From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id C549C5A027A for ; Wed, 8 Mar 2023 23:45:15 +0100 (CET) Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4PX6pF6jLWz4xFP; Thu, 9 Mar 2023 09:45:09 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=201602; t=1678315509; bh=1lnKqeQ1OzHljSZ1QxAqjxPSYiCjvW891N1h2ax3EEQ=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=NeqPWqGKZc58Owl1YjYSS7PoQNb5lDaTgVxUv7B61V9gt7T58zP1xjRMeMsFeXUA4 pDUdbZ5JP64PU02DIhox7wD6ASRDpwoQXtJFFt9e5Nq/G4rGrC2RViFa5FJLjRpGG2 1GWrBVbEXHD2PbkZppUS42aTJeiMHU1zqe3XER1E= Date: Thu, 9 Mar 2023 09:45:01 +1100 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH 3/3] conf: Terminate on EMFILE or ENFILE on sockets for port mapping Message-ID: References: <20230308123348.2232214-1-sbrivio@redhat.com> <20230308123348.2232214-4-sbrivio@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="KgR9bbqmgNP5/TEK" Content-Disposition: inline In-Reply-To: <20230308123348.2232214-4-sbrivio@redhat.com> Message-ID-Hash: UAKN7GA5HDCHH4HW6CC2PL5GNPYTTC7K X-Message-ID-Hash: UAKN7GA5HDCHH4HW6CC2PL5GNPYTTC7K X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --KgR9bbqmgNP5/TEK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 08, 2023 at 01:33:48PM +0100, Stefano Brivio wrote: > In general, we don't terminate or report failures if we fail to bind > to some ports out of a given port range specifier, to allow users to > conveniently specify big port ranges (or "all") without having to > care about ports that might already be in use. >=20 > However, running out of the open file descriptors quota is a > different story: we can't do what the user requested in a very > substantial way. >=20 > For example, if the user specifies '-t all' and we can only bind > 1024 sockets, the behaviour is rather unexpected. >=20 > Fail whenever socket creation returns -ENFILE or -EMFILE. >=20 > Link: https://bugs.passt.top/show_bug.cgi?id=3D27 > Signed-off-by: Stefano Brivio Reviewed-by: David Gibson > --- > conf.c | 36 +++++++++++++++++++++++++++++------- > 1 file changed, 29 insertions(+), 7 deletions(-) >=20 > diff --git a/conf.c b/conf.c > index 582c391..ee56501 100644 > --- a/conf.c > +++ b/conf.c > @@ -184,6 +184,7 @@ static void conf_ports(const struct ctx *c, char optn= ame, const char *optarg, > bool exclude_only =3D true, bound_one =3D false; > uint8_t exclude[PORT_BITMAP_SIZE] =3D { 0 }; > sa_family_t af =3D AF_UNSPEC; > + int ret; > =20 > if (!strcmp(optarg, "none")) { > if (fwd->mode) > @@ -218,11 +219,18 @@ static void conf_ports(const struct ctx *c, char op= tname, const char *optarg, > =20 > for (i =3D 0; i < PORT_EPHEMERAL_MIN; i++) { > if (optname =3D=3D 't') { > - if (!tcp_sock_init(c, AF_UNSPEC, NULL, NULL, i)) > + ret =3D tcp_sock_init(c, AF_UNSPEC, NULL, NULL, > + i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } else if (optname =3D=3D 'u') { > - if (!udp_sock_init(c, 0, AF_UNSPEC, NULL, NULL, > - i)) > + ret =3D udp_sock_init(c, 0, AF_UNSPEC, NULL, NULL, > + i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } > } > @@ -303,10 +311,16 @@ static void conf_ports(const struct ctx *c, char op= tname, const char *optarg, > bitmap_set(fwd->map, i); > =20 > if (optname =3D=3D 't') { > - if (!tcp_sock_init(c, af, addr, ifname, i)) > + ret =3D tcp_sock_init(c, af, addr, ifname, i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } else if (optname =3D=3D 'u') { > - if (!udp_sock_init(c, 0, af, addr, ifname, i)) > + ret =3D udp_sock_init(c, 0, af, addr, ifname, i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } else { > /* No way to check in advance for -T and -U */ > @@ -358,10 +372,16 @@ static void conf_ports(const struct ctx *c, char op= tname, const char *optarg, > fwd->delta[i] =3D mapped_range.first - orig_range.first; > =20 > if (optname =3D=3D 't') { > - if (!tcp_sock_init(c, af, addr, ifname, i)) > + ret =3D tcp_sock_init(c, af, addr, ifname, i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } else if (optname =3D=3D 'u') { > - if (!udp_sock_init(c, 0, af, addr, ifname, i)) > + ret =3D udp_sock_init(c, 0, af, addr, ifname, i); > + if (ret =3D=3D -ENFILE || ret =3D=3D -EMFILE) > + goto enfile; > + if (!ret) > bound_one =3D true; > } else { > /* No way to check in advance for -T and -U */ > @@ -374,6 +394,8 @@ static void conf_ports(const struct ctx *c, char optn= ame, const char *optarg, > goto bind_fail; > =20 > return; > +enfile: > + die("Can't open enough sockets for port specifier: %s", optarg); > bad: > die("Invalid port specifier %s", optarg); > overlap: --=20 David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson --KgR9bbqmgNP5/TEK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmQJD+YACgkQzQJF27ox 2GfwPw/+ItkykSXSJQngcoXc0np1N7CdF4H2V6SFcogyhZoLeFpAnO4qo0Vmew0y J6YziLb1hhYW8+M4VPPz+uU5Cn4wn2IB8frHSwJGg/Pk2dytIBaitvhGp6SY7K8b 4gtFSxrmTq1nIBvcLzLZDQWzQw/ifMZ0srOzZXUqhuoN2ZJSHTefYhFH+ZnFj6xd PIIBG/KS4nV+Z77c/kH3boVUj8w3Cu/H9G7U8G4hd594v4MlSH6G5KUguXUM2Chm vWqEuCMUY2vKqvq7LvT9J113Rrwi54K0uqFoeBD9D1e4cucq8cUFWuqUn9NtR2+R n+9Nc6dy7Zya/bFGcD8qrtEfgiBbLUx+n+XaWYCOi6KIs8i8GDP1l+PLkceka3sa KuApbQnWqoAfpF/at3oaSdv53B7OthcZbHoXSLPsJKE5qi5D/D6TRXjdbx8uRz82 aBqeaME5Sjd6LsNh9yrVkw48zjb0DmlzdyL4j4Mx57K+EkGk61hZFM0jZbtOGK2I J3cDIin6sV9yqOmDdcDPMEy9ptSgCSY0n/8uAR1etnjoBfUjvZB6UFbFVE2WKehc aJulwlXm1KFa8korguRAd+WC8MIF8SBJz3P0w77ByJj51EmzJnYDtKs+l65rOmsH t1UfhZaBzFcNLlZIYugIiCKD6ySj7wMsBm/hW0B4Cyl8L23C0iU= =QI18 -----END PGP SIGNATURE----- --KgR9bbqmgNP5/TEK--