From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from gandalf.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id 744635A005E
	for <passt-dev@passt.top>; Wed, 16 Nov 2022 06:22:27 +0100 (CET)
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4NBryk0Y7kz4xTg; Wed, 16 Nov 2022 16:22:22 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=201602; t=1668576142;
	bh=qEUYeB/jV/t2s8LYhbU5aOkJ01PAag3nRr9KRhDMePk=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=QpJzcfVlri7HH0Y5vvBUBJbT4pUv+N1cbMnCaN6r6X5//3A4mdrQ0XFzvkAIgC+/f
	 XeztxoYb8BujBIKCONximbMWbF48WpItMCQ4lxXcCJKjEtPUwPo5Llmo8JyD91JcCC
	 GZp0kAWzxpMCc76nND7fbmubq8+WJEDlEkNDM7uo=
Date: Wed, 16 Nov 2022 16:20:27 +1100
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH] arp, tap, util: Don't use perror() after seccomp filter
 is installed
Message-ID: <Y3RzGychoyYglw1r@yekko>
References: <20221115012400.2240327-1-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="Gi1Fn+MotQU1Tdb6"
Content-Disposition: inline
In-Reply-To: <20221115012400.2240327-1-sbrivio@redhat.com>
Message-ID-Hash: E6ZYTYGGAKI4BYC3X5MWNOGLK26BN2FD
X-Message-ID-Hash: E6ZYTYGGAKI4BYC3X5MWNOGLK26BN2FD
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.3
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/Y3RzGychoyYglw1r@yekko/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/E6ZYTYGGAKI4BYC3X5MWNOGLK26BN2FD/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--Gi1Fn+MotQU1Tdb6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 15, 2022 at 02:24:00AM +0100, Stefano Brivio wrote:
> If stderr is closed, after we fork to background, glibc's
> implementation of perror() will try to re-open it by calling dup(),
> upon which the seccomp filter causes the process to terminate,
> because dup() is not included in the list of allowed syscalls.
>=20
> Replace perror() calls that might happen after isolation_postfork().
> We could probably replace all of them, but early ones need a bit more
> attention as we have to check whether log.c functions work in early
> stages.
>=20
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  arp.c  | 6 ++++--
>  tap.c  | 6 +++---
>  util.c | 6 +++---
>  3 files changed, 10 insertions(+), 8 deletions(-)
>=20
> diff --git a/arp.c b/arp.c
> index 141d43f..930b9ea 100644
> --- a/arp.c
> +++ b/arp.c
> @@ -24,6 +24,7 @@
>  #include <string.h>
> =20
>  #include "util.h"
> +#include "log.h"
>  #include "arp.h"
>  #include "dhcp.h"
>  #include "passt.h"
> @@ -43,6 +44,7 @@ int arp(const struct ctx *c, const struct pool *p)
>  	struct arphdr *ah;
>  	struct arpmsg *am;
>  	size_t len;
> +	int ret;
> =20
>  	eh =3D packet_get(p, 0, 0,			 sizeof(*eh), NULL);
>  	ah =3D packet_get(p, 0, sizeof(*eh),		 sizeof(*ah), NULL);
> @@ -81,8 +83,8 @@ int arp(const struct ctx *c, const struct pool *p)
>  	memcpy(eh->h_dest,	eh->h_source,	sizeof(eh->h_dest));
>  	memcpy(eh->h_source,	c->mac,		sizeof(eh->h_source));
> =20
> -	if (tap_send(c, eh, len) < 0)
> -		perror("ARP: send");
> +	if ((ret =3D tap_send(c, eh, len)) < 0)
> +		warn("ARP: send: %s", strerror(ret));
> =20
>  	return 1;
>  }
> diff --git a/tap.c b/tap.c
> index abeff25..b7ac996 100644
> --- a/tap.c
> +++ b/tap.c
> @@ -899,7 +899,7 @@ static void tap_sock_unix_init(struct ctx *c)
>  	int i;
> =20
>  	if (fd < 0) {
> -		perror("UNIX socket");
> +		err("UNIX socket: %s", strerror(errno));
>  		exit(EXIT_FAILURE);
>  	}
> =20
> @@ -920,7 +920,7 @@ static void tap_sock_unix_init(struct ctx *c)
> =20
>  		ex =3D socket(AF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0);
>  		if (ex < 0) {
> -			perror("UNIX domain socket check");
> +			err("UNIX domain socket check: %s", strerror(errno));
>  			exit(EXIT_FAILURE);
>  		}
> =20
> @@ -944,7 +944,7 @@ static void tap_sock_unix_init(struct ctx *c)
>  	}
> =20
>  	if (i =3D=3D UNIX_SOCK_MAX) {
> -		perror("UNIX socket bind");
> +		err("UNIX socket bind: %s", strerror(errno));
>  		exit(EXIT_FAILURE);
>  	}
> =20
> diff --git a/util.c b/util.c
> index 514bd44..be102e3 100644
> --- a/util.c
> +++ b/util.c
> @@ -125,7 +125,7 @@ int sock_l4(const struct ctx *c, int af, uint8_t prot=
o,
>  		fd =3D socket(af, SOCK_DGRAM | SOCK_NONBLOCK, proto);
> =20
>  	if (fd < 0) {
> -		perror("L4 socket");
> +		warn("L4 socket: %s", strerror(errno));
>  		return -1;
>  	}
> =20
> @@ -193,7 +193,7 @@ int sock_l4(const struct ctx *c, int af, uint8_t prot=
o,
>  	}
> =20
>  	if (proto =3D=3D IPPROTO_TCP && listen(fd, 128) < 0) {
> -		perror("TCP socket listen");
> +		warn("TCP socket listen: %s", strerror(errno));
>  		close(fd);
>  		return -1;
>  	}
> @@ -201,7 +201,7 @@ int sock_l4(const struct ctx *c, int af, uint8_t prot=
o,
>  	ev.events =3D EPOLLIN;
>  	ev.data.u64 =3D ref.u64;
>  	if (epoll_ctl(c->epollfd, EPOLL_CTL_ADD, fd, &ev) =3D=3D -1) {
> -		perror("L4 epoll_ctl");
> +		warn("L4 epoll_ctl: %s", strerror(errno));
>  		return -1;
>  	}
> =20

--=20
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

--Gi1Fn+MotQU1Tdb6
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoULxWu4/Ws0dB+XtgypY4gEwYSIFAmN0cxUACgkQgypY4gEw
YSLMfQ//ZRL5AU27FPhydxYSQE62JJopgffV0lsFcJI0nyHYij4npKfzfTjcAJdK
HAYeB2ezzrzFoqVh121UW6Iw3iEI5tGzQ/lsfDb/nIicIdBBGZEn8LxWqlk5eQHP
qPFFvxG5m9LUMroh7u9xZYijOds1PBkRbc4IP1aIYCVE//14IH8gzE0e2e7w/p9u
e6htWRVWIDt5StsoSWLhVNPnTrRSLyOJsUHBLZxrS0chqgPMmV70wi1ixj3guWre
Erd+z09DfzaeGypLietA40iDNxPNDU0x9H7UuSmdf7ATPyarTkxPwNMU6Fy7bhNC
+v6wtkJY4BJhXe9C/RipBGWxZBgmE8qDUM7R9aD7KqG4L8ZtDpp2YMJ/MfeKindy
8ByIXSnQjZrCv3tyMDaGFrBHhvSylbvyGUqikfVKjIN3eNUAHC3sc0Jm6xDaarUX
Xbi5b7Dp8hxd3dfjbfRh8jlutok3KABWBppTFuzY0DjkkKFI8tU/iIE7TqsX+eXz
jTeGGoBnVaWhOf3PG57ITT6EiuDV3VTaDyjHEGBxN9vwZ7CWDbn4MghGFKzV3k/i
qYDjzvAp8RoAGrXFdatrz1f/w61M1E2s+68GN3b9MzkKuQdcK2Ye93k61gMLCZ5F
XD+rnrovmTFTdGEBOVH1h28PxSy/Ayj9FNwp7Au1tpMH7ciUpnU=
=b13c
-----END PGP SIGNATURE-----

--Gi1Fn+MotQU1Tdb6--