public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>, passt-dev@passt.top
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH 08/11] udp: Re-use fixed bound sockets for packet forwarding when possible
Date: Tue, 22 Nov 2022 14:43:59 +1100	[thread overview]
Message-ID: <20221122034402.1517544-9-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20221122034402.1517544-1-david@gibson.dropbear.id.au>

When we look up udp_splice_to_ns[v6][src].target_sock in
udp_sock_handler_splice, all we really require of the socket is that it
be bound to port src in the pasta guest namespace.  Similarly for
udp_splice_to_init but bound in the init namespace.

Usually these sockets are created temporarily by udp_splice_connect() and
cleaned up by udp_timer().  However, depending on the -u and -U options its
possible we have a permanent socket bound to the relevant port created by
udp_sock_init().  If such a socket exists, we could use it instead of
creating a temporary one.  In fact we *must* use it, because we'll fail
trying to bind() a temporary one to the same port.

So allow this, store permanently bound sockets into udp_splice_to_{ns,init}
in udp_sock_init().  These won't get incorrectly removed by the timer
because we don't put a corresponding entry in the udp_act[] structure
which directs the timer what to clean up.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 udp.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/udp.c b/udp.c
index f93dd8b..65438de 100644
--- a/udp.c
+++ b/udp.c
@@ -153,7 +153,7 @@ struct udp_splice_flow {
 /* Port tracking, arrays indexed by packet source port (host order) */
 static struct udp_tap_port	udp_tap_map	[IP_VERSIONS][NUM_PORTS];
 
-/* Spliced "connections" indexed by originating source port (host order) */
+/* Spliced "connections" indexed by bound port of target_sock (host order) */
 static struct udp_splice_flow udp_splice_to_ns  [IP_VERSIONS][NUM_PORTS];
 static struct udp_splice_flow udp_splice_to_init[IP_VERSIONS][NUM_PORTS];
 
@@ -1096,16 +1096,18 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
 				bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
 				uref.udp.splice = uref.udp.orig = true;
 
-				sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
-					port, uref.u32);
+				s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+					    ifname, port, uref.u32);
+				udp_splice_to_init[V4][port].target_sock = s;
 			}
 		} else {
 			uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
 
 			bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
 
-			sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
-				port, uref.u32);
+			s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+				    ifname, port, uref.u32);
+			udp_splice_to_ns[V4][port].target_sock = s;
 		}
 	}
 
@@ -1128,15 +1130,17 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
 				bind_addr = &in6addr_loopback;
 				uref.udp.splice = uref.udp.orig = true;
 
-				sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
-					port, uref.u32);
+				s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+					    ifname, port, uref.u32);
+				udp_splice_to_init[V6][port].target_sock = s;
 			}
 		} else {
 			bind_addr = &in6addr_loopback;
 			uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
 
-			sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
-				port, uref.u32);
+			s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+				    ifname, port, uref.u32);
+			udp_splice_to_ns[V6][port].target_sock = s;
 		}
 	}
 }
-- 
@@ -153,7 +153,7 @@ struct udp_splice_flow {
 /* Port tracking, arrays indexed by packet source port (host order) */
 static struct udp_tap_port	udp_tap_map	[IP_VERSIONS][NUM_PORTS];
 
-/* Spliced "connections" indexed by originating source port (host order) */
+/* Spliced "connections" indexed by bound port of target_sock (host order) */
 static struct udp_splice_flow udp_splice_to_ns  [IP_VERSIONS][NUM_PORTS];
 static struct udp_splice_flow udp_splice_to_init[IP_VERSIONS][NUM_PORTS];
 
@@ -1096,16 +1096,18 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
 				bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
 				uref.udp.splice = uref.udp.orig = true;
 
-				sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
-					port, uref.u32);
+				s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+					    ifname, port, uref.u32);
+				udp_splice_to_init[V4][port].target_sock = s;
 			}
 		} else {
 			uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
 
 			bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
 
-			sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
-				port, uref.u32);
+			s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+				    ifname, port, uref.u32);
+			udp_splice_to_ns[V4][port].target_sock = s;
 		}
 	}
 
@@ -1128,15 +1130,17 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
 				bind_addr = &in6addr_loopback;
 				uref.udp.splice = uref.udp.orig = true;
 
-				sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
-					port, uref.u32);
+				s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+					    ifname, port, uref.u32);
+				udp_splice_to_init[V6][port].target_sock = s;
 			}
 		} else {
 			bind_addr = &in6addr_loopback;
 			uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
 
-			sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
-				port, uref.u32);
+			s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+				    ifname, port, uref.u32);
+			udp_splice_to_ns[V6][port].target_sock = s;
 		}
 	}
 }
-- 
2.38.1


  parent reply	other threads:[~2022-11-22  3:44 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-22  3:43 [PATCH 00/11] Simplify handling of "spliced" UDP forwarding David Gibson
2022-11-22  3:43 ` [PATCH 01/11] udp: Also bind() connected ports for "splice" forwarding David Gibson
2022-11-22  3:43 ` [PATCH 02/11] udp: Separate tracking of inbound and outbound packet flows David Gibson
2022-11-22  3:43 ` [PATCH 03/11] udp: Always use sendto() rather than send() for forwarding spliced packets David Gibson
2022-11-22  3:43 ` [PATCH 04/11] udp: Don't connect "forward" sockets for spliced flows David Gibson
2022-11-22  3:43 ` [PATCH 05/11] udp: Remove the @bound field from union udp_epoll_ref David Gibson
2022-11-22  3:43 ` [PATCH 06/11] udp: Split splice field in udp_epoll_ref into (mostly) independent bits David Gibson
2022-11-22  3:43 ` [PATCH 07/11] udp: Don't create double sockets for -U port David Gibson
2022-11-22  3:43 ` David Gibson [this message]
2022-11-22  3:44 ` [PATCH 09/11] udp: Don't explicitly track originating socket for spliced "connections" David Gibson
2022-11-22  3:44 ` [PATCH 10/11] udp: Update UDP "connection" timestamps in both directions David Gibson
2022-11-22  3:44 ` [PATCH 11/11] udp: Simplify udp_sock_handler_splice David Gibson
2022-11-22 21:51 ` [PATCH 00/11] Simplify handling of "spliced" UDP forwarding Stefano Brivio

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221122034402.1517544-9-david@gibson.dropbear.id.au \
    --to=david@gibson.dropbear.id.au \
    --cc=passt-dev@passt.top \
    --cc=sbrivio@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).