aboutgitcodebugslistschat
Commit message (Collapse)AuthorAgeFilesLines
* seccomp: Add newfstatat to list of allowed syscallsStefano Brivio2021-10-211-1/+1
| | | | | | | ...it looks like, on a recent Fedora installation, daemon() uses it. Reported-by: Giuseppe Scrivano <gscrivan@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* netlink: Fix length of address attributeStefano Brivio2021-10-211-2/+2
| | | | | | | | ...I broke this while playing with clang-tidy, and didn't add tests for pasta's --config-net yet. Reported-by: Giuseppe Scrivano <gscrivan@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Fork into background also if not running from a terminalStefano Brivio2021-10-212-2/+2
| | | | | | | | | This is actually annoying: there's no way to make it fork into background when running from a script. However, it's always possible to keep it in foreground with -f. Make it simpler, and always fork into background if -f is not given. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/two_guests: Fix sleep command for DADStefano Brivio2021-10-211-1/+2
| | | | | | | | | An inline comment prefixed by a space doesn't mean the space is dropped, and sleep(1) will get a blank in its argument. Move the comment on its own line. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/two_guests: Let the guests end DAD before starting the DHCPv6 clientStefano Brivio2021-10-211-0/+1
| | | | | | | They'll start DAD as we bring up the interface, and the DHCPv6 client might be unreasonably delayed if we start it too early. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tcp: Restore source address to network endianness before using it for hash tableStefano Brivio2021-10-211-2/+3
| | | | | | | | | This was actually fine "on the wire", but it's inconsistent with the way we hash other addresses/protocols and also ends up with a wrong endianness in captures in case we replace the address with our default gateway. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* pcap: Fix failure check on write() in pcapm()Stefano Brivio2021-10-211-1/+2
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* ndp: Don't send a DNS search list if we don't have a list of DNS serversStefano Brivio2021-10-211-2/+3
| | | | | | | This is not explicitly forbidden, but it confuses the ISC's DHCP client, and doesn't make sense anyway. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* ndp: Don't sabotage DAD by replying to probing neighbour solicitationStefano Brivio2021-10-211-0/+3
| | | | | | | If the solicitation comes from ::, it's the guest performing duplicate address detection -- don't answer that. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* ndp: Set (ICMP) hop limit to 255 in router advertisementStefano Brivio2021-10-211-0/+1
| | | | | | | | Found while re-reading this part, zero works as well, but a host might legitimately refuse a value that's below a given threshold. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* qrap: Silence bogus clang-tidy bugprone-suspicious-missing-comma warningStefano Brivio2021-10-211-1/+1
| | | | | | | This is actually a concatenation -- mark it with an extra pair of parentheses. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* Makefile: cppcheck target: Suppress unmatchedSuppression, pass CFLAGSStefano Brivio2021-10-212-4/+17
| | | | | | | | | | Some of those warnings don't trigger even on systems with very similar toolchains, suppress unmatchedSuppression warnings, they're basically useless. While at it, pass CFLAGS to cppcheck. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Add cppcheck target, test, and address resulting warningsStefano Brivio2021-10-2117-118/+159
| | | | | | | ...mostly false positives, but a number of very relevant ones too, in tcp_get_sndbuf(), tcp_conn_from_tap(), and siphash PREAMBLE(). Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/perf: Actually load passt enough to test UDP performanceStefano Brivio2021-10-213-31/+34
| | | | | | | | | With recent improvements, we're not CPU-bound at all while testing UDP performance. Give the VM more memory and CPUs, forward two additional ports, start up to four threads in parallel, and give single iperf3 threads higher bandwidth targets. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/lib/test: Wait a bit longer before terminating iperf3 processesStefano Brivio2021-10-211-3/+3
| | | | | | | Sometimes tests run a few seconds longer than expected, wait a few more seconds. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* udp: Avoid static initialiser for udp{4,6}_l2_bufStefano Brivio2021-10-211-18/+23
| | | | | | With the new UDP_TAP_FRAMES value, the binary size grows considerably. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* udp: Fix maximum payload size calculation for IPv4 buffers, bump UDP_TAP_FRAMESStefano Brivio2021-10-211-2/+3
| | | | | | | | The issue with a higher UDP_TAP_FRAMES was actually coming from a payload size the guest couldn't digest. Fix that, and bump UDP_TAP_FRAMES back to 128. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Fix build with gcc 7, use std=c99, enable some more Clang checkersStefano Brivio2021-10-2124-279/+295
| | | | | | | | | | | | | | Unions and structs, you all have names now. Take the chance to enable bugprone-reserved-identifier, cert-dcl37-c, and cert-dcl51-cpp checkers in clang-tidy. Provide a ffsl() weak declaration using gcc built-in. Start reordering includes, but that's not enough for the llvm-include-order checker yet. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/perf: Try sourcing maximum scaling frequency from cpufreqStefano Brivio2021-10-214-4/+14
| | | | | | | On most recent CPUs, that's a better indication of all-core turbo frequency, or non-turbo frequency, than /proc/cpuinfo. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* seccomp.sh: Handle missing ausyscall(8) or unknown syscall numberStefano Brivio2021-10-211-3/+26
| | | | | | | ...try sourcing it with the compiler from <sys/syscalls.h> before giving up. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* Makefile, tcp: Don't try to use tcpi_snd_wnd from tcp_info on pre-5.3 kernelsStefano Brivio2021-10-213-1/+15
| | | | | | | Detect missing tcpi_snd_wnd in struct tcp_info at build time, otherwise build fails with a pre-5.3 linux/tcp.h header. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* util: Go to next non-empty line, skip newlines in line_read()Stefano Brivio2021-10-201-1/+5
| | | | | | | Otherwise, we'll stop returning lines at the first empty line in a file -- this is not expected in case of e.g. /etc/resolv.conf. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* ndp, dhcpv6, tcp, udp: Always use link-local as source if gateway isn'tStefano Brivio2021-10-204-5/+28
| | | | | | | | | | | | This shouldn't happen on any sane configuration, but I just met an example of that: the default IPv6 gateway on the host is configured with a global unicast address, we use that as source for RA, DHCPv6 replies, and the guest ignores it. Same later on if we talk TCP or UDP and the guest has no idea where that address comes from. Use our link-local address in case the gateway address is global. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Add clang-tidy Makefile target and test, take care of warningsStefano Brivio2021-10-2014-73/+172
| | | | | | | Most are just about style and form, but a few were actually serious mistakes (NDP-related). Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/demo: Don't wait for # after pasta is started by perf reportStefano Brivio2021-10-202-2/+2
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* README: .. doesn't actually work for comments in MarkdownStefano Brivio2021-10-201-3/+5
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* conf: Always pass an empty buffer to line_read() in get_dns()Stefano Brivio2021-10-201-2/+1
| | | | | | | Given that get_dns() touches the buffer read by line_read(), we can't optimise that by passing the existing buffer. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Address warnings from Clang's scan-buildStefano Brivio2021-10-204-38/+53
| | | | | | All false positives so far. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Address gcc 11 warningsStefano Brivio2021-10-207-33/+91
| | | | | | | | | A mix of unchecked return values, a missing permission mask for open(2) with O_CREAT, and some false positives from -Wstringop-overflow and -Wmaybe-uninitialized. Reported-by: Martin Hauke <mardnh@gmx.de> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* LICENSES: Add license text files, add missing notices, fix SPDX tagsStefano Brivio2021-10-2032-5/+837
| | | | | | | | | | SPDX tags don't replace license files. Some notices were missing and some tags were not according to the SPDX specification, too. Now reuse --lint from the REUSE tool (https://reuse.software/) passes. Reported-by: Martin Hauke <mardnh@gmx.de> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* Makefile: Install man pages to /usr/share/man instead of /usr/manStefano Brivio2021-10-202-11/+11
| | | | | Reported-by: Martin Hauke <mardnh@gmx.de> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* Makefile: Prefix installation paths with $(DESTDIR)Stefano Brivio2021-10-191-9/+9
| | | | | | | | | Martin reports that DESTDIR is ignored in install/uninstall targets, see also: https://www.gnu.org/prep/standards/html_node/DESTDIR.html Reported-by: Martin Hauke <mardnh@gmx.de> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* perf/passt_udp: Don't overshoot UDP bandwidth excessively on larger MTUsStefano Brivio2021-10-191-2/+2
| | | | | | | ...performance with 64KiB MTUs might look worse than with 9000bytes on some configurations. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* perf/passt_tcp: Don't exceed typical L3 cache sizes with buffersStefano Brivio2021-10-191-8/+8
| | | | | | ...we might see misleading rate drops with larger MTUs otherwise. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* test/perf: Use CPU frequency from /proc/cpuinfo instead of cpupower(1)Stefano Brivio2021-10-194-8/+8
| | | | | | Get it to work also in nested virtualisation environments. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tcp: Fix for non-blocking splice() on older kernelsStefano Brivio2021-10-191-2/+2
| | | | | | | | For some reason, on 4.19, splice() doesn't honour SOCK_NONBLOCK from accept4() while reading from a TCP socket. Pass SPLICE_F_NONBLOCK explicitly in all cases. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tcp: Fix ACK reporting on older kernels (no tcp.kernel_snd_wnd case)Stefano Brivio2021-10-191-3/+4
| | | | | | | | If the window isn't updated on !c->tcp.kernel_snd_wnd, we still have to send ACKs if the ACK sequence was updated, or if an error occurred while querying TCP_INFO. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* netlink: NETLINK_GET_STRICT_CHK is not available on older kernelsStefano Brivio2021-10-191-3/+6
| | | | | | | For example on 4.19. Don't fail if we can't set it, filter on interface index in nl_addr(). Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Include linux/seccomp.h and linux/audit.h instead of seccomp.hStefano Brivio2021-10-191-1/+2
| | | | | | | We don't use libseccomp. Reported-by: Martin Hauke <mardnh@gmx.de> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* netlink, conf: Actually get prefix/mask lengthStefano Brivio2021-10-194-10/+24
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tcp: Arm tcp_data_noack on insufficient window too, don't reset if ACK ↵Stefano Brivio2021-10-161-2/+4
| | | | | | | | | | doesn't match ...and while at it, reverse the operands in the window equality comparison to detect the need for fast re-transmit: it's easier to read this way. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Add clock_gettime to list of allowed syscallsStefano Brivio2021-10-161-0/+1
| | | | | | | ...depending on the system clock source, glibc might use it to fetch the wall time. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Static builds: don't redefine __vsyslog(), skip getpwnam() and ↵Stefano Brivio2021-10-165-12/+21
| | | | | | initgroups() Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* util, pasta: Don't read() and lseek() every single line in read_line()Stefano Brivio2021-10-162-5/+24
| | | | | | | ...periodically checking bound ports becomes quite expensive otherwise. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* udp: drop bogus udp_tap_map ts assignmentStefan Hajnoczi2021-10-151-1/+0
| | | | | | | | | | | | | | | | | | The 'ts' field is a timestamp so assigning the socket file descriptor is incorrect. There is no actual bug because the current time is assigned just a few lines later: udp_tap_map[V4][src].sock = s; udp_tap_map[V4][src].ts = s; ^^^^^^^^^^^ bogus ^^^^^^^^^^ bitmap_set(udp_act[V4][UDP_ACT_TAP], src); } udp_tap_map[V4][src].ts = now->tv_sec; ^^^^^^^^^^^^^^^ correct ^^^^^^^^^^^^^^ Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* demo/pasta: Swap init>ns and ns>init flowsStefano Brivio2021-10-151-24/+24
| | | | | | ...make those short performance tests actually match table headers. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* util: Don't duplicate debug messages, they're already on stderrStefano Brivio2021-10-151-4/+4
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tcp: ...and so I got a socket called zeroStefano Brivio2021-10-151-35/+44
| | | | | | | | I thought I'd get away with it, but no, after some clean-ups, I finally got a socket with number 0. Fix up all the convenient, yet botched assumptions. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* passt: Check if a PID file was actually requested before creating itStefano Brivio2021-10-151-1/+1
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* util: Define ROUND_UP()Stefano Brivio2021-10-151-0/+2
| | | | | | | ...not actually used, just for completeness, as ROUND_DOWN() is defined. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>