From ee9369a05f5e6e0bcece4556a3e93109d9277071 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Thu, 15 Dec 2016 12:07:02 -0800 Subject: [PATCH] ip netns: Reset vrf to default VRF on namespace switch A vrf is local to a namespace. Drop any VRF association before trying to exec a command in the new namespace. Signed-off-by: David Ahern --- ip/ip_common.h | 1 + ip/ipnetns.c | 5 +++++ ip/ipvrf.c | 14 ++++++++++++++ 3 files changed, 20 insertions(+) diff --git a/ip/ip_common.h b/ip/ip_common.h index 28763e81..ab6a8343 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -58,6 +58,7 @@ int do_tcp_metrics(int argc, char **argv); int do_ipnetconf(int argc, char **argv); int do_iptoken(int argc, char **argv); int do_ipvrf(int argc, char **argv); +void vrf_reset(void); int iplink_get(unsigned int flags, char *name, __u32 filt_mask); diff --git a/ip/ipnetns.c b/ip/ipnetns.c index db9a5417..8201b94a 100644 --- a/ip/ipnetns.c +++ b/ip/ipnetns.c @@ -387,6 +387,11 @@ static int netns_exec(int argc, char **argv) if (netns_switch(argv[0])) return -1; + /* we just changed namespaces. clear any vrf association + * with prior namespace before exec'ing command + */ + vrf_reset(); + /* ip must return the status of the child, * but do_cmd() will add a minus to this, * so let's add another one here to cancel it. diff --git a/ip/ipvrf.c b/ip/ipvrf.c index de2ec5c1..dc8364a4 100644 --- a/ip/ipvrf.c +++ b/ip/ipvrf.c @@ -277,6 +277,20 @@ static int ipvrf_exec(int argc, char **argv) return -cmd_exec(argv[1], argv + 1, !!batch_mode); } +/* reset VRF association of current process to default VRF; + * used by netns_exec + */ +void vrf_reset(void) +{ + char vrf[32]; + + if (vrf_identify(getpid(), vrf, sizeof(vrf)) || + (vrf[0] == '\0')) + return; + + vrf_switch("default"); +} + int do_ipvrf(int argc, char **argv) { if (argc == 0) {