From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v2 23/32] tcp: Unify initial sequence number calculation for IPv4 and IPv6
Date: Thu, 17 Nov 2022 16:58:59 +1100 [thread overview]
Message-ID: <20221117055908.2782981-24-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20221117055908.2782981-1-david@gibson.dropbear.id.au>
tcp_seq_init() has separate paths for IPv4 and IPv6 addresses, which means
we will calculate different sequence numbers for IPv4 and equivalent
IPv4-mapped IPv6 addresses.
Change it to treat these the same by always converting the input address
into an inany_addr representation and use that to calculate the sequence
number.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
siphash.c | 1 +
tcp.c | 46 ++++++++++++++++++----------------------------
2 files changed, 19 insertions(+), 28 deletions(-)
diff --git a/siphash.c b/siphash.c
index 516a508..811918b 100644
--- a/siphash.c
+++ b/siphash.c
@@ -123,6 +123,7 @@ uint64_t siphash_8b(const uint8_t *in, const uint64_t *k)
*
* Return: 32 bits obtained by XORing the two halves of the 64-bit hash output
*/
+/* cppcheck-suppress unusedFunction */
uint32_t siphash_12b(const uint8_t *in, const uint64_t *k)
{
uint32_t *in32 = (uint32_t *)in;
diff --git a/tcp.c b/tcp.c
index 8ebd90a..ac64b81 100644
--- a/tcp.c
+++ b/tcp.c
@@ -1942,37 +1942,27 @@ static uint32_t tcp_seq_init(const struct ctx *c, int af, const void *addr,
in_port_t dstport, in_port_t srcport,
const struct timespec *now)
{
+ union inany_addr aany;
+ struct {
+ union inany_addr src;
+ in_port_t srcport;
+ union inany_addr dst;
+ in_port_t dstport;
+ } __attribute__((__packed__)) in = {
+ .srcport = srcport,
+ .dstport = dstport,
+ };
uint32_t ns, seq = 0;
- if (af == AF_INET) {
- struct {
- struct in_addr src;
- in_port_t srcport;
- struct in_addr dst;
- in_port_t dstport;
- } __attribute__((__packed__)) in = {
- .src = *(struct in_addr *)addr,
- .srcport = srcport,
- .dst = c->ip4.addr,
- .dstport = dstport,
- };
-
- seq = siphash_12b((uint8_t *)&in, c->tcp.hash_secret);
- } else if (af == AF_INET6) {
- struct {
- struct in6_addr src;
- in_port_t srcport;
- struct in6_addr dst;
- in_port_t dstport;
- } __attribute__((__packed__)) in = {
- .src = *(struct in6_addr *)addr,
- .srcport = srcport,
- .dst = c->ip6.addr,
- .dstport = dstport,
- };
+ inany_from_af(&aany, af, addr);
+ in.src = aany;
+ if (af == AF_INET)
+ inany_from_af(&aany, AF_INET, &c->ip4.addr);
+ else
+ inany_from_af(&aany, AF_INET6, &c->ip6.addr);
+ in.dst = aany;
- seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
- }
+ seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
ns = now->tv_sec * 1E9;
ns += now->tv_nsec >> 5; /* 32ns ticks, overflows 32 bits every 137s */
--
@@ -1942,37 +1942,27 @@ static uint32_t tcp_seq_init(const struct ctx *c, int af, const void *addr,
in_port_t dstport, in_port_t srcport,
const struct timespec *now)
{
+ union inany_addr aany;
+ struct {
+ union inany_addr src;
+ in_port_t srcport;
+ union inany_addr dst;
+ in_port_t dstport;
+ } __attribute__((__packed__)) in = {
+ .srcport = srcport,
+ .dstport = dstport,
+ };
uint32_t ns, seq = 0;
- if (af == AF_INET) {
- struct {
- struct in_addr src;
- in_port_t srcport;
- struct in_addr dst;
- in_port_t dstport;
- } __attribute__((__packed__)) in = {
- .src = *(struct in_addr *)addr,
- .srcport = srcport,
- .dst = c->ip4.addr,
- .dstport = dstport,
- };
-
- seq = siphash_12b((uint8_t *)&in, c->tcp.hash_secret);
- } else if (af == AF_INET6) {
- struct {
- struct in6_addr src;
- in_port_t srcport;
- struct in6_addr dst;
- in_port_t dstport;
- } __attribute__((__packed__)) in = {
- .src = *(struct in6_addr *)addr,
- .srcport = srcport,
- .dst = c->ip6.addr,
- .dstport = dstport,
- };
+ inany_from_af(&aany, af, addr);
+ in.src = aany;
+ if (af == AF_INET)
+ inany_from_af(&aany, AF_INET, &c->ip4.addr);
+ else
+ inany_from_af(&aany, AF_INET6, &c->ip6.addr);
+ in.dst = aany;
- seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
- }
+ seq = siphash_36b((uint8_t *)&in, c->tcp.hash_secret);
ns = now->tv_sec * 1E9;
ns += now->tv_nsec >> 5; /* 32ns ticks, overflows 32 bits every 137s */
--
2.38.1
next prev parent reply other threads:[~2022-11-17 5:59 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-17 5:58 [PATCH v2 00/32] Use dual stack sockets to listen for inbound TCP connections David Gibson
2022-11-17 5:58 ` [PATCH v2 01/32] clang-tidy: Suppress warning about assignments in if statements David Gibson
2022-11-17 5:58 ` [PATCH v2 02/32] style: Minor corrections to function comments David Gibson
2022-11-17 5:58 ` [PATCH v2 03/32] tcp_splice: #include tcp_splice.h in tcp_splice.c David Gibson
2022-11-17 5:58 ` [PATCH v2 04/32] tcp: Remove unused TCP_MAX_SOCKS constant David Gibson
2022-11-17 5:58 ` [PATCH v2 05/32] tcp: Better helpers for converting between connection pointer and index David Gibson
2022-11-17 5:58 ` [PATCH v2 06/32] tcp_splice: Helpers for converting from index to/from tcp_splice_conn David Gibson
2022-11-17 5:58 ` [PATCH v2 07/32] tcp: Move connection state structures into a shared header David Gibson
2022-11-17 5:58 ` [PATCH v2 08/32] tcp: Add connection union type David Gibson
2022-11-18 0:25 ` Stefano Brivio
2022-11-18 1:10 ` David Gibson
2022-11-19 8:39 ` Stefano Brivio
2022-11-17 5:58 ` [PATCH v2 09/32] tcp: Improved helpers to update connections after moving David Gibson
2022-11-17 5:58 ` [PATCH v2 10/32] tcp: Unify spliced and non-spliced connection tables David Gibson
2022-11-17 5:58 ` [PATCH v2 11/32] tcp: Unify tcp_defer_handler and tcp_splice_defer_handler() David Gibson
2022-11-17 5:58 ` [PATCH v2 12/32] tcp: Partially unify tcp_timer() and tcp_splice_timer() David Gibson
2022-11-17 5:58 ` [PATCH v2 13/32] tcp: Unify the IN_EPOLL flag David Gibson
2022-11-17 5:58 ` [PATCH v2 14/32] tcp: Separate helpers to create ns listening sockets David Gibson
2022-11-17 5:58 ` [PATCH v2 15/32] tcp: Unify part of spliced and non-spliced conn_from_sock path David Gibson
2022-11-17 5:58 ` [PATCH v2 16/32] tcp: Use the same sockets to listen for spliced and non-spliced connections David Gibson
2022-11-17 5:58 ` [PATCH v2 17/32] tcp: Remove splice from tcp_epoll_ref David Gibson
2022-11-17 5:58 ` [PATCH v2 18/32] tcp: Don't store hash bucket in connection structures David Gibson
2022-11-17 5:58 ` [PATCH v2 19/32] inany: Helper functions for handling addresses which could be IPv4 or IPv6 David Gibson
2022-11-17 5:58 ` [PATCH v2 20/32] tcp: Hash IPv4 and IPv4-mapped-IPv6 addresses the same David Gibson
2022-11-17 5:58 ` [PATCH v2 21/32] tcp: Take tcp_hash_insert() address from struct tcp_conn David Gibson
2022-11-17 5:58 ` [PATCH v2 22/32] tcp: Simplify tcp_hash_match() to take an inany_addr David Gibson
2022-11-17 5:58 ` David Gibson [this message]
2022-11-17 5:59 ` [PATCH v2 24/32] tcp: Have tcp_seq_init() take its parameters from struct tcp_conn David Gibson
2022-11-17 5:59 ` [PATCH v2 25/32] tcp: Fix small errors in tcp_seq_init() time handling David Gibson
2022-11-17 5:59 ` [PATCH v2 26/32] tcp: Remove v6 flag from tcp_epoll_ref David Gibson
2022-11-17 5:59 ` [PATCH v2 27/32] tcp: NAT IPv4-mapped IPv6 addresses like IPv4 addresses David Gibson
2022-11-17 5:59 ` [PATCH v2 28/32] tcp_splice: Allow splicing of connections from IPv4-mapped loopback David Gibson
2022-11-17 5:59 ` [PATCH v2 29/32] tcp: Consolidate tcp_sock_init[46] David Gibson
2022-11-17 5:59 ` [PATCH v2 30/32] util: Allow sock_l4() to open dual stack sockets David Gibson
2022-11-17 5:59 ` [PATCH v2 31/32] util: Always return -1 on error in sock_l4() David Gibson
2022-11-17 5:59 ` [PATCH v2 32/32] tcp: Use dual stack sockets for port forwarding when possible David Gibson
2022-11-25 9:22 ` [PATCH v2 00/32] Use dual stack sockets to listen for inbound TCP connections Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221117055908.2782981-24-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).