From 85f591ed60b0a267bea8b7fbd45788a9363d5720 Mon Sep 17 00:00:00 2001 From: Rodolfo Alonso Hernandez Date: Thu, 4 Mar 2021 15:40:08 +0000 Subject: [PATCH] Implement namespace creation method Since [1], Pyroute forks the namespace creation to avoid calling destructive routine "libc.unshare(CLONE_NEWNET)" from the main process. This implementation uses sockets between both processes to return any error feedback sent from the child process. This patch implements the same fork without any communication. If the child process raises an exception other than "OSError(EEXIST)", the child process returns 1 that is read by the the main process, that raises a "RuntimeError" exception. Related-Bug: #1917487 [1]https://github.com/svinota/pyroute2/commit/81db2c98a1dda1c575ae087519cb08aa6ffdb39e Conflicts: neutron/privileged/agent/linux/ip_lib.py Change-Id: I0294586335a71d0757803843f675124bfb450967 (cherry picked from commit eb567478516897fadac1b7d205bef5c86284eace) --- neutron/privileged/agent/linux/ip_lib.py | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/neutron/privileged/agent/linux/ip_lib.py b/neutron/privileged/agent/linux/ip_lib.py index 2a6f308adea..2091aeb268a 100644 --- a/neutron/privileged/agent/linux/ip_lib.py +++ b/neutron/privileged/agent/linux/ip_lib.py @@ -567,11 +567,19 @@ def create_netns(name, **kwargs): :param name: The name of the namespace to create """ - try: - netns.create(name, libc=_get_cdll()) - except OSError as e: - if e.errno != errno.EEXIST: - raise + pid = os.fork() + if pid == 0: + try: + netns.create(name, libc=_get_cdll()) + except OSError as e: + if e.errno != errno.EEXIST: + os._exit(1) + except Exception: + os._exit(1) + os._exit(0) + else: + if os.waitpid(pid, 0)[1]: + raise RuntimeError(_('Error creating namespace %s') % name) @privileged.default.entrypoint