From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id EFEB25A0268 for ; Thu, 17 Nov 2022 06:59:22 +0100 (CET) Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4NCTkl5JHhz4xyY; Thu, 17 Nov 2022 16:59:11 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=201602; t=1668664751; bh=fNrQQCed6mGgZ6ZE9mQpuR9NEG+30VkfN0ToUYyK5B0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=F/6Ne7ns21ltp6Hd1lQU1U5E34YUb1f3wZOvIuQT8TFOGMh6IiS6Xmz3qtzMTX/en Wd00SZzMwwxIqin+L1/I22me9kdDYJivybe7/dqc6bRMXYjSlIt0OHkOu9yKoxVpQe Z3TRn9Yvirkks1gI6oQTc2wl6I9B7cRXAGFVWvzc= From: David Gibson To: passt-dev@passt.top, Stefano Brivio Subject: [PATCH v2 30/32] util: Allow sock_l4() to open dual stack sockets Date: Thu, 17 Nov 2022 16:59:06 +1100 Message-Id: <20221117055908.2782981-31-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221117055908.2782981-1-david@gibson.dropbear.id.au> References: <20221117055908.2782981-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: LDBA2PKTYNFYVBZJROK27B7V2J3Z6EDQ X-Message-ID-Hash: LDBA2PKTYNFYVBZJROK27B7V2J3Z6EDQ X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: David Gibson X-Mailman-Version: 3.3.3 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Currently, when instructed to open an IPv6 socket, sock_l4() explicitly sets the IPV6_V6ONLY socket option so that the socket will only respond to IPv6 connections. Linux (and probably other platforms) allow "dual stack" sockets: IPv6 sockets which can also accept IPv4 connections. Extend sock_l4() to be able to make such sockets, by passing AF_UNSPEC as the address family and no bind address (binding to a specific address would defeat the purpose). We add a Makefile define 'DUAL_STACK_SOCKETS' to indicate availability of this feature on the target platform. Signed-off-by: David Gibson --- Makefile | 5 +++++ util.c | 17 +++++++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index ce159e5..5a0f96a 100644 --- a/Makefile +++ b/Makefile @@ -11,6 +11,10 @@ VERSION ?= $(shell git describe --tags HEAD 2>/dev/null || echo "unknown\ version") +# Does the target platform allow IPv4 connections to be handled via +# the IPv6 socket API? (Linux does) +DUAL_STACK_SOCKETS := 1 + RLIMIT_STACK_VAL := $(shell /bin/sh -c 'ulimit -s') ifeq ($(RLIMIT_STACK_VAL),unlimited) RLIMIT_STACK_VAL := 1024 @@ -36,6 +40,7 @@ FLAGS += -DPASST_AUDIT_ARCH=AUDIT_ARCH_$(AUDIT_ARCH) FLAGS += -DRLIMIT_STACK_VAL=$(RLIMIT_STACK_VAL) FLAGS += -DARCH=\"$(TARGET_ARCH)\" FLAGS += -DVERSION=\"$(VERSION)\" +FLAGS += -DDUAL_STACK_SOCKETS=$(DUAL_STACK_SOCKETS) PASST_SRCS = arch.c arp.c checksum.c conf.c dhcp.c dhcpv6.c icmp.c igmp.c \ isolation.c lineread.c log.c mld.c ndp.c netlink.c packet.c passt.c \ diff --git a/util.c b/util.c index 2125a67..59c6641 100644 --- a/util.c +++ b/util.c @@ -22,6 +22,8 @@ #include #include #include +#include +#include #include "util.h" #include "passt.h" @@ -112,6 +114,7 @@ int sock_l4(const struct ctx *c, int af, uint8_t proto, 0, IN6ADDR_ANY_INIT, 0, }; const struct sockaddr *sa; + bool dual_stack = false; struct epoll_event ev; int fd, sl, y = 1; @@ -119,6 +122,13 @@ int sock_l4(const struct ctx *c, int af, uint8_t proto, proto != IPPROTO_ICMP && proto != IPPROTO_ICMPV6) return -1; /* Not implemented. */ + if (af == AF_UNSPEC) { + if (!DUAL_STACK_SOCKETS || bind_addr) + return -1; + dual_stack = true; + af = AF_INET6; + } + if (proto == IPPROTO_TCP) fd = socket(af, SOCK_STREAM | SOCK_NONBLOCK, proto); else @@ -158,8 +168,11 @@ int sock_l4(const struct ctx *c, int af, uint8_t proto, sa = (const struct sockaddr *)&addr6; sl = sizeof(addr6); - if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &y, sizeof(y))) - debug("Failed to set IPV6_V6ONLY on socket %i", fd); + if (!dual_stack) + if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, + &y, sizeof(y))) + debug("Failed to set IPV6_V6ONLY on socket %i", + fd); } if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &y, sizeof(y))) -- 2.38.1