From 0f02f97f25fc0cdf47e5e6b294c6acdcaaca615c Mon Sep 17 00:00:00 2001 From: Rodolfo Alonso Hernandez Date: Thu, 4 Mar 2021 15:40:08 +0000 Subject: [PATCH] Implement namespace creation method Since [1], Pyroute forks the namespace creation to avoid calling destructive routine "libc.unshare(CLONE_NEWNET)" from the main process. This implementation uses sockets between both processes to return any error feedback sent from the child process. This patch implements the same fork without any communication. If the child process raises an exception other than "OSError(EEXIST)", the child process returns 1 that is read by the the main process, that raises a "RuntimeError" exception. Related-Bug: #1917487 [1]https://github.com/svinota/pyroute2/commit/81db2c98a1dda1c575ae087519cb08aa6ffdb39e Change-Id: I0294586335a71d0757803843f675124bfb450967 (cherry picked from commit eb567478516897fadac1b7d205bef5c86284eace) --- neutron/privileged/agent/linux/ip_lib.py | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/neutron/privileged/agent/linux/ip_lib.py b/neutron/privileged/agent/linux/ip_lib.py index 5e14bbcb3b6..5ea055282bd 100644 --- a/neutron/privileged/agent/linux/ip_lib.py +++ b/neutron/privileged/agent/linux/ip_lib.py @@ -538,11 +538,19 @@ def create_netns(name, **kwargs): :param name: The name of the namespace to create """ - try: - netns.create(name, libc=priv_linux.get_cdll()) - except OSError as e: - if e.errno != errno.EEXIST: - raise + pid = os.fork() + if pid == 0: + try: + netns._create(name, libc=priv_linux.get_cdll()) + except OSError as e: + if e.errno != errno.EEXIST: + os._exit(1) + except Exception: + os._exit(1) + os._exit(0) + else: + if os.waitpid(pid, 0)[1]: + raise RuntimeError(_('Error creating namespace %s' % name)) @privileged.default.entrypoint