From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>, passt-dev@passt.top
Cc: jmaloy@redhat.com, David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v6 25/26] udp: Remove rdelta port forwarding maps
Date: Fri, 14 Jun 2024 16:13:47 +1000 [thread overview]
Message-ID: <20240614061348.3814736-26-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20240614061348.3814736-1-david@gibson.dropbear.id.au>
In addition to the struct fwd_ports used by both UDP and TCP to track
port forwarding, UDP also included an 'rdelta' field, which contained the
reverse mapping of the main port map. This was used so that we could
properly direct reply packets to a forwarded packet where we change the
destination port. This has now been taken over by the flow table: reply
packets will match the flow of the originating packet, and that gives the
correct ports on the originating side.
So, eliminate the rdelta field, and with it struct udp_fwd_ports, which
now has no additional information over struct fwd_ports.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
conf.c | 14 +++++++-------
fwd.c | 24 ++++++++++++------------
udp.c | 37 ++++++++-----------------------------
udp.h | 14 ++------------
4 files changed, 29 insertions(+), 60 deletions(-)
diff --git a/conf.c b/conf.c
index 94b3ed6f..d1891479 100644
--- a/conf.c
+++ b/conf.c
@@ -1248,7 +1248,7 @@ void conf(struct ctx *c, int argc, char **argv)
}
c->tcp.fwd_in.mode = c->tcp.fwd_out.mode = FWD_UNSET;
- c->udp.fwd_in.f.mode = c->udp.fwd_out.f.mode = FWD_UNSET;
+ c->udp.fwd_in.mode = c->udp.fwd_out.mode = FWD_UNSET;
do {
name = getopt_long(argc, argv, optstring, options, NULL);
@@ -1733,7 +1733,7 @@ void conf(struct ctx *c, int argc, char **argv)
if (name == 't')
conf_ports(c, name, optarg, &c->tcp.fwd_in);
else if (name == 'u')
- conf_ports(c, name, optarg, &c->udp.fwd_in.f);
+ conf_ports(c, name, optarg, &c->udp.fwd_in);
} while (name != -1);
if (c->mode == MODE_PASTA)
@@ -1768,7 +1768,7 @@ void conf(struct ctx *c, int argc, char **argv)
if (name == 'T')
conf_ports(c, name, optarg, &c->tcp.fwd_out);
else if (name == 'U')
- conf_ports(c, name, optarg, &c->udp.fwd_out.f);
+ conf_ports(c, name, optarg, &c->udp.fwd_out);
} while (name != -1);
if (!c->ifi4)
@@ -1795,10 +1795,10 @@ void conf(struct ctx *c, int argc, char **argv)
c->tcp.fwd_in.mode = fwd_default;
if (!c->tcp.fwd_out.mode)
c->tcp.fwd_out.mode = fwd_default;
- if (!c->udp.fwd_in.f.mode)
- c->udp.fwd_in.f.mode = fwd_default;
- if (!c->udp.fwd_out.f.mode)
- c->udp.fwd_out.f.mode = fwd_default;
+ if (!c->udp.fwd_in.mode)
+ c->udp.fwd_in.mode = fwd_default;
+ if (!c->udp.fwd_out.mode)
+ c->udp.fwd_out.mode = fwd_default;
fwd_scan_ports_init(c);
diff --git a/fwd.c b/fwd.c
index cd66eaee..69b0f535 100644
--- a/fwd.c
+++ b/fwd.c
@@ -129,18 +129,18 @@ void fwd_scan_ports_init(struct ctx *c)
c->tcp.fwd_in.scan4 = c->tcp.fwd_in.scan6 = -1;
c->tcp.fwd_out.scan4 = c->tcp.fwd_out.scan6 = -1;
- c->udp.fwd_in.f.scan4 = c->udp.fwd_in.f.scan6 = -1;
- c->udp.fwd_out.f.scan4 = c->udp.fwd_out.f.scan6 = -1;
+ c->udp.fwd_in.scan4 = c->udp.fwd_in.scan6 = -1;
+ c->udp.fwd_out.scan4 = c->udp.fwd_out.scan6 = -1;
if (c->tcp.fwd_in.mode == FWD_AUTO) {
c->tcp.fwd_in.scan4 = open_in_ns(c, "/proc/net/tcp", flags);
c->tcp.fwd_in.scan6 = open_in_ns(c, "/proc/net/tcp6", flags);
fwd_scan_ports_tcp(&c->tcp.fwd_in, &c->tcp.fwd_out);
}
- if (c->udp.fwd_in.f.mode == FWD_AUTO) {
- c->udp.fwd_in.f.scan4 = open_in_ns(c, "/proc/net/udp", flags);
- c->udp.fwd_in.f.scan6 = open_in_ns(c, "/proc/net/udp6", flags);
- fwd_scan_ports_udp(&c->udp.fwd_in.f, &c->udp.fwd_out.f,
+ if (c->udp.fwd_in.mode == FWD_AUTO) {
+ c->udp.fwd_in.scan4 = open_in_ns(c, "/proc/net/udp", flags);
+ c->udp.fwd_in.scan6 = open_in_ns(c, "/proc/net/udp6", flags);
+ fwd_scan_ports_udp(&c->udp.fwd_in, &c->udp.fwd_out,
&c->tcp.fwd_in, &c->tcp.fwd_out);
}
if (c->tcp.fwd_out.mode == FWD_AUTO) {
@@ -148,10 +148,10 @@ void fwd_scan_ports_init(struct ctx *c)
c->tcp.fwd_out.scan6 = open("/proc/net/tcp6", flags);
fwd_scan_ports_tcp(&c->tcp.fwd_out, &c->tcp.fwd_in);
}
- if (c->udp.fwd_out.f.mode == FWD_AUTO) {
- c->udp.fwd_out.f.scan4 = open("/proc/net/udp", flags);
- c->udp.fwd_out.f.scan6 = open("/proc/net/udp6", flags);
- fwd_scan_ports_udp(&c->udp.fwd_out.f, &c->udp.fwd_in.f,
+ if (c->udp.fwd_out.mode == FWD_AUTO) {
+ c->udp.fwd_out.scan4 = open("/proc/net/udp", flags);
+ c->udp.fwd_out.scan6 = open("/proc/net/udp6", flags);
+ fwd_scan_ports_udp(&c->udp.fwd_out, &c->udp.fwd_in,
&c->tcp.fwd_out, &c->tcp.fwd_in);
}
}
@@ -235,7 +235,7 @@ uint8_t fwd_nat_from_splice(const struct ctx *c, uint8_t proto,
if (proto == IPPROTO_TCP)
tgt->eport += c->tcp.fwd_out.delta[tgt->eport];
else if (proto == IPPROTO_UDP)
- tgt->eport += c->udp.fwd_out.f.delta[tgt->eport];
+ tgt->eport += c->udp.fwd_out.delta[tgt->eport];
/* Let the kernel pick a host side source port */
tgt->fport = 0;
@@ -264,7 +264,7 @@ uint8_t fwd_nat_from_host(const struct ctx *c, uint8_t proto,
if (proto == IPPROTO_TCP)
tgt->eport += c->tcp.fwd_in.delta[tgt->eport];
else if (proto == IPPROTO_UDP)
- tgt->eport += c->udp.fwd_in.f.delta[tgt->eport];
+ tgt->eport += c->udp.fwd_in.delta[tgt->eport];
if (c->mode == MODE_PASTA && inany_is_loopback(&ini->eaddr) &&
(proto == IPPROTO_TCP || proto == IPPROTO_UDP)) {
diff --git a/udp.c b/udp.c
index 489e2095..c170b0be 100644
--- a/udp.c
+++ b/udp.c
@@ -261,24 +261,6 @@ void udp_portmap_clear(void)
}
}
-/**
- * udp_invert_portmap() - Compute reverse port translations for return packets
- * @fwd: Port forwarding configuration to compute reverse map for
- */
-static void udp_invert_portmap(struct udp_fwd_ports *fwd)
-{
- unsigned int i;
-
- static_assert(ARRAY_SIZE(fwd->f.delta) == ARRAY_SIZE(fwd->rdelta),
- "Forward and reverse delta arrays must have same size");
- for (i = 0; i < ARRAY_SIZE(fwd->f.delta); i++) {
- in_port_t delta = fwd->f.delta[i];
-
- if (delta)
- fwd->rdelta[i + delta] = NUM_PORTS - delta;
- }
-}
-
/**
* udp_update_l2_buf() - Update L2 buffers with Ethernet and IPv4 addresses
* @eth_d: Ethernet destination address, NULL if unchanged
@@ -751,9 +733,9 @@ void udp_buf_sock_handler(const struct ctx *c, union epoll_ref ref, uint32_t eve
return;
if (ref.udp.pif == PIF_SPLICE)
- dstport += c->udp.fwd_out.f.delta[dstport];
+ dstport += c->udp.fwd_out.delta[dstport];
else if (ref.udp.pif == PIF_HOST)
- dstport += c->udp.fwd_in.f.delta[dstport];
+ dstport += c->udp.fwd_in.delta[dstport];
else
ASSERT(0);
@@ -1139,9 +1121,9 @@ static void udp_timer_one(struct ctx *c, int v6, enum udp_act_type type,
static void udp_port_rebind(struct ctx *c, bool outbound)
{
const uint8_t *fmap
- = outbound ? c->udp.fwd_out.f.map : c->udp.fwd_in.f.map;
+ = outbound ? c->udp.fwd_out.map : c->udp.fwd_in.map;
const uint8_t *rmap
- = outbound ? c->udp.fwd_in.f.map : c->udp.fwd_out.f.map;
+ = outbound ? c->udp.fwd_in.map : c->udp.fwd_out.map;
struct udp_bound_port (*socks)[NUM_PORTS]
= outbound ? udp_splice_ns : udp_splice_init;
unsigned port;
@@ -1212,14 +1194,14 @@ void udp_timer(struct ctx *c, const struct timespec *now)
long *word, tmp;
if (c->mode == MODE_PASTA) {
- if (c->udp.fwd_out.f.mode == FWD_AUTO) {
- fwd_scan_ports_udp(&c->udp.fwd_out.f, &c->udp.fwd_in.f,
+ if (c->udp.fwd_out.mode == FWD_AUTO) {
+ fwd_scan_ports_udp(&c->udp.fwd_out, &c->udp.fwd_in,
&c->tcp.fwd_out, &c->tcp.fwd_in);
NS_CALL(udp_port_rebind_outbound, c);
}
- if (c->udp.fwd_in.f.mode == FWD_AUTO) {
- fwd_scan_ports_udp(&c->udp.fwd_in.f, &c->udp.fwd_out.f,
+ if (c->udp.fwd_in.mode == FWD_AUTO) {
+ fwd_scan_ports_udp(&c->udp.fwd_in, &c->udp.fwd_out,
&c->tcp.fwd_in, &c->tcp.fwd_out);
udp_port_rebind(c, false);
}
@@ -1256,9 +1238,6 @@ int udp_init(struct ctx *c)
{
udp_iov_init(c);
- udp_invert_portmap(&c->udp.fwd_in);
- udp_invert_portmap(&c->udp.fwd_out);
-
if (c->mode == MODE_PASTA) {
udp_splice_iov_init();
NS_CALL(udp_port_rebind_outbound, c);
diff --git a/udp.h b/udp.h
index d25e66cb..4ae65723 100644
--- a/udp.h
+++ b/udp.h
@@ -42,16 +42,6 @@ union udp_epoll_ref {
};
-/**
- * udp_fwd_ports - UDP specific port forwarding configuration
- * @f: Generic forwarding configuration
- * @rdelta: Reversed delta map to translate source ports on return packets
- */
-struct udp_fwd_ports {
- struct fwd_ports f;
- in_port_t rdelta[NUM_PORTS];
-};
-
/**
* struct udp_ctx - Execution context for UDP
* @fwd_in: Port forwarding configuration for inbound packets
@@ -59,8 +49,8 @@ struct udp_fwd_ports {
* @timer_run: Timestamp of most recent timer run
*/
struct udp_ctx {
- struct udp_fwd_ports fwd_in;
- struct udp_fwd_ports fwd_out;
+ struct fwd_ports fwd_in;
+ struct fwd_ports fwd_out;
struct timespec timer_run;
};
--
@@ -42,16 +42,6 @@ union udp_epoll_ref {
};
-/**
- * udp_fwd_ports - UDP specific port forwarding configuration
- * @f: Generic forwarding configuration
- * @rdelta: Reversed delta map to translate source ports on return packets
- */
-struct udp_fwd_ports {
- struct fwd_ports f;
- in_port_t rdelta[NUM_PORTS];
-};
-
/**
* struct udp_ctx - Execution context for UDP
* @fwd_in: Port forwarding configuration for inbound packets
@@ -59,8 +49,8 @@ struct udp_fwd_ports {
* @timer_run: Timestamp of most recent timer run
*/
struct udp_ctx {
- struct udp_fwd_ports fwd_in;
- struct udp_fwd_ports fwd_out;
+ struct fwd_ports fwd_in;
+ struct fwd_ports fwd_out;
struct timespec timer_run;
};
--
2.45.2
next prev parent reply other threads:[~2024-06-14 6:14 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-14 6:13 [PATCH v6 00/26] RFC: Unified flow table David Gibson
2024-06-14 6:13 ` [PATCH v6 01/26] flow: Common address information for initiating side David Gibson
2024-06-25 22:23 ` Stefano Brivio
2024-06-26 0:19 ` David Gibson
2024-06-14 6:13 ` [PATCH v6 02/26] flow: Common address information for target side David Gibson
2024-06-25 22:23 ` Stefano Brivio
2024-06-26 0:25 ` David Gibson
2024-06-14 6:13 ` [PATCH v6 03/26] tcp, flow: Remove redundant information, repack connection structures David Gibson
2024-06-25 22:25 ` Stefano Brivio
2024-06-26 0:23 ` David Gibson
2024-06-14 6:13 ` [PATCH v6 04/26] tcp: Obtain guest address from flowside David Gibson
2024-06-14 6:13 ` [PATCH v6 05/26] tcp: Manage outbound address via flow table David Gibson
2024-06-14 6:13 ` [PATCH v6 06/26] tcp: Simplify endpoint validation using flowside information David Gibson
2024-06-14 6:13 ` [PATCH v6 07/26] tcp_splice: Eliminate SPLICE_V6 flag David Gibson
2024-06-14 6:13 ` [PATCH v6 08/26] tcp, flow: Replace TCP specific hash function with general flow hash David Gibson
2024-06-14 6:13 ` [PATCH v6 09/26] flow, tcp: Generalise TCP hash table to general flow hash table David Gibson
2024-06-14 6:13 ` [PATCH v6 10/26] tcp: Re-use flow hash for initial sequence number generation David Gibson
2024-06-14 6:13 ` [PATCH v6 11/26] icmp: Remove redundant id field from flow table entry David Gibson
2024-06-14 6:13 ` [PATCH v6 12/26] icmp: Obtain destination addresses from the flowsides David Gibson
2024-06-14 6:13 ` [PATCH v6 13/26] icmp: Look up ping flows using flow hash David Gibson
2024-06-14 6:13 ` [PATCH v6 14/26] icmp: Eliminate icmp_id_map David Gibson
2024-06-14 6:13 ` [PATCH v6 15/26] icmp: Manage outbound socket address via flow table David Gibson
2024-06-14 6:13 ` [PATCH v6 16/26] flow, tcp: Flow based NAT and port forwarding for TCP David Gibson
2024-06-26 22:49 ` Stefano Brivio
2024-06-27 5:55 ` David Gibson
2024-06-14 6:13 ` [PATCH v6 17/26] flow, icmp: Use general flow forwarding rules for ICMP David Gibson
2024-06-14 6:13 ` [PATCH v6 18/26] fwd: Update flow forwarding logic for UDP David Gibson
2024-06-14 6:13 ` [PATCH v6 19/26] udp: Create flow table entries " David Gibson
2024-06-14 6:13 ` [PATCH v6 20/26] udp: Direct traffic from tap according to flow table David Gibson
2024-06-14 6:13 ` [PATCH v6 21/26] udp: Direct traffic from host to guest " David Gibson
2024-06-14 6:13 ` [PATCH v6 22/26] udp: Direct spliced traffic " David Gibson
2024-06-14 6:13 ` [PATCH v6 23/26] udp: Remove 'splicesrc' tracking David Gibson
2024-06-14 6:13 ` [PATCH v6 24/26] udp: Remove tap port flags field David Gibson
2024-06-14 6:13 ` David Gibson [this message]
2024-06-14 6:13 ` [PATCH v6 26/26] udp: Eliminate 'splice' flag from epoll reference David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240614061348.3814736-26-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=jmaloy@redhat.com \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).