From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PNHD/5yQ; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 318935A0262 for ; Tue, 05 May 2026 09:06:25 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1777964784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; bh=05uRRAwzAEf2ljNhtIOfg79NzVAfqYjd2LVJjw1Dyyc=; b=PNHD/5yQqckhoLXS4r+BIEqOjR/QlcpvJdO80vR8kSHpRtbwQEq+VTyyv/2CI3EBI8uUss yx4OasYZfw3SqW/4OIBxhIAUlGFTT3lRY+XIGt/YyDKVNtE629twXk3GdZPbUOFfqnf0a9 Xt7j1n+xyI6p5b4/7rRcXHdU0IP3g2c= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-359-m7BAfhtxME2xeu3sD07zIQ-1; Tue, 05 May 2026 03:06:22 -0400 X-MC-Unique: m7BAfhtxME2xeu3sD07zIQ-1 X-Mimecast-MFC-AGG-ID: m7BAfhtxME2xeu3sD07zIQ_1777964781 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-488c0120047so32812665e9.0 for ; Tue, 05 May 2026 00:06:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777964781; x=1778569581; h=content-transfer-encoding:in-reply-to:autocrypt:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=05uRRAwzAEf2ljNhtIOfg79NzVAfqYjd2LVJjw1Dyyc=; b=qzZfBJE2NaroWXLmB9MVd7WQhqvJGvM8tX8Xe2OHhpC4Ygu3Yc4ZakqtHBRwoaBvyB 9hOm41xqK1NaHU1bOLtjTLwyxh948lVunXzvEKQbq9Rks1o/Cj6x5pyq3rSbjuAqmHYV k/U8nx9Ozrov6DEBGuwS0EE8l2PEnVHdalxAshQkXJ4kOeDvW5G7UcpPDnkc6GAfRo11 uXI8KEUaOGqKyuOkwuWlMpqtycIxQ8vrFJP5S/HyiG/P0cyVSUTlVOrdtgkepYLUJkqo 0zHDDrvsVFAu6/0oXUqIGnyUQ39DaIim3MPfzNsRrcUfhcf44W09rxRvDXhSnQukd5oH JPUA== X-Forwarded-Encrypted: i=1; AFNElJ+CWvGHAU5KH4gJRM2ms8s3kIT6HqPuWZ+LsAnrYbFdOlb20p5hVx5xiMMMhLp9prKiZsJFH+xsb0w=@passt.top X-Gm-Message-State: AOJu0Yy+qFYM6O9UIl9QRSnLyETR9N7zBYJxKJMUdawxIXikxqfEaQYO hm3YuPYENl2SG/hmeTa4O97DHcfkhvlNqR5ZHcSGUy76ZsKQC7xP+Zvcs6R0+6/jB0ht/InkAqN uJfKKSnlIvHqsCL+Q1jQK0fP97qM9M5LlgPj0tVkvIM5D4jF0Cm6aLw== X-Gm-Gg: AeBDies+e9+W2rZdIm3bWyxySpbHkAWYen1hN0f/bDP1+1x6YgrncyQkhCpdxULqgGR UwXsbKmIhlu6DFhUZSMx8yl7+9VUJ1MA2b2+9HGJuM2QHehcc6In17rbkYw12li3j04ZXZzhSlz Ee1I8bEGCXv0owYOsthgTGlEyGQw4ecuT/vrJ/syWOGYw65OGP/R6D2ZNhcwx5VIGIl0I0tY7Gu OV20qhoEq64za/F48pQPTta7outSfxEYI0mHhqo1Vb3ZywSPnQJIDGv9Uia0oAS76tQvoljYelB DIzeo68Ix0HlV07qqUpSI3uhp+6IN2CB7/bSxsEImmwj/0cPXI6+e/7NJ91OC56AmPzIlR5LOzf F1dujCEcRiYD/WfqKY4vppPVyufT0xjnNN5ArisxGOFl7adhkrWSDSv8X/hCB9XKr6Q== X-Received: by 2002:a05:600c:3052:b0:48a:7a10:4f47 with SMTP id 5b1f17b1804b1-48d186dc826mr13501205e9.3.1777964781276; Tue, 05 May 2026 00:06:21 -0700 (PDT) X-Received: by 2002:a05:600c:3052:b0:48a:7a10:4f47 with SMTP id 5b1f17b1804b1-48d186dc826mr13500845e9.3.1777964780719; Tue, 05 May 2026 00:06:20 -0700 (PDT) Received: from [192.168.100.100] (82-64-211-94.subs.proxad.net. [82.64.211.94]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-48d149eafafsm18114015e9.2.2026.05.05.00.06.19 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 05 May 2026 00:06:20 -0700 (PDT) Message-ID: <6a2c3159-a4f6-47c4-93a0-831575fe9cf9@redhat.com> Date: Tue, 5 May 2026 09:06:19 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v7 08/18] pesto: Introduce stub configuration tool To: Stefano Brivio , passt-dev@passt.top References: <20260504231142.1118652-1-sbrivio@redhat.com> <20260504231142.1118652-9-sbrivio@redhat.com> From: Laurent Vivier Autocrypt: addr=lvivier@redhat.com; keydata= xsFNBFYFJhkBEAC2me7w2+RizYOKZM+vZCx69GTewOwqzHrrHSG07MUAxJ6AY29/+HYf6EY2 WoeuLWDmXE7A3oJoIsRecD6BXHTb0OYS20lS608anr3B0xn5g0BX7es9Mw+hV/pL+63EOCVm SUVTEQwbGQN62guOKnJJJfphbbv82glIC/Ei4Ky8BwZkUuXd7d5NFJKC9/GDrbWdj75cDNQx UZ9XXbXEKY9MHX83Uy7JFoiFDMOVHn55HnncflUncO0zDzY7CxFeQFwYRbsCXOUL9yBtqLer Ky8/yjBskIlNrp0uQSt9LMoMsdSjYLYhvk1StsNPg74+s4u0Q6z45+l8RAsgLw5OLtTa+ePM JyS7OIGNYxAX6eZk1+91a6tnqfyPcMbduxyBaYXn94HUG162BeuyBkbNoIDkB7pCByed1A7q q9/FbuTDwgVGVLYthYSfTtN0Y60OgNkWCMtFwKxRaXt1WFA5ceqinN/XkgA+vf2Ch72zBkJL RBIhfOPFv5f2Hkkj0MvsUXpOWaOjatiu0fpPo6Hw14UEpywke1zN4NKubApQOlNKZZC4hu6/ 8pv2t4HRi7s0K88jQYBRPObjrN5+owtI51xMaYzvPitHQ2053LmgsOdN9EKOqZeHAYG2SmRW LOxYWKX14YkZI5j/TXfKlTpwSMvXho+efN4kgFvFmP6WT+tPnwARAQABzSNMYXVyZW50IFZp dmllciA8bHZpdmllckByZWRoYXQuY29tPsLBeAQTAQIAIgUCVgVQgAIbAwYLCQgHAwIGFQgC CQoLBBYCAwECHgECF4AACgkQ8ww4vT8vvjwpgg//fSGy0Rs/t8cPFuzoY1cex4limJQfReLr SJXCANg9NOWy/bFK5wunj+h/RCFxIFhZcyXveurkBwYikDPUrBoBRoOJY/BHK0iZo7/WQkur 6H5losVZtrotmKOGnP/lJYZ3H6OWvXzdz8LL5hb3TvGOP68K8Bn8UsIaZJoeiKhaNR0sOJyI YYbgFQPWMHfVwHD/U+/gqRhD7apVysxv5by/pKDln1I5v0cRRH6hd8M8oXgKhF2+rAOL7gvh jEHSSWKUlMjC7YwwjSZmUkL+TQyE18e2XBk85X8Da3FznrLiHZFHQ/NzETYxRjnOzD7/kOVy gKD/o7asyWQVU65mh/ECrtjfhtCBSYmIIVkopoLaVJ/kEbVJQegT2P6NgERC/31kmTF69vn8 uQyW11Hk8tyubicByL3/XVBrq4jZdJW3cePNJbTNaT0d/bjMg5zCWHbMErUib2Nellnbg6bc 2HLDe0NLVPuRZhHUHM9hO/JNnHfvgiRQDh6loNOUnm9Iw2YiVgZNnT4soUehMZ7au8PwSl4I KYE4ulJ8RRiydN7fES3IZWmOPlyskp1QMQBD/w16o+lEtY6HSFEzsK3o0vuBRBVp2WKnssVH qeeV01ZHw0bvWKjxVNOksP98eJfWLfV9l9e7s6TaAeySKRRubtJ+21PRuYAxKsaueBfUE7ZT 7zfOwU0EVgUmGQEQALxSQRbl/QOnmssVDxWhHM5TGxl7oLNJms2zmBpcmlrIsn8nNz0rRyxT 460k2niaTwowSRK8KWVDeAW6ZAaWiYjLlTunoKwvF8vP3JyWpBz0diTxL5o+xpvy/Q6YU3BN efdq8Vy3rFsxgW7mMSrI/CxJ667y8ot5DVugeS2NyHfmZlPGE0Nsy7hlebS4liisXOrN3jFz asKyUws3VXek4V65lHwB23BVzsnFMn/bw/rPliqXGcwl8CoJu8dSyrCcd1Ibs0/Inq9S9+t0 VmWiQWfQkz4rvEeTQkp/VfgZ6z98JRW7S6l6eophoWs0/ZyRfOm+QVSqRfFZdxdP2PlGeIFM C3fXJgygXJkFPyWkVElr76JTbtSHsGWbt6xUlYHKXWo+xf9WgtLeby3cfSkEchACrxDrQpj+ Jt/JFP+q997dybkyZ5IoHWuPkn7uZGBrKIHmBunTco1+cKSuRiSCYpBIXZMHCzPgVDjk4viP brV9NwRkmaOxVvye0vctJeWvJ6KA7NoAURplIGCqkCRwg0MmLrfoZnK/gRqVJ/f6adhU1oo6 z4p2/z3PemA0C0ANatgHgBb90cd16AUxpdEQmOCmdNnNJF/3Zt3inzF+NFzHoM5Vwq6rc1JP jfC3oqRLJzqAEHBDjQFlqNR3IFCIAo4SYQRBdAHBCzkM4rWyRhuVABEBAAHCwV8EGAECAAkF AlYFJhkCGwwACgkQ8ww4vT8vvjwg9w//VQrcnVg3TsjEybxDEUBm8dBmnKqcnTBFmxN5FFtI WlEuY8+YMiWRykd8Ln9RJ/98/ghABHz9TN8TRo2b6WimV64FmlVn17Ri6FgFU3xNt9TTEChq AcNg88eYryKsYpFwegGpwUlaUaaGh1m9OrTzcQy+klVfZWaVJ9Nw0keoGRGb8j4XjVpL8+2x OhXKrM1fzzb8JtAuSbuzZSQPDwQEI5CKKxp7zf76J21YeRrEW4WDznPyVcDTa+tz++q2S/Bp P4W98bXCBIuQgs2m+OflERv5c3Ojldp04/S4NEjXEYRWdiCxN7ca5iPml5gLtuvhJMSy36gl U6IW9kn30IWuSoBpTkgV7rLUEhh9Ms82VWW/h2TxL8enfx40PrfbDtWwqRID3WY8jLrjKfTd R3LW8BnUDNkG+c4FzvvGUs8AvuqxxyHbXAfDx9o/jXfPHVRmJVhSmd+hC3mcQ+4iX5bBPBPM oDqSoLt5w9GoQQ6gDVP2ZjTWqwSRMLzNr37rJjZ1pt0DCMMTbiYIUcrhX8eveCJtY7NGWNyx FCRkhxRuGcpwPmRVDwOl39MB3iTsRighiMnijkbLXiKoJ5CDVvX5yicNqYJPKh5MFXN1bvsB kmYiStMRbrD0HoY1kx5/VozBtc70OU0EB8Wrv9hZD+Ofp0T3KOr1RUHvCZoLURfFhSQ= In-Reply-To: <20260504231142.1118652-9-sbrivio@redhat.com> X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 6P-pQih9LAfnCuHQwntCJZEG9lyFmW15qIdJyaOI6jw_1777964781 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Message-ID-Hash: LF37BERN3QEQ3XJM5THCA7X5DHCLP74Q X-Message-ID-Hash: LF37BERN3QEQ3XJM5THCA7X5DHCLP74Q X-MailFrom: lvivier@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Jon Maloy , David Gibson X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 5/5/26 01:11, Stefano Brivio wrote: > From: David Gibson > > Build a new "pesto" binary, which will become the tool to update a running > passt/pasta's configuration. For now, we just build a stub binary which > sets up a basic environment, parses trivial command line options but does > nothing else. > > Signed-off-by: David Gibson > [sbrivio: Dropped leading _ from comment to include guard endif, > reported by Laurent] > [sbrivio: Formatting changes in pesto.1: use 80 columns instead of > wrapping at about 75. Add description for -d, -h, --version.] > Signed-off-by: Stefano Brivio Reviewed-by: Laurent Vivier > --- > .gitignore | 2 + > Makefile | 42 +++++++++++------ > common.h | 24 ++++++++++ > pesto.1 | 59 ++++++++++++++++++++++++ > pesto.c | 132 +++++++++++++++++++++++++++++++++++++++++++++++++++++ > pesto.h | 12 +++++ > util.h | 12 +---- > 7 files changed, 257 insertions(+), 26 deletions(-) > create mode 100644 common.h > create mode 100644 pesto.1 > create mode 100644 pesto.c > create mode 100644 pesto.h > > diff --git a/.gitignore b/.gitignore > index 3c16adc..3e40d9f 100644 > --- a/.gitignore > +++ b/.gitignore > @@ -4,9 +4,11 @@ > /pasta > /pasta.avx2 > /passt-repair > +/pesto > /qrap > /pasta.1 > /seccomp.h > +/seccomp_pesto.h > /seccomp_repair.h > /c*.json > README.plain.md > diff --git a/Makefile b/Makefile > index 7875d23..030681b 100644 > --- a/Makefile > +++ b/Makefile > @@ -47,19 +47,21 @@ PASST_SRCS = arch.c arp.c bitmap.c checksum.c conf.c dhcp.c dhcpv6.c \ > vhost_user.c virtio.c vu_common.c > QRAP_SRCS = qrap.c > PASST_REPAIR_SRCS = passt-repair.c > -SRCS = $(PASST_SRCS) $(QRAP_SRCS) $(PASST_REPAIR_SRCS) > - > -MANPAGES = passt.1 pasta.1 qrap.1 passt-repair.1 > - > -PASST_HEADERS = arch.h arp.h bitmap.h checksum.h conf.h dhcp.h dhcpv6.h \ > - epoll_ctl.h flow.h fwd.h fwd_rule.h flow_table.h icmp.h icmp_flow.h \ > - inany.h iov.h ip.h isolation.h lineread.h log.h migrate.h ndp.h \ > - netlink.h packet.h passt.h pasta.h pcap.h pif.h repair.h serialise.h \ > - siphash.h tap.h tcp.h tcp_buf.h tcp_conn.h tcp_internal.h tcp_splice.h \ > - tcp_vu.h udp.h udp_flow.h udp_internal.h udp_vu.h util.h vhost_user.h \ > - virtio.h vu_common.h > +PESTO_SRCS = pesto.c > +SRCS = $(PASST_SRCS) $(QRAP_SRCS) $(PASST_REPAIR_SRCS) $(PESTO_SRCS) > + > +MANPAGES = passt.1 pasta.1 pesto.1 qrap.1 passt-repair.1 > + > +PASST_HEADERS = arch.h arp.h bitmap.h checksum.h common.h conf.h dhcp.h \ > + dhcpv6.h epoll_ctl.h flow.h fwd.h fwd_rule.h flow_table.h icmp.h \ > + icmp_flow.h inany.h iov.h ip.h isolation.h lineread.h log.h migrate.h \ > + ndp.h netlink.h packet.h passt.h pasta.h pcap.h pesto.h pif.h repair.h \ > + serialise.h siphash.h tap.h tcp.h tcp_buf.h tcp_conn.h tcp_internal.h \ > + tcp_splice.h tcp_vu.h udp.h udp_flow.h udp_internal.h udp_vu.h util.h \ > + vhost_user.h virtio.h vu_common.h > QRAP_HEADERS = arp.h ip.h passt.h util.h > PASST_REPAIR_HEADERS = linux_dep.h > +PESTO_HEADERS = common.h pesto.h > > C := \#include \nint main(){int a=getrandom(0, 0, 0);} > ifeq ($(shell printf "$(C)" | $(CC) -S -xc - -o - >/dev/null 2>&1; echo $$?),0) > @@ -78,7 +80,7 @@ docdir ?= $(datarootdir)/doc/passt > mandir ?= $(datarootdir)/man > man1dir ?= $(mandir)/man1 > > -BASEBIN = passt qrap passt-repair > +BASEBIN = passt qrap passt-repair pesto > ifeq ($(TARGET_ARCH),x86_64) > BASEBIN += passt.avx2 > endif > @@ -100,6 +102,9 @@ seccomp.h: seccomp.sh $(PASST_SRCS) $(PASST_HEADERS) > seccomp_repair.h: seccomp.sh $(PASST_REPAIR_SRCS) $(PASST_REPAIR_HEADERS) > @ ARCH="$(TARGET_ARCH)" CC="$(CC)" ./seccomp.sh seccomp_repair.h $(PASST_REPAIR_SRCS) > > +seccomp_pesto.h: seccomp.sh $(PESTO_SRCS) > + @ ARCH="$(TARGET_ARCH)" CC="$(CC)" ./seccomp.sh seccomp_pesto.h $(PESTO_SRCS) > + > $(BASEBIN): %: > $(CC) $(BASE_CPPFLAGS) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) $(filter %.c,$^) -o $@ > > @@ -116,6 +121,8 @@ qrap: $(QRAP_SRCS) $(QRAP_HEADERS) > > passt-repair: $(PASST_REPAIR_SRCS) $(PASST_REPAIR_HEADERS) seccomp_repair.h > > +pesto: $(PESTO_SRCS) $(PESTO_HEADERS) seccomp_pesto.h > + > valgrind: EXTRA_SYSCALLS += rt_sigprocmask rt_sigtimedwait rt_sigaction \ > rt_sigreturn getpid gettid kill clock_gettime \ > mmap|mmap2 munmap open unlink gettimeofday futex \ > @@ -126,7 +133,7 @@ valgrind: all > > .PHONY: clean > clean: > - $(RM) $(BIN) *~ *.o seccomp.h seccomp_repair.h pasta.1 \ > + $(RM) $(BIN) *~ *.o seccomp.h seccomp_repair.h seccomp_pesto.h pasta.1 \ > passt.tar passt.tar.gz *.deb *.rpm \ > passt.pid README.plain.md > > @@ -183,7 +190,8 @@ docs: README.md > CLANG_TIDY = clang-tidy > CLANG_TIDY_FLAGS = -DCLANG_TIDY_58992 > > -clang-tidy: passt.clang-tidy passt-repair.clang-tidy qrap.clang-tidy > +clang-tidy: passt.clang-tidy passt-repair.clang-tidy pesto.clang-tidy \ > + qrap.clang-tidy > > .PHONY: %.clang-tidy > %.clang-tidy: > @@ -191,6 +199,7 @@ clang-tidy: passt.clang-tidy passt-repair.clang-tidy qrap.clang-tidy > > passt.clang-tidy: $(PASST_SRCS) $(PASST_HEADERS) seccomp.h > passt-repair.clang-tidy: $(PASST_REPAIR_SRCS) $(PASST_REPAIR_HEADERS) seccomp_repair.h > +pesto.clang-tidy: $(PESTO_SRCS) $(PESTO_HEADERS) seccomp_pesto.h > qrap.clang-tidy: $(QRAP_SRCS) $(QRAP_HEADERS) > > CPPCHECK = cppcheck > @@ -206,7 +215,7 @@ CPPCHECK_FLAGS = --std=c11 --error-exitcode=1 --enable=all --force \ > --suppress=unusedStructMember \ > -D CPPCHECK_6936 > > -cppcheck: passt.cppcheck passt-repair.cppcheck qrap.cppcheck > +cppcheck: passt.cppcheck passt-repair.cppcheck pesto.cppcheck qrap.cppcheck > > .PHONY: %.cppcheck > %.cppcheck: > @@ -215,6 +224,9 @@ cppcheck: passt.cppcheck passt-repair.cppcheck qrap.cppcheck > passt.cppcheck: $(PASST_SRCS) $(PASST_HEADERS) seccomp.h > passt-repair.cppcheck: $(PASST_REPAIR_SRCS) $(PASST_REPAIR_HEADERS) seccomp_repair.h > > +pesto.cppcheck: CPPCHECK_FLAGS += --suppress=unmatchedSuppression > +pesto.cppcheck: $(PESTO_SRCS) $(PESTO_HEADERS) seccomp_pesto.h > + > qrap.cppcheck: BASE_CPPFLAGS += -DARCH=\"$(TARGET_ARCH)\" > qrap.cppcheck: CPPCHECK_FLAGS += --suppress=unusedFunction > qrap.cppcheck: $(QRAP_SRCS) $(QRAP_HEADERS) > diff --git a/common.h b/common.h > new file mode 100644 > index 0000000..f3506b4 > --- /dev/null > +++ b/common.h > @@ -0,0 +1,24 @@ > +/* SPDX-License-Identifier: GPL-2.0-or-later > + * Copyright Red Hat > + * Author: David Gibson > + * > + * Definitions used by both passt/pasta and other tools > + */ > + > +#ifndef COMMON_H > +#define COMMON_H > + > +#include > + > +#define VERSION_BLOB \ > + VERSION "\n" \ > + "Copyright Red Hat\n" \ > + "GNU General Public License, version 2 or later\n" \ > + " \n" \ > + "This is free software: you are free to change and redistribute it.\n" \ > + "There is NO WARRANTY, to the extent permitted by law.\n\n" > + > +/* FPRINTF() intentionally silences cert-err33-c clang-tidy warnings */ > +#define FPRINTF(f, ...) (void)fprintf(f, __VA_ARGS__) > + > +#endif /* COMMON_H */ > diff --git a/pesto.1 b/pesto.1 > new file mode 100644 > index 0000000..b06433d > --- /dev/null > +++ b/pesto.1 > @@ -0,0 +1,59 @@ > +.\" SPDX-License-Identifier: GPL-2.0-or-later > +.\" Copyright Red Hat > +.\" Author: David Gibson > +.TH pesto 1 > + > +.SH NAME > +.B pesto > +\- Configure a running \fBpasst\fR(1) or \fBpasta\fR(1) instance. > + > +.SH SYNOPSIS > +.B pesto > +[\fIOPTION\fR]... \fIPATH\fR > + > +.SH DESCRIPTION > + > +.B pesto > +is an experimental client to view and update the port forwarding configuration > +of a running \fBpasst\fR(1) or \fBpasta\fR(1) instance. > + > +\fIPATH\fR gives the path to the UNIX domain socket created by \fBpasst\fR or > +\fBpasta\fR. It should match the \fB-c\fR command line option given to that > +instance. > + > +.SH OPTIONS > + > +.TP > +.BR \-d ", " \-\-debug > +Be verbose. > + > +.TP > +.BR \-h ", " \-\-help > +Display a help message and exit. > + > +.TP > +.BR \-\-version > +Show version and exit. > + > +.SH AUTHORS > + > +Stefano Brivio , > +David Gibson . > + > +.SH REPORTING BUGS > + > +Please report issues on the bug tracker at https://bugs.passt.top/, or send a > +message to the passt-user@passt.top mailing list, see https://lists.passt.top/. > + > +.SH COPYRIGHT > + > +Copyright Red Hat > + > +\fBpesto\fR is free software: you can redistribute it and/or modify > +it under the terms of the GNU General Public License as published by > +the Free Software Foundation, either version 2 of the License, or (at > +your option) any later version. > + > +.SH SEE ALSO > + > +\fBpasst\fR(1), \fBpasta\fR(1), \fBunix\fR(7). > diff --git a/pesto.c b/pesto.c > new file mode 100644 > index 0000000..9f2fa5d > --- /dev/null > +++ b/pesto.c > @@ -0,0 +1,132 @@ > +// SPDX-License-Identifier: GPL-2.0-or-later > + > +/* PESTO - Programmable Extensible Socket Translation Orchestrator > + * front-end for passt(1) and pasta(1) forwarding configuration > + * > + * pesto.c - Main program (it's not actually extensible) > + * > + * Copyright (c) 2026 Red Hat GmbH > + * Author: Stefano Brivio > + */ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > +#include > + > +#include "common.h" > +#include "seccomp_pesto.h" > +#include "pesto.h" > + > +static bool debug_flag = false; > + > +static char stdout_buf[BUFSIZ]; > + > +#define die(...) \ > + do { \ > + FPRINTF(stderr, __VA_ARGS__); \ > + FPRINTF(stderr, "\n"); \ > + exit(EXIT_FAILURE); \ > + } while (0) > + > +/** > + * usage() - Print usage, exit with given status code > + * @name: Executable name > + * @f: Stream to print usage info to > + * @status: Status code for exit(2) > + * > + * #syscalls:pesto exit_group fstat write > + */ > +static void usage(const char *name, FILE *f, int status) > +{ > + FPRINTF(f, "Usage: %s [OPTION]... PATH\n", name); > + FPRINTF(f, > + "\n" > + " -d, --debug Print debugging messages\n" > + " -h, --help Display this help message and exit\n" > + " --version Show version and exit\n"); > + exit(status); > +} > + > +/** > + * main() - Dynamic reconfiguration client main program > + * @argc: Argument count > + * @argv: Arguments: socket path, operation, port specifiers > + * > + * Return: 0 on success, won't return on failure > + * > + * #syscalls:pesto exit_group fstat read write > + */ > +int main(int argc, char **argv) > +{ > + const struct option options[] = { > + {"debug", no_argument, NULL, 'd' }, > + {"help", no_argument, NULL, 'h' }, > + {"version", no_argument, NULL, 1 }, > + { 0 }, > + }; > + const char *optstring = "dh"; > + struct sock_fprog prog; > + int optname; > + > + prctl(PR_SET_DUMPABLE, 0); > + > + prog.len = (unsigned short)sizeof(filter_pesto) / > + sizeof(filter_pesto[0]); > + prog.filter = filter_pesto; > + if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) || > + prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) > + die("Failed to apply seccomp filter"); > + > + /* Explicitly set stdout buffer, otherwise printf() might allocate, > + * breaking our seccomp profile. > + */ > + if (setvbuf(stdout, stdout_buf, _IOFBF, sizeof(stdout_buf))) > + die("Failed to set stdout buffer"); > + > + do { > + optname = getopt_long(argc, argv, optstring, options, NULL); > + > + switch (optname) { > + case -1: > + case 0: > + break; > + case 'h': > + usage(argv[0], stdout, EXIT_SUCCESS); > + break; > + case 'd': > + debug_flag = true; > + break; > + case 1: > + FPRINTF(stdout, "pesto "); > + FPRINTF(stdout, VERSION_BLOB); > + exit(EXIT_SUCCESS); > + default: > + usage(argv[0], stderr, EXIT_FAILURE); > + } > + } while (optname != -1); > + > + if (argc - optind != 1) > + usage(argv[0], stderr, EXIT_FAILURE); > + > + printf("debug_flag=%d, path=\"%s\"\n", debug_flag, argv[optind]); > + > + die("pesto is not implemented yet"); > +} > diff --git a/pesto.h b/pesto.h > new file mode 100644 > index 0000000..e9b329f > --- /dev/null > +++ b/pesto.h > @@ -0,0 +1,12 @@ > +/* SPDX-License-Identifier: GPL-2.0-or-later > + * Copyright Red Hat > + * Author: David Gibson > + * > + * Definitions and functions used by both client and server of the configuration > + * update protocol (pesto). > + */ > + > +#ifndef PESTO_H > +#define PESTO_H > + > +#endif /* PESTO_H */ > diff --git a/util.h b/util.h > index 92aeabc..770ff93 100644 > --- a/util.h > +++ b/util.h > @@ -19,16 +19,9 @@ > #include > #include > > +#include "common.h" > #include "log.h" > > -#define VERSION_BLOB \ > - VERSION "\n" \ > - "Copyright Red Hat\n" \ > - "GNU General Public License, version 2 or later\n" \ > - " \n" \ > - "This is free software: you are free to change and redistribute it.\n" \ > - "There is NO WARRANTY, to the extent permitted by law.\n\n" > - > #ifndef SECCOMP_RET_KILL_PROCESS > #define SECCOMP_RET_KILL_PROCESS SECCOMP_RET_KILL > #endif > @@ -307,9 +300,6 @@ static inline bool mod_between(unsigned x, unsigned i, unsigned j, unsigned m) > return mod_sub(x, i, m) < mod_sub(j, i, m); > } > > -/* FPRINTF() intentionally silences cert-err33-c clang-tidy warnings */ > -#define FPRINTF(f, ...) (void)fprintf(f, __VA_ARGS__) > - > void raw_random(void *buf, size_t buflen); > > /*