From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v2 07/22] tcp, udp: Don't precompute port remappings in epoll references
Date: Tue, 6 Feb 2024 12:17:19 +1100 [thread overview]
Message-ID: <20240206011734.884138-8-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20240206011734.884138-1-david@gibson.dropbear.id.au>
The epoll references for both TCP listening sockets and UDP sockets
includes a port number. This gives the destination port that traffic to
that socket will be sent to on the other side. That will usually be the
same as the socket's bound port, but might not if the -t, -u, -T or -U
options are given with different original and forwarded port numbers.
As we move towards a more flexible forwarding model for passt, it's going
to become possible for that destination port to vary depending on more
things (for example the source or destination address). So, it will no
longer make sense to have a fixed value for a listening socket.
Change to simpler semantics where this field in the reference gives the
bound port of the socket. We apply the translations to the correct
destination port later on, when we're actually forwarding.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
tcp.c | 8 ++++----
tcp.h | 2 +-
tcp_splice.c | 4 ++++
udp.c | 14 ++++++++------
4 files changed, 17 insertions(+), 11 deletions(-)
diff --git a/tcp.c b/tcp.c
index 2bba3000..3722dc09 100644
--- a/tcp.c
+++ b/tcp.c
@@ -2676,7 +2676,7 @@ static void tcp_tap_conn_from_sock(struct ctx *c,
conn_event(c, conn, SOCK_ACCEPTED);
inany_from_sockaddr(&conn->faddr, &conn->fport, sa);
- conn->eport = ref.port;
+ conn->eport = ref.port + c->tcp.fwd_in.delta[ref.port];
tcp_snat_inbound(c, &conn->faddr);
@@ -2860,7 +2860,7 @@ static int tcp_sock_init_af(const struct ctx *c, sa_family_t af, in_port_t port,
const void *addr, const char *ifname)
{
union tcp_listen_epoll_ref tref = {
- .port = port + c->tcp.fwd_in.delta[port],
+ .port = port,
.pif = PIF_HOST,
};
int s;
@@ -2922,7 +2922,7 @@ int tcp_sock_init(const struct ctx *c, sa_family_t af, const void *addr,
static void tcp_ns_sock_init4(const struct ctx *c, in_port_t port)
{
union tcp_listen_epoll_ref tref = {
- .port = port + c->tcp.fwd_out.delta[port],
+ .port = port,
.pif = PIF_SPLICE,
};
int s;
@@ -2948,7 +2948,7 @@ static void tcp_ns_sock_init4(const struct ctx *c, in_port_t port)
static void tcp_ns_sock_init6(const struct ctx *c, in_port_t port)
{
union tcp_listen_epoll_ref tref = {
- .port = port + c->tcp.fwd_out.delta[port],
+ .port = port,
.pif = PIF_SPLICE,
};
int s;
diff --git a/tcp.h b/tcp.h
index 875006ed..5e6756d4 100644
--- a/tcp.h
+++ b/tcp.h
@@ -37,7 +37,7 @@ union tcp_epoll_ref {
/**
* union tcp_listen_epoll_ref - epoll reference portion for TCP listening
- * @port: Port number we're forwarding *to* (listening port plus delta)
+ * @port: Bound port number of the socket
* @pif: pif in which the socket is listening
* @u32: Opaque u32 value of reference
*/
diff --git a/tcp_splice.c b/tcp_splice.c
index 9fd49412..40ecb5d4 100644
--- a/tcp_splice.c
+++ b/tcp_splice.c
@@ -401,6 +401,8 @@ static int tcp_splice_new(const struct ctx *c, struct tcp_splice_conn *conn,
int *p = CONN_V6(conn) ? init_sock_pool6 : init_sock_pool4;
sa_family_t af = CONN_V6(conn) ? AF_INET6 : AF_INET;
+ port += c->tcp.fwd_out.delta[port];
+
s = tcp_conn_pool_sock(p);
if (s < 0)
s = tcp_conn_new_sock(c, af);
@@ -409,6 +411,8 @@ static int tcp_splice_new(const struct ctx *c, struct tcp_splice_conn *conn,
ASSERT(pif == PIF_HOST);
+ port += c->tcp.fwd_in.delta[port];
+
/* If pool is empty, refill it first */
if (p[TCP_SOCK_POOL_SIZE-1] < 0)
NS_CALL(tcp_sock_refill_ns, c);
diff --git a/udp.c b/udp.c
index f2be0080..f5b86568 100644
--- a/udp.c
+++ b/udp.c
@@ -765,6 +765,11 @@ void udp_sock_handler(const struct ctx *c, union epoll_ref ref, uint32_t events,
if (c->no_udp || !(events & EPOLLIN))
return;
+ if (ref.udp.pif == PIF_SPLICE)
+ dstport += c->udp.fwd_out.f.delta[dstport];
+ else if (ref.udp.pif == PIF_HOST)
+ dstport += c->udp.fwd_in.f.delta[dstport];
+
if (v6) {
mmh_recv = udp6_l2_mh_sock;
udp6_localname.sin6_port = htons(dstport);
@@ -992,16 +997,13 @@ int udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
const void *addr, const char *ifname, in_port_t port)
{
union udp_epoll_ref uref = { .splice = (c->mode == MODE_PASTA),
- .orig = true };
+ .orig = true, .port = port };
int s, r4 = FD_REF_MAX + 1, r6 = FD_REF_MAX + 1;
- if (ns) {
+ if (ns)
uref.pif = PIF_SPLICE;
- uref.port = (in_port_t)(port + c->udp.fwd_out.f.delta[port]);
- } else {
+ else
uref.pif = PIF_HOST;
- uref.port = (in_port_t)(port + c->udp.fwd_in.f.delta[port]);
- }
if ((af == AF_INET || af == AF_UNSPEC) && c->ifi4) {
uref.v6 = 0;
--
@@ -765,6 +765,11 @@ void udp_sock_handler(const struct ctx *c, union epoll_ref ref, uint32_t events,
if (c->no_udp || !(events & EPOLLIN))
return;
+ if (ref.udp.pif == PIF_SPLICE)
+ dstport += c->udp.fwd_out.f.delta[dstport];
+ else if (ref.udp.pif == PIF_HOST)
+ dstport += c->udp.fwd_in.f.delta[dstport];
+
if (v6) {
mmh_recv = udp6_l2_mh_sock;
udp6_localname.sin6_port = htons(dstport);
@@ -992,16 +997,13 @@ int udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
const void *addr, const char *ifname, in_port_t port)
{
union udp_epoll_ref uref = { .splice = (c->mode == MODE_PASTA),
- .orig = true };
+ .orig = true, .port = port };
int s, r4 = FD_REF_MAX + 1, r6 = FD_REF_MAX + 1;
- if (ns) {
+ if (ns)
uref.pif = PIF_SPLICE;
- uref.port = (in_port_t)(port + c->udp.fwd_out.f.delta[port]);
- } else {
+ else
uref.pif = PIF_HOST;
- uref.port = (in_port_t)(port + c->udp.fwd_in.f.delta[port]);
- }
if ((af == AF_INET || af == AF_UNSPEC) && c->ifi4) {
uref.v6 = 0;
--
2.43.0
next prev parent reply other threads:[~2024-02-06 1:17 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-06 1:17 [PATCH v2 00/22] More flow table preliminaries: address handling improvements David Gibson
2024-02-06 1:17 ` [PATCH v2 01/22] treewide: Use sa_family_t for address family variables David Gibson
2024-02-06 1:17 ` [PATCH v2 02/22] inany: Helper to test for various address types David Gibson
2024-02-18 20:58 ` Stefano Brivio
2024-02-19 1:48 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 03/22] inany: Add inany_ntop() helper David Gibson
2024-02-06 1:17 ` [PATCH v2 04/22] inany: Provide more conveniently typed constants for special addresses David Gibson
2024-02-06 1:17 ` [PATCH v2 05/22] inany: Introduce union sockaddr_inany David Gibson
2024-02-06 1:17 ` [PATCH v2 06/22] util: Allow IN4_IS_* macros to operate on untyped addresses David Gibson
2024-02-06 1:17 ` David Gibson [this message]
2024-02-06 1:17 ` [PATCH v2 08/22] flow: Add helper to determine a flow's protocol David Gibson
2024-02-06 1:17 ` [PATCH v2 09/22] tcp_splice: Simplify clean up logic David Gibson
2024-02-18 20:59 ` Stefano Brivio
2024-02-19 1:50 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 10/22] tcp_splice: Don't use flow_trace() before setting flow type David Gibson
2024-02-06 1:17 ` [PATCH v2 11/22] flow: Clarify flow entry life cycle, introduce uniform logging David Gibson
2024-02-18 21:00 ` Stefano Brivio
2024-02-19 1:58 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 12/22] tcp, tcp_splice: Helpers for getting sockets from the pools David Gibson
2024-02-18 21:00 ` Stefano Brivio
2024-02-19 1:51 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 13/22] tcp_splice: More specific variable names in new splice path David Gibson
2024-02-18 21:00 ` Stefano Brivio
2024-02-19 1:53 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 14/22] tcp_splice: Merge tcp_splice_new() into its caller David Gibson
2024-02-06 1:17 ` [PATCH v2 15/22] tcp_splice: Make tcp_splice_connect() create its own sockets David Gibson
2024-02-06 1:17 ` [PATCH v2 16/22] tcp_splice: Improve error reporting on connect path David Gibson
2024-02-18 21:01 ` Stefano Brivio
2024-02-19 3:23 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 17/22] tcp_splice: Improve logic deciding when to splice David Gibson
2024-02-06 1:17 ` [PATCH v2 18/22] tcp, tcp_splice: Parse listening socket epoll ref in tcp_listen_handler() David Gibson
2024-02-06 1:17 ` [PATCH v2 19/22] tcp: Validate TCP endpoint addresses David Gibson
2024-02-22 12:45 ` Stefano Brivio
2024-02-23 3:56 ` David Gibson
2024-02-06 1:17 ` [PATCH v2 20/22] tap: Disallow loopback addresses on tap interface David Gibson
2024-02-06 1:17 ` [PATCH v2 21/22] port_fwd: Fix copypasta error in port_fwd_scan_udp() comments David Gibson
2024-02-06 1:17 ` [PATCH v2 22/22] fwd: Rename port_fwd.[ch] and their contents David Gibson
2024-02-27 14:22 ` [PATCH v2 00/22] More flow table preliminaries: address handling improvements Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240206011734.884138-8-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).