passt: Relicense to GPL 2.0, or any later version
In practical terms, passt doesn't benefit from the additional
protection offered by the AGPL over the GPL, because it's not
suitable to be executed over a computer network.
Further, restricting the distribution under the version 3 of the GPL
wouldn't provide any practical advantage either, as long as the passt
codebase is concerned, and might cause unnecessary compatibility
dilemmas.
Change licensing terms to the GNU General Public License Version 2,
or any later version, with written permission from all current and
past contributors, namely: myself, David Gibson, Laine Stump, Andrea
Bolognani, Paul Holzinger, Richard W.M. Jones, Chris Kuhn, Florian
Weimer, Giuseppe Scrivano, Stefan Hajnoczi, and Vasiliy Ulyanov.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-04-05 20:11:44 +02:00
|
|
|
# SPDX-License-Identifier: GPL-2.0-or-later
|
2021-10-19 12:43:28 +02:00
|
|
|
#
|
|
|
|
# PASST - Plug A Simple Socket Transport
|
|
|
|
# for qemu/UNIX domain socket mode
|
|
|
|
#
|
|
|
|
# PASTA - Pack A Subtle Tap Abstraction
|
|
|
|
# for network namespace/tap device mode
|
|
|
|
#
|
|
|
|
# Copyright (c) 2021 Red Hat GmbH
|
|
|
|
# Author: Stefano Brivio <sbrivio@redhat.com>
|
|
|
|
|
2022-10-10 10:35:47 +02:00
|
|
|
VERSION ?= $(shell git describe --tags HEAD 2>/dev/null || echo "unknown\ version")
|
|
|
|
|
2022-11-17 16:59:06 +11:00
|
|
|
# Does the target platform allow IPv4 connections to be handled via
|
|
|
|
# the IPv6 socket API? (Linux does)
|
|
|
|
DUAL_STACK_SOCKETS := 1
|
|
|
|
|
2022-01-25 19:07:05 +01:00
|
|
|
RLIMIT_STACK_VAL := $(shell /bin/sh -c 'ulimit -s')
|
|
|
|
ifeq ($(RLIMIT_STACK_VAL),unlimited)
|
|
|
|
RLIMIT_STACK_VAL := 1024
|
|
|
|
endif
|
|
|
|
|
2023-03-15 10:08:47 +01:00
|
|
|
TARGET ?= $(shell $(CC) -dumpmachine)
|
2022-02-28 16:18:44 +01:00
|
|
|
# Get 'uname -m'-like architecture description for target
|
2022-09-26 20:43:45 +10:00
|
|
|
TARGET_ARCH := $(shell echo $(TARGET) | cut -f1 -d- | tr [A-Z] [a-z])
|
2022-09-23 11:56:30 +02:00
|
|
|
TARGET_ARCH := $(shell echo $(TARGET_ARCH) | sed 's/powerpc/ppc/')
|
2022-02-28 16:18:44 +01:00
|
|
|
|
2022-09-23 11:56:30 +02:00
|
|
|
AUDIT_ARCH := $(shell echo $(TARGET_ARCH) | tr [a-z] [A-Z] | sed 's/^ARM.*/ARM/')
|
2022-01-25 19:07:05 +01:00
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/I[456]86/I386/')
|
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/PPC64/PPC/')
|
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/PPCLE/PPC64LE/')
|
2022-11-13 01:45:17 +01:00
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/MIPS64EL/MIPSEL64/')
|
2022-11-13 01:51:38 +01:00
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/HPPA/PARISC/')
|
2023-02-28 00:54:56 +01:00
|
|
|
AUDIT_ARCH := $(shell echo $(AUDIT_ARCH) | sed 's/SH4/SH/')
|
2022-01-25 19:07:05 +01:00
|
|
|
|
2024-08-29 16:16:03 +02:00
|
|
|
# On some systems enabling optimization also enables source fortification,
|
|
|
|
# automagically. Do not override it.
|
|
|
|
FORTIFY_FLAG :=
|
|
|
|
ifeq ($(shell $(CC) -O2 -dM -E - < /dev/null 2>&1 | grep ' _FORTIFY_SOURCE ' > /dev/null; echo $$?),1)
|
|
|
|
FORTIFY_FLAG := -D_FORTIFY_SOURCE=2
|
|
|
|
endif
|
|
|
|
|
2023-10-13 15:50:29 +11:00
|
|
|
FLAGS := -Wall -Wextra -Wno-format-zero-length
|
|
|
|
FLAGS += -pedantic -std=c11 -D_XOPEN_SOURCE=700 -D_GNU_SOURCE
|
2024-08-29 16:16:03 +02:00
|
|
|
FLAGS += $(FORTIFY_FLAG) -O2 -pie -fPIE
|
Makefile: Allow define overrides by prepending, not appending, CFLAGS
If we append CFLAGS to the ones passed via command line (if any),
-D options we append will override -D options passed on command line
(if any).
For example, OpenSUSE build flags include -D_FORTIFY_SOURCE=3, and we
want to have -D_FORTIFY_SOURCE=2, if and only if not overridden. The
current behaviour implies we redefine _FORTIFY_SOURCE as 2, though.
Instead of appending CFLAGS, prepend them by adding all the default
build flags to another variable, a simply expanded one (defined with
:=), named FLAGS, and pass that *before* CFLAGS in targets, so that
defines from command line can override default flags.
Reported-by: Dario Faggioli <dfaggioli@suse.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Dario Faggioli <dfaggioli@suse.com>
2022-09-14 15:34:28 +02:00
|
|
|
FLAGS += -DPAGE_SIZE=$(shell getconf PAGE_SIZE)
|
|
|
|
FLAGS += -DNETNS_RUN_DIR=\"/run/netns\"
|
|
|
|
FLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH)
|
|
|
|
FLAGS += -DRLIMIT_STACK_VAL=$(RLIMIT_STACK_VAL)
|
|
|
|
FLAGS += -DARCH=\"$(TARGET_ARCH)\"
|
2022-10-10 10:35:47 +02:00
|
|
|
FLAGS += -DVERSION=\"$(VERSION)\"
|
2022-11-17 16:59:06 +11:00
|
|
|
FLAGS += -DDUAL_STACK_SOCKETS=$(DUAL_STACK_SOCKETS)
|
2020-07-13 22:55:46 +02:00
|
|
|
|
2024-02-28 22:25:20 +11:00
|
|
|
PASST_SRCS = arch.c arp.c checksum.c conf.c dhcp.c dhcpv6.c flow.c fwd.c \
|
2024-03-06 16:58:33 +11:00
|
|
|
icmp.c igmp.c inany.c iov.c ip.c isolation.c lineread.c log.c mld.c \
|
|
|
|
ndp.c netlink.c packet.c passt.c pasta.c pcap.c pif.c tap.c tcp.c \
|
2024-08-02 18:10:36 +02:00
|
|
|
tcp_buf.c tcp_splice.c udp.c udp_flow.c util.c
|
2022-06-14 15:12:21 +10:00
|
|
|
QRAP_SRCS = qrap.c
|
|
|
|
SRCS = $(PASST_SRCS) $(QRAP_SRCS)
|
|
|
|
|
2022-06-14 15:12:22 +10:00
|
|
|
MANPAGES = passt.1 pasta.1 qrap.1
|
|
|
|
|
2024-02-28 22:25:20 +11:00
|
|
|
PASST_HEADERS = arch.h arp.h checksum.h conf.h dhcp.h dhcpv6.h flow.h fwd.h \
|
2024-02-29 15:15:32 +11:00
|
|
|
flow_table.h icmp.h icmp_flow.h inany.h iov.h ip.h isolation.h \
|
|
|
|
lineread.h log.h ndp.h netlink.h packet.h passt.h pasta.h pcap.h pif.h \
|
2024-06-13 14:36:49 +02:00
|
|
|
siphash.h tap.h tcp.h tcp_buf.h tcp_conn.h tcp_internal.h tcp_splice.h \
|
2024-07-18 15:26:46 +10:00
|
|
|
udp.h udp_flow.h util.h
|
2022-09-14 15:49:32 +02:00
|
|
|
HEADERS = $(PASST_HEADERS) seccomp.h
|
2022-06-14 15:12:21 +10:00
|
|
|
|
2022-01-25 19:55:54 +01:00
|
|
|
C := \#include <sys/random.h>\nint main(){int a=getrandom(0, 0, 0);}
|
|
|
|
ifeq ($(shell printf "$(C)" | $(CC) -S -xc - -o - >/dev/null 2>&1; echo $$?),0)
|
Makefile: Allow define overrides by prepending, not appending, CFLAGS
If we append CFLAGS to the ones passed via command line (if any),
-D options we append will override -D options passed on command line
(if any).
For example, OpenSUSE build flags include -D_FORTIFY_SOURCE=3, and we
want to have -D_FORTIFY_SOURCE=2, if and only if not overridden. The
current behaviour implies we redefine _FORTIFY_SOURCE as 2, though.
Instead of appending CFLAGS, prepend them by adding all the default
build flags to another variable, a simply expanded one (defined with
:=), named FLAGS, and pass that *before* CFLAGS in targets, so that
defines from command line can override default flags.
Reported-by: Dario Faggioli <dfaggioli@suse.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Dario Faggioli <dfaggioli@suse.com>
2022-09-14 15:34:28 +02:00
|
|
|
FLAGS += -DHAS_GETRANDOM
|
2022-01-25 19:55:54 +01:00
|
|
|
endif
|
|
|
|
|
2022-06-14 15:12:25 +10:00
|
|
|
ifeq ($(shell :|$(CC) -fstack-protector-strong -S -xc - -o - >/dev/null 2>&1; echo $$?),0)
|
Makefile: Allow define overrides by prepending, not appending, CFLAGS
If we append CFLAGS to the ones passed via command line (if any),
-D options we append will override -D options passed on command line
(if any).
For example, OpenSUSE build flags include -D_FORTIFY_SOURCE=3, and we
want to have -D_FORTIFY_SOURCE=2, if and only if not overridden. The
current behaviour implies we redefine _FORTIFY_SOURCE as 2, though.
Instead of appending CFLAGS, prepend them by adding all the default
build flags to another variable, a simply expanded one (defined with
:=), named FLAGS, and pass that *before* CFLAGS in targets, so that
defines from command line can override default flags.
Reported-by: Dario Faggioli <dfaggioli@suse.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Dario Faggioli <dfaggioli@suse.com>
2022-09-14 15:34:28 +02:00
|
|
|
FLAGS += -fstack-protector-strong
|
2022-03-15 18:14:53 +01:00
|
|
|
endif
|
|
|
|
|
2023-02-03 16:09:34 +01:00
|
|
|
C := \#define _GNU_SOURCE\n\#include <fcntl.h>\nint x = FALLOC_FL_COLLAPSE_RANGE;
|
2022-10-06 14:51:04 +02:00
|
|
|
ifeq ($(shell printf "$(C)" | $(CC) -S -xc - -o - >/dev/null 2>&1; echo $$?),0)
|
|
|
|
EXTRA_SYSCALLS += fallocate
|
|
|
|
endif
|
|
|
|
|
2022-08-21 11:23:54 +02:00
|
|
|
prefix ?= /usr/local
|
|
|
|
exec_prefix ?= $(prefix)
|
|
|
|
bindir ?= $(exec_prefix)/bin
|
|
|
|
datarootdir ?= $(prefix)/share
|
|
|
|
docdir ?= $(datarootdir)/doc/passt
|
|
|
|
mandir ?= $(datarootdir)/man
|
|
|
|
man1dir ?= $(mandir)/man1
|
2021-08-19 20:23:04 +02:00
|
|
|
|
2022-09-23 11:56:30 +02:00
|
|
|
ifeq ($(TARGET_ARCH),x86_64)
|
2022-02-28 16:18:44 +01:00
|
|
|
BIN := passt passt.avx2 pasta pasta.avx2 qrap
|
|
|
|
else
|
|
|
|
BIN := passt pasta qrap
|
|
|
|
endif
|
2021-07-26 07:18:50 +02:00
|
|
|
|
2023-07-10 06:33:44 +02:00
|
|
|
all: $(BIN) $(MANPAGES) docs
|
2022-06-14 15:12:22 +10:00
|
|
|
|
Makefile: Allow define overrides by prepending, not appending, CFLAGS
If we append CFLAGS to the ones passed via command line (if any),
-D options we append will override -D options passed on command line
(if any).
For example, OpenSUSE build flags include -D_FORTIFY_SOURCE=3, and we
want to have -D_FORTIFY_SOURCE=2, if and only if not overridden. The
current behaviour implies we redefine _FORTIFY_SOURCE as 2, though.
Instead of appending CFLAGS, prepend them by adding all the default
build flags to another variable, a simply expanded one (defined with
:=), named FLAGS, and pass that *before* CFLAGS in targets, so that
defines from command line can override default flags.
Reported-by: Dario Faggioli <dfaggioli@suse.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Dario Faggioli <dfaggioli@suse.com>
2022-09-14 15:34:28 +02:00
|
|
|
static: FLAGS += -static -DGLIBC_NO_STATIC_NSS
|
2023-07-10 06:33:44 +02:00
|
|
|
static: clean all
|
2021-07-26 07:18:50 +02:00
|
|
|
|
2022-09-28 14:33:33 +10:00
|
|
|
seccomp.h: seccomp.sh $(PASST_SRCS) $(PASST_HEADERS)
|
2023-02-28 00:53:01 +01:00
|
|
|
@ EXTRA_SYSCALLS="$(EXTRA_SYSCALLS)" ARCH="$(TARGET_ARCH)" CC="$(CC)" ./seccomp.sh $(PASST_SRCS) $(PASST_HEADERS)
|
2021-10-13 22:25:03 +02:00
|
|
|
|
2023-07-10 06:33:44 +02:00
|
|
|
passt: $(PASST_SRCS) $(HEADERS)
|
|
|
|
$(CC) $(FLAGS) $(CFLAGS) $(CPPFLAGS) $(PASST_SRCS) -o passt $(LDFLAGS)
|
2020-07-13 22:55:46 +02:00
|
|
|
|
2023-07-10 06:33:44 +02:00
|
|
|
passt.avx2: FLAGS += -Ofast -mavx2 -ftree-vectorize -funroll-loops
|
|
|
|
passt.avx2: $(PASST_SRCS) $(HEADERS)
|
|
|
|
$(CC) $(filter-out -O2,$(FLAGS)) $(CFLAGS) $(CPPFLAGS) \
|
|
|
|
$(PASST_SRCS) -o passt.avx2 $(LDFLAGS)
|
2022-02-28 16:18:44 +01:00
|
|
|
|
2023-07-10 06:33:44 +02:00
|
|
|
passt.avx2: passt
|
2022-02-28 16:18:44 +01:00
|
|
|
|
2022-06-14 15:12:23 +10:00
|
|
|
pasta.avx2 pasta.1 pasta: pasta%: passt%
|
2022-11-17 18:49:32 +00:00
|
|
|
ln -sf $< $@
|
passt: Add PASTA mode, major rework
PASTA (Pack A Subtle Tap Abstraction) provides quasi-native host
connectivity to an otherwise disconnected, unprivileged network
and user namespace, similarly to slirp4netns. Given that the
implementation is largely overlapping with PASST, no separate binary
is built: 'pasta' (and 'passt4netns' for clarity) both link to
'passt', and the mode of operation is selected depending on how the
binary is invoked. Usage example:
$ unshare -rUn
# echo $$
1871759
$ ./pasta 1871759 # From another terminal
# udhcpc -i pasta0 2>/dev/null
# ping -c1 pasta.pizza
PING pasta.pizza (64.190.62.111) 56(84) bytes of data.
64 bytes from 64.190.62.111 (64.190.62.111): icmp_seq=1 ttl=255 time=34.6 ms
--- pasta.pizza ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 34.575/34.575/34.575/0.000 ms
# ping -c1 spaghetti.pizza
PING spaghetti.pizza(2606:4700:3034::6815:147a (2606:4700:3034::6815:147a)) 56 data bytes
64 bytes from 2606:4700:3034::6815:147a (2606:4700:3034::6815:147a): icmp_seq=1 ttl=255 time=29.0 ms
--- spaghetti.pizza ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 28.967/28.967/28.967/0.000 ms
This entails a major rework, especially with regard to the storage of
tracked connections and to the semantics of epoll(7) references.
Indexing TCP and UDP bindings merely by socket proved to be
inflexible and unsuitable to handle different connection flows: pasta
also provides Layer-2 to Layer-2 socket mapping between init and a
separate namespace for local connections, using a pair of splice()
system calls for TCP, and a recvmmsg()/sendmmsg() pair for UDP local
bindings. For instance, building on the previous example:
# ip link set dev lo up
# iperf3 -s
$ iperf3 -c ::1 -Z -w 32M -l 1024k -P2 | tail -n4
[SUM] 0.00-10.00 sec 52.3 GBytes 44.9 Gbits/sec 283 sender
[SUM] 0.00-10.43 sec 52.3 GBytes 43.1 Gbits/sec receiver
iperf Done.
epoll(7) references now include a generic part in order to
demultiplex data to the relevant protocol handler, using 24
bits for the socket number, and an opaque portion reserved for
usage by the single protocol handlers, in order to track sockets
back to corresponding connections and bindings.
A number of fixes pertaining to TCP state machine and congestion
window handling are also included here.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2021-07-17 08:34:53 +02:00
|
|
|
|
2023-07-10 06:33:44 +02:00
|
|
|
qrap: $(QRAP_SRCS) passt.h
|
|
|
|
$(CC) $(FLAGS) $(CFLAGS) $(CPPFLAGS) $(QRAP_SRCS) -o qrap $(LDFLAGS)
|
2020-07-18 01:02:39 +02:00
|
|
|
|
2022-10-06 14:51:04 +02:00
|
|
|
valgrind: EXTRA_SYSCALLS += rt_sigprocmask rt_sigtimedwait rt_sigaction \
|
2024-07-18 15:26:49 +10:00
|
|
|
rt_sigreturn getpid gettid kill clock_gettime mmap \
|
treewide: Allow additional system calls for i386/i686
I haven't tested i386 for a long time (after playing with some
openSUSE i586 image a couple of years ago). It turns out that a number
of system calls we actually need were denied by the seccomp filter,
and not even basic functionality works.
Add some system calls that glibc started using with the 64-bit time
("t64") transition, see also:
https://wiki.debian.org/ReleaseGoals/64bit-time
that is: clock_gettime64, timerfd_gettime64, fcntl64, and
recvmmsg_time64.
Add further system calls that are needed regardless of time_t width,
that is, mmap2 (valgrind profile only), _llseek and sigreturn (common
outside x86_64), and socketcall (same as s390x).
I validated this against an almost full run of the test suite, with
just a few selected tests skipped. Fixes needed to run most tests on
i386/i686, and other assorted fixes for tests, are included in
upcoming patches.
Reported-by: Uroš Knupleš <uros@knuples.net>
Analysed-by: Faidon Liambotis <paravoid@debian.org>
Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078981
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2024-08-19 23:42:30 +02:00
|
|
|
mmap2 munmap open unlink gettimeofday futex
|
2023-11-16 20:15:59 +11:00
|
|
|
valgrind: FLAGS += -g -DVALGRIND
|
2022-03-15 20:16:13 +01:00
|
|
|
valgrind: all
|
|
|
|
|
2020-07-13 22:55:46 +02:00
|
|
|
.PHONY: clean
|
|
|
|
clean:
|
2022-11-17 18:49:33 +00:00
|
|
|
$(RM) $(BIN) *~ *.o seccomp.h pasta.1 \
|
2022-07-06 17:29:02 +10:00
|
|
|
passt.tar passt.tar.gz *.deb *.rpm \
|
2022-08-10 00:21:09 +02:00
|
|
|
passt.pid README.plain.md
|
2021-08-19 20:23:04 +02:00
|
|
|
|
2022-08-10 00:21:09 +02:00
|
|
|
install: $(BIN) $(MANPAGES) docs
|
2022-08-21 11:23:54 +02:00
|
|
|
mkdir -p $(DESTDIR)$(bindir) $(DESTDIR)$(man1dir)
|
|
|
|
cp -d $(BIN) $(DESTDIR)$(bindir)
|
|
|
|
cp -d $(MANPAGES) $(DESTDIR)$(man1dir)
|
|
|
|
mkdir -p $(DESTDIR)$(docdir)
|
|
|
|
cp -d README.plain.md $(DESTDIR)$(docdir)/README.md
|
|
|
|
cp -d doc/demo.sh $(DESTDIR)$(docdir)
|
2021-08-19 20:23:04 +02:00
|
|
|
|
|
|
|
uninstall:
|
2022-06-14 15:12:24 +10:00
|
|
|
$(RM) $(BIN:%=$(DESTDIR)$(prefix)/bin/%)
|
2022-08-21 11:23:54 +02:00
|
|
|
$(RM) $(MANPAGES:%=$(DESTDIR)$(man1dir)/%)
|
|
|
|
$(RM) $(DESTDIR)$(docdir)/README.md
|
|
|
|
$(RM) $(DESTDIR)$(docdir)/demo.sh
|
|
|
|
-rmdir $(DESTDIR)$(docdir)
|
2021-08-20 01:11:57 +02:00
|
|
|
|
2022-03-01 21:41:22 +01:00
|
|
|
pkgs: static
|
2022-02-28 16:18:44 +01:00
|
|
|
tar cf passt.tar -P --xform 's//\/usr\/bin\//' $(BIN)
|
2021-08-20 01:11:57 +02:00
|
|
|
tar rf passt.tar -P --xform 's//\/usr\/share\/man\/man1\//' \
|
2022-06-14 15:12:22 +10:00
|
|
|
$(MANPAGES)
|
2021-08-20 01:11:57 +02:00
|
|
|
gzip passt.tar
|
|
|
|
EMAIL="sbrivio@redhat.com" fakeroot alien --to-deb \
|
|
|
|
--description="User-mode networking for VMs and namespaces" \
|
|
|
|
-k --version=$(shell git rev-parse --short HEAD) \
|
|
|
|
passt.tar.gz
|
|
|
|
fakeroot alien --to-rpm --target=$(shell uname -m) \
|
|
|
|
--description="User-mode networking for VMs and namespaces" \
|
|
|
|
-k --version=g$(shell git rev-parse --short HEAD) passt.tar.gz
|
2021-10-20 00:05:11 +02:00
|
|
|
|
2022-08-10 00:21:09 +02:00
|
|
|
# TODO: This hack makes a "plain" Markdown version of README.md that can be
|
|
|
|
# reasonably shipped as documentation file, while the current README.md is
|
|
|
|
# definitely intended for web browser consumption. It should probably work the
|
|
|
|
# other way around: the web version should be obtained by adding HTML and
|
|
|
|
# JavaScript portions to a plain Markdown, instead. However, cgit needs to use
|
|
|
|
# a file in the git tree. Find a better way around this.
|
2023-07-10 06:33:44 +02:00
|
|
|
docs: README.md
|
|
|
|
@( \
|
|
|
|
skip=0; \
|
|
|
|
while read l; do \
|
|
|
|
case $$l in \
|
|
|
|
"## Demo") exit 0 ;; \
|
|
|
|
"<!"*) ;; \
|
|
|
|
"</"*) skip=1 ;; \
|
|
|
|
"<"*) skip=2 ;; \
|
|
|
|
esac; \
|
|
|
|
\
|
|
|
|
[ $$skip -eq 0 ] && echo "$$l"; \
|
|
|
|
[ $$skip -eq 1 ] && skip=0; \
|
|
|
|
done < README.md; \
|
|
|
|
) > README.plain.md
|
2022-08-10 00:21:09 +02:00
|
|
|
|
2021-10-20 00:05:11 +02:00
|
|
|
# Checkers currently disabled for clang-tidy:
|
|
|
|
# - llvmlibc-restrict-system-libc-headers
|
|
|
|
# TODO: this is Linux-only for the moment, nice to fix eventually
|
|
|
|
#
|
|
|
|
# - google-readability-braces-around-statements
|
|
|
|
# - hicpp-braces-around-statements
|
|
|
|
# - readability-braces-around-statements
|
|
|
|
# Debatable whether that improves readability, right now it would look
|
|
|
|
# like a mess
|
|
|
|
#
|
|
|
|
# - readability-magic-numbers
|
|
|
|
# - cppcoreguidelines-avoid-magic-numbers
|
|
|
|
# TODO: in most cases they are justified, but probably not everywhere
|
|
|
|
#
|
|
|
|
# - clang-analyzer-valist.Uninitialized
|
|
|
|
# TODO: enable once https://bugs.llvm.org/show_bug.cgi?id=41311 is fixed
|
|
|
|
#
|
|
|
|
# - clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling
|
|
|
|
# Probably not doable to impement this without plain memcpy(), memset()
|
|
|
|
#
|
|
|
|
# - cppcoreguidelines-init-variables
|
|
|
|
# Dubious value, would kill readability
|
|
|
|
#
|
|
|
|
# - hicpp-signed-bitwise
|
|
|
|
# Those are needed for syscalls, epoll_wait flags, etc.
|
|
|
|
#
|
|
|
|
# - llvm-include-order
|
|
|
|
# TODO: not really important, but nice to fix eventually
|
|
|
|
#
|
|
|
|
# - readability-isolate-declaration
|
|
|
|
# Dubious value, would kill readability
|
|
|
|
#
|
|
|
|
# - bugprone-narrowing-conversions
|
|
|
|
# - cppcoreguidelines-narrowing-conversions
|
|
|
|
# TODO: nice to fix eventually
|
|
|
|
#
|
|
|
|
# - cppcoreguidelines-avoid-non-const-global-variables
|
|
|
|
# TODO: check, fix, and more in general constify wherever possible
|
|
|
|
#
|
2022-01-30 02:59:12 +01:00
|
|
|
# - altera-unroll-loops
|
|
|
|
# - altera-id-dependent-backward-branch
|
|
|
|
# TODO: check paths where it might make sense to improve performance
|
|
|
|
#
|
|
|
|
# - bugprone-easily-swappable-parameters
|
|
|
|
# Not much can be done about them other than being careful
|
|
|
|
#
|
|
|
|
# - readability-function-cognitive-complexity
|
|
|
|
# TODO: split reported functions
|
|
|
|
#
|
|
|
|
# - altera-struct-pack-align
|
|
|
|
# "Poor" alignment needed for structs reflecting message formats/headers
|
|
|
|
#
|
|
|
|
# - concurrency-mt-unsafe
|
|
|
|
# TODO: check again if multithreading is implemented
|
2022-09-26 20:43:42 +10:00
|
|
|
#
|
|
|
|
# - readability-identifier-length
|
|
|
|
# Complains about any identifier <3 characters, reasonable for
|
|
|
|
# globals, pointlessly verbose for locals and parameters.
|
2022-11-17 16:58:37 +11:00
|
|
|
#
|
|
|
|
# - bugprone-assignment-in-if-condition
|
|
|
|
# Dubious value over the compiler's built-in warning. Would
|
|
|
|
# increase verbosity.
|
2023-11-15 13:59:45 +11:00
|
|
|
#
|
|
|
|
# - misc-include-cleaner
|
|
|
|
# Wants to include headers which *directly* provide the things
|
|
|
|
# we use. That sounds nice, but means it will often want a OS
|
|
|
|
# specific header instead of a mostly standard one, such as
|
|
|
|
# <linux/limits.h> instead of <limits.h>.
|
2024-05-14 00:57:58 +10:00
|
|
|
#
|
|
|
|
# - cppcoreguidelines-macro-to-enum
|
|
|
|
# Want to replace all #defines of integers with enums. Kind of
|
|
|
|
# makes sense when those defines form an enum-like set, but
|
|
|
|
# weird for cases like standalone constants, and causes other
|
|
|
|
# awkwardness for a bunch of cases we use
|
Makefile: Disable readability-math-missing-parentheses clang-tidy check
With clang-tidy and LLVM 19:
/home/sbrivio/passt/conf.c:1218:29: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
1218 | const char *octet = str + 3 * i;
| ^~~~~~
| ( )
/home/sbrivio/passt/ndp.c:285:18: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
285 | .len = 1 + 2 * n,
| ^~~~~~
| ( )
/home/sbrivio/passt/ndp.c:329:23: error: '%' has higher precedence than '-'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
329 | memset(ptr, 0, 8 - dns_s_len % 8); /* padding */
| ^~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/pcap.c:131:20: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
131 | pcap_frame(iov + i * frame_parts, frame_parts, offset, &now);
| ^~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:216:10: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
216 | return (a->tv_nsec + 1000000000 - b->tv_nsec) / 1000 +
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:217:10: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
217 | (a->tv_sec - b->tv_sec - 1) * 1000000;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:220:9: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
220 | return (a->tv_nsec - b->tv_nsec) / 1000 +
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:221:9: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
221 | (a->tv_sec - b->tv_sec) * 1000000;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:545:32: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
545 | return clone(fn, stack_area + stack_size / 2, flags, arg);
| ^~~~~~~~~~~~~~~
| ( )
Just... no.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2024-10-24 23:52:19 +02:00
|
|
|
#
|
|
|
|
# - readability-math-missing-parentheses
|
|
|
|
# It's been a couple of centuries since multiplication has been granted
|
|
|
|
# precedence over addition in modern mathematical notation. Adding
|
|
|
|
# parentheses to reinforce that certainly won't improve readability.
|
|
|
|
|
2022-01-30 02:59:12 +01:00
|
|
|
|
Makefile: Simplify exclusion of qrap from static checks
There are things in qrap.c that clang-tidy complains about that aren't
worth fixing. So, we currently exclude it using $(filter-out). However,
we already have a make variable which has just the passt sources, excluding
qrap, so we can use that instead of the awkward filter-out expression.
Currently, we still include qrap.c for cppcheck, but there's not much
point doing so: it's, well, qrap, so we don't care that much about lints.
Exclude it from cppcheck as well, for consistency.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2024-11-06 10:25:18 +11:00
|
|
|
clang-tidy: $(PASST_SRCS) $(HEADERS)
|
2021-10-20 00:05:11 +02:00
|
|
|
clang-tidy -checks=*,-modernize-*,\
|
|
|
|
-clang-analyzer-valist.Uninitialized,\
|
|
|
|
-cppcoreguidelines-init-variables,\
|
2022-11-17 16:58:37 +11:00
|
|
|
-bugprone-assignment-in-if-condition,\
|
2021-10-20 00:05:11 +02:00
|
|
|
-google-readability-braces-around-statements,\
|
|
|
|
-hicpp-braces-around-statements,\
|
|
|
|
-readability-braces-around-statements,\
|
|
|
|
-readability-magic-numbers,\
|
|
|
|
-llvmlibc-restrict-system-libc-headers,\
|
|
|
|
-hicpp-signed-bitwise,\
|
|
|
|
-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,\
|
|
|
|
-llvm-include-order,\
|
|
|
|
-cppcoreguidelines-avoid-magic-numbers,\
|
|
|
|
-readability-isolate-declaration,\
|
|
|
|
-bugprone-narrowing-conversions,\
|
|
|
|
-cppcoreguidelines-narrowing-conversions,\
|
|
|
|
-cppcoreguidelines-avoid-non-const-global-variables,\
|
2022-01-30 02:59:12 +01:00
|
|
|
-altera-unroll-loops,-altera-id-dependent-backward-branch,\
|
|
|
|
-bugprone-easily-swappable-parameters,\
|
|
|
|
-readability-function-cognitive-complexity,\
|
|
|
|
-altera-struct-pack-align,\
|
2022-09-26 20:43:42 +10:00
|
|
|
-concurrency-mt-unsafe,\
|
2023-11-15 13:59:45 +11:00
|
|
|
-readability-identifier-length,\
|
2024-05-14 00:57:58 +10:00
|
|
|
-misc-include-cleaner,\
|
Makefile: Disable readability-math-missing-parentheses clang-tidy check
With clang-tidy and LLVM 19:
/home/sbrivio/passt/conf.c:1218:29: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
1218 | const char *octet = str + 3 * i;
| ^~~~~~
| ( )
/home/sbrivio/passt/ndp.c:285:18: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
285 | .len = 1 + 2 * n,
| ^~~~~~
| ( )
/home/sbrivio/passt/ndp.c:329:23: error: '%' has higher precedence than '-'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
329 | memset(ptr, 0, 8 - dns_s_len % 8); /* padding */
| ^~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/pcap.c:131:20: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
131 | pcap_frame(iov + i * frame_parts, frame_parts, offset, &now);
| ^~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:216:10: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
216 | return (a->tv_nsec + 1000000000 - b->tv_nsec) / 1000 +
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:217:10: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
217 | (a->tv_sec - b->tv_sec - 1) * 1000000;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:220:9: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
220 | return (a->tv_nsec - b->tv_nsec) / 1000 +
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:221:9: error: '*' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
221 | (a->tv_sec - b->tv_sec) * 1000000;
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ( )
/home/sbrivio/passt/util.c:545:32: error: '/' has higher precedence than '+'; add parentheses to explicitly specify the order of operations [readability-math-missing-parentheses,-warnings-as-errors]
545 | return clone(fn, stack_area + stack_size / 2, flags, arg);
| ^~~~~~~~~~~~~~~
| ( )
Just... no.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
2024-10-24 23:52:19 +02:00
|
|
|
-cppcoreguidelines-macro-to-enum,\
|
|
|
|
-readability-math-missing-parentheses \
|
2022-03-27 13:41:48 +02:00
|
|
|
-config='{CheckOptions: [{key: bugprone-suspicious-string-compare.WarnOnImplicitComparison, value: "false"}]}' \
|
Makefile: Simplify exclusion of qrap from static checks
There are things in qrap.c that clang-tidy complains about that aren't
worth fixing. So, we currently exclude it using $(filter-out). However,
we already have a make variable which has just the passt sources, excluding
qrap, so we can use that instead of the awkward filter-out expression.
Currently, we still include qrap.c for cppcheck, but there's not much
point doing so: it's, well, qrap, so we don't care that much about lints.
Exclude it from cppcheck as well, for consistency.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2024-11-06 10:25:18 +11:00
|
|
|
--warnings-as-errors=* $(PASST_SRCS) -- $(filter-out -pie,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) -DCLANG_TIDY_58992
|
2021-10-21 09:41:13 +02:00
|
|
|
|
2022-09-26 20:43:46 +10:00
|
|
|
SYSTEM_INCLUDES := /usr/include $(wildcard /usr/include/$(TARGET))
|
2021-10-21 09:41:13 +02:00
|
|
|
ifeq ($(shell $(CC) -v 2>&1 | grep -c "gcc version"),1)
|
|
|
|
VER := $(shell $(CC) -dumpversion)
|
2022-09-26 20:43:43 +10:00
|
|
|
SYSTEM_INCLUDES += /usr/lib/gcc/$(TARGET)/$(VER)/include
|
2021-10-21 09:41:13 +02:00
|
|
|
endif
|
Makefile: Simplify exclusion of qrap from static checks
There are things in qrap.c that clang-tidy complains about that aren't
worth fixing. So, we currently exclude it using $(filter-out). However,
we already have a make variable which has just the passt sources, excluding
qrap, so we can use that instead of the awkward filter-out expression.
Currently, we still include qrap.c for cppcheck, but there's not much
point doing so: it's, well, qrap, so we don't care that much about lints.
Exclude it from cppcheck as well, for consistency.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2024-11-06 10:25:18 +11:00
|
|
|
cppcheck: $(PASST_SRCS) $(HEADERS)
|
2024-02-27 17:02:27 +01:00
|
|
|
if cppcheck --check-level=exhaustive /dev/null > /dev/null 2>&1; then \
|
|
|
|
CPPCHECK_EXHAUSTIVE="--check-level=exhaustive"; \
|
|
|
|
else \
|
|
|
|
CPPCHECK_EXHAUSTIVE=; \
|
|
|
|
fi; \
|
2023-08-01 13:36:45 +10:00
|
|
|
cppcheck --std=c11 --error-exitcode=1 --enable=all --force \
|
2022-09-26 20:43:44 +10:00
|
|
|
--inconclusive --library=posix --quiet \
|
2024-02-27 17:02:27 +01:00
|
|
|
$${CPPCHECK_EXHAUSTIVE} \
|
2022-09-26 20:43:43 +10:00
|
|
|
$(SYSTEM_INCLUDES:%=-I%) \
|
|
|
|
$(SYSTEM_INCLUDES:%=--config-exclude=%) \
|
|
|
|
$(SYSTEM_INCLUDES:%=--suppress=*:%/*) \
|
|
|
|
$(SYSTEM_INCLUDES:%=--suppress=unmatchedSuppression:%/*) \
|
2022-09-28 14:33:18 +10:00
|
|
|
--inline-suppr \
|
2022-09-28 14:33:28 +10:00
|
|
|
--suppress=unusedStructMember \
|
2022-11-13 01:32:00 +01:00
|
|
|
$(filter -D%,$(FLAGS) $(CFLAGS) $(CPPFLAGS)) \
|
Makefile: Simplify exclusion of qrap from static checks
There are things in qrap.c that clang-tidy complains about that aren't
worth fixing. So, we currently exclude it using $(filter-out). However,
we already have a make variable which has just the passt sources, excluding
qrap, so we can use that instead of the awkward filter-out expression.
Currently, we still include qrap.c for cppcheck, but there's not much
point doing so: it's, well, qrap, so we don't care that much about lints.
Exclude it from cppcheck as well, for consistency.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2024-11-06 10:25:18 +11:00
|
|
|
$(PASST_SRCS) $(HEADERS)
|