From 42c09422e7bdd94b067bc844076a9abce5296070 Mon Sep 17 00:00:00 2001 From: zhangyaqi Date: Fri, 24 May 2024 16:37:14 +0800 Subject: [PATCH] exec in child process if setup fails --- ...exec-in-child-process-if-setup-fails.patch | 58 +++++++++++++++++++ iproute.spec | 9 ++- 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 backport-exit-exec-in-child-process-if-setup-fails.patch diff --git a/backport-exit-exec-in-child-process-if-setup-fails.patch b/backport-exit-exec-in-child-process-if-setup-fails.patch new file mode 100644 index 0000000..1fed82c --- /dev/null +++ b/backport-exit-exec-in-child-process-if-setup-fails.patch @@ -0,0 +1,58 @@ +From 70ba338cd8314410380b8bdae9e5f302e8e98039 Mon Sep 17 00:00:00 2001 +From: Yedaya Katsman +Date: Tue, 23 Apr 2024 21:38:20 +0300 +Subject: ip: Exit exec in child process if setup fails + +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=70ba338cd8314410380b8bdae9e5f302e8e98039 + +If we forked, returning from the function will make the calling code to +continue in both the child and parent process. Make cmd_exec exit if +setup failed and it forked already. + +An example of issues this causes, where a failure in setup causes +multiple unnecessary tries: + +``` +$ ip netns +ef +ab +$ ip -all netns exec ls + +netns: ef +setting the network namespace "ef" failed: Operation not permitted + +netns: ab +setting the network namespace "ab" failed: Operation not permitted + +netns: ab +setting the network namespace "ab" failed: Operation not permitted +``` + +Signed-off-by: Yedaya Katsman +Signed-off-by: Stephen Hemminger +--- + lib/exec.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/exec.c b/lib/exec.c +index 9b1c8f4..5bd3e2d 100644 +--- a/lib/exec.c ++++ b/lib/exec.c +@@ -36,8 +36,13 @@ int cmd_exec(const char *cmd, char **argv, bool do_fork, + } + } + +- if (setup && setup(arg)) ++ if (setup && setup(arg)) { ++ if (do_fork) { ++ /* In child, nothing to do */ ++ _exit(1); ++ } + return -1; ++ } + + if (execvp(cmd, argv) < 0) + fprintf(stderr, "exec of \"%s\" failed: %s\n", +-- +2.27.0 + diff --git a/iproute.spec b/iproute.spec index 539eca0..3e0d2b5 100644 --- a/iproute.spec +++ b/iproute.spec @@ -2,7 +2,7 @@ Name: iproute Version: 5.15.0 Epoch: 1 -Release: 17 +Release: 18 Summary: Linux network configuration utilities License: GPLv2+ and Public Domain URL: https://kernel.org/pub/linux/utils/net/iproute2/ @@ -58,6 +58,7 @@ Patch6041: backport-ss-change-aafilter-port-from-int-to-long-inode-support. Patch6042: backport-ss-Fix-socket-type-check-in-packet_show_line.patch Patch6043: backport-ss-print-unix-socket-ports-as-unsigned-int-inode.patch Patch6044: backport-utils-fix-get_integer-logic.patch +Patch6045: backport-exit-exec-in-child-process-if-setup-fails.patch Patch9000: feature-iproute-add-support-for-ipvlan-l2e-mode.patch Patch9001: bugfix-iproute2-cancel-some-test-cases.patch @@ -146,6 +147,12 @@ install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a %{_mandir}/* %changelog +* Fri May 24 2024 zhangyaqi - 1:5.15.0-18 +- Type:feature +- ID:NA +- SUG:NA +- DESC:Exit exec in child process if setup fails + * Wed Jan 10 2024 liubo - 1:5.15.0-17 - Type:bugfix - ID:NA -- Gitee