Re: [PATCH v3 06/11] pasta: Extract pasta_ns_conf_ip4/6() to reduce nesting

On Fri, Jan 30, 2026 at 04:44:42PM -0500, Jon Maloy wrote:

Extract the IPv4 and IPv6 namespace configuration code from pasta_ns_conf() into separate static functions. This reduces indentation depth and prepares for adding multi-address support.

No functional change.

This seems fine in isolation, but I think it moves in the wrong direction in context. With the unified address array, we want to step through and set all the addresses in a single pass - this kind of works against that.

Signed-off-by: Jon Maloy --- pasta.c | 182 ++++++++++++++++++++++++++++++-------------------------- 1 file changed, 96 insertions(+), 86 deletions(-)

diff --git a/pasta.c b/pasta.c index 08f35f4..de0ba14 100644 --- a/pasta.c +++ b/pasta.c @@ -303,6 +303,98 @@ void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid, die_perror("Failed to join network namespace"); }

+/** + * pasta_ns_conf_ip4() - Configure IPv4 in namespace + * @c: Execution context + */ +static void pasta_ns_conf_ip4(struct ctx *c) +{ + int rc = 0; + + if (c->ip4.no_copy_addrs) { + struct inany_addr_entry *e = first_v4(c); + + rc = nl_addr_set(nl_sock_ns, c->pasta_ifi, AF_INET, + inany_v4(&e->addr), e->prefix_len - 96); + } else { + rc = nl_addr_dup(nl_sock, c->ifi4, + nl_sock_ns, c->pasta_ifi, AF_INET); + } + + if (rc < 0) { + die("Couldn't set IPv4 address(es) in namespace: %s", + strerror_(-rc)); + } + + if (c->ip4.no_copy_routes) { + rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi, + AF_INET, &c->ip4.guest_gw); + } else { + rc = nl_route_dup(nl_sock, c->ifi4, nl_sock_ns, + c->pasta_ifi, AF_INET); + } + + if (rc < 0) { + die("Couldn't set IPv4 route(s) in guest: %s", + strerror_(-rc)); + } +} + +/** + * pasta_ns_conf_ip6() - Configure IPv6 in namespace + * @c: Execution context + */ +static void pasta_ns_conf_ip6(struct ctx *c) +{ + struct inany_addr_entry *e; + int rc = 0; + + rc = nl_addr_get_ll(nl_sock_ns, c->pasta_ifi, &c->ip6.addr_ll_seen); + if (rc < 0) { + warn("Can't get LL address from namespace: %s", + strerror_(-rc)); + } + + rc = nl_addr_set_ll_nodad(nl_sock_ns, c->pasta_ifi); + if (rc < 0) { + warn("Can't set nodad for LL in namespace: %s", + strerror_(-rc)); + } + + /* We dodged DAD: re-enable neighbour solicitations */ + nl_link_set_flags(nl_sock_ns, c->pasta_ifi, 0, IFF_NOARP); + + if (c->ip6.no_copy_addrs) { + e = first_v6(c); + + if (e && !IN6_IS_ADDR_UNSPECIFIED(&e->addr.a6)) { + rc = nl_addr_set(nl_sock_ns, c->pasta_ifi, + AF_INET6, &e->addr.a6, 64); + } + } else { + rc = nl_addr_dup(nl_sock, c->ifi6, + nl_sock_ns, c->pasta_ifi, AF_INET6); + } + + if (rc < 0) { + die("Couldn't set IPv6 address(es) in namespace: %s", + strerror_(-rc)); + } + + if (c->ip6.no_copy_routes) { + rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi, + AF_INET6, &c->ip6.guest_gw); + } else { + rc = nl_route_dup(nl_sock, c->ifi6, + nl_sock_ns, c->pasta_ifi, AF_INET6); + } + + if (rc < 0) { + die("Couldn't set IPv6 route(s) in guest: %s", + strerror_(-rc)); + } +} + /** * pasta_ns_conf() - Set up loopback and tap interfaces in namespace as needed * @c: Execution context @@ -336,93 +428,11 @@ void pasta_ns_conf(struct ctx *c)

nl_link_set_flags(nl_sock_ns, c->pasta_ifi, flags, flags);

- if (c->ifi4) { - if (c->ip4.no_copy_addrs) { - struct inany_addr_entry *e = first_v4(c); - - rc = nl_addr_set(nl_sock_ns, c->pasta_ifi, - AF_INET, - inany_v4(&e->addr), - e->prefix_len); - } else { - rc = nl_addr_dup(nl_sock, c->ifi4, - nl_sock_ns, c->pasta_ifi, - AF_INET); - } - - if (rc < 0) { - die("Couldn't set IPv4 address(es) in namespace: %s", - strerror_(-rc)); - } - - if (c->ip4.no_copy_routes) { - rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi, - AF_INET, - &c->ip4.guest_gw); - } else { - rc = nl_route_dup(nl_sock, c->ifi4, nl_sock_ns, - c->pasta_ifi, AF_INET); - } - - if (rc < 0) { - die("Couldn't set IPv4 route(s) in guest: %s", - strerror_(-rc)); - } - } + if (c->ifi4) + pasta_ns_conf_ip4(c);

- if (c->ifi6) { - rc = nl_addr_get_ll(nl_sock_ns, c->pasta_ifi, - &c->ip6.addr_ll_seen); - if (rc < 0) { - warn("Can't get LL address from namespace: %s", - strerror_(-rc)); - } - - rc = nl_addr_set_ll_nodad(nl_sock_ns, c->pasta_ifi); - if (rc < 0) { - warn("Can't set nodad for LL in namespace: %s", - strerror_(-rc)); - } - - /* We dodged DAD: re-enable neighbour solicitations */ - nl_link_set_flags(nl_sock_ns, c->pasta_ifi, - 0, IFF_NOARP); - - if (c->ip6.no_copy_addrs) { - struct inany_addr_entry *e = first_v6(c); - - if (e && !IN6_IS_ADDR_UNSPECIFIED(&e->addr.a6)) { - rc = nl_addr_set(nl_sock_ns, - c->pasta_ifi, - AF_INET6, - &e->addr.a6, 64); - } - } else { - rc = nl_addr_dup(nl_sock, c->ifi6, - nl_sock_ns, c->pasta_ifi, - AF_INET6); - } - - if (rc < 0) { - die("Couldn't set IPv6 address(es) in namespace: %s", - strerror_(-rc)); - } - - if (c->ip6.no_copy_routes) { - rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi, - AF_INET6, - &c->ip6.guest_gw); - } else { - rc = nl_route_dup(nl_sock, c->ifi6, - nl_sock_ns, c->pasta_ifi, - AF_INET6); - } - - if (rc < 0) { - die("Couldn't set IPv6 route(s) in guest: %s", - strerror_(-rc)); - } - } + if (c->ifi6) + pasta_ns_conf_ip6(c); }

proto_update_l2_buf(c->guest_mac); -- 2.52.0

-- David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson