summaryrefslogtreecommitdiff
path: root/vendor/github.com/containernetworking/plugins/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/containernetworking/plugins/pkg')
-rw-r--r--vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go13
-rw-r--r--vendor/github.com/containernetworking/plugins/pkg/ns/ns_linux.go15
-rw-r--r--vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go80
3 files changed, 103 insertions, 5 deletions
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
index c0053cabe..f8781cf19 100644
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
+++ b/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
@@ -21,10 +21,12 @@ import (
"net"
"os"
- "github.com/containernetworking/plugins/pkg/ns"
- "github.com/containernetworking/plugins/pkg/utils/hwaddr"
"github.com/safchain/ethtool"
"github.com/vishvananda/netlink"
+
+ "github.com/containernetworking/plugins/pkg/ns"
+ "github.com/containernetworking/plugins/pkg/utils/hwaddr"
+ "github.com/containernetworking/plugins/pkg/utils/sysctl"
)
var (
@@ -158,6 +160,9 @@ func SetupVethWithName(contVethName, hostVethName string, mtu int, hostNS ns.Net
if err = netlink.LinkSetUp(hostVeth); err != nil {
return fmt.Errorf("failed to set %q up: %v", hostVethName, err)
}
+
+ // we want to own the routes for this interface
+ _, _ = sysctl.Sysctl(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", hostVethName), "0")
return nil
})
if err != nil {
@@ -178,7 +183,7 @@ func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (net.Interface, ne
func DelLinkByName(ifName string) error {
iface, err := netlink.LinkByName(ifName)
if err != nil {
- if err.Error() == "Link not found" {
+ if _, ok := err.(netlink.LinkNotFoundError); ok {
return ErrLinkNotFound
}
return fmt.Errorf("failed to lookup %q: %v", ifName, err)
@@ -195,7 +200,7 @@ func DelLinkByName(ifName string) error {
func DelLinkByNameAddr(ifName string) ([]*net.IPNet, error) {
iface, err := netlink.LinkByName(ifName)
if err != nil {
- if err != nil && err.Error() == "Link not found" {
+ if _, ok := err.(netlink.LinkNotFoundError); ok {
return nil, ErrLinkNotFound
}
return nil, fmt.Errorf("failed to lookup %q: %v", ifName, err)
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ns/ns_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ns/ns_linux.go
index 31ad5f622..a34f97170 100644
--- a/vendor/github.com/containernetworking/plugins/pkg/ns/ns_linux.go
+++ b/vendor/github.com/containernetworking/plugins/pkg/ns/ns_linux.go
@@ -178,7 +178,16 @@ func (ns *netNS) Do(toRun func(NetNS) error) error {
if err = ns.Set(); err != nil {
return fmt.Errorf("error switching to ns %v: %v", ns.file.Name(), err)
}
- defer threadNS.Set() // switch back
+ defer func() {
+ err := threadNS.Set() // switch back
+ if err == nil {
+ // Unlock the current thread only when we successfully switched back
+ // to the original namespace; otherwise leave the thread locked which
+ // will force the runtime to scrap the current thread, that is maybe
+ // not as optimal but at least always safe to do.
+ runtime.UnlockOSThread()
+ }
+ }()
return toRun(hostNS)
}
@@ -193,6 +202,10 @@ func (ns *netNS) Do(toRun func(NetNS) error) error {
var wg sync.WaitGroup
wg.Add(1)
+ // Start the callback in a new green thread so that if we later fail
+ // to switch the namespace back to the original one, we can safely
+ // leave the thread locked to die without a risk of the current thread
+ // left lingering with incorrect namespace.
var innerError error
go func() {
defer wg.Done()
diff --git a/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go b/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go
new file mode 100644
index 000000000..7ee47e1ce
--- /dev/null
+++ b/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go
@@ -0,0 +1,80 @@
+// Copyright 2016 CNI authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package sysctl
+
+import (
+ "fmt"
+ "io/ioutil"
+ "path/filepath"
+ "strings"
+)
+
+// Sysctl provides a method to set/get values from /proc/sys - in linux systems
+// new interface to set/get values of variables formerly handled by sysctl syscall
+// If optional `params` have only one string value - this function will
+// set this value into corresponding sysctl variable
+func Sysctl(name string, params ...string) (string, error) {
+ if len(params) > 1 {
+ return "", fmt.Errorf("unexcepted additional parameters")
+ } else if len(params) == 1 {
+ return setSysctl(name, params[0])
+ }
+ return getSysctl(name)
+}
+
+func getSysctl(name string) (string, error) {
+ fullName := filepath.Join("/proc/sys", toNormalName(name))
+ fullName = filepath.Clean(fullName)
+ data, err := ioutil.ReadFile(fullName)
+ if err != nil {
+ return "", err
+ }
+
+ return string(data[:len(data)-1]), nil
+}
+
+func setSysctl(name, value string) (string, error) {
+ fullName := filepath.Join("/proc/sys", toNormalName(name))
+ fullName = filepath.Clean(fullName)
+ if err := ioutil.WriteFile(fullName, []byte(value), 0644); err != nil {
+ return "", err
+ }
+
+ return getSysctl(name)
+}
+
+// Normalize names by using slash as separator
+// Sysctl names can use dots or slashes as separator:
+// - if dots are used, dots and slashes are interchanged.
+// - if slashes are used, slashes and dots are left intact.
+// Separator in use is determined by first occurrence.
+func toNormalName(name string) string {
+ interchange := false
+ for _, c := range name {
+ if c == '.' {
+ interchange = true
+ break
+ }
+ if c == '/' {
+ break
+ }
+ }
+
+ if interchange {
+ r := strings.NewReplacer(".", "/", "/", ".")
+ return r.Replace(name)
+ }
+ return name
+}