From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from imap.gmail.com [173.194.76.109] by localhost with POP3 (fetchmail-6.3.26) for (single-drop); Tue, 21 May 2024 07:57:39 +0200 (CEST) Received: by 2002:a05:6a10:9148:b0:55f:c3c0:ed08 with SMTP id n8csp851874pxb; Mon, 20 May 2024 22:57:19 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUXYLS209K4iNqsbvbn8kf9jNWLThIbKzCU102cBNoByN3GeETWMclYPkuR2DAQLCYckUrCuScVUDc2utR3ODLWKUnSz6Io0EQ= X-Google-Smtp-Source: AGHT+IFz/yJF5f48jix5TVBfs3+ZLApUdCFxE/LdjKNN1kEmdYPLx5lm2eJS29LtksBV/Og34geZ X-Received: by 2002:a05:6214:3bc7:b0:6a9:47fb:d0cd with SMTP id 6a1803df08f44-6a947fbd108mr80920036d6.16.1716271039443; Mon, 20 May 2024 22:57:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1716271039; cv=none; d=google.com; s=arc-20160816; b=xRplwds3R4qsjobtTei7SrfDL5ZS5M7F6ckuUQcyqWsXWTDHMyybfe3Z6NiKMlqCvI 6dSVvF+ZZwgIn312mTqfAy2P0o1aNCh46bHciazVhRn0du/MFL7k7K3ADjOyObYfE7GI YLaT/d7CW5cE9ItlGVGq9tv/CLGj/FYCmQwpgjG+MjpYBciUO3vfIwFMA/xUnJqWtVqJ KK5EyUo2nLS4STnOTCxV4WwyCWKQv7dc1Y2AtQZEItqWIioFIi0ncO0rt0rsaJjQVe/Y AGDHOYvKgAQ6VfUjujDtzrZNHlYq5jSVt0Kmc757fIb9dqPQQDuKEQ0gqlpjmTBeuLr9 UwvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:delivered-to; bh=mRmHWkrI7kLxscVyoB6TPeIGnuvhH/Pbcx9Ibl4+nF4=; fh=OvZxoe0l5OQEr5hiks2YsWDyoZfSCuw/Wl/AnSjLRjU=; b=Uj7DMWMsoQAprpb25WqHc2EdzDC68GRj0merlNSfMFoOToQqBv4egvunq/9noZIRsW pcqUJW6X8qOu0YFsRAq0f+HO2DwmrOb+KiNsNJY3wlJiY4mrU1PkVqOzXEP/GuFzJdq1 IZQ1erOVIddux8o2E895aIaHTKEplGkYzCFD5jlZwjrG9dEkZZYdfcEW/30oEV2R3kFb 0tb8OZxMEqwpjgA5Vf4MI7rdXW2wUI8gcQVGch2R1X2w0bvrp90oUNVbUfACz+Y59ijY ngQt1Ro7Izpz0jXFHZ8em4EGcNIMJESsnOtEhylBUtL7TpGADfGweJy3StjurYDgPkVx zWYA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of dgibson@gandalf.ozlabs.org designates 150.107.74.76 as permitted sender) smtp.mailfrom=dgibson@gandalf.ozlabs.org Return-Path: Received: from us-smtp-inbound-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com. [170.10.128.131]) by mx.google.com with ESMTPS id 6a1803df08f44-6a8c9c999casi65868606d6.231.2024.05.20.22.57.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 May 2024 22:57:19 -0700 (PDT) Received-SPF: pass (google.com: domain of dgibson@gandalf.ozlabs.org designates 150.107.74.76 as permitted sender) client-ip=150.107.74.76; Authentication-Results: mx.google.com; spf=pass (google.com: domain of dgibson@gandalf.ozlabs.org designates 150.107.74.76 as permitted sender) smtp.mailfrom=dgibson@gandalf.ozlabs.org Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-271-UUtePw2AP2qoE_zWvTSZZQ-1; Tue, 21 May 2024 01:57:17 -0400 X-MC-Unique: UUtePw2AP2qoE_zWvTSZZQ-1 Received: from mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C50E41954B04 for ; Tue, 21 May 2024 05:57:16 +0000 (UTC) Received: by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) id B40501955D7D; Tue, 21 May 2024 05:57:16 +0000 (UTC) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.33]) by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id B1B8E1955D7C for ; Tue, 21 May 2024 05:57:16 +0000 (UTC) Received: from us-smtp-inbound-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4F9701936187 for ; Tue, 21 May 2024 05:57:16 +0000 (UTC) Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-172-7JPqWkxJMb6wSRwUqADNBA-1; Tue, 21 May 2024 01:57:13 -0400 X-MC-Unique: 7JPqWkxJMb6wSRwUqADNBA-1 Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4Vk3c564mbz4x1H; Tue, 21 May 2024 15:57:09 +1000 (AEST) From: David Gibson To: Stefano Brivio , passt-dev@passt.top Cc: David Gibson Subject: [PATCH 2/6] inany: Better helpers for using inany and specific family addrs together Date: Tue, 21 May 2024 15:57:04 +1000 Message-ID: <20240521055708.1150050-3-david@gibson.dropbear.id.au> In-Reply-To: <20240521055708.1150050-1-david@gibson.dropbear.id.au> References: <20240521055708.1150050-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition;Similar Internal Domain=false;Similar Monitored External Domain=false;Custom External Domain=false;Mimecast External Domain=false;Newly Observed Domain=false;Internal User Name=false;Custom Display Name List=false;Reply-to Address Mismatch=false;Targeted Threat Dictionary=false;Mimecast Threat Dictionary=false;Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.0 on 10.30.177.40 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: gibson.dropbear.id.au Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="US-ASCII"; x-default=true List-Id: This adds some extra inany helpers for comparing an inany address to addresses of a specific family (including special addresses), and building an inany from an IPv4 address (either statically or at runtime). Signed-off-by: David Gibson --- inany.c | 17 ++-------- inany.h | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--- tcp.c | 29 +++++++---------- 3 files changed, 106 insertions(+), 37 deletions(-) diff --git a/inany.c b/inany.c index c8479a75..5e391dc7 100644 --- a/inany.c +++ b/inany.c @@ -17,21 +17,8 @@ #include "siphash.h" #include "inany.h" =20 -const union inany_addr inany_loopback4 =3D { -=09.v4mapped =3D { -=09=09.zero =3D { 0 }, -=09=09.one =3D { 0xff, 0xff, }, -=09=09.a4 =3D IN4ADDR_LOOPBACK_INIT, -=09}, -}; - -const union inany_addr inany_any4 =3D { -=09.v4mapped =3D { -=09=09.zero =3D { 0 }, -=09=09.one =3D { 0xff, 0xff, }, -=09=09.a4 =3D IN4ADDR_ANY_INIT, -=09}, -}; +const union inany_addr inany_loopback4 =3D INANY_INIT4(IN4ADDR_LOOPBACK_IN= IT); +const union inany_addr inany_any4 =3D INANY_INIT4(IN4ADDR_ANY_INIT); =20 /** inany_ntop - Convert an IPv[46] address to text format * @src:=09IPv[46] address diff --git a/inany.h b/inany.h index 407690e2..47b66fa9 100644 --- a/inany.h +++ b/inany.h @@ -43,6 +43,17 @@ extern const union inany_addr inany_any4; #define in4addr_loopback=09(inany_loopback4.v4mapped.a4) #define in4addr_any=09=09(inany_any4.v4mapped.a4) =20 +#define INANY_INIT4(a4init)=09{=09=09=09=09=09\ +=09=09=09=09=09.v4mapped =3D {=09=09=09\ +=09=09=09=09=09=09.zero =3D { 0 },=09=09\ +=09=09=09=09=09=09.one =3D { 0xff, 0xff },=09\ +=09=09=09=09=09=09.a4 =3D a4init,=09=09\ +=09=09=09=09=09},=09=09=09=09\ +=09=09=09=09} + +#define inany_from_v4(a4)=09\ +=09((union inany_addr)INANY_INIT4((a4))) + /** union sockaddr_inany - Either a sockaddr_in or a sockaddr_in6 * @sa_family:=09Address family, AF_INET or AF_INET6 * @sa:=09=09Plain struct sockaddr (useful to avoid casts) @@ -79,16 +90,84 @@ static inline bool inany_equals(const union inany_addr = *a, =09return IN6_ARE_ADDR_EQUAL(&a->a6, &b->a6); } =20 +/** inany_equals4 - Compare an IPv[46] address to an IPv4 address + * @a:=09=09IPv[46] addresses + * @b:=09=09IPv4 address + * + * Return: true if @a and @b are the same address + */ +static inline bool inany_equals4(const union inany_addr *a, +=09=09=09=09 const struct in_addr *b) +{ +=09const struct in_addr *a4 =3D inany_v4(a); + +=09return a4 && IN4_ARE_ADDR_EQUAL(a4, b); +} + +/** inany_equals6 - Compare an IPv[46] address to an IPv6 address + * @a:=09=09IPv[46] addresses + * @b:=09=09IPv6 address + * + * Return: true if @a and @b are the same address + */ +static inline bool inany_equals6(const union inany_addr *a, +=09=09=09=09 const struct in6_addr *b) +{ +=09return IN6_ARE_ADDR_EQUAL(&a->a6, b); +} + +/** inany_is_loopback4() - Check if address is IPv4 loopback + * @a:=09=09IPv[46] address + * + * Return: true if @a is in 127.0.0.1/8 + */ +static inline bool inany_is_loopback4(const union inany_addr *a) +{ +=09const struct in_addr *v4 =3D inany_v4(a); + +=09return v4 && IN4_IS_ADDR_LOOPBACK(v4); +} + +/** inany_is_loopback6() - Check if address is IPv6 loopback + * @a:=09=09IPv[46] address + * + * Return: true if @a is in ::1 + */ +static inline bool inany_is_loopback6(const union inany_addr *a) +{ +=09return IN6_IS_ADDR_LOOPBACK(&a->a6); +} + /** inany_is_loopback() - Check if address is loopback * @a:=09=09IPv[46] address * * Return: true if @a is either ::1 or in 127.0.0.1/8 */ static inline bool inany_is_loopback(const union inany_addr *a) +{ +=09return inany_is_loopback4(a) || inany_is_loopback6(a); +} + +/** inany_is_unspecified4() - Check if address is unspecified IPv4 + * @a:=09=09IPv[46] address + * + * Return: true if @a is 0.0.0.0 + */ +static inline bool inany_is_unspecified4(const union inany_addr *a) { =09const struct in_addr *v4 =3D inany_v4(a); =20 -=09return IN6_IS_ADDR_LOOPBACK(&a->a6) || (v4 && IN4_IS_ADDR_LOOPBACK(v4))= ; +=09return v4 && IN4_IS_ADDR_UNSPECIFIED(v4); +} + +/** inany_is_unspecified6() - Check if address is unspecified IPv6 + * @a:=09=09IPv[46] address + * + * Return: true if @a is :: + */ +static inline bool inany_is_unspecified6(const union inany_addr *a) +{ +=09return IN6_IS_ADDR_UNSPECIFIED(&a->a6); } =20 /** inany_is_unspecified() - Check if address is unspecified @@ -98,10 +177,20 @@ static inline bool inany_is_loopback(const union inany= _addr *a) */ static inline bool inany_is_unspecified(const union inany_addr *a) { -=09const struct in_addr *v4 =3D inany_v4(a); +=09return inany_is_unspecified4(a) || inany_is_unspecified6(a); +} =20 -=09return IN6_IS_ADDR_UNSPECIFIED(&a->a6) || -=09=09(v4 && IN4_IS_ADDR_UNSPECIFIED(v4)); +/* FIXME: consider handling of IPv4 link-local addresses */ + +/** inany_is_linklocal6() - Check if address is link-local IPv6 + * @a:=09=09IPv[46] address + * + * Return: true if @a is in fe80::/10 (IPv6 link local unicast) + */ +/* cppcheck-suppress unusedFunction */ +static inline bool inany_is_linklocal6(const union inany_addr *a) +{ +=09return IN6_IS_ADDR_LINKLOCAL(&a->a6); } =20 /** inany_is_multicast() - Check if address is multicast or broadcast diff --git a/tcp.c b/tcp.c index a8ba5858..4512af0b 100644 --- a/tcp.c +++ b/tcp.c @@ -2687,24 +2687,17 @@ static void tcp_connect_finish(struct ctx *c, struc= t tcp_tap_conn *conn) */ static void tcp_snat_inbound(const struct ctx *c, union inany_addr *addr) { -=09struct in_addr *addr4 =3D inany_v4(addr); - -=09if (addr4) { -=09=09if (IN4_IS_ADDR_LOOPBACK(addr4) || -=09=09 IN4_IS_ADDR_UNSPECIFIED(addr4) || -=09=09 IN4_ARE_ADDR_EQUAL(addr4, &c->ip4.addr_seen)) -=09=09=09*addr4 =3D c->ip4.gw; -=09} else { -=09=09struct in6_addr *addr6 =3D &addr->a6; - -=09=09if (IN6_IS_ADDR_LOOPBACK(addr6) || -=09=09 IN6_ARE_ADDR_EQUAL(addr6, &c->ip6.addr_seen) || -=09=09 IN6_ARE_ADDR_EQUAL(addr6, &c->ip6.addr)) { -=09=09=09if (IN6_IS_ADDR_LINKLOCAL(&c->ip6.gw)) -=09=09=09=09*addr6 =3D c->ip6.gw; -=09=09=09else -=09=09=09=09*addr6 =3D c->ip6.addr_ll; -=09=09} +=09if (inany_is_loopback4(addr) || +=09 inany_is_unspecified4(addr) || +=09 inany_equals4(addr, &c->ip4.addr_seen)) { +=09=09*addr =3D inany_from_v4(c->ip4.gw); +=09} else if (inany_is_loopback6(addr) || +=09=09 inany_equals6(addr, &c->ip6.addr_seen) || +=09=09 inany_equals6(addr, &c->ip6.addr)) { +=09=09if (IN6_IS_ADDR_LINKLOCAL(&c->ip6.gw)) +=09=09=09addr->a6 =3D c->ip6.gw; +=09=09else +=09=09=09addr->a6 =3D c->ip6.addr_ll; =09} } =20 --=20 2.45.1