passt/arch.c

// SPDX-License-Identifier: GPL-2.0-or-later

/* PASST - Plug A Simple Socket Transport
 *  for qemu/UNIX domain socket mode
 *
 * PASTA - Pack A Subtle Tap Abstraction
 *  for network namespace/tap device mode
 *
 * arch.c - Architecture-specific implementations
 *
 * Copyright (c) 2022 Red Hat GmbH
 * Author: Stefano Brivio <sbrivio@redhat.com>
 */

#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include "log.h"
#include "util.h"

/**
 * arch_avx2_exec() - Switch to AVX2 build if supported
 * @argv:	Arguments from command line
 */
#ifdef __x86_64__
void arch_avx2_exec(char **argv)
{
	char exe[PATH_MAX] = { 0 };
	const char *p;

	if (readlink("/proc/self/exe", exe, PATH_MAX - 1) < 0)
		die_perror("Failed to read own /proc/self/exe link");

	p = strstr(exe, ".avx2");
	if (p && strlen(p) == strlen(".avx2"))
		return;

	if (__builtin_cpu_supports("avx2")) {
		char new_path[PATH_MAX + sizeof(".avx2")];

		if (snprintf_check(new_path, PATH_MAX + sizeof(".avx2"),
				   "%s.avx2", exe))
			die_perror("Can't build AVX2 executable path");

		execv(new_path, argv);
		warn_perror("Can't run AVX2 build, using non-AVX2 version");
	}
}
#else
void arch_avx2_exec(char **argv) { (void)argv; }
#endif
passt: Relicense to GPL 2.0, or any later version In practical terms, passt doesn't benefit from the additional protection offered by the AGPL over the GPL, because it's not suitable to be executed over a computer network. Further, restricting the distribution under the version 3 of the GPL wouldn't provide any practical advantage either, as long as the passt codebase is concerned, and might cause unnecessary compatibility dilemmas. Change licensing terms to the GNU General Public License Version 2, or any later version, with written permission from all current and past contributors, namely: myself, David Gibson, Laine Stump, Andrea Bolognani, Paul Holzinger, Richard W.M. Jones, Chris Kuhn, Florian Weimer, Giuseppe Scrivano, Stefan Hajnoczi, and Vasiliy Ulyanov. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2023-04-05 20:11:44 +02:00			`// SPDX-License-Identifier: GPL-2.0-or-later`
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00
			`/* PASST - Plug A Simple Socket Transport`
			`* for qemu/UNIX domain socket mode`
			`*`
			`* PASTA - Pack A Subtle Tap Abstraction`
			`* for network namespace/tap device mode`
			`*`
			`* arch.c - Architecture-specific implementations`
			`*`
			`* Copyright (c) 2022 Red Hat GmbH`
			`* Author: Stefano Brivio <sbrivio@redhat.com>`
			`*/`

			`#include <limits.h>`
			`#include <stdio.h>`
arch, passt: Use executable link to form AVX2 binary path ...instead of argv[0], which might or might not contain a valid path to the executable itself. Instead of mangling argv[0], use the same link to find out if we're already running the AVX2 build where supported. Alternatively, we could use execvpe(), but that might result in running a different installed version, in case e.g. the set of binaries is present in both /usr/bin and /usr/local/bin, with both being in $PATH. Reported-by: Wenli Quan <wquan@redhat.com> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2101310 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-07-13 03:20:45 +02:00			`#include <stdlib.h>`
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00			`#include <string.h>`
			`#include <unistd.h>`

treewide: Replace perror() calls with calls to logging functions perror() prints directly to standard error, but in many cases standard error might be already closed, or we might want to skip logging, based on configuration. Our logging functions provide all that. While at it, make errors more descriptive, replacing some of the existing basic perror-style messages. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-06-15 00:37:11 +02:00			`#include "log.h"`
treewide: Comply with CERT C rule ERR33-C for snprintf() clang-tidy, starting from LLVM version 16, up to at least LLVM version 19, now checks that we detect and handle errors for snprintf() as requested by CERT C rule ERR33-C. These warnings were logged with LLVM version 19.1.2 (at least Debian and Fedora match): /home/sbrivio/passt/arch.c:43:3: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 43 \| snprintf(new_path, PATH_MAX + sizeof(".avx2"), "%s.avx2", exe); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/arch.c:43:3: note: cast the expression to void to silence this warning /home/sbrivio/passt/conf.c:577:4: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 577 \| snprintf(netns, PATH_MAX, "/proc/%ld/ns/net", pidval); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/conf.c:577:4: note: cast the expression to void to silence this warning /home/sbrivio/passt/conf.c:579:5: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 579 \| snprintf(userns, PATH_MAX, "/proc/%ld/ns/user", \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 580 \| pidval); \| ~~~~~~~ /home/sbrivio/passt/conf.c:579:5: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:105:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 105 \| snprintf(ns, PATH_MAX, "/proc/%i/ns/net", pasta_child_pid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:105:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:242:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 242 \| snprintf(uidmap, BUFSIZ, "0 %u 1", uid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:242:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:243:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 243 \| snprintf(gidmap, BUFSIZ, "0 %u 1", gid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:243:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/tap.c:1155:4: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 1155 \| snprintf(path, UNIX_PATH_MAX - 1, UNIX_SOCK_PATH, i); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/tap.c:1155:4: note: cast the expression to void to silence this warning Don't silence the warnings as they might actually have some merit. Add an snprintf_check() function, instead, checking that we're not truncating messages while printing to buffers, and terminate if the check fails. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-10-24 23:25:33 +02:00			`#include "util.h"`
treewide: Replace perror() calls with calls to logging functions perror() prints directly to standard error, but in many cases standard error might be already closed, or we might want to skip logging, based on configuration. Our logging functions provide all that. While at it, make errors more descriptive, replacing some of the existing basic perror-style messages. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-06-15 00:37:11 +02:00
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00			`/**`
arch, passt: Use executable link to form AVX2 binary path ...instead of argv[0], which might or might not contain a valid path to the executable itself. Instead of mangling argv[0], use the same link to find out if we're already running the AVX2 build where supported. Alternatively, we could use execvpe(), but that might result in running a different installed version, in case e.g. the set of binaries is present in both /usr/bin and /usr/local/bin, with both being in $PATH. Reported-by: Wenli Quan <wquan@redhat.com> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2101310 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-07-13 03:20:45 +02:00			`* arch_avx2_exec() - Switch to AVX2 build if supported`
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00			`* @argv: Arguments from command line`
			`*/`
			`#ifdef __x86_64__`
			`void arch_avx2_exec(char **argv)`
			`{`
treewide: Make a bunch of pointer variables pointers to const Sufficiently recent cppcheck (I'm using 2.13.0) seems to have added another warning for pointer variables which could be pointer to const but aren't. Use this to make a bunch of variables const pointers where they previously weren't for no particular reason. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2024-01-15 07:39:43 +01:00			`char exe[PATH_MAX] = { 0 };`
			`const char *p;`
arch, passt: Use executable link to form AVX2 binary path ...instead of argv[0], which might or might not contain a valid path to the executable itself. Instead of mangling argv[0], use the same link to find out if we're already running the AVX2 build where supported. Alternatively, we could use execvpe(), but that might result in running a different installed version, in case e.g. the set of binaries is present in both /usr/bin and /usr/local/bin, with both being in $PATH. Reported-by: Wenli Quan <wquan@redhat.com> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2101310 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-07-13 03:20:45 +02:00
treewide: Replace perror() calls with calls to logging functions perror() prints directly to standard error, but in many cases standard error might be already closed, or we might want to skip logging, based on configuration. Our logging functions provide all that. While at it, make errors more descriptive, replacing some of the existing basic perror-style messages. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-06-15 00:37:11 +02:00			`if (readlink("/proc/self/exe", exe, PATH_MAX - 1) < 0)`
			`die_perror("Failed to read own /proc/self/exe link");`
arch, passt: Use executable link to form AVX2 binary path ...instead of argv[0], which might or might not contain a valid path to the executable itself. Instead of mangling argv[0], use the same link to find out if we're already running the AVX2 build where supported. Alternatively, we could use execvpe(), but that might result in running a different installed version, in case e.g. the set of binaries is present in both /usr/bin and /usr/local/bin, with both being in $PATH. Reported-by: Wenli Quan <wquan@redhat.com> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2101310 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-07-13 03:20:45 +02:00
			`p = strstr(exe, ".avx2");`
			`if (p && strlen(p) == strlen(".avx2"))`
			`return;`
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00
arch, passt: Use executable link to form AVX2 binary path ...instead of argv[0], which might or might not contain a valid path to the executable itself. Instead of mangling argv[0], use the same link to find out if we're already running the AVX2 build where supported. Alternatively, we could use execvpe(), but that might result in running a different installed version, in case e.g. the set of binaries is present in both /usr/bin and /usr/local/bin, with both being in $PATH. Reported-by: Wenli Quan <wquan@redhat.com> Link: https://bugzilla.redhat.com/show_bug.cgi?id=2101310 Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-07-13 03:20:45 +02:00			`if (__builtin_cpu_supports("avx2")) {`
cppcheck: Reduce scope of some variables Minor style improvement suggested by cppcheck. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-09-28 06:33:19 +02:00			`char new_path[PATH_MAX + sizeof(".avx2")];`

treewide: Comply with CERT C rule ERR33-C for snprintf() clang-tidy, starting from LLVM version 16, up to at least LLVM version 19, now checks that we detect and handle errors for snprintf() as requested by CERT C rule ERR33-C. These warnings were logged with LLVM version 19.1.2 (at least Debian and Fedora match): /home/sbrivio/passt/arch.c:43:3: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 43 \| snprintf(new_path, PATH_MAX + sizeof(".avx2"), "%s.avx2", exe); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/arch.c:43:3: note: cast the expression to void to silence this warning /home/sbrivio/passt/conf.c:577:4: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 577 \| snprintf(netns, PATH_MAX, "/proc/%ld/ns/net", pidval); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/conf.c:577:4: note: cast the expression to void to silence this warning /home/sbrivio/passt/conf.c:579:5: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 579 \| snprintf(userns, PATH_MAX, "/proc/%ld/ns/user", \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 580 \| pidval); \| ~~~~~~~ /home/sbrivio/passt/conf.c:579:5: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:105:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 105 \| snprintf(ns, PATH_MAX, "/proc/%i/ns/net", pasta_child_pid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:105:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:242:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 242 \| snprintf(uidmap, BUFSIZ, "0 %u 1", uid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:242:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/pasta.c:243:2: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 243 \| snprintf(gidmap, BUFSIZ, "0 %u 1", gid); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/pasta.c:243:2: note: cast the expression to void to silence this warning /home/sbrivio/passt/tap.c:1155:4: error: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c,-warnings-as-errors] 1155 \| snprintf(path, UNIX_PATH_MAX - 1, UNIX_SOCK_PATH, i); \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /home/sbrivio/passt/tap.c:1155:4: note: cast the expression to void to silence this warning Don't silence the warnings as they might actually have some merit. Add an snprintf_check() function, instead, checking that we're not truncating messages while printing to buffers, and terminate if the check fails. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-10-24 23:25:33 +02:00			`if (snprintf_check(new_path, PATH_MAX + sizeof(".avx2"),`
			`"%s.avx2", exe))`
			`die_perror("Can't build AVX2 executable path");`

arch: Avoid explicit access to 'environ' We pass 'environ' to execve() in arch_avc2_exec(), so that we retain the environment in the current process. But the declaration of 'environ' is a bit weird - it doesn't seem to be in a standard header, requiring a manual explicit declaration. But, we can avoid needing to reference it explicitly by using execv() instead of execve(). This removes a clang warning. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2024-11-06 00:25:20 +01:00			`execv(new_path, argv);`
treewide: Replace perror() calls with calls to logging functions perror() prints directly to standard error, but in many cases standard error might be already closed, or we might want to skip logging, based on configuration. Our logging functions provide all that. While at it, make errors more descriptive, replacing some of the existing basic perror-style messages. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> 2024-06-15 00:37:11 +02:00			`warn_perror("Can't run AVX2 build, using non-AVX2 version");`
passt, pasta: Run-time selection of AVX2 build Build-time selection of AVX2 flags and routines is not practical for distributions, but limiting AVX2 usage to checksum routines with specific run-time detection doesn't allow for easy performance gains from auto-vectorisation of batched packet handling routines. For x86_64, build non-AVX2 and AVX2 binaries, and implement a simple wrapper replacing the current executable with the AVX2 build if it's available, and if AVX2 is supported by the current CPU. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> 2022-02-28 16:18:44 +01:00			`}`
			`}`
			`#else`
			`void arch_avx2_exec(char **argv) { (void)argv; }`
			`#endif`