From 27b0f04013091554b0c7f5e773037999337f4f50 Mon Sep 17 00:00:00 2001
From: Doug Rabson <dfr@rabson.org>
Date: Sun, 10 Dec 2023 08:28:24 +0000
Subject: [PATCH] pkg/ocicni: Use 'ifconfig -j' to access jail network state

The use of 'jexec' for this requires a compatible ifconfig binary inside
the jail which owns the network state and using 'ifconfig -j' lets us
merge the jail which owns the pod network with the infra container.

This also fixes some parsing bugs in getContainerDetails which were not
noticed before since most of the time we get the information from cni's
CheckNetworkList.

Signed-off-by: Doug Rabson <dfr@rabson.org>
---
 pkg/ocicni/util_freebsd.go | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/pkg/ocicni/util_freebsd.go b/pkg/ocicni/util_freebsd.go
index 57ef2fba..040901dc 100644
--- a/pkg/ocicni/util_freebsd.go
+++ b/pkg/ocicni/util_freebsd.go
@@ -10,23 +10,24 @@ import (
 	"strings"
 )
 
-var defaultJexecCommandName = "jexec"
-
 type nsManager struct {
-	jexecPath string
 }
 
 func (nsm *nsManager) init() error {
 	var err error
-	nsm.jexecPath, err = exec.LookPath(defaultJexecCommandName)
 	return err
 }
 
 func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType string) (*net.IPNet, *net.HardwareAddr, error) {
 	// Try to retrieve ip inside container network namespace
+	if addrType == "-4" {
+		addrType = "inet"
+	} else {
+		addrType = "inet6"
+	}
 	output, err := exec.Command(
-		nsm.jexecPath, netnsJailName,
-		"ifconfig", "-f", "inet:cidr,inet6:cidr",
+		"ifconfig", "-j", netnsJailName,
+		"-f", "inet:cidr,inet6:cidr",
 		interfaceName,
 		addrType).CombinedOutput()
 	if err != nil {
@@ -38,7 +39,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 		return nil, nil, fmt.Errorf("Unexpected command output %s", output)
 	}
 	fields := strings.Fields(strings.TrimSpace(lines[2]))
-	if len(fields) < 4 {
+	if len(fields) < 2 {
 		return nil, nil, fmt.Errorf("Unexpected address output %s ", lines[0])
 	}
 	ip, ipNet, err := net.ParseCIDR(fields[1])
@@ -53,8 +54,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 
 	// Try to retrieve MAC inside container network namespace
 	output, err = exec.Command(
-		nsm.jexecPath, netnsJailName,
-		"ifconfig", "-f", "inet:cidr,inet6:cidr",
+		"ifconfig", "-j", netnsJailName, "-f", "inet:cidr,inet6:cidr",
 		interfaceName,
 		"ether").CombinedOutput()
 	if err != nil {
@@ -65,7 +65,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 	if len(lines) < 3 {
 		return nil, nil, fmt.Errorf("unexpected ifconfig command output %s", output)
 	}
-	fields = strings.Fields(strings.TrimSpace(lines[1]))
+	fields = strings.Fields(strings.TrimSpace(lines[2]))
 	if len(fields) < 2 {
 		return nil, nil, fmt.Errorf("unexpected ether output %s ", lines[0])
 	}
@@ -78,7 +78,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 }
 
 func bringUpLoopback(netns string) error {
-	if err := exec.Command("jexec", netns, "ifconfig", "lo0", "inet", "127.0.0.1").Run(); err != nil {
+	if err := exec.Command("ifconfig", "-j", netns, "lo0", "inet", "127.0.0.1").Run(); err != nil {
 		return fmt.Errorf("failed to initialize loopback: %w", err)
 	}
 	return nil