aboutgitcodebugslistschat
path: root/contrib/selinux/passt.if
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2023-02-14 10:48:23 +1100
committerStefano Brivio <sbrivio@redhat.com>2023-02-14 17:25:14 +0100
commit6ccab72d9b40bcbce21a77c2d61ed1a5080c2289 (patch)
treec8e41f81da4524c0a02004ad77e1ef68523320b0 /contrib/selinux/passt.if
parentdc467d526fa2f2f4589b175c42f77b5977ad5975 (diff)
downloadpasst-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar.gz
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar.bz2
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar.lz
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar.xz
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.tar.zst
passt-6ccab72d9b40bcbce21a77c2d61ed1a5080c2289.zip
tcp: Improve handling of fallback if socket pool is empty on new splice
When creating a new spliced connection, we need to get a socket in the other ns from the originating one. To avoid excessive ns switches we usually get these from a pool refilled on a timer. However, if the pool runs out we need a fallback. Currently that's done by passing -1 as the socket to tcp_splice_connnect() and running it in the target ns. This means that tcp_splice_connect() itself needs to have different cases depending on whether it's given an existing socket or not, which is a separate concern from what it's mostly doing. We change it to require a suitable open socket to be passed in, and ensuring in the caller that we have one. This requires adding the fallback paths to the caller, tcp_splice_new(). We use slightly different approaches for a socket in the init ns versus the guest ns. This also means that we no longer need to run tcp_splice_connect() itself in the guest ns, which allows us to remove a bunch of boilerplate code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'contrib/selinux/passt.if')
0 files changed, 0 insertions, 0 deletions