From 93b61e0f0753d6fd89698d1aaf4948b326140eff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Sat, 21 May 2022 09:17:34 +0200 Subject: [PATCH] network: Add FFI_NO_PI to the netlink flags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adding FFI_NO_PI to the netlink flags causes no harm to the supported and tested hypervisors as when opening the device by its name Cloud Hypervisor[0], Firecracker[1], and QEMU[2] do set the flag already. However, when receiving the file descriptor of an opened tutap device Cloud Hypervisor is not able to set the flag, leaving the guest without connectivity. To avoid such an issue, let's simply add the FFI_NO_PI flag to the netlink flags and ensure, from our side, that the VMMs don't have to set it on their side when dealing with an already opened tuntap device. Note that there's a PR opened[3] just for testing that this change doesn't cause any breakage. [0]: https://github.com/cloud-hypervisor/cloud-hypervisor/blob/e52175c2ab6a7e000b2f8f4aafa73ce4e0582a6e/net_util/src/tap.rs#L129 [1]: https://github.com/firecracker-microvm/firecracker/blob/b6d6f712131e4e746f603c4562de7fea8a318a02/src/devices/src/virtio/net/tap.rs#L126 [2]: https://github.com/qemu/qemu/blob/3757b0d08b399c609954cf57f273b1167e5d7a8d/net/tap-linux.c#L54 [3]: https://github.com/kata-containers/kata-containers/pull/4292 Signed-off-by: Fabiano FidĂȘncio --- src/runtime/virtcontainers/network_linux.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime/virtcontainers/network_linux.go b/src/runtime/virtcontainers/network_linux.go index c4f2380e5..f8456a497 100644 --- a/src/runtime/virtcontainers/network_linux.go +++ b/src/runtime/virtcontainers/network_linux.go @@ -408,7 +408,7 @@ func createLink(netHandle *netlink.Handle, name string, expectedLink netlink.Lin switch expectedLink.Type() { case (&netlink.Tuntap{}).Type(): - flags := netlink.TUNTAP_VNET_HDR + flags := netlink.TUNTAP_VNET_HDR | netlink.TUNTAP_NO_PI if queues > 0 { flags |= netlink.TUNTAP_MULTI_QUEUE_DEFAULTS }