From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=J43zQhU8; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 4C90B5A0625 for ; Thu, 11 Dec 2025 14:52:28 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1765461147; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tB6zwKlg8KvtoErr5GaRu1mFpVfzK4L9p+XFGLpuOIw=; b=J43zQhU8XyOwtLS3/pn8Lw+NQYlzpJEwdmYCZ2NSllb5rb0AYfv7vOk3eCva0PCEuZelSY aWzRHJMrJV9GaQDFPyJB0ZHTiPCNkk8cbxTjaFD4bF9TgGngmS6yIsAxAtRP+90vktdGpN /8PWnsqh2OMQgxezzr+mQr/Skm5nqgk= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-193-7CH4GL30Oo64QR9MO5KLow-1; Thu, 11 Dec 2025 08:52:26 -0500 X-MC-Unique: 7CH4GL30Oo64QR9MO5KLow-1 X-Mimecast-MFC-AGG-ID: 7CH4GL30Oo64QR9MO5KLow_1765461145 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-4779edba8f3so773305e9.3 for ; Thu, 11 Dec 2025 05:52:25 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1765461144; x=1766065944; h=content-transfer-encoding:in-reply-to:from:cc:content-language :references:to:subject:user-agent:mime-version:date:message-id :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tB6zwKlg8KvtoErr5GaRu1mFpVfzK4L9p+XFGLpuOIw=; b=OigD19oznuxy4WEL05YFcV2Z9cm0HGyXCOICkSICsb5U6PBRTetjRfwGbUwuwaPh7G z/PrhwtBXFi8y8/HI/0jCqniTmYkCFvFoxyq80FwBNs8HAT1WK5HF4g44R44AjzQ6pBC YFDhZ9NJT5rRD26bCQsEPUFj7CP3NpqzLt+xSyut3HhoMn4dC8BEedknwxTq773RUfPI Ari9fuspXlT8lxnsHucK//XrQpqeskbE9oE4UFUOgVqO2Yop4NVh211ugJiCARKd6xnT cq7ILDZLzeDY+QuzBqwsx8raNT8aH04YSHZzxk6ESXfSbn9hQgkC3ZzDkK8ZSe/g/87Y MEAA== X-Forwarded-Encrypted: i=1; AJvYcCXFrTB8IdcY5u5Z+iKCmc/UxI/uGy24yI6CFuerFHJKu8VYVs5PgSOwr/9Gjk+tpxvvuPF3h8r7wLo=@passt.top X-Gm-Message-State: AOJu0YyEh0vzlHa5cZqHUSi57Igpzxgc4QEsLnzBWsbA/ak2nO77BXa0 xMx7cu/Z6pxN8an+abm+ykszM2iawykmEb2ze8FZ2Wy8lZRbOlYw+NXoaKybZZucuLxj9uP0ODK xjjYA5a6d4Uie2YKNPpGQXrPiW48GzfEIPrYuaJc7t/Exi6nQ5HtgOOaUFtMOzg== X-Gm-Gg: AY/fxX5J8OEbv7cO+JqSBJe/8MV7/6BdlevXbwfoyu2xJhjPpVCvwAPwxwOkFuYGMxL 2sS7Gt6BRyKrQa5dbFVzDzFC91yKuX0k28XARGbGjrlw5bXs1GO0fh8xkMa0rqDhCHbAYa2ShLH wip1jEic4bozwGmHWVEih+t2hdBY7QnRerC6zmoSgzQYevTWqLFp56/gKGkFvNiF3Wh61WTd4jd t4lcXPo30j6BLWJpsSHqKQYR/TlR36un+333ovNHnQFrihkj5/6d3CYDd0RxU7buRTFxg2kX+yO YioJWdc6hU8iEGklxh0sCJzpW8K3T6PSX+l/7PjzXLbH4u/biY6L4de7/F63wWPjkcY14FXnocj UswmcOMBM88NbJnk= X-Received: by 2002:a05:600c:1d0b:b0:475:da1a:53f9 with SMTP id 5b1f17b1804b1-47a83759f18mr57488945e9.14.1765461144441; Thu, 11 Dec 2025 05:52:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IES4oV6bp7xCV+R3zr+LHmoPnBrfg9fvus7mIkbUlGIGeWcDz54jeOPe5s01OmwlZd0q/LcCQ== X-Received: by 2002:a05:600c:1d0b:b0:475:da1a:53f9 with SMTP id 5b1f17b1804b1-47a83759f18mr57488745e9.14.1765461143893; Thu, 11 Dec 2025 05:52:23 -0800 (PST) Received: from [192.168.188.22] ([80.243.52.134]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-47a89f74284sm38851315e9.9.2025.12.11.05.52.23 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 11 Dec 2025 05:52:23 -0800 (PST) Message-ID: Date: Thu, 11 Dec 2025 14:52:22 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v2 3/3] pasta: Clean up waiting pasta child on failures To: David Gibson , passt-dev@passt.top References: <20251211035436.2844623-1-david@gibson.dropbear.id.au> <20251211035436.2844623-4-david@gibson.dropbear.id.au> From: Paul Holzinger In-Reply-To: <20251211035436.2844623-4-david@gibson.dropbear.id.au> X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: j-bNaU15hLBE_fhf1Zk7JPCGLrSpzKp2dODcyn4Q58k_1765461145 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Message-ID-Hash: NLYIUA42QAMLKO3VOV4CDOBFS4QSX6HE X-Message-ID-Hash: NLYIUA42QAMLKO3VOV4CDOBFS4QSX6HE X-MailFrom: pholzing@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Stefano Brivio X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 11/12/2025 04:54, David Gibson wrote: > When pasta is invoked with a command rather than an existing namespace to > attach to, it spawns a child process to run a shell or other command. We > create that process during conf(), since we need the namespace to exist for > much of our setup. However, we don't want the specified command to run > until the pasta network interface is ready for use. Therefore, > pasta_spawn_cmd() executing in the child waits before exec()ing. main() > signals the child to continue with SIGUSR1 shortly before entering the > main forwarding loop. > > This has the downside that if we exit due to any kind of failure between > conf() and the SIGUSR1, the child process will be around waiting > indefinitely. The user must manually clean this up. > > Make this cleaner, by having the child use PR_SET_PDEATHSIG to have > itself killed if the parent dies during this window. Technically > speaking this is racy: if the parent dies before the child can call > the prctl() it will be left zombie-like as before. However, as long > as the parent completes pasta_wait_for_ns() before dying, I wasn't > able to trigger the race. Since the consequences of this going wrong > are merely a bit ugly, I think that's good enough. > > Signed-off-by: David Gibson Reviewed-by: Paul Holzinger > --- > pasta.c | 11 +++++++++++ > util.c | 1 + > 2 files changed, 12 insertions(+) > > diff --git a/pasta.c b/pasta.c > index 5c693de1..c307b8a8 100644 > --- a/pasta.c > +++ b/pasta.c > @@ -40,6 +40,7 @@ > #include > #include > #include > +#include > #include > #include > > @@ -189,6 +190,10 @@ static int pasta_spawn_cmd(void *arg) > size_t conf_hostname_len; > sigset_t set; > > + /* If the parent dies with an error, so should we */ > + if (prctl(PR_SET_PDEATHSIG, SIGKILL)) > + die_perror("Couldn't set PR_SET_PDEATHSIG"); > + > /* We run in a detached PID and mount namespace: mount /proc over */ > if (mount("", "/proc", "proc", 0, NULL)) > warn_perror("Couldn't mount /proc"); > @@ -215,6 +220,12 @@ static int pasta_spawn_cmd(void *arg) > sigaddset(&set, SIGUSR1); > sigwaitinfo(&set, NULL); > > + /* Once exec()ed this process is more valuable, and easier to see and > + * clean up. Let us outlive our parent now. > + */ > + if (prctl(PR_SET_PDEATHSIG, 0)) > + die_perror("Couldn't clear PR_SET_PDEATHSIG"); > + > execvp(a->exe, a->argv); > > die_perror("Failed to start command or shell"); > diff --git a/util.c b/util.c > index da12c962..27303950 100644 > --- a/util.c > +++ b/util.c > @@ -35,6 +35,7 @@ > #include "log.h" > #include "pcap.h" > #include "epoll_ctl.h" > +#include "pasta.h" > #ifdef HAS_GETRANDOM > #include > #endif -- Paul Holzinger