Add support for forcing a private network namespace for LXC guests

If no <interface> elements are included in an LXC guest XML
description, then the LXC guest will just see the host's
network interfaces. It is desirable to be able to hide the
host interfaces, without having to define any guest interfaces.

This patch introduces a new feature flag <privnet/> to allow
forcing of a private network namespace for LXC. In the future
I also anticipate that we will add <privuser/> to force a
private user ID namespace.

* src/conf/domain_conf.c, src/conf/domain_conf.h: Add support
  for <privnet/> feature. Auto-set <privnet> if any <interface>
  devices are defined
* src/lxc/lxc_container.c: Honour request for private network
  namespace

docs/formatdomain.html.in

@@ -897,6 +897,7 @@
     <acpi/>
     <apic/>
     <hap/>
+    <privnet/>
   </features>
   ...</pre>
 
@@ -924,6 +925,12 @@
       <dd>Enable Viridian hypervisor extensions for paravirtualizing
         guest operating systems
       </dd>
+      <dt><code>privnet</code></dt>
+      <dd>Always create a private network namespace. This is
+        automatically set if any interface devices are defined.
+        This feature is only relevant for container based
+        virtualization drivers, such as LXC.
+      </dd>
     </dl>
 
     <h3><a name="elementsTime">Time keeping</a></h3>

docs/schemas/domaincommon.rng

@@ -2632,6 +2632,11 @@
               <empty/>
             </element>
           </optional>
+          <optional>
+            <element name="privnet">
+              <empty/>
+            </element>
+          </optional>
         </interleave>
       </element>
     </optional>

src/conf/domain_conf.c

@@ -106,7 +106,8 @@ VIR_ENUM_IMPL(virDomainFeature, VIR_DOMAIN_FEATURE_LAST,
               "apic",
               "pae",
               "hap",
-              "viridian")
+              "viridian",
+              "privnet")
 
 VIR_ENUM_IMPL(virDomainLifecycle, VIR_DOMAIN_LIFECYCLE_LAST,
               "destroy",

src/conf/domain_conf.h

@@ -1298,6 +1298,7 @@ enum virDomainFeature {
     VIR_DOMAIN_FEATURE_PAE,
     VIR_DOMAIN_FEATURE_HAP,
     VIR_DOMAIN_FEATURE_VIRIDIAN,
+    VIR_DOMAIN_FEATURE_PRIVNET,
 
     VIR_DOMAIN_FEATURE_LAST
 };

src/lxc/lxc_container.c

@@ -261,7 +261,8 @@ int lxcContainerWaitForContinue(int control)
  *
  * Returns 0 on success or nonzero in case of error
  */
-static int lxcContainerRenameAndEnableInterfaces(unsigned int nveths,
+static int lxcContainerRenameAndEnableInterfaces(bool privNet,
+                                                 unsigned int nveths,
                                                  char **veths)
 {
     int rc = 0;
@@ -289,7 +290,7 @@ static int lxcContainerRenameAndEnableInterfaces(unsigned int nveths,
     }
 
     /* enable lo device only if there were other net devices */
-    if (veths)
+    if (veths || privNet)
         rc = virNetDevSetOnline("lo", true);
 
 error_out:
@@ -1343,7 +1344,9 @@ static int lxcContainerChild( void *data )
     VIR_DEBUG("Received container continue message");
 
     /* rename and enable interfaces */
-    if (lxcContainerRenameAndEnableInterfaces(argv->nveths,
+    if (lxcContainerRenameAndEnableInterfaces(!!(vmDef->features &
+                                                 (1 << VIR_DOMAIN_FEATURE_PRIVNET)),
+                                              argv->nveths,
                                               argv->veths) < 0) {
         goto cleanup;
     }
@@ -1458,7 +1461,8 @@ int lxcContainerStart(virDomainDefPtr def,
         cflags |= CLONE_NEWUSER;
     }
 
-    if (def->nets != NULL) {
+    if (def->nets != NULL ||
+        (def->features & (1 << VIR_DOMAIN_FEATURE_PRIVNET))) {
         VIR_DEBUG("Enable network namespaces");
         cflags |= CLONE_NEWNET;
     }