From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202512 header.b=QFEZQzTv;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 4F8735A0626
	for <passt-dev@passt.top>; Wed, 10 Dec 2025 06:15:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202512; t=1765343754;
	bh=NLzWiM6rH2j5LXRmRzlyiIqm2AR+oOHmoJILdGiVBuo=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=QFEZQzTvGILKzHUPkXx/gaS/t/9i3F7rtVMJfou3L/oz51FIGUZjf9RaKThdTGj9R
	 LvUUiBAiVBNUo9D/FHTxxcaFhkZa7QciyX00tdTpiftBOxPO4v8Xv/h+kBogxDFU22
	 3k7GspTiRbuNKLrtGYcCmI3P/WGzN+qe+y/Kwbtw7idrTRSpkLNyy8xWn9qmmgcG40
	 96reFjP0Fr03bUNU8/PnlTmxUb8zo3hkuIwnMGoqgJY9hWa7IZsp3SEuEvIQ+tw2pN
	 5WHURIG6eoJWFiV85zkYIG440AeQoNozB8OXGHN5p8WHJ5Chy6eQGEqvn745V5l6kI
	 VcCZaV6Z+P5iA==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4dR3pL1ydGz4wGT; Wed, 10 Dec 2025 16:15:54 +1100 (AEDT)
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>,
	passt-dev@passt.top
Subject: [PATCH 2/2] pasta: Clean up waiting pasta child on failures
Date: Wed, 10 Dec 2025 16:15:52 +1100
Message-ID: <20251210051552.1157177-3-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20251210051552.1157177-1-david@gibson.dropbear.id.au>
References: <20251210051552.1157177-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: GY542RC46Z5H7EZMPELN6W7HRBO3NVVS
X-Message-ID-Hash: GY542RC46Z5H7EZMPELN6W7HRBO3NVVS
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20251210051552.1157177-3-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/GY542RC46Z5H7EZMPELN6W7HRBO3NVVS/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

When pasta is invoked with a command rather than an existing namespace to
attach to, it spawns a child process to run a shell or other command.  We
create that process during conf(), since we need the namespace to exist for
much of our setup.  However, we don't want the specified command to run
until the pasta network interface is ready for use.  Therefore,
pasta_spawn_cmd() executing in the child waits before exec()ing.  main()
signals the child to continue with SIGUSR1 shortly before entering the
main forwarding loop.

This has the downside that if we exit due to any kind of failure between
conf() and the SIGUSR1, the child process will be around waiting
indefinitely.  The user must manually clean this up.

Make this cleaner, by having passt_exit() terminate the child, when called
during this window.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 passt.c | 1 +
 pasta.c | 2 ++
 pasta.h | 1 +
 util.c  | 5 +++++
 4 files changed, 9 insertions(+)

diff --git a/passt.c b/passt.c
index cf38822f..955c7091 100644
--- a/passt.c
+++ b/passt.c
@@ -431,6 +431,7 @@ int main(int argc, char **argv)
 	if (pasta_child_pid) {
 		kill(pasta_child_pid, SIGUSR1);
 		log_stderr = false;
+		pasta_child_signalled = true;
 	}
 
 	isolate_postfork(&c);
diff --git a/pasta.c b/pasta.c
index 5c693de1..8ac4511f 100644
--- a/pasta.c
+++ b/pasta.c
@@ -54,6 +54,8 @@
 
 /* PID of child, in case we created a namespace */
 int pasta_child_pid;
+/* Has the child been signalled to start a shell or command */
+bool pasta_child_signalled;
 
 /**
  * pasta_child_handler() - Exit once shell exits (if we started it), reap clones
diff --git a/pasta.h b/pasta.h
index 4b063d13..55028c74 100644
--- a/pasta.h
+++ b/pasta.h
@@ -7,6 +7,7 @@
 #define PASTA_H
 
 extern int pasta_child_pid;
+extern bool pasta_child_signalled;
 
 void pasta_open_ns(struct ctx *c, const char *netns);
 void pasta_start_ns(struct ctx *c, uid_t uid, gid_t gid,
diff --git a/util.c b/util.c
index e266c396..4744f09e 100644
--- a/util.c
+++ b/util.c
@@ -35,6 +35,7 @@
 #include "log.h"
 #include "pcap.h"
 #include "epoll_ctl.h"
+#include "pasta.h"
 #ifdef HAS_GETRANDOM
 #include <sys/random.h>
 #endif
@@ -1235,6 +1236,10 @@ void abort_with_msg(const char *fmt, ...)
  */
 void passt_exit(int status)
 {
+	/* If we're starting our own namespace, don't leave it in limbo */
+	if (pasta_child_pid && !pasta_child_signalled)
+		kill(pasta_child_pid, SIGTERM);
+
 	/* Make sure we don't leave the pcap file truncated */
 	if (pcap_fd != -1 && fsync(pcap_fd))
 		warn_perror("Failed to flush pcap file, it might be truncated");
-- 
2.52.0