diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2025-12-02 15:02:02 +1100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2025-12-02 23:06:25 +0100 |
| commit | 0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8 (patch) | |
| tree | e5d40018194664a96dd6d1198f5df886afea5784 | |
| parent | 10e850a8602b44ef110f5504062f49dbe0cb2e77 (diff) | |
| download | passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar.gz passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar.bz2 passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar.lz passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar.xz passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.tar.zst passt-0ae7b8c21bdb6130686f6c8aead3e8ab4c0921c8.zip | |
util: Extend sock_probe_mem() to sock_probe_features()
sock_probe_mem() currently checks whether we're able to allocate large
socket buffers. Extend it to also check whether the SO_BINDTODEVICE
socket option is available. Rename to sock_probe_features() to reflect the
new functionality.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
[sbrivio: Add whitespace around "-" in sock_probe_features()]
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | passt.c | 2 | ||||
| -rw-r--r-- | passt.h | 2 | ||||
| -rw-r--r-- | util.c | 19 | ||||
| -rw-r--r-- | util.h | 2 |
4 files changed, 21 insertions, 4 deletions
@@ -381,7 +381,7 @@ int main(int argc, char **argv) if (setrlimit(RLIMIT_NOFILE, &limit)) die_perror("Failed to set current limit for open files"); - sock_probe_mem(&c); + sock_probe_features(&c); conf(&c, argc, argv); trace_init(c.trace); @@ -204,6 +204,7 @@ struct ip6_ctx { * @freebind: Allow binding of non-local addresses for forwarding * @low_wmem: Low probed net.core.wmem_max * @low_rmem: Low probed net.core.rmem_max + * @no_bindtodevice: Unprivileged SO_BINDTODEVICE not available * @vdev: vhost-user device * @device_state_fd: Device state migration channel * @device_state_result: Device state migration result @@ -281,6 +282,7 @@ struct ctx { int low_wmem; int low_rmem; + int no_bindtodevice; struct vu_dev *vdev; @@ -233,12 +233,13 @@ int sock_unix(char *sock_path) } /** - * sock_probe_mem() - Check if setting high SO_SNDBUF and SO_RCVBUF is allowed + * sock_probe_features() - Probe for socket features we might use * @c: Execution context */ -void sock_probe_mem(struct ctx *c) +void sock_probe_features(struct ctx *c) { int v = INT_MAX / 2, s; + const char lo[] = "lo"; socklen_t sl; s = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, IPPROTO_TCP); @@ -247,6 +248,7 @@ void sock_probe_mem(struct ctx *c) return; } + /* Check if setting high SO_SNDBUF and SO_RCVBUF is allowed */ sl = sizeof(v); if (setsockopt(s, SOL_SOCKET, SO_SNDBUF, &v, sizeof(v)) || getsockopt(s, SOL_SOCKET, SO_SNDBUF, &v, &sl) || @@ -259,6 +261,19 @@ void sock_probe_mem(struct ctx *c) (size_t)v < RCVBUF_BIG) c->low_rmem = 1; + /* Check if SO_BINDTODEVICE is available + * + * Supported since kernel version 5.7, commit c427bfec18f2 ("net: core: + * enable SO_BINDTODEVICE for non-root users"). Some distro kernels may + * have backports, of course. Record whether we can use it so that we + * can give more useful diagnostics. + */ + if (setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, lo, sizeof(lo) - 1)) { + if (errno != EPERM) + warn_perror("Unexpected error probing SO_BINDTODEVICE"); + c->no_bindtodevice = 1; + } + close(s); } @@ -211,7 +211,7 @@ int sock_l4_sa(const struct ctx *c, enum epoll_type type, const void *sa, socklen_t sl, const char *ifname, bool v6only); int sock_unix(char *sock_path); -void sock_probe_mem(struct ctx *c); +void sock_probe_features(struct ctx *c); long timespec_diff_ms(const struct timespec *a, const struct timespec *b); int64_t timespec_diff_us(const struct timespec *a, const struct timespec *b); void bitmap_set(uint8_t *map, unsigned bit); |