ipld-eth-server/vendor/github.com/aristanetworks/goarista/netns/netns.go

99 lines
3.0 KiB
Go
Raw Normal View History

// Copyright (c) 2016 Arista Networks, Inc.
// Use of this source code is governed by the Apache License 2.0
// that can be found in the COPYING file.
// Package netns provides a utility function that allows a user to
// perform actions in a different network namespace
package netns
import (
"fmt"
"os"
"runtime"
)
const (
netNsRunDir = "/var/run/netns/"
selfNsFile = "/proc/self/ns/net"
)
// Callback is a function that gets called in a given network namespace.
// The user needs to check any errors from any calls inside this function.
type Callback func() error
// File descriptor interface so we can mock for testing
type handle interface {
close() error
fd() int
}
// The file descriptor associated with a network namespace
type nsHandle int
// setNsByName wraps setNs, allowing specification of the network namespace by name.
// It returns the file descriptor mapped to the given network namespace.
func setNsByName(nsName string) error {
netPath := netNsRunDir + nsName
handle, err := getNs(netPath)
if err != nil {
return fmt.Errorf("Failed to getNs: %s", err)
}
err = setNs(handle)
handle.close()
if err != nil {
return fmt.Errorf("Failed to setNs: %s", err)
}
return nil
}
// Do takes a function which it will call in the network namespace specified by nsName.
// The goroutine that calls this will lock itself to its current OS thread, hop
// namespaces, call the given function, hop back to its original namespace, and then
// unlock itself from its current OS thread.
// Do returns an error if an error occurs at any point besides in the invocation of
// the given function, or if the given function itself returns an error.
//
// The callback function is expected to do something simple such as just
// creating a socket / opening a connection, and you should not kick off any
// complex logic from the callback or call any complicated code or create any
// new goroutine from the callback. The callback should not panic or use defer.
// The behavior of this function is undefined if the callback doesn't conform
// these demands.
//go:nosplit
func Do(nsName string, cb Callback) error {
// If destNS is empty, the function is called in the caller's namespace
if nsName == "" {
return cb()
}
// Get the file descriptor to the current namespace
currNsFd, err := getNs(selfNsFile)
if os.IsNotExist(err) {
return fmt.Errorf("File descriptor to current namespace does not exist: %s", err)
} else if err != nil {
return fmt.Errorf("Failed to open %s: %s", selfNsFile, err)
}
runtime.LockOSThread()
// Jump to the new network namespace
if err := setNsByName(nsName); err != nil {
runtime.UnlockOSThread()
currNsFd.close()
return fmt.Errorf("Failed to set the namespace to %s: %s", nsName, err)
}
// Call the given function
cbErr := cb()
// Come back to the original namespace
if err = setNs(currNsFd); err != nil {
cbErr = fmt.Errorf("Failed to return to the original namespace: %s (callback returned %v)",
err, cbErr)
}
runtime.UnlockOSThread()
currNsFd.close()
return cbErr
}