From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ZFCZcXxV;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by passt.top (Postfix) with ESMTP id EC0615A004E
	for <passt-dev@passt.top>; Thu, 26 Sep 2024 15:29:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1727357393;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=1+zs8Z9axSvvx7MNUiXBiNA4gwkRIaRnX0V7pcwX2Fc=;
	b=ZFCZcXxVgbEiGnMsXvb9i5GdxV/adc6D2w0YNCqregbZeFjLx7wfyVwjT/rvMkKHTeeozF
	2UMuOXfNlfHr6I4YLcXB8eOq+zJa7hzlL/qjvTKCV9P2ydu3a6TGNXEEAo2qkhMCoiBJjY
	o20wemkMqEswwm6KRvPl/SmlrOMOy8U=
Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-440-UX5TrojpNUSNO7OzQKO-RA-1; Thu,
 26 Sep 2024 09:29:52 -0400
X-MC-Unique: UX5TrojpNUSNO7OzQKO-RA-1
Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (unknown [10.30.177.4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id B8A5618F3953
	for <passt-dev@passt.top>; Thu, 26 Sep 2024 13:29:51 +0000 (UTC)
Received: from lenovo-t14s.redhat.com (unknown [10.39.193.239])
	by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id C40BA3003DEC;
	Thu, 26 Sep 2024 13:29:50 +0000 (UTC)
From: Laurent Vivier <lvivier@redhat.com>
To: passt-dev@passt.top
Subject: [PATCH v3 4/5] tcp: Update TCP checksum using an iovec array
Date: Thu, 26 Sep 2024 15:29:41 +0200
Message-ID: <20240926132942.434962-5-lvivier@redhat.com>
In-Reply-To: <20240926132942.434962-1-lvivier@redhat.com>
References: <20240926132942.434962-1-lvivier@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"; x-default=true
Message-ID-Hash: SHCQVSJMQ6LCOTSMDOUSFAUMK24AGBMF
X-Message-ID-Hash: SHCQVSJMQ6LCOTSMDOUSFAUMK24AGBMF
X-MailFrom: lvivier@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Laurent Vivier <lvivier@redhat.com>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20240926132942.434962-5-lvivier@redhat.com/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/SHCQVSJMQ6LCOTSMDOUSFAUMK24AGBMF/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

TCP header and payload are supposed to be in the same buffer,
and tcp_update_check_tcp4()/tcp_update_check_tcp6() compute
the checksum from the base address of the header using the
length of the IP payload.

In the future (for vhost-user) we need to dispatch the TCP header and
the TCP payload through several buffers. To be able to manage that, we
provide an iovec array that points to the data of the TCP frame.
We provide also an offset to be able to provide an array that contains
the TCP frame embedded in an lower level frame, and this offset points
to the TCP header inside the iovec array.

Signed-off-by: Laurent Vivier <lvivier@redhat.com>
---
 checksum.c |   1 -
 tcp.c      | 127 +++++++++++++++++++++++++++++++++++++++++------------
 2 files changed, 99 insertions(+), 29 deletions(-)

diff --git a/checksum.c b/checksum.c
index 16b834641604..19579323cf1e 100644
--- a/checksum.c
+++ b/checksum.c
@@ -503,7 +503,6 @@ uint16_t csum(const void *buf, size_t len, uint32_t init)
  *
  * Return: 16-bit folded, complemented checksum
  */
-/* cppcheck-suppress unusedFunction */
 uint16_t csum_iov(const struct iovec *iov, size_t n, size_t offset,
 		  uint32_t init)
 {
diff --git a/tcp.c b/tcp.c
index c9472d905520..2eccb600c46f 100644
--- a/tcp.c
+++ b/tcp.c
@@ -755,36 +755,92 @@ static void tcp_sock_set_bufsize(const struct ctx *c, int s)
 }
 
 /**
- * tcp_update_check_tcp4() - Update TCP checksum from stored one
- * @iph:	IPv4 header
- * @bp:		TCP header followed by TCP payload
- */
-static void tcp_update_check_tcp4(const struct iphdr *iph,
-				  struct tcp_payload_t *bp)
+ * tcp_update_check_tcp4() - Calculate TCP checksum for IPv6
+ * @src:	IPv4 source address
+ * @dst:	IPv4 destination address
+ * @iov:	Pointer to the array of IO vectors
+ * @iov_cnt:	Length of the array
+ * @l4offset:	IPv4 payload offset in the iovec array
+ */
+void tcp_update_check_tcp4(struct in_addr src,
+			   struct in_addr dst,
+			   const struct iovec *iov, int iov_cnt,
+			   size_t l4offset)
 {
-	uint16_t l4len = ntohs(iph->tot_len) - sizeof(struct iphdr);
-	struct in_addr saddr = { .s_addr = iph->saddr };
-	struct in_addr daddr = { .s_addr = iph->daddr };
-	uint32_t sum = proto_ipv4_header_psum(l4len, IPPROTO_TCP, saddr, daddr);
+	size_t check_ofs;
+	__sum16 *check;
+	int check_idx;
+	uint32_t sum;
+
+	sum = proto_ipv4_header_psum(iov_size(iov, iov_cnt) - l4offset,
+				     IPPROTO_TCP, src, dst);
+
+	check_idx = iov_skip_bytes(iov, iov_cnt,
+				   l4offset + offsetof(struct tcphdr, check),
+				   &check_ofs);
+
+	if (check_idx >= iov_cnt) {
+		err("TCP4 buffer is too small, iov size %zd, check offset %zd",
+		    iov_size(iov, iov_cnt),
+		    l4offset + offsetof(struct tcphdr, check));
+		return;
+	}
+
+	if (check_ofs + sizeof(*check) > iov[check_idx].iov_len) {
+		err("TCP4 checksum field memory is not contiguous "
+		    "check_ofs %zd check_idx %d iov_len %zd",
+		    check_ofs, check_idx, iov[check_idx].iov_len);
+		return;
+	}
 
-	bp->th.check = 0;
-	bp->th.check = csum(bp, l4len, sum);
+	check = (__sum16 *)((char *)iov[check_idx].iov_base + check_ofs);
+
+	if ((uintptr_t)check & (__alignof__(*check) - 1)) {
+		err("TCP4 checksum field is not correctly aligned in memory");
+		return;
+	}
+
+	*check = 0;
+	*check = csum_iov(iov, iov_cnt, l4offset, sum);
 }
 
 /**
  * tcp_update_check_tcp6() - Calculate TCP checksum for IPv6
- * @ip6h:	IPv6 header
- * @bp:		TCP header followed by TCP payload
- */
-static void tcp_update_check_tcp6(const struct ipv6hdr *ip6h,
-				  struct tcp_payload_t *bp)
+ * @src:	IPv6 source address
+ * @dst:	IPv6 destination address
+ * @iov:	Pointer to the array of IO vectors
+ * @iov_cnt:	Length of the array
+ * @l4offset:	IPv6 payload offset in the iovec array
+ */
+void tcp_update_check_tcp6(const struct in6_addr *src,
+			   const struct in6_addr *dst,
+			   const struct iovec *iov, int iov_cnt,
+			   size_t l4offset)
 {
-	uint16_t l4len = ntohs(ip6h->payload_len);
-	uint32_t sum = proto_ipv6_header_psum(l4len, IPPROTO_TCP,
-					      &ip6h->saddr, &ip6h->daddr);
+	size_t check_ofs;
+	__sum16 *check;
+	int check_idx;
+	uint32_t sum;
+
+	sum = proto_ipv6_header_psum(iov_size(iov, iov_cnt) - l4offset,
+				     IPPROTO_TCP, src, dst);
 
-	bp->th.check = 0;
-	bp->th.check = csum(bp, l4len, sum);
+	check_idx = iov_skip_bytes(iov, iov_cnt,
+				   l4offset + offsetof(struct tcphdr, check),
+				   &check_ofs);
+
+	if (check_idx >= iov_cnt)
+		die("TCP6 buffer is too small");
+	if (check_ofs + sizeof(*check) > iov[check_idx].iov_len)
+		die("TCP6 checksum field memory is not contiguous");
+
+	check = (__sum16 *)((char *)iov[check_idx].iov_base + check_ofs);
+
+	if ((uintptr_t)check & (__alignof__(*check) - 1))
+		die("TCP6 checksum field is not correctly aligned in memory");
+
+	*check = 0;
+	*check = csum_iov(iov, iov_cnt, l4offset, sum);
 }
 
 /**
@@ -935,10 +991,18 @@ static size_t tcp_fill_headers4(const struct tcp_tap_conn *conn,
 
 	tcp_fill_header(&bp->th, conn, seq);
 
-	if (no_tcp_csum)
+	if (no_tcp_csum) {
 		bp->th.check = 0;
-	else
-		tcp_update_check_tcp4(iph, bp);
+	} else {
+		const struct iovec iov = {
+			.iov_base = bp,
+			.iov_len = ntohs(iph->tot_len) - sizeof(struct iphdr),
+		};
+		struct in_addr saddr = { .s_addr = iph->saddr };
+		struct in_addr daddr = { .s_addr = iph->daddr };
+
+		tcp_update_check_tcp4(saddr, daddr, &iov, 1, 0);
+	}
 
 	tap_hdr_update(taph, l3len + sizeof(struct ethhdr));
 
@@ -980,10 +1044,17 @@ static size_t tcp_fill_headers6(const struct tcp_tap_conn *conn,
 
 	tcp_fill_header(&bp->th, conn, seq);
 
-	if (no_tcp_csum)
+	if (no_tcp_csum) {
 		bp->th.check = 0;
-	else
-		tcp_update_check_tcp6(ip6h, bp);
+	} else {
+		const struct iovec iov = {
+			.iov_base = bp,
+			.iov_len = ntohs(ip6h->payload_len)
+		};
+
+		tcp_update_check_tcp6(&ip6h->saddr, &ip6h->daddr,
+				      &iov, 1, 0);
+	}
 
 	tap_hdr_update(taph, l4len + sizeof(*ip6h) + sizeof(struct ethhdr));
 
-- 
2.46.0