From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=LFZjCKhD; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id DBA485A0265 for ; Wed, 06 May 2026 14:11:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1778069505; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aFsoSufJcRqjmnCPRMIg3VsPosiqoWEg8hNLEGtskJ8=; b=LFZjCKhD3Mtv19q2y+uChrcwk2IoUtri+gVodyvkjhVmlX8AEZ078vrM4vnbz8z9jeignm CofaBZ90yVhlLXLPBM6mrZ41QK2Cq09Jvqy69A9AkRMdXPwaect2qU1srY7sHXb3JMsiCI YDwq34FIvaZTMk0p+8tpod/xMvb5uA8= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-471-30_0chKZPY-Ugyd1USFyBA-1; Wed, 06 May 2026 08:11:44 -0400 X-MC-Unique: 30_0chKZPY-Ugyd1USFyBA-1 X-Mimecast-MFC-AGG-ID: 30_0chKZPY-Ugyd1USFyBA_1778069503 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-44b2b38648eso3978168f8f.3 for ; Wed, 06 May 2026 05:11:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778069503; x=1778674303; h=date:content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aFsoSufJcRqjmnCPRMIg3VsPosiqoWEg8hNLEGtskJ8=; b=NrOfzbjaBC7kiofiSBBuWi44sXGhdrzse15O7AY7q0wb+gdO5gFFCRCgGSK1xvvR0+ bHyUXMItjBy2kRPefD2tdFJI8glT7crG8l09U4RURMv/9KUcQnGeeqEEytU2pSFUtzNb AJTiFqtmGQqGFB2NvqGEo7HktoBy1332usE7+4oIouT6Nel2gHfNCvWjlyTmhbfc38jF YaQf3rS8APqHldBtLeUlMk4GhxjE6YZABQ6DQ09D9k/MbNThSgiVR9Mdk+S/xJMQNU7z ealm81uP38ey3KVV12sByabc0gso1jIzMwNN36QXriMNy+NR5ajQ07PyhXNzE2RRvdIt 1Dcw== X-Forwarded-Encrypted: i=1; AFNElJ9y4dKN+O2thdmkB4rTsLPoWLDQZ22amYO9YxrGZQ3Ga91dWPS7SqvmnurY6TAqIP7l0SgtKfra/Q8=@passt.top X-Gm-Message-State: AOJu0YzhjH/pzttVOr1ZROe2DzwNdmUOf7apgECcA4dlQxTaNExiQXW3 i0d5y3lCQ0HPt0rFnuNg8zTl8G8xIf1F9P0yuJ6T+u0k6cskgkNNMy7x4VzKvRdyaoeTUuR3Pc+ /DvNgNjL8XSb+r7UbNM+3xlRSh0BmXeu/Dbnce96PwR/j6uE2f5oWYQ== X-Gm-Gg: AeBDietXElFPomyjsxZiyr1nDziEbgT+QCvRY6w+RrXgAi2RceDHIGMXiB/9hlgYdBl HgVAOnk/y1Ej5PQ8pR7/F6ySvx93ZVDNpGup44B6T61AJ7Xlye+oW7VZQs3x4Bk0nUsC/1hZhHz 9QHdappggHFr2cx5Erxa0EUFzEUF6ADuUhh3hnbMl6YLjB677UeEIgvg+okOyxCtlsRHiFXdhqt qk2K07P8J9xiPqe9HgeazBk4aJddixx57uDSJIO9zmnc3oGYsDMn2pwWU8V8HgkpmnVdjKWJ6KG iWt4Pgi/vvBgleObgVevE+xY3dRIIKerRdc3iif+D7Fk6SiDR1ZMI/s++l9PaUSHyQnNmkf8Nwy Rv7EyckDOG7sLg8gzJNB0SpPcXZAJHp0PAtKTsCChxAW3KEFC/qZt/jwi0Pm3 X-Received: by 2002:a05:600c:a305:b0:48d:364:6c54 with SMTP id 5b1f17b1804b1-48e51f4144amr39320435e9.23.1778069503068; Wed, 06 May 2026 05:11:43 -0700 (PDT) X-Received: by 2002:a05:600c:a305:b0:48d:364:6c54 with SMTP id 5b1f17b1804b1-48e51f4144amr39320055e9.23.1778069502494; Wed, 06 May 2026 05:11:42 -0700 (PDT) Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [176.103.220.4]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48e5390f854sm42423225e9.14.2026.05.06.05.11.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 May 2026 05:11:41 -0700 (PDT) From: Stefano Brivio To: Laurent Vivier Subject: Re: [PATCH v8 17/19] conf, fwd: Allow switching to new rules received from pesto Message-ID: <20260506141135.6e59f697@elisabeth> In-Reply-To: <581577fc-a65a-4800-9acf-de7ff682e944@redhat.com> References: <20260505234719.1437340-1-sbrivio@redhat.com> <20260505234719.1437340-18-sbrivio@redhat.com> <20260506103930.1b7023a6@elisabeth> <20260506104955.51cdc602@elisabeth> <581577fc-a65a-4800-9acf-de7ff682e944@redhat.com> Organization: Red Hat X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu) MIME-Version: 1.0 Date: Wed, 06 May 2026 14:11:36 +0200 (CEST) X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: ycQqRp7-DPWWaCk8QhYLNGt68tb_9iK5KskAxIgTXy8_1778069503 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-ID-Hash: HU7N6N7BHSG6YAK4EDPWGLAFKWTSTKQD X-Message-ID-Hash: HU7N6N7BHSG6YAK4EDPWGLAFKWTSTKQD X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson , passt-dev@passt.top, Jon Maloy X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Wed, 6 May 2026 11:11:05 +0200 Laurent Vivier wrote: > On 5/6/26 10:52, David Gibson wrote: > > On Wed, May 06, 2026 at 10:49:55AM +0200, Stefano Brivio wrote: > >> On Wed, 6 May 2026 10:39:30 +0200 > >> Stefano Brivio wrote: > >> > >>> On Wed, 6 May 2026 10:12:21 +0200 > >>> Laurent Vivier wrote: > >>> > >>>> On 5/6/26 01:47, Stefano Brivio wrote: > >>>>> From: David Gibson > >>>>> > >>>>> We can now receive updates to the forwarding rules from the pesto client > >>>>> and store them in a "pending" copy of the forwarding tables. Implement > >>>>> switching to using the new rules. > >>>>> > >>>>> The logic is in a new fwd_listen_switch(). For now this closes all > >>>>> listening sockets related to the old tables, swaps the active and pending > >>>>> tables, then listens based on the new tables. In future we look to improve > >>>>> this so that we don't temporarily stop listening on ports that both the > >>>>> old and new tables specify. > >>>>> > >>>>> Signed-off-by: David Gibson > >>>>> [sbrivio: In fwd_listen_switch(), use the destination size as argument > >>>>> to memcpy(), instead of sizeof(tmp), as suggested by Laurent] > >>>>> Signed-off-by: Stefano Brivio > >>>>> --- > >>>>> conf.c | 5 ++--- > >>>>> fwd.c | 34 ++++++++++++++++++++++++++++++++++ > >>>>> fwd.h | 1 + > >>>>> 3 files changed, 37 insertions(+), 3 deletions(-) > >>>>> > >>>>> diff --git a/conf.c b/conf.c > >>>>> index 76344da..3f48793 100644 > >>>>> --- a/conf.c > >>>>> +++ b/conf.c > >>>>> @@ -2160,15 +2160,14 @@ void conf_handler(struct ctx *c, uint32_t events) > >>>>> fwd_rules_dump(info, fwd->rules, fwd->count, > >>>>> " ", ""); > >>>>> } > >>>>> + > >>>>> + fwd_listen_switch(c); > >>>>> } > >>>>> > >>>>> if (events & EPOLLHUP) { > >>>>> debug("Configuration client hangup"); > >>>>> - goto close; > >>>>> } > >>>>> > >>>>> - return; > >>>>> - > >>>>> close: > >>>>> conf_close(c); > >>>>> > >>>>> diff --git a/fwd.c b/fwd.c > >>>>> index d93d2e5..0697435 100644 > >>>>> --- a/fwd.c > >>>>> +++ b/fwd.c > >>>>> @@ -534,6 +534,40 @@ int fwd_listen_init(const struct ctx *c) > >>>>> return 0; > >>>>> } > >>>>> > >>>>> +/** > >>>>> + * fwd_listen_switch() - Switch from current to pending rules table > >>>>> + * @c: Execution context > >>>>> + */ > >>>>> +void fwd_listen_switch(struct ctx *c) > >>>>> +{ > >>>>> + struct fwd_table *tmp[PIF_NUM_TYPES]; > >>>>> + unsigned i; > >>>>> + > >>>>> + /* Stop listening on the old tables */ > >>>>> + for (i = 0; i < PIF_NUM_TYPES; i++) { > >>>>> + struct fwd_table *fwd = c->fwd[i]; > >>>>> + > >>>>> + if (!fwd) > >>>>> + continue; > >>>>> + > >>>>> + debug("Flushing %u old %s rules", fwd->count, pif_name(i)); > >>>>> + fwd_listen_close(fwd); > >>>>> + fwd->count = fwd->sock_count = 0; > >>>>> + } > >>>>> + > >>>>> + /* Swap active and pending tables */ > >>>>> + static_assert(sizeof(tmp) == sizeof(c->fwd) && > >>>>> + sizeof(tmp) == sizeof(c->fwd_pending), > >>>>> + "Temporary has wrong size"); > >>>> > >>>> At this point: > >>>> > >>>> c->fwd[PIF_HOST] = &fwd_in; > >>>> c->fwd[PIF_SPLICE] = &fwd_out; > >>>> > >>>> c->fwd_pending[PIF_HOST] = &fwd_in_pending; > >>>> c->fwd_pending[PIF_SPLICE] = &fwd_out_pending; > >>>> > >>>>> + memcpy(&tmp, (void *)c->fwd, sizeof(tmp)); > >>>>> + memcpy((void *)c->fwd, (void *)c->fwd_pending, sizeof(c->fwd)); > >>>>> + memcpy((void *)c->fwd_pending, &tmp, sizeof(c->fwd_pending)); > >>>> > >>>> At this point: > >>>> > >>>> c->fwd[PIF_HOST] = &fwd_in_pending; > >>>> c->fwd[PIF_SPLICE] = &fwd_out_pending; > >>>> > >>>> c->fwd_pending[PIF_HOST] = &fwd_in; > >>>> c->fwd_pending[PIF_SPLICE] = &fwd_out; > >>> > >>> Yeah, makes sense, I can change that in v9. > >>> > >>>> Perhaps it should be noted somewhere to avoid confusion in the future? > >>> > >>> What do you think should be noted exactly, and where? Can you show a > >>> practical example of the change you're proposing? > >> > >> ...I'm leaving like it is in v9 to make sure I'm not misinterpreting > >> you, and also because the current (v8) version is obviously correct and > >> I also tested it fairly heavily by now. > >> > >> I'd suggest optimising this (and commenting as needed) in a separate > >> patch later. > > > > As noted in another branch of this thread, I think all it really needs > > is renaming the globals that c->fwd and c->fwd_pending point to. They > > should just be fwd_in_[12] (or an array of 2 tables), instead of > > implying a semantic difference between the plain and "pending" copies. > > I agree with that. Okay, I see, and I agree as well. I'd still keep that as a separate patch (there are quite a few follow-ups we'll need anyway) as it's not really fundamental right now. -- Stefano