From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>, passt-dev@passt.top
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH 6/9] port_fwd: Don't NS_CALL get_bound_ports()
Date: Thu, 5 Oct 2023 14:44:42 +1100 [thread overview]
Message-ID: <20231005034445.2015303-7-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20231005034445.2015303-1-david@gibson.dropbear.id.au>
When we want to scan for bound ports in the namespace we use NS_CALL() to
run get_bound_ports() in the namespace. However, the only thing it
actually needed to be in the namespace for was to open the /proc/net file
it was scanning. Since we now always pre-open those, we no longer need
to switch to the namespace for the actual get_bound_ports() calls.
That in turn means that tcp_port_detect() doesn't need to run in the ns
either, and we can just replace it with inline calls to get_bound_ports().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
port_fwd.c | 37 ++-----------------------------------
tcp.c | 38 ++------------------------------------
2 files changed, 4 insertions(+), 71 deletions(-)
diff --git a/port_fwd.c b/port_fwd.c
index a3f69dd..b91eafe 100644
--- a/port_fwd.c
+++ b/port_fwd.c
@@ -109,43 +109,12 @@ void get_bound_ports(struct ctx *c, int ns, uint8_t proto)
}
}
-/**
- * struct get_bound_ports_ns_arg - Arguments for get_bound_ports_ns()
- * @c: Execution context
- * @proto: Protocol number (IPPROTO_TCP or IPPROTO_UDP)
- */
-struct get_bound_ports_ns_arg {
- struct ctx *c;
- uint8_t proto;
-};
-
-/**
- * get_bound_ports_ns() - Get maps of ports in namespace with bound sockets
- * @arg: See struct get_bound_ports_ns_arg
- *
- * Return: 0
- */
-static int get_bound_ports_ns(void *arg)
-{
- struct get_bound_ports_ns_arg *a = (struct get_bound_ports_ns_arg *)arg;
- struct ctx *c = a->c;
-
- if (!c->pasta_netns_fd)
- return 0;
-
- ns_enter(c);
- get_bound_ports(c, 1, a->proto);
-
- return 0;
-}
-
/**
* port_fwd_init() - Initial setup for port forwarding
* @c: Execution context
*/
void port_fwd_init(struct ctx *c)
{
- struct get_bound_ports_ns_arg ns_ports_arg = { .c = c };
const int flags = O_RDONLY | O_CLOEXEC;
c->proc_net_tcp[V4][0] = c->proc_net_tcp[V4][1] = -1;
@@ -156,14 +125,12 @@ void port_fwd_init(struct ctx *c)
if (c->tcp.fwd_in.mode == FWD_AUTO) {
c->proc_net_tcp[V4][1] = open_in_ns(c, "/proc/net/tcp", flags);
c->proc_net_tcp[V6][1] = open_in_ns(c, "/proc/net/tcp6", flags);
- ns_ports_arg.proto = IPPROTO_TCP;
- NS_CALL(get_bound_ports_ns, &ns_ports_arg);
+ get_bound_ports(c, 1, IPPROTO_TCP);
}
if (c->udp.fwd_in.f.mode == FWD_AUTO) {
c->proc_net_udp[V4][1] = open_in_ns(c, "/proc/net/udp", flags);
c->proc_net_udp[V6][1] = open_in_ns(c, "/proc/net/udp6", flags);
- ns_ports_arg.proto = IPPROTO_UDP;
- NS_CALL(get_bound_ports_ns, &ns_ports_arg);
+ get_bound_ports(c, 1, IPPROTO_UDP);
}
if (c->tcp.fwd_out.mode == FWD_AUTO) {
c->proc_net_tcp[V4][0] = open("/proc/net/tcp", flags);
diff --git a/tcp.c b/tcp.c
index a2418ae..63a3c64 100644
--- a/tcp.c
+++ b/tcp.c
@@ -3149,37 +3149,6 @@ int tcp_init(struct ctx *c)
return 0;
}
-/**
- * struct tcp_port_detect_arg - Arguments for tcp_port_detect()
- * @c: Execution context
- * @detect_in_ns: Detect ports bound in namespace, not in init
- */
-struct tcp_port_detect_arg {
- struct ctx *c;
- int detect_in_ns;
-};
-
-/**
- * tcp_port_detect() - Detect ports bound in namespace or init
- * @arg: See struct tcp_port_detect_arg
- *
- * Return: 0
- */
-static int tcp_port_detect(void *arg)
-{
- struct tcp_port_detect_arg *a = (struct tcp_port_detect_arg *)arg;
-
- if (a->detect_in_ns) {
- ns_enter(a->c);
-
- get_bound_ports(a->c, 1, IPPROTO_TCP);
- } else {
- get_bound_ports(a->c, 0, IPPROTO_TCP);
- }
-
- return 0;
-}
-
/**
* struct tcp_port_rebind_arg - Arguments for tcp_port_rebind()
* @c: Execution context
@@ -3268,19 +3237,16 @@ void tcp_timer(struct ctx *c, const struct timespec *ts)
(void)ts;
if (c->mode == MODE_PASTA) {
- struct tcp_port_detect_arg detect_arg = { c, 0 };
struct tcp_port_rebind_arg rebind_arg = { c, 0 };
if (c->tcp.fwd_out.mode == FWD_AUTO) {
- detect_arg.detect_in_ns = 0;
- tcp_port_detect(&detect_arg);
+ get_bound_ports(c, 0, IPPROTO_TCP);
rebind_arg.bind_in_ns = 1;
NS_CALL(tcp_port_rebind, &rebind_arg);
}
if (c->tcp.fwd_in.mode == FWD_AUTO) {
- detect_arg.detect_in_ns = 1;
- NS_CALL(tcp_port_detect, &detect_arg);
+ get_bound_ports(c, 1, IPPROTO_TCP);
rebind_arg.bind_in_ns = 0;
tcp_port_rebind(&rebind_arg);
}
--
@@ -3149,37 +3149,6 @@ int tcp_init(struct ctx *c)
return 0;
}
-/**
- * struct tcp_port_detect_arg - Arguments for tcp_port_detect()
- * @c: Execution context
- * @detect_in_ns: Detect ports bound in namespace, not in init
- */
-struct tcp_port_detect_arg {
- struct ctx *c;
- int detect_in_ns;
-};
-
-/**
- * tcp_port_detect() - Detect ports bound in namespace or init
- * @arg: See struct tcp_port_detect_arg
- *
- * Return: 0
- */
-static int tcp_port_detect(void *arg)
-{
- struct tcp_port_detect_arg *a = (struct tcp_port_detect_arg *)arg;
-
- if (a->detect_in_ns) {
- ns_enter(a->c);
-
- get_bound_ports(a->c, 1, IPPROTO_TCP);
- } else {
- get_bound_ports(a->c, 0, IPPROTO_TCP);
- }
-
- return 0;
-}
-
/**
* struct tcp_port_rebind_arg - Arguments for tcp_port_rebind()
* @c: Execution context
@@ -3268,19 +3237,16 @@ void tcp_timer(struct ctx *c, const struct timespec *ts)
(void)ts;
if (c->mode == MODE_PASTA) {
- struct tcp_port_detect_arg detect_arg = { c, 0 };
struct tcp_port_rebind_arg rebind_arg = { c, 0 };
if (c->tcp.fwd_out.mode == FWD_AUTO) {
- detect_arg.detect_in_ns = 0;
- tcp_port_detect(&detect_arg);
+ get_bound_ports(c, 0, IPPROTO_TCP);
rebind_arg.bind_in_ns = 1;
NS_CALL(tcp_port_rebind, &rebind_arg);
}
if (c->tcp.fwd_in.mode == FWD_AUTO) {
- detect_arg.detect_in_ns = 1;
- NS_CALL(tcp_port_detect, &detect_arg);
+ get_bound_ports(c, 1, IPPROTO_TCP);
rebind_arg.bind_in_ns = 0;
tcp_port_rebind(&rebind_arg);
}
--
2.41.0
next prev parent reply other threads:[~2023-10-05 3:44 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-05 3:44 [PATCH 0/9] Clean ups to automatic port forwarding David Gibson
2023-10-05 3:44 ` [PATCH 1/9] conf: Cleaner initialisation of default forwarding modes David Gibson
2023-10-05 3:44 ` [PATCH 2/9] port_fwd: Move automatic port forwarding code to port_fwd.[ch] David Gibson
2023-10-05 3:44 ` [PATCH 3/9] port_fwd: Better parameterise procfs_scan_listen() David Gibson
2023-11-02 18:07 ` Stefano Brivio
2023-11-03 0:16 ` David Gibson
2023-10-05 3:44 ` [PATCH 4/9] util: Add open_in_ns() helper David Gibson
2023-11-02 18:07 ` Stefano Brivio
2023-11-03 0:20 ` David Gibson
2023-10-05 3:44 ` [PATCH 5/9] port_fwd: Pre-open /proc/net/* files rather than on-demand David Gibson
2023-10-05 3:44 ` David Gibson [this message]
2023-10-05 3:44 ` [PATCH 7/9] port_fwd: Split TCP and UDP cases for get_bound_ports() David Gibson
2023-10-05 3:44 ` [PATCH 8/9] port_fwd: Move port scanning /proc fds into struct port_fwd David Gibson
2023-10-05 3:44 ` [PATCH 9/9] port_fwd: Simplify get_bound_ports_*() to port_fwd_scan_*() David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231005034445.2015303-7-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).