMSIZ);
|
||||||
ns_enter(c);
|
ns_enter(c);
|
||||||
|
|
||||||
if ((tun_ns_fd = open("/dev/net/tun", flags)) < 0 ||
|
fd = open("/dev/net/tun", flags);
|
||||||
ioctl(tun_ns_fd, TUNSETIFF, &ifr) ||
|
if (fd < 0)
|
||||||
!(c->pasta_ifi = if_nametoindex(c->pasta_ifn))) {
|
die("Failed to open() /dev/net/tun: %s", strerror(errno));
|
||||||
if (tun_ns_fd != -1)
|
|
||||||
close(tun_ns_fd);
|
rc = ioctl(fd, TUNSETIFF, &ifr);
|
||||||
tun_ns_fd = -1;
|
if (rc < 0)
|
||||||
}
|
die("TUNSETIFF failed: %s", strerror(errno));
|
||||||
|
|
||||||
|
if (!(c->pasta_ifi = if_nametoindex(c->pasta_ifn)))
|
||||||
|
die("Tap device opened but no network interface found");
|
||||||
|
|
||||||
|
tun_ns_fd = fd;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1205,7 +1212,7 @@ static void tap_sock_tun_init(struct ctx *c)
|
||||||
|
|
||||||
NS_CALL(tap_ns_tun, c);
|
NS_CALL(tap_ns_tun, c);
|
||||||
if (tun_ns_fd == -1)
|
if (tun_ns_fd == -1)
|
||||||
die("Failed to open tun socket in namespace");
|
die("Failed to set up tap device in namespace");
|
||||||
|
|
||||||
pasta_ns_conf(c);
|
pasta_ns_conf(c);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue