[PATCH v3 06/11] pasta: Extract pasta_ns_conf_ip4/6() to reduce nesting

30 Jan 2026

Extract the IPv4 and IPv6 namespace configuration code from
pasta_ns_conf() into separate static functions. This reduces
indentation depth and prepares for adding multi-address support.

No functional change.

Signed-off-by: Jon Maloy 
---
 pasta.c | 182 ++++++++++++++++++++++++++++++--------------------------
 1 file changed, 96 insertions(+), 86 deletions(-)

diff --git a/pasta.c b/pasta.c
index 08f35f4..de0ba14 100644
--- a/pasta.c
+++ b/pasta.c
@@ -303,6 +303,98 @@ void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid,
 		die_perror("Failed to join network namespace");
 }
 
+/**
+ * pasta_ns_conf_ip4() - Configure IPv4 in namespace
+ * @c:		Execution context
+ */
+static void pasta_ns_conf_ip4(struct ctx *c)
+{
+	int rc = 0;
+
+	if (c->ip4.no_copy_addrs) {
+		struct inany_addr_entry *e = first_v4(c);
+
+		rc = nl_addr_set(nl_sock_ns, c->pasta_ifi, AF_INET,
+				 inany_v4(&e->addr), e->prefix_len - 96);
+	} else {
+		rc = nl_addr_dup(nl_sock, c->ifi4,
+				 nl_sock_ns, c->pasta_ifi, AF_INET);
+	}
+
+	if (rc < 0) {
+		die("Couldn't set IPv4 address(es) in namespace: %s",
+		    strerror_(-rc));
+	}
+
+	if (c->ip4.no_copy_routes) {
+		rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
+				      AF_INET, &c->ip4.guest_gw);
+	} else {
+		rc = nl_route_dup(nl_sock, c->ifi4, nl_sock_ns,
+				  c->pasta_ifi, AF_INET);
+	}
+
+	if (rc < 0) {
+		die("Couldn't set IPv4 route(s) in guest: %s",
+		    strerror_(-rc));
+	}
+}
+
+/**
+ * pasta_ns_conf_ip6() - Configure IPv6 in namespace
+ * @c:		Execution context
+ */
+static void pasta_ns_conf_ip6(struct ctx *c)
+{
+	struct inany_addr_entry *e;
+	int rc = 0;
+
+	rc = nl_addr_get_ll(nl_sock_ns, c->pasta_ifi, &c->ip6.addr_ll_seen);
+	if (rc < 0) {
+		warn("Can't get LL address from namespace: %s",
+		     strerror_(-rc));
+	}
+
+	rc = nl_addr_set_ll_nodad(nl_sock_ns, c->pasta_ifi);
+	if (rc < 0) {
+		warn("Can't set nodad for LL in namespace: %s",
+		     strerror_(-rc));
+	}
+
+	/* We dodged DAD: re-enable neighbour solicitations */
+	nl_link_set_flags(nl_sock_ns, c->pasta_ifi, 0, IFF_NOARP);
+
+	if (c->ip6.no_copy_addrs) {
+		e = first_v6(c);
+
+		if (e && !IN6_IS_ADDR_UNSPECIFIED(&e->addr.a6)) {
+			rc = nl_addr_set(nl_sock_ns, c->pasta_ifi,
+					 AF_INET6, &e->addr.a6, 64);
+		}
+	} else {
+		rc = nl_addr_dup(nl_sock, c->ifi6,
+				 nl_sock_ns, c->pasta_ifi, AF_INET6);
+	}
+
+	if (rc < 0) {
+		die("Couldn't set IPv6 address(es) in namespace: %s",
+		    strerror_(-rc));
+	}
+
+	if (c->ip6.no_copy_routes) {
+		rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
+				      AF_INET6, &c->ip6.guest_gw);
+	} else {
+		rc = nl_route_dup(nl_sock, c->ifi6,
+				  nl_sock_ns, c->pasta_ifi, AF_INET6);
+	}
+
+	if (rc < 0) {
+		die("Couldn't set IPv6 route(s) in guest: %s",
+		    strerror_(-rc));
+	}
+}
+
 /**
  * pasta_ns_conf() - Set up loopback and tap interfaces in namespace as needed
  * @c:		Execution context
@@ -336,93 +428,11 @@ void pasta_ns_conf(struct ctx *c)
 
 		nl_link_set_flags(nl_sock_ns, c->pasta_ifi, flags, flags);
 
-		if (c->ifi4) {
-			if (c->ip4.no_copy_addrs) {
-				struct inany_addr_entry *e = first_v4(c);
-
-				rc = nl_addr_set(nl_sock_ns, c->pasta_ifi,
-						 AF_INET,
-						 inany_v4(&e->addr),
-						 e->prefix_len);
-			} else {
-				rc = nl_addr_dup(nl_sock, c->ifi4,
-						 nl_sock_ns, c->pasta_ifi,
-						 AF_INET);
-			}
-
-			if (rc < 0) {
-				die("Couldn't set IPv4 address(es) in namespace: %s",
-				    strerror_(-rc));
-			}
-
-			if (c->ip4.no_copy_routes) {
-				rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
-						      AF_INET,
-						      &c->ip4.guest_gw);
-			} else {
-				rc = nl_route_dup(nl_sock, c->ifi4, nl_sock_ns,
-						  c->pasta_ifi, AF_INET);
-			}
-
-			if (rc < 0) {
-				die("Couldn't set IPv4 route(s) in guest: %s",
-				    strerror_(-rc));
-			}
-		}
+		if (c->ifi4)
+			pasta_ns_conf_ip4(c);
 
-		if (c->ifi6) {
-			rc = nl_addr_get_ll(nl_sock_ns, c->pasta_ifi,
-					    &c->ip6.addr_ll_seen);
-			if (rc < 0) {
-				warn("Can't get LL address from namespace: %s",
-				    strerror_(-rc));
-			}
-
-			rc = nl_addr_set_ll_nodad(nl_sock_ns, c->pasta_ifi);
-			if (rc < 0) {
-				warn("Can't set nodad for LL in namespace: %s",
-				    strerror_(-rc));
-			}
-
-			/* We dodged DAD: re-enable neighbour solicitations */
-			nl_link_set_flags(nl_sock_ns, c->pasta_ifi,
-					  0, IFF_NOARP);
-
-			if (c->ip6.no_copy_addrs) {
-				struct inany_addr_entry *e = first_v6(c);
-
-				if (e && !IN6_IS_ADDR_UNSPECIFIED(&e->addr.a6)) {
-					rc = nl_addr_set(nl_sock_ns,
-							 c->pasta_ifi,
-							 AF_INET6,
-							 &e->addr.a6, 64);
-				}
-			} else {
-				rc = nl_addr_dup(nl_sock, c->ifi6,
-						 nl_sock_ns, c->pasta_ifi,
-						 AF_INET6);
-			}
-
-			if (rc < 0) {
-				die("Couldn't set IPv6 address(es) in namespace: %s",
-				    strerror_(-rc));
-			}
-
-			if (c->ip6.no_copy_routes) {
-				rc = nl_route_set_def(nl_sock_ns, c->pasta_ifi,
-						      AF_INET6,
-						      &c->ip6.guest_gw);
-			} else {
-				rc = nl_route_dup(nl_sock, c->ifi6,
-						  nl_sock_ns, c->pasta_ifi,
-						  AF_INET6);
-			}
-
-			if (rc < 0) {
-				die("Couldn't set IPv6 route(s) in guest: %s",
-				    strerror_(-rc));
-			}
-		}
+		if (c->ifi6)
+			pasta_ns_conf_ip6(c);
 	}
 
 	proto_update_l2_buf(c->guest_mac);
-- 
2.52.0

    