nl_addr() and nl_route() take an 'op' selector which affects a number of
parameters to the netlink call. Unfortunately when we introduced this
option a bug was introduced so that we always use the interface index for
the host side, rather than the one for the pasta namespace.
Really, the entire interface to nl_addr() and nl_route() is pretty bad:
it's tightly coupled with the use cases of its callers. This is a minimal
fix which doesn't address that, but also doesn't make it significantly
worse.
Bugzilla: https://bugs.passt.top/show_bug.cgi?id=59
Fixes: 2fe046185634 ("netlink: Add functionality to copy routes from outer
namespace")
Fixes: e89da3cf03b2 ("netlink: Add functionality to copy addresses from outer
namespace")
Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au>
---
netlink.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/netlink.c b/netlink.c
index bc5b2bf9..e15e23f9 100644
--- a/netlink.c
+++ b/netlink.c
@@ -226,7 +226,7 @@ void nl_route(enum nl_op op, unsigned int ifi, unsigned int ifi_ns,
.rta.rta_type = RTA_OIF,
.rta.rta_len = RTA_LENGTH(sizeof(unsigned int)),
- .ifi = ifi,
+ .ifi = op == NL_SET ? ifi_ns : ifi,
};
unsigned dup_routes = 0;
ssize_t n, nlmsgs_size;
@@ -370,7 +370,7 @@ void nl_addr(enum nl_op op, unsigned int ifi, unsigned int ifi_ns,
.nlh.nlmsg_seq = nl_seq++,
.ifa.ifa_family = af,
- .ifa.ifa_index = ifi,
+ .ifa.ifa_index = op == NL_SET ? ifi_ns : ifi,
.ifa.ifa_prefixlen = op == NL_SET ? *prefix_len : 0,
};
ssize_t n, nlmsgs_size;
--
2.41.0