From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=LpwoXCCO;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTP id D9DF75A061E
	for <passt-dev@passt.top>; Fri, 29 Nov 2024 08:43:20 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1732866199;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=22ivjTOKiwDkCWS3ujlaf3dmR+irgC/SeS5qhDW0EtM=;
	b=LpwoXCCOiYJKi01FdqHXGDsj2RY5PTpizpMHF3UJlC19tyybcRl2m0ymMyM0EN3Ckpa2Fx
	RN/UNwAF4FaTApEQlttYE6r8joFwcaQ2xVPna7DX9EXqYtsAgOTncnq6mJex+H5qbMjwTH
	QjT6n9u8mYjZtvFDJowYd/n12pNj5eM=
Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com
 [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-225-A6i4vfGIPraaxNSX1t361Q-1; Fri, 29 Nov 2024 02:43:18 -0500
X-MC-Unique: A6i4vfGIPraaxNSX1t361Q-1
X-Mimecast-MFC-AGG-ID: A6i4vfGIPraaxNSX1t361Q
Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-3823326e95aso882170f8f.3
        for <passt-dev@passt.top>; Thu, 28 Nov 2024 23:43:17 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1732866196; x=1733470996;
        h=content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=22ivjTOKiwDkCWS3ujlaf3dmR+irgC/SeS5qhDW0EtM=;
        b=HiB8JftyYjlJ+4dmZ1PoIcz5M5vqt/EE7nz0F4bUbgnWOXQ7BRFBtmVvaIFPoBD0hr
         GdW5ymnybzTdVg4onOIRqUWRTupgLwvNzeywnvLUafcnZtMJTYyu3gaEJNd8enuYuYtH
         kNcmGPLond4ujHqdDqyv0DC+hI9BPuXN7TLnd8OYXVmVOxeK09UHB+DA44wvue8a9cCD
         ENfrXPah1oFFdSMt7TTzUU/jD4TOMHtMt4zF2mOjWzRSuDkDOzlAUMT/TGQZ9A6QLu7g
         lfro/I5i+/mc82HPKuDO4fPVonyY2SgU9WnKLWleFJ8ZvWtO7iw6uQxKGCa0wyWR3848
         0E1w==
X-Gm-Message-State: AOJu0YwfBoeTOEoll7D53iXbb9f0qWQMC6U3C7lYh4JAfMgfD8hfLecV
	8SKIzMRILp/1xf2t/KFQoqSW8UUCq1zJ/oKKLYVuXx4BzyFZwLfFBqafiexZTjTjqwoobKhjhkz
	AwmBTaq5troZDslt5aCOW5LTH0SOAiFObNmHj2cyg8mhy0obVUb0aDROfPw==
X-Gm-Gg: ASbGncue9dKZHUJ4XbUCPmKb4v3+4dedcE2rZLQ/iqqljNtO9NftCEkU3re12sbroPC
	1PBR8rKTkzVaU1GSb+eM5G7ofaQutIVNPSr9vnkD8lo6UZvwOfjTmPxT77W80tnBdL1QhTPhkIx
	dPnPfT/ofoZkfXA7xE/OnG4bSm+W6ZiCSKcmapAy9v20qZ3B/9N6Iucv7CMG/dLlrMVHM3/4CM9
	ETPwl0RKq4PuGfIJckx+hUmqwgQ39nOLnN0PAzm5/+LdBtvv6utrVPW15uHxA==
X-Received: by 2002:a5d:588c:0:b0:382:49e9:9bd5 with SMTP id ffacd0b85a97d-385c6edb1e7mr8859911f8f.37.1732866196182;
        Thu, 28 Nov 2024 23:43:16 -0800 (PST)
X-Google-Smtp-Source: AGHT+IGAFXL7WnJmrTa7doZLmCCh6LY6Be5SNOlzyeEmcXpPTfrbG91tIU9f8wu8YS9kUhdzWsac6Q==
X-Received: by 2002:a5d:588c:0:b0:382:49e9:9bd5 with SMTP id ffacd0b85a97d-385c6edb1e7mr8859892f8f.37.1732866195899;
        Thu, 28 Nov 2024 23:43:15 -0800 (PST)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-385ccd36b80sm3657049f8f.29.2024.11.28.23.43.15
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 28 Nov 2024 23:43:15 -0800 (PST)
Date: Fri, 29 Nov 2024 08:43:12 +0100
From: Stefano Brivio <sbrivio@redhat.com>
To: Jon Maloy <jmaloy@redhat.com>
Subject: Re: [PATCH] pasta: make it possible to disable socket splicing
Message-ID: <20241129084312.0cdd5265@elisabeth>
In-Reply-To: <20241129004532.2514834-1-jmaloy@redhat.com>
References: <20241129004532.2514834-1-jmaloy@redhat.com>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.41; x86_64-pc-linux-gnu)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: 0mULNrV79LzsQyZgoGLYsZIY0Y_GrB8Poj_Fytjuo6g_1732866197
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: YI4NUD2H7EPHVXJK5LOC6SL75V63Z2DS
X-Message-ID-Hash: YI4NUD2H7EPHVXJK5LOC6SL75V63Z2DS
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top, lvivier@redhat.com, david@gibson.dropbear.id.au
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20241129084312.0cdd5265@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/YI4NUD2H7EPHVXJK5LOC6SL75V63Z2DS/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Thu, 28 Nov 2024 19:45:32 -0500
Jon Maloy <jmaloy@redhat.com> wrote:

> During testing it is sometimes useful to force traffic which would
> normally be forwarded by socket splicing through the tap interface.
> 
> In this commit, we add a command switch making it possible to disable
> splicing for inbound local traffic.
> 
> For outbound local traffic this seems to be much trickier, so I leave
> that for a possible later commit.
> 
> Suggested-by: David Gibson <dgibson@redhat.com>

David's address is david@gibson.dropbear.id.au.

> Signed-off-by: Jon Maloy <jmaloy@redhat.com>
> ---
>  conf.c  | 5 +++++
>  fwd.c   | 2 +-
>  passt.h | 1 +
>  3 files changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/conf.c b/conf.c
> index eaa7d99..8d58652 100644
> --- a/conf.c
> +++ b/conf.c
> @@ -890,6 +890,7 @@ static void usage(const char *name, FILE *f, int status)
>  		"  --no-ndp		Disable NDP responses\n"
>  		"  --no-dhcpv6		Disable DHCPv6 server\n"
>  		"  --no-ra		Disable router advertisements\n"
> +		"  --no-splice		Disable outbound socket splicing\n"
>  		"  --freebind		Bind to any address for forwarding\n"
>  		"  --no-map-gw		Don't map gateway address to host\n"
>  		"  -4, --ipv4-only	Enable IPv4 operation only\n"
> @@ -1319,6 +1320,7 @@ void conf(struct ctx *c, int argc, char **argv)
>  		{"no-dhcpv6",	no_argument,		&c->no_dhcpv6,	1 },
>  		{"no-ndp",	no_argument,		&c->no_ndp,	1 },
>  		{"no-ra",	no_argument,		&c->no_ra,	1 },
> +		{"no-splice",	no_argument,		&c->no_splice,	1 },
>  		{"freebind",	no_argument,		&c->freebind,	1 },
>  		{"no-map-gw",	no_argument,		&no_map_gw,	1 },
>  		{"ipv4-only",	no_argument,		NULL,		'4' },
> @@ -1756,6 +1758,9 @@ void conf(struct ctx *c, int argc, char **argv)
>  		}
>  	} while (name != -1);
>  
> +	if (c->mode == MODE_PASST)
> +		c->no_splice = 1;
> +
>  	if (c->mode == MODE_PASTA && !c->pasta_conf_ns) {
>  		if (copy_routes_opt)
>  			die("--no-copy-routes needs --config-net");
> diff --git a/fwd.c b/fwd.c
> index 0b7f8b1..2829cd2 100644
> --- a/fwd.c
> +++ b/fwd.c
> @@ -443,7 +443,7 @@ uint8_t fwd_nat_from_host(const struct ctx *c, uint8_t proto,
>  	else if (proto == IPPROTO_UDP)
>  		tgt->eport += c->udp.fwd_in.delta[tgt->eport];
>  
> -	if (c->mode == MODE_PASTA && inany_is_loopback(&ini->eaddr) &&
> +	if (!c->no_splice && inany_is_loopback(&ini->eaddr) &&
>  	    (proto == IPPROTO_TCP || proto == IPPROTO_UDP)) {
>  		/* spliceable */
>  
> diff --git a/passt.h b/passt.h
> index c038630..0271e7c 100644
> --- a/passt.h
> +++ b/passt.h
> @@ -291,6 +291,7 @@ struct ctx {
>  	int no_dhcpv6;
>  	int no_ndp;
>  	int no_ra;
> +	int no_splice;

This should also be documented in the comment to the struct.

-- 
Stefano