Re: [PATCH 15/18] pif: Limit pif names to IFNAMSIZ (16) bytes

[Stefano Brivio <sbrivio@redhat.com>]

On Mon, 30 Mar 2026 12:08:58 +1100
David Gibson <david@gibson.dropbear.id.au> wrote:

> On Sun, Mar 29, 2026 at 02:02:27PM +0200, Stefano Brivio wrote:
> > On Fri, 27 Mar 2026 15:34:27 +1100
> > David Gibson <david@gibson.dropbear.id.au> wrote:
> >   
> > > All current pif names are quite short, and we expect them to remain short
> > > when/if we allow arbitrary pifs.  However, because of the structure of
> > > the current code we don't enforce any limit on the length.
> > > 
> > > This will become more important with dynamic configuration updates, so
> > > start enforcing a length limit.  Specifically we allow pif names to be up
> > > to IFNAMSIZ bytes, including the terminating \0.  This is semi-arbitrary -
> > > there's no particular reason we have to use the same length limit as
> > > kernel netif names.  However, when we do allow arbitrary pifs, we expect
> > > that we might support a similar number to the number of kernel interfaces.
> > > It might make sense to use names matching kernel interface names in that
> > > future.  So, re-use IFNAMSIZ to avoid surprise.  
> > 
> > And what if... we used 128 instead, which is reasonably longer than
> > UNIX_PATH_MAX (108, which despite the application usage in POSIX 2024.1:
> > https://pubs.opengroup.org/onlinepubs/9799919799/basedefs/sys_un.h.html
> > is still commonly used a path length limit, also by passt itself)?  
> 
> Well, certainly we could make pif names longer...
> 
> > At that point we could embed UNIX domain socket paths as PIF name
> > (possibly with some additional specifier) which _might_ be useful to
> > forward UNIX sockets in the https://bugs.passt.top/show_bug.cgi?id=200
> > sense.  
> 
> ...but I don't think that rationale is compelling.  The unix socket
> path would be the equivalent of IP+port, not the pif.

Right, that was the "obvious" idea we assumed so far, but I was
thinking that if you want to stick to only PIFs and addresses in rules
and flow tables (from what I understood, you would see some value in
keeping that), we could think of modelling that UNIX domain socket as a
PIF that can only map to a given TCP or UDP port (depending on the UNIX
domain socket type) instead.

It's a bit of a stretch but maybe it's convenient?

On the other hand it would conflict with the current (and perhaps only
reasonable) concept of PIF, that is, "the host", "the guest", etc.

> I don't see how embedding a unix path in the pif would be useful.

...and maybe something else entirely: should we, one day, add support
for multiple virtual machines, with each one connecting to different
UNIX domain sockets (either data or vhost-user control sockets), would
it be convenient to differentiate between those "TAP" (current name)
PIFs using their UNIX domain socket path instead?

Or would there be a separate table mapping PIF names to socket paths?
This looks more elegant and flexible but I'm not sure if it's
preferable to the former.

> > It's not the only way to implement it, but perhaps it's one possibility
> > that might make sense for what we know now? What do you think?
> > 
> > It also has the advantage of being sufficiently longer than IFNAMSIZ,
> > so that should we ever need to have stuff like "container_A:eth0" in a
> > PIF name, we could have it as well.  
> 
> That's a more convincing case.  Ok, I'll expand the pif name size for
> the next spin.

By the way, I forgot to mention, Podman container IDs (the ID you get
from 'podman create', and if I recall correctly also from Docker) are
64 hex digits, which might be convenient to represent as 64 (printable)
characters (instead of 32 bytes) for users to refer to.

The OCI specification (surprise) just says that it's a "string",
without defining the maximum length:

  https://github.com/opencontainers/runtime-spec/blob/main/runtime.md#state

...anyway, if Podman, Docker, or their users want to refer to
containers using those IDs, that plus IFNAMSIZ would be 80 bytes.

-- 
Stefano