// SPDX-License-Identifier: GPL-2.0-or-later

/* PASST - Plug A Simple Socket Transport
 *  for qemu/UNIX domain socket mode
 *
 * passt-repair.c - Privileged helper to set/clear TCP_REPAIR on sockets
 *
 * Copyright (c) 2025 Red Hat GmbH
 * Author: Stefano Brivio <sbrivio@redhat.com>
 *
 * Connect to passt via UNIX domain socket, receive sockets via SCM_RIGHTS along
 * with commands mapping to TCP_REPAIR values, and switch repair mode on or
 * off. Reply by echoing the command. Exit if the command is INT_MAX.
 */

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h>
#include <unistd.h>
#include <netdb.h>

#include <netinet/tcp.h>

#define SCM_MAX_FD 253 /* From Linux kernel (include/net/scm.h), not in UAPI */

int main(int argc, char **argv)
{
	char buf[CMSG_SPACE(sizeof(int) * SCM_MAX_FD)]
	     __attribute__ ((aligned(__alignof__(struct cmsghdr))));
	struct sockaddr_un a = { AF_UNIX, "" };
	int cmd, fds[SCM_MAX_FD], s, ret, i;
	struct cmsghdr *cmsg;
	struct msghdr msg;
	struct iovec iov;

	iov = (struct iovec){ &cmd, sizeof(cmd) };
	msg = (struct msghdr){ NULL, 0, &iov, 1, buf, sizeof(buf), 0 };
	cmsg = CMSG_FIRSTHDR(&msg);

	if (argc != 2) {
		fprintf(stderr, "Usage: %s PATH\n", argv[0]);
		return -1;
	}

	ret = snprintf(a.sun_path, sizeof(a.sun_path), "%s", argv[1]);
	if (ret <= 0 || ret >= (int)sizeof(a.sun_path)) {
		fprintf(stderr, "Invalid socket path: %s\n", argv[1]);
		return -1;
	}

	if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
		perror("Failed to create AF_UNIX socket");
		return -1;
	}

	if (connect(s, (struct sockaddr *)&a, sizeof(a))) {
		fprintf(stderr, "Failed to connect to %s: %s\n", argv[1],
			strerror(errno));
		return -1;
	}

	while (1) {
		int n;

		if (recvmsg(s, &msg, 0) < 0) {
			perror("Failed to receive message");
			return -1;
		}

		if (!cmsg ||
		    cmsg->cmsg_len < CMSG_LEN(sizeof(int)) ||
		    cmsg->cmsg_len > CMSG_LEN(sizeof(int) * SCM_MAX_FD) ||
		    cmsg->cmsg_type != SCM_RIGHTS)
			return -1;

		n = cmsg->cmsg_len / CMSG_LEN(sizeof(int));
		memcpy(fds, CMSG_DATA(cmsg), sizeof(int) * n);

		switch (cmd) {
		case INT_MAX:
			return 0;
		case TCP_REPAIR_ON:
		case TCP_REPAIR_OFF:
		case TCP_REPAIR_OFF_NO_WP:
			for (i = 0; i < n; i++) {
				if (setsockopt(fds[i], SOL_TCP, TCP_REPAIR,
					       &cmd, sizeof(int))) {
					perror("Setting TCP_REPAIR");
					return -1;
				}
			}

			/* Confirm setting by echoing the command back */
			if (send(s, &cmd, sizeof(int), 0) < 0) {
				fprintf(stderr, "Reply to command %i: %s\n",
					cmd, strerror(errno));
				return -1;
			}

			break;
		default:
			fprintf(stderr, "Unsupported command 0x%04x\n", cmd);
			return -1;
		}
	}
}