| 1 | /* Enter a network namespace. |
|---|---|
| 2 | Copyright (C) 2016-2022 Free Software Foundation, Inc. |
| 3 | This file is part of the GNU C Library. |
| 4 | |
| 5 | The GNU C Library is free software; you can redistribute it and/or |
| 6 | modify it under the terms of the GNU Lesser General Public |
| 7 | License as published by the Free Software Foundation; either |
| 8 | version 2.1 of the License, or (at your option) any later version. |
| 9 | |
| 10 | The GNU C Library is distributed in the hope that it will be useful, |
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 13 | Lesser General Public License for more details. |
| 14 | |
| 15 | You should have received a copy of the GNU Lesser General Public |
| 16 | License along with the GNU C Library; if not, see |
| 17 | <https://www.gnu.org/licenses/>. */ |
| 18 | |
| 19 | #include <support/namespace.h> |
| 20 | |
| 21 | #include <net/if.h> |
| 22 | #include <sched.h> |
| 23 | #include <stdio.h> |
| 24 | #include <string.h> |
| 25 | #include <support/check.h> |
| 26 | #include <support/xsocket.h> |
| 27 | #include <support/xunistd.h> |
| 28 | #include <sys/ioctl.h> |
| 29 | #include <unistd.h> |
| 30 | |
| 31 | static bool in_uts_namespace; |
| 32 | |
| 33 | bool |
| 34 | support_enter_network_namespace (void) |
| 35 | { |
| 36 | #ifdef CLONE_NEWUTS |
| 37 | if (unshare (CLONE_NEWUTS) == 0) |
| 38 | in_uts_namespace = true; |
| 39 | else |
| 40 | printf ("warning: unshare (CLONE_NEWUTS) failed: %m\n"); |
| 41 | #endif |
| 42 | |
| 43 | #ifdef CLONE_NEWNET |
| 44 | if (unshare (CLONE_NEWNET) == 0) |
| 45 | { |
| 46 | /* Bring up the loopback interface. */ |
| 47 | int fd = xsocket (AF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0); |
| 48 | struct ifreq req; |
| 49 | strcpy (req.ifr_name, "lo"); |
| 50 | TEST_VERIFY_EXIT (ioctl (fd, SIOCGIFFLAGS, &req) == 0); |
| 51 | bool already_up = req.ifr_flags & IFF_UP; |
| 52 | if (already_up) |
| 53 | /* This means that we likely have not achieved isolation from |
| 54 | the parent namespace. */ |
| 55 | printf ("warning: loopback interface already exists" |
| 56 | " in new network namespace\n"); |
| 57 | else |
| 58 | { |
| 59 | req.ifr_flags |= IFF_UP | IFF_RUNNING; |
| 60 | TEST_VERIFY_EXIT (ioctl (fd, SIOCSIFFLAGS, &req) == 0); |
| 61 | } |
| 62 | xclose (fd); |
| 63 | |
| 64 | return !already_up; |
| 65 | } |
| 66 | #endif |
| 67 | printf ("warning: could not enter network namespace\n"); |
| 68 | return false; |
| 69 | } |
| 70 | |
| 71 | bool |
| 72 | support_in_uts_namespace (void) |
| 73 | { |
| 74 | return in_uts_namespace; |
| 75 | } |
| 76 |
Generated on 2022-Feb-09 from project glibc
Powered by 
Code Browser 2.1
Generator usage only permitted with license.