From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 198715A0262
	for <passt-dev@passt.top>; Mon,  5 Jun 2023 04:16:46 +0200 (CEST)
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4QZHKg3L7Sz4x42; Mon,  5 Jun 2023 12:16:39 +1000 (AEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=201602; t=1685931399;
	bh=CTfCIb81OuTVBoifEmbz+QqQuy0wumaJWyRV0KKPbJ0=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=VsIOd3uhMCVl3o/w48ayKOJ6nM9L8JUNcMGlS1sBMef+lhRHn+GDq8qdUNc5ULgKE
	 5vt3QpYrWQtKypE3uRPy+dDtbjsJWU+M5XIkgyiG+J7g125ovgaqI7iBKFleLlcbmv
	 BcE4/q1jB8tEcr0JbIobwX1N+jt5cWNF1XBEFoJg=
Date: Mon, 5 Jun 2023 12:16:34 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH] tap: With pasta, don't reset on tap errors, handle write
 failures
Message-ID: <ZH1FgpluwYS53uZv@yekko>
References: <20230604054957.619904-1-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="ZVlhgOAdHZlUhXRT"
Content-Disposition: inline
In-Reply-To: <20230604054957.619904-1-sbrivio@redhat.com>
Message-ID-Hash: QI62RTJ6HIQXM6AKDL4TDLEEL4QIRLDE
X-Message-ID-Hash: QI62RTJ6HIQXM6AKDL4TDLEEL4QIRLDE
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top, Gianluca Stivan <me@yawnt.com>, Chris Kuhn <kuhnchris@kuhnchris.eu>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/ZH1FgpluwYS53uZv@yekko/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/QI62RTJ6HIQXM6AKDL4TDLEEL4QIRLDE/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--ZVlhgOAdHZlUhXRT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Jun 04, 2023 at 07:49:57AM +0200, Stefano Brivio wrote:
> Since commit 0515adceaa8f ("passt, pasta: Namespace-based sandboxing,
> defer seccomp policy application"), it makes no sense to close and
> reopen the tap device on error: we don't have access to /dev/net/tun
> after the initial setup phase.
>=20
> If we hit ENOBUFS while writing (as reported: in one case because
> the kernel actually ran out of memory, with another case under
> investigation), or ENOSPC, we're supposed to drop whatever data we
> were trying to send: there's no room for it.
>=20
> Handle EINTR just like we handled EAGAIN/EWOULDBLOCK: there's no
> particular reason why sending the same data should fail again.
>=20
> Anything else I can think of would be an unrecoverable error: exit
> with failure then.
>=20
> While at it, drop a useless cast on the write() call: it takes a
> const void * anyway.
>=20
> Reported-by: Gianluca Stivan <me@yawnt.com>
> Reported-by: Chris Kuhn <kuhnchris@kuhnchris.eu>
> Fixes: 0515adceaa8f ("passt, pasta: Namespace-based sandboxing, defer sec=
comp policy application")
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  tap.c | 24 +++++++++++++++++++-----
>  1 file changed, 19 insertions(+), 5 deletions(-)
>=20
> diff --git a/tap.c b/tap.c
> index c0b7f33..e323529 100644
> --- a/tap.c
> +++ b/tap.c
> @@ -320,12 +320,23 @@ static size_t tap_send_frames_pasta(struct ctx *c,
>  	size_t i;
> =20
>  	for (i =3D 0; i < n; i++) {
> -		if (write(c->fd_tap, (char *)iov[i].iov_base,
> -			  iov[i].iov_len) < 0) {
> +		if (write(c->fd_tap, iov[i].iov_base, iov[i].iov_len) < 0) {
>  			debug("tap write: %s", strerror(errno));
> -			if (errno !=3D EAGAIN && errno !=3D EWOULDBLOCK)
> -				tap_handler(c, c->fd_tap, EPOLLERR, NULL);
> -			i--;
> +
> +			switch (errno) {
> +			case EAGAIN:
> +#if EAGAIN !=3D EWOULDBLOCK
> +			case EWOULDBLOCK:
> +#endif
> +			case EINTR:
> +				i--;
> +				break;
> +			case ENOBUFS:
> +			case ENOSPC:
> +				break;
> +			default:
> +				die("Write error on tap device, exiting");
> +			}
>  		}
>  	}
> =20
> @@ -1237,6 +1248,9 @@ void tap_handler(struct ctx *c, int fd, uint32_t ev=
ents,
>  			exit(EXIT_SUCCESS);
>  		}
> =20
> +		if (c->mode =3D=3D MODE_PASTA)
> +			die("Error on tap device, exiting");
> +
>  		tap_sock_init(c);
>  	}
>  }

--=20
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

--ZVlhgOAdHZlUhXRT
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmR9RWYACgkQzQJF27ox
2GcqLw//SYKzvMfySADPhF4XiJfw7Kfj3fV68kcDSQFEh5QoC6kpbckcgbdmBMiV
1EPbDD1GDazD/uu7Ac56u0eaJt+J8A6wBBXCQFAl/WFkRdgpWB8z/WaTmueo+UcE
jPfFzk+sfVqBjyqY0m65SGDUGie6VyHplUL+iEdFC86VoiNx63u2QWsarEBJk2sB
vSad3q6cxpWdL0SJ1PuX3ZW/SGyrx5zVImvWDrPfNczlnnPo9Hr1MbydG/QvJRPk
d0kvdboOBRE42+dmw4np+79IkU6j8r7Z+9ry1xFyhdI9bjNMZ/IhV0N1QUawK1Ma
+7u5AziqMs8YlXcBlmL1OmsRFVqdtlidkrX+plJXZ29k0STTar80+1QNLxKvEdcY
zimQolMFpY4N+Pm6HaCk0GwHDvU8Fa31UIOJVT5SSgdFdwJnvfdc/L4as9qAOMws
pzpAj/Gwu/X5EZJvtSICMLLKwRwQmRZtIUgY741XNutDpPU3FbyCcVVuGN769go9
SAze3n5dnRwVBochp105O9V1Q2mvw9HxqW+x4qjsF8cItwx0ckQeFgXBwXuUqGtp
7IjHPB+hP25cIp80Yz6kfzjgUxm2vSBVlX9EvibpQZExPTqUb3K8Ie1ICBjd7Cky
nMjFzLP2IOLwNF4TdZUEKCeqcyHVD+mTttTM2wmfMeV4oR313JQ=
=1EL/
-----END PGP SIGNATURE-----

--ZVlhgOAdHZlUhXRT--