From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=VHqE1X/o; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by passt.top (Postfix) with ESMTPS id E26D95A0626 for ; Fri, 16 Jan 2026 01:26:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1768523159; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jc6tuqs8mswZwU68bns8wrPv8nQn0xxHIcgUd58n8+8=; b=VHqE1X/oVbRoZ3xj7eedzZJdofmxwUuoD3Obly7S9kcsMXH223OdfYCxideJeSJLFhn8k1 NShNwYNXgDjYNrZc7496vp24D+nMW7/6cGdWPWvG9I6OWQ1C1YoHWI9oZDFdvss4qqAkMy 6f+hg1sJ52eotOmGr8kCUCi2wBVci4s= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-540-95tGFu7QPgiUq_TBKzL6iQ-1; Thu, 15 Jan 2026 19:25:58 -0500 X-MC-Unique: 95tGFu7QPgiUq_TBKzL6iQ-1 X-Mimecast-MFC-AGG-ID: 95tGFu7QPgiUq_TBKzL6iQ_1768523157 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-47ee7346f8bso8419485e9.2 for ; Thu, 15 Jan 2026 16:25:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768523157; x=1769127957; h=content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:date:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Jc6tuqs8mswZwU68bns8wrPv8nQn0xxHIcgUd58n8+8=; b=t2va+WEDBqKlZVvLdqyvbCpM+gJOuXfMKeESdLVD1PedLeKJzxMM9WVEoQfPrjzzdw CHoTGQtcklUM5tlh1M31M7lex1nQUlwErv/2hwlYP+ttRVShp0u9GOzYXcGHpTnPtljZ a3V+85+OBX8jzK6gLRADaYcx0KP/zBw/eEGo7hDsc19/SAnFOdioMcjF8B6WnJNdtjEE CeILTT39rQ2JIS+4R8HpAnSLB4cYAU7vyEprvu6QZdYZ0wDHz9CqBjXYeTiT9OaMpQlM xbd6Y1sBScJ2n/H+DCk5Wz8V/jvw+k1pv5a92dAaKvjNY/XGrpBqeeA07Lb/PAnXL2Ug /swg== X-Gm-Message-State: AOJu0YyItsnAcwUoMLcsQjW/1yHP15rvaWJKoySa3wRG0hU2g5nvNeKc zsgy90pFrz6Kzx/oZ5UYIDYcqF4lvml+Pl3lO1TVAb6YTdkn1QNxA39pJpgro4LKW+K7f2VannV H1ofj4g1Zu51JEkqNloo7PaLT74ZTfPr/zQD+NDCknywLHZ6R1m0v6AMfzV1GTQ== X-Gm-Gg: AY/fxX6kSh/Bqgwliz0QUBQZ3W1eRZTYpM4hl/uQXcvgAh/98rNGCRHnu8+G/MFMQ1V 2Db5lsLc/xZdYRXnSwvJuipRXg8EFc6tpMFMlUaV8K4ETlQU0x31SMDzO0JoyxQjoXFJ4qMJPj/ FwqvozYE2D35K0bpieERHt4rPQQzGa/uuAuRuAYt1H5khlc4xYVwKhtAj95G+wbtdFwZ/8ki4+y i+Vw7UhB5eoLBG/jW/mfFk3FIQ4R/q1+839uuUazm+V43ftTQ/Vi2bVUFwWHUiFescDYikOB53m 5CytQl8J5+p2vO/cuO8Tcj28Utq3r05XfTyTuYWxWQ+4UP3sp/rhS8efEXESV7BbibRXp4j5ks+ YJqVWjpuB+pqDazG8rb4L X-Received: by 2002:a05:6000:2511:b0:434:32a8:950f with SMTP id ffacd0b85a97d-4356a024d9fmr1046443f8f.9.1768523156950; Thu, 15 Jan 2026 16:25:56 -0800 (PST) X-Received: by 2002:a05:6000:2511:b0:434:32a8:950f with SMTP id ffacd0b85a97d-4356a024d9fmr1046425f8f.9.1768523156419; Thu, 15 Jan 2026 16:25:56 -0800 (PST) Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4356997e79asm1850427f8f.33.2026.01.15.16.25.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Jan 2026 16:25:55 -0800 (PST) Date: Fri, 16 Jan 2026 01:25:54 +0100 From: Stefano Brivio To: David Gibson Subject: Re: [PATCH v4 02/14] conf, fwd: Keep a table of our port forwarding configuration Message-ID: <20260116012554.549c4cd3@elisabeth> In-Reply-To: References: <20260115085045.3309818-1-david@gibson.dropbear.id.au> <20260115085045.3309818-3-david@gibson.dropbear.id.au> <20260116000127.6f195de5@elisabeth> Organization: Red Hat X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: BkJPowroY4pZLJ3FLP3V_ZHH5F-xzxyCXnt12S_TJtY_1768523157 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-ID-Hash: F62JOH55CPM4RYKWNAZP7UZESK5WIKYO X-Message-ID-Hash: F62JOH55CPM4RYKWNAZP7UZESK5WIKYO X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Fri, 16 Jan 2026 11:20:43 +1100 David Gibson wrote: > On Fri, Jan 16, 2026 at 12:01:27AM +0100, Stefano Brivio wrote: > > On Thu, 15 Jan 2026 19:50:33 +1100 > > David Gibson wrote: > > > > > @@ -313,6 +330,90 @@ bool fwd_port_is_ephemeral(in_port_t port) > > > return (port >= fwd_ephemeral_min) && (port <= fwd_ephemeral_max); > > > } > > > > > > +/** > > > + * fwd_rule_add() - Add a rule to a forwarding table > > > + * @fwd: Table to add to > > > + * @flags: Flags for this entry > > > + * @addr: Our address to forward (NULL for both 0.0.0.0 and ::) > > > + * @ifname: Only forward from this interface name, if non-empty > > > + * @first: First port number to forward > > > + * @last: Last port number to forward > > > + * @to: First port of target port range to map to > > > + */ > > > +void fwd_rule_add(struct fwd_ports *fwd, uint8_t flags, > > > + const union inany_addr *addr, const char *ifname, > > > + in_port_t first, in_port_t last, in_port_t to) > > > +{ > > > + /* Flags which can be set from the caller */ > > > + const uint8_t allowed_flags = FWD_WEAK; > > > + struct fwd_rule *new; > > > + unsigned port; > > > + > > > + ASSERT(!(flags & ~allowed_flags)); > > > + > > > + if (fwd->count >= ARRAY_SIZE(fwd->rules)) > > > + die("Too many port forwarding ranges"); > > > + > > > + new = &fwd->rules[fwd->count++]; > > > + new->flags = flags; > > > + > > > + if (addr) { > > > + new->addr = *addr; > > > + } else { > > > + new->addr = inany_any6; > > > + new->flags |= FWD_DUAL_STACK_ANY; > > > + } > > > + > > > + memset(new->ifname, 0, sizeof(new->ifname)); > > > + if (ifname) { > > > + if (strlen(ifname) + 1 > sizeof(new->ifname)) > > > + die("Interface name %s is too long", ifname); > > > + strncpy(new->ifname, ifname, sizeof(new->ifname)); > > > + } > > > > This looks safe to me now, but: > > > > /home/sbrivio/passt/fwd.c:394:3: > > Type: Buffer not null terminated (BUFFER_SIZE) > [snip] > > ...perhaps worth switching to the usual snprintf() approach with return > > check (see handling of c->ip4.ifname_out in conf()) and be done with it? > > Good idea, not sure why it didn't occur to me earlier. > > I've done that, and verified it fixes the coverity error (thanks for > resending the instructions for that). > > > I'd be slightly more confident if Coverity Scan didn't complain at all > > (and happier without the noise, too). > > > > Other than that, this version looks good to me. I would make a new > > release just before merging it (with this "fixed") so that we can debug > > things a bit more conveniently should something go wrong with it. > > That sounds wise. Do you want a new spin with the coverity fix? Just > this patch? Something else? Yes, thanks, a respin would be nice, so that we have a reasonable "permalink" to it, given it's a quite fundamental feature you're adding and we might want to refer to the series as posted / applied. -- Stefano