[gentoo-portage-dev] [PATCH] Configure additional addresses on the lo interface for network-sandbox

public inbox for gentoo-portage-dev@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-portage-dev] [PATCH] Configure additional addresses on the lo interface for network-sandbox
@ 2019-07-31 19:59 Mike Gilbert
  2019-07-31 20:06 ` Zac Medico
  0 siblings, 1 reply; 2+ messages in thread
From: Mike Gilbert @ 2019-07-31 19:59 UTC (permalink / raw
  To: gentoo-portage-dev

This works around some strange behavior in glibc's getaddrinfo()
implementation when the AI_ADDRCONFIG flag is set.

For example:

  struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
  getaddrinfo("localhost", NULL, &hints, &res);

This returns no results if there are no non-loopback addresses configured.

Bug: https://bugs.gentoo.org/690758
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
---
 lib/portage/process.py | 43 +++++++++++++++++++++++++++---------------
 1 file changed, 28 insertions(+), 15 deletions(-)

diff --git a/lib/portage/process.py b/lib/portage/process.py
index dfbda75de..4a5a35df2 100644
--- a/lib/portage/process.py
+++ b/lib/portage/process.py
@@ -9,8 +9,6 @@ import fcntl
 import multiprocessing
 import platform
 import signal
-import socket
-import struct
 import subprocess
 import sys
 import traceback
@@ -446,6 +444,33 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
 	# Everything succeeded
 	return 0
 
+def _configure_loopback_interface():
+	"""
+	Configure the loopback interface.
+	"""
+
+	# We add some additional addresses to work around odd behavior in glibc's
+	# getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
+	#
+	# For example:
+	#
+	#   struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
+	#   getaddrinfo("localhost", NULL, &hints, &res);
+	#
+	# This returns no results if there are no non-loopback addresses
+	# configured for a given address family.
+	#
+	# Bug: https://bugs.gentoo.org/690758
+	# Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
+
+	try:
+		subprocess.check_call(['ip', 'link', 'set', 'lo', 'up'])
+		subprocess.check_call(['ip', 'address', 'add', '10.0.0.1/8', 'dev', 'lo'])
+		# Try IPv6, but don't fail if the kernel support is missing.
+		subprocess.call(['ip', 'address', 'add', 'fd00::1/8', 'dev', 'lo'])
+	except subprocess.CalledProcessError:
+		writemsg("Unable to configure loopback interface\n")
+
 def _exec(binary, mycommand, opt_name, fd_pipes,
 	env, gid, groups, uid, umask, cwd,
 	pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
@@ -624,19 +649,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
 									noiselevel=-1)
 								os._exit(1)
 						if unshare_net:
-							# 'up' the loopback
-							IFF_UP = 0x1
-							ifreq = struct.pack('16sh', b'lo', IFF_UP)
-							SIOCSIFFLAGS = 0x8914
-
-							sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
-							try:
-								fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
-							except IOError as e:
-								writemsg("Unable to enable loopback interface: %s\n" % (
-									errno.errorcode.get(e.errno, '?')),
-									noiselevel=-1)
-							sock.close()
+							_configure_loopback_interface()
 				except AttributeError:
 					# unshare() not supported by libc
 					pass
-- 
2.22.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [gentoo-portage-dev] [PATCH] Configure additional addresses on the lo interface for network-sandbox
  2019-07-31 19:59 [gentoo-portage-dev] [PATCH] Configure additional addresses on the lo interface for network-sandbox Mike Gilbert
@ 2019-07-31 20:06 ` Zac Medico
  0 siblings, 0 replies; 2+ messages in thread
From: Zac Medico @ 2019-07-31 20:06 UTC (permalink / raw
  To: gentoo-portage-dev, Mike Gilbert


[-- Attachment #1.1: Type: text/plain, Size: 3511 bytes --]

On 7/31/19 12:59 PM, Mike Gilbert wrote:
> This works around some strange behavior in glibc's getaddrinfo()
> implementation when the AI_ADDRCONFIG flag is set.
> 
> For example:
> 
>   struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
>   getaddrinfo("localhost", NULL, &hints, &res);
> 
> This returns no results if there are no non-loopback addresses configured.
> 
> Bug: https://bugs.gentoo.org/690758
> Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> Signed-off-by: Mike Gilbert <floppym@gentoo.org>
> ---
>  lib/portage/process.py | 43 +++++++++++++++++++++++++++---------------
>  1 file changed, 28 insertions(+), 15 deletions(-)
> 
> diff --git a/lib/portage/process.py b/lib/portage/process.py
> index dfbda75de..4a5a35df2 100644
> --- a/lib/portage/process.py
> +++ b/lib/portage/process.py
> @@ -9,8 +9,6 @@ import fcntl
>  import multiprocessing
>  import platform
>  import signal
> -import socket
> -import struct
>  import subprocess
>  import sys
>  import traceback
> @@ -446,6 +444,33 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
>  	# Everything succeeded
>  	return 0
>  
> +def _configure_loopback_interface():
> +	"""
> +	Configure the loopback interface.
> +	"""
> +
> +	# We add some additional addresses to work around odd behavior in glibc's
> +	# getaddrinfo() implementation when the AI_ADDRCONFIG flag is set.
> +	#
> +	# For example:
> +	#
> +	#   struct addrinfo *res, hints = { .ai_family = AF_INET, .ai_flags = AI_ADDRCONFIG };
> +	#   getaddrinfo("localhost", NULL, &hints, &res);
> +	#
> +	# This returns no results if there are no non-loopback addresses
> +	# configured for a given address family.
> +	#
> +	# Bug: https://bugs.gentoo.org/690758
> +	# Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=12377#c13
> +
> +	try:
> +		subprocess.check_call(['ip', 'link', 'set', 'lo', 'up'])
> +		subprocess.check_call(['ip', 'address', 'add', '10.0.0.1/8', 'dev', 'lo'])
> +		# Try IPv6, but don't fail if the kernel support is missing.
> +		subprocess.call(['ip', 'address', 'add', 'fd00::1/8', 'dev', 'lo'])
> +	except subprocess.CalledProcessError:
> +		writemsg("Unable to configure loopback interface\n")
> +
>  def _exec(binary, mycommand, opt_name, fd_pipes,
>  	env, gid, groups, uid, umask, cwd,
>  	pre_exec, close_fds, unshare_net, unshare_ipc, unshare_mount, unshare_pid,
> @@ -624,19 +649,7 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
>  									noiselevel=-1)
>  								os._exit(1)
>  						if unshare_net:
> -							# 'up' the loopback
> -							IFF_UP = 0x1
> -							ifreq = struct.pack('16sh', b'lo', IFF_UP)
> -							SIOCSIFFLAGS = 0x8914
> -
> -							sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
> -							try:
> -								fcntl.ioctl(sock, SIOCSIFFLAGS, ifreq)
> -							except IOError as e:
> -								writemsg("Unable to enable loopback interface: %s\n" % (
> -									errno.errorcode.get(e.errno, '?')),
> -									noiselevel=-1)
> -							sock.close()
> +							_configure_loopback_interface()
>  				except AttributeError:
>  					# unshare() not supported by libc
>  					pass
> 

I'd prefer if we could use the ioctl method if possible, since it's not
much code and it will work even if the `ip` command is missing for any
reason (note that subprocess.check_call will raise an ENOENT
EnvironmentError if it's missing).
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-07-31 20:06 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-07-31 19:59 [gentoo-portage-dev] [PATCH] Configure additional addresses on the lo interface for network-sandbox Mike Gilbert
2019-07-31 20:06 ` Zac Medico

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox