aboutgitcodebugslistschat
path: root/contrib/selinux/passt.fc
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2023-08-15 13:51:29 +1000
committerStefano Brivio <sbrivio@redhat.com>2023-08-16 08:10:04 +0200
commitda0aeb9080c9d2e39b2ff600a9b2b03046ac219d (patch)
tree9565c11f6c4614c575988ddb0f7b6c0de5274278 /contrib/selinux/passt.fc
parentb4f8ffd5c4b9afee50bbc8b0003ee7d5d618d048 (diff)
downloadpasst-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar.gz
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar.bz2
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar.lz
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar.xz
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.tar.zst
passt-da0aeb9080c9d2e39b2ff600a9b2b03046ac219d.zip
netlink: Don't propagate host address expiry to the container
When we copy addresses from the host to the container in nl_addr_dup(), we copy all the address's attributes, including IFA_CACHEINFO, which controls the address's lifetime. If the host address is managed by, for example, DHCP, it will typically have a finite lifetime. When we copy that lifetime to the pasta container, that lifetime will remain, meaning the kernel will eventually remove the address, typically some hours later. The container, however, won't have the DHCP client or whatever was managing and maintaining the address in the host, so it will just lose connectivity. Long term, we may want to monitor host address changes and reflect them to the guest. But for now, we just want to take a snapshot of the host's address and set those in the container permanently. We can accomplish that by stripping off the IFA_CACHEINFO attribute as we copy addresses. Link: https://github.com/containers/podman/issues/19405 Link: https://bugs.passt.top/show_bug.cgi?id=70 Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'contrib/selinux/passt.fc')
0 files changed, 0 insertions, 0 deletions