On Thu, Jan 23, 2025 at 09:05:48AM +0100, Stefano Brivio wrote:
> There might be reasons to have routes on the loopback interface, for
> example Any-IP/AnyIP routes as implemented by Linux kernel commit
> ab79ad14a2d5 ("ipv6: Implement Any-IP support for IPv6.").
> 
> If we use the loopback interface as a template, though, we'll pick
> 'lo' (typically) as interface name for our tap interface, but we'll
> already have an interface called 'lo' in the target namespace, and as
> we TUNSETIFF on it, we'll fail with EINVAL, because it's not a tap
> interface.
> 
> Skip the loopback interface while looking for a template interface or,
> more accurately, skip the interface with index 1.
> 
> Strictly speaking, we should fetch interface flags via RTM_GETLINK
> instead, and check for IFF_LOOPBACK, but interleaving that request
> while we're iterating over routes is unnecessarily complicated.
> 
> Link: https://www.reddit.com/r/podman/comments/1i6pj7u/starting_pod_without_external_network/
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  netlink.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/netlink.c b/netlink.c
> index 0407692..37d8b5b 100644
> --- a/netlink.c
> +++ b/netlink.c
> @@ -297,6 +297,10 @@ unsigned int nl_get_ext_if(int s, sa_family_t af)
>  		if (!thisifi)
>  			continue; /* No interface for this route */
>  
> +		/* Skip 'lo': we should test IFF_LOOPBACK, but keep it simple */
> +		if (thisifi == 1)
> +			continue;
> +
>  		/* Skip routes to link-local addresses */
>  		if (af == AF_INET && dst &&
>  		    IN4_IS_PREFIX_LINKLOCAL(dst, rtm->rtm_dst_len))

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson