The new version with tag 2025_04_15.2340bbf includes the following changes:
2340bbf udp: Propagate errors on listening and brand new sockets
cfc0ee1 udp: Minor re-organisation of udp_sock_recverr()
f107a86 udp: Add udp_pktinfo() helper
0498457 udp: Deal with errors as we go in udp_sock_fwd()
3f99558 udp: Pass socket & flow information direction to error handling functions
1bb8145 udp: Be quieter about errors on UDP receive
baf049f udp: Fix breakage of UDP error handling by PKTINFO support
5024908 conf: Honour --dns-forward for local resolver even with --no-map-gw
bbff365 conf: Split add_dns_resolv() into separate IPv4 and IPv6 versions
59cc89f udp, udp_flow: Track our specific address on socket interfaces
695c623 inany: Improve ASSERT message for bad socket family
f4b0dd8 udp: Use PKTINFO cmsgs to get destination address for received datagrams
6693fa1 tcp_splice: Don't clobber errno before checking for EAGAIN
d3f33f3 tcp_splice: Don't double count bytes read on EINTR
ffbef85 conf: Add missing return in conf_nat(), fix --map-guest-addr none
06ef64c udp_flow: Save 8 bytes in struct udp_flow on 64-bit architectures
9725e79 udp_flow: Don't discard packets that arrive between bind() and connect()
9eb5406 udp: Fold udp_splice_prepare and udp_splice_send into udp_sock_to_sock
bd6a41e udp: Rework udp_listen_sock_data() into udp_sock_fwd()
159beef udp_flow: Take pif and port as explicit parameters to udp_flow_from_sock()
fd844a9 udp: Move UDP_MAX_FRAMES to udp.c
fc6ee68 udp: Merge vhost-user and "buf" listening socket paths
0304dd9 udp: Split spliced forwarding path from udp_buf_reply_sock_data()
5221e17 udp: Parameterize number of datagrams handled by udp_*_reply_sock_data()
3a0881d udp: Don't bother to batch datagrams from "listening" socket
84ab130 udp: Polish udp_vu_sock_info() and remove from vu specific code
1d7bbb1 udp: Make udp_sock_recv() take max number of frames as a parameter
d74b5a7 udp: Use connect()ed sockets for initiating side
a7775e9 udp: support traceroute in direction tap-socket
06784d7 passt-repair: Ensure that read buffer is NULL-terminated
684870a udp: Correct some seccomp filter annotations
76e554d udp: Simplify updates to UDP flow timestamp
8aa2d90 udp: Remove redundant udp_at_sidx() call in udp_tap_handler()
3d41e4d passt-repair: Correct off-by-one error verifying name
dec3d73 migrate, tcp: bind() migrated sockets in repair mode
6bfc60b platform requirements: Add test for address conflicts with TCP_REPAIR
8e32881 platform requirements: Add attributes to die() function
2ed2d59 platform requirements: Fix clang-tidy warning
3de5af6 udp: Improve name of UDP related ICMP sending functions
025a3c2 udp: Don't attempt to forward ICMP socket errors to other sockets
42a854a pasta, passt-repair: Support multiple events per read() in inotify handlers
65cca54 udp: correct source address for ICMP messages
664c588 build: normalize arm targets
77883fb udp: Add helper function for creating connected UDP socket
37d78c9 udp: Always hash socket facing flowsides
f67c488 udp: Better handling of failure to forward from reply socket
269cf6a udp: Share more logic between vu and non-vu reply socket paths
d924b7d udp_vu: Factor things out of udp_vu_reply_sock_data() loop
5a977c2 udp: Simplify checking of epoll event bits
89b203b udp: Common invocation of udp_sock_errs() for vhost-user and "buf" paths
cf4d3f0 packet: Upgrade severity of most packet errors
0857515 packet: ASSERT on signs of pool corruption
9153aca util: Add abort_with_msg() and ASSERT_WITH_MSG() helpers
38bcce9 packet: Rework packet_get() versus packet_get_try()
961aa6a packet: Move checks against PACKET_MAX_LEN to packet_check_range()
37d9f37 packet: Avoid integer overflows in packet_get_do()
c48331c packet: Correct type of PACKET_MAX_LEN
9866d14 tap: Clarify calculation of TAP_MSGS
a41d6d1 tap: Make size of pool_tap[46] purely a tuning parameter
e43e007 packet: More cautious checks to avoid pointer arithmetic UB
4592719 vu_common: Tighten vu_packet_check_range()
https://passt.top/passt/log/?qt=range&q=2025_03_20.32f6212..2025_04_15.2340…
Packages:
- Alpine Linux:
https://pkgs.alpinelinux.org/packages?name=passt
- Arch Linux:
https://www.archlinux.org/packages/extra/x86_64/passt/https://archlinuxarm.org/packages/aarch64/passthttps://archlinuxarm.org/packages/armv7h/passt
- Chimera:
https://pkgs.chimera-linux.org/packages?name=passt
- Clear Linux:
https://github.com/clearlinux-pkgs/passt/
- Copr (CentOS Stream, EPEL, Fedora, Mageia):
https://copr.fedorainfracloud.org/coprs/sbrivio/passt/build/8907839/
permanent mirror: https://passt.top/builds/copr/0^20250415.g2340bbf/
- Debian tracker:
https://tracker.debian.org/pkg/passt
- Fedora updates:
https://bodhi.fedoraproject.org/updates/?packages=passt
- Gentoo versions:
https://packages.gentoo.org/packages/net-misc/passt
- GNU Guix:
https://packages.guix.gnu.org/packages/passt/
- Homebrew:
https://formulae.brew.sh/formula/passt
- NixOS:
https://github.com/NixOS/nixpkgs/tree/nixos-unstable/pkgs/by-name/pa/passt
- openSUSE:
https://software.opensuse.org/package/passt
- OpenMandriva:
https://github.com/OpenMandrivaAssociation/passt/tree/master
- PLD Linux:
https://git.pld-linux.org/cgi-bin/gitweb.cgi?p=packages/passt.git
- Solus:
https://github.com/getsolus/packages/tree/main/packages/p/passt
- Ubuntu tracker:
https://launchpad.net/ubuntu/+source/passt
- Void Linux:
https://voidlinux.org/packages/?q=passt
- Static builds:
- Package for other RPM-based distributions, x86_64 only:
https://passt.top/builds/latest/x86_64/passt-g2340bbf-1.x86_64.rpm
- x86_64 static binaries:
https://passt.top/builds/latest/x86_64/
- Debian package, from x86_64 static build:
https://passt.top/builds/latest/x86_64/passt_2340bbf-1_all.deb
--
Stefano
The new version with tag 2025_03_20.32f6212 includes the following changes:
32f6212 Makefile: Enable -Wformat-security
07c2d58 conf: Include libgen.h for basename(), fix build against musl
ebdd463 tcp: Flush socket before checking for more data in active close state
c250ffc migrate: Bump migration version number
cfb3740 migrate, tcp: Migrate RFC 7323 timestamp
28772ee migrate, tcp: More careful marshalling of mss parameter during migration
51f3c07 passt-repair: Fix build with -Werror=format-security
cb5b593 tcp, flow: Better use flow specific logging heleprs
96fe554 conf: Unify several paths in conf_ports()
78f1f0f test/perf: Simplify iperf3 server lifetime management
26df8a3 conf: Limit maximum MTU based on backend frame size
9d1a6b3 pcap: Correctly set snaplen based on tap backend type
b6945e0 Simplify sizing of pkt_buf
c4bfa33 tap: Use explicit defines for maximum length of L2 frame
1eda8de packet: Remove redundant TAP_BUF_BYTES define
c43972a packet: Give explicit name to maximum packet size
74cd82a conf: Detect vhost-user mode earlier
4b17d04 conf: Move mode detection into helper function
bb00a04 conf: Use the same optstring for passt and pasta modes
c8b520c flow, repair: Wait for a short while for passt-repair to connect
0470170 passt-repair: Add directory watch
2b58b22 cppcheck: Add suppressions for "logically" exported functions
a83c806 vhost_user: Don't export several functions
27395e6 tcp: Don't export tcp_update_csum()
12d5b36 checksum: Don't export various functions
e36c35c log: Don't export passt_vsyslog()
57d2db3 treewide: Mark assorted functions static
68b0418 udp: create and send ICMPv6 to local peer when applicable
87e6a46 tap: break out building of udp header from tap_udp6_send function
55431f0 udp: create and send ICMPv4 to local peer when applicable
82a839b tap: break out building of udp header from tap_udp4_send function
1924e25 conf: Be more precise about minimum MTUs
672d786 tcp: Send RST in response to guest packets that match no connection
1f23681 tap: Consider IPv6 flow label when building packet sequences
0081756 ip: Helpers to access IPv6 flow label
52419a6 migrate, tcp: Don't flow_alloc_cancel() during incoming migration
b270821 tcp: Unconditionally move to CLOSED state on tcp_rst()
56ce03e tcp: Correct error code handling from tcp_flow_repair_socket()
39f85bc migrate, flow: Don't attempt to migrate TCP flows without passt-repair
7b92f2e migrate, flow: Trivially succeed if migrating with no flows
8747173 selinux: Fixes/workarounds for passt and passt-repair, mostly for libvirt usage
be86232 seccomp.sh: Silence stty errors
ea69ca6 tap: always set the no_frag flag in IPv4 headers
4dac235 contrib/fedora: Actually install passt-repair SELinux policy file
16553c8 dhcp: Add option code byte in calculation for OPT_MAX boundary check
183bedf Makefile: Use mmap2() as alternative for mmap() in valgrind extra syscalls
1cc5d4c conf: Use 0 instead of -1 as "unassigned" mtu value
3dc7da6 conf: More thorough error checking when parsing --mtu option
65e317a flow: Clean up and generalise flow traversal macros
b79a22d flow: Remove unneeded bound parameter from flow traversal macros
7ffca35 flow: Remove unneeded index from foreach_* macros
adb46c1 flow: Add flow_perror() helper
ba0823f tcp: Don't pass both flow pointer and flow index
854bc7b tcp: Remove spurious prototype for tcp_flow_migrate_shrink_window
e56c803 tcp: More type safety for tcp_flow_migrate_target_ext()
5a07eb3 tcp_vu: head_cnt need not be global
6b40651 tap: Remove unused ETH_HDR_INIT() macro
354bc0b packet: Don't pass start and offset separately to packet_check_range()
0a51060 packet: Use flexible array member in struct pool
bcc4908 dhcp: Remove option 255 length byte
https://passt.top/passt/log/?qt=range&q=2025_02_17.a1e48a0..2025_03_20.32f6…
Packages:
- Alpine Linux:
https://pkgs.alpinelinux.org/packages?name=passt
- Arch Linux:
https://www.archlinux.org/packages/extra/x86_64/passt/https://archlinuxarm.org/packages/aarch64/passthttps://archlinuxarm.org/packages/armv7h/passt
- Chimera:
https://pkgs.chimera-linux.org/packages?name=passt
- Clear Linux:
https://github.com/clearlinux-pkgs/passt/
- Copr (CentOS Stream, EPEL, Fedora, Mageia):
https://copr.fedorainfracloud.org/coprs/sbrivio/passt/build/8797676/
permanent mirror: https://passt.top/builds/copr/0^20250320.g32f6212/
- Debian tracker:
https://tracker.debian.org/pkg/passt
- Fedora updates:
https://bodhi.fedoraproject.org/updates/?packages=passt
- Gentoo versions:
https://packages.gentoo.org/packages/net-misc/passt
- GNU Guix:
https://packages.guix.gnu.org/packages/passt/
- Homebrew:
https://formulae.brew.sh/formula/passt
- NixOS:
https://github.com/NixOS/nixpkgs/tree/nixos-unstable/pkgs/by-name/pa/passt
- openSUSE:
https://software.opensuse.org/package/passt
- OpenMandriva:
https://github.com/OpenMandrivaAssociation/passt/tree/master
- PLD Linux:
https://git.pld-linux.org/cgi-bin/gitweb.cgi?p=packages/passt.git
- Solus:
https://github.com/getsolus/packages/tree/main/packages/p/passt
- Ubuntu tracker:
https://launchpad.net/ubuntu/+source/passt
- Void Linux:
https://voidlinux.org/packages/?q=passt
- Static builds:
- Package for other RPM-based distributions, x86_64 only:
https://passt.top/builds/latest/x86_64/passt-g32f6212-1.x86_64.rpm
- x86_64 static binaries:
https://passt.top/builds/latest/x86_64/
- Debian package, from x86_64 static build:
https://passt.top/builds/latest/x86_64/passt_32f6212-1_all.deb
--
Stefano
On Tue, 19 Nov 2024 07:55:59 +0000
Piotr Bzdręga via user <passt-user(a)passt.top> wrote:
> Hei guys,
> I cannot register account on https://passt.top/passt/bugs.
> I was trying with few e-mails.
> I wanted to report bug regarding using pivot_root() in tmpfs.
>
> [08:47][selkie@buildroot][~] $ podman run -it 88b748efcbb3
> Error: pasta failed with exit code 1:
> Couldn't get any nameserver address
> Failed to pivot_root() into empty tmpfs: Invalid argument
> Failed to sandbox process, exiting
>
> I saw that pivot_root() can be replace by chroot e.g. done in crun :
> https://github.com/containers/crun/blob/83998014c5e8dee84432f6ece34363dbd1c…
By the way, this is now tracked at:
https://bugs.passt.top/show_bug.cgi?id=104
thanks Piotr!
--
Stefano
Hei guys,
I cannot register account on https://passt.top/passt/bugs.
I was trying with few e-mails.
I wanted to report bug regarding using pivot_root() in tmpfs.
[08:47][selkie@buildroot][~] $ podman run -it 88b748efcbb3
Error: pasta failed with exit code 1:
Couldn't get any nameserver address
Failed to pivot_root() into empty tmpfs: Invalid argument
Failed to sandbox process, exiting
I saw that pivot_root() can be replace by chroot e.g. done in crun :
https://github.com/containers/crun/blob/83998014c5e8dee84432f6ece34363dbd1c…
Piotr Bzdręga
The new version with tag 2024_10_30.ee7d0b6 includes the following changes:
ee7d0b6 util: Don't use errno after a successful call in __daemon()
b1a607f udp: Take care of cert-int09-c clang-tidy warning for enum udp_iov_idx
099ace6 treewide: Address cert-err33-c clang-tidy warnings for clock and timer functions
59fe34e treewide: Suppress clang-tidy warning if we already use O_CLOEXEC
134b4d5 Makefile: Disable readability-math-missing-parentheses clang-tidy check
7442478 treewide: Silence cert-err33-c clang-tidy warnings for fprintf()
98efe7c treewide: Comply with CERT C rule ERR33-C for snprintf()
988a4d7 Makefile: Exclude qrap.c from clang-tidy checks
ba38e67 tcp: unify l2 TCPv4 and TCPv6 queues and structures
2053c36 tcp: set ip and eth headers in l2 tap queues on the fly
5563d5f test: remove obsolete images
f43f7d5 tcp: cleanup tcp_buf_data_from_sock()
e7fcd0c tcp: Use runtime tests for TCP_INFO fields
8114381 tcp: Generalise probing for tcpi_snd_wnd field
13f0291 tcp: Remove compile-time dependency on struct tcp_info version
9e4615b tcp_splice: fcntl(2) returns the size of the pipe, if F_SETPIPE_SZ succeeds
149f457 tcp_splice: splice() all we have to the writing side, not what we just read
9e5df35 tcp: Use structures to construct initial TCP options
b4dace8 fwd: Direct inbound spliced forwards to the guest's external address
58e6d68 test: Clarify test for spliced inbound transfers
1fa4211 passt.1: Clarify and update "Handling of local addresses" section
ef8a516 passt.1: Mark --stderr as deprecated more prominently
53176ca test: Wait for DAD on DHCPv6 addresses
75b9c0f test: Explicitly wait for DAD to complete on SLAAC addresses
f9d677b arp: Fix a handful of small warts
2d7f734 tcp: Send "empty" handshake ACK before first data segment
7612cb8 test: Pass TRACE from run_term() into ./run from_term
b40880c test/lib/term: Always use printf for messages with escape sequences
ff63ac9 conf: Add --dns-host option to configure host side nameserver
9d66df9 conf: Add command line switch to enable IP_FREEBIND socket option
151dbe0 udp: Update UDP checksum using an iovec array
3d484aa tcp: Update TCP checksum using an iovec array
e6548c6 checksum: Add an offset argument in csum_iov()
fd8334b pcap: Add an offset argument in pcap_iov()
72e7d30 tcp: Use tcp_payload_t rather than tcphdr
def8acd test: Kernel binary can now be passed via the KERNEL environmental variable
b55013b inany: Add inany_pton() helper
cbde419 tcp, udp: Make {tcp,udp}_sock_init() take an inany address
b8d4fac util, pif: Replace sock_l4() with pif_sock_l4()
204e77c udp: Don't attempt to get dual-stack sockets in nonsensical cases
8f8c4d2 tcp: Allow checksum to be disabled
4fe5f4e udp: Allow checksum to be disabled
d836d9e util: Remove possible quadratic behaviour from write_remainder()
bfc294b util: Add helper to write() all of a buffer
bb41901 tcp: Make tcp_update_seqack_wnd()s force_seq parameter explicitly boolean
265b209 tcp: Simplify ifdef logic in tcp_update_seqack_wnd()
4aff6f9 tcp: Clean up tcpi_snd_wnd probing
7d8804b tcp: Make some extra functions private
5ff5d55 tcp: Avoid overlapping memcpy() in DUP_ACK handling
1f414ed tcp: Remove redundant initialisation of iov[TCP_IOV_ETH].iov_base
https://passt.top/passt/log/?qt=range&q=2024_09_06.6b38f07..2024_10_30.ee7d…
Packages:
- Alpine Linux:
https://pkgs.alpinelinux.org/packages?name=passt
- Arch Linux:
https://www.archlinux.org/packages/extra/x86_64/passt/https://archlinuxarm.org/packages/aarch64/passthttps://archlinuxarm.org/packages/armv7h/passt
- Chimera:
https://pkgs.chimera-linux.org/packages?name=passt
- Clear Linux:
https://github.com/clearlinux-pkgs/passt/
- Debian tracker:
https://tracker.debian.org/pkg/passt
- Copr (CentOS Stream, EPEL, Fedora, Mageia):
https://copr.fedorainfracloud.org/coprs/sbrivio/passt/build/8189610/
permanent mirror: https://passt.top/builds/copr/0^20241030.gee7d0b6/
- Fedora updates:
https://bodhi.fedoraproject.org/updates/?packages=passt
- Gentoo versions:
https://packages.gentoo.org/packages/net-misc/passt
- GNU Guix:
https://packages.guix.gnu.org/packages/passt/
- Homebrew:
https://formulae.brew.sh/formula/passt
- NixOS:
https://github.com/NixOS/nixpkgs/tree/nixos-unstable/pkgs/by-name/pa/passt
- openSUSE:
https://software.opensuse.org/package/passt
- PLD Linux:
https://git.pld-linux.org/cgi-bin/gitweb.cgi?p=packages/passt.git
- Solus:
https://github.com/getsolus/packages/tree/main/packages/p/passt
- Ubuntu tracker:
https://launchpad.net/ubuntu/+source/passt
- Void Linux:
https://voidlinux.org/packages/?q=passt
- Static builds:
- Package for other RPM-based distributions, x86_64 only:
https://passt.top/builds/latest/x86_64/passt-gee7d0b6-1.x86_64.rpm
- x86_64 static binaries:
https://passt.top/builds/latest/x86_64/
- Debian package, from x86_64 static build:
https://passt.top/builds/latest/x86_64/passt_0ee7d0b6-1_all.deb
--
Stefano