From 2ba6845a6ed27fdb49a43a1b0d03017745008a6b Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Sun, 19 Apr 2015 09:12:37 +0200
Subject: [PATCH] platform/test: unshare the netns namespace so that root tests
 don't mess with the system

Mount a private sysfs instance. Otherwise gudev sees the devices from the
parent netns as opposed to our netns.

We do, however need a writable /sys/devices subtree for testing the bridge
code. There doesn't seem to be any other way to get a writable subtree of a
read-only filesystem than remounting it with no parameters after the initial
mount. We use this to get a writable sysfs instance and then bindmount it so
that it fits properly in the sysfs hierarchy.

Co-Authored-By: Thomas Haller <thaller@redhat.com>
(cherry picked from commit d6aef9c188468224d6e1dd670844c3f0e7482c35)
---
 src/platform/tests/test-common.c | 38 ++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/src/platform/tests/test-common.c b/src/platform/tests/test-common.c
index 09fd4bed8b..21773133ee 100644
--- a/src/platform/tests/test-common.c
+++ b/src/platform/tests/test-common.c
@@ -1,5 +1,8 @@
 #include "config.h"
 
+#include <sys/mount.h>
+#include <sched.h>
+
 #include "test-common.h"
 
 #include "nm-test-utils.h"
@@ -296,6 +299,41 @@ main (int argc, char **argv)
 #endif
 	}
 
+	if (nmtst_platform_is_root_test () && !g_getenv ("NMTST_NO_UNSHARE")) {
+		int errsv;
+
+		if (unshare (CLONE_NEWNET | CLONE_NEWNS) != 0) {
+			errsv = errno;
+			g_error ("unshare(CLONE_NEWNET|CLONE_NEWNS) failed with %s (%d)", strerror (errsv), errsv);
+		}
+
+		/* Mount our /sys instance, so that gudev sees only our devices.
+		 * Needs to be read-only, because we don't run udev. */
+		if (mount (NULL, "/sys", NULL, MS_SLAVE, NULL) != 0) {
+			errsv = errno;
+			g_error ("mount(\"/\", MS_SLAVE) failed with %s (%d)", strerror (errsv), errsv);
+		}
+		if (mount ("sys", "/sys", "sysfs", MS_RDONLY, NULL) != 0) {
+			errsv = errno;
+			g_error ("mount(\"/sys\") failed with %s (%d)", strerror (errsv), errsv);
+		}
+
+		/* Create a writable /sys/devices tree. This makes it possible to run tests
+		 * that modify values via sysfs (such as bridge forward delay). */
+		if (mount ("sys", "/sys/devices", "sysfs", 0, NULL) != 0) {
+			errsv = errno;
+			g_error ("mount(\"/sys/devices\") failed with %s (%d)", strerror (errsv), errsv);
+		}
+		if (mount (NULL, "/sys/devices", "sysfs", MS_REMOUNT, NULL) != 0) {
+			errsv = errno;
+			g_error ("remount(\"/sys/devices\") failed with  %s (%d)", strerror (errsv), errsv);
+		}
+		if (mount ("/sys/devices/devices", "/sys/devices", NULL, MS_BIND, NULL) != 0) {
+			errsv = errno;
+			g_error ("mount(\"/sys\") failed with %s (%d)", strerror (errsv), errsv);
+		}
+	}
+
 	SETUP ();
 
 	setup_tests ();