From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202502 header.b=LRVWF54b;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id A194D5A062A
	for <passt-dev@passt.top>; Fri, 21 Feb 2025 09:19:47 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202502; t=1740125982;
	bh=NT0B5eqxRLDuiECYblwwHp2CLJ8+sd4IO6DQ2oFvSWs=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=LRVWF54bYGeBi7BhMdFwJ4TFjyWw9Q+d+JgN0itV+UEkCHNayVRuVNRUGSzPPe2QZ
	 pFr5cp4sP0g6TWx18bdi7deOUURoMs4uKRuWvvF0cPmifiegbM4OMZwKHnbxl7I2/O
	 Tqq2W+lFwrTrEPJRwUtxZ4YfsRB7pQGPEJPCf8XycPYlz/AQPZpROfZ7IUMVx7Pfzr
	 AOnJMEHq49qCMbV4W7erXjh61ds8DBZ+o3J1HedXeyCmEbpPYWwJKVg4Ef22I1Zslj
	 9IC9yiv8sugMVZor7xGh36WD+qVwZubUdOl3HmiqLKlN9z0XWR7bIHB60WPxgI106z
	 bTAnKW9RdJaSg==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4YzjjB6bkBz4wyl; Fri, 21 Feb 2025 19:19:42 +1100 (AEDT)
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>,
	passt-dev@passt.top
Subject: [PATCH 2/4] passt-repair: Consistently avoid strerror()
Date: Fri, 21 Feb 2025 17:50:08 +1100
Message-ID: <20250221065010.3681262-3-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <20250221065010.3681262-1-david@gibson.dropbear.id.au>
References: <20250221065010.3681262-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: RGVRK5DPQ43IKZVEJ77C5DPIMHKC6XP7
X-Message-ID-Hash: RGVRK5DPQ43IKZVEJ77C5DPIMHKC6XP7
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20250221065010.3681262-3-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/RGVRK5DPQ43IKZVEJ77C5DPIMHKC6XP7/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

In a0b7f56b3a3c ("passt-repair: Don't use perror(), accept ECONNRESET as
termination") we altered passt-repair to avoid perror() since the glibc
version used a number of syscalls we didn't really want to add to our
seccomp filter.  We replaced the perror() calls with explicit messages just
printing the errno.

However, there are a number of other places we still explicitly use
strerror(errno).  As we discovered in passt, at least the glibc version is
rather more complex than you'd expect since it deals with locales.  Since
passt-repair is supposed to be minimal, and might be suid we want to avoid
this.

Consistently avoid strerror() with the help of a new ie_errno() macro which
prints errno as an integer instead.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 passt-repair.c | 27 ++++++++++++++++-----------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/passt-repair.c b/passt-repair.c
index d785cd16..3c358e27 100644
--- a/passt-repair.c
+++ b/passt-repair.c
@@ -24,7 +24,6 @@
 #include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
 #include <limits.h>
 #include <unistd.h>
 #include <netdb.h>
@@ -47,6 +46,14 @@
 		_exit(status);			\
 	} while (0)
 
+#define die_errno(...)					\
+	do {						\
+		int err_ = errno;			\
+		fprintf(stderr, __VA_ARGS__);		\
+		fprintf(stderr, ": %d\n", err_);	\
+		_exit(1);				\
+	} while (0)
+
 /**
  * main() - Entry point and whole program with loop
  * @argc:	Argument count, must be 2
@@ -80,7 +87,7 @@ int main(int argc, char **argv)
 	prog.filter = filter_repair;
 	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) ||
 	    prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog))
-		die(1, "Failed to apply seccomp filter");
+		die_errno("Failed to apply seccomp filter");
 
 	iov = (struct iovec){ &cmd, sizeof(cmd) };
 	msg = (struct msghdr){ .msg_name = NULL, .msg_namelen = 0,
@@ -98,12 +105,10 @@ int main(int argc, char **argv)
 		die(2, "Invalid socket path: %s", argv[1]);
 
 	if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
-		die(1, "Failed to create AF_UNIX socket: %i", errno);
+		die_errno("Failed to create AF_UNIX socket");
 
-	if (connect(s, (struct sockaddr *)&a, sizeof(a))) {
-		die(1, "Failed to connect to %s: %s", argv[1],
-		    strerror(errno));
-	}
+	if (connect(s, (struct sockaddr *)&a, sizeof(a)))
+		die_errno("Failed to connect to %s", argv[1]);
 
 loop:
 	ret = recvmsg(s, &msg, 0);
@@ -111,7 +116,7 @@ loop:
 		if (errno == ECONNRESET)
 			ret = 0;
 		else
-			die(1, "Failed to read message: %i", errno);
+			die_errno("Failed to read message");
 	}
 
 	if (!ret)	/* Done */
@@ -147,8 +152,8 @@ loop:
 
 	for (i = 0; i < n; i++) {
 		if (setsockopt(fds[i], SOL_TCP, TCP_REPAIR, &op, sizeof(op))) {
-			die(1, "Setting TCP_REPAIR to %i on socket %i: %s",
-			    op, fds[i], strerror(errno));
+			die_errno("Setting TCP_REPAIR to %i on socket %i",
+				   op, fds[i]);
 		}
 
 		/* Close _our_ copy */
@@ -157,7 +162,7 @@ loop:
 
 	/* Confirm setting by echoing the command back */
 	if (send(s, &cmd, sizeof(cmd), 0) < 0)
-		die(1, "Reply to %i: %s", op, strerror(errno));
+		die_errno("Reply to %i", op);
 
 	goto loop;
 
-- 
2.48.1